Improve networking checks

Whilst we currently state that SSRF is generally outside of our threat model, this is something where we should invest to improve this. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
author: Lukas Reschke <lukas@statuscode.ch> 2021-03-23 16:41:31 +0000
committer: GitHub <noreply@github.com> 2021-04-06 11:37:47 +0000
commit: 5f3abffe6f37b4f8639fde8bcaf35d873a17636c (patch)
tree: 3498450ac8351f5a292dacc7cb17de9b27e4535b /tests/lib/Http/Client/ClientServiceTest.php
parent: 2056b76c5fb29fa9273c50e17e54c5cf43f8a5fc (diff)
download: nextcloud-server-5f3abffe6f37b4f8639fde8bcaf35d873a17636c.tar.gz
nextcloud-server-5f3abffe6f37b4f8639fde8bcaf35d873a17636c.zip
1 files changed, 31 insertions, 2 deletions
diff --git a/tests/lib/Http/Client/ClientServiceTest.php b/tests/lib/Http/Client/ClientServiceTest.php
index b1bc5a188ce..f529e25966e 100644
--- a/tests/lib/Http/Client/ClientServiceTest.php
+++ b/tests/lib/Http/Client/ClientServiceTest.php
@@ -9,8 +9,12 @@
 namespace Test\Http\Client;
 
 use GuzzleHttp\Client as GuzzleClient;
+use GuzzleHttp\HandlerStack;
+use GuzzleHttp\Handler\CurlHandler;
 use OC\Http\Client\Client;
 use OC\Http\Client\ClientService;
+use OC\Http\Client\DnsPinMiddleware;
+use OC\Http\Client\LocalAddressChecker;
 use OCP\ICertificateManager;
 use OCP\IConfig;
 use OCP\ILogger;
@@ -25,10 +29,35 @@ class ClientServiceTest extends \Test\TestCase {
 		/** @var ICertificateManager $certificateManager */
 		$certificateManager = $this->createMock(ICertificateManager::class);
 		$logger = $this->createMock(ILogger::class);
+		$dnsPinMiddleware = $this->createMock(DnsPinMiddleware::class);
+		$dnsPinMiddleware
+			->expects($this->atLeastOnce())
+			->method('addDnsPinning')
+			->willReturn(function () {
+			});
+		$localAddressChecker = $this->createMock(LocalAddressChecker::class);
+
+		$clientService = new ClientService(
+			$config,
+			$logger,
+			$certificateManager,
+			$dnsPinMiddleware,
+			$localAddressChecker
+		);
+
+		$handler = new CurlHandler();
+		$stack = HandlerStack::create($handler);
+		$stack->push($dnsPinMiddleware->addDnsPinning());
+		$guzzleClient = new GuzzleClient(['handler' => $stack]);
 
-		$clientService = new ClientService($config, $logger, $certificateManager);
 		$this->assertEquals(
-			new Client($config, $logger, $certificateManager, new GuzzleClient()),
+			new Client(
+				$config,
+				$logger,
+				$certificateManager,
+				$guzzleClient,
+				$localAddressChecker
+			),
 			$clientService->newClient()
 		);
 	}
author	Lukas Reschke <lukas@statuscode.ch>	2021-03-23 16:41:31 +0000
committer	GitHub <noreply@github.com>	2021-04-06 11:37:47 +0000
commit	5f3abffe6f37b4f8639fde8bcaf35d873a17636c (patch)
tree	3498450ac8351f5a292dacc7cb17de9b27e4535b /tests/lib/Http/Client/ClientServiceTest.php
parent	2056b76c5fb29fa9273c50e17e54c5cf43f8a5fc (diff)
download	nextcloud-server-5f3abffe6f37b4f8639fde8bcaf35d873a17636c.tar.gz nextcloud-server-5f3abffe6f37b4f8639fde8bcaf35d873a17636c.zip