summary refs log tree commit diff
path: root/docs (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Merge tag 'v1.13.0'Patrick Cloke2020-05-1920-209/+882
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.13.0 (2020-05-19) =========================== This release brings some potential changes necessary for certain configurations of Synapse: * If your Synapse is configured to use SSO and have a custom `sso_redirect_confirm_template_dir` configuration option set, you will need to duplicate the new `sso_auth_confirm.html`, `sso_auth_success.html` and `sso_account_deactivated.html` templates into that directory. * Synapse plugins using the `complete_sso_login` method of `synapse.module_api.ModuleApi` should instead switch to the async/await version, `complete_sso_login_async`, which includes additional checks. The former version is now deprecated. * A bug was introduced in Synapse 1.4.0 which could cause the room directory to be incomplete or empty if Synapse was upgraded directly from v1.2.1 or earlier, to versions between v1.4.0 and v1.12.x. Please review [UPGRADE.rst](https://github.com/matrix-org/synapse/blob/master/UPGRADE.rst) for more details on these changes and for general upgrade guidance. Notice of change to the default `git` branch for Synapse -------------------------------------------------------- With the release of Synapse 1.13.0, the default `git` branch for Synapse has changed to `develop`, which is the development tip. This is more consistent with common practice and modern `git` usage. The `master` branch, which tracks the latest release, is still available. It is recommended that developers and distributors who have scripts which run builds using the default branch of Synapse should therefore consider pinning their scripts to `master`. Features -------- - Extend the `web_client_location` option to accept an absolute URL to use as a redirect. Adds a warning when running the web client on the same hostname as homeserver. Contributed by Martin Milata. ([\#7006](https://github.com/matrix-org/synapse/issues/7006)) - Set `Referrer-Policy` header to `no-referrer` on media downloads. ([\#7009](https://github.com/matrix-org/synapse/issues/7009)) - Add support for running replication over Redis when using workers. ([\#7040](https://github.com/matrix-org/synapse/issues/7040), [\#7325](https://github.com/matrix-org/synapse/issues/7325), [\#7352](https://github.com/matrix-org/synapse/issues/7352), [\#7401](https://github.com/matrix-org/synapse/issues/7401), [\#7427](https://github.com/matrix-org/synapse/issues/7427), [\#7439](https://github.com/matrix-org/synapse/issues/7439), [\#7446](https://github.com/matrix-org/synapse/issues/7446), [\#7450](https://github.com/matrix-org/synapse/issues/7450), [\#7454](https://github.com/matrix-org/synapse/issues/7454)) - Admin API `POST /_synapse/admin/v1/join/<roomIdOrAlias>` to join users to a room like `auto_join_rooms` for creation of users. ([\#7051](https://github.com/matrix-org/synapse/issues/7051)) - Add options to prevent users from changing their profile or associated 3PIDs. ([\#7096](https://github.com/matrix-org/synapse/issues/7096)) - Support SSO in the user interactive authentication workflow. ([\#7102](https://github.com/matrix-org/synapse/issues/7102), [\#7186](https://github.com/matrix-org/synapse/issues/7186), [\#7279](https://github.com/matrix-org/synapse/issues/7279), [\#7343](https://github.com/matrix-org/synapse/issues/7343)) - Allow server admins to define and enforce a password policy ([MSC2000](https://github.com/matrix-org/matrix-doc/issues/2000)). ([\#7118](https://github.com/matrix-org/synapse/issues/7118)) - Improve the support for SSO authentication on the login fallback page. ([\#7152](https://github.com/matrix-org/synapse/issues/7152), [\#7235](https://github.com/matrix-org/synapse/issues/7235)) - Always whitelist the login fallback in the SSO configuration if `public_baseurl` is set. ([\#7153](https://github.com/matrix-org/synapse/issues/7153)) - Admin users are no longer required to be in a room to create an alias for it. ([\#7191](https://github.com/matrix-org/synapse/issues/7191)) - Require admin privileges to enable room encryption by default. This does not affect existing rooms. ([\#7230](https://github.com/matrix-org/synapse/issues/7230)) - Add a config option for specifying the value of the Accept-Language HTTP header when generating URL previews. ([\#7265](https://github.com/matrix-org/synapse/issues/7265)) - Allow `/requestToken` endpoints to hide the existence (or lack thereof) of 3PID associations on the homeserver. ([\#7315](https://github.com/matrix-org/synapse/issues/7315)) - Add a configuration setting to tweak the threshold for dummy events. ([\#7422](https://github.com/matrix-org/synapse/issues/7422)) Bugfixes -------- - Don't attempt to use an invalid sqlite config if no database configuration is provided. Contributed by @nekatak. ([\#6573](https://github.com/matrix-org/synapse/issues/6573)) - Fix single-sign on with CAS systems: pass the same service URL when requesting the CAS ticket and when calling the `proxyValidate` URL. Contributed by @Naugrimm. ([\#6634](https://github.com/matrix-org/synapse/issues/6634)) - Fix missing field `default` when fetching user-defined push rules. ([\#6639](https://github.com/matrix-org/synapse/issues/6639)) - Improve error responses when accessing remote public room lists. ([\#6899](https://github.com/matrix-org/synapse/issues/6899), [\#7368](https://github.com/matrix-org/synapse/issues/7368)) - Transfer alias mappings on room upgrade. ([\#6946](https://github.com/matrix-org/synapse/issues/6946)) - Ensure that a user interactive authentication session is tied to a single request. ([\#7068](https://github.com/matrix-org/synapse/issues/7068), [\#7455](https://github.com/matrix-org/synapse/issues/7455)) - Fix a bug in the federation API which could cause occasional "Failed to get PDU" errors. ([\#7089](https://github.com/matrix-org/synapse/issues/7089)) - Return the proper error (`M_BAD_ALIAS`) when a non-existant canonical alias is provided. ([\#7109](https://github.com/matrix-org/synapse/issues/7109)) - Fix a bug which meant that groups updates were not correctly replicated between workers. ([\#7117](https://github.com/matrix-org/synapse/issues/7117)) - Fix starting workers when federation sending not split out. ([\#7133](https://github.com/matrix-org/synapse/issues/7133)) - Ensure `is_verified` is a boolean in responses to `GET /_matrix/client/r0/room_keys/keys`. Also warn the user if they forgot the `version` query param. ([\#7150](https://github.com/matrix-org/synapse/issues/7150)) - Fix error page being shown when a custom SAML handler attempted to redirect when processing an auth response. ([\#7151](https://github.com/matrix-org/synapse/issues/7151)) - Avoid importing `sqlite3` when using the postgres backend. Contributed by David Vo. ([\#7155](https://github.com/matrix-org/synapse/issues/7155)) - Fix excessive CPU usage by `prune_old_outbound_device_pokes` job. ([\#7159](https://github.com/matrix-org/synapse/issues/7159)) - Fix a bug which could cause outbound federation traffic to stop working if a client uploaded an incorrect e2e device signature. ([\#7177](https://github.com/matrix-org/synapse/issues/7177)) - Fix a bug which could cause incorrect 'cyclic dependency' error. ([\#7178](https://github.com/matrix-org/synapse/issues/7178)) - Fix a bug that could cause a user to be invited to a server notices (aka System Alerts) room without any notice being sent. ([\#7199](https://github.com/matrix-org/synapse/issues/7199)) - Fix some worker-mode replication handling not being correctly recorded in CPU usage stats. ([\#7203](https://github.com/matrix-org/synapse/issues/7203)) - Do not allow a deactivated user to login via SSO. ([\#7240](https://github.com/matrix-org/synapse/issues/7240), [\#7259](https://github.com/matrix-org/synapse/issues/7259)) - Fix --help command-line argument. ([\#7249](https://github.com/matrix-org/synapse/issues/7249)) - Fix room publish permissions not being checked on room creation. ([\#7260](https://github.com/matrix-org/synapse/issues/7260)) - Reject unknown session IDs during user interactive authentication instead of silently creating a new session. ([\#7268](https://github.com/matrix-org/synapse/issues/7268)) - Fix a SQL query introduced in Synapse 1.12.0 which could cause large amounts of logging to the postgres slow-query log. ([\#7274](https://github.com/matrix-org/synapse/issues/7274)) - Persist user interactive authentication sessions across workers and Synapse restarts. ([\#7302](https://github.com/matrix-org/synapse/issues/7302)) - Fixed backwards compatibility logic of the first value of `trusted_third_party_id_servers` being used for `account_threepid_delegates.email`, which occurs when the former, deprecated option is set and the latter is not. ([\#7316](https://github.com/matrix-org/synapse/issues/7316)) - Fix a bug where event updates might not be sent over replication to worker processes after the stream falls behind. ([\#7337](https://github.com/matrix-org/synapse/issues/7337), [\#7358](https://github.com/matrix-org/synapse/issues/7358)) - Fix bad error handling that would cause Synapse to crash if it's provided with a YAML configuration file that's either empty or doesn't parse into a key-value map. ([\#7341](https://github.com/matrix-org/synapse/issues/7341)) - Fix incorrect metrics reporting for `renew_attestations` background task. ([\#7344](https://github.com/matrix-org/synapse/issues/7344)) - Prevent non-federating rooms from appearing in responses to federated `POST /publicRoom` requests when a filter was included. ([\#7367](https://github.com/matrix-org/synapse/issues/7367)) - Fix a bug which would cause the room durectory to be incorrectly populated if Synapse was upgraded directly from v1.2.1 or earlier to v1.4.0 or later. Note that this fix does not apply retrospectively; see the [upgrade notes](UPGRADE.rst#upgrading-to-v1130) for more information. ([\#7387](https://github.com/matrix-org/synapse/issues/7387)) - Fix bug in `EventContext.deserialize`. ([\#7393](https://github.com/matrix-org/synapse/issues/7393)) - Fix a long-standing bug which could cause messages not to be sent over federation, when state events with state keys matching user IDs (such as custom user statuses) were received. ([\#7376](https://github.com/matrix-org/synapse/issues/7376)) - Restore compatibility with non-compliant clients during the user interactive authentication process, fixing a problem introduced in v1.13.0rc1. ([\#7483](https://github.com/matrix-org/synapse/issues/7483)) - Hash passwords as early as possible during registration. ([\#7523](https://github.com/matrix-org/synapse/issues/7523)) Improved Documentation ---------------------- - Update Debian installation instructions to recommend installing the `virtualenv` package instead of `python3-virtualenv`. ([\#6892](https://github.com/matrix-org/synapse/issues/6892)) - Improve the documentation for database configuration. ([\#6988](https://github.com/matrix-org/synapse/issues/6988)) - Improve the documentation of application service configuration files. ([\#7091](https://github.com/matrix-org/synapse/issues/7091)) - Update pre-built package name for FreeBSD. ([\#7107](https://github.com/matrix-org/synapse/issues/7107)) - Update postgres docs with login troubleshooting information. ([\#7119](https://github.com/matrix-org/synapse/issues/7119)) - Clean up INSTALL.md a bit. ([\#7141](https://github.com/matrix-org/synapse/issues/7141)) - Add documentation for running a local CAS server for testing. ([\#7147](https://github.com/matrix-org/synapse/issues/7147)) - Improve README.md by being explicit about public IP recommendation for TURN relaying. ([\#7167](https://github.com/matrix-org/synapse/issues/7167)) - Fix a small typo in the `metrics_flags` config option. ([\#7171](https://github.com/matrix-org/synapse/issues/7171)) - Update the contributed documentation on managing synapse workers with systemd, and bring it into the core distribution. ([\#7234](https://github.com/matrix-org/synapse/issues/7234)) - Add documentation to the `password_providers` config option. Add known password provider implementations to docs. ([\#7238](https://github.com/matrix-org/synapse/issues/7238), [\#7248](https://github.com/matrix-org/synapse/issues/7248)) - Modify suggested nginx reverse proxy configuration to match Synapse's default file upload size. Contributed by @ProCycleDev. ([\#7251](https://github.com/matrix-org/synapse/issues/7251)) - Documentation of media_storage_providers options updated to avoid misunderstandings. Contributed by Tristan Lins. ([\#7272](https://github.com/matrix-org/synapse/issues/7272)) - Add documentation on monitoring workers with Prometheus. ([\#7357](https://github.com/matrix-org/synapse/issues/7357)) - Clarify endpoint usage in the users admin api documentation. ([\#7361](https://github.com/matrix-org/synapse/issues/7361)) Deprecations and Removals ------------------------- - Remove nonfunctional `captcha_bypass_secret` option from `homeserver.yaml`. ([\#7137](https://github.com/matrix-org/synapse/issues/7137)) Internal Changes ---------------- - Add benchmarks for LruCache. ([\#6446](https://github.com/matrix-org/synapse/issues/6446)) - Return total number of users and profile attributes in admin users endpoint. Contributed by Awesome Technologies Innovationslabor GmbH. ([\#6881](https://github.com/matrix-org/synapse/issues/6881)) - Change device list streams to have one row per ID. ([\#7010](https://github.com/matrix-org/synapse/issues/7010)) - Remove concept of a non-limited stream. ([\#7011](https://github.com/matrix-org/synapse/issues/7011)) - Move catchup of replication streams logic to worker. ([\#7024](https://github.com/matrix-org/synapse/issues/7024), [\#7195](https://github.com/matrix-org/synapse/issues/7195), [\#7226](https://github.com/matrix-org/synapse/issues/7226), [\#7239](https://github.com/matrix-org/synapse/issues/7239), [\#7286](https://github.com/matrix-org/synapse/issues/7286), [\#7290](https://github.com/matrix-org/synapse/issues/7290), [\#7318](https://github.com/matrix-org/synapse/issues/7318), [\#7326](https://github.com/matrix-org/synapse/issues/7326), [\#7378](https://github.com/matrix-org/synapse/issues/7378), [\#7421](https://github.com/matrix-org/synapse/issues/7421)) - Convert some of synapse.rest.media to async/await. ([\#7110](https://github.com/matrix-org/synapse/issues/7110), [\#7184](https://github.com/matrix-org/synapse/issues/7184), [\#7241](https://github.com/matrix-org/synapse/issues/7241)) - De-duplicate / remove unused REST code for login and auth. ([\#7115](https://github.com/matrix-org/synapse/issues/7115)) - Convert `*StreamRow` classes to inner classes. ([\#7116](https://github.com/matrix-org/synapse/issues/7116)) - Clean up some LoggingContext code. ([\#7120](https://github.com/matrix-org/synapse/issues/7120), [\#7181](https://github.com/matrix-org/synapse/issues/7181), [\#7183](https://github.com/matrix-org/synapse/issues/7183), [\#7408](https://github.com/matrix-org/synapse/issues/7408), [\#7426](https://github.com/matrix-org/synapse/issues/7426)) - Add explicit `instance_id` for USER_SYNC commands and remove implicit `conn_id` usage. ([\#7128](https://github.com/matrix-org/synapse/issues/7128)) - Refactored the CAS authentication logic to a separate class. ([\#7136](https://github.com/matrix-org/synapse/issues/7136)) - Run replication streamers on workers. ([\#7146](https://github.com/matrix-org/synapse/issues/7146)) - Add tests for outbound device pokes. ([\#7157](https://github.com/matrix-org/synapse/issues/7157)) - Fix device list update stream ids going backward. ([\#7158](https://github.com/matrix-org/synapse/issues/7158)) - Use `stream.current_token()` and remove `stream_positions()`. ([\#7172](https://github.com/matrix-org/synapse/issues/7172)) - Move client command handling out of TCP protocol. ([\#7185](https://github.com/matrix-org/synapse/issues/7185)) - Move server command handling out of TCP protocol. ([\#7187](https://github.com/matrix-org/synapse/issues/7187)) - Fix consistency of HTTP status codes reported in log lines. ([\#7188](https://github.com/matrix-org/synapse/issues/7188)) - Only run one background database update at a time. ([\#7190](https://github.com/matrix-org/synapse/issues/7190)) - Remove sent outbound device list pokes from the database. ([\#7192](https://github.com/matrix-org/synapse/issues/7192)) - Add a background database update job to clear out duplicate `device_lists_outbound_pokes`. ([\#7193](https://github.com/matrix-org/synapse/issues/7193)) - Remove some extraneous debugging log lines. ([\#7207](https://github.com/matrix-org/synapse/issues/7207)) - Add explicit Python build tooling as dependencies for the snapcraft build. ([\#7213](https://github.com/matrix-org/synapse/issues/7213)) - Add typing information to federation server code. ([\#7219](https://github.com/matrix-org/synapse/issues/7219)) - Extend room admin api (`GET /_synapse/admin/v1/rooms`) with additional attributes. ([\#7225](https://github.com/matrix-org/synapse/issues/7225)) - Unblacklist '/upgrade creates a new room' sytest for workers. ([\#7228](https://github.com/matrix-org/synapse/issues/7228)) - Remove redundant checks on `daemonize` from synctl. ([\#7233](https://github.com/matrix-org/synapse/issues/7233)) - Upgrade jQuery to v3.4.1 on fallback login/registration pages. ([\#7236](https://github.com/matrix-org/synapse/issues/7236)) - Change log line that told user to implement onLogin/onRegister fallback js functions to a warning, instead of an info, so it's more visible. ([\#7237](https://github.com/matrix-org/synapse/issues/7237)) - Correct the parameters of a test fixture. Contributed by Isaiah Singletary. ([\#7243](https://github.com/matrix-org/synapse/issues/7243)) - Convert auth handler to async/await. ([\#7261](https://github.com/matrix-org/synapse/issues/7261)) - Add some unit tests for replication. ([\#7278](https://github.com/matrix-org/synapse/issues/7278)) - Improve typing annotations in `synapse.replication.tcp.streams.Stream`. ([\#7291](https://github.com/matrix-org/synapse/issues/7291)) - Reduce log verbosity of url cache cleanup tasks. ([\#7295](https://github.com/matrix-org/synapse/issues/7295)) - Fix sample SAML Service Provider configuration. Contributed by @frcl. ([\#7300](https://github.com/matrix-org/synapse/issues/7300)) - Fix StreamChangeCache to work with multiple entities changing on the same stream id. ([\#7303](https://github.com/matrix-org/synapse/issues/7303)) - Fix an incorrect import in IdentityHandler. ([\#7319](https://github.com/matrix-org/synapse/issues/7319)) - Reduce logging verbosity for successful federation requests. ([\#7321](https://github.com/matrix-org/synapse/issues/7321)) - Convert some federation handler code to async/await. ([\#7338](https://github.com/matrix-org/synapse/issues/7338)) - Fix collation for postgres for unit tests. ([\#7359](https://github.com/matrix-org/synapse/issues/7359)) - Convert RegistrationWorkerStore.is_server_admin and dependent code to async/await. ([\#7363](https://github.com/matrix-org/synapse/issues/7363)) - Add an `instance_name` to `RDATA` and `POSITION` replication commands. ([\#7364](https://github.com/matrix-org/synapse/issues/7364)) - Thread through instance name to replication client. ([\#7369](https://github.com/matrix-org/synapse/issues/7369)) - Convert synapse.server_notices to async/await. ([\#7394](https://github.com/matrix-org/synapse/issues/7394)) - Convert synapse.notifier to async/await. ([\#7395](https://github.com/matrix-org/synapse/issues/7395)) - Fix issues with the Python package manifest. ([\#7404](https://github.com/matrix-org/synapse/issues/7404)) - Prevent methods in `synapse.handlers.auth` from polling the homeserver config every request. ([\#7420](https://github.com/matrix-org/synapse/issues/7420)) - Speed up fetching device lists changes when handling `/sync` requests. ([\#7423](https://github.com/matrix-org/synapse/issues/7423)) - Run group attestation renewal in series rather than parallel for performance. ([\#7442](https://github.com/matrix-org/synapse/issues/7442)) - Fix linting errors in new version of Flake8. ([\#7470](https://github.com/matrix-org/synapse/issues/7470)) - Update the version of dh-virtualenv we use to build debs, and add focal to the list of target distributions. ([\#7526](https://github.com/matrix-org/synapse/issues/7526))
| * Documentation on setting up redis (#7446)Neil Johnson2020-05-111-60/+107
| |
| * Add a configuration setting for the dummy event threshold (#7422)Brendan Abolivier2020-05-071-0/+12
| | | | | | Add dummy_events_threshold which allows configuring the number of forward extremities a room needs for Synapse to send forward extremities in it.
| * Add instance name to RDATA/POSITION commands (#7364)Erik Johnston2020-04-291-17/+24
| | | | | | | | | | This is primarily for allowing us to send those commands from workers, but for now simply allows us to ignore echoed RDATA/POSITION commands that we sent (we get echoes of sent commands when using redis). Currently we log a WARNING on the master process every time we receive an echoed RDATA.
| * Clean up admin api docs (#7361)Andrew Morgan2020-04-281-18/+42
| |
| * Return total number of users and profile attributes in admin users endpoint ↵Manuel Stahl2020-04-281-3/+8
| | | | | | | | | | (#6881) Signed-off-by: Manuel Stahl <manuel.stahl@awesome-technologies.de>
| * Document monitoring workers (#7357)Brendan Abolivier2020-04-271-0/+25
| | | | | | It doesn't seem to be documented anywhere and means that you suddenly start losing metrics without any obvious reason when you go from monolith to workers (e.g. #7312).
| * Add some explanation to application_services.md (#7091)lub2020-04-271-0/+4
| | | | | | Signed-off-by: Simon Körner <git@lubiland.de>
| * Add documentation to the sample config about the templates for SSO. (#7343)Patrick Cloke2020-04-241-0/+24
| |
| * Revert "Revert "Merge pull request #7315 from ↵Brendan Abolivier2020-04-231-0/+10
| | | | | | | | | | | | matrix-org/babolivier/request_token"" This reverts commit 1adf6a55870aa08de272591ff49db9dc49738076.
| * Merge branch 'master' into developBrendan Abolivier2020-04-231-1/+1
| |\
| * | Stop the master relaying USER_SYNC for other workers (#7318)Richard van der Hoff2020-04-221-5/+1
| | | | | | | | | | | | | | | | | | | | | Long story short: if we're handling presence on the current worker, we shouldn't be sending USER_SYNC commands over replication. In an attempt to figure out what is going on here, I ended up refactoring some bits of the presencehandler code, so the first 4 commits here are non-functional refactors to move this code slightly closer to sanity. (There's still plenty to do here :/). Suggest reviewing individual commits. Fixes (I hope) #7257.
| * | Extend room admin api with additional attributes (#7225)Dirk Klimpel2020-04-221-7/+100
| | |
| * | Merge branch 'release-v1.12.4' into developRichard van der Hoff2020-04-221-0/+2
| |\ \
| * | | Fix indention in generated config file (#7300)Lars Franke2020-04-201-26/+26
| | | | | | | | | | | | | | | | | | | | | | | | Also adjust sample_config.yaml Signed-off-by: Lars Franke <frcl@mailbox.org>
| * | | Clarify the comments for media_storage_providers options (#7272)Tristan Lins2020-04-171-4/+3
| | | |
| * | | Allow specifying the value of Accept-Language header for URL previews (#7265)Andrew Morgan2020-04-151-0/+25
| | | |
| * | | Add setting to nginx configuration to allow larger file uploads (#7251)Ryan Hovland2020-04-131-0/+3
| | | |
| * | | Add matrix-synapse-shared-secret-auth as an example password provider (#7248)Andrew Morgan2020-04-091-0/+1
| | | |
| * | | Make systemd-with-workers doc official (#7234)Richard van der Hoff2020-04-086-15/+160
| | | | | | | | | | | | | | | | Simplify and update this documentation, and make it part of the core dist.
| * | | Add documentation to password_providers config option (#7238)Andrew Morgan2020-04-082-2/+17
| | | |
| * | | Extend web_client_location to handle absolute URLs (#7006)Martin Milata2020-04-031-3/+8
| | | | | | | | | | | | | | | | | | | | Log warning when filesystem path is used. Signed-off-by: Martin Milata <martin@martinmilata.cz>
| * | | Update postgres.md (#7119)siroccal2020-04-011-1/+27
| | | |
| * | | Improve TURN documentation. (#7167)Jostein Kjønigsen2020-03-311-0/+7
| | | |
| * | | Fix a small typo in the `metrics_flags` config option. (#7171)Andrew Morgan2020-03-301-1/+1
| | | |
| * | | Remove usage of "conn_id" for presence. (#7128)Erik Johnston2020-03-301-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Remove `conn_id` usage for UserSyncCommand. Each tcp replication connection is assigned a "conn_id", which is used to give an ID to a remotely connected worker. In a redis world, there will no longer be a one to one mapping between connection and instance, so instead we need to replace such usages with an ID generated by the remote instances and included in the replicaiton commands. This really only effects UserSyncCommand. * Add CLEAR_USER_SYNCS command that is sent on shutdown. This should help with the case where a synchrotron gets restarted gracefully, rather than rely on 5 minute timeout.
| * | | Add developer documentation for running a local CAS server (#7147)Patrick Cloke2020-03-302-2/+70
| | | |
| * | | Always whitelist the login fallback for SSO (#7153)Richard van der Hoff2020-03-271-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | That fallback sets the redirect URL to itself (so it can process the login token then return gracefully to the client). This would make it pointless to ask the user for confirmation, since the URL the confirmation page would be showing wouldn't be the client's.
| * | | Admin API to join users to a room. (#7051)Dirk Klimpel2020-03-271-0/+34
| | | |
| * | | Add options to prevent users from changing their profile. (#7096)Dirk Klimpel2020-03-271-0/+23
| | | |
| * | | Allow server admins to define and enforce a password policy (MSC2000). (#7118)Dirk Klimpel2020-03-261-0/+35
| | | |
| * | | Remove unused captcha_bypass_secret option (#7137)Aaron Raimist2020-03-251-4/+0
| | | | | | | | | | | | Signed-off-by: Aaron Raimist <aaron@raim.ist>
| * | | Move catchup of replication streams to worker. (#7024)Erik Johnston2020-03-251-33/+13
| | | | | | | | | | | | This changes the replication protocol so that the server does not send down `RDATA` for rows that happened before the client connected. Instead, the server will send a `POSITION` and clients then query the database (or master out of band) to get up to date.
| * | | Clean up some LoggingContext stuff (#7120)Richard van der Hoff2020-03-241-3/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Pull Sentinel out of LoggingContext ... and drop a few unnecessary references to it * Factor out LoggingContext.current_context move `current_context` and `set_context` out to top-level functions. Mostly this means that I can more easily trace what's actually referring to LoggingContext, but I think it's generally neater. * move copy-to-parent into `stop` this really just makes `start` and `stop` more symetric. It also means that it behaves correctly if you manually `set_log_context` rather than using the context manager. * Replace `LoggingContext.alive` with `finished` Turn `alive` into `finished` and make it a bit better defined.
| * | | Merge branch 'master' into developRichard van der Hoff2020-03-231-2/+1
| |\ \ \
| * | | | Improve database configuration docs (#6988)Richard van der Hoff2020-03-202-15/+70
| | | | | | | | | | | | | | | | | | | | | | | | | Attempts to clarify the sample config for databases, and add some stuff about tcp keepalives to `postgres.md`.
* | | | | Notes on using git (#7496)Richard van der Hoff2020-05-144-0/+148
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * general updates to CONTRIBUTING.md * notes on updating your PR * Notes on squash-merging or otherwise * document git branching model
* | | | | Update reverse_proxy.mdRichard van der Hoff2020-05-051-4/+4
| | | | | | | | | | | | | | | a couple of cleanups
* | | | | Merge tag 'v1.12.4'Patrick Cloke2020-04-231-0/+2
|\ \ \ \ \ | | |_|/ / | |/| | / | |_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse v1.12.4 Features: * Always send users their own device updates. (#7160) * Add support for handling GET requests for account_data on a worker. (#7311) Bugfixes: * Fix a bug that prevented cross-signing with users on worker-mode synapses. (#7255) * Do not treat display names as globs in push rules. (#7271) * Fix a bug with cross-signing devices belonging to remote users who did not share a room with any user on the local homeserver. (#7289)
| * | | Support GET account_data requests on a worker (#7311)Richard van der Hoff2020-04-211-0/+2
| |/ /
* | | Revert "Merge pull request #7315 from matrix-org/babolivier/request_token"Brendan Abolivier2020-04-231-10/+0
| | | | | | | | | | | | | | | This reverts commit 6f4319368b3afab661c55367b9348f9b77bc04a5, reversing changes made to 0d775fcc2d0c7b6a07dad5430256d4d6c75a9f0d.
* | | Merge pull request #7315 from matrix-org/babolivier/request_tokenBrendan Abolivier2020-04-231-0/+10
|\ \ \ | | | | | | | | Config option to inhibit 3PID errors on /requestToken
| * | | Config option to inhibit 3PID errors on /requestTokenBrendan Abolivier2020-04-221-0/+10
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | Adds a request_token_inhibit_errors configuration flag (disabled by default) which, if enabled, change the behaviour of all /requestToken endpoints so that they return a 200 and a fake sid if the 3PID was/was not found associated with an account (depending on the endpoint), instead of an error. Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
* | | Improve example TURN configuration in documentation (#7284)nataraj-hates-MS-for-stealing-github2020-04-171-1/+1
| | |
* | | Revert "Merge pull request #7153 from ↵Richard van der Hoff2020-04-031-4/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | matrix-org/babolivier/sso_whitelist_login_fallback" This was incorrectly merged to master. This reverts commit 319c41f573eb14a966367b60b2e6e93bf6b028d9, reversing changes made to 229eb81498b0fe1da81e9b5b333a0285acde9446.
* | | Merge pull request #7153 from matrix-org/babolivier/sso_whitelist_login_fallbackBrendan Abolivier2020-03-271-0/+4
|\ \ \ | |_|/ |/| | Always whitelist the login fallback for SSO
| * | Update the wording of the config commentBrendan Abolivier2020-03-271-3/+3
| | |
| * | Regenerate sample configBrendan Abolivier2020-03-261-1/+5
| |/
* | Merge tag 'v1.12.0'Richard van der Hoff2020-03-234-6/+31
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.12.0 (2020-03-23) =========================== No significant changes since 1.12.0rc1. Debian packages and Docker images are rebuilt using the latest versions of dependency libraries, including Twisted 20.3.0. **Please see security advisory below**. Security advisory ----------------- Synapse may be vulnerable to request-smuggling attacks when it is used with a reverse-proxy. The vulnerabilties are fixed in Twisted 20.3.0, and are described in [CVE-2020-10108](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10108) and [CVE-2020-10109](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10109). For a good introduction to this class of request-smuggling attacks, see https://portswigger.net/research/http-desync-attacks-request-smuggling-reborn. We are not aware of these vulnerabilities being exploited in the wild, and do not believe that they are exploitable with current versions of any reverse proxies. Nevertheless, we recommend that all Synapse administrators ensure that they have the latest versions of the Twisted library to ensure that their installation remains secure. * Administrators using the [`matrix.org` Docker image](https://hub.docker.com/r/matrixdotorg/synapse/) or the [Debian/Ubuntu packages from `matrix.org`](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#matrixorg-packages) should ensure that they have version 1.12.0 installed: these images include Twisted 20.3.0. * Administrators who have [installed Synapse from source](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#installing-from-source) should upgrade Twisted within their virtualenv by running: ```sh <path_to_virtualenv>/bin/pip install 'Twisted>=20.3.0' ``` * Administrators who have installed Synapse from distribution packages should consult the information from their distributions. The `matrix.org` Synapse instance was not vulnerable to these vulnerabilities. Advance notice of change to the default `git` branch for Synapse ---------------------------------------------------------------- Currently, the default `git` branch for Synapse is `master`, which tracks the latest release. After the release of Synapse 1.13.0, we intend to change this default to `develop`, which is the development tip. This is more consistent with common practice and modern `git` usage. Although we try to keep `develop` in a stable state, there may be occasions where regressions creep in. Developers and distributors who have scripts which run builds using the default branch of `Synapse` should therefore consider pinning their scripts to `master`. Synapse 1.12.0rc1 (2020-03-19) ============================== Features -------- - Changes related to room alias management ([MSC2432](https://github.com/matrix-org/matrix-doc/pull/2432)): - Publishing/removing a room from the room directory now requires the user to have a power level capable of modifying the canonical alias, instead of the room