summary refs log tree commit diff
diff options
context:
space:
mode:
authorRichard van der Hoff <richard@matrix.org>2019-05-02 22:55:55 +0100
committerRichard van der Hoff <richard@matrix.org>2019-05-02 22:55:55 +0100
commite1feb45f2be17be9f5b2c2b563ba177c901bd22b (patch)
tree53dfe3848c6d8a4ce8f128387aca66975ab52dd8
parentTesting (diff)
downloadsynapse-e1feb45f2be17be9f5b2c2b563ba177c901bd22b.tar.xz
We can't throw exceptions in an IResolutionReceiver
Diffstat
-rw-r--r--synapse/http/client.py51


1 files changed, 23 insertions, 28 deletions
diff --git a/synapse/http/client.py b/synapse/http/client.py
index 2163c9834c..6bd47cbfab 100644
--- a/synapse/http/client.py
+++ b/synapse/http/client.py
@@ -92,18 +92,14 @@ class IPBlacklistingResolver(object):
     def resolveHostName(self, recv, hostname, portNumber=0):
 
         r = recv()
-        d = defer.Deferred()
         addresses = []
 
-        @provider(IResolutionReceiver)
-        class EndpointReceiver(object):
-            @staticmethod
-            def resolutionBegan(resolutionInProgress):
-                pass
+        def _callback():
+            r.resolutionBegan(None)
 
-            @staticmethod
-            def addressResolved(address):
-                ip_address = IPAddress(address.host)
+            has_bad_ip = False
+            for i in addresses:
+                ip_address = IPAddress(i.host)
 
                 if check_against_blacklist(
                     ip_address, self._ip_whitelist, self._ip_blacklist
@@ -111,35 +107,34 @@ class IPBlacklistingResolver(object):
                     logger.info(
                         "Dropped %s from DNS resolution to %s" % (ip_address, hostname)
                     )
-                    # Only raise a 403 if this request originated from a
-                    # client-server call
-                    # XXX: A 403 need only be raised when this has originated
-                    # from a client-server request, however this also has the
-                    # benefit of preventing federation tests from raising an
-                    # exception that cannot be caught.
-                    #if not self._from_federation:
-                    raise SynapseError(403,
-                                       "IP address blocked by IP blacklist entry")
-                    return
+                    has_bad_ip = True
+
+            # if we have a blacklisted IP, we'd like to raise an error to block the
+            # request, but all we can really do from here is claim that there were no
+            # valid results.
+            if not has_bad_ip:
+                for i in addresses:
+                    r.addressResolved(i)
+            r.resolutionComplete()
 
+        @provider(IResolutionReceiver)
+        class EndpointReceiver(object):
+            @staticmethod
+            def resolutionBegan(resolutionInProgress):
+                pass
+
+            @staticmethod
+            def addressResolved(address):
                 addresses.append(address)
 
             @staticmethod
             def resolutionComplete():
-                d.callback(addresses)
+                _callback()
 
         self._reactor.nameResolver.resolveHostName(
             EndpointReceiver, hostname, portNumber=portNumber
         )
 
-        def _callback(addrs):
-            r.resolutionBegan(None)
-            for i in addrs:
-                r.addressResolved(i)
-            r.resolutionComplete()
-
-        d.addCallback(_callback)
-
         return r
 
 

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-21 11:02:25 +0000