128byte is not 128bit - now we realy use 256bit (same as PHPSESSID)

author: Michael Göhler <somebody.here@gmx.de> 2012-10-15 20:00:33 +0200
committer: Michael Göhler <somebody.here@gmx.de> 2012-10-15 20:04:22 +0200
commit: 8be9c04a3a6f84c8673e0b6db3305cf0f427a43b (patch)
tree: c70ffa64543296c73c043be1bfeb40dab181cdb2 /lib/base.php
parent: 22fa23b4da06eef0cb2f22db25339838fc58a994 (diff)
download: nextcloud-server-8be9c04a3a6f84c8673e0b6db3305cf0f427a43b.tar.gz
nextcloud-server-8be9c04a3a6f84c8673e0b6db3305cf0f427a43b.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/base.php b/lib/base.php
index 0ba028a68d2..c9dcac3cbb9 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -566,7 +566,7 @@ class OC{
 			if (in_array($_COOKIE['oc_token'], $tokens, true)) {
 				// replace successfully used token with a new one
 				OC_Preferences::deleteKey($_COOKIE['oc_username'], 'login_token', $_COOKIE['oc_token']);
-				$token = OC_Util::generate_random_bytes(128);
+				$token = OC_Util::generate_random_bytes(32);
 				OC_Preferences::setValue($_COOKIE['oc_username'], 'login_token', $token, time());
 				OC_User::setMagicInCookie($_COOKIE['oc_username'], $token);
 				// login
@@ -600,7 +600,7 @@ class OC{
 				if(defined("DEBUG") && DEBUG) {
 					OC_Log::write('core', 'Setting remember login to cookie', OC_Log::DEBUG);
 				}
-				$token = OC_Util::generate_random_bytes(128);
+				$token = OC_Util::generate_random_bytes(32);
 				OC_Preferences::setValue($_POST['user'], 'login_token', $token, time());
 				OC_User::setMagicInCookie($_POST["user"], $token);
 			}
author	Michael Göhler <somebody.here@gmx.de>	2012-10-15 20:00:33 +0200
committer	Michael Göhler <somebody.here@gmx.de>	2012-10-15 20:04:22 +0200
commit	8be9c04a3a6f84c8673e0b6db3305cf0f427a43b (patch)
tree	c70ffa64543296c73c043be1bfeb40dab181cdb2 /lib/base.php
parent	22fa23b4da06eef0cb2f22db25339838fc58a994 (diff)
download	nextcloud-server-8be9c04a3a6f84c8673e0b6db3305cf0f427a43b.tar.gz nextcloud-server-8be9c04a3a6f84c8673e0b6db3305cf0f427a43b.zip