lsm/seaweedfs
1
0
Fork 0
mirror of https://github.com/seaweedfs/seaweedfs.git synced 2025-08-25 17:14:15 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

ADHOC: s3 bucket name verification (#4189)

Browse Source 
* ADHOC: s3 bucket name verification

* add test
This commit is contained in:
Eric Yang 2023-02-07 14:37:29 -08:00 committed by GitHub
parent d5f77706a8
commit 5083429704
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 59 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
weed/shell/command_s3_bucket_create.go
View File

@ -5,8 +5,11 @@ import (
"flag" "flag"
"fmt" "fmt"
"io" "io"
"net"
"os" "os"
"strings"
"time" "time"
"unicode"
"github.com/seaweedfs/seaweedfs/weed/pb/filer_pb" "github.com/seaweedfs/seaweedfs/weed/pb/filer_pb"
) )
@ -42,6 +45,11 @@ func (c *commandS3BucketCreate) Do(args []string, commandEnv *CommandEnv, writer
return fmt.Errorf("empty bucket name") return fmt.Errorf("empty bucket name")
} }
err = verifyS3BucketName(*bucketName)
if err != nil {
return err
}
err = commandEnv.WithFilerClient(false, func(client filer_pb.SeaweedFilerClient) error { err = commandEnv.WithFilerClient(false, func(client filer_pb.SeaweedFilerClient) error {
resp, err := client.GetFilerConfiguration(context.Background(), &filer_pb.GetFilerConfigurationRequest{}) resp, err := client.GetFilerConfiguration(context.Background(), &filer_pb.GetFilerConfigurationRequest{})
@ -78,3 +86,35 @@ func (c *commandS3BucketCreate) Do(args []string, commandEnv *CommandEnv, writer
return err return err
} }
// https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html
func verifyS3BucketName(name string) (err error) {
if len(name) < 3 || len(name) > 63 {
return fmt.Errorf("bucket name must between [3, 63] characters")
}
for idx, ch := range name {
if !(unicode.IsLower(ch) || ch == '.' || ch == '-' || unicode.IsNumber(ch)) {
return fmt.Errorf("bucket name can only contain lower case characters, numbers, dots, and hyphens")
}
if idx > 0 && (ch == '.' && name[idx-1] == '.') {
return fmt.Errorf("bucket names must not contain two adjacent periods")
}
//TODO buckets with s3 transfer accleration cannot have . in name
}
if name[0] == '.' || name[0] == '-' {
return fmt.Errorf("name must start with number or lower case character")
}
if name[len(name)-1] == '.' || name[len(name)-1] == '-' {
return fmt.Errorf("name must end with number or lower case character")
}
if strings.HasPrefix(name, "xn--") {
return fmt.Errorf("prefix xn-- is a reserved and not allowed in bucket prefix")
}
if strings.HasSuffix(name, "-s3alias") {
return fmt.Errorf("suffix -s3alias is a reserved and not allowed in bucket suffix")
}
if net.ParseIP(name) != nil {
return fmt.Errorf("bucket name cannot be ip addresses")
}
return nil
}

19
weed/shell/command_s3_bucket_create_test.go Normal file
View File

@ -0,0 +1,19 @@
package shell
import (
"github.com/stretchr/testify/assert"
"testing"
)
func Test_verifyBucketName(t *testing.T) {
invalidS3BucketNames := []string{"A9325325b", "123.12.153.10", "abc214..2", "d", ".ewfs3253543", "grehtrry-", "----------", "x@fdsgr032"}
for _, invalidName := range invalidS3BucketNames {
err := verifyS3BucketName(invalidName)
assert.NotNil(t, err)
}
validS3BucketName := []string{"a9325325b", "999.12.153.10", "abc214.2", "3d3d3d", "ewfs3253543", "grehtrry-a", "0----------0", "xafdsgr032"}
for _, invalidName := range validS3BucketName {
err := verifyS3BucketName(invalidName)
assert.Nil(t, err)
}
}