summaryrefslogtreecommitdiffstats
path: root/php-upstream.patch
diff options
context:
space:
mode:
Diffstat (limited to 'php-upstream.patch')
-rw-r--r--php-upstream.patch266
1 files changed, 0 insertions, 266 deletions
diff --git a/php-upstream.patch b/php-upstream.patch
deleted file mode 100644
index 1984dd9..0000000
--- a/php-upstream.patch
+++ /dev/null
@@ -1,266 +0,0 @@
-From f65956e4fb4dc15ba8129e69b13a2cd758e85f46 Mon Sep 17 00:00:00 2001
-From: Sara Golemon <pollita@php.net>
-Date: Tue, 9 Jul 2019 11:18:13 -0400
-Subject: [PATCH] Relax argon2 mem_cost down to 64k, bump time_cost to 4
-
----
- ext/sodium/sodium_pwhash.c | 5 ++---
- .../tests/php_password_hash_argon2i.phpt | 18 +++++++++---------
- .../tests/php_password_hash_argon2id.phpt | 19 ++++++++++---------
- ext/standard/php_password.h | 7 ++-----
- .../password_needs_rehash_argon2.phpt | 14 +++++---------
- 5 files changed, 28 insertions(+), 35 deletions(-)
-
-diff --git a/ext/sodium/sodium_pwhash.c b/ext/sodium/sodium_pwhash.c
-index d615a24ab6e2..7b7f574e173a 100644
---- a/ext/sodium/sodium_pwhash.c
-+++ b/ext/sodium/sodium_pwhash.c
-@@ -29,7 +29,6 @@
- #if SODIUM_LIBRARY_VERSION_MAJOR > 9 || (SODIUM_LIBRARY_VERSION_MAJOR == 9 && SODIUM_LIBRARY_VERSION_MINOR >= 6)
-
- /**
-- * OPSLIMIT and MEMLIMIT are taken from libsodium's MODERATE values.
- * MEMLIMIT is normalized to KB even though sodium uses Bytes in order to
- * present a consistent user-facing API.
- *
-@@ -37,8 +36,8 @@
- *
- * When updating these values, synchronize ext/standard/php_password.h values.
- */
--#define PHP_SODIUM_PWHASH_MEMLIMIT (256 << 10)
--#define PHP_SODIUM_PWHASH_OPSLIMIT 3
-+#define PHP_SODIUM_PWHASH_MEMLIMIT (64 << 10)
-+#define PHP_SODIUM_PWHASH_OPSLIMIT 4
- #define PHP_SODIUM_PWHASH_THREADS 1
-
- static zend_string *php_sodium_argon2_hash(const zend_string *password, zend_array *options, int alg) {
-diff --git a/ext/sodium/tests/php_password_hash_argon2i.phpt b/ext/sodium/tests/php_password_hash_argon2i.phpt
-index 9ce6c7399eee..4522e6d1753a 100644
---- a/ext/sodium/tests/php_password_hash_argon2i.phpt
-+++ b/ext/sodium/tests/php_password_hash_argon2i.phpt
-@@ -36,38 +36,38 @@ foreach([1, 2, 4] as $mem) {
- --EXPECTF--
- Argon2 provider: string(%d) "%s"
- Using password: string(44) "%s"
--Hash: string(97) "$argon2i$v=19$m=262144,t=3,p=1$%s$%s"
-+Hash: string(96) "$argon2i$v=19$m=65536,t=4,p=1$%s$%s"
- bool(true)
- bool(false)
- Using password: string(44) "%s"
--Hash: string(97) "$argon2i$v=19$m=262144,t=6,p=1$%s$%s"
-+Hash: string(96) "$argon2i$v=19$m=65536,t=8,p=1$%s$%s"
- bool(true)
- bool(false)
- Using password: string(44) "%s"
--Hash: string(98) "$argon2i$v=19$m=262144,t=12,p=1$%s$%s"
-+Hash: string(97) "$argon2i$v=19$m=65536,t=16,p=1$%s$%s"
- bool(true)
- bool(false)
- Using password: string(44) "%s"
