summary refs log tree commit diff
path: root/tests/http (follow)
Commit message (Collapse)AuthorAgeFilesLines
* fix ci on py2, againRichard van der Hoff2019-06-101-1/+1
|
* fix CI on python 2.7Richard van der Hoff2019-06-101-6/+4
|
* Tests for SSL certs for federation connectionsRichard van der Hoff2019-06-106-106/+343
| | | | Add some tests for bad certificates for federation and .well-known connections
* Stop hardcoding trust of old matrix.org key (#5374)Richard van der Hoff2019-06-061-0/+1
| | | | | | | | | | | | | | | | | There are a few changes going on here: * We make checking the signature on a key server response optional: if no verify_keys are specified, we trust to TLS to validate the connection. * We change the default config so that it does not require responses to be signed by the old key. * We replace the old 'perspectives' config with 'trusted_key_servers', which is also formatted slightly differently. * We emit a warning to the logs every time we trust a key server response signed by the old key.
* Validate federation server TLS certificates by default.Richard van der Hoff2019-06-051-3/+9
|
* Migrate all tests to use the dict-based config format instead of hanging ↵Amber Brown2019-05-131-1/+3
| | | | items off HomeserverConfig (#5171)
* Add ability to blacklist ip ranges for federation traffic (#5043)Andrew Morgan2019-05-131-0/+71
|
* Run Black on the tests again (#5170)Amber Brown2019-05-104-172/+113
|
* Config option for verifying federation certificates (MSC 1711) (#4967)Andrew Morgan2019-04-251-1/+2
|
* lintAndrew Morgan2019-03-201-1/+1
|
* New test, fix issuesAndrew Morgan2019-03-201-0/+45
|
* Fix comments. v0.99.2 -> v0.99.3Andrew Morgan2019-03-201-1/+1
|
* Federation test fixed!Andrew Morgan2019-03-201-2/+5
|
* Better exception handlingAndrew Morgan2019-03-181-4/+1
|
* Correct var nameAndrew Morgan2019-03-131-0/+54
|
* i should have given up x3Andrew Morgan2019-03-131-39/+0
|
* i should have given up x2Andrew Morgan2019-03-131-0/+39
|
* Move ClientTLSOptionsFactory init out of refresh_certificates (#4611)Richard van der Hoff2019-02-111-3/+1
| | | | | It's nothing to do with refreshing the certificates. No idea why it was here.
* Treat an invalid .well-known the same as an absent oneRichard van der Hoff2019-02-011-11/+70
| | | | ... basically, carry on and fall back to SRV etc.
* Update federation routing logic to check .well-known before SRVRichard van der Hoff2019-01-311-30/+21
|
* Follow redirects on .well-known (#4520)Richard van der Hoff2019-01-301-0/+97
|
* Add a caching layer to .well-known responses (#4516)Richard van der Hoff2019-01-301-4/+146
|
* Relax requirement for a content-type on .well-known (#4511)Richard van der Hoff2019-01-291-1/+0
|
* Implement MSC1708 (.well-known lookups for server routing) (#4489)Richard van der Hoff2019-01-293-7/+339
|
* Use SimpleResolverComplexifier in tests (#4497)Richard van der Hoff2019-01-291-4/+3
| | | | | two reasons for this. One, it saves a bunch of boilerplate. Two, it squashes unicode to IDNA-in-a-`str` (even on python 3) in a way that it turns out we rely on to give consistent behaviour between python 2 and 3.
* Handle IP literals explicitlyRichard van der Hoff2019-01-281-17/+2
| | | | We don't want to be doing .well-known lookups on these guys.
* Fix idna and ipv6 literal handling in MatrixFederationAgent (#4487)Richard van der Hoff2019-01-281-1/+180
| | | | | | | | | | | | | | | | Turns out that the library does a better job of parsing URIs than our reinvented wheel. Who knew. There are two things going on here. The first is that, unlike parse_server_name, URI.fromBytes will strip off square brackets from IPv6 literals, which means that it is valid input to ClientTLSOptionsFactory and HostnameEndpoint. The second is that we stay in `bytes` throughout (except for the argument to ClientTLSOptionsFactory), which avoids the weirdness of (sometimes) ending up with idna-encoded values being held in `unicode` variables. TBH it probably would have been ok but it made the tests fragile.
* Fix Host header sent by MatrixFederationAgent (#4468)Richard van der Hoff2019-01-252-1/+17
| | | | | | Move the Host header logic down here so that (a) it is used if we reuse the agent elsewhere, and (b) we can mess about with it with .well-known.
* Look up the right SRV recordRichard van der Hoff2019-01-241-3/+9
|
* lots more tests for MatrixFederationAgentRichard van der Hoff2019-01-241-10/+79
|
* Don't send IP addresses as SNI (#4452)Richard van der Hoff2019-01-241-3/+60
| | | | | | The problem here is that we have cut-and-pasted an impl from Twisted, and then failed to maintain it. It was fixed in Twisted in https://github.com/twisted/twisted/pull/1047/files; let's do the same here.
* Add a test for MatrixFederationAgentRichard van der Hoff2019-01-221-0/+183
|
* put resolve_service in an objectRichard van der Hoff2019-01-221-20/+18
| | | | this makes it easier to stub things out for tests.
* Require that service_name be a byte stringRichard van der Hoff2019-01-221-4/+4
| | | | it is only ever a bytes now, so let's enforce that.
* Make MatrixFederationClient use MatrixFederationAgentRichard van der Hoff2019-01-221-0/+96
| | | | ... instead of the matrix_federation_endpoint
* Refactor and bugfix for resove_service (#4427)Richard van der Hoff2019-01-222-0/+223
|
* Remove redundant WrappedConnection (#4409)Richard van der Hoff2019-01-181-7/+47
| | | | | | | | * Remove redundant WrappedConnection The matrix federation client uses an HTTP connection pool, which times out its idle HTTP connections, so there is no need for any of this business.
* Refactor request sending to have better excpetions (#4358)Erik Johnston2019-01-081-3/+10
| | | | | | | | | | | | | | * Correctly retry and back off if we get a HTTPerror response * Refactor request sending to have better excpetions MatrixFederationHttpClient blindly reraised exceptions to the caller without differentiating "expected" failures (e.g. connection timeouts etc) versus more severe problems (e.g. programming errors). This commit adds a RequestSendFailed exception that is raised when "expected" failures happen, allowing the TransactionQueue to log them as warnings while allowing us to log other exceptions as actual exceptions.
* Merge branch 'master' into developAmber Brown2018-09-251-2/+2
|\
| * Fix compatibility issue with older Twisted in tests.Oleg Girko2018-09-251-2/+2
| | | | | | | | | | | | | | | | Older Twisted (18.4.0) returns TimeoutError instead of ConnectingCancelledError when connection times out. This change allows tests to be compatible with this behaviour. Signed-off-by: Oleg Girko <ol@infoserver.lv>
* | Refactor matrixfederationclient to fix logging (#3906)Richard van der Hoff2018-09-181-5/+38
|/ | | | | | | | We want to wait until we have read the response body before we log the request as complete, otherwise a confusing thing happens where the request appears to have completed, but we later fail it. To do this, we factor the salient details of a request out to a separate object, which can then keep track of the txn_id, so that it can be logged.
* Attempt to figure out what's going on with timeouts (#3857)Amber Brown2018-09-141-0/+157
|
* Run black.black2018-08-101-4/+2
|
* run isortAmber Brown2018-07-091-4/+2
|
* More server_name validationRichard van der Hoff2018-07-041-4/+13
| | | | | | | | We need to do a bit more validation when we get a server name, but don't want to be re-doing it all over the shop, so factor out a separate parse_and_validate_server_name, and do the extra validation. Also, use it to verify the server name in the config file.
* Reject invalid server names (#3480)Richard van der Hoff2018-07-032-0/+46
Make sure that server_names used in auth headers are sane, and reject them with a sensible error code, before they disappear off into the depths of the system.