| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | | |/
| |/| |
|
| |\| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* commit '81731c6e7':
Fix: Pillow error when uploading RGBA image (#3325) (#6241)
Add User-Interactive Auth to /account/3pid/add (#6119)
Lint
Changelog
Discard retention policies when retrieving state
blacklist more tests
Newsfile
Add tests
Propagate reason in remotely rejected invites
MSC2367 Allow reason field on all member events
|
| | |\ \
| | | |
| | | | |
Implement MSC 2367 - Membership Reasons
|
| | | | | |
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Purge jobs don't delete the latest event in a room in order to keep the forward extremity and not break the room. On the other hand, get_state_events, when given an at_token argument calls filter_events_for_client to know if the user can see the event that matches that (sync) token. That function uses the retention policies of the events it's given to filter out those that are too old from a client's view.
Some clients, such as Riot, when loading a room, request the list of members for the latest sync token it knows about, and get confused to the point of refusing to send any message if the server tells it that it can't get that information. This can happen very easily with the message retention feature turned on and a room with low activity so that the last event sent becomes too old according to the room's retention policy.
An easy and clean fix for that issue is to discard the room's retention policies when retrieving state.
|
| |\| |
| | |
| | |
| | |
| | | |
* commit 'a9c44d400':
Remove local threepids on account deactivation (#6426)
|
| | | | |
|
| |\| |
| | |
| | |
| | |
| | | |
* commit '0d27aba90':
add etag and count to key backup endpoints (#5858)
|
| | | | |
|
| |\| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* commit 'd31f69afa':
clean up buildkite output
Don't restrict the tests to v1 rooms
Fix worker mode
Fix 3PID invite exchange
Lint again
Lint again
Lint
Don't apply retention policy based filtering on state events
Implement per-room message retention policies
|
| | |\ \
| | | |
| | | | |
Implement message retention policies (MSC1763)
|
| | | |\ \ |
|
| | | | | | |
|
| | | | | | |
|
| | | | |/
| | |/| |
|
| |\| | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* commit '651d930f1':
remove confusing fixme
newsfile
Use get_events_as_list rather than lots of calls to get_event
Update some docstrings and comments
Simplify _update_auth_events_and_context_for_auth
|
| | |\ \ \
| | |_|/
| |/| | |
Refactor _update_auth_events_and_context_for_auth
|
| | | | | |
|
| | | |\ \ |
|
| | | | | |
| | | | |
| | | | |
| | | | | |
It's more efficient and clearer.
|
| | | | | | |
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
move event_key calculation into _update_context_for_auth_events, since it's
only used there.
|
| |\| | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
* commit 'f9f1c8acb':
Fixup docs
Newsfile
Fix caching devices for remote servers in worker.
|
| | |\ \ \ \
| | | | | |
| | | | | | |
Fix caching devices for remote servers in worker.
|
| | | | |_|/
| | |/| |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
When the `/keys/query` API is hit on client_reader worker Synapse may
decide that it needs to resync some remote deivces. Usually this happens
on master, and then gets cached. However, that fails on workers and so
it falls back to fetching devices from remotes directly, which may in
turn fail if the remote is down.
|
| |\| | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
* commit '3916e1b97':
Clean up newline quote marks around the codebase (#6362)
update macOS installation instructions
|
| | | | | | |
|
| |\| | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
* commit '83446a18f':
Lint
Apply suggestions from code review
Newsfile
Add failed auth ratelimiting to UIA
Only do `rc_login` ratelimiting on succesful login.
|
| | |\ \ \ \
| | |_|_|/
| |/| | | |
Only do `rc_login` ratelimiting on succesful login.
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
Co-Authored-By: Brendan Abolivier <babolivier@matrix.org>
|
| | | | | | |
|
| | | |/ /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
We were doing this in a number of places which meant that some login
code paths incremented the counter multiple times.
It was also applying ratelimiting to UIA endpoints, which was probably
not intentional.
In particular, some custom auth modules were calling
`check_user_exists`, which incremented the counters, meaning that people
would fail to login sometimes.
|
| |\| | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* commit '6e1b40dc2':
sample config
Add changelog
A couple more instances
Replace instance variations of homeserver with correct case/spacing
|
| | | |/
| |/| |
|
| |\| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* commit 'f713c01e2':
Move type annotation into docstring
Fix deleting state groups during room purge.
Use correct type annotation
Change to not require a state_groups.room_id index.
Fix up comment
Update log line to lie a little less
Add state_groups.room_id index
Docstrings
Fix purge room API
Newsfile
Split purge API into events vs state
|
| | |\ \
| | | |
| | | | |
Split purge API into events vs state and add PurgeEventsStorage
|
| | | |\|
| | | |
| | | |
| | | | |
erikj/split_purge_history
|
| | | |\ \
| | | | |
| | | | |
| | | | | |
erikj/split_purge_history
|
| | | | | | |
|
| |\| | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
* commit 'e914cf12f':
tweak changelog
Re-add docstring, with caveats detailed
Transfer upgraded rooms on groups
|
| | |\ \ \ \ |
|
| | | | | | | |
|
| | | | |_|/
| | |/| | |
|
| |\| | | |
| | | | |
| | | | |
| | | | | |
(#6338)
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| |\| | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
(#6320)
* commit '807ec3bd9':
Fix bug which caused rejected events to be stored with the wrong room state (#6320)
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
(#6320)
Fixes a bug where rejected events were persisted with the wrong state group.
Also fixes an occasional internal-server-error when receiving events over
federation which are rejected and (possibly because they are
backwards-extremities) have no prev_group.
Fixes #6289.
|
| |\| | | |
| | | | |
| | | | |
| | | | |
| | | | | |
* commit '0e3ab8afd':
Add some checks that we aren't using state from rejected events (#6330)
|
| | |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* Raise an exception if accessing state for rejected events
Add some sanity checks on accessing state_group etc for
rejected events.
* Skip calculating push actions for rejected events
It didn't actually cause any bugs, because rejected events get filtered out at
various later points, but there's not point in trying to calculate the push
actions for a rejected event.
|
| |\| | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* commit 'f496d2587':
Incorporate review
Factor out an _AsyncEventContextImpl (#6298)
Update synapse/storage/data_stores/main/schema/delta/56/event_labels.sql
Add more data to the event_labels table and fix the indexes
Add unstable feature flag
Lint
Incorporate review
Lint
Changelog
Add integration tests for /messages
Add more integration testing
Add integration tests for sync
Add unit tests
Add index on label
Implement filtering
Store labels for new events
Add database table for keeping track of labels on events
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The intention here is to make it clearer which fields we can expect to be
populated when: notably, that the _event_type etc aren't used for the
synchronous impl of EventContext.
|
| |\| | |
| | | |
| | | |
| | | |
| | | | |
* commit '1cb84c648':
Support for routing outbound HTTP requests via a proxy (#6239)
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The `http_proxy` and `HTTPS_PROXY` env vars can be set to a `host[:port]` value which should point to a proxy.
The address of the proxy should be excluded from IP blacklists such as the `url_preview_ip_range_blacklist`.
The proxy will then be used for
* push
* url previews
* phone-home stats
* recaptcha validation
* CAS auth validation
It will *not* be used for:
* Application Services
* Identity servers
* Outbound federation
* In worker configurations, connections from workers to masters
Fixes #4198.
|
| |\| | |
| | | |
| | | |
| | | |
| | | | |
* commit 'fe1f2b452':
Remove last usages of deprecated logging.warn method (#6314)
|
| | | | | |
|
| |\| | |
| | | |
| | | |
| | | |
| | | | |
* commit 'ace947e8d':
Depublish a room from the public rooms list when it is upgraded (#6232)
|
| | | | | |
|
| |\| | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* commit '53d7680e3':
Update synapse/storage/data_stores/main/devices.py
rename get_devices_by_remote to get_device_updates_by_remote
black
apply changes as a result of PR review
don't error if federation query doesn't have cross-signing keys
move get_e2e_cross_signing_key to EndToEndKeyWorkerStore so it works with workers
black
vendor-prefix the EDU name until MSC1756 is merged into the spec
fix unit test
add news file
update to work with newer code, and fix formatting
add missing param
make black happy
don't crash if the user doesn't have cross-signing keys
implement federation parts of cross-signing
|
| | |\ \ \ |
|
| | |\ \ \ \
| | | |/ /
| | |/| | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| |\ \ \ \ \
| | |_|/ /
| |/| | |
| | | | |
| | | | | |
* commit '020add509':
Update black to 19.10b0 (#6304)
|
| | | |_|/
| |/| |
| | | | |
* update version of black and also fix the mypy config being overridden
|
| |\| | | |
|
| | |\ \ \
| | | | |
| | | | | |
Add StateGroupStorage interface
|
| | | | |/
| | |/| |
|
| |\| | | |
|
| | |/ /
| | |
| | | |
Replace every instance of `logger.warn` with `logger.warning` as the former is deprecated.
|
| |\| | |
|
| | |\ \
| | | |
| | | |
| | | | |
erikj/split_out_persistence_store
|
| | | |/
| |/| |
|
| |\ \ \
| | |/
| |/|
| | | |
* commit 'a2276d4d3':
|
| | | | |
|
| |\| |
| | |
| | |
| | |
| | |
| | | |
* commit '770d1ef67':
Newsfile
Port receipt and read markers to async/wait
|
| | | | |
|
| |\| |
| | |
| | |
| | |
| | | |
* commit '172f264ed':
Improve signature checking on some federation APIs (#6262)
|
| | | |
| | |
| | |
| | |
| | | |
Make sure that we check that events sent over /send_join, /send_leave, and
/invite, are correctly signed and come from the expected servers.
|
| |\| |
| | |
| | |
| | |
| | |
| | |
| | | |
* commit '87259b3a3':
Fix tests
Newsfile
Remove repeated calls to config.stats_enabled.
|
| | |/
| |
| |
| |
| | |
Turns out that fetching variables from the config object is expensive,
so doing it once at startup avoids unnecessary work.
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* commit '276173163':
Add changelog entry
fix doc strings
make isort happy
add some comments
drop some logger lines to debug
make changes based on PR feedback
add function docs
use something that's the right type for user_id
run black
split out signature processing into separate functions
avoid modifying input parameter
fix test
update with newer coding style
add test
make isort happy
make black happy
allow uploading signatures of master key signed by devices
implement device signature uploading/fetching
|
| | |\
| | |
| | | |
Cross-signing [3/4] -- uploading signatures edition
|
| | | |\ |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | |\ \ |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| |\| | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
* commit '93eaeec75':
Remove Auth.check method (#6217)
add note about database upgrade
use the right function for when we're already in runInteraction
add user signature stream change cache to slaved device store
black
use stream ID generator instead of timestamp
make isort happy
apply PR review suggestions
fix formatting
add changelog
make changes from PR review
don't need to return the hidden column any more
really fix queries to work with Postgres
PostgreSQL, Y U no like?
remove extra SQL query param
add changelog file
apply changes from PR review
allow uploading keys for cross-signing
allow devices to be marked as "hidden"
|
| | | |_|/
| |/| |
| | | | |
This method was somewhat redundant, and confusing.
|
| | |\ \ \ |
|
| | | |\ \ \ |
|
| | | |\ \ \ \
| | | |_|/ /
| | |/| | /
| | | | |/
| | | |/| |
|
| | | |\ \ \ |
|
| | | |\ \ \ \ |
|
| | | | | | | | |
|
| | | | | | | | |
|
| | | | | | | | |
|
| | | | | | | | |
|
| | | | | | | | |
|
| | | |\ \ \ \ \ |
|
| | | | | | | | | |
|
| |\| | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
* commit '47ada4dff':
changelog
rip out some unreachable code
Remove dead check_auth script
|
| | |\ \ \ \ \ \ \
| | | |_|_|_|_|/
| | |/| | | | | |
|
| | |\ \ \ \ \ \ \ |
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
The only possible rejection reason is AUTH_ERROR, so all of this is unreachable.
|
| |\ \ \ \ \ \ \ \ \
| | |_|/ / / / / /
| |/| | | | | | | |
|
| | | |/ / / / / /
| |/| | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
* Fix presence timeouts when synchrotron restarts.
Handling timeouts would fail if there was an external process that had
timed out, e.g. a synchrotron restarting. This was due to a couple of
variable name typoes.
Fixes #3715.
|
| |\| | | | | | | |
|
| | |\ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
make storage layer in charge of interpreting the device key data
|
| | | | | | | | | | |
|
| | | | | | | | | | |
|
| |\| | | | | | | | |
|
| | |\ \ \ \ \ \ \ \
| | |_|/ / / / / /
| |/| | | | | | | |
make version optional in body of e2e backup version update
|
| | | |/ / / / / /
| | | | | | | |
| | | | | | | |
| | | | | | | | |
to agree with latest version of the MSC
|
| |\| | | | | | | |
|
| | | | | | | | | |
|
| |\| | | | | | | |
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Hopefully this will fix the occasional failures we were seeing in the room directory.
The problem was that events are not necessarily persisted (and `current_state_delta_stream` updated) in the same order as their stream_id. So for instance current_state_delta 9 might be persisted *before* current_state_delta 8. Then, when the room stats saw stream_id 9, it assumed it had done everything up to 9, and never came back to do stream_id 8.
We can solve this easily by only processing up to the stream_id where we know all events have been persisted.
|
| |\| | | | | | | |
|
| | |/ / / / / /
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
It turns out that _local_membership_update doesn't run when you join a new, remote room. It only runs if you're joining a room that your server already knows about. This would explain #4703 and #5295 and why the transfer would work in testing and some rooms, but not others. This would especially hit single-user homeservers.
The check has been moved to right after the room has been joined, and works much more reliably. (Though it may still be a bit awkward of a place).
|
| |\| | | | | | |
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
* Remove unused public room list timeout param
* Add changelog
|
| |\| | | | | | |
|
| | |\ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
Don't regenerate numeric user ID if registration fails.
|
| | | | | | | | | |
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
This causes huge amounts of DB IO if registrations start to fail e.g.
because the DB is struggling with IO.
|
| |\| | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
test (#6167)
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
test (#6167)
|
| | |\ \ \ \ \ \ \
| | |/ / / / / /
| |/| | | | | | |
Don't 500 when trying to exchange a revoked 3PID invite
|
| | | | | | | | | |
|
| | | | | | | | | |
|
| | | | | | | | | |
|
| | | | | | | | | |
|
| | | | | | | | | |
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
While this is not documented in the spec (but should be), Riot (and other clients) revoke 3PID invites by sending a m.room.third_party_invite event with an empty ({}) content to the room's state.
When the invited 3PID gets associated with a MXID, the identity server (which doesn't know about revocations) sends down to the MXID's homeserver all of the undelivered invites it has for this 3PID. The homeserver then tries to talk to the inviting homeserver in order to exchange these invite for m.room.member events.
When one of the invite is revoked, the inviting homeserver responds with a 500 error because it tries to extract a 'display_name' property from the content, which is empty. This might cause the invited server to consider that the server is down and not try to exchange other, valid invites (or at least delay it).
This fix handles the case of revoked invites by avoiding trying to fetch a 'display_name' from the original invite's content, and letting the m.room.member event fail the auth rules (because, since the original invite's content is empty, it doesn't have public keys), which results in sending a 403 with the correct error message to the invited server.
|
| |\| | | | | | | |
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
We incorrectly used `room_id` as to bound the result set, even though we
order by `joined_members, room_id`, leading to incorrect results after
pagination.
|
| |\| | | | | | | |
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Use room_stats and room_state for room directory search
|
| |\| | | | | | | |
|
| | |/ / / / / /
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Copy push rules during a room upgrade from the old room to the new room, instead of deleting them from the old room.
For instance, we've defined upgrading of a room multiple times to be possible, and push rules won't be transferred on the second upgrade if they're deleted during the first.
Also fix some missing yields that probably broke things quite a bit.
|
| | | | | | | | |
|
| | | | | | | |
| | | | | | |
| | | | | | | |
Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
|
| | | | | | | |
| | | | | | |
| | | | | | | |
Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
|
| | | | | | | | |
|
| | | | | | | | |
|
| | | | | | | | |
|
| |\| | | | | | |
|
| | | | | | | |
| | | | | | |
| | | | | | | |
Just to have all the methods that make calls to identity services in one place.
|
| |\| | | | | | |
|
| | | | | | | |
| | | | | | |
| | | | | | | |
Fixes #5905
|
| |\| | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
build up of forward extremities. (#5884)
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
'threepid_behaviour_email'. (#6104)
Fixes #6103
|
| |\| | | | | | |
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
If email or msisdn verification aren't supported, let's stop advertising them
for registration.
Fixes #6100.
|
| |\| | | | | | |
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Pull the checkers out to their own classes, rather than having them lost in a
massive 1000-line class which does everything.
