summary refs log tree commit diff
path: root/synapse/crypto (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Actually look up required remote server key IDsPaul "LeoNerd" Evans2015-12-181-1/+3
| | | | | | set.union() is a side-effect-free function that returns the union of two sets. This clearly wanted .update(), which is the side-effecting mutator version.
* Fix typoErik Johnston2015-11-201-1/+1
|
* Don't limit connections to perspective serversErik Johnston2015-11-201-21/+17
|
* Fix bug where we sometimes didn't fetch all the keys requested for aErik Johnston2015-09-171-4/+3
| | | | server.
* Merge pull request #272 from matrix-org/daniel/insecureclientDaniel Wagner-Hall2015-09-151-2/+2
|\ | | | | Allow configuration to ignore invalid SSL certs
| * Allow configuration to ignore invalid SSL certsDaniel Wagner-Hall2015-09-091-2/+2
| | | | | | | | | | This will be useful for sytest, and sytest only, hence the aggressive config key name.
* | Various bug fixes to crypto.keyringErik Johnston2015-09-091-10/+17
|/
* Remove syutil dependency in favour of smaller single-purpose librariesMark Haines2015-08-242-13/+14
|
* Merge pull request #194 from matrix-org/erikj/bulk_verify_sigsErik Johnston2015-07-101-131/+342
|\ | | | | Implement bulk verify_signed_json API
| * Wait for previous attempts at fetching keys for a given server before trying ↵Erik Johnston2015-06-261-15/+68
| | | | | | | | to fetch more
| * Implement bulk verify_signed_json APIErik Johnston2015-06-261-134/+292
| |
* | remove the tls_certificate_chain_path param and simply support ↵Matthew Hodgson2015-07-091-3/+1
| | | | | | | | tls_certificate_path pointing to a file containing a chain of certificates
* | oops, context.tls_certificate_chain_file() expects a file, not a certificate.Matthew Hodgson2015-07-081-2/+2
| |
* | typoMatthew Hodgson2015-07-081-1/+1
| |
* | add new optional config for tls_certificate_chain_path for folks with ↵Matthew Hodgson2015-07-081-0/+2
|/ | | | intermediary SSL certs
* Handle the case when things return empty but non none thingsErik Johnston2015-05-191-2/+2
|
* Don't always hit get_server_verify_key_v1_directErik Johnston2015-05-191-5/+10
|
* SYN-383: Actually, we expect this value to be a dictErik Johnston2015-05-191-1/+2
|
* SYN-383: Handle the fact the server might not have signed thingsErik Johnston2015-05-191-1/+1
|
* Don't reuse var namesErik Johnston2015-05-191-2/+2
|
* SYN-383: Fix parsing of verify_keys and catching of _DefGen_ReturnErik Johnston2015-05-191-18/+18
|
* SYN-383: Extract the response list from 'server_keys' in the response JSON ↵Mark Haines2015-05-191-1/+3
| | | | as it might work better than iterating over the top level dict
* Merge pull request #143 from matrix-org/erikj/SYN-375Mark Haines2015-05-121-2/+6
|\ | | | | SYN-375 - Lots of unhandled deferred exceptions.
| * Change the way we create observers to deferreds so that we don't get spammed ↵Erik Johnston2015-05-081-2/+6
| | | | | | | | by 'unhandled errors'
* | Change the way we do logging contexts so that they survive divergencesErik Johnston2015-05-081-6/+11
|/
* Use a defer.gatherResults to collect results from the perspective serversMark Haines2015-04-291-11/+21
|
* Update the query format used by keyring to match current key v2 specMark Haines2015-04-291-1/+12
|
* Implement minimum_valid_until_ts in the remote key resourceMark Haines2015-04-291-0/+1
|
* Merge branch 'develop' into key_distributionMark Haines2015-04-271-0/+20
|\ | | | | | | | | Conflicts: synapse/crypto/keyring.py
| * Fix newlinesErik Johnston2015-04-271-2/+1
| |
| * Pull inner function out.Erik Johnston2015-04-271-76/+77
| |
| * Implement locks using create_observer for fetching media and server keysErik Johnston2015-04-271-59/+79
| |
* | Add config for setting the perspective serversMark Haines2015-04-241-1/+5
| |
* | Update to match the specification for key/v2Mark Haines2015-04-231-2/+2
| |
* | Implement remote key lookup apiMark Haines2015-04-222-38/+43
| |
* | Implement v2 key lookupMark Haines2015-04-201-17/+251
| |
* | Fail quicker for 4xx responses in the key client, optional hit a different ↵Mark Haines2015-04-151-6/+31
|/ | | | API path
* Don't look for an TLS private key if we have set --no-tlsErik Johnston2015-03-061-1/+4
|
* Log error message when we fail to fetch remote server keysErik Johnston2015-03-051-2/+11
|
* Try to only back off if we think we failed to connect to the remoteErik Johnston2015-02-171-54/+54
|
* Add per server retry limiting.Erik Johnston2015-02-171-15/+7
| | | | | Factor out the pre destination retry logic from TransactionQueue so it can be reused in both get_pdu and crypto.keyring
