diff options
| author | Alex Auvolat <alex@adnab.me> | 2021-02-20 00:13:07 +0100 |
|---|---|---|
| committer | Alex Auvolat <alex@adnab.me> | 2021-02-20 00:13:07 +0100 |
| commit | 10b983b8e7076b385f28f9c79cae19882b1db951 (patch) | |
| tree | 63636984abbbacfceafb36244ad9b4d1518d1736 /src/api/s3_delete.rs | |
| parent | 1de96248e0e4aae27995eb08e9019842b327d1a3 (diff) | |
| download | garage-10b983b8e7076b385f28f9c79cae19882b1db951.tar.gz garage-10b983b8e7076b385f28f9c79cae19882b1db951.zip | |
Add verification of part numbers in CompleteMultipartUpload (WIP #30)
Diffstat (limited to 'src/api/s3_delete.rs')
| -rw-r--r-- | src/api/s3_delete.rs | 30 |
1 files changed, 14 insertions, 16 deletions
diff --git a/src/api/s3_delete.rs b/src/api/s3_delete.rs index b019987b..91cfbfbe 100644 --- a/src/api/s3_delete.rs +++ b/src/api/s3_delete.rs @@ -10,6 +10,7 @@ use garage_model::object_table::*; use crate::encoding::*; use crate::error::*; +use crate::signature::verify_signed_content; async fn handle_delete_internal( garage: &Garage, @@ -73,8 +74,11 @@ pub async fn handle_delete_objects( garage: Arc<Garage>, bucket: &str, req: Request<Body>, + content_sha256: Option<Hash>, ) -> Result<Response<Body>, Error> { let body = hyper::body::to_bytes(req.into_body()).await?; + verify_signed_content(content_sha256, &body[..])?; + let cmd_xml = roxmltree::Document::parse(&std::str::from_utf8(&body)?)?; let cmd = parse_delete_objects_xml(&cmd_xml).ok_or_bad_request("Invalid delete XML query")?; @@ -131,33 +135,27 @@ struct DeleteObject { key: String, } -fn parse_delete_objects_xml(xml: &roxmltree::Document) -> Result<DeleteRequest, String> { +fn parse_delete_objects_xml(xml: &roxmltree::Document) -> Option<DeleteRequest> { let mut ret = DeleteRequest { objects: vec![] }; let root = xml.root(); - let delete = root.first_child().ok_or(format!("Delete tag not found"))?; + let delete = root.first_child()?; if !delete.has_tag_name("Delete") { - return Err(format!("Invalid root tag: {:?}", root)); + return None; } for item in delete.children() { if item.has_tag_name("Object") { - if let Some(key) = item.children().find(|e| e.has_tag_name("Key")) { - if let Some(key_str) = key.text() { - ret.objects.push(DeleteObject { - key: key_str.to_string(), - }); - } else { - return Err(format!("No text for key: {:?}", key)); - } - } else { - return Err(format!("No delete key for item: {:?}", item)); - } + let key = item.children().find(|e| e.has_tag_name("Key"))?; + let key_str = key.text()?; + ret.objects.push(DeleteObject { + key: key_str.to_string(), + }); } else { - return Err(format!("Invalid delete item: {:?}", item)); + return None; } } - Ok(ret) + Some(ret) } |