return 0;
}
void send_response_begin(bool has_buckets) override;
- void send_response_data(rgw::sal::RGWBucketList& buckets) override;
+ void send_response_data(rgw::sal::BucketList& buckets) override;
void send_response_end() override;
};
bool fetchOwner;
bool start_after_exist;
bool continuation_token_exist;
- string startAfter;
- string continuation_token;
+ std::string startAfter;
+ std::string continuation_token;
public:
RGWListBucket_ObjStore_S3v2() : fetchOwner(false) {
}
int get_data(bufferlist& bl) override;
void send_response() override;
- int get_encrypt_filter(std::unique_ptr<rgw::putobj::DataProcessor> *filter,
- rgw::putobj::DataProcessor *cb) override;
+ int get_encrypt_filter(std::unique_ptr<rgw::sal::DataProcessor> *filter,
+ rgw::sal::DataProcessor *cb) override;
int get_decrypt_filter(std::unique_ptr<RGWGetObj_Filter>* filter,
RGWGetObj_Filter* cb,
- map<string, bufferlist>& attrs,
+ std::map<std::string, bufferlist>& attrs,
bufferlist* manifest_bl) override;
};
std::string content_type;
RGWPolicyEnv env;
RGWPolicy post_policy;
- map<string, string> crypt_http_responses;
+ std::map<std::string, std::string> crypt_http_responses;
const rgw::auth::StrategyRegistry* auth_registry_ptr = nullptr;
int get_policy(optional_yield y);
int get_tags();
- void rebuild_key(rgw::sal::RGWObject* obj);
+ void rebuild_key(rgw::sal::Object* obj);
std::string get_current_filename() const override;
std::string get_current_content_type() const override;
void send_response() override;
int get_data(ceph::bufferlist& bl, bool& again) override;
- int get_encrypt_filter(std::unique_ptr<rgw::putobj::DataProcessor> *filter,
- rgw::putobj::DataProcessor *cb) override;
+ int get_encrypt_filter(std::unique_ptr<rgw::sal::DataProcessor> *filter,
+ rgw::sal::DataProcessor *cb) override;
};
class RGWDeleteObj_ObjStore_S3 : public RGWDeleteObj_ObjStore {
RGWPutACLs_ObjStore_S3() {}
~RGWPutACLs_ObjStore_S3() override {}
- int get_policy_from_state(rgw::sal::RGWRadosStore *store, struct req_state *s, stringstream& ss) override;
+ int get_policy_from_state(rgw::sal::Store* store, struct req_state *s, std::stringstream& ss) override;
void send_response() override;
int get_params(optional_yield y) override;
};
void send_response() override;
};
+class RGWGetBucketEncryption_ObjStore_S3 : public RGWGetBucketEncryption_ObjStore {
+public:
+ RGWGetBucketEncryption_ObjStore_S3() {}
+ ~RGWGetBucketEncryption_ObjStore_S3() override {}
+
+ void send_response() override;
+};
+
+class RGWPutBucketEncryption_ObjStore_S3 : public RGWPutBucketEncryption_ObjStore {
+public:
+ RGWPutBucketEncryption_ObjStore_S3() {}
+ ~RGWPutBucketEncryption_ObjStore_S3() override {}
+
+ void send_response() override;
+};
+
+class RGWDeleteBucketEncryption_ObjStore_S3 : public RGWDeleteBucketEncryption_ObjStore {
+public:
+ RGWDeleteBucketEncryption_ObjStore_S3() {}
+ ~RGWDeleteBucketEncryption_ObjStore_S3() override {}
+
+ void send_response() override;
+};
+
class RGWGetRequestPayment_ObjStore_S3 : public RGWGetRequestPayment {
public:
RGWGetRequestPayment_ObjStore_S3() {}
int get_params(optional_yield y) override;
void send_response() override;
- int prepare_encryption(map<string, bufferlist>& attrs) override;
+ int prepare_encryption(std::map<std::string, bufferlist>& attrs) override;
};
class RGWCompleteMultipart_ObjStore_S3 : public RGWCompleteMultipart_ObjStore {
void send_status() override;
void begin_response() override;
void send_partial_response(rgw_obj_key& key, bool delete_marker,
- const string& marker_version_id, int ret) override;
+ const std::string& marker_version_id, int ret) override;
void end_response() override;
};
