From 3b782315b96de684ba5d65ab6976e27008e81f15 Mon Sep 17 00:00:00 2001 From: Maxence Lange Date: Tue, 7 Jul 2020 10:25:50 -0100 Subject: filters self-signed certs unless configured to Signed-off-by: Maxence Lange --- lib/Service/ConfigService.php | 14 +++++++++++++- lib/Service/CurlService.php | 6 ++++-- 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/lib/Service/ConfigService.php b/lib/Service/ConfigService.php index 514f73f0..afa57656 100644 --- a/lib/Service/ConfigService.php +++ b/lib/Service/ConfigService.php @@ -30,6 +30,7 @@ declare(strict_types=1); namespace OCA\Social\Service; +use daita\MySmallPhpTools\Model\Request; use daita\MySmallPhpTools\Traits\TArrayTools; use daita\MySmallPhpTools\Traits\TPathTools; use OCA\Social\AppInfo\Application; @@ -61,6 +62,8 @@ class ConfigService { const SOCIAL_ACCESS_TYPE = 'access_type'; const SOCIAL_ACCESS_LIST = 'access_list'; + const SOCIAL_SELF_SIGNED = 'allow_self_signed'; + const BACKGROUND_CRON = 1; const BACKGROUND_ASYNC = 2; const BACKGROUND_SERVICE = 3; @@ -74,7 +77,8 @@ class ConfigService { self::SOCIAL_SERVICE => 1, self::SOCIAL_MAX_SIZE => 10, self::SOCIAL_ACCESS_TYPE => 'all_but', - self::SOCIAL_ACCESS_LIST => '[]' + self::SOCIAL_ACCESS_LIST => '[]', + self::SOCIAL_SELF_SIGNED => '0' ]; /** @var array */ @@ -428,5 +432,13 @@ class ConfigService { } + /** + * @param Request $request + */ + public function configureRequest(Request $request) { + $request->setVerifyPeer($this->getAppValue(ConfigService::SOCIAL_SELF_SIGNED) !== '1'); + } + + } diff --git a/lib/Service/CurlService.php b/lib/Service/CurlService.php index 018b5de5..10af350a 100644 --- a/lib/Service/CurlService.php +++ b/lib/Service/CurlService.php @@ -252,8 +252,6 @@ class CurlService { * @param Request $request * * @return array - * @throws SocialAppConfigException - * @throws UnauthorizedFediverseException * @throws RequestContentException * @throws RequestNetworkException * @throws RequestResultNotJsonException @@ -261,6 +259,9 @@ class CurlService { * @throws RequestServerException */ public function retrieveJson(Request $request): array { + $this->configService->configureRequest($request); + $this->assignUserAgent($request); + try { $result = $this->retrieveJsonOrig($request); } catch (RequestResultSizeException | RequestResultNotJsonException $e) { @@ -288,6 +289,7 @@ class CurlService { */ public function doRequest(Request $request) { $this->fediverseService->authorized($request->getAddress()); + $this->configService->configureRequest($request); $this->assignUserAgent($request); return $this->doRequestOrig($request); -- cgit v1.2.3