mirror of
https://github.com/element-hq/synapse.git
synced 2024-12-19 09:31:35 +03:00
incorporate PR feedback
This commit is contained in:
parent
4b090cb273
commit
313a489fc9
8 changed files with 19 additions and 16 deletions
|
@ -55,14 +55,16 @@ class ServerConfig(Config):
|
|||
"block_non_admin_invites", False,
|
||||
)
|
||||
|
||||
# FIXME: federation_domain_whitelist needs sytests
|
||||
self.federation_domain_whitelist = None
|
||||
federation_domain_whitelist = config.get(
|
||||
"federation_domain_whitelist", []
|
||||
"federation_domain_whitelist", None
|
||||
)
|
||||
# turn the whitelist into a hash for speed of lookup
|
||||
self.federation_domain_whitelist = {}
|
||||
for domain in federation_domain_whitelist:
|
||||
self.federation_domain_whitelist[domain] = True
|
||||
# FIXME: federation_domain_whitelist needs sytests
|
||||
if federation_domain_whitelist is not None:
|
||||
self.federation_domain_whitelist = {}
|
||||
for domain in federation_domain_whitelist:
|
||||
self.federation_domain_whitelist[domain] = True
|
||||
|
||||
if self.public_baseurl is not None:
|
||||
if self.public_baseurl[-1] != '/':
|
||||
|
@ -222,7 +224,8 @@ class ServerConfig(Config):
|
|||
# Restrict federation to the following whitelist of domains.
|
||||
# N.B. we recommend also firewalling your federation listener to limit
|
||||
# inbound federation traffic as early as possible, rather than relying
|
||||
# purely on this application-layer restriction.
|
||||
# purely on this application-layer restriction. If not specified, the
|
||||
# default is to whitelist nothing.
|
||||
#
|
||||
# federation_domain_whitelist:
|
||||
# - lon.example.com
|
||||
|
|
|
@ -267,7 +267,7 @@ class FederationClient(FederationBase):
|
|||
logger.info(e.message)
|
||||
continue
|
||||
except FederationDeniedError as e:
|
||||
logger.debug(e.message)
|
||||
logger.info(e.message)
|
||||
continue
|
||||
except Exception as e:
|
||||
pdu_attempts[destination] = now
|
||||
|
|
|
@ -491,7 +491,7 @@ class TransactionQueue(object):
|
|||
),
|
||||
)
|
||||
except FederationDeniedError as e:
|
||||
logger.debug(e)
|
||||
logger.info(e)
|
||||
except Exception as e:
|
||||
logger.warn(
|
||||
"TX [%s] Failed to send transaction: %s",
|
||||
|
|
|
@ -94,7 +94,7 @@ class Authenticator(object):
|
|||
}
|
||||
|
||||
if (
|
||||
self.federation_domain_whitelist and
|
||||
self.federation_domain_whitelist is not None and
|
||||
self.server_name not in self.federation_domain_whitelist
|
||||
):
|
||||
raise FederationDeniedError(self.server_name)
|
||||
|
|
|
@ -515,7 +515,7 @@ class DeviceListEduUpdater(object):
|
|||
# eventually become consistent.
|
||||
return
|
||||
except FederationDeniedError as e:
|
||||
logger.debug(e)
|
||||
logger.info(e)
|
||||
return
|
||||
except Exception:
|
||||
# TODO: Remember that we are now out of sync and try again
|
||||
|
|
|
@ -784,7 +784,7 @@ class FederationHandler(BaseHandler):
|
|||
logger.info(e.message)
|
||||
continue
|
||||
except FederationDeniedError as e:
|
||||
logger.debug(e)
|
||||
logger.info(e)
|
||||
continue
|
||||
except Exception as e:
|
||||
logger.exception(
|
||||
|
|
|
@ -139,7 +139,7 @@ class RemoteKey(Resource):
|
|||
store_queries = []
|
||||
for server_name, key_ids in query.items():
|
||||
if (
|
||||
self.federation_domain_whitelist and
|
||||
self.federation_domain_whitelist is not None and
|
||||
server_name not in self.federation_domain_whitelist
|
||||
):
|
||||
logger.debug("Federation denied with %s", server_name)
|
||||
|
|
|
@ -226,7 +226,7 @@ class MediaRepository(object):
|
|||
to request
|
||||
"""
|
||||
if (
|
||||
self.federation_domain_whitelist and
|
||||
self.federation_domain_whitelist is not None and
|
||||
server_name not in self.federation_domain_whitelist
|
||||
):
|
||||
raise FederationDeniedError(server_name)
|
||||
|
@ -266,7 +266,7 @@ class MediaRepository(object):
|
|||
Deferred[dict]: The media_info of the file
|
||||
"""
|
||||
if (
|
||||
self.federation_domain_whitelist and
|
||||
self.federation_domain_whitelist is not None and
|
||||
server_name not in self.federation_domain_whitelist
|
||||
):
|
||||
raise FederationDeniedError(server_name)
|
||||
|
@ -387,8 +387,8 @@ class MediaRepository(object):
|
|||
logger.warn("Not retrying destination %r", server_name)
|
||||
raise SynapseError(502, "Failed to fetch remote media")
|
||||
except FederationDeniedError as e:
|
||||
logger.debug(e)
|
||||
raise SynapseError(403, e.message)
|
||||
logger.info(e)
|
||||
raise e
|
||||
except Exception:
|
||||
logger.exception("Failed to fetch remote media %s/%s",
|
||||
server_name, media_id)
|
||||
|
|
Loading…
Reference in a new issue