class RGW_Auth_S3 {
public:
static int authorize(const DoutPrefixProvider *dpp,
- rgw::sal::RGWRadosStore *store,
+ rgw::sal::Store* store,
const rgw::auth::StrategyRegistry& auth_registry,
struct req_state *s, optional_yield y);
};
}
~RGWHandler_Auth_S3() override = default;
- static int validate_bucket_name(const string& bucket);
- static int validate_object_name(const string& bucket);
+ static int validate_bucket_name(const std::string& bucket);
+ static int validate_object_name(const std::string& bucket);
- int init(rgw::sal::RGWRadosStore *store,
+ int init(rgw::sal::Store* store,
struct req_state *s,
rgw::io::BasicClient *cio) override;
int authorize(const DoutPrefixProvider *dpp, optional_yield y) override {
protected:
const rgw::auth::StrategyRegistry& auth_registry;
public:
- static int init_from_header(rgw::sal::RGWRadosStore *store, struct req_state *s, int default_formatter, bool configurable_format);
+ static int init_from_header(rgw::sal::Store* store, struct req_state *s, int default_formatter, bool configurable_format);
explicit RGWHandler_REST_S3(const rgw::auth::StrategyRegistry& auth_registry)
: RGWHandler_REST(),
}
~RGWHandler_REST_S3() override = default;
- int init(rgw::sal::RGWRadosStore *store,
+ int init(rgw::sal::Store* store,
struct req_state *s,
rgw::io::BasicClient *cio) override;
int authorize(const DoutPrefixProvider *dpp, optional_yield y) override;
bool is_block_public_access_op() {
return s->info.args.exists("publicAccessBlock");
}
+ bool is_bucket_encryption_op() {
+ return s->info.args.exists("encryption");
+ }
RGWOp *get_obj_op(bool get_data) const;
RGWOp *op_get() override;
~RGWRESTMgr_S3() override = default;
- RGWHandler_REST *get_handler(rgw::sal::RGWRadosStore *store,
+ RGWHandler_REST *get_handler(rgw::sal::Store* store,
struct req_state* s,
const rgw::auth::StrategyRegistry& auth_registry,
const std::string& frontend_prefix) override;
return (num_periods == 3);
}
-inline int valid_s3_object_name(const string& name) {
+inline int valid_s3_object_name(const std::string& name) {
if (name.size() > 1024) {
return -ERR_INVALID_OBJECT_NAME;
}
return 0;
}
-inline int valid_s3_bucket_name(const string& name, bool relaxed=false)
+inline int valid_s3_bucket_name(const std::string& name, bool relaxed=false)
{
// This function enforces Amazon's spec for bucket names.
// (The requirements, not the recommendations.)
return 0;
}
-namespace s3selectEngine
-{
-class s3select;
-class csv_object;
-}
-
-class RGWSelectObj_ObjStore_S3 : public RGWGetObj_ObjStore_S3
-{
-
-private:
- std::unique_ptr<s3selectEngine::s3select> s3select_syntax;
- std::string m_s3select_query;
- std::string m_result;
- std::unique_ptr<s3selectEngine::csv_object> m_s3_csv_object;
- std::string m_column_delimiter;
- std::string m_quot;
- std::string m_row_delimiter;
- std::string m_compression_type;
- std::string m_escape_char;
- std::unique_ptr<char[]> m_buff_header;
- std::string m_header_info;
- std::string m_sql_query;
-
-public:
- unsigned int chunk_number;
-
- enum header_name_En
- {
- EVENT_TYPE,
- CONTENT_TYPE,
- MESSAGE_TYPE
- };
- static const char* header_name_str[3];
-
- enum header_value_En
- {
- RECORDS,
- OCTET_STREAM,
- EVENT
- };
- static const char* header_value_str[3];
-
- RGWSelectObj_ObjStore_S3();
- virtual ~RGWSelectObj_ObjStore_S3();
-
- virtual int send_response_data(bufferlist& bl, off_t ofs, off_t len) override;
-
- virtual int get_params(optional_yield y) override;
-
-private:
- void encode_short(char* buff, uint16_t s, int& i);
-
- void encode_int(char* buff, u_int32_t s, int& i);
-
- int create_header_records(char* buff);
-
- std::unique_ptr<boost::crc_32_type> crc32;
-
- int create_message(std::string&, u_int32_t result_len, u_int32_t header_len);
-
- int run_s3select(const char* query, const char* input, size_t input_length);
-
- int extract_by_tag(std::string tag_name, std::string& result);
-
- void convert_escape_seq(std::string& esc);
-
- int handle_aws_cli_parameters(std::string& sql_query);
-};
-
-
namespace rgw::auth::s3 {
class AWSEngine : public rgw::auth::Engine {
auth_data_t get_auth_data(const req_state* s) const override;
};
+class AWSSignerV4 {
+ const DoutPrefixProvider *dpp;
+ CephContext *cct;
+
+public:
+ AWSSignerV4(const DoutPrefixProvider *_dpp) : dpp(_dpp),
+ cct(_dpp->get_cct()) {}
+
+ using access_key_id_t = std::string_view;
+ using string_to_sign_t = AWSEngine::VersionAbstractor::string_to_sign_t;
+ using signature_headers_t = std::map<std::string, std::string>;
+
+ struct prepare_result_t;
+
+ using signature_factory_t = \
+ std::function<signature_headers_t(const DoutPrefixProvider* dpp,
+ const std::string& secret_key,
+ const prepare_result_t&)>;
+
+ struct prepare_result_t {
+ access_key_id_t access_key_id;
+ std::string date;
+ std::string scope;
+ std::string signed_headers;
+ string_to_sign_t string_to_sign;
+ std::map<std::string, std::string> extra_headers;
+ signature_factory_t signature_factory;
+ };
+
+ static prepare_result_t prepare(const DoutPrefixProvider *dpp,
+ const std::string& access_key_id,
+ const string& region,
+ const string& service,
+ const req_info& info,
+ const bufferlist *opt_content,
+ bool s3_op);
+};
+
+
+extern AWSSignerV4::signature_headers_t
+gen_v4_signature(const DoutPrefixProvider *dpp,
+ const std::string_view& secret_key,
+ const AWSSignerV4::prepare_result_t& sig_info);
class LDAPEngine : public AWSEngine {
static rgw::LDAPHelper* ldh;
using result_t = rgw::auth::Engine::result_t;
protected:
- RGWCtl* const ctl;
+ rgw::sal::Store* store;
const rgw::auth::RemoteApplier::Factory* const apl_factory;
acl_strategy_t get_acl_strategy() const;
optional_yield y) const override;
public:
LDAPEngine(CephContext* const cct,
- RGWCtl* const ctl,
+ rgw::sal::Store* store,
const VersionAbstractor& ver_abstractor,
const rgw::auth::RemoteApplier::Factory* const apl_factory)
: AWSEngine(cct, ver_abstractor),
- ctl(ctl),
+ store(store),
apl_factory(apl_factory) {
init(cct);
}
};
class LocalEngine : public AWSEngine {
- RGWCtl* const ctl;
+ rgw::sal::Store* store;
const rgw::auth::LocalApplier::Factory* const apl_factory;
result_t authenticate(const DoutPrefixProvider* dpp,
optional_yield y) const override;
public:
LocalEngine(CephContext* const cct,
- RGWCtl* const ctl,
+ rgw::sal::Store* store,
const VersionAbstractor& ver_abstractor,
const rgw::auth::LocalApplier::Factory* const apl_factory)
: AWSEngine(cct, ver_abstractor),
- ctl(ctl),
+ store(store),
apl_factory(apl_factory) {
}
};
class STSEngine : public AWSEngine {
- RGWCtl* const ctl;
+ rgw::sal::Store* store;
const rgw::auth::LocalApplier::Factory* const local_apl_factory;
const rgw::auth::RemoteApplier::Factory* const remote_apl_factory;
const rgw::auth::RoleApplier::Factory* const role_apl_factory;
optional_yield y) const override;
public:
STSEngine(CephContext* const cct,
- RGWCtl* const ctl,
+ rgw::sal::Store* store,
const VersionAbstractor& ver_abstractor,
const rgw::auth::LocalApplier::Factory* const local_apl_factory,
const rgw::auth::RemoteApplier::Factory* const remote_apl_factory,
const rgw::auth::RoleApplier::Factory* const role_apl_factory)
: AWSEngine(cct, ver_abstractor),
- ctl(ctl),
+ store(store),
local_apl_factory(local_apl_factory),
remote_apl_factory(remote_apl_factory),
role_apl_factory(role_apl_factory) {