From 9e46dd520fa3f90187d44526d42a97f37ae20bc2 Mon Sep 17 00:00:00 2001
From: Kefu Chai <kchai@redhat.com>
Date: Fri, 24 Jul 2020 23:10:51 +0800
Subject: [PATCH] auth/cephx: implement random()->get_bytes() for crimson

instead of using CryptoRandom use the C++ standard library for
generating secret.

Signed-off-by: Kefu Chai <kchai@redhat.com>
---
 src/auth/cephx/CephxProtocol.cc | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/auth/cephx/CephxProtocol.cc b/src/auth/cephx/CephxProtocol.cc
index 7f485b82295b3..4459776b3101e 100644
--- a/src/auth/cephx/CephxProtocol.cc
+++ b/src/auth/cephx/CephxProtocol.cc
@@ -520,17 +520,22 @@ bool cephx_verify_authorizer(CephContext *cct, const KeyStore& keys,
   CephXAuthorizeReply reply;
   // reply.trans_id = auth_msg.trans_id;
   reply.nonce_plus_one = auth_msg.nonce + 1;
-#ifndef WITH_SEASTAR
   if (connection_secret) {
     // generate a connection secret
     connection_secret->resize(connection_secret_required_len);
     if (connection_secret_required_len) {
+#ifdef WITH_SEASTAR
+      std::random_device rd;
+      std::generate_n(connection_secret->data(),
+		      connection_secret_required_len,
+		      std::default_random_engine{rd()});
+#else
       cct->random()->get_bytes(connection_secret->data(),
 			       connection_secret_required_len);
+#endif
     }
     reply.connection_secret = *connection_secret;
   }
-#endif
   if (encode_encrypt(cct, reply, ticket_info.session_key, *reply_bl, error)) {
     ldout(cct, 10) << "verify_authorizer: encode_encrypt error: " << error << dendl;
     return false;
-- 
2.39.5