fix for losing private key while being logged in and accessing a public link

This commit is contained in:
Florin Peter 2013-05-28 09:27:04 +02:00
parent 3420d853ab
commit 6f9e425939
3 changed files with 56 additions and 17 deletions

View File

@ -173,4 +173,20 @@ class Helper
return $return; return $return;
} }
/**
* @brief checks if access is public/anonymous user
* @return bool
*/
public static function isPublicAccess() {
if (\OCP\USER::getUser() === false
|| (isset($_GET['service']) && $_GET['service'] == 'files'
&& isset($_GET['t']))
) {
return true;
} else {
return false;
}
}
} }

View File

@ -83,17 +83,14 @@ class Session
} }
if ( \OCP\USER::getUser() === false || if (\OCA\Encryption\Helper::isPublicAccess()) {
( isset( $_GET['service'] ) && $_GET['service'] == 'files' &&
isset( $_GET['t'] ) )
) {
// Disable encryption proxy to prevent recursive calls // Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled; $proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false; \OC_FileProxy::$enabled = false;
$encryptedKey = $this->view->file_get_contents( '/owncloud_private_key/' . $publicShareKeyId . '.private.key' ); $encryptedKey = $this->view->file_get_contents( '/owncloud_private_key/' . $publicShareKeyId . '.private.key' );
$privateKey = Crypt::symmetricDecryptFileContent( $encryptedKey, '' ); $privateKey = Crypt::symmetricDecryptFileContent( $encryptedKey, '' );
$this->setPrivateKey( $privateKey ); $this->setPublicSharePrivateKey( $privateKey );
\OC_FileProxy::$enabled = $proxyStatus; \OC_FileProxy::$enabled = $proxyStatus;
} }
@ -103,6 +100,8 @@ class Session
* @brief Sets user private key to session * @brief Sets user private key to session
* @param string $privateKey * @param string $privateKey
* @return bool * @return bool
*
* @note this should only be set on login
*/ */
public function setPrivateKey( $privateKey ) { public function setPrivateKey( $privateKey ) {
@ -113,27 +112,53 @@ class Session
} }
/** /**
* @brief Gets user private key from session * @brief Gets user or public share private key from session
* @returns string $privateKey The user's plaintext private key * @returns string $privateKey The user's plaintext private key
* *
*/ */
public function getPrivateKey() { public function getPrivateKey() {
if ( // return the public share private key if this is a public access
isset( $_SESSION['privateKey'] ) if (\OCA\Encryption\Helper::isPublicAccess()) {
&& !empty( $_SESSION['privateKey'] ) return $this->getPublicSharePrivateKey();
) {
return $_SESSION['privateKey'];
} else { } else {
if (isset($_SESSION['privateKey']) && !empty($_SESSION['privateKey'])) {
return $_SESSION['privateKey'];
} else {
return false;
}
}
}
/**
* @brief Sets public user private key to session
* @param string $privateKey
* @return bool
*/
public function setPublicSharePrivateKey($privateKey) {
$_SESSION['publicSharePrivateKey'] = $privateKey;
return true;
}
/**
* @brief Gets public share private key from session
* @returns string $privateKey
*
*/
public function getPublicSharePrivateKey() {
if (isset($_SESSION['publicSharePrivateKey']) && !empty($_SESSION['publicSharePrivateKey'])) {
return $_SESSION['publicSharePrivateKey'];
} else {
return false; return false;
} }
} }
/** /**
* @brief Sets user legacy key to session * @brief Sets user legacy key to session
* @param $legacyKey * @param $legacyKey

View File

@ -127,9 +127,7 @@ class Util {
$this->recoveryKeyId = \OC_Appconfig::getValue('files_encryption', 'recoveryKeyId'); $this->recoveryKeyId = \OC_Appconfig::getValue('files_encryption', 'recoveryKeyId');
// if we are anonymous/public // if we are anonymous/public
if ($this->userId === false if (\OCA\Encryption\Helper::isPublicAccess()) {
|| (isset($_GET['service']) && $_GET['service'] == 'files' && isset($_GET['t']))
) {
$this->userId = $this->publicShareKeyId; $this->userId = $this->publicShareKeyId;
// only handle for files_sharing app // only handle for files_sharing app