maxmustermann/minio
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

flags: Remove anonymous, ratelimit, json and web-address flags.

Browse source 
- Web address now uses the port + 1 from the API address port directly.
- Remove ratelimiting, ratelimiting will be achieved if necessary through
  iptables.
- Remove json flag, not needed anymore.
- Remove anonymous flag, server will be no more anonymous for play.minio.io
  we will use demo credentials.
This commit is contained in:
Harshavardhana 2016-02-02 17:38:02 -08:00
parent b01594ac33
commit df91661ec6
8 changed files with 98 additions and 282 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

104
bucket-handlers.go
View file

@ -34,13 +34,6 @@ func (api CloudStorageAPI) GetBucketLocationHandler(w http.ResponseWriter, req *
vars := mux.Vars(req) vars := mux.Vars(req)
bucket := vars["bucket"] bucket := vars["bucket"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
_, err := api.Filesystem.GetBucketMetadata(bucket) _, err := api.Filesystem.GetBucketMetadata(bucket)
if err != nil { if err != nil {
errorIf(err.Trace(), "GetBucketMetadata failed.", nil) errorIf(err.Trace(), "GetBucketMetadata failed.", nil)
@ -75,13 +68,6 @@ func (api CloudStorageAPI) ListMultipartUploadsHandler(w http.ResponseWriter, re
vars := mux.Vars(req) vars := mux.Vars(req)
bucket := vars["bucket"] bucket := vars["bucket"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
resources := getBucketMultipartResources(req.URL.Query()) resources := getBucketMultipartResources(req.URL.Query())
if resources.MaxUploads < 0 { if resources.MaxUploads < 0 {
writeErrorResponse(w, req, InvalidMaxUploads, req.URL.Path) writeErrorResponse(w, req, InvalidMaxUploads, req.URL.Path)
@ -121,15 +107,6 @@ func (api CloudStorageAPI) ListObjectsHandler(w http.ResponseWriter, req *http.R
vars := mux.Vars(req) vars := mux.Vars(req)
bucket := vars["bucket"] bucket := vars["bucket"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
if api.Filesystem.IsPrivateBucket(bucket) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
}
// TODO handle encoding type. // TODO handle encoding type.
prefix, marker, delimiter, maxkeys, _ := getBucketResources(req.URL.Query()) prefix, marker, delimiter, maxkeys, _ := getBucketResources(req.URL.Query())
if maxkeys < 0 { if maxkeys < 0 {
@ -171,12 +148,6 @@ func (api CloudStorageAPI) ListObjectsHandler(w http.ResponseWriter, req *http.R
// This implementation of the GET operation returns a list of all buckets // This implementation of the GET operation returns a list of all buckets
// owned by the authenticated sender of the request. // owned by the authenticated sender of the request.
func (api CloudStorageAPI) ListBucketsHandler(w http.ResponseWriter, req *http.Request) { func (api CloudStorageAPI) ListBucketsHandler(w http.ResponseWriter, req *http.Request) {
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
buckets, err := api.Filesystem.ListBuckets() buckets, err := api.Filesystem.ListBuckets()
if err == nil { if err == nil {
// generate response // generate response
@ -199,13 +170,6 @@ func (api CloudStorageAPI) PutBucketHandler(w http.ResponseWriter, req *http.Req
vars := mux.Vars(req) vars := mux.Vars(req)
bucket := vars["bucket"] bucket := vars["bucket"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
// read from 'x-amz-acl' // read from 'x-amz-acl'
aclType := getACLType(req) aclType := getACLType(req)
if aclType == unsupportedACLType { if aclType == unsupportedACLType {
@ -214,26 +178,24 @@ func (api CloudStorageAPI) PutBucketHandler(w http.ResponseWriter, req *http.Req
} }
var signature *fs.Signature var signature *fs.Signature
if !api.Anonymous { // Init signature V4 verification
// Init signature V4 verification if isRequestSignatureV4(req) {
if isRequestSignatureV4(req) { var err *probe.Error
var err *probe.Error signature, err = initSignatureV4(req)
signature, err = initSignatureV4(req) if err != nil {
if err != nil { switch err.ToGoError() {
switch err.ToGoError() { case errInvalidRegion:
case errInvalidRegion: errorIf(err.Trace(), "Unknown region in authorization header.", nil)
errorIf(err.Trace(), "Unknown region in authorization header.", nil) writeErrorResponse(w, req, AuthorizationHeaderMalformed, req.URL.Path)
writeErrorResponse(w, req, AuthorizationHeaderMalformed, req.URL.Path) return
return case errAccessKeyIDInvalid:
case errAccessKeyIDInvalid: errorIf(err.Trace(), "Invalid access key id.", nil)
errorIf(err.Trace(), "Invalid access key id.", nil) writeErrorResponse(w, req, InvalidAccessKeyID, req.URL.Path)
writeErrorResponse(w, req, InvalidAccessKeyID, req.URL.Path) return
return default:
default: errorIf(err.Trace(), "Initializing signature v4 failed.", nil)
errorIf(err.Trace(), "Initializing signature v4 failed.", nil) writeErrorResponse(w, req, InternalError, req.URL.Path)
writeErrorResponse(w, req, InternalError, req.URL.Path) return
return
}
} }
} }
} }
@ -374,13 +336,6 @@ func (api CloudStorageAPI) PutBucketACLHandler(w http.ResponseWriter, req *http.
vars := mux.Vars(req) vars := mux.Vars(req)
bucket := vars["bucket"] bucket := vars["bucket"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
// read from 'x-amz-acl' // read from 'x-amz-acl'
aclType := getACLType(req) aclType := getACLType(req)
if aclType == unsupportedACLType { if aclType == unsupportedACLType {
@ -413,13 +368,6 @@ func (api CloudStorageAPI) GetBucketACLHandler(w http.ResponseWriter, req *http.
vars := mux.Vars(req) vars := mux.Vars(req)
bucket := vars["bucket"] bucket := vars["bucket"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
bucketMetadata, err := api.Filesystem.GetBucketMetadata(bucket) bucketMetadata, err := api.Filesystem.GetBucketMetadata(bucket)
if err != nil { if err != nil {
errorIf(err.Trace(), "GetBucketMetadata failed.", nil) errorIf(err.Trace(), "GetBucketMetadata failed.", nil)
@ -452,15 +400,6 @@ func (api CloudStorageAPI) HeadBucketHandler(w http.ResponseWriter, req *http.Re
vars := mux.Vars(req) vars := mux.Vars(req)
bucket := vars["bucket"] bucket := vars["bucket"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
if api.Filesystem.IsPrivateBucket(bucket) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
}
_, err := api.Filesystem.GetBucketMetadata(bucket) _, err := api.Filesystem.GetBucketMetadata(bucket)
if err != nil { if err != nil {
errorIf(err.Trace(), "GetBucketMetadata failed.", nil) errorIf(err.Trace(), "GetBucketMetadata failed.", nil)
@ -482,13 +421,6 @@ func (api CloudStorageAPI) DeleteBucketHandler(w http.ResponseWriter, req *http.
vars := mux.Vars(req) vars := mux.Vars(req)
bucket := vars["bucket"] bucket := vars["bucket"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
err := api.Filesystem.DeleteBucket(bucket) err := api.Filesystem.DeleteBucket(bucket)
if err != nil { if err != nil {
errorIf(err.Trace(), "DeleteBucket failed.", nil) errorIf(err.Trace(), "DeleteBucket failed.", nil)

25
flags.go
View file

@ -34,32 +34,12 @@ var (
Usage: "ADDRESS:PORT for cloud storage access.", Usage: "ADDRESS:PORT for cloud storage access.",
} }
webAddressFlag = cli.StringFlag{
Name: "web-address",
Value: ":9001",
Hide: true,
Usage: "WEBADDRESS:PORT for cloud storage access.",
}
accessLogFlag = cli.BoolFlag{ accessLogFlag = cli.BoolFlag{
Name: "enable-accesslog", Name: "enable-accesslog",
Hide: true, Hide: true,
Usage: "Enable access logs for all incoming HTTP request.", Usage: "Enable access logs for all incoming HTTP request.",
} }
rateLimitFlag = cli.IntFlag{
Name: "ratelimit",
Hide: true,
Value: 0,
Usage: "Limit for total concurrent requests: [DEFAULT: 0].",
}
anonymousFlag = cli.BoolFlag{
Name: "anonymous",
Hide: true,
Usage: "Make server run in anonymous mode where all client connections are accepted.",
}
certFlag = cli.StringFlag{ certFlag = cli.StringFlag{
Name: "cert", Name: "cert",
Usage: "Provide your domain certificate.", Usage: "Provide your domain certificate.",
@ -69,11 +49,6 @@ var (
Name: "key", Name: "key",
Usage: "Provide your domain private key.", Usage: "Provide your domain private key.",
} }
jsonFlag = cli.BoolFlag{
Name: "json",
Usage: "Enable json formatted output.",
}
) )
// registerFlag registers a cli flag // registerFlag registers a cli flag

4
main.go
View file

@ -121,13 +121,9 @@ func registerApp() *cli.App {
// register all flags // register all flags
registerFlag(configFolderFlag) registerFlag(configFolderFlag)
registerFlag(addressFlag) registerFlag(addressFlag)
registerFlag(webAddressFlag)
registerFlag(accessLogFlag) registerFlag(accessLogFlag)
registerFlag(rateLimitFlag)
registerFlag(anonymousFlag)
registerFlag(certFlag) registerFlag(certFlag)
registerFlag(keyFlag) registerFlag(keyFlag)
registerFlag(jsonFlag)
// set up app // set up app
app := cli.NewApp() app := cli.NewApp()

