| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These changes address checksum header identification and signing
algorithm selection, including checksum trailer verification
for signed- and unsigned-payload cases.
These changes address all the actual S3 request failures I have
so far been able to reproduce, with and without content checksums
and/or new trailing checksum headers, and with and without
SSL.
Fixes: https://tracker.ceph.com/issues/63153
Specifically, it fixes the request failures that motivated the
initial tracker filing. It extracts but does not validate new client
content checksums if present. Validation and management of new
S3 content-checksum headers will follow in a subsequent change.
Signed-off-by: Matt Benjamin <mbenjamin@redhat.com>
squashed commits:
* wip chunk meta parsing--seem to have first AWSv4ComplMulti::ChunkMeta::create_next sort of parsing
* use constexpr sarlen(...) for static array lengths throughout rgw_auth_s3.cc
* link AWSv4CompleMulti::ChunkMeta to its enclosing completer
* capture original content-length header before AWSv4ComplMulti overwrites it
* mostly extract the trailer
* fix misordered content-length, experiment w/exbuf
* save leftover bytes between calls to AWSv4ComplMulti::recv_chunk()
* propagate data_offset_in_stream from AWSv4ComplMulti::recv_chunk()
* clean up trailer section extract
* trailer section cleanup and introduce extract_helper
* unrolled checksum extract--fixup
* fix sv_trailer end pos, and cleanup
* add proplist interface to rgw::auth::Completer and AWSv4ComplMulti
* spliterate trailers
* check completer props
* redefine prop_map to point into already-allocated trailer_vec
* hax: thread a counter onto AWSv4ComplMulti recv_body() and recv_chunk path
* fix apparent bug where due to reads less than chunk_size induce a final, zero-length read that was skipped before forcing recognition of the last chunk in the stream
* check only for a trailing checksum named in x-amz-trailer
* don't try to match signatures when no signature provided (because streaming unsigned)
* oops, fix content_length decl
* fix recognition of next chunk envelope in unsigned aws-chunk case
* clean up AWSv4CompMulti flags and correctly detect aws unsigned chunked
* rework checksum-trailer extraction and introduce AWSv4ComplMulti::calc_v4_trailing_signature
* thread const struct req_state* into AWSv4ComplMulti
* large cleanup of trailer parsing, no regression
* fix trailer signature calculation--checks
* correctly generate final chunk hmac
* typo in comment
* verify trailing signature when expected (using expected final chunk signature)
* move trailer_vec back onto recv_body()'s stack
* remove strange completer comment
* remove last_frag (now points into parsing_buf)
* remove implied dependency on content_length
* move trailer recognition to AWSv4ComplMulti::complete()
* remove now-unused is_last_chunk() predicate
* remove unused ChunkMeta::completer
* responses to review comments
* when trailer is sig expected, fail (only) if none present or if it does not match calculated
* remove stale parse_content_length(...) decl
* remove now-unused AWSv4ComplMulti::content_length
* fix extract_helper end search position as in mut_extract_helper
* change "\n" reserve term in get_canon_amz_hdrs() part of the sum (review)
and initialize length to 0
* remove debugging code
Signed-off-by: Matt Benjamin <mbenjamin@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* access
* acquire
* across
* algorithm
* alternatively
* ambiguous
* attributes
* authenticated
* automatically
* based
* between
* beware
* bootstrap
* bucket
* cache
* character
* check
* cleanup
* combinations
* committed
* comparison
* compatibility
* concurrent
* conditions
* conjunction
* connections
* considered
* contains
* correct
* creates
* crypto
* dependencies
* dequeued
* dequeuing
* derivative
* described
* determine
* deterministic
* detritus
* discrepancy
* display
* either way
* elements
* entirely
* entries
* error
* everything
* expected
* explicitly
* extend
* false
* fclose
* feature
* following
* foreign
* format
* forward
* functionality
* functions
* generated
* getting
* gracefully
* happened
* hashicorp
* healthcheck
* hierarchy
* however
* http
* identify
* idleness
* ignored
* incremental
* information
* initialization
* length
* locally
* macros
* malformed
* means
* mechanism
* multipart
* multiple
* must
* namespace
* necessary
* nonexistent
* notifications
* occurred
* official
* outputs
* outputted
* overridden
* ownership
* parallelism
* partition
* passthrough
* pause
* penguin
* perform
* permission
* populated
* position
* preferably
* prefixes
* presumably
* previous
* print
* quadruple
* reference
* regardless
* registry
* renewed
* request
* requires
* reshard
* resource
* result to
* satisfy
* secret
* separate
* separator
* setting
* shouldn't
* skipping
* some
* somehow
* something
* specific
* struct
* succeeded
* success
* successful
* successfully
* syntax
* testing
* truncated
* unambiguously
* unittest
* unmodified
* unnecessary
* valid_action
* verifying
* versioning
* visible
* whatever
* whenever
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
|
| |
|
|
| |
Signed-off-by: Juan Zhu <jzhu4@dev-10-34-20-139.pw1.bcc.bloomberg.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
body size when rgw returns default html error page in static website
The default html error page as response body should be built completely include three ending html symbols(/ul, /body and /html) before rgw computes Content-Length in response header. The Content-Length in response header will be consistent with response body size. Client can get complete page.
