Explicitly log when a homeserver does not have the 'trusted_key_servers' config field configured.

This commit is contained in:
Neil Johnson 2019-09-23 16:14:56 +01:00
parent 1b519e0272
commit fb27576deb
2 changed files with 19 additions and 0 deletions

1
changelog.d/6090.doc Normal file
View file

@ -0,0 +1 @@
Explicitly log when a homeserver does not have the 'trusted_key_servers' config field configured.

View file

@ -95,6 +95,24 @@ class KeyConfig(Config):
# if neither trusted_key_servers nor perspectives are given, use the default.
if "perspectives" not in config and "trusted_key_servers" not in config:
logger.warn(
"""
Synapse requires that a notary homeserver is configured to
verify keys of other servers in the federation. This homeserver
does not have a notary server configured in homeserver.yaml and
will fall back to the default of 'matrix.org'.
Notary servers should be long lived, stable and trusted which
makes matrix.org a good choice for many admins, but some may
wish to choose another. To suppress this warning, the admin
should set 'trusted_key_servers' in homeserver.yaml to their
desired notary server.
In a future release the software defined default will be
removed entirely and the notary server will be defined
exclusively by the value of 'trust_key_servers'.
"""
)
key_servers = [{"server_name": "matrix.org"}]
else:
key_servers = config.get("trusted_key_servers", [])