Apply an IP range blacklist to push and key revocation requests. (#8821)
Replaces the `federation_ip_range_blacklist` configuration setting with an `ip_range_blacklist` setting with wider scope. It now applies to: * Federation * Identity servers * Push notifications * Checking key validitity for third-party invite events The old `federation_ip_range_blacklist` setting is still honored if present, but with reduced scope (it only applies to federation and identity servers).
This commit is contained in:
parent
c5b6abd53d
commit
30fba62108
|
@ -0,0 +1 @@
|
||||||
|
Apply the `federation_ip_range_blacklist` to push and key revocation requests.
|
|
@ -642,17 +642,19 @@ acme:
|
||||||
# - nyc.example.com
|
# - nyc.example.com
|
||||||
# - syd.example.com
|
# - syd.example.com
|
||||||
|
|
||||||
# Prevent federation requests from being sent to the following
|
# Prevent outgoing requests from being sent to the following blacklisted IP address
|
||||||
# blacklist IP address CIDR ranges. If this option is not specified, or
|
# CIDR ranges. If this option is not specified, or specified with an empty list,
|
||||||
# specified with an empty list, no ip range blacklist will be enforced.
|
# no IP range blacklist will be enforced.
|
||||||
#
|
#
|
||||||
# As of Synapse v1.4.0 this option also affects any outbound requests to identity
|
# The blacklist applies to the outbound requests for federation, identity servers,
|
||||||
# servers provided by user input.
|
# push servers, and for checking key validitity for third-party invite events.
|
||||||
#
|
#
|
||||||
# (0.0.0.0 and :: are always blacklisted, whether or not they are explicitly
|
# (0.0.0.0 and :: are always blacklisted, whether or not they are explicitly
|
||||||
# listed here, since they correspond to unroutable addresses.)
|
# listed here, since they correspond to unroutable addresses.)
|
||||||
#
|
#
|
||||||
federation_ip_range_blacklist:
|
# This option replaces federation_ip_range_blacklist in Synapse v1.24.0.
|
||||||
|
#
|
||||||
|
ip_range_blacklist:
|
||||||
- '127.0.0.0/8'
|
- '127.0.0.0/8'
|
||||||
- '10.0.0.0/8'
|
- '10.0.0.0/8'
|
||||||
- '172.16.0.0/12'
|
- '172.16.0.0/12'
|
||||||
|
|
|
@ -266,7 +266,6 @@ class GenericWorkerPresence(BasePresenceHandler):
|
||||||
super().__init__(hs)
|
super().__init__(hs)
|
||||||
self.hs = hs
|
self.hs = hs
|
||||||
self.is_mine_id = hs.is_mine_id
|
self.is_mine_id = hs.is_mine_id
|
||||||
self.http_client = hs.get_simple_http_client()
|
|
||||||
|
|
||||||
self._presence_enabled = hs.config.use_presence
|
self._presence_enabled = hs.config.use_presence
|
||||||
|
|
||||||
|
|
|
@ -36,22 +36,30 @@ class FederationConfig(Config):
|
||||||
for domain in federation_domain_whitelist:
|
for domain in federation_domain_whitelist:
|
||||||
self.federation_domain_whitelist[domain] = True
|
self.federation_domain_whitelist[domain] = True
|
||||||
|
|
||||||
self.federation_ip_range_blacklist = config.get(
|
ip_range_blacklist = config.get("ip_range_blacklist", [])
|
||||||
"federation_ip_range_blacklist", []
|
|
||||||
)
|
|
||||||
|
|
||||||
# Attempt to create an IPSet from the given ranges
|
# Attempt to create an IPSet from the given ranges
|
||||||
try:
|
try:
|
||||||
self.federation_ip_range_blacklist = IPSet(
|
self.ip_range_blacklist = IPSet(ip_range_blacklist)
|
||||||
self.federation_ip_range_blacklist
|
except Exception as e:
|
||||||
)
|
raise ConfigError("Invalid range(s) provided in ip_range_blacklist: %s" % e)
|
||||||
|
|
||||||
# Always blacklist 0.0.0.0, ::
|
# Always blacklist 0.0.0.0, ::
|
||||||
self.federation_ip_range_blacklist.update(["0.0.0.0", "::"])
|
self.ip_range_blacklist.update(["0.0.0.0", "::"])
|
||||||
|
|
||||||
|
# The federation_ip_range_blacklist is used for backwards-compatibility
|
||||||
|
# and only applies to federation and identity servers. If it is not given,
|
||||||
|
# default to ip_range_blacklist.
|
||||||
|
federation_ip_range_blacklist = config.get(
|
||||||
|
"federation_ip_range_blacklist", ip_range_blacklist
|
||||||
|
)
|
||||||
|
try:
|
||||||
|
self.federation_ip_range_blacklist = IPSet(federation_ip_range_blacklist)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
raise ConfigError(
|
raise ConfigError(
|
||||||
"Invalid range(s) provided in federation_ip_range_blacklist: %s" % e
|
"Invalid range(s) provided in federation_ip_range_blacklist: %s" % e
|
||||||
)
|
)
|
||||||
|
# Always blacklist 0.0.0.0, ::
|
||||||
|
self.federation_ip_range_blacklist.update(["0.0.0.0", "::"])
|
||||||
|
|
||||||
federation_metrics_domains = config.get("federation_metrics_domains") or []
|
federation_metrics_domains = config.get("federation_metrics_domains") or []
|
||||||
validate_config(
|
validate_config(
|
||||||
|
@ -76,17 +84,19 @@ class FederationConfig(Config):
|
||||||
# - nyc.example.com
|
# - nyc.example.com
|
||||||
# - syd.example.com
|
# - syd.example.com
|
||||||
|
|
||||||
# Prevent federation requests from being sent to the following
|
# Prevent outgoing requests from being sent to the following blacklisted IP address
|
||||||
# blacklist IP address CIDR ranges. If this option is not specified, or
|
# CIDR ranges. If this option is not specified, or specified with an empty list,
|
||||||
# specified with an empty list, no ip range blacklist will be enforced.
|
# no IP range blacklist will be enforced.
|
||||||
#
|
#
|
||||||
# As of Synapse v1.4.0 this option also affects any outbound requests to identity
|
# The blacklist applies to the outbound requests for federation, identity servers,
|
||||||
# servers provided by user input.
|
# push servers, and for checking key validitity for third-party invite events.
|
||||||
#
|
#
|
||||||
# (0.0.0.0 and :: are always blacklisted, whether or not they are explicitly
|
# (0.0.0.0 and :: are always blacklisted, whether or not they are explicitly
|
||||||
# listed here, since they correspond to unroutable addresses.)
|
# listed here, since they correspond to unroutable addresses.)
|
||||||
#
|
#
|
||||||
federation_ip_range_blacklist:
|
# This option replaces federation_ip_range_blacklist in Synapse v1.24.0.
|
||||||
|
#
|
||||||
|
ip_range_blacklist:
|
||||||
- '127.0.0.0/8'
|
- '127.0.0.0/8'
|
||||||
- '10.0.0.0/8'
|
- '10.0.0.0/8'
|
||||||
- '172.16.0.0/12'
|
- '172.16.0.0/12'
|
||||||
|
|
|
@ -578,7 +578,7 @@ class PerspectivesKeyFetcher(BaseV2KeyFetcher):
|
||||||
def __init__(self, hs):
|
def __init__(self, hs):
|
||||||
super().__init__(hs)
|
super().__init__(hs)
|
||||||
self.clock = hs.get_clock()
|
self.clock = hs.get_clock()
|
||||||
self.client = hs.get_http_client()
|
self.client = hs.get_federation_http_client()
|
||||||
self.key_servers = self.config.key_servers
|
self.key_servers = self.config.key_servers
|
||||||
|
|
||||||
async def get_keys(self, keys_to_fetch):
|
async def get_keys(self, keys_to_fetch):
|
||||||
|
@ -748,7 +748,7 @@ class ServerKeyFetcher(BaseV2KeyFetcher):
|
||||||
def __init__(self, hs):
|
def __init__(self, hs):
|
||||||
super().__init__(hs)
|
super().__init__(hs)
|
||||||
self.clock = hs.get_clock()
|
self.clock = hs.get_clock()
|
||||||
self.client = hs.get_http_client()
|
self.client = hs.get_federation_http_client()
|
||||||
|
|
||||||
async def get_keys(self, keys_to_fetch):
|
async def get_keys(self, keys_to_fetch):
|
||||||
"""
|
"""
|
||||||
|
|
|
@ -845,7 +845,6 @@ class FederationHandlerRegistry:
|
||||||
|
|
||||||
def __init__(self, hs: "HomeServer"):
|
def __init__(self, hs: "HomeServer"):
|
||||||
self.config = hs.config
|
self.config = hs.config
|
||||||
self.http_client = hs.get_simple_http_client()
|
|
||||||
self.clock = hs.get_clock()
|
self.clock = hs.get_clock()
|
||||||
self._instance_name = hs.get_instance_name()
|
self._instance_name = hs.get_instance_name()
|
||||||
|
|
||||||
|
|
|
@ -35,7 +35,7 @@ class TransportLayerClient:
|
||||||
|
|
||||||
def __init__(self, hs):
|
def __init__(self, hs):
|
||||||
self.server_name = hs.hostname
|
self.server_name = hs.hostname
|
||||||
self.client = hs.get_http_client()
|
self.client = hs.get_federation_http_client()
|
||||||
|
|
||||||
@log_function
|
@log_function
|
||||||
def get_room_state_ids(self, destination, room_id, event_id):
|
def get_room_state_ids(self, destination, room_id, event_id):
|
||||||
|
|
|
@ -140,7 +140,7 @@ class FederationHandler(BaseHandler):
|
||||||
self._message_handler = hs.get_message_handler()
|
self._message_handler = hs.get_message_handler()
|
||||||
self._server_notices_mxid = hs.config.server_notices_mxid
|
self._server_notices_mxid = hs.config.server_notices_mxid
|
||||||
self.config = hs.config
|
self.config = hs.config
|
||||||
self.http_client = hs.get_simple_http_client()
|
self.http_client = hs.get_proxied_blacklisted_http_client()
|
||||||
self._instance_name = hs.get_instance_name()
|
self._instance_name = hs.get_instance_name()
|
||||||
self._replication = hs.get_replication_data_handler()
|
self._replication = hs.get_replication_data_handler()
|
||||||
|
|
||||||
|
|
|
@ -46,13 +46,13 @@ class IdentityHandler(BaseHandler):
|
||||||
def __init__(self, hs):
|
def __init__(self, hs):
|
||||||
super().__init__(hs)
|
super().__init__(hs)
|
||||||
|
|
||||||
|
# An HTTP client for contacting trusted URLs.
|
||||||
self.http_client = SimpleHttpClient(hs)
|
self.http_client = SimpleHttpClient(hs)
|
||||||
# We create a blacklisting instance of SimpleHttpClient for contacting identity
|
# An HTTP client for contacting identity servers specified by clients.
|
||||||
# servers specified by clients
|
|
||||||
self.blacklisting_http_client = SimpleHttpClient(
|
self.blacklisting_http_client = SimpleHttpClient(
|
||||||
hs, ip_blacklist=hs.config.federation_ip_range_blacklist
|
hs, ip_blacklist=hs.config.federation_ip_range_blacklist
|
||||||
)
|
)
|
||||||
self.federation_http_client = hs.get_http_client()
|
self.federation_http_client = hs.get_federation_http_client()
|
||||||
self.hs = hs
|
self.hs = hs
|
||||||
|
|
||||||
async def threepid_from_creds(
|
async def threepid_from_creds(
|
||||||
|
|
|
@ -125,7 +125,7 @@ def _make_scheduler(reactor):
|
||||||
return _scheduler
|
return _scheduler
|
||||||
|
|
||||||
|
|
||||||
class IPBlacklistingResolver:
|
class _IPBlacklistingResolver:
|
||||||
"""
|
"""
|
||||||
A proxy for reactor.nameResolver which only produces non-blacklisted IP
|
A proxy for reactor.nameResolver which only produces non-blacklisted IP
|
||||||
addresses, preventing DNS rebinding attacks on URL preview.
|
addresses, preventing DNS rebinding attacks on URL preview.
|
||||||
|
@ -199,6 +199,35 @@ class IPBlacklistingResolver:
|
||||||
return r
|
return r
|
||||||
|
|
||||||
|
|
||||||
|
@implementer(IReactorPluggableNameResolver)
|
||||||
|
class BlacklistingReactorWrapper:
|
||||||
|
"""
|
||||||
|
A Reactor wrapper which will prevent DNS resolution to blacklisted IP
|
||||||
|
addresses, to prevent DNS rebinding.
|
||||||
|
"""
|
||||||
|
|
||||||
|
def __init__(
|
||||||
|
self,
|
||||||
|
reactor: IReactorPluggableNameResolver,
|
||||||
|
ip_whitelist: Optional[IPSet],
|
||||||
|
ip_blacklist: IPSet,
|
||||||
|
):
|
||||||
|
self._reactor = reactor
|
||||||
|
|
||||||
|
# We need to use a DNS resolver which filters out blacklisted IP
|
||||||
|
# addresses, to prevent DNS rebinding.
|
||||||
|
self._nameResolver = _IPBlacklistingResolver(
|
||||||
|
self._reactor, ip_whitelist, ip_blacklist
|
||||||
|
)
|
||||||
|
|
||||||
|
def __getattr__(self, attr: str) -> Any:
|
||||||
|
# Passthrough to the real reactor except for the DNS resolver.
|
||||||
|
if attr == "nameResolver":
|
||||||
|
return self._nameResolver
|
||||||
|
else:
|
||||||
|
return getattr(self._reactor, attr)
|
||||||
|
|
||||||
|
|
||||||
class BlacklistingAgentWrapper(Agent):
|
class BlacklistingAgentWrapper(Agent):
|
||||||
"""
|
"""
|
||||||
An Agent wrapper which will prevent access to IP addresses being accessed
|
An Agent wrapper which will prevent access to IP addresses being accessed
|
||||||
|
@ -292,22 +321,11 @@ class SimpleHttpClient:
|
||||||
self.user_agent = self.user_agent.encode("ascii")
|
self.user_agent = self.user_agent.encode("ascii")
|
||||||
|
|
||||||
if self._ip_blacklist:
|
if self._ip_blacklist:
|
||||||
real_reactor = hs.get_reactor()
