Explicitly log when a homeserver does not have the 'trusted_key_servers' config field configured.

2024-12-20 10:55:09 +03:00 · 2019-09-23 16:14:56 +01:00 · 2019-09-23 16:14:56 +01:00 · fb27576deb
commit fb27576deb
parent 1b519e0272
2 changed files with 19 additions and 0 deletions
--- a/changelog.d/6090.doc
+++ b/changelog.d/6090.doc
@ -0,0 +1 @@
+Explicitly log when a homeserver does not have the 'trusted_key_servers' config field configured.
--- a/synapse/config/key.py
+++ b/synapse/config/key.py
@ -95,6 +95,24 @@ class KeyConfig(Config):

        # if neither trusted_key_servers nor perspectives are given, use the default.
        if "perspectives" not in config and "trusted_key_servers" not in config:
+            logger.warn(
+                """
+                Synapse requires that a notary homeserver is configured to
+                verify keys of other servers in the federation. This homeserver
+                does not have a notary server configured in homeserver.yaml and
+                will fall back to the default of 'matrix.org'.
+
+                Notary servers should be long lived, stable and trusted which
+                makes matrix.org a good choice for many admins, but some may
+                wish to choose another. To suppress this warning, the admin
+                should set 'trusted_key_servers' in homeserver.yaml to their
+                desired notary server.
+
+                In a future release the software defined default will be
+                removed entirely and the notary server will be defined
+                exclusively by the value of 'trust_key_servers'.
+                """
+            )
            key_servers = [{"server_name": "matrix.org"}]
        else:
            key_servers = config.get("trusted_key_servers", [])
				`@ -0,0 +1 @@`
				`Explicitly log when a homeserver does not have the 'trusted_key_servers' config field configured.`