summary refs log tree commit diff
diff options
context:
space:
mode:
authorPatrick Cloke <patrickc@matrix.org>2023-04-07 10:17:28 -0400
committerPatrick Cloke <patrickc@matrix.org>2023-07-17 11:05:43 -0400
commita93540b60d0870b86061e489183cce2792a3d5e2 (patch)
treec64116ab6b28a0f8fdf80130617abba4de5ea1af
parentInitial cut at signature verification. (diff)
downloadsynapse-a93540b60d0870b86061e489183cce2792a3d5e2.tar.xz
Disable TLS over federation.
-rw-r--r--synapse/server.py9
1 files changed, 5 insertions, 4 deletions
diff --git a/synapse/server.py b/synapse/server.py
index b72b76a38b..bb30a550a8 100644
--- a/synapse/server.py
+++ b/synapse/server.py
@@ -38,7 +38,6 @@ from synapse.api.ratelimiting import Ratelimiter, RequestRatelimiter
 from synapse.appservice.api import ApplicationServiceApi
 from synapse.appservice.scheduler import ApplicationServiceScheduler
 from synapse.config.homeserver import HomeServerConfig
-from synapse.crypto import context_factory
 from synapse.crypto.context_factory import RegularPolicyForHTTPS
 from synapse.crypto.keyring import Keyring
 from synapse.events.builder import EventBuilderFactory
@@ -475,9 +474,11 @@ class HomeServer(metaclass=abc.ABCMeta):
         """
         An HTTP client for federation.
         """
-        tls_client_options_factory = context_factory.FederationPolicyForHTTPS(
-            self.config
-        )
+        # XXX Disable TLS for federation.
+        # tls_client_options_factory = context_factory.FederationPolicyForHTTPS(
+        #     self.config
+        # )
+        tls_client_options_factory = None
         return MatrixFederationHttpClient(self, tls_client_options_factory)
 
     @cache_in_self