Document crypto_hash and crypto_cipher options

Signed-off-by: Jan Friesse <jfriesse@redhat.com>
Reviewed-by: Fabio M. Di Nitto <fdinitto@redhat.com>

man/corosync.conf.5

@@ -147,8 +147,6 @@ This specifies the version of the configuration file.  Currently the only
 valid version for this directive is 2.
 
 .PP
-.PP
-.TP
 clear_node_high_bit
 This configuration option is optional and is only relevant when no nodeid is
 specified.  Some corosync clients require a signed 32 bit nodeid that is greater
@@ -159,6 +157,21 @@ zero and therefor ensure the nodeid is a positive signed 32 bit integer.
 WARNING: The clusters behavior is undefined if this option is enabled on only
 a subset of the cluster (for example during a rolling upgrade).
 
+.TP
+crypto_hash
+This specifies which HMAC authentication should be used to authenticate all
+messages. Valid values are none (no authentication), sha1, sha224, sha256,
+sha384 and sha512.
+
+The default is sha1.
+
+.TP
+crypto_cipher
+This specifies which cipher should be used to encrypt all messages.
+Valid values are none (no encryption) and aes256.
+
+The default is aes256.
+
 .TP
 secauth
 This specifies that HMAC/SHA1 authentication should be used to authenticate
@@ -171,6 +184,9 @@ cycles in corosync.
 
 The default is on.
 
+WARNING: This parameter is deprecated. It's recomended to use combination of
+crypto_cipher and crypto_hash.
+
 .TP
 rrp_mode
 This specifies the mode of redundant ring, which may be none, active, or