Compatibility with libargon2 versions 20161029 and 20160821 #2582
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Information
libargon2 20161029 introduces the
type
parameter to theargon2_encodedlen
function that is not present in 20160821.This change is a preemptive patch against the Argon2 functionality introduced in #1997 to ensure compatibility with both versions.
With the release of Debian Stretch today, it seems like 20160821 is what is being packaged (see https://packages.debian.org/stretch/mips/libs/libargon2-0), however other distributions may package 20161029. Additionally end users may download the latest libargon2 20161029 and compile against it directly instead of using the one provided by their OS.
This patch does not introduce any new functionality into PHP.
Technical Details
A check against the
argon2id_hash_raw
function is used as theArgon2_version
enum in the lib wasn't bumped in P-H-C/phc-winner-argon2@2016082...2016102#diff-7d1c36b407eae6a25b79dad261dd5c6eL212 andlibargon2
doesn't expose any way to detect the build versioning string.On Linux, all tests pass against both 20161029 and 20160821 . I can verify the config.win32 updates work on Windows, however I'm seeing linkage issues against
zendparse
in VS2017 using the latest php-sdk and windows build instructions. As I'm seeing this issue against the base deps as well I don't think this is an issue with this patch.If desired, the argon2 library in PHP-SDK deps can be bumped to 20161029 with this patch.
Discussion Topics
I don't believe this necessitates an RFC or a larger mailing list discussion, however I'll open one up if there are concerns. If I need to file a separate bug report to reference this against this let me know.
Please advise if the config.win32 feature check can be improved upon.
Thanks