clamp filekeys to max 72 chars

fixes a bug reported on discord: a sha512 checksum does not cleanly encode to base64, and the padding runs afoul of the safety-check added in 988a7223f4 as there is not a single reason to use a filekey that long, fix it by setting an upper limit (which is still ridiculous)
2025-08-17 09:02:15 -06:00 · 2025-01-22 22:17:57 +00:00 · 2025-01-22 22:17:57 +00:00 · e0cac6fd99
parent d9db1534b1
commit e0cac6fd99
2 changed files with 6 additions and 2 deletions
--- a/copyparty/authsrv.py
+++ b/copyparty/authsrv.py
@ -1832,7 +1832,11 @@ class AuthSrv(object):
            if fka and not fk:
                fk = fka
            if fk:
-                vol.flags["fk"] = int(fk) if fk is not True else 8
+                fk = 8 if fk is True else int(fk)
+                if fk > 72:
+                    t = "max filekey-length is 72; volume /%s specified %d (anything higher than 16 is pointless btw)"
+                    raise Exception(t % (vol.vpath, fk))
+                vol.flags["fk"] = fk
                have_fk = True

            dk = vol.flags.get("dk")
--- a/copyparty/httpcli.py
+++ b/copyparty/httpcli.py
@ -513,7 +513,7 @@ class HttpCli(object):
                return False

            if "k" in uparam:
-                m = RE_K.search(uparam["k"])
+                m = re_k.search(uparam["k"])
                if m:
                    zs = uparam["k"]
                    t = "malicious user; illegal filekey; req(%r) k(%r) => %r"