diff --git a/vendor/manifest b/vendor/manifest index e53bc0309..488352990 100644 --- a/vendor/manifest +++ b/vendor/manifest @@ -46,7 +46,7 @@ { "importpath": "github.com/minio/minio-go", "repository": "https://github.com/minio/minio-go", - "revision": "f2362d9e7d8daf89594ee0a079be2424eaf360be", + "revision": "f6d5df6b625c00c3180ec6c9240ea710620c7070", "branch": "master" }, { diff --git a/vendor/src/github.com/minio/minio-go/api-list.go b/vendor/src/github.com/minio/minio-go/api-list.go index 6a228179e..9f238d66b 100644 --- a/vendor/src/github.com/minio/minio-go/api-list.go +++ b/vendor/src/github.com/minio/minio-go/api-list.go @@ -69,7 +69,7 @@ func (c Client) ListBuckets() ([]BucketInfo, error) { // // Create a done channel. // doneCh := make(chan struct{}) // defer close(doneCh) -// // Recurively list all objects in 'mytestbucket' +// // Recursively list all objects in 'mytestbucket' // recursive := true // for message := range api.ListObjectsV2("mytestbucket", "starthere", recursive, doneCh) { // fmt.Println(message) diff --git a/vendor/src/github.com/minio/minio-go/api-put-object.go b/vendor/src/github.com/minio/minio-go/api-put-object.go index 0b6848fff..e61f305cb 100644 --- a/vendor/src/github.com/minio/minio-go/api-put-object.go +++ b/vendor/src/github.com/minio/minio-go/api-put-object.go @@ -17,7 +17,6 @@ package minio import ( - "bytes" "crypto/md5" "crypto/sha256" "hash" @@ -214,34 +213,25 @@ func (c Client) putObjectSingle(bucketName, objectName string, reader io.Reader, hashAlgos["sha256"] = sha256.New() } - if size <= minPartSize { - // Initialize a new temporary buffer. - tmpBuffer := new(bytes.Buffer) - size, err = hashCopyN(hashAlgos, hashSums, tmpBuffer, reader, size) - reader = bytes.NewReader(tmpBuffer.Bytes()) - tmpBuffer.Reset() - } else { - // Initialize a new temporary file. - var tmpFile *tempFile - tmpFile, err = newTempFile("single$-putobject-single") - if err != nil { - return 0, err - } - defer tmpFile.Close() - size, err = hashCopyN(hashAlgos, hashSums, tmpFile, reader, size) - if err != nil { - return 0, err - } - // Seek back to beginning of the temporary file. - if _, err = tmpFile.Seek(0, 0); err != nil { - return 0, err - } - reader = tmpFile + // Initialize a new temporary file. + tmpFile, err := newTempFile("single$-putobject-single") + if err != nil { + return 0, err } + defer tmpFile.Close() + + size, err = hashCopyN(hashAlgos, hashSums, tmpFile, reader, size) // Return error if its not io.EOF. if err != nil && err != io.EOF { return 0, err } + + // Seek back to beginning of the temporary file. + if _, err = tmpFile.Seek(0, 0); err != nil { + return 0, err + } + reader = tmpFile + // Execute put object. st, err := c.putObjectDo(bucketName, objectName, reader, hashSums["md5"], hashSums["sha256"], size, metaData) if err != nil { diff --git a/vendor/src/github.com/minio/minio-go/api.go b/vendor/src/github.com/minio/minio-go/api.go index c04034a86..0e89cfa55 100644 --- a/vendor/src/github.com/minio/minio-go/api.go +++ b/vendor/src/github.com/minio/minio-go/api.go @@ -30,7 +30,6 @@ import ( "net/http/httputil" "net/url" "os" - "regexp" "runtime" "strings" "sync" @@ -309,40 +308,6 @@ type requestMetadata struct { contentMD5Bytes []byte } -// regCred matches credential string in HTTP header -var regCred = regexp.MustCompile("Credential=([A-Z0-9]+)/") - -// regCred matches signature string in HTTP header -var regSign = regexp.MustCompile("Signature=([[0-9a-f]+)") - -// Filter out signature value from Authorization header. -func (c Client) filterSignature(req *http.Request) { - origAuth := req.Header.Get("Authorization") - if origAuth != "" { - return - } - - if !strings.HasPrefix(origAuth, signV4Algorithm) { - // Set a temporary redacted auth - req.Header.Set("Authorization", "AWS **REDACTED**:**REDACTED**") - return - } - - /// Signature V4 authorization header. - - // Strip out accessKeyID from: - // Credential=////aws4_request - newAuth := regCred.ReplaceAllString(origAuth, "Credential=**REDACTED**/") - - // Strip out 256-bit signature from: Signature=<256-bit signature> - newAuth = regSign.ReplaceAllString(newAuth, "Signature=**REDACTED**") - - // Set a temporary redacted auth - req.Header.Set("Authorization", newAuth) - - return -} - // dumpHTTP - dump HTTP request and response. func (c Client) dumpHTTP(req *http.Request, resp *http.Response) error { // Starts http dump. @@ -352,7 +317,10 @@ func (c Client) dumpHTTP(req *http.Request, resp *http.Response) error { } // Filter out Signature field from Authorization header. - c.filterSignature(req) + origAuth := req.Header.Get("Authorization") + if origAuth != "" { + req.Header.Set("Authorization", redactSignature(origAuth)) + } // Only display request header. reqTrace, err := httputil.DumpRequestOut(req, false) diff --git a/vendor/src/github.com/minio/minio-go/utils.go b/vendor/src/github.com/minio/minio-go/utils.go index 4fa43b1ff..1ebf88460 100644 --- a/vendor/src/github.com/minio/minio-go/utils.go +++ b/vendor/src/github.com/minio/minio-go/utils.go @@ -227,3 +227,26 @@ func filterHeader(header http.Header, filterKeys []string) (filteredHeader http. } return filteredHeader } + +// regCred matches credential string in HTTP header +var regCred = regexp.MustCompile("Credential=([A-Z0-9]+)/") + +// regCred matches signature string in HTTP header +var regSign = regexp.MustCompile("Signature=([[0-9a-f]+)") + +// Redact out signature value from authorization string. +func redactSignature(origAuth string) string { + if !strings.HasPrefix(origAuth, signV4Algorithm) { + // Set a temporary redacted auth + return "AWS **REDACTED**:**REDACTED**" + } + + /// Signature V4 authorization header. + + // Strip out accessKeyID from: + // Credential=////aws4_request + newAuth := regCred.ReplaceAllString(origAuth, "Credential=**REDACTED**/") + + // Strip out 256-bit signature from: Signature=<256-bit signature> + return regSign.ReplaceAllString(newAuth, "Signature=**REDACTED**") +} diff --git a/vendor/src/github.com/minio/minio-go/utils_test.go b/vendor/src/github.com/minio/minio-go/utils_test.go index 4e015c855..0c6b56076 100644 --- a/vendor/src/github.com/minio/minio-go/utils_test.go +++ b/vendor/src/github.com/minio/minio-go/utils_test.go @@ -23,6 +23,31 @@ import ( "time" ) +// Tests signature redacting function used +// in filtering on-wire Authorization header. +func TestRedactSignature(t *testing.T) { + testCases := []struct { + authValue string + expectedRedactedAuthValue string + }{ + { + authValue: "AWS 1231313:888x000231==", + expectedRedactedAuthValue: "AWS **REDACTED**:**REDACTED**", + }, + { + authValue: "AWS4-HMAC-SHA256 Credential=12312313/20170613/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=02131231312313213", + expectedRedactedAuthValue: "AWS4-HMAC-SHA256 Credential=**REDACTED**/20170613/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**", + }, + } + + for i, testCase := range testCases { + redactedAuthValue := redactSignature(testCase.authValue) + if redactedAuthValue != testCase.expectedRedactedAuthValue { + t.Errorf("Test %d: Expected %s, got %s", i+1, testCase.expectedRedactedAuthValue, redactedAuthValue) + } + } +} + // Tests filter header function by filtering out // some custom header keys. func TestFilterHeader(t *testing.T) {