parent
9fc0aad567
commit
3bcbabc9fb
|
@ -261,11 +261,11 @@ def _print_ex(e):
|
|||
logger.exception(e)
|
||||
|
||||
|
||||
class WoefullyInsecureContextFactory(ssl.ContextFactory):
|
||||
class InsecureInterceptableContextFactory(ssl.ContextFactory):
|
||||
"""
|
||||
Factory for PyOpenSSL SSL contexts which does absolutely no certificate verification.
|
||||
Factory for PyOpenSSL SSL contexts which accepts any certificate for any domain.
|
||||
|
||||
Do not use this unless you really, really hate your users.
|
||||
Do not use this since it allows an attacker to intercept your communications.
|
||||
"""
|
||||
|
||||
def __init__(self):
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
# Imports required for the default HomeServer() implementation
|
||||
from twisted.web.client import BrowserLikePolicyForHTTPS
|
||||
from synapse.federation import initialize_http_replication
|
||||
from synapse.http.client import SimpleHttpClient, WoefullyInsecureContextFactory
|
||||
from synapse.http.client import SimpleHttpClient, InsecureInterceptableContextFactory
|
||||
from synapse.notifier import Notifier
|
||||
from synapse.api.auth import Auth
|
||||
from synapse.handlers import Handlers
|
||||
|
@ -181,7 +181,7 @@ class HomeServer(BaseHomeServer):
|
|||
def build_http_client_context_factory(self):
|
||||
config = self.get_config()
|
||||
return (
|
||||
WoefullyInsecureContextFactory() if config.use_insecure_ssl_client
|
||||
InsecureInterceptableContextFactory() if config.use_insecure_ssl_client
|
||||
else BrowserLikePolicyForHTTPS()
|
||||
)
|
||||
|
||||
|
|
Loading…
Reference in New Issue