186
object-handlers.go
View file

@ -39,15 +39,6 @@ func (api CloudStorageAPI) GetObjectHandler(w http.ResponseWriter, req *http.Req
bucket = vars["bucket"] bucket = vars["bucket"]
object = vars["object"] object = vars["object"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
if api.Filesystem.IsPrivateBucket(bucket) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
}
metadata, err := api.Filesystem.GetObjectMetadata(bucket, object) metadata, err := api.Filesystem.GetObjectMetadata(bucket, object)
if err != nil { if err != nil {
errorIf(err.Trace(), "GetObject failed.", nil) errorIf(err.Trace(), "GetObject failed.", nil)
@ -87,15 +78,6 @@ func (api CloudStorageAPI) HeadObjectHandler(w http.ResponseWriter, req *http.Re
bucket = vars["bucket"] bucket = vars["bucket"]
object = vars["object"] object = vars["object"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
if api.Filesystem.IsPrivateBucket(bucket) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
}
metadata, err := api.Filesystem.GetObjectMetadata(bucket, object) metadata, err := api.Filesystem.GetObjectMetadata(bucket, object)
if err != nil { if err != nil {
switch err.ToGoError().(type) { switch err.ToGoError().(type) {
@ -125,15 +107,6 @@ func (api CloudStorageAPI) PutObjectHandler(w http.ResponseWriter, req *http.Req
bucket = vars["bucket"] bucket = vars["bucket"]
object = vars["object"] object = vars["object"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
if api.Filesystem.IsPrivateBucket(bucket) || api.Filesystem.IsReadOnlyBucket(bucket) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
}
// get Content-MD5 sent by client and verify if valid // get Content-MD5 sent by client and verify if valid
md5 := req.Header.Get("Content-MD5") md5 := req.Header.Get("Content-MD5")
if !isValidMD5(md5) { if !isValidMD5(md5) {
@ -153,26 +126,24 @@ func (api CloudStorageAPI) PutObjectHandler(w http.ResponseWriter, req *http.Req
} }
var signature *fs.Signature var signature *fs.Signature
if !api.Anonymous { if isRequestSignatureV4(req) {
if isRequestSignatureV4(req) { // Init signature V4 verification
// Init signature V4 verification var err *probe.Error
var err *probe.Error signature, err = initSignatureV4(req)
signature, err = initSignatureV4(req) if err != nil {
if err != nil { switch err.ToGoError() {
switch err.ToGoError() { case errInvalidRegion:
case errInvalidRegion: errorIf(err.Trace(), "Unknown region in authorization header.", nil)
errorIf(err.Trace(), "Unknown region in authorization header.", nil) writeErrorResponse(w, req, AuthorizationHeaderMalformed, req.URL.Path)
writeErrorResponse(w, req, AuthorizationHeaderMalformed, req.URL.Path) return
return case errAccessKeyIDInvalid:
case errAccessKeyIDInvalid: errorIf(err.Trace(), "Invalid access key id.", nil)
errorIf(err.Trace(), "Invalid access key id.", nil) writeErrorResponse(w, req, InvalidAccessKeyID, req.URL.Path)
writeErrorResponse(w, req, InvalidAccessKeyID, req.URL.Path) return
return default:
default: errorIf(err.Trace(), "Initializing signature v4 failed.", nil)
errorIf(err.Trace(), "Initializing signature v4 failed.", nil) writeErrorResponse(w, req, InternalError, req.URL.Path)
writeErrorResponse(w, req, InternalError, req.URL.Path) return
return
}
} }
} }
} }
@ -219,14 +190,6 @@ func (api CloudStorageAPI) NewMultipartUploadHandler(w http.ResponseWriter, req
bucket = vars["bucket"] bucket = vars["bucket"]
object = vars["object"] object = vars["object"]
if !api.Anonymous {
// Unauthorized multipart uploads are not supported
if isRequestRequiresACLCheck(req) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
uploadID, err := api.Filesystem.NewMultipartUpload(bucket, object) uploadID, err := api.Filesystem.NewMultipartUpload(bucket, object)
if err != nil { if err != nil {
errorIf(err.Trace(), "NewMultipartUpload failed.", nil) errorIf(err.Trace(), "NewMultipartUpload failed.", nil)
@ -261,13 +224,6 @@ func (api CloudStorageAPI) PutObjectPartHandler(w http.ResponseWriter, req *http
bucket := vars["bucket"] bucket := vars["bucket"]
object := vars["object"] object := vars["object"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
// get Content-MD5 sent by client and verify if valid // get Content-MD5 sent by client and verify if valid
md5 := req.Header.Get("Content-MD5") md5 := req.Header.Get("Content-MD5")
if !isValidMD5(md5) { if !isValidMD5(md5) {
@ -302,26 +258,24 @@ func (api CloudStorageAPI) PutObjectPartHandler(w http.ResponseWriter, req *http
} }
var signature *fs.Signature var signature *fs.Signature
if !api.Anonymous { if isRequestSignatureV4(req) {
if isRequestSignatureV4(req) { // Init signature V4 verification
