DorianNiemiecSVRJS/svrjs
Archived
1
0
Fork 0
forked from svrjs/svrjs
Code Pull requests Activity

Bun's crypto.scrypt doesn't block the event loop that much compared to crypto.pbkdf2

Browse source
This commit is contained in:
Dorian Niemiec 2024-04-01 21:48:19 +02:00
parent bac0e61487
commit e3c1dcea0e
2 changed files with 0 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
svr.js
View file

@ -4933,9 +4933,6 @@ function start(init) {
if (users.some(function (entry) { if (users.some(function (entry) {
return entry.pbkdf2; return entry.pbkdf2;
})) serverconsole.locwarnmessage("PBKDF2 password hashing function in Bun blocks the event loop, which may result in denial of service."); })) serverconsole.locwarnmessage("PBKDF2 password hashing function in Bun blocks the event loop, which may result in denial of service.");
if (users.some(function (entry) {
return entry.scrypt;
})) serverconsole.locwarnmessage("scrypt password hashing function in Bun blocks the event loop, which may result in denial of service.");
} }
if (cluster.isPrimary === undefined) serverconsole.locwarnmessage("You're running SVR.JS on single thread. Reliability may suffer, as the server is stopped after crash."); if (cluster.isPrimary === undefined) serverconsole.locwarnmessage("You're running SVR.JS on single thread. Reliability may suffer, as the server is stopped after crash.");
if (crypto.__disabled__ !== undefined) serverconsole.locwarnmessage("Your Node.JS version doesn't have crypto support! The 'crypto' module is essential for providing cryptographic functionality in Node.JS. Without crypto support, certain security features may be unavailable, and some functionality may not work as expected. It's recommended to use a Node.JS version that includes crypto support to ensure the security and proper functioning of your server."); if (crypto.__disabled__ !== undefined) serverconsole.locwarnmessage("Your Node.JS version doesn't have crypto support! The 'crypto' module is essential for providing cryptographic functionality in Node.JS. Without crypto support, certain security features may be unavailable, and some functionality may not work as expected. It's recommended to use a Node.JS version that includes crypto support to ensure the security and proper functioning of your server.");

1
svrpasswd.js
View file

@ -338,7 +338,6 @@ function promptAlgorithms(callback, bypass, pbkdf2, scrypt) {
pbkdf2: "PBKDF2 (PBKDF2-HMAC-SHA512, 36250 iterations) - more secure and uses less memory, but slower", pbkdf2: "PBKDF2 (PBKDF2-HMAC-SHA512, 36250 iterations) - more secure and uses less memory, but slower",
scrypt: "scrypt (N=2^14, r=8, p=1) - faster and more secure, but uses more memory" scrypt: "scrypt (N=2^14, r=8, p=1) - faster and more secure, but uses more memory"
} }
if (!crypto.scrypt || process.isBun) delete algorithms.scrypt;
if (!crypto.pbkdf2 || process.isBun) delete algorithms.pbkdf2; if (!crypto.pbkdf2 || process.isBun) delete algorithms.pbkdf2;
var algorithmNames = Object.keys(algorithms); var algorithmNames = Object.keys(algorithms);
if (algorithmNames.length < 2) callback(algorithmNames[0]); if (algorithmNames.length < 2) callback(algorithmNames[0]);