Merge pull request ceph#65723 from mheler/rgw_cloud_transition_header_fix

rgw/s3: Always include x-amz-content-sha256 header in AWS v4 signatures

Reviewed-by: Casey Bodley <[email protected]>

Author: cbodley

src/rgw/rgw_rest_s3.cc

@@ -6368,7 +6368,11 @@ AWSSignerV4::prepare(const DoutPrefixProvider *dpp,
   if (opt_content) {
     content_hash = rgw::auth::s3::calc_v4_payload_hash(opt_content->to_str());
     extra_headers["x-amz-content-sha256"] = content_hash;
-
+  } else {
+    /* Some S3-compatible services require x-amz-content-sha256 header to always
+     * be present and included in the signature, even for unsigned payload.
+     * AWS S3 specification states that this header is required for all requests. */
+    extra_headers["x-amz-content-sha256"] = AWS4_UNSIGNED_PAYLOAD_HASH;
   }
 
   /* craft canonical headers */