Make number of PBKDF2 iterations used for deriving session secret configurable
The intent is both to allow the number of iterations to be dialed up (either as
computational power increases, or on the basis of security needs) and dialed
down for the unit tests, where hash_pbkdf2() calls account for 15-40% of wall
time. The number of iterations is stored in the session, so changing the number
of iterations does not cause existing sessions to become invalid or corrupt.
Sessions that do not have wsSessionPbkdf2Iterations set (i.e., sessions which
precede this change) are transparently upgraded.
Change-Id: I084a97487ef4147eea0f0ce0cdf4b39ca569ef52
dépôts / lhc / web / wiklou.git / commit