ceph/src/rgw/rgw_crypt_sanitize.cc

   1 /*
   2  * rgw_crypt_sanitize.cc
   3  *
   4  *  Created on: Mar 3, 2017
   5  *      Author: adam
   6  */
   7
   8 #include "rgw_common.h"
   9 #include "rgw_crypt_sanitize.h"
  10 #include "boost/algorithm/string/predicate.hpp"
  11
  12 namespace rgw {
  13 namespace crypt_sanitize {
  14 const char* HTTP_X_AMZ_SERVER_SIDE_ENCRYPTION_CUSTOMER_KEY = "HTTP_X_AMZ_SERVER_SIDE_ENCRYPTION_CUSTOMER_KEY";
  15 const char* x_amz_server_side_encryption_customer_key = "x-amz-server-side-encryption-customer-key";
  16 const char* dollar_x_amz_server_side_encryption_customer_key = "$x-amz-server-side-encryption-customer-key";
  17 const char* suppression_message = "=suppressed due to key presence=";
  18
  19 std::ostream& operator<<(std::ostream& out, const env& e) {
  20   if (g_ceph_context->_conf->rgw_crypt_suppress_logs) {
  21     if (boost::algorithm::iequals(
  22         e.name,
  23         HTTP_X_AMZ_SERVER_SIDE_ENCRYPTION_CUSTOMER_KEY))
  24     {
  25       out << suppression_message;
  26       return out;
  27     }
  28     if (boost::algorithm::iequals(e.name, "QUERY_STRING") &&
  29         boost::algorithm::ifind_first(
  30             e.value,
  31             x_amz_server_side_encryption_customer_key))
  32     {
  33       out << suppression_message;
  34       return out;
  35     }
  36   }
  37   out << e.value;
  38   return out;
  39 }
  40
  41 std::ostream& operator<<(std::ostream& out, const x_meta_map& x) {
  42   if (g_ceph_context->_conf->rgw_crypt_suppress_logs &&
  43       boost::algorithm::iequals(x.name, x_amz_server_side_encryption_customer_key))
  44   {
  45     out << suppression_message;
  46     return out;
  47   }
  48   out << x.value;
  49   return out;
  50 }
  51
  52 std::ostream& operator<<(std::ostream& out, const s3_policy& x) {
  53   if (g_ceph_context->_conf->rgw_crypt_suppress_logs &&
  54       boost::algorithm::iequals(x.name, dollar_x_amz_server_side_encryption_customer_key))
  55   {
  56     out << suppression_message;
  57     return out;
  58   }
  59   out << x.value;
  60   return out;
  61 }
  62
  63 std::ostream& operator<<(std::ostream& out, const auth& x) {
  64   if (g_ceph_context->_conf->rgw_crypt_suppress_logs &&
  65       x.s->info.env->get(HTTP_X_AMZ_SERVER_SIDE_ENCRYPTION_CUSTOMER_KEY, nullptr) != nullptr)
  66   {
  67     out << suppression_message;
  68     return out;
  69   }
  70   out << x.value;
  71   return out;
  72 }
  73
  74 std::ostream& operator<<(std::ostream& out, const log_content& x) {
  75   if (g_ceph_context->_conf->rgw_crypt_suppress_logs &&
  76       boost::algorithm::ifind_first(x.buf, x_amz_server_side_encryption_customer_key)) {
  77     out << suppression_message;
  78     return out;
  79   }
  80   out << x.buf;
  81   return out;
  82 }
  83
  84 }
  85 }