]> git.apps.os.sepia.ceph.com Git - ceph.git/commitdiff
projects / ceph.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d79e618)
rgw/auth: Fix the return code returned by AuthStrategy, 52510/head
authorPritha Srivastava <prsrivas@redhat.com>
Thu, 20 Jul 2023 06:05:09 +0000 (11:35 +0530)
committerPritha Srivastava <prsrivas@redhat.com>
Tue, 8 Aug 2023 03:57:48 +0000 (09:27 +0530)
in case of LocalEngine authentication, when the previous
auth engine is Not Applicable. The error code now returned
is the one returned by LocalEngine.

fixes: https://tracker.ceph.com/issues/61916

Signed-off-by: Pritha Srivastava <prsrivas@redhat.com>
src/rgw/rgw_auth.cc patch | blob | history
src/rgw/rgw_rest_s3.cc patch | blob | history

diff --git a/src/rgw/rgw_auth.cc b/src/rgw/rgw_auth.cc
index 2c61b8361a2bbdbf4db75dbcdf71cf3c059dcb70..7be6518514e85b88eb1569da739a7f99adb75c2c 100644 (file)
--- a/src/rgw/rgw_auth.cc
+++ b/src/rgw/rgw_auth.cc
@@ -172,7 +172,7 @@ strategy_handle_rejected(rgw::auth::Engine::result_t&& engine_result,
 
     case Control::FALLBACK:
       /* Don't try next. */
-      return std::make_pair(false, std::move(strategy_result));
+      return std::make_pair(false, std::move(engine_result));
 
     default:
       /* Huh, memory corruption? */
diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc
index 5fec4ca9b9bdd981344e1fc35f1a6ba25b98e646..21f0a4754517f1f6ce0fd2ee16b49a14ea9eaa0f 100644 (file)
--- a/src/rgw/rgw_rest_s3.cc
+++ b/src/rgw/rgw_rest_s3.cc
@@ -6237,7 +6237,7 @@ rgw::auth::s3::LocalEngine::authenticate(
   if (driver->get_user_by_access_key(dpp, access_key_id, y, &user) < 0) {
       ldpp_dout(dpp, 5) << "error reading user info, uid=" << access_key_id
               << " can't authenticate" << dendl;
-      return result_t::deny(-ERR_INVALID_ACCESS_KEY);
+      return result_t::reject(-ERR_INVALID_ACCESS_KEY);
   }
   //TODO: Uncomment, when we have a migration plan in place.
   /*else {
@@ -6251,7 +6251,7 @@ rgw::auth::s3::LocalEngine::authenticate(
   const auto iter = user->get_info().access_keys.find(access_key_id);
   if (iter == std::end(user->get_info().access_keys)) {
     ldpp_dout(dpp, 0) << "ERROR: access key not encoded in user info" << dendl;
-    return result_t::deny(-EPERM);
+    return result_t::reject(-EPERM);
   }
   const RGWAccessKey& k = iter->second;
 
@@ -6267,7 +6267,7 @@ rgw::auth::s3::LocalEngine::authenticate(
   ldpp_dout(dpp, 15) << "compare=" << compare << dendl;
 
   if (compare != 0) {
-    return result_t::deny(-ERR_SIGNATURE_NO_MATCH);
+    return result_t::reject(-ERR_SIGNATURE_NO_MATCH);
   }
 
   auto apl = apl_factory->create_apl_local(cct, s, user->get_info(),
Unnamed repository; edit this file 'description' to name the repository.