jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

start using vhost style for accessing s3 style storage

Browse Source 
if bucket name has a '.', accept self-signed

fixes #680
This commit is contained in:
Girish Ramakrishnan
2020-05-27 17:33:59 -07:00
parent f7c406bec9
commit 4a0a934a76
3 changed files with 31 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
src/storage/s3.js
View File

@@ -54,7 +54,7 @@ function getS3Config(apiConfig, callback) {
var credentials = {
signatureVersion: apiConfig.signatureVersion || 'v4',
s3ForcePathStyle: true, // Force use path-style url (http://endpoint/bucket/path) instead of host-style (http://bucket.endpoint/path)
s3ForcePathStyle: false, // Use vhost style instead of path style - https://forums.aws.amazon.com/ann.jspa?annID=6776
accessKeyId: apiConfig.accessKeyId,
secretAccessKey: apiConfig.secretAccessKey,
region: apiConfig.region || 'us-east-1',
@@ -70,8 +70,14 @@ function getS3Config(apiConfig, callback) {
if (apiConfig.endpoint) credentials.endpoint = apiConfig.endpoint;
if (apiConfig.acceptSelfSignedCerts === true && credentials.endpoint && credentials.endpoint.startsWith('https://')) {
credentials.httpOptions.agent = new https.Agent({ rejectUnauthorized: false });
if (apiConfig.s3ForcePathStyle === true) credentials.s3ForcePathStyle = true;
// s3 endpoint names come from the SDK
const isHttps = (credentials.endpoint && credentials.endpoint.startsWith('https://')) || apiConfig.provider === 's3';
if (isHttps) { // only set agent for https calls. otherwise, it crashes
if (apiConfig.acceptSelfSignedCerts || apiConfig.bucket.includes('.')) {
credentials.httpOptions.agent = new https.Agent({ rejectUnauthorized: false });
}
}
callback(null, credentials);
}
@@ -419,12 +425,13 @@ function testConfig(apiConfig, callback) {
// names must be lowercase and start with a letter or number. can contain dashes
if (apiConfig.bucket.includes('_') || apiConfig.bucket.match(/[A-Z]/)) return callback(new BoxError(BoxError.BAD_FIELD, 'bucket name cannot contain "_" or capitals', { field: 'bucket' }));
if (apiConfig.bucket.includes('.')) return callback(new BoxError(BoxError.BAD_FIELD, 'Use of bucket names with "." is discouraged. Use the "S3 API Compatible" provider and accept self-signed certificate if you really need this', { field: 'bucket' }));
if (typeof apiConfig.prefix !== 'string') return callback(new BoxError(BoxError.BAD_FIELD, 'prefix must be a string', { field: 'prefix' }));
if ('signatureVersion' in apiConfig && typeof apiConfig.signatureVersion !== 'string') return callback(new BoxError(BoxError.BAD_FIELD, 'signatureVersion must be a string', { field: 'signatureVersion' }));
if ('endpoint' in apiConfig && typeof apiConfig.endpoint !== 'string') return callback(new BoxError(BoxError.BAD_FIELD, 'endpoint must be a string', { field: 'endpoint' }));
if ('acceptSelfSignedCerts' in apiConfig && typeof apiConfig.acceptSelfSignedCerts !== 'boolean') return callback(new BoxError(BoxError.BAD_FIELD, 'acceptSelfSignedCerts must be a boolean', { field: 'acceptSelfSignedCerts' }));
if ('s3ForcePathStyle' in apiConfig && typeof apiConfig.s3ForcePathStyle !== 'boolean') return callback(new BoxError(BoxError.BAD_FIELD, 's3ForcePathStyle must be a boolean', { field: 's3ForcePathStyle' }));
// attempt to upload and delete a file with new credentials
getS3Config(apiConfig, function (error, credentials) {
if (error) return callback(error);