Skip to content

Commit adde079

Browse files
committed
fix(files_sharing): respect config to skip certificate verification
This is important especially for local development, as certificate are self-signed. Signed-off-by: Salvatore Martire <4652631+salmart-dev@users.noreply.github.com> [skip ci]
1 parent c337f40 commit adde079

File tree

5 files changed

+34
-7
lines changed

5 files changed

+34
-7
lines changed

apps/files_sharing/lib/AppInfo/Application.php

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -90,7 +90,8 @@ public function register(IRegistrationContext $context): void {
9090
function () use ($c) {
9191
return $c->get(Manager::class);
9292
},
93-
$c->get(ICloudIdManager::class)
93+
$c->get(ICloudIdManager::class),
94+
$c->get(IConfig::class),
9495
);
9596
});
9697

apps/files_sharing/lib/External/Manager.php

Lines changed: 9 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -46,6 +46,7 @@
4646
use OCP\Files\NotFoundException;
4747
use OCP\Files\Storage\IStorageFactory;
4848
use OCP\Http\Client\IClientService;
49+
use OCP\IConfig;
4950
use OCP\IDBConnection;
5051
use OCP\IGroupManager;
5152
use OCP\IUserManager;
@@ -98,6 +99,9 @@ class Manager {
9899
/** @var LoggerInterface */
99100
private $logger;
100101

102+
/** @var IConfig */
103+
private $config;
104+
101105
public function __construct(
102106
IDBConnection $connection,
103107
\OC\Files\Mount\Manager $mountManager,
@@ -111,7 +115,8 @@ public function __construct(
111115
IUserManager $userManager,
112116
IUserSession $userSession,
113117
IEventDispatcher $eventDispatcher,
114-
LoggerInterface $logger
118+
LoggerInterface $logger,
119+
IConfig $config,
115120
) {
116121
$user = $userSession->getUser();
117122
$this->connection = $connection;
@@ -127,6 +132,7 @@ public function __construct(
127132
$this->userManager = $userManager;
128133
$this->eventDispatcher = $eventDispatcher;
129134
$this->logger = $logger;
135+
$tihs->config = $config;
130136
}
131137

132138
/**
@@ -193,7 +199,8 @@ public function addShare($remote, $token, $password, $name, $owner, $shareType,
193199
'token' => $token,
194200
'password' => $password,
195201
'mountpoint' => $mountPoint,
196-
'owner' => $owner
202+
'owner' => $owner,
203+
'verify' => !$this->config->getSystemValueBool('sharing.federation.allowSelfSignedCertificates'),
197204
];
198205
return $this->mountShare($options);
199206
}

apps/files_sharing/lib/External/MountProvider.php

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -28,6 +28,7 @@
2828
use OCP\Federation\ICloudIdManager;
2929
use OCP\Files\Config\IMountProvider;
3030
use OCP\Files\Storage\IStorageFactory;
31+
use OCP\IConfig;
3132
use OCP\IDBConnection;
3233
use OCP\IUser;
3334

@@ -49,15 +50,21 @@ class MountProvider implements IMountProvider {
4950
*/
5051
private $cloudIdManager;
5152

53+
/**
54+
* @var IConfig
55+
*/
56+
private $config;
57+
5258
/**
5359
* @param \OCP\IDBConnection $connection
5460
* @param callable $managerProvider due to setup order we need a callable that return the manager instead of the manager itself
5561
* @param ICloudIdManager $cloudIdManager
5662
*/
57-
public function __construct(IDBConnection $connection, callable $managerProvider, ICloudIdManager $cloudIdManager) {
63+
public function __construct(IDBConnection $connection, callable $managerProvider, ICloudIdManager $cloudIdManager, IConfig $config) {
5864
$this->connection = $connection;
5965
$this->managerProvider = $managerProvider;
6066
$this->cloudIdManager = $cloudIdManager;
67+
$this->config = $config;
6168
}
6269

