From c01c7cede2a9e3e1828efb4ece98a1c44b549e57 Mon Sep 17 00:00:00 2001
From: Kevin Israel <pleasestand@live.com>
Date: Sun, 10 Jun 2018 21:45:29 -0400
Subject: [PATCH] DefaultSettings: fix "advanced example" for $wgPasswordConfig

Follows-up 95a8974c6.

The version of EncryptedPassword that was merged doesn't use mcrypt, but
rather OpenSSL. Also, show one way of specifying the key, and remove the
"cost" option, which would instead need to be specified for the underlying
type ("bcrypt").

Change-Id: Idaaca765835656113c8f0f1e83cc7e5a2a922fa2
---
 includes/DefaultSettings.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php
index 02cbc2fb04..70c4d01ef5 100644
--- a/includes/DefaultSettings.php
+++ b/includes/DefaultSettings.php
@@ -4731,10 +4731,10 @@ $wgPasswordDefault = 'pbkdf2';
  * $wgPasswordConfig['bcrypt-peppered'] = [
  *     'class' => EncryptedPassword::class,
  *     'underlying' => 'bcrypt',
- *     'secrets' => [],
- *     'cipher' => MCRYPT_RIJNDAEL_256,
- *     'mode' => MCRYPT_MODE_CBC,
- *     'cost' => 5,
+ *     'secrets' => [
+ *         hash( 'sha256', 'secret', true ),
+ *     ],
+ *     'cipher' => 'aes-256-cbc',
  * ];
  * @endcode
  *
-- 
2.20.1