1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
2 // vim: ts=8 sw=2 smarttab
8 #include <boost/algorithm/string.hpp>
9 #include "common/Formatter.h"
10 #include "common/HTMLFormatter.h"
11 #include "common/utf8.h"
12 #include "include/str_list.h"
13 #include "rgw_common.h"
14 #include "rgw_rados.h"
15 #include "rgw_formats.h"
18 #include "rgw_rest_swift.h"
19 #include "rgw_rest_s3.h"
20 #include "rgw_swift_auth.h"
21 #include "rgw_cors_s3.h"
23 #include "rgw_client_io.h"
24 #include "rgw_resolve.h"
28 #define dout_subsys ceph_subsys_rgw
30 struct rgw_http_status_code
{
35 const static struct rgw_http_status_code http_codes
[] = {
40 { 204, "No Content" },
41 { 205, "Reset Content" },
42 { 206, "Partial Content" },
43 { 207, "Multi Status" },
44 { 208, "Already Reported" },
45 { 300, "Multiple Choices" },
46 { 301, "Moved Permanently" },
49 { 304, "Not Modified" },
50 { 305, "User Proxy" },
51 { 306, "Switch Proxy" },
52 { 307, "Temporary Redirect" },
53 { 308, "Permanent Redirect" },
54 { 400, "Bad Request" },
55 { 401, "Unauthorized" },
56 { 402, "Payment Required" },
59 { 405, "Method Not Allowed" },
60 { 406, "Not Acceptable" },
61 { 407, "Proxy Authentication Required" },
62 { 408, "Request Timeout" },
65 { 411, "Length Required" },
66 { 412, "Precondition Failed" },
67 { 413, "Request Entity Too Large" },
68 { 414, "Request-URI Too Long" },
69 { 415, "Unsupported Media Type" },
70 { 416, "Requested Range Not Satisfiable" },
71 { 417, "Expectation Failed" },
72 { 422, "Unprocessable Entity" },
73 { 500, "Internal Server Error" },
74 { 501, "Not Implemented" },
78 struct rgw_http_attr
{
80 const char *http_attr
;
84 * mapping between rgw object attrs and output http fields
86 static const struct rgw_http_attr base_rgw_to_http_attrs
[] = {
87 { RGW_ATTR_CONTENT_LANG
, "Content-Language" },
88 { RGW_ATTR_EXPIRES
, "Expires" },
89 { RGW_ATTR_CACHE_CONTROL
, "Cache-Control" },
90 { RGW_ATTR_CONTENT_DISP
, "Content-Disposition" },
91 { RGW_ATTR_CONTENT_ENC
, "Content-Encoding" },
92 { RGW_ATTR_USER_MANIFEST
, "X-Object-Manifest" },
93 { RGW_ATTR_X_ROBOTS_TAG
, "X-Robots-Tag" },
94 /* RGW_ATTR_AMZ_WEBSITE_REDIRECT_LOCATION header depends on access mode:
95 * S3 endpoint: x-amz-website-redirect-location
96 * S3Website endpoint: Location
98 { RGW_ATTR_AMZ_WEBSITE_REDIRECT_LOCATION
, "x-amz-website-redirect-location" },
102 struct generic_attr
{
103 const char *http_header
;
104 const char *rgw_attr
;
108 * mapping between http env fields and rgw object attrs
110 static const struct generic_attr generic_attrs
[] = {
111 { "CONTENT_TYPE", RGW_ATTR_CONTENT_TYPE
},
112 { "HTTP_CONTENT_LANGUAGE", RGW_ATTR_CONTENT_LANG
},
113 { "HTTP_EXPIRES", RGW_ATTR_EXPIRES
},
114 { "HTTP_CACHE_CONTROL", RGW_ATTR_CACHE_CONTROL
},
115 { "HTTP_CONTENT_DISPOSITION", RGW_ATTR_CONTENT_DISP
},
116 { "HTTP_CONTENT_ENCODING", RGW_ATTR_CONTENT_ENC
},
117 { "HTTP_X_ROBOTS_TAG", RGW_ATTR_X_ROBOTS_TAG
},
120 map
<string
, string
> rgw_to_http_attrs
;
121 static map
<string
, string
> generic_attrs_map
;
122 map
<int, const char *> http_status_names
;
125 * make attrs look_like_this
126 * converts dashes to underscores
128 string
lowercase_underscore_http_attr(const string
& orig
)
130 const char *s
= orig
.c_str();
131 char buf
[orig
.size() + 1];
132 buf
[orig
.size()] = '\0';
134 for (size_t i
= 0; i
< orig
.size(); ++i
, ++s
) {
140 buf
[i
] = tolower(*s
);
147 * make attrs LOOK_LIKE_THIS
148 * converts dashes to underscores
150 string
uppercase_underscore_http_attr(const string
& orig
)
152 const char *s
= orig
.c_str();
153 char buf
[orig
.size() + 1];
154 buf
[orig
.size()] = '\0';
156 for (size_t i
= 0; i
< orig
.size(); ++i
, ++s
) {
162 buf
[i
] = toupper(*s
);
169 * make attrs look-like-this
170 * converts underscores to dashes
172 string
lowercase_dash_http_attr(const string
& orig
)
174 const char *s
= orig
.c_str();
175 char buf
[orig
.size() + 1];
176 buf
[orig
.size()] = '\0';
178 for (size_t i
= 0; i
< orig
.size(); ++i
, ++s
) {
184 buf
[i
] = tolower(*s
);
191 * make attrs Look-Like-This
192 * converts underscores to dashes
194 string
camelcase_dash_http_attr(const string
& orig
)
196 const char *s
= orig
.c_str();
197 char buf
[orig
.size() + 1];
198 buf
[orig
.size()] = '\0';
200 bool last_sep
= true;
202 for (size_t i
= 0; i
< orig
.size(); ++i
, ++s
) {
211 buf
[i
] = toupper(*s
);
213 buf
[i
] = tolower(*s
);
221 /* avoid duplicate hostnames in hostnames lists */
222 static set
<string
> hostnames_set
;
223 static set
<string
> hostnames_s3website_set
;
225 void rgw_rest_init(CephContext
*cct
, RGWRados
*store
, RGWZoneGroup
& zone_group
)
227 store
->init_host_id();
229 for (const auto& rgw2http
: base_rgw_to_http_attrs
) {
230 rgw_to_http_attrs
[rgw2http
.rgw_attr
] = rgw2http
.http_attr
;
233 for (const auto& http2rgw
: generic_attrs
) {
234 generic_attrs_map
[http2rgw
.http_header
] = http2rgw
.rgw_attr
;
237 list
<string
> extended_http_attrs
;
238 get_str_list(cct
->_conf
->rgw_extended_http_attrs
, extended_http_attrs
);
240 list
<string
>::iterator iter
;
241 for (iter
= extended_http_attrs
.begin(); iter
!= extended_http_attrs
.end(); ++iter
) {
242 string rgw_attr
= RGW_ATTR_PREFIX
;
243 rgw_attr
.append(lowercase_underscore_http_attr(*iter
));
245 rgw_to_http_attrs
[rgw_attr
] = camelcase_dash_http_attr(*iter
);
247 string http_header
= "HTTP_";
248 http_header
.append(uppercase_underscore_http_attr(*iter
));
250 generic_attrs_map
[http_header
] = rgw_attr
;
253 for (const struct rgw_http_status_code
*h
= http_codes
; h
->code
; h
++) {
254 http_status_names
[h
->code
] = h
->name
;
257 hostnames_set
.insert(cct
->_conf
->rgw_dns_name
);
258 hostnames_set
.insert(zone_group
.hostnames
.begin(), zone_group
.hostnames
.end());
259 hostnames_set
.erase(""); // filter out empty hostnames
260 ldout(cct
, 20) << "RGW hostnames: " << hostnames_set
<< dendl
;
261 /* TODO: We should have a sanity check that no hostname matches the end of
262 * any other hostname, otherwise we will get ambigious results from
263 * rgw_find_host_in_domains.
