maxmustermann/minio
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
minio/cmd/api-errors.go

1024 lines
36 KiB
Go
Raw Normal View History

Add license and fix development scripts
2015-02-15 09:48:15 +01:00
/*
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
* Minio Cloud Storage, (C) 2015, 2016, 2017, 2018 Minio, Inc.
Add license and fix development scripts
2015-02-15 09:48:15 +01:00
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
server: Move all the top level files into cmd folder. (#2490) This change brings a change which was done for the 'mc' package to allow for clean repo and have a cleaner github drop in experience.
2016-08-19 01:23:42 +02:00
package cmd
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
import (
Bring etcd support for bucket DNS federation - Supports centralized `config.json` - Supports centralized `bucket` service records for client lookups - implement a new proxy forwarder
2018-02-03 03:18:52 +01:00
"context"
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
"encoding/xml"
Fix config set handler (#5384) - Return error when the config JSON has duplicate keys (fixes #5286) - Limit size of configuration file provided to 256KiB - this prevents another form of DoS
2018-01-11 08:06:36 +01:00
"fmt"
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
"net/http"
Simplify data verification with HashReader. (#5071) Verify() was being called by caller after the data has been successfully read after io.EOF. This disconnection opens a race under concurrent access to such an object. Verification is not necessary outside of Read() call, we can simply just do checksum verification right inside Read() call at io.EOF. This approach simplifies the usage.
2017-10-22 07:30:34 +02:00
move credentials as separate package (#5115)
2017-10-31 19:54:32 +01:00
"github.com/minio/minio/pkg/auth"
Update federation target to etcd/clientv3 (#6119) With CoreDNS now supporting etcdv3 as the DNS backend, we can update our federation target to etcdv3. Users will now be able to use etcdv3 server as the federation backbone. Minio will update bucket data to etcdv3 and CoreDNS can pick that data up and serve it as bucket style DNS path.
2018-07-12 23:12:40 +02:00
"github.com/minio/minio/pkg/dns"
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
"github.com/minio/minio/pkg/event"
Simplify data verification with HashReader. (#5071) Verify() was being called by caller after the data has been successfully read after io.EOF. This disconnection opens a race under concurrent access to such an object. Verification is not necessary outside of Read() call, we can simply just do checksum verification right inside Read() call at io.EOF. This approach simplifies the usage.
2017-10-22 07:30:34 +02:00
"github.com/minio/minio/pkg/hash"
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
)
Move all server and controller packages into top-level
2015-09-19 09:52:01 +02:00
// APIError structure
type APIError struct {
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
Code string
Description string
Golint cleanup pkg/api
2015-03-06 06:07:19 +01:00
HTTPStatusCode int
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
}
Move all server and controller packages into top-level
2015-09-19 09:52:01 +02:00
// APIErrorResponse - error response format
type APIErrorResponse struct {
s3cmd: Handle support for s3cmd.
2015-12-10 00:38:40 +01:00
XMLName xml.Name `xml:"Error" json:"-"`
Code string
Message string
Key string
BucketName string
Resource string
Move admin APIs to new path and add redesigned heal APIs (#5351) - Changes related to moving admin APIs - admin APIs now have an endpoint under /minio/admin - admin APIs are now versioned - a new API to server the version is added at "GET /minio/admin/version" and all API operations have the path prefix /minio/admin/v1/<operation> - new service stop API added - credentials change API is moved to /minio/admin/v1/config/credential - credentials change API and configuration get/set API now require TLS so that credentials are protected - all API requests now receive JSON - heal APIs are disabled as they will be changed substantially - Heal API changes Heal API is now provided at a single endpoint with the ability for a client to start a heal sequence on all the data in the server, a single bucket, or under a prefix within a bucket. When a heal sequence is started, the server returns a unique token that needs to be used for subsequent 'status' requests to fetch heal results. On each status request from the client, the server returns heal result records that it has accumulated since the previous status request. The server accumulates upto 1000 records and pauses healing further objects until the client requests for status. If the client does not request any further records for a long time, the server aborts the heal sequence automatically. A heal result record is returned for each entity healed on the server, such as system metadata, object metadata, buckets and objects, and has information about the before and after states on each disk. A client may request to force restart a heal sequence - this causes the running heal sequence to be aborted at the next safe spot and starts a new heal sequence.
2018-01-22 23:54:55 +01:00
RequestID string `xml:"RequestId" json:"RequestId"`
HostID string `xml:"HostId" json:"HostId"`
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
}
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
// APIErrorCode type of error status.
type APIErrorCode int
Implement x-amz-acl handling
2015-04-23 01:28:13 +02:00
// Error codes, non exhaustive list - http://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
const (
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrNone APIErrorCode = iota
ErrAccessDenied
ErrBadDigest
ErrEntityTooSmall
ErrEntityTooLarge
ErrIncompleteBody
ErrInternalError
ErrInvalidAccessKeyID
ErrInvalidBucketName
ErrInvalidDigest
ErrInvalidRange
api: CopyObjectPart was copying wrong offsets due to shadowing. (#3838) startOffset was re-assigned to '0' so it would end up copying wrong content ignoring the requested startOffset. This also fixes the corruption issue we observed while using docker registry. Fixes https://github.com/docker/distribution/issues/2205 Also fixes #3842 - incorrect routing.
2017-03-04 01:32:04 +01:00
ErrInvalidCopyPartRange
ErrInvalidCopyPartRangeSource
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrInvalidMaxKeys
ErrInvalidMaxUploads
ErrInvalidMaxParts
ErrInvalidPartNumberMarker
ErrInvalidRequestBody
ErrInvalidCopySource
objAPI: Implement CopyObject API. (#3487) This is written so that to simplify our handler code and provide a way to only update metadata instead of the data when source and destination in CopyObject request are same. Fixes #3316
2016-12-27 01:29:26 +01:00
ErrInvalidMetadataDirective
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrInvalidCopyDest
ErrInvalidPolicyDocument
Translate storage access denied error to S3 Access Denied response (#3015)
2016-10-21 01:09:55 +02:00
ErrInvalidObjectState
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrMalformedXML
ErrMissingContentLength
ErrMissingContentMD5
ErrMissingRequestBodyError
ErrNoSuchBucket
ErrNoSuchBucketPolicy
ErrNoSuchKey
ErrNoSuchUpload
ErrNotImplemented
api: Sent ErrPreconditionFailed on If-Match failure (#2009) * api: Sent ErrPreconditionFailed on If-Match failure ref: http://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList * tests: Added functional tests for GetObject w/ If-Match headers set * tests: Used verifyError to simplify errorCode and description matching on error
2016-06-28 10:18:18 +02:00
ErrPreconditionFailed
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrRequestTimeTooSkewed
ErrSignatureDoesNotMatch
ErrMethodNotAllowed
ErrInvalidPart
ErrInvalidPartOrder
ErrAuthorizationHeaderMalformed
ErrMalformedPOSTRequest
Presigend Post: Error out when File is not found (#3723) Follow S3 behavior when no File is sent in the presigned post request form.
2017-02-09 21:37:32 +01:00
ErrPOSTFileRequired
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrSignatureVersionNotSupported
ErrBucketNotEmpty
ErrAllAccessDisabled
ErrMalformedPolicy
error: Signature errors should be returned with APIErrorCode. The reasoning is that we can reply back with wide range of S3 error responses, which would provide more richer context to S3 client. Fixes #1267
2016-03-31 05:04:51 +02:00
ErrMissingFields
ErrMissingCredTag
ErrCredMalformed
ErrInvalidRegion
ErrInvalidService
ErrInvalidRequestVersion
ErrMissingSignTag
ErrMissingSignHeadersTag
ErrPolicyAlreadyExpired
ErrMalformedDate
presignV4: fix errors response and tests. (#2375) - Fix error response when one of the query params in the presign URL is missing. - Exhasutive test coverage for presignv4.
2016-08-09 18:13:15 +02:00
ErrMalformedPresignedDate
ErrMalformedCredentialDate
ErrMalformedCredentialRegion
error: Signature errors should be returned with APIErrorCode. The reasoning is that we can reply back with wide range of S3 error responses, which would provide more richer context to S3 client. Fixes #1267
2016-03-31 05:04:51 +02:00
ErrMalformedExpires
presignV4: fix errors response and tests. (#2375) - Fix error response when one of the query params in the presign URL is missing. - Exhasutive test coverage for presignv4.
2016-08-09 18:13:15 +02:00
ErrNegativeExpires
error: Signature errors should be returned with APIErrorCode. The reasoning is that we can reply back with wide range of S3 error responses, which would provide more richer context to S3 client. Fixes #1267
2016-03-31 05:04:51 +02:00
ErrAuthHeaderEmpty
ErrExpiredPresignRequest
Add Request Not Ready error when presigned date request is not valid (#2646)
2016-09-10 09:38:07 +02:00
ErrRequestNotReadyYet
presignV4: fix errors response and tests. (#2375) - Fix error response when one of the query params in the presign URL is missing. - Exhasutive test coverage for presignv4.
2016-08-09 18:13:15 +02:00
ErrUnsignedHeaders
error: Signature errors should be returned with APIErrorCode. The reasoning is that we can reply back with wide range of S3 error responses, which would provide more richer context to S3 client. Fixes #1267
2016-03-31 05:04:51 +02:00
ErrMissingDateHeader
ErrInvalidQuerySignatureAlgo
ErrInvalidQueryParams
minio: Replace 'bucket already exists' error by 'bucket already owned by you'. (#1465) S3 API returns BucketAlreadyExists error when some another user has such bucket. If user that creates the bucket already has it, s3 returns BucketAlreadyOwnedByYou. As minio has only one user, it should behave accordingly. Otherwise it causes failures in the applications that ignore creation of already existing bucket in the account, but fail when bucket name is used by someone else.
2016-05-03 12:19:04 +02:00
ErrBucketAlreadyOwnedByYou
Implement list, clear locks REST API w/ pkg/madmin support (#3491) * Filter lock info based on bucket, prefix and time since lock was held * Implement list and clear locks REST API * madmin: Add list and clear locks API * locks: Clear locks matching bucket, prefix, relTime. * Gather lock information across nodes for both list and clear locks admin REST API. * docs: Add lock API to management APIs
2017-01-04 08:39:22 +01:00
ErrInvalidDuration
Return BucketAlreadyExists when bucket exists with another user
2017-05-08 23:53:47 +02:00
ErrBucketAlreadyExists
restirct max size of http header and user metadata (#4634) (#4680) S3 only allows http headers with a size of 8 KB and user-defined metadata with a size of 2 KB. This change adds a new API error and returns this error to clients which sends to large http requests. Fixes #4634
2017-08-23 01:53:35 +02:00
ErrMetadataTooLarge
azure: handle encryption headers and azure InvalidMetadata error (#4893) Previously minio gateway returns invalid bucket name error for invalid meta data. This is fixed by returning BadRequest with 'Unsupported metadata' in response. Fixes #4891
2017-09-13 01:14:41 +02:00
ErrUnsupportedMetadata
Check for value > 7 days in X-Amz-Expires header. (#5163) Add a check to see if the X-Amz-Expires header in the presigned URL is less than 7 days. Fixes #5162
2017-11-13 21:54:03 +01:00
ErrMaximumExpires
Limit number of connections upto system maxlimit (#5109)
2017-12-20 09:00:14 +01:00
ErrSlowDown
fix: listobjects return empty response for invalid prefix/marker (#5425) Currently minio server returns a NotImplemented error when marker is not common with prefix. Instead, return an empty ListObjectsResponse
2018-01-18 23:39:39 +01:00
ErrInvalidPrefixMarker
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
// Add new error codes here.
obj: Object api handle all errors in common location. (#1343)
2016-04-21 02:23:23 +02:00
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-08 00:18:59 +01:00
// Server-Side-Encryption (with Customer provided key) related API errors.
ErrInsecureSSECustomerRequest
Add multipart support in SSE-C encryption (#5576) *) Add Put/Get support of multipart in encryption *) Add GET Range support for encryption *) Add CopyPart encrypted support *) Support decrypting of large single PUT object
2018-03-01 20:37:57 +01:00
ErrSSEMultipartEncrypted
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-08 00:18:59 +01:00
ErrSSEEncryptedObject
ErrInvalidEncryptionParameters
ErrInvalidSSECustomerAlgorithm
ErrInvalidSSECustomerKey
ErrMissingSSECustomerKey
ErrMissingSSECustomerKeyMD5
ErrSSECustomerKeyMD5Mismatch
return AWS S3 compatible error for invalid but equal keys during key rotation (#5783) This change let the server return the S3 error for a key rotation if the source key is not valid but equal to the destination key. This change also fixes the SSE-C error messages since AWS returns error messages ending with a '.'. Fixes #5625
2018-04-06 23:15:23 +02:00
ErrInvalidSSECustomerParameters
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-08 00:18:59 +01:00
api: Implement bucket notification. (#2271) * Implement basic S3 notifications through queues Supports multiple queues and three basic queue types: 1. NilQueue -- messages don't get sent anywhere 2. LogQueue -- messages get logged 3. AmqpQueue -- messages are sent to an AMQP queue * api: Implement bucket notification. Supports two different queue types - AMQP - ElasticSearch. * Add support for redis
2016-07-24 07:51:12 +02:00
// Bucket notification related errors.
ErrEventNotification
ErrARNNotification
ErrRegionNotification
ErrOverlappingFilterNotification
api: Bucket notification add filter rules check and validate. (#2272) These filtering techniques are used to validate object names for their prefix and suffix.
