From: Zhang Shaowen <zhangshaowen@cmss.chinamobile.com>
Date: Tue, 1 Nov 2016 10:27:24 +0000 (+0800)
Subject: rgw: Anonymous users shouldn't be able to access requester pays buckets.
X-Git-Tag: v11.1.0~213^2
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=c4482cb6c66aaaf7b55ffd089e3835951b7fd056;p=ceph.git

rgw: Anonymous users shouldn't be able to access requester pays buckets.

Fixes: http://tracker.ceph.com/issues/17175

Signed-off-by: Zhang Shaowen <zhangshaowen@cmss.chinamobile.com>
---

diff --git a/src/rgw/rgw_common.cc b/src/rgw/rgw_common.cc
index 50c3b90b7d3a..ca911b87c338 100644
--- a/src/rgw/rgw_common.cc
+++ b/src/rgw/rgw_common.cc
@@ -899,6 +899,10 @@ bool verify_requester_payer_permission(struct req_state *s)
 
   if (s->auth_identity->is_owner_of(s->bucket_info.owner))
     return true;
+  
+  if (s->auth_identity->is_anonymous()) {
+    return false;
+  }
 
   const char *request_payer = s->info.env->get("HTTP_X_AMZ_REQUEST_PAYER");
   if (!request_payer) {