OpenCloud
/
MatrixSynapse
mirror of https://github.com/matrix-org/synapse
1
0
Fork 0
Code Issues Releases Wiki Activity
22,390 Commits
842 Branches
671 Tags
284 MiB
Commit Graph

48 Commits (3b0083c92adf76daf4161908565de9e5efc08074)

Author SHA1 Message Date
Patrick Cloke 0f9adc99ad
Add missing type hints to synapse.crypto. (#11146) 
And require type hints for this module.
 2021-10-21 13:07:07 +00:00
Patrick Cloke bb7fdd821b
Use direct references for configuration variables (part 5). (#10897) 2021-09-24 07:25:21 -04:00
Patrick Cloke 8c7a531e27
Use direct references for some configuration variables (part 2) (#10812) 2021-09-15 08:34:52 -04:00
Jonathan de Jong 4c3827f2c1
Enable addtional flake8-bugbear linting checks. (#9659) 2021-03-24 09:34:30 -04:00
Jonathan de Jong 27d2820c33
Enable flake8-bugbear, but disable most checks. (#9499) 
* Adds B00 to ignored checks.
* Fixes remaining issues.
 2021-03-16 14:19:27 -04:00
Erik Johnston 54a6afeee3
Cache config options in SSL verification (#9255) 
Reading from the config object is *slow*.
 2021-01-28 17:38:59 +00:00
Patrick Cloke 1c9a850562
Add type hints to the crypto module. (#8999) 2021-01-04 10:04:50 -05:00
Patrick Cloke 34a5696f93
Fix typos and spelling errors. (#8639) 2020-10-23 12:38:40 -04:00
Richard van der Hoff 4f3096d866 Add a comment re #1691 2020-09-21 12:34:06 +01:00
Patrick Cloke c619253db8
Stop sub-classing object (#8249) 2020-09-04 06:54:56 -04:00
Richard van der Hoff de6f892065
Add a comment about SSLv23_METHOD (#8043) 2020-08-07 15:14:29 +01:00
Richard van der Hoff c37db0211e
Share SSL contexts for non-federation requests (#7094) 
Extends #5794 etc to the SimpleHttpClient so that it also applies to non-federation requests.

Fixes #7092.
 2020-03-17 21:32:25 +00:00
Amber Brown 850dcfd2d3
Fix well-known lookups with the federation certificate whitelist (#5997) 2019-09-14 04:58:38 +10:00
Erik Johnston a9bcae9f50 Share SSL options for well-known requests 2019-07-31 10:39:24 +01:00
Amber Brown be3b901ccd
Update the TLS cipher string and provide configurability for TLS on outgoing federation (#5550) 2019-06-28 18:19:09 +10:00
Richard van der Hoff 81b8fdedf2 rename gutwrenched attr 2019-06-10 17:51:11 +01:00
Richard van der Hoff efe7b3176e Fix federation connections to literal IP addresses 
turns out we need a shiny version of service_identity to enforce this
correctly.
 2019-06-10 15:58:35 +01:00
Richard van der Hoff d11c634ced clean up impl, and import idna directly 2019-06-10 15:55:12 +01:00
Richard van der Hoff c2b6e945e1 Share an SSL context object between SSL connections 
This involves changing how the info callbacks work.
 2019-06-09 14:01:32 +01:00
Andrew Morgan 6824ddd93d Config option for verifying federation certificates (MSC 1711) (#4967) 2019-04-25 14:22:49 +01:00
Amber Brown 561eebe170 fix to use makeContext so that we don't need to rebuild the certificateoptions each time 2019-02-19 16:18:05 +11:00
Richard van der Hoff 9645728619 Don't create server contexts when TLS is disabled 
we aren't going to use them anyway.
 2019-02-11 21:32:01 +00:00
Richard van der Hoff 97fd29c019
Don't send IP addresses as SNI (#4452) 
The problem here is that we have cut-and-pasted an impl from Twisted, and then
failed to maintain it. It was fixed in Twisted in
https://github.com/twisted/twisted/pull/1047/files; let's do the same here.
 2019-01-24 09:34:44 +00:00
Amber Brown 23b0813599
Require ECDH key exchange & remove dh_params (#4429) 
* remove dh_params and set better cipher string
 2019-01-22 21:58:50 +11:00
Amber Brown 8fd93b5eea
Port crypto/ to Python 3 (#3822) 2018-09-12 20:16:31 +10:00
Jeroen 2e9c73e8ca more generic conversion of str/bytes to unicode 2018-08-09 21:31:26 +02:00
Jeroen 64899341dc include private functions from twisted 2018-08-09 21:04:22 +02:00
Jeroen d5c0ce4cad updated docstring for ServerContextFactory 2018-08-08 19:25:01 +02:00
Jeroen 2903e65aff fix isort 2018-07-29 19:47:08 +02:00
Jeroen 95341a8f6f take idna implementation from twisted 2018-06-26 21:15:14 +02:00
Jeroen b7f34ee348 allow self-signed certificates 2018-06-26 20:41:05 +02:00
Jeroen 07b4f88de9 formatting changes for pep8 2018-06-25 12:31:16 +02:00
Jeroen 3d605853c8 send SNI for federation requests 2018-06-24 22:38:43 +02:00
Will Hunt 2ad3fc36e6 Fixes #3135 - Replace _OpenSSLECCurve with crypto.get_elliptic_curve (#3157) 
fixes #3135

Signed-off-by: Will Hunt will@half-shot.uk
 2018-04-30 16:21:11 +01:00
Richard van der Hoff eaaabc6c4f replace 'except:' with 'except Exception:' 
what could possibly go wrong
 2017-10-23 15:52:32 +01:00
Matthew Hodgson 6c28ac260c copyrights 2016-01-07 04:26:29 +00:00
Matthew Hodgson fb8d2862c1 remove the tls_certificate_chain_path param and simply support tls_certificate_path pointing to a file containing a chain of certificates 2015-07-09 00:45:41 +01:00
Matthew Hodgson f26a3df1bf oops, context.tls_certificate_chain_file() expects a file, not a certificate. 2015-07-08 21:33:02 +01:00
Matthew Hodgson 19fa3731ae typo 2015-07-08 18:53:41 +01:00
Matthew Hodgson 64afbe6ccd add new optional config for tls_certificate_chain_path for folks with intermediary SSL certs 2015-07-08 18:20:02 +01:00
Erik Johnston 3ce8540484 Don't look for an TLS private key if we have set --no-tls 2015-03-06 11:34:06 +00:00
Mark Haines adb04b1e57 Update copyright notices 2015-01-06 13:21:39 +00:00
Mark Haines 7d709542ca Fix pep8 warnings 2014-10-30 11:10:17 +00:00
Mark Haines 15be181642 Add log message if we can't enable ECC. Require pyopenssl>=0.14 since 0.13 doesn't seem to have ECC 2014-10-24 19:27:12 +01:00
Matthew Hodgson 8a7c1d6a00 fix the copyright holder from matrix.org to OpenMarket Ltd, as matrix.org hasn't been incorporated in time for launch. 2014-09-03 17:31:57 +01:00
Mark Haines c6eafdfbaf Add copyright notices and fix pyflakes errors 2014-09-03 09:43:11 +01:00
Mark Haines 79650f795f enable ECDHE ciphers 2014-09-01 22:29:44 +01:00
Mark Haines 6200630904 Add server TLS context factory 2014-09-01 17:55:35 +01:00