Fixes: https://tracker.ceph.com/issues/52363
(cherry picked from commit cbeaef9fbe96c930fc10b793773e7ecd137fde81)
Co-authored-by: aicun hu <huaicun@chinatelecom.cn>
Co-authored-by: yupeng chen <chenyupeng@chinatelecom.cn>
Signed-off-by: xiangrui meng <mengxr@chinatelecom.cn>
|
| |
|
|
|
|
|
|
| |
avoid copying the header into a separate buffer to do comparisons
Fixes: https://tracker.ceph.com/issues/59490
Signed-off-by: Casey Bodley <cbodley@redhat.com>
|
| |\
| |
| |
| |
| |
| | |
rgw/rest: add 'zero' rest api
Reviewed-by: Daniel Gryniewicz <dang@redhat.com>
Reviewed-by: Matt Benjamin <mbenjamin@redhat.com>
|
| | |
| |
| |
| | |
Signed-off-by: Casey Bodley <cbodley@redhat.com>
|
| |/
|
|
|
|
|
|
|
| |
if a specific rgw_service_provider_name is not configured, add a default
Server response header that includes the ceph release name:
Server: Ceph Object Gateway (reef)
Signed-off-by: Casey Bodley <cbodley@redhat.com>
|
| |
|
|
| |
Signed-off-by: Casey Bodley <cbodley@redhat.com>
|
| |
|
|
| |
Signed-off-by: Casey Bodley <cbodley@redhat.com>
|
| |
|
|
|
|
|
| |
seperate between the different non-bucket handler operations:
iam, sts, sns (topic) and non bucket s3 ops
Signed-off-by: Yuval Lifshitz <ylifshit@redhat.com>
|
| |\
| |
| |
| |
| | |
rgw: add multivalue support to rgw_dns_name config option
Reviewed-by: Casey Bodley <cbodley@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
rgw_dns_name configuration option has extended to define multiple
domain values.
This option is now interpreted as a comma separated list of DNS names.
Example:
rgw_dns_name = cname.domain.com,cname2.domain2.com, cname3.domain3.com
Signed-off-by: Giuseppe Baccini <giuseppe.baccini@suse.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
| |
All along, we've had an overload of the term "store". It was the base
class of the entrypoint, and it was the lowest layer in a stack. This
renames the base class to Driver. So, the primary elements of zipper
that to work are now Drivers, and they come in two different flavors:
Filters live in the middle of the stack, and do not need to implement
every API, but pass through instead. And Stores live a the bottom of
the stack, and must implement the entire API.
Signed-off-by: Daniel Gryniewicz <dang@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In general, e.g., in the S3 ListBucket response, the
output Formatter is already of the type requested in the HTTP
Accept header.
Therefore, while there are still many instances where the of
Formatter is assumed to be XML, it appears necessarily safe
and seemingly correct to extend this assumption to end_header(...),
which sends the response content-type.
