summary refs log tree commit diff
path: root/changelog.d/6000.feature
diff options
context:
space:
mode:
authorAndrew Morgan <1342360+anoadragon453@users.noreply.github.com>2019-09-23 21:23:20 +0200
committerRichard van der Hoff <1389908+richvdh@users.noreply.github.com>2019-09-23 20:23:20 +0100
commite08ea43463bacd5efacbf6c790c6be0f3cd06ce6 (patch)
tree19f98e18e1ea719bc533b653a3e57c96e7e98fe5 /changelog.d/6000.feature
parentAdd m.id_access_token to /versions unstable_features (MSC2264) (#5974) (diff)
downloadsynapse-e08ea43463bacd5efacbf6c790c6be0f3cd06ce6.tar.xz
Use the federation blacklist for requests to untrusted Identity Servers (#6000)
Uses a SimpleHttpClient instance equipped with the federation_ip_range_blacklist list for requests to identity servers provided by user input. Does not use a blacklist when contacting identity servers specified by account_threepid_delegates. The homeserver trusts the latter and we don't want to prevent homeserver admins from specifying delegates that are on internal IP addresses.

Fixes #5935
Diffstat (limited to 'changelog.d/6000.feature')
-rw-r--r--changelog.d/6000.feature1
1 files changed, 1 insertions, 0 deletions
diff --git a/changelog.d/6000.feature b/changelog.d/6000.feature
new file mode 100644
index 0000000000..0a159bd10d
--- /dev/null
+++ b/changelog.d/6000.feature
@@ -0,0 +1 @@
+Apply the federation blacklist to requests to identity servers.
\ No newline at end of file