words

synapse/config/tls.py

@@ -111,7 +111,7 @@ class TlsConfig(Config):
             except Exception:
                 logger.exception("Failed to parse custom CA certificate off disk!")
                 raise
-                
+
         self.federation_custom_ca_list = trustRootFromCertificates(certs)
 
         # This config option applies to non-federation HTTP clients

synapse/crypto/context_factory.py

@@ -127,7 +127,6 @@ class ClientTLSOptionsFactory(object):
     to remote servers for federation."""
 
     def __init__(self, config):
-        # We don't use config options yet
         self._options_validate = CertificateOptions(
             # This option implies verify=True
             trustRoot=config.federation_custom_ca_list,
@@ -137,11 +136,11 @@ class ClientTLSOptionsFactory(object):
     def get_options(self, host, config):
         # Use _makeContext so that we get a fresh OpenSSL CTX each time.
 
-        # Check if certificate validation has been enabled
+        # Check if certificate verification has been enabled
         if (config.federation_verify_certificates and
                 host not in config.federation_certificate_validation_whitelist):
-            # Require validation
+            # Require verification
             return ClientTLSOptions(host, self._options_validate._makeContext())
 
-        # Otherwise don't require validation
+        # Otherwise don't require verification
         return ClientTLSOptions(host, self._options_novalidate._makeContext())