ignore values that undershoot the minimum, go with default

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>

1 files changed, 13 insertions, 5 deletions

diff --git a/lib/private/Security/Hasher.php b/lib/private/Security/Hasher.php
index 193c2775b90..5f8529c7828 100644
--- a/lib/private/Security/Hasher.php
+++ b/lib/private/Security/Hasher.php
@@ -63,11 +63,19 @@ class Hasher implements IHasher {
 	public function __construct(IConfig $config) {
 		$this->config = $config;
 
-		$this->options = [
-			'memory_cost' => $this->config->getSystemValueInt('hashingMemoryCost', PASSWORD_ARGON2_DEFAULT_MEMORY_COST),
-			'time_cost' => $this->config->getSystemValueInt('hashingTimeCost', PASSWORD_ARGON2_DEFAULT_TIME_COST),
-			'threads' => $this->config->getSystemValueInt('hashingThreads', PASSWORD_ARGON2_DEFAULT_THREADS),
-		];
+		if (\defined('PASSWORD_ARGON2I')) {
+			// password_hash fails, when the minimum values are undershot.
+			// In this case, ignore and revert to default
+			if ($this->config->getSystemValueInt('hashingMemoryCost', PASSWORD_ARGON2_DEFAULT_MEMORY_COST) >= 8) {
+				$this->options['memory_cost'] = $this->config->getSystemValueInt('hashingMemoryCost', PASSWORD_ARGON2_DEFAULT_MEMORY_COST);
+			}
+			if ($this->config->getSystemValueInt('hashingTimeCost', PASSWORD_ARGON2_DEFAULT_MEMORY_COST) >= 1) {
+				$this->options['time_cost'] = $this->config->getSystemValueInt('hashingTimeCost', PASSWORD_ARGON2_DEFAULT_TIME_COST);
+			}
+			if ($this->config->getSystemValueInt('hashingThreads', PASSWORD_ARGON2_DEFAULT_MEMORY_COST) >= 1) {
+				$this->options['threads'] = $this->config->getSystemValueInt('hashingThreads', PASSWORD_ARGON2_DEFAULT_THREADS);
+			}
+		}
 
 		$hashingCost = $this->config->getSystemValue('hashingCost', null);
 		if(!\is_null($hashingCost)) {