Make MD5 hash implementation configurable

[rokek]

Overview

This aims to enable CouchDB to run in an environment where OpenSSL MD5 hash operations are explicitly disallowed by the operating system, for example: when running in "FIPS mode." Because CouchDB does not make use of MD5 hashes for cryptographic purposes, this workaround does not defeat the purpose of "FIPS mode," provided that the system owner is aware of and consents to its use.

Approach

• Add a module that selects the library to use for MD5 hash operations depending on a configure flag. If the flag is used, the module's functions use erlang:md5. If not, the functions use crypto:hash(md5, ...).
• Add to configure and rebar scripts to provide the configure flag and define an environment variable when it is used.
• Replace crypto:hash(md5, ...) calls with calls to functions in the new module.

Testing recommendations

make check

Related Issues or Pull Requests

#1171

Checklist

• Code is written and works correctly;
• Changes are covered by tests;
• Documentation reflects the changes;
  • Add troubleshooting information for FIPS mode and workaround (#1171) couchdb-documentation#294

[rnewson]

What's the use case?

[nickva]

From what I understand it is to allow using CouchDB when FIPS mode is enabled. In that case computing md5 via OpenSSL (crypto:hash(md5, ...)) fails.

The other alternative is to switch CouchDB to use a different hash function, but that is a bigger change, so I suggested just using Erlang's built-in md5 for now as an option.

There was some discussion here about it: #1171

[rokek]

@rnewson Updated to include rationale, thank you for the reminder.

[nickva]

EUnit tests pass with and without the --erlang-md5 configure option.

+1

I'd suggest mentioning the issue number (#1171) in the commit message. Also rebase against latest master.

Then create a docs pull request to make note about the new option. Maybe under Runtime Errors section in https://github.com/apache/couchdb-documentation/blob/master/src/install/troubleshooting.rst. Make sure to mention there could be a performance penalty.

[nickva]

@rokek no, don't need a new PR. Just switch to master, do a git pull to update it. Then switch back to the PR branch. Run git rebase master. Then update commit to mention issue number in it (git commit --amend). And at last git push --force to update the branch on Github.

Documentation PR is separate.

[rokek]

@nickva @rnewson Completed, thank you for the guidance, and let me know if there is more to do.

[nickva]

@rokek LGTM. Thanks for your contribution, it is much appreciated!

I'll merge it and will review the docs PR

[rokek]

@nickva Thank you for the assistance!

[wohali]

@nickva @rokek sadly this broke the build, see #1450 for details.