golang
/
flannel


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186
							package s3

import (
	"bytes"
	"fmt"
	"net/url"
	"regexp"
	"strings"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/awsutil"
	"github.com/aws/aws-sdk-go/aws/request"
)

// an operationBlacklist is a list of operation names that should a
// request handler should not be executed with.
type operationBlacklist []string

// Continue will return true of the Request's operation name is not
// in the blacklist. False otherwise.
func (b operationBlacklist) Continue(r *request.Request) bool {
	for i := 0; i < len(b); i++ {
		if b[i] == r.Operation.Name {
			return false
		}
	}
	return true
}

var accelerateOpBlacklist = operationBlacklist{
	opListBuckets, opCreateBucket, opDeleteBucket,
}

// Request handler to automatically add the bucket name to the endpoint domain
// if possible. This style of bucket is valid for all bucket names which are
// DNS compatible and do not contain "."
func updateEndpointForS3Config(r *request.Request) {
	forceHostStyle := aws.BoolValue(r.Config.S3ForcePathStyle)
	accelerate := aws.BoolValue(r.Config.S3UseAccelerate)

	if accelerate && accelerateOpBlacklist.Continue(r) {
		if forceHostStyle {
			if r.Config.Logger != nil {
				r.Config.Logger.Log("ERROR: aws.Config.S3UseAccelerate is not compatible with aws.Config.S3ForcePathStyle, ignoring S3ForcePathStyle.")
			}
		}
		updateEndpointForAccelerate(r)
	} else if !forceHostStyle && r.Operation.Name != opGetBucketLocation {
		updateEndpointForHostStyle(r)
	}
}

func updateEndpointForHostStyle(r *request.Request) {
	bucket, ok := bucketNameFromReqParams(r.Params)
	if !ok {
		// Ignore operation requests if the bucketname was not provided
		// if this is an input validation error the validation handler
		// will report it.
		return
	}

	if !hostCompatibleBucketName(r.HTTPRequest.URL, bucket) {
		// bucket name must be valid to put into the host
		return
	}

	moveBucketToHost(r.HTTPRequest.URL, bucket)
}

var (
	accelElem = []byte("s3-accelerate.dualstack.")
)

func updateEndpointForAccelerate(r *request.Request) {
	bucket, ok := bucketNameFromReqParams(r.Params)
	if !ok {
		// Ignore operation requests if the bucketname was not provided
		// if this is an input validation error the validation handler
		// will report it.
		return
	}

	if !hostCompatibleBucketName(r.HTTPRequest.URL, bucket) {
		r.Error = awserr.New("InvalidParameterException",
			fmt.Sprintf("bucket name %s is not compatibile with S3 Accelerate", bucket),
			nil)
		return
	}

	// Change endpoint from s3(-[a-z0-1-])?.amazonaws.com to s3-accelerate.amazonaws.com
	r.HTTPRequest.URL.Host = replaceHostRegion(r.HTTPRequest.URL.Host, "accelerate")

	if aws.BoolValue(r.Config.UseDualStack) {
		host := []byte(r.HTTPRequest.URL.Host)

		// Strip region from hostname
		if idx := bytes.Index(host, accelElem); idx >= 0 {
			start := idx + len(accelElem)
			if end := bytes.IndexByte(host[start:], '.'); end >= 0 {
				end += start + 1
				copy(host[start:], host[end:])
				host = host[:len(host)-(end-start)]
				r.HTTPRequest.URL.Host = string(host)
			}
		}
	}

	moveBucketToHost(r.HTTPRequest.URL, bucket)
}

// Attempts to retrieve the bucket name from the request input parameters.
// If no bucket is found, or the field is empty "", false will be returned.
func bucketNameFromReqParams(params interface{}) (string, bool) {
	b, _ := awsutil.ValuesAtPath(params, "Bucket")
	if len(b) == 0 {
		return "", false
	}

	if bucket, ok := b[0].(*string); ok {
		if bucketStr := aws.StringValue(bucket); bucketStr != "" {
			return bucketStr, true
		}
	}

	return "", false
}

// hostCompatibleBucketName returns true if the request should
// put the bucket in the host. This is false if S3ForcePathStyle is
// explicitly set or if the bucket is not DNS compatible.
func hostCompatibleBucketName(u *url.URL, bucket string) bool {
	// Bucket might be DNS compatible but dots in the hostname will fail
	// certificate validation, so do not use host-style.
	if u.Scheme == "https" && strings.Contains(bucket, ".") {
		return false
	}

	// if the bucket is DNS compatible
	return dnsCompatibleBucketName(bucket)
}

var reDomain = regexp.MustCompile(`^[a-z0-9][a-z0-9\.\-]{1,61}[a-z0-9]$`)
var reIPAddress = regexp.MustCompile(`^(\d+\.){3}\d+$`)

// dnsCompatibleBucketName returns true if the bucket name is DNS compatible.
// Buckets created outside of the classic region MUST be DNS compatible.
func dnsCompatibleBucketName(bucket string) bool {
	return reDomain.MatchString(bucket) &&
		!reIPAddress.MatchString(bucket) &&
		!strings.Contains(bucket, "..")
}

// moveBucketToHost moves the bucket name from the URI path to URL host.
func moveBucketToHost(u *url.URL, bucket string) {
	u.Host = bucket + "." + u.Host
	u.Path = strings.Replace(u.Path, "/{Bucket}", "", -1)
	if u.Path == "" {
		u.Path = "/"
	}
}

const s3HostPrefix = "s3"

// replaceHostRegion replaces the S3 region string in the host with the
// value provided. If v is empty the host prefix returned will be s3.
func replaceHostRegion(host, v string) string {
	if !strings.HasPrefix(host, s3HostPrefix) {
		return host
	}

	suffix := host[len(s3HostPrefix):]
	for i := len(s3HostPrefix); i < len(host); i++ {
		if host[i] == '.' {
			// Trim until '.' leave the it in place.
			suffix = host[i:]
			break
		}
	}

	if len(v) == 0 {
		return fmt.Sprintf("s3%s", suffix)
	}

	return fmt.Sprintf("s3-%s%s", v, suffix)
}