diff options
author | Julius Härtl <jus@bitgrid.net> | 2020-07-22 11:05:51 +0300 |
---|---|---|
committer | Julius Härtl <jus@bitgrid.net> | 2020-08-14 08:58:40 +0300 |
commit | 36cfdd320bd766798930dc09acea74b27f58d95c (patch) | |
tree | 21afcb71b33a109cc1d2d2bfb739f3f64ef1a8bd /apps/settings/lib/Controller/ChangePasswordController.php | |
parent | ed461155930219c2de3a648e7dfdf75778af2f7a (diff) |
Harden key generation
There might be cases where multiple requests trigger the key generation
at the same time and the instance ends up with a non-fitting
public/private key pair. Therefore the whole key generation should be
locked. Other than that this makes sure that user key generation return
values are properly validated.
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Diffstat (limited to 'apps/settings/lib/Controller/ChangePasswordController.php')
-rw-r--r-- | apps/settings/lib/Controller/ChangePasswordController.php | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/apps/settings/lib/Controller/ChangePasswordController.php b/apps/settings/lib/Controller/ChangePasswordController.php index 3006e89318f..668b0e49e66 100644 --- a/apps/settings/lib/Controller/ChangePasswordController.php +++ b/apps/settings/lib/Controller/ChangePasswordController.php @@ -188,7 +188,9 @@ class ChangePasswordController extends Controller { \OC::$server->getUserSession(), new \OCA\Encryption\Session(\OC::$server->getSession()), \OC::$server->getLogger(), - $util); + $util, + \OC::$server->getLockingProvider() + ); $recovery = new \OCA\Encryption\Recovery( \OC::$server->getUserSession(), $crypt, |