RegisterPrefix map[string]bool
	// RegisterNumber converts R(10) into arm.REG_R10.
	RegisterNumber func(string, int16) (int16, bool)
	// Instruction is a jump.
	IsJump func(word string) bool
}

// nilRegisterNumber is the register number function for architectures
// that do not accept the R(N) notation. It always returns failure.
func nilRegisterNumber(name string, n int16) (int16, bool) {

	p.addr = p.addr[0:0]
	p.isJump = p.arch.IsJump(word)
	for _, op := range operands {
		addr := p.address(op)
		if !p.isJump && addr.Reg < 0 { // Jumps refer to PC, a pseudo.
			p.errorf("illegal use of pseudo-register in %s", word)
		}
		p.addr = append(p.addr, addr)
	}
	if p.isJump {
		p.asmJump(op, cond, p.addr)
		return
	}
	p.asmInstruction(op, cond, p.addr)

		// non-empty session tokens.
		if (!cred.IsServiceAccount() && !cred.IsTemp()) ||
			cred.SessionToken == "" {
			continue
		}

		var (
			err    error
			claims *jwt.MapClaims
		)

		if cred.IsServiceAccount() {
			claims, err = getClaimsFromTokenWithSecret(cred.SessionToken, cred.SecretKey)
		} else if cred.IsTemp() {
			var secretKey string
			secretKey, err = getTokenSigningKey()

				if u.Credentials.Status == auth.AccountOff {
					return nil, errAccessKeyDisabled
				}
				return nil, errInvalidAccessKeyID
			}
			cred := u.Credentials
			// Expired credentials return error.
			if cred.IsTemp() && cred.IsExpired() {
				return nil, errInvalidAccessKeyID
			}
			return []byte(cred.SecretKey), nil
		} // this means claims.AccessKey == rootAccessKey
		if !globalAPIConfig.permitRootAccess() {

type fileListEntry struct {
	name  string
	file  *File
	isDir bool
	isDup bool
}

type fileInfoDirEntry interface {
	fs.FileInfo
	fs.DirEntry
}

func (f *fileListEntry) stat() (fileInfoDirEntry, error) {
	if f.isDup {
		return nil, errors.New(f.name + ": duplicate entries in zip file")
	}
	if !f.isDir {

	}
}

// guessUserProvider - guesses the user provider based on the access key and claims.
func guessUserProvider(credentials auth.Credentials) string {
	if !credentials.IsServiceAccount() && !credentials.IsTemp() {
		return madmin.BuiltinProvider // regular users are always internal
	}

	claims := credentials.Claims
	if _, ok := claims[ldapUser]; ok {
		return madmin.LDAPProvider // ldap users
	}

		if ui.Credentials.IsTemp() {
			return nil, errAuthentication
		}
		if subtle.ConstantTimeCompare([]byte(ui.Credentials.SecretKey), pass) != 1 {
			return nil, errAuthentication
		}
	}

	copts := map[string]string{
		"AccessKey": ui.Credentials.AccessKey,
		"SecretKey": ui.Credentials.SecretKey,
	}
	if ui.Credentials.IsTemp() {
		copts["SessionToken"] = ui.Credentials.SessionToken

		if err != nil {
			return updatedAt, addedOrRemoved, effectivePolicies, err
		}
	} else {
		var isTemp bool
		isTemp, _, err = sys.IsTempUser(userOrGroup)
		if err != nil && err != errNoSuchUser {
			return updatedAt, addedOrRemoved, effectivePolicies, err
		}
		if isTemp {
			err = errIAMActionNotAllowed
			return updatedAt, addedOrRemoved, effectivePolicies, err
		}

			Creds:           mcreds,
			Secure:          globalIsTLS,
			Transport:       tr,
			TrailingHeaders: true,
		})
	}

	// ok == true - at this point

	if ui.Credentials.IsTemp() {
		// Temporary credentials are not allowed.
		return nil, errAuthentication
	}

	return minio.New(driver.endpoint, &minio.Options{

	return err
}

func batchReplicationOpts(ctx context.Context, sc string, objInfo ObjectInfo) (putOpts minio.PutObjectOptions, isMP bool, err error) {
	// TODO: support custom storage class for remote replication
	putOpts, isMP, err = putReplicationOpts(ctx, "", objInfo)
	if err != nil {
		return putOpts, isMP, err
	}
	putOpts.Internal = minio.AdvancedPutOptions{
		SourceVersionID:    objInfo.VersionID,