You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@couchdb.apache.org by ro...@apache.org on 2022/08/26 16:38:09 UTC

[couchdb-documentation] branch main updated: Document new hash_algorithms config key

This is an automated email from the ASF dual-hosted git repository.

ronny pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/couchdb-documentation.git


The following commit(s) were added to refs/heads/main by this push:
     new 35fa40b  Document new hash_algorithms config key
35fa40b is described below

commit 35fa40b94331016db2a48ca55df86586168dd047
Author: Ronny Berndt <ro...@apache.org>
AuthorDate: Thu Aug 25 20:43:10 2022 +0200

    Document new hash_algorithms config key
---
 src/config/auth.rst | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/src/config/auth.rst b/src/config/auth.rst
index a1f393f..cb92f31 100644
--- a/src/config/auth.rst
+++ b/src/config/auth.rst
@@ -196,6 +196,33 @@ Authentication Configuration
             [chttpd_auth]
             authentication_redirect = /_utils/session.html
 
+    .. config:option:: hash_algorithms :: Supported hash algorithms for cookie auth
+
+        .. versionadded:: 3.3
+
+        Sets the HMAC hash algorithm used for cookie authentication. You can provide a
+        comma-separated list of hash algorithms. New cookie sessions or
+        session updates are calculated with the first hash algorithm. All values in the
+        list can be used to decode the cookie session. ::
+
+            [chttpd_auth]
+            hash_algorithms = sha256, sha
+
+        .. note::
+            You can select any hash algorithm the version of erlang used in your CouchDB
+            install supports. The common list of available hashes might be: ::
+
+                sha, sha224, sha256, sha384, sha512
+
+            To retrieve a complete list of supported hash algorithms you can use our
+            ``bin/remsh`` script and retrieve a full list of available hash algorithms
+            with ``crypto:supports(hashs).``.
+
+        .. warning::
+            We do not recommend using the following hash algorithms: ::
+
+                md4, md5
+
     .. config:option:: iterations :: PBKDF2 iterations count
 
         .. versionadded:: 1.3