2016-07-26 02:53:55 +02:00
ErrFilterNameInvalid
ErrFilterNamePrefix
ErrFilterNameSuffix
Allow asterisk character in key names (#2487)
2016-08-18 21:00:01 +02:00
ErrFilterValueInvalid
api: BucketNotification should disallow duplicate notification. (#2539) Added checks to look for duplicated notification configs. Fixes #2472
2016-08-24 03:42:30 +02:00
ErrOverlappingConfigs
Fix validation in PutBucketNotification handler (#4841) Fixes #4813 If a TopicConfiguration element or CloudFunction element is found in configuration submitted to PutBucketNotification API, an BadRequest error is returned.
2017-08-24 00:58:02 +02:00
ErrUnsupportedNotification
api: Implement bucket notification. (#2271) * Implement basic S3 notifications through queues Supports multiple queues and three basic queue types: 1. NilQueue -- messages don't get sent anywhere 2. LogQueue -- messages get logged 3. AmqpQueue -- messages are sent to an AMQP queue * api: Implement bucket notification. Supports two different queue types - AMQP - ElasticSearch. * Add support for redis
2016-07-24 07:51:12 +02:00
handler/PUT: Handle signature verification through a custom reader. (#2066) Change brings in a new signVerifyReader which provides a io.Reader compatible reader, additionally implements Verify() function. Verify() function validates the signature present in the incoming request. This approach is choosen to avoid complexities involved in using io.Pipe(). Thanks to Krishna for his inputs on this. Fixes #2058 Fixes #2054 Fixes #2087
2016-07-05 10:04:50 +02:00
// S3 extended errors.
ErrContentSHA256Mismatch
api: Set content-encoding properly if set. (#2245) Additionally don't set content-type if not present, golang http server automaticaly handles this and sets it automatically.
2016-07-20 21:40:20 +02:00
handler/PUT: Handle signature verification through a custom reader. (#2066) Change brings in a new signVerifyReader which provides a io.Reader compatible reader, additionally implements Verify() function. Verify() function validates the signature present in the incoming request. This approach is choosen to avoid complexities involved in using io.Pipe(). Thanks to Krishna for his inputs on this. Fixes #2058 Fixes #2054 Fixes #2087
2016-07-05 10:04:50 +02:00
// Add new extended error codes here.
api: Extend S3 errors with Minio errors. (#1533) Fixes #1530
2016-05-08 21:36:16 +02:00
// Minio extended errors.
handlers: overhaul entire writErrorResponse, simplify. (#1472)
2016-05-06 05:24:29 +02:00
ErrReadQuorum
ErrWriteQuorum
api: Extend S3 errors with Minio errors. (#1533) Fixes #1530
2016-05-08 21:36:16 +02:00
ErrStorageFull
Move admin APIs to new path and add redesigned heal APIs (#5351) - Changes related to moving admin APIs - admin APIs now have an endpoint under /minio/admin - admin APIs are now versioned - a new API to server the version is added at "GET /minio/admin/version" and all API operations have the path prefix /minio/admin/v1/<operation> - new service stop API added - credentials change API is moved to /minio/admin/v1/config/credential - credentials change API and configuration get/set API now require TLS so that credentials are protected - all API requests now receive JSON - heal APIs are disabled as they will be changed substantially - Heal API changes Heal API is now provided at a single endpoint with the ability for a client to start a heal sequence on all the data in the server, a single bucket, or under a prefix within a bucket. When a heal sequence is started, the server returns a unique token that needs to be used for subsequent 'status' requests to fetch heal results. On each status request from the client, the server returns heal result records that it has accumulated since the previous status request. The server accumulates upto 1000 records and pauses healing further objects until the client requests for status. If the client does not request any further records for a long time, the server aborts the heal sequence automatically. A heal result record is returned for each entity healed on the server, such as system metadata, object metadata, buckets and objects, and has information about the before and after states on each disk. A client may request to force restart a heal sequence - this causes the running heal sequence to be aborted at the next safe spot and starts a new heal sequence.
2018-01-22 23:54:55 +01:00
ErrRequestBodyParse
api: Extend S3 errors with Minio errors. (#1533) Fixes #1530
2016-05-08 21:36:16 +02:00
ErrObjectExistsAsDirectory
api: Add new bucket policy nesting error (#1883) * Added ErrPolicyNesting which is returned when nesting of policies has occured * Replaces ErrMalformedPolicy in the case of nesting * Changed test case in bucket-policy-parser_test.go (ErrMalformedPolicy -> ErrPolicyNesting)
2016-06-09 10:53:56 +02:00
ErrPolicyNesting
Added specific error for InvalidObjectName (#2157)
2016-07-10 02:11:08 +02:00
ErrInvalidObjectName
server: Validate path for bad components in a handler. (#4170)
2017-04-25 03:13:46 +02:00
ErrInvalidResourceName
Move the ObjectAPI() resource to be beginning of each handlers. We should return back proper errors so that the clients can retry until server has been initialized.
2016-08-11 03:47:49 +02:00
ErrServerNotInitialized
Add support for timeouts for locks (#4377)
2017-08-31 20:29:22 +02:00
ErrOperationTimedOut
fs: All parts except the last part should be of the same size (#5045) fixes #4881
2017-10-17 21:01:28 +02:00
ErrPartsSizeUnequal
Virtual host style S3 requests (#5095)
2017-11-15 01:56:24 +01:00
ErrInvalidRequest
Fix storage class related issues (#5322) - Add storage class metadata validation for request header - Change storage class header values to be consistent with AWS S3 - Refactor internal method to take only the reqd argument
2017-12-27 05:36:16 +01:00
// Minio storage class error codes
ErrInvalidStorageClass
Add disk based edge caching support. (#5182) This PR adds disk based edge caching support for minio server. Cache settings can be configured in config.json to take list of disk drives, cache expiry in days and file patterns to exclude from cache or via environment variables MINIO_CACHE_DRIVES, MINIO_CACHE_EXCLUDE and MINIO_CACHE_EXPIRY Design assumes that Atime support is enabled and the list of cache drives is fixed. - Objects are cached on both GET and PUT/POST operations. - Expiry is used as hint to evict older entries from cache, or if 80% of cache capacity is filled. - When object storage backend is down, GET, LIST and HEAD operations fetch object seamlessly from cache. Current Limitations - Bucket policies are not cached, so anonymous operations are not supported in offline mode. - Objects are distributed using deterministic hashing among list of cache drives specified.If one or more drives go offline, or cache drive configuration is altered - performance could degrade to linear lookup. Fixes #4026
2018-03-28 23:14:06 +02:00
ErrBackendDown
handler/PUT: Handle signature verification through a custom reader. (#2066) Change brings in a new signVerifyReader which provides a io.Reader compatible reader, additionally implements Verify() function. Verify() function validates the signature present in the incoming request. This approach is choosen to avoid complexities involved in using io.Pipe(). Thanks to Krishna for his inputs on this. Fixes #2058 Fixes #2054 Fixes #2087
2016-07-05 10:04:50 +02:00
// Add new extended error codes here.
// Please open a https://github.com/minio/minio/issues before adding
// new error codes here.
admin: Add service Set Credentials API (#3580)
2017-01-17 23:25:59 +01:00
Move admin APIs to new path and add redesigned heal APIs (#5351) - Changes related to moving admin APIs - admin APIs now have an endpoint under /minio/admin - admin APIs are now versioned - a new API to server the version is added at "GET /minio/admin/version" and all API operations have the path prefix /minio/admin/v1/<operation> - new service stop API added - credentials change API is moved to /minio/admin/v1/config/credential - credentials change API and configuration get/set API now require TLS so that credentials are protected - all API requests now receive JSON - heal APIs are disabled as they will be changed substantially - Heal API changes Heal API is now provided at a single endpoint with the ability for a client to start a heal sequence on all the data in the server, a single bucket, or under a prefix within a bucket. When a heal sequence is started, the server returns a unique token that needs to be used for subsequent 'status' requests to fetch heal results. On each status request from the client, the server returns heal result records that it has accumulated since the previous status request. The server accumulates upto 1000 records and pauses healing further objects until the client requests for status. If the client does not request any further records for a long time, the server aborts the heal sequence automatically. A heal result record is returned for each entity healed on the server, such as system metadata, object metadata, buckets and objects, and has information about the before and after states on each disk. A client may request to force restart a heal sequence - this causes the running heal sequence to be aborted at the next safe spot and starts a new heal sequence.
2018-01-22 23:54:55 +01:00
ErrMalformedJSON
admin: Add service Set Credentials API (#3580)
2017-01-17 23:25:59 +01:00
ErrAdminInvalidAccessKey
ErrAdminInvalidSecretKey
Implement SetConfig admin API handler. (#3792)
2017-02-27 20:40:27 +01:00
ErrAdminConfigNoQuorum
Fix config set handler (#5384) - Return error when the config JSON has duplicate keys (fixes #5286) - Limit size of configuration file provided to 256KiB - this prevents another form of DoS
2018-01-11 08:06:36 +01:00
ErrAdminConfigTooLarge
ErrAdminConfigBadJSON
Admin: Raise error if config and env credentials mismatch (#4870)
2017-09-07 20:16:13 +02:00
ErrAdminCredentialsMismatch
Disable redirect of HTTP request to a HTTPS Minio server (#4454) Fixes #4452
2017-06-01 05:33:13 +02:00
ErrInsecureClientRequest
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-08 00:18:59 +01:00
ErrObjectTampered
Update error response when heal is not implemented (#5383)
2018-01-11 19:21:41 +01:00
ErrHealNotImplemented
Move admin APIs to new path and add redesigned heal APIs (#5351) - Changes related to moving admin APIs - admin APIs now have an endpoint under /minio/admin - admin APIs are now versioned - a new API to server the version is added at "GET /minio/admin/version" and all API operations have the path prefix /minio/admin/v1/<operation> - new service stop API added - credentials change API is moved to /minio/admin/v1/config/credential - credentials change API and configuration get/set API now require TLS so that credentials are protected - all API requests now receive JSON - heal APIs are disabled as they will be changed substantially - Heal API changes Heal API is now provided at a single endpoint with the ability for a client to start a heal sequence on all the data in the server, a single bucket, or under a prefix within a bucket. When a heal sequence is started, the server returns a unique token that needs to be used for subsequent 'status' requests to fetch heal results. On each status request from the client, the server returns heal result records that it has accumulated since the previous status request. The server accumulates upto 1000 records and pauses healing further objects until the client requests for status. If the client does not request any further records for a long time, the server aborts the heal sequence automatically. A heal result record is returned for each entity healed on the server, such as system metadata, object metadata, buckets and objects, and has information about the before and after states on each disk. A client may request to force restart a heal sequence - this causes the running heal sequence to be aborted at the next safe spot and starts a new heal sequence.
2018-01-22 23:54:55 +01:00
ErrHealNoSuchProcess
ErrHealInvalidClientToken
ErrHealMissingBucket
ErrHealAlreadyRunning
ErrHealOverlappingPaths
Minio handle for list_objects_v2 with a blank ContinuationToken (#5940) minio will now return an error for a blank continuation token in list_objects_v2,so as in s3. Fixes #5931
2018-06-25 21:35:43 +02:00
ErrIncorrectContinuationToken
Implement x-amz-acl handling
2015-04-23 01:28:13 +02:00
)
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
// error code to APIError structure, these fields carry respective
// descriptions for all the error responses.
