From: Radoslaw Zarzynski Date: Tue, 20 Sep 2016 13:31:03 +0000 (+0200) Subject: rgw: add support for form expiration in Swift's FormPost. X-Git-Tag: v12.0.3~99^2~15 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=0e54086e18336983af09a8fe53e601ff02025cd8;p=ceph.git rgw: add support for form expiration in Swift's FormPost. Signed-off-by: Radoslaw Zarzynski --- diff --git a/src/rgw/rgw_rest_swift.cc b/src/rgw/rgw_rest_swift.cc index f0069700463b..fe10ac292fd9 100644 --- a/src/rgw/rgw_rest_swift.cc +++ b/src/rgw/rgw_rest_swift.cc @@ -1724,6 +1724,25 @@ void RGWFormPost::init(RGWRados* const store, return RGWPostObj_ObjStore::init(store, s, dialect_handler); } +bool RGWFormPost::is_expired(const std::string& expires) +{ + string err; + const utime_t now = ceph_clock_now(g_ceph_context); + const uint64_t expiration = (uint64_t)strict_strtoll(expires.c_str(), + 10, &err); + if (!err.empty()) { + dout(5) << "failed to parse temp_url_expires: " << err << dendl; + return true; + } + + if (expiration <= (uint64_t)now.sec()) { + dout(5) << "temp url expired: " << expiration << " <= " << now.sec() << dendl; + return true; + } + + return false; +} + int RGWFormPost::get_params() { /* The parentt class extracts boundary info from the Content-Type. */ @@ -1792,6 +1811,12 @@ int RGWFormPost::get_params() } } while (! stream_done); + std::string expires; + if (part_str("expires", &expires) && is_expired(expires)) { + err_msg = "FormPost: Form Expired"; + return -EACCES; + } + return ! current_data_part ? -EINVAL : 0; } @@ -1860,6 +1885,7 @@ int RGWFormPost::get_data(ceph::bufferlist& bl) void RGWFormPost::send_response() { set_req_state_err(s, op_ret); + s->err.s3_code = err_msg; dump_errno(s); end_header(s, this); } diff --git a/src/rgw/rgw_rest_swift.h b/src/rgw/rgw_rest_swift.h index 6572034a87c7..333860dd4c78 100644 --- a/src/rgw/rgw_rest_swift.h +++ b/src/rgw/rgw_rest_swift.h @@ -241,6 +241,7 @@ public: class RGWFormPost : public RGWPostObj_ObjStore { std::string get_current_filename() const override; bool is_next_file_to_upload() override; + static bool is_expired(const std::string& expires); boost::optional current_data_part; std::string prefix;