summary refs log tree commit diff
Commit message (Collapse)AuthorAgeFilesLines
* Store key validity time in the storage layerRichard van der Hoff2019-05-236-46/+122
| | | | | | | | This is a first step to checking that the key is valid at the required moment. The idea here is that, rather than passing VerifyKey objects in and out of the storage layer, we instead pass FetchKeyResult objects, which simply wrap the VerifyKey and add a valid_until_ts field.
* Simplify process_v2_response (#5236)Richard van der Hoff2019-05-232-21/+30
| | | | | | | | | * Pass time_added_ms into process_v2_response * Simplify process_v2_response We can merge old_verify_keys into verify_keys, and reduce the number of dicts flying around.
* Remove unused VerifyKey.expired and .time_added fields (#5235)Richard van der Hoff2019-05-232-3/+1
| | | | | These were never used, and poking arbitary data into objects from other packages seems confusing at best.
* Rewrite store_server_verify_key to store several keys at once (#5234)Richard van der Hoff2019-05-235-87/+96
| | | | | Storing server keys hammered the database a bit. This replaces the implementation which stored a single key, with one which can do many updates at once.
* Simplifications and comments in do_auth (#5227)Richard van der Hoff2019-05-233-121/+183
| | | | | I was staring at this function trying to figure out wtf it was actually doing. This is (hopefully) a non-functional refactor which makes it a bit clearer.
* Run black on synapse.crypto.keyring (#5232)Richard van der Hoff2019-05-222-149/+138
|
* Merge branch 'master' into developNeil Johnson2019-05-223-3/+11
|\
| * 0.99.5.1 v0.99.5.1Neil Johnson2019-05-223-3/+11
| |
| * Revert "0.99.5"Neil Johnson2019-05-223-11/+3
| | | | | | | | This reverts commit c31e375ade1b59a7fe38628337e9e1aa3de91feb.
| * 0.99.5Neil Johnson2019-05-223-3/+11
| |
* | remove urllib3 pin (#5230)Marcus Hoffmann2019-05-222-8/+1
| | | | | | | | | | | | requests 2.22.0 as been released supporting urllib3 1.25.2 Signed-off-by: Marcus Hoffmann <bubu@bubu1.eu>
* | Merge branch 'master' into developNeil Johnson2019-05-223-1/+11
|\|
| * 0.99.5 v0.99.5Neil Johnson2019-05-223-1/+11
| |
* | Neilj/ensure get profileinfo available in client reader slaved store (#5213)Neil Johnson2019-05-222-0/+3
| | | | | | * expose SlavedProfileStore to ClientReaderSlavedStore
* | Update README.md (#5222)Steffen2019-05-221-1/+1
| | | | | | Add missing backslash
* | Merge branch 'master' into developRichard van der Hoff2019-05-2228-27/+40
|\|
| * update changelog v0.99.5rc1Richard van der Hoff2019-05-213-3/+1
| |
| * Merge commit 'f4c80d70f' into release-v0.99.5Richard van der Hoff2019-05-215-6/+89
| |\
| * | Fix spelling in changelogRichard van der Hoff2019-05-211-1/+1
| | |
| * | 0.99.5rc1Richard van der Hoff2019-05-2126-25/+40
| | |
* | | Room Statistics (#4338)Amber Brown2019-05-2115-13/+1306
| |/ |/|
* | Merge pull request #5203 from matrix-org/erikj/aggregate_by_senderErik Johnston2019-05-212-1/+2
|\ \ | | | | | | Only count aggregations from distinct senders
| * | NewsfileErik Johnston2019-05-211-0/+1
| | |
| * | Only count aggregations from distinct sendersErik Johnston2019-05-171-1/+1
| | | | | | | | | | | | As a user isn't allowed to send a single emoji more than once.
* | | Merge pull request #5212 from matrix-org/erikj/deny_multiple_reactionsErik Johnston2019-05-214-5/+87
|\ \ \ | |_|/ |/| | Block attempts to annotate the same event twice
| * | Fix wordsErik Johnston2019-05-211-3/+3
| | |
| * | NewsfileErik Johnston2019-05-201-0/+1
| | |
| * | Block attempts to annotate the same event twiceErik Johnston2019-05-203-5/+86
| | |
* | | Introduce room v4 which updates event ID format. (#5217)Richard van der Hoff2019-05-213-5/+6
| | | | | | | | | Implements https://github.com/matrix-org/matrix-doc/pull/2002.
* | | Exclude soft-failed events from fwd-extremity candidates. (#5146)Richard van der Hoff2019-05-213-3/+14
| | | | | | | | | | | | | | | | | | | | | | | | When considering the candidates to be forward-extremities, we must exclude soft failures. Hopefully fixes #5090.
* | | Pin eliot to <1.8 on python 3.5.2 (#5218)Richard van der Hoff2019-05-213-7/+36
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Pin eliot to <1.8 on python 3.5.2 Fixes https://github.com/matrix-org/synapse/issues/5199 * Add support for 'markers' to python_dependencies * tell xargs not to strip quotes
* | | Merge pull request #5204 from ↵Brendan Abolivier2019-05-216-12/+134
|\ \ \ | | | | | | | | | | | | | | | | matrix-org/babolivier/account_validity_expiration_date Add startup background job for account validity
| * | | DocBrendan Abolivier2019-05-212-0/+16
| | | |
| * | | Do the select and insert in a single transactionBrendan Abolivier2019-05-211-10/+6
| | | |
| * | | ChangelogBrendan Abolivier2019-05-171-0/+1
| | | |
| * | | Add startup background job for account validityBrendan Abolivier2019-05-173-12/+121
| | | | | | | | | | | | | | | | If account validity is enabled in the server's configuration, this job will run at startup as a background job and will stick an expiration date to any registered account missing one.