// Init signature V4 verification var err *probe.Error
var err *probe.Error signature, err = initSignatureV4(req)
signature, err = initSignatureV4(req) if err != nil {
if err != nil { switch err.ToGoError() {
switch err.ToGoError() { case errInvalidRegion:
case errInvalidRegion: errorIf(err.Trace(), "Unknown region in authorization header.", nil)
errorIf(err.Trace(), "Unknown region in authorization header.", nil) writeErrorResponse(w, req, AuthorizationHeaderMalformed, req.URL.Path)
writeErrorResponse(w, req, AuthorizationHeaderMalformed, req.URL.Path) return
return case errAccessKeyIDInvalid:
case errAccessKeyIDInvalid: errorIf(err.Trace(), "Invalid access key id.", nil)
errorIf(err.Trace(), "Invalid access key id.", nil) writeErrorResponse(w, req, InvalidAccessKeyID, req.URL.Path)
writeErrorResponse(w, req, InvalidAccessKeyID, req.URL.Path) return
return default:
default: errorIf(err.Trace(), "Initializing signature v4 failed.", nil)
errorIf(err.Trace(), "Initializing signature v4 failed.", nil) writeErrorResponse(w, req, InternalError, req.URL.Path)
writeErrorResponse(w, req, InternalError, req.URL.Path) return
return
}
} }
} }
} }
@ -361,13 +315,6 @@ func (api CloudStorageAPI) AbortMultipartUploadHandler(w http.ResponseWriter, re
bucket := vars["bucket"] bucket := vars["bucket"]
object := vars["object"] object := vars["object"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
objectResourcesMetadata := getObjectResources(req.URL.Query()) objectResourcesMetadata := getObjectResources(req.URL.Query())
err := api.Filesystem.AbortMultipartUpload(bucket, object, objectResourcesMetadata.UploadID) err := api.Filesystem.AbortMultipartUpload(bucket, object, objectResourcesMetadata.UploadID)
if err != nil { if err != nil {
@ -397,13 +344,6 @@ func (api CloudStorageAPI) ListObjectPartsHandler(w http.ResponseWriter, req *ht
bucket := vars["bucket"] bucket := vars["bucket"]
object := vars["object"] object := vars["object"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
objectResourcesMetadata := getObjectResources(req.URL.Query()) objectResourcesMetadata := getObjectResources(req.URL.Query())
if objectResourcesMetadata.PartNumberMarker < 0 { if objectResourcesMetadata.PartNumberMarker < 0 {
writeErrorResponse(w, req, InvalidPartNumberMarker, req.URL.Path) writeErrorResponse(w, req, InvalidPartNumberMarker, req.URL.Path)
@ -450,35 +390,26 @@ func (api CloudStorageAPI) CompleteMultipartUploadHandler(w http.ResponseWriter,
bucket := vars["bucket"] bucket := vars["bucket"]
object := vars["object"] object := vars["object"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
objectResourcesMetadata := getObjectResources(req.URL.Query()) objectResourcesMetadata := getObjectResources(req.URL.Query())
var signature *fs.Signature var signature *fs.Signature
if !api.Anonymous { if isRequestSignatureV4(req) {
if isRequestSignatureV4(req) { // Init signature V4 verification
// Init signature V4 verification var err *probe.Error
var err *probe.Error signature, err = initSignatureV4(req)
signature, err = initSignatureV4(req) if err != nil {
if err != nil { switch err.ToGoError() {
switch err.ToGoError() { case errInvalidRegion:
case errInvalidRegion: errorIf(err.Trace(), "Unknown region in authorization header.", nil)
errorIf(err.Trace(), "Unknown region in authorization header.", nil) writeErrorResponse(w, req, AuthorizationHeaderMalformed, req.URL.Path)
writeErrorResponse(w, req, AuthorizationHeaderMalformed, req.URL.Path) return
return case errAccessKeyIDInvalid:
case errAccessKeyIDInvalid: errorIf(err.Trace(), "Invalid access key id.", nil)
errorIf(err.Trace(), "Invalid access key id.", nil) writeErrorResponse(w, req, InvalidAccessKeyID, req.URL.Path)
writeErrorResponse(w, req, InvalidAccessKeyID, req.URL.Path) return
return default:
default: errorIf(err.Trace(), "Initializing signature v4 failed.", nil)
errorIf(err.Trace(), "Initializing signature v4 failed.", nil) writeErrorResponse(w, req, InternalError, req.URL.Path)
writeErrorResponse(w, req, InternalError, req.URL.Path) return
return
}
} }
} }
} }
@ -528,15 +459,6 @@ func (api CloudStorageAPI) DeleteObjectHandler(w http.ResponseWriter, req *http.
bucket := vars["bucket"] bucket := vars["bucket"]
object := vars["object"] object := vars["object"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
if api.Filesystem.IsPrivateBucket(bucket) || api.Filesystem.IsReadOnlyBucket(bucket) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
}
err := api.Filesystem.DeleteObject(bucket, object) err := api.Filesystem.DeleteObject(bucket, object)
if err != nil { if err != nil {
errorIf(err.Trace(), "DeleteObject failed.", nil) errorIf(err.Trace(), "DeleteObject failed.", nil)

