Richard van der Hoff
dd1ea9763a
Fix incorrect key_ids in error message
2017-09-20 01:32:42 +01:00
Richard van der Hoff
9864efa532
Fix concurrent server_key requests ( #2458 )
...
Fix a bug where we could end up firing off multiple requests for server_keys
for the same server at the same time.
2017-09-19 23:25:44 +01:00
Richard van der Hoff
290777b3d9
Clean up and document handling of logcontexts in Keyring ( #2452 )
...
I'm still unclear on what the intended behaviour for
`verify_json_objects_for_server` is, but at least I now understand the
behaviour of most of the things it calls...
2017-09-18 18:31:01 +01:00
Richard van der Hoff
9397edb28b
Merge pull request #2050 from matrix-org/rav/federation_backoff
...
push federation retry limiter down to matrixfederationclient
2017-03-23 22:27:01 +00:00
Richard van der Hoff
4bd597d9fc
push federation retry limiter down to matrixfederationclient
...
rather than having to instrument everywhere we make a federation call,
make the MatrixFederationHttpClient manage the retry limiter.
2017-03-23 09:28:46 +00:00
Richard van der Hoff
64778693be
fix up some key verif docstrings
2017-03-21 13:27:50 +00:00
Richard van der Hoff
c36d15d2de
Add some debug to help diagnose weird federation issue
2017-03-20 15:36:14 +00:00
Erik Johnston
9219139351
Preserve some logcontexts
2016-08-24 11:58:40 +01:00
Erik Johnston
04fc8bbcb0
Update keyring Measure
2016-08-19 18:23:44 +01:00
Erik Johnston
2426c2f21a
Measure keyrings
2016-08-19 18:23:44 +01:00
Erik Johnston
fa1ce4d8ad
Don't print stack traces when failing to get remote keys
2016-08-10 10:44:37 +01:00
Erik Johnston
a285194021
Merge branch 'erikj/key_client_fix' of github.com:matrix-org/synapse into release-v0.17.0
2016-07-28 10:47:06 +01:00
Mark Haines
29b25d59c6
Merge branch 'develop' into markjh/verify
...
Conflicts:
synapse/crypto/keyring.py
2016-07-27 15:11:02 +01:00
Mark Haines
884b800899
Merge pull request #955 from matrix-org/markjh/only_from2
...
Add a couple more checks to the keyring
2016-07-27 15:08:22 +01:00
Mark Haines
fe1b369946
Clean up verify_json_objects_for_server
2016-07-27 14:10:43 +01:00
Mark Haines
a4b06b619c
Add a couple more checks to the keyring
2016-07-26 19:50:11 +01:00
Mark Haines
87ffd21b29
Fix a couple of bugs in the transaction and keyring code
2016-07-26 19:19:08 +01:00
Erik Johnston
d26b660aa6
Cache getPeer
2016-07-21 17:38:51 +01:00
Erik Johnston
cf94a78872
Set host not path
2016-07-21 11:45:53 +01:00
Erik Johnston
081e5d55e6
Send the correct host header when fetching keys
2016-07-21 11:14:54 +01:00
David Baker
f28643cea9
Uncommit accidentally commited edit to cipher list
2016-05-10 18:44:32 +02:00
David Baker
d46b18a00f
Pass through _get_event_txn
2016-05-10 18:27:06 +02:00
Erik Johnston
2e2be463f8
Make key client send a Host header
2016-03-11 10:29:05 +00:00
Erik Johnston
2c1fbea531
Fix up logcontexts
2016-02-08 14:26:45 +00:00
Matthew Hodgson
6c28ac260c
copyrights
2016-01-07 04:26:29 +00:00
Paul "LeoNerd" Evans
a6ba41e078
Actually look up required remote server key IDs
...
set.union() is a side-effect-free function that returns the union of two
sets. This clearly wanted .update(), which is the side-effecting mutator
version.
2015-12-18 21:36:42 +00:00
Erik Johnston
0eabfa55f6
Fix typo
2015-11-20 17:17:58 +00:00
Erik Johnston
6408541075
Don't limit connections to perspective servers
2015-11-20 17:15:44 +00:00
Erik Johnston
ffe8cf7e59
Fix bug where we sometimes didn't fetch all the keys requested for a
...
server.
2015-09-17 10:21:32 +01:00
Daniel Wagner-Hall
2c8f16257a
Merge pull request #272 from matrix-org/daniel/insecureclient
...
Allow configuration to ignore invalid SSL certs
2015-09-15 16:52:38 +01:00
Erik Johnston
dd0867f5ba
Various bug fixes to crypto.keyring
2015-09-09 17:02:39 +01:00
Daniel Wagner-Hall
81a93ddcc8
Allow configuration to ignore invalid SSL certs
...
This will be useful for sytest, and sytest only, hence the aggressive
config key name.
2015-09-09 12:02:07 +01:00
Mark Haines
78323ccdb3
Remove syutil dependency in favour of smaller single-purpose libraries
2015-08-24 16:17:38 +01:00
Erik Johnston
0b3389bcd2
Merge pull request #194 from matrix-org/erikj/bulk_verify_sigs
...
Implement bulk verify_signed_json API
2015-07-10 13:46:53 +01:00
Matthew Hodgson
fb8d2862c1
remove the tls_certificate_chain_path param and simply support tls_certificate_path pointing to a file containing a chain of certificates
2015-07-09 00:45:41 +01:00
Matthew Hodgson
f26a3df1bf
oops, context.tls_certificate_chain_file() expects a file, not a certificate.
2015-07-08 21:33:02 +01:00
Matthew Hodgson
19fa3731ae
typo
2015-07-08 18:53:41 +01:00
Matthew Hodgson
64afbe6ccd
add new optional config for tls_certificate_chain_path for folks with intermediary SSL certs
2015-07-08 18:20:02 +01:00
Erik Johnston
f0dd568e16
Wait for previous attempts at fetching keys for a given server before trying to fetch more
2015-06-26 11:25:00 +01:00
Erik Johnston
b5f55a1d85
Implement bulk verify_signed_json API
2015-06-26 10:39:34 +01:00
Erik Johnston
291cba284b
Handle the case when things return empty but non none things
2015-05-19 14:42:46 +01:00
Erik Johnston
253f76a0a5
Don't always hit get_server_verify_key_v1_direct
2015-05-19 14:42:38 +01:00
Erik Johnston
d3e09f12d0
SYN-383: Actually, we expect this value to be a dict
2015-05-19 13:12:41 +01:00
Erik Johnston
2b7120e233
SYN-383: Handle the fact the server might not have signed things
2015-05-19 12:49:38 +01:00
Erik Johnston
8b256a7296
Don't reuse var names
2015-05-19 11:58:22 +01:00
Erik Johnston
2aeee2a905
SYN-383: Fix parsing of verify_keys and catching of _DefGen_Return
2015-05-19 11:56:18 +01:00
Mark Haines
c6a03c46e6
SYN-383: Extract the response list from 'server_keys' in the response JSON as it might work better than iterating over the top level dict
2015-05-19 10:23:02 +01:00
Mark Haines
ec07dba29e
Merge pull request #143 from matrix-org/erikj/SYN-375
...
SYN-375 - Lots of unhandled deferred exceptions.
2015-05-12 15:25:54 +01:00
Erik Johnston
476899295f
Change the way we do logging contexts so that they survive divergences
2015-05-08 16:32:18 +01:00
Erik Johnston
fca28d243e
Change the way we create observers to deferreds so that we don't get spammed by 'unhandled errors'
2015-05-08 16:28:08 +01:00