diff options
author | Denis Kasak <dkasak@termina.org.uk> | 2023-10-23 11:38:51 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-10-23 07:38:51 -0400 |
commit | 3a0aa6fe76c43b09a0e13785894df2a285396c10 (patch) | |
tree | 12bc9cdec02b0db68f8e348d65fc18cfedad524b /synapse | |
parent | Remove the last reference to event_txn_id. (#16521) (diff) | |
download | synapse-3a0aa6fe76c43b09a0e13785894df2a285396c10.tar.xz |
Force TLS certificate verification in registration script. (#16530)
If using the script remotely, there's no particularly convincing reason to disable certificate verification, as this makes the connection interceptible. If on the other hand, the script is used locally (the most common use case), you can simply target the HTTP listener and avoid TLS altogether. This is what the script already attempts to do if passed a homeserver configuration YAML file.
Diffstat (limited to 'synapse')
-rw-r--r-- | synapse/_scripts/register_new_matrix_user.py | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/synapse/_scripts/register_new_matrix_user.py b/synapse/_scripts/register_new_matrix_user.py index 19ca399d44..9293808640 100644 --- a/synapse/_scripts/register_new_matrix_user.py +++ b/synapse/_scripts/register_new_matrix_user.py @@ -50,7 +50,7 @@ def request_registration( url = "%s/_synapse/admin/v1/register" % (server_location.rstrip("/"),) # Get the nonce - r = requests.get(url, verify=False) + r = requests.get(url) if r.status_code != 200: _print("ERROR! Received %d %s" % (r.status_code, r.reason)) @@ -88,7 +88,7 @@ def request_registration( } _print("Sending registration request...") - r = requests.post(url, json=data, verify=False) + r = requests.post(url, json=data) if r.status_code != 200: _print("ERROR! Received %d %s" % (r.status_code, r.reason)) |