var errorCodeResponse = map[APIErrorCode]APIError{
ErrInvalidCopyDest: {
api: Implement CopyObject s3 API, doing server side copy. Fixes #1172
2016-02-27 12:04:52 +01:00
Code: "InvalidRequest",
objAPI: Implement CopyObject API. (#3487) This is written so that to simplify our handler code and provide a way to only update metadata instead of the data when source and destination in CopyObject request are same. Fixes #3316
2016-12-27 01:29:26 +01:00
Description: "This copy request is illegal because it is trying to copy an object to itself without changing the object's metadata, storage class, website redirect location or encryption attributes.",
api: Implement CopyObject s3 API, doing server side copy. Fixes #1172
2016-02-27 12:04:52 +01:00
HTTPStatusCode: http.StatusBadRequest,
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrInvalidCopySource: {
api: Implement CopyObject s3 API, doing server side copy. Fixes #1172
2016-02-27 12:04:52 +01:00
Code: "InvalidArgument",
Description: "Copy Source must mention the source bucket and key: sourcebucket/sourcekey.",
HTTPStatusCode: http.StatusBadRequest,
},
objAPI: Implement CopyObject API. (#3487) This is written so that to simplify our handler code and provide a way to only update metadata instead of the data when source and destination in CopyObject request are same. Fixes #3316
2016-12-27 01:29:26 +01:00
ErrInvalidMetadataDirective: {
Code: "InvalidArgument",
Description: "Unknown metadata directive.",
HTTPStatusCode: http.StatusBadRequest,
},
Fix storage class related issues (#5322) - Add storage class metadata validation for request header - Change storage class header values to be consistent with AWS S3 - Refactor internal method to take only the reqd argument
2017-12-27 05:36:16 +01:00
ErrInvalidStorageClass: {
Code: "InvalidStorageClass",
Description: "Invalid storage class.",
HTTPStatusCode: http.StatusBadRequest,
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrInvalidRequestBody: {
api: Implement CopyObject s3 API, doing server side copy. Fixes #1172
2016-02-27 12:04:52 +01:00
Code: "InvalidArgument",
Description: "Body shouldn't be set for this request.",
HTTPStatusCode: http.StatusBadRequest,
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrInvalidMaxUploads: {
Return proper InvalidArgument messages like s3 for invalid data for ListObjects(), ListObjectParts(), ListMultipartUploads()
2015-07-17 02:22:45 +02:00
Code: "InvalidArgument",
server: Bring in s3 compatibility fixes. (#2099) This patch fixes majority of discrepant messages and responses previously reported. There are few discrepancies observed - S3 is not honoring 'If-Modified-Since' header. - We do not implement object policy, S3 returns a different response in this category. - Adding new headers causes signature mismatch, but Minio server is fine for example TestCopyObject() to be fixed by moving the signature logic out. Relevant bug - https://github.com/minio/minio/issues/2097 Fixes #1955
2016-07-05 10:06:30 +02:00
Description: "Argument max-uploads must be an integer between 0 and 2147483647",
Return proper InvalidArgument messages like s3 for invalid data for ListObjects(), ListObjectParts(), ListMultipartUploads()
2015-07-17 02:22:45 +02:00
HTTPStatusCode: http.StatusBadRequest,
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrInvalidMaxKeys: {
Return proper InvalidArgument messages like s3 for invalid data for ListObjects(), ListObjectParts(), ListMultipartUploads()
2015-07-17 02:22:45 +02:00
Code: "InvalidArgument",
server: Bring in s3 compatibility fixes. (#2099) This patch fixes majority of discrepant messages and responses previously reported. There are few discrepancies observed - S3 is not honoring 'If-Modified-Since' header. - We do not implement object policy, S3 returns a different response in this category. - Adding new headers causes signature mismatch, but Minio server is fine for example TestCopyObject() to be fixed by moving the signature logic out. Relevant bug - https://github.com/minio/minio/issues/2097 Fixes #1955
2016-07-05 10:06:30 +02:00
Description: "Argument maxKeys must be an integer between 0 and 2147483647",
Return proper InvalidArgument messages like s3 for invalid data for ListObjects(), ListObjectParts(), ListMultipartUploads()
2015-07-17 02:22:45 +02:00
HTTPStatusCode: http.StatusBadRequest,
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrInvalidMaxParts: {
Return proper InvalidArgument messages like s3 for invalid data for ListObjects(), ListObjectParts(), ListMultipartUploads()
2015-07-17 02:22:45 +02:00
Code: "InvalidArgument",
server: Bring in s3 compatibility fixes. (#2099) This patch fixes majority of discrepant messages and responses previously reported. There are few discrepancies observed - S3 is not honoring 'If-Modified-Since' header. - We do not implement object policy, S3 returns a different response in this category. - Adding new headers causes signature mismatch, but Minio server is fine for example TestCopyObject() to be fixed by moving the signature logic out. Relevant bug - https://github.com/minio/minio/issues/2097 Fixes #1955
2016-07-05 10:06:30 +02:00
Description: "Argument max-parts must be an integer between 0 and 2147483647",
Return proper InvalidArgument messages like s3 for invalid data for ListObjects(), ListObjectParts(), ListMultipartUploads()
2015-07-17 02:22:45 +02:00
HTTPStatusCode: http.StatusBadRequest,
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrInvalidPartNumberMarker: {
Return proper InvalidArgument messages like s3 for invalid data for ListObjects(), ListObjectParts(), ListMultipartUploads()
2015-07-17 02:22:45 +02:00
Code: "InvalidArgument",
Enhance signature handler - throw back valid error messages
2015-09-18 23:48:01 +02:00
Description: "Argument partNumberMarker must be an integer.",
Return proper InvalidArgument messages like s3 for invalid data for ListObjects(), ListObjectParts(), ListMultipartUploads()
2015-07-17 02:22:45 +02:00
HTTPStatusCode: http.StatusBadRequest,
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrInvalidPolicyDocument: {
accessPolicy: Implement Put, Get, Delete access policy. This patch implements Get,Put,Delete bucket policies Supporting - http://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html Currently supports following actions. "*": true, "s3:*": true, "s3:GetObject": true, "s3:ListBucket": true, "s3:PutObject": true, "s3:CreateBucket": true, "s3:GetBucketLocation": true, "s3:DeleteBucket": true, "s3:DeleteObject": true, "s3:AbortMultipartUpload": true, "s3:ListBucketMultipartUploads": true, "s3:ListMultipartUploadParts": true, following conditions for "StringEquals" and "StringNotEquals" "s3:prefix", "s3:max-keys"
2016-02-04 01:46:56 +01:00
Code: "InvalidPolicyDocument",
Description: "The content of the form does not meet the conditions specified in the policy document.",
HTTPStatusCode: http.StatusBadRequest,
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrAccessDenied: {
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
Code: "AccessDenied",
Enhance signature handler - throw back valid error messages
2015-09-18 23:48:01 +02:00
Description: "Access Denied.",
Golint cleanup pkg/api
2015-03-06 06:07:19 +01:00
HTTPStatusCode: http.StatusForbidden,
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrBadDigest: {
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
Code: "BadDigest",
api: Implement multiple objects Delete api - fixes #956 This API takes input XML input in following form. ``` <?xml version="1.0" encoding="UTF-8"?> <Delete> <Quiet>true</Quiet> <Object> <Key>Key</Key> </Object> <Object> <Key>Key</Key> </Object> ... </Delete> ``` and responds the list of successful deletes, list of errors for all the deleted objects. ``` <?xml version="1.0" encoding="UTF-8"?> <DeleteResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Deleted> <Key>sample1.txt</Key> </Deleted> <Error> <Key>sample2.txt</Key> <Code>AccessDenied</Code> <Message>Access Denied</Message> </Error> </DeleteResult> ```
2016-03-06 01:43:48 +01:00
Description: "The Content-Md5 you specified did not match what we received.",
Golint cleanup pkg/api
2015-03-06 06:07:19 +01:00
HTTPStatusCode: http.StatusBadRequest,
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrEntityTooSmall: {
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
Code: "EntityTooSmall",
Description: "Your proposed upload is smaller than the minimum allowed object size.",
Golint cleanup pkg/api
2015-03-06 06:07:19 +01:00
HTTPStatusCode: http.StatusBadRequest,
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrEntityTooLarge: {
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
Code: "EntityTooLarge",
Description: "Your proposed upload exceeds the maximum allowed object size.",
Golint cleanup pkg/api
2015-03-06 06:07:19 +01:00
HTTPStatusCode: http.StatusBadRequest,
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrIncompleteBody: {
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
Code: "IncompleteBody",
Enhance signature handler - throw back valid error messages
2015-09-18 23:48:01 +02:00
Description: "You did not provide the number of bytes specified by the Content-Length HTTP header.",
Golint cleanup pkg/api
2015-03-06 06:07:19 +01:00
HTTPStatusCode: http.StatusBadRequest,
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrInternalError: {
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
Code: "InternalError",
Description: "We encountered an internal error, please try again.",
Golint cleanup pkg/api
2015-03-06 06:07:19 +01:00
HTTPStatusCode: http.StatusInternalServerError,
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrInvalidAccessKeyID: {
fix InvalidAccessKeyId error according to amazon documentation (#4404) http://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html
2017-05-24 05:07:52 +02:00
Code: "InvalidAccessKeyId",
Golint cleanup pkg/api
2015-03-06 06:07:19 +01:00
Description: "The access key ID you provided does not exist in our records.",
HTTPStatusCode: http.StatusForbidden,
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrInvalidBucketName: {
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
Code: "InvalidBucketName",
Description: "The specified bucket is not valid.",
Golint cleanup pkg/api
2015-03-06 06:07:19 +01:00
HTTPStatusCode: http.StatusBadRequest,
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrInvalidDigest: {
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
Code: "InvalidDigest",
api: Implement multiple objects Delete api - fixes #956 This API takes input XML input in following form. ``` <?xml version="1.0" encoding="UTF-8"?> <Delete> <Quiet>true</Quiet> <Object> <Key>Key</Key> </Object> <Object> <Key>Key</Key> </Object> ... </Delete> ``` and responds the list of successful deletes, list of errors for all the deleted objects. ``` <?xml version="1.0" encoding="UTF-8"?> <DeleteResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Deleted> <Key>sample1.txt</Key> </Deleted> <Error> <Key>sample2.txt</Key> <Code>AccessDenied</Code> <Message>Access Denied</Message> </Error> </DeleteResult> ```
2016-03-06 01:43:48 +01:00
Description: "The Content-Md5 you specified is not valid.",
Golint cleanup pkg/api
2015-03-06 06:07:19 +01:00
HTTPStatusCode: http.StatusBadRequest,
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrInvalidRange: {
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
Code: "InvalidRange",
server: Bring in s3 compatibility fixes. (#2099) This patch fixes majority of discrepant messages and responses previously reported. There are few discrepancies observed - S3 is not honoring 'If-Modified-Since' header. - We do not implement object policy, S3 returns a different response in this category. - Adding new headers causes signature mismatch, but Minio server is fine for example TestCopyObject() to be fixed by moving the signature logic out. Relevant bug - https://github.com/minio/minio/issues/2097 Fixes #1955
2016-07-05 10:06:30 +02:00
Description: "The requested range is not satisfiable",
Golint cleanup pkg/api
2015-03-06 06:07:19 +01:00
HTTPStatusCode: http.StatusRequestedRangeNotSatisfiable,
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrMalformedXML: {
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
Code: "MalformedXML",
Description: "The XML you provided was not well-formed or did not validate against our published schema.",
Golint cleanup pkg/api
2015-03-06 06:07:19 +01:00
HTTPStatusCode: http.StatusBadRequest,
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrMissingContentLength: {
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
Code: "MissingContentLength",
Description: "You must provide the Content-Length HTTP header.",
Golint cleanup pkg/api
2015-03-06 06:07:19 +01:00
HTTPStatusCode: http.StatusLengthRequired,
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrMissingContentMD5: {
api: Implement multiple objects Delete api - fixes #956 This API takes input XML input in following form. ``` <?xml version="1.0" encoding="UTF-8"?> <Delete> <Quiet>true</Quiet> <Object> <Key>Key</Key> </Object> <Object> <Key>Key</Key> </Object> ... </Delete> ``` and responds the list of successful deletes, list of errors for all the deleted objects. ``` <?xml version="1.0" encoding="UTF-8"?> <DeleteResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Deleted> <Key>sample1.txt</Key> </Deleted> <Error> <Key>sample2.txt</Key> <Code>AccessDenied</Code> <Message>Access Denied</Message> </Error> </DeleteResult> ```
2016-03-06 01:43:48 +01:00
Code: "MissingContentMD5",
Description: "Missing required header for this request: Content-Md5.",
HTTPStatusCode: http.StatusBadRequest,
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrMissingRequestBodyError: {
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
Code: "MissingRequestBodyError",
Description: "Request body is empty.",
Golint cleanup pkg/api
2015-03-06 06:07:19 +01:00
HTTPStatusCode: http.StatusLengthRequired,
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrNoSuchBucket: {
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
Code: "NoSuchBucket",
server: Bring in s3 compatibility fixes. (#2099) This patch fixes majority of discrepant messages and responses previously reported. There are few discrepancies observed - S3 is not honoring 'If-Modified-Since' header. - We do not implement object policy, S3 returns a different response in this category. - Adding new headers causes signature mismatch, but Minio server is fine for example TestCopyObject() to be fixed by moving the signature logic out. Relevant bug - https://github.com/minio/minio/issues/2097 Fixes #1955
2016-07-05 10:06:30 +02:00
Description: "The specified bucket does not exist",
Golint cleanup pkg/api
2015-03-06 06:07:19 +01:00
HTTPStatusCode: http.StatusNotFound,
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrNoSuchBucketPolicy: {
accessPolicy: Implement Put, Get, Delete access policy. This patch implements Get,Put,Delete bucket policies Supporting - http://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html Currently supports following actions. "*": true, "s3:*": true, "s3:GetObject": true, "s3:ListBucket": true, "s3:PutObject": true, "s3:CreateBucket": true, "s3:GetBucketLocation": true, "s3:DeleteBucket": true, "s3:DeleteObject": true, "s3:AbortMultipartUpload": true, "s3:ListBucketMultipartUploads": true, "s3:ListMultipartUploadParts": true, following conditions for "StringEquals" and "StringNotEquals" "s3:prefix", "s3:max-keys"
2016-02-04 01:46:56 +01:00
Code: "NoSuchBucketPolicy",
s3: Fix compliance bugs reported by s3verify. (#2624) - Fixes couple of error strings reported are mismatching. - Fixes a error HTTP status which was wrong fixed. - Remove usage of an deprecated PostResponse, au contraire to their documentation there is no response body in PostPolicy.
