Parameterize the PBKDF2 algorithm in application config

http://meta.discourse.org/t/sso-between-discourse-and-xmpp/8567/5

app/models/user.rb

@@ -542,7 +542,7 @@ class User < ActiveRecord::Base
   end
 
   def hash_password(password, salt)
-    Pbkdf2.hash_password(password, salt, Rails.configuration.pbkdf2_iterations)
+    Pbkdf2.hash_password(password, salt, Rails.configuration.pbkdf2_iterations, Rails.configuration.pbkdf2_algorithm)
   end
 
   def add_trust_level
@@ -674,4 +674,3 @@ end
 #  index_users_on_username        (username) UNIQUE
 #  index_users_on_username_lower  (username_lower) UNIQUE
 #
-

config/application.rb

@@ -89,6 +89,7 @@ module Discourse
 
     # per https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet
     config.pbkdf2_iterations = 64000
+    config.pbkdf2_algorithm = "sha256"
 
     # dumping rack lock cause the message bus does not work with it (throw :async, it catches Exception)
     # see: https://github.com/sporkrb/spork/issues/66

lib/pbkdf2.rb

@@ -13,9 +13,9 @@ require 'xor'
 
 class Pbkdf2
 
-  def self.hash_password(password, salt, iterations)
+  def self.hash_password(password, salt, iterations, algorithm = "sha256")
 
-    h = OpenSSL::Digest::Digest.new("sha256")
+    h = OpenSSL::Digest::Digest.new(algorithm)
 
     u = ret = prf(h, password, salt + [1].pack("N"))