Skip to content

Commit

Permalink
allow bootstrapping to validate internode tokens (#16853)
Browse files Browse the repository at this point in the history
  • Loading branch information
harshavardhana committed Mar 20, 2023
1 parent 09c7336 commit 3b5dbf9
Show file tree
Hide file tree
Showing 2 changed files with 25 additions and 10 deletions.
25 changes: 20 additions & 5 deletions cmd/bootstrap-peer-server.go
Original file line number Diff line number Diff line change
Expand Up @@ -101,10 +101,14 @@ func (s1 ServerSystemConfig) Diff(s2 ServerSystemConfig) error {
}

var skipEnvs = map[string]struct{}{
"MINIO_OPTS": {},
"MINIO_CERT_PASSWD": {},
"MINIO_SERVER_DEBUG": {},
"MINIO_DSYNC_TRACE": {},
"MINIO_OPTS": {},
"MINIO_CERT_PASSWD": {},
"MINIO_SERVER_DEBUG": {},
"MINIO_DSYNC_TRACE": {},
"MINIO_ROOT_USER": {},
"MINIO_ROOT_PASSWORD": {},
"MINIO_ACCESS_KEY": {},
"MINIO_SECRET_KEY": {},
}

func getServerSystemCfg() ServerSystemConfig {
Expand All @@ -118,19 +122,30 @@ func getServerSystemCfg() ServerSystemConfig {
if _, ok := skipEnvs[envK]; ok {
continue
}
envValues[envK] = env.Get(envK, "")
envValues[envK] = logger.HashString(env.Get(envK, ""))
}
return ServerSystemConfig{
MinioEndpoints: globalEndpoints,
MinioEnv: envValues,
}
}

func (b *bootstrapRESTServer) writeErrorResponse(w http.ResponseWriter, err error) {
w.WriteHeader(http.StatusForbidden)
w.Write([]byte(err.Error()))
}

// HealthHandler returns success if request is valid
func (b *bootstrapRESTServer) HealthHandler(w http.ResponseWriter, r *http.Request) {}

func (b *bootstrapRESTServer) VerifyHandler(w http.ResponseWriter, r *http.Request) {
ctx := newContext(r, w, "VerifyHandler")

if err := storageServerRequestValidate(r); err != nil {
b.writeErrorResponse(w, err)
return
}

cfg := getServerSystemCfg()
logger.LogIf(ctx, json.NewEncoder(w).Encode(&cfg))
}
Expand Down
10 changes: 5 additions & 5 deletions internal/logger/logger.go
Original file line number Diff line number Diff line change
Expand Up @@ -231,8 +231,8 @@ func getTrace(traceLevel int) []string {
return trace
}

// Return the highway hash of the passed string
func hashString(input string) string {
// HashString - return the highway hash of the passed string
func HashString(input string) string {
hh, _ := highwayhash.New(magicHighwayHash256Key)
hh.Write([]byte(input))
return hex.EncodeToString(hh.Sum(nil))
Expand Down Expand Up @@ -328,9 +328,9 @@ func errToEntry(ctx context.Context, err error, errKind ...interface{}) log.Entr
}

if anonFlag {
entry.API.Args.Bucket = hashString(entry.API.Args.Bucket)
entry.API.Args.Object = hashString(entry.API.Args.Object)
entry.RemoteHost = hashString(entry.RemoteHost)
entry.API.Args.Bucket = HashString(entry.API.Args.Bucket)
entry.API.Args.Object = HashString(entry.API.Args.Object)
entry.RemoteHost = HashString(entry.RemoteHost)
entry.Trace.Message = reflect.TypeOf(err).String()
entry.Trace.Variables = make(map[string]interface{})
}
Expand Down

0 comments on commit 3b5dbf9

Please sign in to comment.