2016-09-06 11:18:02 +02:00
Description: "The bucket policy does not exist",
accessPolicy: Implement Put, Get, Delete access policy. This patch implements Get,Put,Delete bucket policies Supporting - http://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html Currently supports following actions. "*": true, "s3:*": true, "s3:GetObject": true, "s3:ListBucket": true, "s3:PutObject": true, "s3:CreateBucket": true, "s3:GetBucketLocation": true, "s3:DeleteBucket": true, "s3:DeleteObject": true, "s3:AbortMultipartUpload": true, "s3:ListBucketMultipartUploads": true, "s3:ListMultipartUploadParts": true, following conditions for "StringEquals" and "StringNotEquals" "s3:prefix", "s3:max-keys"
2016-02-04 01:46:56 +01:00
HTTPStatusCode: http.StatusNotFound,
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrNoSuchKey: {
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
Code: "NoSuchKey",
Description: "The specified key does not exist.",
Golint cleanup pkg/api
2015-03-06 06:07:19 +01:00
HTTPStatusCode: http.StatusNotFound,
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrNoSuchUpload: {
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
Code: "NoSuchUpload",
api/multipart: Send S3 compatible error message, missing second sentence. (#2270)
2016-07-23 02:05:40 +02:00
Description: "The specified multipart upload does not exist. The upload ID may be invalid, or the upload may have been aborted or completed.",
Golint cleanup pkg/api
2015-03-06 06:07:19 +01:00
HTTPStatusCode: http.StatusNotFound,
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrNotImplemented: {
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
Code: "NotImplemented",
server: Bring in s3 compatibility fixes. (#2099) This patch fixes majority of discrepant messages and responses previously reported. There are few discrepancies observed - S3 is not honoring 'If-Modified-Since' header. - We do not implement object policy, S3 returns a different response in this category. - Adding new headers causes signature mismatch, but Minio server is fine for example TestCopyObject() to be fixed by moving the signature logic out. Relevant bug - https://github.com/minio/minio/issues/2097 Fixes #1955
2016-07-05 10:06:30 +02:00
Description: "A header you provided implies functionality that is not implemented",
Golint cleanup pkg/api
2015-03-06 06:07:19 +01:00
HTTPStatusCode: http.StatusNotImplemented,
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
},
api: Sent ErrPreconditionFailed on If-Match failure (#2009) * api: Sent ErrPreconditionFailed on If-Match failure ref: http://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList * tests: Added functional tests for GetObject w/ If-Match headers set * tests: Used verifyError to simplify errorCode and description matching on error
2016-06-28 10:18:18 +02:00
ErrPreconditionFailed: {
Code: "PreconditionFailed",
API/handler: CopyObject make it behave in accordance with S3 spec. (#2155) Fixes bugs found while running s3verify tool - fixes #2152
2016-07-09 21:13:40 +02:00
Description: "At least one of the pre-conditions you specified did not hold",
api: Sent ErrPreconditionFailed on If-Match failure (#2009) * api: Sent ErrPreconditionFailed on If-Match failure ref: http://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList * tests: Added functional tests for GetObject w/ If-Match headers set * tests: Used verifyError to simplify errorCode and description matching on error
2016-06-28 10:18:18 +02:00
HTTPStatusCode: http.StatusPreconditionFailed,
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrRequestTimeTooSkewed: {
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
Code: "RequestTimeTooSkewed",
Description: "The difference between the request time and the server's time is too large.",
Golint cleanup pkg/api
2015-03-06 06:07:19 +01:00
HTTPStatusCode: http.StatusForbidden,
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrSignatureDoesNotMatch: {
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
Code: "SignatureDoesNotMatch",
TestServer introduction and revamp of functional tests. (#1940) Allows for easy creation of Test server with temp backend. changes
2016-06-21 21:10:18 +02:00
Description: "The request signature we calculated does not match the signature you provided. Check your key and signing method.",
Golint cleanup pkg/api
2015-03-06 06:07:19 +01:00
HTTPStatusCode: http.StatusForbidden,
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrMethodNotAllowed: {
Verify if request date is 5minutes late, reject such a request as it could be a possible replay attack. This commit also fixes #505, by returning MethodNotAllowed instead of NotImplemented
2015-04-27 12:54:49 +02:00
Code: "MethodNotAllowed",
Description: "The specified method is not allowed against this resource.",
HTTPStatusCode: http.StatusMethodNotAllowed,
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrInvalidPart: {
Reply back CompleteMultipartUploadResult properly with final ETag computed - Now s3 libraries and also objectstorage-go work properly
2015-05-08 07:43:19 +02:00
Code: "InvalidPart",
xl/fs: Return InvalidPart{} error for part ETag mismatch. (#4541) Fixes #4539
2017-06-17 20:20:39 +02:00
Description: "One or more of the specified parts could not be found. The part may not have been uploaded, or the specified entity tag may not match the part's entity tag.",
Reply back CompleteMultipartUploadResult properly with final ETag computed - Now s3 libraries and also objectstorage-go work properly
2015-05-08 07:43:19 +02:00
HTTPStatusCode: http.StatusBadRequest,
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrInvalidPartOrder: {
Implement proper errors for Multipart
2015-05-08 11:02:51 +02:00
Code: "InvalidPartOrder",
Description: "The list of parts was not in ascending order. The parts list must be specified in order by part number.",
HTTPStatusCode: http.StatusBadRequest,
},
Translate storage access denied error to S3 Access Denied response (#3015)
2016-10-21 01:09:55 +02:00
ErrInvalidObjectState: {
Code: "InvalidObjectState",
Description: "The operation is not valid for the current state of the object.",
HTTPStatusCode: http.StatusForbidden,
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrAuthorizationHeaderMalformed: {
Enhance signature handler - throw back valid error messages
2015-09-18 23:48:01 +02:00
Code: "AuthorizationHeaderMalformed",
signature/region: Remove 'milkyway' and use 'us-east-1' as default. Fixes #980
2015-11-23 22:39:57 +01:00
Description: "The authorization header is malformed; the region is wrong; expecting 'us-east-1'.",
Enhance signature handler - throw back valid error messages
2015-09-18 23:48:01 +02:00
HTTPStatusCode: http.StatusBadRequest,
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrMalformedPOSTRequest: {
Implement presigned policy
2015-10-02 08:51:17 +02:00
Code: "MalformedPOSTRequest",
Description: "The body of your POST request is not well-formed multipart/form-data.",
HTTPStatusCode: http.StatusBadRequest,
s3cmd: Handle support for s3cmd.
2015-12-10 00:38:40 +01:00
},
Presigend Post: Error out when File is not found (#3723) Follow S3 behavior when no File is sent in the presigned post request form.
2017-02-09 21:37:32 +01:00
ErrPOSTFileRequired: {
Code: "InvalidArgument",
Description: "POST requires exactly one file upload per request.",
HTTPStatusCode: http.StatusBadRequest,
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrSignatureVersionNotSupported: {
s3cmd: Handle support for s3cmd.
2015-12-10 00:38:40 +01:00
Code: "InvalidRequest",
Description: "The authorization mechanism you have provided is not supported. Please use AWS4-HMAC-SHA256.",
HTTPStatusCode: http.StatusBadRequest,
Implement presigned policy
2015-10-02 08:51:17 +02:00
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrBucketNotEmpty: {
Migrate this project to minio micro services code
2015-10-16 20:26:01 +02:00
Code: "BucketNotEmpty",
s3: Fix compliance bugs reported by s3verify. (#2624) - Fixes couple of error strings reported are mismatching. - Fixes a error HTTP status which was wrong fixed. - Remove usage of an deprecated PostResponse, au contraire to their documentation there is no response body in PostPolicy.
2016-09-06 11:18:02 +02:00
Description: "The bucket you tried to delete is not empty",
Migrate this project to minio micro services code
2015-10-16 20:26:01 +02:00
HTTPStatusCode: http.StatusConflict,
},
Fixes https://github.com/minio/minio/issues/4320 (#4332) - Add description for error ErrBucketAlreadyExists
2017-05-12 02:33:01 +02:00
ErrBucketAlreadyExists: {
Code: "BucketAlreadyExists",
Description: "The requested bucket name is not available. The bucket namespace is shared by all users of the system. Please select a different name and try again.",
HTTPStatusCode: http.StatusConflict,
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrAllAccessDisabled: {
web/rpc: Merge ports with API server. Fixes #1081 and #1130
2016-02-17 03:50:36 +01:00
Code: "AllAccessDisabled",
Description: "All access to this bucket has been disabled.",
HTTPStatusCode: http.StatusForbidden,
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
ErrMalformedPolicy: {
accessPolicy: Implement Put, Get, Delete access policy. This patch implements Get,Put,Delete bucket policies Supporting - http://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html Currently supports following actions. "*": true, "s3:*": true, "s3:GetObject": true, "s3:ListBucket": true, "s3:PutObject": true, "s3:CreateBucket": true, "s3:GetBucketLocation": true, "s3:DeleteBucket": true, "s3:DeleteObject": true, "s3:AbortMultipartUpload": true, "s3:ListBucketMultipartUploads": true, "s3:ListMultipartUploadParts": true, following conditions for "StringEquals" and "StringNotEquals" "s3:prefix", "s3:max-keys"
2016-02-04 01:46:56 +01:00
Code: "MalformedPolicy",
error: Signature errors should be returned with APIErrorCode. The reasoning is that we can reply back with wide range of S3 error responses, which would provide more richer context to S3 client. Fixes #1267
2016-03-31 05:04:51 +02:00
Description: "Policy has invalid resource.",
HTTPStatusCode: http.StatusBadRequest,
},
ErrMissingFields: {
Code: "MissingFields",
Description: "Missing fields in request.",
HTTPStatusCode: http.StatusBadRequest,
},
ErrMissingCredTag: {
Code: "InvalidRequest",
Description: "Missing Credential field for this request.",
HTTPStatusCode: http.StatusBadRequest,
},
ErrCredMalformed: {
presignV4: fix errors response and tests. (#2375) - Fix error response when one of the query params in the presign URL is missing. - Exhasutive test coverage for presignv4.
2016-08-09 18:13:15 +02:00
Code: "AuthorizationQueryParametersError",
Description: "Error parsing the X-Amz-Credential parameter; the Credential is mal-formed; expecting \"<YOUR-AKID>/YYYYMMDD/REGION/SERVICE/aws4_request\".",
error: Signature errors should be returned with APIErrorCode. The reasoning is that we can reply back with wide range of S3 error responses, which would provide more richer context to S3 client. Fixes #1267
2016-03-31 05:04:51 +02:00
HTTPStatusCode: http.StatusBadRequest,
},
ErrMalformedDate: {
Code: "MalformedDate",
Description: "Invalid date format header, expected to be in ISO8601, RFC1123 or RFC1123Z time format.",
HTTPStatusCode: http.StatusBadRequest,
},
presignV4: fix errors response and tests. (#2375) - Fix error response when one of the query params in the presign URL is missing. - Exhasutive test coverage for presignv4.
2016-08-09 18:13:15 +02:00
ErrMalformedPresignedDate: {
Code: "AuthorizationQueryParametersError",
Description: "X-Amz-Date must be in the ISO8601 Long Format \"yyyyMMdd'T'HHmmss'Z'\"",
HTTPStatusCode: http.StatusBadRequest,
},
// FIXME: Should contain the invalid param set as seen in https://github.com/minio/minio/issues/2385.
// right Description: "Error parsing the X-Amz-Credential parameter; incorrect date format \"%s\". This date in the credential must be in the format \"yyyyMMdd\".",
// Need changes to make sure variable messages can be constructed.
ErrMalformedCredentialDate: {
Code: "AuthorizationQueryParametersError",
Description: "Error parsing the X-Amz-Credential parameter; incorrect date format \"%s\". This date in the credential must be in the format \"yyyyMMdd\".",
HTTPStatusCode: http.StatusBadRequest,
},
// FIXME: Should contain the invalid param set as seen in https://github.com/minio/minio/issues/2385.
// right Description: "Error parsing the X-Amz-Credential parameter; the region 'us-east-' is wrong; expecting 'us-east-1'".
// Need changes to make sure variable messages can be constructed.
ErrMalformedCredentialRegion: {
Code: "AuthorizationQueryParametersError",
Description: "Error parsing the X-Amz-Credential parameter; the region is wrong;",
HTTPStatusCode: http.StatusBadRequest,
},
error: Signature errors should be returned with APIErrorCode. The reasoning is that we can reply back with wide range of S3 error responses, which would provide more richer context to S3 client. Fixes #1267
2016-03-31 05:04:51 +02:00
ErrInvalidRegion: {
Code: "InvalidRegion",
Description: "Region does not match.",
HTTPStatusCode: http.StatusBadRequest,
},
presignV4: fix errors response and tests. (#2375) - Fix error response when one of the query params in the presign URL is missing. - Exhasutive test coverage for presignv4.
2016-08-09 18:13:15 +02:00
// FIXME: Should contain the invalid param set as seen in https://github.com/minio/minio/issues/2385.
// right Description: "Error parsing the X-Amz-Credential parameter; incorrect service \"s4\". This endpoint belongs to \"s3\".".
// Need changes to make sure variable messages can be constructed.
error: Signature errors should be returned with APIErrorCode. The reasoning is that we can reply back with wide range of S3 error responses, which would provide more richer context to S3 client. Fixes #1267
2016-03-31 05:04:51 +02:00
ErrInvalidService: {
presignV4: fix errors response and tests. (#2375) - Fix error response when one of the query params in the presign URL is missing. - Exhasutive test coverage for presignv4.
2016-08-09 18:13:15 +02:00
Code: "AuthorizationQueryParametersError",
Description: "Error parsing the X-Amz-Credential parameter; incorrect service. This endpoint belongs to \"s3\".",
error: Signature errors should be returned with APIErrorCode. The reasoning is that we can reply back with wide range of S3 error responses, which would provide more richer context to S3 client. Fixes #1267
2016-03-31 05:04:51 +02:00
HTTPStatusCode: http.StatusBadRequest,
},
presignV4: fix errors response and tests. (#2375) - Fix error response when one of the query params in the presign URL is missing. - Exhasutive test coverage for presignv4.
2016-08-09 18:13:15 +02:00
// FIXME: Should contain the invalid param set as seen in https://github.com/minio/minio/issues/2385.
// Description: "Error parsing the X-Amz-Credential parameter; incorrect terminal "aws4_reque". This endpoint uses "aws4_request".
// Need changes to make sure variable messages can be constructed.
error: Signature errors should be returned with APIErrorCode. The reasoning is that we can reply back with wide range of S3 error responses, which would provide more richer context to S3 client. Fixes #1267
2016-03-31 05:04:51 +02:00
ErrInvalidRequestVersion: {
presignV4: fix errors response and tests. (#2375) - Fix error response when one of the query params in the presign URL is missing. - Exhasutive test coverage for presignv4.
2016-08-09 18:13:15 +02:00
Code: "AuthorizationQueryParametersError",
Description: "Error parsing the X-Amz-Credential parameter; incorrect terminal. This endpoint uses \"aws4_request\".",
error: Signature errors should be returned with APIErrorCode. The reasoning is that we can reply back with wide range of S3 error responses, which would provide more richer context to S3 client. Fixes #1267
2016-03-31 05:04:51 +02:00
HTTPStatusCode: http.StatusBadRequest,
},
ErrMissingSignTag: {
Code: "AccessDenied",
Description: "Signature header missing Signature field.",
HTTPStatusCode: http.StatusBadRequest,
},
ErrMissingSignHeadersTag: {
Code: "InvalidArgument",
Description: "Signature header missing SignedHeaders field.",
HTTPStatusCode: http.StatusBadRequest,
},
ErrPolicyAlreadyExpired: {
Code: "AccessDenied",
Description: "Invalid according to Policy: Policy expired.",
HTTPStatusCode: http.StatusBadRequest,
},
ErrMalformedExpires: {
presignV4: fix errors response and tests. (#2375) - Fix error response when one of the query params in the presign URL is missing. - Exhasutive test coverage for presignv4.
2016-08-09 18:13:15 +02:00
Code: "AuthorizationQueryParametersError",
Description: "X-Amz-Expires should be a number",
HTTPStatusCode: http.StatusBadRequest,
},
ErrNegativeExpires: {
Code: "AuthorizationQueryParametersError",
Description: "X-Amz-Expires must be non-negative",
error: Signature errors should be returned with APIErrorCode. The reasoning is that we can reply back with wide range of S3 error responses, which would provide more richer context to S3 client. Fixes #1267
2016-03-31 05:04:51 +02:00
HTTPStatusCode: http.StatusBadRequest,
},
ErrAuthHeaderEmpty: {
Code: "InvalidArgument",
Description: "Authorization header is invalid -- one and only one ' ' (space) required.",
HTTPStatusCode: http.StatusBadRequest,
},
ErrMissingDateHeader: {
Code: "AccessDenied",
Description: "AWS authentication requires a valid Date or x-amz-date header",
HTTPStatusCode: http.StatusBadRequest,
},
ErrInvalidQuerySignatureAlgo: {
Code: "AuthorizationQueryParametersError",
Description: "X-Amz-Algorithm only supports \"AWS4-HMAC-SHA256\".",
HTTPStatusCode: http.StatusBadRequest,
},
ErrExpiredPresignRequest: {
Code: "AccessDenied",
presignV4: fix errors response and tests. (#2375) - Fix error response when one of the query params in the presign URL is missing. - Exhasutive test coverage for presignv4.
2016-08-09 18:13:15 +02:00
Description: "Request has expired",
s3: Fix compliance bugs reported by s3verify. (#2624) - Fixes couple of error strings reported are mismatching. - Fixes a error HTTP status which was wrong fixed. - Remove usage of an deprecated PostResponse, au contraire to their documentation there is no response body in PostPolicy.
2016-09-06 11:18:02 +02:00
HTTPStatusCode: http.StatusForbidden,
presignV4: fix errors response and tests. (#2375) - Fix error response when one of the query params in the presign URL is missing. - Exhasutive test coverage for presignv4.
2016-08-09 18:13:15 +02:00
},
Add Request Not Ready error when presigned date request is not valid (#2646)
2016-09-10 09:38:07 +02:00
ErrRequestNotReadyYet: {
Code: "AccessDenied",
Description: "Request is not valid yet",
HTTPStatusCode: http.StatusForbidden,
},
Limit number of connections upto system maxlimit (#5109)
2017-12-20 09:00:14 +01:00
ErrSlowDown: {
Code: "SlowDown",
Description: "Please reduce your request",
HTTPStatusCode: http.StatusServiceUnavailable,
},
fix: listobjects return empty response for invalid prefix/marker (#5425) Currently minio server returns a NotImplemented error when marker is not common with prefix. Instead, return an empty ListObjectsResponse
2018-01-18 23:39:39 +01:00
ErrInvalidPrefixMarker: {
Code: "InvalidPrefixMarker",
Description: "Invalid marker prefix combination",
HTTPStatusCode: http.StatusBadRequest,
},
rpc: client login should ignore server versions.
2016-08-21 08:10:08 +02:00
// FIXME: Actual XML error response also contains the header which missed in list of signed header parameters.
presignV4: fix errors response and tests. (#2375) - Fix error response when one of the query params in the presign URL is missing. - Exhasutive test coverage for presignv4.
2016-08-09 18:13:15 +02:00
ErrUnsignedHeaders: {
Code: "AccessDenied",
Description: "There were headers present in the request which were not signed",
error: Signature errors should be returned with APIErrorCode. The reasoning is that we can reply back with wide range of S3 error responses, which would provide more richer context to S3 client. Fixes #1267
2016-03-31 05:04:51 +02:00
HTTPStatusCode: http.StatusBadRequest,
},
ErrInvalidQueryParams: {
Code: "AuthorizationQueryParametersError",
Description: "Query-string authentication version 4 requires the X-Amz-Algorithm, X-Amz-Credential, X-Amz-Signature, X-Amz-Date, X-Amz-SignedHeaders, and X-Amz-Expires parameters.",
accessPolicy: Implement Put, Get, Delete access policy. This patch implements Get,Put,Delete bucket policies Supporting - http://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html Currently supports following actions. "*": true, "s3:*": true, "s3:GetObject": true, "s3:ListBucket": true, "s3:PutObject": true, "s3:CreateBucket": true, "s3:GetBucketLocation": true, "s3:DeleteBucket": true, "s3:DeleteObject": true, "s3:AbortMultipartUpload": true, "s3:ListBucketMultipartUploads": true, "s3:ListMultipartUploadParts": true, following conditions for "StringEquals" and "StringNotEquals" "s3:prefix", "s3:max-keys"
2016-02-04 01:46:56 +01:00
HTTPStatusCode: http.StatusBadRequest,
},
minio: Replace 'bucket already exists' error by 'bucket already owned by you'. (#1465) S3 API returns BucketAlreadyExists error when some another user has such bucket. If user that creates the bucket already has it, s3 returns BucketAlreadyOwnedByYou. As minio has only one user, it should behave accordingly. Otherwise it causes failures in the applications that ignore creation of already existing bucket in the account, but fail when bucket name is used by someone else.
2016-05-03 12:19:04 +02:00
ErrBucketAlreadyOwnedByYou: {
Code: "BucketAlreadyOwnedByYou",
Description: "Your previous request to create the named bucket succeeded and you already own it.",
HTTPStatusCode: http.StatusConflict,
},
Implement list, clear locks REST API w/ pkg/madmin support (#3491) * Filter lock info based on bucket, prefix and time since lock was held * Implement list and clear locks REST API * madmin: Add list and clear locks API * locks: Clear locks matching bucket, prefix, relTime. * Gather lock information across nodes for both list and clear locks admin REST API. * docs: Add lock API to management APIs
2017-01-04 08:39:22 +01:00
ErrInvalidDuration: {
Code: "InvalidDuration",
Change query param name to duration in list/clear locks API (#3664) Following is a sample list lock API request schematic, /?lock&bucket=mybucket&prefix=myprefix&duration=holdDuration x-minio-operation: list The response would contain the list of locks held on mybucket matching myprefix for a duration longer than holdDuration.
2017-02-01 20:17:30 +01:00
Description: "Duration provided in the request is invalid.",
Implement list, clear locks REST API w/ pkg/madmin support (#3491) * Filter lock info based on bucket, prefix and time since lock was held * Implement list and clear locks REST API * madmin: Add list and clear locks API * locks: Clear locks matching bucket, prefix, relTime. * Gather lock information across nodes for both list and clear locks admin REST API. * docs: Add lock API to management APIs
2017-01-04 08:39:22 +01:00
HTTPStatusCode: http.StatusBadRequest,
},
handler/PUT: Handle signature verification through a custom reader. (#2066) Change brings in a new signVerifyReader which provides a io.Reader compatible reader, additionally implements Verify() function. Verify() function validates the signature present in the incoming request. This approach is choosen to avoid complexities involved in using io.Pipe(). Thanks to Krishna for his inputs on this. Fixes #2058 Fixes #2054 Fixes #2087
2016-07-05 10:04:50 +02:00
api: Implement bucket notification. (#2271) * Implement basic S3 notifications through queues Supports multiple queues and three basic queue types: 1. NilQueue -- messages don't get sent anywhere 2. LogQueue -- messages get logged 3. AmqpQueue -- messages are sent to an AMQP queue * api: Implement bucket notification. Supports two different queue types - AMQP - ElasticSearch. * Add support for redis
2016-07-24 07:51:12 +02:00
/// Bucket notification related errors.
ErrEventNotification: {
Code: "InvalidArgument",
Description: "A specified event is not supported for notifications.",
HTTPStatusCode: http.StatusBadRequest,
},
ErrARNNotification: {
Code: "InvalidArgument",
Description: "A specified destination ARN does not exist or is not well-formed. Verify the destination ARN.",
HTTPStatusCode: http.StatusBadRequest,
},
ErrRegionNotification: {
Code: "InvalidArgument",
Description: "A specified destination is in a different region than the bucket. You must use a destination that resides in the same region as the bucket.",
HTTPStatusCode: http.StatusBadRequest,
},
ErrOverlappingFilterNotification: {
Code: "InvalidArgument",
Description: "An object key name filtering rule defined with overlapping prefixes, overlapping suffixes, or overlapping combinations of prefixes and suffixes for the same event types.",
HTTPStatusCode: http.StatusBadRequest,
},
api: Bucket notification add filter rules check and validate. (#2272) These filtering techniques are used to validate object names for their prefix and suffix.
2016-07-26 02:53:55 +02:00
ErrFilterNameInvalid: {
Code: "InvalidArgument",
Description: "filter rule name must be either prefix or suffix",
HTTPStatusCode: http.StatusBadRequest,
},
ErrFilterNamePrefix: {
Code: "InvalidArgument",
Description: "Cannot specify more than one prefix rule in a filter.",
HTTPStatusCode: http.StatusBadRequest,
},
ErrFilterNameSuffix: {
Code: "InvalidArgument",
Description: "Cannot specify more than one suffix rule in a filter.",
HTTPStatusCode: http.StatusBadRequest,
},
Allow asterisk character in key names (#2487)
2016-08-18 21:00:01 +02:00
ErrFilterValueInvalid: {
api: Bucket notification add filter rules check and validate. (#2272) These filtering techniques are used to validate object names for their prefix and suffix.
2016-07-26 02:53:55 +02:00
Code: "InvalidArgument",
Allow asterisk character in key names (#2487)
2016-08-18 21:00:01 +02:00
Description: "Size of filter rule value cannot exceed 1024 bytes in UTF-8 representation",
api: Bucket notification add filter rules check and validate. (#2272) These filtering techniques are used to validate object names for their prefix and suffix.
2016-07-26 02:53:55 +02:00
HTTPStatusCode: http.StatusBadRequest,
},
api: BucketNotification should disallow duplicate notification. (#2539) Added checks to look for duplicated notification configs. Fixes #2472
2016-08-24 03:42:30 +02:00
ErrOverlappingConfigs: {
Code: "InvalidArgument",
Description: "Configurations overlap. Configurations on the same bucket cannot share a common event type.",
HTTPStatusCode: http.StatusBadRequest,
},
Fix validation in PutBucketNotification handler (#4841) Fixes #4813 If a TopicConfiguration element or CloudFunction element is found in configuration submitted to PutBucketNotification API, an BadRequest error is returned.
2017-08-24 00:58:02 +02:00
ErrUnsupportedNotification: {
Code: "UnsupportedNotification",
Description: "Minio server does not support Topic or Cloud Function based notifications.",
HTTPStatusCode: http.StatusBadRequest,
},
api: CopyObjectPart was copying wrong offsets due to shadowing. (#3838) startOffset was re-assigned to '0' so it would end up copying wrong content ignoring the requested startOffset. This also fixes the corruption issue we observed while using docker registry. Fixes https://github.com/docker/distribution/issues/2205 Also fixes #3842 - incorrect routing.
