Matrix-Mirrors/anonymousland-synapse
1
0
Fork 0
mirror of https://git.anonymousland.org/anonymousland/synapse.git synced 2025-06-18 00:39:18 -04:00
Code Issues Projects Releases Packages Wiki Activity

Improve startup checks for insecure notary configs (#5392)

Browse source 
It's not really a problem to trust notary responses signed by the old key so
long as we are also doing TLS validation.

This commit adds a check to the config parsing code at startup to check that
we do not have the insecure matrix.org key without tls validation, and refuses
to start without it.

This allows us to remove the rather alarming-looking warning which happens at
runtime.
This commit is contained in:
Richard van der Hoff 2019-06-10 10:33:00 +01:00 committed by GitHub
parent 7c455a86bc
commit 88d7182ada
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 24 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

7
synapse/crypto/keyring.py
View file

@ -750,13 +750,6 @@ class PerspectivesKeyFetcher(BaseV2KeyFetcher):
verify_signed_json(response, perspective_name, perspective_keys[key_id])
verified = True
if perspective_name == "matrix.org" and key_id == "ed25519:auto":
logger.warning(
"Trusting trusted_key_server responses signed by the "
"compromised matrix.org signing key 'ed25519:auto'. "
"This is a placebo."
)
if not verified:
raise KeyLookupError(
"Response not signed with a known key: signed with: %r, known keys: %r"