rgw: further minimise the req_state::aws4_auth shared state.

Signed-off-by: Radoslaw Zarzynski <rzarzynski@mirantis.com>

diff --git a/src/rgw/rgw_common.h b/src/rgw/rgw_common.h
index d36931d64c5686c3b0b46278d5e93f1b5ce6b0dc..eaca8cc3014bfc772eaf75048b02015577842b1a 100644 (file)
--- a/src/rgw/rgw_common.h
+++ b/src/rgw/rgw_common.h
@@ -1696,12 +1696,7 @@ inline ostream& operator<<(ostream& out, const rgw_obj_index_key &o) {
 
 struct rgw_aws4_auth {
   string date;
-  string signed_hdrs;
-  string access_key_id;
   string credential_scope;
-  string canonical_uri;
-  string canonical_qs;
-  string canonical_hdrs;
   string signature;
   string new_signature;
   string seed_signature;

diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc
index a04e278755b2b247632d0609d0edc51fec6d4f01..01c3a52609d707bc99cbabe9a7babb7ee8991a16 100644 (file)
--- a/src/rgw/rgw_rest_s3.cc
+++ b/src/rgw/rgw_rest_s3.cc
@@ -3481,9 +3481,10 @@ int RGW_Auth_S3::authorize_v4(RGWRados *store, struct req_state *s, bool force_b
   }
 
   std::string credential;
+  std::string signed_hdrs;
   int ret = rgw::auth::s3::parse_credentials(s->info,
                                              credential,
-                                             s->aws4_auth->signed_hdrs,
+                                             signed_hdrs,
                                              s->aws4_auth->signature,
                                              s->aws4_auth->date,
                                              using_qs);
@@ -3494,9 +3495,9 @@ int RGW_Auth_S3::authorize_v4(RGWRados *store, struct req_state *s, bool force_b
   /* grab access key id */
 
   pos = credential.find("/");
-  s->aws4_auth->access_key_id = credential.substr(0, pos);
+  const std::string access_key_id = credential.substr(0, pos);
 
-  dout(10) << "access key id = " << s->aws4_auth->access_key_id << dendl;
+  dout(10) << "access key id = " << access_key_id << dendl;
 
   /* grab credential scope */
 
@@ -3506,8 +3507,8 @@ int RGW_Auth_S3::authorize_v4(RGWRados *store, struct req_state *s, bool force_b
 
   /* grab user information */
 
-  if (rgw_get_user_info_by_access_key(store, s->aws4_auth->access_key_id, *s->user) < 0) {
-    dout(10) << "error reading user info, uid=" << s->aws4_auth->access_key_id
+  if (rgw_get_user_info_by_access_key(store, access_key_id, *s->user) < 0) {
+    dout(10) << "error reading user info, uid=" << access_key_id
               << " can't authenticate" << dendl;
     return -ERR_INVALID_ACCESS_KEY;
   }
@@ -3519,22 +3520,21 @@ int RGW_Auth_S3::authorize_v4(RGWRados *store, struct req_state *s, bool force_b
    */
 
   /* craft canonical uri */
-  s->aws4_auth->canonical_uri = rgw::auth::s3::get_v4_canonical_uri(s->info);
+  const auto canonical_uri = rgw::auth::s3::get_v4_canonical_uri(s->info);
 
   /* craft canonical query string */
-  s->aws4_auth->canonical_qs = \
-    rgw::auth::s3::get_v4_canonical_qs(s->info, using_qs);
+  const auto canonical_qs = rgw::auth::s3::get_v4_canonical_qs(s->info,
+                                                               using_qs);
 
   /* craft canonical headers */
   boost::optional<std::string> canonical_headers = \
     rgw::auth::s3::get_v4_canonical_headers(s->info,
-                                            s->aws4_auth->signed_hdrs,
+                                            signed_hdrs,
                                             using_qs,
                                             force_boto2_compat);
   if (canonical_headers) {
     ldout(s->cct, 10) << "canonical headers format = " << *canonical_headers
                       << dendl;
-    s->aws4_auth->canonical_hdrs = std::move(*canonical_headers);
   } else {
     return -EPERM;
   }
@@ -3579,10 +3579,10 @@ int RGW_Auth_S3::authorize_v4(RGWRados *store, struct req_state *s, bool force_b
   std::string canonical_req_hash = \
     rgw::auth::s3::get_v4_canonical_request_hash(s->cct,
                                                  s->info.method,
-                                                 s->aws4_auth->canonical_uri,
-                                                 s->aws4_auth->canonical_qs,
-                                                 s->aws4_auth->canonical_hdrs,
-                                                 s->aws4_auth->signed_hdrs,
+                                                 canonical_uri,
+                                                 canonical_qs,
+                                                 *canonical_headers,
+                                                 signed_hdrs,
                                                  expected_request_payload_hash);
 
   /*
@@ -3603,7 +3603,7 @@ int RGW_Auth_S3::authorize_v4(RGWRados *store, struct req_state *s, bool force_b
    * http://docs.aws.amazon.com/general/latest/gr/sigv4-calculate-signature.html
    */
 
-  const auto iter = s->user->access_keys.find(s->aws4_auth->access_key_id);
+  const auto iter = s->user->access_keys.find(access_key_id);
   if (iter == std::end(s->user->access_keys)) {
     ldout(s->cct, 10) << "ERROR: access key not encoded in user info" << dendl;
     return -EPERM;