Add date verification to presigned urls #196

Merged
lx merged 3 commits from trinity-1686a/garage:presigned-urls into main 2022-01-18 11:22:32 +00:00
4 changed files with 5 additions and 13 deletions
Showing only changes of commit 2735dfae46 - Show all commits

View file

@ -206,11 +206,7 @@ where
fn ok_or_bad_request<M: AsRef<str>>(self, reason: M) -> Result<T, Error> { fn ok_or_bad_request<M: AsRef<str>>(self, reason: M) -> Result<T, Error> {
match self { match self {
Ok(x) => Ok(x), Ok(x) => Ok(x),
Err(e) => Err(Error::BadRequest(format!( Err(e) => Err(Error::BadRequest(format!("{}: {}", reason.as_ref(), e))),
"{}: {}",
reason.as_ref(),
e.to_string()
))),
} }
} }
} }

View file

@ -487,7 +487,7 @@ impl CopyPreconditionHeaders {
.get("x-amz-copy-source-if-modified-since") .get("x-amz-copy-source-if-modified-since")
.map(|x| x.to_str()) .map(|x| x.to_str())
.transpose()? .transpose()?
.map(|x| httpdate::parse_http_date(x)) .map(httpdate::parse_http_date)
.transpose() .transpose()
.ok_or_bad_request("Invalid date in x-amz-copy-source-if-modified-since")?, .ok_or_bad_request("Invalid date in x-amz-copy-source-if-modified-since")?,
copy_source_if_none_match: req copy_source_if_none_match: req
@ -505,7 +505,7 @@ impl CopyPreconditionHeaders {
.get("x-amz-copy-source-if-unmodified-since") .get("x-amz-copy-source-if-unmodified-since")
.map(|x| x.to_str()) .map(|x| x.to_str())
.transpose()? .transpose()?
.map(|x| httpdate::parse_http_date(x)) .map(httpdate::parse_http_date)
.transpose() .transpose()
.ok_or_bad_request("Invalid date in x-amz-copy-source-if-unmodified-since")?, .ok_or_bad_request("Invalid date in x-amz-copy-source-if-unmodified-since")?,
}) })

View file

@ -121,7 +121,7 @@ pub async fn handle_list(
key: uriencode_maybe(key, query.common.urlencode_resp), key: uriencode_maybe(key, query.common.urlencode_resp),
last_modified: s3_xml::Value(msec_to_rfc3339(info.last_modified)), last_modified: s3_xml::Value(msec_to_rfc3339(info.last_modified)),
size: s3_xml::IntValue(info.size as i64), size: s3_xml::IntValue(info.size as i64),
etag: s3_xml::Value(format!("\"{}\"", info.etag.to_string())), etag: s3_xml::Value(format!("\"{}\"", info.etag)),
storage_class: s3_xml::Value("STANDARD".to_string()), storage_class: s3_xml::Value("STANDARD".to_string()),
}) })
.collect(), .collect(),

View file

@ -31,11 +31,7 @@ where
fn ok_or_bad_request<M: AsRef<str>>(self, reason: M) -> Result<T, Error> { fn ok_or_bad_request<M: AsRef<str>>(self, reason: M) -> Result<T, Error> {
match self { match self {
Ok(x) => Ok(x), Ok(x) => Ok(x),
Err(e) => Err(Error::BadRequest(format!( Err(e) => Err(Error::BadRequest(format!("{}: {}", reason.as_ref(), e))),
"{}: {}",
reason.as_ref(),
e.to_string()
))),
} }
} }
} }