summary refs log tree commit diff
Commit message (Collapse)AuthorAgeFilesLines
* Mainline some more github/babolivier/username_reg_v2 babolivier/username_reg_v2Brendan Abolivier2022-01-263-28/+32
|
* Remove old register_mxid_from_3pid settingBrendan Abolivier2022-01-263-82/+0
|
* Add a module callback to set username at registration (#11790)Brendan Abolivier2022-01-266-6/+230
| | | | | | | This is in the context of mainlining the Tchap fork of Synapse. Currently in Tchap usernames are derived from the user's email address (extracted from the UIA results, more specifically the m.login.email.identity step). This change also exports the check_username method from the registration handler as part of the module API, so that a module can check if the username it's trying to generate is correct and doesn't conflict with an existing one, and fallback gracefully if not. Co-authored-by: David Robertson <davidr@element.io>
* Add a config flag to inhibit `M_USER_IN_USE` during registration (#11743)Brendan Abolivier2022-01-266-17/+106
| | | | | | | | This is mostly motivated by the tchap use case, where usernames are automatically generated from the user's email address (in a way that allows figuring out the email address from the username). Therefore, it's an issue if we respond to requests on /register and /register/available with M_USER_IN_USE, because it can potentially leak email addresses (which include the user's real name and place of work). This commit adds a flag to inhibit the M_USER_IN_USE errors that are raised both by /register/available, and when providing a username early into the registration process. This error will still be raised if the user completes the registration process but the username conflicts. This is particularly useful when using modules (https://github.com/matrix-org/synapse/pull/11790 adds a module callback to set the username of users at registration) or SSO, since they can ensure the username is unique. More context is available in the PR that introduced this behaviour to synapse-dinsic: matrix-org/synapse-dinsic#48 - as well as the issue in the matrix-dinsic repo: matrix-org/matrix-dinsic#476
* Fix another jsonschema typecheck error (#11830)David Robertson2022-01-263-5/+4
| | | | | | | | | | | | | | | | | | | | | Similar to #11817. In `_create_power_level_validator` we - retrieve `validator`. This is a class implementing the `jsonschema.protocols.Validator` interface. In other words, `validator: Type[jsonschema.protocols.Validator]`. - we then create an second validator class by modifying the original `validator`. We return that class, which is also of type `Type[jsonschema.protocols.Validator]`. So the original annotation was incorrect: it claimed we were returning an instance of jsonSchema.Draft7Validator, not the class (or a subclass) itself. (Strictly speaking this is incorrect, because `POWER_LEVELS_SCHEMA` isn't pinned to a particular version of JSON Schema. But there are other complications with the type stubs if you try to fix this; I felt like the change herein was a decent compromise that better expresses intent). (I suspect/hope the typeshed project would welcome an effort to improve the jsonschema stubs. Let's see if I get some spare time.)
* Ignore the jsonschema type. (#11817)Patrick Cloke2022-01-262-1/+4
|
* Avoid type annotation problems in prom-client (#11834)David Robertson2022-01-262-1/+3
|
* Deal with mypy errors w/ type-hinted pynacl 1.5.0 (#11714)David Robertson2022-01-262-1/+8
| | | | | | | | | | | | * Deal with mypy errors w/ type-hinted pynacl 1.5.0 Fixes #11644. I really don't like that we're monkey patching pynacl SignedKey instances with alg and version objects. But I'm too scared to make the changes necessary right now. (Ideally I would replace `signedjson.types.SingingKey` with a runtime class which wraps or inherits from `nacl.signing.SigningKey`.) C.f. https://github.com/matrix-org/python-signedjson/issues/16
* Merge pull request #119 from matrix-org/babolivier/auth_shadowBrendan Abolivier2022-01-141-6/+4
|\ | | | | Fix divergence with mainline in the auth code
| * Fix divergence with mainline in the auth codeBrendan Abolivier2022-01-141-6/+4
|/
* Merge pull request #118 from matrix-org/babolivier/delete_twisted_trunk_checkBrendan Abolivier2022-01-121-92/+0
|\ | | | | Remove the CI workflow to test against the Twisted trunk
| * Remove the CI workflow to test against the Twisted trunkBrendan Abolivier2022-01-121-92/+0
|/ | | | We don't care about the Twisted trunk in Tchap, and any fix would need to wait a merge from mainline anyway
* Merge pull request #114 from matrix-org/babolivier/dinsic_1.48.0Brendan Abolivier2021-12-08628-14242/+34904
|\ | | | | Merge Synapse v1.48.0
| * Don't use sixBrendan Abolivier2021-12-062-5/+2
| |
| * LintBrendan Abolivier2021-12-066-56/+27
| |
| * Merge tag 'v1.48.0' into babolivier/dinsic_1.48.0Brendan Abolivier2021-12-06170-1943/+5894
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.48.0 (2021-11-30) =========================== This release removes support for the long-deprecated `trust_identity_server_for_password_resets` configuration flag. This release also fixes some performance issues with some background database updates introduced in Synapse 1.47.0. No significant changes since 1.48.0rc1. Synapse 1.48.0rc1 (2021-11-25) ============================== Features -------- - Experimental support for the thread relation defined in [MSC3440](https://github.com/matrix-org/matrix-doc/pull/3440). ([\#11161](https://github.com/matrix-org/synapse/issues/11161)) - Support filtering by relation senders & types per [MSC3440](https://github.com/matrix-org/matrix-doc/pull/3440). ([\#11236](https://github.com/matrix-org/synapse/issues/11236)) - Add support for the `/_matrix/client/v3` and `/_matrix/media/v3` APIs from Matrix v1.1. ([\#11318](https://github.com/matrix-org/synapse/issues/11318), [\#11371](https://github.com/matrix-org/synapse/issues/11371)) - Support the stable version of [MSC2778](https://github.com/matrix-org/matrix-doc/pull/2778): the `m.login.application_service` login type. Contributed by @tulir. ([\#11335](https://github.com/matrix-org/synapse/issues/11335)) - Add a new version of delete room admin API `DELETE /_synapse/admin/v2/rooms/<room_id>` to run it in the background. Contributed by @dklimpel. ([\#11223](https://github.com/matrix-org/synapse/issues/11223)) - Allow the admin [Delete Room API](https://matrix-org.github.io/synapse/latest/admin_api/rooms.html#delete-room-api) to block a room without the need to join it. ([\#11228](https://github.com/matrix-org/synapse/issues/11228)) - Add an admin API to un-shadow-ban a user. ([\#11347](https://github.com/matrix-org/synapse/issues/11347)) - Add an admin API to run background database schema updates. ([\#11352](https://github.com/matrix-org/synapse/issues/11352)) - Add an admin API for blocking a room. ([\#11324](https://github.com/matrix-org/synapse/issues/11324)) - Update the JWT login type to support custom a `sub` claim. ([\#11361](https://github.com/matrix-org/synapse/issues/11361)) - Store and allow querying of arbitrary event relations. ([\#11391](https://github.com/matrix-org/synapse/issues/11391)) Bugfixes -------- - Fix a long-standing bug wherein display names or avatar URLs containing null bytes cause an internal server error when stored in the DB. ([\#11230](https://github.com/matrix-org/synapse/issues/11230)) - Prevent [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) historical state events from being pushed to an application service via `/transactions`. ([\#11265](https://github.com/matrix-org/synapse/issues/11265)) - Fix a long-standing bug where uploading extremely thin images (e.g. 1000x1) would fail. Contributed by @Neeeflix. ([\#11288](https://github.com/matrix-org/synapse/issues/11288)) - Fix a bug, introduced in Synapse 1.46.0, which caused the `check_3pid_auth` and `on_logged_out` callbacks in legacy password authentication provider modules to not be registered. Modules using the generic module interface were not affected. ([\#11340](https://github.com/matrix-org/synapse/issues/11340)) - Fix a bug introduced in 1.41.0 where space hierarchy responses would be incorrectly reused if multiple users were to make the same request at the same time. ([\#11355](https://github.com/matrix-org/synapse/issues/11355)) - Fix a bug introduced in 1.45.0 where the `read_templates` method of the module API would error. ([\#11377](https://github.com/matrix-org/synapse/issues/11377)) - Fix an issue introduced in 1.47.0 which prevented servers re-joining rooms they had previously left, if their signing keys were replaced. ([\#11379](https://github.com/matrix-org/synapse/issues/11379)) - Fix a bug introduced in 1.13.0 where creating and publishing a room could cause errors if `room_list_publication_rules` is configured. ([\#11392](https://github.com/matrix-org/synapse/issues/11392)) - Improve performance of various background database updates. ([\#11421](https://github.com/matrix-org/synapse/issues/11421), [\#11422](https://github.com/matrix-org/synapse/issues/11422)) Improved Documentation ---------------------- - Suggest users of the Debian packages add configuration to `/etc/matrix-synapse/conf.d/` to prevent, upon upgrade, being asked to choose between their configuration and the maintainer's. ([\#11281](https://github.com/matrix-org/synapse/issues/11281)) - Fix typos in the documentation for the `username_available` admin API. Contributed by Stanislav Motylkov. ([\#11286](https://github.com/matrix-org/synapse/issues/11286)) - Add Single Sign-On, SAML and CAS pages to the documentation. ([\#11298](https://github.com/matrix-org/synapse/issues/11298)) - Change the word 'Home server' as one word 'homeserver' in documentation. ([\#11320](https://github.com/matrix-org/synapse/issues/11320)) - Fix missing quotes for wildcard domains in `federation_certificate_verification_whitelist`. ([\#11381](https://github.com/matrix-org/synapse/issues/11381)) Deprecations and Removals ------------------------- - Remove deprecated `trust_identity_server_for_password_resets` configuration flag. ([\#11333](https://github.com/matrix-org/synapse/issues/11333), [\#11395](https://github.com/matrix-org/synapse/issues/11395)) Internal Changes ---------------- - Add type annotations to `synapse.metrics`. ([\#10847](https://github.com/matrix-org/synapse/issues/10847)) - Split out federated PDU retrieval function into a non-cached version. ([\#11242](https://github.com/matrix-org/synapse/issues/11242)) - Clean up code relating to to-device messages and sending ephemeral events to application services. ([\#11247](https://github.com/matrix-org/synapse/issues/11247)) - Fix a small typo in the error response when a relation type other than 'm.annotation' is passed to `GET /rooms/{room_id}/aggregations/{event_id}`. ([\#11278](https://github.com/matrix-org/synapse/issues/11278)) - Drop unused database tables `room_stats_historical` and `user_stats_historical`. ([\#11280](https://github.com/matrix-org/synapse/issues/11280)) - Require all files in synapse/ and tests/ to pass mypy unless specifically excluded. ([\#11282](https://github.com/matrix-org/synapse/issues/11282), [\#11285](https://github.com/matrix-org/synapse/issues/11285), [\#11359](https://github.com/matrix-org/synapse/issues/11359)) - Add missing type hints to `synapse.app`. ([\#11287](https://github.com/matrix-org/synapse/issues/11287)) - Remove unused parameters on `FederationEventHandler._check_event_auth`. ([\#11292](https://github.com/matrix-org/synapse/issues/11292)) - Add type hints to `synapse._scripts`. ([\#11297](https://github.com/matrix-org/synapse/issues/11297)) - Fix an issue which prevented the `remove_deleted_devices_from_device_inbox` background database schema update from running when updating from a recent Synapse version. ([\#11303](https://github.com/matrix-org/synapse/issues/11303)) - Add type hints to storage classes. ([\#11307](https://github.com/matrix-org/synapse/issues/11307), [\#11310](https://github.com/matrix-org/synapse/issues/11310), [\#11311](https://github.com/matrix-org/synapse/issues/11311), [\#11312](https://github.com/matrix-org/synapse/issues/11312), [\#11313](https://github.com/matrix-org/synapse/issues/11313), [\#11314](https://github.com/matrix-org/synapse/issues/11314), [\#11316](https://github.com/matrix-org/synapse/issues/11316), [\#11322](https://github.com/matrix-org/synapse/issues/11322), [\#11332](https://github.com/matrix-org/synapse/issues/11332), [\#11339](https://github.com/matrix-org/synapse/issues/11339), [\#11342](https://github.com/matrix-org/synapse/issues/11342)) - Add type hints to `synapse.util`. ([\#11321](https://github.com/matrix-org/synapse/issues/11321), [\#11328](https://github.com/matrix-org/synapse/issues/11328)) - Improve type annotations in Synapse's test suite. ([\#11323](https://github.com/matrix-org/synapse/issues/11323), [\#11330](https://github.com/matrix-org/synapse/issues/11330)) - Test that room alias deletion works as intended. ([\#11327](https://github.com/matrix-org/synapse/issues/11327)) - Add type annotations for some methods and properties in the module API. ([\#11341](https://github.com/matrix-org/synapse/issues/11341)) - Fix running `scripts-dev/complement.sh`, which was broken in v1.47.0rc1. ([\#11368](https://github.com/matrix-org/synapse/issues/11368)) - Rename internal functions for token generation to better reflect what they do. ([\#11369](https://github.com/matrix-org/synapse/issues/11369), [\#11370](https://github.com/matrix-org/synapse/issues/11370)) - Add type hints to configuration classes. ([\#11377](https://github.com/matrix-org/synapse/issues/11377)) - Publish a `develop` image to Docker Hub. ([\#11380](https://github.com/matrix-org/synapse/issues/11380)) - Keep fallback key marked as used if it's re-uploaded. ([\#11382](https://github.com/matrix-org/synapse/issues/11382)) - Use `auto_attribs` on the `attrs` class `RefreshTokenLookupResult`. ([\#11386](https://github.com/matrix-org/synapse/issues/11386)) - Rename unstable `access_token_lifetime` configuration option to `refreshable_access_token_lifetime` to make it clear it only concerns refreshable access tokens. ([\#11388](https://github.com/matrix-org/synapse/issues/11388)) - Do not run the broken MSC2716 tests when running `scripts-dev/complement.sh`. ([\#11389](https://github.com/matrix-org/synapse/issues/11389)) - Remove dead code from supporting ACME. ([\#11393](https://github.com/matrix-org/synapse/issues/11393)) - Refactor including the bundled relations when serializing an event. ([\#11408](https://github.com/matrix-org/synapse/issues/11408))
| | * Merge trust_identity_server_for_password_resets PRs v1.48.0Brendan Abolivier2021-11-301-2/+1
| | |
| | * Move notices upBrendan Abolivier2021-11-301-5/+4
| | |
| | * Fixup changelogBrendan Abolivier2021-11-301-1/+1
| | |
| | * 1.48.0Brendan Abolivier2021-11-303-1/+13
| | |
| | * Fix docker hub name v1.48.0rc1Brendan Abolivier2021-11-251-1/+1
| | |
| | * Incorporate review from synapse-devBrendan Abolivier2021-11-251-10/+12
| | |
| | * Fixup changelogBrendan Abolivier2021-11-251-13/+12
| | |
| | * 1.48.0rc1Brendan Abolivier2021-11-2572-71/+90
| | |
| | * Improve performance of `remove_{hidden,deleted}_devices_from_device_inbox` ↵Brendan Abolivier2021-11-254-148/+84
| | | | | | | | | | | | | | | (#11421) Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
| | * Lower minumum batch size to 1 for background updates (#11422)Brendan Abolivier2021-11-244-13/+23
| | | | | | | | | Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
| | * Rename unstable `access_token_lifetime` configuration option to ↵reivilibre2021-11-236-16/+36
| | | | | | | | | | | | `refreshable_access_token_lifetime` to make it clear it only concerns refreshable access tokens. (#11388)
| | * Add missing type hints to config base classes (#11377)Patrick Cloke2021-11-2313-109/+184
| | |
| | * Remove code invalidated by deprecated config flag ↵Shay2021-11-234-41/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 'trust_identity_servers_for_password_resets' (#11395) * remove background update code related to deprecated config flag * changelog entry * update changelog * Delete 11394.removal Duplicate, wrong number * add no-op background update and change newfragment so it will be consolidated with associated work * remove unused code * Remove code associated with deprecated flag from legacy docker dynamic config file Co-authored-by: reivilibre <oliverw@matrix.org>
| | * Merge branch 'master' into developSean Quah2021-11-238-51/+513
| | |\
| | | * Merge tag 'v1.47.1'Sean Quah2021-11-238-51/+513
| | | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.47.1 (2021-11-23) =========================== This release fixes a security issue in the media store, affecting all prior releases of Synapse. Server administrators are encouraged to update Synapse as soon as possible. We are not aware of these vulnerabilities being exploited in the wild. Server administrators who are unable to update Synapse may use the workarounds described in the linked GitHub Security Advisory below. Security advisory ----------------- The following issue is fixed in 1.47.1. - **[GHSA-3hfw-x7gx-437c](https://github.com/matrix-org/synapse/security/advisories/GHSA-3hfw-x7gx-437c) / [CVE-2021-41281](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41281): Path traversal when downloading remote media.** Synapse instances with the media repository enabled can be tricked into downloading a file from a remote server into an arbitrary directory, potentially outside the media store directory. The last two directories and file name of the path are chosen randomly by Synapse and cannot be controlled by an attacker, which limits the impact. Homeservers with the media repository disabled are unaffected. Homeservers configured with a federation whitelist are also unaffected. Fixed by [91f2bd090](https://github.com/matrix-org/synapse/commit/91f2bd090).
| | * | | Refactor the code to inject bundled relations during serialization. (#11408)Patrick Cloke2021-11-238-73/+92
| | | | |
| | * | | Add config for customizing the claim used for JWT logins. (#11361)Kostas2021-11-226-35/+57
| | | | | | | | | | | | | | | | | | | | | | | | | Allows specifying a different claim (from the default "sub") to use when calculating the localpart of the Matrix ID used during the JWT login.
| | * | | Store arbitrary relations from events. (#11391)Patrick Cloke2021-11-226-45/+193
| | | | | | | | | | | | | | | | | | | | | | | | | Instead of only known relation types. This also reworks the background update for thread relations to crawl events and search for any relation type, not just threaded relations.
| | * | | Update README.mdShay2021-11-191-2/+4
| | | | |
| | * | | Add an admin API to run background jobs. (#11352)Dirk Klimpel2021-11-199-43/+280
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Instead of having admins poke into the database directly. Can currently run jobs to populate stats and to populate the user directory.
| | * | | Fix checking whether a room can be published on creation. (#11392)Patrick Cloke2021-11-194-56/+95
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If `room_list_publication_rules` was configured with a rule with a non-wildcard alias and a room was created with an alias then an internal server error would have been thrown. This fixes the error and properly applies the publication rules during room creation.
| | * | | Remove dead code from acme support. (#11393)Patrick Cloke2021-11-192-50/+1
| | | | |
| | * | | Remove msc2716 from the list of tests for complement. (#11389)Patrick Cloke2021-11-192-1/+2
| | | | | | | | | | | | | | | As the tests are currently failing and not run in CI.
| | * | | Keep fallback key marked as used if it's re-uploaded (#11382)Hubert Chathi2021-11-193-12/+72
| | | | |
| | * | | Publish a `develop` docker image (#11380)Richard van der Hoff2021-11-192-1/+5
| | | | | | | | | | | | | | | | | | | | I'd find it helpful to have a docker image corresponding to current develop, without having to build my own.
| | * | | Fix verification of objects signed with old local keys (#11379)Richard van der Hoff2021-11-193-31/+95
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes a bug introduced in #11129: objects signed by the local server, but with keys other than the current one, could not be successfully verified. We need to check the key id in the signature, and track down the right key.
| | * | | Prevent historical state from being pushed to an application service via ↵Eric Eastwood2021-11-184-2/+39
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `/transactions` (MSC2716) (#11265) Mark historical state from the MSC2716 `/batch_send` endpoint as `historical` which makes it `backfilled` and have a negative `stream_ordering` so it doesn't get queried by `/transactions`. Fix https://github.com/matrix-org/synapse/issues/11241 Complement tests: https://github.com/matrix-org/complement/pull/221
| | * | | Remove legacy code related to deprecated ↵Shay2021-11-185-47/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `trust_identity_server_for_password_resets` config flag (#11333) * remove code legacy code related to deprecated config flag "trust_identity_server_for_password_resets" from synapse/config/emailconfig.py * remove legacy code supporting depreciated config flag "trust_identity_server_for_password_resets" from synapse/config/registration.py * remove legacy code supporting depreciated config flag "trust_identity_server_for_password_resets" from synapse/handlers/identity.py * add tests to ensure config error is thrown and synapse refuses to start when depreciated config flag is found * add changelog * slightly change behavior to only check for deprecated flag if set to 'true' * Update changelog.d/11333.misc Co-authored-by: reivilibre <oliverw@matrix.org> Co-authored-by: reivilibre <oliverw@matrix.org>
| | * | | Add dedicated admin API for blocking a room (#11324)Dirk Klimpel2021-11-186-0/+404
| | | | |
| | * | | Add/Unerase annotations to Module API (#11341)reivilibre2021-11-182-23/+135
| | | | |
| | * | | Rename `get_refresh_token_for_user_id` to `create_refresh_token_for_user_id` ↵reivilibre2021-11-183-3/+4
| | | | | | | | | | | | | | | | | | | | (#11370)
| | * | | Use auto_attribs for RefreshTokenLookupResult (#11386)reivilibre2021-11-182-7/+8
| | | | |
| | * | | Do not allow MSC3440 threads to fork threads (#11161)Patrick Cloke2021-11-184-8/+176
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Adds validation to the Client-Server API to ensure that the potential thread head does not relate to another event already. This results in not allowing a thread to "fork" into other threads. If the target event is unknown for some reason (maybe it isn't visible to your homeserver), but is the target of other events it is assumed that the thread can be created from it. Otherwise, it is rejected as an unknown event.
