From f1486890d7391cfe15f210f4d7d38d18a7573ec4 Mon Sep 17 00:00:00 2001 From: Robin Appelman Date: Tue, 5 Jul 2022 16:06:55 +0200 Subject: [PATCH] only use nextcloud bundle when explicitly enabled Signed-off-by: Robin Appelman --- .../Files/ObjectStore/S3ConnectionTrait.php | 23 +++++++++++-------- .../Files/ObjectStore/S3ObjectTrait.php | 2 +- 2 files changed, 15 insertions(+), 10 deletions(-) diff --git a/lib/private/Files/ObjectStore/S3ConnectionTrait.php b/lib/private/Files/ObjectStore/S3ConnectionTrait.php index a1dd8ba3909..8286321450d 100644 --- a/lib/private/Files/ObjectStore/S3ConnectionTrait.php +++ b/lib/private/Files/ObjectStore/S3ConnectionTrait.php @@ -28,6 +28,7 @@ * along with this program. If not, see . * */ + namespace OC\Files\ObjectStore; use Aws\ClientResolver; @@ -143,7 +144,7 @@ trait S3ConnectionTrait { if (!$this->connection::isBucketDnsCompatible($this->bucket)) { $logger = \OC::$server->get(LoggerInterface::class); $logger->debug('Bucket "' . $this->bucket . '" This bucket name is not dns compatible, it may contain invalid characters.', - ['app' => 'objectstore']); + ['app' => 'objectstore']); } if ($this->params['verify_bucket_exists'] && !$this->connection->doesBucketExist($this->bucket)) { @@ -194,7 +195,7 @@ trait S3ConnectionTrait { /** * This function creates a credential provider based on user parameter file */ - protected function paramCredentialProvider() : callable { + protected function paramCredentialProvider(): callable { return function () { $key = empty($this->params['key']) ? null : $this->params['key']; $secret = empty($this->params['secret']) ? null : $this->params['secret']; @@ -210,14 +211,18 @@ trait S3ConnectionTrait { }; } - protected function getCertificateBundlePath(): string { - // since we store the certificate bundles on the primary storage, we can't get the bundle while setting up the primary storage - if (!isset($this->params['primary_storage'])) { - /** @var ICertificateManager $certManager */ - $certManager = \OC::$server->get(ICertificateManager::class); - return $certManager->getAbsoluteBundlePath(); + protected function getCertificateBundlePath(): ?string { + if ((int)($this->params['use_nextcloud_bundle'] ?? "0")) { + // since we store the certificate bundles on the primary storage, we can't get the bundle while setting up the primary storage + if (!isset($this->params['primary_storage'])) { + /** @var ICertificateManager $certManager */ + $certManager = \OC::$server->get(ICertificateManager::class); + return $certManager->getAbsoluteBundlePath(); + } else { + return \OC::$SERVERROOT . '/resources/config/ca-bundle.crt'; + } } else { - return \OC::$SERVERROOT . '/resources/config/ca-bundle.crt'; + return null; } } } diff --git a/lib/private/Files/ObjectStore/S3ObjectTrait.php b/lib/private/Files/ObjectStore/S3ObjectTrait.php index a4efc687236..0b2fd95c652 100644 --- a/lib/private/Files/ObjectStore/S3ObjectTrait.php +++ b/lib/private/Files/ObjectStore/S3ObjectTrait.php @@ -43,7 +43,7 @@ trait S3ObjectTrait { */ abstract protected function getConnection(); - abstract protected function getCertificateBundlePath(): string; + abstract protected function getCertificateBundlePath(): ?string; /** * @param string $urn the unified resource name used to identify the object -- 2.39.5