summary refs log tree commit diff
path: root/synapse (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* | | | | | | | Merge pull request #5477 from matrix-org/babolivier/third_party_rules_3pidAndrew Morgan2020-02-101-0/+9
|\ \ \ \ \ \ \ \ | | |_|/ / / / / | |/| | | | | |
| * | | | | | | Merge pull request #5477 from matrix-org/babolivier/third_party_rules_3pidBrendan Abolivier2019-06-172-1/+42
| |\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | Add third party rules hook for 3PID invites
| | * | | | | | | Make check_threepid_can_be_invited asyncBrendan Abolivier2019-06-171-0/+1
| | | | | | | | |
| | * | | | | | | Add third party rules hook for 3PID invitesBrendan Abolivier2019-06-172-1/+41
| | | | | | | | |
| * | | | | | | | Merge pull request #5479 from matrix-org/erikj/add_create_room_hook_developErik Johnston2019-06-172-4/+48
| |\| | | | | | | | | | | | | | | | | | | | | | | | | Add third party rules hook into create room
| | * | | | | | | Add third party rules hook into create roomErik Johnston2019-06-172-4/+48
| | |/ / / / / /
* | | | | | | | Remove Postgres 9.4 support (#5448)Andrew Morgan2020-02-102-24/+6
|\| | | | | | |
| * | | | | | | Remove Postgres 9.4 support (#5448)Amber Brown2019-06-182-24/+6
| |/ / / / / /
* | | | | | | Merge pull request #5385 from matrix-org/erikj/reduce_http_exceptionsAndrew Morgan2020-02-104-19/+28
|\| | | | | |
| * | | | | | Merge pull request #5385 from matrix-org/erikj/reduce_http_exceptionsErik Johnston2019-06-174-19/+28
| |\ \ \ \ \ \ | | | | | | | | | | | | | | | | Handle HttpResponseException when using federation client.
| | * | | | | | Handle failing to talk to master over replicationErik Johnston2019-06-071-1/+9
| | | | | | | |
| | * | | | | | Handle HttpResponseException when using federation client.Erik Johnston2019-06-073-18/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Otherwise we just log exceptions everywhere.
* | | | | | | | Merge commit 'dd927b29e' into dinsic-release-v1.1.0Andrew Morgan2020-02-103-7/+53
|\| | | | | | |
| * | | | | | | Merge pull request #5388 from matrix-org/erikj/fix_email_pushErik Johnston2019-06-173-7/+53
| |\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | Fix email notifications for unnamed rooms with multiple people
| | * | | | | | | Add testErik Johnston2019-06-072-7/+42
| | | | | | | | |
| | * | | | | | | Fix email notifications for large unnamed rooms.Erik Johnston2019-06-071-0/+11
| | |/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we try and calculate a description for a room for with no name but multiple other users we threw an exception (due to trying to subscript result of `dict.values()`).
* | | | | | | | Merge pull request #5389 from matrix-org/erikj/renew_attestations_on_masterAndrew Morgan2020-02-101-3/+4
|\| | | | | | |
| * | | | | | | Merge pull request #5389 from matrix-org/erikj/renew_attestations_on_masterErik Johnston2019-06-171-3/+4
| |\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | Only start background group attestation renewals on master
| | * | | | | | | Only start background group attestation renewals on masterErik Johnston2019-06-071-3/+4
| | | | | | | | |
| * | | | | | | | Merge pull request #5464 from matrix-org/erikj/3pid_remote_invite_stateErik Johnston2019-06-171-6/+0
| |\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | Fix 3PID invite room state over federation.
| * \ \ \ \ \ \ \ \ Merge pull request #5440 from matrix-org/babolivier/third_party_event_rulesBrendan Abolivier2019-06-146-4/+191
| |\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | Allow server admins to define implementations of extra rules for allowing or denying incoming events
* | | | | | | | | | | Merge pull request #5461 from matrix-org/erikj/histograms_are_cumalitiveAndrew Morgan2020-02-102-2/+2
|\| | | | | | | | | |
| * | | | | | | | | | Merge pull request #5461 from matrix-org/erikj/histograms_are_cumalitiveErik Johnston2019-06-142-2/+2
| |\ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | Prometheus histograms are cumalative
| | * | | | | | | | | | Prometheus histograms are cumalativeErik Johnston2019-06-142-2/+2
| | | | | | | | | | | |
| * | | | | | | | | | | Merge pull request #5465 from matrix-org/babolivier/fix_deactivation_bg_jobBrendan Abolivier2019-06-141-2/+4
| |\ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | Fix background job for deactivated flag
| | * | | | | | | | | | | Fix background job for deactivated flagBrendan Abolivier2019-06-141-2/+4
| | | | | | | | | | | | |
| * | | | | | | | | | | | Merge pull request #5462 from ↵Brendan Abolivier2019-06-144-2/+25
| |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | matrix-org/babolivier/account_validity_deactivated_accounts_2 Don't send renewal emails to deactivated users (second attempt)
* | | | | | | | | | | | | Merge remote-tracking branch 'dinsic/dinsic' into dinsic-release-v1.1.0Andrew Morgan2020-02-1033-130/+989
|\ \ \ \ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | | | | Fix resetting password via a phone number (#21) dinsic_2020-02-10Andrew Morgan2020-01-241-1/+1
| | | | | | | | | | | | | |
| * | | | | | | | | | | | | Validate client_secret parameter according to spec (#20)Andrew Morgan2020-01-223-1/+33
| | | | | | | | | | | | | |
| * | | | | | | | | | | | | Add the ability to restrict max avatar filesize and content-type (#19)Andrew Morgan2019-12-123-2/+79
| | | | | | | | | | | | | |
| * | | | | | | | | | | | | Add limit_profile_requests_to_known_users option (#18)Andrew Morgan2019-12-052-2/+15
| | | | | | | | | | | | | |
| * | | | | | | | | | | | | Capatilise letters after a - in new user displaynames (#14)Andrew Morgan2019-12-021-16/+58
| | | | | | | | | | | | | |
| * | | | | | | | | | | | | Discard retention policies when retrieving stateBrendan Abolivier2019-11-292-7/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Purge jobs don't delete the latest event in a room in order to keep the forward extremity and not break the room. On the other hand, get_state_events, when given an at_token argument calls filter_events_for_client to know if the user can see the event that matches that (sync) token. That function uses the retention policies of the events it's given to filter out those that are too old from a client's view. Some clients, such as Riot, when loading a room, request the list of members for the latest sync token it knows about, and get confused to the point of refusing to send any message if the server tells it that it can't get that information. This can happen very easily with the message retention feature turned on and a room with low activity so that the last event sent becomes too old according to the room's retention policy. An easy and clean fix for that issue is to discard the room's retention policies when retrieving state.
