-
Notifications
You must be signed in to change notification settings - Fork 24.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Configurable password hashing algorithm/cost #31234
Merged
Merged
Commits on Jun 10, 2018
-
Make password hashing algorithm/cost configurable
for the stored passwords of users for the realms that this applies (native, reserved). Replaces predefined choice of bcrypt with cost factor 10. This also introduces PBKDF2 with configurable cost (number of iterations) as an algorithm option for password hashing both for storing passwords and for the user cache.
Configuration menu - View commit details
-
Copy full SHA for a02c3dd - Browse repository at this point
Copy the full SHA a02c3ddView commit details -
Configuration menu - View commit details
-
Copy full SHA for feafc97 - Browse repository at this point
Copy the full SHA feafc97View commit details -
Configuration menu - View commit details
-
Copy full SHA for ac10583 - Browse repository at this point
Copy the full SHA ac10583View commit details -
Configuration menu - View commit details
-
Copy full SHA for 99a7f1c - Browse repository at this point
Copy the full SHA 99a7f1cView commit details -
Configuration menu - View commit details
-
Copy full SHA for f97d866 - Browse repository at this point
Copy the full SHA f97d866View commit details
Commits on Jun 13, 2018
-
Configuration menu - View commit details
-
Copy full SHA for 3625713 - Browse repository at this point
Copy the full SHA 3625713View commit details
Commits on Jun 14, 2018
-
- Password hashes validation algorighm selection takes into consideration the stored hash prefix instead of the relevant x-pack security settting. - Removes explicit cost factor setting - Whitelists a number of algorithn+cost options for brypt and pbkdf2 - Removes HasherFactory in favor of an ENUM with singletons
Configuration menu - View commit details
-
Copy full SHA for 3635c11 - Browse repository at this point
Copy the full SHA 3635c11View commit details -
Configuration menu - View commit details
-
Copy full SHA for ede105f - Browse repository at this point
Copy the full SHA ede105fView commit details -
Configuration menu - View commit details
-
Copy full SHA for 5577013 - Browse repository at this point
Copy the full SHA 5577013View commit details -
Remove unecessary setting constructor
Provide sane default while calling resolve() instead
Configuration menu - View commit details
-
Copy full SHA for 3ef1ea1 - Browse repository at this point
Copy the full SHA 3ef1ea1View commit details -
Configuration menu - View commit details
-
Copy full SHA for 47f911f - Browse repository at this point
Copy the full SHA 47f911fView commit details -
Configuration menu - View commit details
-
Copy full SHA for 4fad6cf - Browse repository at this point
Copy the full SHA 4fad6cfView commit details
Commits on Jun 15, 2018
-
Configuration menu - View commit details
-
Copy full SHA for 51ee743 - Browse repository at this point
Copy the full SHA 51ee743View commit details -
Configuration menu - View commit details
-
Copy full SHA for 3305765 - Browse repository at this point
Copy the full SHA 3305765View commit details -
Configuration menu - View commit details
-
Copy full SHA for 6d28ef0 - Browse repository at this point
Copy the full SHA 6d28ef0View commit details -
Configuration menu - View commit details
-
Copy full SHA for ef3dc4c - Browse repository at this point
Copy the full SHA ef3dc4cView commit details
Commits on Jun 17, 2018
-
Configuration menu - View commit details
-
Copy full SHA for 038bc6a - Browse repository at this point
Copy the full SHA 038bc6aView commit details
Commits on Jun 18, 2018
-
Configuration menu - View commit details
-
Copy full SHA for 0ab9cb0 - Browse repository at this point
Copy the full SHA 0ab9cb0View commit details
Commits on Jun 19, 2018
-
Configuration menu - View commit details
-
Copy full SHA for 5e537fe - Browse repository at this point
Copy the full SHA 5e537feView commit details -
Configuration menu - View commit details
-
Copy full SHA for 44949ca - Browse repository at this point
Copy the full SHA 44949caView commit details
Commits on Jun 25, 2018
-
- Remove SaltProvider and replace it with a private method using SecureRandom - Refrain from creating String objects with the hash value during verification - Add javadocs where appropriate - Replace Setting constructor check with a bootstrap check for available and allowed password hashing algorithms
Configuration menu - View commit details
-
Copy full SHA for 15cbf2d - Browse repository at this point
Copy the full SHA 15cbf2dView commit details -
Configuration menu - View commit details
-
Copy full SHA for 17d4028 - Browse repository at this point
Copy the full SHA 17d4028View commit details -
Configuration menu - View commit details
-
Copy full SHA for e2f429a - Browse repository at this point
Copy the full SHA e2f429aView commit details -
Configuration menu - View commit details
-
Copy full SHA for af85aeb - Browse repository at this point
Copy the full SHA af85aebView commit details
Commits on Jun 26, 2018
-
Configuration menu - View commit details
-
Copy full SHA for 8cd5ae2 - Browse repository at this point
Copy the full SHA 8cd5ae2View commit details -
Configuration menu - View commit details
-
Copy full SHA for c0d33a9 - Browse repository at this point
Copy the full SHA c0d33a9View commit details
Commits on Jun 27, 2018
-
- Adds a check for the algorithm of the hash of incoming change password requests - Move the check for the allowed hashing algorithms back to the setting validator
Configuration menu - View commit details
-
Copy full SHA for 0f19d47 - Browse repository at this point
Copy the full SHA 0f19d47View commit details -
Configuration menu - View commit details
-
Copy full SHA for 622a204 - Browse repository at this point
Copy the full SHA 622a204View commit details
Commits on Jun 28, 2018
-
Configuration menu - View commit details
-
Copy full SHA for 918301c - Browse repository at this point
Copy the full SHA 918301cView commit details -
Configuration menu - View commit details
-
Copy full SHA for bb85c20 - Browse repository at this point
Copy the full SHA bb85c20View commit details -
Configuration menu - View commit details
-
Copy full SHA for b18203c - Browse repository at this point
Copy the full SHA b18203cView commit details
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.