summary refs log tree commit diff
path: root/synapse/config/tls.py (follow)
Commit message (Expand)AuthorAgeFilesLines
* Docs: Quote wildcard `federation_certificate_verification_whitelist` (#11381)Nicolai Søborg2021-11-181-2/+2
* Relax `ignore-missing-imports` for modules that have stubs now and update myp...David Robertson2021-10-081-3/+6
* [pyupgrade] `synapse/` (#10348)Jonathan de Jong2021-07-191-4/+2
* Use inline type hints in various other places (in `synapse/`) (#10380)Jonathan de Jong2021-07-151-3/+3
* Remove support for ACME v1 (#10194)Brendan Abolivier2021-06-171-145/+6
* Remove redundant code to reload tls cert (#10054)Richard van der Hoff2021-05-271-19/+3
* Remove tls_fingerprints option (#9280)Jerin J Titus2021-05-241-50/+0
* Merge pull request from GHSA-x345-32rc-8h85Richard van der Hoff2021-05-111-2/+2
* Remove redundant "coding: utf-8" lines (#9786)Jonathan de Jong2021-04-141-1/+0
* Bump black configuration to target py36 (#9781)Dan Callahan2021-04-131-1/+1
* Enable mypy checking for unreachable code and fix instances. (#8432)Patrick Cloke2020-10-011-9/+9
* Add prometheus metrics to track federation delays (#8430)Richard van der Hoff2020-10-011-1/+0
* Replace all remaining six usage with native Python 3 equivalents (#7704)Dagfinn Ilmari Mannsåker2020-06-161-3/+1
* Clarify list/set/dict/tuple comprehensions and enforce via flake8 (#6957)Patrick Cloke2020-02-211-1/+1
* Linters are hard but in they end they just want what's best for usBrendan Abolivier2020-02-131-1/+1
* Add a separator for the config warningBrendan Abolivier2020-02-131-1/+1
* Add mention and warning about ACME v1 deprecation to the Synapse configBrendan Abolivier2020-02-131-0/+19
* Allow empty federation_certificate_verification_whitelist (#6849)timfi2020-02-061-0/+2
* Add config linting script that checks for bool casing (#6203)Andrew Morgan2019-10-231-1/+8
* Refactor HomeserverConfig so it can be typechecked (#6137)Amber Brown2019-10-101-3/+6
* Fix well-known lookups with the federation certificate whitelist (#5997)Amber Brown2019-09-141-1/+8
* Config templating (#5900)Jorik Schellekens2019-08-281-12/+38
* Update the TLS cipher string and provide configurability for TLS on outgoing ...Amber Brown2019-06-281-1/+31
* Don't load the generated config as the default.Richard van der Hoff2019-06-241-1/+3
* Allow configuration of the path used for ACME account keys.Richard van der Hoff2019-06-241-2/+14
* Pass config_dir_path and data_dir_path into Config.read_config. (#5522)Richard van der Hoff2019-06-241-1/+1
* Run Black. (#5482)Amber Brown2019-06-201-23/+29
* Merge branch 'rav/fix_custom_ca' into rav/enable_tls_verificationRichard van der Hoff2019-06-051-1/+1
|\
| * Fix `federation_custom_ca_list` configuration option.Richard van der Hoff2019-06-051-1/+1
* | Validate federation server TLS certificates by default.Richard van der Hoff2019-06-051-5/+5
|/
* Config option for verifying federation certificates (MSC 1711) (#4967)Andrew Morgan2019-04-251-6/+89
* Document using a certificate with a full chain (#4849)Andrew Morgan2019-03-131-0/+5
* Fix ACME config for python 2. (#4717)Richard van der Hoff2019-02-251-3/+7
* Attempt to make default config more consistentRichard van der Hoff2019-02-191-10/+10
* Improve config documentationBrendan Abolivier2019-02-191-3/+11
* Use a configuration parameter to give the domain to generate a certificate forBrendan Abolivier2019-02-181-0/+7
* Disable TLS by default (#4614)Richard van der Hoff2019-02-121-3/+3
