summary refs log tree commit diff
path: root/synapse/crypto
diff options
context:
space:
mode:
authorPatrick Cloke <clokep@users.noreply.github.com>2020-12-02 11:09:24 -0500
committerGitHub <noreply@github.com>2020-12-02 11:09:24 -0500
commit30fba6210834a4ecd91badf0c8f3eb278b72e746 (patch)
tree3396057c52cf6372d4bec0d32fe08f767f6f5d31 /synapse/crypto
parentCorrectly handle unpersisted events when calculating auth chain difference. (... (diff)
downloadsynapse-30fba6210834a4ecd91badf0c8f3eb278b72e746.tar.xz
Apply an IP range blacklist to push and key revocation requests. (#8821)
Replaces the `federation_ip_range_blacklist` configuration setting with an
`ip_range_blacklist` setting with wider scope. It now applies to:

* Federation
* Identity servers
* Push notifications
* Checking key validitity for third-party invite events

The old `federation_ip_range_blacklist` setting is still honored if present, but
with reduced scope (it only applies to federation and identity servers).
Diffstat (limited to 'synapse/crypto')
-rw-r--r--synapse/crypto/keyring.py4
1 files changed, 2 insertions, 2 deletions
diff --git a/synapse/crypto/keyring.py b/synapse/crypto/keyring.py
index c04ad77cf9..f23eacc0d7 100644
--- a/synapse/crypto/keyring.py
+++ b/synapse/crypto/keyring.py
@@ -578,7 +578,7 @@ class PerspectivesKeyFetcher(BaseV2KeyFetcher):
     def __init__(self, hs):
         super().__init__(hs)
         self.clock = hs.get_clock()
-        self.client = hs.get_http_client()
+        self.client = hs.get_federation_http_client()
         self.key_servers = self.config.key_servers
 
     async def get_keys(self, keys_to_fetch):
@@ -748,7 +748,7 @@ class ServerKeyFetcher(BaseV2KeyFetcher):
     def __init__(self, hs):
         super().__init__(hs)
         self.clock = hs.get_clock()
-        self.client = hs.get_http_client()
+        self.client = hs.get_federation_http_client()
 
     async def get_keys(self, keys_to_fetch):
         """