Merge branch 'daniel/insecureclient' into develop

author: Daniel Wagner-Hall <daniel@matrix.org> 2015-09-09 14:27:30 +0100
committer: Daniel Wagner-Hall <daniel@matrix.org> 2015-09-09 14:27:30 +0100
commit: 2c746382e0a5da7e0640b149b2a4620706967324 (patch)
tree: a3629622a9035033fae45d43bc988b5ac51e8961 /synapse/config
parent: Don't require pdus in check_auth script (diff)
parent: Better document the intent of the insecure SSL setting (diff)
download: synapse-2c746382e0a5da7e0640b149b2a4620706967324.tar.xz
1 files changed, 8 insertions, 0 deletions
diff --git a/synapse/config/tls.py b/synapse/config/tls.py
index 4751d39bc9..35ff13f4ba 100644
--- a/synapse/config/tls.py
+++ b/synapse/config/tls.py
@@ -42,6 +42,14 @@ class TlsConfig(Config):
             config.get("tls_dh_params_path"), "tls_dh_params"
         )
 
+        # This config option applies to non-federation HTTP clients
+        # (e.g. for talking to recaptcha, identity servers, and such)
+        # It should never be used in production, and is intended for
+        # use only when running tests.
+        self.use_insecure_ssl_client = config.get(
+            "i_really_want_to_ignore_ssl_certs_when_i_am_an_https_client_even_"
+            "though_it_is_woefully_insecure_because_i_am_testing_i_promise", False)
+
     def default_config(self, config_dir_path, server_name):
         base_key_name = os.path.join(config_dir_path, server_name)
author	Daniel Wagner-Hall <daniel@matrix.org>	2015-09-09 14:27:30 +0100
committer	Daniel Wagner-Hall <daniel@matrix.org>	2015-09-09 14:27:30 +0100
commit	2c746382e0a5da7e0640b149b2a4620706967324 (patch)
tree	a3629622a9035033fae45d43bc988b5ac51e8961 /synapse/config
parent	Don't require pdus in check_auth script (diff)
parent	Better document the intent of the insecure SSL setting (diff)
download	synapse-2c746382e0a5da7e0640b149b2a4620706967324.tar.xz