From: Javier M. Mellid <jmunhoz@igalia.com>
Date: Fri, 13 Nov 2015 15:11:07 +0000 (+0100)
Subject: rgw: verify X-Amz-Date
X-Git-Tag: v10.1.0~351^2^2~12
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=e533917dc988d18eeaa4036213ddf0f74d51346d;p=ceph.git

rgw: verify X-Amz-Date

Signed-off-by: Javier M. Mellid <jmunhoz@igalia.com>
---

diff --git a/src/rgw/rgw_common.cc b/src/rgw/rgw_common.cc
index a177fc4f14fd..e5908935e942 100644
--- a/src/rgw/rgw_common.cc
+++ b/src/rgw/rgw_common.cc
@@ -350,10 +350,18 @@ bool parse_rfc2616(const char *s, struct tm *t)
   return parse_rfc850(s, t) || parse_asctime(s, t) || parse_rfc1123(s, t) || parse_rfc1123_alt(s,t);
 }
 
-bool parse_iso8601(const char *s, struct tm *t)
+bool parse_iso8601(const char *s, struct tm *t, bool extended_format)
 {
   memset(t, 0, sizeof(*t));
-  const char *p = strptime(s, "%Y-%m-%dT%T", t);
+  const char *p;
+
+  if (!s)
+    s = "";
+
+  if (extended_format)
+    p = strptime(s, "%Y-%m-%dT%T", t);
+  else
+    p = strptime(s, "%Y%m%dT%H%M%S", t);
   if (!p) {
     dout(0) << "parse_iso8601 failed" << dendl;
     return false;
diff --git a/src/rgw/rgw_common.h b/src/rgw/rgw_common.h
index deb361da8284..4e7e3a152185 100644
--- a/src/rgw/rgw_common.h
+++ b/src/rgw/rgw_common.h
@@ -1712,7 +1712,7 @@ extern int parse_key_value(string& in_str, const char *delim, string& key, strin
 /** time parsing */
 extern int parse_time(const char *time_str, time_t *time);
 extern bool parse_rfc2616(const char *s, struct tm *t);
-extern bool parse_iso8601(const char *s, struct tm *t);
+extern bool parse_iso8601(const char *s, struct tm *t, bool extended_format = true);
 extern string rgw_trim_whitespace(const string& src);
 extern string rgw_trim_quotes(const string& val);
 
diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc
index 8d6cff041bc1..455a52446115 100644
--- a/src/rgw/rgw_rest_s3.cc
+++ b/src/rgw/rgw_rest_s3.cc
@@ -2904,12 +2904,12 @@ int RGW_Auth_S3::authorize_v4(RGWRados *store, struct req_state *s)
     /* grab date */
 
     const char *d = s->info.env->get("HTTP_X_AMZ_DATE");
-    s->aws4_auth->date = d ? d : "";
-    if (s->aws4_auth->date.empty()) {
+    struct tm t;
+    if (!parse_iso8601(d, &t, false)) {
       dout(10) << "error reading date via http_x_amz_date" << dendl;
-      return -EINVAL;
+      return -EACCES;
     }
-
+    s->aws4_auth->date = d;
   }
 
   /* AKIAIVKTAZLOCF43WNQD/AAAAMMDD/region/host/aws4_request */