upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-05-28 04:32:30 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 25

fix: also respect max value for hashingThreads

Browse source 
Co-authored-by: Remi Collet <remi@php.net>
Signed-off-by: Remi Collet <remi@remirepo.net>
This commit is contained in:
Remi Collet 2024-04-25 10:13:06 +02:00 committed by backportbot[bot]
parent 24c5c3f512
commit 092e77970a
1 changed files with 9 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
lib/private/Security/Hasher.php
View file

@ -39,10 +39,15 @@ class Hasher implements IHasher {
public function __construct(
private IConfig $config,
) {
if (\defined('PASSWORD_ARGON2ID') || \defined('PASSWORD_ARGON2I')) {
// password_hash fails, when the minimum values are undershot.
// In this case, apply minimum.
$this->options['threads'] = max($this->config->getSystemValueInt('hashingThreads', PASSWORD_ARGON2_DEFAULT_THREADS), 1);
if (\defined('PASSWORD_ARGON2_PROVIDER')) {
// password_hash fails, when the minimum values are undershot or maximum overshot. So apply minimum/maximum.
/** @psalm-suppress TypeDoesNotContainType - The constant defaults to "standard" but when sodium is installed it will be "sodium" */
if (PASSWORD_ARGON2_PROVIDER === 'sodium') {
$this->options['threads'] = 1;
} else {
// standard (libargon) or openssl
$this->options['threads'] = max($this->config->getSystemValueInt('hashingThreads', PASSWORD_ARGON2_DEFAULT_THREADS), 1);
}
// The minimum memory cost is 8 KiB per thread.
$this->options['memory_cost'] = max($this->config->getSystemValueInt('hashingMemoryCost', PASSWORD_ARGON2_DEFAULT_MEMORY_COST), $this->options['threads'] * 8);
$this->options['time_cost'] = max($this->config->getSystemValueInt('hashingTimeCost', PASSWORD_ARGON2_DEFAULT_TIME_COST), 1);