summary refs log tree commit diff
path: root/synapse/http
diff options
context:
space:
mode:
Diffstat (limited to 'synapse/http')
-rw-r--r--synapse/http/client.py8
-rw-r--r--synapse/http/endpoint.py2
-rw-r--r--synapse/http/server.py6
3 files changed, 12 insertions, 4 deletions
diff --git a/synapse/http/client.py b/synapse/http/client.py
index 36ba2c6591..093bdf0e3f 100644
--- a/synapse/http/client.py
+++ b/synapse/http/client.py
@@ -113,8 +113,9 @@ class TwistedHttpClient(HttpClient):
             requests.
     """
 
-    def __init__(self):
+    def __init__(self, hs):
         self.agent = MatrixHttpAgent(reactor)
+        self.hs = hs
 
     @defer.inlineCallbacks
     def put_json(self, destination, path, data):
@@ -177,7 +178,10 @@ class TwistedHttpClient(HttpClient):
         retries_left = 5
 
         # TODO: setup and pass in an ssl_context to enable TLS
-        endpoint = matrix_endpoint(reactor, destination, timeout=10)
+        endpoint = matrix_endpoint(
+            reactor, destination, timeout=10,
+            ssl_context_factory=self.hs.tls_context_factory
+        )
 
         while True:
             try:
diff --git a/synapse/http/endpoint.py b/synapse/http/endpoint.py
index d91500b07d..a6ebe23567 100644
--- a/synapse/http/endpoint.py
+++ b/synapse/http/endpoint.py
@@ -53,7 +53,7 @@ def matrix_endpoint(reactor, destination, ssl_context_factory=None,
         default_port = 8080
     else:
         transport_endpoint = SSL4ClientEndpoint
-        endpoint_kw_args.update(ssl_context_factory=ssl_context_factory)
+        endpoint_kw_args.update(sslContextFactory=ssl_context_factory)
         default_port = 443
 
     if port is None:
diff --git a/synapse/http/server.py b/synapse/http/server.py
index 66f966fcaa..0b87718bfa 100644
--- a/synapse/http/server.py
+++ b/synapse/http/server.py
@@ -325,7 +325,11 @@ class ContentRepoResource(resource.Resource):
 
             # FIXME (erikj): These should use constants.
             file_name = os.path.basename(fname)
-            url = "http://%s/matrix/content/%s" % (
+            # FIXME: we can't assume what the public mounted path of the repo is
+            # ...plus self-signed SSL won't work to remote clients anyway
+            # ...and we can't assume that it's SSL anyway, as we might want to
+            # server it via the non-SSL listener...
+            url = "https://%s/_matrix/content/%s" % (
                 self.hs.domain_with_port, file_name
             )
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-29 13:38:17 +0000