rgw: eradicate req_state::http_auth.

Signed-off-by: Radoslaw Zarzynski <rzarzynski@mirantis.com>

diff --git a/src/rgw/rgw_common.cc b/src/rgw/rgw_common.cc
index 365cd86cb4abf11ecee7e1ddacc6e229e2802f8a..6052cfd538847de47c36dc91d0d8de109a4cf29e 100644 (file)
--- a/src/rgw/rgw_common.cc
+++ b/src/rgw/rgw_common.cc
@@ -280,7 +280,6 @@ req_state::req_state(CephContext* _cct, RGWEnv* e, RGWUserInfo* u)
   bucket_exists = false;
   has_bad_meta = false;
   length = NULL;
-  http_auth = NULL;
   local_source = false;
 
   obj_ctx = NULL;

diff --git a/src/rgw/rgw_common.h b/src/rgw/rgw_common.h
index 30234bb9ae016f5df775d7622b52e412064ea317..36afd3dbfc7ec19212a28175725bd4b866e04ef8 100644 (file)
--- a/src/rgw/rgw_common.h
+++ b/src/rgw/rgw_common.h
@@ -1821,7 +1821,6 @@ struct req_state {
 
   string canned_acl;
   bool has_acl_header;
-  const char *http_auth;
   bool local_source; /* source is local */
 
   int prot_flags;

diff --git a/src/rgw/rgw_rest.cc b/src/rgw/rgw_rest.cc
index 140d434e737a39df86b23e0aba8286b31f1890cb..42cc7d7404d8e68cf55168ec1d8b30eabb114110 100644 (file)
--- a/src/rgw/rgw_rest.cc
+++ b/src/rgw/rgw_rest.cc
@@ -2353,8 +2353,6 @@ int RGWREST::preprocess(struct req_state *s, rgw::io::BasicClient* cio)
     }
   }
 
-  s->http_auth = info.env->get("HTTP_AUTHORIZATION");
-
   if (g_conf->rgw_print_continue) {
     const char *expect = info.env->get("HTTP_EXPECT");
     s->expect_cont = (expect && !strcasecmp(expect, "100-continue"));

diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc
index 7485a9b67adbd7a8df42d4630226d27dd836fb83..123954b7139863474e9ccaca596ff54e1eb34151 100644 (file)
--- a/src/rgw/rgw_rest_s3.cc
+++ b/src/rgw/rgw_rest_s3.cc
@@ -3362,7 +3362,10 @@ int RGW_Auth_S3::authorize(RGWRados* const store,
     return 0;
   }
 
-  if (!s->http_auth || !(*s->http_auth)) {
+  /* TODO(rzarzynski): eradicate the double check on HTTP_AUTHORIZATION.
+   * See couple for next commits. */
+  const char* http_auth = s->info.env->get("HTTP_AUTHORIZATION");
+  if (!http_auth || !(*http_auth)) {
 
     /* AWS4 */
 
@@ -3398,13 +3401,13 @@ int RGW_Auth_S3::authorize(RGWRados* const store,
 
     /* AWS4 */
 
-    if (!strncmp(s->http_auth, "AWS4-HMAC-SHA256", 16)) {
+    if (!strncmp(http_auth, "AWS4-HMAC-SHA256", 16)) {
       return authorize_v4(store, s);
     }
 
     /* AWS2 */
 
-    if (!strncmp(s->http_auth, "AWS ", 4)) {
+    if (!strncmp(http_auth, "AWS ", 4)) {
       return authorize_v2(store, auth_registry, s);
     }
 
@@ -3558,7 +3561,8 @@ int RGW_Auth_S3::authorize_v4(RGWRados *store, struct req_state *s, bool force_b
     return -ENOMEM;
   }
 
-  if ((!s->http_auth) || !(*s->http_auth)) {
+  const char* http_auth = s->info.env->get("HTTP_AUTHORIZATION");
+  if ((!http_auth) || !(*http_auth)) {
 
     /* auth ships with req params ... */
 
@@ -3623,7 +3627,7 @@ int RGW_Auth_S3::authorize_v4(RGWRados *store, struct req_state *s, bool force_b
 
     using_qs = false;
 
-    string auth_str = s->http_auth;
+    string auth_str = http_auth;
 
 #define AWS4_HMAC_SHA256_STR "AWS4-HMAC-SHA256"
 #define CREDENTIALS_PREFIX_LEN (sizeof(AWS4_HMAC_SHA256_STR) - 1)
@@ -4253,7 +4257,8 @@ rgw::auth::s3::RGWS3V2Extractor::get_auth_data(const req_state* const s) const
   std::string signature;
   bool qsr = false;
 
-  if (! s->http_auth || s->http_auth[0] == '\0') {
+  const char* http_auth = s->info.env->get("HTTP_AUTHORIZATION");
+  if (! http_auth || http_auth[0] == '\0') {
     /* Credentials are provided in query string. We also need to verify
      * the "Expires" parameter now. */
     access_key_id = s->info.args.get("AWSAccessKeyId");
@@ -4272,7 +4277,7 @@ rgw::auth::s3::RGWS3V2Extractor::get_auth_data(const req_state* const s) const
     }
   } else {
     /* The "Authorization" HTTP header is being used. */
-    const std::string auth_str(s->http_auth + strlen("AWS "));
+    const std::string auth_str(http_auth + strlen("AWS "));
     const size_t pos = auth_str.rfind(':');
     if (pos != std::string::npos) {
       access_key_id = auth_str.substr(0, pos);