7
routers.go
View file

@ -30,8 +30,6 @@ import (
// CloudStorageAPI container for S3 compatible API. // CloudStorageAPI container for S3 compatible API.
type CloudStorageAPI struct { type CloudStorageAPI struct {
// Do not check for incoming signatures, allow all requests.
Anonymous bool
// Once true log all incoming requests. // Once true log all incoming requests.
AccessLog bool AccessLog bool
// Filesystem instance. // Filesystem instance.
@ -153,7 +151,6 @@ func getNewCloudStorageAPI(conf cloudServerConfig) CloudStorageAPI {
} }
return CloudStorageAPI{ return CloudStorageAPI{
Filesystem: fs, Filesystem: fs,
Anonymous: conf.Anonymous,
AccessLog: conf.AccessLog, AccessLog: conf.AccessLog,
} }
} }
@ -163,9 +160,7 @@ func getCloudStorageAPIHandler(api CloudStorageAPI) http.Handler {
TimeValidityHandler, TimeValidityHandler,
IgnoreResourcesHandler, IgnoreResourcesHandler,
IgnoreSignatureV2RequestHandler, IgnoreSignatureV2RequestHandler,
} SignatureHandler,
if !api.Anonymous {
mwHandlers = append(mwHandlers, SignatureHandler)
} }
if api.AccessLog { if api.AccessLog {
mwHandlers = append(mwHandlers, AccessLogHandler) mwHandlers = append(mwHandlers, AccessLogHandler)

46
server-main.go
View file

@ -69,10 +69,8 @@ EXAMPLES:
// cloudServerConfig - http server config // cloudServerConfig - http server config
type cloudServerConfig struct { type cloudServerConfig struct {
/// HTTP server options /// HTTP server options
Address string // Address:Port listening Address string // Address:Port listening
WebAddress string // WebAddress:Port listening AccessLog bool // Enable access log handler
AccessLog bool // Enable access log handler
Anonymous bool // No signature turn off
// Credentials. // Credentials.
AccessKeyID string // Access key id. AccessKeyID string // Access key id.
@ -87,15 +85,25 @@ type cloudServerConfig struct {
TLS bool // TLS on when certs are specified TLS bool // TLS on when certs are specified
CertFile string // Domain certificate CertFile string // Domain certificate
KeyFile string // Domain key KeyFile string // Domain key
/// Advanced HTTP server options
RateLimit int // Ratelimited server of incoming connections
} }
func configureWebServer(conf cloudServerConfig) (*http.Server, *probe.Error) { func configureWebServer(conf cloudServerConfig) (*http.Server, *probe.Error) {
// Split the api address into host and port.
host, port, e := net.SplitHostPort(conf.Address)
if e != nil {
return nil, probe.NewError(e)
}
webPort, e := strconv.Atoi(port)
if e != nil {
return nil, probe.NewError(e)
}
// Always choose the next port, based on the API address port.
webPort = webPort + 1
webAddress := net.JoinHostPort(host, strconv.Itoa(webPort))
// Minio server config // Minio server config
webServer := &http.Server{ webServer := &http.Server{
Addr: conf.WebAddress, Addr: webAddress,
Handler: getWebAPIHandler(getNewWebAPI(conf)), Handler: getWebAPIHandler(getNewWebAPI(conf)),
MaxHeaderBytes: 1 << 20, MaxHeaderBytes: 1 << 20,
} }
@ -133,8 +141,8 @@ func configureAPIServer(conf cloudServerConfig) (*http.Server, *probe.Error) {
return apiServer, nil return apiServer, nil
} }
func printServerMsg(conf cloudServerConfig) { func printServerMsg(serverConf *http.Server) {
host, port, e := net.SplitHostPort(conf.Address) host, port, e := net.SplitHostPort(serverConf.Addr)
fatalIf(probe.NewError(e), "Unable to split host port.", nil) fatalIf(probe.NewError(e), "Unable to split host port.", nil)
var hosts []string var hosts []string
@ -155,7 +163,7 @@ func printServerMsg(conf cloudServerConfig) {
} }
} }
for _, host := range hosts { for _, host := range hosts {
if conf.TLS { if serverConf.TLSConfig != nil {
Printf(" https://%s:%s\n", host, port) Printf(" https://%s:%s\n", host, port)
} else { } else {
Printf(" http://%s:%s\n", host, port) Printf(" http://%s:%s\n", host, port)
@ -328,9 +336,7 @@ func serverMain(c *cli.Context) {
tls := (certFile != "" && keyFile != "") tls := (certFile != "" && keyFile != "")
serverConfig := cloudServerConfig{ serverConfig := cloudServerConfig{
Address: c.GlobalString("address"), Address: c.GlobalString("address"),
WebAddress: c.GlobalString("web-address"),
AccessLog: c.GlobalBool("enable-accesslog"), AccessLog: c.GlobalBool("enable-accesslog"),
Anonymous: c.GlobalBool("anonymous"),
AccessKeyID: conf.Credentials.AccessKeyID, AccessKeyID: conf.Credentials.AccessKeyID,
SecretAccessKey: conf.Credentials.SecretAccessKey, SecretAccessKey: conf.Credentials.SecretAccessKey,
Path: path, Path: path,
@ -339,23 +345,22 @@ func serverMain(c *cli.Context) {
TLS: tls, TLS: tls,
CertFile: certFile, CertFile: certFile,
KeyFile: keyFile, KeyFile: keyFile,
RateLimit: c.GlobalInt("ratelimit"),
} }
Println("\nMinio Object Storage:")
printServerMsg(serverConfig)
// configure API server. // configure API server.
apiServer, err := configureAPIServer(serverConfig) apiServer, err := configureAPIServer(serverConfig)
errorIf(err.Trace(), "Failed to configure API server.", nil) errorIf(err.Trace(), "Failed to configure API server.", nil)
Println("\nMinio Browser:") Println("\nMinio Object Storage:")
printServerMsg(serverConfig) printServerMsg(apiServer)
// configure Web server. // configure Web server.
webServer, err := configureWebServer(serverConfig) webServer, err := configureWebServer(serverConfig)
errorIf(err.Trace(), "Failed to configure Web server.", nil) errorIf(err.Trace(), "Failed to configure Web server.", nil)
Println("\nMinio Browser:")
printServerMsg(webServer)
Println("\nTo configure Minio Client:") Println("\nTo configure Minio Client:")
if runtime.GOOS == "windows" { if runtime.GOOS == "windows" {
Println(" Download \"mc\" from https://dl.minio.io/client/mc/release/" + runtime.GOOS + "-" + runtime.GOARCH + "/mc.exe") Println(" Download \"mc\" from https://dl.minio.io/client/mc/release/" + runtime.GOOS + "-" + runtime.GOARCH + "/mc.exe")
@ -367,7 +372,6 @@ func serverMain(c *cli.Context) {
} }
// Start server. // Start server.
rateLimit := serverConfig.RateLimit err = minhttp.ListenAndServe(apiServer, webServer)
err = minhttp.ListenAndServeLimited(rateLimit, apiServer, webServer)
errorIf(err.Trace(), "Failed to start the minio server.", nil) errorIf(err.Trace(), "Failed to start the minio server.", nil)
} }

