[feature/passwords] Define default hashing algorithm in container file

The default hashing algorithm type is defined as a parameter in the service definition file for the password hashing system. This will allow us to change this in the future but it will also prevent unexperienced admins from changing the hashing algorithm. PHPBB3-11610
2025-06-28 14:18:52 +00:00 · 2013-08-22 19:21:42 -05:00 · 2013-08-22 19:21:42 -05:00 · 8b9370c6a9
commit 8b9370c6a9
parent 58755c4972
4 changed files with 15 additions and 10 deletions
--- a/phpBB/config/crypto.yml
+++ b/phpBB/config/crypto.yml
@ -1,3 +1,6 @@
+parameters:
+    password_hashing.algorithm: crypto.driver.bcrypt_2y
+
 services:
    crypto.driver.bcrypt:
        class: phpbb_crypto_driver_bcrypt
@ -41,3 +44,11 @@ services:
            - @service_container
        tags:
            - { name: service_collection, tag: crypto.driver }
+
+    crypto.manager:
+        class: phpbb_crypto_manager
+        arguments:
+            - @config
+            - @service_container
+            - @crypto.driver_collection
+            - %password_hashing.algorithm%
--- a/phpBB/config/services.yml
+++ b/phpBB/config/services.yml
@ -122,13 +122,6 @@ services:
            - @config
            - @dbal.conn

-    crypto.manager:
-        class: phpbb_crypto_manager
-        arguments:
-            - @config
-            - @service_container
-            - @crypto.driver_collection
-
    dispatcher:
        class: phpbb_event_dispatcher
        arguments:
--- a/phpBB/phpbb/crypto/manager.php
+++ b/phpBB/phpbb/crypto/manager.php
@ -58,11 +58,11 @@ class phpbb_crypto_manager
 	*
 	* @param phpbb_config $config phpBB configuration
 	*/
-	public function __construct($config, $container, $hashing_algorithms)
+	public function __construct($config, $container, $hashing_algorithms, $default)
 	{
 		$this->config = $config;
 		$this->container = $container;
-		$this->type = 'crypto.driver.bcrypt_2y'; // might want to make this flexible
+		$this->type = $default;

 		$this->fill_type_map($hashing_algorithms);
 		$this->load_crypto_helper();
--- a/tests/crypto/manager_test.php
+++ b/tests/crypto/manager_test.php
@ -41,11 +41,12 @@ class phpbb_crypto_manager_test extends PHPUnit_Framework_TestCase

 		foreach ($this->crypto_drivers as $key => $driver)
 		{
+			$driver->set_name($key);
 			$this->phpbb_container->set($key, $driver);
 		}

 		// Set up avatar manager
-		$this->manager = new phpbb_crypto_manager($config, $this->phpbb_container, $this->crypto_drivers);
+		$this->manager = new phpbb_crypto_manager($config, $this->phpbb_container, $this->crypto_drivers, 'crypto.driver.bcrypt_2y');
 	}

 	public function hash_password_data()