265 * Hostnames: [A, B.A]
266 * Inputs: [Z.A, X.B.A]
267 * Z.A clearly splits to subdomain=Z, domain=Z
268 * X.B.A ambigously splits to both {X, B.A} and {X.B, A}
271 hostnames_s3website_set
.insert(cct
->_conf
->rgw_dns_s3website_name
);
272 hostnames_s3website_set
.insert(zone_group
.hostnames_s3website
.begin(), zone_group
.hostnames_s3website
.end());
273 hostnames_s3website_set
.erase(""); // filter out empty hostnames
274 ldout(cct
, 20) << "RGW S3website hostnames: " << hostnames_s3website_set
<< dendl
;
275 /* TODO: we should repeat the hostnames_set sanity check here
276 * and ALSO decide about overlap, if any
280 static bool str_ends_with(const string
& s
, const string
& suffix
, size_t *pos
)
282 size_t len
= suffix
.size();
283 if (len
> (size_t)s
.size()) {
287 ssize_t p
= s
.size() - len
;
292 return s
.compare(p
, len
, suffix
) == 0;
295 static bool rgw_find_host_in_domains(const string
& host
, string
*domain
, string
*subdomain
, set
<string
> valid_hostnames_set
)
297 set
<string
>::iterator iter
;
298 /** TODO, Future optimization
299 * store hostnames_set elements _reversed_, and look for a prefix match,
300 * which is much faster than a suffix match.
302 for (iter
= valid_hostnames_set
.begin(); iter
!= valid_hostnames_set
.end(); ++iter
) {
304 if (!str_ends_with(host
, *iter
, &pos
))
311 if (host
[pos
- 1] != '.') {
315 *domain
= host
.substr(pos
);
316 *subdomain
= host
.substr(0, pos
- 1);
323 static void dump_status(struct req_state
*s
, int status
,
324 const char *status_name
)
326 s
->formatter
->set_status(status
, status_name
);
328 RESTFUL_IO(s
)->send_status(status
, status_name
);
329 } catch (rgw::io::Exception
& e
) {
330 ldout(s
->cct
, 0) << "ERROR: s->cio->send_status() returned err="
331 << e
.what() << dendl
;
335 void rgw_flush_formatter_and_reset(struct req_state
*s
, Formatter
*formatter
)
337 std::ostringstream oss
;
338 formatter
->output_footer();
339 formatter
->flush(oss
);
340 std::string
outs(oss
.str());
341 if (!outs
.empty() && s
->op
!= OP_HEAD
) {
345 s
->formatter
->reset();
348 void rgw_flush_formatter(struct req_state
*s
, Formatter
*formatter
)
350 std::ostringstream oss
;
351 formatter
->flush(oss
);
352 std::string
outs(oss
.str());
353 if (!outs
.empty() && s
->op
!= OP_HEAD
) {
358 void dump_errno(int http_ret
, string
& out
) {
361 ss
<< http_ret
<< " " << http_status_names
[http_ret
];
365 void dump_errno(const struct rgw_err
&err
, string
& out
) {
366 dump_errno(err
.http_ret
, out
);
369 void dump_errno(struct req_state
*s
)
371 dump_status(s
, s
->err
.http_ret
, http_status_names
[s
->err
.http_ret
]);
374 void dump_errno(struct req_state
*s
, int http_ret
)
376 dump_status(s
, http_ret
, http_status_names
[http_ret
]);
379 void dump_header(struct req_state
* const s
,
380 const boost::string_ref
& name
,
381 const boost::string_ref
& val
)
384 RESTFUL_IO(s
)->send_header(name
, val
);
385 } catch (rgw::io::Exception
& e
) {
386 ldout(s
->cct
, 0) << "ERROR: s->cio->send_header() returned err="
387 << e
.what() << dendl
;
391 static inline boost::string_ref
get_sanitized_hdrval(ceph::buffer::list
& raw
)
393 /* std::string and thus boost::string_ref ARE OBLIGED to carry multiple
394 * 0x00 and count them to the length of a string. We need to take that
395 * into consideration and sanitize the size of a ceph::buffer::list used
396 * to store metadata values (x-amz-meta-*, X-Container-Meta-*, etags).
397 * Otherwise we might send 0x00 to clients. */
398 const char* const data
= raw
.c_str();
399 size_t len
= raw
.length();
401 if (len
&& data
[len
- 1] == '\0') {
402 /* That's the case - the null byte has been included at the last position
403 * of the bufferlist. We need to restore the proper string length we'll
404 * pass to string_ref. */
408 return boost::string_ref(data
, len
);
411 void dump_header(struct req_state
* const s
,
412 const boost::string_ref
& name
,
413 ceph::buffer::list
& bl
)
415 return dump_header(s
, name
, get_sanitized_hdrval(bl
));
418 void dump_header(struct req_state
* const s
,
419 const boost::string_ref
& name
,
423 const auto len
= snprintf(buf
, sizeof(buf
), "%lld", val
);
425 return dump_header(s
, name
, boost::string_ref(buf
, len
));
428 void dump_header(struct req_state
* const s
,
429 const boost::string_ref
& name
,
433 const auto len
= snprintf(buf
, sizeof(buf
), "%lld.%05d",
434 static_cast<long long>(ut
.sec()),
435 static_cast<int>(ut
.usec() / 10));
437 return dump_header(s
, name
, boost::string_ref(buf
, len
));
440 void dump_content_length(struct req_state
* const s
, const uint64_t len
)
443 RESTFUL_IO(s
)->send_content_length(len
);
444 } catch (rgw::io::Exception
& e
) {
445 ldout(s
->cct
, 0) << "ERROR: s->cio->send_content_length() returned err="
446 << e
.what() << dendl
;
448 dump_header(s
, "Accept-Ranges", "bytes");
451 static void dump_chunked_encoding(struct req_state
* const s
)
454 RESTFUL_IO(s
)->send_chunked_transfer_encoding();
455 } catch (rgw::io::Exception
& e
) {
456 ldout(s
->cct
, 0) << "ERROR: RESTFUL_IO(s)->send_chunked_transfer_encoding()"
457 << " returned err=" << e
.what() << dendl
;
461 void dump_etag(struct req_state
* const s
,
462 const boost::string_ref
& etag
,
469 if (s
->prot_flags
& RGW_REST_SWIFT
&& ! quoted
) {
470 return dump_header(s
, "etag", etag
);
472 return dump_header_quoted(s
, "ETag", etag
);
476 void dump_etag(struct req_state
* const s
,
477 ceph::buffer::list
& bl_etag
,
480 return dump_etag(s
, get_sanitized_hdrval(bl_etag
), quoted
);
483 void dump_bucket_from_state(struct req_state
*s
)
485 if (g_conf
->rgw_expose_bucket
&& ! s
->bucket_name
.empty()) {
486 if (! s
->bucket_tenant
.empty()) {
487 dump_header(s
, "Bucket",
488 url_encode(s
->bucket_tenant
+ "/" + s
->bucket_name
));
490 dump_header(s
, "Bucket", url_encode(s
->bucket_name
));
495 void dump_uri_from_state(struct req_state
*s
)
497 if (strcmp(s
->info
.request_uri
.c_str(), "/") == 0) {
499 string location
= "http://";
500 string server
= s
->info
.env
->get("SERVER_NAME", "<SERVER_NAME>");
501 location
.append(server
);
503 if (!s
->bucket_name
.empty()) {
504 if (!s
->bucket_tenant
.empty()) {
505 location
+= s
->bucket_tenant
;
508 location
+= s
->bucket_name
;
510 if (!s
->object
.empty()) {
511 location
+= s
->object
.name
;
512 dump_header(s
, "Location", location
);
516 dump_header_quoted(s
, "Location", s
->info
.request_uri
);
520 void dump_redirect(struct req_state
* const s
, const std::string
& redirect
)
522 return dump_header_if_nonempty(s
, "Location", redirect
);
525 static size_t dump_time_header_impl(char (×tr
)[TIME_BUF_SIZE
],
529 time_t secs
= static_cast<time_t>(ut
.sec());
532 const struct tm
* const tmp
= gmtime_r(&secs
, &result
);
533 if (tmp
== nullptr) {
537 return strftime(timestr
, sizeof(timestr
),
538 "%a, %d %b %Y %H:%M:%S %Z", tmp
);
541 void dump_time_header(struct req_state
*s
, const char *name
, real_time t
)
543 char timestr
[TIME_BUF_SIZE
];
545 const size_t len
= dump_time_header_impl(timestr
, t
);
550 return dump_header(s
, name
, boost::string_ref(timestr
, len
));
553 std::string
dump_time_to_str(const real_time
& t
)
555 char timestr
[TIME_BUF_SIZE
];
556 dump_time_header_impl(timestr
, t
);
562 void dump_last_modified(struct req_state
*s
, real_time t
)
564 dump_time_header(s
, "Last-Modified", t
);
567 void dump_epoch_header(struct req_state
*s
, const char *name
, real_time t
)
571 const auto len
= snprintf(buf
, sizeof(buf
), "%lld.%09lld",
573 (long long)ut
.nsec());
575 return dump_header(s
, name
, boost::string_ref(buf
, len
));
578 void dump_time(struct req_state
*s
, const char *name
, real_time
*t
)
580 char buf
[TIME_BUF_SIZE
];
581 rgw_to_iso8601(*t
, buf
, sizeof(buf
));
583 s
->formatter
->dump_string(name
, buf
);
586 void dump_owner(struct req_state
*s
, const rgw_user
& id
, string
& name
,
591 s
->formatter
->open_object_section(section
);
592 s
->formatter
->dump_string("ID", id
.to_str());
593 s
->formatter
->dump_string("DisplayName", name
);
594 s
->formatter
->close_section();
597 void dump_access_control(struct req_state
*s
, const char *origin
,
599 const char *hdr
, const char *exp_hdr
,
601 if (origin
&& (origin
[0] != '\0')) {
602 dump_header(s
, "Access-Control-Allow-Origin", origin
);
603 /* If the server specifies an origin host rather than "*",
604 * then it must also include Origin in the Vary response header
605 * to indicate to clients that server responses will differ
606 * based on the value of the Origin request header.
