aboutsummaryrefslogtreecommitdiff
path: root/phpBB
diff options
context:
space:
mode:
authorMarc Alexander <admin@m-a-styles.de>2020-01-30 21:38:35 +0100
committerMarc Alexander <admin@m-a-styles.de>2020-01-30 21:38:35 +0100
commitc221858fabe1f99e55d4938f5b0aa35f53457a70 (patch)
treea20fa8aca1101a8de6fad5d7f0845dd0d1050177 /phpBB
parentMerge branch '3.3.x' (diff)
parentMerge pull request #5843 from JoshyPHP/ticket/16342 (diff)
downloadphpbb-c221858fabe1f99e55d4938f5b0aa35f53457a70.tar.gz
phpbb-c221858fabe1f99e55d4938f5b0aa35f53457a70.tar.bz2
phpbb-c221858fabe1f99e55d4938f5b0aa35f53457a70.zip
Merge branch '3.3.x'
Diffstat (limited to 'phpBB')
-rw-r--r--phpBB/config/default/container/services_password.yml4
-rw-r--r--phpBB/phpbb/passwords/driver/argon2i.php6
2 files changed, 5 insertions, 5 deletions
diff --git a/phpBB/config/default/container/services_password.yml b/phpBB/config/default/container/services_password.yml
index a9adbebfd7..38f7404330 100644
--- a/phpBB/config/default/container/services_password.yml
+++ b/phpBB/config/default/container/services_password.yml
@@ -1,7 +1,7 @@
parameters:
- passwords.driver.argon2_memory_cost: 1024
+ passwords.driver.argon2_memory_cost: 65536
passwords.driver.argon2_threads: 2
- passwords.driver.argon2_time_cost: 2
+ passwords.driver.argon2_time_cost: 4
passwords.driver.bcrypt_cost: 10
services:
diff --git a/phpBB/phpbb/passwords/driver/argon2i.php b/phpBB/phpbb/passwords/driver/argon2i.php
index 03368f6361..3150eadfdd 100644
--- a/phpBB/phpbb/passwords/driver/argon2i.php
+++ b/phpBB/phpbb/passwords/driver/argon2i.php
@@ -33,7 +33,7 @@ class argon2i extends base_native
* @param int $threads Number of threads to use (optional)
* @param int $time_cost Maximum amount of time (optional)
*/
- public function __construct(\phpbb\config\config $config, helper $helper, $memory_cost = 1024, $threads = 2, $time_cost = 2)
+ public function __construct(\phpbb\config\config $config, helper $helper, $memory_cost = 65536, $threads = 2, $time_cost = 4)
{
parent::__construct($config, $helper);
@@ -42,8 +42,8 @@ class argon2i extends base_native
* See https://wiki.php.net/rfc/sodium.argon.hash and PHPBB3-16266
* Don't allow cost factors to be below default settings where possible
*/
- $this->memory_cost = max($memory_cost, defined('PASSWORD_ARGON2_DEFAULT_MEMORY_COST') ? PASSWORD_ARGON2_DEFAULT_MEMORY_COST : 1024);
- $this->time_cost = max($time_cost, defined('PASSWORD_ARGON2_DEFAULT_TIME_COST') ? PASSWORD_ARGON2_DEFAULT_TIME_COST : 2);
+ $this->memory_cost = max($memory_cost, defined('PASSWORD_ARGON2_DEFAULT_MEMORY_COST') ? PASSWORD_ARGON2_DEFAULT_MEMORY_COST : 65536);
+ $this->time_cost = max($time_cost, defined('PASSWORD_ARGON2_DEFAULT_TIME_COST') ? PASSWORD_ARGON2_DEFAULT_TIME_COST : 4);
$this->threads = (defined('PASSWORD_ARGON2_PROVIDER') && PASSWORD_ARGON2_PROVIDER == 'sodium') ?
PASSWORD_ARGON2_DEFAULT_THREADS : max($threads, defined('PASSWORD_ARGON2_DEFAULT_THREADS') ? PASSWORD_ARGON2_DEFAULT_THREADS : 1);
}