diff -Nru nextcloud-desktop-3.9.50-20230720.200343.bb87813a4/debian/changelog nextcloud-desktop-3.9.50-20230720.202218.c42cb2874/debian/changelog --- nextcloud-desktop-3.9.50-20230720.200343.bb87813a4/debian/changelog 2023-07-20 20:05:44.000000000 +0000 +++ nextcloud-desktop-3.9.50-20230720.202218.c42cb2874/debian/changelog 2023-07-20 20:23:24.000000000 +0000 @@ -1,8 +1,50 @@ -nextcloud-desktop (3.9.50-20230720.200343.bb87813a4-1.0~kinetic1) kinetic; urgency=medium +nextcloud-desktop (3.9.50-20230720.202218.c42cb2874-1.0~kinetic1) kinetic; urgency=medium - * Merge commit 'bb87813a4006ad323abd925c1acb3ecfec68b59a' into HEAD + * Merge commit 'c42cb287414eeba949baeaa8ea1fff97775805a8' into HEAD - -- Claudio Cambra Thu, 20 Jul 2023 20:05:44 +0000 + -- Claudio Cambra Thu, 20 Jul 2023 20:23:24 +0000 + +nextcloud-desktop (3.9.50-20230720.155138.c42cb2874-1.0~kinetic1) kinetic; urgency=medium + + * Merge pull request #5717 from nextcloud/bugfix/better-password-gen + + -- Claudio Cambra Thu, 20 Jul 2023 17:51:38 +0200 + +nextcloud-desktop (3.9.50-20230608.091647.9df47cf1c-1.0~kinetic1) kinetic; urgency=medium + + * Simplify loop to write bytes to password + + -- Claudio Cambra Thu, 8 Jun 2023 17:16:47 +0800 + +nextcloud-desktop (3.9.50-20230608.091428.4c8007e46-1.0~kinetic1) kinetic; urgency=medium + + * Use std::array to store hash bytes + + -- Claudio Cambra Thu, 8 Jun 2023 17:14:28 +0800 + +nextcloud-desktop (3.9.50-20230520.163454.b404f1a54-1.0~kinetic1) kinetic; urgency=medium + + * Replace use of std::rand with improved C++11 random + + -- Claudio Cambra Sun, 21 May 2023 00:34:54 +0800 + +nextcloud-desktop (3.9.50-20230520.153012.f9ded784b-1.0~kinetic1) kinetic; urgency=medium + + * Guarantee that the generated password for share will have all the types of characters needed to pass server check + + -- Claudio Cambra Sat, 20 May 2023 23:30:12 +0800 + +nextcloud-desktop (3.9.50-20230520.151231.32acf504c-1.0~kinetic1) kinetic; urgency=medium + + * Simplify password generation in sharemodel + + -- Claudio Cambra Sat, 20 May 2023 23:12:31 +0800 + +nextcloud-desktop (3.9.50-20230519.075206.c4d1bdf46-1.0~kinetic1) kinetic; urgency=medium + + * Generate better passwords for shares + + -- Claudio Cambra Fri, 19 May 2023 15:52:06 +0800 nextcloud-desktop (3.9.50-20230720.152150.bb87813a4-1.0~kinetic1) kinetic; urgency=medium diff -Nru nextcloud-desktop-3.9.50-20230720.200343.bb87813a4/src/gui/filedetails/sharemodel.cpp nextcloud-desktop-3.9.50-20230720.202218.c42cb2874/src/gui/filedetails/sharemodel.cpp --- nextcloud-desktop-3.9.50-20230720.200343.bb87813a4/src/gui/filedetails/sharemodel.cpp 2023-07-20 20:01:52.000000000 +0000 +++ nextcloud-desktop-3.9.50-20230720.202218.c42cb2874/src/gui/filedetails/sharemodel.cpp 2023-07-20 20:21:23.000000000 +0000 @@ -17,10 +17,12 @@ #include #include +#include +#include + #include "account.h" #include "folderman.h" #include "theme.h" -#include "wordlist.h" namespace { @@ -28,16 +30,68 @@ static const auto internalLinkShareId = QStringLiteral("__internalLinkShareId__"); static const auto secureFileDropPlaceholderLinkShareId = QStringLiteral("__secureFileDropPlaceholderLinkShareId__"); +constexpr auto asciiMin = 33; +constexpr auto asciiMax = 126; +constexpr auto asciiRange = asciiMax - asciiMin; + QString createRandomPassword() { - const auto words = OCC::WordList::getRandomWords(10); + static constexpr auto numChars = 24; - const auto addFirstLetter = [](const QString ¤t, const QString &next) -> QString { - return current + next.at(0); + static constexpr std::string_view lowercaseAlphabet = "abcdefghijklmnopqrstuvwxyz"; + static constexpr std::string_view uppercaseAlphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"; + static constexpr std::string_view numbers = "0123456789"; + static constexpr std::string_view specialChars = R"(ªº\\/|"'*+-_´¨{}·#$%&()=\[\]<>;:@~)"; + + static const QRegularExpression lowercaseMatch("[a-z]"); + static const QRegularExpression uppercaseMatch("[A-Z]"); + static const QRegularExpression numberMatch("[0-9]"); + static const QRegularExpression specialCharMatch(QString("[%1]").arg(specialChars.data())); + + static const std::map matchMap { + { lowercaseAlphabet, lowercaseMatch }, + { uppercaseAlphabet, uppercaseMatch }, + { numbers, numberMatch }, + { specialChars, specialCharMatch }, }; - return std::accumulate(std::cbegin(words), std::cend(words), QString(), addFirstLetter); + std::random_device rand_dev; + std::mt19937 rng(rand_dev()); + + QString passwd; + std::array unsignedCharArray; + + RAND_bytes(unsignedCharArray.data(), numChars); + + for (const auto newChar : unsignedCharArray) { + // Ensure byte is within asciiRange + const auto byte = (newChar % (asciiRange + 1)) + asciiMin; + passwd.append(byte); + } + + for (const auto &charsWithMatcher : matchMap) { + const auto selectionChars = charsWithMatcher.first; + const auto matcher = charsWithMatcher.second; + Q_ASSERT(matcher.isValid()); + + if (matcher.match(passwd).hasMatch()) { + continue; + } + + // add random required character at random position + std::uniform_int_distribution passwdDist(0, passwd.length() - 1); + std::uniform_int_distribution charsDist(0, selectionChars.length() - 1); + + const auto passwdInsertIndex = passwdDist(rng); + const auto charToInsertIndex = charsDist(rng); + const auto charToInsert = selectionChars.at(charToInsertIndex); + + passwd.insert(passwdInsertIndex, charToInsert); + } + + return passwd; } + } namespace OCC