summary refs log tree commit diff
Commit message (Collapse)AuthorAgeFilesLines
* Ensure that HTML pages served from Synapse include headers to avoid embedding.Patrick Cloke2020-07-0210-94/+103
|
* Fix changelog wording v1.15.1 github/release-v1.15.1 release-v1.15.1Brendan Abolivier2020-06-161-2/+2
|
* 1.15.1Brendan Abolivier2020-06-165-3/+17
|
* Wrap register_device coroutine in an ensureDeferred (#7684)Andrew Morgan2020-06-164-5/+62
| | | | | | | Fixes https://github.com/matrix-org/synapse/issues/7683 Broke in: #7649 We had a `yield` acting on a coroutine. To be fair this one is a bit difficult to notice as there's a function in the middle that just passes the coroutine along.
* Merge pull request #7685 from matrix-org/babolivier/3pid_r0Brendan Abolivier2020-06-152-3/+4
|\ | | | | Enable 3PID add/bind/unbind endpoints on r0 routes
| * Enable 3PID add/bind/unbind endpoints on r0 routesBrendan Abolivier2020-06-152-3/+4
|/
* 1.15.0 v1.15.0 github/release-v1.15.0 release-v1.15.0Brendan Abolivier2020-06-113-1/+13
|
* Merge branch 'release-v1.15.0' of github.com:matrix-org/synapse into ↵Brendan Abolivier2020-06-090-0/+0
|\ | | | | | | release-v1.15.0
| * Update CHANGES.mdRichard van der Hoff2020-06-091-1/+1
| | | | | | fix a typo
* | Fix some attributionsBrendan Abolivier2020-06-091-3/+3
|/
* 1.15.0rc1 v1.15.0rc1Brendan Abolivier2020-06-0945-44/+67
|
* Revert "1.15.0rc1"Brendan Abolivier2020-06-0945-67/+44
| | | | This reverts commit 8587b0426fa4e65992aaa47158e991fa1797d3fb.
* 1.15.0rc1Brendan Abolivier2020-06-0945-44/+67
|
* Fix bug in account data replication stream. (#7656)Erik Johnston2020-06-096-4/+35
| | | | | | | | | | | | | | | | | | | | | | | | | | * Ensure account data stream IDs are unique. The account data stream is shared between three tables, and the maximum allocated ID was tracked in a dedicated table. Updating the max ID happened outside the transaction that allocated the ID, leading to a race where if the server was restarted then the same ID could be allocated but the max ID failed to be updated, leading it to be reused. The ID generators have support for tracking across multiple tables, so we may as well use that instead of a dedicated table. * Fix bug in account data replication stream. If the same stream ID was used in both global and room account data then the getting updates for the replication stream would fail due to `heapq.merge(..)` trying to compare a `str` with a `None`. (This is because you'd have two rows like `(534, '!room')` and `(534, None)` from the room and global account data tables). Fix is just to order by stream ID, since we don't rely on the ordering beyond that. The bug where stream IDs can be reused should be fixed now, so this case shouldn't happen going forward. Fixes #7617
* Convert the registration handler to async/await. (#7649)Patrick Cloke2020-06-083-68/+48
|
* Accept device information at the login fallback endpoint. (#7629)Patrick Cloke2020-06-082-35/+121
|
* Convert user directory handler and related classes to async/await. (#7640)Patrick Cloke2020-06-056-111/+78
|
* Add an option to disable autojoin for guest accounts (#6637)Travis Ralston2020-06-055-1/+33
| | | | Fixes https://github.com/matrix-org/synapse/issues/3177
* Clarifications to the admin api documentation (#7647)Richard van der Hoff2020-06-058-89/+126
| | | | | | * Clarify how to authenticate * path params are not the same thing as query params * Fix documentation for `/_synapse/admin/v2/users/<user_id>`
* Update to the stable SSO prefix for UI Auth. (#7630)Patrick Cloke2020-06-052-1/+2
|
* Fix type information on `assert_*_is_admin` methods (#7645)Richard van der Hoff2020-06-053-23/+19
| | | These things don't return Deferreds.
* Remove some unused constants. (#7644)Richard van der Hoff2020-06-052-4/+1
|
* Typo fixes.Patrick Cloke2020-06-052-2/+2
|
* Allow new users to be registered via the admin API even if the monthly ↵Dirk Klimpel2020-06-054-16/+172
| | | | active user limit has been reached (#7263)
* Add device management to admin API (#7481)Dirk Klimpel2020-06-055-0/+920
| | | | | | | | | | - Admin is able to - change displaynames - delete devices - list devices - get device informations Fixes #7330
* Attempt to fix PhoneHomeStatsTestCase.test_performance_100 being flaky. (#7634)Patrick Cloke2020-06-052-19/+24
|
* Support CS API v0.6.0 (#6585)Andrew Morgan2020-06-052-15/+2
|
* Add support for webp thumbnailing (#7586)WGH2020-06-053-36/+101
| | | | | Closes #4382 Signed-off-by: Maxim Plotnikov <wgh@torlan.ru>
* Performance improvements and refactor of Ratelimiter (#7595)Andrew Morgan2020-06-0519-230/+322
| | | | | | | | | | While working on https://github.com/matrix-org/synapse/issues/5665 I found myself digging into the `Ratelimiter` class and seeing that it was both: * Rather undocumented, and * causing a *lot* of config checks This PR attempts to refactor and comment the `Ratelimiter` class, as well as encourage config file accesses to only be done at instantiation. Best to be reviewed commit-by-commit.
* Fix encryption algorithm typos in tests/comments (#7637)Andrew Morgan2020-06-044-10/+11
| | | | | | | | @uhoreg has confirmed these were both typos. They are only in comments and tests though, rather than anything critical. Introduced in: * https://github.com/matrix-org/synapse/pull/7157 * https://github.com/matrix-org/synapse/pull/5726
* Advertise the token login type when OpenID Connect is enabled. (#7631)Patrick Cloke2020-06-042-8/+4
|
* Cleanups to the OpenID Connect integration (#7628)Richard van der Hoff2020-06-038-324/+428
| | | | docs, default configs, comments. Nothing very significant.
* async/await get_user_id_by_threepid (#7620)Andrew Morgan2020-06-034-28/+29
| | | | | Based on #7619 async's `get_user_id_by_threepid` and its call stack.
* Check the changelog number in check-newsfragment (#7623)Richard van der Hoff2020-06-032-4/+17
|
* Replace instances of reactor pumping with get_success. (#7619)Andrew Morgan2020-06-033-121/+152
| | | | | Calls `self.get_success` on all deferred methods instead of abusing `self.pump()`. This has the benefit of working with coroutines, as well as checking that method execution completed successfully. There are also a few small cleanups that I made in the process.
* Check if the localpart is reserved for guests earlier in the registration ↵Brendan Abolivier2020-06-032-9/+10
| | | | | flow (#7625) This is so the user is warned about the username not being valid as soon as possible, rather than only once they've finished UIA.
* Fix exceptions when fetching events from a down host. (#7622)Erik Johnston2020-06-032-1/+2
| | | We already caught some exceptions, but not all.
* `synctl restart` should start synapse if it wasn't running (#7624)Richard van der Hoff2020-06-032-1/+2
|
* Switch back to upstream dh-virtualenv (#7621)Richard van der Hoff2020-06-032-1/+2
| | | | | | Upstream have merged our changes (https://github.com/spotify/dh-virtualenv/pull/300), so let's switch back to it instead of using our fork.
* Merge branch 'master' into developRichard van der Hoff2020-06-031-1/+1
|\
| * Fix typo in PR link github/release-v1.14.0 release-v1.14.0Richard van der Hoff2020-06-031-1/+1
| |
* | Clean up exception handling in SAML2ResponseResource (#7614)Richard van der Hoff2020-06-037-61/+77
| | | | | | | | | | | | | | | | | | | | | | | | | | * Expose `return_html_error`, and allow it to take a Jinja2 template instead of a raw string * Clean up exception handling in SAML2ResponseResource * use the existing code in `return_html_error` instead of re-implementing it (giving it a jinja2 template rather than inventing a new form of template) * do the exception-catching in the REST layer rather than in the handler layer, to make sure we catch all exceptions.
* | update grafana dashboardRichard van der Hoff2020-06-021-88/+525
| |
* | Mention #synapse:matrix.org in README troubleshooting (#7603)Andrew Morgan2020-06-012-1/+5
| | | | | | Just in case people head straight to the troubleshooting section and find themselves at a dead end.
* | Advertise Python 3.8 support in setup.py (#7602)Andrew Morgan2020-06-012-0/+2
| | | | | | Synapse supports Python 3.8. We've been using it in CI for a while now.
* | Fix a bug in automatic user creation with m.login.jwt. (#7585)Olof Johansson2020-06-013-7/+162
| |
* | Process cross-signing keys when resyncing device lists (#7594)Brendan Abolivier2020-06-014-18/+119
| | | | | | It looks like `user_device_resync` was ignoring cross-signing keys from the results received from the remote server. This patch fixes this, by processing these keys using the same process `_handle_signing_key_updates` does (and effectively factor that part out of that function).
* | Email notifications for new users when creating via the Admin API. (#7267)Dirk Klimpel2020-06-013-0/+92
| |
* | Improve performance of _get_state_groups_from_groups_txn (#7567)Dagfinn Ilmari Mannsåker2020-06-012-6/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The query keeps showing up in my slow query log. This changes the plan under the top-level Sort node from ``` WindowAgg (cost=280335.88..292963.15 rows=561212 width=80) (actual time=138.651..160.562 rows=27112 loops=1) -> Sort (cost=280335.88..281738.91 rows=561212 width=84) (actual time=138.597..140.622 rows=27112 loops=1) Sort Key: state_groups_state.type, state_groups_state.state_key, state_groups_state.state_group Sort Method: quicksort Memory: 4581kB -> Nested Loop (cost=2.83..226745.22 rows=561212 width=84) (actual time=21.548..47.657 rows=27112 loops=1) -> HashAggregate (cost=2.27..3.28 rows=101 width=8) (actual time=21.526..21.535 rows=20 loops=1) Group Key: state.state_group -> CTE Scan on state (cost=0.00..2.02 rows=101 width=8) (actual time=21.280..21.493 rows=20 loops=1) -> Index Scan using state_groups_state_type_idx on state_groups_state (cost=0.56..2189.40 rows=5557 width=84) (actual time=0.005..0.991 rows=1356 loops=20) Index Cond: (state_group = state.state_group) ``` to ``` Nested Loop (cost=2.83..226745.22 rows=561212 width=84) (actual time=24.194..52.834 rows=27112 loops=1) -> HashAggregate (cost=2.27..3.28 rows=101 width=8) (actual time=24.130..24.138 rows=20 loops=1) Group Key: state.state_group -> CTE Scan on state (cost=0.00..2.02 rows=101 width=8) (actual time=23.887..24.113 rows=20 loops=1) -> Index Scan using state_groups_state_type_idx on state_groups_state (cost=0.56..2189.40 rows=5557 width=84) (actual time=0.016..1.159 rows=1356 loops=20) Index Cond: (state_group = state.state_group) ``` This cuts the execution time from ~190ms to ~130ms, i.e. a reduction of ~30%. The full plans are visualised at https://explain.depesz.com/s/WpbT and https://explain.depesz.com/s/KlEk Signed-off-by: Dagfinn Ilmari Mannsåker <ilmari@ilmari.org>
* | Convert groups local and server to async/await. (#7600)Patrick Cloke2020-06-013-190/+150
| |
* | Don't fail all of an iteration of the device list retry loop on error (#7609)Brendan Abolivier2020-06-012-15/+22
| | | | | | Without this patch, if an error happens which isn't caught by `user_device_resync`, then `_maybe_retry_device_resync` would fail, without retrying the next users in the iteration. This patch fixes this so that it now only logs an error in this case.
* | Use upsert when inserting read receipts (#7607)Dagfinn Ilmari Mannsåker2020-06-012-9/+5
| | | | | | | | | | Fixes #7469 Signed-off-by: Dagfinn Ilmari Mannsåker <ilmari@ilmari.org>
* | Update OpenBSD installation instructions (#7587)hashashini2020-05-302-22/+41
| | | | | | | | Synapse was added to the ports tree in Nov, 2019 by Renaud Allard (https://marc.info/?l=openbsd-ports&m=157417848805329). With the release of OpenBSD 6.7 on May 22, 2020 a pre-compiled binary is available as well.
* | Fix 'FederationGroupsRoomsServlet' API when group has room server is not in. ↵Erik Johnston2020-05-292-8/+13
| | | | | | | | (#7599)
* | Make inflight background metrics more efficient. (#7597)Erik Johnston2020-05-292-34/+71
| | | | | | Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
* | Add entry to set dependency against psql service (#7591)David Rio Deiros2020-05-282-0/+4
| |
* | Merge branch 'master' into developBrendan Abolivier2020-05-283-1/+13
|\|
| * Update debian changelog v1.14.0Brendan Abolivier2020-05-281-0/+6
| |
| * 1.14.0Brendan Abolivier2020-05-282-1/+7
| |
* | Merge pull request #7584 from matrix-org/erikj/save_and_send_fed_token_in_bgErik Johnston2020-05-274-7/+69
|\ \ | | | | | | Speed up processing of federation stream RDATA rows.
| * | Ensure we persist and ack the same tokenErik Johnston2020-05-271-5/+7
| | |
| * | Remove spurious changeErik Johnston2020-05-271-2/+0
| | |
| * | Add test for Linearizer.is_queued(..)Erik Johnston2020-05-271-0/+32
| | |
| * | NewsfileErik Johnston2020-05-271-0/+1
| | |
| * | Speed up processing of federation stream RDATA rows.Erik Johnston2020-05-273-2/+31
| |/ | | | | | | | | | | Instead of storing and sending an ACK for every single row we send synchronously, we instead do it asynchronously while batching up updates.
* | allow emails to be passed through SAML (#7385)Christopher Cooper2020-05-273-2/+13
| | | | | | Signed-off-by: Christopher Cooper <cooperc@ocf.berkeley.edu>
* | Merge tag 'v1.14.0rc2' into developBrendan Abolivier2020-05-278-8/+116
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.14.0rc2 (2020-05-27) ============================== Bugfixes -------- - Fix cache config to not apply cache factor to event cache. Regression in v1.14.0rc1. ([\#7578](https://github.com/matrix-org/synapse/issues/7578)) - Fix bug where `ReplicationStreamer` was not always started when replication was enabled. Bug introduced in v1.14.0rc1. ([\#7579](https://github.com/matrix-org/synapse/issues/7579)) - Fix specifying individual cache factors for caches with special characters in their name. Regression in v1.14.0rc1. ([\#7580](https://github.com/matrix-org/synapse/issues/7580)) Improved Documentation ---------------------- - Fix the OIDC `client_auth_method` value in the sample config. ([\#7581](https://github.com/matrix-org/synapse/issues/7581))
| * Improve changelog wording v1.14.0rc2Brendan Abolivier2020-05-271-1/+1
| |
| * 1.14.0rc2Brendan Abolivier2020-05-276-5/+18
| |
| * Fix sample config docs error (#7581)Jason Robinson2020-05-273-2/+3
| | | | | | | | | | | | 'client_auth_method' commented out value was erronously 'client_auth_basic', when code and docstring says it should be 'client_secret_basic'. Signed-off-by: Jason Robinson <jasonr@matrix.org>
| * Fix up commentsErik Johnston2020-05-272-3/+3
| |
| * Fix specifying cache factors via env vars with * in name. (#7580)Erik Johnston2020-05-274-5/+74
| | | | | | | | | | This mostly applise to `*stateGroupCache*` and co. Broke in #6391.
| * Don't apply cache factor to event cache. (#7578)Erik Johnston2020-05-273-0/+21
| | | | | | | | This is already correctly done when we instansiate the cache, but wasn't when it got reloaded (which always happens at least once on startup).
| * Ensure ReplicationStreamer is always started when replication enabled. (#7579)Erik Johnston2020-05-272-0/+4
| | | | | | Fixes #7566.
* | Fix incorrect placeholder syntax in database prepartion code (#7575)Andrew Morgan2020-05-272-3/+3
| | | | | | We were using `logger` syntax which isn't supported by `Exception`s.
* | Merge branch 'develop' of github.com:matrix-org/synapse into developBrendan Abolivier2020-05-263-63/+47
|\ \ | |/ |/|
| * Convert identity handler to async/await. (#7561)Patrick Cloke2020-05-263-63/+47
| |
* | Remove the changes to the debian changelog v1.14.0rc1Brendan Abolivier2020-05-261-6/+0
| | | | | | | | Since this is not a full release yet
* | Merge branch 'release-v1.14.0' of github.com:matrix-org/synapse into ↵Brendan Abolivier2020-05-261-14/+1
|\ \ | | | | | | | | | release-v1.14.0
| * | Merge event persistence move changelog entriesErik Johnston2020-05-261-14/+1
| | |
* | | Not full release yet, this is rc1Brendan Abolivier2020-05-262-3/+3
|/ /
* | More changelog fixBrendan Abolivier2020-05-261-2/+1
| |
* | Changelog fixesBrendan Abolivier2020-05-261-9/+8
| |
* | 1.14.0Brendan Abolivier2020-05-2678-76/+106
|/
* Replace device_27_unique_idx bg update with a fg one (#7562)Richard van der Hoff2020-05-267-65/+104
| | | | | | The bg update never managed to complete, because it kept being interrupted by transactions which want to take a lock. Just doing it in the foreground isn't that bad, and is a good deal simpler.
* Fix incorrect exception handling in KeyUploadServlet.on_POST (#7563)Richard van der Hoff2020-05-262-1/+2
| | | Introduced in #7556
* Fix recording of federation stream token (#7564)Richard van der Hoff2020-05-263-24/+116
| | | | | | | | A couple of changes of significance: * remove the `_last_ack < federation_position` condition, so that updates will still be correctly processed after restart * Correctly wire up send_federation_ack to the right class.
* Simplify reap_monthly_active_users (#7558)Richard van der Hoff2020-05-232-59/+42
| | | | | | we can use `make_in_list_sql_clause` rather than doing our own half-baked equivalent, which has the benefit of working just fine with empty lists. (This has quite a lot of tests, so I think it's pretty safe)
* Optimise some references to hs.config (#7546)Richard van der Hoff2020-05-228-136/+162
| | | These are surprisingly expensive, and we only really need to do them at startup.
* Fix missing CORS headers on OPTION responses (#7560)Erik Johnston2020-05-223-1/+30
| | | Broke in #7534.
* Add option to move event persistence off master (#7517)Erik Johnston2020-05-2222-73/+382
|
* Return 200 OK for all OPTIONS requests (#7534)Patrick Cloke2020-05-225-11/+85
|
* Add ability to wait for replication streams (#7542)Erik Johnston2020-05-2224-112/+304
| | | | | | | The idea here is that if an instance persists an event via the replication HTTP API it can return before we receive that event over replication, which can lead to races where code assumes that persisting an event immediately updates various caches (e.g. current state of the room). Most of Synapse doesn't hit such races, so we don't do the waiting automagically, instead we do so where necessary to avoid unnecessary delays. We may decide to change our minds here if it turns out there are a lot of subtle races going on. People probably want to look at this commit by commit.
* Convert sending mail to async/await. (#7557)Erik Johnston2020-05-225-76/+60
| | | | Mainly because sometimes the email push code raises exceptions where the stack traces have gotten lost, which is hopefully fixed by this.
* Use a non-empty RelayState for user interactive auth with SAML. (#7552)Patrick Cloke2020-05-222-1/+5
|
* On upgrade room only send canonical alias once. (#7547)Erik Johnston2020-05-222-55/+61
| | | | | | | | Instead of doing a complicated dance of deleting and moving aliases one by one, which sends a canonical alias update into the old room for each one, lets do it all in one go. This also changes the function to move *all* local alias events to the new room, however that happens later on anyway.
* Fix exception reporting due to HTTP request errors. (#7556)Erik Johnston2020-05-224-4/+24
| | | | These are business as usual errors, rather than stuff we want to log at error.
* synapse.metrics: implement detailed memory usage reporting on PyPy (#7536)Ivan Shapovalov2020-05-222-1/+79
| | | | | | PyPy's gc.get_stats() returns an object containing detailed allocator statistics which could be beneficial to collect as metrics. Signed-off-by: Ivan Shapovalov <intelfx@intelfx.name>
* Refresh apt cache when building dh_virtualenv docker image (#7555)Richard van der Hoff2020-05-222-2/+5
| | | | | | When we tried to build debs for 1.13.0, the build failed because docker used a base docker image which had a stale apt cache. Fixes: #7540
* Fix stacktrace mangling in `patch_inline_callbacks` (#7554)Richard van der Hoff2020-05-222-2/+8
| | | `Failure()` is more cunning than `Failure(e)`.
* mypy for synapse.http.site (#7553)Richard van der Hoff2020-05-223-3/+8
|
* Fix some DETECTED VIOLATIONS in the config file (#7550)Richard van der Hoff2020-05-228-55/+72
| | | consistency ftw
* Retry to sync out of sync device lists (#7453)Brendan Abolivier2020-05-214-20/+158
| | | | | | | | | | | When a call to `user_device_resync` fails, we don't currently mark the remote user's device list as out of sync, nor do we retry to sync it. https://github.com/matrix-org/synapse/pull/6776 introduced some code infrastructure to mark device lists as stale/out of sync. This commit uses that code infrastructure to mark device lists as out of sync if processing an incoming device list update makes the device handler realise that the device list is out of sync, but we can't resync right now. It also adds a looping call to retry all failed resync every 30s. This shouldn't cause too much spam in the logs as this commit also removes the "Failed to handle device list update for..." warning logs when catching `NotRetryingDestination`. Fixes #7418
* Stub out GET presence requests in the frontend proxy (#7545)Richard van der Hoff2020-05-212-17/+5
| | | | | We don't really make any promises about returning accurate presence data when presence is disabled, so we may as well just return a static response, rather than making the master handle a request.
* Ensure worker config exists in systemd service (#7528)David Vo2020-05-212-1/+2
|
* add a commentRichard van der Hoff2020-05-211-0/+3
|
* Fix bug in persist events when dealing with non member types. (#7548)Erik Johnston2020-05-212-2/+3
| | | | | `_is_server_still_joined` will throw if it is given state updates with non-user ID state keys with local user leaves. This is actually rarely a problem since local leaves almost always get persisted by themselves. (I discovered this on a branch that was otherwise broken, so I haven't seen this in the wild)
* Update CONTRIBUTING.md (#7541)Richard van der Hoff2020-05-201-15/+4
|
* Remove Ubuntu Cosmic and Disco which are both EOL. (#7539)Patrick Cloke2020-05-202-2/+1
|
* Hash passwords earlier in the password reset process (#7538)Patrick Cloke2020-05-205-11/+33
| | | | This now matches the logic of the registration process as modified in 56db0b1365965c02ff539193e26c333b7f70d101 / #7523.
* Minor clarifications to the TURN docs (#7533)Richard van der Hoff2020-05-202-15/+43
|
* Merge branch 'master' into developPatrick Cloke2020-05-196-32/+58
|\
| * Merge tag 'v1.13.0'Patrick Cloke2020-05-19257-5032/+12281
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.13.0 (2020-05-19) =========================== This release brings some potential changes necessary for certain configurations of Synapse: * If your Synapse is configured to use SSO and have a custom `sso_redirect_confirm_template_dir` configuration option set, you will need to duplicate the new `sso_auth_confirm.html`, `sso_auth_success.html` and `sso_account_deactivated.html` templates into that directory. * Synapse plugins using the `complete_sso_login` method of `synapse.module_api.ModuleApi` should instead switch to the async/await version, `complete_sso_login_async`, which includes additional checks. The former version is now deprecated. * A bug was introduced in Synapse 1.4.0 which could cause the room directory to be incomplete or empty if Synapse was upgraded directly from v1.2.1 or earlier, to versions between v1.4.0 and v1.12.x. Please review [UPGRADE.rst](https://github.com/matrix-org/synapse/blob/master/UPGRADE.rst) for more details on these changes and for general upgrade guidance. Notice of change to the default `git` branch for Synapse -------------------------------------------------------- With the release of Synapse 1.13.0, the default `git` branch for Synapse has changed to `develop`, which is the development tip. This is more consistent with common practice and modern `git` usage. The `master` branch, which tracks the latest release, is still available. It is recommended that developers and distributors who have scripts which run builds using the default branch of Synapse should therefore consider pinning their scripts to `master`. Features -------- - Extend the `web_client_location` option to accept an absolute URL to use as a redirect. Adds a warning when running the web client on the same hostname as homeserver. Contributed by Martin Milata. ([\#7006](https://github.com/matrix-org/synapse/issues/7006)) - Set `Referrer-Policy` header to `no-referrer` on media downloads. ([\#7009](https://github.com/matrix-org/synapse/issues/7009)) - Add support for running replication over Redis when using workers. ([\#7040](https://github.com/matrix-org/synapse/issues/7040), [\#7325](https://github.com/matrix-org/synapse/issues/7325), [\#7352](https://github.com/matrix-org/synapse/issues/7352), [\#7401](https://github.com/matrix-org/synapse/issues/7401), [\#7427](https://github.com/matrix-org/synapse/issues/7427), [\#7439](https://github.com/matrix-org/synapse/issues/7439), [\#7446](https://github.com/matrix-org/synapse/issues/7446), [\#7450](https://github.com/matrix-org/synapse/issues/7450), [\#7454](https://github.com/matrix-org/synapse/issues/7454)) - Admin API `POST /_synapse/admin/v1/join/<roomIdOrAlias>` to join users to a room like `auto_join_rooms` for creation of users. ([\#7051](https://github.com/matrix-org/synapse/issues/7051)) - Add options to prevent users from changing their profile or associated 3PIDs. ([\#7096](https://github.com/matrix-org/synapse/issues/7096)) - Support SSO in the user interactive authentication workflow. ([\#7102](https://github.com/matrix-org/synapse/issues/7102), [\#7186](https://github.com/matrix-org/synapse/issues/7186), [\#7279](https://github.com/matrix-org/synapse/issues/7279), [\#7343](https://github.com/matrix-org/synapse/issues/7343)) - Allow server admins to define and enforce a password policy ([MSC2000](https://github.com/matrix-org/matrix-doc/issues/2000)). ([\#7118](https://github.com/matrix-org/synapse/issues/7118)) - Improve the support for SSO authentication on the login fallback page. ([\#7152](https://github.com/matrix-org/synapse/issues/7152), [\#7235](https://github.com/matrix-org/synapse/issues/7235)) - Always whitelist the login fallback in the SSO configuration if `public_baseurl` is set. ([\#7153](https://github.com/matrix-org/synapse/issues/7153)) - Admin users are no longer required to be in a room to create an alias for it. ([\#7191](https://github.com/matrix-org/synapse/issues/7191)) - Require admin privileges to enable room encryption by default. This does not affect existing rooms. ([\#7230](https://github.com/matrix-org/synapse/issues/7230)) - Add a config option for specifying the value of the Accept-Language HTTP header when generating URL previews. ([\#7265](https://github.com/matrix-org/synapse/issues/7265)) - Allow `/requestToken` endpoints to hide the existence (or lack thereof) of 3PID associations on the homeserver. ([\#7315](https://github.com/matrix-org/synapse/issues/7315)) - Add a configuration setting to tweak the threshold for dummy events. ([\#7422](https://github.com/matrix-org/synapse/issues/7422)) Bugfixes -------- - Don't attempt to use an invalid sqlite config if no database configuration is provided. Contributed by @nekatak. ([\#6573](https://github.com/matrix-org/synapse/issues/6573)) - Fix single-sign on with CAS systems: pass the same service URL when requesting the CAS ticket and when calling the `proxyValidate` URL. Contributed by @Naugrimm. ([\#6634](https://github.com/matrix-org/synapse/issues/6634)) - Fix missing field `default` when fetching user-defined push rules. ([\#6639](https://github.com/matrix-org/synapse/issues/6639)) - Improve error responses when accessing remote public room lists. ([\#6899](https://github.com/matrix-org/synapse/issues/6899), [\#7368](https://github.com/matrix-org/synapse/issues/7368)) - Transfer alias mappings on room upgrade. ([\#6946](https://github.com/matrix-org/synapse/issues/6946)) - Ensure that a user interactive authentication session is tied to a single request. ([\#7068](https://github.com/matrix-org/synapse/issues/7068), [\#7455](https://github.com/matrix-org/synapse/issues/7455)) - Fix a bug in the federation API which could cause occasional "Failed to get PDU" errors. ([\#7089](https://github.com/matrix-org/synapse/issues/7089)) - Return the proper error (`M_BAD_ALIAS`) when a non-existant canonical alias is provided. ([\#7109](https://github.com/matrix-org/synapse/issues/7109)) - Fix a bug which meant that groups updates were not correctly replicated between workers. ([\#7117](https://github.com/matrix-org/synapse/issues/7117)) - Fix starting workers when federation sending not split out. ([\#7133](https://github.com/matrix-org/synapse/issues/7133)) - Ensure `is_verified` is a boolean in responses to `GET /_matrix/client/r0/room_keys/keys`. Also warn the user if they forgot the `version` query param. ([\#7150](https://github.com/matrix-org/synapse/issues/7150)) - Fix error page being shown when a custom SAML handler attempted to redirect when processing an auth response. ([\#7151](https://github.com/matrix-org/synapse/issues/7151)) - Avoid importing `sqlite3` when using the postgres backend. Contributed by David Vo. ([\#7155](https://github.com/matrix-org/synapse/issues/7155)) - Fix excessive CPU usage by `prune_old_outbound_device_pokes` job. ([\#7159](https://github.com/matrix-org/synapse/issues/7159)) - Fix a bug which could cause outbound federation traffic to stop working if a client uploaded an incorrect e2e device signature. ([\#7177](https://github.com/matrix-org/synapse/issues/7177)) - Fix a bug which could cause incorrect 'cyclic dependency' error. ([\#7178](https://github.com/matrix-org/synapse/issues/7178)) - Fix a bug that could cause a user to be invited to a server notices (aka System Alerts) room without any notice being sent. ([\#7199](https://github.com/matrix-org/synapse/issues/7199)) - Fix some worker-mode replication handling not being correctly recorded in CPU usage stats. ([\#7203](https://github.com/matrix-org/synapse/issues/7203)) - Do not allow a deactivated user to login via SSO. ([\#7240](https://github.com/matrix-org/synapse/issues/7240), [\#7259](https://github.com/matrix-org/synapse/issues/7259)) - Fix --help command-line argument. ([\#7249](https://github.com/matrix-org/synapse/issues/7249)) - Fix room publish permissions not being checked on room creation. ([\#7260](https://github.com/matrix-org/synapse/issues/7260)) - Reject unknown session IDs during user interactive authentication instead of silently creating a new session. ([\#7268](https://github.com/matrix-org/synapse/issues/7268)) - Fix a SQL query introduced in Synapse 1.12.0 which could cause large amounts of logging to the postgres slow-query log. ([\#7274](https://github.com/matrix-org/synapse/issues/7274)) - Persist user interactive authentication sessions across workers and Synapse restarts. ([\#7302](https://github.com/matrix-org/synapse/issues/7302)) - Fixed backwards compatibility logic of the first value of `trusted_third_party_id_servers` being used for `account_threepid_delegates.email`, which occurs when the former, deprecated option is set and the latter is not. ([\#7316](https://github.com/matrix-org/synapse/issues/7316)) - Fix a bug where event updates might not be sent over replication to worker processes after the stream falls behind. ([\#7337](https://github.com/matrix-org/synapse/issues/7337), [\#7358](https://github.com/matrix-org/synapse/issues/7358)) - Fix bad error handling that would cause Synapse to crash if it's provided with a YAML configuration file that's either empty or doesn't parse into a key-value map. ([\#7341](https://github.com/matrix-org/synapse/issues/7341)) - Fix incorrect metrics reporting for `renew_attestations` background task. ([\#7344](https://github.com/matrix-org/synapse/issues/7344)) - Prevent non-federating rooms from appearing in responses to federated `POST /publicRoom` requests when a filter was included. ([\#7367](https://github.com/matrix-org/synapse/issues/7367)) - Fix a bug which would cause the room durectory to be incorrectly populated if Synapse was upgraded directly from v1.2.1 or earlier to v1.4.0 or later. Note that this fix does not apply retrospectively; see the [upgrade notes](UPGRADE.rst#upgrading-to-v1130) for more information. ([\#7387](https://github.com/matrix-org/synapse/issues/7387)) - Fix bug in `EventContext.deserialize`. ([\#7393](https://github.com/matrix-org/synapse/issues/7393)) - Fix a long-standing bug which could cause messages not to be sent over federation, when state events with state keys matching user IDs (such as custom user statuses) were received. ([\#7376](https://github.com/matrix-org/synapse/issues/7376)) - Restore compatibility with non-compliant clients during the user interactive authentication process, fixing a problem introduced in v1.13.0rc1. ([\#7483](https://github.com/matrix-org/synapse/issues/7483)) - Hash passwords as early as possible during registration. ([\#7523](https://github.com/matrix-org/synapse/issues/7523)) Improved Documentation ---------------------- - Update Debian installation instructions to recommend installing the `virtualenv` package instead of `python3-virtualenv`. ([\#6892](https://github.com/matrix-org/synapse/issues/6892)) - Improve the documentation for database configuration. ([\#6988](https://github.com/matrix-org/synapse/issues/6988)) - Improve the documentation of application service configuration files. ([\#7091](https://github.com/matrix-org/synapse/issues/7091)) - Update pre-built package name for FreeBSD. ([\#7107](https://github.com/matrix-org/synapse/issues/7107)) - Update postgres docs with login troubleshooting information. ([\#7119](https://github.com/matrix-org/synapse/issues/7119)) - Clean up INSTALL.md a bit. ([\#7141](https://github.com/matrix-org/synapse/issues/7141)) - Add documentation for running a local CAS server for testing. ([\#7147](https://github.com/matrix-org/synapse/issues/7147)) - Improve README.md by being explicit about public IP recommendation for TURN relaying. ([\#7167](https://github.com/matrix-org/synapse/issues/7167)) - Fix a small typo in the `metrics_flags` config option. ([\#7171](https://github.com/matrix-org/synapse/issues/7171)) - Update the contributed documentation on managing synapse workers with systemd, and bring it into the core distribution. ([\#7234](https://github.com/matrix-org/synapse/issues/7234)) - Add documentation to the `password_providers` config option. Add known password provider implementations to docs. ([\#7238](https://github.com/matrix-org/synapse/issues/7238), [\#7248](https://github.com/matrix-org/synapse/issues/7248)) - Modify suggested nginx reverse proxy configuration to match Synapse's default file upload size. Contributed by @ProCycleDev. ([\#7251](https://github.com/matrix-org/synapse/issues/7251)) - Documentation of media_storage_providers options updated to avoid misunderstandings. Contributed by Tristan Lins. ([\#7272](https://github.com/matrix-org/synapse/issues/7272)) - Add documentation on monitoring workers with Prometheus. ([\#7357](https://github.com/matrix-org/synapse/issues/7357)) - Clarify endpoint usage in the users admin api documentation. ([\#7361](https://github.com/matrix-org/synapse/issues/7361)) Deprecations and Removals ------------------------- - Remove nonfunctional `captcha_bypass_secret` option from `homeserver.yaml`. ([\#7137](https://github.com/matrix-org/synapse/issues/7137)) Internal Changes ---------------- - Add benchmarks for LruCache. ([\#6446](https://github.com/matrix-org/synapse/issues/6446)) - Return total number of users and profile attributes in admin users endpoint. Contributed by Awesome Technologies Innovationslabor GmbH. ([\#6881](https://github.com/matrix-org/synapse/issues/6881)) - Change device list streams to have one row per ID. ([\#7010](https://github.com/matrix-org/synapse/issues/7010)) - Remove concept of a non-limited stream. ([\#7011](https://github.com/matrix-org/synapse/issues/7011)) - Move catchup of replication streams logic to worker. ([\#7024](https://github.com/matrix-org/synapse/issues/7024), [\#7195](https://github.com/matrix-org/synapse/issues/7195), [\#7226](https://github.com/matrix-org/synapse/issues/7226), [\#7239](https://github.com/matrix-org/synapse/issues/7239), [\#7286](https://github.com/matrix-org/synapse/issues/7286), [\#7290](https://github.com/matrix-org/synapse/issues/7290), [\#7318](https://github.com/matrix-org/synapse/issues/7318), [\#7326](https://github.com/matrix-org/synapse/issues/7326), [\#7378](https://github.com/matrix-org/synapse/issues/7378), [\#7421](https://github.com/matrix-org/synapse/issues/7421)) - Convert some of synapse.rest.media to async/await. ([\#7110](https://github.com/matrix-org/synapse/issues/7110), [\#7184](https://github.com/matrix-org/synapse/issues/7184), [\#7241](https://github.com/matrix-org/synapse/issues/7241)) - De-duplicate / remove unused REST code for login and auth. ([\#7115](https://github.com/matrix-org/synapse/issues/7115)) - Convert `*StreamRow` classes to inner classes. ([\#7116](https://github.com/matrix-org/synapse/issues/7116)) - Clean up some LoggingContext code. ([\#7120](https://github.com/matrix-org/synapse/issues/7120), [\#7181](https://github.com/matrix-org/synapse/issues/7181), [\#7183](https://github.com/matrix-org/synapse/issues/7183), [\#7408](https://github.com/matrix-org/synapse/issues/7408), [\#7426](https://github.com/matrix-org/synapse/issues/7426)) - Add explicit `instance_id` for USER_SYNC commands and remove implicit `conn_id` usage. ([\#7128](https://github.com/matrix-org/synapse/issues/7128)) - Refactored the CAS authentication logic to a separate class. ([\#7136](https://github.com/matrix-org/synapse/issues/7136)) - Run replication streamers on workers. ([\#7146](https://github.com/matrix-org/synapse/issues/7146)) - Add tests for outbound device pokes. ([\#7157](https://github.com/matrix-org/synapse/issues/7157)) - Fix device list update stream ids going backward. ([\#7158](https://github.com/matrix-org/synapse/issues/7158)) - Use `stream.current_token()` and remove `stream_positions()`. ([\#7172](https://github.com/matrix-org/synapse/issues/7172)) - Move client command handling out of TCP protocol. ([\#7185](https://github.com/matrix-org/synapse/issues/7185)) - Move server command handling out of TCP protocol. ([\#7187](https://github.com/matrix-org/synapse/issues/7187)) - Fix consistency of HTTP status codes reported in log lines. ([\#7188](https://github.com/matrix-org/synapse/issues/7188)) - Only run one background database update at a time. ([\#7190](https://github.com/matrix-org/synapse/issues/7190)) - Remove sent outbound device list pokes from the database. ([\#7192](https://github.com/matrix-org/synapse/issues/7192)) - Add a background database update job to clear out duplicate `device_lists_outbound_pokes`. ([\#7193](https://github.com/matrix-org/synapse/issues/7193)) - Remove some extraneous debugging log lines. ([\#7207](https://github.com/matrix-org/synapse/issues/7207)) - Add explicit Python build tooling as dependencies for the snapcraft build. ([\#7213](https://github.com/matrix-org/synapse/issues/7213)) - Add typing information to federation server code. ([\#7219](https://github.com/matrix-org/synapse/issues/7219)) - Extend room admin api (`GET /_synapse/admin/v1/rooms`) with additional attributes. ([\#7225](https://github.com/matrix-org/synapse/issues/7225)) - Unblacklist '/upgrade creates a new room' sytest for workers. ([\#7228](https://github.com/matrix-org/synapse/issues/7228)) - Remove redundant checks on `daemonize` from synctl. ([\#7233](https://github.com/matrix-org/synapse/issues/7233)) - Upgrade jQuery to v3.4.1 on fallback login/registration pages. ([\#7236](https://github.com/matrix-org/synapse/issues/7236)) - Change log line that told user to implement onLogin/onRegister fallback js functions to a warning, instead of an info, so it's more visible. ([\#7237](https://github.com/matrix-org/synapse/issues/7237)) - Correct the parameters of a test fixture. Contributed by Isaiah Singletary. ([\#7243](https://github.com/matrix-org/synapse/issues/7243)) - Convert auth handler to async/await. ([\#7261](https://github.com/matrix-org/synapse/issues/7261)) - Add some unit tests for replication. ([\#7278](https://github.com/matrix-org/synapse/issues/7278)) - Improve typing annotations in `synapse.replication.tcp.streams.Stream`. ([\#7291](https://github.com/matrix-org/synapse/issues/7291)) - Reduce log verbosity of url cache cleanup tasks. ([\#7295](https://github.com/matrix-org/synapse/issues/7295)) - Fix sample SAML Service Provider configuration. Contributed by @frcl. ([\#7300](https://github.com/matrix-org/synapse/issues/7300)) - Fix StreamChangeCache to work with multiple entities changing on the same stream id. ([\#7303](https://github.com/matrix-org/synapse/issues/7303)) - Fix an incorrect import in IdentityHandler. ([\#7319](https://github.com/matrix-org/synapse/issues/7319)) - Reduce logging verbosity for successful federation requests. ([\#7321](https://github.com/matrix-org/synapse/issues/7321)) - Convert some federation handler code to async/await. ([\#7338](https://github.com/matrix-org/synapse/issues/7338)) - Fix collation for postgres for unit tests. ([\#7359](https://github.com/matrix-org/synapse/issues/7359)) - Convert RegistrationWorkerStore.is_server_admin and dependent code to async/await. ([\#7363](https://github.com/matrix-org/synapse/issues/7363)) - Add an `instance_name` to `RDATA` and `POSITION` replication commands. ([\#7364](https://github.com/matrix-org/synapse/issues/7364)) - Thread through instance name to replication client. ([\#7369](https://github.com/matrix-org/synapse/issues/7369)) - Convert synapse.server_notices to async/await. ([\#7394](https://github.com/matrix-org/synapse/issues/7394)) - Convert synapse.notifier to async/await. ([\#7395](https://github.com/matrix-org/synapse/issues/7395)) - Fix issues with the Python package manifest. ([\#7404](https://github.com/matrix-org/synapse/issues/7404)) - Prevent methods in `synapse.handlers.auth` from polling the homeserver config every request. ([\#7420](https://github.com/matrix-org/synapse/issues/7420)) - Speed up fetching device lists changes when handling `/sync` requests. ([\#7423](https://github.com/matrix-org/synapse/issues/7423)) - Run group attestation renewal in series rather than parallel for performance. ([\#7442](https://github.com/matrix-org/synapse/issues/7442)) - Fix linting errors in new version of Flake8. ([\#7470](https://github.com/matrix-org/synapse/issues/7470)) - Update the version of dh-virtualenv we use to build debs, and add focal to the list of target distributions. ([\#7526](https://github.com/matrix-org/synapse/issues/7526))
| | * Update changelog based on feedback. v1.13.0 github/release-v1.13.0 release-v1.13.0Patrick Cloke2020-05-191-1/+1
| | |
| | * Move warnings in the changelog and re-iterate changes to branches.Patrick Cloke2020-05-191-18/+32
| | |
| | * 1.13.0Patrick Cloke2020-05-194-4/+16
| | |
| | * update dh-virtualenv (#7526)Richard van der Hoff2020-05-195-11/+11
| | |
* | | synctl warns when no process is stopped and avoids start (#6598)Romain Bouyé2020-05-192-3/+29
| | | | | | | | | | | | | | | | | | * If an error occurs when stopping a process synctl now logs a warning. * During a restart, synctl will avoid attempting to start Synapse if an error occurs during stopping Synapse.