| | * | | Docs: Quote wildcard `federation_certificate_verification_whitelist` (#11381)Nicolai Søborg2021-11-183-4/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Otherwise I get this beautiful stacktrace: ``` python3 -m synapse.app.homeserver --config-path /etc/matrix/homeserver.yaml Traceback (most recent call last): File "/usr/lib/python3.8/runpy.py", line 194, in _run_module_as_main return _run_code(code, main_globals, None, File "/usr/lib/python3.8/runpy.py", line 87, in _run_code exec(code, run_globals) File "/root/synapse/synapse/app/homeserver.py", line 455, in <module> main() File "/root/synapse/synapse/app/homeserver.py", line 445, in main hs = setup(sys.argv[1:]) File "/root/synapse/synapse/app/homeserver.py", line 345, in setup config = HomeServerConfig.load_or_generate_config( File "/root/synapse/synapse/config/_base.py", line 671, in load_or_generate_config config_dict = read_config_files(config_files) File "/root/synapse/synapse/config/_base.py", line 717, in read_config_files yaml_config = yaml.safe_load(file_stream) File "/root/synapse/env/lib/python3.8/site-packages/yaml/__init__.py", line 125, in safe_load return load(stream, SafeLoader) File "/root/synapse/env/lib/python3.8/site-packages/yaml/__init__.py", line 81, in load return loader.get_single_data() File "/root/synapse/env/lib/python3.8/site-packages/yaml/constructor.py", line 49, in get_single_data node = self.get_single_node() File "/root/synapse/env/lib/python3.8/site-packages/yaml/composer.py", line 36, in get_single_node document = self.compose_document() File "/root/synapse/env/lib/python3.8/site-packages/yaml/composer.py", line 55, in compose_document node = self.compose_node(None, None) File "/root/synapse/env/lib/python3.8/site-packages/yaml/composer.py", line 84, in compose_node node = self.compose_mapping_node(anchor) File "/root/synapse/env/lib/python3.8/site-packages/yaml/composer.py", line 133, in compose_mapping_node item_value = self.compose_node(node, item_key) File "/root/synapse/env/lib/python3.8/site-packages/yaml/composer.py", line 82, in compose_node node = self.compose_sequence_node(anchor) File "/root/synapse/env/lib/python3.8/site-packages/yaml/composer.py", line 110, in compose_sequence_node while not self.check_event(SequenceEndEvent): File "/root/synapse/env/lib/python3.8/site-packages/yaml/parser.py", line 98, in check_event self.current_event = self.state() File "/root/synapse/env/lib/python3.8/site-packages/yaml/parser.py", line 379, in parse_block_sequence_first_entry return self.parse_block_sequence_entry() File "/root/synapse/env/lib/python3.8/site-packages/yaml/parser.py", line 384, in parse_block_sequence_entry if not self.check_token(BlockEntryToken, BlockEndToken): File "/root/synapse/env/lib/python3.8/site-packages/yaml/scanner.py", line 116, in check_token self.fetch_more_tokens() File "/root/synapse/env/lib/python3.8/site-packages/yaml/scanner.py", line 227, in fetch_more_tokens return self.fetch_alias() File "/root/synapse/env/lib/python3.8/site-packages/yaml/scanner.py", line 610, in fetch_alias self.tokens.append(self.scan_anchor(AliasToken)) File "/root/synapse/env/lib/python3.8/site-packages/yaml/scanner.py", line 922, in scan_anchor raise ScannerError("while scanning an %s" % name, start_mark, yaml.scanner.ScannerError: while scanning an alias in "/etc/matrix/homeserver.yaml", line 614, column 5 expected alphabetic or numeric character, but found '.' in "/etc/matrix/homeserver.yaml", line 614, column 6 ``` Signed-off-by: Nicolai Søborg <git@xn--sb-lka.org>
| | * | | Add type annotations to `synapse.metrics` (#10847)Sean Quah2021-11-1712-85/+173
| | | | |
| | * | | Add support for `/_matrix/media/v3` APIs (#11371)Aaron R2021-11-176-51/+60
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add support for `/_matrix/media/v3` APIs Signed-off-by: Aaron Raimist <aaron@raim.ist> * Update `workers.md` to use v3 client and media APIs Signed-off-by: Aaron Raimist <aaron@raim.ist> * Add changelog Signed-off-by: Aaron Raimist <aaron@raim.ist>
| | * | | Merge branch 'master' into developDavid Robertson2021-11-175-3/+15
| | |\| |
| | | * | Merge remote-tracking branch 'origin/release-v1.47'David Robertson2021-11-17168-1293/+4113
| | | |\ \
| | | * | | Correct target of link to the modules page from the Password Auth Providers ↵reivilibre2021-11-121-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | page (#11309)
| | | * | | Wrong DTLS port in "Troubleshooting" (#11268)jmcparland2021-11-081-1/+1
| | | | | | | | | | | | | | | | | | Port 5349, not 5479.
| | * | | | Rename `get_access_token_for_user_id` method to ↵reivilibre2021-11-177-15/+16
| | | | | | | | | | | | | | | | | | | | | | | | `create_access_token_for_user_id` (#11369)
| | * | | | Fix running complement.sh script. (#11368)Patrick Cloke2021-11-172-3/+4
| | | | | | | | | | | | | | | | | | | | | | | | By reverting changes from #11166 in this script. Specifically commit 13f084eb58c379b2fc073680818d5931e94626f4.
| | * | | | Fix incorrect return value in tests. (#11359)Patrick Cloke2021-11-162-1/+2
| | | | | |
| | * | | | Merge tag 'v1.47.0rc3' into developDavid Robertson2021-11-166-21/+103
| | |\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.47.0rc3 (2021-11-16) ============================== Bugfixes -------- - Fix a bug introduced in 1.47.0rc1 which caused worker processes to not halt startup in the presence of outstanding database migrations. ([\#11346](https://github.com/matrix-org/synapse/issues/11346)) - Fix a bug introduced in 1.47.0rc1 which prevented the 'remove deleted devices from `device_inbox` column' background process from running when updating from a recent Synapse version. ([\#11303](https://github.com/matrix-org/synapse/issues/11303), [\#11353](https://github.com/matrix-org/synapse/issues/11353))
| | * | | | | Avoid sharing room hierarchy responses between users (#11355)Sean Quah2021-11-163-2/+65
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Different users may be allowed to see different rooms within a space, so sharing responses between users is inadvisable.
| | * | | | | Add support for `/_matrix/client/v3` APIs (#11318)Aaron R2021-11-164-3/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is one of the changes required to support Matrix 1.1 Signed-off-by: Aaron Raimist <aaron@raim.ist>
| | * | | | | Add most missing type hints to synapse.util (#11328)Patrick Cloke2021-11-1610-165/+161
| | | | | | |
| | * | | | | Properly register all callback hooks for legacy password authentication ↵reivilibre2021-11-162-13/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | providers (#11340) Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
| | * | | | | Add ability to un-shadow-ban via the admin API. (#11347)Patrick Cloke2021-11-165-12/+53
| | | | | | |
| | * | | | | Misc typing fixes for tests, part 2 of N (#11330)David Robertson2021-11-165-29/+66
| | | | | | |
| | * | | | | change 'Home Server' to one word 'homeserver' (#11320)Ashwin Nair2021-11-164-15/+16
| | | | | | | | | | | | | | | | | | | | | Signed-off-by: Ashwin S. Nair <58840757+Ashwin-exe@users.noreply.github.com>
| | * | | | | Database storage profile passes mypy (#11342)David Robertson2021-11-154-8/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It already seems to pass mypy. I wonder what changed, given that it was on the exclusion list. So this commit consists of me ensuring `--disallow-untyped-defs` passes and a minor fixup to a function that returned either `True` or `None`.
| | * | | | | Get directory db file to pass mypy (#11339)David Robertson2021-11-154-7/+11
| | | | | | |
| | * | | | | Add support for the stable version of MSC2778 (#11335)Tulir Asokan2021-11-154-4/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add support for the stable version of MSC2778 Signed-off-by: Tulir Asokan <tulir@maunium.net> * Expect m.login.application_service in login and password provider tests Signed-off-by: Tulir Asokan <tulir@maunium.net>
| | * | | | | Remove unused tables `room_stats_historical` and `user_stats_historical` ↵Shay2021-11-123-1/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (#11280) * remove unused tables room_stats_historical and user_stats_historical * update changelog number * Bump schema compat version comment * make linter happy * Update comment to give more info Co-authored-by: reivilibre <oliverw@matrix.org> Co-authored-by: reivilibre <oliverw@matrix.org>
| | * | | | | Annotations for state_deltas.py (#11316)David Robertson2021-11-123-4/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I was sad that I couldn't do better for `_curr_state_delta_stream_cache`. At least it's explicitly called out in a comment with #TODO.
| | * | | | | Rollback #11322 due to wrong syntax in mypy.ini. (#11332)Patrick Cloke2021-11-122-2/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | This was only checking the __init__ files in modules instead of all files in a module, which don't pass yet.
| | * | | | | Test room alias deletion (#11327)David Robertson2021-11-125-31/+91
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Prefer `HTTPStatus` over plain `int` This is an Opinion that no-one has seemed to object to yet. * `--disallow-untyped-defs` for `tests.rest.client.test_directory` * Improve synapse's annotations for deleting aliases * Test case for deleting a room alias * Changelog
| | * | | | | Change display names/avatar URLs to None if they contain null bytes before ↵Shay2021-11-123-4/+56
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | storing in DB (#11230) * change display names/avatar URLS to None if they contain null bytes * add changelog * add POC test, requested changes * add a saner test and remove old one * update test to verify that display name has been changed to None * make test less fragile
| | * | | | | Add type hints to media repository storage module (#11311)Patrick Cloke2021-11-124-62/+89
| | | | | | |
| | * | | | | Attempt to annotate events_forward_extremities (#11314)David Robertson2021-11-124-8/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Make DataStore inherit from EventForwardExtremitiesStore before CacheInvalidationWorkerStore the former implicitly inherits from the latter, so they should be ordered like this when used.
| | * | | | | Misc typing fixes for `tests`, part 1 of N (#11323)David Robertson2021-11-127-29/+53
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Annotate HomeserverTestCase.servlets * Correct annotation of federation_auth_origin * Use AnyStr custom_headers instead of a Union This allows (str, str) and (bytes, bytes). This disallows (str, bytes) and (bytes, str) * DomainSpecificString.SIGIL is a ClassVar
| | * | | | | Generalize the disallowed_untyped_defs in mypy.ini (#11322)Patrick Cloke2021-11-122-14/+3
| | | | | | |
| | * | | | | Add more type hints to synapse.util. (#11321)Patrick Cloke2021-11-123-15/+24
| | | | | | |
| | * | | | | Suggest using `/etc/matrix-synapse/conf.d/` for configuration with Debian ↵reivilibre2021-11-122-0/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | packages (#11281)
| | * | | | | Convert delete room admin API to async endpoint (#11223)Dirk Klimpel2021-11-129-91/+1317
| | | | | | | | | | | | | | | | | | | | | Signed-off-by: Dirk Klimpel dirk@klimpel.org
| | * | | | | Annotations for user_erasure_store (#11313)David Robertson2021-11-113-5/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | I'm not sure why this was excluded---it seemed to be passing for me. But it's easy enough to fixup.
| | * | | | | Get db signatures file to pass mypy (#11312)David Robertson2021-11-114-10/+8
| | | | | | |
| | * | | | | Correct type hint for room_batch.py (#11310)David Robertson2021-11-113-11/+12
| | | | | | | | | | | | | | | | | | | | | Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
| | * | | | | Move sql file for `remove_deleted_devices_from_device_inbox` into v65 (#11303)Dirk Klimpel2021-11-112-1/+2
| | | | | | |
| | * | | | | Add type hints to some storage classes (#11307)Patrick Cloke2021-11-119-54/+116
| | | | | | |
| | * | | | | Fix error in thumbnail generation (#11288)Neeeflix2021-11-102-4/+5
| | | | | | | | | | | | | | | | | | | | | Signed-off-by: Jonas Zeunert <jonas@zeunert.org>
| | * | | | | Add missing type hints to `synapse.app`. (#11287)Patrick Cloke2021-11-1017-190/+223
| | | | | | |
| | * | | | | Add type hints to synapse._scripts (#11297)Patrick Cloke2021-11-105-20/+30
| | | | | | |
| | * | | | | Add documentation page stubs for Single Sign-On, SAML and CAS pages (#11298)Andrew Morgan2021-11-105-3/+25
| | | | | | |
| | * | | | | Remove redundant parameters on `_check_event_auth` (#11292)Richard van der Hoff2021-11-103-12/+1
| | | | | | | | | | | | | | | | | | | | | as of #11012, these parameters are unused.
| | * | | | | Merge tag 'v1.47.0rc2' into developOlivier Wilkinson (reivilibre)2021-11-1060-60/+101
| | |\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.47.0rc2 (2021-11-10) ============================== This fixes an issue with publishing the Debian packages for 1.47.0rc1. It is otherwise identical to 1.47.0rc1.
| | * | | | | | Fix typos in the `username_available` admin API documentation. (#11286)Stanislav Motylkov2021-11-092-1/+2
| | | | | | | |
| | * | | | | | Split out federated PDU retrieval into a non-cached version (#11242)Eric Eastwood2021-11-092-22/+59
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Context: https://github.com/matrix-org/synapse/pull/11114/files#r741643968
| | * | | | | | Ignore missing imports for parameterized. (#11285)Patrick Cloke2021-11-092-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This was due to a conflict between #11282, which changed mypy configuration, and #11228, a normal change.
| | * | | | | | Require mypy for synapse/ & tests/ unless excluded (#11282)Dan Callahan2021-11-093-77/+168
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Dan Callahan <danc@element.io>
| | * | | | | | Clarifications and small fixes to to-device related code (#11247)Andrew Morgan2021-11-096-17/+78
| | | | | | | | | | | | | | | | | | | | | | | | Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
| | * | | | | | Allow admins to proactively block rooms (#11228)David Robertson2021-11-096-21/+103
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Co-authored-by: Dirk Klimpel <5740567+dklimpel@users.noreply.github.com> Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
| | * | | | | | Support filtering by relations per MSC3440 (#11236)Patrick Cloke2021-11-0915-110/+680
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Adds experimental support for `relation_types` and `relation_senders` fields for filters.
| | * | | | | | Fix typo in `RelationAggregationPaginationServlet` error response (#11278)Andrew Morgan2021-11-092-1/+4
| | | | | | | |
| * | | | | | | Merge tag 'v1.47.1' into babolivier/dinsic_1.48.0Brendan Abolivier2021-12-068-51/+513
| |\ \ \ \ \ \ \ | | | |_|_|_|_|/ | | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.47.1 (2021-11-23) =========================== This release fixes a security issue in the media store, affecting all prior releases of Synapse. Server administrators are encouraged to update Synapse as soon as possible. We are not aware of these vulnerabilities being exploited in the wild. Server administrators who are unable to update Synapse may use the workarounds described in the linked GitHub Security Advisory below. Security advisory ----------------- The following issue is fixed in 1.47.1. - **[GHSA-3hfw-x7gx-437c](https://github.com/matrix-org/synapse/security/advisories/GHSA-3hfw-x7gx-437c) / [CVE-2021-41281](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41281): Path traversal when downloading remote media.** Synapse instances with the media repository enabled can be tricked into downloading a file from a remote server into an arbitrary directory, potentially outside the media store directory. The last two directories and file name of the path are chosen randomly by Synapse and cannot be controlled by an attacker, which limits the impact. Homeservers with the media repository disabled are unaffected. Homeservers configured with a federation whitelist are also unaffected. Fixed by [91f2bd090](https://github.com/matrix-org/synapse/commit/91f2bd090).
| | * | | | | | Add CVE number v1.47.1Sean Quah2021-11-191-1/+1
| | | | | | | |
| | * | | | | | Refer to 1.47.1 without the vSean Quah2021-11-191-1/+1
| | | | | | | |
| | * | | | | | Update 1.47.1 release date in CHANGES.mdSean Quah2021-11-191-1/+1
| | | | | | | |
| | * | | | | | 1.47.1Sean Quah2021-11-193-1/+30
| | | | | | | |
| | * | | | | | Prevent the media store from writing outside of the configured directorySean Quah2021-11-195-50/+483
| | | |_|_|_|/ | | |/| | | | | | | | | | | | | | | | | | | | | | | | | Also tighten validation of server names by forbidding invalid characters in IPv6 addresses and empty domain labels.
| * | | | | | Fix testBrendan Abolivier2021-12-061-1/+1
| | | | | | |
| * | | | | | Merge tag 'v1.47.0' into babolivier/dinsic_1.48.0Brendan Abolivier2021-12-06168-1299/+4063
| |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.47.0 (2021-11-17) =========================== No significant changes since 1.47.0rc3. Synapse 1.47.0rc3 (2021-11-16) ============================== Bugfixes -------- - Fix a bug introduced in 1.47.0rc1 which caused worker processes to not halt startup in the presence of outstanding database migrations. ([\#11346](https://github.com/matrix-org/synapse/issues/11346)) - Fix a bug introduced in 1.47.0rc1 which prevented the 'remove deleted devices from `device_inbox` column' background process from running when updating from a recent Synapse version. ([\#11303](https://github.com/matrix-org/synapse/issues/11303), [\#11353](https://github.com/matrix-org/synapse/issues/11353)) Synapse 1.47.0rc2 (2021-11-10) ============================== This fixes an issue with publishing the Debian packages for 1.47.0rc1. It is otherwise identical to 1.47.0rc1. Synapse 1.47.0rc1 (2021-11-09) ============================== Deprecations and Removals ------------------------- - The `user_may_create_room_with_invites` module callback is now deprecated. Please refer to the [upgrade notes](https://matrix-org.github.io/synapse/develop/upgrade#upgrading-to-v1470) for more information. ([\#11206](https://github.com/matrix-org/synapse/issues/11206)) - Remove deprecated admin API to delete rooms (`POST /_synapse/admin/v1/rooms/<room_id>/delete`). ([\#11213](https://github.com/matrix-org/synapse/issues/11213)) Features -------- - Advertise support for Client-Server API r0.6.1. ([\#11097](https://github.com/matrix-org/synapse/issues/11097)) - Add search by room ID and room alias to the List Room admin API. ([\#11099](https://github.com/matrix-org/synapse/issues/11099)) - Add an `on_new_event` third-party rules callback to allow Synapse modules to act after an event has been sent into a room. ([\#11126](https://github.com/matrix-org/synapse/issues/11126)) - Add a module API method to update a user's membership in a room. ([\#11147](https://github.com/matrix-org/synapse/issues/11147)) - Add metrics for thread pool usage. ([\#11178](https://github.com/matrix-org/synapse/issues/11178)) - Support the stable room type field for [MSC3288](https://github.com/matrix-org/matrix-doc/pull/3288). ([\#11187](https://github.com/matrix-org/synapse/issues/11187)) - Add a module API method to retrieve the current state of a room. ([\#11204](https://github.com/matrix-org/synapse/issues/11204)) - Calculate a default value for `public_baseurl` based on `server_name`. ([\#11210](https://github.com/matrix-org/synapse/issues/11210)) - Add support for serving `/.well-known/matrix/server` files, to redirect federation traffic to port 443. ([\#11211](https://github.com/matrix-org/synapse/issues/11211)) - Add admin APIs to pause, start and check the status of background updates. ([\#11263](https://github.com/matrix-org/synapse/issues/11263)) Bugfixes -------- - Fix a long-standing bug which allowed hidden devices to receive to-device messages, resulting in unnecessary database bloat. ([\#10097](https://github.com/matrix-org/synapse/issues/10097)) - Fix a long-standing bug where messages in the `device_inbox` table for deleted devices would persist indefinitely. Contributed by @dklimpel and @JohannesKleine. ([\#10969](https://github.com/matrix-org/synapse/issues/10969), [\#11212](https://github.com/matrix-org/synapse/issues/11212)) - Do not accept events if a third-party rule `check_event_allowed` callback raises an exception. ([\#11033](https://github.com/matrix-org/synapse/issues/11033)) - Fix long-standing bug where verification requests could fail in certain cases if a federation whitelist was in place but did not include your own homeserver. ([\#11129](https://github.com/matrix-org/synapse/issues/11129)) - Allow an empty list of `state_events_at_start` to be sent when using the [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) `/batch_send` endpoint and the author of the historical messages is already part of the current room state at the given `?prev_event_id`. ([\#11188](https://github.com/matrix-org/synapse/issues/11188)) - Fix a bug introduced in Synapse 1.45.0 which prevented the `synapse_review_recent_signups` script from running. Contributed by @samuel-p. ([\#11191](https://github.com/matrix-org/synapse/issues/11191)) - Delete `to_device` messages for hidden devices that will never be read, reducing database size. ([\#11199](https://github.com/matrix-org/synapse/issues/11199)) - Fix a long-standing bug wherein a missing `Content-Type` header when downloading remote media would cause Synapse to throw an error. ([\#11200](https://github.com/matrix-org/synapse/issues/11200)) - Fix a long-standing bug which could result in serialization errors and potentially duplicate transaction data when sending ephemeral events to application services. Contributed by @Fizzadar at Beeper. ([\#11207](https://github.com/matrix-org/synapse/issues/11207)) - Fix a bug introduced in Synapse 1.35.0 which made it impossible to join rooms that return a `send_join` response containing floats. ([\#11217](https://github.com/matrix-org/synapse/issues/11217)) - Fix long-standing bug where cross signing keys were not included in the response to `/r0/keys/query` the first time a remote user was queried. ([\#11234](https://github.com/matrix-org/synapse/issues/11234)) - Fix a long-standing bug where all requests that read events from the database could get stuck as a result of losing the database connection. ([\#11240](https://github.com/matrix-org/synapse/issues/11240)) - Fix a bug preventing Synapse from being rolled back to an earlier version when using workers. ([\#11255](https://github.com/matrix-org/synapse/issues/11255), [\#11276](https://github.com/matrix-org/synapse/issues/11276)) - Fix a bug introduced in Synapse 1.37.1 which caused a remote event being processed by a worker to not get processed on restart if the worker was killed. ([\#11262](https://github.com/matrix-org/synapse/issues/11262)) - Only allow old Element/Riot Android clients to send read receipts without a request body. All other clients must include a request body as required by the specification. Contributed by @rogersheu. ([\#11157](https://github.com/matrix-org/synapse/issues/11157)) Updates to the Docker image --------------------------- - Avoid changing user ID when started as a non-root user, and no explicit `UID` is set. ([\#11209](https://github.com/matrix-org/synapse/issues/11209)) Improved Documentation ---------------------- - Improve example HAProxy config in the docs to properly handle HTTP `Host` headers with port information. This is required for federation over port 443 to work correctly. ([\#11128](https://github.com/matrix-org/synapse/issues/11128)) - Add documentation for using Authentik as an OpenID Connect Identity Provider. Contributed by @samip5. ([\#11151](https://github.com/matrix-org/synapse/issues/11151)) - Clarify lack of support for Windows. ([\#11198](https://github.com/matrix-org/synapse/issues/11198)) - Improve code formatting and fix a few typos in docs. Contributed by @sumnerevans at Beeper. ([\#11221](https://github.com/matrix-org/synapse/issues/11221)) - Add documentation for using LemonLDAP as an OpenID Connect Identity Provider. Contributed by @l00ptr. ([\#11257](https://github.com/matrix-org/synapse/issues/11257)) Internal Changes ---------------- - Add type annotations for the `log_function` decorator. ([\#10943](https://github.com/matrix-org/synapse/issues/10943)) - Add type hints to `synapse.events`. ([\#11098](https://github.com/matrix-org/synapse/issues/11098)) - Remove and document unnecessary `RoomStreamToken` checks in application service ephemeral event code. ([\#11137](https://github.com/matrix-org/synapse/issues/11137)) - Add type hints so that `synapse.http` passes `mypy` checks. ([\#11164](https://github.com/matrix-org/synapse/issues/11164)) - Update scripts to pass Shellcheck lints. ([\#11166](https://github.com/matrix-org/synapse/issues/11166)) - Add knock information in admin export. Contributed by Rafael Gonçalves. ([\#11171](https://github.com/matrix-org/synapse/issues/11171)) - Add tests to check that `ClientIpStore.get_last_client_ip_by_device` and `get_user_ip_and_agents` combine database and in-memory data correctly. ([\#11179](https://github.com/matrix-org/synapse/issues/11179)) - Refactor `Filter` to check different fields depending on the data type. ([\#11194](https://github.com/matrix-org/synapse/issues/11194)) - Improve type hints for the relations datastore. ([\#11205](https://github.com/matrix-org/synapse/issues/11205)) - Replace outdated links in the pull request checklist with links to the rendered documentation. ([\#11225](https://github.com/matrix-org/synapse/issues/11225)) - Fix a bug in unit test `test_block_room_and_not_purge`. ([\#11226](https://github.com/matrix-org/synapse/issues/11226)) - In `ObservableDeferred`, run observers in the order they were registered. ([\#11229](https://github.com/matrix-org/synapse/issues/11229)) - Minor speed up to start up times and getting updates for groups by adding missing index to `local_group_updates.stream_id`. ([\#11231](https://github.com/matrix-org/synapse/issues/11231)) - Add `twine` and `towncrier` as dev dependencies, as they're used by the release script. ([\#11233](https://github.com/matrix-org/synapse/issues/11233)) - Allow `stream_writers.typing` config to be a list of one worker. ([\#11237](https://github.com/matrix-org/synapse/issues/11237)) - Remove debugging statement in tests. ([\#11239](https://github.com/matrix-org/synapse/issues/11239)) - Fix [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) historical messages backfilling in random order on remote homeservers. ([\#11244](https://github.com/matrix-org/synapse/issues/11244)) - Add an additional test for the `cachedList` method decorator. ([\#11246](https://github.com/matrix-org/synapse/issues/11246)) - Make minor correction to the type of `auth_checkers` callbacks. ([\#11253](https://github.com/matrix-org/synapse/issues/11253)) - Clean up trivial aspects of the Debian package build tooling. ([\#11269](https://github.com/matrix-org/synapse/issues/11269), [\#11273](https://github.com/matrix-org/synapse/issues/11273)) - Blacklist new SyTest that checks that key uploads are valid pending the validation being implemented in Synapse. ([\#11270](https://github.com/matrix-org/synapse/issues/11270))
| | * | | | | 1.47.0 v1.47.0David Robertson2021-11-173-1/+13
| | | |_|/ / | | |/| | |
| | * | | | fix up changelog language v1.47.0rc3Andrew Morgan2021-11-161-1/+1
| | | | | |
| | * | | | mark the migration file migration as a bugAndrew Morgan2021-11-161-6/+1
| | | | | |
| | * | | | 1.47.0rc3Andrew Morgan2021-11-166-4/+22
| | | | | |
| | * | | | Rename `remove_deleted_devices_from_device_inbox` to ensure it is always run ↵Andrew Morgan2021-11-162-1/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (#11353) Co-authored-by: reivilibre <oliverw@matrix.org>
| | * | | | Run _upgrade_existing_database on workers if at current schema_version (#11346)Andrew Morgan2021-11-153-19/+74
| | | | | | | | | | | | | | | | | | Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
| | * | | | Move sql file for `remove_deleted_devices_from_device_inbox` into v65 (#11303)Dirk Klimpel2021-11-152-1/+2
| | | |/ / | | |/| |
| | * | | Changelog tweak from feedback v1.47.0rc2Olivier Wilkinson (reivilibre)2021-11-101-1/+1
| | | | |
| | * | | Move Debian changelog entries to rc2 since rc1 was not publishedOlivier Wilkinson (reivilibre)2021-11-101-7/+4
| | | | |
| | * | | 1.47.0rc2Olivier Wilkinson (reivilibre)2021-11-103-1/+14
| | | | |
| | * | | Correct the Debian changelogOlivier Wilkinson (reivilibre)2021-11-101-1/+1
| | | | |
| | * | | Update __init__.py v1.47.0rc1Olivier Wilkinson (reivilibre)2021-11-091-1/+1
| | | | |
| | * | | Changelog tweaks from reviewOlivier Wilkinson (reivilibre)2021-11-091-5/+5
| | | | |
| | * | | Make Deprecations and Removals more prominentOlivier Wilkinson (reivilibre)2021-11-091-7/+7
| | | | |
| | * | | Changelog tweaksOlivier Wilkinson (reivilibre)2021-11-091-6/+6
| | | | |
| | * | | 1.47.0rc1Olivier Wilkinson (reivilibre)2021-11-0959-59/+90
| | |/ /
| | * | Include cross-signing signatures when syncing remote devices for the first ↵Erik Johnston2021-11-093-86/+277
| | | | | | | | | | | | | | | | | | | | | | | | | | | | time (#11234) When fetching remote devices for the first time, we did not correctly include the cross signing keys in the returned results. c.f. #11159
| | * | Require body for read receipts with user-agent exceptions (#11157)rogersheu2021-11-093-3/+40
| | | | | | | | | | | | Co-authored-by: reivilibre <olivier@librepush.net>
| | * | Rename to more clear `get_insertion_event_id_by_batch_id` (MSC2716) (#11244)Eric Eastwood2021-11-084-3/+4
| | | | | | | | | | | | | | | | | | | | `get_insertion_event_by_batch_id` -> `get_insertion_event_id_by_batch_id` Split out from https://github.com/matrix-org/synapse/pull/11114
| | * | Add some background update admin APIs (#11263)Erik Johnston2021-11-088-18/+468
| | | | | | | | | | | | Fixes #11259
| | * | Fix typo in comment from #11255. (#11276)Patrick Cloke2021-11-082-1/+2
| | | |
| | * | Default value for `public_baseurl` (#11210)Richard van der Hoff2021-11-0816-73/+62
| | | | | | | | | | | | | | | | | | | | We might as well use a default value for `public_baseurl` based on `server_name` - in many cases, it will be correct.
| | * | Address review feedback from #11269 (#11273)Dan Callahan2021-11-082-2/+3
| | | | | | | | | | | | Signed-off-by: Dan Callahan <danc@element.io>
| | * | Blacklist new sytest validation test (#11270)Erik Johnston2021-11-082-0/+4
| | | |
| | * | Handle federation inbound instances being killed more gracefully (#11262)Erik Johnston2021-11-083-10/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Make lock better handle process being killed If the process gets killed and restarted (so that it didn't have a chance to drop its locks gracefully) then there may still be locks in the DB that are for the same instance that haven't yet timed out but are safe to delete. We handle this case by a) checking if the current instance already has taken out the lock, and b) if not then ignoring locks that are for the same instance. * Periodically check for old staged events This is to protect against other instances dying and their locks timing out.
| | * | Minor cleanup to Debian packaging (#11269)Dan Callahan2021-11-0711-53/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Remove unused Vagrant scripts * Change package Architecture to any * Preinstall the wheel package when building venvs. Addresses the following warnings during Debian builds: Using legacy 'setup.py install' for jaeger-client, since package 'wheel' is not installed. Using legacy 'setup.py install' for matrix-synapse-ldap3, since package 'wheel' is not installed. Using legacy 'setup.py install' for opentracing, since package 'wheel' is not installed. Using legacy 'setup.py install' for psycopg2, since package 'wheel' is not installed. Using legacy 'setup.py install' for systemd-python, since package 'wheel' is not installed. Using legacy 'setup.py install' for pympler, since package 'wheel' is not installed. Using legacy 'setup.py install' for threadloop, since package 'wheel' is not installed. Using legacy 'setup.py install' for thrift, since package 'wheel' is not installed. * Allow /etc/default/matrix-synapse to be missing Per the systemd.exec manpage, prefixing an EnvironmentFile with "-": > indicates that if the file does not exist, it will not be read and no > error or warning message is logged. Signed-off-by: Dan Callahan <danc@element.io>
| | * | Add doc to integrate synapse with LemonLDAP OIDC (#11257)Julian2021-11-052-0/+39
| | | | | | | | | | | | | | | | Co-authored-by: David Robertson <david.m.robertson1@gmail.com> Co-authored-by: Julian Vanden Broeck <julian.vandenbroeck@dalibo.com>
| | * | Fix rolling back when using workers (#11255)Erik Johnston2021-11-053-11/+82
| | | | | | | | | | | | Fixes #11252
| | * | Make minor correction to type of auth_checkers callbacks (#11253)reivilibre2021-11-043-2/+5
| | | |
| | * | Additional test for `cachedList` (#11246)Richard van der Hoff2021-11-042-0/+44
| | | | | | | | | | | | | | | | | | | | I was trying to understand how `cachedList` works, and ended up writing this extra test. I figure we may as well keep it.
| | * | Track ongoing event fetches correctly in the presence of failure (#11240)Sean Quah2021-11-042-22/+35
| | | | | | | | | | | | | | | | | | | | | | | | When an event fetcher aborts due to an exception, `_event_fetch_ongoing` must be decremented, otherwise the event fetcher would never be replaced. If enough event fetchers were to fail, no more events would be fetched and requests would get stuck waiting for events.
| | * | Add a linearizer on (appservice, stream) when handling ephemeral events. ↵Nick Barrett2021-11-033-18/+103
| | | | | | | | | | | | | | | | | | | | (#11207) Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
| | * | Enable passing typing stream writers as a list. (#11237)Nick Barrett2021-11-038-16/+24
| | | | | | | | | | | | | | | | This makes the typing stream writer config match the other stream writers that only currently support a single worker.
| | * | Remove a debug statement from tests. (#11239)Patrick Cloke2021-11-032-1/+1
| | | |
| | * | Add twine and towncrier as dev dependencies (#11233)Erik Johnston2021-11-032-0/+4
| | | | | | | | | | | | | | | | We don't pin them as we execute them as commands, rather than use them as libs.
| | * | fix a small typo in the delete room api docsAndrew Morgan2021-11-031-1/+1
| | | |
| | * | Support sending no `state_events_at_start` in the MSC2716 `/batch_send` ↵Eric Eastwood2021-11-032-12/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | endpoint (#11188) As brought up by @tulir, https://matrix.to/#/!SBYNQlpqkwJzFIdzxI:nevarro.space/$Gwnb2ZvXHc3poYXuBhho0cmoYq4KJ11Jh3m5s8kjNOM?via=nevarro.space&via=beeper.com&via=matrix.org This use case only works if the user is already joined in the current room state at the given `?prev_event_id`
| | * | Add index to `local_group_updates.stream_id` (#11231)Erik Johnston2021-11-024-1/+37
| | | | | | | | | | | | | | | | This should speed up startup times and generally increase performance of groups.
| | * | Merge remote-tracking branch 'origin/master' into developErik Johnston2021-11-026-6/+49
| | |\|
| | * | Add remaining type hints to `synapse.events`. (#11098)Patrick Cloke2021-11-0215-110/+185
| | | |
| | * | Delete messages for hidden devices from `device_inbox` (#11199)Dirk Klimpel2021-11-024-0/+186
| | | |
| | * | Fix providing a `RoomStreamToken` instance to ↵Andrew Morgan2021-11-025-37/+30
| | | | | | | | | | | | | | | | | | | | `_notify_app_services_ephemeral` (#11137) Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
| | * | Add search by room ID and room alias to List Room admin API (#11099)Dirk Klimpel2021-11-024-53/+76
| | | | | | | | | | | | | | | | Fixes: #10874 Signed-off-by: Dirk Klimpel dirk@klimpel.org
| | * | ObservableDeferred: run observers in order (#11229)Richard van der Hoff2021-11-024-20/+88
| | | |
| | * | Update outdated links in `PULL_REQUEST_TEMPLATE.md` (#11225)Dirk Klimpel2021-11-012-4/+6
| | | |
| | * | Handle missing Content-Type header when accessing remote media (#11200)Shay2021-11-014-4/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * add code to handle missing content-type header and a test to verify that it works * add handling for missing content-type in the /upload endpoint as well * slightly refactor test code to put private method in approriate place * handle possible null value for content-type when pulling from the local db * add changelog * refactor test and add code to handle missing content-type in cached remote media * requested changes * Update changelog.d/11200.bugfix Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com> Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com>
| | * | Add `use_float=true` to ijson calls in Synapse (#11217)Shay2021-11-012-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * add use_float=true to ijson calls * lints * add changelog * Update changelog.d/11217.bugfix Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com> Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com>
| | * | Fix a bug in unit test `test_block_room_and_not_purge` (#11226)Dirk Klimpel2021-11-012-2/+3
| | | |
| | * | Make `check_event_allowed` module API callback not fail open (accept events) ↵reivilibre2021-11-015-17/+24
| | | | | | | | | | | | | | | | when an exception is raised (#11033)
| | * | Remove deprecated delete room admin API (#11213)Dirk Klimpel2021-11-016-124/+79
| | | | | | | | | | | | | | | | | | | | Remove deprecated delete room admin API, `POST /_synapse/admin/v1/rooms/<room_id>/delete`
| | * | Support for serving server well-known files (#11211)Richard van der Hoff2021-11-018-47/+159
| | | | | | | | | | | | | | | | Fixes https://github.com/matrix-org/synapse/issues/8308
| | * | Add domain specific matching for haproxy config (#11128)Brett Bethke2021-11-012-1/+2
| | | |
| | * | Docker: avoid changing userid unnecessarily (#11209)Richard van der Hoff2021-11-013-23/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Docker image: avoid changing user during `generate` The intention was always that the config files get written as the initial user (normally root) - only the data directory needs to be writable by Synapse. This got changed in https://github.com/matrix-org/synapse/pull/5970, but that seems to have been a mistake. * Avoid changing user if no explicit UID is given * changelog
| | * | Support Client-Server API r0.6.1 (#11097)Aaron R2021-11-012-0/+2
| | | | | | | | | | | | | | | | | | | | Fixes #11064 Signed-off-by: Aaron Raimist <aaron@raim.ist>
| | * | Improve code formatting and fix a few typos in docs (#11221)Sumner Evans2021-11-0120-168/+233
| | | | | | | | | | | | | | | | | | | | | | | | * Labeled a lot more code blocks with the appropriate type * Fixed a couple of minor typos (missing/extraneous commas) Signed-off-by: Sumner Evans <me@sumnerevans.com>
| | * | Add metrics to the threadpools (#11178)Erik Johnston2021-11-014-1/+49
| | | |
| | * | Test that `ClientIpStore` combines database and in-memory data correctly ↵Sean Quah2021-11-012-0/+207
| | | | | | | | | | | | | | | | (#11179)
| | * | Stop synapse from saving messages in device_inbox for hidden devices. (#10097)JohannesKleine2021-11-012-2/+7
| | | | | | | | | | | | Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
| | * | Deprecate user_may_create_room_with_invites (#11206)Brendan Abolivier2021-11-013-36/+14
| | | |
| | * | Fix comments referencing v1.46.0 from PR #10969. (#11212)Dirk Klimpel2021-10-293-2/+3
| | | | | | | | | | | | | | | | #10969 was merged after 1.46.0rc1 was cut and will be included in v1.47.0rc1 instead.
| | * | Add a module API method to retrieve state from a room (#11204)Brendan Abolivier2021-10-293-1/+74
| | | |
| | * | Clarify lack of Windows support in documentation (#11198)Sean Quah2021-10-293-12/+14
| | | |
| | * | Additional type hints for relations database class. (#11205)Patrick Cloke2021-10-283-15/+25
| | | |
| | * | Add knock information in admin exported data (#11171)Rafael Gonçalves2021-10-285-2/+99
| | | | | | | | | | | | Signed-off-by: Rafael Goncalves <rafaelgoncalves@riseup.net>
| | * | Fetch verify key locally rather than trying to do so over federation if ↵Shay2021-10-283-29/+58
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | origin and host are the same. (#11129) * add tests for fetching key locally * add logic to check if origin server is same as host and fetch verify key locally rather than over federation * add changelog * slight refactor, add docstring, change changelog entry * Make changelog entry one line * remove verify_json_locally and push locality check to process_request, add function process_request_locally * remove leftover code reference * refactor to add common call to 'verify_json and associated handling code * add type hint to process_json * add some docstrings + very slight refactor
| | * | Add a ModuleApi method to update a user's membership in a room (#11147)Brendan Abolivier2021-10-283-2/+225
| | | | | | | | | | | | Co-authored-by: reivilibre <oliverw@matrix.org>
| | * | Type hints for the remaining two files in `synapse.http`. (#11164)David Robertson2021-10-286-37/+56
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Teach MyPy that the sentinel context is False This means that if `ctx: LoggingContextOrSentinel` then `bool(ctx)` narrows us to `ctx:LoggingContext`, which is a really neat find! * Annotate RequestMetrics - Raise errors for sentry if we use the sentinel context - Ensure we don't raise an error and carry on, but not recording stats - Include stack trace in the error case to lower Sean's blood pressure * Make mypy pass for synapse.http.request_metrics * Make synapse.http.connectproxyclient pass mypy Co-authored-by: reivilibre <oliverw@matrix.org>
| | * | docs/openid: Add Authentik documentation. (#11151)Skyler Mäntysaari2021-10-282-0/+35
| | | |
| | * | Update scripts to pass Shellcheck lints (#11166)Dan Callahan2021-10-2720-104/+120
| | |\ \
| | | * \ Merge remote-tracking branch 'origin/develop' into shellcheckDan Callahan2021-10-2799-324/+1336
| | | |\ \ | | | |/ / | | |/| | | | | | | | | | | | | | | | | Fixes a merge conflict with debian/changelog Signed-off-by: Dan Callahan <danc@element.io>
| | * | | Annotate `log_function` decorator (#10943)reivilibre2021-10-2712-18/+58
| | | | | | | | | | | | | | | Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
| | * | | Fixed config parse bug in review_recent_signups (#11191)Samuel Philipp2021-10-272-2/+8
| | | | |
| | * | | Refactor `Filter` to handle fields according to data being filtered. (#11194)Patrick Cloke2021-10-275-69/+87
| | | | | | | | | | | | | | | | | | | | This avoids filtering against fields which cannot exist on an event source. E.g. presence updates don't have a room.
| | * | | Delete messages from `device_inbox` table when deleting device (#10969)Dirk Klimpel2021-10-276-15/+256
| | | | | | | | | | | | | | | Fixes: #9346
| | * | | Include the stable identifier for MSC3288. (#11187)Patrick Cloke2021-10-272-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | Includes both the stable and unstable identifier to store-invite calls to the identity server. In the future we should remove the unstable identifier.
| | * | | Merge remote-tracking branch 'origin/release-v1.46' into developErik Johnston2021-10-2763-60/+77
| | |\ \ \
| | * | | | Implement an `on_new_event` callback (#11126)Brendan Abolivier2021-10-268-12/+165
| | | | | | | | | | | | | | | | | | Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
| | | | * | ChangelogDan Callahan2021-10-222-0/+7
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Dan Callahan <danc@element.io>
| | | | * | Fix Shellcheck SC2006: Use $(...) notationDan Callahan2021-10-2210-15/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use $(...) notation instead of legacy backticked `...`. https://github.com/koalaman/shellcheck/wiki/SC2006 Signed-off-by: Dan Callahan <danc@element.io>
| | | | * | Fix Shellcheck SC2129: Consider using {..} >> fileDan Callahan2021-10-221-60/+63
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Consider using { cmd1; cmd2; } >> file instead of individual redirects. https://github.com/koalaman/shellcheck/wiki/SC2129 Signed-off-by: Dan Callahan <danc@element.io>
| | | | * | Fix Shellcheck SC2086: Quote to prevent splittingDan Callahan2021-10-2213-42/+42
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Double quote to prevent globbing and word splitting. https://github.com/koalaman/shellcheck/wiki/SC2086 Signed-off-by: Dan Callahan <danc@element.io>
| | | | * | Fix Shellcheck SC2012: Use find instead of lsDan Callahan2021-10-221-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use find instead of ls to better handle non-alphanumeric filenames. https://github.com/koalaman/shellcheck/wiki/SC2012 Signed-off-by: Dan Callahan <danc@element.io>
| | | | * | Fix Shellcheck SC2016: Single quotes don't expandDan Callahan2021-10-221-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Expressions don't expand in single quotes, use double quotes for that. https://github.com/koalaman/shellcheck/wiki/SC2016 This specifically warned about the '$aregis...' part of the sed script. Which is a relatively obscure use of sed. Splitting this into two commands makes its intent more obvious and avoids contravening Shellcheck's lints. Signed-off-by: Dan Callahan <danc@element.io>
| | | | * | Fix Shellcheck SC1091: Can't follow fileDan Callahan2021-10-222-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Not following: (error message here) https://github.com/koalaman/shellcheck/wiki/SC1091 Signed-off-by: Dan Callahan <danc@element.io>
| | | | * | Fix Shellcheck SC1001: Meaningless char escapesDan Callahan2021-10-221-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This \o will be a regular 'o' in this context. https://github.com/koalaman/shellcheck/wiki/SC1001 Signed-off-by: Dan Callahan <danc@element.io>
| | | | * | Fix Shellcheck SC2089 and SC2090: Quotes in varsDan Callahan2021-10-221-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | SC2089: Quotes/backslashes will be treated literally. Use an array. https://github.com/koalaman/shellcheck/wiki/SC2089 SC2090: Quotes/backslashes in this variable will not be respected. https://github.com/koalaman/shellcheck/wiki/SC2090 Putting literal JSON in a variable mistakenly triggers these warnings. Instead of adding ignore directives, this can be avoided by inlining the JSON data into the curl invocation. Since the variable is only used in this one location, inlining is fine. Signed-off-by: Dan Callahan <danc@element.io>
| | | | * | Fix Shellcheck SC2155: Declare + export separatelyDan Callahan2021-10-221-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Declare and assign separately to avoid masking return values. https://github.com/koalaman/shellcheck/wiki/SC2155 Signed-off-by: Dan Callahan <danc@element.io>
| | | | * | Fix Shellcheck SC2166: test -a is not well definedDan Callahan2021-10-221-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Prefer [ p ] && [ q ] as [ p -a q ] is not well defined. https://github.com/koalaman/shellcheck/wiki/SC2166 Signed-off-by: Dan Callahan <danc@element.io>
| | | | * | Fix Shellcheck SC2154: variable possibly undefinedDan Callahan2021-10-221-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | var is referenced but not assigned. https://github.com/koalaman/shellcheck/wiki/SC2154 Signed-off-by: Dan Callahan <danc@element.io>
| | | | * | Fix Shellcheck SC2064: Use single quotes on trapsDan Callahan2021-10-221-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use single quotes, otherwise this expands now rather than when signalled. https://github.com/koalaman/shellcheck/wiki/SC2064 Signed-off-by: Dan Callahan <danc@element.io>
| | | | * | Fix Shellcheck SC2115: Ensure never expands to /*Dan Callahan2021-10-221-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use "${var:?}" to ensure this never expands to /* . https://github.com/koalaman/shellcheck/wiki/SC2115 Signed-off-by: Dan Callahan <danc@element.io>
| | | | * | Fix Shellcheck SC2046: Quote to prevent word splitDan Callahan2021-10-228-8/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Quote this to prevent word splitting https://www.shellcheck.net/wiki/SC2046 Signed-off-by: Dan Callahan <danc@element.io>
| | | | * | Fix Shellcheck SC2164: exit in case cd fails.Dan Callahan2021-10-223-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use `cd ... || exit` in case cd fails. https://github.com/koalaman/shellcheck/wiki/SC2164 Signed-off-by: Dan Callahan <danc@element.io>
| * | | | | Merge tag 'v1.46.0' into babolivier/dinsic_1.48.0Brendan Abolivier2021-12-06171-2280/+5565
| |\ \ \ \ \ | | | |_|_|/ | | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.46.0 (2021-11-02) =========================== The cause of the [performance regression affecting Synapse 1.44](https://github.com/matrix-org/synapse/issues/11049) has been identified and fixed. ([\#11177](https://github.com/matrix-org/synapse/issues/11177)) Bugfixes -------- - Fix a bug introduced in v1.46.0rc1 where URL previews of some XML documents would fail. ([\#11196](https://github.com/matrix-org/synapse/issues/11196)) Synapse 1.46.0rc1 (2021-10-27) ============================== Features -------- - Add support for Ubuntu 21.10 "Impish Indri". ([\#11024](https://github.com/matrix-org/synapse/issues/11024)) - Port the Password Auth Providers module interface to the new generic interface. ([\#10548](https://github.com/matrix-org/synapse/issues/10548), [\#11180](https://github.com/matrix-org/synapse/issues/11180)) - Experimental support for the thread relation defined in [MSC3440](https://github.com/matrix-org/matrix-doc/pull/3440). ([\#11088](https://github.com/matrix-org/synapse/issues/11088), [\#11181](https://github.com/matrix-org/synapse/issues/11181), [\#11192](https://github.com/matrix-org/synapse/issues/11192)) - Users admin API can now also modify user type in addition to allowing it to be set on user creation. ([\#11174](https://github.com/matrix-org/synapse/issues/11174)) Bugfixes -------- - Newly-created public rooms are now only assigned an alias if the room's creation has not been blocked by permission settings. Contributed by @AndrewFerr. ([\#10930](https://github.com/matrix-org/synapse/issues/10930)) - Fix a long-standing bug which meant that events received over federation were sometimes incorrectly accepted into the room state. ([\#11001](https://github.com/matrix-org/synapse/issues/11001), [\#11009](https://github.com/matrix-org/synapse/issues/11009), [\#11012](https://github.com/matrix-org/synapse/issues/11012)) - Fix 500 error on `/messages` when the server accumulates more than 5 backwards extremities at a given depth for a room. ([\#11027](https://github.com/matrix-org/synapse/issues/11027)) - Fix a bug where setting a user's `external_id` via the admin API returns 500 and deletes user's existing external mappings if that external ID is already mapped. ([\#11051](https://github.com/matrix-org/synapse/issues/11051)) - Fix a long-standing bug where users excluded from the user directory were added into the directory if they belonged to a room which became public or private. ([\#11075](https://github.com/matrix-org/synapse/issues/11075)) - Fix a long-standing bug when attempting to preview URLs which are in the `windows-1252` character encoding. ([\#11077](https://github.com/matrix-org/synapse/issues/11077), [\#11089](https://github.com/matrix-org/synapse/issues/11089)) - Fix broken export-data admin command and add test script checking the command to CI. ([\#11078](https://github.com/matrix-org/synapse/issues/11078)) - Show an error when timestamp in seconds is provided to the `/purge_media_cache` Admin API. ([\#11101](https://github.com/matrix-org/synapse/issues/11101)) - Fix local users who left all their rooms being removed from the user directory, even if the `search_all_users` config option was enabled. ([\#11103](https://github.com/matrix-org/synapse/issues/11103)) - Fix a bug which caused the module API's `get_user_ip_and_agents` function to always fail on workers. `get_user_ip_and_agents` was introduced in 1.44.0 and did not function correctly on worker processes at the time. ([\#11112](https://github.com/matrix-org/synapse/issues/11112)) - Identity server connection is no longer ignoring `ip_range_whitelist`. ([\#11120](https://github.com/matrix-org/synapse/issues/11120)) - Fix a bug introduced in Synapse 1.45.0 breaking the configuration file parsing script. ([\#11145](https://github.com/matrix-org/synapse/issues/11145)) - Fix a performance regression introduced in 1.44.0 which could cause client requests to time out when making large numbers of outbound requests. ([\#11177](https://github.com/matrix-org/synapse/issues/11177), [\#11190](https://github.com/matrix-org/synapse/issues/11190)) - Resolve and share `state_groups` for all [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) historical events in batch. ([\#10975](https://github.com/matrix-org/synapse/issues/10975)) Improved Documentation ---------------------- - Fix broken links relating to module API deprecation in the upgrade notes. ([\#11069](https://github.com/matrix-org/synapse/issues/11069)) - Add more information about what happens when a user is deactivated. ([\#11083](https://github.com/matrix-org/synapse/issues/11083)) - Clarify the the sample log config can be copied from the documentation without issue. ([\#11092](https://github.com/matrix-org/synapse/issues/11092)) - Update the admin API documentation with an updated list of the characters allowed in registration tokens. ([\#11093](https://github.com/matrix-org/synapse/issues/11093)) - Document Synapse's behaviour when dealing with multiple modules registering the same callbacks and/or handlers for the same HTTP endpoints. ([\#11096](https://github.com/matrix-org/synapse/issues/11096)) - Fix instances of `[example]{.title-ref}` in the upgrade documentation as a result of prior RST to Markdown conversion. ([\#11118](https://github.com/matrix-org/synapse/issues/11118)) - Document the version of Synapse each module callback was introduced in. ([\#11132](https://github.com/matrix-org/synapse/issues/11132)) - Document the version of Synapse that introduced each module API method. ([\#11183](https://github.com/matrix-org/synapse/issues/11183)) Internal Changes ---------------- - Fix spurious warnings about losing the logging context on the `ReplicationCommandHandler` when losing the replication connection. ([\#10984](https://github.com/matrix-org/synapse/issues/10984)) - Include rejected status when we log events. ([\#11008](https://github.com/matrix-org/synapse/issues/11008)) - Add some extra logging to the event persistence code. ([\#11014](https://github.com/matrix-org/synapse/issues/11014)) - Rearrange the internal workings of the incremental user directory updates. ([\#11035](https://github.com/matrix-org/synapse/issues/11035)) - Fix a long-standing bug where users excluded from the directory could still be added to the `users_who_share_private_rooms` table after a regular user joins a private room. ([\#11143](https://github.com/matrix-org/synapse/issues/11143)) - Add and improve type hints. ([\#10972](https://github.com/matrix-org/synapse/issues/10972), [\#11055](https://github.com/matrix-org/synapse/issues/11055), [\#11066](https://github.com/matrix-org/synapse/issues/11066), [\#11076](https://github.com/matrix-org/synapse/issues/11076), [\#11095](https://github.com/matrix-org/synapse/issues/11095), [\#11109](https://github.com/matrix-org/synapse/issues/11109), [\#11121](https://github.com/matrix-org/synapse/issues/11121), [\#11146](https://github.com/matrix-org/synapse/issues/11146)) - Mark the Synapse package as containing type annotations and fix export declarations so that Synapse pluggable modules may be type checked against Synapse. ([\#11054](https://github.com/matrix-org/synapse/issues/11054)) - Remove dead code from `MediaFilePaths`. ([\#11056](https://github.com/matrix-org/synapse/issues/11056)) - Be more lenient when parsing oEmbed response versions. ([\#11065](https://github.com/matrix-org/synapse/issues/11065)) - Create a separate module for the retention configuration. ([\#11070](https://github.com/matrix-org/synapse/issues/11070)) - Clean up some of the federation event authentication code for clarity. ([\#11115](https://github.com/matrix-org/synapse/issues/11115), [\#11116](https://github.com/matrix-org/synapse/issues/11116), [\#11122](https://github.com/matrix-org/synapse/issues/11122)) - Add docstrings and comments to the application service ephemeral event sending code. ([\#11138](https://github.com/matrix-org/synapse/issues/11138)) - Update the `sign_json` script to support inline configuration of the signing key. ([\#11139](https://github.com/matrix-org/synapse/issues/11139)) - Fix broken link in the docker image README. ([\#11144](https://github.com/matrix-org/synapse/issues/11144)) - Always dump logs from unit tests during CI runs. ([\#11068](https://github.com/matrix-org/synapse/issues/11068)) - Add tests for `MediaFilePaths` class. ([\#11057](https://github.com/matrix-org/synapse/issues/11057)) - Simplify the user admin API tests. ([\#11048](https://github.com/matrix-org/synapse/issues/11048)) - Add a test for the workaround introduced in [\#11042](https://github.com/matrix-org/synapse/pull/11042) concerning the behaviour of third-party rule modules and `SynapseError`s. ([\#11071](https://github.com/matrix-org/synapse/issues/11071))
| | * | | | Update changelog v1.46.0Erik Johnston2021-11-021-2/+2
| | | | | |
| | * | | | 1.46.0Erik Johnston2021-11-024-4/+16
| | | | | |
| | * | | | Force deb compression with `xz`. (#11197)Richard van der Hoff2021-10-272-0/+12
| | | | | | | | | | | | | | | | | | Fixes a problem where `impish` packages could not be processed by `reprepro`.
| | * | | | Fix URL preview errors when previewing XML documents. (#11196)Patrick Cloke2021-10-273-3/+22
| | | |/ / | | |/| |
| | * | | Update release dateErik Johnston2021-10-271-1/+1
| | | | |
| | * | | Update changelog with new changes v1.46.0rc1Erik Johnston2021-10-273-4/+2
| | | | |
| | * | | Shut down the DNS threadpool (#11190)Sean Quah2021-10-272-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | The DNS threadpool must be explicitly stopped, otherwise Synapse will hang indefinitely when asked to shut down.
| | * | | Fix thread BG update to not seq scan event_json (#11192)Erik Johnston2021-10-272-1/+2
| | | | | | | | | | | | | | | | | | | | For some reason the query optimiser decided to seq scan both tables, rather than index scanning `event_json`.
| | * | | Update CHANGES.mdSean Quah2021-10-261-16/+8
| | | | |
| | * | | Move #10975 to bugfix section in changelogSean Quah2021-10-261-1/+1
| | | | |
| | * | | Update CHANGES.mdSean Quah2021-10-261-3/+3
| | | | |
| | * | | Update CHANGES.mdSean Quah2021-10-261-2/+4
| | | | |
| | * | | 1.46.0rc1Sean Quah2021-10-2661-59/+81
| | |/ /
| | * | Move DNS lookups into separate thread pool (#11177)Erik Johnston2021-10-263-1/+149
| | | | | | | | | | | | | | | | | | | | | | | | This is to stop large bursts of lookups starving out other users of the thread pools. Fixes #11049.
| | * | Add a background update for updating MSC3440 relation threads. (#11181)Patrick Cloke2021-10-263-2/+102
| | | |
| | * | Document the version each module API method was added to Synapse (#11183)Brendan Abolivier2021-10-262-11/+89
| | | |
| | * | Enable changing user type via users admin API (#11174)Jason Robinson2021-10-265-2/+80
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Users admin API can now also modify user type in addition to allowing it to be set on user creation. Signed-off-by: Jason Robinson <jasonr@matrix.org> Co-authored-by: Brendan Abolivier <babolivier@matrix.org>
| | * | Fix cyclic import in the module API (#11180)Brendan Abolivier2021-10-252-2/+5
| | | | | | | | | | | | | | | | | | | | Introduced in #10548 See https://github.com/matrix-org/synapse-email-account-validity/runs/3979337154?check_suite_focus=true for an example of a module's CI choking over this issue.
| | * | Don't set new room alias before potential 403 (#10930)AndrewFerr2021-10-254-12/+113
| | | | | | | | | | | | | | | | | | | | | | | | Fixes: #10929 Signed-off-by: Andrew Ferrazzutti <fair@miscworks.net>
| | * | Ensure that we correctly auth events returned by `send_join` (#11012)Richard van der Hoff2021-10-252-86/+61
| | | | | | | | | | | | | | | | | | | | | | | | | | | | This is the final piece of the jigsaw for #9595. As with other changes before this one (eg #10771), we need to make sure that we auth the auth events in the right order, and actually check that their predecessors haven't been rejected. To do this I've reused the existing code we use when persisting outliers elsewhere. I've removed the code for attempting to fetch missing auth_events - the events should have been present in the send_join response, so the likely reason they are missing is that we couldn't verify them, so requesting them again is unlikely to help. Instead, we simply drop any state which relies on those auth events, as we do at a backwards-extremity. See also matrix-org/complement#216 for a test for this.
| | * | Fix module API's `get_user_ip_and_agents` function when run on workers (#11112)Sean Quah2021-10-253-40/+91
| | |/
| | * Add type hints for most `HomeServer` parameters (#11095)Sean Quah2021-10-2258-143/+342
| | |
| | * Fix synapse.config module "read" command (#11145)Jason Robinson2021-10-225-68/+138
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `synapse.config.__main__` has the possibility to read a config item. This can be used to conveniently also validate the config is valid before trying to start Synapse. The "read" command broke in https://github.com/matrix-org/synapse/pull/10916 as it now requires passing in "server.server_name" for example. Also made the read command optional so one can just call this with just the confirm file reference and get a "Config parses OK" if things are ok. Signed-off-by: Jason Robinson <jasonr@matrix.org> Co-authored-by: Brendan Abolivier <babolivier@matrix.org>
| | * Add more information what happens when a user is deactivated (#11083)Dirk Klimpel2021-10-222-0/+11
| | |
| | * Add a thread relation type per MSC3440. (#11088)Patrick Cloke2021-10-218-8/+119
| | | | | | | | | | | | Adds experimental support for MSC3440's `io.element.thread` relation type (and the aggregation for it).
| | * Fix adding excluded users to the private room sharing tables when joining a ↵David Robertson2021-10-213-29/+67
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | room (#11143) * We only need to fetch users in private rooms * Filter out `user_id` at the top * Discard excluded users in the top loop We weren't doing this in the "First, if they're our user" branch so this is a bugfix. * The caller must check that `user_id` is included This is in the docstring. There are two call sites: - one in `_handle_room_publicity_change`, which explicitly checks before calling; - and another in `_handle_room_membership_event`, which returns early if the user is excluded. So this change is safe. * Test joining a private room with an excluded user * Tweak an existing test * Changelog * test docstring * lint
| | * Improve docstrings for methods related to sending EDUs to application ↵Andrew Morgan2021-10-217-23/+148
| | | | | | | | | | | | services (#11138)
| | * Add missing type hints to synapse.crypto. (#11146)Patrick Cloke2021-10-215-18/+36
| | | | | | | | | And require type hints for this module.
| | * fix relative link in docker readme (#11144)Richard van der Hoff2021-10-212-1/+3
| | | | | | | | | relative links don't work when it's on dockerhub.
| | * Fix setting a user's external_id via the admin API returns 500 and deletes ↵Dirk Klimpel2021-10-214-37/+321
| | | | | | | | | | | | | | | users existing external mappings if that external ID is already mapped (#11051) Fixes #10846
| | * Update `sign_json` to support inline key config (#11139)Richard van der Hoff2021-10-202-7/+26
| | | | | | | | | | | | It's been possible to configure a key inline in the homeserver.yaml since 13bc1e0746aa0442aa5d43555cbbc2dc75e8ef43. Update `sign_json` to work with this.
| | * Consider IP whitelist for identity server resolution (#11120)Robert Edström2021-10-202-1/+4
| | | | | | | | | Signed-off-by: Robert Edström <github@legogris.se>
| | * Clean up `_update_auth_events_and_context_for_auth` (#11122)Richard van der Hoff2021-10-202-114/+38
| | | | | | | | | Remove some redundant code, and generally simplify.
| | * Show error when timestamp in seconds is provided to the /purge_media_cache ↵Aaron R2021-10-204-13/+133
| | | | | | | | | | | | API (#11101)
| | * Merge branch 'master' into developSean Quah2021-10-206-63/+19
| | |\
| | * | Remove false warning about copying the log config to a homeserver.yaml (#11092)Travis Ralston2021-10-202-6/+7
| | | | | | | | | | | | Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
| | * | Document the version of Synapse each module callback was introduced in (#11132)Brendan Abolivier2021-10-206-0/+45
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Mention callbacks introduced in v1.37.0 According to the documentation introduced in https://github.com/matrix-org/synapse/pull/10062 * Mention callbacks introduced in v1.39.0 According to https://github.com/matrix-org/synapse/pull/10386 and https://github.com/matrix-org/synapse/pull/9884 * Mention callbacks introduced in v1.42.0 According to https://github.com/matrix-org/synapse/pull/10524 * Mention callbacks introduced in v1.44.0 and v1.45.0 As per https://github.com/matrix-org/synapse/pull/10898, https://github.com/matrix-org/synapse/pull/10910 and https://github.com/matrix-org/synapse/pull/10894 * Mention callbacks introduced in v1.46.0 According to https://github.com/matrix-org/synapse/pull/10548
| | * | Add missing type hints to event fetching. (#11121)Patrick Cloke2021-10-192-61/+82
| | | | | | | | | | | | | | | | Updates the event rows returned from the database to be attrs classes instead of dictionaries.
| | * | Fix instances of [example]{.title-ref} in the upgrade notes (#11118)Andrew Morgan2021-10-192-27/+28
| | | |
| | * | Merge branch 'master' into developDavid Robertson2021-10-193-5/+40
| | |\ \
| | * | | Move _persist_auth_tree into FederationEventHandler (#11115)Richard van der Hoff2021-10-193-125/+120
| | | | | | | | | | | | | | | | | | | | | | | | | This is just a lift-and-shift, because it fits more naturally here. We do rename it to `process_remote_join` at the same time though.
| | * | | Rename `_auth_and_persist_fetched_events` (#11116)Richard van der Hoff2021-10-192-14/+10
| | | | | | | | | | | | | | | | | | | | ... to `_auth_and_persist_outliers`, since that reflects its purpose better.
| | * | | Include rejected status when we log events. (#11008)Richard van der Hoff2021-10-192-6/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If we find ourselves dealing with rejected events, we proably want to know about it. Let's include it in the stringification of the event so that it gets logged.
| | * | | Add missing type hints to synapse.api. (#11109)Patrick Cloke2021-10-1810-99/+84
| | | | | | | | | | | | | | | | | | | | * Convert UserPresenceState to attrs. * Remove args/kwargs from error classes and explicitly pass msg/errorcode.
| | * | | Check auth on received events' auth_events (#11001)Richard van der Hoff2021-10-182-2/+98
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, when we receive an event whose auth_events differ from those we expect, we state-resolve between the two state sets, and check that the event passes auth based on the resolved state. This means that it's possible for us to accept events which don't pass auth at their declared auth_events (or where the auth events themselves were rejected), leading to problems down the line like #10083. This change means we will: * ignore any events where we cannot find the auth events * reject any events whose auth events were rejected * reject any events which do not pass auth at their declared auth_events. Together with a whole raft of previous work, this is a partial fix to #9595. Fixes #6643. Based on #11009.
| | * | | Check *all* auth events for room id and rejection (#11009)Richard van der Hoff2021-10-188-85/+122
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes a bug where we would accept an event whose `auth_events` include rejected events, if the rejected event was shadowed by another `auth_event` with same `(type, state_key)`. The approach is to pass a list of auth events into `check_auth_rules_for_event` instead of a dict, which of course means updating the call sites. This is an extension of #10956.
| | * | | Document Synapse's behaviour when dealing with multiple modules (#11096)Brendan Abolivier2021-10-188-8/+154
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Document Synapse's behaviour when multiple modules register the same callback/web resource/etc. Co-authored-by: reivilibre <oliverw@matrix.org>