gsh-digital-services/seaweedFS
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4fd974b16b3ceed9dee3d05daa5cdaf191e44ef3
seaweedFS/weed/s3api/s3_validation_utils.go
Chris Lu 995dfc4d5d chore: remove ~50k lines of unreachable dead code (#8913) 
* chore: remove unreachable dead code across the codebase

Remove ~50,000 lines of unreachable code identified by static analysis.

Major removals:
- weed/filer/redis_lua: entire unused Redis Lua filer store implementation
- weed/wdclient/net2, resource_pool: unused connection/resource pool packages
- weed/plugin/worker/lifecycle: unused lifecycle plugin worker
- weed/s3api: unused S3 policy templates, presigned URL IAM, streaming copy,
  multipart IAM, key rotation, and various SSE helper functions
- weed/mq/kafka: unused partition mapping, compression, schema, and protocol functions
- weed/mq/offset: unused SQL storage and migration code
- weed/worker: unused registry, task, and monitoring functions
- weed/query: unused SQL engine, parquet scanner, and type functions
- weed/shell: unused EC proportional rebalance functions
- weed/storage/erasure_coding/distribution: unused distribution analysis functions
- Individual unreachable functions removed from 150+ files across admin,
  credential, filer, iam, kms, mount, mq, operation, pb, s3api, server,
  shell, storage, topology, and util packages

* fix(s3): reset shared memory store in IAM test to prevent flaky failure

TestLoadIAMManagerFromConfig_EmptyConfigWithFallbackKey was flaky because
the MemoryStore credential backend is a singleton registered via init().
Earlier tests that create anonymous identities pollute the shared store,
causing LookupAnonymous() to unexpectedly return true.

Fix by calling Reset() on the memory store before the test runs.

* style: run gofmt on changed files

* fix: restore KMS functions used by integration tests

* fix(plugin): prevent panic on send to closed worker session channel

The Plugin.sendToWorker method could panic with "send on closed channel"
when a worker disconnected while a message was being sent. The race was
between streamSession.close() closing the outgoing channel and sendToWorker
writing to it concurrently.

Add a done channel to streamSession that is closed before the outgoing
channel, and check it in sendToWorker's select to safely detect closed
sessions without panicking.
2026-04-03 16:04:27 -07:00

93 lines
2.7 KiB
Go
Raw Blame History

package s3api
import (
"fmt"
"strings"
"github.com/seaweedfs/seaweedfs/weed/s3api/s3_constants"
)
// isValidKMSKeyID performs basic validation of KMS key identifiers.
// Following Minio's approach: be permissive and accept any reasonable key format.
// Only reject keys with leading/trailing spaces or other obvious issues.
//
// This function is used across multiple S3 API handlers to ensure consistent
// validation of KMS key IDs in various contexts (bucket encryption, object operations, etc.).
func isValidKMSKeyID(keyID string) bool {
// Reject empty keys
if keyID == "" {
return false
}
// Following Minio's validation: reject keys with leading/trailing spaces
if strings.HasPrefix(keyID, " ") || strings.HasSuffix(keyID, " ") {
return false
}
// Also reject keys with internal spaces (common sense validation)
if strings.Contains(keyID, " ") {
return false
}
// Reject keys with control characters or newlines
if strings.ContainsAny(keyID, "\t\n\r\x00") {
return false
}
// Accept any reasonable length key (be permissive for various KMS providers)
if len(keyID) > 0 && len(keyID) <= s3_constants.MaxKMSKeyIDLength {
return true
}
return false
}
// ValidateIV validates that an initialization vector has the correct length for AES encryption
func ValidateIV(iv []byte, name string) error {
if len(iv) != s3_constants.AESBlockSize {
return fmt.Errorf("invalid %s length: expected %d bytes, got %d", name, s3_constants.AESBlockSize, len(iv))
}
return nil
}
// ValidateSSEKMSKey validates that an SSE-KMS key is not nil and has required fields
func ValidateSSEKMSKey(sseKey *SSEKMSKey) error {
if sseKey == nil {
return fmt.Errorf("SSE-KMS key cannot be nil")
}
return nil
}
// ValidateSSES3Key validates that an SSE-S3 key has valid structure and contents
func ValidateSSES3Key(sseKey *SSES3Key) error {
if sseKey == nil {
return fmt.Errorf("SSE-S3 key cannot be nil")
}
// Validate key bytes
if sseKey.Key == nil {
return fmt.Errorf("SSE-S3 key bytes cannot be nil")
}
if len(sseKey.Key) != SSES3KeySize {
return fmt.Errorf("invalid SSE-S3 key size: expected %d bytes, got %d", SSES3KeySize, len(sseKey.Key))
}
// Validate algorithm
if sseKey.Algorithm != SSES3Algorithm {
return fmt.Errorf("invalid SSE-S3 algorithm: expected %q, got %q", SSES3Algorithm, sseKey.Algorithm)
}
// Validate key ID (should not be empty)
if sseKey.KeyID == "" {
return fmt.Errorf("SSE-S3 key ID cannot be empty")
}
// IV validation is optional during key creation - it will be set during encryption
// If IV is set, validate its length
if len(sseKey.IV) > 0 && len(sseKey.IV) != s3_constants.AESBlockSize {
return fmt.Errorf("invalid SSE-S3 IV length: expected %d bytes, got %d", s3_constants.AESBlockSize, len(sseKey.IV))
}
return nil
}
Reference in New Issue View Git Blame Copy Permalink