Improve startup checks for insecure notary configs (#5392)

It's not really a problem to trust notary responses signed by the old key so long as we are also doing TLS validation. This commit adds a check to the config parsing code at startup to check that we do not have the insecure matrix.org key without tls validation, and refuses to start without it. This allows us to remove the rather alarming-looking warning which happens at runtime.
author: Richard van der Hoff <1389908+richvdh@users.noreply.github.com> 2019-06-10 10:33:00 +0100
committer: GitHub <noreply@github.com> 2019-06-10 10:33:00 +0100
commit: 88d7182adaef8711bf3cc80ff604e566e517b6e6 (patch)
tree: fba8485a8869449496bc148a5a006b7dfbb6a67f /changelog.d
parent: 1.0.0rc1 (diff)
download: synapse-88d7182adaef8711bf3cc80ff604e566e517b6e6.tar.xz
1 files changed, 1 insertions, 0 deletions
diff --git a/changelog.d/5392.bugfix b/changelog.d/5392.bugfix
new file mode 100644
index 0000000000..295a7cfce1
--- /dev/null
+++ b/changelog.d/5392.bugfix
@@ -0,0 +1 @@
+Remove redundant warning about key server response validation.
author	Richard van der Hoff <1389908+richvdh@users.noreply.github.com>	2019-06-10 10:33:00 +0100
committer	GitHub <noreply@github.com>	2019-06-10 10:33:00 +0100
commit	88d7182adaef8711bf3cc80ff604e566e517b6e6 (patch)
tree	fba8485a8869449496bc148a5a006b7dfbb6a67f /changelog.d
parent	1.0.0rc1 (diff)
download	synapse-88d7182adaef8711bf3cc80ff604e566e517b6e6.tar.xz