gsh-digital-services/seaweedFS
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ADHOC: s3 bucket name verification (#4189)

Browse Source 
* ADHOC: s3 bucket name verification

* add test
This commit is contained in:
Eric Yang
2023-02-07 14:37:29 -08:00
committed by GitHub
parent d5f77706a8
commit 5083429704
2 changed files with 59 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
weed/shell/command_s3_bucket_create.go
View File

@@ -5,8 +5,11 @@ import (
"flag"
"fmt"
"io"
"net"
"os"
"strings"
"time"
"unicode"
"github.com/seaweedfs/seaweedfs/weed/pb/filer_pb"
)
@@ -42,6 +45,11 @@ func (c *commandS3BucketCreate) Do(args []string, commandEnv *CommandEnv, writer
return fmt.Errorf("empty bucket name")
}
err = verifyS3BucketName(*bucketName)
if err != nil {
return err
}
err = commandEnv.WithFilerClient(false, func(client filer_pb.SeaweedFilerClient) error {
resp, err := client.GetFilerConfiguration(context.Background(), &filer_pb.GetFilerConfigurationRequest{})
@@ -78,3 +86,35 @@ func (c *commandS3BucketCreate) Do(args []string, commandEnv *CommandEnv, writer
return err
}
// https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html
func verifyS3BucketName(name string) (err error) {
if len(name) < 3 || len(name) > 63 {
return fmt.Errorf("bucket name must between [3, 63] characters")
}
for idx, ch := range name {
if !(unicode.IsLower(ch) || ch == '.' || ch == '-' || unicode.IsNumber(ch)) {
return fmt.Errorf("bucket name can only contain lower case characters, numbers, dots, and hyphens")
}
if idx > 0 && (ch == '.' && name[idx-1] == '.') {
return fmt.Errorf("bucket names must not contain two adjacent periods")
}
//TODO buckets with s3 transfer accleration cannot have . in name
}
if name[0] == '.' || name[0] == '-' {
return fmt.Errorf("name must start with number or lower case character")
}
if name[len(name)-1] == '.' || name[len(name)-1] == '-' {
return fmt.Errorf("name must end with number or lower case character")
}
if strings.HasPrefix(name, "xn--") {
return fmt.Errorf("prefix xn-- is a reserved and not allowed in bucket prefix")
}
if strings.HasSuffix(name, "-s3alias") {
return fmt.Errorf("suffix -s3alias is a reserved and not allowed in bucket suffix")
}
if net.ParseIP(name) != nil {
return fmt.Errorf("bucket name cannot be ip addresses")
}
return nil
}