ACK + sha* Fabio On 3/15/2012 10:29 AM, Jan Friesse wrote: > Signed-off-by: Jan Friesse <jfriesse@xxxxxxxxxx> > --- > man/corosync.conf.5 | 19 +++++++++++++++++-- > 1 files changed, 17 insertions(+), 2 deletions(-) > > diff --git a/man/corosync.conf.5 b/man/corosync.conf.5 > index e7722da..f7d60cf 100644 > --- a/man/corosync.conf.5 > +++ b/man/corosync.conf.5 > @@ -147,8 +147,6 @@ This specifies the version of the configuration file. Currently the only > valid version for this directive is 2. > > .PP > -.PP > -.TP > clear_node_high_bit > This configuration option is optional and is only relevant when no nodeid is > specified. Some corosync clients require a signed 32 bit nodeid that is greater > @@ -160,6 +158,20 @@ WARNING: The clusters behavior is undefined if this option is enabled on only > a subset of the cluster (for example during a rolling upgrade). > > .TP > +crypto_hash > +This specifies which HMAC authentication should be used to authenticate all > +messages. Valid values are none (no authentication) and sha1. > + > +The default is sha1. > + > +.TP > +crypto_cipher > +This specifies which cipher should be used to encrypt all messages. > +Valid values are none (no encryption) and aes256. > + > +The default is aes256. > + > +.TP > secauth > This specifies that HMAC/SHA1 authentication should be used to authenticate > all messages. It further specifies that all data should be encrypted with the > @@ -171,6 +183,9 @@ cycles in corosync. > > The default is on. > > +WARNING: This parameter is deprecated. It's recomended to use combination of > +crypto_cipher and crypto_hash. > + > .TP > rrp_mode > This specifies the mode of redundant ring, which may be none, active, or _______________________________________________ discuss mailing list discuss@xxxxxxxxxxxx http://lists.corosync.org/mailman/listinfo/discuss
