Skip to content

Commit 5dca9e6

Browse files
kesselbkesselb
committed
feat: add switch to disable dns pinning
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
1 parent 25dad2e commit 5dca9e6

2 files changed

Lines changed: 48 additions & 4 deletions

File tree

lib/private/Http/Client/ClientService.php

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -27,8 +27,10 @@
2727
namespace OC\Http\Client;
2828

2929
use GuzzleHttp\Client as GuzzleClient;
30-
use GuzzleHttp\HandlerStack;
3130
use GuzzleHttp\Handler\CurlHandler;
31+
use GuzzleHttp\HandlerStack;
32+
use GuzzleHttp\Middleware;
33+
use OCP\Diagnostics\IEventLogger;
3234
use OCP\Http\Client\IClient;
3335
use OCP\Http\Client\IClientService;
3436
use OCP\ICertificateManager;
@@ -65,8 +67,9 @@ public function __construct(IConfig $config,
6567
public function newClient(): IClient {
6668
$handler = new CurlHandler();
6769
$stack = HandlerStack::create($handler);
68-
$stack->push($this->dnsPinMiddleware->addDnsPinning());
69-
70+
if ($this->config->getSystemValueBool('dns_pinning', true)) {
71+
$stack->push($this->dnsPinMiddleware->addDnsPinning());
72+
}
7073
$client = new GuzzleClient(['handler' => $stack]);
7174

7275
return new Client(

tests/lib/Http/Client/ClientServiceTest.php

Lines changed: 42 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,8 +9,8 @@
99
namespace Test\Http\Client;
1010

1111
use GuzzleHttp\Client as GuzzleClient;
12-
use GuzzleHttp\HandlerStack;
1312
use GuzzleHttp\Handler\CurlHandler;
13+
use GuzzleHttp\HandlerStack;
1414
use OC\Http\Client\Client;
1515
use OC\Http\Client\ClientService;
1616
use OC\Http\Client\DnsPinMiddleware;
@@ -25,6 +25,9 @@ class ClientServiceTest extends \Test\TestCase {
2525
public function testNewClient(): void {
2626
/** @var IConfig $config */
2727
$config = $this->createMock(IConfig::class);
28+
$config->method('getSystemValueBool')
29+
->with('dns_pinning', true)
30+
->willReturn(true);
2831
/** @var ICertificateManager $certificateManager */
2932
$certificateManager = $this->createMock(ICertificateManager::class);
3033
$dnsPinMiddleware = $this->createMock(DnsPinMiddleware::class);
@@ -57,4 +60,42 @@ public function testNewClient(): void {
5760
$clientService->newClient()
5861
);
5962
}
63+
64+
public function testDisableDnsPinning(): void {
65+
/** @var IConfig $config */
66+
$config = $this->createMock(IConfig::class);
67+
$config->method('getSystemValueBool')
68+
->with('dns_pinning', true)
69+
->willReturn(false);
70+
/** @var ICertificateManager $certificateManager */
71+
$certificateManager = $this->createMock(ICertificateManager::class);
72+
$dnsPinMiddleware = $this->createMock(DnsPinMiddleware::class);
73+
$dnsPinMiddleware
74+
->expects($this->never())
75+
->method('addDnsPinning')
76+
->willReturn(function () {
77+
});
78+
$localAddressChecker = $this->createMock(LocalAddressChecker::class);
79+
80+
$clientService = new ClientService(
81+
$config,
82+
$certificateManager,
83+
$dnsPinMiddleware,
84+
$localAddressChecker
85+
);
86+
87+
$handler = new CurlHandler();
88+
$stack = HandlerStack::create($handler);
89+
$guzzleClient = new GuzzleClient(['handler' => $stack]);
90+
91+
$this->assertEquals(
92+
new Client(
93+
$config,
94+
$certificateManager,
95+
$guzzleClient,
96+
$localAddressChecker
97+
),
98+
$clientService->newClient()
99+
);
100+
}
60101
}

0 commit comments

Comments
 (0)