aboutsummaryrefslogtreecommitdiff
path: root/src/api/signature.rs
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2021-04-28 01:05:40 +0200
committerAlex Auvolat <alex@adnab.me>2021-04-28 01:05:40 +0200
commitdcfc32cf85bc6276fdff2492898c1cbb527e9b9d (patch)
tree01ec3f7476733dab8c74ecb1c72b5061f6e5c8e1 /src/api/signature.rs
parent368eb354846790e9fc616d9a26ddc414748d847f (diff)
downloadgarage-dcfc32cf85bc6276fdff2492898c1cbb527e9b9d.tar.gz
garage-dcfc32cf85bc6276fdff2492898c1cbb527e9b9d.zip
Many S3 compatibility improvements:v0.2.1.5
- return XML errors - implement AuthorizationHeaderMalformed error to redirect clients to correct location (used by minio client) - implement GetBucketLocation - fix DeleteObjects XML parsing and response
Diffstat (limited to 'src/api/signature.rs')
-rw-r--r--src/api/signature.rs9
1 files changed, 4 insertions, 5 deletions
diff --git a/src/api/signature.rs b/src/api/signature.rs
index 6dc69afa..7fcab0f9 100644
--- a/src/api/signature.rs
+++ b/src/api/signature.rs
@@ -58,10 +58,7 @@ pub async fn check_signature(
garage.config.s3_api.s3_region
);
if authorization.scope != scope {
- return Err(Error::BadRequest(format!(
- "Invalid scope in authorization field, expected: {}",
- scope
- )));
+ return Err(Error::AuthorizationHeaderMalformed(scope.to_string()));
}
let key = garage
@@ -101,7 +98,9 @@ pub async fn check_signature(
return Err(Error::Forbidden(format!("Invalid signature")));
}
- let content_sha256 = if authorization.content_sha256 == "UNSIGNED-PAYLOAD" {
+ let content_sha256 = if authorization.content_sha256 == "UNSIGNED-PAYLOAD"
+ || authorization.content_sha256 == "STREAMING-AWS4-HMAC-SHA256-PAYLOAD"
+ {
None
} else {
let bytes = hex::decode(authorization.content_sha256)