Commit:    6cc3c65fbf06da075934c89e470fa776d4d968fa
Author:    Anthony Ferrara <ircmax...@ircmaxell.com>         Tue, 3 Jul 2012 
07:33:55 -0400
Parents:   f53112fdcf746ef73660059e72f8798d0108acac
Branches:  master

Link:       
http://git.php.net/?p=php-src.git;a=commitdiff;h=6cc3c65fbf06da075934c89e470fa776d4d968fa

Log:
Remove php.ini setting for default bcrypt cost

Changed paths:
  M  ext/standard/password.c
  M  ext/standard/php_password.h
  M  ext/standard/tests/password/password_hash.phpt
  M  php.ini-development
  M  php.ini-production


Diff:
diff --git a/ext/standard/password.c b/ext/standard/password.c
index 558cf24..9c03152 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -43,12 +43,6 @@ PHP_MINIT_FUNCTION(password) /* {{{ */
 }
 /* }}} */
 
-PHP_MINFO_FUNCTION(password) /* {{{ */
-{
-       php_info_print_table_row(2, "Default Password BCrypt Cost", 
INI_STR("password.bcrypt_cost"));
-}
-/* }}} */
-
 static int php_password_salt_is_alphabet(const char *str, const int len) /* 
{{{ */
 {
        int i = 0;
@@ -236,8 +230,7 @@ PHP_FUNCTION(password_hash)
        }
 
        if (strcmp(algo, PHP_PASSWORD_BCRYPT) == 0) {
-               int cost = 0;
-               cost = (int) INI_INT("password.bcrypt_cost");
+               int cost = PHP_PASSWORD_BCRYPT_COST;
 
                if (options && zend_symtable_find(options, "cost", 5, (void **) 
&option_buffer) == SUCCESS) {
                        convert_to_long_ex(option_buffer);
diff --git a/ext/standard/php_password.h b/ext/standard/php_password.h
index 81fe41f..338665e 100644
--- a/ext/standard/php_password.h
+++ b/ext/standard/php_password.h
@@ -26,11 +26,12 @@ PHP_FUNCTION(password_verify);
 PHP_FUNCTION(password_make_salt);
 
 PHP_MINIT_FUNCTION(password);
-PHP_MINFO_FUNCTION(password);
 
 #define PHP_PASSWORD_DEFAULT   "2y"
 #define PHP_PASSWORD_BCRYPT    "2y"
 
+#define PHP_PASSWORD_BCRYPT_COST 10
+
 #endif
 
 
diff --git a/ext/standard/tests/password/password_hash.phpt 
b/ext/standard/tests/password/password_hash.phpt
index 2fca8b7..3b6fc09 100644
--- a/ext/standard/tests/password/password_hash.phpt
+++ b/ext/standard/tests/password/password_hash.phpt
@@ -4,9 +4,6 @@ Test normal operation of password_hash()
 <?php
 //-=-=-=-
 
-// Set the cost low so the test is fast
-ini_set('password.bcrypt_cost', '4');
-
 var_dump(strlen(password_hash("foo")));
 
 $hash = password_hash("foo");
@@ -17,17 +14,12 @@ var_dump(password_hash("rasmuslerdorf", PASSWORD_BCRYPT, 
array("cost" => 7, "sal
 
 var_dump(password_hash("test", PASSWORD_BCRYPT, array("salt" => 
"123456789012345678901" . chr(0))));
 
-// test ini parameter to ensure that it updates
-ini_set('password.bcrypt_cost', '5');
-var_dump(password_hash("test", PASSWORD_BCRYPT, array("salt" => 
"123456789012345678901" . chr(0))));
-
-
 echo "OK!";
 ?>
 --EXPECT--
 int(60)
 bool(true)
 string(60) "$2y$07$usesomesillystringfore2uDLvp1Ii2e./U9C8sBjqp8I90dH6hi"
-string(60) "$2y$04$MTIzNDU2Nzg5MDEyMzQ1NekACxf2CF7ipfk/b9FllU9Fs8RcUm5UG"
-string(60) "$2y$05$MTIzNDU2Nzg5MDEyMzQ1NeVt1jFvl6ZQVujUMmcYvue.Mr5oZVQa2"
+string(60) "$2y$10$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100y"
 OK!
+
diff --git a/php.ini-development b/php.ini-development
index 5f1205e..a5a7a4a 100644
--- a/php.ini-development
+++ b/php.ini-development
@@ -1359,15 +1359,6 @@ bcmath.scale = 0
 ; http://php.net/browscap
 ;browscap = extra/browscap.ini
 
-[password]
-; The default cost of a bcrypt hash created using password_hash()
-; Note that this is only the default, and can be overriden by the
-; options argument to password_hash(). Additionally, it only affects
-; newly created hashes. A higher value will make the generated
-; hash more resistent to brute forcing, but will also use more CPU
-; Default: 11
-; password.bcrypt_cost = 11
-
 [Session]
 ; Handler used to store/retrieve data.
 ; http://php.net/session.save-handler
diff --git a/php.ini-production b/php.ini-production
index 927f305..5d8f26e 100644
--- a/php.ini-production
+++ b/php.ini-production
@@ -1359,15 +1359,6 @@ bcmath.scale = 0
 ; http://php.net/browscap
 ;browscap = extra/browscap.ini
 
-[password]
-; The default cost of a bcrypt hash created using password_hash()
-; Note that this is only the default, and can be overriden by the
-; options argument to password_hash(). Additionally, it only affects
-; newly created hashes. A higher value will make the generated
-; hash more resistent to brute forcing, but will also use more CPU
-; Default: 11
-; password.bcrypt_cost = 11
-
 [Session]
 ; Handler used to store/retrieve data.
 ; http://php.net/session.save-handler


--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to