From 4cff9376f7b07d3c60b1f882cde5848149862dd9 Mon Sep 17 00:00:00 2001
From: Erik Johnston <erik@matrix.org>
Date: Wed, 27 Feb 2019 13:43:53 +0000
Subject: [PATCH 1/3] Move server key queries to federation reader

---
 docs/workers.rst                 | 1 +
 synapse/app/federation_reader.py | 6 +++++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/docs/workers.rst b/docs/workers.rst
index 3ba5879f7..7552455a4 100644
--- a/docs/workers.rst
+++ b/docs/workers.rst
@@ -182,6 +182,7 @@ endpoints matching the following regular expressions::
     ^/_matrix/federation/v1/event_auth/
     ^/_matrix/federation/v1/exchange_third_party_invite/
     ^/_matrix/federation/v1/send/
+    ^/_matrix/key/v2/query
 
 The above endpoints should all be routed to the federation_reader worker by the
 reverse-proxy configuration.
diff --git a/synapse/app/federation_reader.py b/synapse/app/federation_reader.py
index b116c1766..7da79dc82 100644
--- a/synapse/app/federation_reader.py
+++ b/synapse/app/federation_reader.py
@@ -21,7 +21,7 @@ from twisted.web.resource import NoResource
 
 import synapse
 from synapse import events
-from synapse.api.urls import FEDERATION_PREFIX
+from synapse.api.urls import FEDERATION_PREFIX, SERVER_KEY_V2_PREFIX
 from synapse.app import _base
 from synapse.config._base import ConfigError
 from synapse.config.homeserver import HomeServerConfig
@@ -44,6 +44,7 @@ from synapse.replication.slave.storage.registration import SlavedRegistrationSto
 from synapse.replication.slave.storage.room import RoomStore
 from synapse.replication.slave.storage.transactions import SlavedTransactionStore
 from synapse.replication.tcp.client import ReplicationClientHandler
+from synapse.rest.key.v2 import KeyApiV2Resource
 from synapse.server import HomeServer
 from synapse.storage.engines import create_engine
 from synapse.util.httpresourcetree import create_resource_tree
@@ -99,6 +100,9 @@ class FederationReaderServer(HomeServer):
                         ),
                     })
 
+                if name in ["keys", "federation"]:
+                    resources[SERVER_KEY_V2_PREFIX] = KeyApiV2Resource(self)
+
         root_resource = create_resource_tree(resources, NoResource())
 
         _base.listen_tcp(

From b5c13df0c4676f2ab534548146a99d87654bcd17 Mon Sep 17 00:00:00 2001
From: Erik Johnston <erik@matrix.org>
Date: Wed, 27 Feb 2019 13:46:29 +0000
Subject: [PATCH 2/3] Newsfile

---
 changelog.d/4757.feature | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 changelog.d/4757.feature

diff --git a/changelog.d/4757.feature b/changelog.d/4757.feature
new file mode 100644
index 000000000..b89029f2b
--- /dev/null
+++ b/changelog.d/4757.feature
@@ -0,0 +1 @@
+Move server key queries to federation reader.

From d4dc527a1a32ceeec97d9931009b33a0c93ee078 Mon Sep 17 00:00:00 2001
From: Erik Johnston <erik@matrix.org>
Date: Wed, 27 Feb 2019 14:24:45 +0000
Subject: [PATCH 3/3] Fix unit tests

---
 tests/utils.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/tests/utils.py b/tests/utils.py
index 2dfcb70a9..e8ab31252 100644
--- a/tests/utils.py
+++ b/tests/utils.py
@@ -142,6 +142,9 @@ def default_config(name):
     config.saml2_enabled = False
     config.public_baseurl = None
     config.default_identity_server = None
+    config.key_refresh_interval = 24 * 60 * 60 * 1000
+    config.old_signing_keys = {}
+    config.tls_fingerprints = []
 
     config.use_frozen_dicts = False
 
@@ -457,6 +460,9 @@ class MockKey(object):
     def verify(self, message, sig):
         assert sig == b"\x9a\x87$"
 
+    def encode(self):
+        return b"<fake_encoded_key>"
+
 
 class MockClock(object):
     now = 1000