Commit ae77343d authored by Ondřej Kuzník's avatar Ondřej Kuzník
Browse files

ITS#9520 Refuse parallelism if not compiled with libargon2

parent 8b353df0
Pipeline #2528 passed with stage
in 46 minutes and 17 seconds
......@@ -39,7 +39,8 @@ kiB.
.BI p= <parallelism>
Set parallelism to
.I <parallelism>
threads.
threads. Currently supported only when linked with
.BR libargon2 .
.TP
.BI t= <iterations>
Set the number of iterations to
......
......@@ -20,6 +20,8 @@
#include "lber_pvt.h"
#include "lutil.h"
#include "slap.h"
#include <stdint.h>
#include <stdlib.h>
......@@ -216,6 +218,22 @@ int init_module( int argc, char *argv[] )
}
}
#ifndef HAVE_LIBARGON2
/* At the moment, we can only use libargon2 to set parallelism for new
* hashes */
if ( parallelism != SLAPD_ARGON2_PARALLELISM ) {
Debug( LDAP_DEBUG_ANY, "pw-argon2: "
"non-default parallelism only supported when linked with "
"libargon2, got p=%lu\n",
parallelism );
if ( (slapMode & SLAP_MODE) != SLAP_TOOL_MODE ||
slapTool == SLAPPASSWD || slapTool == SLAPTEST ) {
return 1;
}
}
#endif
return lutil_passwd_add( (struct berval *)&slapd_argon2_scheme,
slapd_argon2_verify, slapd_argon2_hash );
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment