diff options
| author | javiexin <javiexin@gmail.com> | 2017-05-21 18:25:57 +0200 |
|---|---|---|
| committer | javiexin <javiexin@gmail.com> | 2017-05-21 18:25:57 +0200 |
| commit | 37c48a59c318c12547c371f0d0a8bc84f5206dcf (patch) | |
| tree | a45b111970e291ff871733cfe003a74e0631c441 /phpBB/phpbb/passwords/driver/bcrypt.php | |
| parent | 60d6667eb4c5ad8a02d67dea62bc2d5b9553f958 (diff) | |
| parent | bd12504f6cf03b36821a5cea2bf77a419496dcdb (diff) | |
| download | forums-37c48a59c318c12547c371f0d0a8bc84f5206dcf.tar forums-37c48a59c318c12547c371f0d0a8bc84f5206dcf.tar.gz forums-37c48a59c318c12547c371f0d0a8bc84f5206dcf.tar.bz2 forums-37c48a59c318c12547c371f0d0a8bc84f5206dcf.tar.xz forums-37c48a59c318c12547c371f0d0a8bc84f5206dcf.zip | |
Merge branch 'ticket/15068' of https://github.com/javiexin/phpbb into ticket/15068
Diffstat (limited to 'phpBB/phpbb/passwords/driver/bcrypt.php')
| -rw-r--r-- | phpBB/phpbb/passwords/driver/bcrypt.php | 32 |
1 files changed, 31 insertions, 1 deletions
diff --git a/phpBB/phpbb/passwords/driver/bcrypt.php b/phpBB/phpbb/passwords/driver/bcrypt.php index eab1c3d569..eb1aeeeb76 100644 --- a/phpBB/phpbb/passwords/driver/bcrypt.php +++ b/phpBB/phpbb/passwords/driver/bcrypt.php @@ -17,6 +17,24 @@ class bcrypt extends base { const PREFIX = '$2a$'; + /** @var int Hashing cost factor */ + protected $cost_factor; + + /** + * Constructor of passwords driver object + * + * @param \phpbb\config\config $config phpBB config + * @param \phpbb\passwords\driver\helper $helper Password driver helper + * @param int $cost_factor Hashing cost factor (optional) + */ + public function __construct(\phpbb\config\config $config, helper $helper, $cost_factor = 10) + { + parent::__construct($config, $helper); + + // Don't allow cost factor to be below default setting + $this->cost_factor = max(10, $cost_factor); + } + /** * {@inheritdoc} */ @@ -26,6 +44,18 @@ class bcrypt extends base } /** + * {@inheritdoc} + */ + public function needs_rehash($hash) + { + preg_match('/^' . preg_quote($this->get_prefix()) . '([0-9]+)\$/', $hash, $matches); + + list(, $cost_factor) = $matches; + + return empty($cost_factor) || $this->cost_factor !== intval($cost_factor); + } + + /** * {@inheritdoc} */ public function hash($password, $salt = '') @@ -46,7 +76,7 @@ class bcrypt extends base if ($salt == '') { - $salt = $prefix . '10$' . $this->get_random_salt(); + $salt = $prefix . $this->cost_factor . '$' . $this->get_random_salt(); } $hash = crypt($password, $salt); |