Skip to content

Commit

Permalink
allow bootstrapping to validate internode tokens (#16853)
Browse files Browse the repository at this point in the history
  • Loading branch information
@harshavardhana
harshavardhana committed Mar 20, 2023
1 parent 09c7336 commit 3b5dbf9
Show file tree
Hide file tree
Showing 2 changed files with 25 additions and 10 deletions.
25 changes: 20 additions & 5 deletions cmd/bootstrap-peer-server.go
View file
Expand Up @@ -101,10 +101,14 @@ func (s1 ServerSystemConfig) Diff(s2 ServerSystemConfig) error {
} }


var skipEnvs = map[string]struct{}{ var skipEnvs = map[string]struct{}{
"MINIO_OPTS": {}, "MINIO_OPTS": {},
"MINIO_CERT_PASSWD": {}, "MINIO_CERT_PASSWD": {},
"MINIO_SERVER_DEBUG": {}, "MINIO_SERVER_DEBUG": {},
"MINIO_DSYNC_TRACE": {}, "MINIO_DSYNC_TRACE": {},
"MINIO_ROOT_USER": {},
"MINIO_ROOT_PASSWORD": {},
"MINIO_ACCESS_KEY": {},
"MINIO_SECRET_KEY": {},
} }


func getServerSystemCfg() ServerSystemConfig { func getServerSystemCfg() ServerSystemConfig {
Expand All @@ -118,19 +122,30 @@ func getServerSystemCfg() ServerSystemConfig {
if _, ok := skipEnvs[envK]; ok { if _, ok := skipEnvs[envK]; ok {
continue continue
} }
envValues[envK] = env.Get(envK, "") envValues[envK] = logger.HashString(env.Get(envK, ""))
} }
return ServerSystemConfig{ return ServerSystemConfig{
MinioEndpoints: globalEndpoints, MinioEndpoints: globalEndpoints,
MinioEnv: envValues, MinioEnv: envValues,
} }
} }


func (b *bootstrapRESTServer) writeErrorResponse(w http.ResponseWriter, err error) {
w.WriteHeader(http.StatusForbidden)
w.Write([]byte(err.Error()))
}

// HealthHandler returns success if request is valid // HealthHandler returns success if request is valid
func (b *bootstrapRESTServer) HealthHandler(w http.ResponseWriter, r *http.Request) {} func (b *bootstrapRESTServer) HealthHandler(w http.ResponseWriter, r *http.Request) {}


func (b *bootstrapRESTServer) VerifyHandler(w http.ResponseWriter, r *http.Request) { func (b *bootstrapRESTServer) VerifyHandler(w http.ResponseWriter, r *http.Request) {
ctx := newContext(r, w, "VerifyHandler") ctx := newContext(r, w, "VerifyHandler")

if err := storageServerRequestValidate(r); err != nil {
b.writeErrorResponse(w, err)
return
}

cfg := getServerSystemCfg() cfg := getServerSystemCfg()
logger.LogIf(ctx, json.NewEncoder(w).Encode(&cfg)) logger.LogIf(ctx, json.NewEncoder(w).Encode(&cfg))
} }
Expand Down
10 changes: 5 additions & 5 deletions internal/logger/logger.go
View file
Expand Up @@ -231,8 +231,8 @@ func getTrace(traceLevel int) []string {
return trace return trace
} }


// Return the highway hash of the passed string // HashString - return the highway hash of the passed string
func hashString(input string) string { func HashString(input string) string {
hh, _ := highwayhash.New(magicHighwayHash256Key) hh, _ := highwayhash.New(magicHighwayHash256Key)
hh.Write([]byte(input)) hh.Write([]byte(input))
return hex.EncodeToString(hh.Sum(nil)) return hex.EncodeToString(hh.Sum(nil))
Expand Down Expand Up @@ -328,9 +328,9 @@ func errToEntry(ctx context.Context, err error, errKind ...interface{}) log.Entr
} }


if anonFlag { if anonFlag {
entry.API.Args.Bucket = hashString(entry.API.Args.Bucket) entry.API.Args.Bucket = HashString(entry.API.Args.Bucket)
entry.API.Args.Object = hashString(entry.API.Args.Object) entry.API.Args.Object = HashString(entry.API.Args.Object)
entry.RemoteHost = hashString(entry.RemoteHost) entry.RemoteHost = HashString(entry.RemoteHost)
entry.Trace.Message = reflect.TypeOf(err).String() entry.Trace.Message = reflect.TypeOf(err).String()
entry.Trace.Variables = make(map[string]interface{}) entry.Trace.Variables = make(map[string]interface{})
} }
Expand Down

0 comments on commit 3b5dbf9

Please sign in to comment.