rgw: optimize time skew check

author Bingyin Zhang <zhangbingyin@cloudin.cn>

Thu, 14 Dec 2017 08:03:36 +0000 (16:03 +0800)

committer Bingyin Zhang <zhangbingyin@cloudin.cn>

Thu, 14 Dec 2017 08:43:01 +0000 (16:43 +0800)
author Bingyin Zhang <zhangbingyin@cloudin.cn>
Thu, 14 Dec 2017 08:03:36 +0000 (16:03 +0800)
committer Bingyin Zhang <zhangbingyin@cloudin.cn>
Thu, 14 Dec 2017 08:43:01 +0000 (16:43 +0800)
diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc

index 080c1180d92bc1e3e8c2c14440bd4998cbb5e006..dfd405d654d528f26e7d1b4ac0c82dcc5030ee9f 100644 (file)
--- a/src/rgw/rgw_rest_s3.cc
+++ b/src/rgw/rgw_rest_s3.cc
@@ -3660,16 +3660,15 @@ namespace rgw {
  namespace auth {
  namespace s3 {
  
-bool AWSGeneralAbstractor::is_time_skew_ok(const utime_t& header_time,
-                                           const bool qsr) const
+bool AWSGeneralAbstractor::is_time_skew_ok(const utime_t& header_time) const
  {
    /* Check for time skew first. */
    const time_t req_sec = header_time.sec();
    time_t now;
    time(&now);
  
-  if ((req_sec < now - RGW_AUTH_GRACE_MINS * 60 ||
-       req_sec > now + RGW_AUTH_GRACE_MINS * 60) && !qsr) {
+  if (req_sec < now - RGW_AUTH_GRACE_MINS * 60 ||
+      req_sec > now + RGW_AUTH_GRACE_MINS * 60) {
      ldout(cct, 10) << "req_sec=" << req_sec << " now=" << now
                     << "; now - RGW_AUTH_GRACE_MINS="
                     << now - RGW_AUTH_GRACE_MINS * 60
@@ -3682,9 +3681,9 @@ bool AWSGeneralAbstractor::is_time_skew_ok(const utime_t& header_time,
                     << " req_time=" << header_time
                     << dendl;
      return false;
-  } else {
-    return true;
    }
+
+  return true;
  }
  
  
@@ -3956,7 +3955,7 @@ AWSGeneralAbstractor::get_auth_data_v2(const req_state* const s) const
    ldout(cct, 10) << "string_to_sign:\n"
                   << rgw::crypt_sanitize::auth{s,string_to_sign} << dendl;
  
-  if (! is_time_skew_ok(header_time, qsr)) {
+  if (!qsr && !is_time_skew_ok(header_time)) {
      throw -ERR_REQUEST_TIME_SKEWED;
    }
  
diff --git a/src/rgw/rgw_rest_s3.h b/src/rgw/rgw_rest_s3.h

index 48130d6fcee82da166f26f921af10c4d352d60f2..10c8be185613c0c9bf25f6cae5e0845621e0b837 100644 (file)
--- a/src/rgw/rgw_rest_s3.h
+++ b/src/rgw/rgw_rest_s3.h
@@ -766,8 +766,7 @@ public:
  class AWSGeneralAbstractor : public AWSEngine::VersionAbstractor {
    CephContext* const cct;
  
-  bool is_time_skew_ok(const utime_t& header_time,
-                       const bool qsr) const;
+  bool is_time_skew_ok(const utime_t& header_time) const;
  
    virtual boost::optional<std::string>
    get_v4_canonical_headers(const req_info& info,
author	Bingyin Zhang <zhangbingyin@cloudin.cn>
	Thu, 14 Dec 2017 08:03:36 +0000 (16:03 +0800)
committer	Bingyin Zhang <zhangbingyin@cloudin.cn>
	Thu, 14 Dec 2017 08:43:01 +0000 (16:43 +0800)
src/rgw/rgw_rest_s3.cc		patch \| blob \| history
src/rgw/rgw_rest_s3.h		patch \| blob \| history