summary refs log tree commit diff
path: root/synapse
diff options
context:
space:
mode:
authorAndrew Morgan <andrew@amorgan.xyz>2019-04-03 11:57:09 +0100
committerAndrew Morgan <andrew@amorgan.xyz>2019-04-03 11:57:09 +0100
commit507cdf2b6f00317e88a76809511239766b5656b9 (patch)
tree5b57b70550565dadce6aa8029894df427a941c5d /synapse
parentDon't break logic when refactoring (diff)
downloadsynapse-507cdf2b6f00317e88a76809511239766b5656b9.tar.xz
fix domain whitelist
Diffstat (limited to 'synapse')
-rw-r--r--synapse/config/server.py6


-rw-r--r--synapse/config/tls.py6


-rw-r--r--synapse/crypto/context_factory.py1


3 files changed, 8 insertions, 5 deletions
diff --git a/synapse/config/server.py b/synapse/config/server.py
index aa2bb0d040..f55a71d508 100644
--- a/synapse/config/server.py
+++ b/synapse/config/server.py
@@ -111,10 +111,14 @@ class ServerConfig(Config):
         self.admin_contact = config.get("admin_contact", None)
 
         # FIXME: federation_domain_whitelist needs sytests
-        self.federation_domain_whitelist = {}
         federation_domain_whitelist = config.get(
             "federation_domain_whitelist", [],
         )
+
+        self.federation_domain_whitelist = None
+        if len(federation_domain_whitelist) > 0:
+            self.federation_domain_whitelist = {}
+
         # turn the whitelist into a hash for speed of lookup
         for domain in federation_domain_whitelist:
             self.federation_domain_whitelist[domain] = True
diff --git a/synapse/config/tls.py b/synapse/config/tls.py
index 7dbf41887b..d157e310e4 100644
--- a/synapse/config/tls.py
+++ b/synapse/config/tls.py
@@ -242,15 +242,15 @@ class TlsConfig(Config):
         #
         #federation_verify_certificates: true
 
-        # Skip federation certificate validation on the following whitelist of
-        # domains.
+        # Skip federation certificate verification on the following whitelist
+        # of domains.
         #
         # Note that this should only be used within the context of private
         # federation as it will otherwise break things.
         #
         # Only effective if federation_verify_certicates is `true`.
         #
-        #federation_certificate_validation_whitelist:
+        #federation_certificate_verification_whitelist:
         #  - lon.example.com
         #  - nyc.example.com
         #  - syd.example.com
diff --git a/synapse/crypto/context_factory.py b/synapse/crypto/context_factory.py
index e2b5ce173b..1ee87cdd13 100644
--- a/synapse/crypto/context_factory.py
+++ b/synapse/crypto/context_factory.py
@@ -131,7 +131,6 @@ class ClientTLSOptionsFactory(object):
 
     def __init__(self, config):
         self._config = config
-
         self._options_noverify = CertificateOptions()
 
         # Check if we're using a custom list of a CA certificates

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-30 23:05:47 +0000