From ac08685234249f5045e9f73f49d1cd05c283dbc2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thomas=20M=C3=BCller?= <thomas.mueller@tmit.eu>
Date: Thu, 23 Jul 2015 14:44:48 +0200
Subject: [PATCH 1/2] Use a hook to integrate sharing password verification

---
 lib/private/share/share.php | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/lib/private/share/share.php b/lib/private/share/share.php
index 41b60ecc638..ab42c0daab4 100644
--- a/lib/private/share/share.php
+++ b/lib/private/share/share.php
@@ -737,6 +737,7 @@ class Share extends Constants {
 
 				// Generate hash of password - same method as user passwords
 				if (!empty($shareWith)) {
+					self::verifyPassword($shareWith);
 					$shareWith = \OC::$server->getHasher()->hash($shareWith);
 				} else {
 					// reuse the already set password, but only if we change permissions
@@ -1252,6 +1253,8 @@ class Share extends Constants {
 			throw new \Exception('Cannot remove password');
 		}
 
+		self::verifyPassword($password);
+
 		$qb = $connection->getQueryBuilder();
 		$qb->update('*PREFIX*share')
 			->set('share_with', $qb->createParameter('pass'))
@@ -2604,4 +2607,23 @@ class Share extends Constants {
 		$result = \OC::$server->getDatabaseConnection()->executeQuery($query, [$id]);
 		return $result->fetchAll();
 	}
+
+	/**
+	 * @param string $password
+	 * @throws \Exception
+	 */
+	private static function verifyPassword($password) {
+
+		$accepted = true;
+		$message = '';
+		\OCP\Util::emitHook('\OC\Share', 'verifyPassword', [
+			'password' => $password,
+			'accepted' => &$accepted,
+			'message' => &$message
+		]);
+
+		if (!$accepted) {
+			throw new \Exception($message);
+		}
+	}
 }

From 632e39a750ebc9e7063fe1b73fab059ef511f692 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thomas=20M=C3=BCller?= <thomas.mueller@tmit.eu>
Date: Thu, 23 Jul 2015 16:09:40 +0200
Subject: [PATCH 2/2] Fix PHPDoc on setPassword

---
 lib/private/share/share.php | 2 +-
 lib/public/share.php        | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/private/share/share.php b/lib/private/share/share.php
index ab42c0daab4..c0285125234 100644
--- a/lib/private/share/share.php
+++ b/lib/private/share/share.php
@@ -1219,7 +1219,7 @@ class Share extends Constants {
 	}
 
 	/**
-	 * Set expiration date for a share
+	 * Set password for a public link share
 	 *
 	 * @param IUserSession $userSession
 	 * @param IDBConnection $connection
diff --git a/lib/public/share.php b/lib/public/share.php
index 86e6deb9194..0f5c68c576d 100644
--- a/lib/public/share.php
+++ b/lib/public/share.php
@@ -344,7 +344,7 @@ class Share extends \OC\Share\Constants {
 	}
 
 	/**
-	 * Set expiration date for a share
+	 * Set password for a public link share
 	 * @param int $shareId
 	 * @param string $password
 	 * @return boolean