From: Kefu Chai <kchai@redhat.com>
Date: Fri, 24 Jul 2020 15:10:51 +0000 (+0800)
Subject: auth/cephx: implement random()->get_bytes() for crimson
X-Git-Tag: wip-pdonnell-testing-20200918.022351~556^2~7
X-Git-Url: http://git.apps.os.sepia.ceph.com/?a=commitdiff_plain;h=9e46dd520fa3f90187d44526d42a97f37ae20bc2;p=ceph-ci.git

auth/cephx: implement random()->get_bytes() for crimson

instead of using CryptoRandom use the C++ standard library for
generating secret.

Signed-off-by: Kefu Chai <kchai@redhat.com>
---

diff --git a/src/auth/cephx/CephxProtocol.cc b/src/auth/cephx/CephxProtocol.cc
index 7f485b82295..4459776b310 100644
--- a/src/auth/cephx/CephxProtocol.cc
+++ b/src/auth/cephx/CephxProtocol.cc
@@ -520,17 +520,22 @@ bool cephx_verify_authorizer(CephContext *cct, const KeyStore& keys,
   CephXAuthorizeReply reply;
   // reply.trans_id = auth_msg.trans_id;
   reply.nonce_plus_one = auth_msg.nonce + 1;
-#ifndef WITH_SEASTAR
   if (connection_secret) {
     // generate a connection secret
     connection_secret->resize(connection_secret_required_len);
     if (connection_secret_required_len) {
+#ifdef WITH_SEASTAR
+      std::random_device rd;
+      std::generate_n(connection_secret->data(),
+		      connection_secret_required_len,
+		      std::default_random_engine{rd()});
+#else
       cct->random()->get_bytes(connection_secret->data(),
 			       connection_secret_required_len);
+#endif
     }
     reply.connection_secret = *connection_secret;
   }
-#endif
   if (encode_encrypt(cct, reply, ticket_info.session_key, *reply_bl, error)) {
     ldout(cct, 10) << "verify_authorizer: encode_encrypt error: " << error << dendl;
     return false;