rgw/auth: fix internal server error for presigned urls

We have special error handling for these cases but we
don't check the negative value of the error so it
instead gets caught as an error not defined with a
response and throws a http 500.

This was implement by [1] and the same way done
with [2].

[1] https://github.com/ceph/ceph/pull/55371
[2] https://github.com/ceph/ceph/pull/56044

Signed-off-by: Tobias Urdin <tobias.urdin@binero.com>

diff --git a/src/rgw/rgw_auth.cc b/src/rgw/rgw_auth.cc
index 290b9bb46b355096197538c2fc651d74322641aa..ac1ed8b75d611908260ac966c09f1da3b1a7991e 100644 (file)
--- a/src/rgw/rgw_auth.cc
+++ b/src/rgw/rgw_auth.cc
@@ -505,12 +505,12 @@ rgw::auth::Strategy::apply(const DoutPrefixProvider *dpp, const rgw::auth::Strat
       ldpp_dout(dpp, 5) << "Failed the auth strategy, reason="
                        << result.get_reason() << dendl;
       // Special handling for expired pre-signed URL
-      if (result.get_reason() == ERR_PRESIGNED_URL_EXPIRED) {
+      if (result.get_reason() == -ERR_PRESIGNED_URL_EXPIRED) {
         result = result_t::deny(-EPERM);
         set_req_state_err(s, -EPERM, "The pre-signed URL has expired");
       }
       // Special handling for disabled presigned URL
-      if (result.get_reason() == ERR_PRESIGNED_URL_DISABLED) {
+      if (result.get_reason() == -ERR_PRESIGNED_URL_DISABLED) {
         result = result_t::deny(-EPERM);
         set_req_state_err(s, -EPERM, "Presigned URLs are disabled by admin");
       }