archive
/
nextcloud
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Releases Wiki Activity

fix(federation): give some time to prepare both servers

Browse Source 
- when this background job runs, while the current server was not being
  added as trusted_server in the other instance, yet, the secret sharing
  would not be attempted again, without visual feedback.
- the change allows 5 attempts, which gives more than 20minutes to
  complete. More do not really help as the endpoint is brute force
  protected.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
pull/44771/head
Arthur Schiwon 1 month ago
parent e70cf9c14b
commit faf6a65e07
No known key found for this signature in database
GPG Key ID: 7424F1874854DF23
2 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File

10
apps/federation/lib/BackgroundJob/RequestSharedSecret.php
Unescape Escape View File

@ -160,7 +160,7 @@ class RequestSharedSecret extends Job {
// if we received a unexpected response we try again later
if (
$status !== Http::STATUS_OK
&& $status !== Http::STATUS_FORBIDDEN
&& ($status !== Http::STATUS_FORBIDDEN || $this->getAttempt($argument) < 5)
) {
$this->retainJob = true;
}
@ -173,14 +173,20 @@ class RequestSharedSecret extends Job {
$url = $argument['url'];
$created = isset($argument['created']) ? (int)$argument['created'] : $this->time->getTime();
$token = $argument['token'];
$attempt = $this->getAttempt($argument) + 1;
$this->jobList->add(
RequestSharedSecret::class,
[
'url' => $url,
'token' => $token,
'created' => $created
'created' => $created,
'attempt' => $attempt
]
);
}
protected function getAttempt(array $argument): int {
return $argument['attempt'] ?? 0;
}
}

8
apps/federation/tests/BackgroundJob/RequestSharedSecretTest.php
Unescape Escape View File

@ -142,6 +142,7 @@ class RequestSharedSecretTest extends TestCase {
'url' => 'url',
'token' => 'token',
'created' => 42,
'attempt' => 1,
]
);
} else {
@ -164,12 +165,12 @@ class RequestSharedSecretTest extends TestCase {
*
* @param int $statusCode
*/
public function testRun($statusCode) {
public function testRun(int $statusCode, int $attempt = 0): void {
$target = 'targetURL';
$source = 'sourceURL';
$token = 'token';
$argument = ['url' => $target, 'token' => $token];
$argument = ['url' => $target, 'token' => $token, 'attempt' => $attempt];
$this->timeFactory->method('getTime')->willReturn(42);
@ -196,7 +197,7 @@ class RequestSharedSecretTest extends TestCase {
$this->invokePrivate($this->requestSharedSecret, 'run', [$argument]);
if (
$statusCode !== Http::STATUS_OK
&& $statusCode !== Http::STATUS_FORBIDDEN
&& ($statusCode !== Http::STATUS_FORBIDDEN || $attempt < 5)
) {
$this->assertTrue($this->invokePrivate($this->requestSharedSecret, 'retainJob'));
} else {
@ -207,6 +208,7 @@ class RequestSharedSecretTest extends TestCase {
public function dataTestRun() {
return [
[Http::STATUS_OK],
[Http::STATUS_FORBIDDEN, 5],
[Http::STATUS_FORBIDDEN],
[Http::STATUS_CONFLICT],
];

Write Preview
Loading…
Cancel
Save