--Hash: string(97) "$argon2i$v=19$m=524288,t=3,p=1$%s$%s"
-+Hash: string(97) "$argon2i$v=19$m=131072,t=4,p=1$%s$%s"
- bool(true)
- bool(false)
- Using password: string(44) "%s"
--Hash: string(97) "$argon2i$v=19$m=524288,t=6,p=1$%s$%s"
-+Hash: string(97) "$argon2i$v=19$m=131072,t=8,p=1$%s$%s"
- bool(true)
- bool(false)
- Using password: string(44) "%s"
--Hash: string(98) "$argon2i$v=19$m=524288,t=12,p=1$%s$%s"
-+Hash: string(98) "$argon2i$v=19$m=131072,t=16,p=1$%s$%s"
- bool(true)
- bool(false)
- Using password: string(44) "%s"
--Hash: string(98) "$argon2i$v=19$m=1048576,t=3,p=1$%s$%s"
-+Hash: string(97) "$argon2i$v=19$m=262144,t=4,p=1$%s$%s"
- bool(true)
- bool(false)
- Using password: string(44) "%s"
--Hash: string(98) "$argon2i$v=19$m=1048576,t=6,p=1$%s$%s"
-+Hash: string(97) "$argon2i$v=19$m=262144,t=8,p=1$%s$%s"
- bool(true)
- bool(false)
- Using password: string(44) "%s"
--Hash: string(99) "$argon2i$v=19$m=1048576,t=12,p=1$%s$%s"
-+Hash: string(98) "$argon2i$v=19$m=262144,t=16,p=1$%s$%s"
- bool(true)
- bool(false)
-diff --git a/ext/sodium/tests/php_password_hash_argon2id.phpt b/ext/sodium/tests/php_password_hash_argon2id.phpt
-index e6d4c1ee80a9..db5145718b8f 100644
---- a/ext/sodium/tests/php_password_hash_argon2id.phpt
-+++ b/ext/sodium/tests/php_password_hash_argon2id.phpt
-@@ -36,38 +36,39 @@ foreach([1, 2, 4] as $mem) {
- --EXPECTF--
- Argon2 provider: string(%d) "%s"
- Using password: string(44) "%s"
--Hash: string(98) "$argon2id$v=19$m=262144,t=3,p=1$%s$%s"
-+Hash: string(97) "$argon2id$v=19$m=65536,t=4,p=1$%s$%s"
- bool(true)
- bool(false)
- Using password: string(44) "%s"
--Hash: string(98) "$argon2id$v=19$m=262144,t=6,p=1$%s$%s"
-+Hash: string(97) "$argon2id$v=19$m=65536,t=8,p=1$%s$%s"
- bool(true)
- bool(false)
- Using password: string(44) "%s"
--Hash: string(99) "$argon2id$v=19$m=262144,t=12,p=1$%s$%s"
-+Hash: string(98) "$argon2id$v=19$m=65536,t=16,p=1$%s$%s"
- bool(true)
- bool(false)
- Using password: string(44) "%s"
--Hash: string(98) "$argon2id$v=19$m=524288,t=3,p=1$%s$%s"
-+Hash: string(98) "$argon2id$v=19$m=131072,t=4,p=1$%s$%s"
- bool(true)
- bool(false)
- Using password: string(44) "%s"
--Hash: string(98) "$argon2id$v=19$m=524288,t=6,p=1$%s$%s"
-+Hash: string(98) "$argon2id$v=19$m=131072,t=8,p=1$%s$%s"
- bool(true)
- bool(false)
- Using password: string(44) "%s"
--Hash: string(99) "$argon2id$v=19$m=524288,t=12,p=1$%s$%s"
-+Hash: string(99) "$argon2id$v=19$m=131072,t=16,p=1$%s$%s"
- bool(true)
- bool(false)
- Using password: string(44) "%s"
--Hash: string(99) "$argon2id$v=19$m=1048576,t=3,p=1$%s$%s"
-+Hash: string(98) "$argon2id$v=19$m=262144,t=4,p=1$%s$%s"
- bool(true)
- bool(false)
- Using password: string(44) "%s"
--Hash: string(99) "$argon2id$v=19$m=1048576,t=6,p=1$%s$%s"