This is also preparation for some more intelligent advertising of flows, as per #6100
|
| |\| | | | | | |
|
| | |\ \ \ \ \ \ |
|
| | |\ \ \ \ \ \ \ |
|
| | |\ \ \ \ \ \ \ \ |
|
| | | | | | | | | | | |
|
| | |\ \ \ \ \ \ \ \ \
| | |/ / / / / / / /
| |/| | | | | | | | |
|
| | | | | | | | | | | |
|
| | | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
We want to assign unique mxids to saml users based on an incrementing
suffix. For that to work, we need to record the allocated mxid in a separate
table.
|
| |\ \ \ \ \ \ \ \ \ \
| | |_|_|/ / / / / /
| |/| | | | | | | | |
|
| | | |_|/ / / / / /
| |/| | | | | | | |
|
| |\| | | | | | | | |
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Second part of solving #6076
Fixes #6076
We return a submit_url parameter on calls to POST */msisdn/requestToken so that clients know where to submit token information to.
|
| |\| | | | | | | | |
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Uses a SimpleHttpClient instance equipped with the federation_ip_range_blacklist list for requests to identity servers provided by user input. Does not use a blacklist when contacting identity servers specified by account_threepid_delegates. The homeserver trusts the latter and we don't want to prevent homeserver admins from specifying delegates that are on internal IP addresses.
Fixes #5935
|
| |\| | | | | | | | |
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
First part of solving #6076
|
| |\| | | | | | | | |
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Implements MSC2290. This PR adds two new endpoints, /unstable/account/3pid/add and /unstable/account/3pid/bind. Depending on the progress of that MSC the unstable prefix may go away.
This PR also removes the blacklist on some 3PID tests which occurs in #6042, as the corresponding Sytest PR changes them to use the new endpoints.
Finally, it also modifies the account deactivation code such that it doesn't just try to deactivate 3PIDs that were bound to the user's account, but any 3PIDs that were bound through the homeserver on that user's account.
|
| |\| | | | | | | | |
|
| | | | | | | | | | |
|
| |\| | | | | | | | |
|
| | | |/ / / / / /
| |/| | | | | | |
|
| |\| | | | | | | |
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
3PID invites require making a request to an identity server to check that the invited 3PID has an Matrix ID linked, and if so, what it is.
These requests are being made on behalf of a user. The user will supply an identity server and an access token for that identity server. The homeserver will then forward this request with the access token (using an `Authorization` header) and, if the given identity server doesn't support v2 endpoints, will fall back to v1 (which doesn't require any access tokens).
Requires: ~~#5976~~
|
| |\| | | | | | | |
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Broke in #5971
Basically the bug is that if get_current_state_deltas returns no new updates and we then take the max pos, its possible that we miss an update that happens in between the two calls. (e.g. get_current_state_deltas looks up to stream pos 5, then an event persists and so getting the max stream pos returns 6, meaning that next time we check for things with a stream pos bigger than 6)
|
| |\| | | | | | | |
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
This is a redo of https://github.com/matrix-org/synapse/pull/5897 but with `id_access_token` accepted.
Implements [MSC2134](https://github.com/matrix-org/matrix-doc/pull/2134) plus Identity Service v2 authentication ala [MSC2140](https://github.com/matrix-org/matrix-doc/pull/2140).
Identity lookup-related functions were also moved from `RoomMemberHandler` to `IdentityHandler`.
|
| |\| | | | | | | |
|
| | |\ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
Allow use of different ratelimits for admin redactions.
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
|
| | | | | | | | | | |
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
This is useful to allow room admins to quickly deal with a large number
of abusive messages.
|
| |\| | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
remote_reject_invite (#6009)
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
remote_reject_invite (#6009)
Some small fixes to `room_member.py` found while doing other PRs.
1. Add requester to the base `_remote_reject_invite` method.
2. `send_membership_event`'s docstring was out of date and took in a `remote_room_hosts` arg that was not used and no calling function provided.
|
| |\| | | | | | | | |
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Two things I missed while implementing [MSC2140](https://github.com/matrix-org/matrix-doc/pull/2140/files#diff-c03a26de5ac40fb532de19cb7fc2aaf7R80).
1. Access tokens should be provided to the identity server as `access_token`, not `id_access_token`, even though the homeserver may accept the tokens as `id_access_token`.
2. Access tokens must be sent to the identity server in a query parameter, the JSON body is not allowed.
We now send the access token as part of an `Authorization: ...` header, which fixes both things.
The breaking code was added in https://github.com/matrix-org/synapse/pull/5892
Sytest PR: https://github.com/matrix-org/sytest/pull/697
|
| |\| | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
params to docstring (#6010)
|
| | |/ / / / / / /
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
params to docstring (#6010)
Another small fixup noticed during work on a larger PR. The `origin` field of `add_display_name_to_third_party_invite` is not used and likely was just carried over from the `on_PUT` method of `FederationThirdPartyInviteExchangeServlet` which, like all other servlets, provides an `origin` argument.
Since it's not used anywhere in the handler function though, we should remove it from the function arguments.
|
| |\| | | | | | | |
|
| | |\ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
Use account_threepid_delegate for 3pid validation
|
| | | | | | | | | | |
|
| | | | | | | | | | |
|
| |\| | | | | | | | |
|
| | | |_|_|_|_|_|/
| |/| | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Previously if the first registered user was a "support" or "bot" user,
when the first real user registers, the auto-join rooms were not
created.
Fix to exclude non-real (ie users with a special user type) users
when counting how many users there are to determine whether we should
auto-create a room.
Signed-off-by: Jason Robinson <jasonr@matrix.org>
|
| |\| | | | | | | |
|
| | | | | | | | |
| | | | | | | |
| | | | | | | | |
`sid` is required to be part of `three_pid_creds`. We were 500'ing if it wasn't provided instead of returning `M_MISSING_PARAM`.
|
| |\| | | | | | | |
|
| | |/ / / / / / |
|
| |\| | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
server to handle 3pid validation (#5987)
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
server to handle 3pid validation (#5987)
This is a combination of a few different PRs, finally all being merged into `develop`:
* #5875
* #5876
* #5868 (This one added the `/versions` flag but the flag itself was actually [backed out](https://github.com/matrix-org/synapse/commit/891afb57cbdf9867f2848341b29c75d6f35eef5a#diff-e591d42d30690ffb79f63bb726200891) in #5969. What's left is just giving /versions access to the config file, which could be useful in the future)
* #5835
* #5969
* #5940
Clients should not actually use the new registration functionality until https://github.com/matrix-org/synapse/pull/5972 is merged.
UPGRADE.rst, changelog entries and config file changes should all be reviewed closely before this PR is merged.
|
| |\| | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
matrix-org/joriks/opentracing_link_send_to_edu_contexts
|
| | |\ \ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
matrix-org/joriks/opentracing_link_send_to_edu_contexts
Link the send loop with the edus contexts
|
| | | | |_|_|_|/
| | |/| | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
The contexts were being filtered too early so the send loop wasn't
being linked to them unless the destination
was whitelisted.
|
| |\| | | | | | |
|
| | | | | | | | |
|
| |\| | | | | | |
|
| | |/ / / / /
| | | | | |
| | | | | | |
Implements `POST /_matrix/client/r0/account/3pid/unbind` from [MSC2140](https://github.com/matrix-org/matrix-doc/blob/dbkr/tos_2/proposals/2140-terms-of-service-2.md#post-_matrixclientr0account3pidunbind).
|
| |\| | | | | |
|
| | | | | | |
| | | | | |
| | | | | | |
Removes the `bind_email` and `bind_msisdn` parameters from the `/register` C/S API endpoint as per [MSC2140: Terms of Service for ISes and IMs](https://github.com/matrix-org/matrix-doc/pull/2140/files#diff-c03a26de5ac40fb532de19cb7fc2aaf7R107).
|
| |\| | | | | |
|
| | | | | | |
| | | | | |
| | | | | | |
Previously the stats were not being correctly populated.
|
| | | | | | | |
|
| |\| | | | | |
|
| | | | | | | |
|
| | | | | | | |
|
| |\| | | | | |
|
| | | | | | | |
|
| |\| | | | | |
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Remove all the "double return" statements which were a result of us removing all the instances of
```
defer.returnValue(...)
return
```
statements when we switched to python3 fully.
|
| |\| | | | | |
|
| | | | | | |
| | | | | |
| | | | | | |
Trace device list changes.
|
| |\| | | | | |
|
