Make it clear that the hmac-* algos can't be used in the config.

data/anope.example.conf

@@ -1296,7 +1296,7 @@ module
 	/** The memory hardness in kibibytes of the Argon2 algorithm. Defaults to
 	 * 128 mebibytes.
 	 */
-	#memory_cost = 121072
+	#memory_cost = 131072
 
 	/** The time hardness (iterations) of the Argon2 algorithm. Defaults to 3.
 	 */

src/misc.cpp

@@ -965,7 +965,7 @@ Anope::string Anope::VersionBuildString()
 	flags += "G";
 #endif
 #if REPRODUCIBLE_BUILD
-	flags += "R"
+	flags += "R";
 #endif
 #ifdef _WIN32
 	flags += "W";

src/tools/anope-mkpasswd

@@ -47,11 +47,19 @@ algorithm = sys.argv[1]
 password  = sys.argv[2] if len(sys.argv) >= 3 else getpass.getpass()
 
 def do_argon2(variant, password):
-    ph = argon2.PasswordHasher(type=variant)
+    ph = argon2.PasswordHasher(
+        time_cost=int(os.getenv("ARGON2_TIME_COST", 3)),
+        memory_cost=int(os.getenv("ARGON2_TIME_COST", 131_072)),
+        parallelism=int(os.getenv("ARGON2_PARALLELISM", 1)),
+        hash_len=int(os.getenv("ARGON2_SALT_LENGTH", 32)),
+        salt_len=int(os.getenv("ARGON2_HASH_LENGTH", 32)),
+        type=variant,
+    )
     return ph.hash(password)
 
 def do_bcrypt(password):
-    salt = bcrypt.gensalt(16)
+    rounds = int(os.getenv("BCRYPT_ROUNDS", 10))
+    salt = bcrypt.gensalt(rounds)
     return bcrypt.hashpw(password.encode('utf-8'), salt).decode('utf-8')
 
 def do_hmac(digest, password):
@@ -112,5 +120,8 @@ if config:
             token = "{password_hash}"
             token_hash = "{algorithm}"
         """).lstrip())
+else:
+    print(f"The {algorithm} algorithm can not be used in an oper or a jsonrpc/xmlrpc token.")
+    print()
 
 print(f"Make sure you have the {module} module loaded!");