diff options
author | kondou <kondou@ts.unde.re> | 2014-08-03 11:31:28 +0200 |
---|---|---|
committer | kondou <kondou@ts.unde.re> | 2014-09-04 15:23:55 +0200 |
commit | 2a4c51389c23ab1da47d52be9f2e76cd90f2df01 (patch) | |
tree | b50145fa66fe889045a0dbac963dd4b9865bf827 /lib/private/share | |
parent | 0f2ad9862e98e00fdc250bf8405bf6404d40b1ed (diff) | |
download | nextcloud-server-2a4c51389c23ab1da47d52be9f2e76cd90f2df01.tar.gz nextcloud-server-2a4c51389c23ab1da47d52be9f2e76cd90f2df01.zip |
Use a route instead of s.php and convert tokens asap
Diffstat (limited to 'lib/private/share')
-rw-r--r-- | lib/private/share/constants.php | 2 | ||||
-rw-r--r-- | lib/private/share/share.php | 21 |
2 files changed, 20 insertions, 3 deletions
diff --git a/lib/private/share/constants.php b/lib/private/share/constants.php index cf935bd4c0e..1ba4929899a 100644 --- a/lib/private/share/constants.php +++ b/lib/private/share/constants.php @@ -34,8 +34,6 @@ class Constants { const FORMAT_STATUSES = -2; const FORMAT_SOURCES = -3; // ToDo Check if it is still in use otherwise remove it - const TOKEN_LENGTH = 16; // old length is 32, thus 32 in db_structure.xml - protected static $shareTypeUserAndGroups = -1; protected static $shareTypeGroupUserUnique = 2; protected static $backends = array(); diff --git a/lib/private/share/share.php b/lib/private/share/share.php index e2e9b94125e..dfe0f65340b 100644 --- a/lib/private/share/share.php +++ b/lib/private/share/share.php @@ -640,7 +640,26 @@ class Share extends \OC\Share\Constants { if (isset($oldToken)) { $token = $oldToken; } else { - $token = \OC_Util::generateRandomBytes(self::TOKEN_LENGTH); + // Determine how long the token should be + switch (\OC_Config::getValue("sharing_token_length", 3)) { + case 1: + $tokenLength = 4; + break; + case 2: + $tokenLength = 8; + break; + // Default is 3, so skip the 3 block + case 4: + $tokenLength = 32; + break; + // Anything other than 1-4 should be default 3 + default: + $tokenLength = 16; + break; + } + $token = \OC::$server->getSecureRandom()->getLowStrengthGenerator()->generate($tokenLength, + \OCP\Security\ISecureRandom::CHAR_LOWER.\OCP\Security\ISecureRandom::CHAR_DIGITS + ); } $result = self::put($itemType, $itemSource, $shareType, $shareWith, $uidOwner, $permissions, null, $token, $itemSourceName, $expirationDate); |