|
|
||||||
# If we have an IP blacklist, we need to use a DNS resolver which
|
# If we have an IP blacklist, we need to use a DNS resolver which
|
||||||
# filters out blacklisted IP addresses, to prevent DNS rebinding.
|
# filters out blacklisted IP addresses, to prevent DNS rebinding.
|
||||||
nameResolver = IPBlacklistingResolver(
|
self.reactor = BlacklistingReactorWrapper(
|
||||||
real_reactor, self._ip_whitelist, self._ip_blacklist
|
hs.get_reactor(), self._ip_whitelist, self._ip_blacklist
|
||||||
)
|
)
|
||||||
|
|
||||||
@implementer(IReactorPluggableNameResolver)
|
|
||||||
class Reactor:
|
|
||||||
def __getattr__(_self, attr):
|
|
||||||
if attr == "nameResolver":
|
|
||||||
return nameResolver
|
|
||||||
else:
|
|
||||||
return getattr(real_reactor, attr)
|
|
||||||
|
|
||||||
self.reactor = Reactor()
|
|
||||||
else:
|
else:
|
||||||
self.reactor = hs.get_reactor()
|
self.reactor = hs.get_reactor()
|
||||||
|
|
||||||
|
|
|
@ -16,7 +16,7 @@ import logging
|
||||||
import urllib.parse
|
import urllib.parse
|
||||||
from typing import List, Optional
|
from typing import List, Optional
|
||||||
|
|
||||||
from netaddr import AddrFormatError, IPAddress
|
from netaddr import AddrFormatError, IPAddress, IPSet
|
||||||
from zope.interface import implementer
|
from zope.interface import implementer
|
||||||
|
|
||||||
from twisted.internet import defer
|
from twisted.internet import defer
|
||||||
|
@ -31,6 +31,7 @@ from twisted.web.http_headers import Headers
|
||||||
from twisted.web.iweb import IAgent, IAgentEndpointFactory, IBodyProducer
|
from twisted.web.iweb import IAgent, IAgentEndpointFactory, IBodyProducer
|
||||||
|
|
||||||
from synapse.crypto.context_factory import FederationPolicyForHTTPS
|
from synapse.crypto.context_factory import FederationPolicyForHTTPS
|
||||||
|
from synapse.http.client import BlacklistingAgentWrapper
|
||||||
from synapse.http.federation.srv_resolver import Server, SrvResolver
|
from synapse.http.federation.srv_resolver import Server, SrvResolver
|
||||||
from synapse.http.federation.well_known_resolver import WellKnownResolver
|
from synapse.http.federation.well_known_resolver import WellKnownResolver
|
||||||
from synapse.logging.context import make_deferred_yieldable, run_in_background
|
from synapse.logging.context import make_deferred_yieldable, run_in_background
|
||||||
|
@ -70,6 +71,7 @@ class MatrixFederationAgent:
|
||||||
reactor: IReactorCore,
|
reactor: IReactorCore,
|
||||||
tls_client_options_factory: Optional[FederationPolicyForHTTPS],
|
tls_client_options_factory: Optional[FederationPolicyForHTTPS],
|
||||||
user_agent: bytes,
|
user_agent: bytes,
|
||||||
|
ip_blacklist: IPSet,
|
||||||
_srv_resolver: Optional[SrvResolver] = None,
|
_srv_resolver: Optional[SrvResolver] = None,
|
||||||
_well_known_resolver: Optional[WellKnownResolver] = None,
|
_well_known_resolver: Optional[WellKnownResolver] = None,
|
||||||
):
|
):
|
||||||
|
@ -90,13 +92,19 @@ class MatrixFederationAgent:
|
||||||
self.user_agent = user_agent
|
self.user_agent = user_agent
|
||||||
|
|
||||||
if _well_known_resolver is None:
|
if _well_known_resolver is None:
|
||||||
|
# Note that the name resolver has already been wrapped in a
|
||||||
|
# IPBlacklistingResolver by MatrixFederationHttpClient.
|
||||||
_well_known_resolver = WellKnownResolver(
|
_well_known_resolver = WellKnownResolver(
|
||||||
self._reactor,
|
self._reactor,
|
||||||
agent=Agent(
|
agent=BlacklistingAgentWrapper(
|
||||||
|
Agent(
|
||||||
self._reactor,
|
self._reactor,
|
||||||
pool=self._pool,
|
pool=self._pool,
|
||||||
contextFactory=tls_client_options_factory,
|
contextFactory=tls_client_options_factory,
|
||||||
),
|
),
|
||||||
|
self._reactor,
|
||||||
|
ip_blacklist=ip_blacklist,
|
||||||
|
),
|
||||||
user_agent=self.user_agent,
|
user_agent=self.user_agent,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
|
@ -26,11 +26,10 @@ import treq
|
||||||
from canonicaljson import encode_canonical_json
|
from canonicaljson import encode_canonical_json
|
||||||
from prometheus_client import Counter
|
from prometheus_client import Counter
|
||||||
from signedjson.sign import sign_json
|
from signedjson.sign import sign_json
|
||||||
from zope.interface import implementer
|
|
||||||
|
|
||||||
from twisted.internet import defer
|
from twisted.internet import defer
|
||||||
from twisted.internet.error import DNSLookupError
|
from twisted.internet.error import DNSLookupError
|
||||||
from twisted.internet.interfaces import IReactorPluggableNameResolver, IReactorTime
|
from twisted.internet.interfaces import IReactorTime
|
||||||
from twisted.internet.task import _EPSILON, Cooperator
|
from twisted.internet.task import _EPSILON, Cooperator
|
||||||
from twisted.web.http_headers import Headers
|
from twisted.web.http_headers import Headers
|
||||||
from twisted.web.iweb import IBodyProducer, IResponse
|
from twisted.web.iweb import IBodyProducer, IResponse
|
||||||
|
@ -45,7 +44,7 @@ from synapse.api.errors import (
|
||||||
from synapse.http import QuieterFileBodyProducer
|
from synapse.http import QuieterFileBodyProducer
|
||||||
from synapse.http.client import (
|
from synapse.http.client import (
|
||||||
BlacklistingAgentWrapper,
|
BlacklistingAgentWrapper,
|
||||||
IPBlacklistingResolver,
|
BlacklistingReactorWrapper,
|
||||||
encode_query_args,
|
encode_query_args,
|
||||||
readBodyToFile,
|
readBodyToFile,
|
||||||
)
|
)
|
||||||
|
@ -221,31 +220,22 @@ class MatrixFederationHttpClient:
|
||||||
self.signing_key = hs.signing_key
|
self.signing_key = hs.signing_key
|
||||||
self.server_name = hs.hostname
|
self.server_name = hs.hostname
|
||||||
|
|
||||||
real_reactor = hs.get_reactor()
