rgw: s3: don't require a body in S3 put-object-acl

This is a conventional S3 request--omitting the body causes ordinary,
no-body v4 signature checking to be selected (when signing is
AWS_HMAC_SHA256).

Fixes: https://tracker.ceph.com/issues/43148
Signed-off-by: Matt Benjamin <mbenjamin@redhat.com>

diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc
index c021ae0cbba67718cd3040785e0ff767eafbb797..92c88882293a5b2f672b00d5f263fa5f3bfa4569 100644 (file)
--- a/src/rgw/rgw_rest_s3.cc
+++ b/src/rgw/rgw_rest_s3.cc
@@ -2737,6 +2737,15 @@ int RGWPutACLs_ObjStore_S3::get_params()
     if (ret_auth < 0) {
       return ret_auth;
     }
+  } else {
+    /* a request body is not required an S3 PutACLs request--n.b.,
+     * s->length is non-null iff a content length was parsed (the
+     * ACP or canned ACL could be in any of 3 headers, don't worry
+     * about that here) */
+    if ((ret == -ERR_LENGTH_REQUIRED) &&
+       !!(s->length)) {
+      return 0;
+    }
   }
   return ret;
 }