diff --git a/synapse/http/client.py b/synapse/http/client.py
index 3ec9bc7faf..ca2f770f5d 100644
--- a/synapse/http/client.py
+++ b/synapse/http/client.py
@@ -25,7 +25,7 @@ from synapse.http.endpoint import SpiderEndpoint
from canonicaljson import encode_canonical_json
from twisted.internet import defer, reactor, ssl, protocol, task
-from twisted.internet.endpoints import SSL4ClientEndpoint, TCP4ClientEndpoint
+from twisted.internet.endpoints import HostnameEndpoint, wrapClientTLS
from twisted.web.client import (
BrowserLikeRedirectAgent, ContentDecoderAgent, GzipDecoder, Agent,
readBody, PartialDownloadError,
@@ -386,26 +386,23 @@ class SpiderEndpointFactory(object):
def endpointForURI(self, uri):
logger.info("Getting endpoint for %s", uri.toBytes())
+
if uri.scheme == "http":
- return SpiderEndpoint(
- reactor, uri.host, uri.port, self.blacklist, self.whitelist,
- endpoint=TCP4ClientEndpoint,
- endpoint_kw_args={
- 'timeout': 15
- },
- )
+ endpoint_factory = HostnameEndpoint
elif uri.scheme == "https":
- tlsPolicy = self.policyForHTTPS.creatorForNetloc(uri.host, uri.port)
- return SpiderEndpoint(
- reactor, uri.host, uri.port, self.blacklist, self.whitelist,
- endpoint=SSL4ClientEndpoint,
- endpoint_kw_args={
- 'sslContextFactory': tlsPolicy,
- 'timeout': 15
- },
- )
+ tlsCreator = self.policyForHTTPS.creatorForNetloc(uri.host, uri.port)
+
+ def endpoint_factory(reactor, host, port, **kw):
+ return wrapClientTLS(
+ tlsCreator,
+ HostnameEndpoint(reactor, host, port, **kw))
else:
logger.warn("Can't get endpoint for unrecognised scheme %s", uri.scheme)
+ return None
+ return SpiderEndpoint(
+ reactor, uri.host, uri.port, self.blacklist, self.whitelist,
+ endpoint=endpoint_factory, endpoint_kw_args=dict(timeout=15),
+ )
class SpiderHttpClient(SimpleHttpClient):
diff --git a/synapse/http/endpoint.py b/synapse/http/endpoint.py
index 442696d393..1c17a28406 100644
--- a/synapse/http/endpoint.py
+++ b/synapse/http/endpoint.py
@@ -13,7 +13,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-from twisted.internet.endpoints import SSL4ClientEndpoint, TCP4ClientEndpoint
+from twisted.internet.endpoints import HostnameEndpoint, wrapClientTLS
from twisted.internet import defer
from twisted.internet.error import ConnectError
from twisted.names import client, dns
@@ -58,11 +58,13 @@ def matrix_federation_endpoint(reactor, destination, ssl_context_factory=None,
endpoint_kw_args.update(timeout=timeout)
if ssl_context_factory is None:
- transport_endpoint = TCP4ClientEndpoint
+ transport_endpoint = HostnameEndpoint
default_port = 8008
else:
- transport_endpoint = SSL4ClientEndpoint
- endpoint_kw_args.update(sslContextFactory=ssl_context_factory)
+ def transport_endpoint(reactor, host, port, timeout):
+ return wrapClientTLS(
+ ssl_context_factory,
+ HostnameEndpoint(reactor, host, port, timeout=timeout))
default_port = 8448
if port is None:
@@ -80,7 +82,7 @@ class SpiderEndpoint(object):
Implements twisted.internet.interfaces.IStreamClientEndpoint.
"""
def __init__(self, reactor, host, port, blacklist, whitelist,
- endpoint=TCP4ClientEndpoint, endpoint_kw_args={}):
+ endpoint=HostnameEndpoint, endpoint_kw_args={}):
self.reactor = reactor
self.host = host
self.port = port
@@ -118,7 +120,7 @@ class SRVClientEndpoint(object):
"""
def __init__(self, reactor, service, domain, protocol="tcp",
- default_port=None, endpoint=TCP4ClientEndpoint,
+ default_port=None, endpoint=HostnameEndpoint,
endpoint_kw_args={}):
self.reactor = reactor
self.service_name = "_%s._%s.%s" % (service, protocol, domain)
diff --git a/synapse/python_dependencies.py b/synapse/python_dependencies.py
index 3742a25b37..7817b0cd91 100644
--- a/synapse/python_dependencies.py
+++ b/synapse/python_dependencies.py
@@ -24,7 +24,7 @@ REQUIREMENTS = {
"signedjson>=1.0.0": ["signedjson>=1.0.0"],
"pynacl==0.3.0": ["nacl==0.3.0", "nacl.bindings"],
"service_identity>=1.0.0": ["service_identity>=1.0.0"],
- "Twisted>=15.1.0": ["twisted>=15.1.0"],
+ "Twisted>=16.0.0": ["twisted>=16.0.0"],
"pyopenssl>=0.14": ["OpenSSL>=0.14"],
"pyyaml": ["yaml"],
"pyasn1": ["pyasn1"],
|
