rgw/sts: removing default value of rgw sts key and

adding checks to return error when it is not set in
config options.

Signed-off-by: Pritha Srivastava <[email protected]>

Author: pritha-srivastava

src/common/options/rgw.yaml.in

@@ -3470,7 +3470,6 @@ options:
     generated by the command 'openssl rand -hex 16'. All radosgw instances
     in a zone should use the same key. In multisite configurations, all
     zones in a realm should use the same key.
-  default: sts
   services:
   - rgw
   with_legacy: true

src/rgw/rgw_rest_s3.cc

@@ -6986,6 +6986,10 @@ rgw::auth::s3::STSEngine::get_session_token(const DoutPrefixProvider* dpp, const
     return -EINVAL;
   }
   string secret_s = cct->_conf->rgw_sts_key;
+  if (secret_s.empty()) {
+    ldpp_dout(dpp, 1) << "ERROR: rgw sts key not set" << dendl;
+    return -EINVAL;
+  }
   buffer::ptr secret(secret_s.c_str(), secret_s.length());
   int ret = 0;
   if (ret = cryptohandler->validate_secret(secret); ret < 0) {

src/rgw/rgw_sts.cc

@@ -77,6 +77,11 @@ int Credentials::generateCredentials(const DoutPrefixProvider *dpp,
     return -EINVAL;
   }
   string secret_s = cct->_conf->rgw_sts_key;
+  if (secret_s.empty()) {
+    ldpp_dout(dpp, 1) << "ERROR: rgw sts key not set" << dendl;
+    return -EINVAL;
+  }
+
   buffer::ptr secret(secret_s.c_str(), secret_s.length());
   int ret = 0;
   if (ret = cryptohandler->validate_secret(secret); ret < 0) {