generate random key name for share key to avoid name conflicts
This commit is contained in:
Björn Schießle
parent
a6ef25ba08
commit
d1e2e47592
4 changed files with 69 additions and 54 deletions
|
|
@ -365,9 +365,9 @@ class Hooks {
|
|||
|
||||
$userIds = \OC_Group::usersInGroup($params['shareWith']);
|
||||
|
||||
} else {
|
||||
} else if ( $params['shareType'] == \OCP\Share::SHARE_TYPE_LINK ){
|
||||
|
||||
$userIds = array( $params['shareWith'] );
|
||||
$userIds = array( $util->getPublicShareKeyId() );
|
||||
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -46,9 +46,16 @@ class Session {
|
|||
|
||||
}
|
||||
|
||||
$publicShareKeyId = \OC_Appconfig::getValue('files_encryption', 'publicShareKeyId');
|
||||
|
||||
if ($publicShareKeyId === null) {
|
||||
$publicShareKeyId = substr(md5(time()),0,8);
|
||||
\OC_Appconfig::setValue('files_encryption', 'publicShareKeyId', $publicShareKeyId);
|
||||
}
|
||||
|
||||
if (
|
||||
! $this->view->file_exists( "/public-keys/owncloud.public.key" )
|
||||
|| ! $this->view->file_exists( "/owncloud_private_key/owncloud.private.key" )
|
||||
! $this->view->file_exists( "/public-keys/".$publicShareKeyId.".public.key" )
|
||||
|| ! $this->view->file_exists( "/owncloud_private_key/".$publicShareKeyId.".private.key" )
|
||||
) {
|
||||
|
||||
//FIXME: Bug: for some reason file_exists is returning
|
||||
|
|
@ -57,23 +64,23 @@ class Session {
|
|||
// our app.php is being executed 18 times per page load
|
||||
// , causing 18 new keypairs and huge performance hit.
|
||||
|
||||
// $keypair = Crypt::createKeypair();
|
||||
//
|
||||
// \OC_FileProxy::$enabled = false;
|
||||
//
|
||||
// // Save public key
|
||||
//
|
||||
// if (!$view->is_dir('/public-keys')) {
|
||||
// $view->mkdir('/public-keys');
|
||||
// }
|
||||
//
|
||||
// $this->view->file_put_contents( '/public-keys/owncloud.public.key', $keypair['publicKey'] );
|
||||
//
|
||||
// // Encrypt private key empthy passphrase
|
||||
// $encryptedPrivateKey = Crypt::symmetricEncryptFileContent( $keypair['privateKey'], '' );
|
||||
//
|
||||
// // Save private key
|
||||
// $this->view->file_put_contents( '/owncloud_private_key/owncloud.private.key', $encryptedPrivateKey );
|
||||
$keypair = Crypt::createKeypair();
|
||||
|
||||
\OC_FileProxy::$enabled = false;
|
||||
|
||||
// Save public key
|
||||
|
||||
if (!$view->is_dir('/public-keys')) {
|
||||
$view->mkdir('/public-keys');
|
||||
}
|
||||
|
||||
$this->view->file_put_contents( '/public-keys/'.$publicShareKeyId.'.public.key', $keypair['publicKey'] );
|
||||
|
||||
// Encrypt private key empthy passphrase
|
||||
$encryptedPrivateKey = Crypt::symmetricEncryptFileContent( $keypair['privateKey'], '' );
|
||||
|
||||
// Save private key
|
||||
$this->view->file_put_contents( '/owncloud_private_key/'.$publicShareKeyId.'.private.key', $encryptedPrivateKey );
|
||||
|
||||
\OC_FileProxy::$enabled = true;
|
||||
|
||||
|
|
|
|||
|
|
@ -108,6 +108,7 @@ class Util {
|
|||
private $shareKeysPath; // Dir containing env keys for shared files
|
||||
private $publicKeyPath; // Path to user's public key
|
||||
private $privateKeyPath; // Path to user's private key
|
||||
private $publicShareKeyId;
|
||||
|
||||
public function __construct( \OC_FilesystemView $view, $userId, $client = false ) {
|
||||
|
||||
|
|
@ -123,7 +124,7 @@ class Util {
|
|||
$this->shareKeysPath = $this->encryptionDir . '/' . 'share-keys';
|
||||
$this->publicKeyPath = $this->publicKeyDir . '/' . $this->userId . '.public.key'; // e.g. data/public-keys/admin.public.key
|
||||
$this->privateKeyPath = $this->encryptionDir . '/' . $this->userId . '.private.key'; // e.g. data/admin/admin.private.key
|
||||
|
||||
$this->publicShareKeyId = \OC_Appconfig::getValue('files_encryption', 'publicShareKeyId');
|
||||
}
|
||||
|
||||
public function ready() {
|
||||
|
|
@ -212,6 +213,10 @@ class Util {
|
|||
|
||||
}
|
||||
|
||||
public function getPublicShareKeyId() {
|
||||
return $this->publicShareKeyId;
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief Check whether pwd recovery is enabled for a given user
|
||||
* @return 1 = yes, 0 = no, false = no record
|
||||
|
|
@ -792,7 +797,7 @@ class Util {
|
|||
// Check that the user is encryption capable, or is the
|
||||
// public system user 'ownCloud' (for public shares)
|
||||
if (
|
||||
$user == 'owncloud'
|
||||
$user == $this->publicShareKeyId
|
||||
or $util->ready()
|
||||
) {
|
||||
|
||||
|
|
|
|||
|
|
@ -184,6 +184,9 @@ class Share {
|
|||
$shares = array_merge($shares, $usersInGroup);
|
||||
}
|
||||
|
||||
$publicShareKeyId = \OC_Appconfig::getValue('files_encryption', 'publicShareKeyId');
|
||||
|
||||
if ($publicShareKeyId) {
|
||||
//check for public link shares
|
||||
$query = \OC_DB::prepare(
|
||||
'SELECT share_with
|
||||
|
|
@ -200,7 +203,8 @@ class Share {
|
|||
}
|
||||
|
||||
if ($result->fetchRow()) {
|
||||
$shares[] = "owncloud";
|
||||
$shares[] = $publicShareKeyId;
|
||||
}
|
||||
}
|
||||
}
|
||||
// Include owner in list of users, if requested
|
||||
|
|
@ -209,7 +213,6 @@ class Share {
|
|||
}
|
||||
|
||||
return array_unique($shares);
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
Loading…
Reference in a new issue