aliases. ([\#6965](https://github.com/matrix-org/synapse/issues/6965)) - Validate the `alt_aliases` property of canonical alias events. ([\#6971](https://github.com/matrix-org/synapse/issues/6971)) - Users with a power level sufficient to modify the canonical alias of a room can now delete room aliases. ([\#6986](https://github.com/matrix-org/synapse/issues/6986)) - Implement updated authorization rules and redaction rules for aliases events, from [MSC2261](https://github.com/matrix-org/matrix-doc/pull/2261) and [MSC2432](https://github.com/matrix-org/matrix-doc/pull/2432). ([\#7037](https://github.com/matrix-org/synapse/issues/7037)) - Stop sending m.room.aliases events during room creation and upgrade. ([\#6941](https://github.com/matrix-org/synapse/issues/6941)) - Synapse no longer uses room alias events to calculate room names for push notifications. ([\#6966](https://github.com/matrix-org/synapse/issues/6966)) - The room list endpoint no longer returns a list of aliases. ([\#6970](https://github.com/matrix-org/synapse/issues/6970)) - Remove special handling of aliases events from [MSC2260](https://github.com/matrix-org/matrix-doc/pull/2260) added in v1.10.0rc1. ([\#7034](https://github.com/matrix-org/synapse/issues/7034)) - Expose the `synctl`, `hash_password` and `generate_config` commands in the snapcraft package. Contributed by @devec0. ([\#6315](https://github.com/matrix-org/synapse/issues/6315)) - Check that server_name is correctly set before running database updates. ([\#6982](https://github.com/matrix-org/synapse/issues/6982)) - Break down monthly active users by `appservice_id` and emit via Prometheus. ([\#7030](https://github.com/matrix-org/synapse/issues/7030)) - Render a configurable and comprehensible error page if something goes wrong during the SAML2 authentication process. ([\#7058](https://github.com/matrix-org/synapse/issues/7058), [\#7067](https://github.com/matrix-org/synapse/issues/7067)) - Add an optional parameter to control whether other sessions are logged out when a user's password is modified. ([\#7085](https://github.com/matrix-org/synapse/issues/7085)) - Add prometheus metrics for the number of active pushers. ([\#7103](https://github.com/matrix-org/synapse/issues/7103), [\#7106](https://github.com/matrix-org/synapse/issues/7106)) - Improve performance when making HTTPS requests to sygnal, sydent, etc, by sharing the SSL context object between connections. ([\#7094](https://github.com/matrix-org/synapse/issues/7094)) Bugfixes -------- - When a user's profile is updated via the admin API, also generate a displayname/avatar update for that user in each room. ([\#6572](https://github.com/matrix-org/synapse/issues/6572)) - Fix a couple of bugs in email configuration handling. ([\#6962](https://github.com/matrix-org/synapse/issues/6962)) - Fix an issue affecting worker-based deployments where replication would stop working, necessitating a full restart, after joining a large room. ([\#6967](https://github.com/matrix-org/synapse/issues/6967)) - Fix `duplicate key` error which was logged when rejoining a room over federation. ([\#6968](https://github.com/matrix-org/synapse/issues/6968)) - Prevent user from setting 'deactivated' to anything other than a bool on the v2 PUT /users Admin API. ([\#6990](https://github.com/matrix-org/synapse/issues/6990)) - Fix py35-old CI by using native tox package. ([\#7018](https://github.com/matrix-org/synapse/issues/7018)) - Fix a bug causing `org.matrix.dummy_event` to be included in responses from `/sync`. ([\#7035](https://github.com/matrix-org/synapse/issues/7035)) - Fix a bug that renders UTF-8 text files incorrectly when loaded from media. Contributed by @TheStranjer. ([\#7044](https://github.com/matrix-org/synapse/issues/7044)) - Fix a bug that would cause Synapse to respond with an error about event visibility if a client tried to request the state of a room at a given token. ([\#7066](https://github.com/matrix-org/synapse/issues/7066)) - Repair a data-corruption issue which was introduced in Synapse 1.10, and fixed in Synapse 1.11, and which could cause `/sync` to return with 404 errors about missing events and unknown rooms. ([\#7070](https://github.com/matrix-org/synapse/issues/7070)) - Fix a bug causing account validity renewal emails to be sent even if the feature is turned off in some cases. ([\#7074](https://github.com/matrix-org/synapse/issues/7074)) Improved Documentation ---------------------- - Updated CentOS8 install instructions. Contributed by Richard Kellner. ([\#6925](https://github.com/matrix-org/synapse/issues/6925)) - Fix `POSTGRES_INITDB_ARGS` in the `contrib/docker/docker-compose.yml` example docker-compose configuration. ([\#6984](https://github.com/matrix-org/synapse/issues/6984)) - Change date in [INSTALL.md](./INSTALL.md#tls-certificates) for last date of getting TLS certificates to November 2019. ([\#7015](https://github.com/matrix-org/synapse/issues/7015)) - Document that the fallback auth endpoints must be routed to the same worker node as the register endpoints. ([\#7048](https://github.com/matrix-org/synapse/issues/7048)) Deprecations and Removals ------------------------- - Remove the unused query_auth federation endpoint per [MSC2451](https://github.com/matrix-org/matrix-doc/pull/2451). ([\#7026](https://github.com/matrix-org/synapse/issues/7026)) Internal Changes ---------------- - Add type hints to `logging/context.py`. ([\#6309](https://github.com/matrix-org/synapse/issues/6309)) - Add some clarifications to `README.md` in the database schema directory. ([\#6615](https://github.com/matrix-org/synapse/issues/6615)) - Refactoring work in preparation for changing the event redaction algorithm. ([\#6874](https://github.com/matrix-org/synapse/issues/6874), [\#6875](https://github.com/matrix-org/synapse/issues/6875), [\#6983](https://github.com/matrix-org/synapse/issues/6983), [\#7003](https://github.com/matrix-org/synapse/issues/7003)) - Improve performance of v2 state resolution for large rooms. ([\#6952](https://github.com/matrix-org/synapse/issues/6952), [\#7095](https://github.com/matrix-org/synapse/issues/7095)) - Reduce time spent doing GC, by freezing objects on startup. ([\#6953](https://github.com/matrix-org/synapse/issues/6953)) - Minor perfermance fixes to `get_auth_chain_ids`. ([\#6954](https://github.com/matrix-org/synapse/issues/6954)) - Don't record remote cross-signing keys in the `devices` table. ([\#6956](https://github.com/matrix-org/synapse/issues/6956)) - Use flake8-comprehensions to enforce good hygiene of list/set/dict comprehensions. ([\#6957](https://github.com/matrix-org/synapse/issues/6957)) - Merge worker apps together. ([\#6964](https://github.com/matrix-org/synapse/issues/6964), [\#7002](https://github.com/matrix-org/synapse/issues/7002), [\#7055](https://github.com/matrix-org/synapse/issues/7055), [\#7104](https://github.com/matrix-org/synapse/issues/7104)) - Remove redundant `store_room` call from `FederationHandler._process_received_pdu`. ([\#6979](https://github.com/matrix-org/synapse/issues/6979)) - Update warning for incorrect database collation/ctype to include link to documentation. ([\#6985](https://github.com/matrix-org/synapse/issues/6985)) - Add some type annotations to the database storage classes. ([\#6987](https://github.com/matrix-org/synapse/issues/6987)) - Port `synapse.handlers.presence` to async/await. ([\#6991](https://github.com/matrix-org/synapse/issues/6991), [\#7019](https://github.com/matrix-org/synapse/issues/7019)) - Add some type annotations to the federation base & client classes. ([\#6995](https://github.com/matrix-org/synapse/issues/6995)) - Port `synapse.rest.keys` to async/await. ([\#7020](https://github.com/matrix-org/synapse/issues/7020)) - Add a type check to `is_verified` when processing room keys. ([\#7045](https://github.com/matrix-org/synapse/issues/7045)) - Add type annotations and comments to the auth handler. ([\#7063](https://github.com/matrix-org/synapse/issues/7063))
| * Add an option to the set password API to choose whether to logout other ↵Patrick Cloke2020-03-181-1/+5
| | | | | | | | devices. (#7085)
| * Revert "Add options to disable setting profile info for prevent changes. ↵Richard van der Hoff2020-03-171-13/+0
| | | | | | | | | | | | | | (#7053)" This reverts commit 54dd28621b070ca67de9f773fe9a89e1f4dc19da, reversing changes made to 6640460d054e8f4444046a34bdf638921b31c01e.
| * Put the file in the templates directoryBrendan Abolivier2020-03-111-7/+16
| |
| * Update wording and configBrendan Abolivier2020-03-111-0/+3
| |
| * Add options to disable setting profile info for prevent changes. (#7053)Brendan Abolivier2020-03-101-0/+13
| |\
| | * Update sample_config.yamlDirk Klimpel2020-03-101-1/+1
| | |
| | * updates after reviewdklimpel2020-03-091-5/+5
| | |
| | * add disable_3pid_changesdklimpel2020-03-081-0/+5
| | |
| | * lint2dklimpel2020-03-081-2/+2
| | |
| | * changelogdklimpel2020-03-081-0/+8
| | |
| * | Update sample configBrendan Abolivier2020-03-101-0/+7
| | |
| * | Update routing of fallback auth in the worker docs. (#7048)Patrick Cloke2020-03-091-0/+1
| | |
| * | Merge branch 'master' into developBrendan Abolivier2020-03-031-0/+50
| |\ \ | | |/ | |/|
| * | Fix minor issues with email config (#6962)Richard van der Hoff2020-02-241-4/+5
| | | | | | | | | | | | | | | | | | * Give `notif_template_html`, `notif_template_text` default values (fixes #6960) * Don't complain if `smtp_host` and `smtp_port` are unset, since they have sensible defaults (fixes #6961) * Set the example for `enable_notifs` to `True`, for consistency and because it's more useful * Raise errors as ConfigError rather than RuntimeError for nicer formatting
| * | Clarify list/set/dict/tuple comprehensions and enforce via flake8 (#6957)Patrick Cloke2020-02-211-1/+1
| | | | | | | | | | | | Ensure good comprehension hygiene using flake8-comprehensions.
* | | Update postgres.mdRichard van der Hoff2020-03-171-2/+1
| |/ |/| | | fix broken link
* | Add a whitelist for the SSO confirmation step.Richard van der Hoff2020-03-021-3/+19
| |
* | Add a confirmation step to the SSO login flowBrendan Abolivier2020-03-021-0/+34
|/
* Merge pull request #6940 from matrix-org/babolivier/federate.mdBrendan Abolivier2020-02-193-153/+126
|\ | | | | Clean up and update federation docs
| * Incorporate reviewBrendan Abolivier2020-02-192-12/+13
| |
| * Incorporate reviewBrendan Abolivier2020-02-182-21/+17
| |
| * PhrasingBrendan Abolivier2020-02-181-1/+1
| |
| * Add mention of SRV records as an advanced topicBrendan Abolivier2020-02-181-0/+10
| |
| * Argh trailing spacesBrendan Abolivier2020-02-181-2/+2
| |
| * Fix links in the reverse proxy docBrendan Abolivier2020-02-181-3/+4
| |
| * Make federate.md more of a sumary of the steps to follow to set up replicationBrendan Abolivier2020-02-181-17/+28
| |
| * Split the delegating documentation out of federate.md and trim it downBrendan Abolivier2020-02-182-133/+87
| |
* | Merge pull request #6907 from matrix-org/babolivier/acme-configBrendan Abolivier2020-02-181-0/+5
|\ \ | | | | | | Add mention and warning about ACME v1 deprecation to the TLS config
| * | Add mention and warning about ACME v1 deprecation to the Synapse configBrendan Abolivier2020-02-131-0/+5
| | |
* | | Fix worker docs to point `/publicised_groups` API correctly. (#6938)Erik Johnston2020-02-181-3/+4
| | |
* | | Add a warning about indentation to generated config (#6920)Richard van der Hoff2020-02-142-2/+14
| | | | | | | | | Fixes #6916.
