Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Blocker
Fix Version/s: 3.3.5
Affects Version/s: 3.3.4
Component/s: Authentication
Labels:
None

In phpbb/passwords/driver/argon21.php, line 47:

$this->threads     = (defined('PASSWORD_ARGON2_PROVIDER') && PASSWORD_ARGON2_PROVIDER == 'sodium') ? $this->threads     = (defined('PASSWORD_ARGON2_PROVIDER') && PASSWORD_ARGON2_PROVIDER == 'sodium') ? PASSWORD_ARGON2_DEFAULT_THREADS : max($threads, defined('PASSWORD_ARGON2_DEFAULT_THREADS') ? PASSWORD_ARGON2_DEFAULT_THREADS : 1);

This is a problem because:

PASSWORD_ARGON2_DEFAULT_THREADS (int)

Default number of threads that Argon2lib will use. Not available with libsodium implementation.

I think the solution is to default to 1 thread when

PASSWORD_ARGON2_PROVIDER == 'sodium'

Otherwise,

[phpBB Debug] PHP Warning: in file [ROOT]/phpbb/passwords/driver/base_native.php on line 57: password_hash(): Threading failure

is related to

PHPBB-16266 Error on clean install with PHP 7.4

Closed

PHPBB-16342 Update Argon2 hashing costs

Unverified Fix

Assignee:: Marc

Reporter:: Yuriy Rusko

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 18/Sep/21 4:59 AM

Updated:: 20/Sep/21 9:28 AM

Resolved:: 20/Sep/21 9:27 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates