summary refs log tree commit diff
Commit message (Collapse)AuthorAgeFilesLines
* Update worker docsErik Johnston2019-02-182-2/+3
|
* Split /login into client_readerErik Johnston2019-02-182-41/+43
|
* Move register_device into handlerErik Johnston2019-02-185-172/+97
|
* Update docsErik Johnston2019-02-182-1/+7
|
* Update changelog.d/4666.featureWill Hunt2019-02-181-1/+1
| | | Co-Authored-By: erikjohnston <erikj@jki.re>
* Fix unit testsErik Johnston2019-02-181-6/+15
|
* NewsfileErik Johnston2019-02-181-0/+1
|
* Split out registration to workerErik Johnston2019-02-187-147/+401
| | | | | | | | This allows registration to be handled by a worker, though the actual write to the database still happens on master. Note: due to the in-memory session map all registration requests must be handled by the same worker.
* Merge pull request #4657 from matrix-org/travis/linda/spellingErik Johnston2019-02-183-2/+3
|\ | | | | Fix spelling mistakes
| * UPGRADE.rst: Fix a typo in "Upgrading Synapse" sectionJuuso "Linda" Lapinlampi2019-02-151-1/+1
| | | | | | | | See: https://en.wiktionary.org/wiki/successful
| * config: Remove a repeated word from a logger warningJuuso "Linda" Lapinlampi2019-02-151-1/+1
| | | | | | | | The warning for missing macaroon_secret_key was "missing missing".
| * ChangelogTravis Ralston2019-02-151-0/+1
|/
* Merge pull request #4647 from matrix-org/erikj/add_room_publishing_rulesErik Johnston2019-02-156-31/+274
|\ | | | | Add configurable room list publishing rules
| * Move defaults up into codeErik Johnston2019-02-151-22/+44
| |
| * Hoist up checks to reduce overall workErik Johnston2019-02-151-17/+15
| |
| * Fixup commentsErik Johnston2019-02-151-8/+27
| |
| * Clarify commentsErik Johnston2019-02-141-3/+3
| |
| * Clarify and fix behaviour when there are multiple aliasesErik Johnston2019-02-142-6/+24
| |
| * Only fetch aliases when publishing roomsErik Johnston2019-02-141-15/+15
| |
| * Fixup commentsErik Johnston2019-02-141-8/+15
| |
| * NewsfileErik Johnston2019-02-141-0/+1
| |
| * Add configurable room list publishing rulesErik Johnston2019-02-145-22/+200
| | | | | | | | | | This allows specifying who and what is allowed to be published onto the public room list
* | Merge branch 'master' into developRichard van der Hoff2019-02-146-8/+37
|\ \
| * \ Merge branch 'release-v0.99.1'Richard van der Hoff2019-02-146-8/+37
| |\ \
| | * | Fix debian build dockerfile github/release-v0.99.1 release-v0.99.1Richard van der Hoff2019-02-141-1/+5
| | | | | | | | | | | | | | | | Make sure it refreshes the apt cache before trying to install stuff
| | * | 0.99.1.1 v0.99.1.1Richard van der Hoff2019-02-144-3/+17
| | | |
| | * | Fix errors in acme provisioning (#4648)Richard van der Hoff2019-02-143-6/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Better logging for errors on startup * Fix "TypeError: '>' not supported" when starting without an existing certificate * Fix a bug where an existing certificate would be reprovisoned every day
* | | | Merge branch 'master' into developRichard van der Hoff2019-02-146-7/+17
|\| | | | |_|/ |/| |
| * | Merge tag 'v0.99.1'Richard van der Hoff2019-02-1456-555/+1312
| |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 0.99.1 (2019-02-14) =========================== Features -------- - Include m.room.encryption on invites by default ([\#3902](https://github.com/matrix-org/synapse/issues/3902)) - Federation OpenID listener resource can now be activated even if federation is disabled ([\#4420](https://github.com/matrix-org/synapse/issues/4420)) - Synapse's ACME support will now correctly reprovision a certificate that approaches its expiry while Synapse is running. ([\#4522](https://github.com/matrix-org/synapse/issues/4522)) - Add ability to update backup versions ([\#4580](https://github.com/matrix-org/synapse/issues/4580)) - Allow the "unavailable" presence status for /sync. This change makes Synapse compliant with r0.4.0 of the Client-Server specification. ([\#4592](https://github.com/matrix-org/synapse/issues/4592)) - There is no longer any need to specify `no_tls`: it is inferred from the absence of TLS listeners ([\#4613](https://github.com/matrix-org/synapse/issues/4613), [\#4615](https://github.com/matrix-org/synapse/issues/4615), [\#4617](https://github.com/matrix-org/synapse/issues/4617), [\#4636](https://github.com/matrix-org/synapse/issues/4636)) - The default configuration no longer requires TLS certificates. ([\#4614](https://github.com/matrix-org/synapse/issues/4614)) Bugfixes -------- - Copy over room federation ability on room upgrade. ([\#4530](https://github.com/matrix-org/synapse/issues/4530)) - Fix noisy "twisted.internet.task.TaskStopped" errors in logs ([\#4546](https://github.com/matrix-org/synapse/issues/4546)) - Synapse is now tolerant of the `tls_fingerprints` option being None or not specified. ([\#4589](https://github.com/matrix-org/synapse/issues/4589)) - Fix 'no unique or exclusion constraint' error ([\#4591](https://github.com/matrix-org/synapse/issues/4591)) - Transfer Server ACLs on room upgrade. ([\#4608](https://github.com/matrix-org/synapse/issues/4608)) - Fix failure to start when not TLS certificate was given even if TLS was disabled. ([\#4618](https://github.com/matrix-org/synapse/issues/4618)) - Fix self-signed cert notice from generate-config. ([\#4625](https://github.com/matrix-org/synapse/issues/4625)) - Fix performance of `user_ips` table deduplication background update ([\#4626](https://github.com/matrix-org/synapse/issues/4626), [\#4627](https://github.com/matrix-org/synapse/issues/4627)) Internal Changes ---------------- - Change the user directory state query to use a filtered call to the db instead of a generic one. ([\#4462](https://github.com/matrix-org/synapse/issues/4462)) - Reject federation transactions if they include more than 50 PDUs or 100 EDUs. ([\#4513](https://github.com/matrix-org/synapse/issues/4513)) - Reduce duplication of ``synapse.app`` code. ([\#4567](https://github.com/matrix-org/synapse/issues/4567)) - Fix docker upload job to push -py2 images. ([\#4576](https://github.com/matrix-org/synapse/issues/4576)) - Add port configuration information to ACME instructions. ([\#4578](https://github.com/matrix-org/synapse/issues/4578)) - Update MSC1711 FAQ to calrify .well-known usage ([\#4584](https://github.com/matrix-org/synapse/issues/4584)) - Clean up default listener configuration ([\#4586](https://github.com/matrix-org/synapse/issues/4586)) - Clarifications for reverse proxy docs ([\#4607](https://github.com/matrix-org/synapse/issues/4607)) - Move ClientTLSOptionsFactory init out of `refresh_certificates` ([\#4611](https://github.com/matrix-org/synapse/issues/4611)) - Fail cleanly if listener config lacks a 'port' ([\#4616](https://github.com/matrix-org/synapse/issues/4616)) - Remove redundant entries from docker config ([\#4619](https://github.com/matrix-org/synapse/issues/4619)) - README updates ([\#4621](https://github.com/matrix-org/synapse/issues/4621))
| | * 0.99.1 v0.99.1Richard van der Hoff2019-02-143-16/+11
| | |
| | * implement `reload` by sending the HUP signal (#4622)Дамјан Георгиевски2019-02-142-0/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * implement `reload` by sending the HUP signal According to the 0.99 release info* synapse now uses the HUP signal to reload certificates: > Synapse will now reload TLS certificates from disk upon SIGHUP. (#4495, #4524) So the matrix-synapse.service unit file should include a reload directive. Signed-off-by: Дамјан Георгиевски <gdamjan@gmail.com>
| | * 0.99.1rc2 v0.99.1rc2Richard van der Hoff2019-02-133-2/+10
| | |
| * | Update MSC1711_certificates_FAQ.mdErik Johnston2019-02-081-1/+1
| | | | | | | | | Fix incorrect heading level
* | | Merge pull request #4450 from 14mRh4X0r/fix-dependency-messageRichard van der Hoff2019-02-132-2/+7
|\ \ \ | | | | | | | | Fix error message for optional dependencies
| * | | Fix error message for optional dependenciesWillem Mulder2019-01-232-2/+7
| | | | | | | | | | | | | | | | Signed-off-by: Willem Mulder <willemmaster@hotmail.com>
* | | | Merge remote-tracking branch 'origin/release-v0.99.1' into developRichard van der Hoff2019-02-134-22/+35
|\ \ \ \ | | |_|/ | |/| |
| * | | Merge pull request #4636 from matrix-org/rav/bind_address_fixesRichard van der Hoff2019-02-134-22/+35
| |\ \ \ | | | | | | | | | | Fix errors when using default bind_addresses with replication/metrics listeners
| | * | | Update synapse/app/_base.pyErik Johnston2019-02-131-1/+1
| | | | | | | | | | | | | | | Co-Authored-By: richvdh <1389908+richvdh@users.noreply.github.com>
| | * | | changelogRichard van der Hoff2019-02-131-0/+1
| | | | |
| | * | | Use `listen_tcp` for the replication listenerRichard van der Hoff2019-02-131-7/+7
| | | | | | | | | | | | | | | | | | | | | | | | | Fixes the "can't listen on 0.0.0.0" error. Also makes it more consistent with what we do elsewhere.
| | * | | Improve logging around listening servicesRichard van der Hoff2019-02-132-11/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I wanted to bring listen_tcp into line with listen_ssl in terms of returning a list of ports, and wanted to check that was a safe thing to do - hence the logging in `refresh_certificate`. Also, pull the 'Synapse now listening' message up to homeserver.py, because it was being duplicated everywhere else.
| | * | | Special-case the default bind_addresses for metrics listenerRichard van der Hoff2019-02-132-4/+7
| |/ / / | | | | | | | | | | | | | | | | turns out it doesn't really support ipv6, so let's hack around that by only listening on ipv4 by default.
* / / / Run `black` on user directory code (#4635)Amber Brown2019-02-133-131/+117
|/ / /
* | | Fixup changelog v0.99.1rc1Erik Johnston2019-02-121-4/+4
| | |
* | | Update changelog and versionErik Johnston2019-02-1232-32/+47
| | |
* | | Merge pull request #4608 from matrix-org/anoa/acls_room_upgradeErik Johnston2019-02-122-0/+2
|\ \ \ | | | | | | | | Transfer Server ACLs on room upgrade
| * | | ChangelogAndrew Morgan2019-02-111-0/+1
| | | |
| * | | Transfer Server ACLs on room upgradeAndrew Morgan2019-02-111-0/+1
| | | |
* | | | Fixup changelog entriesErik Johnston2019-02-124-2/+2
| | | |
* | | | Merge pull request #4627 from matrix-org/erikj/user_ips_analyzeErik Johnston2019-02-123-3/+32
|\ \ \ \ | | | | | | | | | | Analyze user_ips before running deduplication
| * | | | Fix pep8Erik Johnston2019-02-121-1/+1
| | | | |
| * | | | NewsfileErik Johnston2019-02-121-0/+1
| | | | |
| * | | | Analyze user_ips before running deduplicationErik Johnston2019-02-122-3/+31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Due to the table locks taken out by the naive upsert, the table statistics may be out of date. During deduplication it is important that the correct index is used as otherwise a full table scan may be incorrectly used, which can end up thrashing the database badly.
