From f71b500beaf3d09c0388fed8480c9a5a25524c87 Mon Sep 17 00:00:00 2001
From: Attila Fazekas <afazekas@redhat.com>
Date: Wed, 28 May 2014 09:52:22 +0200
Subject: [PATCH] Faster nova fixed key generation

Using bc 64 times in loop is too verbose and slow,
replacing the echo/bc loop with hexdump and urandom.

The hexdump approach is 75 times faster and
does not floods the debug logs.

Using the common function for generating,
this kind of string with lib/heat and by the read_password.

Change-Id: If6a86dfaf0c21e2635c6de0a7b96a8ed7ec5b507
---
 functions-common | 7 +++++++
 lib/heat         | 2 +-
 stack.sh         | 8 ++------
 3 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/functions-common b/functions-common
index c09666458f..4e74f5a811 100644
--- a/functions-common
+++ b/functions-common
@@ -695,6 +695,13 @@ function get_default_host_ip {
     echo $host_ip
 }
 
+# Generates hex string from ``size`` byte of pseudo random data
+# generate_hex_string size
+function generate_hex_string {
+    local size=$1
+    hexdump -n "$size" -v -e '/1 "%02x"' /dev/urandom
+}
+
 # Grab a numbered field from python prettytable output
 # Fields are numbered starting with 1
 # Reverse syntax is supported: -1 is the last field, -2 is second to last, etc.
diff --git a/lib/heat b/lib/heat
index bd99d6b9f9..14094a9102 100644
--- a/lib/heat
+++ b/lib/heat
@@ -98,7 +98,7 @@ function configure_heat {
     iniset $HEAT_CONF DEFAULT heat_waitcondition_server_url http://$HEAT_API_CFN_HOST:$HEAT_API_CFN_PORT/v1/waitcondition
     iniset $HEAT_CONF DEFAULT heat_watch_server_url http://$HEAT_API_CW_HOST:$HEAT_API_CW_PORT
     iniset $HEAT_CONF database connection `database_connection_url heat`
-    iniset $HEAT_CONF DEFAULT auth_encryption_key `hexdump -n 16 -v -e '/1 "%02x"' /dev/urandom`
+    iniset $HEAT_CONF DEFAULT auth_encryption_key $(generate_hex_string 16)
 
     iniset $HEAT_CONF DEFAULT region_name_for_services "$REGION_NAME"
 
diff --git a/stack.sh b/stack.sh
index 6c4bde7ab5..2f93ab556c 100755
--- a/stack.sh
+++ b/stack.sh
@@ -426,7 +426,7 @@ function read_password {
             echo "Invalid chars in password.  Try again:"
         done
         if [ ! $pw ]; then
-            pw=$(cat /dev/urandom | tr -cd 'a-f0-9' | head -c 20)
+            pw=$(generate_hex_string 10)
         fi
         eval "$var=$pw"
         echo "$var=$pw" >> $localrc
@@ -1211,11 +1211,7 @@ fi
 
 # Create a randomized default value for the keymgr's fixed_key
 if is_service_enabled nova; then
-    FIXED_KEY=""
-    for i in $(seq 1 64); do
-        FIXED_KEY+=$(echo "obase=16; $(($RANDOM % 16))" | bc);
-    done;
-    iniset $NOVA_CONF keymgr fixed_key "$FIXED_KEY"
+    iniset $NOVA_CONF keymgr fixed_key $(generate_hex_string 32)
 fi
 
 if is_service_enabled zeromq; then