mirror
/
s3proxy
kopia lustrzana https://github.com/gaul/s3proxy
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność

Require time reference point for requests 

Requests must have a Date header, X-Amz-Date header, or Expires
parameter.
pull/16/head
Andrew Gaul 2014-08-24 05:16:19 -07:00
rodzic ce3d7edad3
commit 8c623c179c
1 zmienionych plików z 35 dodań i 16 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

51
src/main/java/org/gaul/s3proxy/S3ProxyHandler.java
Wyświetl plik

@ -116,34 +116,53 @@ final class S3ProxyHandler extends AbstractHandler {
String uri = request.getRequestURI(); String uri = request.getRequestURI();
String[] path = uri.split("/", 3); String[] path = uri.split("/", 3);
logger.debug("request: {}", request); logger.debug("request: {}", request);
boolean hasDateHeader = false;
boolean hasXAmzDateHeader = false;
for (String headerName : Collections.list(request.getHeaderNames())) { for (String headerName : Collections.list(request.getHeaderNames())) {
for (String headerValue : Collections.list(request.getHeaders( for (String headerValue : Collections.list(request.getHeaders(
headerName))) { headerName))) {
logger.trace("header: {}: {}", headerName, logger.trace("header: {}: {}", headerName,
Strings.nullToEmpty(headerValue)); Strings.nullToEmpty(headerValue));
} }
if (headerName.equalsIgnoreCase(HttpHeaders.DATE)) {
hasDateHeader = true;
} else if (headerName.equalsIgnoreCase("x-amz-date")) {
hasXAmzDateHeader = true;
}
} }
long date; if (!hasDateHeader && !hasXAmzDateHeader &&
try { request.getParameter("Expires") == null) {
date = request.getDateHeader(HttpHeaders.DATE);
} catch (IllegalArgumentException iae) {
sendSimpleErrorResponse(response, S3ErrorCode.ACCESS_DENIED); sendSimpleErrorResponse(response, S3ErrorCode.ACCESS_DENIED);
baseRequest.setHandled(true); baseRequest.setHandled(true);
return; return;
} }
if (date < 0) {
sendSimpleErrorResponse(response, S3ErrorCode.ACCESS_DENIED); // TODO: apply sanity checks to X-Amz-Date
baseRequest.setHandled(true); if (hasDateHeader) {
return; long date;
} try {
long now = System.currentTimeMillis(); date = request.getDateHeader(HttpHeaders.DATE);
if (now + TimeUnit.DAYS.toMillis(1) < date || } catch (IllegalArgumentException iae) {
now - TimeUnit.DAYS.toMillis(1) > date) { sendSimpleErrorResponse(response,
sendSimpleErrorResponse(response, S3ErrorCode.ACCESS_DENIED);
S3ErrorCode.REQUEST_TIME_TOO_SKEWED); baseRequest.setHandled(true);
baseRequest.setHandled(true); return;
return; }
if (date < 0) {
sendSimpleErrorResponse(response,
S3ErrorCode.ACCESS_DENIED);
baseRequest.setHandled(true);
return;
}
long now = System.currentTimeMillis();
if (now + TimeUnit.DAYS.toMillis(1) < date ||
now - TimeUnit.DAYS.toMillis(1) > date) {
sendSimpleErrorResponse(response,
S3ErrorCode.REQUEST_TIME_TOO_SKEWED);
baseRequest.setHandled(true);
return;
}
} }
if (identity != null) { if (identity != null) {