openstack/devstack
Code Issues Proposed changes

Use urandom for heat key generation

Browse Source 
Reading from /dev/random can block an virtual machine
even for several minutes, when the entropy pool is empty at the read time.

I have doubts we really need to use /dev/random here.
Even the ssh-keygen uses /dev/urandom by default,
 so the /dev/random is a little bit overkill here.

Change-Id: I6d2c6364c2b445304a33b0140e3cdc6804404b63
This commit is contained in:
Attila Fazekas 2014-03-25 10:42:14 +01:00
parent d31b2bde46
commit 499315fb65
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/heat
View File

@ -96,7 +96,7 @@ function configure_heat {
iniset $HEAT_CONF DEFAULT heat_waitcondition_server_url http://$HEAT_API_CFN_HOST:$HEAT_API_CFN_PORT/v1/waitcondition
iniset $HEAT_CONF DEFAULT heat_watch_server_url http://$HEAT_API_CW_HOST:$HEAT_API_CW_PORT
iniset $HEAT_CONF database connection `database_connection_url heat`
iniset $HEAT_CONF DEFAULT auth_encryption_key `hexdump -n 16 -v -e '/1 "%02x"' /dev/random`
iniset $HEAT_CONF DEFAULT auth_encryption_key `hexdump -n 16 -v -e '/1 "%02x"' /dev/urandom`
# logging
iniset $HEAT_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL