GNUsocial
/
gnu-social
4
0
Fork 1
Code Issues Releases Wiki Activity

[SECURITY] Ensure ARGON2 constants are defined, or throw exception

This commit is contained in:
Hugo Sales 2020-07-27 22:18:23 +00:00 committed by Hugo Sales
parent 7560db4d5f
commit 71db1870db
Signed by: someonewithpc
GPG Key ID: 7D0C7EAFC9D835A0
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/Entity/LocalUser.php
View File

@ -362,11 +362,14 @@ class LocalUser implements UserInterface
case 'bcrypt':
return PASSWORD_BCRYPT;
case 'argon2i':
return PASSWORD_ARGON2I;
case 'argon2d':
return PASSWORD_ARGON2D;
case 'argon2id':
return PASSWORD_ARGON2ID;
$c = 'PASSWORD_' . strtoupper($algo);
if (defined($c)) {
return constant($c);
}
// fallthrough
// no break
default:
throw new Exception('Unsupported or unsafe hashing algorithm requested');
}