608 if (strcmp(origin
, "*") != 0) {
609 dump_header(s
, "Vary", "Origin");
612 if (meth
&& (meth
[0] != '\0')) {
613 dump_header(s
, "Access-Control-Allow-Methods", meth
);
615 if (hdr
&& (hdr
[0] != '\0')) {
616 dump_header(s
, "Access-Control-Allow-Headers", hdr
);
618 if (exp_hdr
&& (exp_hdr
[0] != '\0')) {
619 dump_header(s
, "Access-Control-Expose-Headers", exp_hdr
);
621 if (max_age
!= CORS_MAX_AGE_INVALID
) {
622 dump_header(s
, "Access-Control-Max-Age", max_age
);
627 void dump_access_control(req_state
*s
, RGWOp
*op
)
633 unsigned max_age
= CORS_MAX_AGE_INVALID
;
635 if (!op
->generate_cors_headers(origin
, method
, header
, exp_header
, &max_age
))
638 dump_access_control(s
, origin
.c_str(), method
.c_str(), header
.c_str(),
639 exp_header
.c_str(), max_age
);
642 void dump_start(struct req_state
*s
)
644 if (!s
->content_started
) {
645 s
->formatter
->output_header();
646 s
->content_started
= true;
650 void dump_trans_id(req_state
*s
)
652 if (s
->prot_flags
& RGW_REST_SWIFT
) {
653 dump_header(s
, "X-Trans-Id", s
->trans_id
);
654 dump_header(s
, "X-Openstack-Request-Id", s
->trans_id
);
655 } else if (s
->trans_id
.length()) {
656 dump_header(s
, "x-amz-request-id", s
->trans_id
);
660 void end_header(struct req_state
* s
, RGWOp
* op
, const char *content_type
,
661 const int64_t proposed_content_length
, bool force_content_type
,
668 if ((!s
->is_err()) &&
669 (s
->bucket_info
.owner
!= s
->user
->user_id
) &&
670 (s
->bucket_info
.requester_pays
)) {
671 dump_header(s
, "x-amz-request-charged", "requester");
675 dump_access_control(s
, op
);
678 if (s
->prot_flags
& RGW_REST_SWIFT
&& !content_type
) {
679 force_content_type
= true;
682 /* do not send content type if content length is zero
683 and the content type was not set by the user */
684 if (force_content_type
||
685 (!content_type
&& s
->formatter
->get_len() != 0) || s
->is_err()){
688 ctype
= "application/xml";
690 case RGW_FORMAT_JSON
:
691 ctype
= "application/json";
693 case RGW_FORMAT_HTML
:
697 ctype
= "text/plain";
700 if (s
->prot_flags
& RGW_REST_SWIFT
)
701 ctype
.append("; charset=utf-8");
702 content_type
= ctype
.c_str();
704 if (!force_no_error
&& s
->is_err()) {
707 dump_content_length(s
, s
->formatter
->get_len());
709 if (proposed_content_length
== CHUNKED_TRANSFER_ENCODING
) {
710 dump_chunked_encoding(s
);
711 } else if (proposed_content_length
!= NO_CONTENT_LENGTH
) {
712 dump_content_length(s
, proposed_content_length
);
717 dump_header(s
, "Content-Type", content_type
);
721 RESTFUL_IO(s
)->complete_header();
722 } catch (rgw::io::Exception
& e
) {
723 ldout(s
->cct
, 0) << "ERROR: RESTFUL_IO(s)->complete_header() returned err="
724 << e
.what() << dendl
;
727 ACCOUNTING_IO(s
)->set_account(true);
728 rgw_flush_formatter_and_reset(s
, s
->formatter
);
731 void abort_early(struct req_state
*s
, RGWOp
* op
, int err_no
,
734 string
error_content("");
736 s
->formatter
= new JSONFormatter
;
737 s
->format
= RGW_FORMAT_JSON
;
740 // op->error_handler is responsible for calling it's handler error_handler
743 new_err_no
= op
->error_handler(err_no
, &error_content
);
744 ldout(s
->cct
, 20) << "op->ERRORHANDLER: err_no=" << err_no
745 << " new_err_no=" << new_err_no
<< dendl
;
747 } else if (handler
!= NULL
) {
749 new_err_no
= handler
->error_handler(err_no
, &error_content
);
750 ldout(s
->cct
, 20) << "handler->ERRORHANDLER: err_no=" << err_no
751 << " new_err_no=" << new_err_no
<< dendl
;
755 // If the error handler(s) above dealt with it completely, they should have
756 // returned 0. If non-zero, we need to continue here.
758 // Watch out, we might have a custom error state already set!
759 if (!s
->err
.http_ret
|| s
->err
.http_ret
== 200) {
760 set_req_state_err(s
, err_no
);
763 dump_bucket_from_state(s
);
764 if (err_no
== -ERR_PERMANENT_REDIRECT
|| err_no
== -ERR_WEBSITE_REDIRECT
) {
766 if (!s
->redirect
.empty()) {
767 dest_uri
= s
->redirect
;
768 } else if (!s
->zonegroup_endpoint
.empty()) {
769 dest_uri
= s
->zonegroup_endpoint
;
771 * reqest_uri is always start with slash, so we need to remove
772 * the unnecessary slash at the end of dest_uri.
774 if (dest_uri
[dest_uri
.size() - 1] == '/') {
775 dest_uri
= dest_uri
.substr(0, dest_uri
.size() - 1);
777 dest_uri
+= s
->info
.request_uri
;
779 dest_uri
+= s
->info
.request_params
;
782 if (!dest_uri
.empty()) {
783 dump_redirect(s
, dest_uri
);
787 if (!error_content
.empty()) {
789 * TODO we must add all error entries as headers here:
790 * when having a working errordoc, then the s3 error fields are
791 * rendered as HTTP headers, e.g.:
792 * x-amz-error-code: NoSuchKey
793 * x-amz-error-message: The specified key does not exist.
794 * x-amz-error-detail-Key: foo
796 end_header(s
, op
, NULL
, error_content
.size(), false, true);
797 RESTFUL_IO(s
)->send_body(error_content
.c_str(), error_content
.size());
802 perfcounter
->inc(l_rgw_failed_req
);
805 void dump_continue(struct req_state
* const s
)
808 RESTFUL_IO(s
)->send_100_continue();
809 } catch (rgw::io::Exception
& e
) {
810 ldout(s
->cct
, 0) << "ERROR: RESTFUL_IO(s)->send_100_continue() returned err="
811 << e
.what() << dendl
;
815 void dump_range(struct req_state
* const s
,
818 const uint64_t total
)
820 /* dumping range into temp buffer first, as libfcgi will fail to digest
826 len
= snprintf(range_buf
, sizeof(range_buf
), "bytes */%lld",
827 static_cast<long long>(total
));
829 len
= snprintf(range_buf
, sizeof(range_buf
), "bytes %lld-%lld/%lld",
830 static_cast<long long>(ofs
),
831 static_cast<long long>(end
),
832 static_cast<long long>(total
));
835 return dump_header(s
, "Content-Range", boost::string_ref(range_buf
, len
));
839 int dump_body(struct req_state
* const s
,
840 const char* const buf
,
844 return RESTFUL_IO(s
)->send_body(buf
, len
);
845 } catch (rgw::io::Exception
& e
) {
846 return -e
.code().value();
850 int dump_body(struct req_state
* const s
, /* const */ ceph::buffer::list
& bl
)
852 return dump_body(s
, bl
.c_str(), bl
.length());
855 int dump_body(struct req_state
* const s
, const std::string
& str
)
857 return dump_body(s
, str
.c_str(), str
.length());
860 int recv_body(struct req_state
* const s
,
865 return RESTFUL_IO(s
)->recv_body(buf
, max
);
866 } catch (rgw::io::Exception
& e
) {
867 return -e
.code().value();
871 int RGWGetObj_ObjStore::get_params()
873 range_str
= s
->info
.env
->get("HTTP_RANGE");
874 if_mod
= s
->info
.env
->get("HTTP_IF_MODIFIED_SINCE");
875 if_unmod
= s
->info
.env
->get("HTTP_IF_UNMODIFIED_SINCE");
876 if_match
= s
->info
.env
->get("HTTP_IF_MATCH");
877 if_nomatch
= s
->info
.env
->get("HTTP_IF_NONE_MATCH");
879 if (s
->system_request
) {
880 mod_zone_id
= s
->info
.env
->get_int("HTTP_DEST_ZONE_SHORT_ID", 0);
881 mod_pg_ver
= s
->info
.env
->get_int("HTTP_DEST_PG_VER", 0);
882 rgwx_stat
= s
->info
.args
.exists(RGW_SYS_PARAM_PREFIX
"stat");
883 get_data
&= (!rgwx_stat
);
886 if (s
->info
.args
.exists(GET_TORRENT
)) {
887 return torrent
.get_params();
892 int RESTArgs::get_string(struct req_state
*s
, const string
& name
,
893 const string
& def_val
, string
*val
, bool *existed
)
896 *val
= s
->info
.args
.get(name
, &exists
);
909 int RESTArgs::get_uint64(struct req_state
*s
, const string
& name
,
910 uint64_t def_val
, uint64_t *val
, bool *existed
)
913 string sval
= s
->info
.args
.get(name
, &exists
);
923 int r
= stringtoull(sval
, val
);
930 int RESTArgs::get_int64(struct req_state
*s
, const string
& name
,
931 int64_t def_val
, int64_t *val
, bool *existed
)
934 string sval
= s
->info
.args
.get(name
, &exists
);
944 int r
= stringtoll(sval
, val
);
951 int RESTArgs::get_uint32(struct req_state
*s
, const string
& name
,
952 uint32_t def_val
, uint32_t *val
, bool *existed
)
955 string sval
= s
->info
.args
.get(name
, &exists
);
965 int r
= stringtoul(sval
, val
);
972 int RESTArgs::get_int32(struct req_state
*s
, const string
& name
,
973 int32_t def_val
, int32_t *val
, bool *existed
)
976 string sval
= s
->info
.args
.get(name
, &exists
);
986 int r
= stringtol(sval
, val
);
993 int RESTArgs::get_time(struct req_state
*s
, const string
& name
,
994 const utime_t
& def_val
, utime_t
*val
, bool *existed
)
997 string sval
= s
->info
.args
.get(name
, &exists
);
1007 uint64_t epoch
, nsec
;
1009 int r
= utime_t::parse_date(sval
, &epoch
, &nsec
);
1013 *val
= utime_t(epoch
, nsec
);
1018 int RESTArgs::get_epoch(struct req_state
*s
, const string
& name
, uint64_t def_val
, uint64_t *epoch
, bool *existed
)
1021 string date
= s
->info
.args
.get(name
, &exists
);
1031 int r
= utime_t::parse_date(date
, epoch
, NULL
);
1038 int RESTArgs::get_bool(struct req_state
*s
, const string
& name
, bool def_val
, bool *val
, bool *existed
)
1041 string sval
= s
->info
.args
.get(name
, &exists
);
1051 const char *str
= sval
.c_str();
1054 strcasecmp(str
, "true") == 0 ||
1055 sval
.compare("1") == 0) {
1060 if (strcasecmp(str
, "false") != 0 &&
1061 sval
.compare("0") != 0) {
1071 void RGWRESTFlusher::do_start(int ret
)
1073 set_req_state_err(s
, ret
); /* no going back from here */
1077 rgw_flush_formatter_and_reset(s
, s
->formatter
);
1080 void RGWRESTFlusher::do_flush()
1082 rgw_flush_formatter(s
, s
->formatter
);
1085 int RGWPutObj_ObjStore::verify_params()
1088 off_t len
= atoll(s
->length
);
1089 if (len
> (off_t
)(s
->cct
->_conf
->rgw_max_put_size
)) {
1090 return -ERR_TOO_LARGE
;
1097 int RGWPutObj_ObjStore::get_params()
1099 /* start gettorrent */
1100 if (s
->cct
->_conf
->rgw_torrent_flag
)
1103 ret
= torrent
.get_params();
1104 ldout(s
->cct
, 5) << "NOTICE: open produce torrent file " << dendl
;
1109 torrent
.set_info_name((s
->object
).name
);
1111 /* end gettorrent */
1112 supplied_md5_b64
= s
->info
.env
->get("HTTP_CONTENT_MD5");
1117 int RGWPutObj_ObjStore::get_data(bufferlist
& bl
)
1120 uint64_t chunk_size
= s
->cct
->_conf
->rgw_max_chunk_size
;
1122 cl
= atoll(s
->length
) - ofs
;
1123 if (cl
> chunk_size
)
1131 ACCOUNTING_IO(s
)->set_account(true);
1134 const auto read_len
= recv_body(s
, bp
.c_str(), cl
);
1140 bl
.append(bp
, 0, len
);
1142 ACCOUNTING_IO(s
)->set_account(false);
1145 if ((uint64_t)ofs
+ len
> s
->cct
->_conf
->rgw_max_put_size
) {
1146 return -ERR_TOO_LARGE
;
1150 supplied_md5_b64
= s
->info
.env
->get("HTTP_CONTENT_MD5");
1157 * parses params in the format: 'first; param1=foo; param2=bar'
1159 void RGWPostObj_ObjStore::parse_boundary_params(const std::string
& params_str
,
1161 std::map
<std::string
,
1162 std::string
>& params
)
1164 size_t pos
= params_str
.find(';');
1165 if (std::string::npos
== pos
) {
1166 first
= rgw_trim_whitespace(params_str
);
1170 first
= rgw_trim_whitespace(params_str
.substr(0, pos
));
1173 while (pos
< params_str
.size()) {
1174 size_t end
= params_str
.find(';', pos
);
1175 if (std::string::npos
== end
) {
1176 end
= params_str
.size();
1179 std::string param
= params_str
.substr(pos
, end
- pos
);
1180 size_t eqpos
= param
.find('=');
1182 if (std::string::npos
!= eqpos
) {
1183 std::string param_name
= rgw_trim_whitespace(param
.substr(0, eqpos
