diff options
| author | ernolf <raphael.gradenwitz@googlemail.com> | 2024-08-20 12:33:28 +0200 |
|---|---|---|
| committer | backportbot[bot] <backportbot[bot]@users.noreply.github.com> | 2024-09-26 10:34:33 +0000 |
| commit | 773a7773b5184f4e408790e92adf11256149a28b (patch) | |
| tree | 5e9a0d244dbbdeae62f0637a7ad477d725b5d09a | |
| parent | f7e26239390157dce934c15184dc07f4c8a0234b (diff) | |
| download | nextcloud-server-backport/48142/stable25.tar.gz nextcloud-server-backport/48142/stable25.zip | |
fix(share): Ensure unique share tokensbackport/48142/stable25
- check for token collisions and retry up to three times.
- throw after 3 attempts without finding a unique token.
Signed-off-by: ernolf <raphael.gradenwitz@googlemail.com>
| -rw-r--r-- | lib/private/Share20/Manager.php | 22 |
1 files changed, 17 insertions, 5 deletions
diff --git a/lib/private/Share20/Manager.php b/lib/private/Share20/Manager.php index 0493457f1aa..fb692a37cdd 100644 --- a/lib/private/Share20/Manager.php +++ b/lib/private/Share20/Manager.php @@ -771,13 +771,25 @@ class Manager implements IManager { $this->linkCreateChecks($share); $this->setLinkParent($share); - // For now ignore a set token. - $share->setToken( - $this->secureRandom->generate( + for ($i = 0; $i <= 3; $i++) { + $token = $this->secureRandom->generate( \OC\Share\Constants::TOKEN_LENGTH, \OCP\Security\ISecureRandom::CHAR_HUMAN_READABLE - ) - ); + ); + + try { + $this->getShareByToken($token); + } catch (\OCP\Share\Exceptions\ShareNotFound $e) { + // Set the unique token + $share->setToken($token); + break; + } + + // Abort after 3 failed attempts + if ($i >= 3) { + throw new \Exception('Unable to generate a unique share token after 3 attempts.'); + } + } // Verify the expiration date $share = $this->validateExpirationDateLink($share); |