summaryrefslogtreecommitdiffstats
path: root/lib/private/share
diff options
context:
space:
mode:
authorkondou <kondou@ts.unde.re>2014-08-03 11:31:28 +0200
committerkondou <kondou@ts.unde.re>2014-09-04 15:23:55 +0200
commit2a4c51389c23ab1da47d52be9f2e76cd90f2df01 (patch)
treeb50145fa66fe889045a0dbac963dd4b9865bf827 /lib/private/share
parent0f2ad9862e98e00fdc250bf8405bf6404d40b1ed (diff)
downloadnextcloud-server-2a4c51389c23ab1da47d52be9f2e76cd90f2df01.tar.gz
nextcloud-server-2a4c51389c23ab1da47d52be9f2e76cd90f2df01.zip
Use a route instead of s.php and convert tokens asap
Diffstat (limited to 'lib/private/share')
-rw-r--r--lib/private/share/constants.php2
-rw-r--r--lib/private/share/share.php21
2 files changed, 20 insertions, 3 deletions
diff --git a/lib/private/share/constants.php b/lib/private/share/constants.php
index cf935bd4c0e..1ba4929899a 100644
--- a/lib/private/share/constants.php
+++ b/lib/private/share/constants.php
@@ -34,8 +34,6 @@ class Constants {
const FORMAT_STATUSES = -2;
const FORMAT_SOURCES = -3; // ToDo Check if it is still in use otherwise remove it
- const TOKEN_LENGTH = 16; // old length is 32, thus 32 in db_structure.xml
-
protected static $shareTypeUserAndGroups = -1;
protected static $shareTypeGroupUserUnique = 2;
protected static $backends = array();
diff --git a/lib/private/share/share.php b/lib/private/share/share.php
index e2e9b94125e..dfe0f65340b 100644
--- a/lib/private/share/share.php
+++ b/lib/private/share/share.php
@@ -640,7 +640,26 @@ class Share extends \OC\Share\Constants {
if (isset($oldToken)) {
$token = $oldToken;
} else {
- $token = \OC_Util::generateRandomBytes(self::TOKEN_LENGTH);
+ // Determine how long the token should be
+ switch (\OC_Config::getValue("sharing_token_length", 3)) {
+ case 1:
+ $tokenLength = 4;
+ break;
+ case 2:
+ $tokenLength = 8;
+ break;
+ // Default is 3, so skip the 3 block
+ case 4:
+ $tokenLength = 32;
+ break;
+ // Anything other than 1-4 should be default 3
+ default:
+ $tokenLength = 16;
+ break;
+ }
+ $token = \OC::$server->getSecureRandom()->getLowStrengthGenerator()->generate($tokenLength,
+ \OCP\Security\ISecureRandom::CHAR_LOWER.\OCP\Security\ISecureRandom::CHAR_DIGITS
+ );
}
$result = self::put($itemType, $itemSource, $shareType, $shareWith, $uidOwner, $permissions,
null, $token, $itemSourceName, $expirationDate);