diff options
Diffstat (limited to 'phpBB')
-rw-r--r-- | phpBB/phpbb/passwords/driver/argon2i.php | 21 |
1 files changed, 17 insertions, 4 deletions
diff --git a/phpBB/phpbb/passwords/driver/argon2i.php b/phpBB/phpbb/passwords/driver/argon2i.php index 49d7d6393e..bf4d6ec33a 100644 --- a/phpBB/phpbb/passwords/driver/argon2i.php +++ b/phpBB/phpbb/passwords/driver/argon2i.php @@ -37,10 +37,23 @@ class argon2i extends base_native { parent::__construct($config, $helper); - // Don't allow cost factors to be below default settings - $this->memory_cost = max($memory_cost, 1024); - $this->threads = max($threads, 2); - $this->time_cost = max($time_cost, 2); + // Workaround to prevent "Use of undefined constant" warning on some unsupported PHP installations + if (!defined('PASSWORD_ARGON2I')) + { + define('PASSWORD_ARGON2_DEFAULT_MEMORY_COST', 1024); + define('PASSWORD_ARGON2_DEFAULT_TIME_COST', 2); + define('PASSWORD_ARGON2_DEFAULT_THREADS', 1); + } + + /** + * For Sodium implementation of argon2 algorithm (since PHP 7.4), set special value of 1 for "threads" cost factor + * See https://wiki.php.net/rfc/sodium.argon.hash and PHPBB3-16266 + * Don't allow cost factors to be below default settings where possible + */ + $this->memory_cost = max($memory_cost, PASSWORD_ARGON2_DEFAULT_MEMORY_COST); + $this->time_cost = max($time_cost, PASSWORD_ARGON2_DEFAULT_TIME_COST); + $this->threads = (defined('PASSWORD_ARGON2_PROVIDER') && PASSWORD_ARGON2_PROVIDER == 'sodium') ? + PASSWORD_ARGON2_DEFAULT_THREADS : max($threads, PASSWORD_ARGON2_DEFAULT_THREADS); } /** |