diff options
| author | Alex Auvolat <alex@adnab.me> | 2024-03-01 12:35:08 +0100 |
|---|---|---|
| committer | Alex Auvolat <alex@adnab.me> | 2024-03-01 13:21:23 +0100 |
| commit | 610af71e36d58ea1ca66b98c75f105aecf92af2b (patch) | |
| tree | 8181bda3e5837a1a17302aa692c2f1722de99ad5 /src/api/s3/api_server.rs | |
| parent | f01883794e475f5dae3d2d4f621b020e1134fa47 (diff) | |
| download | garage-610af71e36d58ea1ca66b98c75f105aecf92af2b.tar.gz garage-610af71e36d58ea1ca66b98c75f105aecf92af2b.zip | |
[backport-735-v0.8.x] backport AWS signature verification refactoring
Diffstat (limited to 'src/api/s3/api_server.rs')
| -rw-r--r-- | src/api/s3/api_server.rs | 15 |
1 files changed, 2 insertions, 13 deletions
diff --git a/src/api/s3/api_server.rs b/src/api/s3/api_server.rs index ecfb48b6..c266b036 100644 --- a/src/api/s3/api_server.rs +++ b/src/api/s3/api_server.rs @@ -17,8 +17,7 @@ use garage_model::key_table::Key; use crate::generic_server::*; use crate::s3::error::*; -use crate::signature::payload::check_payload_signature; -use crate::signature::streaming::*; +use crate::signature::verify_request; use crate::helpers::*; use crate::s3::bucket::*; @@ -119,17 +118,7 @@ impl ApiHandler for S3ApiServer { return handle_options_s3api(garage, &req, bucket_name).await; } - let (api_key, mut content_sha256) = check_payload_signature(&garage, "s3", &req).await?; - let api_key = api_key - .ok_or_else(|| Error::forbidden("Garage does not support anonymous access yet"))?; - - let req = parse_streaming_body( - &api_key, - req, - &mut content_sha256, - &garage.config.s3_api.s3_region, - "s3", - )?; + let (req, api_key, content_sha256) = verify_request(&garage, req, "s3").await?; let bucket_name = match bucket_name { None => { |