From 232da90388de2a3ba4ad430d281469498e88aca2 Mon Sep 17 00:00:00 2001
From: Anthony Ferrara <ircmaxell@ircmaxell.com>
Date: Tue, 26 Jun 2012 21:15:56 -0400
Subject: [PATCH] Implement php.ini setting password.bcrypt_cost

---
 ext/standard/basic_functions.c |  1 +
 ext/standard/password.c        | 25 +++++++++++++++++++------
 ext/standard/php_password.h    |  4 +---
 main/main.c                    |  2 ++
 php.ini-development            |  9 +++++++++
 php.ini-production             |  9 +++++++++
 6 files changed, 41 insertions(+), 9 deletions(-)

diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c
index 9e35a5e020..5dc86ab097 100644
--- a/ext/standard/basic_functions.c
+++ b/ext/standard/basic_functions.c
@@ -3846,6 +3846,7 @@ PHP_MINFO_FUNCTION(basic) /* {{{ */
 	php_info_print_table_start();
 	BASIC_MINFO_SUBMODULE(dl)
 	BASIC_MINFO_SUBMODULE(mail)
+	BASIC_MINFO_SUBMODULE(password)
 	php_info_print_table_end();
 	BASIC_MINFO_SUBMODULE(assert)
 }
diff --git a/ext/standard/password.c b/ext/standard/password.c
index f049fbcbf1..94aa4dc3e3 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -43,6 +43,11 @@ PHP_MINIT_FUNCTION(password) /* {{{ */
 }
 /* }}} */
 
+PHP_MINFO_FUNCTION(password) /* {{{ */
+{
+	php_info_print_table_row(2, "Default Password BCrypt Cost", INI_STR("password.bcrypt_cost"));
+}
+/* }}} */
 
 static int php_password_salt_is_alphabet(const char *str, const int len)
 {
@@ -169,7 +174,11 @@ PHP_FUNCTION(password_verify)
 		zval_ptr_dtor(&ret);
 		RETURN_FALSE;
 	}
-
+	
+	/* We're using this method instead of == in order to provide
+	 * resistence towards timing attacks. This is a constant time
+	 * equality check that will always check every byte of both
+	 * values. */
 	for (i = 0; i < Z_STRLEN_P(ret); i++) {
 		status |= (Z_STRVAL_P(ret)[i] ^ Z_STRVAL_P(hash)[i]);
 	}
@@ -231,16 +240,20 @@ PHP_FUNCTION(password_hash)
         }
 
         if (strcmp(algo, PHP_PASSWORD_BCRYPT) == 0) {
-		int cost = PHP_PASSWORD_BCRYPT_DEFAULT_COST;
+		int cost = 0;
+		cost = (int) INI_INT("password.bcrypt_cost");
+
 		if (options && zend_symtable_find(options, "cost", 5, (void **) &option_buffer) == SUCCESS) {
 			convert_to_long_ex(option_buffer);
 			cost = Z_LVAL_PP(option_buffer);
 			zval_ptr_dtor(option_buffer);
-			if (cost < 4 || cost > 31) {
-				php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid bcrypt cost parameter specified: %d", cost);
-        		        RETURN_FALSE;
-			}
 		}
+
+		if (cost < 4 || cost > 31) {
+			php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid bcrypt cost parameter specified: %d", cost);
+        	        RETURN_FALSE;
+		}
+		
                 required_salt_len = 22;
 		hash_format = emalloc(8);
 		sprintf(hash_format, "$2y$%02d$", cost);
diff --git a/ext/standard/php_password.h b/ext/standard/php_password.h
index 830d31ce64..81fe41f529 100644
--- a/ext/standard/php_password.h
+++ b/ext/standard/php_password.h
@@ -26,13 +26,11 @@ PHP_FUNCTION(password_verify);
 PHP_FUNCTION(password_make_salt);
 
 PHP_MINIT_FUNCTION(password);
+PHP_MINFO_FUNCTION(password);
 
 #define PHP_PASSWORD_DEFAULT	"2y"
 #define PHP_PASSWORD_BCRYPT	"2y"
 
-#define PHP_PASSWORD_BCRYPT_DEFAULT_COST 12;
-
-
 #endif
 
 
diff --git a/main/main.c b/main/main.c
index cc04b1317e..e52c32c57d 100644
--- a/main/main.c
+++ b/main/main.c
@@ -540,6 +540,8 @@ PHP_INI_BEGIN()
 	STD_PHP_INI_ENTRY("error_append_string",	NULL,		PHP_INI_ALL,		OnUpdateString,			error_append_string,	php_core_globals,	core_globals)
 	STD_PHP_INI_ENTRY("error_prepend_string",	NULL,		PHP_INI_ALL,		OnUpdateString,			error_prepend_string,	php_core_globals,	core_globals)
 
+	PHP_INI_ENTRY("password.bcrypt_cost",				"11",		PHP_INI_ALL,		NULL)
+
 	PHP_INI_ENTRY("SMTP",						"localhost",PHP_INI_ALL,		NULL)
 	PHP_INI_ENTRY("smtp_port",					"25",		PHP_INI_ALL,		NULL)
 	STD_PHP_INI_BOOLEAN("mail.add_x_header",			"0",		PHP_INI_SYSTEM|PHP_INI_PERDIR,		OnUpdateBool,			mail_x_header,			php_core_globals,	core_globals)
diff --git a/php.ini-development b/php.ini-development
index a5a7a4a81f..5f1205e6a1 100644
--- a/php.ini-development
+++ b/php.ini-development
@@ -1359,6 +1359,15 @@ bcmath.scale = 0
 ; http://php.net/browscap
 ;browscap = extra/browscap.ini
 
+[password]
+; The default cost of a bcrypt hash created using password_hash()
+; Note that this is only the default, and can be overriden by the
+; options argument to password_hash(). Additionally, it only affects
+; newly created hashes. A higher value will make the generated
+; hash more resistent to brute forcing, but will also use more CPU
+; Default: 11
+; password.bcrypt_cost = 11
+
 [Session]
 ; Handler used to store/retrieve data.
 ; http://php.net/session.save-handler
diff --git a/php.ini-production b/php.ini-production
index 5d8f26e0fd..927f305cde 100644
--- a/php.ini-production
+++ b/php.ini-production
@@ -1359,6 +1359,15 @@ bcmath.scale = 0
 ; http://php.net/browscap
 ;browscap = extra/browscap.ini
 
+[password]
+; The default cost of a bcrypt hash created using password_hash()
+; Note that this is only the default, and can be overriden by the
+; options argument to password_hash(). Additionally, it only affects
+; newly created hashes. A higher value will make the generated
+; hash more resistent to brute forcing, but will also use more CPU
+; Default: 11
+; password.bcrypt_cost = 11
+
 [Session]
 ; Handler used to store/retrieve data.
 ; http://php.net/session.save-handler
-- 
2.40.0