From: Radoslaw Zarzynski <rzarzynski@mirantis.com>
Date: Fri, 14 Apr 2017 15:01:44 +0000 (+0200)
Subject: rgw: drop req_state::aws4_auth::payload_hash as it doesn't need to be global.
X-Git-Tag: v12.1.0~155^2~59
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=9f594c5728d8722d2984e4ea0e62610e9507cd66;p=ceph.git

rgw: drop req_state::aws4_auth::payload_hash as it doesn't need to be global.

Signed-off-by: Radoslaw Zarzynski <rzarzynski@mirantis.com>
---

diff --git a/src/rgw/rgw_common.h b/src/rgw/rgw_common.h
index a0093d7bd6ee..d21faebcebcb 100644
--- a/src/rgw/rgw_common.h
+++ b/src/rgw/rgw_common.h
@@ -1704,7 +1704,6 @@ struct rgw_aws4_auth {
   string canonical_hdrs;
   string signature;
   string new_signature;
-  string payload_hash;
   string seed_signature;
   char signing_key[CEPH_CRYPTO_HMACSHA256_DIGESTSIZE];
   bufferlist bl;
diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc
index dffa6bbb91cf..bc65e924a17e 100644
--- a/src/rgw/rgw_rest_s3.cc
+++ b/src/rgw/rgw_rest_s3.cc
@@ -3456,16 +3456,17 @@ int RGW_Auth_S3::authorize_v4_complete(RGWRados *store, struct req_state *s, con
                                                  s->aws4_auth->signed_hdrs,
                                                  expected_request_payload_hash);
 
+  std::string payload_hash;
   if (unsigned_payload) {
-    s->aws4_auth->payload_hash = "UNSIGNED-PAYLOAD";
+    payload_hash = "UNSIGNED-PAYLOAD";
   } else {
     if (s->aws4_auth_needs_complete) {
-      s->aws4_auth->payload_hash = AWS_AUTHv4_IO(s)->grab_aws4_sha256_hash();
+      payload_hash = AWS_AUTHv4_IO(s)->grab_aws4_sha256_hash();
     } else {
       if (s->aws4_auth_streaming_mode) {
-        s->aws4_auth->payload_hash = "STREAMING-AWS4-HMAC-SHA256-PAYLOAD";
+        payload_hash = "STREAMING-AWS4-HMAC-SHA256-PAYLOAD";
       } else {
-        s->aws4_auth->payload_hash = \
+        payload_hash = \
           rgw::auth::s3::hash_string_sha256(request_payload.c_str(),
                                             request_payload.size());
       }
@@ -3474,7 +3475,7 @@ int RGW_Auth_S3::authorize_v4_complete(RGWRados *store, struct req_state *s, con
 
   /* Validate x-amz-sha256 */
   if (s->aws4_auth_needs_complete) {
-    if (s->aws4_auth->payload_hash.compare(expected_request_payload_hash) != 0) {
+    if (payload_hash.compare(expected_request_payload_hash) != 0) {
       ldout(s->cct, 10) << "ERROR: x-amz-content-sha256 does not match" << dendl;
       return -ERR_AMZ_CONTENT_SHA256_MISMATCH;
     }
@@ -3625,8 +3626,6 @@ int RGW_Auth_S3::authorize_v4(RGWRados *store, struct req_state *s, bool force_b
 
   /* handle request payload */
 
-  s->aws4_auth->payload_hash = "";
-
   string request_payload;
 
   bool unsigned_payload = false;