forked from TrueCloudLab/frostfs-s3-gw
134 lines
3.9 KiB
Go
134 lines
3.9 KiB
Go
|
/*
|
||
|
* MinIO Cloud Storage, (C) 2016 MinIO, Inc.
|
||
|
*
|
||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||
|
* you may not use this file except in compliance with the License.
|
||
|
* You may obtain a copy of the License at
|
||
|
*
|
||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||
|
*
|
||
|
* Unless required by applicable law or agreed to in writing, software
|
||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||
|
* See the License for the specific language governing permissions and
|
||
|
* limitations under the License.
|
||
|
*/
|
||
|
|
||
|
package madmin
|
||
|
|
||
|
import (
|
||
|
"encoding/json"
|
||
|
"io"
|
||
|
"io/ioutil"
|
||
|
"net"
|
||
|
"net/http"
|
||
|
"net/url"
|
||
|
"strings"
|
||
|
|
||
|
sha256 "github.com/minio/sha256-simd"
|
||
|
|
||
|
"github.com/minio/minio-go/v6/pkg/s3utils"
|
||
|
)
|
||
|
|
||
|
// AdminAPIVersion - admin api version used in the request.
|
||
|
const (
|
||
|
AdminAPIVersion = "v3"
|
||
|
AdminAPIVersionV2 = "v2"
|
||
|
adminAPIPrefix = "/" + AdminAPIVersion
|
||
|
)
|
||
|
|
||
|
// sum256 calculate sha256 sum for an input byte array.
|
||
|
func sum256(data []byte) []byte {
|
||
|
hash := sha256.New()
|
||
|
hash.Write(data)
|
||
|
return hash.Sum(nil)
|
||
|
}
|
||
|
|
||
|
// jsonDecoder decode json to go type.
|
||
|
func jsonDecoder(body io.Reader, v interface{}) error {
|
||
|
d := json.NewDecoder(body)
|
||
|
return d.Decode(v)
|
||
|
}
|
||
|
|
||
|
// getEndpointURL - construct a new endpoint.
|
||
|
func getEndpointURL(endpoint string, secure bool) (*url.URL, error) {
|
||
|
if strings.Contains(endpoint, ":") {
|
||
|
host, _, err := net.SplitHostPort(endpoint)
|
||
|
if err != nil {
|
||
|
return nil, err
|
||
|
}
|
||
|
if !s3utils.IsValidIP(host) && !s3utils.IsValidDomain(host) {
|
||
|
msg := "Endpoint: " + endpoint + " does not follow ip address or domain name standards."
|
||
|
return nil, ErrInvalidArgument(msg)
|
||
|
}
|
||
|
} else {
|
||
|
if !s3utils.IsValidIP(endpoint) && !s3utils.IsValidDomain(endpoint) {
|
||
|
msg := "Endpoint: " + endpoint + " does not follow ip address or domain name standards."
|
||
|
return nil, ErrInvalidArgument(msg)
|
||
|
}
|
||
|
}
|
||
|
|
||
|
// If secure is false, use 'http' scheme.
|
||
|
scheme := "https"
|
||
|
if !secure {
|
||
|
scheme = "http"
|
||
|
}
|
||
|
|
||
|
// Strip the obvious :443 and :80 from the endpoint
|
||
|
// to avoid the signature mismatch error.
|
||
|
if secure && strings.HasSuffix(endpoint, ":443") {
|
||
|
endpoint = strings.TrimSuffix(endpoint, ":443")
|
||
|
}
|
||
|
if !secure && strings.HasSuffix(endpoint, ":80") {
|
||
|
endpoint = strings.TrimSuffix(endpoint, ":80")
|
||
|
}
|
||
|
|
||
|
// Construct a secured endpoint URL.
|
||
|
endpointURLStr := scheme + "://" + endpoint
|
||
|
endpointURL, err := url.Parse(endpointURLStr)
|
||
|
if err != nil {
|
||
|
return nil, err
|
||
|
}
|
||
|
|
||
|
// Validate incoming endpoint URL.
|
||
|
if err := isValidEndpointURL(endpointURL.String()); err != nil {
|
||
|
return nil, err
|
||
|
}
|
||
|
return endpointURL, nil
|
||
|
}
|
||
|
|
||
|
// Verify if input endpoint URL is valid.
|
||
|
func isValidEndpointURL(endpointURL string) error {
|
||
|
if endpointURL == "" {
|
||
|
return ErrInvalidArgument("Endpoint url cannot be empty.")
|
||
|
}
|
||
|
url, err := url.Parse(endpointURL)
|
||
|
if err != nil {
|
||
|
return ErrInvalidArgument("Endpoint url cannot be parsed.")
|
||
|
}
|
||
|
if url.Path != "/" && url.Path != "" {
|
||
|
return ErrInvalidArgument("Endpoint url cannot have fully qualified paths.")
|
||
|
}
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
// closeResponse close non nil response with any response Body.
|
||
|
// convenient wrapper to drain any remaining data on response body.
|
||
|
//
|
||
|
// Subsequently this allows golang http RoundTripper
|
||
|
// to re-use the same connection for future requests.
|
||
|
func closeResponse(resp *http.Response) {
|
||
|
// Callers should close resp.Body when done reading from it.
|
||
|
// If resp.Body is not closed, the Client's underlying RoundTripper
|
||
|
// (typically Transport) may not be able to re-use a persistent TCP
|
||
|
// connection to the server for a subsequent "keep-alive" request.
|
||
|
if resp != nil && resp.Body != nil {
|
||
|
// Drain any remaining Body and then close the connection.
|
||
|
// Without this closing connection would disallow re-using
|
||
|
// the same connection for future uses.
|
||
|
// - http://stackoverflow.com/a/17961593/4465767
|
||
|
io.Copy(ioutil.Discard, resp.Body)
|
||
|
resp.Body.Close()
|
||
|
}
|
||
|
}
|