[ARVADOS] updated: 1.3.0-2782-g8b1a79bbc

Git user git at public.arvados.org
Tue Jul 28 20:17:16 UTC 2020


Summary of changes:
 services/keep-web/s3.go      | 27 +++++++++++++++++++++------
 services/keep-web/s3_test.go |  4 ++++
 2 files changed, 25 insertions(+), 6 deletions(-)

       via  8b1a79bbcd7c461d5b4b6e56092b6734942bdf24 (commit)
       via  4b690c16316951312a1f18b7b7c5629a3c9d51d2 (commit)
       via  ba6ebe673fdff6343a6ef095d6b8e713283877e5 (commit)
       via  3c65c7109bc436b4e016b9a079c503b0b96be7a4 (commit)
      from  9f904dbfce4fe72f3a5b8b5201a83dbdb5ba0a2b (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.


commit 8b1a79bbcd7c461d5b4b6e56092b6734942bdf24
Author: Tom Clegg <tom at tomclegg.ca>
Date:   Tue Jul 28 16:14:54 2020 -0400

    16535: Delete project in teardown.
    
    Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tom at tomclegg.ca>

diff --git a/services/keep-web/s3_test.go b/services/keep-web/s3_test.go
index d88e3b5ed..7e925790f 100644
--- a/services/keep-web/s3_test.go
+++ b/services/keep-web/s3_test.go
@@ -97,6 +97,10 @@ func (stage s3stage) teardown(c *check.C) {
 		err := stage.arv.RequestAndDecode(&stage.coll, "DELETE", "arvados/v1/collections/"+stage.coll.UUID, nil, nil)
 		c.Check(err, check.IsNil)
 	}
+	if stage.proj.UUID != "" {
+		err := stage.arv.RequestAndDecode(&stage.proj, "DELETE", "arvados/v1/groups/"+stage.proj.UUID, nil, nil)
+		c.Check(err, check.IsNil)
+	}
 }
 
 func (s *IntegrationSuite) TestS3CollectionGetObject(c *check.C) {

commit 4b690c16316951312a1f18b7b7c5629a3c9d51d2
Author: Tom Clegg <tom at tomclegg.ca>
Date:   Tue Jul 28 16:14:48 2020 -0400

    16535: Improve error message.
    
    Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tom at tomclegg.ca>

diff --git a/services/keep-web/s3.go b/services/keep-web/s3.go
index 536a77eed..679b866e6 100644
--- a/services/keep-web/s3.go
+++ b/services/keep-web/s3.go
@@ -131,7 +131,7 @@ func (h *handler) serveS3(w http.ResponseWriter, r *http.Request) bool {
 		}
 		err = f.Close()
 		if err != nil {
-			err = fmt.Errorf("write to %q failed: %w", r.URL.Path, err)
+			err = fmt.Errorf("write to %q failed: close: %w", r.URL.Path, err)
 			http.Error(w, err.Error(), http.StatusBadGateway)
 			return true
 		}

commit ba6ebe673fdff6343a6ef095d6b8e713283877e5
Author: Tom Clegg <tom at tomclegg.ca>
Date:   Tue Jul 28 16:14:29 2020 -0400

    16535: Use 1000 as default and maximum value for max-keys.
    
    Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tom at tomclegg.ca>

diff --git a/services/keep-web/s3.go b/services/keep-web/s3.go
index 8bda2eac5..536a77eed 100644
--- a/services/keep-web/s3.go
+++ b/services/keep-web/s3.go
@@ -21,6 +21,8 @@ import (
 	"github.com/AdRoll/goamz/s3"
 )
 
+const s3MaxKeys = 1000
+
 // serveS3 handles r and returns true if r is a request from an S3
 // client, otherwise it returns false.
 func (h *handler) serveS3(w http.ResponseWriter, r *http.Request) bool {
@@ -193,10 +195,10 @@ func (h *handler) s3list(w http.ResponseWriter, r *http.Request, fs arvados.Cust
 	params.bucket = strings.SplitN(r.URL.Path[1:], "/", 2)[0]
 	params.delimiter = r.FormValue("delimiter")
 	params.marker = r.FormValue("marker")
-	if mk, _ := strconv.ParseInt(r.FormValue("max-keys"), 10, 64); mk > 0 {
+	if mk, _ := strconv.ParseInt(r.FormValue("max-keys"), 10, 64); mk > 0 && mk < s3MaxKeys {
 		params.maxKeys = int(mk)
 	} else {
-		params.maxKeys = 100
+		params.maxKeys = s3MaxKeys
 	}
 	params.prefix = r.FormValue("prefix")
 

commit 3c65c7109bc436b4e016b9a079c503b0b96be7a4
Author: Tom Clegg <tom at tomclegg.ca>
Date:   Tue Jul 28 16:13:50 2020 -0400

    16535: Trial support for V4 S3 signatures.
    
    Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tom at tomclegg.ca>

diff --git a/services/keep-web/s3.go b/services/keep-web/s3.go
index 796e95cb6..8bda2eac5 100644
--- a/services/keep-web/s3.go
+++ b/services/keep-web/s3.go
@@ -33,9 +33,22 @@ func (h *handler) serveS3(w http.ResponseWriter, r *http.Request) bool {
 		}
 		token = split[0]
 	} else if strings.HasPrefix(auth, "AWS4-HMAC-SHA256 ") {
-		w.WriteHeader(http.StatusBadRequest)
-		fmt.Println(w, "V4 signature is not supported")
-		return true
+		for _, cmpt := range strings.Split(auth[17:], ",") {
+			cmpt = strings.TrimSpace(cmpt)
+			split := strings.SplitN(cmpt, "=", 2)
+			if len(split) == 2 && split[0] == "Credential" {
+				keyandscope := strings.Split(split[1], "/")
+				if len(keyandscope[0]) > 0 {
+					token = keyandscope[0]
+					break
+				}
+			}
+		}
+		if token == "" {
+			w.WriteHeader(http.StatusBadRequest)
+			fmt.Println(w, "invalid V4 signature")
+			return true
+		}
 	} else {
 		return false
 	}

-----------------------------------------------------------------------


hooks/post-receive
-- 




More information about the arvados-commits mailing list