From 3bcbabc9fb5446e74a675352e22963d528189957 Mon Sep 17 00:00:00 2001
From: Daniel Wagner-Hall <daniel@matrix.org>
Date: Tue, 15 Sep 2015 15:46:22 +0100
Subject: [PATCH] Rename context factory
Mjark is officially no fun.
---
synapse/http/client.py | 6 +++---
synapse/server.py | 4 ++--
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/synapse/http/client.py b/synapse/http/client.py
index 815a838729..0933388c04 100644
--- a/synapse/http/client.py
+++ b/synapse/http/client.py
@@ -261,11 +261,11 @@ def _print_ex(e):
logger.exception(e)
-class WoefullyInsecureContextFactory(ssl.ContextFactory):
+class InsecureInterceptableContextFactory(ssl.ContextFactory):
"""
- Factory for PyOpenSSL SSL contexts which does absolutely no certificate verification.
+ Factory for PyOpenSSL SSL contexts which accepts any certificate for any domain.
- Do not use this unless you really, really hate your users.
+ Do not use this since it allows an attacker to intercept your communications.
"""
def __init__(self):
diff --git a/synapse/server.py b/synapse/server.py
index 656e534dff..d96c5a573a 100644
--- a/synapse/server.py
+++ b/synapse/server.py
@@ -21,7 +21,7 @@
# Imports required for the default HomeServer() implementation
from twisted.web.client import BrowserLikePolicyForHTTPS
from synapse.federation import initialize_http_replication
-from synapse.http.client import SimpleHttpClient, WoefullyInsecureContextFactory
+from synapse.http.client import SimpleHttpClient, InsecureInterceptableContextFactory
from synapse.notifier import Notifier
from synapse.api.auth import Auth
from synapse.handlers import Handlers
@@ -181,7 +181,7 @@ class HomeServer(BaseHomeServer):
def build_http_client_context_factory(self):
config = self.get_config()
return (
- WoefullyInsecureContextFactory() if config.use_insecure_ssl_client
+ InsecureInterceptableContextFactory() if config.use_insecure_ssl_client
else BrowserLikePolicyForHTTPS()
)
--
GitLab