tileradotorg/synapse
1
0
Fork 0
forked from MirrorHub/synapse
Code Pull requests Activity

Consider IP whitelist for identity server resolution (#11120)

Browse source 
Signed-off-by: Robert Edström <github@legogris.se>
This commit is contained in:
Robert Edström 2021-10-20 17:43:49 +00:00 committed by GitHub
parent 0930e9ae12
commit 62db603fa0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
changelog.d/11120.bugfix Normal file
View file

@ -0,0 +1 @@
Identity server connection is no longer ignoring `ip_range_whitelist`.

4
synapse/handlers/identity.py
View file

@ -54,7 +54,9 @@ class IdentityHandler:
self.http_client = SimpleHttpClient(hs) self.http_client = SimpleHttpClient(hs)
# An HTTP client for contacting identity servers specified by clients. # An HTTP client for contacting identity servers specified by clients.
self.blacklisting_http_client = SimpleHttpClient( self.blacklisting_http_client = SimpleHttpClient(
hs, ip_blacklist=hs.config.server.federation_ip_range_blacklist hs,
ip_blacklist=hs.config.server.federation_ip_range_blacklist,
ip_whitelist=hs.config.server.federation_ip_range_whitelist,
) )
self.federation_http_client = hs.get_federation_http_client() self.federation_http_client = hs.get_federation_http_client()
self.hs = hs self.hs = hs