* | | Filter the results of user directory searching via the spam checker (#6888)Patrick Cloke2020-02-141-0/+3
| |/ |/| | | Add a method to the spam checker to filter the user directory results.
* | Add documentation for the spam checker module (#6906)Patrick Cloke2020-02-131-0/+85
| | | | | | Add documentation for the spam checker.
* | Update docs/ACME.mdBrendan Abolivier2020-02-131-1/+1
| |
* | Mention that using Synapse to serve certificates requires restartsBrendan Abolivier2020-02-121-1/+3
| |
* | Remove duplicated info about certbot et alBrendan Abolivier2020-02-121-5/+0
| |
* | Update ACME.md to mention ACME v1 deprecationBrendan Abolivier2020-02-121-7/+41
|/
* Merge pull request #6891 from matrix-org/babolivier/retention-doc-amendBrendan Abolivier2020-02-122-0/+7
|\ | | | | Spell out that the last event sent to a room won't be deleted by a purge
| * RephraseBrendan Abolivier2020-02-122-5/+5
| |
| * Also spell it out in the purge history API docBrendan Abolivier2020-02-111-0/+3
| |
| * Spell out that Synapse never purges the last event sent in a roomBrendan Abolivier2020-02-111-0/+4
| |
* | Merge branch 'master' into developBrendan Abolivier2020-02-121-1/+2
|\ \ | |/ |/|
| * Merge tag 'v1.10.0'Brendan Abolivier2020-02-122-1/+36
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.10.0 (2020-02-12) =========================== **WARNING to client developers**: As of this release Synapse validates `client_secret` parameters in the Client-Server API as per the spec. See [\#6766](https://github.com/matrix-org/synapse/issues/6766) for details. Updates to the Docker image --------------------------- - Update the docker images to Alpine Linux 3.11. ([\#6897](https://github.com/matrix-org/synapse/issues/6897)) Synapse 1.10.0rc5 (2020-02-11) ============================== Bugfixes -------- - Fix the filtering introduced in 1.10.0rc3 to also apply to the state blocks returned by `/sync`. ([\#6884](https://github.com/matrix-org/synapse/issues/6884)) Synapse 1.10.0rc4 (2020-02-11) ============================== This release candidate was built incorrectly and is superceded by 1.10.0rc5. Synapse 1.10.0rc3 (2020-02-10) ============================== Features -------- - Filter out `m.room.aliases` from the CS API to mitigate abuse while a better solution is specced. ([\#6878](https://github.com/matrix-org/synapse/issues/6878)) Internal Changes ---------------- - Fix continuous integration failures with old versions of `pip`, which were introduced by a release of the `zipp` library. ([\#6880](https://github.com/matrix-org/synapse/issues/6880)) Synapse 1.10.0rc2 (2020-02-06) ============================== Bugfixes -------- - Fix an issue with cross-signing where device signatures were not sent to remote servers. ([\#6844](https://github.com/matrix-org/synapse/issues/6844)) - Fix to the unknown remote device detection which was introduced in 1.10.rc1. ([\#6848](https://github.com/matrix-org/synapse/issues/6848)) Internal Changes ---------------- - Detect unexpected sender keys on remote encrypted events and resync device lists. ([\#6850](https://github.com/matrix-org/synapse/issues/6850)) Synapse 1.10.0rc1 (2020-01-31) ============================== Features -------- - Add experimental support for updated authorization rules for aliases events, from [MSC2260](https://github.com/matrix-org/matrix-doc/pull/2260). ([\#6787](https://github.com/matrix-org/synapse/issues/6787), [\#6790](https://github.com/matrix-org/synapse/issues/6790), [\#6794](https://github.com/matrix-org/synapse/issues/6794)) Bugfixes -------- - Warn if postgres database has a non-C locale, as that can cause issues when upgrading locales (e.g. due to upgrading OS). ([\#6734](https://github.com/matrix-org/synapse/issues/6734)) - Minor fixes to `PUT /_synapse/admin/v2/users` admin api. ([\#6761](https://github.com/matrix-org/synapse/issues/6761)) - Validate `client_secret` parameter using the regex provided by the Client-Server API, temporarily allowing `:` characters for older clients. The `:` character will be removed in a future release. ([\#6767](https://github.com/matrix-org/synapse/issues/6767)) - Fix persisting redaction events that have been redacted (or otherwise don't have a redacts key). ([\#6771](https://github.com/matrix-org/synapse/issues/6771)) - Fix outbound federation request metrics. ([\#6795](https://github.com/matrix-org/synapse/issues/6795)) - Fix bug where querying a remote user's device keys that weren't cached resulted in only returning a single device. ([\#6796](https://github.com/matrix-org/synapse/issues/6796)) - Fix race in federation sender worker that delayed sending of device updates. ([\#6799](https://github.com/matrix-org/synapse/issues/6799), [\#6800](https://github.com/matrix-org/synapse/issues/6800)) - Fix bug where Synapse didn't invalidate cache of remote users' devices when Synapse left a room. ([\#6801](https://github.com/matrix-org/synapse/issues/6801)) - Fix waking up other workers when remote server is detected to have come back online. ([\#6811](https://github.com/matrix-org/synapse/issues/6811)) Improved Documentation ---------------------- - Clarify documentation related to `user_dir` and `federation_reader` workers. ([\#6775](https://github.com/matrix-org/synapse/issues/6775)) Internal Changes ---------------- - Record room versions in the `rooms` table. ([\#6729](https://github.com/matrix-org/synapse/issues/6729), [\#6788](https://github.com/matrix-org/synapse/issues/6788), [\#6810](https://github.com/matrix-org/synapse/issues/6810)) - Propagate cache invalidates from workers to other workers. ([\#6748](https://github.com/matrix-org/synapse/issues/6748)) - Remove some unnecessary admin handler abstraction methods. ([\#6751](https://github.com/matrix-org/synapse/issues/6751)) - Add some debugging for media storage providers. ([\#6757](https://github.com/matrix-org/synapse/issues/6757)) - Detect unknown remote devices and mark cache as stale. ([\#6776](https://github.com/matrix-org/synapse/issues/6776), [\#6819](https://github.com/matrix-org/synapse/issues/6819)) - Attempt to resync remote users' devices when detected as stale. ([\#6786](https://github.com/matrix-org/synapse/issues/6786)) - Delete current state from the database when server leaves a room. ([\#6792](https://github.com/matrix-org/synapse/issues/6792)) - When a client asks for a remote user's device keys check if the local cache for that user has been marked as potentially stale. ([\#6797](https://github.com/matrix-org/synapse/issues/6797)) - Add background update to clean out left rooms from current state. ([\#6802](https://github.com/matrix-org/synapse/issues/6802), [\#6816](https://github.com/matrix-org/synapse/issues/6816)) - Refactoring work in preparation for changing the event redaction algorithm. ([\#6803](https://github.com/matrix-org/synapse/issues/6803), [\#6805](https://github.com/matrix-org/synapse/issues/6805), [\#6806](https://github.com/matrix-org/synapse/issues/6806), [\#6807](https://github.com/matrix-org/synapse/issues/6807), [\#6820](https://github.com/matrix-org/synapse/issues/6820))
| * | Update documentation (#6859)Robin Vleij2020-02-051-1/+2
| | | | | | | | | | | | Update documentation to reflect the correct format of user_id (fully qualified).
* | | Add support for putting fed user query API on workers (#6873)Erik Johnston2020-02-071-0/+1
| | |
* | | Allow moving group read APIs to workers (#6866)Erik Johnston2020-02-071-0/+8
| | |
* | | Admin api to add an email address (#6789)Dirk Klimpel2020-02-071-0/+11
| |/ |/|
* | Warn if postgres database has non-C locale. (#6734)Erik Johnston2020-01-281-1/+19
| | | | | | As using non-C locale can cause issues on upgrading OS.
* | Fix federation_reader listeners doc as per PR reviewJason Robinson2020-01-271-2/+12
| | | | | | | | Signed-off-by: Jason Robinson <jasonr@matrix.org>
* | Clarifications to the workers documentationJason Robinson2020-01-241-0/+7
|/ | | | | | | | | * Add note that user_dir requires disabling user dir updates from the main synapse process. * Add note that federation_reader should have the federation listener resource. Signed-off-by: Jason Robinson <jasonr@matrix.org>
* Update admin room docs with correct endpoints (#6770)Andrew Morgan2020-01-231-4/+4
|
* Admin API to list, filter and sort rooms (#6720)Andrew Morgan2020-01-221-0/+173
|
* Allow streaming cache invalidate all to workers. (#6749)Erik Johnston2020-01-221-0/+5
|
* Wake up transaction queue when remote server comes back online (#6706)Erik Johnston2020-01-171-1/+5
| | | | | This will be used to retry outbound transactions to a remote server if we think it might have come back up.
* Clarify the `account_validity` and `email` sections of the sample ↵Richard van der Hoff2020-01-171-132/+152
| | | | | | | | | | | configuration. (#6685) Generally try to make this more comprehensible, and make it match the conventions. I've removed the documentation for all the settings which allow you to change the names of the template files, because I can't really see why they are useful.
* Quarantine media by ID or user ID (#6681)Andrew Morgan2020-01-132-8/+72
|
* Document more supported endpoints for workers (#6698)Richard van der Hoff2020-01-131-0/+4
|
* Allow admin users to create or modify users without a shared secret (#6495)Manuel Stahl2020-01-091-1/+32
| | | Signed-off-by: Manuel Stahl <manuel.stahl@awesome-technologies.de>
* Fix typo in message retention policies docBrendan Abolivier2020-01-081-1/+1
|
* Merge pull request #6624 from matrix-org/babolivier/retention_docBrendan Abolivier2020-01-081-0/+191
|\ | | | | Add complete documentation of the message retention policies support
| * Fix referenceBrendan Abolivier2020-01-071-1/+1
| |
| * Incorporate reviewBrendan Abolivier2020-01-071-27/+28
| |
| * Merge branch 'develop' into babolivier/retention_docBrendan Abolivier2020-01-072-6/+2
| |\
| * | Apply suggestions from code reviewBrendan Abolivier2020-01-071-5/+4
| | | | | | | | | Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
| * | Fix vacuum instructions for sqliteBrendan Abolivier2020-01-031-2/+2
| | |
| * | Add a complete documentation of the message retention policies supportBrendan Abolivier2020-01-031-0/+191
| | |
* | | Merge pull request #6621 from matrix-org/babolivier/purge_job_config_typoBrendan Abolivier2020-01-071-5/+5
|\ \ \ | |_|/ |/| | Fix a typo in the purge jobs configuration example
| * | RewordBrendan Abolivier2020-01-071-3/+3
| | |
| * | Change the example from 5min to 12hBrendan Abolivier2020-01-071-4/+4
| | | | | | | | | | | | Have a purge job running every 5min is probably not something we want to advise admins to do as a sort-of default.
| * | Update sample configBrendan Abolivier2020-01-031-1/+1
| |/
* | Automate generation of the sample and debian log configs (#6627)Richard van der Hoff2020-01-031-2/+2
| |
* | Remove unused, undocumented "content repo" resource (#6628)Richard van der Hoff2020-01-031-4/+0
|/ | | | | | This looks like it got half-killed back in #888. Fixes #6567.
