X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=src%2Fceph%2Fsrc%2Fcommon%2Fceph_crypto.cc;fp=src%2Fceph%2Fsrc%2Fcommon%2Fceph_crypto.cc;h=a0aa8767e428f42b1df583aa1e7a26fce7311777;hb=812ff6ca9fcd3e629e49d4328905f33eee8ca3f5;hp=0000000000000000000000000000000000000000;hpb=15280273faafb77777eab341909a3f495cf248d9;p=stor4nfv.git

diff --git a/src/ceph/src/common/ceph_crypto.cc b/src/ceph/src/common/ceph_crypto.cc
new file mode 100644
index 0000000..a0aa876
--- /dev/null
+++ b/src/ceph/src/common/ceph_crypto.cc
@@ -0,0 +1,98 @@
+// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
+// vim: ts=8 sw=2 smarttab
+/*
+ * Ceph - scalable distributed file system
+ *
+ * Copyright (C) 2010-2011 Dreamhost
+ *
+ * This is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License version 2.1, as published by the Free Software
+ * Foundation.  See file COPYING.
+ *
+ */
+
+#include "common/config.h"
+#include "ceph_crypto.h"
+
+#ifdef USE_CRYPTOPP
+void ceph::crypto::init(CephContext *cct)
+{
+}
+
+void ceph::crypto::shutdown(bool)
+{
+}
+
+// nothing
+ceph::crypto::HMACSHA1::~HMACSHA1()
+{
+}
+
+ceph::crypto::HMACSHA256::~HMACSHA256()
+{
+}
+
+#elif defined(USE_NSS)
+
+// for SECMOD_RestartModules()
+#include <secmod.h>
+#include <nspr.h>
+
+static pthread_mutex_t crypto_init_mutex = PTHREAD_MUTEX_INITIALIZER;
+static uint32_t crypto_refs = 0;
+static NSSInitContext *crypto_context = NULL;
+static pid_t crypto_init_pid = 0;
+
+void ceph::crypto::init(CephContext *cct)
+{
+  pid_t pid = getpid();
+  pthread_mutex_lock(&crypto_init_mutex);
+  if (crypto_init_pid != pid) {
+    if (crypto_init_pid > 0) {
+      SECMOD_RestartModules(PR_FALSE);
+    }
+    crypto_init_pid = pid;
+  }
+
+  if (++crypto_refs == 1) {
+    NSSInitParameters init_params;
+    memset(&init_params, 0, sizeof(init_params));
+    init_params.length = sizeof(init_params);
+
+    uint32_t flags = (NSS_INIT_READONLY | NSS_INIT_PK11RELOAD);
+    if (cct->_conf->nss_db_path.empty()) {
+      flags |= (NSS_INIT_NOCERTDB | NSS_INIT_NOMODDB);
+    }
+    crypto_context = NSS_InitContext(cct->_conf->nss_db_path.c_str(), "", "",
+                                     SECMOD_DB, &init_params, flags);
+  }
+  pthread_mutex_unlock(&crypto_init_mutex);
+  assert(crypto_context != NULL);
+}
+
+void ceph::crypto::shutdown(bool shared)
+{
+  pthread_mutex_lock(&crypto_init_mutex);
+  assert(crypto_refs > 0);
+  if (--crypto_refs == 0) {
+    NSS_ShutdownContext(crypto_context);
+    if (!shared) {
+      PR_Cleanup();
+    }
+    crypto_context = NULL;
+    crypto_init_pid = 0;
+  }
+  pthread_mutex_unlock(&crypto_init_mutex);
+}
+
+ceph::crypto::HMAC::~HMAC()
+{
+  PK11_DestroyContext(ctx, PR_TRUE);
+  PK11_FreeSymKey(symkey);
+  PK11_FreeSlot(slot);
+}
+
+#else
+# error "No supported crypto implementation found."
+#endif