-+Hash: string(98) "$argon2id$v=19$m=262144,t=8,p=1$%s$%s"
- bool(true)
- bool(false)
- Using password: string(44) "%s"
--Hash: string(100) "$argon2id$v=19$m=1048576,t=12,p=1$%s$%s"
-+Hash: string(99) "$argon2id$v=19$m=262144,t=16,p=1$%s$%s"
- bool(true)
- bool(false)
-+
-diff --git a/ext/standard/php_password.h b/ext/standard/php_password.h
-index ce3fdba6bbc4..97a6bf63a21e 100644
---- a/ext/standard/php_password.h
-+++ b/ext/standard/php_password.h
-@@ -34,14 +34,11 @@ PHP_MSHUTDOWN_FUNCTION(password);
-
- #if HAVE_ARGON2LIB
- /**
-- * OPSLIMIT and MEMLIMIT are taken from libsodium's MODERATE values.
-- * Threads are fixed at 1 by libsodium.
-- *
- * When updating these values, synchronize ext/sodium/sodium_pwhash.c values.
- * Note that libargon expresses memlimit in KB, while libsoidum uses bytes.
- */
--#define PHP_PASSWORD_ARGON2_MEMORY_COST (256 << 10)
--#define PHP_PASSWORD_ARGON2_TIME_COST 3
-+#define PHP_PASSWORD_ARGON2_MEMORY_COST (64 << 10)
-+#define PHP_PASSWORD_ARGON2_TIME_COST 4
- #define PHP_PASSWORD_ARGON2_THREADS 1
- #endif
-
-diff --git a/ext/standard/tests/password/password_needs_rehash_argon2.phpt b/ext/standard/tests/password/password_needs_rehash_argon2.phpt
-index 9552be1dc924..69588d02ad4a 100644
---- a/ext/standard/tests/password/password_needs_rehash_argon2.phpt
-+++ b/ext/standard/tests/password/password_needs_rehash_argon2.phpt
-@@ -10,24 +10,20 @@ if (!defined('PASSWORD_ARGON2ID')) die('skip password_hash not built with Argon2
-
- $hash = password_hash('test', PASSWORD_ARGON2I);
- var_dump(password_needs_rehash($hash, PASSWORD_ARGON2I));
--var_dump(password_needs_rehash($hash, PASSWORD_ARGON2I, ['memory_cost' => 1<<17]));
--var_dump(password_needs_rehash($hash, PASSWORD_ARGON2I, ['time_cost' => 4]));
--var_dump(password_needs_rehash($hash, PASSWORD_ARGON2I, ['threads' => 4]));
-+var_dump(password_needs_rehash($hash, PASSWORD_ARGON2I, ['memory_cost' => PASSWORD_ARGON2_DEFAULT_MEMORY_COST * 2]));
-+var_dump(password_needs_rehash($hash, PASSWORD_ARGON2I, ['time_cost' => PASSWORD_ARGON2_DEFAULT_TIME_COST + 1]));
-
- $hash = password_hash('test', PASSWORD_ARGON2ID);
- var_dump(password_needs_rehash($hash, PASSWORD_ARGON2ID));
--var_dump(password_needs_rehash($hash, PASSWORD_ARGON2ID, ['memory_cost' => 1<<17]));
--var_dump(password_needs_rehash($hash, PASSWORD_ARGON2ID, ['time_cost' => 4]));
--var_dump(password_needs_rehash($hash, PASSWORD_ARGON2ID, ['threads' => 4]));
-+var_dump(password_needs_rehash($hash, PASSWORD_ARGON2ID, ['memory_cost' => PASSWORD_ARGON2_DEFAULT_MEMORY_COST * 2]));
-+var_dump(password_needs_rehash($hash, PASSWORD_ARGON2ID, ['time_cost' => PASSWORD_ARGON2_DEFAULT_TIME_COST + 1]));
-+
- echo "OK!";
--?>
- --EXPECT--
- bool(false)
- bool(true)
- bool(true)
--bool(true)
- bool(false)
- bool(true)
- bool(true)
--bool(true)
- OK!
