Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

NSFS | S3 throwing error for empty header and default port for STS #8579

Merged
merged 1 commit into from
Dec 20, 2024
Merged

NSFS | S3 throwing error for empty header and default port for STS #8579

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion config.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -898,7 +898,8 @@ config.NSFS_NC_CONFIG_DIR_BACKEND = '';
config.NSFS_NC_STORAGE_BACKEND = '';
config.ENDPOINT_PORT = Number(process.env.ENDPOINT_PORT) || 6001;
config.ENDPOINT_SSL_PORT = Number(process.env.ENDPOINT_SSL_PORT) || 6443;
config.ENDPOINT_SSL_STS_PORT = Number(process.env.ENDPOINT_SSL_STS_PORT) || -1;
// Remove the NSFS condition when NSFS starts to support STS.
config.ENDPOINT_SSL_STS_PORT = Number(process.env.ENDPOINT_SSL_STS_PORT) || (process.env.NC_NSFS_NO_DB_ENV === 'true' ? -1 : 7443);
naveenpaul1 marked this conversation as resolved.
Show resolved Hide resolved
config.ENDPOINT_SSL_IAM_PORT = Number(process.env.ENDPOINT_SSL_IAM_PORT) || -1;
config.ALLOW_HTTP = false;
// config files should allow access to the owner of the files
Expand Down
2 changes: 1 addition & 1 deletion src/endpoint/endpoint.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -197,7 +197,7 @@ async function main(options = {}) {
// START S3, STS & IAM SERVERS & CERTS
const http_port_s3 = options.http_port || config.ENDPOINT_PORT;
const https_port_s3 = options.https_port || config.ENDPOINT_SSL_PORT;
const https_port_sts = options.https_port_sts || Number(process.env.ENDPOINT_SSL_PORT_STS) || 7443; // || (process.env.NC_NSFS_NO_DB_ENV === 'true' ? -1 : 7443);
const https_port_sts = options.https_port_sts || config.ENDPOINT_SSL_STS_PORT;
const https_port_iam = options.https_port_iam || config.ENDPOINT_SSL_IAM_PORT;

naveenpaul1 marked this conversation as resolved.
Show resolved Hide resolved
await start_server_and_cert(SERVICES_TYPES_ENUM.S3, init_request_sdk,
Expand Down
9 changes: 8 additions & 1 deletion src/endpoint/s3/s3_rest.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -96,6 +96,13 @@ async function handle_request(req, res) {
error_token_expired: S3Error.ExpiredToken,
auth_token: () => signature_utils.make_auth_token_from_request(req)
};
// AWS s3 returns an empty response when s3 request sends without host header.
if (!req.headers.host) {
dbg.warn('s3_rest: handle_request: S3 request is missing host header, header ', req.headers);
naveenpaul1 marked this conversation as resolved.
Show resolved Hide resolved
res.statusCode = 400;
res.end();
naveenpaul1 marked this conversation as resolved.
Show resolved Hide resolved
return;
}
http_utils.check_headers(req, headers_options);

const redirect = await populate_request_additional_info_or_redirect(req);
Expand All @@ -112,7 +119,7 @@ async function handle_request(req, res) {
http_utils.set_cors_headers_s3(req, res, cors);

if (req.method === 'OPTIONS') {
dbg.log1('OPTIONS!');
dbg.log1('s3_rest: handle_request : S3 request method is ', req.method);
const error_code = req.headers.origin && req.headers['access-control-request-method'] ? 403 : 400;
const res_headers = res.getHeaders(); // We will check if we found a matching rule - if no we will return error_code
res.statusCode = res_headers['access-control-allow-origin'] && res_headers['access-control-allow-methods'] ? 200 : error_code;
Expand Down
Loading