diff options
| author | Marc Alexander <admin@m-a-styles.de> | 2013-06-16 23:55:33 +0200 |
|---|---|---|
| committer | Marc Alexander <admin@m-a-styles.de> | 2013-09-14 13:53:08 +0200 |
| commit | 4b81b93d102b1657ab59cbc98cfa5c1d66d94304 (patch) | |
| tree | d43eeb13ae2c45623e6a80551c0f8e18bc0784f2 /phpBB/includes/crypto/driver/bcrypt.php | |
| parent | 7ddf004489879aa0cc21fcd69225ab78ef472d50 (diff) | |
| download | forums-4b81b93d102b1657ab59cbc98cfa5c1d66d94304.tar forums-4b81b93d102b1657ab59cbc98cfa5c1d66d94304.tar.gz forums-4b81b93d102b1657ab59cbc98cfa5c1d66d94304.tar.bz2 forums-4b81b93d102b1657ab59cbc98cfa5c1d66d94304.tar.xz forums-4b81b93d102b1657ab59cbc98cfa5c1d66d94304.zip | |
[feature/passwords] Make sure hash has the required length
Also added tests to make sure that crypto drivers are enforcing the hash
length.
PHPBB3-11610
Diffstat (limited to 'phpBB/includes/crypto/driver/bcrypt.php')
| -rw-r--r-- | phpBB/includes/crypto/driver/bcrypt.php | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/phpBB/includes/crypto/driver/bcrypt.php b/phpBB/includes/crypto/driver/bcrypt.php index d98bf8c940..c6334d1779 100644 --- a/phpBB/includes/crypto/driver/bcrypt.php +++ b/phpBB/includes/crypto/driver/bcrypt.php @@ -53,6 +53,10 @@ class phpbb_crypto_driver_bcrypt extends phpbb_crypto_driver_base } $hash = crypt($password, $salt); + if (strlen($hash) < 60) + { + return false; + } return $hash; } |