summaryrefslogtreecommitdiffstats
path: root/vendor/github.com/minio/minio-go/utils.go
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/github.com/minio/minio-go/utils.go')
-rw-r--r--vendor/github.com/minio/minio-go/utils.go105
1 files changed, 46 insertions, 59 deletions
diff --git a/vendor/github.com/minio/minio-go/utils.go b/vendor/github.com/minio/minio-go/utils.go
index 93cd1712f..6f54639e0 100644
--- a/vendor/github.com/minio/minio-go/utils.go
+++ b/vendor/github.com/minio/minio-go/utils.go
@@ -28,7 +28,6 @@ import (
"regexp"
"strings"
"time"
- "unicode/utf8"
"github.com/minio/minio-go/pkg/s3utils"
)
@@ -110,6 +109,8 @@ func closeResponse(resp *http.Response) {
}
}
+var emptySHA256 = sum256(nil)
+
// Sentinel URL is the default url value which is invalid.
var sentinelURL = url.URL{}
@@ -121,7 +122,7 @@ func isValidEndpointURL(endpointURL url.URL) error {
if endpointURL.Path != "/" && endpointURL.Path != "" {
return ErrInvalidArgument("Endpoint url cannot have fully qualified paths.")
}
- if strings.Contains(endpointURL.Host, ".amazonaws.com") {
+ if strings.Contains(endpointURL.Host, ".s3.amazonaws.com") {
if !s3utils.IsAmazonEndpoint(endpointURL) {
return ErrInvalidArgument("Amazon S3 endpoint should be 's3.amazonaws.com'.")
}
@@ -146,63 +147,6 @@ func isValidExpiry(expires time.Duration) error {
return nil
}
-// We support '.' with bucket names but we fallback to using path
-// style requests instead for such buckets.
-var validBucketName = regexp.MustCompile(`^[a-z0-9][a-z0-9\.\-]{1,61}[a-z0-9]$`)
-
-// Invalid bucket name with double dot.
-var invalidDotBucketName = regexp.MustCompile(`\.\.`)
-
-// isValidBucketName - verify bucket name in accordance with
-// - http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingBucket.html
-func isValidBucketName(bucketName string) error {
- if strings.TrimSpace(bucketName) == "" {
- return ErrInvalidBucketName("Bucket name cannot be empty.")
- }
- if len(bucketName) < 3 {
- return ErrInvalidBucketName("Bucket name cannot be smaller than 3 characters.")
- }
- if len(bucketName) > 63 {
- return ErrInvalidBucketName("Bucket name cannot be greater than 63 characters.")
- }
- if bucketName[0] == '.' || bucketName[len(bucketName)-1] == '.' {
- return ErrInvalidBucketName("Bucket name cannot start or end with a '.' dot.")
- }
- if invalidDotBucketName.MatchString(bucketName) {
- return ErrInvalidBucketName("Bucket name cannot have successive periods.")
- }
- if !validBucketName.MatchString(bucketName) {
- return ErrInvalidBucketName("Bucket name contains invalid characters.")
- }
- return nil
-}
-
-// isValidObjectName - verify object name in accordance with
-// - http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html
-func isValidObjectName(objectName string) error {
- if strings.TrimSpace(objectName) == "" {
- return ErrInvalidObjectName("Object name cannot be empty.")
- }
- if len(objectName) > 1024 {
- return ErrInvalidObjectName("Object name cannot be greater than 1024 characters.")
- }
- if !utf8.ValidString(objectName) {
- return ErrInvalidBucketName("Object name with non UTF-8 strings are not supported.")
- }
- return nil
-}
-
-// isValidObjectPrefix - verify if object prefix is valid.
-func isValidObjectPrefix(objectPrefix string) error {
- if len(objectPrefix) > 1024 {
- return ErrInvalidObjectPrefix("Object prefix cannot be greater than 1024 characters.")
- }
- if !utf8.ValidString(objectPrefix) {
- return ErrInvalidObjectPrefix("Object prefix with non UTF-8 strings are not supported.")
- }
- return nil
-}
-
// make a copy of http.Header
func cloneHeader(h http.Header) http.Header {
h2 := make(http.Header, len(h))
@@ -225,3 +169,46 @@ func filterHeader(header http.Header, filterKeys []string) (filteredHeader http.
}
return filteredHeader
}
+
+// regCred matches credential string in HTTP header
+var regCred = regexp.MustCompile("Credential=([A-Z0-9]+)/")
+
+// regCred matches signature string in HTTP header
+var regSign = regexp.MustCompile("Signature=([[0-9a-f]+)")
+
+// Redact out signature value from authorization string.
+func redactSignature(origAuth string) string {
+ if !strings.HasPrefix(origAuth, signV4Algorithm) {
+ // Set a temporary redacted auth
+ return "AWS **REDACTED**:**REDACTED**"
+ }
+
+ /// Signature V4 authorization header.
+
+ // Strip out accessKeyID from:
+ // Credential=<access-key-id>/<date>/<aws-region>/<aws-service>/aws4_request
+ newAuth := regCred.ReplaceAllString(origAuth, "Credential=**REDACTED**/")
+
+ // Strip out 256-bit signature from: Signature=<256-bit signature>
+ return regSign.ReplaceAllString(newAuth, "Signature=**REDACTED**")
+}
+
+// Get default location returns the location based on the input
+// URL `u`, if region override is provided then all location
+// defaults to regionOverride.
+//
+// If no other cases match then the location is set to `us-east-1`
+// as a last resort.
+func getDefaultLocation(u url.URL, regionOverride string) (location string) {
+ if regionOverride != "" {
+ return regionOverride
+ }
+ if s3utils.IsAmazonChinaEndpoint(u) {
+ return "cn-north-1"
+ }
+ if s3utils.IsAmazonGovCloudEndpoint(u) {
+ return "us-gov-west-1"
+ }
+ // Default to location to 'us-east-1'.
+ return "us-east-1"
+}
generated by cgit v1.2.3-1-g7c22 (git 2.25.1) at 2024-06-02 22:08:28 +0000