From 93117109f1373220a29625c9936f5087f21ee82d Mon Sep 17 00:00:00 2001
From: Matt Benjamin <mbenjamin@redhat.com>
Date: Thu, 5 Dec 2019 11:09:09 -0500
Subject: [PATCH] rgw: s3: don't require a body in S3 put-object-acl

This is a conventional S3 request--omitting the body causes ordinary,
no-body v4 signature checking to be selected (when signing is
AWS_HMAC_SHA256).

Fixes: https://tracker.ceph.com/issues/43148

Signed-off-by: Matt Benjamin <mbenjamin@redhat.com>
---
 src/rgw/rgw_rest_s3.cc | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc
index c021ae0cbba..92c88882293 100644
--- a/src/rgw/rgw_rest_s3.cc
+++ b/src/rgw/rgw_rest_s3.cc
@@ -2737,6 +2737,15 @@ int RGWPutACLs_ObjStore_S3::get_params()
     if (ret_auth < 0) {
       return ret_auth;
     }
+  } else {
+    /* a request body is not required an S3 PutACLs request--n.b.,
+     * s->length is non-null iff a content length was parsed (the
+     * ACP or canned ACL could be in any of 3 headers, don't worry
+     * about that here) */
+    if ((ret == -ERR_LENGTH_REQUIRED) &&
+	!!(s->length)) {
+      return 0;
+    }
   }
   return ret;
 }
-- 
2.39.5