));
1184 std::string val
= rgw_trim_quotes(param
.substr(eqpos
+ 1));
1185 params
[std::move(param_name
)] = std::move(val
);
1187 params
[rgw_trim_whitespace(param
)] = "";
1194 int RGWPostObj_ObjStore::parse_part_field(const std::string
& line
,
1195 std::string
& field_name
, /* out */
1196 post_part_field
& field
) /* out */
1198 size_t pos
= line
.find(':');
1199 if (pos
== string::npos
)
1202 field_name
= line
.substr(0, pos
);
1203 if (pos
>= line
.size() - 1)
1206 parse_boundary_params(line
.substr(pos
+ 1), field
.val
, field
.params
);
1211 static bool is_crlf(const char *s
)
1213 return (*s
== '\r' && *(s
+ 1) == '\n');
1217 * find the index of the boundary, if exists, or optionally the next end of line
1218 * also returns how many bytes to skip
1220 static int index_of(ceph::bufferlist
& bl
,
1222 const std::string
& str
,
1223 const bool check_crlf
,
1224 bool& reached_boundary
,
1227 reached_boundary
= false;
1230 if (str
.size() < 2) // we assume boundary is at least 2 chars (makes it easier with crlf checks)
1233 if (bl
.length() < str
.size())
1236 const char *buf
= bl
.c_str();
1237 const char *s
= str
.c_str();
1239 if (max_len
> bl
.length())
1240 max_len
= bl
.length();
1242 for (uint64_t i
= 0; i
< max_len
; i
++, buf
++) {
1246 return i
+ 1; // skip the crlf
1248 if ((i
< max_len
- str
.size() + 1) &&
1249 (buf
[0] == s
[0] && buf
[1] == s
[1]) &&
1250 (strncmp(buf
, s
, str
.size()) == 0)) {
1251 reached_boundary
= true;
1254 /* oh, great, now we need to swallow the preceding crlf
1269 int RGWPostObj_ObjStore::read_with_boundary(ceph::bufferlist
& bl
,
1271 const bool check_crlf
,
1272 bool& reached_boundary
,
1275 uint64_t cl
= max
+ 2 + boundary
.size();
1277 if (max
> in_data
.length()) {
1278 uint64_t need_to_read
= cl
- in_data
.length();
1280 bufferptr
bp(need_to_read
);
1282 const auto read_len
= recv_body(s
, bp
.c_str(), need_to_read
);
1286 in_data
.append(bp
, 0, read_len
);
1291 const int index
= index_of(in_data
, cl
, boundary
, check_crlf
,
1292 reached_boundary
, skip
);
1297 if (max
> in_data
.length()) {
1298 max
= in_data
.length();
1301 bl
.substr_of(in_data
, 0, max
);
1303 ceph::bufferlist new_read_data
;
1306 * now we need to skip boundary for next time, also skip any crlf, or
1307 * check to see if it's the last final boundary (marked with "--" at the end
1309 if (reached_boundary
) {
1310 int left
= in_data
.length() - max
;
1311 if (left
< skip
+ 2) {
1312 int need
= skip
+ 2 - left
;
1313 bufferptr
boundary_bp(need
);
1314 const int r
= recv_body(s
, boundary_bp
.c_str(), need
);
1318 in_data
.append(boundary_bp
);
1320 max
+= skip
; // skip boundary for next time
1321 if (in_data
.length() >= max
+ 2) {
1322 const char *data
= in_data
.c_str();
1323 if (is_crlf(data
+ max
)) {
1326 if (*(data
+ max
) == '-' &&
1327 *(data
+ max
+ 1) == '-') {
1335 new_read_data
.substr_of(in_data
, max
, in_data
.length() - max
);
1336 in_data
= new_read_data
;
1341 int RGWPostObj_ObjStore::read_line(ceph::bufferlist
& bl
,
1343 bool& reached_boundary
,
1346 return read_with_boundary(bl
, max
, true, reached_boundary
, done
);
1349 int RGWPostObj_ObjStore::read_data(ceph::bufferlist
& bl
,
1351 bool& reached_boundary
,
1354 return read_with_boundary(bl
, max
, false, reached_boundary
, done
);
1358 int RGWPostObj_ObjStore::read_form_part_header(struct post_form_part
* const part
,
1362 bool reached_boundary
;
1363 uint64_t chunk_size
= s
->cct
->_conf
->rgw_max_chunk_size
;
1364 int r
= read_line(bl
, chunk_size
, reached_boundary
, done
);
1373 if (reached_boundary
) { // skip the first boundary
1374 r
= read_line(bl
, chunk_size
, reached_boundary
, done
);
1384 * iterate through fields
1386 std::string line
= rgw_trim_whitespace(string(bl
.c_str(), bl
.length()));
1392 struct post_part_field field
;
1395 r
= parse_part_field(line
, field_name
, field
);
1400 part
->fields
[field_name
] = field
;
1402 if (stringcasecmp(field_name
, "Content-Disposition") == 0) {
1403 part
->name
= field
.params
["name"];
1406 if (reached_boundary
) {
1410 r
= read_line(bl
, chunk_size
, reached_boundary
, done
);
1416 bool RGWPostObj_ObjStore::part_str(parts_collection_t
& parts
,
1417 const std::string
& name
,
1420 const auto iter
= parts
.find(name
);
1421 if (std::end(parts
) == iter
) {
1425 ceph::bufferlist
& data
= iter
->second
.data
;
1426 std::string str
= string(data
.c_str(), data
.length());
1427 *val
= rgw_trim_whitespace(str
);
1431 std::string
RGWPostObj_ObjStore::get_part_str(parts_collection_t
& parts
,
1432 const std::string
& name
,
1433 const std::string
& def_val
)
1437 if (part_str(parts
, name
, &val
)) {
1440 return rgw_trim_whitespace(def_val
);
1444 bool RGWPostObj_ObjStore::part_bl(parts_collection_t
& parts
,
1445 const std::string
& name
,
1446 ceph::bufferlist
* pbl
)
1448 const auto iter
= parts
.find(name
);
1449 if (std::end(parts
) == iter
) {
1453 *pbl
= iter
->second
.data
;
1457 int RGWPostObj_ObjStore::verify_params()
1459 /* check that we have enough memory to store the object
1460 note that this test isn't exact and may fail unintentionally
1461 for large requests is */
1463 return -ERR_LENGTH_REQUIRED
;
1465 off_t len
= atoll(s
->length
);
1466 if (len
> (off_t
)(s
->cct
->_conf
->rgw_max_put_size
)) {
1467 return -ERR_TOO_LARGE
;
1470 supplied_md5_b64
= s
->info
.env
->get("HTTP_CONTENT_MD5");
1475 int RGWPostObj_ObjStore::get_params()
1477 if (s
->expect_cont
) {
1478 /* OK, here it really gets ugly. With POST, the params are embedded in the
1479 * request body, so we need to continue before being able to actually look
1480 * at them. This diverts from the usual request flow. */
1482 s
->expect_cont
= false;
1485 std::string req_content_type_str
= s
->info
.env
->get("CONTENT_TYPE", "");
1486 std::string req_content_type
;
1487 std::map
<std::string
, std::string
> params
;
1488 parse_boundary_params(req_content_type_str
, req_content_type
, params
);
1490 if (req_content_type
.compare("multipart/form-data") != 0) {
1491 err_msg
= "Request Content-Type is not multipart/form-data";
1495 if (s
->cct
->_conf
->subsys
.should_gather(ceph_subsys_rgw
, 20)) {
1496 ldout(s
->cct
, 20) << "request content_type_str="
1497 << req_content_type_str
<< dendl
;
1498 ldout(s
->cct
, 20) << "request content_type params:" << dendl
;
1500 for (const auto& pair
: params
) {
1501 ldout(s
->cct
, 20) << " " << pair
.first
<< " -> " << pair
.second
1506 const auto iter
= params
.find("boundary");
1507 if (std::end(params
) == iter
) {
1508 err_msg
= "Missing multipart boundary specification";
1512 /* Create the boundary. */
1514 boundary
.append(iter
->second
);
1520 int RGWPutACLs_ObjStore::get_params()
1522 const auto max_size
= s
->cct
->_conf
->rgw_max_put_param_size
;
1523 op_ret
= rgw_rest_read_all_input(s
, &data
, &len
, max_size
, false);
1527 int RGWPutLC_ObjStore::get_params()
1529 const auto max_size
= s
->cct
->_conf
->rgw_max_put_param_size
;
1530 op_ret
= rgw_rest_read_all_input(s
, &data
, &len
, max_size
, false);
1534 static int read_all_chunked_input(req_state
*s
, char **pdata
, int *plen
, const uint64_t max_read
)
1536 #define READ_CHUNK 4096
1537 #define MAX_READ_CHUNK (128 * 1024)
1538 int need_to_read
= READ_CHUNK
;
1539 int total
= need_to_read
;
1540 char *data
= (char *)malloc(total
+ 1);
1544 int read_len
= 0, len
= 0;
1546 read_len
= recv_body(s
, data
+ len
, need_to_read
);
1554 if (read_len
== need_to_read
) {
1555 if (need_to_read
< MAX_READ_CHUNK
)
1558 if ((unsigned)total
> max_read
) {
1562 total
+= need_to_read
;
1564 void *p
= realloc(data
, total
+ 1);
1583 int rgw_rest_read_all_input(struct req_state
*s
, char **pdata
, int *plen
,
1584 const uint64_t max_len
, const bool allow_chunked
)
1591 cl
= atoll(s
->length
);
1592 else if (!allow_chunked
)
1593 return -ERR_LENGTH_REQUIRED
;
1596 if (cl
> (size_t)max_len
) {
1599 data
= (char *)malloc(cl
+ 1);
1603 len
= recv_body(s
, data
, cl
);
1609 } else if (allow_chunked
&& !s
->length
) {
1610 const char *encoding
= s
->info
.env
->get("HTTP_TRANSFER_ENCODING");
1611 if (!encoding
|| strcmp(encoding
, "chunked") != 0)
1612 return -ERR_LENGTH_REQUIRED
;
1614 int ret
= read_all_chunked_input(s
, &data
, &len
, max_len
);
1625 int RGWCompleteMultipart_ObjStore::get_params()
1627 upload_id
= s
->info
.args
.get("uploadId");
1629 if (upload_id
.empty()) {
1634 #define COMPLETE_MULTIPART_MAX_LEN (1024 * 1024) /* api defines max 10,000 parts, this should be enough */
1635 op_ret
= rgw_rest_read_all_input(s
, &data
, &len
, COMPLETE_MULTIPART_MAX_LEN
);
1642 int RGWListMultipart_ObjStore::get_params()
1644 upload_id
= s
->info
.args
.get("uploadId");
1646 if (upload_id
.empty()) {
1649 string marker_str
= s
->info
.args
.get("part-number-marker");
1651 if (!marker_str
.empty()) {
1653 marker
= strict_strtol(marker_str
.c_str(), 10, &err
);
1655 ldout(s
->cct
, 20) << "bad marker: " << marker
<< dendl
;
1661 string str
= s
->info
.args
.get("max-parts");
1662 op_ret
= parse_value_and_bound(str
, max_parts
, 0,
1663 g_conf
->get_val
<uint64_t>("rgw_max_listing_results"),
1669 int RGWListBucketMultiparts_ObjStore::get_params()
1671 delimiter
= s
->info
.args
.get("delimiter");
1672 prefix
= s
->info
.args
.get("prefix");
1673 string str
= s
->info
.args
.get("max-uploads");
1674 op_ret
= parse_value_and_bound(str
, max_uploads
, 0,
1675 g_conf
->get_val
<uint64_t>("rgw_max_listing_results"),
1681 string key_marker
= s
->info
.args
.get("key-marker");
1682 string upload_id_marker
= s
->info
.args
.get("upload-id-marker");
1683 if (!key_marker
.empty())
1684 marker
.init(key_marker
, upload_id_marker
);
1689 int RGWDeleteMultiObj_ObjStore::get_params()
1692 if (s
->bucket_name
.empty()) {
1697 // everything is probably fine, set the bucket
1700 const auto max_size
= s
->cct
->_conf
->rgw_max_put_param_size
;
1701 op_ret
= rgw_rest_read_all_input(s
, &data
, &len
, max_size
, false);
1706 void RGWRESTOp::send_response()
1708 if (!flusher
.did_start()) {
1709 set_req_state_err(s
, http_ret
);
1711 end_header(s
, this);
1716 int RGWRESTOp::verify_permission()
1718 return check_caps(s
->user
->caps
);
1721 RGWOp
* RGWHandler_REST::get_op(RGWRados
* store
)
1751 op
->init(store
, s
, this);
1756 void RGWHandler_REST::put_op(RGWOp
* op
)
1761 int RGWHandler_REST::allocate_formatter(struct req_state
*s
,
1765 s
->format
= default_type
;
1767 string format_str
= s
->info
.args
.get("format");
1768 if (format_str
.compare("xml") == 0) {
1769 s
->format
= RGW_FORMAT_XML
;
1770 } else if (format_str
.compare("json") == 0) {
1771 s
->format
= RGW_FORMAT_JSON
;
1772 } else if (format_str
.compare("html") == 0) {
1773 s
->format
= RGW_FORMAT_HTML
;
1775 const char *accept
= s
->info
.env
->get("HTTP_ACCEPT");
1777 char format_buf
[64];
1779 for (; i
< sizeof(format_buf
) - 1 && accept
[i
] && accept
[i
] != ';'; ++i
) {
1780 format_buf
[i
] = accept
[i
];
1783 if ((strcmp(format_buf
, "text/xml") == 0) || (strcmp(format_buf
, "application/xml") == 0)) {
1784 s
->format
= RGW_FORMAT_XML
;
1785 } else if (strcmp(format_buf
, "application/json") == 0) {
1786 s
->format
= RGW_FORMAT_JSON
;
1787 } else if (strcmp(format_buf
, "text/html") == 0) {
1788 s
->format
= RGW_FORMAT_HTML
;
1794 const string
& mm
= s
->info
.args
.get("multipart-manifest");
1795 const bool multipart_delete
= (mm
.compare("delete") == 0);
1796 const bool swift_bulkupload
= s
->prot_flags
& RGW_REST_SWIFT
&&
1797 s
->info
.args
.exists("extract-archive");
1798 switch (s
->format
) {
1799 case RGW_FORMAT_PLAIN
:
1801 const bool use_kv_syntax
= s
->info
.args
.exists("bulk-delete") ||
1802 multipart_delete
|| swift_bulkupload
;
1803 s
->formatter
= new RGWFormatter_Plain(use_kv_syntax
);
1806 case RGW_FORMAT_XML
:
1808 const bool lowercase_underscore
= s
->info
.args
.exists("bulk-delete") ||
1809 multipart_delete
|| swift_bulkupload
;
1811 s
->formatter
= new XMLFormatter(false, lowercase_underscore
);
1814 case RGW_FORMAT_JSON
:
1815 s
->formatter
= new JSONFormatter(false);
1817 case RGW_FORMAT_HTML
:
1818 s
->formatter
= new HTMLFormatter(s
->prot_flags
& RGW_REST_WEBSITE
);
1824 //s->formatter->reset(); // All formatters should reset on create already
1829 // This function enforces Amazon's spec for bucket names.
1830 // (The requirements, not the recommendations.)
1831 int RGWHandler_REST::validate_bucket_name(const string
& bucket
)
1833 int len
= bucket
.size();
1836 // This request doesn't specify a bucket at all
1840 return -ERR_INVALID_BUCKET_NAME
;
1842 else if (len
> MAX_BUCKET_NAME_LEN
) {
1844 return -ERR_INVALID_BUCKET_NAME
;
1850 // "The name for a key is a sequence of Unicode characters whose UTF-8 encoding
1851 // is at most 1024 bytes long."
