From: Marcus Watts Date: Sat, 6 Sep 2025 22:45:36 +0000 (-0400) Subject: copy object encryption fixes - copy object result attributes X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=a534abe99cfa32d77189dd18d7b35902f76a1c39;p=ceph-ci.git copy object encryption fixes - copy object result attributes Copy object should return encryption attributes in its results. XXX fixup merge w/ copy object encryption fixes Fixes: https://tracker.ceph.com/issues/23264 Signed-off-by: Marcus Watts (cherry picked from commit de5e988b9e9ab34472b3bcb343caa4c472ba5b7c) --- diff --git a/src/rgw/rgw_op.cc b/src/rgw/rgw_op.cc index c27e446df4c..7055ce8d27e 100644 --- a/src/rgw/rgw_op.cc +++ b/src/rgw/rgw_op.cc @@ -6188,12 +6188,13 @@ class RGWCOE_make_filter_pipeline : public rgw::sal::ObjectFilter { DoutPrefixProvider *dpp; boost::optional decompress; bool partial_content = false; - std::map crypt_http_responses; // XXX who consumes? + std::map crypt_http_responses_unused; std::unique_ptr oproc; const RGWEnv *env; struct rgw_err &err; std::unique_ptr &object; uint64_t &obj_size; + std::map& crypt_http_responses; RGWDecryptContext dctx; req_state *s; // destination only, not for source! std::unique_ptr encrypt; @@ -6202,12 +6203,14 @@ class RGWCOE_make_filter_pipeline : public rgw::sal::ObjectFilter { public: RGWCOE_make_filter_pipeline(req_state *_s, DoutPrefixProvider *_dpp, map &_a, bool _skip_decrypt, - std::unique_ptr & _object, uint64_t &_obj_size) + std::unique_ptr & _object, uint64_t &_obj_size, + std::map& _crypt_http_responses) : cct(_s->cct), attrs(_a), encrypted( attrs.count(RGW_ATTR_CRYPT_MODE)), skip_decrypt(_skip_decrypt), dpp(_dpp), env(_s->info.env), err(_s->err), object(_object), obj_size(_obj_size), + crypt_http_responses(_crypt_http_responses), dctx( dpp, cct, err.message, false, @@ -6224,7 +6227,8 @@ public: return 0; } std::unique_ptr block_crypt; - int res = rgw_s3_prepare_decrypt(dctx, y, src_attrs, &block_crypt, crypt_http_responses); + int res = rgw_s3_prepare_decrypt(dctx, y, src_attrs, &block_crypt, + crypt_http_responses_unused); if (res < 0) { return res; } @@ -6494,7 +6498,8 @@ void RGWCopyObj::execute(optional_yield y) } try { - RGWCOE_make_filter_pipeline cb { s, this, attrs, false, s->src_object, obj_size }; + RGWCOE_make_filter_pipeline cb { s, this, attrs, false, + s->src_object, obj_size, crypt_http_responses }; op_ret = s->src_object->copy_object(s->owner, s->user->get_id(), &s->info, diff --git a/src/rgw/rgw_op.h b/src/rgw/rgw_op.h index 12f227e1145..f53e7f97246 100644 --- a/src/rgw/rgw_op.h +++ b/src/rgw/rgw_op.h @@ -1542,6 +1542,7 @@ protected: std::string_view copy_source; // Not actually required std::optional md_directive; + std::map crypt_http_responses; off_t ofs; off_t len; diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc index 32631761d38..ce3fb946c23 100644 --- a/src/rgw/rgw_rest_s3.cc +++ b/src/rgw/rgw_rest_s3.cc @@ -3889,6 +3889,9 @@ void RGWCopyObj_ObjStore_S3::send_partial_response(off_t ofs) set_req_state_err(s, op_ret); dump_errno(s); + for (auto &it : crypt_http_responses) + dump_header(s, it.first, it.second); + // Explicitly use chunked transfer encoding so that we can stream the result // to the user without having to wait for the full length of it. end_header(s, this, to_mime_type(s->format), CHUNKED_TRANSFER_ENCODING); @@ -3911,9 +3914,6 @@ void RGWCopyObj_ObjStore_S3::send_response() if (!sent_header) send_partial_response(0); - for (auto &it : crypt_http_responses) - dump_header(s, it.first, it.second); - if (op_ret == 0) { dump_time_exact_seconds(s, "LastModified", mtime); if (!etag.empty()) { diff --git a/src/rgw/rgw_rest_s3.h b/src/rgw/rgw_rest_s3.h index b026cc2ac0a..a1a1132ca7f 100644 --- a/src/rgw/rgw_rest_s3.h +++ b/src/rgw/rgw_rest_s3.h @@ -344,7 +344,6 @@ public: }; class RGWCopyObj_ObjStore_S3 : public RGWCopyObj_ObjStore { - std::map crypt_http_responses; bool sent_header; public: RGWCopyObj_ObjStore_S3() : sent_header(false) {}