From e0cac6fd993ffe11854d202fe8c6847786f60411 Mon Sep 17 00:00:00 2001
From: ed <s@ocv.me>
Date: Wed, 22 Jan 2025 22:17:57 +0000
Subject: [PATCH] clamp filekeys to max 72 chars

fixes a bug reported on discord:

a sha512 checksum does not cleanly encode to base64, and the
padding runs afoul of the safety-check added in 988a7223f4b6

as there is not a single reason to use a filekey that long,
fix it by setting an upper limit (which is still ridiculous)
---
 copyparty/authsrv.py | 6 +++++-
 copyparty/httpcli.py | 2 +-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/copyparty/authsrv.py b/copyparty/authsrv.py
index bd997caa..58c228be 100644
--- a/copyparty/authsrv.py
+++ b/copyparty/authsrv.py
@@ -1832,7 +1832,11 @@ class AuthSrv(object):
             if fka and not fk:
                 fk = fka
             if fk:
-                vol.flags["fk"] = int(fk) if fk is not True else 8
+                fk = 8 if fk is True else int(fk)
+                if fk > 72:
+                    t = "max filekey-length is 72; volume /%s specified %d (anything higher than 16 is pointless btw)"
+                    raise Exception(t % (vol.vpath, fk))
+                vol.flags["fk"] = fk
                 have_fk = True
 
             dk = vol.flags.get("dk")
diff --git a/copyparty/httpcli.py b/copyparty/httpcli.py
index 5a95e8eb..659f2af7 100644
--- a/copyparty/httpcli.py
+++ b/copyparty/httpcli.py
@@ -513,7 +513,7 @@ class HttpCli(object):
                 return False
 
             if "k" in uparam:
-                m = RE_K.search(uparam["k"])
+                m = re_k.search(uparam["k"])
                 if m:
                     zs = uparam["k"]
                     t = "malicious user; illegal filekey; req(%r) k(%r) => %r"