goto done_err;
/* STAT ops don't need data, and do no i/o */
- if ((get_type() == RGW_OP_STAT_OBJ) ||
- (get_type() == RGW_OP_GET_OBJ_ATTRS)) {
+ if (get_type() == RGW_OP_STAT_OBJ) {
return;
}
if (s->info.env->exists("HTTP_X_RGW_AUTH")) {
return 0;
} /* RGWGetObjAttrs_ObjStore_S3::get_params(...) */
+int RGWGetObjAttrs_ObjStore_S3::get_decrypt_filter(
+ std::unique_ptr<RGWGetObj_Filter> *filter,
+ RGWGetObj_Filter* cb, bufferlist* manifest_bl)
+{
+ // we aren't actually decrypting the data, but for objects encrypted with
+ // SSE-C we do need to verify that required headers are present and valid
+ //
+ // in the SSE-KMS and SSE-S3 cases, this unfortunately causes us to fetch
+ // decryption keys which we don't need :(
+ std::unique_ptr<BlockCrypt> block_crypt; // ignored
+ std::map<std::string, std::string> crypt_http_responses; // ignored
+ return rgw_s3_prepare_decrypt(s, s->yield, attrs, &block_crypt,
+ crypt_http_responses);
+}
+
void RGWGetObjAttrs_ObjStore_S3::send_response()
{
if (op_ret)
~RGWGetObjAttrs_ObjStore_S3() override {}
int get_params(optional_yield y) override;
+ int get_decrypt_filter(std::unique_ptr<RGWGetObj_Filter>* filter,
+ RGWGetObj_Filter* cb,
+ bufferlist* manifest_bl) override;
void send_response() override;
};
projects / ceph.git / commitdiff