Mirrors/roundcubemail
2
0
Fork 0
mirror of https://github.com/roundcube/roundcubemail.git synced 2026-03-07 00:26:48 +01:00
Code Issues Packages Projects Releases Wiki Activity

Password: Remove password_blowfish_cost option, in favor of password_algorithm_options

Browse Source
This commit is contained in:
Aleksander Machniak
2021-09-25 15:35:29 +02:00
parent 53801e5fdc
commit ed4dc2139d
2 changed files with 2 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
plugins/password/config.inc.php.dist
View File

@@ -52,6 +52,7 @@ $config['password_algorithm'] = 'clear';
// Additional options for password hashing function(s).
// For password_hash()-based passwords see https://www.php.net/manual/en/function.password-hash.php
// It can be used to set the Blowfish algorithm cost, e.g. ['cost' => 12]
$config['password_algorithm_options'] = [];
// Password prefix (e.g. {CRYPT}, {SHA}) for passwords generated
@@ -71,11 +72,6 @@ $config['password_dovecotpw_method'] = 'CRAM-MD5';
// when using password_algorithm=dovecot
$config['password_dovecotpw_with_method'] = false;
// Iteration count parameter for Blowfish-based hashing algo.
// It must be between 4 and 31. Default: 12.
// Be aware, the higher the value, the longer it takes to generate the password hashes.
$config['password_blowfish_cost'] = 12;
// Number of rounds for the sha256 and sha512 crypt hashing algorithms.
// Must be at least 1000. If not set, then the number of rounds is left up
// to the crypt() implementation. On glibc this defaults to 5000.