summary refs log tree commit diff
Commit message (Collapse)AuthorAgeFilesLines
* changelogRichard van der Hoff2019-06-241-0/+1
|
* Don't load the generated config as the default.Richard van der Hoff2019-06-2429-94/+60
| | | | It's too confusing.
* Ensure that all config options have sensible defaultsRichard van der Hoff2019-06-244-13/+27
| | | | | This will enable us to skip the unintuitive behaviour where the generated config and default config are the same thing.
* Merge pull request #5516 from matrix-org/rav/acme_key_pathRichard van der Hoff2019-06-2410-12/+62
|\ | | | | Allow configuration of the path used for ACME account keys.
| * changelogRichard van der Hoff2019-06-245-2/+3
| |
| * Remove unused Config.config_dir_path attributeRichard van der Hoff2019-06-241-3/+0
| | | | | | | | This is no longer used and only serves to confuse.
| * Allow configuration of the path used for ACME account keys.Richard van der Hoff2019-06-244-7/+59
|/ | | | | Because sticking it in the same place as the config isn't necessarily the right thing to do.
* Pass config_dir_path and data_dir_path into Config.read_config. (#5522)Richard van der Hoff2019-06-2435-67/+104
| | | | | | * Pull config_dir_path and data_dir_path calculation out of read_config_files * Pass config_dir_path and data_dir_path into read_config
* Factor acme bits out to a separate file (#5521)Richard van der Hoff2019-06-243-53/+94
| | | This makes some of the conditional-import hoop-jumping easier.
* Merge pull request #5498 from matrix-org/rav/fix_clock_reversalRichard van der Hoff2019-06-242-6/+15
|\ | | | | Use monotonic clock where possible for metrics
| * Use monotonic clock where possible for metricsRichard van der Hoff2019-06-192-6/+15
| | | | | | | | | | | | | | | | Fixes intermittent errors observed on Apple hardware which were caused by time.clock() appearing to go backwards when called from different threads. Also fixes a bug where database activity times were logged as 1/1000 of their correct ratio due to confusion between milliseconds and seconds.
* | Drop support for cpu_affinity (#5525)Richard van der Hoff2019-06-226-74/+2
| | | | | | This has no useful purpose on python3, and is generally a source of confusion.
* | Improve help and cmdline option names for --generate-config options (#5512)Richard van der Hoff2019-06-212-22/+29
| | | | | | | | | | | | | | * group the arguments together into a group * add new names "--generate-missing-config" and "--config-directory" for existing cmdline options "--generate-keys" and "--keys-dir", which better reflect their purposes.
* | Refactor Config parser and add some comments. (#5511)Richard van der Hoff2019-06-212-14/+36
| | | | | | | | Add some comments, and simplify `read_config_files`.
* | Improve logging when generating config files (#5510)Richard van der Hoff2019-06-214-1/+8
| | | | | | Make it a bit clearer what's going on.
* | Only import jinja2 when needed (#5514)Andrew Morgan2019-06-212-1/+3
| | | | | | | | | | | | | | Fixes https://github.com/matrix-org/synapse/issues/5431 `jinja2` was being imported even when it wasn't strictly necessary. This made it required to run Synapse, even if the functionality that required it wasn't enabled. This was causing new Synapse installations to crash on startup. Email modules are now required.
* | Fix "Unexpected entry in 'full_schemas'" log warning (#5509)Richard van der Hoff2019-06-212-1/+2
| | | | | | | | | | There is a README.txt which always sets off this warning, which is a bit alarming when you first start synapse. I don't think we need to warn about this.
* | Fix logging error when a tampered event is detected. (#5500)Richard van der Hoff2019-06-212-1/+1
| |
* | Merge pull request #5513 from matrix-org/erikj/fix_messages_tokenErik Johnston2019-06-212-0/+3
|\ \ | | | | | | Fix /messages on worker when no token supplied
| * | NewsfileErik Johnston2019-06-211-0/+1
| | |
| * | Fix /messages on worker when no token suppliedErik Johnston2019-06-211-0/+2
|/ /
* | Merge pull request #5505 from matrix-org/erikj/messages_workerErik Johnston2019-06-213-0/+10
|\ \ | | | | | | Support pagination API in client_reader worker
| * | Update docs/workers.rst Erik Johnston2019-06-211-1/+1
| | | | | | | | | | | | | | | E_TOO_MANY_NEGATIVES Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
| * | NewsfileErik Johnston2019-06-211-0/+1
| | |
| * | Support pagination API in client_reader workerErik Johnston2019-06-212-0/+9
|/ /
* | Merge pull request #5476 from matrix-org/erikj/histogram_extremitiesErik Johnston2019-06-213-1/+37
|\ \ | | | | | | Add metrics for length of new extremities persisted.
| * | BlackErik Johnston2019-06-201-2/+2
| | |
| * | Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2019-06-20400-10564/+9688
| |\ \ | | | | | | | | | | | | erikj/histogram_extremities
| * | | Add descriptions and remove redundant set(..)Erik Johnston2019-06-192-4/+7
| | | |
| * | | Only count non-cache state resolutionErik Johnston2019-06-181-3/+3
| | | |
| * | | Use consistent bucketsErik Johnston2019-06-181-1/+1
| | | |
| * | | NewsfileErik Johnston2019-06-171-0/+1
| | | |
| * | | Add metric fo number of state groups in resolutionErik Johnston2019-06-171-0/+10
| | | |
| * | | Add metrics for len of new extremities persisted.Erik Johnston2019-06-171-1/+23
| | | | | | | | | | | | | | | | | | | | Of new events being persisted add metrics for total size of forward extremities and number of unchanged, "stale" extremities.
* | | | Improve email notification logging (#5502)Neil Johnson2019-06-202-1/+2
| |/ / |/| |
* | | Run Black. (#5482)Amber Brown2019-06-20376-10399/+9153
| | |
* | | Merge pull request #5042 from matrix-org/erikj/fix_get_missing_events_errorErik Johnston2019-06-192-9/+20
|\ \ \ | | | | | | | | Handle the case of `get_missing_events` failing
| * | | Fix loglineErik Johnston2019-06-181-1/+1
| | | |
| * | | Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2019-06-18387-9715/+17324
| |\ \ \ | | | | | | | | | | | | | | | erikj/fix_get_missing_events_error
| * | | | NewsfileErik Johnston2019-04-101-0/+1
| | | | |
| * | | | Handle the case of `get_missing_events` failingErik Johnston2019-04-101-9/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently if a call to `/get_missing_events` fails we log an exception and stop processing the top level event we received over federation. Instead let's try and handle it sensibly given it is a somewhat expected failure mode.
* | | | | Merge pull request #5480 from matrix-org/erikj/extremities_dummy_eventsErik Johnston2019-06-197-1/+166
|\ \ \ \ \ | | | | | | | | | | | | Add experimental option to reduce extremities.
| * | | | | Run as background process and fix commentsErik Johnston2019-06-193-4/+7
| | | | | |
| * | | | | NewsfileErik Johnston2019-06-181-0/+1
| | | | | |
| * | | | | Add experimental option to reduce extremities.Erik Johnston2019-06-186-1/+162
| | |_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | Adds new config option `cleanup_extremities_with_dummy_events` which periodically sends dummy events to rooms with more than 10 extremities. THIS IS REALLY EXPERIMENTAL.
* | | | | Merge pull request #5490 from matrix-org/rav/xmlsec_in_dockerRichard van der Hoff2019-06-192-1/+4
|\ \ \ \ \ | | | | | | | | | | | | Include xmlsec in the docker image
| * | | | | changelogRichard van der Hoff2019-06-181-0/+1
| | | | | |
| * | | | | Include xmlsec in the docker imageRichard van der Hoff2019-06-181-1/+3
| | |_|/ / | |/| | | | | | | | | | | | | Fixes #5467.
* | | | | Merge pull request #5493 from matrix-org/babolivier/deactivate_bg_job_typoBrendan Abolivier2019-06-192-1/+2
|\ \ \ \ \ | | | | | | | | | | | | Fix typo in deactivation background job
| * | | | | Fix typo in deactivation background jobBrendan Abolivier2019-06-192-1/+2
|/ / / / /
* | | | | Merge pull request #4276 from Ralith/performance-adviceRichard van der Hoff2019-06-183-7/+29
|\ \ \ \ \ | | | | | | | | | | | | Improve advice regarding poor performance
| * | | | | README.rst: fix header levelRichard van der Hoff2019-06-181-1/+1
| | | | | |
| * | | | | Improve advice regarding poor performanceBenjamin Saunders2019-06-093-7/+29
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Benjamin Saunders <ben.e.saunders@gmail.com>
* | | | | | Add some logging to 3pid invite sig verification (#5015)David Baker2019-06-182-8/+39
| |/ / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I had to add quite a lot of logging to diagnose a problem with 3pid invites - we only logged the one failure which isn't all that informative. NB. I'm not convinced the logic of this loop is right: I think it should just accept a single valid signature from a trusted source rather than fail if *any* signature is invalid. Also it should probably not skip the rest of middle loop if a check fails? However, I'm deliberately not changing the logic here.
* | | | | Fix seven contrib files with Python syntax errors (#5446)cclauss2019-06-187-119/+131
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Fix seven contrib files with Python syntax errors Signed-off-by: cclauss <cclauss@me.com>
* | | | | Merge pull request #5477 from matrix-org/babolivier/third_party_rules_3pidBrendan Abolivier2019-06-173-1/+43
|\ \ \ \ \ | | | | | | | | | | | | Add third party rules hook for 3PID invites
| * | | | | Make check_threepid_can_be_invited asyncBrendan Abolivier2019-06-171-0/+1
| | | | | |
| * | | | | ChangelogBrendan Abolivier2019-06-171-0/+1
| | | | | |
| * | | | | Add third party rules hook for 3PID invitesBrendan Abolivier2019-06-172-1/+41
| | | | | |
* | | | | | Merge pull request #5479 from matrix-org/erikj/add_create_room_hook_developErik Johnston2019-06-173-4/+49
|\ \ \ \ \ \ | | | | | | | | | | | | | | Add third party rules hook into create room
| * | | | | | NewsfileErik Johnston2019-06-171-0/+1
| |/ / / / /
| * | / / / Add third party rules hook into create roomErik Johnston2019-06-172-4/+48
| | |/ / / | |/| | |
* | | | | Merge pull request #5478 from matrix-org/joriks/demo_python3Jorik Schellekens2019-06-173-4/+71
|\ \ \ \ \ | | | | | | | | | | | | Joriks/demo python3
| * | | | | ChangelogJorik Schellekens2019-06-171-0/+1
| | | | | |
| * | | | | One shot demo server startupJorik Schellekens2019-06-172-4/+70
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Configure the demo servers to use untrusted tls certs so that they communicate with each other. This configuration makes them very unsafe so I've added warnings about it in the readme.
* | | | | | Remove Postgres 9.4 support (#5448)Amber Brown2019-06-1810-79/+50
| |/ / / / |/| | | |
* | | | | Merge pull request #5385 from matrix-org/erikj/reduce_http_exceptionsErik Johnston2019-06-175-19/+29
|\ \ \ \ \ | | | | | | | | | | | | Handle HttpResponseException when using federation client.
| * | | | | Handle failing to talk to master over replicationErik Johnston2019-06-071-1/+9
| | | | | |
| * | | | | NewsfileErik Johnston2019-06-071-0/+1
| | | | | |
| * | | | | Handle HttpResponseException when using federation client.Erik Johnston2019-06-073-18/+19
| | | | | | | | | | | | | | | | | | | | | | | | Otherwise we just log exceptions everywhere.
* | | | | | Merge pull request #5388 from matrix-org/erikj/fix_email_pushErik Johnston2019-06-175-30/+124
|\ \ \ \ \ \ | | | | | | | | | | | | | | Fix email notifications for unnamed rooms with multiple people
| * | | | | | NewsfileErik Johnston2019-06-071-0/+1
| | | | | | |
| * | | | | | Add testErik Johnston2019-06-073-8/+70
| | | | | | |
| * | | | | | Refactor email testsErik Johnston2019-06-071-22/+42
| | | | | | |
| * | | | | | Fix email notifications for large unnamed rooms.Erik Johnston2019-06-071-0/+11
| |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we try and calculate a description for a room for with no name but multiple other users we threw an exception (due to trying to subscript result of `dict.values()`).
* | | | | | Merge pull request #5389 from matrix-org/erikj/renew_attestations_on_masterErik Johnston2019-06-172-3/+5
|\ \ \ \ \ \ | | | | | | | | | | | | | | Only start background group attestation renewals on master
| * | | | | | NewsfileErik Johnston2019-06-071-0/+1
| | | | | | |
| * | | | | | Only start background group attestation renewals on masterErik Johnston2019-06-071-3/+4
| | | | | | |
* | | | | | | Move SyTest to Buildkite (#5459)Amber Brown2019-06-176-76/+247
| | | | | | | | | | | | | | | | | | | | | Including workers!
* | | | | | | Merge pull request #5464 from matrix-org/erikj/3pid_remote_invite_stateErik Johnston2019-06-173-7/+2
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Fix 3PID invite room state over federation.
| * | | | | | | NewsfileErik Johnston2019-06-141-0/+1
| | | | | | | |
| * | | | | | | Fix 3PID invite room state over federation.Erik Johnston2019-06-141-6/+0
| | |_|_|_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes that when a user exchanges a 3PID invite for a proper invite over federation it does not include the `invite_room_state` key. This was due to synapse incorrectly sending out two invite requests.
| * | | | | | Change to absolute path for contrib/dockerNeil Johnson2019-06-131-1/+1
| | | | | | | | | | | | | | | | | | | | | because this file is reproduced on dockerhub and relative paths don't work
* | | | | | | Merge pull request #5440 from matrix-org/babolivier/third_party_event_rulesBrendan Abolivier2019-06-149-4/+284
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Allow server admins to define implementations of extra rules for allowing or denying incoming events
| * | | | | | | Add plugin APIs for implementations of custom event rules.Brendan Abolivier2019-06-149-4/+284
| | | | | | | |
* | | | | | | | Merge pull request #5461 from matrix-org/erikj/histograms_are_cumalitiveErik Johnston2019-06-144-12/+13
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | Prometheus histograms are cumalative
| * | | | | | | | NewsfileErik Johnston2019-06-141-0/+1
| | | | | | | | |
| * | | | | | | | Prometheus histograms are cumalativeErik Johnston2019-06-143-12/+12
| | | | | | | | |
* | | | | | | | | Merge pull request #5465 from matrix-org/babolivier/fix_deactivation_bg_jobBrendan Abolivier2019-06-142-2/+6
|\ \ \ \ \ \ \ \ \ | |_|_|_|_|_|/ / / |/| | | | | | | | Fix background job for deactivated flag
| * | | | | | | | Fix changelogBrendan Abolivier2019-06-142-1/+2
| | | | | | | | |
| * | | | | | | | ChangelogBrendan Abolivier2019-06-141-0/+1
| | | | | | | | |
| * | | | | | | | Fix background job for deactivated flagBrendan Abolivier2019-06-141-2/+4
| | | | | | | | |
* | | | | | | | | Merge pull request #5462 from ↵Brendan Abolivier2019-06-146-27/+68
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | matrix-org/babolivier/account_validity_deactivated_accounts_2 Don't send renewal emails to deactivated users (second attempt)
| * | | | | | | | Don't send renewal emails to deactivated usersBrendan Abolivier2019-06-146-27/+68
| |/ / / / / / /
* | | | | | | | Merge pull request #5460 from matrix-org/joriks/demo_python3Jorik Schellekens2019-06-142-2/+3
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | Use python3 in the demo
| * | | | | | | | ChangelogJorik Schellekens2019-06-141-0/+1
| | | | | | | | |
| * | | | | | | | Use python3 in the demoJorik Schellekens2019-06-141-2/+2
| | | | | | | | |
* | | | | | | | | Merge pull request #5390 from matrix-org/erikj/dont_log_on_fail_to_get_fileErik Johnston2019-06-143-6/+14
|\ \ \ \ \ \ \ \ \ | |_|/ / / / / / / |/| | | | | | | | Don't log exception when failing to fetch remote content.
| * | | | | | | | NewsfileErik Johnston2019-06-071-0/+1
| | | | | | | | |
| * | | | | | | | Don't log exception when failing to fetch remote content.Erik Johnston2019-06-072-6/+13
| | |_|_|/ / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In particular, let's not log stack traces when we stop processing becuase the response body was too large.
* | | | | | | | Track deactivated accounts in the database (#5378)Brendan Abolivier2019-06-145-0/+183
| | | | | | | |
* | | | | | | | Merge pull request #5458 from matrix-org/hawkowl/fix-prometheusErik Johnston2019-06-143-39/+25
|\ \ \ \ \ \ \ \ | |_|/ / / / / / |/| | | | | | | Fix Prometheus erroring after the extremities monitoring
| * | | | | | | changelogAmber H. Brown2019-06-141-0/+1
| | | | | | | |
| * | | | | | | fix prometheus rendering errorAmber H. Brown2019-06-142-39/+24
|/ / / / / / /
* | | | | | | Updates to the federation_client script (#5447)Richard van der Hoff2019-06-132-5/+39
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * py3 fixes for federation_client * .well-known support for federation_client
* | | | | | | Clean up code for sending federation EDUs. (#5381)Richard van der Hoff2019-06-132-14/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | This code confused the hell out of me today. Split _get_new_device_messages into its two (unrelated) parts.
* | | | | | | Expose statistics on extrems to prometheus (#5384)Amber Brown2019-06-137-114/+331
| | | | | | |
* | | | | | | Remove Python 2.7 support. (#5425)Amber Brown2019-06-129-170/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * remove 2.7 from CI and publishing * fill out classifiers and also make it not be installed on 3.5 * some minor bumps so that the old deps work on python 3.5
* | | | | | | Merge branch 'master' of github.com:matrix-org/synapse into developErik Johnston2019-06-1118-50/+394
|\ \ \ \ \ \ \ | | |_|/ / / / | |/| | | | |
| * | | | | | 1.0.0 v1.0.0Erik Johnston2019-06-116-4/+28
| | | | | | |
| * | | | | | Merge pull request #5424 from matrix-org/erikj/change_password_reset_linksErik Johnston2019-06-1112-32/+262
| |\ \ \ \ \ \ | | | | | | | | | | | | | | | | Change password reset links to /_matrix.
| | * | | | | | Bump bleach version so that tests can run on old deps.Erik Johnston2019-06-115-25/+1
| | | | | | | |
| | * | | | | | NewsfileErik Johnston2019-06-111-0/+1
| | | | | | | |
| | * | | | | | Change password reset links to /_matrix.Erik Johnston2019-06-116-7/+260
| | | |/ / / / | | |/| | | |
| * / | | | | Neilj/improve federation docs (#5419)Neil Johnson2019-06-114-16/+106
| |/ / / / / | | | | | | | | | | | | | | | | | | Add FAQ questions to federate.md. Add a health warning making it clear that the 1711 upgrade FAQ is now out of date.
* | | | | | Merge branch 'release-v1.0.0' of github.com:matrix-org/synapse into developErik Johnston2019-06-116-2/+14
|\| | | | |
| * | | | | 1.0.0rc3 v1.0.0rc3Erik Johnston2019-06-112-1/+7
| | | | | |
| * | | | | Fix defaults on checking threepidsErik Johnston2019-06-102-1/+2
| | | | | |
| * | | | | Merge pull request #5418 from matrix-org/erikj/fix_send_fed_with_limit_zeroErik Johnston2019-06-102-0/+5
| |\ \ \ \ \ | | | | | | | | | | | | | | Fix bug sending federation transactions with lots of EDUs
| | * | | | | Update changelog.d/5418.bugfixErik Johnston2019-06-101-1/+1
| | | | | | | | | | | | | | | | | | | | | Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
| | * | | | | NewsfileErik Johnston2019-06-101-0/+1
| | | | | | |
| | * | | | | Fix bug sending federation transactions with lots of EDUsErik Johnston2019-06-101-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If we try and send a transaction with lots of EDUs and we run out of space, we call get_new_device_msgs_for_remote with a limit of 0, which then failed.
* | | | | | | Don't warn user about password reset disabling through config code (#5387)Andrew Morgan2019-06-113-10/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Moves the warning about password resets being disabled to the point where a user actually tries to reset their password. Is this an appropriate place for it to happen? Also removed the disabling of msisdn password resets when you don't have an email config, as that just doesn't make sense. Also change the error a user receives upon disabled passwords to specify that only email-based password reset is disabled.
* | | | | | | add monthly active users to phonehome stats (#5252)Neil Johnson2019-06-103-15/+31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * add monthly active users to phonehome stats
* | | | | | | Merge branch 'release-v1.0.0' of github.com:matrix-org/synapse into developErik Johnston2019-06-1014-195/+489
|\| | | | | |
| * | | | | | 1.0.0rc2 v1.0.0rc2Erik Johnston2019-06-105-4/+12
| | | | | | |
| * | | | | | Merge pull request #5417 from matrix-org/rav/shared_ssl_contextErik Johnston2019-06-1010-182/+455
| |\ \ \ \ \ \ | | |/ / / / / | |/| | | | | Share an SSL context object between SSL connections
| | * | | | | fix ci on py2, againRichard van der Hoff2019-06-101-1/+1
| | | | | | |
| | * | | | | rename gutwrenched attrRichard van der Hoff2019-06-101-5/+9
| | | | | | |
| | * | | | | fix CI on python 2.7Richard van der Hoff2019-06-101-6/+4
| | | | | | |
| | * | | | | fix build failsRichard van der Hoff2019-06-102-1/+4
| | | | | | |
| | * | | | | Tests for SSL certs for federation connectionsRichard van der Hoff2019-06-106-106/+343
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Add some tests for bad certificates for federation and .well-known connections
| | * | | | | Fix federation connections to literal IP addressesRichard van der Hoff2019-06-102-6/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | turns out we need a shiny version of service_identity to enforce this correctly.
| | * | | | | clean up impl, and import idna directlyRichard van der Hoff2019-06-102-15/+12
| | | | | | |
| | * | | | | Share an SSL context object between SSL connectionsRichard van der Hoff2019-06-091-60/+89
| | | | | | | | | | | | | | | | | | | | | | | | | | | | This involves changing how the info callbacks work.
| * | | | | | Merge branch 'erikj/fix_null_valid_until_ms' of ↵Erik Johnston2019-06-103-1/+58
| |\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | github.com:matrix-org/synapse into release-v1.0.0
| * | | | | | | Improve startup checks for insecure notary configs (#5392)Richard van der Hoff2019-06-103-11/+24
| | |/ / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It's not really a problem to trust notary responses signed by the old key so long as we are also doing TLS validation. This commit adds a check to the config parsing code at startup to check that we do not have the insecure matrix.org key without tls validation, and refuses to start without it. This allows us to remove the rather alarming-looking warning which happens at runtime.
* | | | | | | Merge pull request #5415 from matrix-org/erikj/fix_null_valid_until_msErik Johnston2019-06-103-1/+58
|\ \ \ \ \ \ \ | | |/ / / / / | |/| | | | | Fix key verification when key stored with null valid_until_ms
| * | | | | | NewsfileErik Johnston2019-06-101-0/+1
| | | | | | |
| * | | | | | Fix key verification when key stored with null valid_until_msErik Johnston2019-06-102-1/+57
| |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some keys are stored in the synapse database with a null valid_until_ms which caused an exception to be thrown when using that key. We fix this by treating nulls as zeroes, i.e. they keys will match verification requests with a minimum_valid_until_ms of zero (i.e. don't validate ts) but will not match requests with a non-zero minimum_valid_until_ms. Fixes #5391.
* | | | | | Merge pull request #5412 from SohamG/fix-4130Erik Johnston2019-06-102-3/+17
|\ \ \ \ \ \ | | | | | | | | | | | | | | Add --no-daemonize option to synctl
| * | | | | | Accidentally reversed pep8 fixed before, fixed nowsohamg2019-06-101-1/+1
| | | | | | |
| * | | | | | Edited description to note that the arg will not work with daemonize set in ↵sohamg2019-06-101-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | the config.
| * | | | | | Resolved pep8 extra spacing issuesohamg2019-06-101-1/+1
| | | | | | |
| * | | | | | Added changelog file.sohamg2019-06-101-0/+1
| | | | | | |
| * | | | | | - Fix https://github.com/matrix-org/synapse/issues/4130sohamg2019-06-101-3/+15
| | |_|_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | - Add parser argument "--no-daemonize" Signed-off-by: sohamg <sohamg2@gmail.com>
* | | | | | Merge pull request #5325 from matrix-org/babolivier/port_db_account_validityBrendan Abolivier2019-06-102-0/+2
|\ \ \ \ \ \ | | | | | | | | | | | | | | Add account_validity's email_sent column to the list of boolean columns in synapse_port_db
| * | | | | | Rewrite changelogBrendan Abolivier2019-06-051-1/+1
| | | | | | |
| * | | | | | Merge branch 'develop' into babolivier/port_db_account_validityBrendan Abolivier2019-06-0451-417/+529
| |\ \ \ \ \ \
| * | | | | | | ChangelogBrendan Abolivier2019-06-031-0/+1
| | | | | | | |
| * | | | | | | Add account_validity's email_sent column to the list of boolean columns in ↵Brendan Abolivier2019-06-031-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | synapse_port_db Fixes #5306
* | | | | | | | Merge pull request #5363 from ↵Brendan Abolivier2019-06-104-3/+50
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | matrix-org/babolivier/account_validity_send_mail_auth Don't check whether the user's account is expired on /send_mail requests
| * | | | | | | | Better wordingBrendan Abolivier2019-06-101-1/+1
| | | | | | | | |
| * | | | | | | | DocBrendan Abolivier2019-06-101-0/+5
| | | | | | | | |
| * | | | | | | | Gah towncrierBrendan Abolivier2019-06-051-1/+1
| | | | | | | | |
| * | | | | | | | ChangelogBrendan Abolivier2019-06-051-0/+1
| | | | | | | | |
| * | | | | | | | Don't check whether the user's account is expired on /send_mail requestsBrendan Abolivier2019-06-053-3/+44
| | | | | | | | |
* | | | | | | | | Liberapay is now officially recognised, update FUNDING.yml (#5386)Andrew Morgan2019-06-092-1/+3
| |_|_|_|_|/ / / |/| | | | | | |
* | | | | | | | Merge tag 'v1.0.0rc1' into developNeil Johnson2019-06-0781-83/+84
|\ \ \ \ \ \ \ \ | | |_|_|_|/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.0.0rc1 (2019-06-07) ============================= Features -------- - Synapse now more efficiently collates room statistics. ([\#4338](https://github.com/matrix-org/synapse/issues/4338), [\#5260](https://github.com/matrix-org/synapse/issues/5260), [\#5324](https://github.com/matrix-org/synapse/issues/5324)) - Add experimental support for relations (aka reactions and edits). ([\#5220](https://github.com/matrix-org/synapse/issues/5220)) - Ability to configure default room version. ([\#5223](https://github.com/matrix-org/synapse/issues/5223), [\#5249](https://github.com/matrix-org/synapse/issues/5249)) - Allow configuring a range for the account validity startup job. ([\#5276](https://github.com/matrix-org/synapse/issues/5276)) - CAS login will now hit the r0 API, not the deprecated v1 one. ([\#5286](https://github.com/matrix-org/synapse/issues/5286)) - Validate federation server TLS certificates by default (implements [MSC1711](https://github.com/matrix-org/matrix-doc/blob/master/proposals/1711-x509-for-federation.md)). ([\#5359](https://github.com/matrix-org/synapse/issues/5359)) - Update /_matrix/client/versions to reference support for r0.5.0. ([\#5360](https://github.com/matrix-org/synapse/issues/5360)) - Add a script to generate new signing-key files. ([\#5361](https://github.com/matrix-org/synapse/issues/5361)) - Update upgrade and installation guides ahead of 1.0. ([\#5371](https://github.com/matrix-org/synapse/issues/5371)) - Replace the `perspectives` configuration section with `trusted_key_servers`, and make validating the signatures on responses optional (since TLS will do this job for us). ([\#5374](https://github.com/matrix-org/synapse/issues/5374)) - Add ability to perform password reset via email without trusting the identity server. ([\#5377](https://github.com/matrix-org/synapse/issues/5377)) - Set default room version to v4. ([\#5379](https://github.com/matrix-org/synapse/issues/5379)) Bugfixes -------- - Fixes client-server API not sending "m.heroes" to lazy-load /sync requests when a rooms name or its canonical alias are empty. Thanks to @dnaf for this work! ([\#5089](https://github.com/matrix-org/synapse/issues/5089)) - Prevent federation device list updates breaking when processing multiple updates at once. ([\#5156](https://github.com/matrix-org/synapse/issues/5156)) - Fix worker registration bug caused by ClientReaderSlavedStore being unable to see get_profileinfo. ([\#5200](https://github.com/matrix-org/synapse/issues/5200)) - Fix race when backfilling in rooms with worker mode. ([\#5221](https://github.com/matrix-org/synapse/issues/5221)) - Fix appservice timestamp massaging. ([\#5233](https://github.com/matrix-org/synapse/issues/5233)) - Ensure that server_keys fetched via a notary server are correctly signed. ([\#5251](https://github.com/matrix-org/synapse/issues/5251)) - Show the correct error when logging out and access token is missing. ([\#5256](https://github.com/matrix-org/synapse/issues/5256)) - Fix error code when there is an invalid parameter on /_matrix/client/r0/publicRooms ([\#5257](https://github.com/matrix-org/synapse/issues/5257)) - Fix error when downloading thumbnail with missing width/height parameter. ([\#5258](https://github.com/matrix-org/synapse/issues/5258)) - Fix schema update for account validity. ([\#5268](https://github.com/matrix-org/synapse/issues/5268)) - Fix bug where we leaked extremities when we soft failed events, leading to performance degradation. ([\#5274](https://github.com/matrix-org/synapse/issues/5274), [\#5278](https://github.com/matrix-org/synapse/issues/5278), [\#5291](https://github.com/matrix-org/synapse/issues/5291)) - Fix "db txn 'update_presence' from sentinel context" log messages. ([\#5275](https://github.com/matrix-org/synapse/issues/5275)) - Fix dropped logcontexts during high outbound traffic. ([\#5277](https://github.com/matrix-org/synapse/issues/5277)) - Fix a bug where it is not possible to get events in the federation format with the request `GET /_matrix/client/r0/rooms/{roomId}/messages`. ([\#5293](https://github.com/matrix-org/synapse/issues/5293)) - Fix performance problems with the rooms stats background update. ([\#5294](https://github.com/matrix-org/synapse/issues/5294)) - Fix noisy 'no key for server' logs. ([\#5300](https://github.com/matrix-org/synapse/issues/5300)) - Fix bug where a notary server would sometimes forget old keys. ([\#5307](https://github.com/matrix-org/synapse/issues/5307)) - Prevent users from setting huge displaynames and avatar URLs. ([\#5309](https://github.com/matrix-org/synapse/issues/5309)) - Fix handling of failures when processing incoming events where calling `/event_auth` on remote server fails. ([\#5317](https://github.com/matrix-org/synapse/issues/5317)) - Ensure that we have an up-to-date copy of the signing key when validating incoming federation requests. ([\#5321](https://github.com/matrix-org/synapse/issues/5321)) - Fix various problems which made the signing-key notary server time out for some requests. ([\#5333](https://github.com/matrix-org/synapse/issues/5333)) - Fix bug which would make certain operations (such as room joins) block for 20 minutes while attemoting to fetch verification keys. ([\#5334](https://github.com/matrix-org/synapse/issues/5334)) - Fix a bug where we could rapidly mark a server as unreachable even though it was only down for a few minutes. ([\#5335](https://github.com/matrix-org/synapse/issues/5335), [\#5340](https://github.com/matrix-org/synapse/issues/5340)) - Fix a bug where account validity renewal emails could only be sent when email notifs were enabled. ([\#5341](https://github.com/matrix-org/synapse/issues/5341)) - Fix failure when fetching batches of events during backfill, etc. ([\#5342](https://github.com/matrix-org/synapse/issues/5342)) - Add a new room version where the timestamps on events are checked against the validity periods on signing keys. ([\#5348](https://github.com/matrix-org/synapse/issues/5348), [\#5354](https://github.com/matrix-org/synapse/issues/5354)) - Fix room stats and presence background updates to correctly handle missing events. ([\#5352](https://github.com/matrix-org/synapse/issues/5352)) - Include left members in room summaries' heroes. ([\#5355](https://github.com/matrix-org/synapse/issues/5355)) - Fix `federation_custom_ca_list` configuration option. ([\#5362](https://github.com/matrix-org/synapse/issues/5362)) - Fix missing logcontext warnings on shutdown. ([\#5369](https://github.com/matrix-org/synapse/issues/5369)) Improved Documentation ---------------------- - Fix