1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
2 // vim: ts=8 sw=2 smarttab
5 * rgw_crypt_sanitize.cc
7 * Created on: Mar 3, 2017
11 #include "rgw_common.h"
12 #include "rgw_crypt_sanitize.h"
13 #include "boost/algorithm/string/predicate.hpp"
16 namespace crypt_sanitize
{
17 const char* HTTP_X_AMZ_SERVER_SIDE_ENCRYPTION_CUSTOMER_KEY
= "HTTP_X_AMZ_SERVER_SIDE_ENCRYPTION_CUSTOMER_KEY";
18 const char* x_amz_server_side_encryption_customer_key
= "x-amz-server-side-encryption-customer-key";
19 const char* dollar_x_amz_server_side_encryption_customer_key
= "$x-amz-server-side-encryption-customer-key";
20 const char* suppression_message
= "=suppressed due to key presence=";
22 std::ostream
& operator<<(std::ostream
& out
, const env
& e
) {
23 if (g_ceph_context
->_conf
->rgw_crypt_suppress_logs
) {
24 if (boost::algorithm::iequals(
26 HTTP_X_AMZ_SERVER_SIDE_ENCRYPTION_CUSTOMER_KEY
))
28 out
<< suppression_message
;
31 if (boost::algorithm::iequals(e
.name
, "QUERY_STRING") &&
32 boost::algorithm::ifind_first(
34 x_amz_server_side_encryption_customer_key
))
36 out
<< suppression_message
;
44 std::ostream
& operator<<(std::ostream
& out
, const x_meta_map
& x
) {
45 if (g_ceph_context
->_conf
->rgw_crypt_suppress_logs
&&
46 boost::algorithm::iequals(x
.name
, x_amz_server_side_encryption_customer_key
))
48 out
<< suppression_message
;
55 std::ostream
& operator<<(std::ostream
& out
, const s3_policy
& x
) {
56 if (g_ceph_context
->_conf
->rgw_crypt_suppress_logs
&&
57 boost::algorithm::iequals(x
.name
, dollar_x_amz_server_side_encryption_customer_key
))
59 out
<< suppression_message
;
66 std::ostream
& operator<<(std::ostream
& out
, const auth
& x
) {
67 if (g_ceph_context
->_conf
->rgw_crypt_suppress_logs
&&
68 x
.s
->info
.env
->get(HTTP_X_AMZ_SERVER_SIDE_ENCRYPTION_CUSTOMER_KEY
, nullptr) != nullptr)
70 out
<< suppression_message
;
77 std::ostream
& operator<<(std::ostream
& out
, const log_content
& x
) {
78 if (g_ceph_context
->_conf
->rgw_crypt_suppress_logs
&&
79 boost::algorithm::ifind_first(x
.buf
, x_amz_server_side_encryption_customer_key
)) {
80 out
<< suppression_message
;