diff options
| -rwxr-xr-x | config/config.sample.php | 16 | ||||
| -rw-r--r-- | lib/private/share/share.php | 2 |
2 files changed, 10 insertions, 8 deletions
diff --git a/config/config.sample.php b/config/config.sample.php index 1e876e688ff..b895f236c4a 100755 --- a/config/config.sample.php +++ b/config/config.sample.php @@ -203,15 +203,17 @@ $CONFIG = array( /* * Length of sharing tokens and the resulting links. - * This value defines how many possible sharing links there are, choosing a low value like 1 will make it easy to guess + * This value defines how many possible sharing links there are, choosing a low value like 3 will make it easy to guess * sharing links and will also limit the maximum number of shares. Behaviour after all tokens are used is undefined and - * may result in breakage. - * 1: Length of 4. Maximum of 65536 tokens. Links may look like this: example.com/s/1ekf - * 2: Length of 8. Maximum of 2^32 tokens. Links may look like this: example.com/s/1z141z3 - * 3: (Default) Length of 16. Maximum of 2^64 tokens. Links may look like this: example.com/s/3w5e11264sgsf - * 4: (Old default, but base36) Length of 32. Maximum of 2^128 tokens. Links may look like this: example.com/s/f5lxx1zz5pnorynqglhzmsp33 + * may result in breakage. The minimum value is 3, the maximum value is 64. Default is 13. Some example values: + * Length of 3 (This value is not recommended). Maximum of 46656 tokens. Links may look like this: example.com/s/1ek + * Length of 8. Maximum of 2.8*10^12 tokens. Links may look like this: example.com/s/1z1a41z3 + * Length of 13 (Default). Maximum of 1.7*10^20 tokens. Links may look like this: example.com/s/3w5e11264sgsf + * Length of 25 (Near old default). Maximum of 8*10^38 tokens. Links may look like this: example.com/s/f5lxx1zz5pnorynqglhzmsp33 + * Length of 40. Maximum of 1.8*10^62 tokens. Links may look like this: example.com/s/8rnpuh6h4mnepp1hrnlicj80yxhyw8lq49gtid4n + * Length of 64. Maximum of 4*10^99 tokens. Links may look like this: example.com/s/i5yli3xmet7crsf2frc1o12ygsb824im9dmyikg45fvo3vym9tswzr0r4wmtgx7i */ -"sharing_token_length" => 3, +"sharing_token_length" => 13, /* * Configure the size in bytes log rotation should happen, 0 or false disables the rotation. diff --git a/lib/private/share/share.php b/lib/private/share/share.php index 5bebd16a9b4..658eaeb3a41 100644 --- a/lib/private/share/share.php +++ b/lib/private/share/share.php @@ -646,7 +646,7 @@ class Share extends \OC\Share\Constants { if ($tokenLength < 3 || $tokenLength > 64) { $tokenLength = 13; } - $token = \OC::$server->getSecureRandom()->getLowStrengthGenerator()->generate($tokenLength, + $token = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate($tokenLength, \OCP\Security\ISecureRandom::CHAR_LOWER.\OCP\Security\ISecureRandom::CHAR_DIGITS ); } |