* | | Improve API doc readability (#7527)Paul Tötterman2020-05-191-10/+11
| | |
* | | Omit displayname or avatar_url if they aren't set instead of returning null ↵Aaron Raimist2020-05-192-2/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | (#7497) Per https://github.com/matrix-org/matrix-doc/issues/1436#issuecomment-410089470 they should be omitted instead of returning null or "". They aren't marked as required in the spec. Fixes https://github.com/matrix-org/synapse/issues/7333 Signed-off-by: Aaron Raimist <aaron@raim.ist>
* | | Merge tag 'v1.13.0rc3' into developPatrick Cloke2020-05-185-32/+40
|\ \ \ | | |/ | |/| | | | | | | | | | | | | | | | Synapse 1.13.0rc3 (2020-05-18) Bugfixes: - Hash passwords as early as possible during registration. #7523
| * | 1.13.0rc3 v1.13.0rc3Patrick Cloke2020-05-183-2/+10
| | |
| * | Hash passwords earlier in the registration process (#7523)Patrick Cloke2020-05-184-31/+31
| | |
* | | Allow ReplicationRestResource to be added to workers (#7515)Erik Johnston2020-05-183-5/+13
| | | | | | | | | This allows workers to talk to each other over HTTP replication.
* | | Merge pull request #7519 from matrix-org/rav/kill_py2_codeRichard van der Hoff2020-05-1816-196/+48
|\ \ \ | | | | | | | | Kill off some old python 2 code
| * | | changelogRichard van der Hoff2020-05-151-0/+1
| | | |
| * | | remove miscellaneous PY2 codeRichard van der Hoff2020-05-156-67/+24
| | | |
| * | | remove `builtins.buffer` code from storage codeRichard van der Hoff2020-05-154-31/+5
| | | | | | | | | | | | | | | | this is no longer needed on python 3
| * | | remove redundant `__func__`Richard van der Hoff2020-05-152-13/+4
| | | | | | | | | | | | | | | | this is a no-op under python 3
| * | | remove to_asciiRichard van der Hoff2020-05-153-38/+12
| | | | | | | | | | | | | | | | this is a no-op on python 3.
| * | | Remove `exception_to_unicode`Richard van der Hoff2020-05-152-48/+3
| | | | | | | | | | | | | | | | this is a no-op on python 3.
* | | | fix mypy for tests/replication (#7518)Richard van der Hoff2020-05-184-14/+9
| | | |
* | | | Add type hints to room member handlers (#7513)Patrick Cloke2020-05-154-139/+176
| | | |
* | | | Fix limit logic for AccountDataStream (#7384)Richard van der Hoff2020-05-154-31/+217
| | | | | | | | | | | | | | | | | | | | | | | | Make sure that the AccountDataStream presents complete updates, in the right order. This is much the same fix as #7337 and #7358, but applied to a different stream.
* | | | Fix a couple of small typosAndrew Morgan2020-05-152-3/+3
| | | |
* | | | Support UI Authentication for OpenID Connect accounts (#7457)Patrick Cloke2020-05-156-41/+105
| | | |
* | | | Add a worker store for search insertion. (#7516)Erik Johnston2020-05-153-47/+52
| | | | | | | | | | | | | | | | | | | | This is required as both event persistence and the background update needs access to this function. It should be perfectly safe for two workers to write to that table at the same time.
* | | | Prevent 0-member/null room_version rooms from appearing in group room ↵Andrew Morgan2020-05-152-14/+79
| | | | | | | | | | | | | | | | queries (#7465)
* | | | Move event stream handling out of slave store. (#7491)Erik Johnston2020-05-158-116/+161
| | | | | | | | | | | | | | | | | | | | This allows us to have the logic on both master and workers, which is necessary to move event persistence off master. We also combine the instantiation of ID generators from DataStore and slave stores to the base worker stores. This allows us to select which process writes events independently of the master/worker splits.
* | | | Add type hints to event_auth code. (#7505)Patrick Cloke2020-05-153-32/+48
| | | |
* | | | Fix a small typo in the arguments of simple_update in ↵Andrew Morgan2020-05-152-1/+2
| | | | | | | | | | | | | | | | update_remote_profile_cache (#7511)
* | | | Formatting for reverse-proxy docs (#7514)Richard van der Hoff2020-05-152-68/+79
|/ / / | | | | | | also a small clarification to nginx
* | | Add Caddy 2 example (#7463)Jeff Peeler2020-05-152-1/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The specific headers that are passed using this new configuration format are Host and X-Forwarded-For, which should be all that's required. Note that for production another matcher should be added in the first section to properly handle the base_url lookup: reverse_proxy /.well-known/matrix/* http://localhost:8008 Signed-off-by: Jeff Peeler <jpeeler@gmail.com>
* | | Update the room member handler to use async/await. (#7507)Patrick Cloke2020-05-153-74/+59
| | |
* | | Implement room version 6 (MSC2240). (#7506)Patrick Cloke2020-05-155-41/+14
| | |
* | | Ignore incoming presence updates when presence is disabled (#7508)Andrew Morgan2020-05-152-2/+5
| | |
* | | Strictly enforce canonicaljson requirements in a new room version (#7381)Patrick Cloke2020-05-147-5/+137
| | |
* | | Merge branch 'master' into developRichard van der Hoff2020-05-149-65/+294
|\ \ \ | | |/ | |/|
| * | remove spurious changelog filesRichard van der Hoff2020-05-142-2/+0
| | | | | | | | | | | | | | | These PRs have gone straight to `master` and aren't really relevant to the release, so it doesn't make sense to have changelog entries for them.
| * | Notes on using git (#7496)Richard van der Hoff2020-05-145-58/+261
| | | | | | | | | | | | | | | | | | | | | * general updates to CONTRIBUTING.md * notes on updating your PR * Notes on squash-merging or otherwise * document git branching model
| * | Update reverse_proxy.mdRichard van der Hoff2020-05-051-4/+4
| | | | | | | | | a couple of cleanups
| * | Add a section about support to the top of the README (#7392)Brendan Abolivier2020-05-012-0/+12
| | | | | | | | | | | | | | | Continuation of #7379 Adds a section in the README telling people to go to #synapse:matrix.org instead of using github issues. I'm not entirely sure about placing it above the install section but then people are likely to first seek support when installing (if something goes boom), and it's probably better to have it as high as possible anyway so people actually see it.
| * | Make it clearer that #synapse:matrix.org is our support channel (#7379)Brendan Abolivier2020-05-014-3/+19
| | | | | | | | | | | | | | | | | | | | | This PR moves the "support is in #synapse:matrix.org" in the bug report template outside of the comment as some people seem to ignore what's in the comments, and phrase it a bit more like the support request template. It also adds a default issue template that says the same thing. It's also adding a notice about the security disclosure to both the default template and the bug report one. It also adds a badge to the top of the README with an alt text saying about the same message if the badge doesn't load (e.g. if matrix.org is slow). Fixes #6826
* | | Enforce MSC2209: auth rules for notifications in power level event (#7502)Patrick Cloke2020-05-144-3/+65
| | | | | | | | | | | | In a new room version, the "notifications" key of power level events are subject to restricted auth rules.
* | | Workaround for failure to wrap reason in Failure (#7473)Andrew Morgan2020-05-142-0/+8
| | |
* | | Fix b'GET' in prometheus metrics (#7503)Richard van der Hoff2020-05-142-2/+5
| | |
* | | Allow expired accounts to logout (#7443)Andrew Morgan2020-05-145-22/+140
| | |
* | | Move EventStream handling into default ReplicationDataHandler (#7493)Erik Johnston2020-05-145-36/+40
| | | | | | | | | This is so that the logic can happen on both master and workers when we move event persistence out.
* | | Add `instance_map` config and route replication calls (#7495)Erik Johnston2020-05-143-6/+33
| | |
* | | Merge tag 'v1.13.0rc2' into developRichard van der Hoff2020-05-147-68/+95
|\ \ \ | | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.13.0rc2 (2020-05-14) ============================== Bugfixes -------- - Fix a long-standing bug which could cause messages not to be sent over federation, when state events with state keys matching user IDs (such as custom user statuses) were received. ([\#7376](https://github.com/matrix-org/synapse/issues/7376)) - Restore compatibility with non-compliant clients during the user interactive authentication process, fixing a problem introduced in v1.13.0rc1. ([\#7483](https://github.com/matrix-org/synapse/issues/7483)) Internal Changes ---------------- - Fix linting errors in new version of Flake8. ([\#7470](https://github.com/matrix-org/synapse/issues/7470))
| * | 1.13.0rc2 v1.13.0rc2Richard van der Hoff2020-05-141-3/+2
| | |
| * | 1.13.0rc2Richard van der Hoff2020-05-145-4/+17
| | |
| * | Stop `get_joined_users` corruption from custom statuses (#7376)Richard van der Hoff2020-05-143-2/+52
| | | | | | | | | | | | | | | | | | | | | | | | Fix a bug where the `get_joined_users` cache could be corrupted by custom status events (or other state events with a state_key matching the user ID). The bug was introduced by #2229, but has largely gone unnoticed since then. Fixes #7099, #7373.
| * | Do not validate that the client dict is stable during UI Auth. (#7483)Patrick Cloke2020-05-134-65/+29
| | | | | | | | | | | | This backs out some of the validation for the client dictionary and logs if this changes during a user interactive authentication session instead.
| * | Fix new flake8 errors (#7489)Patrick Cloke2020-05-137-12/+19
| | | | | | | | | | | | This is a cherry-pick of 1a1da60ad2c9172fe487cd38a164b39df60f4cb5 (#7470) to the release-v1.13.0 branch.
* | | Allow censoring of events to happen on workers. (#7492)Erik Johnston2020-05-134-8/+4
| | | | | | | | | This is safe as we can now write to cache invalidation stream on workers, and is required for when we move event persistence off master.
* | | Fix copypasted comment (#7477)Paul Tötterman2020-05-132-1/+2
| | | | | | | | | Signed-off-by: Paul Tötterman <paul.totterman@iki.fi>
* | | Clean up replication unit tests. (#7490)Erik Johnston2020-05-138-51/+16
| | |
* | | SpellingErik Johnston2020-05-132-2/+2
| | |
* | | Shuffle persist event data store functions. (#7440)Erik Johnston2020-05-1319-1235/+1376
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The aim here is to get to a stage where we have a `PersistEventStore` that holds all the write methods used during event persistence, so that we can take that class out of the `DataStore` mixin and instansiate it separately. This will allow us to instansiate it on processes other than master, while also ensuring it is only available on processes that are configured to write to events stream. This is a bit of an architectural change, where we end up with multiple classes per data store (rather than one per data store we have now). We end up having: 1. Storage classes that provide high level APIs that can talk to multiple data stores. 2. Data store modules that consist of classes that must point at the same database instance. 3. Classes in a data store that can be instantiated on processes depending on config.
* | | Have all instances correctly respond to REPLICATE command. (#7475)Erik Johnston2020-05-134-48/+51
| | | | | | | | | | | | | | | Before all streams were only written to from master, so only master needed to respond to `REPLICATE` commands. Before all instances wrote to the cache invalidation stream, but didn't respond to `REPLICATE`. This was a bug, which could lead to missed rows from cache invalidation stream if an instance is restarted, however all the caches would be empty in that case so it wasn't a problem.
* | | Fix Redis reconnection logic (#7482)Erik Johnston2020-05-133-2/+15
| | | | | | | | | Proactively send out `POSITION` commands (as if we had just received a `REPLICATE`) when we connect to Redis. This is important as other instances won't notice we've connected to issue a `REPLICATE` command (unlike for direct TCP connections). This is only currently an issue if master process reconnects without restarting (if it restarts then it won't have written anything and so other instances probably won't have missed anything).
* | | Update documentation about SSO mapping providers (#7458)Patrick Cloke2020-05-123-77/+147
| | |
* | | Fix new flake8 errors (#7470)Erik Johnston2020-05-127-12/+19
| | |
* | | Convert federation handler to async/await. (#7459)Patrick Cloke2020-05-113-21/+17
| | |
* | | Convert search code to async/await. (#7460)Patrick Cloke2020-05-112-24/+21
| | |
* | | Allow configuration of Synapse's cache without using synctl or environment ↵Amber Brown2020-05-1132-146/+620
| | | | | | | | | | | | variables (#6391)
* | | Remove unused store method get_hosts_in_room (#7448)Andrew Morgan2020-05-112-10/+1
| | |
* | | Merge branch 'release-v1.13.0' into developAndrew Morgan2020-05-11150-320/+582
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * release-v1.13.0: Don't UPGRADE database rows RST indenting Put rollback instructions in upgrade notes Fix changelog typo Oh yeah, RST Absolute URL it is then Fix upgrade notes link Provide summary of upgrade issues in changelog. Fix ) Move next version notes from changelog to upgrade notes Changelog fixes 1.13.0rc1 Documentation on setting up redis (#7446) Rework UI Auth session validation for registration (#7455) Fix errors from malformed log line (#7454) Drop support for redis.dbid (#7450)
| * | Don't UPGRADE database rows v1.13.0rc1Andrew Morgan2020-05-111-1/+1
| | |
| * | RST indentingAndrew Morgan2020-05-111-2/+2
| | |
| * | Put rollback instructions in upgrade notesAndrew Morgan2020-05-111-0/+19
| | |
| * | Fix changelog typoAndrew Morgan2020-05-111-1/+1
| | |
| * | Oh yeah, RSTAndrew Morgan2020-05-111-2/+1
| | |
| * | Absolute URL it is thenAndrew Morgan2020-05-111-1/+2
| | |
| * | Fix upgrade notes linkAndrew Morgan2020-05-111-1/+1
| | |
| * | Provide summary of upgrade issues in changelog. Fix )Andrew Morgan2020-05-112-12/+33
| | |
| * | Move next version notes from changelog to upgrade notesAndrew Morgan2020-05-112-14/+15
| | |
| * | Changelog fixesAndrew Morgan2020-05-111-3/+3
| | |
| * | 1.13.0rc1Andrew Morgan2020-05-11144-143/+139
| | |
| * | Documentation on setting up redis (#7446)Neil Johnson2020-05-112-60/+108
| | |
| * | Rework UI Auth session validation for registration (#7455)Patrick Cloke2020-05-086-102/+280
| | | | | | | | | | | | Be less strict about validation of UI authentication sessions during registration to match client expecations.
| * | Fix errors from malformed log line (#7454)Richard van der Hoff2020-05-072-1/+2
| | |
| * | Drop support for redis.dbid (#7450)Richard van der Hoff2020-05-073-4/+2
| | | | | | | | | Since we only use pubsub, the dbid is irrelevant.
* | | Extend spam checker to allow for multiple modules (#7435)Andrew Morgan2020-05-086-60/+95
| | |
* | | Implement OpenID Connect-based login (#7256)Quentin Gliech2020-05-0821-12/+2163
| | |
* | | Add room details admin endpoint (#7317)Manuel Stahl2020-05-077-1/+165
| | |
* | | Merge branch 'release-v1.13.0' into developBrendan Abolivier2020-05-0710-18/+65
|\| |
| * | Add a configuration setting for the dummy event threshold (#7422)Brendan Abolivier2020-05-074-1/+31
| | | | | | | | | Add dummy_events_threshold which allows configuring the number of forward extremities a room needs for Synapse to send forward extremities in it.
| * | Improve per-block CPU and DB usage metrics (#7426)Patrick Cloke2020-05-062-12/+27
| | |
| * | Port group attestation renewal slow down from matrix-org-hotfixes (#7442)Andrew Morgan2020-05-062-4/+3
| | |
| * | Make redis go faster with hiredis (#7439)Richard van der Hoff2020-05-062-1/+4
| | | | | | | | | | | | | | | For the record, the reason we need this is as follows: each RDATA command comes down the redis pipe as a subscription message. txredisapi as written needs at least three reactor ticks to read each subscription message from the tcp buffer. Hence, once the process gets loaded, it starts getting behind, and eventually redis knifes the connection. it then takes ages for the master to work its way through the backlog, before it reconnects again, during which any commands from any workers are dropped.
