From a113cf5ff5a642d2ee4cc83f5c7001b4bfe0a5df Mon Sep 17 00:00:00 2001 From: Marcus Watts Date: Tue, 20 Dec 2016 00:22:02 -0500 Subject: [PATCH] rgw: s3: secure_port should override port, also apply ssl default right. Without https, only port is set. With https, secure_port and port are both set to the same value. The previous logic looked at port first and had overly simplified conditional logic which was liable to try to apply both non-default cases. The correct behavior is: look secure_port first, and if secure_port is set, then only check to see if it's a non-default port. Signed-off-by: Marcus Watts --- src/rgw/rgw_rest_s3.cc | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc index a6417c51c9f3a..70e07e69b7738 100644 --- a/src/rgw/rgw_rest_s3.cc +++ b/src/rgw/rgw_rest_s3.cc @@ -3798,10 +3798,12 @@ int RGW_Auth_S3::authorize_v4(RGWRados *store, struct req_state *s, bool force_b } string token_value = string(t); if (force_boto2_compat && using_qs && (token == "host")) { - if (!port.empty() && port != "80" && port != "0") { - token_value = token_value + ":" + port; - } else if (!secure_port.empty() && secure_port != "443") { - token_value = token_value + ":" + secure_port; + if (!secure_port.empty()) { + if (secure_port != "443") + token_value = token_value + ":" + secure_port; + } else if (!port.empty()) { + if (port != "80") + token_value = token_value + ":" + port; } } canonical_hdrs_map[token] = rgw_trim_whitespace(token_value); -- 2.39.5