mirror of
https://github.com/the-djmaze/snappymail.git
synced 2026-07-13 03:27:39 +03:00
Replace Md5Rand in favor of Sha1Rand
This commit is contained in:
parent
dfa448c7cc
commit
33f42cc34d
9 changed files with 13 additions and 36 deletions
|
|
@ -63,7 +63,7 @@ class SubStreams
|
||||||
\stream_wrapper_register(self::STREAM_NAME, '\MailSo\Base\StreamWrappers\SubStreams');
|
\stream_wrapper_register(self::STREAM_NAME, '\MailSo\Base\StreamWrappers\SubStreams');
|
||||||
}
|
}
|
||||||
|
|
||||||
$sHashName = \MailSo\Base\Utils::Md5Rand();
|
$sHashName = \MailSo\Base\Utils::Sha1Rand();
|
||||||
|
|
||||||
self::$aStreams[$sHashName] = \array_map(function ($mItem) {
|
self::$aStreams[$sHashName] = \array_map(function ($mItem) {
|
||||||
return \is_resource($mItem) ? $mItem :
|
return \is_resource($mItem) ? $mItem :
|
||||||
|
|
|
||||||
|
|
@ -1661,11 +1661,6 @@ END;
|
||||||
return \is_string($mResult) && \strlen($mResult) ? $mResult : '';
|
return \is_string($mResult) && \strlen($mResult) ? $mResult : '';
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function Md5Rand(string $sAdditionalSalt = '') : string
|
|
||||||
{
|
|
||||||
return \md5($sAdditionalSalt . \random_bytes(16));
|
|
||||||
}
|
|
||||||
|
|
||||||
public static function Sha1Rand(string $sAdditionalSalt = '') : string
|
public static function Sha1Rand(string $sAdditionalSalt = '') : string
|
||||||
{
|
{
|
||||||
return \sha1($sAdditionalSalt . \random_bytes(16));
|
return \sha1($sAdditionalSalt . \random_bytes(16));
|
||||||
|
|
@ -1727,22 +1722,4 @@ END;
|
||||||
|
|
||||||
return ('' === $sUser ? '' : $sUser.'@').$sDomain;
|
return ('' === $sUser ? '' : $sUser.'@').$sDomain;
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function HashToId(string $sHash, string $sSalt = '') : int
|
|
||||||
{
|
|
||||||
$sData = $sHash ? Crypt::Decrypt(\hex2bin($sHash), \md5($sSalt)) : null;
|
|
||||||
|
|
||||||
$aMatch = array();
|
|
||||||
if ($sData && \preg_match('/^id:(\d+)$/', $sData, $aMatch) && isset($aMatch[1]))
|
|
||||||
{
|
|
||||||
return \is_numeric($aMatch[1]) ? (int) $aMatch[1] : null;
|
|
||||||
}
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
public static function IdToHash(int $iID, string $sSalt = '') : string
|
|
||||||
{
|
|
||||||
return \bin2hex(Crypt::Encrypt('id:'.$iID, \md5($sSalt)));
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -75,7 +75,7 @@ class Logger extends \MailSo\Base\Collection
|
||||||
static $sCache = null;
|
static $sCache = null;
|
||||||
if (null === $sCache)
|
if (null === $sCache)
|
||||||
{
|
{
|
||||||
$sCache = \substr(\MailSo\Base\Utils::Md5Rand(), -8);
|
$sCache = \substr(\MailSo\Base\Utils::Sha1Rand(), -8);
|
||||||
}
|
}
|
||||||
|
|
||||||
return $sCache;
|
return $sCache;
|
||||||
|
|
|
||||||
|
|
@ -818,7 +818,7 @@ class MailClient
|
||||||
{
|
{
|
||||||
do
|
do
|
||||||
{
|
{
|
||||||
$sKey = \MailSo\Base\Utils::Md5Rand();
|
$sKey = \MailSo\Base\Utils::Sha1Rand();
|
||||||
}
|
}
|
||||||
while (isset($aCache[$sKey]));
|
while (isset($aCache[$sKey]));
|
||||||
|
|
||||||
|
|
@ -834,7 +834,7 @@ class MailClient
|
||||||
{
|
{
|
||||||
do
|
do
|
||||||
{
|
{
|
||||||
$sKey = \MailSo\Base\Utils::Md5Rand();
|
$sKey = \MailSo\Base\Utils::Sha1Rand();
|
||||||
}
|
}
|
||||||
while (isset($aCache[$sKey]));
|
while (isset($aCache[$sKey]));
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -369,7 +369,7 @@ class Message
|
||||||
}
|
}
|
||||||
|
|
||||||
return '<'.
|
return '<'.
|
||||||
\MailSo\Base\Utils::Md5Rand($sHostName.
|
\MailSo\Base\Utils::Sha1Rand($sHostName.
|
||||||
(\MailSo\Base\Utils::FunctionExistsAndEnabled('getmypid') ? \getmypid() : '')).'@'.$sHostName.'>';
|
(\MailSo\Base\Utils::FunctionExistsAndEnabled('getmypid') ? \getmypid() : '')).'@'.$sHostName.'>';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1760,7 +1760,7 @@ class Actions
|
||||||
)) {
|
)) {
|
||||||
$oSettings = $this->SettingsProvider()->Load($oAccount);
|
$oSettings = $this->SettingsProvider()->Load($oAccount);
|
||||||
if ($oSettings) {
|
if ($oSettings) {
|
||||||
$sHash = \MailSo\Base\Utils::Md5Rand($sName . APP_VERSION . APP_SALT);
|
$sHash = \MailSo\Base\Utils::Sha1Rand($sName . APP_VERSION . APP_SALT);
|
||||||
|
|
||||||
$oSettings->SetConf('UserBackgroundName', $sName);
|
$oSettings->SetConf('UserBackgroundName', $sName);
|
||||||
$oSettings->SetConf('UserBackgroundHash', $sHash);
|
$oSettings->SetConf('UserBackgroundHash', $sHash);
|
||||||
|
|
|
||||||
|
|
@ -62,7 +62,7 @@ trait Admin
|
||||||
|
|
||||||
private function getAdminToken() : string
|
private function getAdminToken() : string
|
||||||
{
|
{
|
||||||
$sRand = \MailSo\Base\Utils::Md5Rand();
|
$sRand = \MailSo\Base\Utils::Sha1Rand();
|
||||||
if (!$this->Cacher(null, true)->Set(KeyPathHelper::SessionAdminKey($sRand), \time()))
|
if (!$this->Cacher(null, true)->Set(KeyPathHelper::SessionAdminKey($sRand), \time()))
|
||||||
{
|
{
|
||||||
$this->oLogger->Write('Cannot store an admin token',
|
$this->oLogger->Write('Cannot store an admin token',
|
||||||
|
|
|
||||||
|
|
@ -107,7 +107,7 @@ trait User
|
||||||
{
|
{
|
||||||
case 'zip':
|
case 'zip':
|
||||||
|
|
||||||
$sZipHash = \MailSo\Base\Utils::Md5Rand();
|
$sZipHash = \MailSo\Base\Utils::Sha1Rand();
|
||||||
$sZipFileName = $oFilesProvider->GenerateLocalFullFileName($oAccount, $sZipHash);
|
$sZipFileName = $oFilesProvider->GenerateLocalFullFileName($oAccount, $sZipHash);
|
||||||
|
|
||||||
if (!empty($sZipFileName)) {
|
if (!empty($sZipFileName)) {
|
||||||
|
|
@ -528,7 +528,7 @@ trait User
|
||||||
|
|
||||||
private function generateSignMeToken(string $sEmail) : string
|
private function generateSignMeToken(string $sEmail) : string
|
||||||
{
|
{
|
||||||
return \MailSo\Base\Utils::Md5Rand(APP_SALT.$sEmail);
|
return \MailSo\Base\Utils::Sha1Rand(APP_SALT.$sEmail);
|
||||||
}
|
}
|
||||||
|
|
||||||
private function getMimeFileByHash(\RainLoop\Model\Account $oAccount, string $sHash) : array
|
private function getMimeFileByHash(\RainLoop\Model\Account $oAccount, string $sHash) : array
|
||||||
|
|
@ -553,7 +553,7 @@ trait User
|
||||||
|
|
||||||
if ($oAccount && \is_resource($rResource))
|
if ($oAccount && \is_resource($rResource))
|
||||||
{
|
{
|
||||||
$sHash = \MailSo\Base\Utils::Md5Rand($sFileNameIn.'~'.$sContentTypeIn);
|
$sHash = \MailSo\Base\Utils::Sha1Rand($sFileNameIn.'~'.$sContentTypeIn);
|
||||||
$rTempResource = $oFileProvider->GetFile($oAccount, $sHash, 'wb+');
|
$rTempResource = $oFileProvider->GetFile($oAccount, $sHash, 'wb+');
|
||||||
|
|
||||||
if (\is_resource($rTempResource))
|
if (\is_resource($rTempResource))
|
||||||
|
|
|
||||||
|
|
@ -72,7 +72,7 @@ class Utils
|
||||||
$sToken = static::GetCookie($sKey, null);
|
$sToken = static::GetCookie($sKey, null);
|
||||||
if (null === $sToken)
|
if (null === $sToken)
|
||||||
{
|
{
|
||||||
$sToken = \MailSo\Base\Utils::Md5Rand(APP_SALT);
|
$sToken = \MailSo\Base\Utils::Sha1Rand(APP_SALT);
|
||||||
static::SetCookie($sKey, $sToken, \time() + 60 * 60 * 24 * 30);
|
static::SetCookie($sKey, $sToken, \time() + 60 * 60 * 24 * 30);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -89,9 +89,9 @@ class Utils
|
||||||
$sKey = 'rlsession';
|
$sKey = 'rlsession';
|
||||||
|
|
||||||
$sToken = static::GetCookie($sKey, null);
|
$sToken = static::GetCookie($sKey, null);
|
||||||
if (null === $sToken)
|
if (!$sToken)
|
||||||
{
|
{
|
||||||
$sToken = \MailSo\Base\Utils::Md5Rand(APP_SALT);
|
$sToken = \MailSo\Base\Utils::Sha1Rand(APP_SALT);
|
||||||
static::SetCookie($sKey, $sToken, 0);
|
static::SetCookie($sKey, $sToken, 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue