diff options
| author | zeripath <art27@cantab.net> | 2020-09-03 19:58:31 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-09-03 14:58:31 -0400 |
| commit | 5c0697ad1ecbd25ff245a93ea5af55c07817249e (patch) | |
| tree | 6b142324939f263e7e0b5eedf240c24d82480bec /modules/setting | |
| parent | 8fa7a4b511e9318a50458488474ff4039a4f826a (diff) | |
| download | gitea-5c0697ad1ecbd25ff245a93ea5af55c07817249e.tar.gz gitea-5c0697ad1ecbd25ff245a93ea5af55c07817249e.zip | |
Use argon as default password hash algorithm (#12688)
* Restrict TLS connections to 1.2 minimum
* Set Argon2 as the default KDF
* Fix user.yml
* Remove TLS minversion changes
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add migration as per @techknowlogick
Signed-off-by: Andrew Thornton <art27@cantab.net>
* set the password algo in the fixtures
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Remove the v148 migration - it needs recreate table to change the defaults
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Nadim Kobeissi <nadim@symbolic.software>
Diffstat (limited to 'modules/setting')
| -rw-r--r-- | modules/setting/setting.go | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/modules/setting/setting.go b/modules/setting/setting.go index ae15f68faa..5b8aefdaa4 100644 --- a/modules/setting/setting.go +++ b/modules/setting/setting.go @@ -819,7 +819,7 @@ func NewContext() { ImportLocalPaths = sec.Key("IMPORT_LOCAL_PATHS").MustBool(false) DisableGitHooks = sec.Key("DISABLE_GIT_HOOKS").MustBool(false) OnlyAllowPushIfGiteaEnvironmentSet = sec.Key("ONLY_ALLOW_PUSH_IF_GITEA_ENVIRONMENT_SET").MustBool(true) - PasswordHashAlgo = sec.Key("PASSWORD_HASH_ALGO").MustString("pbkdf2") + PasswordHashAlgo = sec.Key("PASSWORD_HASH_ALGO").MustString("argon2") CSRFCookieHTTPOnly = sec.Key("CSRF_COOKIE_HTTP_ONLY").MustBool(true) InternalToken = loadInternalToken(sec) |