2017-03-04 01:32:04 +01:00
ErrInvalidCopyPartRange: {
Code: "InvalidArgument",
Description: "The x-amz-copy-source-range value must be of the form bytes=first-last where first and last are the zero-based offsets of the first and last bytes to copy",
HTTPStatusCode: http.StatusBadRequest,
},
ErrInvalidCopyPartRangeSource: {
Code: "InvalidArgument",
Description: "Range specified is not valid for source object",
HTTPStatusCode: http.StatusBadRequest,
},
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-08 00:18:59 +01:00
ErrMetadataTooLarge: {
Code: "InvalidArgument",
Description: "Your metadata headers exceed the maximum allowed metadata size.",
HTTPStatusCode: http.StatusBadRequest,
},
ErrInsecureSSECustomerRequest: {
Code: "InvalidRequest",
return AWS S3 compatible error for invalid but equal keys during key rotation (#5783) This change let the server return the S3 error for a key rotation if the source key is not valid but equal to the destination key. This change also fixes the SSE-C error messages since AWS returns error messages ending with a '.'. Fixes #5625
2018-04-06 23:15:23 +02:00
Description: "Requests specifying Server Side Encryption with Customer provided keys must be made over a secure connection.",
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-08 00:18:59 +01:00
HTTPStatusCode: http.StatusBadRequest,
},
Add multipart support in SSE-C encryption (#5576) *) Add Put/Get support of multipart in encryption *) Add GET Range support for encryption *) Add CopyPart encrypted support *) Support decrypting of large single PUT object
2018-03-01 20:37:57 +01:00
ErrSSEMultipartEncrypted: {
Code: "InvalidRequest",
Description: "The multipart upload initiate requested encryption. Subsequent part requests must include the appropriate encryption parameters.",
HTTPStatusCode: http.StatusBadRequest,
},
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-08 00:18:59 +01:00
ErrSSEEncryptedObject: {
Code: "InvalidRequest",
return AWS S3 compatible error for invalid but equal keys during key rotation (#5783) This change let the server return the S3 error for a key rotation if the source key is not valid but equal to the destination key. This change also fixes the SSE-C error messages since AWS returns error messages ending with a '.'. Fixes #5625
2018-04-06 23:15:23 +02:00
Description: "The object was stored using a form of Server Side Encryption. The correct parameters must be provided to retrieve the object.",
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-08 00:18:59 +01:00
HTTPStatusCode: http.StatusBadRequest,
},
ErrInvalidEncryptionParameters: {
Code: "InvalidRequest",
Description: "The encryption parameters are not applicable to this object.",
HTTPStatusCode: http.StatusBadRequest,
},
ErrInvalidSSECustomerAlgorithm: {
Code: "InvalidArgument",
return AWS S3 compatible error for invalid but equal keys during key rotation (#5783) This change let the server return the S3 error for a key rotation if the source key is not valid but equal to the destination key. This change also fixes the SSE-C error messages since AWS returns error messages ending with a '.'. Fixes #5625
2018-04-06 23:15:23 +02:00
Description: "Requests specifying Server Side Encryption with Customer provided keys must provide a valid encryption algorithm.",
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-08 00:18:59 +01:00
HTTPStatusCode: http.StatusBadRequest,
},
ErrInvalidSSECustomerKey: {
Code: "InvalidArgument",
return AWS S3 compatible error for invalid but equal keys during key rotation (#5783) This change let the server return the S3 error for a key rotation if the source key is not valid but equal to the destination key. This change also fixes the SSE-C error messages since AWS returns error messages ending with a '.'. Fixes #5625
2018-04-06 23:15:23 +02:00
Description: "The secret key was invalid for the specified algorithm.",
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-08 00:18:59 +01:00
HTTPStatusCode: http.StatusBadRequest,
},
ErrMissingSSECustomerKey: {
Code: "InvalidArgument",
return AWS S3 compatible error for invalid but equal keys during key rotation (#5783) This change let the server return the S3 error for a key rotation if the source key is not valid but equal to the destination key. This change also fixes the SSE-C error messages since AWS returns error messages ending with a '.'. Fixes #5625
2018-04-06 23:15:23 +02:00
Description: "Requests specifying Server Side Encryption with Customer provided keys must provide an appropriate secret key.",
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-08 00:18:59 +01:00
HTTPStatusCode: http.StatusBadRequest,
},
ErrMissingSSECustomerKeyMD5: {
Code: "InvalidArgument",
return AWS S3 compatible error for invalid but equal keys during key rotation (#5783) This change let the server return the S3 error for a key rotation if the source key is not valid but equal to the destination key. This change also fixes the SSE-C error messages since AWS returns error messages ending with a '.'. Fixes #5625
2018-04-06 23:15:23 +02:00
Description: "Requests specifying Server Side Encryption with Customer provided keys must provide the client calculated MD5 of the secret key.",
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-08 00:18:59 +01:00
HTTPStatusCode: http.StatusBadRequest,
},
ErrSSECustomerKeyMD5Mismatch: {
Code: "InvalidArgument",
return AWS S3 compatible error for invalid but equal keys during key rotation (#5783) This change let the server return the S3 error for a key rotation if the source key is not valid but equal to the destination key. This change also fixes the SSE-C error messages since AWS returns error messages ending with a '.'. Fixes #5625
2018-04-06 23:15:23 +02:00
Description: "The calculated MD5 hash of the key did not match the hash that was provided.",
HTTPStatusCode: http.StatusBadRequest,
},
ErrInvalidSSECustomerParameters: {
Code: "InvalidArgument",
Description: "The provided encryption parameters did not match the ones used originally.",
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-08 00:18:59 +01:00
HTTPStatusCode: http.StatusBadRequest,
},
api: Implement bucket notification. (#2271) * Implement basic S3 notifications through queues Supports multiple queues and three basic queue types: 1. NilQueue -- messages don't get sent anywhere 2. LogQueue -- messages get logged 3. AmqpQueue -- messages are sent to an AMQP queue * api: Implement bucket notification. Supports two different queue types - AMQP - ElasticSearch. * Add support for redis
2016-07-24 07:51:12 +02:00
handler/PUT: Handle signature verification through a custom reader. (#2066) Change brings in a new signVerifyReader which provides a io.Reader compatible reader, additionally implements Verify() function. Verify() function validates the signature present in the incoming request. This approach is choosen to avoid complexities involved in using io.Pipe(). Thanks to Krishna for his inputs on this. Fixes #2058 Fixes #2054 Fixes #2087
2016-07-05 10:04:50 +02:00
/// S3 extensions.
ErrContentSHA256Mismatch: {
Code: "XAmzContentSHA256Mismatch",
Description: "The provided 'x-amz-content-sha256' header does not match what was computed.",
HTTPStatusCode: http.StatusBadRequest,
},
api: Extend S3 errors with Minio errors. (#1533) Fixes #1530
2016-05-08 21:36:16 +02:00
/// Minio extensions.
ErrStorageFull: {
Code: "XMinioStorageFull",
fix: Trivial typo in error message (#4878)
2017-09-03 22:53:03 +02:00
Description: "Storage backend has reached its minimum free disk threshold. Please delete a few objects to proceed.",
use appropriate HTTP status for storage is full (#6117)
2018-07-03 18:40:14 +02:00
HTTPStatusCode: http.StatusInsufficientStorage,
api: Extend S3 errors with Minio errors. (#1533) Fixes #1530
2016-05-08 21:36:16 +02:00
},
Move admin APIs to new path and add redesigned heal APIs (#5351) - Changes related to moving admin APIs - admin APIs now have an endpoint under /minio/admin - admin APIs are now versioned - a new API to server the version is added at "GET /minio/admin/version" and all API operations have the path prefix /minio/admin/v1/<operation> - new service stop API added - credentials change API is moved to /minio/admin/v1/config/credential - credentials change API and configuration get/set API now require TLS so that credentials are protected - all API requests now receive JSON - heal APIs are disabled as they will be changed substantially - Heal API changes Heal API is now provided at a single endpoint with the ability for a client to start a heal sequence on all the data in the server, a single bucket, or under a prefix within a bucket. When a heal sequence is started, the server returns a unique token that needs to be used for subsequent 'status' requests to fetch heal results. On each status request from the client, the server returns heal result records that it has accumulated since the previous status request. The server accumulates upto 1000 records and pauses healing further objects until the client requests for status. If the client does not request any further records for a long time, the server aborts the heal sequence automatically. A heal result record is returned for each entity healed on the server, such as system metadata, object metadata, buckets and objects, and has information about the before and after states on each disk. A client may request to force restart a heal sequence - this causes the running heal sequence to be aborted at the next safe spot and starts a new heal sequence.
2018-01-22 23:54:55 +01:00
ErrRequestBodyParse: {
Code: "XMinioRequestBodyParse",
Description: "The request body failed to parse.",
HTTPStatusCode: http.StatusBadRequest,
},
api: Extend S3 errors with Minio errors. (#1533) Fixes #1530
2016-05-08 21:36:16 +02:00
ErrObjectExistsAsDirectory: {
Code: "XMinioObjectExistsAsDirectory",
Description: "Object name already exists as a directory.",
HTTPStatusCode: http.StatusConflict,
},
ErrReadQuorum: {
Code: "XMinioReadQuorum",
Description: "Multiple disk failures, unable to reconstruct data.",
HTTPStatusCode: http.StatusServiceUnavailable,
},
ErrWriteQuorum: {
Code: "XMinioWriteQuorum",
Description: "Multiple disks failures, unable to write data.",
HTTPStatusCode: http.StatusServiceUnavailable,
},
api: Add new bucket policy nesting error (#1883) * Added ErrPolicyNesting which is returned when nesting of policies has occured * Replaces ErrMalformedPolicy in the case of nesting * Changed test case in bucket-policy-parser_test.go (ErrMalformedPolicy -> ErrPolicyNesting)
2016-06-09 10:53:56 +02:00
ErrPolicyNesting: {
Code: "XMinioPolicyNesting",
Vendorize with bug fixes from minio browser. (#3341) This patch brings in changes from miniobrowser repo. - Bucket policy UI and functionality fixes by @krishnasrinivas - Bucket policy implementation by @balamurugana - UI changes and new functionality changing password etc. @rushenn - UI and new functionality for sharing URLs, deleting files @rushenn and @krishnasrinivas. - Other misc fixes by @vadmeste @brendanashworth
2016-11-24 02:31:11 +01:00
Description: "New bucket policy conflicts with an existing policy. Please try again with new prefix.",
api: Add new bucket policy nesting error (#1883) * Added ErrPolicyNesting which is returned when nesting of policies has occured * Replaces ErrMalformedPolicy in the case of nesting * Changed test case in bucket-policy-parser_test.go (ErrMalformedPolicy -> ErrPolicyNesting)
2016-06-09 10:53:56 +02:00
HTTPStatusCode: http.StatusConflict,
},
Added specific error for InvalidObjectName (#2157)
2016-07-10 02:11:08 +02:00
ErrInvalidObjectName: {
Code: "XMinioInvalidObjectName",
server: Validate path for bad components in a handler. (#4170)
2017-04-25 03:13:46 +02:00
Description: "Object name contains unsupported characters.",
HTTPStatusCode: http.StatusBadRequest,
},
ErrInvalidResourceName: {
Code: "XMinioInvalidResourceName",
Description: "Resource name contains bad components such as \"..\" or \".\".",
Added specific error for InvalidObjectName (#2157)
2016-07-10 02:11:08 +02:00
HTTPStatusCode: http.StatusBadRequest,
},
Move the ObjectAPI() resource to be beginning of each handlers. We should return back proper errors so that the clients can retry until server has been initialized.
2016-08-11 03:47:49 +02:00
ErrServerNotInitialized: {
Code: "XMinioServerNotInitialized",
Description: "Server not initialized, please try again.",
HTTPStatusCode: http.StatusServiceUnavailable,
},
Move admin APIs to new path and add redesigned heal APIs (#5351) - Changes related to moving admin APIs - admin APIs now have an endpoint under /minio/admin - admin APIs are now versioned - a new API to server the version is added at "GET /minio/admin/version" and all API operations have the path prefix /minio/admin/v1/<operation> - new service stop API added - credentials change API is moved to /minio/admin/v1/config/credential - credentials change API and configuration get/set API now require TLS so that credentials are protected - all API requests now receive JSON - heal APIs are disabled as they will be changed substantially - Heal API changes Heal API is now provided at a single endpoint with the ability for a client to start a heal sequence on all the data in the server, a single bucket, or under a prefix within a bucket. When a heal sequence is started, the server returns a unique token that needs to be used for subsequent 'status' requests to fetch heal results. On each status request from the client, the server returns heal result records that it has accumulated since the previous status request. The server accumulates upto 1000 records and pauses healing further objects until the client requests for status. If the client does not request any further records for a long time, the server aborts the heal sequence automatically. A heal result record is returned for each entity healed on the server, such as system metadata, object metadata, buckets and objects, and has information about the before and after states on each disk. A client may request to force restart a heal sequence - this causes the running heal sequence to be aborted at the next safe spot and starts a new heal sequence.
