From: Matt Benjamin <mbenjamin@redhat.com>
Date: Sat, 13 Jan 2024 18:57:36 +0000 (-0500)
Subject: awssigv4: fix recognition of trailer boundary when no trailing signature
X-Git-Tag: testing/wip-xiubli-testing-20240812.080715-reef~11^2~6
X-Git-Url: http://git.apps.os.sepia.ceph.com/?a=commitdiff_plain;h=d7204e16cb856dd552293e0932203a6dfacb9492;p=ceph-ci.git

awssigv4: fix recognition of trailer boundary when no trailing signature

Signed-off-by: Matt Benjamin <mbenjamin@redhat.com>
(cherry picked from commit d374a21beb4faac63c0bd920572651079af25209)
---

diff --git a/src/rgw/rgw_auth_s3.cc b/src/rgw/rgw_auth_s3.cc
index 762e191936b..56ed8abdb27 100644
--- a/src/rgw/rgw_auth_s3.cc
+++ b/src/rgw/rgw_auth_s3.cc
@@ -1551,9 +1551,15 @@ bool AWSv4ComplMulti::complete()
     std::string_view expected_trailer_signature;
     std::string calculated_trailer_signature;
 
-    if (tbuf_pos > sarrlen("\r\n0;")) {
-      const std::string_view sv_trailer(trailer_vec.data() + sarrlen("\r\n0;"),
-                                        tbuf_pos - sarrlen("\r\n0;"));
+    /* the trailer boundary is just "\r\n0" when we have no trailer
+     * signature */
+    if (tbuf_pos > sarrlen("\r\n0")) {
+      auto trailer_off = sarrlen("\r\n0");
+      if (*(trailer_vec.data() + trailer_off) == ';') {
+	++trailer_off;
+      }
+      const std::string_view sv_trailer(
+        trailer_vec.data() + trailer_off, tbuf_pos - trailer_off);
 
       if (cct()->_conf->subsys.should_gather(ceph_subsys_rgw, 10)) [[unlikely]] {
         ldout(cct(), 10) << "trailer_section: " << sv_trailer << dendl;