Merge branch 'master' into routing

Conflicts: lib/search/provider/file.php settings/ajax/changepassword.php settings/settings.php
author: Bart Visscher <bartv@thisnet.nl> 2012-10-17 16:38:11 +0200
committer: Bart Visscher <bartv@thisnet.nl> 2012-10-17 16:38:11 +0200
commit: 6081bfa2bcbe121e373486273ecce58a49e6fa97 (patch)
tree: f2504800c66919a53eff9323724b493079569495 /core/lostpassword
parent: c2b4e534534e083147bbad9b564179832cfa2912 (diff)
parent: 44287d680bd0e8799724a7595db43c0fafcaff40 (diff)
download: nextcloud-server-6081bfa2bcbe121e373486273ecce58a49e6fa97.tar.gz
nextcloud-server-6081bfa2bcbe121e373486273ecce58a49e6fa97.zip
3 files changed, 8 insertions, 16 deletions
diff --git a/core/lostpassword/index.php b/core/lostpassword/index.php
index 3f58b03c982..906208dcbc4 100644
--- a/core/lostpassword/index.php
+++ b/core/lostpassword/index.php
@@ -13,11 +13,11 @@ require_once '../../lib/base.php';
 // Someone lost their password:
 if (isset($_POST['user'])) {
 	if (OC_User::userExists($_POST['user'])) {
-		$token = sha1($_POST['user'].md5(uniqid(rand(), true)));
-		OC_Preferences::setValue($_POST['user'], 'owncloud', 'lostpassword', $token);
+		$token = hash("sha256", OC_Util::generate_random_bytes(30).OC_Config::getValue('passwordsalt', ''));
+		OC_Preferences::setValue($_POST['user'], 'owncloud', 'lostpassword', hash("sha256", $token)); // Hash the token again to prevent timing attacks
 		$email = OC_Preferences::getValue($_POST['user'], 'settings', 'email', '');
-		if (!empty($email) and isset($_POST['sectoken']) and isset($_SESSION['sectoken']) and ($_POST['sectoken']==$_SESSION['sectoken']) ) {
-			$link = OC_Helper::linkToAbsolute('core/lostpassword', 'resetpassword.php', array('user' => urlencode($_POST['user']), 'token' => $token));
+		if (!empty($email)) {
+			$link = OC_Helper::linkToAbsolute('core/lostpassword', 'resetpassword.php', array('user' => $_POST['user'], 'token' => $token));
 			$tmpl = new OC_Template('core/lostpassword', 'email');
 			$tmpl->assign('link', $link, false);
 			$msg = $tmpl->fetchPage();
@@ -25,18 +25,11 @@ if (isset($_POST['user'])) {
 			$from = 'lostpassword-noreply@' . OCP\Util::getServerHost();
 			OC_MAIL::send($email, $_POST['user'], $l->t('ownCloud password reset'), $msg, $from, 'ownCloud');
 			echo('sent');
-
 		}
-		$sectoken=rand(1000000, 9999999);
-		$_SESSION['sectoken']=$sectoken;
-		OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => false, 'requested' => true, 'sectoken' => $sectoken));
+		OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => false, 'requested' => true));
 	} else {
-		$sectoken=rand(1000000, 9999999);
-		$_SESSION['sectoken']=$sectoken;
-		OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => true, 'requested' => false, 'sectoken' => $sectoken));
+		OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => true, 'requested' => false));
 	}
 } else {
-	$sectoken=rand(1000000, 9999999);
-	$_SESSION['sectoken']=$sectoken;
-	OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => false, 'requested' => false, 'sectoken' => $sectoken));
+	OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => false, 'requested' => false));
 }
diff --git a/core/lostpassword/resetpassword.php b/core/lostpassword/resetpassword.php
index 28a0063fc64..896c8da76e0 100644
--- a/core/lostpassword/resetpassword.php
+++ b/core/lostpassword/resetpassword.php
@@ -10,7 +10,7 @@ $RUNTIME_NOAPPS = TRUE; //no apps
 require_once '../../lib/base.php';
 
 // Someone wants to reset their password:
-if(isset($_GET['token']) && isset($_GET['user']) && OC_Preferences::getValue($_GET['user'], 'owncloud', 'lostpassword') === $_GET['token']) {
+if(isset($_GET['token']) && isset($_GET['user']) && OC_Preferences::getValue($_GET['user'], 'owncloud', 'lostpassword') === hash("sha256", $_GET['token'])) {
 	if (isset($_POST['password'])) {
 		if (OC_User::setPassword($_GET['user'], $_POST['password'])) {
 			OC_Preferences::deleteKey($_GET['user'], 'owncloud', 'lostpassword');
diff --git a/core/lostpassword/templates/lostpassword.php b/core/lostpassword/templates/lostpassword.php
index 754eabdad67..4b871963b80 100644
--- a/core/lostpassword/templates/lostpassword.php
+++ b/core/lostpassword/templates/lostpassword.php
@@ -10,7 +10,6 @@
 			<p class="infield">
 				<label for="user" class="infield"><?php echo $l->t( 'Username' ); ?></label>
 				<input type="text" name="user" id="user" value="" autocomplete="off" required autofocus />
-				<input type="hidden" name="sectoken" id="sectoken" value="<?php echo($_['sectoken']); ?>"  />
 			</p>
 			<input type="submit" id="submit" value="<?php echo $l->t('Request reset'); ?>" />
 		<?php endif; ?>
author	Bart Visscher <bartv@thisnet.nl>	2012-10-17 16:38:11 +0200
committer	Bart Visscher <bartv@thisnet.nl>	2012-10-17 16:38:11 +0200
commit	6081bfa2bcbe121e373486273ecce58a49e6fa97 (patch)
tree	f2504800c66919a53eff9323724b493079569495 /core/lostpassword
parent	c2b4e534534e083147bbad9b564179832cfa2912 (diff)
parent	44287d680bd0e8799724a7595db43c0fafcaff40 (diff)
download	nextcloud-server-6081bfa2bcbe121e373486273ecce58a49e6fa97.tar.gz nextcloud-server-6081bfa2bcbe121e373486273ecce58a49e6fa97.zip