From ea6a7a516234237e1f3c5cfda966c3d53fc174ed Mon Sep 17 00:00:00 2001 From: Casey Bodley Date: Thu, 28 Mar 2024 13:47:30 -0400 Subject: [PATCH] rgw/pubsub: CreateTopic validates topic name existing topics may have invalid names, so this is only enforced by CreateTopic Fixes: https://tracker.ceph.com/issues/65212 Signed-off-by: Casey Bodley --- PendingReleaseNotes | 3 +++ src/rgw/rgw_rest_pubsub.cc | 21 +++++++++++++++++++-- 2 files changed, 22 insertions(+), 2 deletions(-) diff --git a/PendingReleaseNotes b/PendingReleaseNotes index d5ec98fb6b500..184efc70e28f4 100644 --- a/PendingReleaseNotes +++ b/PendingReleaseNotes @@ -121,6 +121,9 @@ CephFS: Disallow delegating preallocated inode ranges to clients. Config See https://docs.ceph.com/en/latest/rados/operations/balancer/ for more information. * CephFS: Full support for subvolumes and subvolume groups is now available for snap_schedule Manager module. +* RGW: The SNS CreateTopic API now enforces the same topic naming requirements as AWS: + Topic names must be made up of only uppercase and lowercase ASCII letters, numbers, + underscores, and hyphens, and must be between 1 and 256 characters long. * RBD: When diffing against the beginning of time (`fromsnapname == NULL`) in fast-diff mode (`whole_object == true` with `fast-diff` image feature enabled and valid), diff-iterate is now guaranteed to execute locally if exclusive diff --git a/src/rgw/rgw_rest_pubsub.cc b/src/rgw/rgw_rest_pubsub.cc index 585eb68caf9bd..431a83213389d 100644 --- a/src/rgw/rgw_rest_pubsub.cc +++ b/src/rgw/rgw_rest_pubsub.cc @@ -4,6 +4,7 @@ #include #include #include +#include #include "rgw_iam_policy.h" #include "rgw_rest_pubsub.h" #include "rgw_pubsub_push.h" @@ -58,6 +59,23 @@ bool validate_and_update_endpoint_secret(rgw_pubsub_dest& dest, CephContext *cct return true; } +bool validate_topic_name(const std::string& name, std::string& message) +{ + constexpr size_t max_topic_name_length = 256; + if (name.size() > max_topic_name_length) { + message = "Name cannot be longer than 256 characters"; + return false; + } + + std::regex pattern("[A-Za-z0-9_-]+"); + if (!std::regex_match(name, pattern)) { + message = "Name must be made up of only uppercase and lowercase " + "ASCII letters, numbers, underscores, and hyphens"; + return false; + } + return true; +} + bool topic_has_endpoint_secret(const rgw_pubsub_topic& topic) { return topic.dest.stored_secret; } @@ -135,8 +153,7 @@ class RGWPSCreateTopicOp : public RGWOp { int get_params() { topic_name = s->info.args.get("Name"); - if (topic_name.empty()) { - ldpp_dout(this, 1) << "CreateTopic Action 'Name' argument is missing" << dendl; + if (!validate_topic_name(topic_name, s->err.message)) { return -EINVAL; } -- 2.39.5