|
|
|
|
@ -3,7 +3,6 @@
|
|
|
|
|
namespace OCA\Files_Sharing;
|
|
|
|
|
|
|
|
|
|
use OC_Config;
|
|
|
|
|
use PasswordHash;
|
|
|
|
|
|
|
|
|
|
class Helper {
|
|
|
|
|
|
|
|
|
|
@ -99,14 +98,28 @@ class Helper {
|
|
|
|
|
if ($password !== null) {
|
|
|
|
|
if ($linkItem['share_type'] == \OCP\Share::SHARE_TYPE_LINK) {
|
|
|
|
|
// Check Password
|
|
|
|
|
$forcePortable = (CRYPT_BLOWFISH != 1);
|
|
|
|
|
$hasher = new PasswordHash(8, $forcePortable);
|
|
|
|
|
if (!($hasher->CheckPassword($password.OC_Config::getValue('passwordsalt', ''),
|
|
|
|
|
$linkItem['share_with']))) {
|
|
|
|
|
return false;
|
|
|
|
|
} else {
|
|
|
|
|
$newHash = '';
|
|
|
|
|
if(\OC::$server->getHasher()->verify($password, $linkItem['share_with'], $newHash)) {
|
|
|
|
|
// Save item id in session for future requests
|
|
|
|
|
\OC::$server->getSession()->set('public_link_authenticated', $linkItem['id']);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* FIXME: Migrate old hashes to new hash format
|
|
|
|
|
* Due to the fact that there is no reasonable functionality to update the password
|
|
|
|
|
* of an existing share no migration is yet performed there.
|
|
|
|
|
* The only possibility is to update the existing share which will result in a new
|
|
|
|
|
* share ID and is a major hack.
|
|
|
|
|
*
|
|
|
|
|
* In the future the migration should be performed once there is a proper method
|
|
|
|
|
* to update the share's password. (for example `$share->updatePassword($password)`
|
|
|
|
|
*
|
|
|
|
|
* @link https://github.com/owncloud/core/issues/10671
|
|
|
|
|
*/
|
|
|
|
|
if(!empty($newHash)) {
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
\OCP\Util::writeLog('share', 'Unknown share type '.$linkItem['share_type']
|
|
|
|
|
|
Thomas Müller