Skip to content

Commit 13f348b

Browse files
nickvergessennickvergessen
authored
Merge pull request nextcloud#41872 from nextcloud/backport/40108/stable25
[stable25] feat: add switch to disable dns pinning
2 parents 25dad2e + 13fda8b commit 13f348b

File tree

2 files changed

+46
-4
lines changed

2 files changed

+46
-4
lines changed

lib/private/Http/Client/ClientService.php

+4-3
Original file line numberDiff line numberDiff line change
@@ -27,8 +27,8 @@
2727
namespace OC\Http\Client;
2828

2929
use GuzzleHttp\Client as GuzzleClient;
30-
use GuzzleHttp\HandlerStack;
3130
use GuzzleHttp\Handler\CurlHandler;
31+
use GuzzleHttp\HandlerStack;
3232
use OCP\Http\Client\IClient;
3333
use OCP\Http\Client\IClientService;
3434
use OCP\ICertificateManager;
@@ -65,8 +65,9 @@ public function __construct(IConfig $config,
6565
public function newClient(): IClient {
6666
$handler = new CurlHandler();
6767
$stack = HandlerStack::create($handler);
68-
$stack->push($this->dnsPinMiddleware->addDnsPinning());
69-
68+
if ($this->config->getSystemValueBool('dns_pinning', true)) {
69+
$stack->push($this->dnsPinMiddleware->addDnsPinning());
70+
}
7071
$client = new GuzzleClient(['handler' => $stack]);
7172

7273
return new Client(

tests/lib/Http/Client/ClientServiceTest.php

+42-1
Original file line numberDiff line numberDiff line change
@@ -9,8 +9,8 @@
99
namespace Test\Http\Client;
1010

1111
use GuzzleHttp\Client as GuzzleClient;
12-
use GuzzleHttp\HandlerStack;
1312
use GuzzleHttp\Handler\CurlHandler;
13+
use GuzzleHttp\HandlerStack;
1414
use OC\Http\Client\Client;
1515
use OC\Http\Client\ClientService;
1616
use OC\Http\Client\DnsPinMiddleware;
@@ -25,6 +25,9 @@ class ClientServiceTest extends \Test\TestCase {
2525
public function testNewClient(): void {
2626
/** @var IConfig $config */
2727
$config = $this->createMock(IConfig::class);
28+
$config->method('getSystemValueBool')
29+
->with('dns_pinning', true)
30+
->willReturn(true);
2831
/** @var ICertificateManager $certificateManager */
2932
$certificateManager = $this->createMock(ICertificateManager::class);
3033
$dnsPinMiddleware = $this->createMock(DnsPinMiddleware::class);
@@ -57,4 +60,42 @@ public function testNewClient(): void {
5760
$clientService->newClient()
5861
);
5962
}
63+
64+
public function testDisableDnsPinning(): void {
65+
/** @var IConfig $config */
66+
$config = $this->createMock(IConfig::class);
67+
$config->method('getSystemValueBool')
68+
->with('dns_pinning', true)
69+
->willReturn(false);
70+
/** @var ICertificateManager $certificateManager */
71+
$certificateManager = $this->createMock(ICertificateManager::class);
72+
$dnsPinMiddleware = $this->createMock(DnsPinMiddleware::class);
73+
$dnsPinMiddleware
74+
->expects($this->never())
75+
->method('addDnsPinning')
76+
->willReturn(function () {
77+
});
78+
$localAddressChecker = $this->createMock(LocalAddressChecker::class);
79+
80+
$clientService = new ClientService(
81+
$config,
82+
$certificateManager,
83+
$dnsPinMiddleware,
84+
$localAddressChecker
85+
);
86+
87+
$handler = new CurlHandler();
88+
$stack = HandlerStack::create($handler);
89+
$guzzleClient = new GuzzleClient(['handler' => $stack]);
90+
91+
$this->assertEquals(
92+
new Client(
93+
$config,
94+
$certificateManager,
95+
$guzzleClient,
96+
$localAddressChecker
97+
),
98+
$clientService->newClient()
99+
);
100+
}
60101
}

0 commit comments

Comments
 (0)