1852 // However, we can still have control characters and other nasties in there.
1853 // Just as long as they're utf-8 nasties.
1854 int RGWHandler_REST::validate_object_name(const string
& object
)
1856 int len
= object
.size();
1857 if (len
> MAX_OBJ_NAME_LEN
) {
1859 return -ERR_INVALID_OBJECT_NAME
;
1862 if (check_utf8(object
.c_str(), len
)) {
1863 // Object names must be valid UTF-8.
1864 return -ERR_INVALID_OBJECT_NAME
;
1869 static http_op
op_from_method(const char *method
)
1873 if (strcmp(method
, "GET") == 0)
1875 if (strcmp(method
, "PUT") == 0)
1877 if (strcmp(method
, "DELETE") == 0)
1879 if (strcmp(method
, "HEAD") == 0)
1881 if (strcmp(method
, "POST") == 0)
1883 if (strcmp(method
, "COPY") == 0)
1885 if (strcmp(method
, "OPTIONS") == 0)
1891 int RGWHandler_REST::init_permissions(RGWOp
* op
)
1893 if (op
->get_type() == RGW_OP_CREATE_BUCKET
)
1896 return do_init_permissions();
1899 int RGWHandler_REST::read_permissions(RGWOp
* op_obj
)
1901 bool only_bucket
= false;
1906 only_bucket
= false;
1911 /* is it a 'multi-object delete' request? */
1912 if (s
->info
.args
.exists("delete")) {
1916 if (is_obj_update_op()) {
1917 only_bucket
= false;
1920 /* is it a 'create bucket' request? */
1921 if (op_obj
->get_type() == RGW_OP_CREATE_BUCKET
)
1926 if (!s
->info
.args
.exists("tagging")){
1937 return do_read_permissions(op_obj
, only_bucket
);
1940 void RGWRESTMgr::register_resource(string resource
, RGWRESTMgr
*mgr
)
1945 /* do we have a resource manager registered for this entry point? */
1946 map
<string
, RGWRESTMgr
*>::iterator iter
= resource_mgrs
.find(r
);
1947 if (iter
!= resource_mgrs
.end()) {
1948 delete iter
->second
;
1950 resource_mgrs
[r
] = mgr
;
1951 resources_by_size
.insert(pair
<size_t, string
>(r
.size(), r
));
1953 /* now build default resource managers for the path (instead of nested entry points)
1954 * e.g., if the entry point is /auth/v1.0/ then we'd want to create a default
1955 * manager for /auth/
1958 size_t pos
= r
.find('/', 1);
1960 while (pos
!= r
.size() - 1 && pos
!= string::npos
) {
1961 string s
= r
.substr(0, pos
);
1963 iter
= resource_mgrs
.find(s
);
1964 if (iter
== resource_mgrs
.end()) { /* only register it if one does not exist */
1965 resource_mgrs
[s
] = new RGWRESTMgr
; /* a default do-nothing manager */
1966 resources_by_size
.insert(pair
<size_t, string
>(s
.size(), s
));
1969 pos
= r
.find('/', pos
+ 1);
1973 void RGWRESTMgr::register_default_mgr(RGWRESTMgr
*mgr
)
1979 RGWRESTMgr
* RGWRESTMgr::get_resource_mgr(struct req_state
* const s
,
1980 const std::string
& uri
,
1981 std::string
* const out_uri
)
1985 multimap
<size_t, string
>::reverse_iterator iter
;
1987 for (iter
= resources_by_size
.rbegin(); iter
!= resources_by_size
.rend(); ++iter
) {
1988 string
& resource
= iter
->second
;
1989 if (uri
.compare(0, iter
->first
, resource
) == 0 &&
1990 (uri
.size() == iter
->first
||
1991 uri
[iter
->first
] == '/')) {
1992 std::string suffix
= uri
.substr(iter
->first
);
1993 return resource_mgrs
[resource
]->get_resource_mgr(s
, suffix
, out_uri
);
1998 return default_mgr
->get_resource_mgr_as_default(s
, uri
, out_uri
);
2004 void RGWREST::register_x_headers(const string
& s_headers
)
2006 std::vector
<std::string
> hdrs
= get_str_vec(s_headers
);
2007 for (auto& hdr
: hdrs
) {
2008 boost::algorithm::to_upper(hdr
); // XXX
2009 (void) x_headers
.insert(hdr
);
2013 RGWRESTMgr::~RGWRESTMgr()
2015 map
<string
, RGWRESTMgr
*>::iterator iter
;
2016 for (iter
= resource_mgrs
.begin(); iter
!= resource_mgrs
.end(); ++iter
) {
2017 delete iter
->second
;
2022 int64_t parse_content_length(const char *content_length
)
2026 if (*content_length
== '\0') {
2030 len
= strict_strtoll(content_length
, 10, &err
);
2039 int RGWREST::preprocess(struct req_state
*s
, rgw::io::BasicClient
* cio
)
2041 req_info
& info
= s
->info
;
2043 /* save the request uri used to hash on the client side. request_uri may suffer
2044 modifications as part of the bucket encoding in the subdomain calling format.
2045 request_uri_aws4 will be used under aws4 auth */
2046 s
->info
.request_uri_aws4
= s
->info
.request_uri
;
2050 // We need to know if this RGW instance is running the s3website API with a
2051 // higher priority than regular S3 API, or possibly in place of the regular
2053 // Map the listing of rgw_enable_apis in REVERSE order, so that items near
2054 // the front of the list have a higher number assigned (and -1 for items not in the list).
2056 get_str_list(g_conf
->rgw_enable_apis
, apis
);
2057 int api_priority_s3
= -1;
2058 int api_priority_s3website
= -1;
2059 auto api_s3website_priority_rawpos
= std::find(apis
.begin(), apis
.end(), "s3website");
2060 auto api_s3_priority_rawpos
= std::find(apis
.begin(), apis
.end(), "s3");
2061 if (api_s3_priority_rawpos
!= apis
.end()) {
2062 api_priority_s3
= apis
.size() - std::distance(apis
.begin(), api_s3_priority_rawpos
);
2064 if (api_s3website_priority_rawpos
!= apis
.end()) {
2065 api_priority_s3website
= apis
.size() - std::distance(apis
.begin(), api_s3website_priority_rawpos
);
2067 ldout(s
->cct
, 10) << "rgw api priority: s3=" << api_priority_s3
<< " s3website=" << api_priority_s3website
<< dendl
;
2068 bool s3website_enabled
= api_priority_s3website
>= 0;
2070 if (info
.host
.size()) {
2071 ssize_t pos
= info
.host
.find(':');
2073 info
.host
= info
.host
.substr(0, pos
);
2075 ldout(s
->cct
, 10) << "host=" << info
.host
<< dendl
;
2078 bool in_hosted_domain_s3website
= false;
2079 bool in_hosted_domain
= rgw_find_host_in_domains(info
.host
, &domain
, &subdomain
, hostnames_set
);
2081 string s3website_domain
;
2082 string s3website_subdomain
;
2084 if (s3website_enabled
) {
2085 in_hosted_domain_s3website
= rgw_find_host_in_domains(info
.host
, &s3website_domain
, &s3website_subdomain
, hostnames_s3website_set
);
2086 if (in_hosted_domain_s3website
) {
2087 in_hosted_domain
= true; // TODO: should hostnames be a strict superset of hostnames_s3website?
