summary refs log tree commit diff
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #5932 from ↵ dinsic_2019-08-30 github/dinsic dinsicBrendan Abolivier2019-08-293-4/+7
|\ | | | | | | | | matrix-org/babolivier/account_validity_template_encode Fix encoding for account validity HTML files on Python 2
| * Bump requirement for six to 1.12Brendan Abolivier2019-08-291-1/+1
| |
| * Fix encoding for account validity HTML files on Python 2Brendan Abolivier2019-08-292-3/+6
|/
* Merge pull request #5815 from matrix-org/babolivier/dinsic-message-retention dinsic_2019-08-29Brendan Abolivier2019-08-2813-7/+1072
|\ | | | | Message retention policies at the room and server levels
| * Merge branch 'dinsic' into babolivier/dinsic-message-retentionBrendan Abolivier2019-08-2814-44/+344
| |\ | |/ |/|
* | Merge pull request #5812 from matrix-org/babolivier/account-validity-messages dinsic_2019-08-12Michael Kaye2019-08-128-9/+117
|\ \ | | | | | | Account validity: allow defining HTML templates to serve the user on account renewal attempt
| * | LintBrendan Abolivier2019-08-013-14/+9
| | |
| * | Sample configBrendan Abolivier2019-08-011-0/+10
| | |
| * | ChangelogBrendan Abolivier2019-08-011-0/+1
| | |
| * | Add testsBrendan Abolivier2019-08-011-0/+37
| | |
| * | Allow defining HTML templates to serve the user on account renewalBrendan Abolivier2019-08-015-9/+74
| | |
* | | Merge pull request #5781 from matrix-org/baboliver/loopingcall-args dinsic_2019-08-08Michael Kaye2019-08-082-2/+5
|\ \ \ | | | | | | | | Add ability to pass arguments to looping calls
| * | | ChangelogBrendan Abolivier2019-07-291-0/+1
| | | |
| * | | Add kwargs and docBrendan Abolivier2019-07-291-2/+4
| | | |
| * | | Add ability to pass arguments to looping callsBrendan Abolivier2019-07-291-2/+2
| | | |
* | | | Merge pull request #5760 from ↵Michael Kaye2019-08-083-16/+190
|\ \ \ \ | |_|/ / |/| | | | | | | | | | | matrix-org/babolivier/access-rules-public-restricted Force the access rule to be "restricted" if the join rule is "public"
| * | | Explain rationaleBrendan Abolivier2019-08-011-0/+4
| | | |
| * | | Incorporate reviewBrendan Abolivier2019-07-301-15/+13
| | | |
| * | | Fix changelogBrendan Abolivier2019-07-251-1/+1
| | | |
| * | | ChangelogBrendan Abolivier2019-07-251-0/+1
| | | |
| * | | Merge ifsBrendan Abolivier2019-07-251-5/+4
| | | |
| * | | DocBrendan Abolivier2019-07-251-2/+14
| | | |
| * | | Fix status code for forbidden eventsBrendan Abolivier2019-07-251-6/+6
| | | |
| * | | Only check the join rule on room creation if an access rule is also providedBrendan Abolivier2019-07-251-12/+12
| | | |
| * | | Turns out the default preset is public_chatBrendan Abolivier2019-07-241-5/+3
| | | |
| * | | Implement restrictions on new eventsBrendan Abolivier2019-07-241-1/+40
| | | |
| * | | Implement restriction on public room creationBrendan Abolivier2019-07-241-11/+30
| | | |
| * | | Add test caseBrendan Abolivier2019-07-241-2/+106
| |/ /
* | | Check room ID and type of redacted event (#5784) dinsic_2019-07-31Brendan Abolivier2019-07-311-17/+32
|\ \ \ | |/ / |/| | Check room ID and type of redacted event
| * | Ignore redactions of redactions in get_events_as_listBrendan Abolivier2019-07-311-4/+1
| | |
| * | Ignore invalid redactions in _get_event_from_rowBrendan Abolivier2019-07-311-0/+5
| | |
| * | Should now work, unless we can't find the redaction event which happens for ↵Brendan Abolivier2019-07-301-18/+18
| | | | | | | | | | | | some reason (need to investigate)
| * | Don't make the checks depend on recheck_redactionBrendan Abolivier2019-07-301-20/+23
| | |
| * | Do checks soonerBrendan Abolivier2019-07-291-21/+19
| | |
| * | Check room ID and type of redacted eventBrendan Abolivier2019-07-291-10/+22
|/ /
| * Implement per-room message retention policiesBrendan Abolivier2019-08-2813-7/+1072
|/
* Merge pull request #5702 from matrix-org/babolivier/3pid-invite dinsic_2019-07-18Brendan Abolivier2019-07-182-1/+5
|\ | | | | Fix check of the association between a 3PID invite and the subsequent m.room.member event in the 3rd party rules
| * Fix changelogBrendan Abolivier2019-07-171-1/+1
| |
| * Merge branch 'dinsic' into babolivier/3pid-inviteBrendan Abolivier2019-07-175-152/+59
| |\ | |/ |/|
* | Merge pull request #5646 from matrix-org/babolivier/profile-allow-self dinsic_2019-07-09Brendan Abolivier2019-07-095-152/+59
|\ \ | | | | | | Port #5644 to dinsic
| * | make the base branch dinsic for dinsic dinsic_2019-06-27_1Amber H. Brown2019-07-091-4/+5
| | |
| * | cut down circleci config to just what dinsic needsAmber H. Brown2019-07-091-148/+2
| | |
| * | LintBrendan Abolivier2019-07-091-2/+2
| | |
| * | Add test caseBrendan Abolivier2019-07-091-0/+47
| | |
| * | ChangelogBrendan Abolivier2019-07-091-0/+1
| | |
| * | Allow newly-registered users to lookup their own profilesBrendan Abolivier2019-07-091-0/+4
| | | | | | | | | | | | When a user creates an account and the 'require_auth_for_profile_requests' config flag is set, and a client that performed the registration wants to lookup the newly-created profile, the request will be denied because the user doesn't share a room with themselves yet.
| | * ChangelogBrendan Abolivier2019-07-171-0/+1
| | |
| | * There's no third_party_signed property in an invite's contentBrendan Abolivier2019-07-171-6/+3
| | |
| | * Fix check of the association between a 3PID invite and the subsequent ↵Brendan Abolivier2019-07-171-1/+7
| |/ |/| | | | | m.room.member event in the 3rd party rules
* | Merge pull request #5610 from matrix-org/babolivier/power-levels dinsic_2019-07-04Brendan Abolivier2019-07-043-38/+173
|\ \ | | | | | | Implement new restrictions on power levels
| * \ Merge branch 'babolivier/power-levels' of github.com:matrix-org/synapse into ↵Brendan Abolivier2019-07-031-0/+1
| |\ \ | | | | | | | | | | | | babolivier/power-levels
| | * | Update synapse/third_party_rules/access_rules.pyBrendan Abolivier2019-07-031-0/+1
| | | | | | | | | | | | Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
| * | | Incorporate reviewBrendan Abolivier2019-07-031-6/+10
| |/ /
| * | Incorporate reviewBrendan Abolivier2019-07-031-8/+12
| | |
| * | ChangelogBrendan Abolivier2019-07-031-0/+1
| | |
| * | Change the rule for applying PL restrictionsBrendan Abolivier2019-07-031-3/+7
| | |
| * | Add testsBrendan Abolivier2019-07-031-4/+52
| | |
| * | Default return value for events we're not interested inBrendan Abolivier2019-07-031-0/+2
| | |
| * | Refactor part of the access rules moduleBrendan Abolivier2019-07-031-33/+47
| | | | | | | | | | | | Since we're not processing only membership events and 3PID invites anymore, it's nice to know which function is supposed to process what.
| * | Implement restrictions for power levelsBrendan Abolivier2019-07-031-0/+57
| | |
* | | Merge pull request #5577 from matrix-org/babolivier/3pid-invite-ratelimit dinsic_2019-06-28Brendan Abolivier2019-06-282-0/+2
|\ \ \ | |/ / |/| | Port #5576 to dinsic
| * | Only ratelimit when sending the emailBrendan Abolivier2019-06-281-1/+2
| | | | | | | | | | | | If we do the opposite, an event can arrive after or while sending the email and the 3PID invite event will get ratelimited.
| * | ChangelogBrendan Abolivier2019-06-281-0/+1
| | |
| * | Don't update the ratelimiter before sending a 3PID inviteBrendan Abolivier2019-06-281-1/+1
|/ / | | | | | | This would cause emails being sent, but Synapse responding with a 429 when creating the event. The client would then retry, and with bad timing the same scenario would happen again. Some testing I did ended up sending me 10 emails for one single invite because of this.
* / Add test case for #5574Brendan Abolivier2019-06-281-0/+108
|/ | | | There's no test that makes sure #5574 didn't break things or works correctly (my bad), so this PR adds a test case that makes sure of it.
* Merge pull request #5574 from matrix-org/babolivier/fix-3pid-bind dinsic_2019-06-27Brendan Abolivier2019-06-271-3/+8
|\ | | | | Fix new 3PID bindings being associated with rewritten IS's server names instead of the original one
| * Fix new 3PID bindings being associated with rewritten IS's server names ↵Brendan Abolivier2019-06-271-3/+8
| | | | | | | | | | | | instead of the original one This would make unbind requests fail because Synapse is using the server name it has in DB as destination_is to generate signature, and Sydent uses its own server name there when verifying it, so if a mismatch happens, which is the case if the name gets rewritten for routing purposes, the unbind requests fail on the signature verification.
* | Merge pull request #5542 from matrix-org/babolivier/federation-publicrooms dinsic_2019-06-24Brendan Abolivier2019-06-246-20/+49
|\ \ | | | | | | Port "Split public rooms directory auth config in two" to dinsic
| * | Split public rooms directory auth config in twoBrendan Abolivier2019-06-246-20/+49
|/ /
* | Merge pull request #5495 from matrix-org/babolivier/deactivate_bg_job_typo dinsic_2019-06-19Brendan Abolivier2019-06-192-1/+2
|\ \ | | | | | | Port "Fix typo in deactivation background job" to dinsic
| * | Fix typo in deactivation background jobBrendan Abolivier2019-06-192-1/+2
| | |
* | | Merge pull request #5484 from matrix-org/babolivier/dinsic_access_rulesBrendan Abolivier2019-06-193-0/+812
|\ \ \ | |/ / |/| | Implement custom access rules
| * | Add tests for constraints on changing the rule for a roomBrendan Abolivier2019-06-181-0/+60
| | |
| * | Add tests for 3PID invitesBrendan Abolivier2019-06-181-12/+146
| | |
| * | Don't process 3PIDs in _apply_restrictedBrendan Abolivier2019-06-181-1/+3
| | |
| * | Remove unused importBrendan Abolivier2019-06-181-1/+0
| | |
| * | Add tests for inviting with access rulesBrendan Abolivier2019-06-181-2/+102
| | |
| * | LintBrendan Abolivier2019-06-181-1/+0
| | |
| * | Remove unused importsBrendan Abolivier2019-06-181-3/+0
| | |
| * | LintBrendan Abolivier2019-06-181-1/+1
| | |
| * | Add tests for room creation hookBrendan Abolivier2019-06-181-0/+136
| | |
| * | Incorporate reviewBrendan Abolivier2019-06-181-78/+69
| | |
| * | FixesBrendan Abolivier2019-06-181-0/+5
| | |
| * | DocstringsBrendan Abolivier2019-06-171-27/+154
| | |
| * | Rename into RoomAccessRulesBrendan Abolivier2019-06-172-1/+1
| | |
| * | Fix function callBrendan Abolivier2019-06-171-1/+1
| | |
| * | Implement rules changeBrendan Abolivier2019-06-171-1/+40
| | |
| * | Improve docBrendan Abolivier2019-06-171-3/+8
| | |
| * | Implement 3PID invite hookBrendan Abolivier2019-06-171-7/+49
| | |
| * | Implement restricted rules and room creation hookBrendan Abolivier2019-06-171-11/+43
| | |
| * | Implement rules for directBrendan Abolivier2019-06-171-12/+100
| | |
| * | BackboneBrendan Abolivier2019-06-171-0/+11
| | |
| * | BaseBrendan Abolivier2019-06-172-0/+45
|/ /
* | Merge pull request #5481 from matrix-org/babolivier/third_party_rules_3pidBrendan Abolivier2019-06-173-1/+43
|\ \ | | | | | | Port "Add third party rules hook for 3PID invites" to dinsic
| * | Make check_threepid_can_be_invited asyncBrendan Abolivier2019-06-171-0/+1
| | |
| * | ChangelogBrendan Abolivier2019-06-171-0/+1
| | |
| * | Add third party rules hook for 3PID invitesBrendan Abolivier2019-06-172-1/+41
| | |
* | | Merge pull request #5474 from matrix-org/erikj/add_create_room_hookErik Johnston2019-06-173-6/+38
|\ \ \ | | | | | | | | Add third party rules hook into create room
| * | | NewsfileErik Johnston2019-06-171-0/+1
| |/ /
| * / Add third party rules hook into create roomErik Johnston2019-06-172-6/+37
|/ /
* | Merge pull request #5471 from matrix-org/erikj/3pid_remote_invite_stateBrendan Abolivier2019-06-173-7/+2
|\ \ | | | | | | Port "Fix 3PID invite room state over federation" to dinsic
| * | NewsfileErik Johnston2019-06-141-0/+1
| | |
| * | Fix 3PID invite room state over federation.Erik Johnston2019-06-141-6/+0
| | | | | | | | | | | | | | | | | | | | | Fixes that when a user exchanges a 3PID invite for a proper invite over federation it does not include the `invite_room_state` key. This was due to synapse incorrectly sending out two invite requests.
| * | Change to absolute path for contrib/dockerNeil Johnson2019-06-131-1/+1
| | | | | | | | | because this file is reproduced on dockerhub and relative paths don't work
* | | Merge branch 'babolivier/third_party_event_rules' into dinsicBrendan Abolivier2019-06-149-4/+282
|\ \ \
| * | | Add plugin APIs for implementations of custom event rules.Brendan Abolivier2019-06-149-4/+284
| | | |
* | | | Merge pull request #5466 from matrix-org/babolivier/fix_deactivation_bg_jobBrendan Abolivier2019-06-142-2/+6
|\ \ \ \ | | | | | | | | | | Port "Fix background job for deactivated flag" to dinsic
| * | | | Fix changelogBrendan Abolivier2019-06-142-1/+2
| | | | |
| * | | | ChangelogBrendan Abolivier2019-06-141-0/+1
| | | | |
| * | | | Fix background job for deactivated flagBrendan Abolivier2019-06-141-2/+4
| | | | |
* | | | | Merge pull request #5463 from ↵Brendan Abolivier2019-06-146-27/+69
|\| | | | | | | | | | | | | | | | | | | | | | | | matrix-org/babolivier/account_validity_deactivated_accounts_2 Port "Don't send renewal emails to deactivated users" to dinsic
| * | | | Fix testBrendan Abolivier2019-06-141-1/+2
| | | | |
| * | | | Don't send renewal emails to deactivated usersBrendan Abolivier2019-06-146-27/+68
|/ / / /
* | | | Track deactivated accounts in the database (#5378)Brendan Abolivier2019-06-145-0/+183
| | | |
* | | | Merge pull request #5420 from matrix-org/babolivier/userdir_hide_usersBrendan Abolivier2019-06-145-0/+78
|\ \ \ \ | | | | | | | | | | Add configuration option to hide new users from the user directory
| * \ \ \ Merge branch 'dinsic' into babolivier/userdir_hide_usersBrendan Abolivier2019-06-141-0/+1
| |\ \ \ \ | |/ / / / |/| | | |
* | | | | Make index uniqueBrendan Abolivier2019-06-141-0/+1
| | | | |
* | | | | Merge pull request #5416 from matrix-org/babolivier/fix_profile_replicationBrendan Abolivier2019-06-135-3/+32
|\ \ \ \ \ | | | | | | | | | | | | Add unique index to the profile_replication_status table.
| | * \ \ \ Merge branch 'babolivier/fix_profile_replication' into ↵Brendan Abolivier2019-06-132-2/+15
| | |\ \ \ \ | | |/ / / / | |/| | | | | | | | | | babolivier/userdir_hide_users
| * | | | | LintBrendan Abolivier2019-06-131-1/+1
| | | | | |
| * | | | | Fix snafuBrendan Abolivier2019-06-131-2/+3
| | | | | |
| * | | | | Create the index in a background updateBrendan Abolivier2019-06-132-3/+15
| | | | | |
| * | | | | Fix bogus changelogBrendan Abolivier2019-06-121-1/+1
| | | | | |
| * | | | | LintBrendan Abolivier2019-06-121-1/+0
| | | | | |
| * | | | | Merge branch 'dinsic' into babolivier/fix_profile_replicationBrendan Abolivier2019-06-12187-1929/+11277
| |\ \ \ \ \ | |/ / / / / |/| | | | |
| | * | | | Fix bogus changelogBrendan Abolivier2019-06-121-1/+1
| | | | | |
| | * | | | LintBrendan Abolivier2019-06-121-1/+0
| | | | | |
| | * | | | Merge branch 'dinsic' into babolivier/userdir_hide_usersBrendan Abolivier2019-06-12188-1929/+11277
| | |\ \ \ \ | |_|/ / / / |/| | | | |
* | | | | | Regenerate full schemasBrendan Abolivier2019-06-122-2/+17
| | | | | |
* | | | | | Fix path for password policy endpointsBrendan Abolivier2019-06-121-2/+2
| | | | | |
* | | | | | Merge branch 'master' into dinsicBrendan Abolivier2019-06-12151-1604/+8497
|\ \ \ \ \ \ | | |_|_|/ / | |/| | | |
| * | | | | 1.0.0 v1.0.0Erik Johnston2019-06-116-4/+28
| | | | | |
| * | | | | Merge pull request #5424 from matrix-org/erikj/change_password_reset_linksErik Johnston2019-06-1112-32/+262
| |\ \ \ \ \ | | | | | | | | | | | | | | Change password reset links to /_matrix.
| | * | | | | Bump bleach version so that tests can run on old deps.Erik Johnston2019-06-115-25/+1
| | | | | | |
| | * | | | | NewsfileErik Johnston2019-06-111-0/+1
| | | | | | |
| | * | | | | Change password reset links to /_matrix.Erik Johnston2019-06-116-7/+260
| | | |_|/ / | | |/| | |
| * / | | | Neilj/improve federation docs (#5419)Neil Johnson2019-06-114-16/+106
| |/ / / / | | | | | | | | | | | | | | | Add FAQ questions to federate.md. Add a health warning making it clear that the 1711 upgrade FAQ is now out of date.
| * | | | 1.0.0rc3 v1.0.0rc3Erik Johnston2019-06-112-1/+7
| | | | |
| * | | | Fix defaults on checking threepidsErik Johnston2019-06-102-1/+2
| | | | |
| * | | | Merge pull request #5418 from matrix-org/erikj/fix_send_fed_with_limit_zeroErik Johnston2019-06-102-0/+5
| |\ \ \ \ | | | | | | | | | | | | Fix bug sending federation transactions with lots of EDUs
| | * | | | Update changelog.d/5418.bugfixErik Johnston2019-06-101-1/+1
| | | | | | | | | | | | | | | | | | Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
| | * | | | NewsfileErik Johnston2019-06-101-0/+1
| | | | | |
| | * | | | Fix bug sending federation transactions with lots of EDUsErik Johnston2019-06-101-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If we try and send a transaction with lots of EDUs and we run out of space, we call get_new_device_msgs_for_remote with a limit of 0, which then failed.
| * | | | | 1.0.0rc2 v1.0.0rc2Erik Johnston2019-06-105-4/+12
| | | | | |
| * | | | | Merge pull request #5417 from matrix-org/rav/shared_ssl_contextErik Johnston2019-06-1010-182/+455
| |\ \ \ \ \ | | |/ / / / | |/| | | | Share an SSL context object between SSL connections
| | * | | | fix ci on py2, againRichard van der Hoff2019-06-101-1/+1
| | | | | |
| | * | | | rename gutwrenched attrRichard van der Hoff2019-06-101-5/+9
| | | | | |
| | * | | | fix CI on python 2.7Richard van der Hoff2019-06-101-6/+4
| | | | | |
| | * | | | fix build failsRichard van der Hoff2019-06-102-1/+4
| | | | | |
| | * | | | Tests for SSL certs for federation connectionsRichard van der Hoff2019-06-106-106/+343
| | | | | | | | | | | | | | | | | | | | | | | | Add some tests for bad certificates for federation and .well-known connections
| | * | | | Fix federation connections to literal IP addressesRichard van der Hoff2019-06-102-6/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | turns out we need a shiny version of service_identity to enforce this correctly.
| | * | | | clean up impl, and import idna directlyRichard van der Hoff2019-06-102-15/+12
| | | | | |
| | * | | | Share an SSL context object between SSL connectionsRichard van der Hoff2019-06-091-60/+89
| | | | | | | | | | | | | | | | | | | | | | | | This involves changing how the info callbacks work.
| * | | | | Merge branch 'erikj/fix_null_valid_until_ms' of ↵Erik Johnston2019-06-103-1/+58
| |\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | github.com:matrix-org/synapse into release-v1.0.0
| | * | | | | NewsfileErik Johnston2019-06-101-0/+1
| | | | | | |
| | * | | | | Fix key verification when key stored with null valid_until_msErik Johnston2019-06-102-1/+57
| | |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some keys are stored in the synapse database with a null valid_until_ms which caused an exception to be thrown when using that key. We fix this by treating nulls as zeroes, i.e. they keys will match verification requests with a minimum_valid_until_ms of zero (i.e. don't validate ts) but will not match requests with a non-zero minimum_valid_until_ms. Fixes #5391.
| * / / / / Improve startup checks for insecure notary configs (#5392)Richard van der Hoff2019-06-103-11/+24
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It's not really a problem to trust notary responses signed by the old key so long as we are also doing TLS validation. This commit adds a check to the config parsing code at startup to check that we do not have the insecure matrix.org key without tls validation, and refuses to start without it. This allows us to remove the rather alarming-looking warning which happens at runtime.
| * | | | 1.0.0rc1 v1.0.0rc1Neil Johnson2019-06-0781-83/+84
| | | | |
| * | | | Automatically retry builds when a buildkite agent is lost (#5380)Andrew Morgan2019-06-072-0/+67
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Sometimes the build agents get lost or die (error codes -1 and 2). Retry automatically a maximum of 2 times if this happens. Error code reference: * -1: Agent was lost * 0: Build successful * 1: There was an error in your code * 2: The build stopped abruptly * 255: The build was cancelled
| * | | | Prevent multiple device list updates from breaking a batch send (#5156)Andrew Morgan2019-06-064-31/+196
| | | | | | | | | | | | | | | fixes #5153
| * | | | Set default room version to v4. (#5379)Neil Johnson2019-06-065-3/+11
| | | | | | | | | | | | | | | | | | | | Set default room version to v4.
| * | | | Merge pull request #5320 from matrix-org/hawkowl/full-schema-v1Erik Johnston2019-06-067-2/+2356
| |\ \ \ \ | | | | | | | | | | | | Make a full SQL schema
| | * | | | fix maybeAmber H. Brown2019-06-071-20/+2
| | | | | |
| | * | | | just user dir?Amber H. Brown2019-06-071-1/+19
| | | | | |
| | * | | | remove background updates that arent neededAmber H. Brown2019-06-071-33/+1
| | | | | |
| | * | | | add more commentsAmber Brown2019-06-061-0/+5
| | | | | |
| | * | | | Merge remote-tracking branch 'origin/develop' into hawkowl/full-schema-v1Amber Brown2019-06-0445-329/+299
| | |\ \ \ \
| | * | | | | add stuff in bg updatesAmber Brown2019-06-041-10/+62
| | | | | | |
| | * | | | | WHY IS THIS CALLED A SLIGHTLY DIFFERENT THINGAmber Brown2019-06-031-0/+1
| | | | | | |
| | * | | | | more fixAmber Brown2019-06-032-0/+4
| | | | | | |
| | * | | | | more fixAmber Brown2019-06-032-2/+38
| | | | | | |
| | * | | | | fix schemasAmber Brown2019-06-035-61/+22
| | | | | | |
| | * | | | | full schemaAmber Brown2019-06-033-0/+2315
| | | | | | |
| | * | | | | prepareAmber Brown2019-06-031-2/+14
| | | | | | |
| * | | | | | remove bloatNeil Johnson2019-06-061-10/+1
| | | | | | |
| * | | | | | Add ability to perform password reset via email without trusting the ↵Andrew Morgan2019-06-0620-71/+922
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | identity server (#5377) Sends password reset emails from the homeserver instead of proxying to the identity server. This is now the default behaviour for security reasons. If you wish to continue proxying password reset requests to the identity server you must now enable the email.trust_identity_server_for_password_resets option. This PR is a culmination of 3 smaller PRs which have each been separately reviewed: * #5308 * #5345 * #5368
| * | | | | | Stop hardcoding trust of old matrix.org key (#5374)Richard van der Hoff2019-06-066-95/+293
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There are a few changes going on here: * We make checking the signature on a key server response optional: if no verify_keys are specified, we trust to TLS to validate the connection. * We change the default config so that it does not require responses to be signed by the old key. * We replace the old 'perspectives' config with 'trusted_key_servers', which is also formatted slightly differently. * We emit a warning to the logs every time we trust a key server response signed by the old key.
| * | | | | | Neilj/1.0 upgrade notes (#5371)Neil Johnson2019-06-064-8/+79
| | | | | | | | | | | | | | | | | | | | | | | | | | | | 1.0 upgrade/install notes
| * | | | | | Regen sample config before kicking off agents (#5370)Andrew Morgan2019-06-062-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Regen sample config before kicking off agents * Add changelog
| * | | | | | Fix missing logcontext for PresenceHandler.on_shutdown. (#5369)Richard van der Hoff2019-06-062-1/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes some warnings, and a scary-looking stacktrace when sytest kills the process.
| * | | | | | Merge pull request #5221 from matrix-org/erikj/fix_worker_sytestErik Johnston2019-06-062-1/+12
| |\ \ \ \ \ \ | | | | | | | | | | | | | | | | Fix get_max_topological_token to never return None
| | * | | | | | Better wordsErik Johnston2019-06-061-1/+1
| | | | | | | |
| | * | | | | | NewsfileErik Johnston2019-05-211-0/+1
| | | | | | | |
| | * | | | | | Fix get_max_topological_token to never return NoneErik Johnston2019-05-211-1/+11
| | | | | | | |
| * | | | | | | Merge pull request #5089 from dnaf/m-heroes-empty-room-nameBrendan Abolivier2019-06-062-5/+5
| |\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | Make /sync return heroes if room name or canonical alias are empty
| | * | | | | | | Add credit in the changelogBrendan Abolivier2019-06-062-1/+1
| | | | | | | | |
| | * | | | | | | Simplify conditionBrendan Abolivier2019-06-061-2/+2
| | | | | | | | |
| | * | | | | | | Simplify conditionBrendan Abolivier2019-06-051-3/+2
| | | | | | | | |
| | * | | | | | | Merge branch 'develop' into m-heroes-empty-room-nameBrendan Abolivier2019-06-05350-3583/+9622
| | |\ \ \ \ \ \ \
| | * | | | | | | | LintKatie Wolfe2019-04-241-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I probably should've just run autopep8 in the first place... Signed-off-by: Katie Wolfe <katie@dnaf.moe>
| | * | | | | | | | Clean up codeKatie Wolfe2019-04-241-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Katie Wolfe <katie@dnaf.moe>
| | * | | | | | | | Show heroes if room name or canonical alias are emptyKatie Wolfe2019-04-241-3/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #4194 Signed-off-by: Katie Wolfe <katie@dnaf.moe>
| | * | | | | | | | Add full stop to 5084.bugfixKatie Wolfe2019-04-241-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Katie Wolfe <katie@dnaf.moe>
| | * | | | | | | | Add changelog.d/5084.bugfixKatie Wolfe2019-04-241-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Katie Wolfe <katie@dnaf.moe>
| | * | | | | | | | Show heroes if room name or canonical alias are emptyKatie Wolfe2019-04-241-5/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #4194 Signed-off-by: Katie Wolfe <katie@dnaf.moe>
| * | | | | | | | | Merge pull request #5359 from matrix-org/rav/enable_tls_verificationRichard van der Hoff2019-06-064-12/+19
| |\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | Validate federation server TLS certificates by default.
| | * \ \ \ \ \ \ \ \ Merge branch 'rav/fix_custom_ca' into rav/enable_tls_verificationRichard van der Hoff2019-06-0528-43/+219
| | |\ \ \ \ \ \ \ \ \
| | * | | | | | | | | | Update sample configRichard van der Hoff2019-06-051-4/+4
| | | | | | | | | | | |
| | * | | | | | | | | | Validate federation server TLS certificates by default.Richard van der Hoff2019-06-053-8/+15
| | | | | | | | | | | |
| * | | | | | | | | | | Merge pull request #5361 from matrix-org/rav/generate_signing_keyRichard van der Hoff2019-06-062-0/+38
| |\ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | add a script to generate new signing_key files
| | * | | | | | | | | | | add a script to generate new signing_key filesRichard van der Hoff2019-06-052-0/+38
| | | | | | | | | | | | |
| * | | | | | | | | | | | Merge pull request #5355 from matrix-org/babolivier/heroes_left_membersBrendan Abolivier2019-06-062-15/+20
| |\ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Include left members in room summaries' heroes
| | * | | | | | | | | | | | Properly format the changelogBrendan Abolivier2019-06-051-1/+1
| | | | | | | | | | | | | |
| | * | | | | | | | | | | | ChangelogBrendan Abolivier2019-06-051-0/+1
| | | | | | | | | | | | | |
| | * | | | | | | | | | | | Do user_id != me checks before deciding whether we should pick heroes from ↵Brendan Abolivier2019-06-051-15/+19
| | | |_|_|_|/ / / / / / / | | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | the joined members or the parted ones
| * | | | | | | | | | | | Merge pull request #5354 from matrix-org/rav/server_keys/99-room-v5Richard van der Hoff2019-06-062-5/+7
| |\ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Implement room v5 which enforces signing key validity
| | * | | | | | | | | | | | Implement room v5 which enforces signing key validityRichard van der Hoff2019-06-052-5/+7
| | | |_|/ / / / / / / / / | | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Implements [MSC2077](https://github.com/matrix-org/matrix-doc/pull/2077) and fixes #5247 and #4364.
| * | | | | | | | | | | | Merge pull request #5353 from matrix-org/rav/verify_key_loggingRichard van der Hoff2019-06-066-56/+86
| |\ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Associate a request_name with each verify request, for logging
| | * | | | | | | | | | | | Associate a request_name with each verify request, for loggingRichard van der Hoff2019-06-056-56/+86
| | |/ / / / / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also: * rename VerifyKeyRequest->VerifyJsonRequest * calculate key_ids on VerifyJsonRequest construction * refactor things to pass around VerifyJsonRequests instead of 4-tuples
| * | | | | | | | | | | | Merge pull request #5362 from matrix-org/rav/fix_custom_caRichard van der Hoff2019-06-052-1/+2
| |\ \ \ \ \ \ \ \ \ \ \ \ | | | |_|_|/ / / / / / / / | | |/| | | | | | | | | | Fix `federation_custom_ca_list` configuration option.
| | * | | | | | | | | | | Fix `federation_custom_ca_list` configuration option.Richard van der Hoff2019-06-052-1/+2
| |/ / / / / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, setting this option would cause an exception at startup.
| * | | | | | | | | | | Neilj/add r0.5 to versions (#5360)Neil Johnson2019-06-052-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Update _matrix/client/versions to reference support for r0.5.0
| * | | | | | | | | | | Fix background updates to handle redactions/rejections (#5352)Erik Johnston2019-06-065-12/+117
| | |_|/ / / / / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Fix background updates to handle redactions/rejections In background updates based on current state delta stream we need to handle that we may not have all the events (or at least that `get_events` may raise an exception).
| * | | | | | | | | | Fix notes about well-known and acme (#5357)Richard van der Hoff2019-06-052-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fixes #4951
| * | | | | | | | | | Merge pull request #5317 from matrix-org/erikj/make_do_auth_non_essentialErik Johnston2019-06-052-12/+47
| |\ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | Fix handling of failures when calling /event_auth.
| | * | | | | | | | | | Add logging when request fails and clarify we ignore errors.Erik Johnston2019-06-051-4/+12
| | | | | | | | | | | |
| | * | | | | | | | | | NewsfileErik Johnston2019-06-031-0/+1
| | | | | | | | | | | |
| | * | | | | | | | | | Fix handling of failures when calling /event_auth.Erik Johnston2019-06-031-12/+38
| | | |_|_|_|/ / / / / | | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When processing an incoming event over federation, we may try and resolve any unexpected differences in auth events. This is a non-essential process and so should not stop the processing of the event if it fails (e.g. due to the remote disappearing or not implementing the necessary endpoints). Fixes #3330
| * | | | | | | | | | Neilj/changelog clean up (#5356)Neil Johnson2019-06-0512-12/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * group together key validity refactors
| * | | | | | | | | | Neilj/mau tracking config explainer (#5284)Neil Johnson2019-06-053-0/+33
| | |/ / / / / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | Improve documentation of monthly active user blocking and mau_trial_days
| * | | | | | | | | Add a test room version where we enforce key validity (#5348)Richard van der Hoff2019-06-053-22/+38
| | |/ / / / / / / | |/| | | | | | |
| * | | | | | | | Clean up debug logging (#5347)Richard van der Hoff2019-06-054-8/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | Remove some spurious stuff, clarify some other stuff
| * | | | | | | | Rename VerifyKeyRequest.deferred field (#5343)Richard van der Hoff2019-06-052-12/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | it's a bit confusing
| * | | | | | | | Call RetryLimiter correctly (#5340)Richard van der Hoff2019-06-042-1/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes a regression introduced in #5335.
| * | | | | | | | Fix failure to fetch batches of PDUs (#5342)Richard van der Hoff2019-06-042-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | FederationClient.get_pdu is called in a loop to fetch a batch of PDUs. A failure to fetch one should not result in a failure of the whole batch. Add the missing `continue`.
| * | | | | | | | Rename get_events->get_events_from_store_or_dest (#5344)Richard van der Hoff2019-06-042-20/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We have too many things called get_event, and it's hard to figure out what we mean. Also remove some unused params from the signature, and add some logging.
| * | | | | | | | Merge pull request #5341 from matrix-org/babolivier/email_configBrendan Abolivier2019-06-042-42/+58
| |\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | Make account validity renewal emails work when email notifs are disabled
| * \ \ \ \ \ \ \ \ Merge pull request #5324 from matrix-org/erikj/ignore_nullErik Johnston2019-06-042-0/+17
| |\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | Ignore room state with null bytes in for room stats
| | * | | | | | | | | FixErik Johnston2019-06-031-1/+2
| | | | | | | | | | |
| | * | | | | | | | | NewsfileErik Johnston2019-06-031-0/+1
| | | | | | | | | | |
| | * | | | | | | | | Ignore room state with null bytes in for room statsErik Johnston2019-06-031-0/+15
| | | |_|_|_|/ / / / | | |/| | | | | | |
| * | | | | | | | | Avoid rapidly backing-off a server if we ignore the retry interval (#5335)Richard van der Hoff2019-06-042-23/+38
| |\ \ \ \ \ \ \ \ \
| | * | | | | | | | | Avoid rapidly backing-off a server if we ignore the retry intervalRichard van der Hoff2019-06-032-23/+38
| | | | | | | | | | |
| * | | | | | | | | | Don't do long retries when calling the key notary server. (#5334)Richard van der Hoff2019-06-042-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It takes at least 20 minutes to work through the long_retries schedule (11 attempts, each with a 60 second timeout, and 60 seconds between each request), so if the notary server isn't returning within the timeout, we'll just end up blocking whatever request is happening for 20 minutes. Ain't nobody got time for that.
| * | | | | | | | | | Merge pull request #5333 from ↵Richard van der Hoff2019-06-044-40/+66
| |\ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | matrix-org/rav/server_keys/09_improve_notary_server Fixes for the key-notary server
| | * | | | | | | | | | changelogRichard van der Hoff2019-06-041-0/+1
| | | | | | | | | | | |
| | * | | | | | | | | | Notary server: make requests to origins in parallelRichard van der Hoff2019-06-042-11/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ... else we're guaranteed to time out.
| | * | | | | | | | | | Don't bomb out on direct key fetches as soon as one failsRichard van der Hoff2019-06-042-29/+41
| | | | | | | | | | | |
| | * | | | | | | | | | Reduce timeout for outbound /key/v2/server requests.Richard van der Hoff2019-06-031-0/+13
| | |/ / / / / / / / /
| * | | | | | | | | | Improve docstrings on MatrixFederationClient. (#5332)Richard van der Hoff2019-06-042-16/+56
| | | | | | | | | | |
| * | | | | | | | | | Hawkowl/fix missing auth (#5328)Amber Brown2019-06-042-0/+2
| |/ / / / / / / / /
| * | | | | | | | | Enforce validity period on server_keys for fed requests. (#5321)Richard van der Hoff2019-06-036-88/+228
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When handling incoming federation requests, make sure that we have an up-to-date copy of the signing key. We do not yet enforce the validity period for event signatures.
| * | | | | | | | | Revert "Newsfile"Erik Johnston2019-06-031-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 4bd67db100efacc3d31a2f8187b7bdd4479d9bc3.
| * | | | | | | | | NewsfileErik Johnston2019-06-031-0/+1
| |/ / / / / / / /
| * | | | | | | | Merge pull request #5307 from ↵Richard van der Hoff2019-06-032-12/+3
| |\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | matrix-org/rav/server_keys/07-fix-notary-cache-poison Stop overwriting server keys with other keys
| | * | | | | | | | Stop overwriting server keys with other keysRichard van der Hoff2019-05-312-12/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix a bug where we would discard a key result which the origin server is no longer returning. Fixes #5305.
| * | | | | | | | | Unify v1 and v2 REST client APIs (#5226)Amber Brown2019-06-0343-317/+296
| | |_|/ / / / / / | |/| | | | | | |
| * | | | | | | | Merge pull request #5309 from matrix-org/rav/limit_displayname_lengthRichard van der Hoff2019-06-014-2/+76
| |\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | Limit displaynames and avatar URLs
| | * | | | | | | | add some testsRichard van der Hoff2019-06-011-2/+60
| | | | | | | | | |
| | * | | | | | | | Limit displaynames and avatar URLsRichard van der Hoff2019-06-013-0/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | These end up in join events everywhere, so let's limit them. Fixes #5079
generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-04-05 06:20:20 +0000