From: Marcus Watts <mwatts@redhat.com>
Date: Fri, 28 Jan 2022 10:34:43 +0000 (-0500)
Subject: rgw/crypt - generalize putbucketencryption.
X-Git-Tag: v18.0.0~968^2~5
X-Git-Url: http://git.apps.os.sepia.ceph.com/?a=commitdiff_plain;h=8028bae370eaa2ae1eb2cbc010fcf44c7ea6d566;p=ceph-ci.git

rgw/crypt - generalize putbucketencryption.

The previous logic only suported putbucketencryption to enable
sse-s3.  The protocol allows putbucketencryption to be used to
enable sse-kms by default, and the surrounding logic is now ready
to do this as well.  This commit removes the checks which stopped
this from working, so that it is now possible to use putbucketencryption
to default either sse-s3 or sse-kms on.

Signed-off-by: Marcus Watts <mwatts@redhat.com>
---

diff --git a/src/rgw/rgw_op.cc b/src/rgw/rgw_op.cc
index ef5e8eb69f2..da8c22dc96e 100644
--- a/src/rgw/rgw_op.cc
+++ b/src/rgw/rgw_op.cc
@@ -8668,20 +8668,6 @@ void RGWPutBucketEncryption::execute(optional_yield y)
     return;
   }
 
-  if(bucket_encryption_conf.kms_master_key_id().compare("") != 0) {
-    ldpp_dout(this, 5) << "encryption not supported with sse-kms" << dendl;
-    op_ret = -ERR_NOT_IMPLEMENTED;
-    s->err.message = "SSE-KMS support is not provided";
-    return;
-  }
-
-  if(bucket_encryption_conf.sse_algorithm().compare("AES256") != 0) {
-    ldpp_dout(this, 5) << "only aes256 algorithm is supported for encryption" << dendl;
-    op_ret = -ERR_NOT_IMPLEMENTED;
-    s->err.message = "Encryption is supported only with AES256 algorithm";
-    return;
-  }
-
   op_ret = store->forward_request_to_master(this, s->user.get(), nullptr, data, nullptr, s->info, y);
   if (op_ret < 0) {
     ldpp_dout(this, 20) << "forward_request_to_master returned ret=" << op_ret << dendl;