summary refs log tree commit diff
path: root/synapse/crypto/keyring.py (follow)
Commit message (Expand)AuthorAgeFilesLines
* Modify StoreKeyFetcher to read from server_keys_json. (#15417)Patrick Cloke2023-04-201-15/+15
* Improve robustness when handling a perspective key response by deduplicating ...reivilibre2023-04-131-4/+22
* Bump black from 22.12.0 to 23.1.0 (#15103)dependabot[bot]2023-02-221-1/+1
* Add some clarifying comments and refactor a portion of the `Keyring` class fo...Andrew Morgan2023-01-131-18/+43
* Stop using deprecated `keyIds` param on /key/v2/server (#14525)Richard van der Hoff2022-11-301-64/+43
* Fix /key/v2/server calls with URL-unsafe key IDs (#14490)David Robertson2022-11-181-1/+1
* Remove redundant types from comments. (#14412)Patrick Cloke2022-11-161-5/+4
* Fix typechecker problems exposed by signedjson 1.1.2 (#12326)David Robertson2022-03-291-1/+1
* Bump `black` and `click` versions (#12320)David Robertson2022-03-291-1/+1
* Remove `HomeServer.get_datastore()` (#12031)Richard van der Hoff2022-02-231-2/+2
* Use auto_attribs/native type hints for attrs classes. (#11692)Patrick Cloke2022-01-131-9/+9
* Fix perspectives requests for multiple keys for the same server (#11440)Richard van der Hoff2021-11-291-11/+19
* Fix verification of objects signed with old local keys (#11379)Richard van der Hoff2021-11-191-28/+41
* Fetch verify key locally rather than trying to do so over federation if origi...Shay2021-10-281-29/+45
* Add missing type hints to synapse.crypto. (#11146)Patrick Cloke2021-10-211-3/+5
* Use direct references for some configuration variables (part 2) (#10812)Patrick Cloke2021-09-151-1/+1
* Use inline type hints in various other places (in `synapse/`) (#10380)Jonathan de Jong2021-07-151-9/+11
* When joining a remote room limit the number of events we concurrently check s...Erik Johnston2021-06-081-34/+12
* Rewrite the KeyRing (#10035)Erik Johnston2021-06-021-375/+267
* Add `Keyring.verify_events_for_server` and reduce memory usage (#10018)Erik Johnston2021-05-201-10/+88
* remove `HomeServer.get_config` (#9815)Richard van der Hoff2021-04-141-1/+1
* Remove redundant "coding: utf-8" lines (#9786)Jonathan de Jong2021-04-141-1/+0
* Import HomeServer from the proper module. (#9665)Patrick Cloke2021-03-231-1/+1
* Add type hints to the crypto module. (#8999)Patrick Cloke2021-01-041-86/+120
* Apply an IP range blacklist to push and key revocation requests. (#8821)Patrick Cloke2020-12-021-2/+2
* Fix occasional "Re-starting finished log context" from keyring (#8398)Richard van der Hoff2020-09-251-26/+44
* Simplify super() calls to Python 3 syntax. (#8344)Patrick Cloke2020-09-181-2/+2
* Stop sub-classing object (#8249)Patrick Cloke2020-09-041-4/+4
* Do not assume calls to runInteraction return Deferreds. (#8133)Patrick Cloke2020-08-201-4/+3
* Convert the crypto module to async/await. (#8003)Patrick Cloke2020-08-031-109/+92
* Convert federation client to async/await. (#7975)Patrick Cloke2020-07-301-28/+32
* Replace all remaining six usage with native Python 3 equivalents (#7704)Dagfinn Ilmari Mannsåker2020-06-161-4/+2
* Clean up some LoggingContext stuff (#7120)Richard van der Hoff2020-03-241-2/+2
* Clarify list/set/dict/tuple comprehensions and enforce via flake8 (#6957)Patrick Cloke2020-02-211-4/+2
* Fix exception when fetching notary server's old keys (#6625)Richard van der Hoff2020-01-061-6/+7
* Merge pull request #5895 from matrix-org/erikj/notary_keyErik Johnston2019-08-271-9/+2
|\
| * Fixup review commentsErik Johnston2019-08-231-2/+2
| * Only sign when we respond to remote key requestsErik Johnston2019-08-211-10/+1
