diff options
author | Patrick Cloke <clokep@users.noreply.github.com> | 2021-03-11 09:15:22 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-03-11 09:15:22 -0500 |
commit | e55bd0e11012ee14a8b18ece16f4837b86212f5c (patch) | |
tree | d957a35b7a454c8f8ac0a29b054fc7aac1dd54bd /synapse/http/client.py | |
parent | Re-Activating account when local passwords are disabled (#9587) (diff) | |
download | synapse-e55bd0e11012ee14a8b18ece16f4837b86212f5c.tar.xz |
Add tests for blacklisting reactor/agent. (#9563)
Diffstat (limited to 'synapse/http/client.py')
-rw-r--r-- | synapse/http/client.py | 26 |
1 files changed, 14 insertions, 12 deletions
diff --git a/synapse/http/client.py b/synapse/http/client.py index af34d583ad..8f3da486b3 100644 --- a/synapse/http/client.py +++ b/synapse/http/client.py @@ -39,6 +39,7 @@ from zope.interface import implementer, provider from OpenSSL import SSL from OpenSSL.SSL import VERIFY_NONE from twisted.internet import defer, error as twisted_error, protocol, ssl +from twisted.internet.address import IPv4Address, IPv6Address from twisted.internet.interfaces import ( IAddress, IHostResolution, @@ -151,16 +152,17 @@ class _IPBlacklistingResolver: def resolveHostName( self, recv: IResolutionReceiver, hostname: str, portNumber: int = 0 ) -> IResolutionReceiver: - - r = recv() addresses = [] # type: List[IAddress] def _callback() -> None: - r.resolutionBegan(None) - has_bad_ip = False - for i in addresses: - ip_address = IPAddress(i.host) + for address in addresses: + # We only expect IPv4 and IPv6 addresses since only A/AAAA lookups + # should go through this path. + if not isinstance(address, (IPv4Address, IPv6Address)): + continue + + ip_address = IPAddress(address.host) if check_against_blacklist( ip_address, self._ip_whitelist, self._ip_blacklist @@ -175,15 +177,15 @@ class _IPBlacklistingResolver: # request, but all we can really do from here is claim that there were no # valid results. if not has_bad_ip: - for i in addresses: - r.addressResolved(i) - r.resolutionComplete() + for address in addresses: + recv.addressResolved(address) + recv.resolutionComplete() @provider(IResolutionReceiver) class EndpointReceiver: @staticmethod def resolutionBegan(resolutionInProgress: IHostResolution) -> None: - pass + recv.resolutionBegan(resolutionInProgress) @staticmethod def addressResolved(address: IAddress) -> None: @@ -197,7 +199,7 @@ class _IPBlacklistingResolver: EndpointReceiver, hostname, portNumber=portNumber ) - return r + return recv @implementer(ISynapseReactor) @@ -346,7 +348,7 @@ class SimpleHttpClient: contextFactory=self.hs.get_http_client_context_factory(), pool=pool, use_proxy=use_proxy, - ) + ) # type: IAgent if self._ip_blacklist: # If we have an IP blacklist, we then install the blacklisting Agent |