Share SSL options for well-known requests

author: Erik Johnston <erik@matrix.org> 2019-07-30 17:42:56 +0100
committer: Erik Johnston <erik@matrix.org> 2019-07-31 10:39:24 +0100
commit: a9bcae9f50a14dc020634c532732c1a86b696d92 (patch)
tree: 9d6fdaa0da70a2f1dda0f3019d9f131d2af28cea /synapse/crypto
parent: Merge pull request #5793 from matrix-org/erikj/fix_bg_update (diff)
download: synapse-a9bcae9f50a14dc020634c532732c1a86b696d92.tar.xz
1 files changed, 8 insertions, 0 deletions
diff --git a/synapse/crypto/context_factory.py b/synapse/crypto/context_factory.py
index 4f48e8e88d..06e63a96b5 100644
--- a/synapse/crypto/context_factory.py
+++ b/synapse/crypto/context_factory.py
@@ -31,6 +31,7 @@ from twisted.internet.ssl import (
     platformTrust,
 )
 from twisted.python.failure import Failure
+from twisted.web.iweb import IPolicyForHTTPS
 
 logger = logging.getLogger(__name__)
 
@@ -74,6 +75,7 @@ class ServerContextFactory(ContextFactory):
         return self._context
 
 
+@implementer(IPolicyForHTTPS)
 class ClientTLSOptionsFactory(object):
     """Factory for Twisted SSLClientConnectionCreators that are used to make connections
     to remote servers for federation.
@@ -146,6 +148,12 @@ class ClientTLSOptionsFactory(object):
             f = Failure()
             tls_protocol.failVerification(f)
 
+    def creatorForNetloc(self, hostname, port):
+        """Implements the IPolicyForHTTPS interace so that this can be passed
+        directly to agents.
+        """
+        return self.get_options(hostname)
+
 
 @implementer(IOpenSSLClientConnectionCreator)
 class SSLClientConnectionCreator(object):
author	Erik Johnston <erik@matrix.org>	2019-07-30 17:42:56 +0100
committer	Erik Johnston <erik@matrix.org>	2019-07-31 10:39:24 +0100
commit	a9bcae9f50a14dc020634c532732c1a86b696d92 (patch)
tree	9d6fdaa0da70a2f1dda0f3019d9f131d2af28cea /synapse/crypto
parent	Merge pull request #5793 from matrix-org/erikj/fix_bg_update (diff)
download	synapse-a9bcae9f50a14dc020634c532732c1a86b696d92.tar.xz