diff options
| author | Mark Haines <mark.haines@matrix.org> | 2014-10-24 19:27:12 +0100 |
|---|---|---|
| committer | Mark Haines <mark.haines@matrix.org> | 2014-10-24 19:27:12 +0100 |
| commit | 15be181642d08337f94b89b49305e49c56a103a4 (patch) | |
| tree | 1ceef3f86340ef3dc0e52191db3604dd4c67002f | |
| parent | Wrap preparing the database in a transaction. Otherwise it will take many sec... (diff) | |
| download | synapse-15be181642d08337f94b89b49305e49c56a103a4.tar.xz | |
Add log message if we can't enable ECC. Require pyopenssl>=0.14 since 0.13 doesn't seem to have ECC
| -rwxr-xr-x | setup.py | 1 | ||||
| -rw-r--r-- | synapse/crypto/context_factory.py | 5 |
2 files changed, 5 insertions, 1 deletions
diff --git a/setup.py b/setup.py index 649ac86590..660efd5b89 100755 --- a/setup.py +++ b/setup.py @@ -34,6 +34,7 @@ setup( "syutil==0.0.2", "Twisted>=14.0.0", "service_identity>=1.0.0", + "pyopenssl>=0.14", "pyyaml", "pyasn1", "pynacl", diff --git a/synapse/crypto/context_factory.py b/synapse/crypto/context_factory.py index f86bd19255..f402c795bb 100644 --- a/synapse/crypto/context_factory.py +++ b/synapse/crypto/context_factory.py @@ -16,6 +16,9 @@ from twisted.internet import ssl from OpenSSL import SSL from twisted.internet._sslverify import _OpenSSLECCurve, _defaultCurveName +import logging + +logger = logging.getLogger(__name__) class ServerContextFactory(ssl.ContextFactory): """Factory for PyOpenSSL SSL contexts that are used to handle incoming @@ -31,7 +34,7 @@ class ServerContextFactory(ssl.ContextFactory): _ecCurve = _OpenSSLECCurve(_defaultCurveName) _ecCurve.addECKeyToContext(context) except: - pass + logger.exception("Failed to enable eliptic curve for TLS") context.set_options(SSL.OP_NO_SSLv2 | SSL.OP_NO_SSLv3) context.use_certificate(config.tls_certificate) context.use_privatekey(config.tls_private_key) |