SHA224 is not supported on RHEL6 and also it's kind of weird. Instead of
that, md5 can now be configured.
Signed-off-by: Jan Friesse <jfriesse@xxxxxxxxxx>
---
exec/coroparse.c | 2 +-
exec/totemconfig.c | 4 ++--
exec/totemcrypto.c | 12 ++++++------
man/corosync.conf.5 | 2 +-
4 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/exec/coroparse.c b/exec/coroparse.c
index b602872..850b10e 100644
--- a/exec/coroparse.c
+++ b/exec/coroparse.c
@@ -481,7 +481,7 @@ static int main_config_parser_cb(const char *path,
if (strcmp(path, "totem.crypto_hash") == 0) {
if ((strcmp(value, "none") != 0) &&
(strcmp(value, "sha1") != 0) &&
- (strcmp(value, "sha224") != 0) &&
+ (strcmp(value, "md5") != 0) &&
(strcmp(value, "sha256") != 0) &&
(strcmp(value, "sha384") != 0) &&
(strcmp(value, "sha512") != 0)) {
diff --git a/exec/totemconfig.c b/exec/totemconfig.c
index 008b891..bb833a0 100644
--- a/exec/totemconfig.c
+++ b/exec/totemconfig.c
@@ -155,8 +155,8 @@ static void totem_get_crypto(struct totem_config *totem_config)
if (strcmp(str, "sha1") == 0) {
tmp_hash = "sha1";
}
- if (strcmp(str, "sha224") == 0) {
- tmp_hash = "sha224";
+ if (strcmp(str, "md5") == 0) {
+ tmp_hash = "md5";
}
if (strcmp(str, "sha256") == 0) {
tmp_hash = "sha256";
diff --git a/exec/totemcrypto.c b/exec/totemcrypto.c
index e8717e4..f1e72bc 100644
--- a/exec/totemcrypto.c
+++ b/exec/totemcrypto.c
@@ -110,7 +110,7 @@ size_t cypher_block_len[] = {
enum crypto_hash_t {
CRYPTO_HASH_TYPE_NONE = 0,
CRYPTO_HASH_TYPE_SHA1 = 1,
- CRYPTO_HASH_TYPE_SHA224 = 2,
+ CRYPTO_HASH_TYPE_MD5 = 2,
CRYPTO_HASH_TYPE_SHA256 = 3,
CRYPTO_HASH_TYPE_SHA384 = 4,
CRYPTO_HASH_TYPE_SHA512 = 5
@@ -119,7 +119,7 @@ enum crypto_hash_t {
CK_MECHANISM_TYPE hash_to_nss[] = {
0, /* CRYPTO_HASH_TYPE_NONE */
CKM_SHA_1_HMAC, /* CRYPTO_HASH_TYPE_SHA1 */
- CKM_SHA224_HMAC, /* CRYPTO_HASH_TYPE_SHA224 */
+ CKM_MD5_HMAC, /* CRYPTO_HASH_TYPE_MD5 */
CKM_SHA256_HMAC, /* CRYPTO_HASH_TYPE_SHA256 */
CKM_SHA384_HMAC, /* CRYPTO_HASH_TYPE_SHA384 */
CKM_SHA512_HMAC /* CRYPTO_HASH_TYPE_SHA512 */
@@ -128,7 +128,7 @@ CK_MECHANISM_TYPE hash_to_nss[] = {
size_t hash_len[] = {
0, /* CRYPTO_HASH_TYPE_NONE */
SHA1_LENGTH, /* CRYPTO_HASH_TYPE_SHA1 */
- SHA224_LENGTH, /* CRYPTO_HASH_TYPE_SHA224 */
+ MD5_LENGTH, /* CRYPTO_HASH_TYPE_MD5 */
SHA256_LENGTH, /* CRYPTO_HASH_TYPE_SHA256 */
SHA384_LENGTH, /* CRYPTO_HASH_TYPE_SHA384 */
SHA512_LENGTH /* CRYPTO_HASH_TYPE_SHA512 */
@@ -137,7 +137,7 @@ size_t hash_len[] = {
size_t hash_block_len[] = {
0, /* CRYPTO_HASH_TYPE_NONE */
SHA1_BLOCK_LENGTH, /* CRYPTO_HASH_TYPE_SHA1 */
- SHA224_BLOCK_LENGTH, /* CRYPTO_HASH_TYPE_SHA224 */
+ MD5_BLOCK_LENGTH, /* CRYPTO_HASH_TYPE_MD5 */
SHA256_BLOCK_LENGTH, /* CRYPTO_HASH_TYPE_SHA256 */
SHA384_BLOCK_LENGTH, /* CRYPTO_HASH_TYPE_SHA384 */
SHA512_BLOCK_LENGTH /* CRYPTO_HASH_TYPE_SHA512 */
@@ -588,8 +588,8 @@ static int string_to_crypto_hash_type(const char* crypto_hash_type)
return CRYPTO_HASH_TYPE_NONE;
} else if (strcmp(crypto_hash_type, "sha1") == 0) {
return CRYPTO_HASH_TYPE_SHA1;
- } else if (strcmp(crypto_hash_type, "sha224") == 0) {
- return CRYPTO_HASH_TYPE_SHA224;
+ } else if (strcmp(crypto_hash_type, "md5") == 0) {
+ return CRYPTO_HASH_TYPE_MD5;
} else if (strcmp(crypto_hash_type, "sha256") == 0) {
return CRYPTO_HASH_TYPE_SHA256;
} else if (strcmp(crypto_hash_type, "sha384") == 0) {
diff --git a/man/corosync.conf.5 b/man/corosync.conf.5
index 82efcda..c82f2cd 100644
--- a/man/corosync.conf.5
+++ b/man/corosync.conf.5
@@ -160,7 +160,7 @@ a subset of the cluster (for example during a rolling upgrade).
.TP
crypto_hash
This specifies which HMAC authentication should be used to authenticate all
-messages. Valid values are none (no authentication), sha1, sha224, sha256,
+messages. Valid values are none (no authentication), md5, sha1, sha256,
sha384 and sha512.
The default is sha1.
--
1.7.1
_______________________________________________
discuss mailing list
discuss@xxxxxxxxxxxx
http://lists.corosync.org/mailman/listinfo/discuss
