summary refs log tree commit diff
path: root/synapse/crypto (follow)
Commit message (Collapse)AuthorAgeFilesLines
* remove extraneous exception loggingRichard van der Hoff2019-04-251-16/+32
|
* Clarify logging when PDU signature checking failsRichard van der Hoff2019-04-251-3/+1
|
* Config option for verifying federation certificates (MSC 1711) (#4967)Andrew Morgan2019-04-251-6/+27
|
* Remove periods from copyright headers (#5046)Andrew Morgan2019-04-111-1/+1
|
* Rewrite Datastore.get_server_verify_keysRichard van der Hoff2019-04-091-21/+17
| | | | Rewrite this so that it doesn't hammer the database.
* Remove redundant merged_keys dictRichard van der Hoff2019-04-081-8/+5
| | | | | | There's no point in collecting a merged dict of keys: it is sufficient to consider just the new keys which have been fetched by the most recent key_fetch_fns.
* Fix from_server buglet in get_keys_from_perspectivesRichard van der Hoff2019-04-081-1/+1
| | | | | make sure we store the name of the server the keys came from, rather than the origin server, after doing a fetch-from-perspectives.
* Hoist server_name check out of process_v2_responseRichard van der Hoff2019-04-041-13/+7
| | | | | It's easier to check it in the caller than to complicate the interface with an extra param.
* Clean up Keyring.process_v2_responseRichard van der Hoff2019-04-041-23/+46
| | | | | | Make this just return the key dict, rather than a single-entry dict mapping the server name to the key dict. It's easy for the caller to get the server name from from the response object anyway.
* Correctly log expected errors when fetching server keysErik Johnston2019-03-111-2/+2
|
* raise_from already raisesErik Johnston2019-02-251-4/+4
|
* Handle errors when fetching remote server keysErik Johnston2019-02-231-21/+51
|
* fix to use makeContext so that we don't need to rebuild the ↵Amber Brown2019-02-191-8/+6
| | | | certificateoptions each time
* Correctly handle RequestSendFailed exceptionsErik Johnston2019-02-141-2/+2
| | | | This mainly reduces the number of exceptions we log.
* Don't create server contexts when TLS is disabledRichard van der Hoff2019-02-111-3/+1
| | | | we aren't going to use them anyway.
* Make add_hashes_and_signatures operate on dictsErik Johnston2019-01-291-10/+6
|
* Refactor event signing to work on dictsErik Johnston2019-01-281-30/+69
| | | | | | This is in preparation for making EventBuilder format agnostic, which means event signing should be done against the event dict rather than the EventBuilder object.
* Don't send IP addresses as SNI (#4452)Richard van der Hoff2019-01-241-3/+12
| | | | | | The problem here is that we have cut-and-pasted an impl from Twisted, and then failed to maintain it. It was fixed in Twisted in https://github.com/twisted/twisted/pull/1047/files; let's do the same here.
* Make key fetches use regular federation client (#4426)Richard van der Hoff2019-01-222-172/+7
| | | | | All this magic is redundant.
* Require ECDH key exchange & remove dh_params (#4429)Amber Brown2019-01-221-2/+4
| | | * remove dh_params and set better cipher string
* Remove fetching keys via the deprecated v1 kex method (#4120)Amber Brown2018-10-312-106/+12
|
* Fix a number of flake8 errorsRichard van der Hoff2018-10-241-1/+1
| | | | | | | | | | | | Broadly three things here: * disable W504 which seems a bit whacko * remove a bunch of `as e` expressions from exception handlers that don't use them * use `r""` for strings which include backslashes Also, we don't use pep8 any more, so we can get rid of the duplicate config there.
* Merge pull request #3826 from matrix-org/rav/logging_for_keyringAmber Brown2018-09-121-6/+18
|\ | | | | add some logging for the keyring queue
| * add some logging for the keyring queueRichard van der Hoff2018-09-061-6/+18
| | | | | | | | why is it so damn slow?
* | Port crypto/ to Python 3 (#3822)Amber Brown2018-09-123-6/+13
|/
* Don't log exceptions when failing to fetch server keysErik Johnston2018-08-211-2/+6
| | | | | Not being able to resolve or connect to remote servers is an expected error, so we shouldn't log at ERROR with stacktraces.
* more generic conversion of str/bytes to unicodeJeroen2018-08-091-1/+1
|
* include private functions from twistedJeroen2018-08-091-2/+35
|
* updated docstring for ServerContextFactoryJeroen2018-08-081-1/+1
|
* fix isortJeroen2018-07-291-2/+3
|
* fix accidental removal of hsJeroen2018-07-271-1/+1
|
* Merge remote-tracking branch 'upstream/develop' into ↵Jeroen2018-07-143-32/+36
|\ | | | | | | | | | | | | send_sni_for_federation_requests # Conflicts: # synapse/crypto/context_factory.py
| * run isortAmber Brown2018-07-094-35/+39
| |
* | Merge branch 'develop' into send_sni_for_federation_requestsJeroen2018-07-091-1/+1
|\| | | | | | | | | # Conflicts: # synapse/http/endpoint.py
| * Attempt to be more performant on PyPy (#3462)Amber Brown2018-06-281-1/+1
| |
* | take idna implementation from twistedJeroen2018-06-261-2/+2
| |
* | allow self-signed certificatesJeroen2018-06-261-23/+35
| |
* | formatting changes for pep8Jeroen2018-06-251-2/+2
| |
* | send SNI for federation requestsJeroen2018-06-243-5/+37
|/
* Try to log more helpful info when a sig verification failsRichard van der Hoff2018-06-081-6/+25
| | | | | | | | Firstly, don't swallow the reason for the failure Secondly, don't assume all exceptions are verification failures Thirdly, log a bit of info about the key being used if debug is enabled
* Fixes #3135 - Replace _OpenSSLECCurve with crypto.get_elliptic_curve (#3157)Will Hunt2018-04-301-4/+5
| | | | | fixes #3135 Signed-off-by: Will Hunt will@half-shot.uk
* Merge remote-tracking branch 'origin/develop' into rav/use_run_in_backgroundRichard van der Hoff2018-04-271-45/+48
|\
| * Improve exception handling for background processesRichard van der Hoff2018-04-271-45/+48
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There were a bunch of places where we fire off a process to happen in the background, but don't have any exception handling on it - instead relying on the unhandled error being logged when the relevent deferred gets garbage-collected. This is unsatisfactory for a number of reasons: - logging on garbage collection is best-effort and may happen some time after the error, if at all - it can be hard to figure out where the error actually happened. - it is logged as a scary CRITICAL error which (a) I always forget to grep for and (b) it's not really CRITICAL if a background process we don't care about fails. So this is an attempt to add exception handling to everything we fire off into the background.
* | Use run_in_background in preference to preserve_fnRichard van der Hoff2018-04-271-11/+17
|/ | | | | | While I was going through uses of preserve_fn for other PRs, I converted places which only use the wrapped function once to use run_in_background, to avoid creating the function object.
* Use str(e) instead of e.messageAdrian Tschira2018-04-151-4/+4
| | | | | | | Doing this I learned e.message was pretty shortlived, added in 2.6, they realized it was a bad idea and deprecated it in 2.7 Signed-off-by: Adrian Tschira <nota@notafile.com>
* Fix 500 when joining matrix-devRichard van der Hoff2017-11-291-3/+10
| | | | | | | matrix-dev has an event (`$/6ANj/9QWQyd71N6DpRQPf+SDUu11+HVMeKSpMzBCwM:zemos.net`) which has no `hashes` member. Check for missing `hashes` element in events.
* replace 'except:' with 'except Exception:'Richard van der Hoff2017-10-233-3/+3
| | | | what could possibly go wrong
* Merge branch 'develop' into developRichard van der Hoff2017-09-252-136/+166
|\
| * Fix logcontxt leak in keyclient (#2465)Richard van der Hoff2017-09-251-12/+5
| | | | | | preserve_context_over_function doesn't do what you want it to do.
| * Fix logcontext handling in verify_json_objects_for_serverRichard van der Hoff2017-09-201-8/+12
| | | | | | | | | | | | | | | | | | | | | | | | preserve_context_over_fn is essentially broken, because (a) it pointlessly drops the current logcontext before calling its wrapped function, which means we don't get any useful logcontexts for _handle_key_deferred; (b) it wraps the resulting deferred in a _PreservingContextDeferred, which is very dangerous because you then can't yield on it without leaking context back into the reactor. Instead, let's specify that the resultant deferreds call their callbacks with no logcontext.
| * Turn _start_key_lookups into an inlineCallbacks functionRichard van der Hoff2017-09-201-40/+37
| | | | | | | | | | | | | | | | | | | | | | ... which means that logcontexts can be correctly preserved for the stuff it does. get_server_verify_keys is now called with the logcontext, so needs to preserve_fn when it fires off its nested inlineCallbacks function. Also renames get_server_verify_keys to reflect the fact it's meant to be private.
| * Fix potential race in _start_key_lookupsRichard van der Hoff2017-09-201-5/+8
| | | | | | | | | | | | | | | | | | If the verify_request.deferred has already completed, then `remove_deferreds` will be called immediately. It therefore might resolve the server_to_deferred deferred while there are still other requests for that server in flight. To avoid that, we should build the complete list of requests, and *then* add the callbacks.
| * Add some comments to _start_key_lookupsRichard van der Hoff2017-09-201-0/+8
| |
| * Consistency for how verify_request.deferred is calledRichard van der Hoff2017-09-201-13/+17
| | | | | | | | | | | | | | | | | | | | Define that it is run with no log context, and make sure that happens. If we aren't careful to reset the logcontext, we can't bung the deferreds into defer.gatherResults etc. We don't actually do that directly, but we *do* resolve other deferreds from affected callbacks (notably the server_to_deferred map in _start_key_lookups), and those *do* get passed into defer.gatherResults. It turns out that this way ends up being least confusing.
| * Factor out _start_key_lookupsRichard van der Hoff2017-09-201-7/+17
| | | | | | | | ... to make it easier to see what's going on.
| * Replace `server_and_json` with `verify_requests`Richard van der Hoff2017-09-201-3/+3
| | | | | | | | This is a precursor to factoring some of this code out.
| * pull out handle_key_deferred to top levelRichard van der Hoff2017-09-201-43/+44
| | | | | | | | | | | | There's no need for this to be a nested definition; pulling it out not only makes it more efficient, but makes it easier to check that it's not accessing any local variables it shouldn't be.
| * Fix incorrect key_ids in error messageRichard van der Hoff2017-09-201-1/+1
| |
| * Fix concurrent server_key requests (#2458)Richard van der Hoff2017-09-191-1/+3
| | | | | | | | Fix a bug where we could end up firing off multiple requests for server_keys for the same server at the same time.
| * Clean up and document handling of logcontexts in Keyring (#2452)Richard van der Hoff2017-09-181-28/+36
| | | | | | | | | | | | I'm still unclear on what the intended behaviour for `verify_json_objects_for_server` is, but at least I now understand the behaviour of most of the things it calls...
* | Fix iteration of requests_missing_keys; list doesn't have .values()Kenny Keslar2017-07-261-1/+1
|/ | | | Signed-off-by: Kenny Keslar <r3dey3@r3dey3.com>
* Merge pull request #2050 from matrix-org/rav/federation_backoffRichard van der Hoff2017-03-231-23/+16
|\ | | | | push federation retry limiter down to matrixfederationclient
| * push federation retry limiter down to matrixfederationclientRichard van der Hoff2017-03-231-23/+16
| | | | | | | | | | rather than having to instrument everywhere we make a federation call, make the MatrixFederationHttpClient manage the retry limiter.
* | fix up some key verif docstringsRichard van der Hoff2017-03-211-2/+21
|/
* Add some debug to help diagnose weird federation issueRichard van der Hoff2017-03-201-1/+8
|
* Preserve some logcontextsErik Johnston2016-08-241-18/+18
|
* Update keyring MeasureErik Johnston2016-08-191-85/+85
|
* Measure keyringsErik Johnston2016-08-191-34/+36
|
* Don't print stack traces when failing to get remote keysErik Johnston2016-08-101-12/+16
|
* Merge branch 'erikj/key_client_fix' of github.com:matrix-org/synapse into ↵Erik Johnston2016-07-281-3/+9
|\ | | | | | | release-v0.17.0
| * Cache getPeerErik Johnston2016-07-211-2/+5
| |
| * Set host not pathErik Johnston2016-07-211-1/+1
| |
| * Send the correct host header when fetching keysErik Johnston2016-07-211-3/+6
| |
* | Merge branch 'develop' into markjh/verifyMark Haines2016-07-271-2/+9
|\ \ | | | | | | | | | | | | Conflicts: synapse/crypto/keyring.py
| * \ Merge pull request #955 from matrix-org/markjh/only_from2Mark Haines2016-07-271-2/+9
| |\ \ | | | | | | | | Add a couple more checks to the keyring
| | * | Add a couple more checks to the keyringMark Haines2016-07-261-2/+9
| | |/
| * / Fix a couple of bugs in the transaction and keyring codeMark Haines2016-07-261-8/+9
| |/
* / Clean up verify_json_objects_for_serverMark Haines2016-07-271-68/+75
|/
* Uncommit accidentally commited edit to cipher listDavid Baker2016-05-101-1/+1
|
* Pass through _get_event_txnDavid Baker2016-05-101-1/+1
|
* Make key client send a Host headerErik Johnston2016-03-111-0/+3
|
* Fix up logcontextsErik Johnston2016-02-081-37/+46
|
* copyrightsMatthew Hodgson2016-01-075-5/+5
|
* Actually look up required remote server key IDsPaul "LeoNerd" Evans2015-12-181-1/+3
| | | | | | set.union() is a side-effect-free function that returns the union of two sets. This clearly wanted .update(), which is the side-effecting mutator version.
* Fix typoErik Johnston2015-11-201-1/+1
|
* Don't limit connections to perspective serversErik Johnston2015-11-201-21/+17
|
* Fix bug where we sometimes didn't fetch all the keys requested for aErik Johnston2015-09-171-4/+3
| | | | server.
* Merge pull request #272 from matrix-org/daniel/insecureclientDaniel Wagner-Hall2015-09-151-2/+2
|\ | | | | Allow configuration to ignore invalid SSL certs
| * Allow configuration to ignore invalid SSL certsDaniel Wagner-Hall2015-09-091-2/+2
| | | | | | | | | | This will be useful for sytest, and sytest only, hence the aggressive config key name.
* | Various bug fixes to crypto.keyringErik Johnston2015-09-091-10/+17
|/
* Remove syutil dependency in favour of smaller single-purpose librariesMark Haines2015-08-242-13/+14
|
* Merge pull request #194 from matrix-org/erikj/bulk_verify_sigsErik Johnston2015-07-101-131/+342
|\ | | | | Implement bulk verify_signed_json API
| * Wait for previous attempts at fetching keys for a given server before trying ↵Erik Johnston2015-06-261-15/+68
| | | | | | | | to fetch more
| * Implement bulk verify_signed_json APIErik Johnston2015-06-261-134/+292
| |
* | remove the tls_certificate_chain_path param and simply support ↵Matthew Hodgson2015-07-091-3/+1
| | | | | | | | tls_certificate_path pointing to a file containing a chain of certificates
* | oops, context.tls_certificate_chain_file() expects a file, not a certificate.Matthew Hodgson2015-07-081-2/+2
| |
* | typoMatthew Hodgson2015-07-081-1/+1
| |
* | add new optional config for tls_certificate_chain_path for folks with ↵Matthew Hodgson2015-07-081-0/+2
|/ | | | intermediary SSL certs
* Handle the case when things return empty but non none thingsErik Johnston2015-05-191-2/+2
|
* Don't always hit get_server_verify_key_v1_directErik Johnston2015-05-191-5/+10
|
* SYN-383: Actually, we expect this value to be a dictErik Johnston2015-05-191-1/+2
|
* SYN-383: Handle the fact the server might not have signed thingsErik Johnston2015-05-191-1/+1
|
* Don't reuse var namesErik Johnston2015-05-191-2/+2
|
* SYN-383: Fix parsing of verify_keys and catching of _DefGen_ReturnErik Johnston2015-05-191-18/+18
|
* SYN-383: Extract the response list from 'server_keys' in the response JSON ↵Mark Haines2015-05-191-1/+3
| | | | as it might work better than iterating over the top level dict
* Merge pull request #143 from matrix-org/erikj/SYN-375Mark Haines2015-05-121-2/+6
|\ | | | | SYN-375 - Lots of unhandled deferred exceptions.
| * Change the way we create observers to deferreds so that we don't get spammed ↵Erik Johnston2015-05-081-2/+6
| | | | | | | | by 'unhandled errors'
* | Change the way we do logging contexts so that they survive divergencesErik Johnston2015-05-081-6/+11
|/
* Use a defer.gatherResults to collect results from the perspective serversMark Haines2015-04-291-11/+21
|
* Update the query format used by keyring to match current key v2 specMark Haines2015-04-291-1/+12
|
* Implement minimum_valid_until_ts in the remote key resourceMark Haines2015-04-291-0/+1
|
* Merge branch 'develop' into key_distributionMark Haines2015-04-271-0/+20
|\ | | | | | | | | Conflicts: synapse/crypto/keyring.py
| * Fix newlinesErik Johnston2015-04-271-2/+1
| |
| * Pull inner function out.Erik Johnston2015-04-271-76/+77
| |
| * Implement locks using create_observer for fetching media and server keysErik Johnston2015-04-271-59/+79
| |
* | Add config for setting the perspective serversMark Haines2015-04-241-1/+5
| |
* | Update to match the specification for key/v2Mark Haines2015-04-231-2/+2
| |
* | Implement remote key lookup apiMark Haines2015-04-222-38/+43
| |
* | Implement v2 key lookupMark Haines2015-04-201-17/+251
| |
* | Fail quicker for 4xx responses in the key client, optional hit a different ↵Mark Haines2015-04-151-6/+31
|/ | | | API path
* Don't look for an TLS private key if we have set --no-tlsErik Johnston2015-03-061-1/+4
|
* Log error message when we fail to fetch remote server keysErik Johnston2015-03-051-2/+11
|
* Try to only back off if we think we failed to connect to the remoteErik Johnston2015-02-171-54/+54
|
* Add per server retry limiting.Erik Johnston2015-02-171-15/+7
| | | | | Factor out the pre destination retry logic from TransactionQueue so it can be reused in both get_pdu and crypto.keyring
* Rate limit retries when fetching server keys.Erik Johnston2015-02-171-55/+71
|
* Blunty replace json with simplejsonErik Johnston2015-02-111-1/+1
|
* Fix code-styleMark Haines2015-02-101-2/+2
|
* Fix bug in timeout handling in keyclientErik Johnston2015-01-301-3/+4
|
* Update copyright noticesMark Haines2015-01-065-5/+5
|
* Try and figure out how and why signatures are being changed.Erik Johnston2014-12-101-1/+2
|
* More bug fixesErik Johnston2014-12-081-1/+1
|
* Convert rest and handlers to use new event structureErik Johnston2014-12-041-1/+1
|
* WIP for new way of managing events.Erik Johnston2014-12-031-18/+21
|
* Merge branch 'develop' into http_client_refactorDavid Baker2014-11-202-3/+3
|\
| * Use module loggers rather than the root logger. Exceptions caused by bad ↵Mark Haines2014-11-201-1/+1
| | | | | | | | clients shouldn't cause ERROR level logging. Fix sql logging to use 'repr' rather than 'str'
| * Add a few missing yields, Move deferred lists inside PreserveLoggingContext ↵Mark Haines2014-11-201-2/+2
| | | | | | | | because they don't interact well with the logging contexts
* | Separate out the matrix http client completely because just about all of its ↵David Baker2014-11-201-3/+3
|/ | | | code it now separate from the simple case we need for standard HTTP(S)
* Merge PDUs and Events into one objectMark Haines2014-11-141-12/+3
|
* Fix PDU and event signaturesMark Haines2014-11-141-1/+10