|
|
||||||
|
|
||||||
# We need to use a DNS resolver which filters out blacklisted IP
|
# We need to use a DNS resolver which filters out blacklisted IP
|
||||||
# addresses, to prevent DNS rebinding.
|
# addresses, to prevent DNS rebinding.
|
||||||
nameResolver = IPBlacklistingResolver(
|
self.reactor = BlacklistingReactorWrapper(
|
||||||
real_reactor, None, hs.config.federation_ip_range_blacklist
|
hs.get_reactor(), None, hs.config.federation_ip_range_blacklist
|
||||||
)
|
)
|
||||||
|
|
||||||
@implementer(IReactorPluggableNameResolver)
|
|
||||||
class Reactor:
|
|
||||||
def __getattr__(_self, attr):
|
|
||||||
if attr == "nameResolver":
|
|
||||||
return nameResolver
|
|
||||||
else:
|
|
||||||
return getattr(real_reactor, attr)
|
|
||||||
|
|
||||||
self.reactor = Reactor()
|
|
||||||
|
|
||||||
user_agent = hs.version_string
|
user_agent = hs.version_string
|
||||||
if hs.config.user_agent_suffix:
|
if hs.config.user_agent_suffix:
|
||||||
user_agent = "%s %s" % (user_agent, hs.config.user_agent_suffix)
|
user_agent = "%s %s" % (user_agent, hs.config.user_agent_suffix)
|
||||||
user_agent = user_agent.encode("ascii")
|
user_agent = user_agent.encode("ascii")
|
||||||
|
|
||||||
self.agent = MatrixFederationAgent(
|
self.agent = MatrixFederationAgent(
|
||||||
self.reactor, tls_client_options_factory, user_agent
|
self.reactor,
|
||||||
|
tls_client_options_factory,
|
||||||
|
user_agent,
|
||||||
|
hs.config.federation_ip_range_blacklist,
|
||||||
)
|
)
|
||||||
|
|
||||||
# Use a BlacklistingAgentWrapper to prevent circumventing the IP
|
# Use a BlacklistingAgentWrapper to prevent circumventing the IP
|
||||||
|
|
|
@ -100,7 +100,7 @@ class HttpPusher:
|
||||||
if "url" not in self.data:
|
if "url" not in self.data:
|
||||||
raise PusherConfigException("'url' required in data for HTTP pusher")
|
raise PusherConfigException("'url' required in data for HTTP pusher")
|
||||||
self.url = self.data["url"]
|
self.url = self.data["url"]
|
||||||
self.http_client = hs.get_proxied_http_client()
|
self.http_client = hs.get_proxied_blacklisted_http_client()
|
||||||
self.data_minus_url = {}
|
self.data_minus_url = {}
|
||||||
self.data_minus_url.update(self.data)
|
self.data_minus_url.update(self.data)
|
||||||
del self.data_minus_url["url"]
|
del self.data_minus_url["url"]
|
||||||
|
|
|
@ -66,7 +66,7 @@ class MediaRepository:
|
||||||
def __init__(self, hs):
|
def __init__(self, hs):
|
||||||
self.hs = hs
|
self.hs = hs
|
||||||
self.auth = hs.get_auth()
|
self.auth = hs.get_auth()
|
||||||
self.client = hs.get_http_client()
|
self.client = hs.get_federation_http_client()
|
||||||
self.clock = hs.get_clock()
|
self.clock = hs.get_clock()
|
||||||
self.server_name = hs.hostname
|
self.server_name = hs.hostname
|
||||||
self.store = hs.get_datastore()
|
self.store = hs.get_datastore()
|
||||||
|
|
|
@ -350,16 +350,45 @@ class HomeServer(metaclass=abc.ABCMeta):
|
||||||
|
|
||||||
@cache_in_self
|
@cache_in_self
|
||||||
def get_simple_http_client(self) -> SimpleHttpClient:
|
def get_simple_http_client(self) -> SimpleHttpClient:
|
||||||
|
"""
|
||||||
|
An HTTP client with no special configuration.
|
||||||
|
"""
|
||||||
return SimpleHttpClient(self)
|
return SimpleHttpClient(self)
|
||||||
|
|
||||||
@cache_in_self
|
@cache_in_self
|
||||||
def get_proxied_http_client(self) -> SimpleHttpClient:
|
def get_proxied_http_client(self) -> SimpleHttpClient:
|
||||||
|
"""
|
||||||
|
An HTTP client that uses configured HTTP(S) proxies.
|
||||||
|
"""
|
||||||
return SimpleHttpClient(
|
return SimpleHttpClient(
|
||||||
self,
|
self,
|
||||||
http_proxy=os.getenvb(b"http_proxy"),
|
http_proxy=os.getenvb(b"http_proxy"),
|
||||||
https_proxy=os.getenvb(b"HTTPS_PROXY"),
|
https_proxy=os.getenvb(b"HTTPS_PROXY"),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@cache_in_self
|
||||||
|
def get_proxied_blacklisted_http_client(self) -> SimpleHttpClient:
|
||||||
|
"""
|
||||||
|
An HTTP client that uses configured HTTP(S) proxies and blacklists IPs
|
||||||
|
based on the IP range blacklist.
|
||||||
|
"""
|
||||||
|
return SimpleHttpClient(
|
||||||
|
self,
|
||||||
|
ip_blacklist=self.config.ip_range_blacklist,
|
||||||
|
http_proxy=os.getenvb(b"http_proxy"),
|
||||||
|
https_proxy=os.getenvb(b"HTTPS_PROXY"),
|
||||||
|
)
|
||||||
|
|
||||||
|
@cache_in_self
|
||||||
|
def get_federation_http_client(self) -> MatrixFederationHttpClient:
|
||||||
|
"""
|
||||||
|
An HTTP client for federation.
