Page Menu
Home
Phorge
Search
Configure Global Search
Log In
Files
F2891421
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Award Token
Flag For Later
Advanced/Developer...
View Handle
View Hovercard
Size
2 KB
Referenced Files
None
Subscribers
None
View Options
diff --git a/src/infrastructure/util/password/PhabricatorBcryptPasswordHasher.php b/src/infrastructure/util/password/PhabricatorBcryptPasswordHasher.php
index fc2bf7a523..cc8dacfc80 100644
--- a/src/infrastructure/util/password/PhabricatorBcryptPasswordHasher.php
+++ b/src/infrastructure/util/password/PhabricatorBcryptPasswordHasher.php
@@ -1,75 +1,75 @@
<?php
final class PhabricatorBcryptPasswordHasher
extends PhabricatorPasswordHasher {
public function getHumanReadableName() {
return pht('bcrypt');
}
public function getHashName() {
return 'bcrypt';
}
public function getHashLength() {
return 60;
}
public function canHashPasswords() {
return function_exists('password_hash');
}
public function getInstallInstructions() {
return pht('Upgrade to PHP 5.5.0 or newer.');
}
public function getStrength() {
return 2.0;
}
public function getHumanReadableStrength() {
return pht("Good");
}
protected function getPasswordHash(PhutilOpaqueEnvelope $envelope) {
$raw_input = $envelope->openEnvelope();
$options = array(
'cost' => $this->getBcryptCost(),
);
- $raw_hash = password_hash($raw_input, CRYPT_BLOWFISH, $options);
+ $raw_hash = password_hash($raw_input, PASSWORD_BCRYPT, $options);
return new PhutilOpaqueEnvelope($raw_hash);
}
protected function verifyPassword(
PhutilOpaqueEnvelope $password,
PhutilOpaqueEnvelope $hash) {
return password_verify($password->openEnvelope(), $hash->openEnvelope());
}
protected function canUpgradeInternalHash(PhutilOpaqueEnvelope $hash) {
$info = password_get_info($hash->openEnvelope());
// NOTE: If the costs don't match -- even if the new cost is lower than
// the old cost -- count this as an upgrade. This allows costs to be
// adjusted down and hashing to be migrated toward the new cost if costs
// are ever configured too high for some reason.
$cost = idx($info['options'], 'cost');
if ($cost != $this->getBcryptCost()) {
return true;
}
return false;
}
private function getBcryptCost() {
// NOTE: The default cost is "10", but my laptop can do a hash of cost
// "12" in about 300ms. Since server hardware is often virtualized or old,
// just split the difference.
return 11;
}
}
File Metadata
Details
Attached
Mime Type
text/x-diff
Expires
Sun, Jan 19, 15:10 (3 w, 1 d ago)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
1125840
Default Alt Text
(2 KB)
Attached To
Mode
rP Phorge
Attached
Detach File
Event Timeline
Log In to Comment