diff options
author | Daniel Kesselberg <mail@danielkesselberg.de> | 2023-08-29 17:20:16 +0200 |
---|---|---|
committer | backportbot-nextcloud[bot] <backportbot-nextcloud[bot]@users.noreply.github.com> | 2023-08-30 13:07:55 +0000 |
commit | 4338d0747dd38dc60cdc1104cb7b69d3c82095da (patch) | |
tree | 4d6d8fcbcd236759aec5802e9f8d7fa25bbe3427 | |
parent | 191e20d7f48338ca336fd0091301653251fc0667 (diff) | |
download | nextcloud-server-4338d0747dd38dc60cdc1104cb7b69d3c82095da.tar.gz nextcloud-server-4338d0747dd38dc60cdc1104cb7b69d3c82095da.zip |
feat: add switch to disable dns pinning
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
-rw-r--r-- | lib/private/Http/Client/ClientService.php | 6 | ||||
-rw-r--r-- | tests/lib/Http/Client/ClientServiceTest.php | 53 |
2 files changed, 56 insertions, 3 deletions
diff --git a/lib/private/Http/Client/ClientService.php b/lib/private/Http/Client/ClientService.php index 532aa7f566a..66f84e14c57 100644 --- a/lib/private/Http/Client/ClientService.php +++ b/lib/private/Http/Client/ClientService.php @@ -27,8 +27,8 @@ declare(strict_types=1); namespace OC\Http\Client; use GuzzleHttp\Client as GuzzleClient; -use GuzzleHttp\HandlerStack; use GuzzleHttp\Handler\CurlHandler; +use GuzzleHttp\HandlerStack; use GuzzleHttp\Middleware; use OCP\Diagnostics\IEventLogger; use OCP\Http\Client\IClient; @@ -75,7 +75,9 @@ class ClientService implements IClientService { public function newClient(): IClient { $handler = new CurlHandler(); $stack = HandlerStack::create($handler); - $stack->push($this->dnsPinMiddleware->addDnsPinning()); + if ($this->config->getSystemValueBool('dns_pinning', true)) { + $stack->push($this->dnsPinMiddleware->addDnsPinning()); + } $stack->push(Middleware::tap(function (RequestInterface $request) { $this->eventLogger->start('http:request', $request->getMethod() . " request to " . $request->getRequestTarget()); }, function () { diff --git a/tests/lib/Http/Client/ClientServiceTest.php b/tests/lib/Http/Client/ClientServiceTest.php index 40da0a2111c..3aae7ceae25 100644 --- a/tests/lib/Http/Client/ClientServiceTest.php +++ b/tests/lib/Http/Client/ClientServiceTest.php @@ -12,8 +12,8 @@ declare(strict_types=1); namespace Test\Http\Client; use GuzzleHttp\Client as GuzzleClient; -use GuzzleHttp\HandlerStack; use GuzzleHttp\Handler\CurlHandler; +use GuzzleHttp\HandlerStack; use GuzzleHttp\Middleware; use OC\Http\Client\Client; use OC\Http\Client\ClientService; @@ -32,6 +32,9 @@ class ClientServiceTest extends \Test\TestCase { public function testNewClient(): void { /** @var IConfig $config */ $config = $this->createMock(IConfig::class); + $config->method('getSystemValueBool') + ->with('dns_pinning', true) + ->willReturn(true); /** @var ICertificateManager $certificateManager */ $certificateManager = $this->createMock(ICertificateManager::class); $dnsPinMiddleware = $this->createMock(DnsPinMiddleware::class); @@ -74,4 +77,52 @@ class ClientServiceTest extends \Test\TestCase { $clientService->newClient() ); } + + public function testDisableDnsPinning(): void { + /** @var IConfig $config */ + $config = $this->createMock(IConfig::class); + $config->method('getSystemValueBool') + ->with('dns_pinning', true) + ->willReturn(false); + /** @var ICertificateManager $certificateManager */ + $certificateManager = $this->createMock(ICertificateManager::class); + $dnsPinMiddleware = $this->createMock(DnsPinMiddleware::class); + $dnsPinMiddleware + ->expects($this->never()) + ->method('addDnsPinning') + ->willReturn(function () { + }); + $remoteHostValidator = $this->createMock(IRemoteHostValidator::class); + $eventLogger = $this->createMock(IEventLogger::class); + $logger = $this->createMock(LoggerInterface::class); + + $clientService = new ClientService( + $config, + $certificateManager, + $dnsPinMiddleware, + $remoteHostValidator, + $eventLogger, + $logger, + ); + + $handler = new CurlHandler(); + $stack = HandlerStack::create($handler); + $stack->push(Middleware::tap(function (RequestInterface $request) use ($eventLogger) { + $eventLogger->start('http:request', $request->getMethod() . " request to " . $request->getRequestTarget()); + }, function () use ($eventLogger) { + $eventLogger->end('http:request'); + }), 'event logger'); + $guzzleClient = new GuzzleClient(['handler' => $stack]); + + $this->assertEquals( + new Client( + $config, + $certificateManager, + $guzzleClient, + $remoteHostValidator, + $logger, + ), + $clientService->newClient() + ); + } } |