From fc8793499ac6e1297b05c64bfae54b1246452ab6 Mon Sep 17 00:00:00 2001
From: Frank Denis <github@pureftpd.org>
Date: Wed, 29 Nov 2017 13:19:18 +0100
Subject: [PATCH] Revert "Revert "ext/sodium: pwhash: do not warn on low
 parameters"" This reverts commit a1845b7fdb5916b0951146ca18bb67ca83854733.

Revert "Revert "ext/sodium: throw exceptions instead of errors""
This reverts commit 31d221f9c72f0d0322c84907c5d89a4464667244.
---
 ext/sodium/libsodium.c | 61 ++++++++++++++++++++++++++----------------
 1 file changed, 38 insertions(+), 23 deletions(-)

diff --git a/ext/sodium/libsodium.c b/ext/sodium/libsodium.c
index 06a763627dc..a9cb17d7729 100644
--- a/ext/sodium/libsodium.c
+++ b/ext/sodium/libsodium.c
@@ -233,6 +233,19 @@ ZEND_END_ARG_INFO()
 # undef crypto_secretstream_xchacha20poly1305_ABYTES
 #endif
 
+#ifndef crypto_pwhash_OPSLIMIT_MIN
+# define crypto_pwhash_OPSLIMIT_MIN crypto_pwhash_OPSLIMIT_INTERACTIVE
+#endif
+#ifndef crypto_pwhash_MEMLIMIT_MIN
+# define crypto_pwhash_MEMLIMIT_MIN crypto_pwhash_MEMLIMIT_INTERACTIVE
+#endif
+#ifndef crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MIN
+# define crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MIN crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE
+#endif
+#ifndef crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MIN
+# define crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MIN crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE
+#endif
+
 const zend_function_entry sodium_functions[] = {
 	PHP_FE(sodium_crypto_aead_aes256gcm_is_available, AI_None)
 #ifdef HAVE_AESGCM
@@ -1839,12 +1852,14 @@ PHP_FUNCTION(sodium_crypto_pwhash)
 		zend_throw_exception(sodium_exception_ce, "salt should be SODIUM_CRYPTO_PWHASH_SALTBYTES bytes", 0);
 		return;
 	}
-	if (opslimit < crypto_pwhash_OPSLIMIT_INTERACTIVE) {
-		zend_error(E_WARNING,
-				   "number of operations for the password hashing function is low");
+	if (opslimit < crypto_pwhash_OPSLIMIT_MIN) {
+		zend_throw_exception(sodium_exception_ce,
+							 "number of operations for the password hashing function is too low", 0);
+		return;
 	}
-	if (memlimit < crypto_pwhash_MEMLIMIT_INTERACTIVE) {
-		zend_error(E_WARNING, "maximum memory for the password hashing function is low");
+	if (memlimit < crypto_pwhash_MEMLIMIT_MIN) {
+		zend_throw_exception(sodium_exception_ce,
+							 "maximum memory for the password hashing function is too low", 0);
 	}
 	hash = zend_string_alloc((size_t) hash_len, 0);
 	ret = -1;
@@ -1902,13 +1917,13 @@ PHP_FUNCTION(sodium_crypto_pwhash_str)
 	if (passwd_len <= 0) {
 		zend_error(E_WARNING, "empty password");
 	}
-	if (opslimit < crypto_pwhash_OPSLIMIT_INTERACTIVE) {
-		zend_error(E_WARNING,
-				   "number of operations for the password hashing function is low");
+	if (opslimit < crypto_pwhash_OPSLIMIT_MIN) {
+		zend_throw_exception(sodium_exception_ce,
+							 "number of operations for the password hashing function is too low", 0);
 	}
-	if (memlimit < crypto_pwhash_MEMLIMIT_INTERACTIVE) {
-		zend_error(E_WARNING,
-				   "maximum memory for the password hashing function is low");
+	if (memlimit < crypto_pwhash_MEMLIMIT_MIN) {
+		zend_throw_exception(sodium_exception_ce,
+							 "maximum memory for the password hashing function is too low", 0);
 	}
 	hash_str = zend_string_alloc(crypto_pwhash_STRBYTES - 1, 0);
 	if (crypto_pwhash_str
@@ -2016,13 +2031,13 @@ PHP_FUNCTION(sodium_crypto_pwhash_scryptsalsa208sha256)
 				   0);
 		return;
 	}
-	if (opslimit < crypto_pwhash_scryptsalsa208sha256_opslimit_interactive()) {
-		zend_error(E_WARNING,
-				   "number of operations for the scrypt function is low");
+	if (opslimit < crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE) {
+		zend_throw_exception(sodium_exception_ce,
+							 "number of operations for the scrypt function is too low", 0);
 	}
-	if (memlimit < crypto_pwhash_scryptsalsa208sha256_memlimit_interactive()) {
-		zend_error(E_WARNING,
-				   "maximum memory for the scrypt function is low");
+	if (memlimit < crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE) {
+		zend_throw_exception(sodium_exception_ce,
+							 "maximum memory for the scrypt function is too low", 0);
 	}
 	hash = zend_string_alloc((size_t) hash_len, 0);
 	if (crypto_pwhash_scryptsalsa208sha256
@@ -2063,13 +2078,13 @@ PHP_FUNCTION(sodium_crypto_pwhash_scryptsalsa208sha256_str)
 	if (passwd_len <= 0) {
 		zend_error(E_WARNING, "empty password");
 	}
-	if (opslimit < crypto_pwhash_scryptsalsa208sha256_opslimit_interactive()) {
-		zend_error(E_WARNING,
-				   "number of operations for the scrypt function is low");
+	if (opslimit < crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE) {
+		zend_throw_exception(sodium_exception_ce,
+							 "number of operations for the scrypt function is too low", 0);
 	}
-	if (memlimit < crypto_pwhash_scryptsalsa208sha256_memlimit_interactive()) {
-		zend_error(E_WARNING,
-				   "maximum memory for the scrypt function is low");
+	if (memlimit < crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE) {
+		zend_throw_exception(sodium_exception_ce,
+							 "maximum memory for the scrypt function is too low", 0);
 	}
 	hash_str = zend_string_alloc
 		(crypto_pwhash_scryptsalsa208sha256_STRBYTES - 1, 0);