128 commits

Author	SHA1	Message	Date
Roman Loginov	04b8fc2b5f	[#562] Empty default value for TLS termination header param ... If the service is accessed not through a proxy and the default value of the parameter with the header key is not empty, then the system administrator does not control disabling TLS verification in any way, because the client can simply add a known header, thereby skipping the verification. Therefore, the default value of the header parameter is made empty. If it is empty, then TLS verification cannot be disabled in any way. Thus, the system administrator will be able to control the enabling/disabling of TLS. Signed-off-by: Roman Loginov <r.loginov@yadro.com>	2024-12-13 11:12:58 +00:00
Roman Loginov	128939c01e	[#562] Add tests for form encryption params ... Signed-off-by: Roman Loginov <r.loginov@yadro.com>	2024-12-11 16:09:43 +03:00
Roman Loginov	4a4ce00994	[#562] Support TLS termination header for SSE-C ... The TLS termination header added for determining whether TLS needs to be checked. If the system requests come through a proxy server and TLS can terminate at the proxy level, you should use this header to disable TLS verification at SSE-C. Signed-off-by: Roman Loginov <r.loginov@yadro.com>	2024-12-11 16:09:43 +03:00
Denis Kirillov	cc9a68401f	[#339] Add aws-sdk-go-v2 ... Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-12-10 15:04:56 +03:00
Pavel Pogodaev	fb00dff83b	[#540] Add md5 S3Tests compatability ... Signed-off-by: Pavel Pogodaev <p.pogodaev@yadro.com>	2024-11-13 14:50:16 +03:00
Roman Loginov	76008d4ba1	[#501] Consider using request logger in logAndSendError ... Signed-off-by: Roman Loginov <r.loginov@yadro.com>	2024-11-02 08:51:48 +00:00
Marina Biryukova	e35b582fe2	[#506] Deny bucket names with dot ... Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>	2024-10-08 12:50:22 +03:00
Nikita Zinkevich	9fadfbbc2f	[#488] Renamed api/errors, layer/frostfs and layer/tree package names ... Signed-off-by: Nikita Zinkevich <n.zinkevich@yadro.com>	2024-10-02 12:35:04 +03:00
Denis Kirillov	738ce14f50	[#434] Remove container on failed bucket creation ... Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-09-25 07:15:24 +00:00
Marina Biryukova	f187141ae5	[#486] Fix PUT object with negative Content-Length ... Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>	2024-09-16 08:45:46 +00:00
Pavel Pogodaev	98815d5473	[#450] Fix aws-chunked header workflow ... Signed-off-by: Pavel Pogodaev <p.pogodaev@yadro.com>	2024-09-13 11:59:07 +03:00
Denis Kirillov	20719bd85c	[#456] PostObject: check object key for emptiness ... Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-08-13 09:27:26 +03:00
Alex Vanin	f86b82351a	[#398] Fix parameter parsing in bucket retryer ... RetryStrategyExponential should use jitter backoff instead of constant delay function Signed-off-by: Alex Vanin <a.vanin@yadro.com>	2024-07-03 13:42:24 +03:00
Denis Kirillov	465eaa816a	[#372] Drop [e]ACL related code ... Always consider buckets as APE compatible Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-07-01 16:58:44 +03:00
Denis Kirillov	77f8bdac58	[#372] Drop kludge.acl_enabled flag ... Now only APE container can be created using s3-gw Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-07-01 16:26:19 +03:00
Denis Kirillov	9432782ce6	[#401] Drop notifications ... Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-06-25 15:49:37 +03:00
Denis Kirillov	280d11c794	[#407] Don't set full_control for bucket owner ... Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-06-19 10:55:24 +03:00
Denis Kirillov	bb81afc14a	[#398] Support retryer ... Add two strategy for PutBucketSettings request retryer: * exponential backoff (increasing up to `max_backoff` delays with jitter) * constant backoff (always the same `max_backoff` delay between requests) Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-06-06 13:02:17 +00:00
Artem Tataurov	d62d8f3874	[#385] Support the renaming of ObjectRequest and ObjectContainer ... Signed-off-by: Artem Tataurov <a.tataurov@yadro.com>	2024-05-14 16:51:36 +03:00
Pavel Pogodaev	db05021786	[#379] Add Iana CharsetReader for Oracle integration ... Signed-off-by: Pavel Pogodaev <p.pogodaev@yadro.com>	2024-04-25 17:44:38 +03:00
Marina Biryukova	3ff027587c	[#357] Add check of request and resource tags ... Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>	2024-04-17 07:06:58 +00:00
Alex Vanin	6da1acc554	[#360] Use 'c' prefix for bucket policies instead of 'n' ... With 'c' prefix, acl chains become shorter, thus gateway receives shorter results and avoids sessions to neo-go. There is still issue with many IAM rules. Signed-off-by: Alex Vanin <a.vanin@yadro.com>	2024-04-10 17:56:47 +03:00
Denis Kirillov	80c7b73eb9	[#306] In APE buckets forbid canned acl except private ... Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-03-19 16:57:26 +03:00
Denis Kirillov	62cc5a04a7	[#328] Log error on failed response writing ... Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-03-15 11:02:26 +03:00
Denis Kirillov	4ee3648183	[#328] Log invalid lock enabled header ... Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-03-04 15:09:51 +03:00
Denis Kirillov	937367caaf	[#318] Fix panic on invalid multipart form ... Previously, simple 'curl -X POST http://localhost:8084/test' leads to panic because of wrong handle matching Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-02-29 17:30:28 +03:00
Denis Kirillov	c868af8a62	[#306] Add flag to enable old ACL bucket creation ... Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-02-28 17:50:08 +03:00
Denis Kirillov	bac1b3fb2d	[#306] Use zero basic acl to mark APE containers ... Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-02-28 17:50:08 +03:00
Denis Kirillov	c452d58ce2	[#306] Reduce number of policy contract invocations ... Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-02-28 17:50:08 +03:00
Denis Kirillov	3d0d2032c6	[#306] acl: Handle put/get acl for APE buckets ... Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-02-28 17:50:08 +03:00
Denis Kirillov	1f2cf0ed67	[#306] Use APE instead of eACL on bucket creation ... Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2024-02-28 17:50:08 +03:00
Denis Kirillov	28c6bb4cb8	[#266] Support per namespace placement policies configuration ... Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2023-11-28 16:12:42 +03:00
Denis Kirillov	ff1ec56d24	[#260] Use namespace as domain when create bucket ... Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2023-11-27 15:30:12 +03:00
Roman Loginov	861454e499	[#218] Add check content sha256 header ... The X-Amz-Content-Sha256 header check is done only for unencrypted payload. Signed-off-by: Roman Loginov <r.loginov@yadro.com>	2023-11-22 11:33:52 +00:00
Marina Biryukova	b28ecef43b	[#219] Return ETag in quotes ... Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>	2023-11-22 11:12:32 +00:00
Marina Biryukova	fe796ba538	[#217] Consider Copy-Source-SSE-* headers during copy ... Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>	2023-11-13 13:22:58 +00:00
Marina Biryukova	25bb581fee	[#205] Add md5 checksum in header ... Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>	2023-10-25 11:04:19 +03:00
Roman Loginov	7e91f62c28	[#223] Add store content language ... Signed-off-by: Roman Loginov <r.loginov@yadro.com>	2023-10-17 14:42:02 +00:00
Marina Biryukova	298662df9d	[#221] Expand xmlns field ignore ... Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>	2023-10-13 16:21:13 +03:00
Marina Biryukova	b8c93ed391	[#172] Convert handler config to interface ... Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>	2023-10-04 11:01:27 +00:00
Roman Loginov	8efcc957ea	[#96] Move log messages to constants ... Signed-off-by: Roman Loginov <r.loginov@yadro.com>	2023-08-23 18:32:31 +03:00
Roman Loginov	40d7f844e3	[#137] Refactor context data retrievers ... Signed-off-by: Roman Loginov <r.loginov@yadro.com>	2023-08-16 14:05:38 +00:00
Denis Kirillov	b59aa06637	[#146] Add kludge.bypass_content_encoding_check_in_chunks flag ... Flag allows to skip checking `Content-Encoding` for `aws-chunked` value Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2023-07-18 14:49:52 +03:00
Denis Kirillov	751a9be7cc	[#146] Move getting chunk payload reader to separate function ... Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2023-07-18 14:49:03 +03:00
Denis Kirillov	fc90981c03	[#149] Update inner imports after moving middlewares ... Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2023-07-11 17:25:09 +03:00
Artem Tataurov	614d703726	[#106] Add chunk uploading ... Signed-off-by: Artem Tataurov <a.tataurov@yadro.com>	2023-06-21 10:23:57 +03:00
Denis Kirillov	23593eee3d	[#111] Use request scope logger ... Store child zap logger with request scope fields into context. Request scoped fields: request_id, api/method, bucket, object Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2023-06-19 13:54:51 +03:00
Denis Kirillov	4a6e3a19ce	[#125] Handle negative Content-Length on put ... Add computing actual object size during calculating hash on put. Use this actual value to save in tree and cache Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>	2023-06-02 14:16:19 +00:00
Artem Tataurov	9f186d9aba	[#104] app: Reload copies numbers on SIGHUP ... Signed-off-by: Artem Tataurov <a.tataurov@yadro.com>	2023-05-23 13:19:58 +03:00
Artem Tataurov	e487ee5b7d	[#70] Add arrays of copies numbers for location constraints ... Signed-off-by: Artem Tataurov <a.tataurov@yadro.com>	2023-05-03 13:48:26 +03:00