-From db0eaa8cf1cbeeec5968a5f91a416541d354ccfe Mon Sep 17 00:00:00 2001
-From: Remi Collet <remi@php.net>
-Date: Wed, 10 Jul 2019 09:00:41 +0200
-Subject: [PATCH] improve libargon2/libsodium compatibility
-
----
- ext/standard/password.c | 15 +++++++++++++++
- ext/standard/tests/password/bug75221.phpt | 2 +-
- .../password/password_hash_error_argon2.phpt | 4 ++--
- 3 files changed, 18 insertions(+), 3 deletions(-)
-
-diff --git a/ext/standard/password.c b/ext/standard/password.c
-index aacb30e61cb7..a12590c0e083 100644
---- a/ext/standard/password.c
-+++ b/ext/standard/password.c
-@@ -571,6 +571,21 @@ static const php_password_algo* php_password_algo_find_zval_ex(zval *arg, const
- #if HAVE_ARGON2LIB
- case 2: return &php_password_algo_argon2i;
- case 3: return &php_password_algo_argon2id;
-+#else
-+ case 2:
-+ {
-+ zend_string *n = zend_string_init("argon2i", sizeof("argon2i")-1, 0);
-+ const php_password_algo* ret = php_password_algo_find(n);
-+ zend_string_release(n);
-+ return ret;
-+ }
-+ case 3:
-+ {
-+ zend_string *n = zend_string_init("argon2id", sizeof("argon2id")-1, 0);
-+ const php_password_algo* ret = php_password_algo_find(n);
-+ zend_string_release(n);
-+ return ret;
-+ }
- #endif
- }
- return NULL;
-diff --git a/ext/standard/tests/password/bug75221.phpt b/ext/standard/tests/password/bug75221.phpt
-index ec03f92ea6cd..bd6e386a164e 100644
---- a/ext/standard/tests/password/bug75221.phpt
-+++ b/ext/standard/tests/password/bug75221.phpt
-@@ -9,7 +9,7 @@ if (!defined('PASSWORD_ARGON2I')) die('skip password_hash not built with Argon2'
- $hash = password_hash(
- "php",
- PASSWORD_ARGON2I,
-- ['memory_cost' => 16384, 'time_cost' => 2, 'threads' => 4]
-+ ['memory_cost' => 64 << 10, 'time_cost' => 4, 'threads' => 1]
- );
- var_dump(substr($hash, -1, 1) !== "\0");
- ?>
-diff --git a/ext/standard/tests/password/password_hash_error_argon2.phpt b/ext/standard/tests/password/password_hash_error_argon2.phpt
-index 070d61656ab1..2ea6b93627c0 100644
---- a/ext/standard/tests/password/password_hash_error_argon2.phpt
-+++ b/ext/standard/tests/password/password_hash_error_argon2.phpt
-@@ -21,7 +21,7 @@ NULL
- Warning: password_hash(): Time cost is outside of allowed time range in %s on line %d
- NULL
-
--Warning: password_hash(): Invalid number of threads in %s on line %d
-+Warning: password_hash(): %sthread%s
- NULL
-
- Warning: password_hash(): Memory cost is outside of allowed memory range in %s on line %d
-@@ -30,5 +30,5 @@ NULL
- Warning: password_hash(): Time cost is outside of allowed time range in %s on line %d
- NULL
-
--Warning: password_hash(): Invalid number of threads in %s on line %d
-+Warning: password_hash(): %sthread%s
- NULL