Merge pull request #3727 from matrix-org/erikj/dont_error_on_missing_keys

Don't log exceptions when failing to fetch server keys
This commit is contained in:
Erik Johnston 2018-08-21 17:07:20 +01:00 committed by GitHub
commit 46c832eaac
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 10 additions and 5 deletions

1
changelog.d/3727.misc Normal file
View File

@ -0,0 +1 @@
Log failure to authenticate remote servers as warnings (without stack traces)

View File

@ -18,7 +18,9 @@ import logging
from canonicaljson import json from canonicaljson import json
from twisted.internet import defer, reactor from twisted.internet import defer, reactor
from twisted.internet.error import ConnectError
from twisted.internet.protocol import Factory from twisted.internet.protocol import Factory
from twisted.names.error import DomainError
from twisted.web.http import HTTPClient from twisted.web.http import HTTPClient
from synapse.http.endpoint import matrix_federation_endpoint from synapse.http.endpoint import matrix_federation_endpoint
@ -47,12 +49,14 @@ def fetch_server_key(server_name, tls_client_options_factory, path=KEY_API_V1):
server_response, server_certificate = yield protocol.remote_key server_response, server_certificate = yield protocol.remote_key
defer.returnValue((server_response, server_certificate)) defer.returnValue((server_response, server_certificate))
except SynapseKeyClientError as e: except SynapseKeyClientError as e:
logger.exception("Error getting key for %r" % (server_name,)) logger.warn("Error getting key for %r: %s", server_name, e)
if e.status.startswith("4"): if e.status.startswith("4"):
# Don't retry for 4xx responses. # Don't retry for 4xx responses.
raise IOError("Cannot get key for %r" % server_name) raise IOError("Cannot get key for %r" % server_name)
except (ConnectError, DomainError) as e:
logger.warn("Error getting key for %r: %s", server_name, e)
except Exception as e: except Exception as e:
logger.exception(e) logger.exception("Error getting key for %r", server_name)
raise IOError("Cannot get key for %r" % server_name) raise IOError("Cannot get key for %r" % server_name)

View File

@ -261,10 +261,10 @@ class BaseFederationServlet(object):
except NoAuthenticationError: except NoAuthenticationError:
origin = None origin = None
if self.REQUIRE_AUTH: if self.REQUIRE_AUTH:
logger.exception("authenticate_request failed") logger.warn("authenticate_request failed: missing authentication")
raise raise
except Exception: except Exception as e:
logger.exception("authenticate_request failed") logger.warn("authenticate_request failed: %s", e)
raise raise
if origin: if origin: