rgw/auth: correcting the error message to indicate

clearly that a pre-signed URL has expired.

Signed-off-by: Pritha Srivastava <prsrivas@redhat.com>

diff --git a/src/rgw/rgw_auth.cc b/src/rgw/rgw_auth.cc
index 7be6518514e85b88eb1569da739a7f99adb75c2c..4b3f33e9c70e87d56daa5254478670d15f197d98 100644 (file)
--- a/src/rgw/rgw_auth.cc
+++ b/src/rgw/rgw_auth.cc
@@ -299,6 +299,11 @@ rgw::auth::Strategy::apply(const DoutPrefixProvider *dpp, const rgw::auth::Strat
        * nullptr inside. */
       ldpp_dout(dpp, 5) << "Failed the auth strategy, reason="
                        << result.get_reason() << dendl;
+      //Special handling for expired pre-signed URL
+      if (result.get_reason() == ERR_PRESIGNED_URL_EXPIRED) {
+        result = result_t::deny(-EPERM);
+        set_req_state_err(s, -EPERM, "The pre-signed URL has expired");
+      }
       return result.get_reason();
     }
 

diff --git a/src/rgw/rgw_auth_s3.cc b/src/rgw/rgw_auth_s3.cc
index 519060f93fb2755d523a2a5f547a3a1d8b6d316c..6f0141ef9415835dd6e57942f5edcbdca9fded7b 100644 (file)
--- a/src/rgw/rgw_auth_s3.cc
+++ b/src/rgw/rgw_auth_s3.cc
@@ -298,15 +298,15 @@ static inline int parse_v4_query_string(const req_info& info,              /* in
      you can set is 1, and the maximum is 604800 (seven days) */
   time_t exp = atoll(expires.data());
   if ((exp < 1) || (exp > 7*24*60*60)) {
-    dout(10) << "NOTICE: exp out of range, exp = " << exp << dendl;
+    dout(10) << "ERROR: exp out of range, exp = " << exp << dendl;
     return -EPERM;
   }
   /* handle expiration in epoch time */
   uint64_t req_sec = (uint64_t)internal_timegm(&date_t);
   uint64_t now = ceph_clock_now();
   if (now >= req_sec + exp) {
-    dout(10) << "NOTICE: now = " << now << ", req_sec = " << req_sec << ", exp = " << exp << dendl;
-    return -EPERM;
+    dout(10) << "ERROR: presigned URL has expired, now = " << now << ", req_sec = " << req_sec << ", exp = " << exp << dendl;
+    return -ERR_PRESIGNED_URL_EXPIRED;
   }
 
   signedheaders = info.args.get("x-amz-signedheaders");

diff --git a/src/rgw/rgw_common.h b/src/rgw/rgw_common.h
index ef9aa5420558285ac61fc0a1040728b6b3228d04..3bf6c4dfac8e9715d1bb26ba130e0f1ca75152a1 100644 (file)
--- a/src/rgw/rgw_common.h
+++ b/src/rgw/rgw_common.h
@@ -306,6 +306,7 @@ static inline const char* to_mime_type(const RGWFormat f)
 #define ERR_OBJECT_NOT_APPENDABLE                        2220
 #define ERR_INVALID_BUCKET_STATE                         2221
 #define ERR_INVALID_OBJECT_STATE                        2222
+#define ERR_PRESIGNED_URL_EXPIRED                       2223
 
 #define ERR_BUSY_RESHARDING      2300
 #define ERR_NO_SUCH_ENTITY       2301