Fixes: https://tracker.ceph.com/issues/55680
Signed-off-by: Matt Benjamin <mbenjamin@redhat.com>
|
| |
|
|
|
|
|
| |
This is a pure cleanup. The method to print an RGWFormat object
as a MIME type is now called to_mime_type().
Signed-off-by: Matt Benjamin <mbenjamin@redhat.com>
|
| |
|
|
|
|
|
| |
The "struct" is superfluous and makes it harder for those looking for
the definition.
Signed-off-by: J. Eric Ivancich <ivancich@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Add ZoneGroup and PlacementTier to the Zipper API. This cleaned up a
lot of issues in the Module branch.
In addition, add cloud transition.
Signed-off-by: Daniel Gryniewicz <dang@redhat.com>
|
| |
|
|
|
|
| |
Add rgw rate limiting per user and per bucket
Signed-off-by: Or Friedmann <ofriedma@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
During the documentation pass for the Zipper API, a number of cleanups
were found: APIs that should be slightly different, or that were unused
entirely. This is a rollup commit of all those cleanups.
- move get_multipart_upload() to Bucket
- remove unused defer_gc
- move create_bucket() into User
- rename get_bucket_info() to load_bucket() to match load_user()
- Remove read_bucket_stats()
The codepaths using read_bucket_stats() used CLS data types, and the
function is confusingly named. Load the ent in load_bucket(), and use
an alternative data structure to get size stats for the bucket.
- rename get_bucket_stats to read_stats
- Remove remove_metadata() from API
- remove copy_obj_data() from API
- rename get_obj_layout to dump_obj_layout
- use SAL range_to_ofs
Signed-off-by: Daniel Gryniewicz <dang@redhat.com>
|
| |
|
|
| |
Signed-off-by: Casey Bodley <cbodley@redhat.com>
|
| |
|
|
| |
Signed-off-by: Casey Bodley <cbodley@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
`len` is used to track the total length of received data, but we already
collect the data in `bl`, so we can always check `bl` for the total
length. this change also silences following warning from Clang:
../src/rgw/rgw_rest.cc:1477:21: warning: variable 'len' set but not used [-Wunused-but-set-variable]
int read_len = 0, len = 0;
^
1 warning generated.
Signed-off-by: Kefu Chai <kchai@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
* add "std::" prefix in headers
* add "using" declarations in .cc files.
so we don't rely on "using namespace std" in one or more included
headers.
Signed-off-by: Kefu Chai <kchai@redhat.com>
|
| |
|
|
|
|
| |
Create a MultipartUpload object in the Zipper API.
Signed-off-by: Daniel Gryniewicz <dang@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit contains the following major
changes:
- Most log output lines for major ops now have
DoutPrefixProviders.
- Create new macro ldpp_subdout. This macro is meant
as a replacement for lsubdout for headerfiles that
do not define the rgw subsys.
- Changes to RGWObjManifest begin and end iterators.
- Make it so that rgw_dencoder.cc should only contain the
logic related to encoding.
Also add dpp to ldouts and lderr's already using
req_state and replace sync_env/env->dpp's with dpp's
Signed-off-by: Ali Maredia <amaredia@redhat.com>
Signed-off-by: Kalpesh Pandya <kapandya@redhat.com>
Signed-off-by: Casey Bodley <cbodley@redhat.com>
|
| |
|
|
| |
Signed-off-by: Daniel Gryniewicz <dang@redhat.com>
|
| |
|
|
|
|
| |
Change type *var; to type* var;
Signed-off-by: Daniel Gryniewicz <dang@redhat.com>
|
| |
|
|
|
|
|
| |
Rename RGWFoo to Foo. It's all in the rgw::sal namespace anyway, so the
RGW is redundant.
Signed-off-by: Daniel Gryniewicz <dang@redhat.com>
|
| |
|
|
|
|
| |
and add a few ops to the list of ops that complete aws4 signature.
Signed-off-by: Yehuda Sadeh <yehuda@redhat.com>
|
| |
|
|
|
|
|
|
| |
This commit changes the RGWStoreManager to return a RGWStore* rather
than a RGWRadosStore*. This is the thread that unravels the rest of the
Zipper work, removing hard-coded uses of the RGWRados* classes.
