diff options
author | Richard van der Hoff <richard@matrix.org> | 2019-06-11 00:28:57 +0100 |
---|---|---|
committer | Richard van der Hoff <richard@matrix.org> | 2019-06-11 00:28:57 +0100 |
commit | b55e8840e4e3a5d042145fabfc82b3d216e08e65 (patch) | |
tree | 6a73a0b563fbb87d791dd8d33ecaf594d535547b | |
parent | Code cleanups and simplifications. (diff) | |
parent | 1.0.0rc3 (diff) | |
download | synapse-b55e8840e4e3a5d042145fabfc82b3d216e08e65.tar.xz |
Merge tag 'v1.0.0rc3' into rav/saml2_client
Synapse 1.0.0rc3 (2019-06-10) ============================= Security: Fix authentication bug introduced in 1.0.0rc1. Please upgrade to rc3 immediately
-rw-r--r-- | CHANGES.md | 6 | ||||
-rw-r--r-- | changelog.d/5418.bugfix | 1 | ||||
-rw-r--r-- | synapse/__init__.py | 2 | ||||
-rw-r--r-- | synapse/handlers/auth.py | 1 | ||||
-rw-r--r-- | synapse/storage/deviceinbox.py | 4 | ||||
-rw-r--r-- | synapse/storage/registration.py | 2 |
6 files changed, 14 insertions, 2 deletions
diff --git a/CHANGES.md b/CHANGES.md index 523cdb1153..f4a3ab71ca 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,3 +1,9 @@ +Synapse 1.0.0rc3 (2019-06-10) +============================= + +Security: Fix authentication bug introduced in 1.0.0rc1. Please upgrade to rc3 immediately + + Synapse 1.0.0rc2 (2019-06-10) ============================= diff --git a/changelog.d/5418.bugfix b/changelog.d/5418.bugfix new file mode 100644 index 0000000000..3fd4d2a882 --- /dev/null +++ b/changelog.d/5418.bugfix @@ -0,0 +1 @@ +Fix bug where attempting to send transactions with large number of EDUs can fail. diff --git a/synapse/__init__.py b/synapse/__init__.py index 8dc07fe73c..9c75a0a27f 100644 --- a/synapse/__init__.py +++ b/synapse/__init__.py @@ -27,4 +27,4 @@ try: except ImportError: pass -__version__ = "1.0.0rc2" +__version__ = "1.0.0rc3" diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py index 7f8ddc99c6..a0cf37a9f9 100644 --- a/synapse/handlers/auth.py +++ b/synapse/handlers/auth.py @@ -479,6 +479,7 @@ class AuthHandler(BaseHandler): medium, threepid_creds["client_secret"], sid=threepid_creds["sid"], + validated=True, ) threepid = { diff --git a/synapse/storage/deviceinbox.py b/synapse/storage/deviceinbox.py index 9b0a99cb49..4ea0deea4f 100644 --- a/synapse/storage/deviceinbox.py +++ b/synapse/storage/deviceinbox.py @@ -138,6 +138,10 @@ class DeviceInboxWorkerStore(SQLBaseStore): if not has_changed or last_stream_id == current_stream_id: return defer.succeed(([], current_stream_id)) + if limit <= 0: + # This can happen if we run out of room for EDUs in the transaction. + return defer.succeed(([], last_stream_id)) + def get_new_messages_for_remote_destination_txn(txn): sql = ( "SELECT stream_id, messages_json FROM device_federation_outbox" diff --git a/synapse/storage/registration.py b/synapse/storage/registration.py index 9b41cbd757..1dd1182e82 100644 --- a/synapse/storage/registration.py +++ b/synapse/storage/registration.py @@ -998,7 +998,7 @@ class RegistrationStore( client_secret, address=None, sid=None, - validated=None, + validated=True, ): """Gets a session_id and last_send_attempt (if available) for a client_secret/medium/(address|session_id) combo |