]> git-server-git.apps.pok.os.sepia.ceph.com Git - ceph.git/commit
projects / ceph.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 98e153f) | patch
rgw: get_v4_canonical_request_hash doesn't depend on req_state anymore.
authorRadoslaw Zarzynski <rzarzynski@mirantis.com>
Thu, 13 Apr 2017 15:12:43 +0000 (17:12 +0200)
committerRadoslaw Zarzynski <rzarzynski@mirantis.com>
Wed, 7 Jun 2017 10:43:15 +0000 (12:43 +0200)
commitc9afd24940dfefa19f94c8983045e1c3b032d45d
tree93510c19e569e6c1cdbb44b6f6bd9c6c3309e26atree | snapshot
parent98e153fe8b7e4b1fdbb8bd6211dfec32de0aaccfcommit | diff
rgw: get_v4_canonical_request_hash doesn't depend on req_state anymore.

In AWSv4 the hash of real, transfered payload IS NOT necessary to form
a Canonical Request, and thus verify a Signature. x-amz-content-sha256
header lets get the information very early -- before seeing first byte
of HTTP body. As a consequence, we can decouple Signature verification
from payload's fingerprint check. Although RadosGW doesn't do that for
now, the situation will definitely change in the future.

Signed-off-by: Radoslaw Zarzynski <rzarzynski@mirantis.com>
src/rgw/rgw_auth_s3.cc diff | blob | history
src/rgw/rgw_auth_s3.h diff | blob | history
src/rgw/rgw_rest_s3.cc diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.