2088 domain
= s3website_domain
;
2089 subdomain
= s3website_subdomain
;
2094 << "subdomain=" << subdomain
2095 << " domain=" << domain
2096 << " in_hosted_domain=" << in_hosted_domain
2097 << " in_hosted_domain_s3website=" << in_hosted_domain_s3website
2100 if (g_conf
->rgw_resolve_cname
2101 && !in_hosted_domain
2102 && !in_hosted_domain_s3website
) {
2105 int r
= rgw_resolver
->resolve_cname(info
.host
, cname
, &found
);
2108 << "WARNING: rgw_resolver->resolve_cname() returned r=" << r
2113 ldout(s
->cct
, 5) << "resolved host cname " << info
.host
<< " -> "
2116 rgw_find_host_in_domains(cname
, &domain
, &subdomain
, hostnames_set
);
2118 if (s3website_enabled
2119 && !in_hosted_domain_s3website
) {
2120 in_hosted_domain_s3website
=
2121 rgw_find_host_in_domains(cname
, &s3website_domain
,
2122 &s3website_subdomain
,
2123 hostnames_s3website_set
);
2124 if (in_hosted_domain_s3website
) {
2125 in_hosted_domain
= true; // TODO: should hostnames be a
2126 // strict superset of hostnames_s3website?
2127 domain
= s3website_domain
;
2128 subdomain
= s3website_subdomain
;
2133 << "subdomain=" << subdomain
2134 << " domain=" << domain
2135 << " in_hosted_domain=" << in_hosted_domain
2136 << " in_hosted_domain_s3website=" << in_hosted_domain_s3website
2141 // Handle A/CNAME records that point to the RGW storage, but do match the
2142 // CNAME test above, per issue http://tracker.ceph.com/issues/15975
2143 // If BOTH domain & subdomain variables are empty, then none of the above
2144 // cases matched anything, and we should fall back to using the Host header
2145 // directly as the bucket name.
2146 // As additional checks:
2147 // - if the Host header is an IP, we're using path-style access without DNS
2148 // - Also check that the Host header is a valid bucket name before using it.
2149 // - Don't enable virtual hosting if no hostnames are configured
2150 if (subdomain
.empty()
2151 && (domain
.empty() || domain
!= info
.host
)
2152 && !looks_like_ip_address(info
.host
.c_str())
2153 && RGWHandler_REST::validate_bucket_name(info
.host
) == 0
2154 && !(hostnames_set
.empty() && hostnames_s3website_set
.empty())) {
2155 subdomain
.append(info
.host
);
2156 in_hosted_domain
= 1;
2159 if (s3website_enabled
&& api_priority_s3website
> api_priority_s3
) {
2160 in_hosted_domain_s3website
= 1;
2163 if (in_hosted_domain_s3website
) {
2164 s
->prot_flags
|= RGW_REST_WEBSITE
;
2168 if (in_hosted_domain
&& !subdomain
.empty()) {
2169 string encoded_bucket
= "/";
2170 encoded_bucket
.append(subdomain
);
2171 if (s
->info
.request_uri
[0] != '/')
2172 encoded_bucket
.append("/");
2173 encoded_bucket
.append(s
->info
.request_uri
);
2174 s
->info
.request_uri
= encoded_bucket
;
2177 if (!domain
.empty()) {
2178 s
->info
.domain
= domain
;
2182 << "final domain/bucket"
2183 << " subdomain=" << subdomain
2184 << " domain=" << domain
2185 << " in_hosted_domain=" << in_hosted_domain
2186 << " in_hosted_domain_s3website=" << in_hosted_domain_s3website
2187 << " s->info.domain=" << s
->info
.domain
2188 << " s->info.request_uri=" << s
->info
.request_uri
2192 if (s
->info
.domain
.empty()) {
2193 s
->info
.domain
= s
->cct
->_conf
->rgw_dns_name
;
2196 s
->decoded_uri
= url_decode(s
->info
.request_uri
);
2197 /* Validate for being free of the '\0' buried in the middle of the string. */
2198 if (std::strlen(s
->decoded_uri
.c_str()) != s
->decoded_uri
.length()) {
2199 return -ERR_ZERO_IN_URL
;
2202 /* FastCGI specification, section 6.3
2203 * http://www.fastcgi.com/devkit/doc/fcgi-spec.html#S6.3
2205 * The Authorizer application receives HTTP request information from the Web
2206 * server on the FCGI_PARAMS stream, in the same format as a Responder. The
2207 * Web server does not send CONTENT_LENGTH, PATH_INFO, PATH_TRANSLATED, and
2208 * SCRIPT_NAME headers.
2210 * Ergo if we are in Authorizer role, we MUST look at HTTP_CONTENT_LENGTH
2211 * instead of CONTENT_LENGTH for the Content-Length.
2213 * There is one slight wrinkle in this, and that's older versions of
2214 * nginx/lighttpd/apache setting BOTH headers. As a result, we have to check
2215 * both headers and can't always simply pick A or B.
2217 const char* content_length
= info
.env
->get("CONTENT_LENGTH");
2218 const char* http_content_length
= info
.env
->get("HTTP_CONTENT_LENGTH");
2219 if (!http_content_length
!= !content_length
) {
2220 /* Easy case: one or the other is missing */
2221 s
->length
= (content_length
? content_length
: http_content_length
);
2222 } else if (s
->cct
->_conf
->rgw_content_length_compat
&&
2223 content_length
&& http_content_length
) {
2224 /* Hard case: Both are set, we have to disambiguate */
2225 int64_t content_length_i
, http_content_length_i
;
2227 content_length_i
= parse_content_length(content_length
);
2228 http_content_length_i
= parse_content_length(http_content_length
);
2231 if (http_content_length_i
< 0) {
2232 // HTTP_CONTENT_LENGTH is invalid, ignore it
2233 } else if (content_length_i
< 0) {
2234 // CONTENT_LENGTH is invalid, and HTTP_CONTENT_LENGTH is valid
2236 content_length
= http_content_length
;
2238 // both CONTENT_LENGTH and HTTP_CONTENT_LENGTH are valid
2239 // Let's pick the larger size
2240 if (content_length_i
< http_content_length_i
) {
2241 // prefer the larger value
2242 content_length
= http_content_length
;
2245 s
->length
= content_length
;
2246 // End of: else if (s->cct->_conf->rgw_content_length_compat &&
2247 // content_length &&
2248 // http_content_length)
2250 /* no content length was defined */
2255 if (*s
->length
== '\0') {
2256 s
->content_length
= 0;
2259 s
->content_length
= strict_strtoll(s
->length
, 10, &err
);
2261 ldout(s
->cct
, 10) << "bad content length, aborting" << dendl
;
2267 if (s
->content_length
< 0) {
2268 ldout(s
->cct
, 10) << "negative content length, aborting" << dendl
;
2272 map
<string
, string
>::iterator giter
;
2273 for (giter
= generic_attrs_map
.begin(); giter
!= generic_attrs_map
.end();
2275 const char *env
= info
.env
->get(giter
->first
.c_str());
2277 s
->generic_attrs
[giter
->second
] = env
;
2281 if (g_conf
->rgw_print_continue
) {
2282 const char *expect
= info
.env
->get("HTTP_EXPECT");
2283 s
->expect_cont
= (expect
&& !strcasecmp(expect
, "100-continue"));
2285 s
->op
= op_from_method(info
.method
);
2287 info
.init_meta_info(&s
->has_bad_meta
);
2292 RGWHandler_REST
* RGWREST::get_handler(
2293 RGWRados
* const store
,
2294 struct req_state
* const s
,
2295 const rgw::auth::StrategyRegistry
& auth_registry
,
2296 const std::string
& frontend_prefix
,
2297 RGWRestfulIO
* const rio
,
2298 RGWRESTMgr
** const pmgr
,
2299 int* const init_error
2301 *init_error
= preprocess(s
, rio
);
2302 if (*init_error
< 0) {
2306 RGWRESTMgr
*m
= mgr
.get_manager(s
, frontend_prefix
, s
->decoded_uri
,
2309 *init_error
= -ERR_METHOD_NOT_ALLOWED
;
2317 RGWHandler_REST
* handler
= m
->get_handler(s
, auth_registry
, frontend_prefix
);
2319 *init_error
= -ERR_METHOD_NOT_ALLOWED
;
2322 *init_error
= handler
->init(store
, s
, rio
);
2323 if (*init_error
< 0) {
2324 m
->put_handler(handler
);
2329 } /* get stream handler */