Commit Graph

9 Commits

Author SHA1 Message Date
Dan Callaghan
c312ee3cde
Use TLSv1.2 for fake servers in tests ()
Some Linux distros have begun disabling TLSv1.0 and TLSv1.1 by default
for security reasons, for example in Fedora 33 onwards:

https://fedoraproject.org/wiki/Changes/StrongCryptoSettings2

Use TLSv1.2 for the fake TLS servers created in the test suite, to avoid
failures due to OpenSSL disallowing TLSv1.0:

    <twisted.python.failure.Failure OpenSSL.SSL.Error: [('SSL routines',
    'ssl_choose_client_version', 'unsupported protocol')]>

Signed-off-by: Dan Callaghan <djc@djc.id.au>
2020-09-10 19:49:08 +01:00
Patrick Cloke
c619253db8
Stop sub-classing object () 2020-09-04 06:54:56 -04:00
Richard van der Hoff
1cb84c6486
Support for routing outbound HTTP requests via a proxy ()
The `http_proxy` and `HTTPS_PROXY` env vars can be set to a `host[:port]` value which should point to a proxy.

The address of the proxy should be excluded from IP blacklists such as the `url_preview_ip_range_blacklist`.

The proxy will then be used for
 * push
 * url previews
 * phone-home stats
 * recaptcha validation
 * CAS auth validation

It will *not* be used for:
 * Application Services
 * Identity servers
 * Outbound federation
 * In worker configurations, connections from workers to masters

Fixes .
2019-11-01 14:07:44 +00:00
Richard van der Hoff
db74c4fc6c fix ci on py2, again 2019-06-10 17:55:01 +01:00
Richard van der Hoff
19780a521e fix CI on python 2.7 2019-06-10 17:41:10 +01:00
Richard van der Hoff
e016681221 Tests for SSL certs for federation connections
Add some tests for bad certificates for federation and .well-known connections
2019-06-10 16:14:20 +01:00
Amber Brown
b36c82576e
Run Black on the tests again () 2019-05-10 00:12:11 -05:00
Richard van der Hoff
99e36d5e24
Implement MSC1708 (.well-known lookups for server routing) () 2019-01-29 13:53:02 +00:00
Richard van der Hoff
508196e08a
Reject invalid server names ()
Make sure that server_names used in auth headers are sane, and reject them with
a sensible error code, before they disappear off into the depths of the system.
2018-07-03 14:36:14 +01:00