* Added the section 'Configuration' in /docs/turn-howto.md (#6614)ewaf12020-01-021-0/+2
| | | | put the 2nd part of the "source installation"-section into a new section, because it also applies to Debian packages
* Reword sections of federate.md that explained delegation at time of Synapse ↵Aaron Raimist2020-01-021-21/+3
| | | | | | | | | | | | 1.0 transition (#6601) * Remove sections of federate.md explaining delegation at time of Synapse 1.0 transition Signed-off-by: Aaron Raimist <aaron@raim.ist> * Add changelog Signed-off-by: Aaron Raimist <aaron@raim.ist>
* Merge branch 'master' into developRichard van der Hoff2019-12-311-0/+43
|\
| * sample log config 1.7.2Richard van der Hoff2019-12-241-0/+43
| | | | | | | | TODO: automate generation of this
* | Add an export_signing_key script (#6546)Richard van der Hoff2019-12-192-14/+20
| | | | | | | | | | I want to do some key rotation, and it is silly that we don't have a way to do this.
* | Add option to allow profile queries without sharing a room (#6523)Will Hunt2019-12-161-0/+7
| |
* | Document Shutdown Room admin API (#6541)Andrew Morgan2019-12-131-0/+72
| |
* | Merge branch 'master' into developErik Johnston2019-12-131-1/+13
|\|
| * Merge tag 'v1.7.0'Erik Johnston2019-12-134-9/+149
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.7.0 (2019-12-13) ========================== This release changes the default settings so that only local authenticated users can query the server's room directory. See the [upgrade notes](UPGRADE.rst#upgrading-to-v170) for details. Support for SQLite versions before 3.11 is now deprecated. A future release will refuse to start if used with an SQLite version before 3.11. Administrators are reminded that SQLite should not be used for production instances. Instructions for migrating to Postgres are available [here](docs/postgres.md). A future release of synapse will, by default, disable federation for servers using SQLite. No significant changes since 1.7.0rc2. Synapse 1.7.0rc2 (2019-12-11) ============================= Bugfixes -------- - Fix incorrect error message for invalid requests when setting user's avatar URL. ([\#6497](https://github.com/matrix-org/synapse/issues/6497)) - Fix support for SQLite 3.7. ([\#6499](https://github.com/matrix-org/synapse/issues/6499)) - Fix regression where sending email push would not work when using a pusher worker. ([\#6507](https://github.com/matrix-org/synapse/issues/6507), [\#6509](https://github.com/matrix-org/synapse/issues/6509)) Synapse 1.7.0rc1 (2019-12-09) ============================= Features -------- - Implement per-room message retention policies. ([\#5815](https://github.com/matrix-org/synapse/issues/5815), [\#6436](https://github.com/matrix-org/synapse/issues/6436)) - Add etag and count fields to key backup endpoints to help clients guess if there are new keys. ([\#5858](https://github.com/matrix-org/synapse/issues/5858)) - Add `/admin/v2/users` endpoint with pagination. Contributed by Awesome Technologies Innovationslabor GmbH. ([\#5925](https://github.com/matrix-org/synapse/issues/5925)) - Require User-Interactive Authentication for `/account/3pid/add`, meaning the user's password will be required to add a third-party ID to their account. ([\#6119](https://github.com/matrix-org/synapse/issues/6119)) - Implement the `/_matrix/federation/unstable/net.atleastfornow/state/<context>` API as drafted in MSC2314. ([\#6176](https://github.com/matrix-org/synapse/issues/6176)) - Configure privacy-preserving settings by default for the room directory. ([\#6355](https://github.com/matrix-org/synapse/issues/6355)) - Add ephemeral messages support by partially implementing [MSC2228](https://github.com/matrix-org/matrix-doc/pull/2228). ([\#6409](https://github.com/matrix-org/synapse/issues/6409)) - Add support for [MSC 2367](https://github.com/matrix-org/matrix-doc/pull/2367), which allows specifying a reason on all membership events. ([\#6434](https://github.com/matrix-org/synapse/issues/6434)) Bugfixes -------- - Transfer non-standard power levels on room upgrade. ([\#6237](https://github.com/matrix-org/synapse/issues/6237)) - Fix error from the Pillow library when uploading RGBA images. ([\#6241](https://github.com/matrix-org/synapse/issues/6241)) - Correctly apply the event filter to the `state`, `events_before` and `events_after` fields in the response to `/context` requests. ([\#6329](https://github.com/matrix-org/synapse/issues/6329)) - Fix caching devices for remote users when using workers, so that we don't attempt to refetch (and potentially fail) each time a user requests devices. ([\#6332](https://github.com/matrix-org/synapse/issues/6332)) - Prevent account data syncs getting lost across TCP replication. ([\#6333](https://github.com/matrix-org/synapse/issues/6333)) - Fix bug: TypeError in `register_user()` while using LDAP auth module. ([\#6406](https://github.com/matrix-org/synapse/issues/6406)) - Fix an intermittent exception when handling read-receipts. ([\#6408](https://github.com/matrix-org/synapse/issues/6408)) - Fix broken guest registration when there are existing blocks of numeric user IDs. ([\#6420](https://github.com/matrix-org/synapse/issues/6420)) - Fix startup error when http proxy is defined. ([\#6421](https://github.com/matrix-org/synapse/issues/6421)) - Fix error when using synapse_port_db on a vanilla synapse db. ([\#6449](https://github.com/matrix-org/synapse/issues/6449)) - Fix uploading multiple cross signing signatures for the same user. ([\#6451](https://github.com/matrix-org/synapse/issues/6451)) - Fix bug which lead to exceptions being thrown in a loop when a cross-signed device is deleted. ([\#6462](https://github.com/matrix-org/synapse/issues/6462)) - Fix `synapse_port_db` not exiting with a 0 code if something went wrong during the port process. ([\#6470](https://github.com/matrix-org/synapse/issues/6470)) - Improve sanity-checking when receiving events over federation. ([\#6472](https://github.com/matrix-org/synapse/issues/6472)) - Fix inaccurate per-block Prometheus metrics. ([\#6491](https://github.com/matrix-org/synapse/issues/6491)) - Fix small performance regression for sending invites. ([\#6493](https://github.com/matrix-org/synapse/issues/6493)) - Back out cross-signing code added in Synapse 1.5.0, which caused a performance regression. ([\#6494](https://github.com/matrix-org/synapse/issues/6494)) Improved Documentation ---------------------- - Update documentation and variables in user contributed systemd reference file. ([\#6369](https://github.com/matrix-org/synapse/issues/6369), [\#6490](https://github.com/matrix-org/synapse/issues/6490)) - Fix link in the user directory documentation. ([\#6388](https://github.com/matrix-org/synapse/issues/6388)) - Add build instructions to the docker readme. ([\#6390](https://github.com/matrix-org/synapse/issues/6390)) - Switch Ubuntu package install recommendation to use python3 packages in INSTALL.md. ([\#6443](https://github.com/matrix-org/synapse/issues/6443)) - Write some docs for the quarantine_media api. ([\#6458](https://github.com/matrix-org/synapse/issues/6458)) - Convert CONTRIBUTING.rst to markdown (among other small fixes). ([\#6461](https://github.com/matrix-org/synapse/issues/6461)) Deprecations and Removals ------------------------- - Remove admin/v1/users_paginate endpoint. Contributed by Awesome Technologies Innovationslabor GmbH. ([\#5925](https://github.com/matrix-org/synapse/issues/5925)) - Remove fallback for federation with old servers which lack the /federation/v1/state_ids API. ([\#6488](https://github.com/matrix-org/synapse/issues/6488)) Internal Changes ---------------- - Add benchmarks for structured logging and improve output performance. ([\#6266](https://github.com/matrix-org/synapse/issues/6266)) - Improve the performance of outputting structured logging. ([\#6322](https://github.com/matrix-org/synapse/issues/6322)) - Refactor some code in the event authentication path for clarity. ([\#6343](https://github.com/matrix-org/synapse/issues/6343), [\#6468](https://github.com/matrix-org/synapse/issues/6468), [\#6480](https://github.com/matrix-org/synapse/issues/6480)) - Clean up some unnecessary quotation marks around the codebase. ([\#6362](https://github.com/matrix-org/synapse/issues/6362)) - Complain on startup instead of 500'ing during runtime when `public_baseurl` isn't set when necessary. ([\#6379](https://github.com/matrix-org/synapse/issues/6379)) - Add a test scenario to make sure room history purges don't break `/messages` in the future. ([\#6392](https://github.com/matrix-org/synapse/issues/6392)) - Clarifications for the email configuration settings. ([\#6423](https://github.com/matrix-org/synapse/issues/6423)) - Add more tests to the blacklist when running in worker mode. ([\#6429](https://github.com/matrix-org/synapse/issues/6429)) - Refactor data store layer to support multiple databases in the future. ([\#6454](https://github.com/matrix-org/synapse/issues/6454), [\#6464](https://github.com/matrix-org/synapse/issues/6464), [\#6469](https://github.com/matrix-org/synapse/issues/6469), [\#6487](https://github.com/matrix-org/synapse/issues/6487)) - Port synapse.rest.client.v1 to async/await. ([\#6482](https://github.com/matrix-org/synapse/issues/6482)) - Port synapse.rest.client.v2_alpha to async/await. ([\#6483](https://github.com/matrix-org/synapse/issues/6483)) - Port SyncHandler to async/await. ([\#6484](https://github.com/matrix-org/synapse/issues/6484))
| * | Update workers.md to make media_repository work (again) (#6519)Mark Nowiasz2019-12-111-1/+13
| | |
* | | Allow SAML username provider plugins (#6411)Andrew Morgan2019-12-102-18/+120
| |/ |/|
* | Replace /admin/v1/users_paginate endpoint with /admin/v2/users (#5925)Manuel Stahl2019-12-051-0/+45
| |
* | privacy by default for room dir (#6355)Neil Johnson2019-12-041-6/+7
| | | | | | | | Ensure that the the default settings for the room directory are that the it is hidden from public view by default.
* | write some docs for the quarantine_media api (#6458)Richard van der Hoff2019-12-031-0/+17
| |
* | Clarifications for the email configuration settings. (#6423)Richard van der Hoff2019-11-281-1/+16
| | | | | | Cf #6422
* | Merge branch 'develop' into babolivier/message_retentionBrendan Abolivier2019-11-263-8/+20
|\ \
| * | Fix link to user_dir_populate.sql in the user directory docs (#6388)Aaron Raimist2019-11-211-2/+1
| |/
| * Merge branch 'develop' of github.com:matrix-org/synapse into ↵Andrew Morgan2019-11-141-1/+1
| |\ | | | | | | | | | | | | | | | | | | | | | anoa/homeserver_copy * 'develop' of github.com:matrix-org/synapse: Blacklist PurgeRoomTestCase (#6361) Set room version default to 5
| | * Merge pull request #6220 from matrix-org/neilj/set_room_version_default_to_5Brendan Abolivier2019-11-141-1/+1
| | |\ | | | | | | | | Set room version default to 5
| | | * Set room version default to 5Neil Johnson2019-10-191-1/+1
| | | |
| * | | sample configAndrew Morgan2019-11-121-4/+4
| |/ /
| * | document the REPLICATE command a bit better (#6305)Richard van der Hoff2019-11-041-1/+14
| | | | | | | | | | | | since I found myself wonder how it works
* | | Implement per-room message retention policiesBrendan Abolivier2019-11-041-0/+63
|/ /
* | Modify doc to update Google ReCaptcha terms (#6257)Yash Jipkate2019-10-301-3/+3
| |
* | Fix typo in domain name in account_threepid_delegates config option (#6273)Andrew Morgan2019-10-301-1/+1
| |
* | Option to suppress resource exceeded alerting (#6173)Neil Johnson2019-10-241-1/+7
| | | | | | | | The expected use case is to suppress MAU limiting on small instances
* | Add config linting script that checks for bool casing (#6203)Andrew Morgan2019-10-231-15/+15
| | | | | | | | | | Add a linting script that enforces all boolean values in the default config be lowercase. This has annoyed me for a while so I decided to fix it.
* | Update postgres.md (#6234)Adrien Luxey2019-10-221-3/+7
|/ | | Added database owner authentication with `sudo` when `su` does not work
* cas: support setting display name (#6114)Valérian Rousset2019-10-111-0/+1
| | | Now, the CAS server can return an attribute stating what's the desired displayname, instead of using the username directly.
* Merge branch 'master' into developBrendan Abolivier2019-10-021-0/+12
|\
| * add explanations on how to actually include an access_token (#6031)axel simon2019-09-131-0/+12
| |
* | Fix 'redaction_retention_period' sampel config to match guidelinesErik Johnston2019-09-261-1/+1
| |
* | Explicitly log when a homeserver does not have a trusted key server ↵Neil Johnson2019-09-261-4/+10
| | | | | | | | configured (#6090)
* | Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2019-09-251-51/+90
|\ \ | | | | | | | | | erikj/cleanup_user_ips_2
| * \ Merge remote-tracking branch 'origin/develop' into rav/saml_mapping_workRichard van der Hoff2019-09-241-1/+18
| |\ \
| | * | Add submit_url response parameter to msisdn /requestToken (#6079)Andrew Morgan2019-09-231-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | Second part of solving #6076 Fixes #6076 We return a submit_url parameter on calls to POST */msisdn/requestToken so that clients know where to submit token information to.
| | * | Merge pull request #6064 from matrix-org/rav/saml_config_cleanupRichard van der Hoff2019-09-231-51/+59
| | |\ \ | | | | | | | | | | Make the sample saml config closer to our standards
| | | * \ Merge branch 'develop' into rav/saml_config_cleanupRichard van der Hoff2019-09-1940-2177/+2402
| | | |\ \
| | * | | | Use the federation blacklist for requests to untrusted Identity Servers (#6000)Andrew Morgan2019-09-231-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Uses a SimpleHttpClient instance equipped with the federation_ip_range_blacklist list for requests to identity servers provided by user input. Does not use a blacklist when contacting identity servers specified by account_threepid_delegates. The homeserver trusts the latter and we don't want to prevent homeserver admins from specifying delegates that are on internal IP addresses. Fixes #5935
| * | | | | Merge branch 'develop' into rav/saml_mapping_workRichard van der Hoff2019-09-1940-2177/+2402
| |\ \ \ \ \ | | | |_|/ / | | |/| | |
| * | | | | Record mappings from saml users in an external tableRichard van der Hoff2019-09-131-0/+26
| | |_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | We want to assign unique mxids to saml users based on an incrementing suffix. For that to work, we need to record the allocated mxid in a separate table.
| * | | | Make the sample saml config closer to our standardsRichard van der Hoff2019-09-131-51/+59
| | |_|/ | |/| | | | | | | | | | It' still not great, thanks to the nested dictionaries, but it's better.
* | | | Review commentsErik Johnston2019-09-251-1/+1
| | | |
* | | | Prune rows in user_ips older than configured periodErik Johnston2019-09-241-0/+6
| |_|/ |/| | | | | | | | Defaults to pruning everything older than 28d.
* | | Allow HS to send emails when adding an email to the HS (#6042)Andrew Morgan2019-09-201-0/+12
| | |
* | | Fix typo in account_threepid_delegates config (#6028)Jorik Schellekens2019-09-181-1/+1
| |/ |/|
* | fix sample configRichard van der Hoff2019-09-181-1/+1
| | | | | | | | this was apparently broken by #6040.
* | (#5849) Convert rst to markdown (#6040)dstipp2019-09-1735-2179/+2074
| | | | | | | | | | Converting some of the rst documentation to markdown. Attempted to preserve whitespace and line breaks to minimize cosmetic change.
* | Add developer docs for using SAML without a server (#6032)Travis Ralston2019-09-131-0/+37
| |
* | add report_stats_endpoint config option (#6012)Sorunome2019-09-121-0/+5
| | | | | | This PR adds the optional `report_stats_endpoint` to configure where stats are reported to, if enabled.
* | Update sample configErik Johnston2019-09-111-1/+1
| |
* | Update sample configErik Johnston2019-09-111-0/+7
| |
* | Merge pull request #5934 from matrix-org/erikj/censor_redactionsErik Johnston2019-09-091-0/+7
|\ \ | | | | | | Censor redactions in DB after a month
| * | Default to censoring redactions after seven daysErik Johnston2019-09-091-3/+5
| | |
| * | Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2019-09-051-0/+62
| |\ \ | | | | | | | | | | | | erikj/censor_redactions
| * | | Make redaction retention period configurableErik Johnston2019-09-051-0/+5
| | | |
* | | | Servers-known-about statistic (#5981)Amber Brown2019-09-071-0/+10
| | | |
* | | | Allow Synapse to send registration emails + choose Synapse or an external ↵Andrew Morgan2019-09-061-13/+43
| |/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | server to handle 3pid validation (#5987) This is a combination of a few different PRs, finally all being merged into `develop`: * #5875 * #5876 * #5868 (This one added the `/versions` flag but the flag itself was actually [backed out](https://github.com/matrix-org/synapse/commit/891afb57cbdf9867f2848341b29c75d6f35eef5a#diff-e591d42d30690ffb79f63bb726200891) in #5969. What's left is just giving /versions access to the config file, which could be useful in the future) * #5835 * #5969 * #5940 Clients should not actually use the new registration functionality until https://github.com/matrix-org/synapse/pull/5972 is merged. UPGRADE.rst, changelog entries and config file changes should all be reviewed closely before this PR is merged.
* | | Fix and refactor room and user stats (#5971)Erik Johnston2019-09-041-0/+62
|/ / | | | | Previously the stats were not being correctly populated.
* | Add a link to python's logging config schema (#5926)Jorik Schellekens2019-08-281-1/+2
| |
* | Config templating (#5900)Jorik Schellekens2019-08-281-8/+8
| | | | | | | | | | | | | | | | | | | | | | | | Template config files * Imagine a system composed entirely of x, y, z etc and the basic operations.. Wait George, why XOR? Why not just neq? George: Eh, I didn't think of that.. Co-Authored-By: Erik Johnston <erik@matrix.org>
* | Implement a structured logging output system. (#5680)Amber Brown2019-08-281-0/+83
| |
* | Merge pull request #5914 from matrix-org/rei/admin_getadminreivilibre2019-08-281-0/+19
|\ \ | | | | | | Add GET method to admin API /users/@user:dom/admin
| * | Document GET method for retrieving admin bit of user in admin APIOlivier Wilkinson (reivilibre)2019-08-271-0/+19
| | | | | | | | | | | | Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
* | | Merge pull request #5895 from matrix-org/erikj/notary_keyErik Johnston2019-08-271-0/+8
|\ \ \ | |/ / |/| | Add config option to sign remote key query responses with a separate key.
| * | Fixup review commentsErik Johnston2019-08-231-2/+2
| | |
| * | Add config option for keys to use to sign keysErik Johnston2019-08-211-0/+8
| |/ | | | | | | | | This allows servers to separate keys that are used to sign remote keys when acting as a notary server.
* | Add Admin API capability to set adminship of a user (#5878)reivilibre2019-08-271-0/+20
| | | | | | Admin API: Set adminship of a user
* | Propagate opentracing contexts through EDUs (#5852)Jorik Schellekens2019-08-221-2/+25
| | | | | | | | | | Propagate opentracing contexts through EDUs Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* | Servlet to purge old rooms (#5845)Richard van der Hoff2019-08-221-0/+18
|/
* Don't load the media repo when configured to use an external media repo (#5754)Amber Brown2019-08-132-0/+14
|
* LintBrendan Abolivier2019-08-011-1/+1
|
* Sample configBrendan Abolivier2019-08-011-0/+10
|
* Remove non-functional 'expire_access_token' setting (#5782)Richard van der Hoff2019-07-301-4/+0
| | | | | | | | The `expire_access_token` didn't do what it sounded like it should do. What it actually did was make Synapse enforce the 'time' caveat on macaroons used as access tokens, but since our access token macaroons never contained such a caveat, it was always a no-op. (The code to add 'time' caveats was removed back in v0.18.5, in #1656)
* Room Complexity Client Implementation (#5783)Amber Brown2019-07-301-0/+17
|
* Make Jaeger fully configurable (#5694)Jorik Schellekens2019-07-231-0/+16
| | | | | | * Allow Jaeger to be configured * Update sample config
* Replace returnValue with return (#5736)Amber Brown2019-07-231-1/+1
|
* Merge branch 'release-v1.2.0' into developJorik Schellekens2019-07-222-12/+102
|\
| * Opentracing Documentation (#5703)Jorik Schellekens2019-07-222-12/+102
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Opentracing survival guide * Update decorator names in doc * Doc cleanup These are all alterations as a result of comments in #5703, it includes mostly typos and clarifications. The most interesting changes are: - Split developer and user docs into two sections - Add a high level description of OpenTracing * newsfile * Move contributer specific info to docstring. * Sample config. * Trailing whitespace. * Update 5703.misc * Apply suggestions from code review Mostly just rewording parts of the docs for clarity. Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* | Update the coding style doc (#5719)Richard van der Hoff2019-07-191-30/+94
|/ | | | | A few fixes and removal of duplicated stuff, but mostly a bunch of the words on the config file.
* Clean up opentracing configuration options (#5712)Richard van der Hoff2019-07-181-14/+31
| | | | | | | | | | | | | | | | | Clean up config settings and dead code. This is mostly about cleaning up the config format, to bring it into line with our conventions. In particular: * There should be a blank line after `## Section ##' headings * There should be a blank line between each config setting * There should be a `#`-only line between a comment and the setting it describes * We don't really do the `# #` style commenting-out of whole sections if we can help it * rename `tracer_enabled` to `enabled` While we're here, do more config parsing upfront, which makes it easier to use later on. Also removes redundant code from LogContextScopeManager. Also changes the changelog fragment to a `feature` - it's exciting!