| * Add config option for keys to use to sign keysErik Johnston2019-08-211-5/+7
* | Improve error msg when key-fetch fails (#5896)Richard van der Hoff2019-08-221-5/+7
|/
* Replace returnValue with return (#5736)Amber Brown2019-07-231-7/+7
* Add a delay to key lookup lock release to fix stack overflowRichard van der Hoff2019-07-191-2/+8
* Refactor Keyring._start_key_lookupsRichard van der Hoff2019-07-191-51/+35
* Move logging utilities out of the side drawer of util/ and into logging/ (#5606)Amber Brown2019-07-041-7/+8
* Run Black. (#5482)Amber Brown2019-06-201-22/+11
* Improve startup checks for insecure notary configs (#5392)Richard van der Hoff2019-06-101-7/+0
* Stop hardcoding trust of old matrix.org key (#5374)Richard van der Hoff2019-06-061-35/+37
* Associate a request_name with each verify request, for loggingRichard van der Hoff2019-06-051-44/+68
* Clean up debug logging (#5347)Richard van der Hoff2019-06-051-4/+0
* Rename VerifyKeyRequest.deferred field (#5343)Richard van der Hoff2019-06-051-12/+12
* Don't do long retries when calling the key notary server. (#5334)Richard van der Hoff2019-06-041-1/+0
* Notary server: make requests to origins in parallelRichard van der Hoff2019-06-041-1/+9
* Don't bomb out on direct key fetches as soon as one failsRichard van der Hoff2019-06-041-22/+36
* Reduce timeout for outbound /key/v2/server requests.Richard van der Hoff2019-06-031-0/+13
* Enforce validity period on server_keys for fed requests. (#5321)Richard van der Hoff2019-06-031-56/+111
* Merge pull request #5307 from matrix-org/rav/server_keys/07-fix-notary-cache-...Richard van der Hoff2019-06-031-12/+2
|\
| * Stop overwriting server keys with other keysRichard van der Hoff2019-05-311-12/+2
* | Merge remote-tracking branch 'origin/develop' into rav/server_keys/05-rewrite...Richard van der Hoff2019-05-311-41/+28
|\|
| * Remove some pointless exception handlingRichard van der Hoff2019-05-301-25/+8
| * use attr.s for VerifyKeyRequestRichard van der Hoff2019-05-301-17/+21
* | Rewrite get_server_verify_keys, again.Richard van der Hoff2019-05-301-48/+53
|/
* Merge pull request #5251 from matrix-org/rav/server_keys/01-check_sigRichard van der Hoff2019-05-281-41/+92
|\
| * Improve error handling/logging for perspectives-key fetching.Richard van der Hoff2019-05-241-28/+77
| * Require sig from origin server on perspectives responsesRichard van der Hoff2019-05-231-13/+15
* | Simplification to Keyring.wait_for_previous_lookups. (#5250)Richard van der Hoff2019-05-241-7/+4
|/
* Factor out KeyFetchers from KeyRingRichard van der Hoff2019-05-231-140/+175
* Store key validity time in the storage layerRichard van der Hoff2019-05-231-14/+33
* Simplify process_v2_response (#5236)Richard van der Hoff2019-05-231-21/+29
* Remove unused VerifyKey.expired and .time_added fields (#5235)Richard van der Hoff2019-05-231-3/+0
* Rewrite store_server_verify_key to store several keys at once (#5234)Richard van der Hoff2019-05-231-45/+14
* Run black on synapse.crypto.keyring (#5232)Richard van der Hoff2019-05-221-149/+137
* remove extraneous exception loggingRichard van der Hoff2019-04-251-16/+32
* Clarify logging when PDU signature checking failsRichard van der Hoff2019-04-251-3/+1
* Remove periods from copyright headers (#5046)Andrew Morgan2019-04-111-1/+1
* Rewrite Datastore.get_server_verify_keysRichard van der Hoff2019-04-091-21/+17
* Remove redundant merged_keys dictRichard van der Hoff2019-04-081-8/+5
* Fix from_server buglet in get_keys_from_perspectivesRichard van der Hoff2019-04-081-1/+1
* Hoist server_name check out of process_v2_responseRichard van der Hoff2019-04-041-13/+7
* Clean up Keyring.process_v2_responseRichard van der Hoff2019-04-041-23/+46
* Correctly log expected errors when fetching server keysErik Johnston2019-03-111-2/+2
* raise_from already raisesErik Johnston2019-02-251-4/+4
* Handle errors when fetching remote server keysErik Johnston2019-02-231-21/+51
* Correctly handle RequestSendFailed exceptionsErik Johnston2019-02-141-2/+2
* Make key fetches use regular federation client (#4426)Richard van der Hoff2019-01-221-23/+7
* Remove fetching keys via the deprecated v1 kex method (#4120)Amber Brown2018-10-311-103/+7
* Merge pull request #3826 from matrix-org/rav/logging_for_keyringAmber Brown2018-09-121-6/+18
|\
| * add some logging for the keyring queueRichard van der Hoff2018-09-061-6/+18
* | Port crypto/ to Python 3 (#3822)Amber Brown2018-09-121-4/+5
|/
* fix accidental removal of hsJeroen2018-07-271-1/+1
* Merge remote-tracking branch 'upstream/develop' into send_sni_for_federation_...Jeroen2018-07-141-21/+23
|\
| * run isortAmber Brown2018-07-091-21/+23
* | send SNI for federation requestsJeroen2018-06-241-2/+2
|/
* Try to log more helpful info when a sig verification failsRichard van der Hoff2018-06-081-6/+25
* Merge remote-tracking branch 'origin/develop' into rav/use_run_in_backgroundRichard van der Hoff2018-04-271-45/+48
|\
| * Improve exception handling for background processesRichard van der Hoff2018-04-271-45/+48
* | Use run_in_background in preference to preserve_fnRichard van der Hoff2018-04-271-11/+17
|/
* Use str(e) instead of e.messageAdrian Tschira2018-04-151-4/+4
* replace 'except:' with 'except Exception:'Richard van der Hoff2017-10-231-1/+1
* Merge branch 'develop' into developRichard van der Hoff2017-09-251-124/+161
|\
| * Fix logcontext handling in verify_json_objects_for_serverRichard van der Hoff2017-09-201-8/+12
| * Turn _start_key_lookups into an inlineCallbacks functionRichard van der Hoff2017-09-201-40/+37
| * Fix potential race in _start_key_lookupsRichard van der Hoff2017-09-201-5/+8
| * Add some comments to _start_key_lookupsRichard van der Hoff2017-09-201-0/+8
| * Consistency for how verify_request.deferred is calledRichard van der Hoff2017-09-201-13/+17
| * Factor out _start_key_lookupsRichard van der Hoff2017-09-201-7/+17
| * Replace `server_and_json` with `verify_requests`Richard van der Hoff2017-09-201-3/+3
| * pull out handle_key_deferred to top levelRichard van der Hoff2017-09-201-43/+44
| * Fix incorrect key_ids in error messageRichard van der Hoff2017-09-201-1/+1
| * Fix concurrent server_key requests (#2458)Richard van der Hoff2017-09-191-1/+3
| * Clean up and document handling of logcontexts in Keyring (#2452)Richard van der Hoff2017-09-181-28/+36
* | Fix iteration of requests_missing_keys; list doesn't have .values()Kenny Keslar2017-07-261-1/+1
|/
* Merge pull request #2050 from matrix-org/rav/federation_backoffRichard van der Hoff2017-03-231-23/+16
|\
| * push federation retry limiter down to matrixfederationclientRichard van der Hoff2017-03-231-23/+16
* | fix up some key verif docstringsRichard van der Hoff2017-03-211-2/+21
|/
* Add some debug to help diagnose weird federation issueRichard van der Hoff2017-03-201-1/+8
* Preserve some logcontextsErik Johnston2016-08-241-18/+18
* Update keyring MeasureErik Johnston2016-08-191-85/+85
* Measure keyringsErik Johnston2016-08-191-34/+36
* Don't print stack traces when failing to get remote keysErik Johnston2016-08-101-12/+16
* Merge branch 'develop' into markjh/verifyMark Haines2016-07-271-2/+9
|\
| * Merge pull request #955 from matrix-org/markjh/only_from2Mark Haines2016-07-271-2/+9
| |\
| | * Add a couple more checks to the keyringMark Haines2016-07-261-2/+9
| * | Fix a couple of bugs in the transaction and keyring codeMark Haines2016-07-261-8/+9
| |/
* / Clean up verify_json_objects_for_serverMark Haines2016-07-271-68/+75
|/
* Fix up logcontextsErik Johnston2016-02-081-37/+46
* copyrightsMatthew Hodgson2016-01-071-1/+1
* Actually look up required remote server key IDsPaul "LeoNerd" Evans2015-12-181-1/+3
* Fix typoErik Johnston2015-11-201-1/+1
* Don't limit connections to perspective serversErik Johnston2015-11-201-21/+17
* Fix bug where we sometimes didn't fetch all the keys requested for aErik Johnston2015-09-171-4/+3
* Merge pull request #272 from matrix-org/daniel/insecureclientDaniel Wagner-Hall2015-09-151-2/+2
|\
| * Allow configuration to ignore invalid SSL certsDaniel Wagner-Hall2015-09-091-2/+2
* | Various bug fixes to crypto.keyringErik Johnston2015-09-091-10/+17
|/
* Remove syutil dependency in favour of smaller single-purpose librariesMark Haines2015-08-241-9/+9
* Wait for previous attempts at fetching keys for a given server before trying ...Erik Johnston2015-06-261-15/+68
* Implement bulk verify_signed_json APIErik Johnston2015-06-261-134/+292
* Handle the case when things return empty but non none thingsErik Johnston2015-05-191-2/+2
* Don't always hit get_server_verify_key_v1_directErik Johnston2015-05-191-5/+10
* SYN-383: Actually, we expect this value to be a dictErik Johnston2015-05-191-1/+2
* SYN-383: Handle the fact the server might not have signed thingsErik Johnston2015-05-191-1/+1
* Don't reuse var namesErik Johnston2015-05-191-2/+2
* SYN-383: Fix parsing of verify_keys and catching of _DefGen_ReturnErik Johnston2015-05-191-18/+18
* SYN-383: Extract the response list from 'server_keys' in the response JSON as...Mark Haines2015-05-191-1/+3
* Change the way we create observers to deferreds so that we don't get spammed ...Erik Johnston2015-05-081-2/+6
* Use a defer.gatherResults to collect results from the perspective serversMark Haines2015-04-291-11/+21
* Update the query format used by keyring to match current key v2 specMark Haines2015-04-291-1/+12
* Implement minimum_valid_until_ts in the remote key resourceMark Haines2015-04-291-0/+1
* Merge branch 'develop' into key_distributionMark Haines2015-04-271-0/+20
|\
| * Fix newlinesErik Johnston2015-04-271-2/+1
| * Pull inner function out.Erik Johnston2015-04-271-76/+77
| * Implement locks using create_observer for fetching media and server keysErik Johnston2015-04-271-59/+79
* | Add config for setting the perspective serversMark Haines2015-04-241-1/+5
* | Update to match the specification for key/v2Mark Haines2015-04-231-2/+2
* | Implement remote key lookup apiMark Haines2015-04-221-35/+40
* | Implement v2 key lookupMark Haines2015-04-201-17/+251
|/
* Log error message when we fail to fetch remote server keysErik Johnston2015-03-051-2/+11
* Try to only back off if we think we failed to connect to the remoteErik Johnston2015-02-171-54/+54
* Add per server retry limiting.Erik Johnston2015-02-171-15/+7
* Rate limit retries when fetching server keys.Erik Johnston2015-02-171-55/+71
* Update copyright noticesMark Haines2015-01-061-1/+1
* Add a few missing yields, Move deferred lists inside PreserveLoggingContext b...Mark Haines2014-11-201-2/+2
* Fix pep8 warningsMark Haines2014-10-301-2/+2
* add log line for checking verifying signaturesMark Haines2014-10-171-0/+1
* Better response message when signature is missing or unsupportedMark Haines2014-10-131-1/+1
* Respond with more helpful error messages for unsigned requestsMark Haines2014-10-131-2/+31
* SYN-75 Verify signatures on server to server transactionsMark Haines2014-09-301-0/+125