1
server_fs_test.go
View file

@ -78,7 +78,6 @@ func (s *MyAPIFSCacheSuite) SetUpSuite(c *C) {
cloudServer := cloudServerConfig{ cloudServer := cloudServerConfig{
Path: fsroot, Path: fsroot,
MinFreeDisk: 0, MinFreeDisk: 0,
Anonymous: false,
} }
cloudStorageAPI := getNewCloudStorageAPI(cloudServer) cloudStorageAPI := getNewCloudStorageAPI(cloudServer)
httpHandler := getCloudStorageAPIHandler(cloudStorageAPI) httpHandler := getCloudStorageAPIHandler(cloudStorageAPI)

7
signature-handler.go
View file

@ -60,13 +60,6 @@ func isRequestPostPolicySignatureV4(req *http.Request) bool {
return false return false
} }
func isRequestRequiresACLCheck(req *http.Request) bool {
if isRequestSignatureV4(req) || isRequestPresignedSignatureV4(req) || isRequestPostPolicySignatureV4(req) {
return false
}
return true
}
func (s signatureHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { func (s signatureHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
if isRequestPostPolicySignatureV4(r) && r.Method == "POST" { if isRequestPostPolicySignatureV4(r) && r.Method == "POST" {
s.handler.ServeHTTP(w, r) s.handler.ServeHTTP(w, r)