diff options
author | Mark Haines <mark.haines@matrix.org> | 2015-04-24 17:01:34 +0100 |
---|---|---|
committer | Mark Haines <mark.haines@matrix.org> | 2015-04-24 17:01:34 +0100 |
commit | 288702170d6fc8b44926856b37e4a0e1bb5b2ac4 (patch) | |
tree | c4819aaad46052f885540513b87e807a7d2e6cc9 | |
parent | Merge branch 'develop' into key_distribution (diff) | |
download | synapse-288702170d6fc8b44926856b37e4a0e1bb5b2ac4.tar.xz |
Add config for setting the perspective servers
-rw-r--r-- | synapse/config/_base.py | 4 | ||||
-rw-r--r-- | synapse/config/key.py | 22 | ||||
-rw-r--r-- | synapse/crypto/keyring.py | 6 |
3 files changed, 27 insertions, 5 deletions
diff --git a/synapse/config/_base.py b/synapse/config/_base.py index f07ea4cc46..6fd086a471 100644 --- a/synapse/config/_base.py +++ b/synapse/config/_base.py @@ -83,9 +83,9 @@ class Config(object): with open(file_path) as file_stream: try: return yaml.load(file_stream) - except Exception as e: + except: raise ConfigError( - "Error parsing yaml in file %r: " % (file_path,), e + "Error parsing yaml in file %r" % (file_path,) ) @staticmethod diff --git a/synapse/config/key.py b/synapse/config/key.py index de4e33a7f3..a2de6d5c17 100644 --- a/synapse/config/key.py +++ b/synapse/config/key.py @@ -16,6 +16,10 @@ import os from ._base import Config, ConfigError import syutil.crypto.signing_key +from syutil.crypto.signing_key import ( + is_signing_algorithm_supported, decode_verify_key_bytes +) +from syutil.base64util import decode_base64 class KeyConfig(Config): @@ -53,9 +57,17 @@ class KeyConfig(Config): " keys from") def read_perspectives(self, perspectives_config_path): - servers = self.read_yaml_file( + config = self.read_yaml_file( perspectives_config_path, "perspectives_config_path" ) + servers = {} + for server_name, server_config in config["servers"].items(): + for key_id, key_data in server_config["verify_keys"].items(): + if is_signing_algorithm_supported(key_id): + key_base64 = key_data["key"] + key_bytes = decode_base64(key_base64) + verify_key = decode_verify_key_bytes(key_id, key_bytes) + servers.setdefault(server_name, {})[key_id] = verify_key return servers def read_signing_key(self, signing_key_path): @@ -126,4 +138,10 @@ class KeyConfig(Config): if not os.path.exists(args.perspectives_config_path): with open(args.perspectives_config_path, "w") as perspectives_file: - perspectives_file.write("@@@") + perspectives_file.write( + 'servers:\n' + ' matrix.org:\n' + ' verify_keys:\n' + ' "ed25519:auto":\n' + ' key: "Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw"\n' + ) diff --git a/synapse/crypto/keyring.py b/synapse/crypto/keyring.py index d248776bc1..f7ae227916 100644 --- a/synapse/crypto/keyring.py +++ b/synapse/crypto/keyring.py @@ -42,7 +42,7 @@ class Keyring(object): self.clock = hs.get_clock() self.client = hs.get_http_client() self.config = hs.get_config() - self.perspective_servers = {} + self.perspective_servers = self.config.perspectives self.hs = hs @defer.inlineCallbacks @@ -111,6 +111,10 @@ class Keyring(object): ) break except: + logging.info( + "Unable to getting key %r for %r from %r", + key_ids, server_name, perspective_name, + ) pass limiter = yield get_retry_limiter( |