* Support Prometheus_client 0.4.0+ (#5636)Amber Brown2019-07-181-0/+102
|
* Improve `Depends` specs in debian package. (#5675)Richard van der Hoff2019-07-171-3/+5
| | | | | | | | | | | | | | | | | | | This is basically a contrived way of adding a `Recommends` on `libpq5`, to fix #5653. The way this is supposed to happen in debhelper is to run `dh_shlibdeps`, which in turn runs `dpkg-shlibdeps`, which spits things out into `debian/<package>.substvars` whence they can later be included by `control`. Previously, we had disabled `dh_shlibdeps`, mostly because `dpkg-shlibdeps` gets confused about PIL's interdependent objects, but that's not really the right thing to do and there is another way to work around that. Since we don't always use postgres, we don't necessarily want a hard Depends on libpq5, so I've actually ended up adding an explicit invocation of `dpkg-shlibdeps` for `psycopg2`. I've also updated the build-depends list for the package, which was missing a couple of entries.
* Implement access token expiry (#5660)Richard van der Hoff2019-07-121-0/+11
| | | | Record how long an access token is valid for, and raise a soft-logout once it expires.
* Update reverse_proxy.rst (#5397)Ulrik Günther2019-07-121-0/+2
| | | | | Updates reverse_proxy.rst with information about nginx' URI normalisation.
* Improved docs on setting up Postgresql (#5661)Lrizika2019-07-111-4/+15
| | | | | Added that synapse_user needs a database to access before it can auth Noted you'll need to enable password auth, linked to pg_hba.conf docs
* Add basic opentracing support (#5544)Jorik Schellekens2019-07-111-0/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Configure and initialise tracer Includes config options for the tracer and sets up JaegerClient. * Scope manager using LogContexts We piggy-back our tracer scopes by using log context. The current log context gives us the current scope. If new scope is created we create a stack of scopes in the context. * jaeger is a dependency now * Carrier inject and extraction for Twisted Headers * Trace federation requests on the way in and out. The span is created in _started_processing and closed in _finished_processing because we need a meaningful log context. * Create logcontext for new scope. Instead of having a stack of scopes in a logcontext we create a new context for a new scope if the current logcontext already has a scope. * Remove scope from logcontext if logcontext is top level * Disable tracer if not configured * typo * Remove dependence on jaeger internals * bools * Set service name * :Explicitely state that the tracer is disabled * Black is the new black * Newsfile * Code style * Use the new config setup. * Generate config. * Copyright * Rename config to opentracing * Remove user whitelisting * Empty whitelist by default * User ConfigError instead of RuntimeError * Use isinstance * Use tag constants for opentracing. * Remove debug comment and no need to explicitely record error * Two errors a "s(c)entry" * Docstrings! * Remove debugging brainslip * Homeserver Whitlisting * Better opentracing config comment * linting * Inclue worker name in service_name * Make opentracing an optional dependency * Neater config retreival * Clean up dummy tags * Instantiate tracing as object instead of global class * Inlcude opentracing as a homeserver member. * Thread opentracing to the request level * Reference opetnracing through hs * Instantiate dummy opentracin g for tests. * About to revert, just keeping the unfinished changes just in case * Revert back to global state, commit number: 9ce4a3d9067bf9889b86c360c05ac88618b85c4f * Use class level methods in tracerutils * Start and stop requests spans in a place where we have access to the authenticated entity * Seen it, isort it * Make sure to close the active span. * I'm getting black and blue from this. * Logger formatting Co-Authored-By: Erik Johnston <erik@matrix.org> * Outdated comment * Import opentracing at the top * Return a contextmanager * Start tracing client requests from the servlet * Return noop context manager if not tracing * Explicitely say that these are federation requests * Include servlet name in client requests * Use context manager * Move opentracing to logging/ * Seen it, isort it again! * Ignore twisted return exceptions on context exit * Escape the scope * Scopes should be entered to make them useful. * Nicer decorator names * Just one init, init? * Don't need to close something that isn't open * Docs make you smarter
* Move logging utilities out of the side drawer of util/ and into logging/ (#5606)Amber Brown2019-07-041-19/+19
|
* Merge branch 'develop' into rav/saml2_clientRichard van der Hoff2019-07-012-3/+28
|\
| * Update the TLS cipher string and provide configurability for TLS on outgoing ↵Amber Brown2019-06-281-0/+9
| | | | | | | | federation (#5550)
| * Added possibilty to disable local password authentication (#5092)Daniel Hoffend2019-06-271-0/+6
| | | | | | | | | | Signed-off-by: Daniel Hoffend <dh@dotlan.net>
| * Make it clearer that the template dir is relative to synapse's root dir (#5543)Andrew Morgan2019-06-271-1/+9
| | | | | | Helps address #5444
| * Merge pull request #5313 from twrist/patch-1Richard van der Hoff2019-06-271-2/+4
| |\ | | | | | | Update HAProxy example rules
| | * Update HAProxy example rulesIke Johnson2019-06-021-2/+4
| | | | | | | | | These new rules allow a user to instead route only matrix traffic, allowing them to run matrix on the domain without affecting their existing websites
* | | update sample configRichard van der Hoff2019-06-271-6/+13
| | |
* | | update sample configRichard van der Hoff2019-06-261-0/+13
|/ /
* | Merge branch 'master' into developAndrew Morgan2019-06-251-1/+1
|\ \ | | | | | | | | | | | | | | | * master: Fix broken link in MSC1711 FAQ Update changelog to better expain password reset change (#5545)
| * | Fix broken link in MSC1711 FAQRichard van der Hoff2019-06-251-1/+1
| | |
* | | Add info about black to code_style.rst (#5537)Andrew Morgan2019-06-241-45/+42
| | | | | | | | | | | | | | | Fixes #5533 Adds information about how to install and run black on the codebase.
* | | Merge pull request #5524 from matrix-org/rav/new_cmdline_optionsRichard van der Hoff2019-06-241-1/+1
|\ \ \ | | | | | | | | Add --data-dir and --open-private-ports options.
| * | | Add "--open-private-ports" cmdline optionRichard van der Hoff2019-06-241-1/+1
| | | | | | | | | | | | | | | | This is helpful when generating a config file for running synapse under docker.
* | | | Merge pull request #5534 from matrix-org/babolivier/federation-publicroomsBrendan Abolivier2019-06-241-4/+8
|\ \ \ \ | |/ / / |/| | | Split public rooms directory auth config in two
| * | | Split public rooms directory auth config in twoBrendan Abolivier2019-06-241-4/+8
| | | |
* | | | Allow configuration of the path used for ACME account keys.Richard van der Hoff2019-06-241-0/+7
|/ / / | | | | | | | | | | | | Because sticking it in the same place as the config isn't necessarily the right thing to do.
* | | Drop support for cpu_affinity (#5525)Richard van der Hoff2019-06-221-23/+0
| | | | | | | | | This has no useful purpose on python3, and is generally a source of confusion.
* | | Update docs/workers.rst Erik Johnston2019-06-211-1/+1
| | | | | | | | | | | | | | | E_TOO_MANY_NEGATIVES Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* | | Support pagination API in client_reader workerErik Johnston2019-06-211-0/+7
| | |
* | | Run Black. (#5482)Amber Brown2019-06-201-79/+79
| | |
* | | Remove Postgres 9.4 support (#5448)Amber Brown2019-06-181-2/+2
| | |
* | | Merge pull request #5440 from matrix-org/babolivier/third_party_event_rulesBrendan Abolivier2019-06-141-0/+13
|\ \ \ | |/ / |/| | Allow server admins to define implementations of extra rules for allowing or denying incoming events
| * | Add plugin APIs for implementations of custom event rules.Brendan Abolivier2019-06-141-0/+13
| | |
* | | Neilj/improve federation docs (#5419)Neil Johnson2019-06-112-3/+91
|/ / | | | | | | Add FAQ questions to federate.md. Add a health warning making it clear that the 1711 upgrade FAQ is now out of date.
* | Set default room version to v4. (#5379)Neil Johnson2019-06-061-1/+1
| | | | | | | | Set default room version to v4.
* | Add ability to perform password reset via email without trusting the ↵Andrew Morgan2019-06-061-10/+50
| | | | | | | | | | | | | | | | | | | | | | | | identity server (#5377) Sends password reset emails from the homeserver instead of proxying to the identity server. This is now the default behaviour for security reasons. If you wish to continue proxying password reset requests to the identity server you must now enable the email.trust_identity_server_for_password_resets option. This PR is a culmination of 3 smaller PRs which have each been separately reviewed: * #5308 * #5345 * #5368
* | Stop hardcoding trust of old matrix.org key (#5374)Richard van der Hoff2019-06-061-6/+37
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There are a few changes going on here: * We make checking the signature on a key server response optional: if no verify_keys are specified, we trust to TLS to validate the connection. * We change the default config so that it does not require responses to be signed by the old key. * We replace the old 'perspectives' config with 'trusted_key_servers', which is also formatted slightly differently. * We emit a warning to the logs every time we trust a key server response signed by the old key.
* | Neilj/1.0 upgrade notes (#5371)Neil Johnson2019-06-061-7/+5
| | | | | | | | 1.0 upgrade/install notes
* | Merge branch 'rav/fix_custom_ca' into rav/enable_tls_verificationRichard van der Hoff2019-06-052-6/+21
|\ \
| * | Fix notes about well-known and acme (#5357)Richard van der Hoff2019-06-051-6/+5
| | | | | | | | | | | | fixes #4951
| * | Neilj/mau tracking config explainer (#5284)Neil Johnson2019-06-051-0/+16
| | | | | | | | | | | | Improve documentation of monthly active user blocking and mau_trial_days
* | | Update sample configRichard van der Hoff2019-06-051-4/+4
|/ /
* | Merge pull request #5276 from matrix-org/babolivier/account_validity_job_deltaErik Johnston2019-05-311-1/+3
|\ \ | | | | | | Allow configuring a range for the account validity startup job
| * | Sample configBrendan Abolivier2019-05-311-1/+1
| | |
| * | Sample configBrendan Abolivier2019-05-311-8/+3
| | |
| * | Config and changelogBrendan Abolivier2019-05-281-0/+7
| | |
* | | Clarify that the admin change password endpoint logs them out (#5303)Travis Ralston2019-05-311-1/+1
| | |
* | | Merge pull request #5283 from aaronraimist/captcha-docsErik Johnston2019-05-291-0/+1
|\ \ \ | | | | | | | | Specify the type of reCAPTCHA key to use (#5013)
| * | | Specify the type of reCAPTCHA key to use (#5013)Aaron Raimist2019-05-281-0/+1
| | | | | | | | | | | | | | | | Signed-off-by: Aaron Raimist <aaron@raim.ist>
* | | | regenerate sample configAmber Brown2019-05-291-3/+3
| | | |
* | | | Fix docs on resetting the user directory (#5036)Aaron Raimist2019-05-281-7/+3
|/ / / | | | | | | | | | Signed-off-by: Aaron Raimist <aaron@raim.ist>
generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-08-25 14:07:17 +0000