rnewson commented on code in PR #4140:
URL: https://github.com/apache/couchdb/pull/4140#discussion_r942536188
##########
src/couch/src/couch_httpd_auth.erl:
##########
@@ -695,3 +700,33 @@ authentication_warning(#httpd{mochi_req = Req}, User) ->
"~p: Authentication failed for user ~s from ~s",
[?MODULE, User, Peer]
).
+
+verify_hash_names(HashAlgorithms, SupportedHashFun) ->
+ verify_hash_names(HashAlgorithms, SupportedHashFun, []).
+verify_hash_names([], _, HashNames) ->
+ HashNames;
+verify_hash_names([H | T], SupportedHashFun, HashNames) ->
+ try
+ HashAtom = binary_to_existing_atom(H),
+ Result =
+ case lists:member(HashAtom, SupportedHashFun) of
+ true -> HashNames ++ [HashAtom];
Review Comment:
maybe combine these things to avoid the problem entirely. iterate through
the `re:split` list of hash algorithm names in order, moving to the next if its
not a valid algorithm name or if the hash doesn't match for valid names, and
then return a failure if the list is empty.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
