New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
rgw: continuation of the auth rework -- AWSv4 #14885
Merged
mattbenjamin
merged 69 commits into
ceph:master
from
rzarzynski:wip-rgw-auth-rework-cont-3-awsv4
Jun 13, 2017
Merged
Changes from 1 commit
Commits
Show all changes
69 commits
Select commit
Hold shift + click to select a range
ac1a3f4
rgw: aws4: add AWS4 auth support for S3 Post Object API
jmunhoz 98e153f
rgw: rework interfaces of AWSv4 helper primitives.
rzarzynski c9afd24
rgw: get_v4_canonical_request_hash doesn't depend on req_state anymore.
rzarzynski 26952b9
rgw: dissect AWSv4's Canonical URI crafting into a separated function.
rzarzynski b000b35
rgw: dissect AWSv4's Canonical QS crafting into a separated function.
rzarzynski 985c2bc
rgw: dissect AWSv4's Canonical Headers crafting into a separated func…
rzarzynski b18996c
rgw: eradicate req_state::http_auth.
rzarzynski 67db70d
rgw: dissect basic AWSv4's credentials parsing into separated function.
rzarzynski 0b6adc6
rgw: rgw::auth::s3::get_v4_signature doesn't depend on req_state anym…
rzarzynski 9f594c5
rgw: drop req_state::aws4_auth::payload_hash as it doesn't need to be…
rzarzynski 4b78946
rgw: minimise the number of parameters of rgw::auth::s3::get_v4_signa…
rzarzynski 4e55c1d
rgw: add std::array-aware variants of calc_hmac_sha256() and buf_to_h…
rzarzynski 195bf5c
rgw: split generation AWSv4's SigningKey into a separate func.
rzarzynski 33f013b
rgw: refactor buf_to_hex and improve its const-correctness.
rzarzynski 405d31d
rgw: clean up rgw::auth::s3::get_v4_signing_key.
rzarzynski 71417ca
rgw: eradicate req_state::aws4_auth::signed_hdrs.
rzarzynski 1514408
rgw: eradicate req_state::aws4_auth::credential.
rzarzynski 619c8ed
rgw: decouple AWSv4 signature verification and payload fingerprint ch…
rzarzynski 92409e1
rgw: further minimise the req_state::aws4_auth shared state.
rzarzynski 79b826e
rgw: clean up the AWSv4 completion calls across RGWOps.
rzarzynski 06944f2
rgw: AWSv4 completion verifies the payload's fingerprint only.
rzarzynski fe4ef87
rgw: decompose rgw::auth::s3::parse_credentials regarding the query s…
rzarzynski d0b4231
rgw: extend Version2ndEngine::Extractor to handle AWSv4 as well.
rzarzynski 8b4e142
rgw: ONLY change names due to AWSv4 adoption in the auth infra.
rzarzynski e9a17de
rgw: all S3 auth engines are able to use AWSv4 now.
rzarzynski 4200e12
rgw: rgw::auth::s3::parse_credentials() extracts access_key_id now.
rzarzynski a33eb15
rgw: make the get_v4_canonical_request_hash identified shorter.
rzarzynski 6e1daa8
rgw: dissect AWSv4's expected payload extraction into a dedicated fun…
rzarzynski 420f1c0
rgw: AWSv4's completer_factory takes the secret_key optionally.
rzarzynski e126cad
rgw: integrate AWSv4 auth schema with the new auth infra.
rzarzynski a30d97a
rgw: make AWS_AUTHv4_IO const-friendly and const-correct.
rzarzynski 61d4f73
rgw: switch to the Completer interface for the AWSv4 payload check.
rzarzynski 2d4e000
rgw: extend rgw::auth::Completer to handle commiting modifications to…
rzarzynski affa201
rgw: implement the rgw::auth::Completer for AWSv4.
rzarzynski 36e1c34
rgw: drop the old AWSv4 code.
rzarzynski 47d014c
rgw: implement rgw::auth::s3::is_v4_payload_empty.
rzarzynski 29095d2
rgw: ONLY move AWSv4Completer from rgw_rest_s3.cc to rgw_auth_s3.cc.
rzarzynski 139de6a
rgw: extend RGWRestfulIO to cover dynamic filter injection.
rzarzynski 2778a8a
rgw: turn AWSv4Completer into a filter over rgw::io::RestfulClient.
rzarzynski 48093dc
rgw: drop aws4_auth_needs_complete from req_state.
rzarzynski def8f64
rgw: AWSv4Completer dechunks data in the streaming mode.
rzarzynski 25b7106
rgw: implement calc_hash_sha256_restart_stream().
rzarzynski eeb8599
rgw: the AWSv4 completer verifies chunks' signatures now.
rzarzynski 0845d9c
rgw: remove the old AWS v4 streaming mode's implementation.
rzarzynski 68bc0d0
rgw: split the AWSv4Completer and clean-up the code.
rzarzynski dc270a6
rgw: add support for HTTP_X_AMZ_DECODED_CONTENT_LENGTH.
rzarzynski 043abfa
rgw: handle AWSv4 in Browser Upload using the new auth infra.
rzarzynski 0b1d8b0
rgw: clean-up rgw::auth::s3::get_v4_signature().
rzarzynski 503d687
rgw: use std::make_shared for AWSv4 completers creation.
rzarzynski 1f628eb
rgw: clean-up AWSv4's Canonical QS crafting.
rzarzynski 5184842
rgw: optimize and clean-up the AWSv4 signature processing.
rzarzynski a5a8b27
rgw: introduce rgw::auth::s3::AWS4_HMAC_SHA256_STR to kill magics.
rzarzynski 0e4e0e4
rgw: switch from boost::string_ref to string_view in AWSv4-related code.
rzarzynski 8dab93d
rgw: switch from boost::string_ref to string_view in AWSv4-related co…
rzarzynski 1cb269e
rgw: remove the duplicative trim_whitespace from rgw_common.cc.
rzarzynski 7de4557
rgw: drop 'using ceph::crypto::SHA256' from rgw_common.h.
rzarzynski c557fe2
rgw: rework and optimise crafting of AWSv4's canonical query string.
rzarzynski 64cfc43
rgw; rework interface and implementation of url_decode.
rzarzynski 51383c3
rgw: rework the implementation of rgw::auth::s3::get_v4_canonical_hea…
rzarzynski e8dd37a
rgw: use preallocated std::strings when concatenating in AWSv4.
rzarzynski 7e8d1d7
rgw: replace magic strings in the AWSv4 code.
rzarzynski 5363643
common/sstring: switch to boost::string_view as string_ref is depreca…
rzarzynski a8a9a84
common/backport14: add the constexpr-capable variant of std::max().
rzarzynski c892228
rgw: switch to Ceph's sstring in AWS signature generation process.
rzarzynski 2060308
rgw: optimize AWSv4 parsing with Boost's small_vector.
rzarzynski 73e78ae
rgw: only rename AWSv2AuthStrategy -> AWSAuthStrategy.
rzarzynski f3317f6
rgw: introduce string_to_sign_t abstraction to the AWS auth.
rzarzynski bd81c21
rgw: introduce rgw::auth::Strategy::apply() to deduplicate code.
rzarzynski 2417b64
rgw: handle the Boto2 compatibility of AWSv4 in an abstract way.
rzarzynski File filter
Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
doesn't Amazon describe lowering these? initial caps looks strange in the code