Consider IP whitelist for identity server resolution

Signed-off-by: Robert Edström <github@legogris.se>
matrix-org · Oct 19, 2021 · c2ba9e6 · c2ba9e6
1 parent f3efa00
commit c2ba9e6
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 1 deletion.
diff --git a/changelog.d/11120.bugfix b/changelog.d/11120.bugfix
@@ -0,0 +1 @@
+Identity server connection is no longer ignoring `ip_range_whitelist`.
diff --git a/synapse/handlers/identity.py b/synapse/handlers/identity.py
@@ -54,7 +54,9 @@ def __init__(self, hs: "HomeServer"):
         self.http_client = SimpleHttpClient(hs)
         # An HTTP client for contacting identity servers specified by clients.
         self.blacklisting_http_client = SimpleHttpClient(
-            hs, ip_blacklist=hs.config.server.federation_ip_range_blacklist
+            hs,
+            ip_blacklist=hs.config.server.federation_ip_range_blacklist,
+            ip_whitelist=hs.config.server.federation_ip_range_whitelist,
         )
         self.federation_http_client = hs.get_federation_http_client()
         self.hs = hs
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		Identity server connection is no longer ignoring `ip_range_whitelist`.