|
* Validate signatures on incoming eventsMark Haines2014-11-141-4/+14
|
* Merge branch 'develop' into request_loggingMark Haines2014-11-141-0/+98
|\ | | | | | | | | | | | | Conflicts: setup.py synapse/storage/_base.py synapse/util/async.py
| * Tidy up some of the unused sql tablesErik Johnston2014-11-101-2/+0
| |
| * Finish redaction algorithm.Erik Johnston2014-11-101-5/+2
| |
| * Add hash of current state to eventsErik Johnston2014-11-071-1/+10
| |
| * Fix bugs in generating event signatures and hashingErik Johnston2014-11-031-62/+38
| |
| * Don't assume event has hashes key alreadyErik Johnston2014-11-031-0/+2
| |
| * Sign evnetsErik Johnston2014-10-311-0/+20
| |
| * Make prev_event signing work again.Erik Johnston2014-10-311-1/+12
| |
| * Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2014-10-304-5/+3
| |\ | | | | | | | | | federation_authorization
| * | fix pyflakes warningsMark Haines2014-10-271-4/+4
| | |
| * | Merge branch 'develop' into event_signingMark Haines2014-10-273-2/+5
| |\ \
| * | | Remove signatures from pdu when computing hashes to use for prev pdus, make ↵Mark Haines2014-10-171-1/+5
| | | | | | | | | | | | | | | | sure is_state is a boolean.
| * | | Rename 'meta' to 'unsigned'Mark Haines2014-10-171-1/+3
| | | |
| * | | Hash the same content covered by the signature when referencing previous ↵Mark Haines2014-10-171-5/+14
| | | | | | | | | | | | | | | | PDUs rather than reusing the PDU content hashes
| * | | Sign outgoing PDUs.Mark Haines2014-10-161-2/+2
| | | |
| * | | persist hashes and origin signatures for PDUsMark Haines2014-10-151-0/+70
| | | |
* | | | Merge branch 'develop' into request_loggingMark Haines2014-10-304-5/+3
|\ \ \ \ | | |_|/ | |/| | | | | | | | | | Conflicts: synapse/config/logger.py
| * | | Fix pep8 warningsMark Haines2014-10-304-5/+3
| | |/ | |/|
* / | Add a request-id to each log lineMark Haines2014-10-301-4/+6
|/ /
* | Fix pyflakes warningsMark Haines2014-10-271-1/+0
| |
* | Add log message if we can't enable ECC. Require pyopenssl>=0.14 since 0.13 ↵Mark Haines2014-10-241-1/+4
| | | | | | | | doesn't seem to have ECC
* | add log line for checking verifying signaturesMark Haines2014-10-171-0/+1
|/
* Better response message when signature is missing or unsupportedMark Haines2014-10-131-1/+1
|
* Respond with more helpful error messages for unsigned requestsMark Haines2014-10-132-4/+33
|
* SYN-75 Verify signatures on server to server transactionsMark Haines2014-09-304-172/+154
|
* Add a _matrix/key/v1 resource with the verification keys of the local serverMark Haines2014-09-231-161/+0
|
* fix the copyright holder from matrix.org to OpenMarket Ltd, as matrix.org ↵Matthew Hodgson2014-09-036-6/+6
| | | | hasn't been incorporated in time for launch.
* Add copyright notices and fix pyflakes errorsMark Haines2014-09-031-1/+15
|
* enable ECDHE ciphersMark Haines2014-09-011-0/+6
|
* Add server TLS context factoryMark Haines2014-09-011-0/+23
|
* Add config tree to synapse. Add support for reading config from a fileMark Haines2014-08-311-160/+0
|
* add in whitespace after copyright statements to improve legibilityMatthew Hodgson2014-08-136-0/+6
|
* Reference Matrix Home Servermatrix.org2014-08-126-0/+575