rgw: s3: secure_port should override port, also apply ssl default right.

Without https, only port is set.  With https, secure_port and port are
both set to the same value.  The previous logic looked at port first and
had overly simplified conditional logic which was liable to try to apply
both non-default cases.  The correct behavior is: look secure_port first,
and if secure_port is set, then only check to see if it's a non-default
port.

Signed-off-by: Marcus Watts <mwatts@redhat.com>

diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc
index a6417c51c9f3a722b281283ab8d2f2f87aeb8598..70e07e69b77380b8c81fd72ffa1115f681b5126e 100644 (file)
--- a/src/rgw/rgw_rest_s3.cc
+++ b/src/rgw/rgw_rest_s3.cc
@@ -3798,10 +3798,12 @@ int RGW_Auth_S3::authorize_v4(RGWRados *store, struct req_state *s, bool force_b
     }
     string token_value = string(t);
     if (force_boto2_compat && using_qs && (token == "host")) {
-      if (!port.empty() && port != "80" && port != "0") {
-        token_value = token_value + ":" + port;
-      } else if (!secure_port.empty() && secure_port != "443") {
-        token_value = token_value + ":" + secure_port;
+      if (!secure_port.empty()) {
+       if (secure_port != "443")
+         token_value = token_value + ":" + secure_port;
+      } else if (!port.empty()) {
+       if (port != "80")
+         token_value = token_value + ":" + port;
       }
     }
     canonical_hdrs_map[token] = rgw_trim_whitespace(token_value);