rgw: Anonymous users shouldn't be able to access requester pays buckets.

Fixes: http://tracker.ceph.com/issues/17175
Signed-off-by: Zhang Shaowen <zhangshaowen@cmss.chinamobile.com>

diff --git a/src/rgw/rgw_common.cc b/src/rgw/rgw_common.cc
index 50c3b90b7d3adb101c2acf41f9101b4a908fb0bc..ca911b87c338fc351344c459466e06f0c5a28ae0 100644 (file)
--- a/src/rgw/rgw_common.cc
+++ b/src/rgw/rgw_common.cc
@@ -899,6 +899,10 @@ bool verify_requester_payer_permission(struct req_state *s)
 
   if (s->auth_identity->is_owner_of(s->bucket_info.owner))
     return true;
+  
+  if (s->auth_identity->is_anonymous()) {
+    return false;
+  }
 
   const char *request_payer = s->info.env->get("HTTP_X_AMZ_REQUEST_PAYER");
   if (!request_payer) {