6370
public function getMount(IUser $user, $data, IStorageFactory $storageFactory) {
@@ -69,6 +76,7 @@ public function getMount(IUser $user, $data, IStorageFactory $storageFactory) {
6976
$data['cloudId'] = $this->cloudIdManager->getCloudId($data['owner'], $data['remote']);
7077
$data['certificateManager'] = \OC::$server->getCertificateManager();
7178
$data['HttpClientService'] = \OC::$server->getHTTPClientService();
79+
$data['verify'] = !$this->config->getSystemValueBool('sharing.federation.allowSelfSignedCertificates');
7280
return new Mount(self::STORAGE, $mountPoint, $data, $manager, $storageFactory);
7381
}
7482

apps/files_sharing/tests/External/ManagerTest.php

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -46,6 +46,7 @@
4646
use OCP\Http\Client\IClientService;
4747
use OCP\Http\Client\IResponse;
4848
use OCP\ICacheFactory;
49+
use OCP\IConfig;
4950
use OCP\IGroup;
5051
use OCP\IGroupManager;
5152
use OCP\IURLGenerator;
@@ -102,6 +103,7 @@ class ManagerTest extends TestCase {
102103
private $testMountProvider;
103104
/** @var IEventDispatcher|\PHPUnit\Framework\MockObject\MockObject */
104105
private $eventDispatcher;
106+
private IConfig $config;
105107

106108
protected function setUp(): void {
107109
parent::setUp();
@@ -113,6 +115,7 @@ protected function setUp(): void {
113115
->disableOriginalConstructor()->getMock();
114116
$this->cloudFederationProviderManager = $this->createMock(ICloudFederationProviderManager::class);
115117
$this->cloudFederationFactory = $this->createMock(ICloudFederationFactory::class);
118+
$this->config = $this->createMock(IConfig::class);
116119
$this->groupManager = $this->createMock(IGroupManager::class);
117120
$this->userManager = $this->createMock(IUserManager::class);
118121
$this->eventDispatcher = $this->createMock(IEventDispatcher::class);
@@ -136,7 +139,7 @@ protected function setUp(): void {
136139
$this->userManager,
137140
$this->createMock(ICacheFactory::class),
138141
$this->createMock(IEventDispatcher::class)
139-
));
142+
), $this->config);
140143

141144
$group1 = $this->createMock(IGroup::class);
142145
$group1->expects($this->any())->method('getGID')->willReturn('group1');
@@ -188,6 +191,7 @@ private function createManagerForUser($userId) {
188191
$userSession,
189192
$this->eventDispatcher,
190193
$this->logger,
194+
$this->config,
191195
]
192196
)->setMethods(['tryOCMEndPoint'])->getMock();
193197
}

lib/private/Files/Storage/DAV.php

Lines changed: 9 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -78,6 +78,7 @@ class DAV extends Common {
7878
protected $host;
7979
/** @var bool */
8080
protected $secure;
81+
protected bool $verify;
8182
/** @var string */
8283
protected $root;
8384
/** @var string */
@@ -138,6 +139,7 @@ public function __construct($params) {
138139
$this->secure = (bool)$params['secure'];
139140
}
140141
} else {
142+
$this->verify = false;
141143
$this->secure = false;
142144
}
143145
if ($this->secure === true) {
@@ -181,6 +183,9 @@ protected function init() {
181183
$this->client->setThrowExceptions(true);
182184

183185
if ($this->secure === true) {
186+
if ($this->verify === false) {
187+
$this->client->addCurlSetting(CURLOPT_SSL_VERIFYPEER, false);
188+
}
184189
$certPath = $this->certManager->getAbsoluteBundlePath();
185190
if (file_exists($certPath)) {
186191
$this->certPath = $certPath;
@@ -368,7 +373,8 @@ public function fopen($path, $mode) {
368373
'auth' => [$this->user, $this->password],
369374
'stream' => true,
370375
// set download timeout for users with slow connections or large files
371-
'timeout' => $this->timeout
376+
'timeout' => $this->timeout,
377+
'verify' => $this->verify,
372378
]);
373379
} catch (\GuzzleHttp\Exception\ClientException $e) {
374380
if ($e->getResponse() instanceof ResponseInterface
@@ -527,7 +533,8 @@ protected function uploadFile($path, $target) {
527533
'body' => $source,
528534
'auth' => [$this->user, $this->password],
529535
// set upload timeout for users with slow connections or large files
530-
'timeout' => $this->timeout
536+
'timeout' => $this->timeout,
537+
'verify' => $this->verify,
531538
]);
532539

533540
$this->removeCachedFile($target);

0 commit comments

Comments
 (0)