* Fix error when loading cert if tls is disabled (#4618)Richard van der Hoff2019-02-121-15/+42
* fix testsRichard van der Hoff2019-02-111-1/+1
* Infer no_tls from presence of TLS listenersRichard van der Hoff2019-02-111-8/+2
* Logging improvements around TLS certsRichard van der Hoff2019-02-111-18/+36
* ACME Reprovisioning (#4522)Amber Brown2019-02-111-1/+11
* Be tolerant of blank TLS fingerprints config (#4589)Amber Brown2019-02-111-1/+5
* Fix default ACME config for py2 (#4564)Richard van der Hoff2019-02-051-1/+1
* fix typo in config comments (#4557)Richard van der Hoff2019-02-051-2/+2
* ACME config cleanups (#4525)Richard van der Hoff2019-01-301-26/+74
* Do not generate self-signed TLS certificates by default. (#4509)Amber Brown2019-01-291-43/+18
* Support ACME for certificate provisioning (#4384)Amber Brown2019-01-231-24/+91
* Require ECDH key exchange & remove dh_params (#4429)Amber Brown2019-01-221-40/+0
* run isortAmber Brown2018-07-091-5/+6
* Open certificate files as bytesAdrian Tschira2018-04-101-2/+2
* fix typoMatthew Hodgson2018-01-161-1/+1
* tip for generating tls_fingerprintsMatthew Hodgson2017-10-241-0/+6
* Improve error handling for missing files (#2551)Richard van der Hoff2017-10-171-3/+3
* Fix typo in config comments.Tyler Smith2017-02-111-1/+1
* Explain how long the servers can cache the TLS fingerprints forMark Haines2016-10-121-3/+4
* Improve comment formattingMark Haines2016-10-121-1/+1
* Add config option for adding additional TLS fingerprintsMark Haines2016-10-111-0/+37
* copyrightsMatthew Hodgson2016-01-071-1/+1
* Implement configurable stats reportingDaniel Wagner-Hall2015-09-221-1/+1
* Use shorter config key nameDaniel Wagner-Hall2015-09-151-3/+3
* Better document the intent of the insecure SSL settingDaniel Wagner-Hall2015-09-091-2/+6
* Allow configuration to ignore invalid SSL certsDaniel Wagner-Hall2015-09-091-0/+4
* Merge branch 'master' of github.com:matrix-org/synapse into developErik Johnston2015-07-211-2/+2
|\
| * typoMatthew Hodgson2015-07-081-2/+2
* | We don't want semicolons.Erik Johnston2015-07-091-1/+1
* | remove the tls_certificate_chain_path param and simply support tls_certificat...Matthew Hodgson2015-07-091-21/+9
* | document tls_certificate_chain_path more clearlyMatthew Hodgson2015-07-091-0/+5
* | oops, context.tls_certificate_chain_file() expects a file, not a certificate.Matthew Hodgson2015-07-081-4/+1
* | *cough*Matthew Hodgson2015-07-081-2/+3
* | add new optional config for tls_certificate_chain_path for folks with interme...Matthew Hodgson2015-07-081-3/+17
|/
* Write a default log_config when generating configMark Haines2015-04-301-1/+1
* Manually generate the default config yaml, remove most of the commandline arg...Mark Haines2015-04-301-40/+38
* Unused importErik Johnston2015-03-061-1/+1
* Don't look for an TLS private key if we have set --no-tlsErik Johnston2015-03-061-4/+13
* Update copyright noticesMark Haines2015-01-061-1/+1
* Fix pep8 warningsMark Haines2014-10-301-1/+1
* fix the copyright holder from matrix.org to OpenMarket Ltd, as matrix.org has...Matthew Hodgson2014-09-031-1/+1
* Fix typo when reading TLS configMark Haines2014-09-021-1/+1
* More helpful error messages for missing configMark Haines2014-09-021-3/+5
* Use pregenerated DH params when generating configMark Haines2014-09-011-7/+29
* Fix homeserver config parsingMark Haines2014-09-011-1/+1
* Add config tree to synapse. Add support for reading config from a fileMark Haines2014-08-311-0/+106