davrot/forgejo_backup
1
0
Fork 0
mirror of https://codeberg.org/davrot/forgejo.git synced 2025-05-18 17:00:02 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Use argon as default password hash algorithm (#12688)

Browse source 
* Restrict TLS connections to 1.2 minimum

* Set Argon2 as the default KDF

* Fix user.yml

* Remove TLS minversion changes

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add migration as per @techknowlogick

Signed-off-by: Andrew Thornton <art27@cantab.net>

* set the password algo in the fixtures

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove the v148 migration - it needs recreate table to change the defaults

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Nadim Kobeissi <nadim@symbolic.software>
This commit is contained in:
zeripath 2020-09-03 19:58:31 +01:00 committed by GitHub
parent 8fa7a4b511
commit 5c0697ad1e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 64 additions and 35 deletions
Download patch file Download diff file Expand all files Collapse all files

2
models/user_test.go
View file

@ -239,7 +239,7 @@ func TestHashPasswordDeterministic(t *testing.T) {
b := make([]byte, 16)
rand.Read(b)
u := &User{Salt: string(b)}
algos := []string{"pbkdf2", "argon2", "scrypt", "bcrypt"}
algos := []string{"argon2", "pbkdf2", "scrypt", "bcrypt"}
for j := 0; j < len(algos); j++ {
u.PasswdHashAlgo = algos[j]
for i := 0; i < 50; i++ {