rgw: GetObjAttrs calls rgw_s3_prepare_decrypt()

RGWGetObj::execute() relies on the virtual get_decrypt_filter() which is
overridden by RGWGetObj_ObjStore_S3

but when called from RGWGetObjAttrs_ObjStore_S3, there is no override.
add one that just calls rgw_s3_prepare_decrypt()

Signed-off-by: Casey Bodley <[email protected]>

Author: cbodley

src/rgw/rgw_op.cc

@@ -2375,8 +2375,7 @@ void RGWGetObj::execute(optional_yield y)
     goto done_err;
 
   /* STAT ops don't need data, and do no i/o */
-  if ((get_type() == RGW_OP_STAT_OBJ) ||
-      (get_type() == RGW_OP_GET_OBJ_ATTRS)) {
+  if (get_type() == RGW_OP_STAT_OBJ) {
     return;
   }
   if (s->info.env->exists("HTTP_X_RGW_AUTH")) {

src/rgw/rgw_rest_s3.cc

@@ -3858,6 +3858,21 @@ int RGWGetObjAttrs_ObjStore_S3::get_params(optional_yield y)
   return 0;
 } /* RGWGetObjAttrs_ObjStore_S3::get_params(...) */
 
+int RGWGetObjAttrs_ObjStore_S3::get_decrypt_filter(
+    std::unique_ptr<RGWGetObj_Filter> *filter,
+    RGWGetObj_Filter* cb, bufferlist* manifest_bl)
+{
+  // we aren't actually decrypting the data, but for objects encrypted with
+  // SSE-C we do need to verify that required headers are present and valid
+  //
+  // in the SSE-KMS and SSE-S3 cases, this unfortunately causes us to fetch
+  // decryption keys which we don't need :(
+  std::unique_ptr<BlockCrypt> block_crypt; // ignored
+  std::map<std::string, std::string> crypt_http_responses; // ignored
+  return rgw_s3_prepare_decrypt(s, s->yield, attrs, &block_crypt,
+                                crypt_http_responses);
+}
+
 void RGWGetObjAttrs_ObjStore_S3::send_response()
 {
   if (op_ret)

src/rgw/rgw_rest_s3.h

@@ -380,6 +380,9 @@ class RGWGetObjAttrs_ObjStore_S3 : public RGWGetObjAttrs_ObjStore {
   ~RGWGetObjAttrs_ObjStore_S3() override {}
 
   int get_params(optional_yield y) override;
+  int get_decrypt_filter(std::unique_ptr<RGWGetObj_Filter>* filter,
+                         RGWGetObj_Filter* cb,
+                         bufferlist* manifest_bl) override;
   void send_response() override;
 };