Commit: 6cc3c65fbf06da075934c89e470fa776d4d968fa Author: Anthony Ferrara <[email protected]> Tue, 3 Jul 2012 07:33:55 -0400 Parents: f53112fdcf746ef73660059e72f8798d0108acac Branches: master
Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=6cc3c65fbf06da075934c89e470fa776d4d968fa Log: Remove php.ini setting for default bcrypt cost Changed paths: M ext/standard/password.c M ext/standard/php_password.h M ext/standard/tests/password/password_hash.phpt M php.ini-development M php.ini-production Diff: diff --git a/ext/standard/password.c b/ext/standard/password.c index 558cf24..9c03152 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -43,12 +43,6 @@ PHP_MINIT_FUNCTION(password) /* {{{ */ } /* }}} */ -PHP_MINFO_FUNCTION(password) /* {{{ */ -{ - php_info_print_table_row(2, "Default Password BCrypt Cost", INI_STR("password.bcrypt_cost")); -} -/* }}} */ - static int php_password_salt_is_alphabet(const char *str, const int len) /* {{{ */ { int i = 0; @@ -236,8 +230,7 @@ PHP_FUNCTION(password_hash) } if (strcmp(algo, PHP_PASSWORD_BCRYPT) == 0) { - int cost = 0; - cost = (int) INI_INT("password.bcrypt_cost"); + int cost = PHP_PASSWORD_BCRYPT_COST; if (options && zend_symtable_find(options, "cost", 5, (void **) &option_buffer) == SUCCESS) { convert_to_long_ex(option_buffer); diff --git a/ext/standard/php_password.h b/ext/standard/php_password.h index 81fe41f..338665e 100644 --- a/ext/standard/php_password.h +++ b/ext/standard/php_password.h @@ -26,11 +26,12 @@ PHP_FUNCTION(password_verify); PHP_FUNCTION(password_make_salt); PHP_MINIT_FUNCTION(password); -PHP_MINFO_FUNCTION(password); #define PHP_PASSWORD_DEFAULT "2y" #define PHP_PASSWORD_BCRYPT "2y" +#define PHP_PASSWORD_BCRYPT_COST 10 + #endif diff --git a/ext/standard/tests/password/password_hash.phpt b/ext/standard/tests/password/password_hash.phpt index 2fca8b7..3b6fc09 100644 --- a/ext/standard/tests/password/password_hash.phpt +++ b/ext/standard/tests/password/password_hash.phpt @@ -4,9 +4,6 @@ Test normal operation of password_hash() <?php //-=-=-=- -// Set the cost low so the test is fast -ini_set('password.bcrypt_cost', '4'); - var_dump(strlen(password_hash("foo"))); $hash = password_hash("foo"); @@ -17,17 +14,12 @@ var_dump(password_hash("rasmuslerdorf", PASSWORD_BCRYPT, array("cost" => 7, "sal var_dump(password_hash("test", PASSWORD_BCRYPT, array("salt" => "123456789012345678901" . chr(0)))); -// test ini parameter to ensure that it updates -ini_set('password.bcrypt_cost', '5'); -var_dump(password_hash("test", PASSWORD_BCRYPT, array("salt" => "123456789012345678901" . chr(0)))); - - echo "OK!"; ?> --EXPECT-- int(60) bool(true) string(60) "$2y$07$usesomesillystringfore2uDLvp1Ii2e./U9C8sBjqp8I90dH6hi" -string(60) "$2y$04$MTIzNDU2Nzg5MDEyMzQ1NekACxf2CF7ipfk/b9FllU9Fs8RcUm5UG" -string(60) "$2y$05$MTIzNDU2Nzg5MDEyMzQ1NeVt1jFvl6ZQVujUMmcYvue.Mr5oZVQa2" +string(60) "$2y$10$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100y" OK! + diff --git a/php.ini-development b/php.ini-development index 5f1205e..a5a7a4a 100644 --- a/php.ini-development +++ b/php.ini-development @@ -1359,15 +1359,6 @@ bcmath.scale = 0 ; http://php.net/browscap ;browscap = extra/browscap.ini -[password] -; The default cost of a bcrypt hash created using password_hash() -; Note that this is only the default, and can be overriden by the -; options argument to password_hash(). Additionally, it only affects -; newly created hashes. A higher value will make the generated -; hash more resistent to brute forcing, but will also use more CPU -; Default: 11 -; password.bcrypt_cost = 11 - [Session] ; Handler used to store/retrieve data. ; http://php.net/session.save-handler diff --git a/php.ini-production b/php.ini-production index 927f305..5d8f26e 100644 --- a/php.ini-production +++ b/php.ini-production @@ -1359,15 +1359,6 @@ bcmath.scale = 0 ; http://php.net/browscap ;browscap = extra/browscap.ini -[password] -; The default cost of a bcrypt hash created using password_hash() -; Note that this is only the default, and can be overriden by the -; options argument to password_hash(). Additionally, it only affects -; newly created hashes. A higher value will make the generated -; hash more resistent to brute forcing, but will also use more CPU -; Default: 11 -; password.bcrypt_cost = 11 - [Session] ; Handler used to store/retrieve data. ; http://php.net/session.save-handler -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
