Skip to content

[stable17] expose Argon2 options (as we did for bcrypt)#19095

Merged
rullzer merged 4 commits intostable17from
backport/19023/stable17
Mar 5, 2020
Merged

[stable17] expose Argon2 options (as we did for bcrypt)#19095
rullzer merged 4 commits intostable17from
backport/19023/stable17

Conversation

@backportbot-nextcloud
Copy link

@backportbot-nextcloud backportbot-nextcloud bot commented Jan 23, 2020

backport of #19023

@backportbot-nextcloud backportbot-nextcloud bot added bug enhancement pending documentation This pull request needs an associated documentation update labels Jan 23, 2020
@backportbot-nextcloud backportbot-nextcloud bot added this to the Nextcloud 17.0.3 milestone Jan 23, 2020
@backportbot-nextcloud backportbot-nextcloud bot mentioned this pull request Jan 23, 2020
Merged
@rullzer rullzer mentioned this pull request Jan 23, 2020
Merged
rullzer
rullzer requested changes Feb 4, 2020
View reviewed changes
config/config.sample.php
/**
* The allowed maximum memory in KiB to be used by the algorithm for computing a
* hash. The smallest possible value is 8. Values that undershoot the minimum
* will be ignored in favor of the default.
Copy link
Member

@rullzer rullzer Feb 4, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shall we just add a big note here to only set this if you are on php7.2 or later?

Copy link
Member

@blizzz blizzz Feb 4, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not necessary – apart of using the constant. Code wouldn't pick Argon2 if it was not available. There are actually PHP 7.2 builds without Argon2, you cannot just rely on the version.

Copy link
Member

@rullzer rullzer Feb 5, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Then reword it differently. But setting those options if you don't have argon2 basically will do 💥 we just need to be sure nobody does that

Copy link
Member

@blizzz blizzz Feb 5, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Then reword it differently.

Will do

ut setting those options if you don't have argon2 basically will do boom we just need to be sure nobody does that

no, nothing will happen when these options are set. Unless you mean the constants specifically. I take them all out.

Copy link
Member

@rullzer rullzer Feb 5, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I meant the constants.
I'm fine with leaving the constants in. Because they might change over time. And if people set them without argon2 support they will know soon enough. But we should just have a clear warning :)

Copy link
Member

@blizzz blizzz Feb 5, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Because they might change over time

They actually did already, afaik. But anyway, setting there the constants does not make sense anyway, as this is implicit. A URL is given to find more info and also that we rely on defaults. Should be sufficient.

@blizzz
Copy link
Member

blizzz commented Feb 5, 2020
edited
Loading

@rullzer @ChristophWurst do you approve the sample config refinements?

I'd bring it to all other branches as well (18+ can go without the stress on 7.2).

@kesselb
Copy link
Contributor

kesselb commented Feb 21, 2020

@rullzer @ChristophWurst 🏓

ChristophWurst
ChristophWurst approved these changes Feb 21, 2020
View reviewed changes
Copy link
Member

@ChristophWurst ChristophWurst left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fine now :)

@blizzz
expose Argon2 options (as we did for bcrypt)
d973bc7 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
@blizzz
use getSystemValueInt
7d1d76b 
Co-Authored-By: kesselb <mail@danielkesselberg.de>

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
@blizzz
ignore values that undershoot the minimum, go with default
fb7c218 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
@blizzz
extended documentation
518789a 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
@blizzz blizzz force-pushed the backport/19023/stable17 branch from 423f9e0 to 518789a Compare February 21, 2020 13:52
@blizzz
Copy link
Member

blizzz commented Feb 21, 2020

squashed, rebased and also applied to the 16 backport

@rullzer rullzer mentioned this pull request Mar 2, 2020
Merged
@rullzer rullzer merged commit 53a907f into stable17 Mar 5, 2020
@rullzer rullzer deleted the backport/19023/stable17 branch March 5, 2020 07:40
@nickvergessen nickvergessen removed the pending documentation This pull request needs an associated documentation update label Nov 8, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rullzer rullzer rullzer approved these changes

@ChristophWurst ChristophWurst ChristophWurst approved these changes

@blizzz blizzz Awaiting requested review from blizzz

@icewind1991 icewind1991 Awaiting requested review from icewind1991

@kesselb kesselb Awaiting requested review from kesselb

@nickvergessen nickvergessen Awaiting requested review from nickvergessen

Assignees

No one assigned

Labels

bug enhancement

Projects

None yet

Milestone

Nextcloud 17.0.4

Development

Successfully merging this pull request may close these issues.

5 participants

@blizzz @kesselb @rullzer @ChristophWurst @nickvergessen