fix #2311 (#2312)

Validate bcrypt-cost config value to prevent silent errors

irc/accounts.go

@@ -2337,7 +2337,7 @@ func (ac *AccountCredentials) Serialize() (result string, err error) {
 	return string(credText), nil
 }
 
-func (ac *AccountCredentials) SetPassphrase(passphrase string, bcryptCost uint) (err error) {
+func (ac *AccountCredentials) SetPassphrase(passphrase string, bcryptCost int) (err error) {
 	if passphrase == "" {
 		ac.PassphraseHash = nil
 		ac.SCRAMCreds = SCRAMCreds{}
@@ -2348,7 +2348,7 @@ func (ac *AccountCredentials) SetPassphrase(passphrase string, bcryptCost uint)
 		return errAccountBadPassphrase
 	}
 
-	ac.PassphraseHash, err = passwd.GenerateFromPassword([]byte(passphrase), int(bcryptCost))
+	ac.PassphraseHash, err = passwd.GenerateFromPassword([]byte(passphrase), bcryptCost)
 	if err != nil {
 		return errAccountBadPassphrase
 	}

irc/config.go

@@ -375,7 +375,7 @@ type AccountRegistrationConfig struct {
 		Mailto email.MailtoConfig
 	} `yaml:"callbacks"`
 	VerifyTimeout custime.Duration `yaml:"verify-timeout"`
-	BcryptCost    uint             `yaml:"bcrypt-cost"`
+	BcryptCost    int              `yaml:"bcrypt-cost"`
 }
 
 type VHostConfig struct {
@@ -1595,6 +1595,12 @@ func LoadConfig(filename string) (config *Config, err error) {
 	if config.Accounts.Registration.BcryptCost == 0 {
 		config.Accounts.Registration.BcryptCost = passwd.DefaultCost
 	}
+	if config.Accounts.Registration.BcryptCost < passwd.MinCost || config.Accounts.Registration.BcryptCost > passwd.MaxCost {
+		return nil, fmt.Errorf(
+			"invalid bcrypt-cost %d (require %d <= cost <= %d)",
+			config.Accounts.Registration.BcryptCost, passwd.MinCost, passwd.MaxCost,
+		)
+	}
 
 	if config.Channels.MaxChannelsPerClient == 0 {
 		config.Channels.MaxChannelsPerClient = 100

irc/passwd/bcrypt.go

@@ -11,6 +11,7 @@ import (
 
 const (
 	MinCost     = bcrypt.MinCost
+	MaxCost     = bcrypt.MaxCost
 	DefaultCost = 12 // ballpark: 250 msec on a modern Intel CPU
 )