auth/cephx: implement random()->get_bytes() for crimson

author Kefu Chai <kchai@redhat.com>

Fri, 24 Jul 2020 15:10:51 +0000 (23:10 +0800)

committer Kefu Chai <kchai@redhat.com>

Mon, 27 Jul 2020 03:29:10 +0000 (11:29 +0800)
author Kefu Chai <kchai@redhat.com>
Fri, 24 Jul 2020 15:10:51 +0000 (23:10 +0800)
committer Kefu Chai <kchai@redhat.com>
Mon, 27 Jul 2020 03:29:10 +0000 (11:29 +0800)
diff --git a/src/auth/cephx/CephxProtocol.cc b/src/auth/cephx/CephxProtocol.cc

index 7f485b82295b3e737d2fd56cf3ff0b7c43a82f5f..4459776b3101e283746bbe708ac68d2c866a748d 100644 (file)
--- a/src/auth/cephx/CephxProtocol.cc
+++ b/src/auth/cephx/CephxProtocol.cc
@@ -520,17 +520,22 @@ bool cephx_verify_authorizer(CephContext *cct, const KeyStore& keys,
    CephXAuthorizeReply reply;
    // reply.trans_id = auth_msg.trans_id;
    reply.nonce_plus_one = auth_msg.nonce + 1;
-#ifndef WITH_SEASTAR
    if (connection_secret) {
      // generate a connection secret
      connection_secret->resize(connection_secret_required_len);
      if (connection_secret_required_len) {
+#ifdef WITH_SEASTAR
+      std::random_device rd;
+      std::generate_n(connection_secret->data(),
+                     connection_secret_required_len,
+                     std::default_random_engine{rd()});
+#else
        cct->random()->get_bytes(connection_secret->data(),
                                connection_secret_required_len);
+#endif
      }
      reply.connection_secret = *connection_secret;
    }
-#endif
    if (encode_encrypt(cct, reply, ticket_info.session_key, *reply_bl, error)) {
      ldout(cct, 10) << "verify_authorizer: encode_encrypt error: " << error << dendl;
      return false;
author	Kefu Chai <kchai@redhat.com>
	Fri, 24 Jul 2020 15:10:51 +0000 (23:10 +0800)
committer	Kefu Chai <kchai@redhat.com>
	Mon, 27 Jul 2020 03:29:10 +0000 (11:29 +0800)