Merge remote-tracking branch 'origin/develop' into dbkr/add_dummy_flow_to_recaptcha_only

author: David Baker <dave@matrix.org> 2019-05-13 15:37:03 +0100
committer: David Baker <dave@matrix.org> 2019-05-13 15:37:03 +0100
commit: 9e99143c47f8eca30c36aa9b6312b991a969cf1a (patch)
tree: 8d839e28e9276baa255bed3c0cf1d25f43eac2ec /synapse/http/client.py
parent: And now I realise why the test is failing... (diff)
parent: Merge branch 'master' into develop (diff)
download: synapse-9e99143c47f8eca30c36aa9b6312b991a969cf1a.tar.xz
1 files changed, 25 insertions, 20 deletions
diff --git a/synapse/http/client.py b/synapse/http/client.py
index ad454f4964..ddbfb72228 100644
--- a/synapse/http/client.py
+++ b/synapse/http/client.py
@@ -90,45 +90,50 @@ class IPBlacklistingResolver(object):
     def resolveHostName(self, recv, hostname, portNumber=0):
 
         r = recv()
-        d = defer.Deferred()
         addresses = []
 
-        @provider(IResolutionReceiver)
-        class EndpointReceiver(object):
-            @staticmethod
-            def resolutionBegan(resolutionInProgress):
-                pass
+        def _callback():
+            r.resolutionBegan(None)
 
-            @staticmethod
-            def addressResolved(address):
-                ip_address = IPAddress(address.host)
+            has_bad_ip = False
+            for i in addresses:
+                ip_address = IPAddress(i.host)
 
                 if check_against_blacklist(
                     ip_address, self._ip_whitelist, self._ip_blacklist
                 ):
                     logger.info(
-                        "Dropped %s from DNS resolution to %s" % (ip_address, hostname)
+                        "Dropped %s from DNS resolution to %s due to blacklist" %
+                        (ip_address, hostname)
                     )
-                    raise SynapseError(403, "IP address blocked by IP blacklist entry")
+                    has_bad_ip = True
+
+            # if we have a blacklisted IP, we'd like to raise an error to block the
+            # request, but all we can really do from here is claim that there were no
+            # valid results.
+            if not has_bad_ip:
+                for i in addresses:
+                    r.addressResolved(i)
+            r.resolutionComplete()
 
+        @provider(IResolutionReceiver)
+        class EndpointReceiver(object):
+            @staticmethod
+            def resolutionBegan(resolutionInProgress):
+                pass
+
+            @staticmethod
+            def addressResolved(address):
                 addresses.append(address)
 
             @staticmethod
             def resolutionComplete():
-                d.callback(addresses)
+                _callback()
 
         self._reactor.nameResolver.resolveHostName(
             EndpointReceiver, hostname, portNumber=portNumber
         )
 
-        def _callback(addrs):
-            r.resolutionBegan(None)
-            for i in addrs:
-                r.addressResolved(i)
-            r.resolutionComplete()
-
-        d.addCallback(_callback)
-
         return r
author	David Baker <dave@matrix.org>	2019-05-13 15:37:03 +0100
committer	David Baker <dave@matrix.org>	2019-05-13 15:37:03 +0100
commit	9e99143c47f8eca30c36aa9b6312b991a969cf1a (patch)
tree	8d839e28e9276baa255bed3c0cf1d25f43eac2ec /synapse/http/client.py
parent	And now I realise why the test is failing... (diff)
parent	Merge branch 'master' into develop (diff)
download	synapse-9e99143c47f8eca30c36aa9b6312b991a969cf1a.tar.xz