From: Abhishek Lekshmanan <abhishek@suse.com>
Date: Fri, 27 Mar 2020 18:29:01 +0000 (+0100)
Subject: rgw: EPERM to ERR_INVALID_REQUEST
X-Git-Tag: archive/raspbian/12.2.11+dfsg1-2.1+rpi1+deb10u1^2~16
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=8ccea61898aa4aa15fd2e373b27a5a201ac901a0;p=ceph.git

rgw: EPERM to ERR_INVALID_REQUEST

As per Robin's comments and S3 spec

Signed-off-by: Abhishek Lekshmanan <abhishek@suse.com>

Origin: upstream, https://github.com/ceph/ceph/pull/34504/commits/607a65fccd8a80c2f2c74853a6dc5c14ed8a75c1

Gbp-Pq: Name CVE-2020-1760-2.patch
---

diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc
index 547e9056f..2edf58616 100644
--- a/src/rgw/rgw_rest_s3.cc
+++ b/src/rgw/rgw_rest_s3.cc
@@ -271,7 +271,7 @@ int RGWGetObj_ObjStore_S3::send_response_data(bufferlist& bl, off_t bl_ofs,
 	/* reject unauthenticated response header manipulation, see
 	 * https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html */
 	if (s->auth.identity->is_anonymous()) {
-	  return -EPERM;
+	  return -ERR_INVALID_REQUEST;
 	}
 	if (strcmp(p->param, "response-content-type") != 0) {
 	  response_attrs[p->http_attr] = val;