rnewson commented on code in PR #4140:
URL: https://github.com/apache/couchdb/pull/4140#discussion_r941532788
##########
src/couch/src/couch_httpd_auth.erl:
##########
@@ -695,3 +707,12 @@ authentication_warning(#httpd{mochi_req = Req}, User) ->
"~p: Authentication failed for user ~s from ~s",
[?MODULE, User, Peer]
).
+
+-spec get_config_hash_algorithms() -> list(atom()).
+get_config_hash_algorithms() ->
+ HashAlgorithmStr = string:to_lower(
+ chttpd_util:get_chttpd_auth_config("hash_algorithms", "sha256, sha")
+ ),
+ lists:map(
+ fun binary_to_atom/1, re:split(HashAlgorithmStr, "\\s*,\\s*", [trim,
{return, binary}])
Review Comment:
suggest testing if the item is a member of `crypto:supports(hashs)` instead,
and should handle the case where none is valid (suggest in that case we log a
warning and default to `sha256`)
##########
src/couch/src/couch_httpd_auth.erl:
##########
@@ -695,3 +707,12 @@ authentication_warning(#httpd{mochi_req = Req}, User) ->
"~p: Authentication failed for user ~s from ~s",
[?MODULE, User, Peer]
).
+
+-spec get_config_hash_algorithms() -> list(atom()).
+get_config_hash_algorithms() ->
+ HashAlgorithmStr = string:to_lower(
+ chttpd_util:get_chttpd_auth_config("hash_algorithms", "sha256, sha")
+ ),
+ lists:map(
+ fun binary_to_atom/1, re:split(HashAlgorithmStr, "\\s*,\\s*", [trim,
{return, binary}])
Review Comment:
suggest testing if the items are a member of `crypto:supports(hashs)`
instead, and should handle the case where none is valid (suggest in that case
we log a warning and default to `sha256`)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