* | | | | Merge pull request #4626 from matrix-org/erikj/fixup_user_ips_dedupeErik Johnston2019-02-122-3/+61
|\ \ \ \ \ | | | | | | | | | | | | Reduce user_ips bloat during dedupe background update
| * | | | | NewsfileErik Johnston2019-02-121-0/+1
| | | | | |
| * | | | | Reduce user_ips bloat during dedupe background updateErik Johnston2019-02-121-3/+60
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The background update to remove duplicate rows naively deleted and reinserted the duplicates. For large tables with a large number of duplicates this causes a lot of bloat (with postgres), as the inserted rows are appended to the table, since deleted rows will not be overwritten until a VACUUM has happened. This should hopefully also help ensure that the query in the last batch uses the correct index, as inserting a large number of new rows without analyzing will upset the query planner.
* | | | | Merge pull request #4625 from matrix-org/rav/fix_generate_config_warningsErik Johnston2019-02-122-7/+3
|\ \ \ \ \ | | | | | | | | | | | | fix self-signed cert notice from generate-config
| * | | | | fix self-signed cert notice from generate-configRichard van der Hoff2019-02-122-7/+3
| |/ / / / | | | | | | | | | | | | | | | fixes #4620
* | | | | README updates (#4621)Richard van der Hoff2019-02-123-63/+80
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Lots of updates to the README/INSTALL.md. Fixes #4601.
* | | | | Disable TLS by default (#4614)Richard van der Hoff2019-02-123-27/+28
| | | | |
* | | | | Fix error when loading cert if tls is disabled (#4618)Richard van der Hoff2019-02-124-18/+47
|/ / / / | | | | | | | | | | | | | | | | | | | | If TLS is disabled, it should not be an error if no cert is given. Fixes #4554.
* | | | Merge pull request #4619 from matrix-org/rav/remove_docker_no_tls_hacksErik Johnston2019-02-123-24/+2
|\ \ \ \ | | | | | | | | | | Remove redundant entries from docker config
| * | | | Remove redundant entries from docker configRichard van der Hoff2019-02-113-24/+2
| | | | | | | | | | | | | | | | | | | | | | | | | * no_tls is now redundant (#4613) * we don't need a dummy cert any more (#4618)
* | | | | Merge pull request #4613 from matrix-org/rav/deprecate_no_tlsErik Johnston2019-02-1211-44/+82
|\ \ \ \ \ | |/ / / / |/| | | | Infer no_tls from presence of TLS listeners
| * | | | fix testsRichard van der Hoff2019-02-112-3/+7
| | | | |
| * | | | Infer no_tls from presence of TLS listenersRichard van der Hoff2019-02-1110-20/+27
| | | | | | | | | | | | | | | | | | | | | | | | | Rather than have to specify `no_tls` explicitly, infer whether we need to load the TLS keys etc from whether we have any TLS-enabled listeners.
| * | | | Merge branch 'rav/no_create_server_contexts_if_no_tls' into rav/tls_cert/workRichard van der Hoff2019-02-113-3/+7
| |\ \ \ \
| | * | | | Don't create server contexts when TLS is disabledRichard van der Hoff2019-02-113-3/+7
| | | | | | | | | | | | | | | | | | | | | | | | we aren't going to use them anyway.
| * | | | | Merge branch 'rav/tls_config_logging_fixes' into rav/tls_cert/workRichard van der Hoff2019-02-113-22/+39
| |\| | | |
| | * | | | Logging improvements around TLS certsRichard van der Hoff2019-02-113-22/+39
| |/ / / / |/| | | | | | | | | | | | | | | | | | | Log which file we're reading keys and certs from, and refactor the code a bit in preparation for other work
| * | | | Fail cleanly if listener config lacks a 'port'Richard van der Hoff2019-02-112-0/+6
|/ / / / | | | | | | | | | | | | ... otherwise we would fail with a mysterious KeyError or something later.
* | | | Move ClientTLSOptionsFactory init out of refresh_certificates (#4611)Richard van der Hoff2019-02-115-9/+9
| | | | | | | | | | | | | | | | | | | | It's nothing to do with refreshing the certificates. No idea why it was here.
* | | | Merge pull request #4580 from matrix-org/uhoreg/e2e_backup_add_updatingErik Johnston2019-02-115-5/+197
|\ \ \ \ | | | | | | | | | | add updating of backup versions
| * | | | make sure version is in body and wrap in linearizer queueHubert Chathi2019-02-083-12/+100
| | | | | | | | | | | | | | | | | | | | also add tests
| * | | | re-try to make isort happyHubert Chathi2019-02-061-1/+1
| | | | |
| * | | | add changelog entryHubert Chathi2019-02-061-0/+1
| | | | |
| * | | | fix import to make isort happyHubert Chathi2019-02-061-2/+7
| | | | |
| * | | | add new endpoint to update backup versionsHubert Chathi2019-02-063-1/+87
| | | | |
| * | | | return proper error codes for some 404sHubert Chathi2019-02-061-4/+16
| | | | |
* | | | | Clean up default listener configuration (#4586)Richard van der Hoff2019-02-112-48/+82
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Rearrange the comments to try to clarify them, and expand on what some of it means. Use a sensible default 'bind_addresses' setting. For the insecure port, only bind to localhost, and enable x_forwarded, since apparently it's for use behind a load-balancer.
