This commit is contained in:
Alex Auvolat 2020-07-15 15:37:35 +02:00
parent 1c70552f95
commit 27a0d0d859

View File

@ -82,6 +82,7 @@ pub async fn handle_put(
) )
.await?; .await?;
// Validate MD5 sum against content-md5 header and sha256sum against signed content-sha256
if let Some(expected_sha256) = content_sha256 { if let Some(expected_sha256) = content_sha256 {
if expected_sha256 != sha256sum { if expected_sha256 != sha256sum {
return Err(Error::Message(format!( return Err(Error::Message(format!(
@ -351,12 +352,7 @@ pub async fn handle_put_part(
) )
.await?; .await?;
if let Some(expected_md5) = content_md5 { // Validate MD5 sum against content-md5 header and sha256sum against signed content-sha256
if expected_md5.trim_matches('"') != md5sum {
return Err(Error::Message(format!("Unable to validate content-md5")));
}
}
if let Some(expected_sha256) = content_sha256 { if let Some(expected_sha256) = content_sha256 {
if expected_sha256 != sha256sum { if expected_sha256 != sha256sum {
return Err(Error::Message(format!( return Err(Error::Message(format!(
@ -364,6 +360,11 @@ pub async fn handle_put_part(
))); )));
} }
} }
if let Some(expected_md5) = content_md5 {
if expected_md5.trim_matches('"') != md5sum {
return Err(Error::Message(format!("Unable to validate content-md5")));
}
}
Ok(Response::new(Body::from(vec![]))) Ok(Response::new(Body::from(vec![])))
} }
@ -413,6 +414,8 @@ pub async fn handle_complete_multipart_upload(
}; };
// TODO: check that all the parts that they pretend they gave us are indeed there // TODO: check that all the parts that they pretend they gave us are indeed there
// TODO: when we read the XML from _req, remember to check the sha256 sum of the payload
// against the signed x-amz-content-sha256
// TODO: check MD5 sum of all uploaded parts? but that would mean we have to store them somewhere... // TODO: check MD5 sum of all uploaded parts? but that would mean we have to store them somewhere...
let total_size = version let total_size = version