|
||||||
|
"""
|
||||||
|
tls_client_options_factory = context_factory.FederationPolicyForHTTPS(
|
||||||
|
self.config
|
||||||
|
)
|
||||||
|
return MatrixFederationHttpClient(self, tls_client_options_factory)
|
||||||
|
|
||||||
@cache_in_self
|
@cache_in_self
|
||||||
def get_room_creation_handler(self) -> RoomCreationHandler:
|
def get_room_creation_handler(self) -> RoomCreationHandler:
|
||||||
return RoomCreationHandler(self)
|
return RoomCreationHandler(self)
|
||||||
|
@ -514,13 +543,6 @@ class HomeServer(metaclass=abc.ABCMeta):
|
||||||
def get_pusherpool(self) -> PusherPool:
|
def get_pusherpool(self) -> PusherPool:
|
||||||
return PusherPool(self)
|
return PusherPool(self)
|
||||||
|
|
||||||
@cache_in_self
|
|
||||||
def get_http_client(self) -> MatrixFederationHttpClient:
|
|
||||||
tls_client_options_factory = context_factory.FederationPolicyForHTTPS(
|
|
||||||
self.config
|
|
||||||
)
|
|
||||||
return MatrixFederationHttpClient(self, tls_client_options_factory)
|
|
||||||
|
|
||||||
@cache_in_self
|
@cache_in_self
|
||||||
def get_media_repository_resource(self) -> MediaRepositoryResource:
|
def get_media_repository_resource(self) -> MediaRepositoryResource:
|
||||||
# build the media repo resource. This indirects through the HomeServer
|
# build the media repo resource. This indirects through the HomeServer
|
||||||
|
|
|
@ -50,7 +50,9 @@ class FilteringTestCase(unittest.TestCase):
|
||||||
self.mock_http_client.put_json = DeferredMockCallable()
|
self.mock_http_client.put_json = DeferredMockCallable()
|
||||||
|
|
||||||
hs = yield setup_test_homeserver(
|
hs = yield setup_test_homeserver(
|
||||||
self.addCleanup, http_client=self.mock_http_client, keyring=Mock(),
|
self.addCleanup,
|
||||||
|
federation_http_client=self.mock_http_client,
|
||||||
|
keyring=Mock(),
|
||||||
)
|
)
|
||||||
|
|
||||||
self.filtering = hs.get_filtering()
|
self.filtering = hs.get_filtering()
|
||||||
|
|
|
@ -23,7 +23,7 @@ class FrontendProxyTests(HomeserverTestCase):
|
||||||
def make_homeserver(self, reactor, clock):
|
def make_homeserver(self, reactor, clock):
|
||||||
|
|
||||||
hs = self.setup_test_homeserver(
|
hs = self.setup_test_homeserver(
|
||||||
http_client=None, homeserver_to_use=GenericWorkerServer
|
federation_http_client=None, homeserver_to_use=GenericWorkerServer
|
||||||
)
|
)
|
||||||
|
|
||||||
return hs
|
return hs
|
||||||
|
|
|
@ -27,7 +27,7 @@ from tests.unittest import HomeserverTestCase
|
||||||
class FederationReaderOpenIDListenerTests(HomeserverTestCase):
|
class FederationReaderOpenIDListenerTests(HomeserverTestCase):
|
||||||
def make_homeserver(self, reactor, clock):
|
def make_homeserver(self, reactor, clock):
|
||||||
hs = self.setup_test_homeserver(
|
hs = self.setup_test_homeserver(
|
||||||
http_client=None, homeserver_to_use=GenericWorkerServer
|
federation_http_client=None, homeserver_to_use=GenericWorkerServer
|
||||||
)
|
)
|
||||||
return hs
|
return hs
|
||||||
|
|
||||||
|
@ -84,7 +84,7 @@ class FederationReaderOpenIDListenerTests(HomeserverTestCase):
|
||||||
class SynapseHomeserverOpenIDListenerTests(HomeserverTestCase):
|
class SynapseHomeserverOpenIDListenerTests(HomeserverTestCase):
|
||||||
def make_homeserver(self, reactor, clock):
|
def make_homeserver(self, reactor, clock):
|
||||||
hs = self.setup_test_homeserver(
|
hs = self.setup_test_homeserver(
|
||||||
http_client=None, homeserver_to_use=SynapseHomeServer
|
federation_http_client=None, homeserver_to_use=SynapseHomeServer
|
||||||
)
|
)
|
||||||
return hs
|
return hs
|
||||||
|
|
||||||
|
|
|
@ -315,7 +315,7 @@ class KeyringTestCase(unittest.HomeserverTestCase):
|
||||||
class ServerKeyFetcherTestCase(unittest.HomeserverTestCase):
|
class ServerKeyFetcherTestCase(unittest.HomeserverTestCase):
|
||||||
def make_homeserver(self, reactor, clock):
|
def make_homeserver(self, reactor, clock):
|
||||||
self.http_client = Mock()
|
self.http_client = Mock()
|
||||||
hs = self.setup_test_homeserver(http_client=self.http_client)
|
hs = self.setup_test_homeserver(federation_http_client=self.http_client)
|
||||||
return hs
|
return hs
|
||||||
|
|
||||||
def test_get_keys_from_server(self):
|
def test_get_keys_from_server(self):
|
||||||
|
@ -395,7 +395,9 @@ class PerspectivesKeyFetcherTestCase(unittest.HomeserverTestCase):
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
|
|
||||||
return self.setup_test_homeserver(http_client=self.http_client, config=config)
|
return self.setup_test_homeserver(
|
||||||
|
federation_http_client=self.http_client, config=config
|
||||||
|
)
|
||||||
|
|
||||||
def build_perspectives_response(
|
def build_perspectives_response(
|
||||||
self, server_name: str, signing_key: SigningKey, valid_until_ts: int,
|
self, server_name: str, signing_key: SigningKey, valid_until_ts: int,
|
||||||
|
|
|
@ -27,7 +27,7 @@ user2 = "@theresa:bbb"
|
||||||
|
|
||||||
class DeviceTestCase(unittest.HomeserverTestCase):
|
class DeviceTestCase(unittest.HomeserverTestCase):
|
||||||
def make_homeserver(self, reactor, clock):
|
def make_homeserver(self, reactor, clock):
|
||||||
hs = self.setup_test_homeserver("server", http_client=None)
|
hs = self.setup_test_homeserver("server", federation_http_client=None)
|
||||||
self.handler = hs.get_device_handler()
|
self.handler = hs.get_device_handler()
|
||||||
self.store = hs.get_datastore()
|
self.store = hs.get_datastore()
|
||||||
return hs
|
return hs
|
||||||
|
@ -229,7 +229,7 @@ class DeviceTestCase(unittest.HomeserverTestCase):
|
||||||
|
|
||||||
class DehydrationTestCase(unittest.HomeserverTestCase):
|
class DehydrationTestCase(unittest.HomeserverTestCase):
|
||||||
def make_homeserver(self, reactor, clock):
|
def make_homeserver(self, reactor, clock):
|
||||||
hs = self.setup_test_homeserver("server", http_client=None)
|
hs = self.setup_test_homeserver("server", federation_http_client=None)
|
||||||
self.handler = hs.get_device_handler()
|
self.handler = hs.get_device_handler()
|
||||||
self.registration = hs.get_registration_handler()
|
self.registration = hs.get_registration_handler()
|
||||||
self.auth = hs.get_auth()
|
self.auth = hs.get_auth()
|
||||||
|
|
|
@ -42,7 +42,7 @@ class DirectoryTestCase(unittest.HomeserverTestCase):
|
||||||
self.mock_registry.register_query_handler = register_query_handler
|
self.mock_registry.register_query_handler = register_query_handler
|
||||||
|
|
||||||
hs = self.setup_test_homeserver(
|
hs = self.setup_test_homeserver(
|
||||||
http_client=None,
|
federation_http_client=None,
|
||||||
resource_for_federation=Mock(),
|
resource_for_federation=Mock(),
|
||||||
federation_client=self.mock_federation,
|
federation_client=self.mock_federation,
|
||||||
