diff options
| author | Arthur Schiwon <blizzz@arthur-schiwon.de> | 2024-04-10 21:45:33 +0200 |
|---|---|---|
| committer | backportbot[bot] <backportbot[bot]@users.noreply.github.com> | 2024-04-11 09:53:41 +0000 |
| commit | 4c59bc1b9d16fbb608273fdbd361be4df4c3c959 (patch) | |
| tree | 2fc9130872ff66bab2e44778d56b9d5b146b73f2 /apps/federation | |
| parent | 9051cc54b2ffbca79b380a92d3fca5b634cb0c2b (diff) | |
| download | nextcloud-server-4c59bc1b9d16fbb608273fdbd361be4df4c3c959.tar.gz nextcloud-server-4c59bc1b9d16fbb608273fdbd361be4df4c3c959.zip | |
fix(federation): give some time to prepare both servers
- when this background job runs, while the current server was not being
added as trusted_server in the other instance, yet, the secret sharing
would not be attempted again, without visual feedback.
- the change allows 5 attempts, which gives more than 20minutes to
complete. More do not really help as the endpoint is brute force
protected.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
Diffstat (limited to 'apps/federation')
| -rw-r--r-- | apps/federation/lib/BackgroundJob/RequestSharedSecret.php | 10 | ||||
| -rw-r--r-- | apps/federation/tests/BackgroundJob/RequestSharedSecretTest.php | 8 |
2 files changed, 13 insertions, 5 deletions
diff --git a/apps/federation/lib/BackgroundJob/RequestSharedSecret.php b/apps/federation/lib/BackgroundJob/RequestSharedSecret.php index 98eb81000f2..f8c25168b56 100644 --- a/apps/federation/lib/BackgroundJob/RequestSharedSecret.php +++ b/apps/federation/lib/BackgroundJob/RequestSharedSecret.php @@ -160,7 +160,7 @@ class RequestSharedSecret extends Job { // if we received a unexpected response we try again later if ( $status !== Http::STATUS_OK - && $status !== Http::STATUS_FORBIDDEN + && ($status !== Http::STATUS_FORBIDDEN || $this->getAttempt($argument) < 5) ) { $this->retainJob = true; } @@ -173,14 +173,20 @@ class RequestSharedSecret extends Job { $url = $argument['url']; $created = isset($argument['created']) ? (int)$argument['created'] : $this->time->getTime(); $token = $argument['token']; + $attempt = $this->getAttempt($argument) + 1; $this->jobList->add( RequestSharedSecret::class, [ 'url' => $url, 'token' => $token, - 'created' => $created + 'created' => $created, + 'attempt' => $attempt ] ); } + + protected function getAttempt(array $argument): int { + return $argument['attempt'] ?? 0; + } } diff --git a/apps/federation/tests/BackgroundJob/RequestSharedSecretTest.php b/apps/federation/tests/BackgroundJob/RequestSharedSecretTest.php index 5aca6005f94..059348aa8ab 100644 --- a/apps/federation/tests/BackgroundJob/RequestSharedSecretTest.php +++ b/apps/federation/tests/BackgroundJob/RequestSharedSecretTest.php @@ -142,6 +142,7 @@ class RequestSharedSecretTest extends TestCase { 'url' => 'url', 'token' => 'token', 'created' => 42, + 'attempt' => 1, ] ); } else { @@ -164,12 +165,12 @@ class RequestSharedSecretTest extends TestCase { * * @param int $statusCode */ - public function testRun($statusCode) { + public function testRun(int $statusCode, int $attempt = 0): void { $target = 'targetURL'; $source = 'sourceURL'; $token = 'token'; - $argument = ['url' => $target, 'token' => $token]; + $argument = ['url' => $target, 'token' => $token, 'attempt' => $attempt]; $this->timeFactory->method('getTime')->willReturn(42); @@ -196,7 +197,7 @@ class RequestSharedSecretTest extends TestCase { $this->invokePrivate($this->requestSharedSecret, 'run', [$argument]); if ( $statusCode !== Http::STATUS_OK - && $statusCode !== Http::STATUS_FORBIDDEN + && ($statusCode !== Http::STATUS_FORBIDDEN || $attempt < 5) ) { $this->assertTrue($this->invokePrivate($this->requestSharedSecret, 'retainJob')); } else { @@ -207,6 +208,7 @@ class RequestSharedSecretTest extends TestCase { public function dataTestRun() { return [ [Http::STATUS_OK], + [Http::STATUS_FORBIDDEN, 5], [Http::STATUS_FORBIDDEN], [Http::STATUS_CONFLICT], ]; |