2018-01-22 23:54:55 +01:00
ErrMalformedJSON: {
Code: "XMinioMalformedJSON",
Description: "The JSON you provided was not well-formed or did not validate against our published format.",
HTTPStatusCode: http.StatusBadRequest,
},
admin: Add service Set Credentials API (#3580)
2017-01-17 23:25:59 +01:00
ErrAdminInvalidAccessKey: {
Code: "XMinioAdminInvalidAccessKey",
Description: "The access key is invalid.",
HTTPStatusCode: http.StatusBadRequest,
},
ErrAdminInvalidSecretKey: {
Code: "XMinioAdminInvalidSecretKey",
Description: "The secret key is invalid.",
HTTPStatusCode: http.StatusBadRequest,
},
Implement SetConfig admin API handler. (#3792)
2017-02-27 20:40:27 +01:00
ErrAdminConfigNoQuorum: {
Code: "XMinioAdminConfigNoQuorum",
Description: "Configuration update failed because server quorum was not met",
HTTPStatusCode: http.StatusServiceUnavailable,
},
Fix config set handler (#5384) - Return error when the config JSON has duplicate keys (fixes #5286) - Limit size of configuration file provided to 256KiB - this prevents another form of DoS
2018-01-11 08:06:36 +01:00
ErrAdminConfigTooLarge: {
Code: "XMinioAdminConfigTooLarge",
Description: fmt.Sprintf("Configuration data provided exceeds the allowed maximum of %d bytes",
maxConfigJSONSize),
HTTPStatusCode: http.StatusBadRequest,
},
ErrAdminConfigBadJSON: {
Code: "XMinioAdminConfigBadJSON",
Description: "JSON configuration provided has objects with duplicate keys",
HTTPStatusCode: http.StatusBadRequest,
},
Admin: Raise error if config and env credentials mismatch (#4870)
2017-09-07 20:16:13 +02:00
ErrAdminCredentialsMismatch: {
Code: "XMinioAdminCredentialsMismatch",
Description: "Credentials in config mismatch with server environment variables",
HTTPStatusCode: http.StatusServiceUnavailable,
},
Disable redirect of HTTP request to a HTTPS Minio server (#4454) Fixes #4452
2017-06-01 05:33:13 +02:00
ErrInsecureClientRequest: {
Code: "XMinioInsecureClientRequest",
Description: "Cannot respond to plain-text request from TLS-encrypted server",
HTTPStatusCode: http.StatusBadRequest,
},
Add support for timeouts for locks (#4377)
2017-08-31 20:29:22 +02:00
ErrOperationTimedOut: {
Code: "XMinioServerTimedOut",
Description: "A timeout occurred while trying to lock a resource",
HTTPStatusCode: http.StatusRequestTimeout,
},
azure: handle encryption headers and azure InvalidMetadata error (#4893) Previously minio gateway returns invalid bucket name error for invalid meta data. This is fixed by returning BadRequest with 'Unsupported metadata' in response. Fixes #4891
2017-09-13 01:14:41 +02:00
ErrUnsupportedMetadata: {
Code: "InvalidArgument",
Description: "Your metadata headers are not supported.",
HTTPStatusCode: http.StatusBadRequest,
},
fs: All parts except the last part should be of the same size (#5045) fixes #4881
2017-10-17 21:01:28 +02:00
ErrPartsSizeUnequal: {
Code: "XMinioPartsSizeUnequal",
Description: "All parts except the last part should be of the same size.",
HTTPStatusCode: http.StatusBadRequest,
},
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-08 00:18:59 +01:00
ErrObjectTampered: {
Code: "XMinioObjectTampered",
Description: errObjectTampered.Error(),
HTTPStatusCode: http.StatusPartialContent,
},
Check for value > 7 days in X-Amz-Expires header. (#5163) Add a check to see if the X-Amz-Expires header in the presigned URL is less than 7 days. Fixes #5162
2017-11-13 21:54:03 +01:00
ErrMaximumExpires: {
Code: "AuthorizationQueryParametersError",
Description: "X-Amz-Expires must be less than a week (in seconds); that is, the given X-Amz-Expires must be less than 604800 seconds",
HTTPStatusCode: http.StatusBadRequest,
},
Virtual host style S3 requests (#5095)
2017-11-15 01:56:24 +01:00
// Generic Invalid-Request error. Should be used for response errors only for unlikely
Create logger package and rename errorIf to LogIf (#5678) Removing message from error logging Replace errors.Trace with LogIf
2018-04-06 00:04:40 +02:00
// corner case errors for which introducing new APIErrorCode is not worth it. LogIf()
Virtual host style S3 requests (#5095)
2017-11-15 01:56:24 +01:00
// should be used to log the error at the source of the error for debugging purposes.
ErrInvalidRequest: {
Code: "InvalidRequest",
Description: "Invalid Request",
HTTPStatusCode: http.StatusBadRequest,
},
Move admin APIs to new path and add redesigned heal APIs (#5351) - Changes related to moving admin APIs - admin APIs now have an endpoint under /minio/admin - admin APIs are now versioned - a new API to server the version is added at "GET /minio/admin/version" and all API operations have the path prefix /minio/admin/v1/<operation> - new service stop API added - credentials change API is moved to /minio/admin/v1/config/credential - credentials change API and configuration get/set API now require TLS so that credentials are protected - all API requests now receive JSON - heal APIs are disabled as they will be changed substantially - Heal API changes Heal API is now provided at a single endpoint with the ability for a client to start a heal sequence on all the data in the server, a single bucket, or under a prefix within a bucket. When a heal sequence is started, the server returns a unique token that needs to be used for subsequent 'status' requests to fetch heal results. On each status request from the client, the server returns heal result records that it has accumulated since the previous status request. The server accumulates upto 1000 records and pauses healing further objects until the client requests for status. If the client does not request any further records for a long time, the server aborts the heal sequence automatically. A heal result record is returned for each entity healed on the server, such as system metadata, object metadata, buckets and objects, and has information about the before and after states on each disk. A client may request to force restart a heal sequence - this causes the running heal sequence to be aborted at the next safe spot and starts a new heal sequence.
2018-01-22 23:54:55 +01:00
ErrHealNotImplemented: {
Code: "XMinioHealNotImplemented",
Description: "This server does not implement heal functionality.",
HTTPStatusCode: http.StatusBadRequest,
},
ErrHealNoSuchProcess: {
Code: "XMinioHealNoSuchProcess",
Description: "No such heal process is running on the server",
HTTPStatusCode: http.StatusBadRequest,
},
ErrHealInvalidClientToken: {
Code: "XMinioHealInvalidClientToken",
Description: "Client token mismatch",
HTTPStatusCode: http.StatusBadRequest,
},
ErrHealMissingBucket: {
Code: "XMinioHealMissingBucket",
Description: "A heal start request with a non-empty object-prefix parameter requires a bucket to be specified.",
HTTPStatusCode: http.StatusBadRequest,
},
ErrHealAlreadyRunning: {
Code: "XMinioHealAlreadyRunning",
Description: "",
HTTPStatusCode: http.StatusBadRequest,
},
ErrHealOverlappingPaths: {
Code: "XMinioHealOverlappingPaths",
Description: "",
HTTPStatusCode: http.StatusBadRequest,
},
Add disk based edge caching support. (#5182) This PR adds disk based edge caching support for minio server. Cache settings can be configured in config.json to take list of disk drives, cache expiry in days and file patterns to exclude from cache or via environment variables MINIO_CACHE_DRIVES, MINIO_CACHE_EXCLUDE and MINIO_CACHE_EXPIRY Design assumes that Atime support is enabled and the list of cache drives is fixed. - Objects are cached on both GET and PUT/POST operations. - Expiry is used as hint to evict older entries from cache, or if 80% of cache capacity is filled. - When object storage backend is down, GET, LIST and HEAD operations fetch object seamlessly from cache. Current Limitations - Bucket policies are not cached, so anonymous operations are not supported in offline mode. - Objects are distributed using deterministic hashing among list of cache drives specified.If one or more drives go offline, or cache drive configuration is altered - performance could degrade to linear lookup. Fixes #4026
2018-03-28 23:14:06 +02:00
ErrBackendDown: {
Code: "XMinioBackendDown",
Description: "Object storage backend is unreachable",
HTTPStatusCode: http.StatusServiceUnavailable,
},
Minio handle for list_objects_v2 with a blank ContinuationToken (#5940) minio will now return an error for a blank continuation token in list_objects_v2,so as in s3. Fixes #5931
2018-06-25 21:35:43 +02:00
ErrIncorrectContinuationToken: {
Code: "InvalidArgument",
Description: "The continuation token provided is incorrect",
HTTPStatusCode: http.StatusBadRequest,
},
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
// Add your error structure here.
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
}
handlers: overhaul entire writErrorResponse, simplify. (#1472)
2016-05-06 05:24:29 +02:00
// toAPIErrorCode - Converts embedded errors. Convenience
// function written to handle all cases where we have known types of
// errors returned by underlying layers.
func toAPIErrorCode(err error) (apiErr APIErrorCode) {
if err == nil {
return ErrNone
}
Cleanup and fixes (#3273) * newRequestID() (previously generateUploadID()) returns string than byte array. * Remove unclear comments and added appropriate comments. * SHA-256, MD5 Hash functions return Hex/Base64 encoded string than byte array. * Remove duplicate MD5 hasher functions. * Rename listObjectsValidateArgs() into validateListObjectsArgs() * Remove repeated auth check code in all bucket request handlers. * Remove abbreviated names in bucket-metadata * Avoid nested if in bucketPolicyMatchStatement() * Use ioutil.ReadFile() instead of os.Open() and ioutil.ReadAll() * Set crossDomainXML as constant.
2016-11-21 22:51:05 +01:00
handlers: overhaul entire writErrorResponse, simplify. (#1472)
2016-05-06 05:24:29 +02:00
// Verify if the underlying error is signature mismatch.
handler/PUT: Handle signature verification through a custom reader. (#2066) Change brings in a new signVerifyReader which provides a io.Reader compatible reader, additionally implements Verify() function. Verify() function validates the signature present in the incoming request. This approach is choosen to avoid complexities involved in using io.Pipe(). Thanks to Krishna for his inputs on this. Fixes #2058 Fixes #2054 Fixes #2087
2016-07-05 10:04:50 +02:00
switch err {
case errSignatureMismatch:
apiErr = ErrSignatureDoesNotMatch
xl PutObject: Split object into parts (#3651) For faster time-to-first-byte when we try to download a big object
2017-01-31 00:44:42 +01:00
case errDataTooLarge:
apiErr = ErrEntityTooLarge
case errDataTooSmall:
apiErr = ErrEntityTooSmall
move credentials as separate package (#5115)
2017-10-31 19:54:32 +01:00
case auth.ErrInvalidAccessKeyLength:
Honor envs properly for access and secret key. (#3703) Also changes the behavior of `secretKeyHash` which is not necessary to be sent over the network, each node has its own secretKeyHash to validate. Fixes #3696 Partial(fix) #3700 (More changes needed with some code cleanup)
2017-02-07 21:51:43 +01:00
apiErr = ErrAdminInvalidAccessKey
move credentials as separate package (#5115)
2017-10-31 19:54:32 +01:00
case auth.ErrInvalidSecretKeyLength:
Honor envs properly for access and secret key. (#3703) Also changes the behavior of `secretKeyHash` which is not necessary to be sent over the network, each node has its own secretKeyHash to validate. Fixes #3696 Partial(fix) #3700 (More changes needed with some code cleanup)
2017-02-07 21:51:43 +01:00
apiErr = ErrAdminInvalidSecretKey
Bring etcd support for bucket DNS federation - Supports centralized `config.json` - Supports centralized `bucket` service records for client lookups - implement a new proxy forwarder
2018-02-03 03:18:52 +01:00
// SSE errors
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-08 00:18:59 +01:00
case errInsecureSSERequest:
Bring etcd support for bucket DNS federation - Supports centralized `config.json` - Supports centralized `bucket` service records for client lookups - implement a new proxy forwarder
2018-02-03 03:18:52 +01:00
apiErr = ErrInsecureSSECustomerRequest
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-08 00:18:59 +01:00
case errInvalidSSEAlgorithm:
Bring etcd support for bucket DNS federation - Supports centralized `config.json` - Supports centralized `bucket` service records for client lookups - implement a new proxy forwarder
2018-02-03 03:18:52 +01:00
apiErr = ErrInvalidSSECustomerAlgorithm
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-08 00:18:59 +01:00
case errInvalidSSEKey:
Bring etcd support for bucket DNS federation - Supports centralized `config.json` - Supports centralized `bucket` service records for client lookups - implement a new proxy forwarder
2018-02-03 03:18:52 +01:00
apiErr = ErrInvalidSSECustomerKey
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-08 00:18:59 +01:00
case errMissingSSEKey:
Bring etcd support for bucket DNS federation - Supports centralized `config.json` - Supports centralized `bucket` service records for client lookups - implement a new proxy forwarder
2018-02-03 03:18:52 +01:00
apiErr = ErrMissingSSECustomerKey
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-08 00:18:59 +01:00
case errMissingSSEKeyMD5:
Bring etcd support for bucket DNS federation - Supports centralized `config.json` - Supports centralized `bucket` service records for client lookups - implement a new proxy forwarder
2018-02-03 03:18:52 +01:00
apiErr = ErrMissingSSECustomerKeyMD5
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-08 00:18:59 +01:00
case errSSEKeyMD5Mismatch:
Bring etcd support for bucket DNS federation - Supports centralized `config.json` - Supports centralized `bucket` service records for client lookups - implement a new proxy forwarder
2018-02-03 03:18:52 +01:00
apiErr = ErrSSECustomerKeyMD5Mismatch
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-08 00:18:59 +01:00
case errObjectTampered:
Bring etcd support for bucket DNS federation - Supports centralized `config.json` - Supports centralized `bucket` service records for client lookups - implement a new proxy forwarder
2018-02-03 03:18:52 +01:00
apiErr = ErrObjectTampered
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-08 00:18:59 +01:00
case errEncryptedObject:
Bring etcd support for bucket DNS federation - Supports centralized `config.json` - Supports centralized `bucket` service records for client lookups - implement a new proxy forwarder
2018-02-03 03:18:52 +01:00
apiErr = ErrSSEEncryptedObject
return AWS S3 compatible error for invalid but equal keys during key rotation (#5783) This change let the server return the S3 error for a key rotation if the source key is not valid but equal to the destination key. This change also fixes the SSE-C error messages since AWS returns error messages ending with a '.'. Fixes #5625
2018-04-06 23:15:23 +02:00
case errInvalidSSEParameters:
Bring etcd support for bucket DNS federation - Supports centralized `config.json` - Supports centralized `bucket` service records for client lookups - implement a new proxy forwarder
2018-02-03 03:18:52 +01:00
apiErr = ErrInvalidSSECustomerParameters
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-08 00:18:59 +01:00
case errSSEKeyMismatch:
Bring etcd support for bucket DNS federation - Supports centralized `config.json` - Supports centralized `bucket` service records for client lookups - implement a new proxy forwarder
2018-02-03 03:18:52 +01:00
apiErr = ErrAccessDenied // no access without correct key
case context.Canceled, context.DeadlineExceeded:
apiErr = ErrOperationTimedOut
}
if apiErr != ErrNone {
// If there was a match in the above switch case.
return apiErr
}
// etcd specific errors, a key is always a bucket for us return
// ErrNoSuchBucket in such a case.