federation_registry=self.mock_registry,
|
federation_registry=self.mock_registry,
|
||||||
|
|
|
@ -37,7 +37,7 @@ class FederationTestCase(unittest.HomeserverTestCase):
|
||||||
]
|
]
|
||||||
|
|
||||||
def make_homeserver(self, reactor, clock):
|
def make_homeserver(self, reactor, clock):
|
||||||
hs = self.setup_test_homeserver(http_client=None)
|
hs = self.setup_test_homeserver(federation_http_client=None)
|
||||||
self.handler = hs.get_federation_handler()
|
self.handler = hs.get_federation_handler()
|
||||||
self.store = hs.get_datastore()
|
self.store = hs.get_datastore()
|
||||||
return hs
|
return hs
|
||||||
|
|
|
@ -463,7 +463,7 @@ class PresenceJoinTestCase(unittest.HomeserverTestCase):
|
||||||
|
|
||||||
def make_homeserver(self, reactor, clock):
|
def make_homeserver(self, reactor, clock):
|
||||||
hs = self.setup_test_homeserver(
|
hs = self.setup_test_homeserver(
|
||||||
"server", http_client=None, federation_sender=Mock()
|
"server", federation_http_client=None, federation_sender=Mock()
|
||||||
)
|
)
|
||||||
return hs
|
return hs
|
||||||
|
|
||||||
|
|
|
@ -44,7 +44,7 @@ class ProfileTestCase(unittest.TestCase):
|
||||||
|
|
||||||
hs = yield setup_test_homeserver(
|
hs = yield setup_test_homeserver(
|
||||||
self.addCleanup,
|
self.addCleanup,
|
||||||
http_client=None,
|
federation_http_client=None,
|
||||||
resource_for_federation=Mock(),
|
resource_for_federation=Mock(),
|
||||||
federation_client=self.mock_federation,
|
federation_client=self.mock_federation,
|
||||||
federation_server=Mock(),
|
federation_server=Mock(),
|
||||||
|
|
|
@ -70,7 +70,7 @@ class TypingNotificationsTestCase(unittest.HomeserverTestCase):
|
||||||
|
|
||||||
hs = self.setup_test_homeserver(
|
hs = self.setup_test_homeserver(
|
||||||
notifier=Mock(),
|
notifier=Mock(),
|
||||||
http_client=mock_federation_client,
|
federation_http_client=mock_federation_client,
|
||||||
keyring=mock_keyring,
|
keyring=mock_keyring,
|
||||||
replication_streams={},
|
replication_streams={},
|
||||||
)
|
)
|
||||||
|
@ -192,7 +192,7 @@ class TypingNotificationsTestCase(unittest.HomeserverTestCase):
|
||||||
)
|
)
|
||||||
)
|
)
|
||||||
|
|
||||||
put_json = self.hs.get_http_client().put_json
|
put_json = self.hs.get_federation_http_client().put_json
|
||||||
put_json.assert_called_once_with(
|
put_json.assert_called_once_with(
|
||||||
"farm",
|
"farm",
|
||||||
path="/_matrix/federation/v1/send/1000000",
|
path="/_matrix/federation/v1/send/1000000",
|
||||||
|
@ -270,7 +270,7 @@ class TypingNotificationsTestCase(unittest.HomeserverTestCase):
|
||||||
|
|
||||||
self.on_new_event.assert_has_calls([call("typing_key", 1, rooms=[ROOM_ID])])
|
self.on_new_event.assert_has_calls([call("typing_key", 1, rooms=[ROOM_ID])])
|
||||||
|
|
||||||
put_json = self.hs.get_http_client().put_json
|
put_json = self.hs.get_federation_http_client().put_json
|
||||||
put_json.assert_called_once_with(
|
put_json.assert_called_once_with(
|
||||||
"farm",
|
"farm",
|
||||||
path="/_matrix/federation/v1/send/1000000",
|
path="/_matrix/federation/v1/send/1000000",
|
||||||
|
|
|
@ -17,6 +17,7 @@ import logging
|
||||||
from mock import Mock
|
from mock import Mock
|
||||||
|
|
||||||
import treq
|
import treq
|
||||||
|
from netaddr import IPSet
|
||||||
from service_identity import VerificationError
|
from service_identity import VerificationError
|
||||||
from zope.interface import implementer
|
from zope.interface import implementer
|
||||||
|
|
||||||
|
@ -103,6 +104,7 @@ class MatrixFederationAgentTests(unittest.TestCase):
|
||||||
reactor=self.reactor,
|
reactor=self.reactor,
|
||||||
tls_client_options_factory=self.tls_factory,
|
tls_client_options_factory=self.tls_factory,
|
||||||
user_agent="test-agent", # Note that this is unused since _well_known_resolver is provided.
|
user_agent="test-agent", # Note that this is unused since _well_known_resolver is provided.
|
||||||
|
ip_blacklist=IPSet(),
|
||||||
_srv_resolver=self.mock_resolver,
|
_srv_resolver=self.mock_resolver,
|
||||||
_well_known_resolver=self.well_known_resolver,
|
_well_known_resolver=self.well_known_resolver,
|
||||||
)
|
)
|
||||||
|
@ -736,6 +738,7 @@ class MatrixFederationAgentTests(unittest.TestCase):
|
||||||
reactor=self.reactor,
|
reactor=self.reactor,
|
||||||
tls_client_options_factory=tls_factory,
|
tls_client_options_factory=tls_factory,
|
||||||
user_agent=b"test-agent", # This is unused since _well_known_resolver is passed below.
|
user_agent=b"test-agent", # This is unused since _well_known_resolver is passed below.
|
||||||
|
ip_blacklist=IPSet(),
|
||||||
_srv_resolver=self.mock_resolver,
|
_srv_resolver=self.mock_resolver,
|
||||||
_well_known_resolver=WellKnownResolver(
|
_well_known_resolver=WellKnownResolver(
|
||||||
self.reactor,
|
self.reactor,
|
||||||
|
|
|
@ -49,7 +49,9 @@ class HTTPPusherTests(HomeserverTestCase):
|
||||||
config = self.default_config()
|
config = self.default_config()
|
||||||
config["start_pushers"] = True
|
config["start_pushers"] = True
|
||||||
|
|
||||||
hs = self.setup_test_homeserver(config=config, proxied_http_client=m)
|
hs = self.setup_test_homeserver(
|
||||||
|
config=config, proxied_blacklisted_http_client=m
|
||||||
|
)
|
||||||
|
|
||||||
return hs
|
return hs
|
||||||
|
|
||||||
|
|
|
@ -67,7 +67,7 @@ class BaseStreamTestCase(unittest.HomeserverTestCase):
|
||||||
# Make a new HomeServer object for the worker
|
# Make a new HomeServer object for the worker
|
||||||
self.reactor.lookups["testserv"] = "1.2.3.4"
|
self.reactor.lookups["testserv"] = "1.2.3.4"
|
||||||
self.worker_hs = self.setup_test_homeserver(
|
self.worker_hs = self.setup_test_homeserver(
|
||||||
http_client=None,
|
federation_http_client=None,
|
||||||
homeserver_to_use=GenericWorkerServer,
|
homeserver_to_use=GenericWorkerServer,
|
||||||
config=self._get_worker_hs_config(),
|
config=self._get_worker_hs_config(),
|
||||||
reactor=self.reactor,
|
reactor=self.reactor,
|
||||||
|
@ -264,7 +264,7 @@ class BaseMultiWorkerStreamTestCase(unittest.HomeserverTestCase):
|
||||||
worker_app: Type of worker, e.g. `synapse.app.federation_sender`.
|
worker_app: Type of worker, e.g. `synapse.app.federation_sender`.
|
||||||
extra_config: Any extra config to use for this instances.
|
extra_config: Any extra config to use for this instances.
|
||||||
**kwargs: Options that get passed to `self.setup_test_homeserver`,
|
**kwargs: Options that get passed to `self.setup_test_homeserver`,
|
||||||
useful to e.g. pass some mocks for things like `http_client`
|
useful to e.g. pass some mocks for things like `federation_http_client`
|
||||||
|
|
||||||
Returns:
|
Returns:
|
||||||
The new worker HomeServer instance.
