From: Marc Singer <marc@singer.services>
Date: Thu, 7 Mar 2024 18:19:11 +0000 (+0100)
Subject: fix: comments from code review
X-Git-Tag: v19.1.0~133^2
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=3befb725fae64563d13b46bf54cc090805bf6518;p=ceph.git

fix: comments from code review

Signed-off-by: Marc Singer <marc@singer.services>
(cherry picked from commit b6df68210850a93196d21b926509df53721e17dc)
---

diff --git a/src/common/options/rgw.yaml.in b/src/common/options/rgw.yaml.in
index d6f7a56aba07..52e69dae959c 100644
--- a/src/common/options/rgw.yaml.in
+++ b/src/common/options/rgw.yaml.in
@@ -895,11 +895,12 @@ options:
 - name: rgw_s3_auth_disable_signature_url
   type: bool
   level: advanced
-  desc: Should authentification with presigned URLs be disabled
+  desc: Should authentication with presigned URLs be disabled
   long_desc: 'If enabled, any request that is presigned with either V2 or V4 signature will be denied'
   default: false
   services:
   - rgw
+  with_legacy: true
 - name: rgw_barbican_url
   type: str
   level: advanced
diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc
index df582dd811d2..068dc64114b7 100644
--- a/src/rgw/rgw_rest_s3.cc
+++ b/src/rgw/rgw_rest_s3.cc
@@ -5551,19 +5551,20 @@ AWSGeneralAbstractor::get_auth_data(const req_state* const s) const
   AwsRoute route;
   std::tie(version, route) = discover_aws_flavour(s->info);
 
-  if (! s->cct->_conf->rgw_s3_auth_disable_signature_url) {
-    if (version == AwsVersion::V2) {
-      return get_auth_data_v2(s);
-    } else if (version == AwsVersion::V4) {
-      return get_auth_data_v4(s, route == AwsRoute::QUERY_STRING);
-    } else {
-      /* FIXME(rzarzynski): handle anon user. */
-      throw -EINVAL;
-    }
-  } else {
-    ldpp_dout(s, 0) << "Presigned URLs are disabled by admin" << dendl;
+  if (s->cct->_conf->rgw_s3_auth_disable_signature_url) {
+    ldpp_dout(s, 10) << "Presigned URLs are disabled by admin" << dendl;
     throw -ERR_PRESIGNED_URL_DISABLED;
   }
+  
+  if (version == AwsVersion::V2) {
+    return get_auth_data_v2(s);
+  } else if (version == AwsVersion::V4) {
+    return get_auth_data_v4(s, route == AwsRoute::QUERY_STRING);
+  } else {
+    /* FIXME(rzarzynski): handle anon user. */
+    throw -EINVAL;
+  }
+
 }
 
 boost::optional<std::string>