* | | | | Clarifications for reverse proxy docs (#4607)Richard van der Hoff2019-02-116-62/+117
| |/ / / |/| | | | | | | | | | | | | | | | | | | | | | | Factor out the reverse proxy info to a separate file, add some more info on reverse-proxying the federation port.
* | | | ACME Reprovisioning (#4522)Amber Brown2019-02-115-25/+89
| | | |
* | | | Be tolerant of blank TLS fingerprints config (#4589)Amber Brown2019-02-112-1/+6
| | | |
* | | | Merge pull request #4420 from matrix-org/jaywink/openid-listenerErik Johnston2019-02-119-46/+252
|\ \ \ \ | | | | | | | | | | New listener resource for the federation API "openid/userinfo" endpoint
| * | | | Fix flake8 issuesJason Robinson2019-01-233-4/+13
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Jason Robinson <jasonr@matrix.org>
| * | | | Fix openid tests after rebaseJason Robinson2019-01-231-2/+2
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Jason Robinson <jasonr@matrix.org>
| * | | | Fix sorting of imports in tests. Remove an unnecessary mockJason Robinson2019-01-231-2/+2
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Jason Robinson <jasonr@matrix.org>
| * | | | Collapse changelog to one lineJason Robinson2019-01-231-13/+1
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Jason Robinson <jasonr@matrix.org>
| * | | | Remove openid resource from default configJason Robinson2019-01-231-4/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Instead document it commented out. Signed-off-by: Jason Robinson <jasonr@matrix.org>
| * | | | Document `servlet_groups` parametersJason Robinson2019-01-231-0/+23
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Jason Robinson <jasonr@matrix.org>
| * | | | Add changelog for openid resource additionJason Robinson2019-01-231-0/+13
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Jason Robinson <jasonr@matrix.org>
| * | | | Split federation OpenID userinfo endpoint out of the federation resourceJason Robinson2019-01-234-46/+93
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This allows the OpenID userinfo endpoint to be active even if the federation resource is not active. The OpenID userinfo endpoint is called by integration managers to verify user actions using the client API OpenID access token. Without this verification, the integration manager cannot know that the access token is valid. The OpenID userinfo endpoint will be loaded in the case that either "federation" or "openid" resource is defined. The new "openid" resource is defaulted to active in default configuration. Signed-off-by: Jason Robinson <jasonr@matrix.org>
| * | | | Add tests for the openid lister for SynapseHomeServerJason Robinson2019-01-231-1/+48
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Check all possible variants of openid and federation listener on/off possibilities. Signed-off-by: Jason Robinson <jasonr@matrix.org>
| * | | | Make SynapseHomeServer _http_listener use self.get_reactor()Jason Robinson2019-01-231-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For all the homeserver classes, only the FrontendProxyServer passes its reactor when doing the http listen. Looking at previous PR's looks like this was introduced to make it possible to write a test, otherwise when you try to run a test with the test homeserver it tries to do a real bind to a port. Passing the reactor that the homeserver is instantiated with should probably be the right thing to do anyway? Signed-off-by: Jason Robinson <jasonr@matrix.org>
| * | | | Add tests for the openid lister for FederationReaderServerJason Robinson2019-01-231-0/+66
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Check all possible variants of openid and federation listener on/off possibilities. Signed-off-by: Jason Robinson <jasonr@matrix.org>
| * | | | Make FederationReaderServer _http_listen use self.get_reactor()Jason Robinson2019-01-231-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For all the homeserver classes, only the FrontendProxyServer passes its reactor when doing the http listen. Looking at previous PR's looks like this was introduced to make it possible to write a test, otherwise when you try to run a test with the test homeserver it tries to do a real bind to a port. Passing the reactor that the homeserver is instantiated with should probably be the right thing to do anyway? Signed-off-by: Jason Robinson <jasonr@matrix.org>
| * | | | Add parameterized Python module to test dependenciesJason Robinson2019-01-232-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Allows running parameterized tests. BSD license. Signed-off-by: Jason Robinson <jasonr@matrix.org>
| * | | | Fix a test docstring in frontend proxy testsJason Robinson2019-01-231-1/+1
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Jason Robinson <jasonr@matrix.org>
* | | | | Allow "unavailable" presence status for /sync (#4592)Valentin Anger2019-02-083-1/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Allow "unavailable" presence status for /sync Closes #3772, closes #3779 Signed-off-by: Valentin Anger <valentin.an.1999@gmail.com> * Add changelog for PR 4592
* | | | | Fix 'no unique or exclusion constraint' error (#4591)Richard van der Hoff2019-02-082-6/+22
| | | | | | | | | | | | | | | | | | | | | | | | | Add more tables to the list of tables which need a background update to complete before we can upsert into them, which fixes a race against the background updates.
* | | | | Deduplicate some code in synapse.app (#4567)Amber Brown2019-02-0814-158/+83
| | | | |
* | | | | Merge branch 'master' into developRichard van der Hoff2019-02-070-0/+0
|\ \ \ \ \ | | |_|_|/ | |/| | |
| * | | | cleanupsRichard van der Hoff2019-02-071-4/+2
| | | | |
| * | | | Merge branch 'master' into erikj/msc1711_faqRichard van der Hoff2019-02-073-12/+17
| |\ \ \ \
| * | | | | NewsfileErik Johnston2019-02-071-0/+1
| | | | | |
| * | | | | Update MSC1711 FAQ to be explicit about well-knownErik Johnston2019-02-071-11/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A surprising number of people are using the well-known method, and are simply copying the example configuration. This is problematic as the example includes an explicit port, which causes inbound federation requests to have the HTTP Host header include the port, upsetting some reverse proxies. Given that, we update the well-known example to be more explicit about the various ways you can set it up, and the consequence of using an explict port.
* | | | | | Update MSC1711 FAQ to be explicit about well-known (#4584)Erik Johnston2019-02-072-13/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A surprising number of people are using the well-known method, and are simply copying the example configuration. This is problematic as the example includes an explicit port, which causes inbound federation requests to have the HTTP Host header include the port, upsetting some reverse proxies. Given that, we update the well-known example to be more explicit about the various ways you can set it up, and the consequence of using an explict port.
* | | | | | Merge branch 'master' into developRichard van der Hoff2019-02-073-12/+17
|\ \ \ \ \ \ | | |/ / / / | |/| | | |
| * | | | | Merge remote-tracking branch 'origin/release-v0.99.0'Richard van der Hoff2019-02-072-11/+16
| |\ \ \ \ \
| | * | | | | Update ACME docs to include port instructions (#4578) github/release-v0.99.0 release-v0.99.0Andrew Morgan2019-02-072-11/+16
| | | | | | |
| * | | | | | clarify option 1Richard van der Hoff2019-02-071-1/+1
| | |/ / / / | |/| | | |
* | | | | | Merge branch 'master' into developRichard van der Hoff2019-02-062-0/+3
|\| | | | |
| * | | | | Fix docker upload job to push -py2 images (#4576)Richard van der Hoff2019-02-062-0/+3
| | | | | |
* | | | | | Merge branch 'master' into developRichard van der Hoff2019-02-052-37/+19
|\| | | | |
| * | | | | faq cleanupsRichard van der Hoff2019-02-052-37/+19
| |/ / / /
* | | | | Merge branch 'master' into developRichard van der Hoff2019-02-0518-579/+1051
|\| | | |
| * | | | v0.99.0 v0.99.0Richard van der Hoff2019-02-0510-63/+23
| | | | |
| * | | | Add notes on SRV and .well-known (#4573)Richard van der Hoff2019-02-051-41/+117
| | | | |
| * | | | fix some thinkos in UPGRADE.rstRichard van der Hoff2019-02-051-6/+7
| | | | |
| * | | | Merge pull request #4570 from matrix-org/anoa/self_signed_upgradeAndrew Morgan2019-02-054-120/+151
| |\ \ \ \ | | | | | | | | | | | | Add ACME docs and link to it from README and INSTALL
| | * | | | Add TL;DR and final step details to ACMEAndrew Morgan2019-02-051-4/+20
| | | | | |
| | * | | | Merge branch 'anoa/self_signed_upgrade' of github.com:matrix-org/synapse ↵Andrew Morgan2019-02-051-1/+1
| | |\ \ \ \ | | | | | | | | | | | | | | | | | | | | | into anoa/self_signed_upgrade
| | | * | | | Update docs/ACME.mdRichard van der Hoff2019-02-051-2/+2
| | | | | | | | | | | | | | | | | | | | | Co-Authored-By: anoadragon453 <1342360+anoadragon453@users.noreply.github.com>
| | * | | | | Update ACMEAndrew Morgan2019-02-051-14/+17
| | | | | | |
| | * | | | | Update INSTALLAndrew Morgan2019-02-051-4/+4
| | | | | | |
| | * | | | | Update READMEAndrew Morgan2019-02-051-8/+1
| | |/ / / /
| | * | | | Actually add ACME docsAndrew Morgan2019-02-051-0/+107
| | | | | |
| | * | | | Move ACME docs from INSTALL.md to ACME.mdAndrew Morgan2019-02-051-78/+1
| | | | | |
| | * | | | Re-add link to ACME docs from READMEAndrew Morgan2019-02-051-0/+6
| | | | | |
| | * | | | Merge branch 'release-v0.99.0' of github.com:matrix-org/synapse into ↵Andrew Morgan2019-02-0514-421/+621
| | |\ \ \ \ | | | | | | | | | | | | | | | | | | | | | anoa/self_signed_upgrade
| | * | | | | Convert ACME docs to mdAndrew Morgan2019-02-053-100/+2
| | | | | | |
| | * | | | | Add link to ACME docs from READMEAndrew Morgan2019-02-051-0/+6
| | | | | | |
| | * | | | | Move ACME docs to docs/ACME.rst and link from UPGRADE.Andrew Morgan2019-02-053-98/+102
| | | | | | |
| | * | | | | Don't imply self-signed certs are requiredAndrew Morgan2019-02-051-16/+17
| | | | | | |
| * | | | | | Neilj/1711faq (#4572)Neil Johnson2019-02-053-0/+263
| | |/ / / / | |/| | | | | | | | | | | | | | | | | | | | | | MSC1711 certificates FAQ
| * | | | | Move things from README.rst to UPDATE.md (#4569)Richard van der Hoff2019-02-052-442/+490
| | | | | | | | | | | | | | | | | | The readme was getting pretty unmanageable and hard to grok. This is an attempt to simplify things by moving installation instructions from the README to a separate file. I've tried to resist the temptation to fix too much stuff while I'm here - it mostly just copies-and-pastes from one doc to the other, and changes from rst to md syntax.
| * | | | | Enable ACME support in the docker image (#4566)Richard van der Hoff2019-02-056-41/+116
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also: * Fix wrapping in docker readme * Clean up some docs on the docker image * a workaround for #4554
| * | | | | Docker: only copy what we need to the build image (#4562)Richard van der Hoff2019-02-052-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There are two reasons this is a good thing: * first, it means that you don't end up with stuff kicking around your working copy ending up in the build image by mistake (which can upset the pip install process) * second: it means that the docker image cache is more effective, and we can reuse docker images when iterating on the docker stuff.
| * | | | | Fix default ACME config for py2 (#4564)Richard van der Hoff2019-02-052-1/+2
| | | | | | | | | | | | | | | | | | Fixes #4559
| * | | | | switch docker image to py3 by default (#4558)Richard van der Hoff2019-02-052-4/+5
| | | | | | | | | | | | | | | | | | | | | | | | Switch the matrixdotorg/synapse:latest Docker image to use python 3
| * | | | | fix typo in config comments (#4557)Richard van der Hoff2019-02-052-2/+3
| |/ / / /
| * | | | Merge pull request #4547 from matrix-org/anoa/acme_docsAndrew Morgan2019-02-012-83/+86
| |\ \ \ \ | | | | | | | | | | | | Add docs for ACME setup
| | * | | | Fix nginx capatilizationAndrew Morgan2019-02-011-2/+2
| | | | | |
| | * | | | Address commentsAndrew Morgan2019-02-011-17/+13
| | | | | |
| | * | | | Update README.rstRichard van der Hoff2019-02-011-1/+1
| | | | | | | | | | | | | | | | | | Co-Authored-By: anoadragon453 <1342360+anoadragon453@users.noreply.github.com>
| | * | | | Update README.rstRichard van der Hoff2019-02-011-1/+1
| | | | | | | | | | | | | | | | | | Co-Authored-By: anoadragon453 <1342360+anoadragon453@users.noreply.github.com>
| | * | | | Actually need to enable itAndrew Morgan2019-02-011-0/+8
| | | | | |
| | * | | | Merge branch 'release-v0.99.0' of github.com:matrix-org/synapse into ↵Andrew Morgan2019-02-015-4/+12
| | |\ \ \ \ | | |/ / / / | |/| | | | | | | | | | anoa/acme_docs
| * | | | | 0.99.0rc4 v0.99.0rc4Richard van der Hoff2019-02-015-4/+12
| | | | | |
| | * | | | Address changesAndrew Morgan2019-02-011-22/+13
| | | | | |
| | * | | | Remove error and add link to foks fed tester projectAndrew Morgan2019-02-011-2/+3
| | | | | |
| | * | | | Clean up portions of docs that talk about reversing fed portAndrew Morgan2019-02-011-97/+24
| | | | | |
| | * | | | Add changelogAndrew Morgan2019-02-011-0/+1
| | | | | |
| | * | | | Add docs for ACME setupAndrew Morgan2019-02-011-0/+79
| |/ / / /
* | | / / Filter user directory state query to a subset of state events (#4462)Andrew Morgan2019-02-052-4/+13
| |_|/ / |/| | | | | | | | | | | | | | | | | | | * Filter user directory state query to a subset of state events * Add changelog
* | | | Merge pull request #4546 from ↵Richard van der Hoff2019-02-012-2/+16
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | matrix-org/rav/silence_critical_error_from_federation Fix noisy "twisted.internet.task.TaskStopped" errors in logs
| * | | | Fix noisy "twisted.internet.task.TaskStopped" errors in logsRichard van der Hoff2019-02-012-2/+16
| | | | | | | | | | | | | | | | | | | | Fixes #4003
* | | | | Merge remote-tracking branch 'origin/release-v0.99.0' into developRichard van der Hoff2019-02-013-31/+78
|\ \ \ \ \ | | |/ / / | |/| | |
| * | | | Merge pull request #4544 from matrix-org/rav/skip_invalid_well_knownRichard van der Hoff2019-02-013-30/+77
| |\ \ \ \ | | | | | | | | | | | | Treat an invalid .well-known the same as an absent one
| | * | | | Treat an invalid .well-known the same as an absent oneRichard van der Hoff2019-02-013-30/+77
| | | | | | | | | | | | | | | | | | | | | | | | ... basically, carry on and fall back to SRV etc.
| * | | | | Fix b'ab' noise in logsRichard van der Hoff2019-02-011-1/+1
| |/ / / /
* | | | | Merge branch 'release-v0.99.0' into developRichard van der Hoff2019-02-014-52/+86
|\| | | |
| * | | | Merge pull request #4542 from matrix-org/rav/cache_for_bad_well_knownRichard van der Hoff2019-02-012-17/+59
| |\ \ \ \ | | | | | | | | | | | | Caching for invalid .well-knowns
| | * | | | changelogRichard van der Hoff2019-02-011-0/+1
| | | | | |
| | * | | | Cache failures to parse .well-knownRichard van der Hoff2019-02-011-13/+43
| | | | | | | | | | | | | | | | | | | | | | | | Also add a Measure block around the .well-known fetch
| | * | | | better logging for federation connectionsRichard van der Hoff2019-01-311-5/+16
| | | | | |
| * | | | | Merge pull request #4539 from matrix-org/rav/update_wellknown_routingRichard van der Hoff2019-02-013-35/+27
| |\| | | | | | |/ / / | |/| | | Update federation routing logic to check .well-known before SRV
| | * | | Update federation routing logic to check .well-known before SRVRichard van der Hoff2019-01-313-35/+27
| |/ / /
* | | | Merge pull request #4530 from matrix-org/anoa/room_upgrade_federatableAndrew Morgan2019-01-313-11/+38
|\ \ \ \ | | | | | | | | | | Copy over non-federatable trait on room upgrade
| * | | | Raise an exception instead of returning NoneAndrew Morgan2019-01-311-2/+9
| | | | |
| * | | | New function for getting room's create eventAndrew Morgan2019-01-312-18/+21
| | | | |
| * | | | Merge branch 'develop' of github.com:matrix-org/synapse into ↵Andrew Morgan2019-01-3190-84/+151
| |\ \ \ \ | | | | | | | | | | | | | | | | | | anoa/room_upgrade_federatable
| * | | | | lintAndrew Morgan2019-01-311-2/+4
| | | | | |
| * | | | | Add changelogAndrew Morgan2019-01-301-0/+1
| | | | | |
| * | | | | Copy over non-federatable trait on room upgradeAndrew Morgan2019-01-301-0/+14
| | | | | |
* | | | | | Merge branch 'release-v0.99.0' into developRichard van der Hoff2019-01-316-13/+103
|\ \ \ \ \ \ | |_|/ / / / |/| | / / / | | |/ / / | |/| | |
| * | | | v0.99.0rc3 v0.99.0rc3Richard van der Hoff2019-01-315-4/+22
| | | | |
| * | | | Add some debug for membership syncing issues (#4538)Richard van der Hoff2019-01-312-2/+12
| | | | | | | | | | | | | | | I can't figure out what's going on with #4422 and #4436; perhaps this will help.
| * | | | Fix infinite loop when an event is redacted in a v3 room (#4535)Richard van der Hoff2019-01-312-5/+33
| | | | |
| * | | | update debian installation instructions (#4526)Richard van der Hoff2019-01-312-5/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * update debian installation instructions * docs PR is docs
| * | | | cleanups for contrib/prometheus/READMERichard van der Hoff2019-01-301-0/+7
| | | | |
* | | | | Reject large transactions on federation (#4513)Andrew Morgan2019-01-312-0/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Reject large transactions on federation * Add changelog * lint * Simplify large transaction handling
* | | | | Merge remote-tracking branch 'origin/release-v0.99.0' into developRichard van der Hoff2019-01-3086-84/+117
|\| | | |
| * | | | v0.99.0rc2 v0.99.0rc2Richard van der Hoff2019-01-304-3/+18
| | | | |
| * | | | Merge remote-tracking branch 'origin/develop' into release-v0.99.0Richard van der Hoff2019-01-302-1/+14
| |\ \ \ \
| * | | | | ACME Upgrade Docs (#4528)Amber Brown2019-01-302-0/+33
| | | | | |
| * | | | | Update constants.pyNeil Johnson2019-01-301-1/+1
| | | | | | | | | | | | | | | | | | remove trailing ,
| * | | | | 0.99.0rc1 v0.99.0rc1Richard van der Hoff2019-01-3083-82/+67
| | |/ / / | |/| | |
* | | | | by default include m.room.encryption on invites (#3902)Matthew Hodgson2019-01-303-0/+4
| |/ / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | * by default include m.room.encryption on invites * fix constant * changelog
* | | | Merge pull request #4527 from ↵Erik Johnston2019-01-302-1/+14
|\ \ \ \ | |/ / / |/| | | | | | | | | | | matrix-org/erikj/fix_sending_remote_invite_rejections Fix remote invite rejections not coming down sync
| * | | NewsfileErik Johnston2019-01-301-0/+1
| | | |
| * | | Fix remote invite rejections not comming down syncErik Johnston2019-01-301-1/+13
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | This was broken in PR #4405, commit 886e5ac, where we changed remote rejections to be outliers. The fix is to explicitly add the leave event in when we know its an out of band invite. We can't always add the event as if the server is/was in the room there might be more events to send down the sync than just the leave.
* | | Merge pull request #4472 from matrix-org/neilj/room_capabilitiesErik Johnston2019-01-305-0/+153
|\ \ \ | | | | | | | | Server capabilities support
| * \ \ Merge branch 'neilj/room_capabilities' of github.com:matrix-org/synapse into ↵Neil Johnson2019-01-30123-669/+2451
| |\ \ \ | | | | | | | | | | | | | | | neilj/room_capabilities
| | * \ \ Merge branch 'develop' into neilj/room_capabilitiesNeil Johnson2019-01-30123-669/+2451
| | |\ \ \
| * | | | | isortNeil Johnson2019-01-301-2/+1
| |/ / / /
| * | | | define room dispositions for use in exposing room capabilitiesNeil Johnson2019-01-301-0/+5
| | | | |
| * | | | formatting and use constants where availableNeil Johnson2019-01-301-19/+17
| | | | |
| * | | | Populate default room version from ConstantsNeil Johnson2019-01-301-1/+2
| | | | |
| * | | | reflect that rooms v3 is a stable room versionNeil Johnson2019-01-302-0/+2
| | | | |
| * | | | rework format of change password capabilityNeil Johnson2019-01-292-3/+5
| | | | |
| * | | | update to reflect broadening scopeNeil Johnson2019-01-291-1/+1
| | | | |
| * | | | support change_password in capabilities end-pointNeil Johnson2019-01-292-2/+35
| | | | |
| * | | | isortNeil Johnson2019-01-291-1/+2
| | | | |
| * | | | enforce auth for capabilities endpointNeil Johnson2019-01-292-14/+36
| | | | |
| * | | | register capabilities servletNeil Johnson2019-01-291-0/+2
| | | | |
| * | | | backout v3Neil Johnson2019-01-252-2/+0
| | | | |
| * | | | Support room version capabilities in CS API (MSC1804)Neil Johnson2019-01-252-0/+88
| | | | |
| * | | | towncrierNeil Johnson2019-01-251-0/+1
| | | | |
| * | | | track unstable room v3Neil Johnson2019-01-251-0/+2
| | | | |
* | | | | Fix replication for room v3 (#4523)Erik Johnston2019-01-302-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Fix replication for room v3 We were not correctly quoting the path fragments over http replication, which meant that it exploded when the event IDs had a slash in them * Newsfile
* | | | | ACME config cleanups (#4525)Richard van der Hoff2019-01-305-60/+115
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Handle listening for ACME requests on IPv6 addresses the weird url-but-not-actually-a-url-string doesn't handle IPv6 addresses without extra quoting. Building a string which you are about to parse again seems like a weird choice. Let's just use listenTCP, which is consistent with what we do elsewhere. * Clean up the default ACME config make it look a bit more consistent with everything else, and tweak the defaults to listen on port 80. * newsfile
* | | | | Merge pull request #4524 from matrix-org/erikj/fix_no_tlsErik Johnston2019-01-302-1/+4
|\ \ \ \ \ | | | | | | | | | | | | Fix bug where synapse fails to start if no_tls set
| * | | | | Raise ConfigError insteadErik Johnston2019-01-301-1/+3
| | | | | |
| * | | | | NewsfileErik Johnston2019-01-301-0/+1
| | | | | |
| * | | | | _listener_http should return a listErik Johnston2019-01-301-1/+1
|/ / / / /
* | | | | Merge pull request #4521 from matrix-org/rav/fed_routing/cleanupsRichard van der Hoff2019-01-302-9/+12
|\ \ \ \ \ | | | | | | | | | | | | Tiny .well-known fixes
| * | | | | newsfileRichard van der Hoff2019-01-301-0/+1
| | | | | |
| * | | | | fix exception textRichard van der Hoff2019-01-301-1/+1
| | | | | |
| * | | | | Also jitter the invalid cache periodRichard van der Hoff2019-01-301-9/+11
| | | | | |
* | | | | | Follow redirects on .well-known (#4520)Richard van der Hoff2019-01-303-2/+102
| | | | | |
* | | | | | SIGHUP for TLS cert reloading (#4495)Amber Brown2019-01-305-20/+81
|/ / / / /
* | | | | Add a caching layer to .well-known responses (#4516)Richard van der Hoff2019-01-306-10/+493
| | | | |
* | | | | Fix flake8 (#4519)Amber Brown2019-01-3012-102/+94
| |/ / / |/| | |
* | | | Merge pull request #4486 from xperimental/workaround-4216Richard van der Hoff2019-01-302-1/+5
|\ \ \ \ | | | | | | | | | | Implement workaround for login error.
| * | | | Implement workaround for login error.Robert Jacob2019-01-302-1/+5
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Robert Jacob <xperimental@solidproject.de>
* | | | | Merge pull request #4515 from matrix-org/erikj/room_version_v3Erik Johnston2019-01-295-4/+14
|\ \ \ \ \ | | | | | | | | | | | | Enable support for room version 3
| * | | | | No vdh tests!Erik Johnston2019-01-291-2/+1
| | | | | |
| * | | | | NewsfileErik Johnston2019-01-291-0/+1
| | | | | |
| * | | | | Enable room version v3Erik Johnston2019-01-294-4/+14
|/ / / / /
* | | | | Merge pull request #4499 from matrix-org/erikj/redactions_eiahErik Johnston2019-01-298-16/+77
|\ \ \ \ \ | | | | | | | | | | | | Implement rechecking of redactions for room versions v3
| * \ \ \ \ Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2019-01-299-46/+77
| |\ \ \ \ \ | |/ / / / / |/| | | | | | | | | | | erikj/redactions_eiah
* | | | | | Merge pull request #4514 from matrix-org/erikj/remove_event_idErik Johnston2019-01-299-47/+83
|\ \ \ \ \ \ | | | | | | | | | | | | | | Remove usages of event ID's domain
| * | | | | | Update commentErik Johnston2019-01-291-3/+3
| | | | | | |
| * | | | | | check event format version not room versionErik Johnston2019-01-291-2/+2
| | | | | | |
| * | | | | | NewsfileErik Johnston2019-01-291-0/+1
| | | | | | |
| * | | | | | Don't assert an event must have an event IDErik Johnston2019-01-291-2/+3
| | | | | | |
| * | | | | | Only check event ID domain for signatures for V1 eventsErik Johnston2019-01-293-31/+44
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In future version events won't have an event ID, so we won't be able to do this check.
| * | | | | | Use event origin for filtering incoming eventsErik Johnston2019-01-291-4/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We only process events sent to us from a server if the event ID matches the server, to help guard against federation storms. We replace this with a check against the event origin.
| * | | | | | Use snder and not event ID domain to check if oursErik Johnston2019-01-292-1/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The transaction queue only sends out events that we generate. This was done by checking domain of event ID, but that can no longer be used. Instead, we may as well use the sender field.
| * | | | | | Remove event ID usage when checking if new roomErik Johnston2019-01-291-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The event ID is changing, so we can no longer get the domain from it. On the other hand, the check is unnecessary.
| * | | | | | Only check event IDs domain signed event for V1 and V2Erik Johnston2019-01-291-5/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Since newer versions of events don't have the same format for event ID.
| | * | | | | Fixup commentErik Johnston2019-01-291-2/+2
| | | | | | |
| | * | | | | kill vdh test some moreErik Johnston2019-01-291-2/+1
| | | | | | |
| | * | | | | Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2019-01-2954-288/+1051
| | |\ \ \ \ \ | |_|/ / / / / |/| | | | | | | | | | | | | erikj/redactions_eiah
* | | | | | | Merge pull request #4483 from matrix-org/erikj/event_v2Erik Johnston2019-01-295-19/+109
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Implement event format V2
| * | | | | | | NewsfileErik Johnston2019-01-291-0/+1
| | | | | | | |
| * | | | | | | Implement event format v2Erik Johnston2019-01-294-19/+108
| | | | | | | |
* | | | | | | | Merge pull request #4512 from matrix-org/anoa/consent_dirAndrew Morgan2019-01-293-11/+15
|\ \ \ \ \ \ \ \ | |/ / / / / / / |/| | | | | | | Check consent dir path on startup
| * | | | | | | Add changelogAndrew Morgan2019-01-291-0/+1
| | | | | | | |