Merge pull request #2184 from sakeven/master

Check whether must use v4 auth in specific aws region ( storage driver s3-goamz )
distribution · Feb 14, 2017 · 62d8d91 · 62d8d91
2 parents b38e583 + 72bdf0e
commit 62d8d91
Showing 1 changed file with 13 additions and 4 deletions.
diff --git a/registry/storage/driver/s3-goamz/s3.go b/registry/storage/driver/s3-goamz/s3.go
@@ -266,10 +266,8 @@ func New(params DriverParameters) (*Driver, error) {
 
 	if params.V4Auth {
 		s3obj.Signature = aws.V4Signature
-	} else {
-		if params.Region.Name == "eu-central-1" {
-			return nil, fmt.Errorf("The eu-central-1 region only works with v4 authentication")
-		}
+	} else if mustV4Auth(params.Region.Name) {
+		return nil, fmt.Errorf("The %s region only works with v4 authentication", params.Region.Name)
 	}
 
 	bucket := s3obj.Bucket(params.Bucket)
@@ -573,6 +571,17 @@ func getPermissions() s3.ACL {
 	return s3.Private
 }
 
+// mustV4Auth checks whether must use v4 auth in specific region.
+// Please see documentation at http://docs.aws.amazon.com/general/latest/gr/signature-version-2.html
+func mustV4Auth(region string) bool {
+	switch region {
+	case "eu-central-1", "cn-north-1", "us-east-2",
+		"ca-central-1", "ap-south-1", "ap-northeast-2", "eu-west-2":
+		return true
+	}
+	return false
+}
+
 func (d *driver) getContentType() string {
 	return "application/octet-stream"
 }