From 38a5b726064d32041222da4a5c34fbaafa456da2 Mon Sep 17 00:00:00 2001 From: asonix Date: Tue, 25 Jun 2024 15:34:41 -0500 Subject: [PATCH] Prepare v0.5.17-pre.2 This release fixes configuration for strict object storage implementations --- Cargo.lock | 2 +- Cargo.toml | 2 +- pict-rs.nix | 2 +- pict-rs.toml | 8 -------- releases/0.5.17-pre.2.md | 14 ++++++++++++++ src/config/commandline.rs | 7 ------- src/config/defaults.rs | 7 +------ src/config/file.rs | 8 -------- src/config/primitives.rs | 7 ------- src/store/object_store.rs | 27 ++++++++++++++++++++++----- 10 files changed, 40 insertions(+), 44 deletions(-) create mode 100644 releases/0.5.17-pre.2.md diff --git a/Cargo.lock b/Cargo.lock index 36d2253..bbc51d2 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1971,7 +1971,7 @@ dependencies = [ [[package]] name = "pict-rs" -version = "0.5.17-pre.1" +version = "0.5.17-pre.2" dependencies = [ "actix-form-data", "actix-web", diff --git a/Cargo.toml b/Cargo.toml index a73aba0..b760f72 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,7 +1,7 @@ [package] name = "pict-rs" description = "A simple image hosting service" -version = "0.5.17-pre.1" +version = "0.5.17-pre.2" authors = ["asonix "] license = "AGPL-3.0" readme = "README.md" diff --git a/pict-rs.nix b/pict-rs.nix index 452db2a..3d97aeb 100644 --- a/pict-rs.nix +++ b/pict-rs.nix @@ -11,7 +11,7 @@ rustPlatform.buildRustPackage { pname = "pict-rs"; - version = "0.5.17-pre.1"; + version = "0.5.17-pre.2"; src = ./.; cargoLock = { diff --git a/pict-rs.toml b/pict-rs.toml index e3c09df..1db1c77 100644 --- a/pict-rs.toml +++ b/pict-rs.toml @@ -741,14 +741,6 @@ secret_key = 'SECRET_KEY' # default: empty session_token = 'SESSION_TOKEN' -## Optional: set how long object storage signatures are valid for (in seconds) -# environment variable: PICTRS__STORE__SIGNATURE_DURATION -# default: 15 -# -# This can be useful if your object storage might take a while to process requests. It should not be -# increased more than needed to prevent replay attacks. -signature_duration = 15 - ## Optional: set how long pict-rs will wait (in seconds) for a response from object storage # environment variable: PICTRS__STORE__CLIENT_TIMEOUT # default: 30 diff --git a/releases/0.5.17-pre.2.md b/releases/0.5.17-pre.2.md new file mode 100644 index 0000000..7ce6fbe --- /dev/null +++ b/releases/0.5.17-pre.2.md @@ -0,0 +1,14 @@ +# pict-rs 0.5.17-pre.2 + +pict-rs is a simple image hosting microservice, designed to handle storing and retrieving images, +animations, and videos, as well as providing basic image processing functionality. + +## Overview + +pict-rs 0.5.17-pre.2 fixes bugs with object storage configuration introduced in 0.5.17-pre.1, and +removes unused configuration options. + +## Upgrade Notes + +There are no significant changes from 0.5.17-pre.1. Upgrading should be as simple as pulling a new +version of pict-rs. diff --git a/src/config/commandline.rs b/src/config/commandline.rs index f5f47b1..ca84df3 100644 --- a/src/config/commandline.rs +++ b/src/config/commandline.rs @@ -1490,13 +1490,6 @@ struct ObjectStorage { #[serde(skip_serializing_if = "Option::is_none")] session_token: Option, - /// How long signatures for object storage requests are valid (in seconds) - /// - /// This defaults to 15 seconds - #[arg(long)] - #[serde(skip_serializing_if = "Option::is_none")] - signature_duration: Option, - /// How long a client can wait on an object storage request before giving up (in seconds) /// /// This defaults to 30 seconds diff --git a/src/config/defaults.rs b/src/config/defaults.rs index ed42305..2b61a4c 100644 --- a/src/config/defaults.rs +++ b/src/config/defaults.rs @@ -201,8 +201,6 @@ pub(super) struct FilesystemDefaults { #[derive(Clone, Debug, serde::Serialize)] #[serde(rename_all = "snake_case")] pub(super) struct ObjectStorageDefaults { - pub(super) signature_duration: u64, - pub(super) client_timeout: u64, } @@ -390,10 +388,7 @@ impl Default for FilesystemDefaults { impl Default for ObjectStorageDefaults { fn default() -> Self { - Self { - signature_duration: 15, - client_timeout: 30, - } + Self { client_timeout: 30 } } } diff --git a/src/config/file.rs b/src/config/file.rs index fd4d00e..354755b 100644 --- a/src/config/file.rs +++ b/src/config/file.rs @@ -81,11 +81,6 @@ pub(crate) struct ObjectStorage { #[serde(skip_serializing_if = "Option::is_none")] pub(crate) session_token: Option, - /// How long signatures for object storage requests are valid (in seconds) - /// - /// This defaults to 15 seconds - pub(crate) signature_duration: u64, - /// How long a client can wait on an object storage request before giving up (in seconds) /// /// This defaults to 30 seconds @@ -107,9 +102,6 @@ impl From for ObjectStorage { access_key: value.access_key, secret_key: value.secret_key, session_token: value.session_token, - signature_duration: value - .signature_duration - .unwrap_or(defaults.signature_duration), client_timeout: value.client_timeout.unwrap_or(defaults.client_timeout), public_endpoint: value.public_endpoint, } diff --git a/src/config/primitives.rs b/src/config/primitives.rs index b1e9dc0..45d706a 100644 --- a/src/config/primitives.rs +++ b/src/config/primitives.rs @@ -191,13 +191,6 @@ pub(crate) struct ObjectStorage { #[serde(skip_serializing_if = "Option::is_none")] pub(crate) session_token: Option, - /// How long signatures for object storage requests are valid (in seconds) - /// - /// This defaults to 15 seconds - #[arg(long)] - #[serde(skip_serializing_if = "Option::is_none")] - pub(crate) signature_duration: Option, - /// How long a client can wait on an object storage request before giving up (in seconds) /// /// This defaults to 30 seconds diff --git a/src/store/object_store.rs b/src/store/object_store.rs index febb650..bf2a42a 100644 --- a/src/store/object_store.rs +++ b/src/store/object_store.rs @@ -20,6 +20,9 @@ const CHUNK_SIZE: usize = 8_388_608; // 8 Mebibytes, min is 5 (5_242_880); #[derive(Debug, thiserror::Error)] pub(crate) enum ObjectError { + #[error("Failed to set the vhost-style bucket name")] + SetHost, + #[error("IO Error")] IO(#[from] std::io::Error), @@ -36,7 +39,9 @@ pub(crate) enum ObjectError { impl ObjectError { pub(super) const fn error_code(&self) -> ErrorCode { match self { - Self::BuildClient(_) | Self::Request(_) => ErrorCode::OBJECT_REQUEST_ERROR, + Self::SetHost | Self::BuildClient(_) | Self::Request(_) => { + ErrorCode::OBJECT_REQUEST_ERROR + } Self::IO(_) => ErrorCode::OBJECT_IO_ERROR, Self::Canceled => ErrorCode::PANIC, } @@ -306,7 +311,7 @@ impl ObjectStore { #[tracing::instrument(skip(access_key, secret_key, session_token))] pub(crate) async fn new( crate::config::ObjectStorage { - endpoint, + mut endpoint, bucket_name, use_path_style, region, @@ -315,7 +320,6 @@ impl ObjectStore { session_token, client_timeout, public_endpoint, - signature_duration: _, }: crate::config::ObjectStorage, ) -> Result { let https = endpoint.scheme() == "https"; @@ -324,10 +328,23 @@ impl ObjectStore { .with_timeout(Duration::from_secs(client_timeout)) .with_allow_http(!https); + let use_vhost_style = !use_path_style; + + if use_vhost_style { + if let Some(host) = endpoint.host() { + if !host.to_string().starts_with(&bucket_name) { + let new_host = format!("{bucket_name}.{host}"); + endpoint + .set_host(Some(&new_host)) + .map_err(|_| ObjectError::SetHost)?; + } + } + } + let builder = AmazonS3Builder::new() - .with_endpoint(endpoint) + .with_endpoint(endpoint.as_str().trim_end_matches('/')) .with_bucket_name(bucket_name) - .with_virtual_hosted_style_request(!use_path_style) + .with_virtual_hosted_style_request(use_vhost_style) .with_region(region) .with_access_key_id(access_key) .with_secret_access_key(secret_key)