summary refs log tree commit diff
diff options
context:
space:
mode:
authorRobert Edström <108799+Legogris@users.noreply.github.com>2021-10-20 17:43:49 +0000
committerGitHub <noreply@github.com>2021-10-20 18:43:49 +0100
commit62db603fa0cae4813e119291b606bff290461b2b (patch)
treeaa05f7f17f4e34320a6e08aede023cb127670200
parentClean up `_update_auth_events_and_context_for_auth` (#11122) (diff)
downloadsynapse-62db603fa0cae4813e119291b606bff290461b2b.tar.xz
Consider IP whitelist for identity server resolution (#11120)
Signed-off-by: Robert Edström <github@legogris.se>
-rw-r--r--changelog.d/11120.bugfix1
-rw-r--r--synapse/handlers/identity.py4
2 files changed, 4 insertions, 1 deletions
diff --git a/changelog.d/11120.bugfix b/changelog.d/11120.bugfix
new file mode 100644
index 0000000000..6b39e3e89d
--- /dev/null
+++ b/changelog.d/11120.bugfix
@@ -0,0 +1 @@
+Identity server connection is no longer ignoring `ip_range_whitelist`.
diff --git a/synapse/handlers/identity.py b/synapse/handlers/identity.py
index 9c319b5383..7ef8698a5e 100644
--- a/synapse/handlers/identity.py
+++ b/synapse/handlers/identity.py
@@ -54,7 +54,9 @@ class IdentityHandler:
         self.http_client = SimpleHttpClient(hs)
         # An HTTP client for contacting identity servers specified by clients.
         self.blacklisting_http_client = SimpleHttpClient(
-            hs, ip_blacklist=hs.config.server.federation_ip_range_blacklist
+            hs,
+            ip_blacklist=hs.config.server.federation_ip_range_blacklist,
+            ip_whitelist=hs.config.server.federation_ip_range_whitelist,
         )
         self.federation_http_client = hs.get_federation_http_client()
         self.hs = hs