From da23aa26c5958fcb243a6ab1a21d18ba2247c0cb Mon Sep 17 00:00:00 2001
From: Andrew Morgan <andrew@amorgan.xyz>
Date: Mon, 1 Apr 2019 14:56:36 +0100
Subject: [PATCH] Cleaner code logic

---
 synapse/crypto/context_factory.py | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/synapse/crypto/context_factory.py b/synapse/crypto/context_factory.py
index 7f747cd55a..2c2bfa3a89 100644
--- a/synapse/crypto/context_factory.py
+++ b/synapse/crypto/context_factory.py
@@ -138,12 +138,10 @@ class ClientTLSOptionsFactory(object):
         # Use _makeContext so that we get a fresh OpenSSL CTX each time.
 
         # Check if certificate validation has been enabled
-        if config.federation_verify_certificates:
-            # Check if this host is whitelisted
-            if host in config.federation_certificate_validation_whitelist:
-                return ClientTLSOptions(host, self._options_novalidate._makeContext())
-
-            # Otherwise require validation
+        if (config.federation_verify_certificates and
+                host not in config.federation_certificate_validation_whitelist):
+            # Require validation
             return ClientTLSOptions(host, self._options_validate._makeContext())
 
+        # Otherwise don't require validation
         return ClientTLSOptions(host, self._options_novalidate._makeContext())