[Pkg-owncloud-commits] [owncloud] 28/34: check if the provided password is really the current log-in password
David Prévot
taffit at moszumanska.debian.org
Fri Nov 7 11:44:12 UTC 2014
This is an automated email from the git hooks/post-receive script.
taffit pushed a commit to branch master
in repository owncloud.
commit 9255da9856f97cac230ec452a61aef7f1c5a2ad2
Author: Bjoern Schiessle <schiessle at owncloud.com>
Date: Thu Nov 6 11:11:46 2014 +0100
check if the provided password is really the current log-in password
---
.../ajax/updatePrivateKeyPassword.php | 44 ++++++++++++++--------
1 file changed, 29 insertions(+), 15 deletions(-)
diff --git a/apps/files_encryption/ajax/updatePrivateKeyPassword.php b/apps/files_encryption/ajax/updatePrivateKeyPassword.php
index a14c9fe..f8d291d 100644
--- a/apps/files_encryption/ajax/updatePrivateKeyPassword.php
+++ b/apps/files_encryption/ajax/updatePrivateKeyPassword.php
@@ -18,6 +18,7 @@ use OCA\Encryption;
$l = OC_L10N::get('core');
$return = false;
+$errorMessage = $l->t('Could not update the private key password.');
$oldPassword = $_POST['oldPassword'];
$newPassword = $_POST['newPassword'];
@@ -26,30 +27,43 @@ $view = new \OC\Files\View('/');
$session = new \OCA\Encryption\Session($view);
$user = \OCP\User::getUser();
-$proxyStatus = \OC_FileProxy::$enabled;
-\OC_FileProxy::$enabled = false;
+// check new password
+$passwordCorrect = \OCP\User::checkPassword($user, $newPassword);
-$keyPath = '/' . $user . '/files_encryption/' . $user . '.private.key';
+if ($passwordCorrect !== false) {
-$encryptedKey = $view->file_get_contents($keyPath);
-$decryptedKey = \OCA\Encryption\Crypt::decryptPrivateKey($encryptedKey, $oldPassword);
+ $proxyStatus = \OC_FileProxy::$enabled;
+ \OC_FileProxy::$enabled = false;
-if ($decryptedKey) {
- $cipher = \OCA\Encryption\Helper::getCipher();
- $encryptedKey = \OCA\Encryption\Crypt::symmetricEncryptFileContent($decryptedKey, $newPassword, $cipher);
- if ($encryptedKey) {
- \OCA\Encryption\Keymanager::setPrivateKey($encryptedKey, $user);
- $session->setPrivateKey($decryptedKey);
- $return = true;
+ $keyPath = '/' . $user . '/files_encryption/' . $user . '.private.key';
+
+ $encryptedKey = $view->file_get_contents($keyPath);
+ $decryptedKey = \OCA\Encryption\Crypt::decryptPrivateKey($encryptedKey, $oldPassword);
+
+ if ($decryptedKey) {
+ $cipher = \OCA\Encryption\Helper::getCipher();
+ $encryptedKey = \OCA\Encryption\Crypt::symmetricEncryptFileContent($decryptedKey, $newPassword, $cipher);
+ if ($encryptedKey) {
+ \OCA\Encryption\Keymanager::setPrivateKey($encryptedKey, $user);
+ $session->setPrivateKey($decryptedKey);
+ $return = true;
+ }
+ } else {
+ $result = false;
+ $errorMessage = $l->t('The old password was not correct, please try again.');
}
-}
-\OC_FileProxy::$enabled = $proxyStatus;
+ \OC_FileProxy::$enabled = $proxyStatus;
+
+} else {
+ $result = false;
+ $errorMessage = $l->t('The current log-in password was not correct, please try again.');
+}
// success or failure
if ($return) {
$session->setInitialized(\OCA\Encryption\Session::INIT_SUCCESSFUL);
\OCP\JSON::success(array('data' => array('message' => $l->t('Private key password successfully updated.'))));
} else {
- \OCP\JSON::error(array('data' => array('message' => $l->t('Could not update the private key password. Maybe the old password was not correct.'))));
+ \OCP\JSON::error(array('data' => array('message' => $errorMessage)));
}
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-owncloud/owncloud.git
More information about the Pkg-owncloud-commits
mailing list