upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-06-11 09:42:09 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 40

Merge pull request #60609 from nextcloud/backport/45027/stable34

Browse source 
[stable34] fix(argon2): respect max value for hashingThreads
This commit is contained in:
Benjamin Gaussorgues 2026-05-21 09:26:28 +02:00 committed by GitHub
commit c4aab00f1e
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 9 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
lib/private/Security/Hasher.php
View file

@ -39,10 +39,15 @@ class Hasher implements IHasher {
public function __construct(
private IConfig $config,
) {
if (\defined('PASSWORD_ARGON2ID') || \defined('PASSWORD_ARGON2I')) {
// password_hash fails, when the minimum values are undershot.
// In this case, apply minimum.
$this->options['threads'] = max($this->config->getSystemValueInt('hashingThreads', PASSWORD_ARGON2_DEFAULT_THREADS), 1);
if (\defined('PASSWORD_ARGON2_PROVIDER')) {
// password_hash fails, when the minimum values are undershot or maximum overshot. So apply minimum/maximum.
/** @psalm-suppress TypeDoesNotContainType - The constant defaults to "standard" but when sodium is installed it will be "sodium" */
if (PASSWORD_ARGON2_PROVIDER === 'sodium') {
$this->options['threads'] = 1;
} else {
// standard (libargon) or openssl
$this->options['threads'] = max($this->config->getSystemValueInt('hashingThreads', PASSWORD_ARGON2_DEFAULT_THREADS), 1);
}
// The minimum memory cost is 8 KiB per thread.
$this->options['memory_cost'] = max($this->config->getSystemValueInt('hashingMemoryCost', PASSWORD_ARGON2_DEFAULT_MEMORY_COST), $this->options['threads'] * 8);
$this->options['time_cost'] = max($this->config->getSystemValueInt('hashingTimeCost', PASSWORD_ARGON2_DEFAULT_TIME_COST), 1);