diff --git a/exec/coroparse.c b/exec/coroparse.c index b6028721..c316e41d 100644 --- a/exec/coroparse.c +++ b/exec/coroparse.c @@ -480,8 +480,8 @@ static int main_config_parser_cb(const char *path, } if (strcmp(path, "totem.crypto_hash") == 0) { if ((strcmp(value, "none") != 0) && + (strcmp(value, "md5") != 0) && (strcmp(value, "sha1") != 0) && - (strcmp(value, "sha224") != 0) && (strcmp(value, "sha256") != 0) && (strcmp(value, "sha384") != 0) && (strcmp(value, "sha512") != 0)) { diff --git a/exec/totemconfig.c b/exec/totemconfig.c index 008b8917..2f248c1f 100644 --- a/exec/totemconfig.c +++ b/exec/totemconfig.c @@ -152,12 +152,12 @@ static void totem_get_crypto(struct totem_config *totem_config) if (strcmp(str, "none") == 0) { tmp_hash = "none"; } + if (strcmp(str, "md5") == 0) { + tmp_hash = "md5"; + } if (strcmp(str, "sha1") == 0) { tmp_hash = "sha1"; } - if (strcmp(str, "sha224") == 0) { - tmp_hash = "sha224"; - } if (strcmp(str, "sha256") == 0) { tmp_hash = "sha256"; } diff --git a/exec/totemcrypto.c b/exec/totemcrypto.c index e8717e45..8b21533d 100644 --- a/exec/totemcrypto.c +++ b/exec/totemcrypto.c @@ -109,8 +109,8 @@ size_t cypher_block_len[] = { enum crypto_hash_t { CRYPTO_HASH_TYPE_NONE = 0, - CRYPTO_HASH_TYPE_SHA1 = 1, - CRYPTO_HASH_TYPE_SHA224 = 2, + CRYPTO_HASH_TYPE_MD5 = 1, + CRYPTO_HASH_TYPE_SHA1 = 2, CRYPTO_HASH_TYPE_SHA256 = 3, CRYPTO_HASH_TYPE_SHA384 = 4, CRYPTO_HASH_TYPE_SHA512 = 5 @@ -118,8 +118,8 @@ enum crypto_hash_t { CK_MECHANISM_TYPE hash_to_nss[] = { 0, /* CRYPTO_HASH_TYPE_NONE */ + CKM_MD5_HMAC, /* CRYPTO_HASH_TYPE_MD5 */ CKM_SHA_1_HMAC, /* CRYPTO_HASH_TYPE_SHA1 */ - CKM_SHA224_HMAC, /* CRYPTO_HASH_TYPE_SHA224 */ CKM_SHA256_HMAC, /* CRYPTO_HASH_TYPE_SHA256 */ CKM_SHA384_HMAC, /* CRYPTO_HASH_TYPE_SHA384 */ CKM_SHA512_HMAC /* CRYPTO_HASH_TYPE_SHA512 */ @@ -127,8 +127,8 @@ CK_MECHANISM_TYPE hash_to_nss[] = { size_t hash_len[] = { 0, /* CRYPTO_HASH_TYPE_NONE */ + MD5_LENGTH, /* CRYPTO_HASH_TYPE_MD5 */ SHA1_LENGTH, /* CRYPTO_HASH_TYPE_SHA1 */ - SHA224_LENGTH, /* CRYPTO_HASH_TYPE_SHA224 */ SHA256_LENGTH, /* CRYPTO_HASH_TYPE_SHA256 */ SHA384_LENGTH, /* CRYPTO_HASH_TYPE_SHA384 */ SHA512_LENGTH /* CRYPTO_HASH_TYPE_SHA512 */ @@ -136,8 +136,8 @@ size_t hash_len[] = { size_t hash_block_len[] = { 0, /* CRYPTO_HASH_TYPE_NONE */ + MD5_BLOCK_LENGTH, /* CRYPTO_HASH_TYPE_MD5 */ SHA1_BLOCK_LENGTH, /* CRYPTO_HASH_TYPE_SHA1 */ - SHA224_BLOCK_LENGTH, /* CRYPTO_HASH_TYPE_SHA224 */ SHA256_BLOCK_LENGTH, /* CRYPTO_HASH_TYPE_SHA256 */ SHA384_BLOCK_LENGTH, /* CRYPTO_HASH_TYPE_SHA384 */ SHA512_BLOCK_LENGTH /* CRYPTO_HASH_TYPE_SHA512 */ @@ -586,10 +586,10 @@ static int string_to_crypto_hash_type(const char* crypto_hash_type) { if (strcmp(crypto_hash_type, "none") == 0) { return CRYPTO_HASH_TYPE_NONE; + } else if (strcmp(crypto_hash_type, "md5") == 0) { + return CRYPTO_HASH_TYPE_MD5; } else if (strcmp(crypto_hash_type, "sha1") == 0) { return CRYPTO_HASH_TYPE_SHA1; - } else if (strcmp(crypto_hash_type, "sha224") == 0) { - return CRYPTO_HASH_TYPE_SHA224; } else if (strcmp(crypto_hash_type, "sha256") == 0) { return CRYPTO_HASH_TYPE_SHA256; } else if (strcmp(crypto_hash_type, "sha384") == 0) { diff --git a/man/corosync.conf.5 b/man/corosync.conf.5 index 82efcda4..c82f2cda 100644 --- a/man/corosync.conf.5 +++ b/man/corosync.conf.5 @@ -160,7 +160,7 @@ a subset of the cluster (for example during a rolling upgrade). .TP crypto_hash This specifies which HMAC authentication should be used to authenticate all -messages. Valid values are none (no authentication), sha1, sha224, sha256, +messages. Valid values are none (no authentication), md5, sha1, sha256, sha384 and sha512. The default is sha1.