copy object encryption fixes - copy object result attributes

Copy object should return encryption attributes in its results.

XXX fixup merge w/ copy object encryption fixes

Fixes: https://tracker.ceph.com/issues/23264
Signed-off-by: Marcus Watts <mwatts@redhat.com>
(cherry picked from commit de5e988b9e9ab34472b3bcb343caa4c472ba5b7c)

diff --git a/src/rgw/rgw_op.cc b/src/rgw/rgw_op.cc
index c27e446df4c43ebc862b1669f6c1b463bf289bb6..7055ce8d27ef39a5eecde20e4c3f5c4d8e1e5e8d 100644 (file)
--- a/src/rgw/rgw_op.cc
+++ b/src/rgw/rgw_op.cc
@@ -6188,12 +6188,13 @@ class RGWCOE_make_filter_pipeline : public rgw::sal::ObjectFilter {
   DoutPrefixProvider *dpp;
   boost::optional<RGWGetObj_Decompress> decompress;
   bool partial_content = false;
-  std::map<std::string, std::string> crypt_http_responses;     // XXX who consumes?
+  std::map<std::string, std::string> crypt_http_responses_unused;
   std::unique_ptr<rgw::sal::DataProcessor> oproc;
   const RGWEnv *env;
   struct rgw_err &err;
   std::unique_ptr<rgw::sal::Object> &object;
   uint64_t &obj_size;
+  std::map<std::string, std::string>& crypt_http_responses;
   RGWDecryptContext dctx;
   req_state *s;                        // destination only, not for source!
   std::unique_ptr<rgw::sal::DataProcessor> encrypt;
@@ -6202,12 +6203,14 @@ class RGWCOE_make_filter_pipeline : public rgw::sal::ObjectFilter {
 public:
   RGWCOE_make_filter_pipeline(req_state *_s, DoutPrefixProvider *_dpp,
       map<string, bufferlist> &_a, bool _skip_decrypt,
-      std::unique_ptr<rgw::sal::Object> & _object, uint64_t &_obj_size)
+      std::unique_ptr<rgw::sal::Object> & _object, uint64_t &_obj_size,
+      std::map<std::string, std::string>& _crypt_http_responses)
     : cct(_s->cct), attrs(_a), encrypted( attrs.count(RGW_ATTR_CRYPT_MODE)),
       skip_decrypt(_skip_decrypt), dpp(_dpp),
       env(_s->info.env), err(_s->err),
       object(_object),
       obj_size(_obj_size),
+      crypt_http_responses(_crypt_http_responses),
       dctx( dpp, cct,
         err.message,
         false, 
@@ -6224,7 +6227,8 @@ public:
       return 0;
     }
     std::unique_ptr<BlockCrypt> block_crypt;
-    int res = rgw_s3_prepare_decrypt(dctx, y, src_attrs, &block_crypt, crypt_http_responses);
+    int res = rgw_s3_prepare_decrypt(dctx, y, src_attrs, &block_crypt,
+       crypt_http_responses_unused);
     if (res < 0) {
       return res;
     }
@@ -6494,7 +6498,8 @@ void RGWCopyObj::execute(optional_yield y)
   }
 
   try {
-    RGWCOE_make_filter_pipeline cb { s, this, attrs, false, s->src_object, obj_size };
+    RGWCOE_make_filter_pipeline cb { s, this, attrs, false,
+       s->src_object, obj_size, crypt_http_responses };
     op_ret = s->src_object->copy_object(s->owner,
           s->user->get_id(),
           &s->info,

diff --git a/src/rgw/rgw_op.h b/src/rgw/rgw_op.h
index 12f227e11459ff84bd499f235c417009f3012771..f53e7f97246b174385ce8beecc17a38011a67524 100644 (file)
--- a/src/rgw/rgw_op.h
+++ b/src/rgw/rgw_op.h
@@ -1542,6 +1542,7 @@ protected:
   std::string_view copy_source;
   // Not actually required
   std::optional<std::string_view> md_directive;
+  std::map<std::string, std::string> crypt_http_responses;
 
   off_t ofs;
   off_t len;

diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc
index 32631761d384bdac038ce647ef43121bb16bedc9..ce3fb946c23d89d46fc13796329089b09ff8b74b 100644 (file)
--- a/src/rgw/rgw_rest_s3.cc
+++ b/src/rgw/rgw_rest_s3.cc
@@ -3889,6 +3889,9 @@ void RGWCopyObj_ObjStore_S3::send_partial_response(off_t ofs)
     set_req_state_err(s, op_ret);
     dump_errno(s);
 
+    for (auto &it : crypt_http_responses)
+      dump_header(s, it.first, it.second);
+
     // Explicitly use chunked transfer encoding so that we can stream the result
     // to the user without having to wait for the full length of it.
     end_header(s, this, to_mime_type(s->format), CHUNKED_TRANSFER_ENCODING);
@@ -3911,9 +3914,6 @@ void RGWCopyObj_ObjStore_S3::send_response()
   if (!sent_header)
     send_partial_response(0);
 
-  for (auto &it : crypt_http_responses)
-    dump_header(s, it.first, it.second);
-
   if (op_ret == 0) {
     dump_time_exact_seconds(s, "LastModified", mtime);
     if (!etag.empty()) {

diff --git a/src/rgw/rgw_rest_s3.h b/src/rgw/rgw_rest_s3.h
index b026cc2ac0a0a52c27f28aeea67778ca563e0b34..a1a1132ca7fafcc6ce123ea1b3bbb612c4238041 100644 (file)
--- a/src/rgw/rgw_rest_s3.h
+++ b/src/rgw/rgw_rest_s3.h
@@ -344,7 +344,6 @@ public:
 };
 
 class RGWCopyObj_ObjStore_S3 : public RGWCopyObj_ObjStore {
-  std::map<std::string, std::string> crypt_http_responses;
   bool sent_header;
 public:
   RGWCopyObj_ObjStore_S3() : sent_header(false) {}