Signed-off-by: Daniel Gryniewicz <dang@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This commit hits all log messages for a create bucket
request and ensures each has a DoutPrefixProvider.
This commit gets dpp's all the way down to rgw/services
up way though to rgw_op.cc, rgw_rest.cc files,
rgw_admin.cc, etc.
This commit also removes store as dpp in rgw_sal.h
Signed-off-by: Ali Maredia <amaredia@redhat.com>
|
| |
|
|
| |
Signed-off-by: Adam C. Emerson <aemerson@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
RGWOp_Bucket_Remove::execute() was storing failures from
bucket->remove_bucket() in op_ret, but left http_ret=0 so we responded
to the client with '200 OK'
to avoid bugs like this, remove the extra http_ret variable and only use
the op_ret from RGWOp
Signed-off-by: Casey Bodley <cbodley@redhat.com>
|
| |
|
|
| |
Signed-off-by: Daniel Gryniewicz <dang@redhat.com>
|
| |
|
|
|
|
|
|
| |
This pass modifies RGW to use RGWObject and RGWRadosObject.
Also improves RGWBucket usage. This converts many of the APIs to
unique_ptr.
Signed-off-by: Daniel Gryniewicz <dang@redhat.com>
|
| |\
| |
| | |
rgw: add s3select support
|
| | |
| |
| |
| |
| |
| | |
is able to run s3-select queries on CSV-s3object;
Signed-off-by: gal salomon <gal.salomon@gmail.com>
|
| |/
|
|
|
|
|
| |
This commit replaces boost's string_ref and string_view cpp's in built std::string_view
Fixes: https://tracker.ceph.com/issues/39619
Signed-off-by: Prateek Sachan <psachan@cs.iitr.ac.in>
|
| |
|
|
|
|
| |
Drop emptiness check and then appending to the policy
Signed-off-by: Abhishek Lekshmanan <abhishek@suse.com>
|
| |\
| |
| |
| |
| |
| | |
rgw: fix SignatureDoesNotMatch when use ipv6 address in s3 client
Reviewed-By: Casey Bodley <cbodley@redhat.com>
Reviewed-By: Abhishek Lekshmanan <abhishek@suse.com>
|
| | |
| |
| |
| |
| |
| | |
fix: https://tracker.ceph.com/issues/42218
Signed-off-by: yuliyang <yuliyang@cmss.chinamobile.com>
|
| | |
| |
| |
| | |
Signed-off-by: Daniel Gryniewicz <dang@redhat.com>
|
| |/
|
|
|
|
|
|
| |
url encode keys, upload ids & prefixes based on encoding-type, reject invalid
encoding types at the param parsing phase
Fixes: https://tracker.ceph.com/issues/42372
Signed-off-by: Abhishek Lekshmanan <abhishek@suse.com>
|
| |
|
|
|
|
| |
Fixes: https://tracker.ceph.com/issues/41692
Signed-off-by: Casey Bodley <cbodley@redhat.com>
|
| |
|
|
| |
Signed-off-by: Daniel Gryniewicz <dang@redhat.com>
|
| |\
| |
| |
| |
| | |
rgw: make dns hostnames matching case insensitive
Reviewed-by: Casey Bodley <cbodley@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently when parsing host in requests, we try to case match against supplied
hostnames set, which violates dns hostnames being case insensitive. Do a case
insensitive comparision instead
Fixes: http://tracker.ceph.com/issues/40995
Signed-off-by: Abhishek Lekshmanan <abhishek@suse.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is the first part of Project Zipper, the Store Abstraction Layer.
It introduces the basic framework, and wraps RGWRados in RGWRadosStore.
The goal over the next few weeks is to do the same for user, bucket, and
object. This will make most of the remaining users of RGWRados wrapped
in SAL classes, allowing it to be completely absorbed into the private
RGWRadosStore. This will also expose all the APIs that need to be
pusheg up to higher layers in the SAL.
Signed-off-by: Daniel Gryniewicz <dang@redhat.com>
|
| | |
| |
| |
| | |
Signed-off-by: Yehuda Sadeh <yehuda@redhat.com>
|
