From: Javier M. Mellid <jmunhoz@igalia.com>
Date: Wed, 6 Apr 2016 13:23:17 +0000 (+0200)
Subject: rgw: aws4 subdomain calling bugfix
X-Git-Tag: v10.1.2~37^2
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=refs%2Fpull%2F8472%2Fhead;p=ceph.git

rgw: aws4 subdomain calling bugfix

Fixes: http://tracker.ceph.com/issues/15369

Signed-off-by: Javier M. Mellid <jmunhoz@igalia.com>
---

diff --git a/src/rgw/rgw_common.h b/src/rgw/rgw_common.h
index 90d2ae5a9379..037703ed1ed0 100644
--- a/src/rgw/rgw_common.h
+++ b/src/rgw/rgw_common.h
@@ -1081,6 +1081,7 @@ struct req_info {
   const char *method;
   string script_uri;
   string request_uri;
+  string request_uri_aws4;
   string effective_uri;
   string request_params;
   string domain;
diff --git a/src/rgw/rgw_rest.cc b/src/rgw/rgw_rest.cc
index b60999f48ab1..a165b65692f6 100644
--- a/src/rgw/rgw_rest.cc
+++ b/src/rgw/rgw_rest.cc
@@ -1590,6 +1590,11 @@ int RGWREST::preprocess(struct req_state *s, RGWClientIO* cio)
 {
   req_info& info = s->info;
 
+  /* save the request uri used to hash on the client side. request_uri may suffer
+     modifications as part of the bucket encoding in the subdomain calling format.
+     request_uri_aws4 will be used under aws4 auth */
+  s->info.request_uri_aws4 = s->info.request_uri;
+
   s->cio = cio;
   if (info.host.size()) {
     ldout(s->cct, 10) << "host=" << info.host << dendl;
diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc
index e4731ba0a0bc..0ef62855e092 100644
--- a/src/rgw/rgw_rest_s3.cc
+++ b/src/rgw/rgw_rest_s3.cc
@@ -3409,7 +3409,7 @@ int RGW_Auth_S3::authorize_v4(RGWRados *store, struct req_state *s)
    * that SigV4 typically does. this code follows the same approach that boto library
    * see auth.py:canonical_uri(...) */
 
-  s->aws4_auth->canonical_uri = s->info.request_uri;
+  s->aws4_auth->canonical_uri = s->info.request_uri_aws4;
 
   if (s->aws4_auth->canonical_uri.empty()) {
     s->aws4_auth->canonical_uri = "/";