| * | | | | | | | | | | | | Hide expired users from user directory, optionally show on renewal (#13)Andrew Morgan2019-11-142-0/+55
| | | | | | | | | | | | | |
| * | | | | | | | | | | | | Add a /user/:user_id/info servlet to give user deactivated/expired ↵Andrew Morgan2019-11-142-6/+92
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | information (#12)
| * | | | | | | | | | | | | Create configurable ratelimiter for 3pid invites (#11)Andrew Morgan2019-11-122-8/+17
| | | | | | | | | | | | | |
| * | | | | | | | | | | | | Don't apply retention policy based filtering on state eventsBrendan Abolivier2019-11-061-6/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As per MSC1763, 'Retention is only considered for non-state events.', so don't filter out state events based on the room's retention policy.
| * | | | | | | | | | | | | Support for routing outbound HTTP requests via a proxy (#6239)Richard van der Hoff2019-11-0110-9/+430
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The `http_proxy` and `HTTPS_PROXY` env vars can be set to a `host[:port]` value which should point to a proxy. The address of the proxy should be excluded from IP blacklists such as the `url_preview_ip_range_blacklist`. The proxy will then be used for * push * url previews * phone-home stats * recaptcha validation * CAS auth validation It will *not* be used for: * Application Services * Identity servers * Outbound federation * In worker configurations, connections from workers to masters Fixes #4198.
| * | | | | | | | | | | | | TypoBrendan Abolivier2019-10-041-1/+1
| | | | | | | | | | | | | |
| * | | | | | | | | | | | | LintBrendan Abolivier2019-10-041-3/+1
| | | | | | | | | | | | | |
| * | | | | | | | | | | | | Incorporate reviewBrendan Abolivier2019-10-041-14/+8
| | | | | | | | | | | | | |
| * | | | | | | | | | | | | Add test caseBrendan Abolivier2019-10-041-1/+1
| | | | | | | | | | | | | |
| * | | | | | | | | | | | | LintBrendan Abolivier2019-10-041-1/+3
| | | | | | | | | | | | | |
| * | | | | | | | | | | | | Don't 500 code when trying to exchange a revoked 3PID inviteBrendan Abolivier2019-10-041-2/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | While this is not documented in the spec (but should be), Riot (and other clients) revoke 3PID invites by sending a m.room.third_party_invite event with an empty ({}) content to the room's state. When the invited 3PID gets associated with a MXID, the identity server (which doesn't know about revocations) sends down to the MXID's homeserver all of the undelivered invites it has for this 3PID. The homeserver then tries to talk to the inviting homeserver in order to exchange these invite for m.room.member events. When one of the invite is revoked, the inviting homeserver responds with a 500 error because it tries to extract a 'display_name' property from the content, which is empty. This might cause the invited server to consider that the server is down and not try to exchange other, valid invites (or at least delay it). This fix handles the case of revoked invites by avoiding trying to fetch a 'display_name' from the original invite's content, and letting the m.room.member event fail the auth rules (because, since the original invite's content is empty, it doesn't have public keys), which results in sending a 403 with the correct error message to the invited server.
| * | | | | | | | | | | | | Merge pull request #7 from matrix-org/babolivier/deactivation-inviteBrendan Abolivier2019-09-271-0/+37
| |\ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Reject pending invites on deactivation
| | * | | | | | | | | | | | | s/return/defer.returnValue/Brendan Abolivier2019-09-271-1/+1
| | | | | | | | | | | | | | |
| | * | | | | | | | | | | | | Incorporate reviewBrendan Abolivier2019-09-271-4/+2
| | | | | | | | | | | | | | |
| | * | | | | | | | | | | | | Update synapse/handlers/deactivate_account.pyBrendan Abolivier2019-09-271-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
| | * | | | | | | | | | | | | Update synapse/handlers/deactivate_account.pyBrendan Abolivier2019-09-271-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
| | * | | | | | | | | | | | | LintBrendan Abolivier2019-09-271-1/+34
| | | | | | | | | | | | | | |
| * | | | | | | | | | | | | | Allow membership events which membership isn't join or invite in restricted ↵Brendan Abolivier2019-09-261-1/+9
| |/ / / / / / / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | rooms
| * | | | | | | | | | | | | Consider every room as having no retention policy if the feature is disabledBrendan Abolivier2019-09-241-0/+8
| | | | | | | | | | | | | |
| * | | | | | | | | | | | | Move get_retention_policy_for_room to RoomWorkerStoreBrendan Abolivier2019-09-241-55/+55
| | | | | | | | | | | | | |
| * | | | | | | | | | | | | Remove unnecessary cast to listBrendan Abolivier2019-09-201-1/+1
| | | | | | | | | | | | | |
| * | | | | | | | | | | | | LintBrendan Abolivier2019-09-191-1/+2
| | | | | | | | | | | | | |
| * | | | | | | | | | | | | Use six.moves.filter when filtering out from MXIDBrendan Abolivier2019-09-191-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Python 2's filter() function and Python 3's don't return the same type when processing a string (respectively str and filter), therefore use six's compatibility mapping (which resolves to itertools.ifilter() if using Python2), then generate a string from the filtered list, in order to ensure consistent behaviour between Python 2 and Python 3.
| * | | | | | | | | | | | | Merge pull request #2 from matrix-org/babolivier/dinsic-3pid-inviteBrendan Abolivier2019-09-101-9/+14
| |\ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Don't treat 3PID revocation as a new 3PID invite
| | * | | | | | | | | | | | | Process revocations in _on_membership_or_invite_directBrendan Abolivier2019-09-091-18/+11
| | | | | | | | | | | | | | |
| | * | | | | | | | | | | | | TypoBrendan Abolivier2019-09-061-1/+1
| | | | | | | | | | | | | | |
| | * | | | | | | | | | | | | Only filter on 3PID invite tokensBrendan Abolivier2019-09-061-6/+6
| | | | | | | | | | | | | | |
| | * | | | | | | | | | | | | Merge branch 'dinsic' into babolivier/dinsic-3pid-inviteBrendan Abolivier2019-09-061-0/+48
| | |\ \ \ \ \ \ \ \ \ \ \ \ \
| | * | | | | | | | | | | | | | Don't process revoked/redacted events as part of the room's membership infoBrendan Abolivier2019-09-061-2/+2
| | | | | | | | | | | | | | | |
| | * | | | | | | | | | | | | | Don't treat 3PID revokation as a new 3PID inviteBrendan Abolivier2019-09-061-7/+19
| | | | | | | | | | | | | | | |
| * | | | | | | | | | | | | | | Rename io.open import to limite side-effectsBrendan Abolivier2019-09-091-2/+2
| | | | | | | | | | | | | | | |
| * | | | | | | | | | | | | | | LintBrendan Abolivier2019-09-091-1/+1
| | | | | | | | | | | | | | | |
| * | | | | | | | | | | | | | | Revert "Merge pull request #5932 from ↵Brendan Abolivier2019-09-092-4/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | matrix-org/babolivier/account_validity_template_encode" This reverts commit 84e695f506faf54982b9e19dceb9c02acffad95f, reversing changes made to 99eec6d2d5cc76e645c3fd7ca6cda85b2bab6feb.
| * | | | | | | | | | | | | | | Read all files as UTF-8Brendan Abolivier2019-09-091-1/+2
| | | | | | | | | | | | | | | |
| * | | | | | | | | | | | | | | Revert "Ensure the password reset template is correctly converted to binary"Brendan Abolivier2019-09-091-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 665dd9f7f8db2f8d38f454d4d5b96efcf163a5db.
| * | | | | | | | | | | | | | | Ensure the password reset template is correctly converted to binaryBrendan Abolivier2019-09-091-1/+2
| | |/ / / / / / / / / / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Regardless of the Python version
| * | | | | | | | | | | | | | LintBrendan Abolivier2019-09-051-2/+0
| | | | | | | | | | | | | | |
| * | | | | | | | | | | | | | Forbid changing the name, avatar or topic of a direct roomBrendan Abolivier2019-09-051-0/+50
| |/ / / / / / / / / / / / /
* | | | | | | | | | | | | | Don't send renewal emails to deactivated usersAndrew Morgan2020-02-101-0/+4
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ | | |_|/ / / / / / / / / / / | |/| | | | | | | | | | | |
| * | | | | | | | | | | | | Don't send renewal emails to deactivated usersBrendan Abolivier2019-06-144-2/+25
| | |_|/ / / / / / / / / / | |/| | | | | | | | | | |
* | | | | | | | | | | | | Merge pull request #5390 from matrix-org/erikj/dont_log_on_fail_to_get_fileAndrew Morgan2020-02-102-6/+13
|\ \ \ \ \ \ \ \ \ \ \ \ \ | | |_|/ / / / / / / / / / | |/| | | | | | | | | | |
| * | | | | | | | | | | | Merge pull request #5390 from matrix-org/erikj/dont_log_on_fail_to_get_fileErik Johnston2019-06-142-6/+13
| |\ \ \ \ \ \ \ \ \ \ \ \ | | |/ / / / / / / / / / / | |/| | | | | | | | | | | Don't log exception when failing to fetch remote content.
| | * | | | | | | | | | | Don't log exception when failing to fetch remote content.Erik Johnston2019-06-072-6/+13
| | | |_|_|/ / / / / / / | | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In particular, let's not log stack traces when we stop processing becuase the response body was too large.
* | | | | | | | | | | | Track deactivated accounts in the database (#5378)Andrew Morgan2020-02-101-0/+3
|\| | | | | | | | | | |
| * | | | | | | | | | | Track deactivated accounts in the database (#5378)Brendan Abolivier2019-06-143-0/+137
| | | | | | | | | | | |
* | | | | | | | | | | | Merge pull request #5458 from matrix-org/hawkowl/fix-prometheusAndrew Morgan2020-02-101-1/+1
|\| | | | | | | | | | |
| * | | | | | | | | | | fix prometheus rendering errorAmber H. Brown2019-06-141-1/+1
| | | | | | | | | | | |
* | | | | | | | | | | | Clean up code for sending federation EDUs. (#5381)Andrew Morgan2020-02-101-14/+26
|\| | | | | | | | | | |
| * | | | | | | | | | | Clean up code for sending federation EDUs. (#5381)Richard van der Hoff2019-06-131-14/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This code confused the hell out of me today. Split _get_new_device_messages into its two (unrelated) parts.
* | | | | | | | | | | | Expose statistics on extrems to prometheus (#5384)Andrew Morgan2020-02-102-33/+123
|\| | | | | | | | | | |
| * | | | | | | | | | | Expose statistics on extrems to prometheus (#5384)Amber Brown2019-06-132-33/+123
| | | | | | | | | | | |
* | | | | | | | | | | | Remove Python 2.7 support. (#5425)Andrew Morgan2020-02-106-27/+59
|\| | | | | | | | | | | | |_|/ / / / / / / / / |/| | | | | | | | | |
| * | | | | | | | | | Remove Python 2.7 support. (#5425)Amber Brown2019-06-122-2/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * remove 2.7 from CI and publishing * fill out classifiers and also make it not be installed on 3.5 * some minor bumps so that the old deps work on python 3.5
| * | | | | | | | | | Merge branch 'master' of github.com:matrix-org/synapse into developErik Johnston2019-06-116-9/+9
| |\ \ \ \ \ \ \ \ \ \ | | | |_|_|_|_|/ / / / | | |/| | | | | | | |
| * | | | | | | | | | Merge branch 'release-v1.0.0' of github.com:matrix-org/synapse into developErik Johnston2019-06-114-2/+7
| |\ \ \ \ \ \ \ \ \ \ | | | |_|_|_|_|_|_|_|/ | | |/| | | | | | | |
| * | | | | | | | | | Don't warn user about password reset disabling through config code (#5387)Andrew Morgan2019-06-112-10/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Moves the warning about password resets being disabled to the point where a user actually tries to reset their password. Is this an appropriate place for it to happen? Also removed the disabling of msisdn password resets when you don't have an email config, as that just doesn't make sense. Also change the error a user receives upon disabled passwords to specify that only email-based password reset is disabled.
| * | | | | | | | | | add monthly active users to phonehome stats (#5252)Neil Johnson2019-06-102-15/+30
| | |_|_|_|_|_|_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | * add monthly active users to phonehome stats
| * | | | | | | | | Merge branch 'release-v1.0.0' of github.com:matrix-org/synapse into developErik Johnston2019-06-105-87/+134
| |\ \ \ \ \ \ \ \ \
| * \ \ \ \ \ \ \ \ \ Merge pull request #5415 from matrix-org/erikj/fix_null_valid_until_msErik Johnston2019-06-101-0/+8
| |\ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | Fix key verification when key stored with null valid_until_ms
| * \ \ \ \ \ \ \ \ \ \ Merge pull request #5363 from ↵Brendan Abolivier2019-06-102-3/+14
| |\ \ \ \ \ \ \ \ \ \ \ | | |_|_|_|_|/ / / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | matrix-org/babolivier/account_validity_send_mail_auth Don't check whether the user's account is expired on /send_mail requests
* | | | | | | | | | | | Bump requirement for six to 1.12Brendan Abolivier2019-08-291-1/+1
| | | | | | | | | | | |
* | | | | | | | | | | | Fix encoding for account validity HTML files on Python 2Brendan Abolivier2019-08-291-1/+3
| | | | | | | | | | | |
* | | | | | | | | | | | Merge branch 'dinsic' into babolivier/dinsic-message-retentionBrendan Abolivier2019-08-288-42/+190
|\ \ \ \ \ \ \ \ \ \ \ \
| * \ \ \ \ \ \ \ \ \ \ \ Merge pull request #5812 from matrix-org/babolivier/account-validity-messages dinsic_2019-08-12Michael Kaye2019-08-125-9/+69
| |\ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Account validity: allow defining HTML templates to serve the user on account renewal attempt
| | * | | | | | | | | | | | LintBrendan Abolivier2019-08-012-13/+8
| | | | | | | | | | | | | |
| | * | | | | | | | | | | | Allow defining HTML templates to serve the user on account renewalBrendan Abolivier2019-08-015-9/+74
| | | | | | | | | | | | | |
| * | | | | | | | | | | | | Merge pull request #5781 from matrix-org/baboliver/loopingcall-args dinsic_2019-08-08Michael Kaye2019-08-081-2/+4
| |\ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add ability to pass arguments to looping calls
| | * | | | | | | | | | | | | Add kwargs and docBrendan Abolivier2019-07-291-2/+4
| | | | | | | | | | | | | | |
| | * | | | | | | | | | | | | Add ability to pass arguments to looping callsBrendan Abolivier2019-07-291-2/+2
| | | | | | | | | | | | | | |
| * | | | | | | | | | | | | | Merge pull request #5760 from ↵Michael Kaye2019-08-081-14/+85
| |\ \ \ \ \ \ \ \ \ \ \ \ \ \ | | |_|/ / / / / / / / / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | matrix-org/babolivier/access-rules-public-restricted Force the access rule to be "restricted" if the join rule is "public"
| | * | | | | | | | | | | | | Explain rationaleBrendan Abolivier2019-08-011-0/+4
| | | | | | | | | | | | | | |
| | * | | | | | | | | | | | | Incorporate reviewBrendan Abolivier2019-07-301-15/+13
| | | | | | | | | | | | | | |
| | * | | | | | | | | | | | | Merge ifsBrendan Abolivier2019-07-251-5/+4
| | | | | | | | | | | | | | |
| | * | | | | | | | | | | | | DocBrendan Abolivier2019-07-251-2/+14
| | | | | | | | | | | | | | |
| | * | | | | | | | | | | | | Only check the join rule on room creation if an access rule is also providedBrendan Abolivier2019-07-251-12/+12
| | | | | | | | | | | | | | |
| | * | | | | | | | | | | | | Implement restrictions on new eventsBrendan Abolivier2019-07-241-1/+40
| | | | | | | | | | | | | | |
| | * | | | | | | | | | | | | Implement restriction on public room creationBrendan Abolivier2019-07-241-11/+30
| | |/ / / / / / / / / / / /
| * | | | | | | | | | | | | Ignore redactions of redactions in get_events_as_listBrendan Abolivier2019-07-311-4/+1
| | | | | | | | | | | | | |
| * | | | | | | | | | | | | Ignore invalid redactions in _get_event_from_rowBrendan Abolivier2019-07-311-0/+5
| | | | | | | | | | | | | |
| * | | | | | | | | | | | | Should now work, unless we can't find the redaction event which happens for ↵Brendan Abolivier2019-07-301-18/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | some reason (need to investigate)
| * | | | | | | | | | | | | Don't make the checks depend on recheck_redactionBrendan Abolivier2019-07-301-20/+23
| | | | | | | | | | | | | |
| * | | | | | | | | | | | | Do checks soonerBrendan Abolivier2019-07-291-21/+19
| | | | | | | | | | | | | |
| * | | | | | | | | | | | | Check room ID and type of redacted eventBrendan Abolivier2019-07-291-10/+22
| |/ / / / / / / / / / / /
* / / / / / / / / / / / / Implement per-room message retention policiesBrendan Abolivier2019-08-2810-7/+689
|/ / / / / / / / / / / /
* | | | | | | | | | | | Merge branch 'dinsic' into babolivier/3pid-inviteBrendan Abolivier2019-07-171-0/+4
|\ \ \ \ \ \ \ \ \ \ \ \
| * \ \ \ \ \ \ \ \ \ \ \ Merge pull request #5646 from matrix-org/babolivier/profile-allow-self dinsic_2019-07-09Brendan Abolivier2019-07-091-0/+4
| |\ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Port #5644 to dinsic
| | * | | | | | | | | | | | Allow newly-registered users to lookup their own profilesBrendan Abolivier2019-07-091-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When a user creates an account and the 'require_auth_for_profile_requests' config flag is set, and a client that performed the registration wants to lookup the newly-created profile, the request will be denied because the user doesn't share a room with themselves yet.
* | | | | | | | | | | | | | There's no third_party_signed property in an invite's contentBrendan Abolivier2019-07-171-6/+3
| | | | | | | | | | | | | |
* | | | | | | | | | | | | | Fix check of the association between a 3PID invite and the subsequent ↵Brendan Abolivier2019-07-171-1/+7
|/ / / / / / / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | m.room.member event in the 3rd party rules
* | | | | | | | | | | | | Merge pull request #5610 from matrix-org/babolivier/power-levels dinsic_2019-07-04Brendan Abolivier2019-07-041-34/+120
|\ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Implement new restrictions on power levels
| * \ \ \ \ \ \ \ \ \ \ \ \ Merge branch 'babolivier/power-levels' of github.com:matrix-org/synapse into ↵Brendan Abolivier2019-07-031-0/+1
| |\ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | babolivier/power-levels
| | * | | | | | | | | | | | | Update synapse/third_party_rules/access_rules.pyBrendan Abolivier2019-07-031-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
| * | | | | | | | | | | | | | Incorporate reviewBrendan Abolivier2019-07-031-6/+10
| |/ / / / / / / / / / / / /
| * | | | | | | | | | | | | Incorporate reviewBrendan Abolivier2019-07-031-8/+12
| | | | | | | | | | | | | |
| * | | | | | | | | | | | | Change the rule for applying PL restrictionsBrendan Abolivier2019-07-031-3/+7
| | | | | | | | | | | | | |
| * | | | | | | | | | | | | Default return value for events we're not interested inBrendan Abolivier2019-07-031-0/+2
| | | | | | | | | | | | | |
| * | | | | | | | | | | | | Refactor part of the access rules moduleBrendan Abolivier2019-07-031-33/+47
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since we're not processing only membership events and 3PID invites anymore, it's nice to know which function is supposed to process what.
| * | | | | | | | | | | | | Implement restrictions for power levelsBrendan Abolivier2019-07-031-0/+57
| |/ / / / / / / / / / / /
* | | | | | | | | | | | | Only ratelimit when sending the emailBrendan Abolivier2019-06-281-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If we do the opposite, an event can arrive after or while sending the email and the 3PID invite event will get ratelimited.
* | | | | | | | | | | | | Don't update the ratelimiter before sending a 3PID inviteBrendan Abolivier2019-06-281-1/+1
|/ / / / / / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This would cause emails being sent, but Synapse responding with a 429 when creating the event. The client would then retry, and with bad timing the same scenario would happen again. Some testing I did ended up sending me 10 emails for one single invite because of this.
* | | | | | | | | | | | Merge pull request #5574 from matrix-org/babolivier/fix-3pid-bind dinsic_2019-06-27Brendan Abolivier2019-06-271-3/+8
|\ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | Fix new 3PID bindings being associated with rewritten IS's server names instead of the original one
| * | | | | | | | | | | | Fix new 3PID bindings being associated with rewritten IS's server names ↵Brendan Abolivier2019-06-271-3/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | instead of the original one This would make unbind requests fail because Synapse is using the server name it has in DB as destination_is to generate signature, and Sydent uses its own server name there when verifying it, so if a mismatch happens, which is the case if the name gets rewritten for routing purposes, the unbind requests fail on the signature verification.
* | | | | | | | | | | | | Split public rooms directory auth config in twoBrendan Abolivier2019-06-243-15/+39
| | | | | | | | | | | | |
* | | | | | | | | | | | | Merge pull request #5495 from matrix-org/babolivier/deactivate_bg_job_typo dinsic_2019-06-19Brendan Abolivier2019-06-191-1/+1
|\ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Port "Fix typo in deactivation background job" to dinsic
| * | | | | | | | | | | | | Fix typo in deactivation background jobBrendan Abolivier2019-06-191-1/+1
| | | | | | | | | | | | | |
* | | | | | | | | | | | | | Don't process 3PIDs in _apply_restrictedBrendan Abolivier2019-06-181-1/+3
| | | | | | | | | | | | | |
* | | | | | | | | | | | | | LintBrendan Abolivier2019-06-181-1/+0
| | | | | | | | | | | | | |
* | | | | | | | | | | | | | Incorporate reviewBrendan Abolivier2019-06-181-78/+69
| | | | | | | | | | | | | |
* | | | | | | | | | | | | | FixesBrendan Abolivier2019-06-181-0/+5
| | | | | | | | | | | | | |
* | | | | | | | | | | | | | DocstringsBrendan Abolivier2019-06-171-27/+154
| | | | | | | | | | | | | |
* | | | | | | | | | | | | | Rename into RoomAccessRulesBrendan Abolivier2019-06-172-1/+1
| | | | | | | | | | | | | |
* | | | | | | | | | | | | | Fix function callBrendan Abolivier2019-06-171-1/+1
| | | | | | | | | | | | | |
* | | | | | | | | | | | | | Implement rules changeBrendan Abolivier2019-06-171-1/+40
| | | | | | | | | | | | | |
* | | | | | | | | | | | | | Improve docBrendan Abolivier2019-06-171-3/+8
| | | | | | | | | | | | | |
* | | | | | | | | | | | | | Implement 3PID invite hookBrendan Abolivier2019-06-171-7/+49
| | | | | | | | | | | | | |
* | | | | | | | | | | | | | Implement restricted rules and room creation hookBrendan Abolivier2019-06-171-11/+43
| | | | | | | | | | | | | |
* | | | | | | | | | | | | | Implement rules for directBrendan Abolivier2019-06-171-12/+100
| | | | | | | | | | | | | |
* | | | | | | | | | | | | | BackboneBrendan Abolivier2019-06-171-0/+11
| | | | | | | | | | | | | |
* | | | | | | | | | | | | | BaseBrendan Abolivier2019-06-172-0/+45
|/ / / / / / / / / / / / /
* | | | | | | | | | | | | Make check_threepid_can_be_invited asyncBrendan Abolivier2019-06-171-0/+1
| | | | | | | | | | | | |
* | | | | | | | | | | | | Add third party rules hook for 3PID invitesBrendan Abolivier2019-06-172-1/+41
| | | | | | | | | | | | |
* | | | | | | | | | | | | Add third party rules hook into create roomErik Johnston2019-06-172-6/+37
| | | | | | | | | | | | |
* | | | | | | | | | | | | Merge pull request #5471 from matrix-org/erikj/3pid_remote_invite_stateBrendan Abolivier2019-06-171-6/+0
|\ \ \ \ \ \ \ \ \ \ \ \ \ | | |_|_|_|_|_|_|_|/ / / / | |/| | | | | | | | | | | Port "Fix 3PID invite room state over federation" to dinsic
| * | | | | | | | | | | | Fix 3PID invite room state over federation.Erik Johnston2019-06-141-6/+0
| | |_|_|_|_|_|/ / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes that when a user exchanges a 3PID invite for a proper invite over federation it does not include the `invite_room_state` key. This was due to synapse incorrectly sending out two invite requests.
