diff options
Diffstat (limited to 'weed/server/filer_server_handlers_write_autochunk.go')
| -rw-r--r-- | weed/server/filer_server_handlers_write_autochunk.go | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/weed/server/filer_server_handlers_write_autochunk.go b/weed/server/filer_server_handlers_write_autochunk.go index 76e320908..0d6462c11 100644 --- a/weed/server/filer_server_handlers_write_autochunk.go +++ b/weed/server/filer_server_handlers_write_autochunk.go @@ -3,6 +3,7 @@ package weed_server import ( "bytes" "context" + "encoding/base64" "errors" "fmt" "io" @@ -336,6 +337,37 @@ func (fs *FilerServer) saveMetaData(ctx context.Context, r *http.Request, fileNa } } + // Process SSE metadata headers sent by S3 API and store in entry extended metadata + if sseIVHeader := r.Header.Get(s3_constants.SeaweedFSSSEIVHeader); sseIVHeader != "" { + // Decode base64-encoded IV and store in metadata + if ivData, err := base64.StdEncoding.DecodeString(sseIVHeader); err == nil { + entry.Extended[s3_constants.SeaweedFSSSEIV] = ivData + glog.V(4).Infof("Stored SSE-C IV metadata for %s", entry.FullPath) + } else { + glog.Errorf("Failed to decode SSE-C IV header for %s: %v", entry.FullPath, err) + } + } + + // Store SSE-C algorithm and key MD5 for proper S3 API response headers + if sseAlgorithm := r.Header.Get(s3_constants.AmzServerSideEncryptionCustomerAlgorithm); sseAlgorithm != "" { + entry.Extended[s3_constants.AmzServerSideEncryptionCustomerAlgorithm] = []byte(sseAlgorithm) + glog.V(4).Infof("Stored SSE-C algorithm metadata for %s", entry.FullPath) + } + if sseKeyMD5 := r.Header.Get(s3_constants.AmzServerSideEncryptionCustomerKeyMD5); sseKeyMD5 != "" { + entry.Extended[s3_constants.AmzServerSideEncryptionCustomerKeyMD5] = []byte(sseKeyMD5) + glog.V(4).Infof("Stored SSE-C key MD5 metadata for %s", entry.FullPath) + } + + if sseKMSHeader := r.Header.Get(s3_constants.SeaweedFSSSEKMSKeyHeader); sseKMSHeader != "" { + // Decode base64-encoded KMS metadata and store + if kmsData, err := base64.StdEncoding.DecodeString(sseKMSHeader); err == nil { + entry.Extended[s3_constants.SeaweedFSSSEKMSKey] = kmsData + glog.V(4).Infof("Stored SSE-KMS metadata for %s", entry.FullPath) + } else { + glog.Errorf("Failed to decode SSE-KMS metadata header for %s: %v", entry.FullPath, err) + } + } + dbErr := fs.filer.CreateEntry(ctx, entry, false, false, nil, skipCheckParentDirEntry(r), so.MaxFileNameLength) // In test_bucket_listv2_delimiter_basic, the valid object key is the parent folder if dbErr != nil && strings.HasSuffix(dbErr.Error(), " is a file") && isS3Request(r) { @@ -488,6 +520,15 @@ func SaveAmzMetaData(r *http.Request, existing map[string][]byte, isReplace bool } } + // Handle SSE-C headers + if algorithm := r.Header.Get(s3_constants.AmzServerSideEncryptionCustomerAlgorithm); algorithm != "" { + metadata[s3_constants.AmzServerSideEncryptionCustomerAlgorithm] = []byte(algorithm) + } + if keyMD5 := r.Header.Get(s3_constants.AmzServerSideEncryptionCustomerKeyMD5); keyMD5 != "" { + // Store as-is; SSE-C MD5 is base64 and case-sensitive + metadata[s3_constants.AmzServerSideEncryptionCustomerKeyMD5] = []byte(keyMD5) + } + //acp-owner acpOwner := r.Header.Get(s3_constants.ExtAmzOwnerKey) if len(acpOwner) > 0 { |