From 77dc7093a738ec4e172c92b7a53d58aa41bfec0a Mon Sep 17 00:00:00 2001
From: Neil Johnson <neil@matrix.org>
Date: Wed, 25 Sep 2019 12:29:35 +0100
Subject: Threepid validity checks on msisdns should not be dependent on
 'threepid_behaviour_email'. (#6104)

Fixes #6103
---
 changelog.d/6104.bugfix              |  1 +
 synapse/handlers/ui_auth/checkers.py | 63 +++++++++++++++++++-----------------
 2 files changed, 35 insertions(+), 29 deletions(-)
 create mode 100644 changelog.d/6104.bugfix

diff --git a/changelog.d/6104.bugfix b/changelog.d/6104.bugfix
new file mode 100644
index 0000000000..41114a66ef
--- /dev/null
+++ b/changelog.d/6104.bugfix
@@ -0,0 +1 @@
+Threepid validity checks on msisdns should not be dependent on 'threepid_behaviour_email'.
diff --git a/synapse/handlers/ui_auth/checkers.py b/synapse/handlers/ui_auth/checkers.py
index ee69223243..29aa1e5aaf 100644
--- a/synapse/handlers/ui_auth/checkers.py
+++ b/synapse/handlers/ui_auth/checkers.py
@@ -148,42 +148,47 @@ class _BaseThreepidAuthChecker:
         identity_handler = self.hs.get_handlers().identity_handler
 
         logger.info("Getting validated threepid. threepidcreds: %r", (threepid_creds,))
-        if self.hs.config.threepid_behaviour_email == ThreepidBehaviour.REMOTE:
-            if medium == "email":
+
+        # msisdns are currently always ThreepidBehaviour.REMOTE
+        if medium == "msisdn":
+            if not self.hs.config.account_threepid_delegate_msisdn:
+                raise SynapseError(
+                    400, "Phone number verification is not enabled on this homeserver"
+                )
+            threepid = yield identity_handler.threepid_from_creds(
+                self.hs.config.account_threepid_delegate_msisdn, threepid_creds
+            )
+        elif medium == "email":
+            if self.hs.config.threepid_behaviour_email == ThreepidBehaviour.REMOTE:
+                assert self.hs.config.account_threepid_delegate_email
                 threepid = yield identity_handler.threepid_from_creds(
                     self.hs.config.account_threepid_delegate_email, threepid_creds
                 )
-            elif medium == "msisdn":
-                threepid = yield identity_handler.threepid_from_creds(
-                    self.hs.config.account_threepid_delegate_msisdn, threepid_creds
+            elif self.hs.config.threepid_behaviour_email == ThreepidBehaviour.LOCAL:
+                threepid = None
+                row = yield self.store.get_threepid_validation_session(
+                    medium,
+                    threepid_creds["client_secret"],
+                    sid=threepid_creds["sid"],
+                    validated=True,
                 )
-            else:
-                raise SynapseError(400, "Unrecognized threepid medium: %s" % (medium,))
-        elif self.hs.config.threepid_behaviour_email == ThreepidBehaviour.LOCAL:
-            row = yield self.store.get_threepid_validation_session(
-                medium,
-                threepid_creds["client_secret"],
-                sid=threepid_creds["sid"],
-                validated=True,
-            )
 
-            threepid = (
-                {
-                    "medium": row["medium"],
-                    "address": row["address"],
-                    "validated_at": row["validated_at"],
-                }
-                if row
-                else None
-            )
+                if row:
+                    threepid = {
+                        "medium": row["medium"],
+                        "address": row["address"],
+                        "validated_at": row["validated_at"],
+                    }
 
-            if row:
-                # Valid threepid returned, delete from the db
-                yield self.store.delete_threepid_session(threepid_creds["sid"])
+                    # Valid threepid returned, delete from the db
+                    yield self.store.delete_threepid_session(threepid_creds["sid"])
+            else:
+                raise SynapseError(
+                    400, "Email address verification is not enabled on this homeserver"
+                )
         else:
-            raise SynapseError(
-                400, "Password resets are not enabled on this homeserver"
-            )
+            # this can't happen!
+            raise AssertionError("Unrecognized threepid medium: %s" % (medium,))
 
         if not threepid:
             raise LoginError(401, "", errcode=Codes.UNAUTHORIZED)
-- 
cgit 1.5.1


From a4f3ca48b5250a1c2c4de8a363f69bbeb0adeefd Mon Sep 17 00:00:00 2001
From: Neil Johnson <neil@matrix.org>
Date: Wed, 25 Sep 2019 17:27:35 +0100
Subject: Enable cleaning up extremities with dummy events by default to
 prevent undue build up of forward extremities. (#5884)

---
 changelog.d/5884.feature | 1 +
 synapse/config/server.py | 4 +---
 2 files changed, 2 insertions(+), 3 deletions(-)
 create mode 100644 changelog.d/5884.feature

diff --git a/changelog.d/5884.feature b/changelog.d/5884.feature
new file mode 100644
index 0000000000..bfd0489392
--- /dev/null
+++ b/changelog.d/5884.feature
@@ -0,0 +1 @@
+Enable cleaning up extremities with dummy events by default to prevent undue build up of forward extremities.
diff --git a/synapse/config/server.py b/synapse/config/server.py
index 419787a89c..3a7a49bc91 100644
--- a/synapse/config/server.py
+++ b/synapse/config/server.py
@@ -355,10 +355,8 @@ class ServerConfig(Config):
 
         _check_resource_config(self.listeners)
 
-        # An experimental option to try and periodically clean up extremities
-        # by sending dummy events.
         self.cleanup_extremities_with_dummy_events = config.get(
-            "cleanup_extremities_with_dummy_events", False
+            "cleanup_extremities_with_dummy_events", True
         )
 
     def has_tls_listener(self):
-- 
cgit 1.5.1