fix(federation): respect sharing.federation.allowSelfSignedCertificates for address book sync

The configuration option, to accept self-signed certificates, is now also used when syncing address books. Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2025-07-16 12:36:45 +07:00 · 2025-07-16 12:36:45 +07:00 · 68b9493a51
parent e22914b5ff
commit 68b9493a51
1 changed files with 3 additions and 1 deletions
--- a/apps/dav/lib/CardDAV/SyncService.php
+++ b/apps/dav/lib/CardDAV/SyncService.php
@ -168,7 +168,8 @@ class SyncService {
 			'auth' => [$userName, $sharedSecret],
 			'body' => $this->buildSyncCollectionRequestBody($syncToken),
 			'headers' => ['Content-Type' => 'application/xml'],
-			'timeout' => $this->config->getSystemValueInt('carddav_sync_request_timeout', IClient::DEFAULT_REQUEST_TIMEOUT)
+			'timeout' => $this->config->getSystemValueInt('carddav_sync_request_timeout', IClient::DEFAULT_REQUEST_TIMEOUT),
+			'verify' => !$this->config->getSystemValue('sharing.federation.allowSelfSignedCertificates', false),
 		];

 		$response = $client->request(
@ -189,6 +190,7 @@ class SyncService {

 		$options = [
 			'auth' => [$userName, $sharedSecret],
+			'verify' => !$this->config->getSystemValue('sharing.federation.allowSelfSignedCertificates', false),
 		];

 		$response = $client->get(