From 06d10fe17ec8b2c46bd9f36d0fe64dd73f6bb74a Mon Sep 17 00:00:00 2001 From: Casey Bodley Date: Mon, 22 Oct 2018 11:04:55 -0400 Subject: [PATCH] common: add config option rgw_trust_forwarded_https Signed-off-by: Casey Bodley (cherry picked from commit d3dd5a9) Signed-off-by: Jonathan Brielmaier --- doc/radosgw/config-ref.rst | 11 +++++++++++ doc/radosgw/encryption.rst | 5 +++++ src/common/legacy_config_opts.h | 1 + src/common/options.cc | 11 +++++++++++ 4 files changed, 28 insertions(+) diff --git a/doc/radosgw/config-ref.rst b/doc/radosgw/config-ref.rst index 45054a9eceb2..d86baf12637f 100644 --- a/doc/radosgw/config-ref.rst +++ b/doc/radosgw/config-ref.rst @@ -576,6 +576,17 @@ Swift Settings :Default: ``false`` +``rgw trust forwarded https`` + +:Description: When a proxy in front of radosgw is used for ssl termination, radosgw + does not know whether incoming http connections are secure. Enable + this option to trust the ``Forwarded`` and ``X-Forwarded-Proto`` headers + sent by the proxy when determining whether the connection is secure. + This is required for some features, such as server side encryption. +:Type: Boolean +:Default: ``false`` + + Logging Settings ================ diff --git a/doc/radosgw/encryption.rst b/doc/radosgw/encryption.rst index a7bb7e2e931b..ea89e502ab0b 100644 --- a/doc/radosgw/encryption.rst +++ b/doc/radosgw/encryption.rst @@ -9,6 +9,11 @@ with 3 options for the management of encryption keys. Server-side encryption means that the data is sent over HTTP in its unencrypted form, and the Ceph Object Gateway stores that data in the Ceph Storage Cluster in encrypted form. +.. note:: Requests for server-side encryption must be sent over a secure HTTPS + connection to avoid sending secrets in plaintext. If a proxy is used + for SSL termination, ``rgw trust forwarded https`` must be enabled + before forwarded requests will be trusted as secure. + Customer-Provided Keys ====================== diff --git a/src/common/legacy_config_opts.h b/src/common/legacy_config_opts.h index a51870ef6428..35d7e96e3cef 100644 --- a/src/common/legacy_config_opts.h +++ b/src/common/legacy_config_opts.h @@ -1540,6 +1540,7 @@ OPTION(rgw_shard_warning_threshold, OPT_DOUBLE) // pct of safe max OPTION(rgw_swift_versioning_enabled, OPT_BOOL) // whether swift object versioning feature is enabled +OPTION(rgw_trust_forwarded_https, OPT_BOOL) // trust Forwarded and X-Forwarded-Proto headers for ssl termination OPTION(rgw_crypt_require_ssl, OPT_BOOL) // requests including encryption key headers must be sent over ssl OPTION(rgw_crypt_default_encryption_key, OPT_STR) // base64 encoded key for encryption of rgw objects OPTION(rgw_crypt_s3_kms_encryption_keys, OPT_STR) // extra keys that may be used for aws:kms diff --git a/src/common/options.cc b/src/common/options.cc index ff3bb1a1be19..eeb15619a93f 100644 --- a/src/common/options.cc +++ b/src/common/options.cc @@ -5572,6 +5572,17 @@ std::vector