Merge branch 'rav/no_create_server_contexts_if_no_tls' into rav/tls_cert/work

author: Richard van der Hoff <richard@matrix.org> 2019-02-11 21:34:19 +0000
committer: Richard van der Hoff <richard@matrix.org> 2019-02-11 21:34:19 +0000
commit: 15272f837c42e003ade116ca0f1c239a29ebfb93 (patch)
tree: 20aeb74d19c8713e557f592004a3fefba34ee8d5 /synapse/crypto
parent: Merge branch 'rav/tls_config_logging_fixes' into rav/tls_cert/work (diff)
parent: Don't create server contexts when TLS is disabled (diff)
download: synapse-15272f837c42e003ade116ca0f1c239a29ebfb93.tar.xz
1 files changed, 1 insertions, 3 deletions
diff --git a/synapse/crypto/context_factory.py b/synapse/crypto/context_factory.py
index 286ad80100..85f2848fb1 100644
--- a/synapse/crypto/context_factory.py
+++ b/synapse/crypto/context_factory.py
@@ -43,9 +43,7 @@ class ServerContextFactory(ContextFactory):
             logger.exception("Failed to enable elliptic curve for TLS")
         context.set_options(SSL.OP_NO_SSLv2 | SSL.OP_NO_SSLv3)
         context.use_certificate_chain_file(config.tls_certificate_file)
-
-        if not config.no_tls:
-            context.use_privatekey(config.tls_private_key)
+        context.use_privatekey(config.tls_private_key)
 
         # https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
         context.set_cipher_list(
author	Richard van der Hoff <richard@matrix.org>	2019-02-11 21:34:19 +0000
committer	Richard van der Hoff <richard@matrix.org>	2019-02-11 21:34:19 +0000
commit	15272f837c42e003ade116ca0f1c239a29ebfb93 (patch)
tree	20aeb74d19c8713e557f592004a3fefba34ee8d5 /synapse/crypto
parent	Merge branch 'rav/tls_config_logging_fixes' into rav/tls_cert/work (diff)
parent	Don't create server contexts when TLS is disabled (diff)
download	synapse-15272f837c42e003ade116ca0f1c239a29ebfb93.tar.xz