|
The new worker HomeServer instance.
|
||||||
|
|
|
@ -50,7 +50,7 @@ class FederationSenderTestCase(BaseMultiWorkerStreamTestCase):
|
||||||
self.make_worker_hs(
|
self.make_worker_hs(
|
||||||
"synapse.app.federation_sender",
|
"synapse.app.federation_sender",
|
||||||
{"send_federation": True},
|
{"send_federation": True},
|
||||||
http_client=mock_client,
|
federation_http_client=mock_client,
|
||||||
)
|
)
|
||||||
|
|
||||||
user = self.register_user("user", "pass")
|
user = self.register_user("user", "pass")
|
||||||
|
@ -81,7 +81,7 @@ class FederationSenderTestCase(BaseMultiWorkerStreamTestCase):
|
||||||
"worker_name": "sender1",
|
"worker_name": "sender1",
|
||||||
"federation_sender_instances": ["sender1", "sender2"],
|
"federation_sender_instances": ["sender1", "sender2"],
|
||||||
},
|
},
|
||||||
http_client=mock_client1,
|
federation_http_client=mock_client1,
|
||||||
)
|
)
|
||||||
|
|
||||||
mock_client2 = Mock(spec=["put_json"])
|
mock_client2 = Mock(spec=["put_json"])
|
||||||
|
@ -93,7 +93,7 @@ class FederationSenderTestCase(BaseMultiWorkerStreamTestCase):
|
||||||
"worker_name": "sender2",
|
"worker_name": "sender2",
|
||||||
"federation_sender_instances": ["sender1", "sender2"],
|
"federation_sender_instances": ["sender1", "sender2"],
|
||||||
},
|
},
|
||||||
http_client=mock_client2,
|
federation_http_client=mock_client2,
|
||||||
)
|
)
|
||||||
|
|
||||||
user = self.register_user("user2", "pass")
|
user = self.register_user("user2", "pass")
|
||||||
|
@ -144,7 +144,7 @@ class FederationSenderTestCase(BaseMultiWorkerStreamTestCase):
|
||||||
"worker_name": "sender1",
|
"worker_name": "sender1",
|
||||||
"federation_sender_instances": ["sender1", "sender2"],
|
"federation_sender_instances": ["sender1", "sender2"],
|
||||||
},
|
},
|
||||||
http_client=mock_client1,
|
federation_http_client=mock_client1,
|
||||||
)
|
)
|
||||||
|
|
||||||
mock_client2 = Mock(spec=["put_json"])
|
mock_client2 = Mock(spec=["put_json"])
|
||||||
|
@ -156,7 +156,7 @@ class FederationSenderTestCase(BaseMultiWorkerStreamTestCase):
|
||||||
"worker_name": "sender2",
|
"worker_name": "sender2",
|
||||||
"federation_sender_instances": ["sender1", "sender2"],
|
"federation_sender_instances": ["sender1", "sender2"],
|
||||||
},
|
},
|
||||||
http_client=mock_client2,
|
federation_http_client=mock_client2,
|
||||||
)
|
)
|
||||||
|
|
||||||
user = self.register_user("user3", "pass")
|
user = self.register_user("user3", "pass")
|
||||||
|
|
|
@ -98,7 +98,7 @@ class PusherShardTestCase(BaseMultiWorkerStreamTestCase):
|
||||||
self.make_worker_hs(
|
self.make_worker_hs(
|
||||||
"synapse.app.pusher",
|
"synapse.app.pusher",
|
||||||
{"start_pushers": True},
|
{"start_pushers": True},
|
||||||
proxied_http_client=http_client_mock,
|
proxied_blacklisted_http_client=http_client_mock,
|
||||||
)
|
)
|
||||||
|
|
||||||
event_id = self._create_pusher_and_send_msg("user")
|
event_id = self._create_pusher_and_send_msg("user")
|
||||||
|
@ -133,7 +133,7 @@ class PusherShardTestCase(BaseMultiWorkerStreamTestCase):
|
||||||
"worker_name": "pusher1",
|
"worker_name": "pusher1",
|
||||||
"pusher_instances": ["pusher1", "pusher2"],
|
"pusher_instances": ["pusher1", "pusher2"],
|
||||||
},
|
},
|
||||||
proxied_http_client=http_client_mock1,
|
proxied_blacklisted_http_client=http_client_mock1,
|
||||||
)
|
)
|
||||||
|
|
||||||
http_client_mock2 = Mock(spec_set=["post_json_get_json"])
|
http_client_mock2 = Mock(spec_set=["post_json_get_json"])
|
||||||
|
@ -148,7 +148,7 @@ class PusherShardTestCase(BaseMultiWorkerStreamTestCase):
|
||||||
"worker_name": "pusher2",
|
"worker_name": "pusher2",
|
||||||
"pusher_instances": ["pusher1", "pusher2"],
|
"pusher_instances": ["pusher1", "pusher2"],
|
||||||
},
|
},
|
||||||
proxied_http_client=http_client_mock2,
|
proxied_blacklisted_http_client=http_client_mock2,
|
||||||
)
|
)
