From: Tommi Virtanen <tommi.virtanen@dreamhost.com>
Date: Tue, 8 Mar 2011 21:21:51 +0000 (-0800)
Subject: rgw: use random byte generation in auth/Crypto, instead of CryptoPP.
X-Git-Tag: v0.26~173
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=f81e5452752dfcdf09410d373896a5bc7e2d2607;p=ceph.git

rgw: use random byte generation in auth/Crypto, instead of CryptoPP.

Signed-off-by: Tommi Virtanen <tommi.virtanen@dreamhost.com>
---

diff --git a/src/rgw/rgw_admin.cc b/src/rgw/rgw_admin.cc
index 75299916f5bd..34d3244ff4c2 100644
--- a/src/rgw/rgw_admin.cc
+++ b/src/rgw/rgw_admin.cc
@@ -6,8 +6,6 @@
 using namespace std;
 
 #include "common/config.h"
-
-#include <cryptopp/osrng.h>
 #include "common/ceph_argparse.h"
 #include "common/common_init.h"
 
@@ -15,6 +13,7 @@ using namespace std;
 #include "rgw_user.h"
 #include "rgw_access.h"
 #include "rgw_acl.h"
+#include "auth/Crypto.h"
 
 
 #define SECRET_KEY_LEN 40
@@ -37,13 +36,18 @@ void usage()
 
 int gen_rand_base64(char *dest, int size) /* size should be the required string size + 1 */
 {
-  unsigned char buf[size];
+  char buf[size];
   char tmp_dest[size + 4]; /* so that there's space for the extra '=' characters, and some */
+  int ret;
 
-  CryptoPP::AutoSeededRandomPool rng;
-  rng.GenerateBlock(buf, sizeof(buf));
+  ret = get_random_bytes(buf, sizeof(buf));
+  if (ret < 0) {
+    // assuming no threads here, for strerror
+    cerr << "cannot get random bytes: " << strerror(-ret) << std::endl;
+    return -1;
+  }
 
-  int ret = ceph_armor(tmp_dest, &tmp_dest[sizeof(tmp_dest)],
+  ret = ceph_armor(tmp_dest, &tmp_dest[sizeof(tmp_dest)],
 		   (const char *)buf, ((const char *)buf) + ((size - 1) * 3 + 4 - 1) / 4);
   if (ret < 0) {
     cerr << "ceph_armor failed" << std::endl;
@@ -60,8 +64,12 @@ static const char alphanum_table[]="0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
 
 int gen_rand_alphanumeric(char *dest, int size) /* size should be the required string size + 1 */
 {
-  CryptoPP::AutoSeededRandomPool rng;
-  rng.GenerateBlock((unsigned char *)dest, size);
+  int ret = get_random_bytes(dest, size);
+  if (ret < 0) {
+    // assuming no threads here, for strerror
+    cerr << "cannot get random bytes: " << strerror(-ret) << std::endl;
+    return -1;
+  }
 
   int i;
   for (i=0; i<size - 1; i++) {