mirror
/
s3proxy
kopia lustrzana https://github.com/gaul/s3proxy
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność

Sanity check Date header 

References #5.
pull/16/head
Andrew Gaul 2014-08-21 12:27:41 -07:00
rodzic 886c27e63a
commit 90261c1ce7
2 zmienionych plików z 25 dodań i 0 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

2
src/main/java/org/gaul/s3proxy/S3ErrorCode.java
Wyświetl plik

@ -26,6 +26,7 @@ import com.google.common.base.Preconditions;
* http://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html * http://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html
*/ */
enum S3ErrorCode { enum S3ErrorCode {
ACCESS_DENIED(HttpServletResponse.SC_FORBIDDEN, "Forbidden"),
BUCKET_ALREADY_EXISTS(HttpServletResponse.SC_FORBIDDEN, BUCKET_ALREADY_EXISTS(HttpServletResponse.SC_FORBIDDEN,
"The requested bucket name is not available." + "The requested bucket name is not available." +
" The bucket namespace is shared by all users of the system." + " The bucket namespace is shared by all users of the system." +
@ -48,6 +49,7 @@ enum S3ErrorCode {
"Length Required"), "Length Required"),
NO_SUCH_BUCKET(HttpServletResponse.SC_NOT_FOUND, "Not Found"), NO_SUCH_BUCKET(HttpServletResponse.SC_NOT_FOUND, "Not Found"),
NO_SUCH_KEY(HttpServletResponse.SC_NOT_FOUND, "Not Found"), NO_SUCH_KEY(HttpServletResponse.SC_NOT_FOUND, "Not Found"),
REQUEST_TIME_TOO_SKEWED(HttpServletResponse.SC_FORBIDDEN, "Forbidden"),
REQUEST_TIMEOUT(HttpServletResponse.SC_BAD_REQUEST, "Bad Request"), REQUEST_TIMEOUT(HttpServletResponse.SC_BAD_REQUEST, "Bad Request"),
SIGNATURE_DOES_NOT_MATCH(HttpServletResponse.SC_FORBIDDEN, "Forbidden"); SIGNATURE_DOES_NOT_MATCH(HttpServletResponse.SC_FORBIDDEN, "Forbidden");

23
src/main/java/org/gaul/s3proxy/S3ProxyHandler.java
Wyświetl plik

@ -30,6 +30,7 @@ import java.util.Enumeration;
import java.util.HashSet; import java.util.HashSet;
import java.util.Map; import java.util.Map;
import java.util.Set; import java.util.Set;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException; import java.util.concurrent.TimeoutException;
import java.util.regex.Matcher; import java.util.regex.Matcher;
import java.util.regex.Pattern; import java.util.regex.Pattern;
@ -121,6 +122,28 @@ final class S3ProxyHandler extends AbstractHandler {
} }
} }
long date;
try {
date = request.getDateHeader(HttpHeaders.DATE);
} catch (IllegalArgumentException iae) {
sendSimpleErrorResponse(response, S3ErrorCode.ACCESS_DENIED);
baseRequest.setHandled(true);
return;
}
if (date < 0) {
sendSimpleErrorResponse(response, S3ErrorCode.ACCESS_DENIED);
baseRequest.setHandled(true);
return;
}
long now = System.currentTimeMillis();
if (now + TimeUnit.DAYS.toMillis(1) < date ||
now - TimeUnit.DAYS.toMillis(1) > date) {
sendSimpleErrorResponse(response,
S3ErrorCode.REQUEST_TIME_TOO_SKEWED);
baseRequest.setHandled(true);
return;
}
if (identity != null) { if (identity != null) {
String expectedAuthorization = createAuthorizationHeader(request, String expectedAuthorization = createAuthorizationHeader(request,
identity, credential); identity, credential);