diff options
| author | Bjoern Schiessle <schiessle@owncloud.com> | 2014-11-25 10:12:30 +0100 |
|---|---|---|
| committer | Bjoern Schiessle <schiessle@owncloud.com> | 2014-11-25 12:32:25 +0100 |
| commit | 917bef39b7f1c0ca495ef102b7878ed5b15830c6 (patch) | |
| tree | 51998a1b1e62f7899ecd0db3ec651b53dd606e5c | |
| parent | f274833403f1b35ddbf8e6cdf13851ae813ed121 (diff) | |
| download | nextcloud-server-917bef39b7f1c0ca495ef102b7878ed5b15830c6.tar.gz nextcloud-server-917bef39b7f1c0ca495ef102b7878ed5b15830c6.zip | |
don't store private public-share-key in session
| -rw-r--r-- | apps/files_encryption/lib/session.php | 27 |
1 files changed, 10 insertions, 17 deletions
diff --git a/apps/files_encryption/lib/session.php b/apps/files_encryption/lib/session.php index 7bd4fd02421..3cb02704188 100644 --- a/apps/files_encryption/lib/session.php +++ b/apps/files_encryption/lib/session.php @@ -29,6 +29,7 @@ namespace OCA\Encryption; class Session { private $view; + private static $publicShareKey = false; const NOT_INITIALIZED = '0'; const INIT_EXECUTED = '1'; @@ -92,7 +93,7 @@ class Session { } - if (\OCA\Encryption\Helper::isPublicAccess()) { + if (\OCA\Encryption\Helper::isPublicAccess() && !self::getPublicSharePrivateKey()) { // Disable encryption proxy to prevent recursive calls $proxyStatus = \OC_FileProxy::$enabled; \OC_FileProxy::$enabled = false; @@ -100,9 +101,7 @@ class Session { $encryptedKey = $this->view->file_get_contents( '/owncloud_private_key/' . $publicShareKeyId . '.private.key'); $privateKey = Crypt::decryptPrivateKey($encryptedKey, ''); - $this->setPublicSharePrivateKey($privateKey); - - $this->setInitialized(\OCA\Encryption\Session::INIT_SUCCESSFUL); + self::setPublicSharePrivateKey($privateKey); \OC_FileProxy::$enabled = $proxyStatus; } @@ -164,6 +163,8 @@ class Session { public function getInitialized() { if (!is_null(\OC::$server->getSession()->get('encryptionInitialized'))) { return \OC::$server->getSession()->get('encryptionInitialized'); + } else if (\OCA\Encryption\Helper::isPublicAccess() && self::getPublicSharePrivateKey()) { + return self::INIT_SUCCESSFUL; } else { return self::NOT_INITIALIZED; } @@ -177,7 +178,7 @@ class Session { public function getPrivateKey() { // return the public share private key if this is a public access if (\OCA\Encryption\Helper::isPublicAccess()) { - return $this->getPublicSharePrivateKey(); + return self::getPublicSharePrivateKey(); } else { if (!is_null(\OC::$server->getSession()->get('privateKey'))) { return \OC::$server->getSession()->get('privateKey'); @@ -192,12 +193,9 @@ class Session { * @param string $privateKey * @return bool */ - public function setPublicSharePrivateKey($privateKey) { - - \OC::$server->getSession()->set('publicSharePrivateKey', $privateKey); - + private static function setPublicSharePrivateKey($privateKey) { + self::$publicShareKey = $privateKey; return true; - } /** @@ -205,13 +203,8 @@ class Session { * @return string $privateKey * */ - public function getPublicSharePrivateKey() { - - if (!is_null(\OC::$server->getSession()->get('publicSharePrivateKey'))) { - return \OC::$server->getSession()->get('publicSharePrivateKey'); - } else { - return false; - } + private static function getPublicSharePrivateKey() { + return self::$publicShareKey; } } |