* | | Fixes typo (bellow -> below) (#7449)Patrick Cloke2020-05-073-2/+3
| | |
* | | Add more type hints to SAML handler. (#7445)Patrick Cloke2020-05-073-12/+18
| | |
* | | Support any process writing to cache invalidation stream. (#7436)Erik Johnston2020-05-0726-231/+226
| | |
* | | Merge pull request #7398 from Starbix/alpine-3.11Brendan Abolivier2020-05-072-1/+2
|\ \ \ | | | | | | | | Update docker runtime image to Alpine v3.11
| * | | Update runtime docker image to Alpine v3.11Cédric Laubacher2020-05-032-1/+2
| | | |
* | | | Merge branch 'release-v1.13.0' into developRichard van der Hoff2020-05-0614-150/+264
|\ \ \ \ | | |/ / | |/| |
| * | | Stop Auth methods from polling the config on every req. (#7420)Andrew Morgan2020-05-067-106/+168
| | | |
| * | | Merge pull request #7423 from matrix-org/erikj/faster_device_lists_fetchErik Johnston2020-05-064-10/+26
| |\ \ \ | | | | | | | | | | Speed up fetching device lists changes in sync.
| | * \ \ Merge branch 'release-v1.13.0' into erikj/faster_device_lists_fetchRichard van der Hoff2020-05-0566-691/+847
| | |\ \ \
| | * | | | Update changelog.d/7423.miscRichard van der Hoff2020-05-051-1/+1
| | | | | |
| | * | | | NewsfileErik Johnston2020-05-051-0/+1
| | | | | |
| | * | | | Speed up fetching device lists changes in sync.Erik Johnston2020-05-053-10/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently we copy `users_who_share_room` needlessly about three times, which is expensive when the set is large (which it can easily be).
| * | | | | Merge pull request #7427 from matrix-org/rav/fix_dropped_messagesRichard van der Hoff2020-05-063-34/+70
| |\ \ \ \ \ | | | | | | | | | | | | | | Fix lost events on replication reconnection
| | * \ \ \ \ Merge branch 'release-v1.13.0' into rav/fix_dropped_messagesRichard van der Hoff2020-05-052-1/+2
| | |\ \ \ \ \ | | |/ / / / / | |/| | | | |
| | * | | | | Merge branch 'release-v1.13.0' into rav/fix_dropped_messagesRichard van der Hoff2020-05-0566-690/+847
| | |\ \ \ \ \ | | | | |/ / / | | | |/| | |
| | * | | | | changelogRichard van der Hoff2020-05-051-0/+1
| | | | | | |
| | * | | | | Wait for a POSITION on the right connection before accepting RDATARichard van der Hoff2020-05-052-19/+38
| | | | | | | | | | | | | | | | | | | | | | | | | | | | ... otherwise we can believe we're up to date when we're not.
| | * | | | | Wait to subscribe before sending REPLICATERichard van der Hoff2020-05-052-20/+35
| | | |/ / / | | |/| | |
* | | | | | Merge pull request #7428 from matrix-org/rav/cross_signing_keys_cacheRichard van der Hoff2020-05-062-77/+22
|\ \ \ \ \ \ | | | | | | | | | | | | | | Make get_e2e_cross_signing_key delegate to get_e2e_cross_signing_keys_bulk
| * | | | | | Make get_e2e_cross_signing_key delegate to get_e2e_cross_signing_keys_bulkRichard van der Hoff2020-05-062-54/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | ... mostly because the latter has a cache.
| * | | | | | Fix batching for fetching cross-signing keysRichard van der Hoff2020-05-061-23/+15
| |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | There's no point carefully dividing a list into batches, and then completely ignoring the batches.
* | | | | | Merge branch 'release-v1.13.0' into developRichard van der Hoff2020-05-068-9/+170
|\| | | | |
| * | | | | Move logs about discarded RDATA to debug (#7421)Brendan Abolivier2020-05-052-1/+2
| | |/ / / | |/| | |
| * | | | Add backwards compatibility codepath to LoggingContext. (#7408)Patrick Cloke2020-05-052-0/+42
| | | | |
| * | | | Fix bug in EventContext.deserialize. (#7393)Erik Johnston2020-05-054-8/+126
| | | | | | | | | | | | | | | | | | | | This caused `prev_state_ids` to be incorrect if the state event was not replacing an existing state entry.
* | | | | Merge pull request #7429 from matrix-org/rav/upsert_for_device_listRichard van der Hoff2020-05-064-48/+115
|\ \ \ \ \ | | | | | | | | | | | | use an upsert to update device_lists_outbound_last_success
| * \ \ \ \ Merge branch 'develop' into rav/upsert_for_device_listRichard van der Hoff2020-05-0674-777/+1242
| |\ \ \ \ \ | |/ / / / / |/| | | | |
* | | | | | Fix typing annotations in synapse/federation (#7382)Richard van der Hoff2020-05-054-21/+34
| | | | | | | | | | | | | | | | | | | | | | | | We're pretty close to having mypy working for `synapse.federation`, so let's finish the job.
* | | | | | Fix catchup-on-reconnect for the Federation Stream (#7374)Richard van der Hoff2020-05-0511-48/+158
| | | | | | | | | | | | | | | | | | | | | | | | looks like we managed to break this during the refactorathon.
* | | | | | Add MultiWriterIdGenerator. (#7281)Erik Johnston2020-05-044-2/+353
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This will be used to coordinate stream IDs across multiple writers. Functions as the equivalent of both `StreamIdGenerator` and `SlavedIdTracker`.
* | | | | | Merge branch 'release-v1.13.0' into developBrendan Abolivier2020-05-045-5/+14
|\ \ \ \ \ \ | | |/ / / / | |/| | | |
| * | | | | Fix ordering in MANIFEST.inBrendan Abolivier2020-05-041-6/+6
| | | | | |
| * | | | | Merge pull request #7404 from matrix-org/babolivier/fix_manifestBrendan Abolivier2020-05-042-3/+5
| |\ \ \ \ \ | | | | | | | | | | | | | | Fix MANIFEST.in
| | * | | | | Fix MANIFEST.inBrendan Abolivier2020-05-042-3/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | An update of check-manifest shone some light on some issues with MANIFEST.in, specifically that we didn't ignore/prune the contrib directory, and that we were using prune instead of exclude for files. This fixes both issues. Fixes #7403
| * | | | | | Fix redis password support. (#7401)Erik Johnston2020-05-043-0/+7
| | |_|_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | We forgot to set the password on the subscriber connection, as well as not calling super methods for overridden connectionMade/connectionLost functions.
* / | | | | Convert the room handler to async/await. (#7396)Patrick Cloke2020-05-042-24/+19
|/ / / / /
* | | | | Convert synapse.server_notices to async/await. (#7394)Patrick Cloke2020-05-013-11/+8
| | | | |
* | | | | Convert the synapse.notifier module to async/await. (#7395)Patrick Cloke2020-05-012-10/+8
| | | | |
* | | | | Wait for current_state_events_membership before populate_stats_process_rooms ↵Richard van der Hoff2020-05-013-1/+37
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (#7387) populate_stats_process_rooms was added in #5971 / v1.4.0; current_state_events_membership was added in #5706 / v1.3.0. Fixes #7380.
* | | | | Thread through instance name to replication client. (#7369)Erik Johnston2020-05-0112-41/+101
|/ / / / | | | | | | | | For in memory streams when fetching updates on workers we need to query the source of the stream, which currently is hard coded to be master. This PR threads through the source instance we received via `POSITION` through to the update function in each stream, which can then be passed to the replication client for in memory streams.
* | | | Use `stream.current_token()` and remove `stream_positions()` (#7172)Erik Johnston2020-05-0119-154/+30
| | | | | | | | | | | | | | | | We move the processing of typing and federation replication traffic into their handlers so that `Stream.current_token()` points to a valid token. This allows us to remove `get_streams_to_replicate()` and `stream_positions()`.
* | | | async/await is_server_admin (#7363)Andrew Morgan2020-05-0122-438/+410
| | | |
* | | | Further improvements to requesting the public rooms list on a homeserver ↵Andrew Morgan2020-05-013-23/+71
| |/ / |/| | | | | | | | which has it set to private (#7368)
| * | use an upsert to update device_lists_outbound_last_successRichard van der Hoff2020-05-064-18/+72
| | |
| * | Better type annotations for simple_upsert_txnRichard van der Hoff2020-05-061-30/+43
|/ / | | | | | | most of these params don't really need to be lists.
* | Workaround for assertion errors from db_query_to_update_function (#7378)Richard van der Hoff2020-05-012-2/+2
| | | | | | Hopefully this is no worse than what we have on master...
* | Persist user interactive authentication sessions (#7302)Patrick Cloke2020-04-3014-125/+434
| | | | | | | | | | By persisting the user interactive authentication sessions to the database, this fixes situations where a user hits different works throughout their auth session and also allows sessions to persist through restarts of Synapse.
* | Apply federation check for /publicRooms with filter list (#7367)Andrew Morgan2020-04-302-1/+6
| |