* | | | Fix error handling for rooms whose versions are unknown. (#5219)Richard van der Hoff2019-05-215-7/+38
| |/ / |/| | | | | | | | | | | | | | | | | If we remove support for a particular room version, we should behave more gracefully. This should make client requests fail with a 400 rather than a 500, and will ignore individiual PDUs in a federation transaction, rather than the whole transaction.
* | | Revert "expose SlavedProfileStore to ClientReaderSlavedStore (#5200)"Richard van der Hoff2019-05-202-3/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit ce5bcefc609db40740c692bd53a1ef84ab675e8c. This caused: ``` Traceback (most recent call last): File "/usr/local/lib/python3.7/runpy.py", line 193, in _run_module_as_main "__main__", mod_spec) File "/usr/local/lib/python3.7/runpy.py", line 85, in _run_code exec(code, run_globals) File "/home/synapse/src/synapse/app/client_reader.py", line 32, in <module> from synapse.replication.slave.storage import SlavedProfileStore ImportError: cannot import name 'SlavedProfileStore' from 'synapse.replication.slave.storage' (/home/synapse/src/synapse/replication/slave/storage/__init__.py) error starting synapse.app.client_reader('/home/synapse/config/workers/client_reader.yaml') (exit code: 1); see above for logs ```
* | | Add a test room version which updates event ID format (#5210)Richard van der Hoff2019-05-203-3/+34
| | | | | | | | | Implements MSC1884
* | | Merge pull request #5211 from matrix-org/erikj/fixup_reaction_constantsErik Johnston2019-05-205-20/+21
|\ \ \ | | | | | | | | Rename relation types to match MSC
| * | | NewsfileErik Johnston2019-05-201-0/+1
| | | |
| * | | Rename relation types to match MSCErik Johnston2019-05-204-20/+20
|/ / /
* | | Merge pull request #5209 from matrix-org/erikj/reactions_baseErik Johnston2019-05-2014-16/+1439
|\ \ \ | | | | | | | | Land basic reaction and edit support.
| * | | NewsfileErik Johnston2019-05-202-1/+1
| | | |
| * | | Merge pull request #5207 from matrix-org/erikj/reactions_redactionsErik Johnston2019-05-203-12/+125
| |\ \ \ | | | | | | | | | | Correctly update aggregation counts after redaction
| | * | | Fixup commentsErik Johnston2019-05-201-2/+2
| | | | |
| | * | | Correctly update aggregation counts after redactionErik Johnston2019-05-203-0/+57
| | | |/ | | |/|
| | * | Make tests use different user for each reaction it sendsErik Johnston2019-05-171-12/+68
| | | | | | | | | | | | | | | | As users aren't allowed to react with the same emoji more than once.
| * | | Merge pull request #5195 from matrix-org/erikj/editsErik Johnston2019-05-204-14/+166
| |\| | | | | | | | | | Add basic editing support
| | * | Fixup bsaed on review commentsErik Johnston2019-05-173-19/+19
| | | |
| | * | Add basic editing supportErik Johnston2019-05-164-15/+167
| |/ /
| * | Merge pull request #5192 from matrix-org/erikj/relations_aggregationsErik Johnston2019-05-169-27/+706
| |\ \ | | | | | | | | Add relation aggregation APIs
| | * | Move parsing of tokens out of storage layerErik Johnston2019-05-162-14/+21
| | | |
| | * | Indirect tuple conversionErik Johnston2019-05-161-0/+6
| | | |
| | * | Check that event is visible in new APIsErik Johnston2019-05-162-3/+16
| | | |
| | * | Fix relations in worker modeErik Johnston2019-05-165-13/+28
| | | |
| | * | Add cache to relationsErik Johnston2019-05-161-0/+8
| | | |
| | * | Add aggregations APIErik Johnston2019-05-165-13/+643
| | | |
| * | | Merge pull request #5186 from matrix-org/erikj/simple_paginationErik Johnston2019-05-169-0/+479
| |\| | | | | | | | | | Add simple relations API
| | * | Actually check for None rather falseyErik Johnston2019-05-151-2/+2
| | | |
| | * | Actually implement idempotencyErik Johnston2019-05-151-1/+8
| | | |
| | * | NewsfileErik Johnston2019-05-151-0/+1
| | | |
| | * | Add simple pagination APIErik Johnston2019-05-153-0/+160
| | | |
| | * | Add simple send_relation API and track in DBErik Johnston2019-05-158-0/+311
| |/ /
| * | Merge branch 'erikj/refactor_pagination_bounds' into erikj/reactions_baseErik Johnston2019-05-155-63/+122
| |\ \
| * \ \ Merge branch 'erikj/fix_config_ratelimiting' into erikj/testErik Johnston2019-05-142-1/+3
| |\ \ \
| * \ \ \ Merge branch 'erikj/async_serialize_event' into erikj/reactions_rebaseErik Johnston2019-05-1413-101/+194
| |\ \ \ \
* | | | | | Limit UserIds to a length that fits in a state key (#5198)ReidAnderson2019-05-204-1/+21
| | | | | |
* | | | | | fix mapping of return values for get_or_register_3pid_guest (#5177)bytepoets-blo2019-05-172-1/+2
| | | | | | | | | | | | | | | | | | * fix mapping of return values for get_or_register_3pid_guest
* | | | | | Merge pull request #5191 from matrix-org/erikj/refactor_pagination_boundsErik Johnston2019-05-172-61/+134
|\ \ \ \ \ \ | | | | | | | | | | | | | | Make generating SQL bounds for pagination generic
| * | | | | | Spelling and clarificationsErik Johnston2019-05-171-5/+9
| | | | | | |
| * | | | | | Update docstringErik Johnston2019-05-161-1/+12
| | |_|_|/ / | |/| | | |
| * | | | | NewsfileErik Johnston2019-05-151-0/+1
| | | | | |
| * | | | | Make generating SQL bounds for pagination genericErik Johnston2019-05-151-61/+118
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This will allow us to reuse the same structure when we paginate e.g. relations
* | | | | | expose SlavedProfileStore to ClientReaderSlavedStore (#5200)Neil Johnson2019-05-172-0/+3
| | | | | | | | | | | | | | | | | | * expose SlavedProfileStore to ClientReaderSlavedStore
* | | | | | Some vagrant hackery for testing the debsRichard van der Hoff2019-05-174-0/+48
| | | | | |
* | | | | | Merge remote-tracking branch 'origin/master' into developRichard van der Hoff2019-05-173-25/+25
|\ \ \ \ \ \
| * | | | | | Stop telling people to install the optional dependencies. (#5197)Richard van der Hoff2019-05-173-25/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Stop telling people to install the optional dependencies. They're optional. Also update the postgres docs a bit for clarity(?)
* | | | | | | Merge pull request #5196 from matrix-org/babolivier/per_room_profilesBrendan Abolivier2019-05-175-1/+96
|\ \ \ \ \ \ \ | | |_|_|_|_|/ | |/| | | | | Add an option to disable per-room profiles
| * | | | | | LintBrendan Abolivier2019-05-161-1/+0
| | | | | | |
| * | | | | | LintBrendan Abolivier2019-05-161-1/+3
| | | | | | |
| * | | | | | Changelog + sample configBrendan Abolivier2019-05-162-0/+7
| | | | | | |
| * | | | | | Forgot copyrightBrendan Abolivier2019-05-161-0/+1
| | | | | | |
| * | | | | | Add test caseBrendan Abolivier2019-05-161-1/+67
| | | | | | |
| * | | | | | Add option to disable per-room profilesBrendan Abolivier2019-05-162-0/+20
| | | | | | |
* | | | | | | Fix image orientation when generating thumbnail (#5039)PauRE2019-05-164-1/+46
| | | | | | |
* | | | | | | Merge pull request #5174 from matrix-org/dbkr/add_dummy_flow_to_recaptcha_onlyDavid Baker2019-05-164-7/+27
|\ \ \ \ \ \ \ | |/ / / / / / |/| | | | | | Re-order registration stages to do msisdn & email auth last
| * | | | | | Terms might not be the last stageDavid Baker2019-05-131-1/+1
| | | | | | |
| * | | | | | Merge remote-tracking branch 'origin/develop' into ↵David Baker2019-05-132-1/+1
| |\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | dbkr/add_dummy_flow_to_recaptcha_only
| * \ \ \ \ \ \ Merge remote-tracking branch 'origin/develop' into ↵David Baker2019-05-134-31/+47
| |\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | dbkr/add_dummy_flow_to_recaptcha_only
| * | | | | | | | And now I realise why the test is failing...David Baker2019-05-131-1/+8
| | | | | | | | |
| * | | | | | | | Update changelogDavid Baker2019-05-101-1/+1
| | | | | | | | |
| * | | | | | | | Re-order flows so that email auth is done lastDavid Baker2019-05-101-4/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It's more natural for the user if the bit that takes them away from the registration flow comes last. Adding the dummy stage allows us to do the stages in this order without the ambiguity.
| * | | | | | | | Thanks, automated grammar pedantry.David Baker2019-05-101-1/+1
| | | | | | | | |
| * | | | | | | | CommentDavid Baker2019-05-101-0/+4
| | | | | | | | |
| * | | | | | | | Add changelog entryDavid Baker2019-05-101-0/+1
| | | | | | | | |
| * | | | | | | | Add a DUMMY stage to captcha-only registration flowDavid Baker2019-05-101-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This allows the client to complete the email last which is more natual for the user. Without this stage, if the client would complete the recaptcha (and terms, if enabled) stages and then the registration request would complete because you've now completed a flow, even if you were intending to complete the flow that's the same except has email auth at the end. Adding a dummy auth stage to the recaptcha-only flow means it's always unambiguous which flow the client was trying to complete. Longer term we should think about changing the protocol so the client explicitly says which flow it's trying to complete. vector-im/riot-web#9586
* | | | | | | | | Make /sync attempt to return device updates for both joined and invited ↵Matthew Hodgson2019-05-162-19/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | users (#3484)
* | | | | | | | | Merge pull request #5187 from ↵David Baker2019-05-162-18/+23
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | matrix-org/dbkr/only_check_threepid_not_in_use_if_actually_registering Only check 3pids not in use when registering
| * | | | | | | | | Make newsfile clearerDavid Baker2019-05-151-1/+1
| | | | | | | | | |
| * | | | | | | | | Have I got newsfile for youDavid Baker2019-05-141-0/+1
| | | | | | | | | |
| * | | | | | | | | Only check 3pids not in use when registeringDavid Baker2019-05-141-18/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We checked that 3pids were not already in use before we checked if we were going to return the account previously registered in the same UI auth session, in which case the 3pids will definitely be in use. https://github.com/vector-im/riot-web/issues/9586
* | | | | | | | | | Make all the rate limiting options more consistent (#5181)Amber Brown2019-05-158-131/+138
| | | | | | | | | |
* | | | | | | | | | Drop support for v2_alpha API prefix (#5190)Richard van der Hoff2019-05-158-26/+21
| | | | | | | | | |
* | | | | | | | | | Merge branch 'master' into developRichard van der Hoff2019-05-153-8/+16
|\ \ \ \ \ \ \ \ \ \ | | |_|_|_|/ / / / / | |/| | | | / / / / | |_|_|_|_|/ / / / |/| | | | | | | |
| * | | | | | | | fix some typos in the changelog v0.99.4 github/release-v0.99.4 release-v0.99.4Richard van der Hoff2019-05-151-5/+4
| | | | | | | | |
| * | | | | | | | 0.99.4Richard van der Hoff2019-05-153-3/+12
| | | | | | | | |
* | | | | | | | | Merge pull request #5183 from matrix-org/erikj/async_serialize_eventErik Johnston2019-05-1513-101/+194
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | Allow client event serialization to be async
| * | | | | | | | | Update docstring with correct return typeErik Johnston2019-05-151-1/+1
| | |_|_|_|_|_|/ / | |/| | | | | | | | | | | | | | | | Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
| * | | | | | | | NewsfileErik Johnston2019-05-142-6/+7
| | | | | | | | |
| * | | | | | | | Allow client event serialization to be asyncErik Johnston2019-05-1412-95/+187
| | |/ / / / / / | |/| | | | | |
* | | | | | | | Merge pull request #5184 from matrix-org/erikj/expose_get_events_as_arrayErik Johnston2019-05-157-30/+55
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | Expose DataStore._get_events as get_events_as_list
| * | | | | | | | Update docstring with correct typeErik Johnston2019-05-151-1/+1
| | |_|_|_|_|/ / | |/| | | | | | | | | | | | | | Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
| * | | | | | | NewsfileErik Johnston2019-05-141-0/+1
| | | | | | | |
| * | | | | | | Expose DataStore._get_events as get_events_as_listErik Johnston2019-05-146-30/+54
| |/ / / / / / | | | | | | | | | | | | | | | | | | | | | This is in preparation for reaction work which requires it.
* | | | | | | Merge pull request #5185 from matrix-org/erikj/fix_config_ratelimitingErik Johnston2019-05-152-1/+3
|\ \ \ \ \ \ \ | | |_|_|_|_|/ | |/| | | | | Use correct config option for ratelimiting in tests
| * | | | | | NewsfileErik Johnston2019-05-141-0/+1
| | | | | | |
| * | | | | | Use correct config option for ratelimiting in testsErik Johnston2019-05-141-1/+2
| |/ / / / /
* / / / / / comment about user_joined_roomRichard van der Hoff2019-05-141-0/+1
|/ / / / /
* | | | | Migrate all tests to use the dict-based config format instead of hanging ↵Amber Brown2019-05-1323-203/+240
| | | | | | | | | | | | | | | | | | | | items off HomeserverConfig (#5171)
* | | | | Add ability to blacklist ip ranges for federation traffic (#5043)Andrew Morgan2019-05-136-14/+168
|/ / / /
* | | / 0.99.4rc1 v0.99.4rc1Brendan Abolivier2019-05-1375-78/+83
| |_|/ |/| |
* | | Merge pull request #5179 from matrix-org/babolivier/isortBrendan Abolivier2019-05-132-1/+1
|\ \ \ | |_|/ |/| | Fix CI after new release of isort
| * | Fix changelogBrendan Abolivier2019-05-131-0/+0
| | |
| * | ChangelogBrendan Abolivier2019-05-131-0/+1
| | |
| * | Fix CI after new release of isortBrendan Abolivier2019-05-131-1/+0
|/ /
* | Merge branch 'master' into developRichard van der Hoff2019-05-100-0/+0
|\ \
| * | fix sample configRichard van der Hoff2019-05-101-1/+1
| | |
* | | URL preview blacklisting fixes (#5155)Andrew Morgan2019-05-104-31/+47
| |/ |/| | | Prevents a SynapseError being raised inside of a IResolutionReceiver and instead opts to just return 0 results. This thus means that we have to lump a failed lookup and a blacklisted lookup together with the same error message, but the substitute should be generic enough to cover both cases.
* | Revert 085ae346ace418e0fc043ac5f568f85ebf80038eDavid Baker2019-05-101-1/+1
| | | | | | | | Accidentally went straight to develop
* | Add a DUMMY stage to captcha-only registration flowDavid Baker2019-05-101-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This allows the client to complete the email last which is more natual for the user. Without this stage, if the client would complete the recaptcha (and terms, if enabled) stages and then the registration request would complete because you've now completed a flow, even if you were intending to complete the flow that's the same except has email auth at the end. Adding a dummy auth stage to the recaptcha-only flow means it's always unambiguous which flow the client was trying to complete. Longer term we should think about changing the protocol so the client explicitly says which flow it's trying to complete. https://github.com/vector-im/riot-web/issues/9586
* | Make Prometheus snippet less confusing on the metrics collection doc (#4288)Gergely Polonkai2019-05-101-1/+4
| | | | | | Signed-off-by: Gergely Polonkai <gergely@polonkai.eu>
* | Set syslog identifiers in systemd units (#5023)Christoph Müller2019-05-106-1/+14
| |
* | Run Black on the tests again (#5170)Amber Brown2019-05-1054-1169/+829
| |
* | Add AllowEncodedSlashes to apache (#5068)colonelkrud2019-05-091-0/+2
| | | | | | | | | | | | | | | | * Add AllowEncodedSlashes to apache Add `AllowEncodedSlashes On` to apache config to support encoding for v3 rooms. "The AllowEncodedSlashes setting is not inherited by virtual hosts, and virtual hosts are used in many default Apache configurations, such as the one in Ubuntu. The workaround is to add the AllowEncodedSlashes setting inside a <VirtualHost> container (/etc/apache2/sites-available/default in Ubuntu)." Source: https://stackoverflow.com/questions/4390436/need-to-allow-encoded-slashes-on-apache * change allowencodedslashes to nodecode
* | Merge remote-tracking branch 'origin/master' into developRichard van der Hoff2019-05-091-16/+5
|\|
| * remove instructions for jessie installation (#5164)Richard van der Hoff2019-05-091-16/+5
| | | | | | We don't ship jessie packages, so these were a bit misleading.
* | Run `black` on per_destination_queueRichard van der Hoff2019-05-091-35/+39
| | | | | | | | ... mostly to fix pep8 fails
* | Limit the number of EDUs in transactions to 100 as expected by receiver (#5138)Quentin Dufour2019-05-093-27/+32
| | | | | | Fixes #3951.
* | Fix bogus imports in tests (#5154)Brendan Abolivier2019-05-084-5/+7
| |
* | add options to require an access_token to GET /profile and /publicRooms on ↵Matthew Hodgson2019-05-089-13/+252
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | CS API (#5083) This commit adds two config options: * `restrict_public_rooms_to_local_users` Requires auth to fetch the public rooms directory through the CS API and disables fetching it through the federation API. * `require_auth_for_profile_requests` When set to `true`, requires that requests to `/profile` over the CS API are authenticated, and only returns the user's profile if the requester shares a room with the profile's owner, as per MSC1301. MSC1301 also specifies a behaviour for federation (only returning the profile if the server asking for it shares a room with the profile's owner), but that's currently really non-trivial to do in a not too expensive way. Next step is writing down a MSC that allows a HS to specify which user sent the profile query. In this implementation, Synapse won't send a profile query over federation if it doesn't believe it already shares a room with the profile's owner, though. Groups have been intentionally omitted from this commit.
* | Merge pull request #5037 from matrix-org/erikj/limit_inflight_dnsErik Johnston2019-05-082-1/+83
|\ \ | | | | | | Limit in flight DNS requests
| * | NewsfileErik Johnston2019-04-091-0/+1
| | |
| * | Limit in flight DNS requestsErik Johnston2019-04-091-1/+82
| | | | | | | | | | | | | | | | | | | | | This is to work around a bug in twisted where a large number of concurrent DNS requests cause it to tight loop forever. c.f. https://twistedmatrix.com/trac/ticket/9620#ticket
* | | Do checks on aliases for incoming m.room.aliases events (#5128)Brendan Abolivier2019-05-087-8/+225
| | | | | | | | | | | | | | | Follow-up to #5124 Also added a bunch of checks to make sure everything (both the stuff added on #5124 and this PR) works as intended.
* | | Merge pull request #5104 from matrix-org/erikj/ratelimit_3pid_inviteErik Johnston2019-05-072-0/+12
|\ \ \ | | | | | | | | Ratelimit 3pid invites
| * | | Rate limit earlyErik Johnston2019-05-021-2/+3
| | | |
| * | | Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2019-04-26108-6218/+1842
| |\ \ \ | | | | | | | | | | | | | | | erikj/ratelimit_3pid_invite
| * | | | NewsfileErik Johnston2019-04-261-0/+1
| | | | |
| * | | | Ratelimit 3pid invitesErik Johnston2019-04-261-0/+10
| | | | | | | | | | | | | | | | | | | | | | | | | We do ratelimit sending the 3PID invite events, but that happens after spamming the identity server.
* | | | | Remove the requirement to authenticate for /admin/server_version. (#5122)Richard van der Hoff2019-05-075-38/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This endpoint isn't much use for its intended purpose if you first need to get yourself an admin's auth token. I've restricted it to the `/_synapse/admin` path to make it a bit easier to lock down for those concerned about exposing this information. I don't imagine anyone is using it in anger currently.
* | | | | Fix spelling in server notices admin API docs (#5142)Travis Ralston2019-05-062-1/+2
| | | | |
* | | | | Fix sample configRichard van der Hoff2019-05-061-1/+1
| | | | | | | | | | | | | | | | | | | | ... after it got broken in 1565ebec2c.
* | | | | Merge branch 'master' into developRichard van der Hoff2019-05-039-19/+84
|\ \ \ \ \ | | |_|_|/ | |/| | |
| * | | | Merge tag 'v0.99.3.2'Richard van der Hoff2019-05-039-19/+84
| |\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 0.99.3.2 (2019-05-03) ============================= Internal Changes ---------------- - Ensure that we have `urllib3` <1.25, to resolve incompatibility with `requests`. ([\#5135](https://github.com/matrix-org/synapse/issues/5135))
| | * | | | 0.99.3.2 v0.99.3.2 github/release-v0.99.3.2 release-v0.99.3.2Richard van der Hoff2019-05-034-2/+16
| | | | | |
| | * | | | include disco in deb build target listRichard van der Hoff2019-05-031-0/+1
| | | | | |
| | * | | | Merge pull request #5135 from matrix-org/rav/build_fixesRichard van der Hoff2019-05-033-1/+11
| | |\ \ \ \ | | | | | | | | | | | | | | Build fixes
| | | * | | | changelogRichard van der Hoff2019-05-031-0/+1
| | | | | | |
| | | * | | | Debian: we now need libpq-dev.Richard van der Hoff2019-05-031-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | psycopg 2.8 is now out, which means that the C library gets built from source, so we now need libpq-dev when building. Turns out the need for this package is already documented in docs/postgres.rst.
| | | * | | | pin urllib3 to <1.25Richard van der Hoff2019-05-031-0/+8
| | |/ / / /
| | * | | | changelog tweaks v0.99.3.1 github/release-v0.99.3.1 release-v0.99.3.1Richard van der Hoff2019-05-031-2/+4
| | | | | |
| | * | | | 0.99.3.1Richard van der Hoff2019-05-035-3/+16
| | | | | |
| | * | | | Merge pull request #5134 from matrix-org/rav/url_preview_blacklistRichard van der Hoff2019-05-033-15/+34
| | |\ \ \ \ | | | | | | | | | | | | | | Blacklist 0.0.0.0 and :: by default for URL previews
| | | * | | | more config comment updatesRichard van der Hoff2019-05-032-4/+10
| | | | | | |
| | | * | | | Blacklist 0.0.0.0 and :: by default for URL previewsRichard van der Hoff2019-05-033-15/+28
| | | | | | |
| | * | | | | Merge pull request #5133 from matrix-org/rav/systemrandomRichard van der Hoff2019-05-032-2/+8
| | |\ \ \ \ \ | | | |/ / / / | | |/| | | | Use SystemRandom for token generation.
| | | * | | | typoNeil Johnson2019-05-031-1/+1
| | | | | | |
| | | * | | | Use SystemRandom for token generationRichard van der Hoff2019-05-032-2/+8
| | | | | | |
* | | | | | | Add admin api for sending server_notices (#5121)Richard van der Hoff2019-05-0221-42/+196
| | | | | | |
* | | | | | | Merge pull request #5124 from matrix-org/babolivier/aliasesBrendan Abolivier2019-05-025-2/+40
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Add some limitations to alias creation
| * | | | | | | Add some limitations to alias creationBrendan Abolivier2019-05-025-2/+40
| | | | | | | |
* | | | | | | | Factor out an "assert_requester_is_admin" function (#5120)Richard van der Hoff2019-05-024-76/+81
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Rather than copying-and-pasting the same four lines hundreds of times
* | | | | | | | Merge pull request #5119 from matrix-org/rav/admin_api_urlsRichard van der Hoff2019-05-0230-114/+180
|\ \ \ \ \ \ \ \ | |/ / / / / / / |/| | | | | | | Move the admin API to `/_synapse/admin/v1`
| * | | | | | | fix examplesRichard van der Hoff2019-05-011-4/+4
| | | | | | | |
| * | | | | | | Fix sample configRichard van der Hoff2019-05-011-2/+2
| | | | | | | |
| * | | | | | | changelogRichard van der Hoff2019-05-011-0/+1
| | | | | | | |
| * | | | | | | Move admin api impl to its own packageRichard van der Hoff2019-05-0119-42/+67
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It doesn't really belong under rest/client/v1 any more.
| * | | | | | | Move admin API to a new prefixRichard van der Hoff2019-05-0112-36/+76
| | | | | | | |
| * | | | | | | Move admin API away from ClientV1RestServletRichard van der Hoff2019-05-011-33/+33
|/ / / / / / /
* | | | | | | Merge pull request #5116 from matrix-org/babolivier/account_expirationBrendan Abolivier2019-05-012-1/+2
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Fix path in account validity admin route's doc
| * | | | | | | Rename changelog fileBrendan Abolivier2019-05-011-0/+0
| | | | | | | |
| * | | | | | | Add changelogBrendan Abolivier2019-05-011-0/+1
| | | | | | | |
| * | | | | | | Fix whole path for admin routeBrendan Abolivier2019-05-011-1/+1
| | | | | | | |
| * | | | | | | Fix typo in account validity admin routeBrendan Abolivier2019-05-011-1/+1
| | | | | | | |
* | | | | | | | Add a default .m.rule.tombstone push rule (#4867)Travis Ralston2019-04-292-0/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add a default .m.rule.tombstone push rule In support of MSC1930: https://github.com/matrix-org/matrix-doc/pull/1930 * changelog * Appease the changelog linter
* | | | | | | | Merge pull request #5100 from matrix-org/rav/verification_hackeryRichard van der Hoff2019-04-293-18/+55
|\ \ \ \ \ \ \ \ | |_|_|_|_|_|/ / |/| | | | | | | Improve logging when event-signature checking fails
| * | | | | | | changelogRichard van der Hoff2019-04-251-0/+1
| | | | | | | |
| * | | | | | | more logging improvementsRichard van der Hoff2019-04-251-8/+11
| | | | | | | |
| * | | | | | | remove extraneous exception loggingRichard van der Hoff2019-04-252-18/+34
| | | | | | | |
| * | | | | | | Clarify logging when PDU signature checking failsRichard van der Hoff2019-04-252-3/+20
| | | | | | | |
* | | | | | | | Merge pull request #5103 from matrix-org/rav/fix_notif_loopRichard van der Hoff2019-04-263-0/+24
|\ \ \ \ \ \ \ \ | |/ / / / / / / |/| | | | | | | Fix infinite loop in presence handler
| * | | | | | | Fix infinite loop in presence handlerRichard van der Hoff2019-04-263-0/+24
|/ / / / / / / | | | | | | | | | | | | | | | | | | | | | Fixes #5102
* | | | | | | Merge remote-tracking branch 'origin/master' into developRichard van der Hoff2019-04-251-0/+2
|\ \ \ \ \ \ \ | | |/ / / / / | |/| | | | |
| * | | | | | add gpg key fingerprintRichard van der Hoff2019-04-221-0/+2
| | | | | | |
* | | | | | | Merge pull request #5098 from matrix-org/rav/fix_pep_517Richard van der Hoff2019-04-253-2/+8
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Workarounds for pep-517 errors
| * | | | | | | ChangelogRichard van der Hoff2019-04-251-0/+1
| | | | | | | |
| * | | | | | | Add --no-pep-517 to README instructionsRichard van der Hoff2019-04-251-2/+2
| | | | | | | |
| * | | | | | | set PIP_USE_PEP517 = False for testsRichard van der Hoff2019-04-251-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | pip 19.1 otherwise complains about "editable mode is not supported for pyproject.toml-style projects"
* | | | | | | | Fix handling of SYNAPSE_NO_TLS in docker image (#5005)*=0=1=4=*2019-04-253-2/+16
|/ / / / / / /
* | | | | | | Config option for verifying federation certificates (MSC 1711) (#4967)Andrew Morgan2019-04-258-17/+158
| | | | | | |
* | | | | | | Remove log error for .well-known/matrix/client (#4972)Michael Kaye2019-04-242-1/+2
| | | | | | |
* | | | | | | Prevent "producer not unregistered" message (#5009)Amber Brown2019-04-242-0/+5
| | | | | | |
* | | | | | | Merge pull request #5077 from matrix-org/babolivier/account_expirationBrendan Abolivier2019-04-182-2/+7
|\ \ \ \ \ \ \ | | |/ / / / / | |/| | | | | Don't crash on lack of expiry templates
| * | | | | | Don't crash on lack of expiry templatesBrendan Abolivier2019-04-182-2/+7
| | | | | | |
* | | | | | | Merge remote-tracking branch 'origin/master' into developRichard van der Hoff2019-04-171-4/+24
|\ \ \ \ \ \ \ | | |/ / / / / | |/| | | | |
| * | | | | | Update debian install docs for new key and repo (#5074)Richard van der Hoff2019-04-171-5/+25
| | |/ / / / | |/| | | |
* | | | | | Merge pull request #5073 from matrix-org/babolivier/account_expirationBrendan Abolivier2019-04-178-26/+246
|\ \ \ \ \ \ | | |/ / / / | |/| | | | Add some endpoints for account validity management
| * | | | | Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2019-04-17216-10038/+5057
| |\ \ \ \ \ | |/ / / / / |/| | | | | | | | | | | babolivier/account_expiration
* | | | | | Merge pull request #5047 from matrix-org/babolivier/account_expirationBrendan Abolivier2019-04-1717-43/+699
|\ \ \ \ \ \ | | | | | | | | | | | | | | Send out emails with links to extend an account's validity period
* \ \ \ \ \ \ Merge pull request #5071 from matrix-org/babolivier/3pid-checkBrendan Abolivier2019-04-172-0/+19
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Make sure we're not registering the same 3pid twice
| * | | | | | | Make sure we're not registering the same 3pid twiceBrendan Abolivier2019-04-172-0/+19
| | |_|/ / / / | |/| | | | |
* | | | | | | Merge pull request #5070 from matrix-org/erikj/postpathErik Johnston2019-04-172-8/+9
|\ \ \ \ \ \ \ | | |_|_|_|/ / | |/| | | | | Remove usage of request.postpath
| * | | | | | NewsfileErik Johnston2019-04-161-0/+1
| | | | | | |
| * | | | | | Remove usage of request.postpathErik Johnston2019-04-161-8/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is an undocumented variable in twisted, and relies on the servlet being mounted in the right way. This also breaks getting push rules on workers.
* | | | | | | Merge pull request #5065 from matrix-org/erikj/fix_versionsErik Johnston2019-04-162-1/+2
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | VersionRestServlet doesn't take a param
| * | | | | | | NewsfileErik Johnston2019-04-151-0/+1
| | | | | | | |
| * | | | | | | VersionRestServlet doesn't take a paramErik Johnston2019-04-151-1/+1
| | | | | | | |
* | | | | | | | Use packages.matrix.org for packages (#5067)Travis Ralston2019-04-162-3/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Use packages.matrix.org for packages See https://github.com/vector-im/riot-web/issues/9497 (applies to more than just Olm) * changelog
* | | | | | | | Add systemd-python to optional dependencies (#4339)Silke Hofstra2019-04-164-10/+13
|/ / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Using systemd-python allows for logging to the systemd journal, as is documented in: `synapse/contrib/systemd/log_config.yaml`. Signed-off-by: Silke Hofstra <silke@slxh.eu>
* | | | | | | Merge pull request #5063 from matrix-org/erikj/move_endpointsErik Johnston2019-04-154-4/+21
|\| | | | | | | | | | | | | | | | | | | | Move some rest endpoints to client reader
| * | | | | | Only handle GET requests for /push_rulesErik Johnston2019-04-152-0/+10
| | | | | | |
| * | | | | | NewsfileErik Johnston2019-04-151-0/+1
| | | | | | |
| * | | | | | Move some rest endpoints to client readerErik Johnston2019-04-152-4/+10
| | | | | | |
* | | | | | | update grafana dashboardRichard van der Hoff2019-04-131-5211/+1
| | | | | | |
* | | | | | | Remove periods from copyright headers (#5046)Andrew Morgan2019-04-1112-11/+12
| | | | | | |
* | | | | | | Merge pull request #5033 from matrix-org/erikj/fix_schema_deltaErik Johnston2019-04-102-1/+4
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Fix schema upgrade when dropping tables
| * | | | | | | NewsfileErik Johnston2019-04-091-0/+1
| | | | | | | |
| * | | | | | | Fix schema upgrade when dropping tablesErik Johnston2019-04-091-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We need to drop tables in the correct order due to foreign table constraints (on `application_services`), otherwise the DROP TABLE command will fail. Introduced in #4992.
* | | | | | | | Fix disappearing exceptions in manhole. (#5035)Richard van der Hoff2019-04-102-2/+58
| |_|_|_|_|_|/ |/| | | | | | | | | | | | | Avoid sending syntax errors from the manhole to sentry.
* | | | | | | Merge pull request #5027 from matrix-org/babolivier/account_expirationBrendan Abolivier2019-04-099-3/+143
|\ \ \ \ \ \ \ | |/ / / / / / |/| | | | | | Add time-based account expiration
* | | | | | | Merge pull request #5030 from matrix-org/rav/rewrite_g_s_v_kRichard van der Hoff2019-04-095-91/+136
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Rewrite Datastore.get_server_verify_keys
| * | | | | | | changelogRichard van der Hoff2019-04-091-0/+1
| | | | | | | |
| * | | | | | | Rewrite Datastore.get_server_verify_keysRichard van der Hoff2019-04-093-52/+113
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Rewrite this so that it doesn't hammer the database.
| * | | | | | | Rewrite test_keys as a HomeserverTestCaseRichard van der Hoff2019-04-081-19/+15
| | | | | | | |
| * | | | | | | Replace SlavedKeyStore with a shimRichard van der Hoff2019-04-081-14/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | since we're pulling everything out of KeyStore anyway, we may as well simplify it.
| * | | | | | | Remove redundant merged_keys dictRichard van der Hoff2019-04-081-8/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There's no point in collecting a merged dict of keys: it is sufficient to consider just the new keys which have been fetched by the most recent key_fetch_fns.
* | | | | | | | Bump psycopg requirement (#5032)Richard van der Hoff2019-04-092-1/+4
|/ / / / / / /
* | | | | | | Remove unused server_tls_certificates functions (#5028)Richard van der Hoff2019-04-086-63/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | These have been unused since #4120, and with the demise of perspectives, it is unlikely that they will ever be used again.
* | | | | | | add context to phonehome stats (#5020)Neil Johnson2019-04-084-1/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | add context to phonehome stats
* | | | | | | Merge pull request #5024 from matrix-org/rav/record_correct_server_in_serverkeysRichard van der Hoff2019-04-083-1/+3
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Fix from_server buglet in get_keys_from_perspectives
| * | | | | | | Fix from_server buglet in get_keys_from_perspectivesRichard van der Hoff2019-04-083-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | make sure we store the name of the server the keys came from, rather than the origin server, after doing a fetch-from-perspectives.
* | | | | | | | drop tables listed in #1830 (#4992)Neil Johnson2019-04-0826-757/+43
|/ / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Tables dropped: * application_services, * application_services_regex, * transaction_id_to_pdu, * stats_reporting * current_state_resets * event_content_hashes * event_destinations * event_edge_hashes * event_signatures * feedback * room_hosts * state_forward_extremities
* | | | | | | Merge pull request #5001 from matrix-org/rav/keyring_cleanupsRichard van der Hoff2019-04-084-33/+181
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Cleanups in the Keyring
| * | | | | | | changelogRichard van der Hoff2019-04-041-0/+1
| | | | | | | |
| * | | | | | | Hoist server_name check out of process_v2_responseRichard van der Hoff2019-04-041-13/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It's easier to check it in the caller than to complicate the interface with an extra param.
| * | | | | | | Clean up Keyring.process_v2_responseRichard van der Hoff2019-04-041-23/+46
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make this just return the key dict, rather than a single-entry dict mapping the server name to the key dict. It's easy for the caller to get the server name from from the response object anyway.
| * | | | | | | test for get_keys_from_perspectivesRichard van der Hoff2019-04-041-0/+67
| | | | | | | |
| * | | | | | | add a test for get_keys_from_serverRichard van der Hoff2019-04-041-0/+63
| | | | | | | |
| * | | | | | | Fix docstring on get_server_keys_jsonRichard van der Hoff2019-04-041-2/+2
| | | | | | | |