From 56b8807962b086b1b158b8591137542e921bd71f Mon Sep 17 00:00:00 2001 From: Radoslaw Zarzynski Date: Fri, 28 Jul 2017 11:19:46 -0400 Subject: [PATCH] rgw: Swift's TempURL can handle temp_url_expires written in ISO8601. Fixes: http://tracker.ceph.com/issues/20795 Signed-off-by: Radoslaw Zarzynski --- src/rgw/rgw_swift_auth.cc | 16 +++++++++++++++- src/rgw/rgw_swift_auth.h | 1 + 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/src/rgw/rgw_swift_auth.cc b/src/rgw/rgw_swift_auth.cc index 571a6286031..21bab6cd4bb 100644 --- a/src/rgw/rgw_swift_auth.cc +++ b/src/rgw/rgw_swift_auth.cc @@ -121,6 +121,19 @@ void TempURLEngine::get_owner_info(const req_state* const s, } } +std::string TempURLEngine::convert_from_iso8601(std::string expires) const +{ + /* Swift's TempURL allows clients to send the expiration as ISO8601- + * compatible strings. Though, only plain UNIX timestamp are taken + * for the HMAC calculations. We need to make the conversion. */ + struct tm date_t; + if (!parse_iso8601(expires.c_str(), &date_t, nullptr, true)) { + return std::move(expires); + } else { + return std::to_string(internal_timegm(&date_t)); + } +} + bool TempURLEngine::is_expired(const std::string& expires) const { string err; @@ -254,7 +267,8 @@ TempURLEngine::authenticate(const req_state* const s) const * never returns nullptr. If the requested parameter is absent, we will * get the empty string. */ const std::string& temp_url_sig = s->info.args.get("temp_url_sig"); - const std::string& temp_url_expires = s->info.args.get("temp_url_expires"); + const std::string& temp_url_expires = \ + convert_from_iso8601(s->info.args.get("temp_url_expires")); if (temp_url_sig.empty() || temp_url_expires.empty()) { return result_t::deny(); diff --git a/src/rgw/rgw_swift_auth.h b/src/rgw/rgw_swift_auth.h index d3d1e52db67..0fb95d741ec 100644 --- a/src/rgw/rgw_swift_auth.h +++ b/src/rgw/rgw_swift_auth.h @@ -45,6 +45,7 @@ class TempURLEngine : public rgw::auth::Engine { /* Helper methods. */ void get_owner_info(const req_state* s, RGWUserInfo& owner_info) const; + std::string convert_from_iso8601(std::string expires) const; bool is_applicable(const req_state* s) const noexcept; bool is_expired(const std::string& expires) const; -- 2.47.3