Revert "ext/sodium: pwhash: do not warn on low parameters"

jedisct1 · jedisct1 · commit a1845b7fdb59 · 2017-11-29T01:22:59.000+01:00
This reverts commit c219991.
diff --git a/ext/sodium/libsodium.c b/ext/sodium/libsodium.c
@@ -233,19 +233,6 @@ ZEND_END_ARG_INFO()
 # undef crypto_secretstream_xchacha20poly1305_ABYTES
 #endif
 
-#ifndef crypto_pwhash_OPSLIMIT_MIN
-# define crypto_pwhash_OPSLIMIT_MIN crypto_pwhash_OPSLIMIT_INTERACTIVE
-#endif
-#ifndef crypto_pwhash_MEMLIMIT_MIN
-# define crypto_pwhash_MEMLIMIT_MIN crypto_pwhash_MEMLIMIT_INTERACTIVE
-#endif
-#ifndef crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MIN
-# define crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MIN crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE
-#endif
-#ifndef crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MIN
-# define crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MIN crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE
-#endif
-
 const zend_function_entry sodium_functions[] = {
 	PHP_FE(sodium_crypto_aead_aes256gcm_is_available, AI_None)
 #ifdef HAVE_AESGCM
@@ -1852,12 +1839,12 @@ PHP_FUNCTION(sodium_crypto_pwhash)
 		zend_throw_exception(sodium_exception_ce, "salt should be SODIUM_CRYPTO_PWHASH_SALTBYTES bytes", 0);
 		return;
 	}
-	if (opslimit < crypto_pwhash_OPSLIMIT_MIN) {
-		zend_error(E_ERROR,
-				   "number of operations for the password hashing function is too low");
+	if (opslimit < crypto_pwhash_OPSLIMIT_INTERACTIVE) {
+		zend_error(E_WARNING,
+				   "number of operations for the password hashing function is low");
 	}
-	if (memlimit < crypto_pwhash_MEMLIMIT_MIN) {
-		zend_error(E_ERROR, "maximum memory for the password hashing function is too low");
+	if (memlimit < crypto_pwhash_MEMLIMIT_INTERACTIVE) {
+		zend_error(E_WARNING, "maximum memory for the password hashing function is low");
 	}
 	hash = zend_string_alloc((size_t) hash_len, 0);
 	ret = -1;
@@ -1915,13 +1902,13 @@ PHP_FUNCTION(sodium_crypto_pwhash_str)
 	if (passwd_len <= 0) {
 		zend_error(E_WARNING, "empty password");
 	}
-	if (opslimit < crypto_pwhash_OPSLIMIT_MIN) {
-		zend_error(E_ERROR,
-				   "number of operations for the password hashing function is too low");
+	if (opslimit < crypto_pwhash_OPSLIMIT_INTERACTIVE) {
+		zend_error(E_WARNING,
+				   "number of operations for the password hashing function is low");
 	}
-	if (memlimit < crypto_pwhash_MEMLIMIT_MIN) {
-		zend_error(E_ERROR,
-				   "maximum memory for the password hashing function is too low");
+	if (memlimit < crypto_pwhash_MEMLIMIT_INTERACTIVE) {
+		zend_error(E_WARNING,
+				   "maximum memory for the password hashing function is low");
 	}
 	hash_str = zend_string_alloc(crypto_pwhash_STRBYTES - 1, 0);
 	if (crypto_pwhash_str
@@ -2029,13 +2016,13 @@ PHP_FUNCTION(sodium_crypto_pwhash_scryptsalsa208sha256)
 				   0);
 		return;
 	}
-	if (opslimit < crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE) {
-		zend_error(E_ERROR,
-				   "number of operations for the scrypt function is too low");
+	if (opslimit < crypto_pwhash_scryptsalsa208sha256_opslimit_interactive()) {
+		zend_error(E_WARNING,
+				   "number of operations for the scrypt function is low");
 	}
-	if (memlimit < crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE) {
-		zend_error(E_ERROR,
-				   "maximum memory for the scrypt function is too low");
+	if (memlimit < crypto_pwhash_scryptsalsa208sha256_memlimit_interactive()) {
+		zend_error(E_WARNING,
+				   "maximum memory for the scrypt function is low");
 	}
 	hash = zend_string_alloc((size_t) hash_len, 0);
 	if (crypto_pwhash_scryptsalsa208sha256
@@ -2076,13 +2063,13 @@ PHP_FUNCTION(sodium_crypto_pwhash_scryptsalsa208sha256_str)
 	if (passwd_len <= 0) {
 		zend_error(E_WARNING, "empty password");
 	}
-	if (opslimit < crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE) {
-		zend_error(E_ERROR,
-				   "number of operations for the scrypt function is too low");
+	if (opslimit < crypto_pwhash_scryptsalsa208sha256_opslimit_interactive()) {
+		zend_error(E_WARNING,
+				   "number of operations for the scrypt function is low");
 	}
-	if (memlimit < crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE) {
-		zend_error(E_ERROR,
-				   "maximum memory for the scrypt function is too low");
+	if (memlimit < crypto_pwhash_scryptsalsa208sha256_memlimit_interactive()) {
+		zend_error(E_WARNING,
+				   "maximum memory for the scrypt function is low");
 	}
 	hash_str = zend_string_alloc
 		(crypto_pwhash_scryptsalsa208sha256_STRBYTES - 1, 0);
