crypto: make crypto handlers non-static

These were static in auth/Crypto.cc, which was mostly fine, except when
we got a signal shutting everything down for the gcov stuff, like so:

Thread 21 (Thread 2164):
#0  0x00007f31a800b3cd in open64 () from /lib/libpthread.so.0
#1  0x000000000081dee0 in __gcov_open ()
#2  0x000000000081e3fd in gcov_exit ()
#3  0x00007f31a67e64f2 in exit () from /lib/libc.so.6
#4  0x000000000054e1ca in handle_signal (signal=<value optimized out>) at osd/OSD.cc:600
#5  <signal handler called>
#6  0x00007f31a8007a9a in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/libpthread.so.0
#7  0x0000000000636d7b in Wait (this=0x2241000) at ./common/Cond.h:48
#8  SimpleMessenger::wait (this=0x2241000) at msg/SimpleMessenger.cc:2637
#9  0x00000000004a4e35 in main (argc=<value optimized out>, argv=<value optimized out>) at ceph_osd.cc:343

and a racing thread would, say, accept a connection and then crash, like
so:

#0  0x00007f31a800ba0b in raise () from /lib/libpthread.so.0
#1  0x0000000000696eeb in reraise_fatal (signum=2164) at global/signal_handler.cc:59
#2  0x00000000006976cc in handle_fatal_signal (signum=<value optimized out>) at global/signal_handler.cc:106
#3  <signal handler called>
#4  0x00007f31a67e0ba5 in raise () from /lib/libc.so.6
#5  0x00007f31a67e46b0 in abort () from /lib/libc.so.6
#6  0x00007f31a70846bd in __gnu_cxx::__verbose_terminate_handler() () from /usr/lib/libstdc++.so.6
#7  0x00007f31a7082906 in ?? () from /usr/lib/libstdc++.so.6
#8  0x00007f31a7082933 in std::terminate() () from /usr/lib/libstdc++.so.6
#9  0x00007f31a708328f in __cxa_pure_virtual () from /usr/lib/libstdc++.so.6
#10 0x0000000000690e5b in CryptoKey::decrypt (this=0x7f3195a67510, in=..., out=..., error=...) at auth/Crypto.cc:404
#11 0x000000000079ccee in void decode_decrypt_enc_bl<CephXServiceTicketInfo>(CephXServiceTicketInfo&, CryptoKey, ceph::buffer::list&, std::basic_string<char, std::char_traits<char>, std::allocator<char> >&) ()
#12 0x0000000000795ca3 in cephx_verify_authorizer (cct=0x2232000, keys=<value optimized out>, indata=...,
    ticket_info=<value optimized out>, reply_bl=<value optimized out>) at auth/cephx/CephxProtocol.cc:438
#13 0x00000000007a17cf in CephxAuthorizeHandler::verify_authorizer (this=<value optimized out>, cct=0x2232000, keys=0x2256000,
    authorizer_data=<value optimized out>, authorizer_reply=..., entity_name=..., global_id=@0x7f3195a67848, caps_info=...,
    auid=0x7f3195a67840) at auth/cephx/CephxAuthorizeHandler.cc:21
#14 0x00000000005577ff in OSD::ms_verify_authorizer (this=0x2267000, con=0x230da00, peer_type=<value optimized out>,
    protocol=<value optimized out>, authorizer_data=<value optimized out>, authorizer_reply=<value optimized out>,
    isvalid=@0x7f3195a67c0f) at osd/OSD.cc:2723
#15 0x0000000000611ce1 in ms_deliver_verify_authorizer (this=<value optimized out>, con=0x230da00, peer_type=4, protocol=2,
    authorizer=<value optimized out>, authorizer_reply=<value optimized out>, isvalid=@0x7f3195a67c0f) at msg/Messenger.h:145
#16 SimpleMessenger::verify_authorizer (this=<value optimized out>, con=0x230da00, peer_type=4, protocol=2,
    authorizer=<value optimized out>, authorizer_reply=<value optimized out>, isvalid=@0x7f3195a67c0f)
    at msg/SimpleMessenger.cc:2419
#17 0x00000000006309ab in SimpleMessenger::Pipe::accept (this=0x22ce280) at msg/SimpleMessenger.cc:756
#18 0x0000000000634711 in SimpleMessenger::Pipe::reader (this=0x22ce280) at msg/SimpleMessenger.cc:1546
#19 0x00000000004a7085 in SimpleMessenger::Pipe::Reader::entry (this=<value optimized out>) at msg/SimpleMessenger.h:208
#20 0x000000000060f252 in Thread::_entry_func (arg=0x874) at common/Thread.cc:42
#21 0x00007f31a8003971 in start_thread () from /lib/libpthread.so.0
#22 0x00007f31a689392d in clone () from /lib/libc.so.6
#23 0x0000000000000000 in ?? ()

Instead, put these on the heap.  Set them up in the ceph::crypto::init()
method, and tear them down in ceph::crypto::shutdown().

Fixes: #1633
Signed-off-by: Sage Weil <sage.weil@dreamhost.com>

src/auth/Crypto.cc

@@ -335,16 +335,32 @@ decrypt(const bufferptr& secret, const bufferlist& in,
 
 // ---------------------------------------------------
 
-static CryptoNone crypto_none;
-static CryptoAES crypto_aes;
+static CryptoNone *crypto_none = 0;
+static CryptoAES *crypto_aes = 0;
+
+void crypto_init_handlers()
+{
+  crypto_none = new CryptoNone;
+  crypto_aes = new CryptoAES;
+}
+
+void crypto_shutdown_handlers()
+{
+  assert(crypto_none);
+  delete crypto_none;
+  crypto_none = NULL;
+  assert(crypto_aes);
+  delete crypto_aes;
+  crypto_aes = NULL;
+}
 
 CryptoHandler *get_crypto_handler(int type)
 {
   switch (type) {
     case CEPH_CRYPTO_NONE:
-      return &crypto_none;
+      return crypto_none;
     case CEPH_CRYPTO_AES:
-      return &crypto_aes;
+      return crypto_aes;
     default:
       return NULL;
   }

src/auth/Crypto.h

@@ -108,6 +108,8 @@ class CryptoHandler {
 		      bufferlist& out, std::string &error) const = 0;
 };
 
+extern void crypto_init_handlers();
+extern void crypto_shutdown_handlers();
 extern CryptoHandler *get_crypto_handler(int type);
 
 extern int get_random_bytes(char *buf, int len);

src/common/ceph_crypto.cc

@@ -13,6 +13,7 @@
  */
 
 #include "ceph_crypto.h"
+#include "auth/Crypto.h"
 
 #include <pthread.h>
 
@@ -25,10 +26,12 @@ void ceph::crypto::assert_init() {
 #ifdef USE_CRYPTOPP
 void ceph::crypto::init() {
   crypto_init = true;
+  crypto_init_handlers();
 }
 
 void ceph::crypto::shutdown() {
   crypto_init = false;
+  crypto_shutdown_handlers();
 }
 
 // nothing
@@ -45,6 +48,7 @@ void ceph::crypto::init() {
   SECStatus s;
   s = NSS_NoDB_Init(NULL);
   assert(s == SECSuccess);
+  crypto_init_handlers();
 }
 
 void ceph::crypto::shutdown() {
@@ -54,6 +58,7 @@ void ceph::crypto::shutdown() {
   SECStatus s;
   s = NSS_Shutdown();
   assert(s == SECSuccess);
+  crypto_shutdown_handlers();
 }
 
 ceph::crypto::HMACSHA1::~HMACSHA1()