* Rate limit retries when fetching server keys.Erik Johnston2015-02-171-55/+71
|
* Blunty replace json with simplejsonErik Johnston2015-02-111-1/+1
|
* Fix code-styleMark Haines2015-02-101-2/+2
|
* Fix bug in timeout handling in keyclientErik Johnston2015-01-301-3/+4
|
* Update copyright noticesMark Haines2015-01-065-5/+5
|
* Try and figure out how and why signatures are being changed.Erik Johnston2014-12-101-1/+2
|
* More bug fixesErik Johnston2014-12-081-1/+1
|
* Convert rest and handlers to use new event structureErik Johnston2014-12-041-1/+1
|
* WIP for new way of managing events.Erik Johnston2014-12-031-18/+21
|
* Merge branch 'develop' into http_client_refactorDavid Baker2014-11-202-3/+3
|\
| * Use module loggers rather than the root logger. Exceptions caused by bad ↵Mark Haines2014-11-201-1/+1
| | | | | | | | clients shouldn't cause ERROR level logging. Fix sql logging to use 'repr' rather than 'str'
| * Add a few missing yields, Move deferred lists inside PreserveLoggingContext ↵Mark Haines2014-11-201-2/+2
| | | | | | | | because they don't interact well with the logging contexts
* | Separate out the matrix http client completely because just about all of its ↵David Baker2014-11-201-3/+3
|/ | | | code it now separate from the simple case we need for standard HTTP(S)
* Merge PDUs and Events into one objectMark Haines2014-11-141-12/+3
|
* Fix PDU and event signaturesMark Haines2014-11-141-1/+10
|
* Validate signatures on incoming eventsMark Haines2014-11-141-4/+14
|
* Merge branch 'develop' into request_loggingMark Haines2014-11-141-0/+98
|\ | | | | | | | | | | | | Conflicts: setup.py synapse/storage/_base.py synapse/util/async.py
| * Tidy up some of the unused sql tablesErik Johnston2014-11-101-2/+0
| |
| * Finish redaction algorithm.Erik Johnston2014-11-101-5/+2
| |
| * Add hash of current state to eventsErik Johnston2014-11-071-1/+10
| |
| * Fix bugs in generating event signatures and hashingErik Johnston2014-11-031-62/+38
| |
| * Don't assume event has hashes key alreadyErik Johnston2014-11-031-0/+2
| |
| * Sign evnetsErik Johnston2014-10-311-0/+20
| |
| * Make prev_event signing work again.Erik Johnston2014-10-311-1/+12
| |
| * Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2014-10-304-5/+3
| |\ | | | | | | | | | federation_authorization
| * | fix pyflakes warningsMark Haines2014-10-271-4/+4
| | |
| * | Merge branch 'develop' into event_signingMark Haines2014-10-273-2/+5
| |\ \
| * | | Remove signatures from pdu when computing hashes to use for prev pdus, make ↵Mark Haines2014-10-171-1/+5
| | | | | | | | | | | | | | | | sure is_state is a boolean.
| * | | Rename 'meta' to 'unsigned'Mark Haines2014-10-171-1/+3
| | | |
| * | | Hash the same content covered by the signature when referencing previous ↵Mark Haines2014-10-171-5/+14
| | | | | | | | | | | | | | | | PDUs rather than reusing the PDU content hashes
| * | | Sign outgoing PDUs.Mark Haines2014-10-161-2/+2
| | | |
| * | | persist hashes and origin signatures for PDUsMark Haines2014-10-151-0/+70
| | | |
* | | | Merge branch 'develop' into request_loggingMark Haines2014-10-304-5/+3
|\ \ \ \ | | |_|/ | |/| | | | | | | | | | Conflicts: synapse/config/logger.py
| * | | Fix pep8 warningsMark Haines2014-10-304-5/+3
| | |/ | |/|
* / | Add a request-id to each log lineMark Haines2014-10-301-4/+6
|/ /
* | Fix pyflakes warningsMark Haines2014-10-271-1/+0
| |
* | Add log message if we can't enable ECC. Require pyopenssl>=0.14 since 0.13 ↵Mark Haines2014-10-241-1/+4
| | | | | | | | doesn't seem to have ECC
* | add log line for checking verifying signaturesMark Haines2014-10-171-0/+1
|/
* Better response message when signature is missing or unsupportedMark Haines2014-10-131-1/+1
|
* Respond with more helpful error messages for unsigned requestsMark Haines2014-10-132-4/+33
|
* SYN-75 Verify signatures on server to server transactionsMark Haines2014-09-304-172/+154
|
* Add a _matrix/key/v1 resource with the verification keys of the local serverMark Haines2014-09-231-161/+0
|
* fix the copyright holder from matrix.org to OpenMarket Ltd, as matrix.org ↵Matthew Hodgson2014-09-036-6/+6
| | | | hasn't been incorporated in time for launch.
* Add copyright notices and fix pyflakes errorsMark Haines2014-09-031-1/+15
|
* enable ECDHE ciphersMark Haines2014-09-011-0/+6
|
* Add server TLS context factoryMark Haines2014-09-011-0/+23
|
* Add config tree to synapse. Add support for reading config from a fileMark Haines2014-08-311-160/+0
|
* add in whitespace after copyright statements to improve legibilityMatthew Hodgson2014-08-136-0/+6
|
* Reference Matrix Home Servermatrix.org2014-08-126-0/+575