diff options
| author | Julius Knorr <jus@bitgrid.net> | 2024-09-20 00:39:39 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-09-20 00:39:39 +0200 |
| commit | e7f8ab1c3b7bdbc6f34a62e5b5bbaa2f903f467b (patch) | |
| tree | 89e5f62d451f4d34d1887579e5322699aba6bfe3 /lib | |
| parent | 2a59f4fc95305909b06f095fadb4770bfe8b3152 (diff) | |
| parent | 232c22fcd1652836c837aed04370ff0274d48678 (diff) | |
| download | nextcloud-server-e7f8ab1c3b7bdbc6f34a62e5b5bbaa2f903f467b.tar.gz nextcloud-server-e7f8ab1c3b7bdbc6f34a62e5b5bbaa2f903f467b.zip | |
Merge pull request #47340 from nextcloud/fix/federation-certificate-store
fix(federation): Do not overwrite certificate bundle
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/private/Federation/CloudFederationProviderManager.php | 45 | ||||
| -rw-r--r-- | lib/private/OCM/OCMDiscoveryService.php | 13 |
2 files changed, 29 insertions, 29 deletions
diff --git a/lib/private/Federation/CloudFederationProviderManager.php b/lib/private/Federation/CloudFederationProviderManager.php index be9e66fa9ec..bf7648d472b 100644 --- a/lib/private/Federation/CloudFederationProviderManager.php +++ b/lib/private/Federation/CloudFederationProviderManager.php @@ -106,13 +106,9 @@ class CloudFederationProviderManager implements ICloudFederationProviderManager $client = $this->httpClientService->newClient(); try { - $response = $client->post($ocmProvider->getEndPoint() . '/shares', [ + $response = $client->post($ocmProvider->getEndPoint() . '/shares', array_merge($this->getDefaultRequestOptions(), [ 'body' => json_encode($share->getShare()), - 'headers' => ['content-type' => 'application/json'], - 'verify' => !$this->config->getSystemValueBool('sharing.federation.allowSelfSignedCertificates', false), - 'timeout' => 10, - 'connect_timeout' => 10, - ]); + ])); if ($response->getStatusCode() === Http::STATUS_CREATED) { $result = json_decode($response->getBody(), true); @@ -143,13 +139,9 @@ class CloudFederationProviderManager implements ICloudFederationProviderManager $client = $this->httpClientService->newClient(); try { - return $client->post($ocmProvider->getEndPoint() . '/shares', [ + return $client->post($ocmProvider->getEndPoint() . '/shares', array_merge($this->getDefaultRequestOptions(), [ 'body' => json_encode($share->getShare()), - 'headers' => ['content-type' => 'application/json'], - 'verify' => !$this->config->getSystemValueBool('sharing.federation.allowSelfSignedCertificates', false), - 'timeout' => 10, - 'connect_timeout' => 10, - ]); + ])); } catch (\Throwable $e) { $this->logger->error('Error while sending share to federation server: ' . $e->getMessage(), ['exception' => $e]); try { @@ -175,13 +167,9 @@ class CloudFederationProviderManager implements ICloudFederationProviderManager $client = $this->httpClientService->newClient(); try { - $response = $client->post($ocmProvider->getEndPoint() . '/notifications', [ + $response = $client->post($ocmProvider->getEndPoint() . '/notifications', array_merge($this->getDefaultRequestOptions(), [ 'body' => json_encode($notification->getMessage()), - 'headers' => ['content-type' => 'application/json'], - 'verify' => !$this->config->getSystemValueBool('sharing.federation.allowSelfSignedCertificates', false), - 'timeout' => 10, - 'connect_timeout' => 10, - ]); + ])); if ($response->getStatusCode() === Http::STATUS_CREATED) { $result = json_decode($response->getBody(), true); return (is_array($result)) ? $result : []; @@ -205,13 +193,9 @@ class CloudFederationProviderManager implements ICloudFederationProviderManager $client = $this->httpClientService->newClient(); try { - return $client->post($ocmProvider->getEndPoint() . '/notifications', [ + return $client->post($ocmProvider->getEndPoint() . '/notifications', array_merge($this->getDefaultRequestOptions(), [ 'body' => json_encode($notification->getMessage()), - 'headers' => ['content-type' => 'application/json'], - 'verify' => !$this->config->getSystemValueBool('sharing.federation.allowSelfSignedCertificates', false), - 'timeout' => 10, - 'connect_timeout' => 10, - ]); + ])); } catch (\Throwable $e) { $this->logger->error('Error while sending notification to federation server: ' . $e->getMessage(), ['exception' => $e]); try { @@ -230,4 +214,17 @@ class CloudFederationProviderManager implements ICloudFederationProviderManager public function isReady() { return $this->appManager->isEnabledForUser('cloud_federation_api'); } + + private function getDefaultRequestOptions(): array { + $options = [ + 'headers' => ['content-type' => 'application/json'], + 'timeout' => 10, + 'connect_timeout' => 10, + ]; + + if ($this->config->getSystemValueBool('sharing.federation.allowSelfSignedCertificates')) { + $options['verify'] = false; + } + return $options; + } } diff --git a/lib/private/OCM/OCMDiscoveryService.php b/lib/private/OCM/OCMDiscoveryService.php index 62313a9af80..279162c76f2 100644 --- a/lib/private/OCM/OCMDiscoveryService.php +++ b/lib/private/OCM/OCMDiscoveryService.php @@ -66,13 +66,16 @@ class OCMDiscoveryService implements IOCMDiscoveryService { $client = $this->clientService->newClient(); try { + $options = [ + 'timeout' => 10, + 'connect_timeout' => 10, + ]; + if ($this->config->getSystemValueBool('sharing.federation.allowSelfSignedCertificates') === true) { + $options['verify'] = false; + } $response = $client->get( $remote . '/ocm-provider/', - [ - 'timeout' => 10, - 'verify' => !$this->config->getSystemValueBool('sharing.federation.allowSelfSignedCertificates'), - 'connect_timeout' => 10, - ] + $options, ); if ($response->getStatusCode() === Http::STATUS_OK) { |