Update federation target to etcd/clientv3 (#6119) With CoreDNS now supporting etcdv3 as the DNS backend, we can update our federation target to etcdv3. Users will now be able to use etcdv3 server as the federation backbone. Minio will update bucket data to etcdv3 and CoreDNS can pick that data up and serve it as bucket style DNS path.
2018-07-12 23:12:40 +02:00
if err == dns.ErrNoEntriesFound {
return ErrNoSuchBucket
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-08 00:18:59 +01:00
}
handlers: overhaul entire writErrorResponse, simplify. (#1472)
2016-05-06 05:24:29 +02:00
switch err.(type) {
case StorageFull:
apiErr = ErrStorageFull
Simplify data verification with HashReader. (#5071) Verify() was being called by caller after the data has been successfully read after io.EOF. This disconnection opens a race under concurrent access to such an object. Verification is not necessary outside of Read() call, we can simply just do checksum verification right inside Read() call at io.EOF. This approach simplifies the usage.
2017-10-22 07:30:34 +02:00
case hash.BadDigest:
handlers: overhaul entire writErrorResponse, simplify. (#1472)
2016-05-06 05:24:29 +02:00
apiErr = ErrBadDigest
Added AllAccessDisabled error
2017-05-06 03:49:08 +02:00
case AllAccessDisabled:
apiErr = ErrAllAccessDisabled
handlers: overhaul entire writErrorResponse, simplify. (#1472)
2016-05-06 05:24:29 +02:00
case IncompleteBody:
apiErr = ErrIncompleteBody
api: Extend S3 errors with Minio errors. (#1533) Fixes #1530
2016-05-08 21:36:16 +02:00
case ObjectExistsAsDirectory:
apiErr = ErrObjectExistsAsDirectory
Translate storage access denied error to S3 Access Denied response (#3015)
2016-10-21 01:09:55 +02:00
case PrefixAccessDenied:
apiErr = ErrAccessDenied
handlers: overhaul entire writErrorResponse, simplify. (#1472)
2016-05-06 05:24:29 +02:00
case BucketNameInvalid:
apiErr = ErrInvalidBucketName
case BucketNotFound:
apiErr = ErrNoSuchBucket
Implement gateway S3 support (#3940)
2017-04-27 20:26:00 +02:00
case BucketAlreadyOwnedByYou:
apiErr = ErrBucketAlreadyOwnedByYou
handlers: overhaul entire writErrorResponse, simplify. (#1472)
2016-05-06 05:24:29 +02:00
case BucketNotEmpty:
apiErr = ErrBucketNotEmpty
Return BucketAlreadyExists when bucket exists with another user
2017-05-08 23:53:47 +02:00
case BucketAlreadyExists:
apiErr = ErrBucketAlreadyExists
handlers: overhaul entire writErrorResponse, simplify. (#1472)
2016-05-06 05:24:29 +02:00
case BucketExists:
apiErr = ErrBucketAlreadyOwnedByYou
case ObjectNotFound:
apiErr = ErrNoSuchKey
Quick support to server level WORM (#5602) This is a trival fix to support server level WORM. The feature comes with an environment variable `MINIO_WORM`. Usage: ``` $ export MINIO_WORM=on $ minio server endpoint ```
2018-03-28 01:44:45 +02:00
case ObjectAlreadyExists:
apiErr = ErrMethodNotAllowed
handlers: overhaul entire writErrorResponse, simplify. (#1472)
2016-05-06 05:24:29 +02:00
case ObjectNameInvalid:
Added specific error for InvalidObjectName (#2157)
2016-07-10 02:11:08 +02:00
apiErr = ErrInvalidObjectName
handlers: overhaul entire writErrorResponse, simplify. (#1472)
2016-05-06 05:24:29 +02:00
case InvalidUploadID:
apiErr = ErrNoSuchUpload
case InvalidPart:
apiErr = ErrInvalidPart
case InsufficientWriteQuorum:
apiErr = ErrWriteQuorum
case InsufficientReadQuorum:
apiErr = ErrReadQuorum
tests: Fix ListMultipartUploadsHandler tests. (#2705)
2016-09-15 10:44:19 +02:00
case UnsupportedDelimiter:
apiErr = ErrNotImplemented
case InvalidMarkerPrefixCombination:
apiErr = ErrNotImplemented
case InvalidUploadIDKeyCombination:
apiErr = ErrNotImplemented
case MalformedUploadID:
apiErr = ErrNoSuchUpload
multipart: reject part upload if size is less than 5MB. (#1518)
2016-05-08 21:06:05 +02:00
case PartTooSmall:
apiErr = ErrEntityTooSmall
Verify md5 content hash, closes #4285
2017-05-11 01:52:38 +02:00
case SignatureDoesNotMatch:
apiErr = ErrSignatureDoesNotMatch
Simplify data verification with HashReader. (#5071) Verify() was being called by caller after the data has been successfully read after io.EOF. This disconnection opens a race under concurrent access to such an object. Verification is not necessary outside of Read() call, we can simply just do checksum verification right inside Read() call at io.EOF. This approach simplifies the usage.
2017-10-22 07:30:34 +02:00
case hash.SHA256Mismatch:
sha256: Verify sha256 along with md5sum, signature is verified on the request early. (#2813)
2016-10-03 00:51:49 +02:00
apiErr = ErrContentSHA256Mismatch
When object whose size is greater than 5G is uploaded using presigned POST we should return error. (#3033) fixes #2961
2016-10-22 18:05:01 +02:00
case ObjectTooLarge:
apiErr = ErrEntityTooLarge
api: Handle content-length-range policy properly. (#3297) content-length-range policy in postPolicy API was not working properly handle it. The reflection strategy used has changed in recent version of Go. Any free form interface{} of any integer is treated as `float64` this caused a bug where content-length-range parsing failed to provide any value. Fixes #3295
2016-11-21 13:15:26 +01:00
case ObjectTooSmall:
apiErr = ErrEntityTooSmall
Implement S3 Gateway to third party cloud storage providers. (#3756) Currently supported backend is Azure Blob Storage. ``` export MINIO_ACCESS_KEY=azureaccountname export MINIO_SECRET_KEY=azureaccountkey minio gateway azure ```
2017-03-16 20:21:58 +01:00
case NotImplemented:
apiErr = ErrNotImplemented
gateway-azure: Return right error when Part size is > 100MB (#4652)
2017-07-13 01:42:14 +02:00
case PartTooBig:
apiErr = ErrEntityTooLarge
azure: handle encryption headers and azure InvalidMetadata error (#4893) Previously minio gateway returns invalid bucket name error for invalid meta data. This is fixed by returning BadRequest with 'Unsupported metadata' in response. Fixes #4891
2017-09-13 01:14:41 +02:00
case UnsupportedMetadata:
apiErr = ErrUnsupportedMetadata
fs: All parts except the last part should be of the same size (#5045) fixes #4881
2017-10-17 21:01:28 +02:00
case PartsSizeUnequal:
apiErr = ErrPartsSizeUnequal
Bucket policies should use minio-go/pkg/policy instead. (#5090)
2017-10-28 01:14:06 +02:00
case BucketPolicyNotFound:
apiErr = ErrNoSuchBucketPolicy
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
case *event.ErrInvalidEventName:
apiErr = ErrEventNotification
case *event.ErrInvalidARN:
apiErr = ErrARNNotification
case *event.ErrARNNotFound:
apiErr = ErrARNNotification
case *event.ErrUnknownRegion:
apiErr = ErrRegionNotification
case *event.ErrInvalidFilterName:
apiErr = ErrFilterNameInvalid
case *event.ErrFilterNamePrefix:
apiErr = ErrFilterNamePrefix
case *event.ErrFilterNameSuffix:
apiErr = ErrFilterNameSuffix
case *event.ErrInvalidFilterValue:
apiErr = ErrFilterValueInvalid
case *event.ErrDuplicateEventName:
apiErr = ErrOverlappingConfigs
case *event.ErrDuplicateQueueConfiguration:
apiErr = ErrOverlappingFilterNotification
case *event.ErrUnsupportedConfiguration:
apiErr = ErrUnsupportedNotification
Add disk based edge caching support. (#5182) This PR adds disk based edge caching support for minio server. Cache settings can be configured in config.json to take list of disk drives, cache expiry in days and file patterns to exclude from cache or via environment variables MINIO_CACHE_DRIVES, MINIO_CACHE_EXCLUDE and MINIO_CACHE_EXPIRY Design assumes that Atime support is enabled and the list of cache drives is fixed. - Objects are cached on both GET and PUT/POST operations. - Expiry is used as hint to evict older entries from cache, or if 80% of cache capacity is filled. - When object storage backend is down, GET, LIST and HEAD operations fetch object seamlessly from cache. Current Limitations - Bucket policies are not cached, so anonymous operations are not supported in offline mode. - Objects are distributed using deterministic hashing among list of cache drives specified.If one or more drives go offline, or cache drive configuration is altered - performance could degrade to linear lookup. Fixes #4026
2018-03-28 23:14:06 +02:00
case BackendDown:
apiErr = ErrBackendDown
handlers: overhaul entire writErrorResponse, simplify. (#1472)
2016-05-06 05:24:29 +02:00
default:
apiErr = ErrInternalError
}
Cleanup and fixes (#3273) * newRequestID() (previously generateUploadID()) returns string than byte array. * Remove unclear comments and added appropriate comments. * SHA-256, MD5 Hash functions return Hex/Base64 encoded string than byte array. * Remove duplicate MD5 hasher functions. * Rename listObjectsValidateArgs() into validateListObjectsArgs() * Remove repeated auth check code in all bucket request handlers. * Remove abbreviated names in bucket-metadata * Avoid nested if in bucketPolicyMatchStatement() * Use ioutil.ReadFile() instead of os.Open() and ioutil.ReadAll() * Set crossDomainXML as constant.
2016-11-21 22:51:05 +01:00
handlers: overhaul entire writErrorResponse, simplify. (#1472)
2016-05-06 05:24:29 +02:00
return apiErr
}
error: Add proper prefixes for s3Error codes. This patch adds 'Err' prefix for all standard API error codes and also adds a proper type for them.
2016-03-10 11:24:52 +01:00
// getAPIError provides API Error for input API error code.
func getAPIError(code APIErrorCode) APIError {
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
return errorCodeResponse[code]
}
Update minioapi documentation
2015-02-24 01:46:48 +01:00
// getErrorResponse gets in standard error and resource value and
// provides a encodable populated response values
Log x-amz-request-id as log and XML error response (#6173) Currently, requestid field in logEntry is not populated, as the requestid field gets set at the very end. It is now set before regular handler functions. This is also useful in setting it as part of the XML error response. Travis build for ppc64le has been quite inconsistent and stays queued for most of the time. Removing this build as part of Travis.yml for the time being.
2018-07-21 03:46:32 +02:00
func getAPIErrorResponse(err APIError, resource, requestid string) APIErrorResponse {
Add constants for commonly used values. (#3588) This is a consolidation effort, avoiding usage of naked strings in codebase. Whenever possible use constants which can be repurposed elsewhere. This also fixes `goconst ./...` reported issues.
2017-01-18 21:24:34 +01:00
return APIErrorResponse{
Code: err.Code,
Message: err.Description,
Resource: resource,
Log x-amz-request-id as log and XML error response (#6173) Currently, requestid field in logEntry is not populated, as the requestid field gets set at the very end. It is now set before regular handler functions. This is also useful in setting it as part of the XML error response. Travis build for ppc64le has been quite inconsistent and stays queued for most of the time. Removing this build as part of Travis.yml for the time being.
2018-07-21 03:46:32 +02:00
RequestID: requestid,
Add constants for commonly used values. (#3588) This is a consolidation effort, avoiding usage of naked strings in codebase. Whenever possible use constants which can be repurposed elsewhere. This also fixes `goconst ./...` reported issues.
2017-01-18 21:24:34 +01:00
HostID: "3L137",
Reply in xml from validate and ignore handlers
2015-02-12 07:00:45 +01:00
}
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 12:23:15 +01:00
}
Reference in a new issue Copy permalink