|
||||||
|
|
||||||
# We choose a user name that we know should go to pusher1.
|
# We choose a user name that we know should go to pusher1.
|
||||||
|
|
|
@ -210,7 +210,7 @@ class QuarantineMediaTestCase(unittest.HomeserverTestCase):
|
||||||
}
|
}
|
||||||
config["media_storage_providers"] = [provider_config]
|
config["media_storage_providers"] = [provider_config]
|
||||||
|
|
||||||
hs = self.setup_test_homeserver(config=config, http_client=client)
|
hs = self.setup_test_homeserver(config=config, federation_http_client=client)
|
||||||
|
|
||||||
return hs
|
return hs
|
||||||
|
|
||||||
|
|
|
@ -38,7 +38,7 @@ class PresenceTestCase(unittest.HomeserverTestCase):
|
||||||
|
|
||||||
hs = self.setup_test_homeserver(
|
hs = self.setup_test_homeserver(
|
||||||
"red",
|
"red",
|
||||||
http_client=None,
|
federation_http_client=None,
|
||||||
federation_client=Mock(),
|
federation_client=Mock(),
|
||||||
presence_handler=presence_handler,
|
presence_handler=presence_handler,
|
||||||
)
|
)
|
||||||
|
|
|
@ -63,7 +63,7 @@ class MockHandlerProfileTestCase(unittest.TestCase):
|
||||||
hs = yield setup_test_homeserver(
|
hs = yield setup_test_homeserver(
|
||||||
self.addCleanup,
|
self.addCleanup,
|
||||||
"test",
|
"test",
|
||||||
http_client=None,
|
federation_http_client=None,
|
||||||
resource_for_client=self.mock_resource,
|
resource_for_client=self.mock_resource,
|
||||||
federation=Mock(),
|
federation=Mock(),
|
||||||
federation_client=Mock(),
|
federation_client=Mock(),
|
||||||
|
|
|
@ -45,7 +45,7 @@ class RoomBase(unittest.HomeserverTestCase):
|
||||||
def make_homeserver(self, reactor, clock):
|
def make_homeserver(self, reactor, clock):
|
||||||
|
|
||||||
self.hs = self.setup_test_homeserver(
|
self.hs = self.setup_test_homeserver(
|
||||||
"red", http_client=None, federation_client=Mock(),
|
"red", federation_http_client=None, federation_client=Mock(),
|
||||||
)
|
)
|
||||||
|
|
||||||
self.hs.get_federation_handler = Mock()
|
self.hs.get_federation_handler = Mock()
|
||||||
|
|
|
@ -39,7 +39,7 @@ class RoomTypingTestCase(unittest.HomeserverTestCase):
|
||||||
def make_homeserver(self, reactor, clock):
|
def make_homeserver(self, reactor, clock):
|
||||||
|
|
||||||
hs = self.setup_test_homeserver(
|
hs = self.setup_test_homeserver(
|
||||||
"red", http_client=None, federation_client=Mock(),
|
"red", federation_http_client=None, federation_client=Mock(),
|
||||||
)
|
)
|
||||||
|
|
||||||
self.event_source = hs.get_event_sources().sources["typing"]
|
self.event_source = hs.get_event_sources().sources["typing"]
|
||||||
|
|
|
@ -39,7 +39,7 @@ from tests.utils import default_config
|
||||||
class BaseRemoteKeyResourceTestCase(unittest.HomeserverTestCase):
|
class BaseRemoteKeyResourceTestCase(unittest.HomeserverTestCase):
|
||||||
def make_homeserver(self, reactor, clock):
|
def make_homeserver(self, reactor, clock):
|
||||||
self.http_client = Mock()
|
self.http_client = Mock()
|
||||||
return self.setup_test_homeserver(http_client=self.http_client)
|
return self.setup_test_homeserver(federation_http_client=self.http_client)
|
||||||
|
|
||||||
def create_test_resource(self):
|
def create_test_resource(self):
|
||||||
return create_resource_tree(
|
return create_resource_tree(
|
||||||
|
@ -172,7 +172,7 @@ class EndToEndPerspectivesTests(BaseRemoteKeyResourceTestCase):
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
self.hs2 = self.setup_test_homeserver(
|
self.hs2 = self.setup_test_homeserver(
|
||||||
http_client=self.http_client2, config=config
|
federation_http_client=self.http_client2, config=config
|
||||||
)
|
)
|
||||||
|
|
||||||
# wire up outbound POST /key/v2/query requests from hs2 so that they
|
# wire up outbound POST /key/v2/query requests from hs2 so that they
|
||||||
|
|
|
@ -214,7 +214,7 @@ class MediaRepoTests(unittest.HomeserverTestCase):
|
||||||
}
|
}
|
||||||
config["media_storage_providers"] = [provider_config]
|
config["media_storage_providers"] = [provider_config]
|
||||||
|
|
||||||
hs = self.setup_test_homeserver(config=config, http_client=client)
|
hs = self.setup_test_homeserver(config=config, federation_http_client=client)
|
||||||
|
|
||||||
return hs
|
return hs
|
||||||
|
|
||||||
|
|
|
@ -26,7 +26,7 @@ room_key = {
|
||||||
|
|
||||||
class E2eRoomKeysHandlerTestCase(unittest.HomeserverTestCase):
|
class E2eRoomKeysHandlerTestCase(unittest.HomeserverTestCase):
|
||||||
def make_homeserver(self, reactor, clock):
|
def make_homeserver(self, reactor, clock):
|
||||||
hs = self.setup_test_homeserver("server", http_client=None)
|
hs = self.setup_test_homeserver("server", federation_http_client=None)
|
||||||
self.store = hs.get_datastore()
|
self.store = hs.get_datastore()
|
||||||
return hs
|
return hs
|
||||||
|
|
||||||
|
|
|
@ -27,7 +27,7 @@ class PurgeTests(HomeserverTestCase):
|
||||||
servlets = [room.register_servlets]
|
servlets = [room.register_servlets]
|
||||||
|
|
||||||
def make_homeserver(self, reactor, clock):
|
def make_homeserver(self, reactor, clock):
|
||||||
hs = self.setup_test_homeserver("server", http_client=None)
|
hs = self.setup_test_homeserver("server", federation_http_client=None)
|
||||||
return hs
|
return hs
|
||||||
|
|
||||||
def prepare(self, reactor, clock, hs):
|
def prepare(self, reactor, clock, hs):
|
||||||
|
|
|
@ -34,7 +34,7 @@ class RedactionTestCase(unittest.HomeserverTestCase):
|
||||||
config = self.default_config()
|
config = self.default_config()
|
||||||
config["redaction_retention_period"] = "30d"
|
config["redaction_retention_period"] = "30d"
|
||||||
return self.setup_test_homeserver(
|
return self.setup_test_homeserver(
|
||||||
resource_for_federation=Mock(), http_client=None, config=config
|
resource_for_federation=Mock(), federation_http_client=None, config=config
|
||||||
)
|
)
|
||||||
|
|
||||||
def prepare(self, reactor, clock, hs):
|
def prepare(self, reactor, clock, hs):
|
||||||
|
|
|
@ -36,7 +36,7 @@ class RoomMemberStoreTestCase(unittest.HomeserverTestCase):
|
||||||
|
|
||||||
def make_homeserver(self, reactor, clock):
|
def make_homeserver(self, reactor, clock):
|
||||||
hs = self.setup_test_homeserver(
|
hs = self.setup_test_homeserver(
|
||||||
resource_for_federation=Mock(), http_client=None
|
resource_for_federation=Mock(), federation_http_client=None
|
||||||
)
|
)
|
||||||
return hs
|
return hs
|
||||||
|
|
||||||
|
|
|
@ -37,7 +37,7 @@ class MessageAcceptTests(unittest.HomeserverTestCase):
|
||||||
self.hs_clock = Clock(self.reactor)
|
self.hs_clock = Clock(self.reactor)
|
||||||
self.homeserver = setup_test_homeserver(
|
self.homeserver = setup_test_homeserver(
|
||||||
self.addCleanup,
|
self.addCleanup,
|
||||||
http_client=self.http_client,
|
federation_http_client=self.http_client,
|
||||||
clock=self.hs_clock,
|
clock=self.hs_clock,
|
||||||
reactor=self.reactor,
|
reactor=self.reactor,
|
||||||
)
|
)
|
||||||
|
|
|
@ -38,7 +38,10 @@ class JsonResourceTests(unittest.TestCase):
|
||||||
self.reactor = ThreadedMemoryReactorClock()
|
self.reactor = ThreadedMemoryReactorClock()
|
||||||
self.hs_clock = Clock(self.reactor)
|
self.hs_clock = Clock(self.reactor)
|
||||||
self.homeserver = setup_test_homeserver(
|
self.homeserver = setup_test_homeserver(
|
||||||
self.addCleanup, http_client=None, clock=self.hs_clock, reactor=self.reactor
|
self.addCleanup,
|
||||||
|
federation_http_client=None,
|
||||||
|
clock=self.hs_clock,
|
||||||
|
reactor=self.reactor,
|
||||||
)
|
)
|
||||||
|
|
||||||
def test_handler_for_request(self):
|
def test_handler_for_request(self):
|
||||||
|
|
Loading…
Reference in New Issue