summary refs log tree commit diff
path: root/synapse/http/endpoint.py (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Set SNI to the server_name, not whatever was in the SRV recordRichard van der Hoff2018-09-181-3/+10
| | | | Fixes #3843
* Merge remote-tracking branch 'upstream/develop' into ↵Jeroen2018-07-141-7/+5
|\ | | | | | | | | | | | | send_sni_for_federation_requests # Conflicts: # synapse/crypto/context_factory.py
| * run isortAmber Brown2018-07-091-7/+5
| |
* | Merge branch 'develop' into send_sni_for_federation_requestsJeroen2018-07-091-11/+78
|\| | | | | | | | | # Conflicts: # synapse/http/endpoint.py
| * More server_name validationRichard van der Hoff2018-07-041-5/+42
| | | | | | | | | | | | | | | | We need to do a bit more validation when we get a server name, but don't want to be re-doing it all over the shop, so factor out a separate parse_and_validate_server_name, and do the extra validation. Also, use it to verify the server name in the config file.
| * Reject invalid server names (#3480)Richard van der Hoff2018-07-031-3/+31
| | | | | | | | | | Make sure that server_names used in auth headers are sane, and reject them with a sensible error code, before they disappear off into the depths of the system.
| * Need to pass reactor to endpoint facErik Johnston2018-06-251-1/+1
| |
| * Remove all global reactor imports & pass it around explicitly (#3424)Amber Brown2018-06-251-7/+9
| |
* | allow self-signed certificatesJeroen2018-06-261-1/+1
| |
* | formatting changes for pep8Jeroen2018-06-251-1/+2
| |
* | send SNI for federation requestsJeroen2018-06-241-6/+5
|/
* Merge pull request #3182 from Half-Shot/hs/fix-twisted-shutdownRichard van der Hoff2018-05-031-3/+8
|\ | | | | Fix 'Unhandled Error' logs with Twisted 18.4
| * Don't abortConnection() if the transport connection has already closed.Will Hunt2018-05-031-3/+8
| |
* | more bytes stringsAdrian Tschira2018-04-291-1/+1
| | | | | | | | Signed-off-by: Adrian Tschira <nota@notafile.com>
* | Remove address resolution of hosts in SRV recordsSilke2018-04-041-95/+8
| | | | | | | | Signed-off-by: Silke Hofstra <silke@slxh.eu>
* | Remove spurious log argumentRichard van der Hoff2018-01-301-2/+1
| | | | | | | | ... which would cause scary-looking and unhelpful errors in the log on dns fail
* | Fix error handling on dns lookupRichard van der Hoff2017-11-241-2/+4
| | | | | | | | | | | | pass the right arguments to the errback handler Fixes "TypeError('eb() takes exactly 2 arguments (1 given)',)"
* | Handle SERVFAILs when doing AAAA lookups for federation (#2477)Richard van der Hoff2017-09-281-5/+17
| | | | | | | | | | ... to cope with people with broken dnssec setups, mostly
* | Do an AAAA lookup on SRV record targets (#2462)Richard van der Hoff2017-09-221-20/+96
|/ | | | | Support SRV records which point at AAAA records, as well as A records. Fixes https://github.com/matrix-org/synapse/issues/2405
* Merge branch 'release-v0.18.6' into developMark Haines2016-12-291-4/+66
|\
| * Manually abort the underlying TLS connection.Mark Haines2016-12-291-2/+10
| | | | | | | | | | | | | | | | | | | | | | | | The abort() method calls loseConnection() which tries to shutdown the TLS connection cleanly. We now call abortConnection() directly which should promptly close both the TLS connection and the underlying TCP connection. I also added some TODO markers to consider cancelling the old previous timeout rather than checking time.time(). But given how urgently we want to get this code released I'd rather leave the existing code with the duplicate timeouts and the time.time() check.
| * Spelling and commentsErik Johnston2016-12-291-4/+6
| |
| * Clean upErik Johnston2016-12-291-2/+4
| |
| * Wrap connections in an N minute timeout to ensure they get reaped correctlyErik Johnston2016-12-291-4/+54
| |
* | Fixup for #1689 and #1690Johannes Löthberg2016-12-121-4/+6
| | | | | | | | Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
* | IPv6 support for endpoint.pyGlyph2016-12-111-4/+4
|/ | | Similar to https://github.com/matrix-org/synapse/pull/1689, but for endpoint.py
* add a url_preview_ip_range_whitelist config param so we can whitelist the ↵Matthew Hodgson2016-05-011-5/+9
| | | | matrix.org IP space
* Merge pull request #688 from matrix-org/matthew/preview_urlsMatthew Hodgson2016-04-111-2/+33
|\ | | | | URL previewing support
| * Add url_preview_enabled config option to turn on/off preview_url endpoint. ↵Matthew Hodgson2016-04-081-2/+33
| | | | | | | | | | | | | | | | | | defaults to off. Add url_preview_ip_range_blacklist to let admins specify internal IP ranges that must not be spidered. Add url_preview_url_blacklist to let admins specify URL patterns that must not be spidered. Implement a custom SpiderEndpoint and associated support classes to implement url_preview_ip_range_blacklist Add commentary and generally address PR feedback
* | Allow clock to be passed in to funcErik Johnston2016-03-311-3/+3
| |
* | Read from DNS cache if within TTLErik Johnston2016-03-311-16/+23
|/
* Fix AttributeErrorErik Johnston2016-01-211-1/+1
|
* Cache dns lookups, and use the cache if we fail to lookup servers laterErik Johnston2016-01-201-30/+71
|
* copyrightsMatthew Hodgson2016-01-071-1/+1
|
* Update copyright noticesMark Haines2015-01-061-1/+1
|
* Fix pep8 and pyflakes warningsMark Haines2014-11-201-1/+1
|
* Separate out the matrix http client completely because just about all of its ↵David Baker2014-11-201-1/+1
| | | | code it now separate from the simple case we need for standard HTTP(S)
* fix the copyright holder from matrix.org to OpenMarket Ltd, as matrix.org ↵Matthew Hodgson2014-09-031-1/+1
| | | | hasn't been incorporated in time for launch.
* Update default endpoint port to match the default ports in the configErik Johnston2014-09-021-2/+2
|
* Fix SSL for federation http clientMark Haines2014-09-011-1/+1
|
* add in whitespace after copyright statements to improve legibilityMatthew Hodgson2014-08-131-0/+1
|
* Reference Matrix Home Servermatrix.org2014-08-121-0/+171