* | | | | | | | | | | | Merge branch 'babolivier/third_party_event_rules' into dinsicBrendan Abolivier2019-06-146-4/+189
|\ \ \ \ \ \ \ \ \ \ \ \ | | |_|_|_|_|_|_|/ / / / | |/| | | | | | | | | |
| * | | | | | | | | | | Add plugin APIs for implementations of custom event rules.Brendan Abolivier2019-06-146-4/+191
| | |_|_|_|_|_|/ / / / | |/| | | | | | | | |
* | | | | | | | | | | Fix background job for deactivated flagBrendan Abolivier2019-06-141-2/+4
| | | | | | | | | | |
* | | | | | | | | | | Don't send renewal emails to deactivated usersBrendan Abolivier2019-06-144-2/+25
| | | | | | | | | | |
* | | | | | | | | | | Track deactivated accounts in the database (#5378)Brendan Abolivier2019-06-143-0/+137
| | | | | | | | | | |
* | | | | | | | | | | Merge branch 'dinsic' into babolivier/userdir_hide_usersBrendan Abolivier2019-06-141-0/+1
|\ \ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | | Make index uniqueBrendan Abolivier2019-06-141-0/+1
| | | | | | | | | | | |
* | | | | | | | | | | | Merge branch 'babolivier/fix_profile_replication' into ↵Brendan Abolivier2019-06-132-2/+15
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | babolivier/userdir_hide_users
| * | | | | | | | | | | LintBrendan Abolivier2019-06-131-1/+1
| | | | | | | | | | | |
| * | | | | | | | | | | Fix snafuBrendan Abolivier2019-06-131-2/+3
| | | | | | | | | | | |
| * | | | | | | | | | | Create the index in a background updateBrendan Abolivier2019-06-132-3/+15
| | | | | | | | | | | |
| * | | | | | | | | | | LintBrendan Abolivier2019-06-121-1/+0
| | | | | | | | | | | |
| * | | | | | | | | | | Merge branch 'dinsic' into babolivier/fix_profile_replicationBrendan Abolivier2019-06-12124-1623/+8245
| |\ \ \ \ \ \ \ \ \ \ \
* | | | | | | | | | | | | LintBrendan Abolivier2019-06-121-1/+0
| | | | | | | | | | | | |
* | | | | | | | | | | | | Merge branch 'dinsic' into babolivier/userdir_hide_usersBrendan Abolivier2019-06-12125-1623/+8245
|\ \ \ \ \ \ \ \ \ \ \ \ \ | | |/ / / / / / / / / / / | |/| | | | | | | | | | |
| * | | | | | | | | | | | Regenerate full schemasBrendan Abolivier2019-06-122-2/+17
| | | | | | | | | | | | |
| * | | | | | | | | | | | Fix path for password policy endpointsBrendan Abolivier2019-06-121-2/+2
| | | | | | | | | | | | |
| * | | | | | | | | | | | Merge branch 'master' into dinsicBrendan Abolivier2019-06-12109-1337/+6437
| |\ \ \ \ \ \ \ \ \ \ \ \ | | | |_|/ / / / / / / / / | | |/| | | | | | | | | |
| | * | | | | | | | | | | 1.0.0 v1.0.0Erik Johnston2019-06-111-1/+1
| | | | | | | | | | | | |
| | * | | | | | | | | | | Bump bleach version so that tests can run on old deps.Erik Johnston2019-06-111-1/+1
| | | | | | | | | | | | |
| | * | | | | | | | | | | Change password reset links to /_matrix.Erik Johnston2019-06-114-7/+7
| | | |/ / / / / / / / / | | |/| | | | | | | | |
| | * | | | | | | | | | 1.0.0rc3 v1.0.0rc3Erik Johnston2019-06-111-1/+1
| | | | | | | | | | | |
| | * | | | | | | | | | Fix defaults on checking threepidsErik Johnston2019-06-102-1/+2
| | | | | | | | | | | |
| | * | | | | | | | | | Merge pull request #5418 from matrix-org/erikj/fix_send_fed_with_limit_zeroErik Johnston2019-06-101-0/+4
| | |\ \ \ \ \ \ \ \ \ \ | | | |_|_|_|_|_|/ / / / | | |/| | | | | | | | | Fix bug sending federation transactions with lots of EDUs
| | | * | | | | | | | | Fix bug sending federation transactions with lots of EDUsErik Johnston2019-06-101-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If we try and send a transaction with lots of EDUs and we run out of space, we call get_new_device_msgs_for_remote with a limit of 0, which then failed.
| | * | | | | | | | | | 1.0.0rc2 v1.0.0rc2Erik Johnston2019-06-101-1/+1
| | | | | | | | | | | |
| | * | | | | | | | | | Merge pull request #5417 from matrix-org/rav/shared_ssl_contextErik Johnston2019-06-102-75/+110
| | |\ \ \ \ \ \ \ \ \ \ | | | |/ / / / / / / / / | | |/| | | | | | | | | Share an SSL context object between SSL connections
| | | * | | | | | | | | rename gutwrenched attrRichard van der Hoff2019-06-101-5/+9
| | | | | | | | | | | |
| | | * | | | | | | | | Fix federation connections to literal IP addressesRichard van der Hoff2019-06-102-6/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | turns out we need a shiny version of service_identity to enforce this correctly.
| | | * | | | | | | | | clean up impl, and import idna directlyRichard van der Hoff2019-06-102-15/+12
| | | | | | | | | | | |
| | | * | | | | | | | | Share an SSL context object between SSL connectionsRichard van der Hoff2019-06-091-60/+89
| | | | |_|/ / / / / / | | | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | This involves changing how the info callbacks work.
| | * | | | | | | | | Merge branch 'erikj/fix_null_valid_until_ms' of ↵Erik Johnston2019-06-101-0/+8
| | |\ \ \ \ \ \ \ \ \ | | | | |_|_|_|/ / / / | | | |/| | | | | | | | | | | | | | | | | | github.com:matrix-org/synapse into release-v1.0.0
| | | * | | | | | | | Fix key verification when key stored with null valid_until_msErik Johnston2019-06-101-0/+8
| | | |/ / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some keys are stored in the synapse database with a null valid_until_ms which caused an exception to be thrown when using that key. We fix this by treating nulls as zeroes, i.e. they keys will match verification requests with a minimum_valid_until_ms of zero (i.e. don't validate ts) but will not match requests with a non-zero minimum_valid_until_ms. Fixes #5391.
| | * / / / / / / / Improve startup checks for insecure notary configs (#5392)Richard van der Hoff2019-06-102-11/+23
| | |/ / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It's not really a problem to trust notary responses signed by the old key so long as we are also doing TLS validation. This commit adds a check to the config parsing code at startup to check that we do not have the insecure matrix.org key without tls validation, and refuses to start without it. This allows us to remove the rather alarming-looking warning which happens at runtime.
| | * | | | / / / 1.0.0rc1 v1.0.0rc1Neil Johnson2019-06-071-1/+1
| | | |_|_|/ / / | | |/| | | | |
| | * | | | | | Prevent multiple device list updates from breaking a batch send (#5156)Andrew Morgan2019-06-062-31/+126
| | | | | | | | | | | | | | | | | | | | | | | | fixes #5153
| | * | | | | | Set default room version to v4. (#5379)Neil Johnson2019-06-061-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Set default room version to v4.
| | * | | | | | Merge pull request #5320 from matrix-org/hawkowl/full-schema-v1Erik Johnston2019-06-065-2/+2352
| | |\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | Make a full SQL schema
| | | * | | | | | fix maybeAmber H. Brown2019-06-071-20/+2
| | | | | | | | |
| | | * | | | | | just user dir?Amber H. Brown2019-06-071-1/+19
| | | | | | | | |
| | | * | | | | | remove background updates that arent neededAmber H. Brown2019-06-071-33/+1
| | | | | | | | |
| | | * | | | | | add more commentsAmber Brown2019-06-061-0/+5
| | | | | | | | |
| | | * | | | | | Merge remote-tracking branch 'origin/develop' into hawkowl/full-schema-v1Amber Brown2019-06-0439-323/+294
| | | |\ \ \ \ \ \
| | | * | | | | | | add stuff in bg updatesAmber Brown2019-06-041-10/+62
| | | | | | | | | |
| | | * | | | | | | WHY IS THIS CALLED A SLIGHTLY DIFFERENT THINGAmber Brown2019-06-031-0/+1
| | | | | | | | | |
| | | * | | | | | | more fixAmber Brown2019-06-031-0/+38
| | | | | | | | | |
| | | * | | | | | | fix schemasAmber Brown2019-06-034-61/+20
| | | | | | | | | |
| | | * | | | | | | full schemaAmber Brown2019-06-033-0/+2315
| | | | | | | | | |
| | | * | | | | | | prepareAmber Brown2019-06-031-2/+14
| | | | |_|_|_|_|/ | | | |/| | | | |
| | * | | | | | | Add ability to perform password reset via email without trusting the ↵Andrew Morgan2019-06-0617-60/+871
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | identity server (#5377) Sends password reset emails from the homeserver instead of proxying to the identity server. This is now the default behaviour for security reasons. If you wish to continue proxying password reset requests to the identity server you must now enable the email.trust_identity_server_for_password_resets option. This PR is a culmination of 3 smaller PRs which have each been separately reviewed: * #5308 * #5345 * #5368
| | * | | | | | | Stop hardcoding trust of old matrix.org key (#5374)Richard van der Hoff2019-06-062-74/+226
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There are a few changes going on here: * We make checking the signature on a key server response optional: if no verify_keys are specified, we trust to TLS to validate the connection. * We change the default config so that it does not require responses to be signed by the old key. * We replace the old 'perspectives' config with 'trusted_key_servers', which is also formatted slightly differently. * We emit a warning to the logs every time we trust a key server response signed by the old key.
| | * | | | | | | Fix missing logcontext for PresenceHandler.on_shutdown. (#5369)Richard van der Hoff2019-06-061-1/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes some warnings, and a scary-looking stacktrace when sytest kills the process.
| | * | | | | | | Merge pull request #5221 from matrix-org/erikj/fix_worker_sytestErik Johnston2019-06-061-1/+11
| | |\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | Fix get_max_topological_token to never return None
| | | * | | | | | | Better wordsErik Johnston2019-06-061-1/+1
| | | | | | | | | |
| | | * | | | | | | Fix get_max_topological_token to never return NoneErik Johnston2019-05-211-1/+11
| | | | | | | | | |
| | * | | | | | | | Merge pull request #5089 from dnaf/m-heroes-empty-room-nameBrendan Abolivier2019-06-061-5/+4
| | |\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | Make /sync return heroes if room name or canonical alias are empty
| | | * | | | | | | | Simplify conditionBrendan Abolivier2019-06-061-2/+2
| | | | | | | | | | |
| | | * | | | | | | | Simplify conditionBrendan Abolivier2019-06-051-3/+2
| | | | | | | | | | |
| | | * | | | | | | | Merge branch 'develop' into m-heroes-empty-room-nameBrendan Abolivier2019-06-05136-1945/+5896
| | | |\ \ \ \ \ \ \ \
| | | * | | | | | | | | LintKatie Wolfe2019-04-241-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I probably should've just run autopep8 in the first place... Signed-off-by: Katie Wolfe <katie@dnaf.moe>
| | | * | | | | | | | | Clean up codeKatie Wolfe2019-04-241-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Katie Wolfe <katie@dnaf.moe>
| | | * | | | | | | | | Show heroes if room name or canonical alias are emptyKatie Wolfe2019-04-241-3/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #4194 Signed-off-by: Katie Wolfe <katie@dnaf.moe>
| | | * | | | | | | | | Show heroes if room name or canonical alias are emptyKatie Wolfe2019-04-241-5/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #4194 Signed-off-by: Katie Wolfe <katie@dnaf.moe>
| | * | | | | | | | | | Merge pull request #5359 from matrix-org/rav/enable_tls_verificationRichard van der Hoff2019-06-061-5/+5
| | |\ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | Validate federation server TLS certificates by default.
| | | * \ \ \ \ \ \ \ \ \ Merge branch 'rav/fix_custom_ca' into rav/enable_tls_verificationRichard van der Hoff2019-06-057-22/+121
| | | |\ \ \ \ \ \ \ \ \ \
| | | * | | | | | | | | | | Validate federation server TLS certificates by default.Richard van der Hoff2019-06-051-5/+5
| | | | | | | | | | | | | |
| | * | | | | | | | | | | | Merge pull request #5355 from matrix-org/babolivier/heroes_left_membersBrendan Abolivier2019-06-061-15/+19
| | |\ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Include left members in room summaries' heroes
| | | * | | | | | | | | | | | Do user_id != me checks before deciding whether we should pick heroes from ↵Brendan Abolivier2019-06-051-15/+19
| | | | |_|_|/ / / / / / / / | | | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | the joined members or the parted ones
| | * | | | | | | | | | | | Merge pull request #5354 from matrix-org/rav/server_keys/99-room-v5Richard van der Hoff2019-06-061-5/+5
| | |\ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Implement room v5 which enforces signing key validity
| | | * | | | | | | | | | | | Implement room v5 which enforces signing key validityRichard van der Hoff2019-06-051-5/+5
| | | | |/ / / / / / / / / / | | | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Implements [MSC2077](https://github.com/matrix-org/matrix-doc/pull/2077) and fixes #5247 and #4364.
| | * | | | | | | | | | | | Merge pull request #5353 from matrix-org/rav/verify_key_loggingRichard van der Hoff2019-06-064-46/+76
| | |\ \ \ \ \ \ \ \ \ \ \ \ | | | |_|_|/ / / / / / / / / | | |/| | | | | | | | | | | Associate a request_name with each verify request, for logging
| | | * | | | | | | | | | | Associate a request_name with each verify request, for loggingRichard van der Hoff2019-06-054-46/+76
| | | |/ / / / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also: * rename VerifyKeyRequest->VerifyJsonRequest * calculate key_ids on VerifyJsonRequest construction * refactor things to pass around VerifyJsonRequests instead of 4-tuples
| | * | | | | | | | | | | Fix `federation_custom_ca_list` configuration option.Richard van der Hoff2019-06-051-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, setting this option would cause an exception at startup.
| | * | | | | | | | | | | Neilj/add r0.5 to versions (#5360)Neil Johnson2019-06-051-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Update _matrix/client/versions to reference support for r0.5.0
| | * | | | | | | | | | | Fix background updates to handle redactions/rejections (#5352)Erik Johnston2019-06-063-9/+57
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Fix background updates to handle redactions/rejections In background updates based on current state delta stream we need to handle that we may not have all the events (or at least that `get_events` may raise an exception).
| | * | | | | | | | | | | Merge pull request #5317 from matrix-org/erikj/make_do_auth_non_essentialErik Johnston2019-06-051-12/+46
| | |\ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix handling of failures when calling /event_auth.
| | | * | | | | | | | | | | Add logging when request fails and clarify we ignore errors.Erik Johnston2019-06-051-4/+12
| | | | | | | | | | | | | |
| | | * | | | | | | | | | | Fix handling of failures when calling /event_auth.Erik Johnston2019-06-031-12/+38
| | | | |_|_|_|/ / / / / / | | | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When processing an incoming event over federation, we may try and resolve any unexpected differences in auth events. This is a non-essential process and so should not stop the processing of the event if it fails (e.g. due to the remote disappearing or not implementing the necessary endpoints). Fixes #3330
| | * | | | | | | | | | | Neilj/mau tracking config explainer (#5284)Neil Johnson2019-06-051-0/+16
| | | |/ / / / / / / / / | | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Improve documentation of monthly active user blocking and mau_trial_days
| | * | | | | | | | | | Add a test room version where we enforce key validity (#5348)Richard van der Hoff2019-06-052-22/+37
| | | |/ / / / / / / / | | |/| | | | | | | |
| | * | | | | | | | | Clean up debug logging (#5347)Richard van der Hoff2019-06-053-8/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove some spurious stuff, clarify some other stuff
| | * | | | | | | | | Rename VerifyKeyRequest.deferred field (#5343)Richard van der Hoff2019-06-051-12/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | it's a bit confusing
| | * | | | | | | | | Call RetryLimiter correctly (#5340)Richard van der Hoff2019-06-041-1/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes a regression introduced in #5335.
| | * | | | | | | | | Fix failure to fetch batches of PDUs (#5342)Richard van der Hoff2019-06-041-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | FederationClient.get_pdu is called in a loop to fetch a batch of PDUs. A failure to fetch one should not result in a failure of the whole batch. Add the missing `continue`.
| | * | | | | | | | | Rename get_events->get_events_from_store_or_dest (#5344)Richard van der Hoff2019-06-041-20/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We have too many things called get_event, and it's hard to figure out what we mean. Also remove some unused params from the signature, and add some logging.
| | * | | | | | | | | Merge pull request #5341 from matrix-org/babolivier/email_configBrendan Abolivier2019-06-041-42/+57
| | |\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | Make account validity renewal emails work when email notifs are disabled
| | * \ \ \ \ \ \ \ \ \ Merge pull request #5324 from matrix-org/erikj/ignore_nullErik Johnston2019-06-041-0/+16
| | |\ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | Ignore room state with null bytes in for room stats
| | | * | | | | | | | | | FixErik Johnston2019-06-031-1/+2
| | | | | | | | | | | | |
| | | * | | | | | | | | | Ignore room state with null bytes in for room statsErik Johnston2019-06-031-0/+15
| | | | |_|_|_|/ / / / / | | | |/| | | | | | | |
| | * | | | | | | | | | Avoid rapidly backing-off a server if we ignore the retry interval (#5335)Richard van der Hoff2019-06-041-23/+37
| | |\ \ \ \ \ \ \ \ \ \
| | | * | | | | | | | | | Avoid rapidly backing-off a server if we ignore the retry intervalRichard van der Hoff2019-06-031-23/+37
| | | | | | | | | | | | |
| | * | | | | | | | | | | Don't do long retries when calling the key notary server. (#5334)Richard van der Hoff2019-06-041-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It takes at least 20 minutes to work through the long_retries schedule (11 attempts, each with a 60 second timeout, and 60 seconds between each request), so if the notary server isn't returning within the timeout, we'll just end up blocking whatever request is happening for 20 minutes. Ain't nobody got time for that.
generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-08-10 13:18:10 +0000