25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-11-28 16:34:13 +01:00

Minor improvements in auth_password_format documentation

This commit is contained in:
Badlop 2023-12-01 00:07:21 +01:00
parent d2a84c96a4
commit 225d14cbbe

View File

@ -373,25 +373,26 @@ doc() ->
note => "improved in 20.01", note => "improved in 20.01",
desc => desc =>
[?T("The option defines in what format the users passwords " [?T("The option defines in what format the users passwords "
"are stored:"), "", "are stored, plain text or in http://../authentication/#scram[SCRAM] format:"), "",
?T("* 'plain': The password is stored as plain text " ?T("* 'plain': The password is stored as plain text "
"in the database. This is risky because the passwords " "in the database. This is risky because the passwords "
"can be read if your database gets compromised. " "can be read if your database gets compromised. "
"This is the default value. This format allows clients to " "This is the default value. This format allows clients to "
"authenticate using: the old Jabber Non-SASL (XEP-0078), " "authenticate using: the old Jabber Non-SASL (XEP-0078), "
"SASL PLAIN, SASL DIGEST-MD5, and SASL SCRAM-SHA-1. "), "", "SASL PLAIN, SASL DIGEST-MD5, and SASL SCRAM-SHA-1/256/512(-PLUS). "), "",
?T("* 'scram': The password is not stored, only some information " ?T("* 'scram': The password is not stored, only some information "
"that allows to verify the hash provided by the client. " "that allows to verify the hash provided by the client. "
"It is impossible to obtain the original plain password " "It is impossible to obtain the original plain password "
"from the stored information; for this reason, when this " "from the stored information; for this reason, when this "
"value is configured it cannot be changed to plain anymore. " "value is configured it cannot be changed to plain anymore. "
"This format allows clients to authenticate using: " "This format allows clients to authenticate using: "
"SASL PLAIN and SASL SCRAM-SHA-1."), "SASL PLAIN and SASL SCRAM-SHA-1/256/512(-PLUS). The SCRAM variant "
?T("The default value is 'plain'.")]}}, "depends on the _`auth_scram_hash`_ option."), "",
?T("The default value is 'plain'."), ""]}},
{auth_scram_hash, {auth_scram_hash,
#{value => "sha | sha256 | sha512", #{value => "sha | sha256 | sha512",
desc => desc =>
?T("Hash algorithm that should be used to store password in SCRAM format. " ?T("Hash algorithm that should be used to store password in http://../authentication/#scram[SCRAM] format. "
"You shouldn't change this if you already have passwords generated with " "You shouldn't change this if you already have passwords generated with "
"a different algorithm - users that have such passwords will not be able " "a different algorithm - users that have such passwords will not be able "
"to authenticate. The default value is 'sha'.")}}, "to authenticate. The default value is 'sha'.")}},