From: Pritha Srivastava <prsrivas@redhat.com>
Date: Tue, 19 Nov 2024 16:20:58 +0000 (+0530)
Subject: Revert "rgw/auth: Fix the return code returned by AuthStrategy,"
X-Git-Tag: v19.2.3~15^2~2
X-Git-Url: http://git.apps.os.sepia.ceph.com/?a=commitdiff_plain;h=f289b91f080a8e3ffb8cb4b0a29b948d0302738b;p=ceph.git

Revert "rgw/auth: Fix the return code returned by AuthStrategy,"

This reverts commit 6f7ef8620e52be776ef633bb962a4309996529df.

the above fix introduced regression for ec2 auth when rgw_s3_auth_order
has local before external.

fixes: https://tracker.ceph.com/issues/68393

Signed-off-by: Pritha Srivastava <prsrivas@redhat.com>
(cherry picked from commit 543fd1041f5684bcf2a68b691f32096bea47c5f3)
---

diff --git a/src/rgw/rgw_auth.cc b/src/rgw/rgw_auth.cc
index 875f65ee915c3..95d3a39359207 100644
--- a/src/rgw/rgw_auth.cc
+++ b/src/rgw/rgw_auth.cc
@@ -370,7 +370,7 @@ strategy_handle_rejected(rgw::auth::Engine::result_t&& engine_result,
 
     case Control::FALLBACK:
       /* Don't try next. */
-      return std::make_pair(false, std::move(engine_result));
+      return std::make_pair(false, std::move(strategy_result));
 
     default:
       /* Huh, memory corruption? */
diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc
index e0d52a680b6e9..ac9ce25a95467 100644
--- a/src/rgw/rgw_rest_s3.cc
+++ b/src/rgw/rgw_rest_s3.cc
@@ -6281,7 +6281,7 @@ rgw::auth::s3::LocalEngine::authenticate(
   if (driver->get_user_by_access_key(dpp, access_key_id, y, &user) < 0) {
       ldpp_dout(dpp, 5) << "error reading user info, uid=" << access_key_id
               << " can't authenticate" << dendl;
-      return result_t::reject(-ERR_INVALID_ACCESS_KEY);
+      return result_t::deny(-ERR_INVALID_ACCESS_KEY);
   }
   //TODO: Uncomment, when we have a migration plan in place.
   /*else {
@@ -6303,7 +6303,7 @@ rgw::auth::s3::LocalEngine::authenticate(
   const auto iter = user->get_info().access_keys.find(access_key_id);
   if (iter == std::end(user->get_info().access_keys)) {
     ldpp_dout(dpp, 0) << "ERROR: access key not encoded in user info" << dendl;
-    return result_t::reject(-EPERM);
+    return result_t::deny(-EPERM);
   }
   const RGWAccessKey& k = iter->second;
 
@@ -6327,7 +6327,7 @@ rgw::auth::s3::LocalEngine::authenticate(
   ldpp_dout(dpp, 15) << "compare=" << compare << dendl;
 
   if (compare != 0) {
-    return result_t::reject(-ERR_SIGNATURE_NO_MATCH);
+    return result_t::deny(-ERR_SIGNATURE_NO_MATCH);
   }
 
   auto apl = apl_factory->create_apl_local(