docs on resetting the user directory. ([\#5282](https://github.com/matrix-org/synapse/issues/5282)) - Fix notes about ACME in the MSC1711 faq. ([\#5357](https://github.com/matrix-org/synapse/issues/5357)) Internal Changes ---------------- - Synapse will now serve the experimental "room complexity" API endpoint. ([\#5216](https://github.com/matrix-org/synapse/issues/5216)) - The base classes for the v1 and v2_alpha REST APIs have been unified. ([\#5226](https://github.com/matrix-org/synapse/issues/5226), [\#5328](https://github.com/matrix-org/synapse/issues/5328)) - Simplifications and comments in do_auth. ([\#5227](https://github.com/matrix-org/synapse/issues/5227)) - Remove urllib3 pin as requests 2.22.0 has been released supporting urllib3 1.25.2. ([\#5230](https://github.com/matrix-org/synapse/issues/5230)) - Preparatory work for key-validity features. ([\#5232](https://github.com/matrix-org/synapse/issues/5232), [\#5234](https://github.com/matrix-org/synapse/issues/5234), [\#5235](https://github.com/matrix-org/synapse/issues/5235), [\#5236](https://github.com/matrix-org/synapse/issues/5236), [\#5237](https://github.com/matrix-org/synapse/issues/5237), [\#5244](https://github.com/matrix-org/synapse/issues/5244), [\#5250](https://github.com/matrix-org/synapse/issues/5250), [\#5296](https://github.com/matrix-org/synapse/issues/5296), [\#5299](https://github.com/matrix-org/synapse/issues/5299), [\#5343](https://github.com/matrix-org/synapse/issues/5343), [\#5347](https://github.com/matrix-org/synapse/issues/5347), [\#5356](https://github.com/matrix-org/synapse/issues/5356)) - Specify the type of reCAPTCHA key to use. ([\#5283](https://github.com/matrix-org/synapse/issues/5283)) - Improve sample config for monthly active user blocking. ([\#5284](https://github.com/matrix-org/synapse/issues/5284)) - Remove spurious debug from MatrixFederationHttpClient.get_json. ([\#5287](https://github.com/matrix-org/synapse/issues/5287)) - Improve logging for logcontext leaks. ([\#5288](https://github.com/matrix-org/synapse/issues/5288)) - Clarify that the admin change password API logs the user out. ([\#5303](https://github.com/matrix-org/synapse/issues/5303)) - New installs will now use the v54 full schema, rather than the full schema v14 and applying incremental updates to v54. ([\#5320](https://github.com/matrix-org/synapse/issues/5320)) - Improve docstrings on MatrixFederationClient. ([\#5332](https://github.com/matrix-org/synapse/issues/5332)) - Clean up FederationClient.get_events for clarity. ([\#5344](https://github.com/matrix-org/synapse/issues/5344)) - Various improvements to debug logging. ([\#5353](https://github.com/matrix-org/synapse/issues/5353)) - Don't run CI build checks until sample config check has passed. ([\#5370](https://github.com/matrix-org/synapse/issues/5370)) - Automatically retry buildkite builds (max twice) when an agent is lost. ([\#5380](https://github.com/matrix-org/synapse/issues/5380))
| * | | | | | | 1.0.0rc1 v1.0.0rc1Neil Johnson2019-06-0781-83/+84
| | |_|_|_|/ / | |/| | | | |
* / | | | | | Add a sponsor button (#5382)Andrew Morgan2019-06-072-0/+4
|/ / / / / / | | | | | | | | | | | | Add a sponsor button with links to matrixdotorg's patreon and liberapay accounts.
* | | | | | Automatically retry builds when a buildkite agent is lost (#5380)Andrew Morgan2019-06-072-0/+67
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Sometimes the build agents get lost or die (error codes -1 and 2). Retry automatically a maximum of 2 times if this happens. Error code reference: * -1: Agent was lost * 0: Build successful * 1: There was an error in your code * 2: The build stopped abruptly * 255: The build was cancelled
* | | | | | Prevent multiple device list updates from breaking a batch send (#5156)Andrew Morgan2019-06-064-31/+196
| | | | | | | | | | | | | | | | | | fixes #5153
* | | | | | Set default room version to v4. (#5379)Neil Johnson2019-06-065-3/+11
| | | | | | | | | | | | | | | | | | | | | | | | Set default room version to v4.
* | | | | | Merge pull request #5320 from matrix-org/hawkowl/full-schema-v1Erik Johnston2019-06-067-2/+2356
|\ \ \ \ \ \ | | | | | | | | | | | | | | Make a full SQL schema
| * | | | | | fix maybeAmber H. Brown2019-06-071-20/+2
| | | | | | |
| * | | | | | just user dir?Amber H. Brown2019-06-071-1/+19
| | | | | | |
| * | | | | | remove background updates that arent neededAmber H. Brown2019-06-071-33/+1
| | | | | | |
| * | | | | | add more commentsAmber Brown2019-06-061-0/+5
| | | | | | |
| * | | | | | Merge remote-tracking branch 'origin/develop' into hawkowl/full-schema-v1Amber Brown2019-06-0445-329/+299
| |\ \ \ \ \ \
| * | | | | | | add stuff in bg updatesAmber Brown2019-06-041-10/+62
| | | | | | | |
| * | | | | | | WHY IS THIS CALLED A SLIGHTLY DIFFERENT THINGAmber Brown2019-06-031-0/+1
| | | | | | | |
| * | | | | | | more fixAmber Brown2019-06-032-0/+4
| | | | | | | |
| * | | | | | | more fixAmber Brown2019-06-032-2/+38
| | | | | | | |
| * | | | | | | fix schemasAmber Brown2019-06-035-61/+22
| | | | | | | |
| * | | | | | | full schemaAmber Brown2019-06-033-0/+2315
| | | | | | | |
| * | | | | | | prepareAmber Brown2019-06-031-2/+14
| | |_|/ / / / | |/| | | | |
* | | | | | | remove bloatNeil Johnson2019-06-061-10/+1
| | | | | | |
* | | | | | | Add ability to perform password reset via email without trusting the ↵Andrew Morgan2019-06-0620-71/+922
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | identity server (#5377) Sends password reset emails from the homeserver instead of proxying to the identity server. This is now the default behaviour for security reasons. If you wish to continue proxying password reset requests to the identity server you must now enable the email.trust_identity_server_for_password_resets option. This PR is a culmination of 3 smaller PRs which have each been separately reviewed: * #5308 * #5345 * #5368
* | | | | | | Stop hardcoding trust of old matrix.org key (#5374)Richard van der Hoff2019-06-066-95/+293
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There are a few changes going on here: * We make checking the signature on a key server response optional: if no verify_keys are specified, we trust to TLS to validate the connection. * We change the default config so that it does not require responses to be signed by the old key. * We replace the old 'perspectives' config with 'trusted_key_servers', which is also formatted slightly differently. * We emit a warning to the logs every time we trust a key server response signed by the old key.
* | | | | | | Neilj/1.0 upgrade notes (#5371)Neil Johnson2019-06-064-8/+79
| | | | | | | | | | | | | | | | | | | | | | | | | | | | 1.0 upgrade/install notes
* | | | | | | Regen sample config before kicking off agents (#5370)Andrew Morgan2019-06-062-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Regen sample config before kicking off agents * Add changelog
* | | | | | | Fix missing logcontext for PresenceHandler.on_shutdown. (#5369)Richard van der Hoff2019-06-062-1/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes some warnings, and a scary-looking stacktrace when sytest kills the process.
* | | | | | | Merge pull request #5221 from matrix-org/erikj/fix_worker_sytestErik Johnston2019-06-062-1/+12
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Fix get_max_topological_token to never return None
| * | | | | | | Better wordsErik Johnston2019-06-061-1/+1
| | | | | | | |
| * | | | | | | NewsfileErik Johnston2019-05-211-0/+1
| | | | | | | |
| * | | | | | | Fix get_max_topological_token to never return NoneErik Johnston2019-05-211-1/+11
| | | | | | | |
* | | | | | | | Merge pull request #5089 from dnaf/m-heroes-empty-room-nameBrendan Abolivier2019-06-062-5/+5
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | Make /sync return heroes if room name or canonical alias are empty
| * | | | | | | | Add credit in the changelogBrendan Abolivier2019-06-062-1/+1
| | | | | | | | |
| * | | | | | | | Simplify conditionBrendan Abolivier2019-06-061-2/+2
| | | | | | | | |
| * | | | | | | | Simplify conditionBrendan Abolivier2019-06-051-3/+2
| | | | | | | | |
| * | | | | | | | Merge branch 'develop' into m-heroes-empty-room-nameBrendan Abolivier2019-06-05350-3583/+9622
| |\ \ \ \ \ \ \ \
| * | | | | | | | | LintKatie Wolfe2019-04-241-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I probably should've just run autopep8 in the first place... Signed-off-by: Katie Wolfe <katie@dnaf.moe>
| * | | | | | | | | Clean up codeKatie Wolfe2019-04-241-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Katie Wolfe <katie@dnaf.moe>
| * | | | | | | | | Show heroes if room name or canonical alias are emptyKatie Wolfe2019-04-241-3/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #4194 Signed-off-by: Katie Wolfe <katie@dnaf.moe>
| * | | | | | | | | Add full stop to 5084.bugfixKatie Wolfe2019-04-241-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Katie Wolfe <katie@dnaf.moe>
| * | | | | | | | | Add changelog.d/5084.bugfixKatie Wolfe2019-04-241-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Katie Wolfe <katie@dnaf.moe>
| * | | | | | | | | Show heroes if room name or canonical alias are emptyKatie Wolfe2019-04-241-5/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #4194 Signed-off-by: Katie Wolfe <katie@dnaf.moe>
* | | | | | | | | | Merge pull request #5359 from matrix-org/rav/enable_tls_verificationRichard van der Hoff2019-06-064-12/+19
|\ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | Validate federation server TLS certificates by default.
| * \ \ \ \ \ \ \ \ \ Merge branch 'rav/fix_custom_ca' into rav/enable_tls_verificationRichard van der Hoff2019-06-0528-43/+219
| |\ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | | Update sample configRichard van der Hoff2019-06-051-4/+4
| | | | | | | | | | | |
| * | | | | | | | | | | Validate federation server TLS certificates by default.Richard van der Hoff2019-06-053-8/+15
| | | | | | | | | | | |
* | | | | | | | | | | | Merge pull request #5361 from matrix-org/rav/generate_signing_keyRichard van der Hoff2019-06-062-0/+38
|\ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | add a script to generate new signing_key files
| * | | | | | | | | | | | add a script to generate new signing_key filesRichard van der Hoff2019-06-052-0/+38
| | | | | | | | | | | | |
* | | | | | | | | | | | | Merge pull request #5355 from matrix-org/babolivier/heroes_left_membersBrendan Abolivier2019-06-062-15/+20
|\ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Include left members in room summaries' heroes
| * | | | | | | | | | | | | Properly format the changelogBrendan Abolivier2019-06-051-1/+1
| | | | | | | | | | | | | |
| * | | | | | | | | | | | | ChangelogBrendan Abolivier2019-06-051-0/+1
| | | | | | | | | | | | | |
| * | | | | | | | | | | | | Do user_id != me checks before deciding whether we should pick heroes from ↵Brendan Abolivier2019-06-051-15/+19
| | |_|_|_|/ / / / / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | the joined members or the parted ones
* | | | | | | | | | | | | Merge pull request #5354 from matrix-org/rav/server_keys/99-room-v5Richard van der Hoff2019-06-062-5/+7
|\ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Implement room v5 which enforces signing key validity
| * | | | | | | | | | | | | Implement room v5 which enforces signing key validityRichard van der Hoff2019-06-052-5/+7
| | |_|/ / / / / / / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Implements [MSC2077](https://github.com/matrix-org/matrix-doc/pull/2077) and fixes #5247 and #4364.
* | | | | | | | | | | | | Merge pull request #5353 from matrix-org/rav/verify_key_loggingRichard van der Hoff2019-06-066-56/+86
|\ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Associate a request_name with each verify request, for logging
| * | | | | | | | | | | | | Associate a request_name with each verify request, for loggingRichard van der Hoff2019-06-056-56/+86
| |/ / / / / / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also: * rename VerifyKeyRequest->VerifyJsonRequest * calculate key_ids on VerifyJsonRequest construction * refactor things to pass around VerifyJsonRequests instead of 4-tuples
* | | | | | | | | | | | | Merge pull request #5362 from matrix-org/rav/fix_custom_caRichard van der Hoff2019-06-052-1/+2
|\ \ \ \ \ \ \ \ \ \ \ \ \ | | |_|_|/ / / / / / / / / | |/| | | | | | | | | | | Fix `federation_custom_ca_list` configuration option.
| * | | | | | | | | | | | Fix `federation_custom_ca_list` configuration option.Richard van der Hoff2019-06-052-1/+2
|/ / / / / / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, setting this option would cause an exception at startup.
* | | | | | | | | | | | Neilj/add r0.5 to versions (#5360)Neil Johnson2019-06-052-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Update _matrix/client/versions to reference support for r0.5.0
* | | | | | | | | | | | Fix background updates to handle redactions/rejections (#5352)Erik Johnston2019-06-065-12/+117
| |_|/ / / / / / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Fix background updates to handle redactions/rejections In background updates based on current state delta stream we need to handle that we may not have all the events (or at least that `get_events` may raise an exception).
* | | | | | | | | | | Fix notes about well-known and acme (#5357)Richard van der Hoff2019-06-052-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fixes #4951
* | | | | | | | | | | Merge pull request #5317 from matrix-org/erikj/make_do_auth_non_essentialErik Johnston2019-06-052-12/+47
|\ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | Fix handling of failures when calling /event_auth.
| * | | | | | | | | | | Add logging when request fails and clarify we ignore errors.Erik Johnston2019-06-051-4/+12
| | | | | | | | | | | |
| * | | | | | | | | | | NewsfileErik Johnston2019-06-031-0/+1
| | | | | | | | | | | |
| * | | | | | | | | | | Fix handling of failures when calling /event_auth.Erik Johnston2019-06-031-12/+38
| | |_|_|_|/ / / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When processing an incoming event over federation, we may try and resolve any unexpected differences in auth events. This is a non-essential process and so should not stop the processing of the event if it fails (e.g. due to the remote disappearing or not implementing the necessary endpoints). Fixes #3330
* | | | | | | | | | | Neilj/changelog clean up (#5356)Neil Johnson2019-06-0512-12/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * group together key validity refactors
* | | | | | | | | | | Neilj/mau tracking config explainer (#5284)Neil Johnson2019-06-053-0/+33
| |/ / / / / / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Improve documentation of monthly active user blocking and mau_trial_days
* | | | | | | | | | Add a test room version where we enforce key validity (#5348)Richard van der Hoff2019-06-053-22/+38
| |/ / / / / / / / |/| | | | | | | |
* | | | | | | | | Clean up debug logging (#5347)Richard van der Hoff2019-06-054-8/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | Remove some spurious stuff, clarify some other stuff
* | | | | | | | | Rename VerifyKeyRequest.deferred field (#5343)Richard van der Hoff2019-06-052-12/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | it's a bit confusing
* | | | | | | | | Call RetryLimiter correctly (#5340)Richard van der Hoff2019-06-042-1/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes a regression introduced in #5335.
* | | | | | | | | Fix failure to fetch batches of PDUs (#5342)Richard van der Hoff2019-06-042-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | FederationClient.get_pdu is called in a loop to fetch a batch of PDUs. A failure to fetch one should not result in a failure of the whole batch. Add the missing `continue`.
* | | | | | | | | Rename get_events->get_events_from_store_or_dest (#5344)Richard van der Hoff2019-06-042-20/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We have too many things called get_event, and it's hard to figure out what we mean. Also remove some unused params from the signature, and add some logging.
* | | | | | | | | Merge pull request #5341 from matrix-org/babolivier/email_configBrendan Abolivier2019-06-042-42/+58
|\ \ \ \ \ \ \ \ \ | | |_|_|_|/ / / / | |/| | | | | | | Make account validity renewal emails work when email notifs are disabled
| * | | | | | | | Only parse from email if providedBrendan Abolivier2019-06-041-4/+5
| | | | | | | | |
| * | | | | | | | LintBrendan Abolivier2019-06-041-1/+0
| | | | | | | | |
| * | | | | | | | Make account validity renewal emails work when email notifs are disabledBrendan Abolivier2019-06-042-42/+58
| | | | | | | | |
* | | | | | | | | Merge pull request #5324 from matrix-org/erikj/ignore_nullErik Johnston2019-06-042-0/+17
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | Ignore room state with null bytes in for room stats
| * | | | | | | | | FixErik Johnston2019-06-031-1/+2
| | | | | | | | | |
| * | | | | | | | | NewsfileErik Johnston2019-06-031-0/+1
| | | | | | | | | |
| * | | | | | | | | Ignore room state with null bytes in for room statsErik Johnston2019-06-031-0/+15
| | |_|_|_|/ / / / | |/| | | | | | |
* | | | | | | | | Avoid rapidly backing-off a server if we ignore the retry interval (#5335)Richard van der Hoff2019-06-042-23/+38
|\ \ \ \ \ \ \ \ \
| * | | | | | | | | Avoid rapidly backing-off a server if we ignore the retry intervalRichard van der Hoff2019-06-032-23/+38
| | | | | | | | | |
* | | | | | | | | | Don't do long retries when calling the key notary server. (#5334)Richard van der Hoff2019-06-042-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It takes at least 20 minutes to work through the long_retries schedule (11 attempts, each with a 60 second timeout, and 60 seconds between each request), so if the notary server isn't returning within the timeout, we'll just end up blocking whatever request is happening for 20 minutes. Ain't nobody got time for that.
* | | | | | | | | | Merge pull request #5333 from ↵Richard van der Hoff2019-06-044-40/+66
|\ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | matrix-org/rav/server_keys/09_improve_notary_server Fixes for the key-notary server
| * | | | | | | | | | changelogRichard van der Hoff2019-06-041-0/+1
| | | | | | | | | | |
| * | | | | | | | | | Notary server: make requests to origins in parallelRichard van der Hoff2019-06-042-11/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ... else we're guaranteed to time out.
| * | | | | | | | | | Don't bomb out on direct key fetches as soon as one failsRichard van der Hoff2019-06-042-29/+41
| | | | | | | | | | |
| * | | | | | | | | | Reduce timeout for outbound /key/v2/server requests.Richard van der Hoff2019-06-031-0/+13
| |/ / / / / / / / /
* | | | | | | / / / Improve docstrings on MatrixFederationClient. (#5332)Richard van der Hoff2019-06-042-16/+56
| |_|_|_|_|_|/ / / |/| | | | | | | |
* | | | | | | | | Hawkowl/fix missing auth (#5328)Amber Brown2019-06-042-0/+2
|/ / / / / / / /
* | | | | | | | Enforce validity period on server_keys for fed requests. (#5321)Richard van der Hoff2019-06-036-88/+228
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When handling incoming federation requests, make sure that we have an up-to-date copy of the signing key. We do not yet enforce the validity period for event signatures.
* | | | | | | | Revert "Newsfile"Erik Johnston2019-06-031-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 4bd67db100efacc3d31a2f8187b7bdd4479d9bc3.
* | | | | | | | NewsfileErik Johnston2019-06-031-0/+1
|/ / / / / / /