Release v0.3.6
New Features
- Server-Side Encryption (SSE) Support
- SSE-C: Supply your own AES-256 encryption key via request headers for PutObject, GetObject, HeadObject, and Multipart Upload
- SSE-S3 (bucket-Level Encryption): Enable encryption at the bucket level — data is automatically encrypted/decrypted server-side
- Encryption is transparent on read; encrypted data is decrypted before being returned
- Gzip Compression Support for PutObject and Multipart Upload
- Server now accepts gzip-compressed request bodies via Content-Encoding: gzip header for PutObject and UploadPart requests
- Supports both fixed-length and chunked transfer encoding with gzip
- Compatible with RDMA transport — gzip-compressed payloads over RDMA are decompressed automatically
- s3file CLI Improvements
- Ctrl+C cancellation: In-flight S3 API calls now abort gracefully when pressing Ctrl+C, with proper cancellation messages
- Interactive mode enhancements: Revamped navigation, UI, and object browsing experience
- S3FS mode: New interactive filesystem-like interface for browsing and manipulating objects
- Silent command mode: Optimized output for non-interactive script usage
Improvements
- S3 Signature Verification Enhanced
- region and service are now parsed from the Authorization header's Credential field, enabling cross-region request support
- Public Bucket Access Fix
- Fixed a regression where normal S3 GetObject requests to public buckets would fail due to an incorrectly set publicAccess attribute
- Multipart Upload Improvements
- CompleteMultipartUpload now returns the actual CRC-based ETag instead of the upload ID
- ETag consistency enforced across upload parts for SSE-C — the same key must be used for all parts and completion
- Input Validation
- Bucket names now strictly enforce S3 naming conventions (length 3–63, lowercase only, IP address exclusion, reserved prefix checks)
- Object keys validated for length (max 1024 bytes), UTF-8 validity, and control character rejection
- Usernames validated for length, reserved words, and allowed character patterns
- Better Error Responses
- Invalid bucket creation date now returns a proper HTTP 500 instead of a server panic
- NoSuchUpload returns proper XML-formatted error responses for ListParts
- ListObjects Pagination Fix
- Fixed nextMarker / nextContinuationToken logic for delimited listing (ListObjectsV1/V2) to correctly indicate truncation
- Potential Bug Fix
- Fixed 50+ potential issues reported by AI code review.
Web Admin Console
- Bucket management: Added encryption toggle in create/edit forms and list view
- Object list: Major UI overhaul with improved navigation and display
- User management: Enhanced password change, profile, and access key management pages
Upgrade Notes
- Schema migration required: New columns added to buckets, object_md, object_v_md, and multipart_uploads tables
- SSE-C follows the standard S3 protocol — no special SDK required on the client side