From: Pritha Srivastava <prsrivas@redhat.com>
Date: Fri, 5 Aug 2016 16:13:33 +0000 (+0530)
Subject: rgw: Fix for incorrect access key id reworked ldap auth code.
X-Git-Tag: ses5-milestone5~203^2
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=refs%2Fpull%2F10597%2Fhead;p=ceph.git

rgw: Fix for incorrect access key id reworked ldap auth code.

The reworked ldap code does not use the correct access key id in get_policy.

Signed-off-by: Pritha Srivastava <prsrivas@redhat.com>
---

diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc
index fac111809cc1..c36dda391b73 100644
--- a/src/rgw/rgw_rest_s3.cc
+++ b/src/rgw/rgw_rest_s3.cc
@@ -1714,7 +1714,7 @@ int RGWPostObj_ObjStore_S3::get_policy()
     op_ret = rgw_get_user_info_by_access_key(store, s3_access_key, user_info);
     if (op_ret < 0) {
       S3AuthFactory aplfact(store, s->account_name);
-      RGWLDAPTokenExtractor token_extr(s);
+      RGWGetPolicyLDAPTokenExtractor token_extr(s3_access_key);
       RGWLDAPAuthEngine ldap(s->cct, store, token_extr, &aplfact);
         // try external authenticators
       if (store->ctx()->_conf->rgw_s3_auth_use_keystone &&
diff --git a/src/rgw/rgw_rest_s3.h b/src/rgw/rgw_rest_s3.h
index 0d0a2cd469d6..80e58f2892f1 100644
--- a/src/rgw/rgw_rest_s3.h
+++ b/src/rgw/rgw_rest_s3.h
@@ -689,6 +689,18 @@ public:
   std::string get_token() const override;
 };
 
+class RGWGetPolicyLDAPTokenExtractor : public RGWTokenBasedAuthEngine::Extractor {
+  std::string access_key_id;
+public:
+  RGWGetPolicyLDAPTokenExtractor(std::string access_key_id) {
+    access_key_id = std::move(access_key_id);
+  }
+
+  std::string get_token() const {
+    return access_key_id;
+  }
+};
+
 class S3AuthFactory : public RGWRemoteAuthApplier::Factory {
   typedef RGWAuthApplier::aplptr_t aplptr_t;
   RGWRados * const store;