rgw: add AWS4 completion support for RGW_OP_PUT_OBJ

Signed-off-by: Javier M. Mellid <jmunhoz@igalia.com>

diff --git a/src/rgw/rgw_op.cc b/src/rgw/rgw_op.cc
index 288a8d2f4dd47323dc3d8a884df0a53aca8f4854..49cfc4dab89e98586587652cead1193292e1fa7a 100644 (file)
--- a/src/rgw/rgw_op.cc
+++ b/src/rgw/rgw_op.cc
@@ -496,6 +496,30 @@ int RGWOp::verify_op_mask()
   return 0;
 }
 
+int RGWOp::do_aws4_auth_completion()
+{
+  int ret;
+
+  if (s->aws4_auth_needs_complete) {
+    /* complete */
+    ret = RGW_Auth_S3::authorize_aws4_auth_complete(store, s);
+    s->aws4_auth_needs_complete = false;
+    if (ret) {
+      return ret;
+    }
+    /* verify signature */
+    if (s->aws4_auth->signature != s->aws4_auth->new_signature) {
+      ret = -ERR_SIGNATURE_NO_MATCH;
+      ldout(s->cct, 20) << "delayed aws4 auth failed" << dendl;
+      return ret;
+    }
+    /* authorization ok */
+    dout(10) << "v4 auth ok" << dendl;
+  }
+
+  return 0;
+}
+
 int RGWOp::init_quota()
 {
   /* no quota enforcement for system requests */

diff --git a/src/rgw/rgw_op.h b/src/rgw/rgw_op.h
index 254fbd4f5f70aa242b245ebca9d8cce3b3ad3598..f1989e3f140c4b2c38066b9771c052d4a049c3a5 100644 (file)
--- a/src/rgw/rgw_op.h
+++ b/src/rgw/rgw_op.h
@@ -84,6 +84,8 @@ protected:
   RGWQuotaInfo user_quota;
   int op_ret;
 
+  int do_aws4_auth_completion();
+
   virtual int init_quota();
 public:
 RGWOp() : s(NULL), dialect_handler(NULL), store(NULL), cors_exist(false),

diff --git a/src/rgw/rgw_rest.h b/src/rgw/rgw_rest.h
index 8f1c4edf361a6ef6f68809441cbc9889e06ddc47..a60d9a7dbc2810f2944fd4408b8f3d0f25264539 100644 (file)
--- a/src/rgw/rgw_rest.h
+++ b/src/rgw/rgw_rest.h
@@ -189,7 +189,7 @@ public:
 
   virtual int verify_params();
   virtual int get_params();
-  int get_data(bufferlist& bl);
+  virtual int get_data(bufferlist& bl);
 };
 
 class RGWPostObj_ObjStore : public RGWPostObj

diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc
index 590f326aaf4ca07c6e4c1d147df118fb23c627f3..55ef699b37100930a755c15a30e497328b4d4193 100644 (file)
--- a/src/rgw/rgw_rest_s3.cc
+++ b/src/rgw/rgw_rest_s3.cc
@@ -812,6 +812,19 @@ int RGWPutObj_ObjStore_S3::get_params()
   return RGWPutObj_ObjStore::get_params();
 }
 
+int RGWPutObj_ObjStore_S3::get_data(bufferlist& bl)
+{
+  int ret = RGWPutObj_ObjStore::get_data(bl);
+  if (ret < 0)
+    s->aws4_auth_needs_complete = false;
+  if ((ret == 0) && s->aws4_auth_needs_complete) {
+    int ret_auth = do_aws4_auth_completion();
+    if (ret_auth)
+      return ret_auth;
+  }
+  return ret;
+}
+
 static int get_success_retcode(int code)
 {
   switch (code) {

diff --git a/src/rgw/rgw_rest_s3.h b/src/rgw/rgw_rest_s3.h
index 606986afc8febce3462faa47cff58865eec15019..e7c500c7451e09111271e881a0bbf4ba64e12052 100644 (file)
--- a/src/rgw/rgw_rest_s3.h
+++ b/src/rgw/rgw_rest_s3.h
@@ -140,6 +140,7 @@ public:
   ~RGWPutObj_ObjStore_S3() {}
 
   int get_params();
+  int get_data(bufferlist& bl);
   void send_response();
 };