summary refs log tree commit diff
Commit message (Collapse)AuthorAgeFilesLines
* 1.0.0 v1.0.0Erik Johnston2019-06-116-4/+28
|
* Merge pull request #5424 from matrix-org/erikj/change_password_reset_linksErik Johnston2019-06-1112-32/+262
|\ | | | | Change password reset links to /_matrix.
| * Bump bleach version so that tests can run on old deps.Erik Johnston2019-06-115-25/+1
| |
| * NewsfileErik Johnston2019-06-111-0/+1
| |
| * Change password reset links to /_matrix.Erik Johnston2019-06-116-7/+260
| |
* | Neilj/improve federation docs (#5419)Neil Johnson2019-06-114-16/+106
|/ | | | Add FAQ questions to federate.md. Add a health warning making it clear that the 1711 upgrade FAQ is now out of date.
* 1.0.0rc3 v1.0.0rc3Erik Johnston2019-06-112-1/+7
|
* Fix defaults on checking threepidsErik Johnston2019-06-102-1/+2
|
* Merge pull request #5418 from matrix-org/erikj/fix_send_fed_with_limit_zeroErik Johnston2019-06-102-0/+5
|\ | | | | Fix bug sending federation transactions with lots of EDUs
| * Update changelog.d/5418.bugfixErik Johnston2019-06-101-1/+1
| | | | | | Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
| * NewsfileErik Johnston2019-06-101-0/+1
| |
| * Fix bug sending federation transactions with lots of EDUsErik Johnston2019-06-101-0/+4
| | | | | | | | | | | | If we try and send a transaction with lots of EDUs and we run out of space, we call get_new_device_msgs_for_remote with a limit of 0, which then failed.
* | 1.0.0rc2 v1.0.0rc2Erik Johnston2019-06-105-4/+12
| |
* | Merge pull request #5417 from matrix-org/rav/shared_ssl_contextErik Johnston2019-06-1010-182/+455
|\ \ | |/ |/| Share an SSL context object between SSL connections
| * fix ci on py2, againRichard van der Hoff2019-06-101-1/+1
| |
| * rename gutwrenched attrRichard van der Hoff2019-06-101-5/+9
| |
| * fix CI on python 2.7Richard van der Hoff2019-06-101-6/+4
| |
| * fix build failsRichard van der Hoff2019-06-102-1/+4
| |
| * Tests for SSL certs for federation connectionsRichard van der Hoff2019-06-106-106/+343
| | | | | | | | Add some tests for bad certificates for federation and .well-known connections
| * Fix federation connections to literal IP addressesRichard van der Hoff2019-06-102-6/+11
| | | | | | | | | | turns out we need a shiny version of service_identity to enforce this correctly.
| * clean up impl, and import idna directlyRichard van der Hoff2019-06-102-15/+12
| |
| * Share an SSL context object between SSL connectionsRichard van der Hoff2019-06-091-60/+89
| | | | | | | | This involves changing how the info callbacks work.
* | Merge branch 'erikj/fix_null_valid_until_ms' of ↵Erik Johnston2019-06-103-1/+58
|\ \ | | | | | | | | | github.com:matrix-org/synapse into release-v1.0.0
| * | NewsfileErik Johnston2019-06-101-0/+1
| | |
| * | Fix key verification when key stored with null valid_until_msErik Johnston2019-06-102-1/+57
| |/ | | | | | | | | | | | | | | | | | | Some keys are stored in the synapse database with a null valid_until_ms which caused an exception to be thrown when using that key. We fix this by treating nulls as zeroes, i.e. they keys will match verification requests with a minimum_valid_until_ms of zero (i.e. don't validate ts) but will not match requests with a non-zero minimum_valid_until_ms. Fixes #5391.
* / Improve startup checks for insecure notary configs (#5392)Richard van der Hoff2019-06-103-11/+24
|/ | | | | | | | | | | | | It's not really a problem to trust notary responses signed by the old key so long as we are also doing TLS validation. This commit adds a check to the config parsing code at startup to check that we do not have the insecure matrix.org key without tls validation, and refuses to start without it. This allows us to remove the rather alarming-looking warning which happens at runtime.
* 1.0.0rc1 v1.0.0rc1Neil Johnson2019-06-0781-83/+84
|
* Automatically retry builds when a buildkite agent is lost (#5380)Andrew Morgan2019-06-072-0/+67
| | | | | | | | | | | | Sometimes the build agents get lost or die (error codes -1 and 2). Retry automatically a maximum of 2 times if this happens. Error code reference: * -1: Agent was lost * 0: Build successful * 1: There was an error in your code * 2: The build stopped abruptly * 255: The build was cancelled
* Prevent multiple device list updates from breaking a batch send (#5156)Andrew Morgan2019-06-064-31/+196
| | | fixes #5153
* Set default room version to v4. (#5379)Neil Johnson2019-06-065-3/+11
| | | | Set default room version to v4.
* Merge pull request #5320 from matrix-org/hawkowl/full-schema-v1Erik Johnston2019-06-067-2/+2356
|\ | | | | Make a full SQL schema
| * fix maybeAmber H. Brown2019-06-071-20/+2
| |
| * just user dir?Amber H. Brown2019-06-071-1/+19
| |
| * remove background updates that arent neededAmber H. Brown2019-06-071-33/+1
| |
| * add more commentsAmber Brown2019-06-061-0/+5
| |
| * Merge remote-tracking branch 'origin/develop' into hawkowl/full-schema-v1Amber Brown2019-06-0445-329/+299
| |\
| * | add stuff in bg updatesAmber Brown2019-06-041-10/+62
| | |
| * | WHY IS THIS CALLED A SLIGHTLY DIFFERENT THINGAmber Brown2019-06-031-0/+1
| | |
| * | more fixAmber Brown2019-06-032-0/+4
| | |
| * | more fixAmber Brown2019-06-032-2/+38
| | |
| * | fix schemasAmber Brown2019-06-035-61/+22
| | |
| * | full schemaAmber Brown2019-06-033-0/+2315
| | |
| * | prepareAmber Brown2019-06-031-2/+14
| | |
* | | remove bloatNeil Johnson2019-06-061-10/+1
| | |
* | | Add ability to perform password reset via email without trusting the ↵Andrew Morgan2019-06-0620-71/+922
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | identity server (#5377) Sends password reset emails from the homeserver instead of proxying to the identity server. This is now the default behaviour for security reasons. If you wish to continue proxying password reset requests to the identity server you must now enable the email.trust_identity_server_for_password_resets option. This PR is a culmination of 3 smaller PRs which have each been separately reviewed: * #5308 * #5345 * #5368
* | | Stop hardcoding trust of old matrix.org key (#5374)Richard van der Hoff2019-06-066-95/+293
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There are a few changes going on here: * We make checking the signature on a key server response optional: if no verify_keys are specified, we trust to TLS to validate the connection. * We change the default config so that it does not require responses to be signed by the old key. * We replace the old 'perspectives' config with 'trusted_key_servers', which is also formatted slightly differently. * We emit a warning to the logs every time we trust a key server response signed by the old key.
* | | Neilj/1.0 upgrade notes (#5371)Neil Johnson2019-06-064-8/+79
| | | | | | | | | | | | 1.0 upgrade/install notes
* | | Regen sample config before kicking off agents (#5370)Andrew Morgan2019-06-062-2/+3
| | | | | | | | | | | | | | | | | | * Regen sample config before kicking off agents * Add changelog
* | | Fix missing logcontext for PresenceHandler.on_shutdown. (#5369)Richard van der Hoff2019-06-062-1/+8
| | | | | | | | | | | | Fixes some warnings, and a scary-looking stacktrace when sytest kills the process.
* | | Merge pull request #5221 from matrix-org/erikj/fix_worker_sytestErik Johnston2019-06-062-1/+12
|\ \ \ | | | | | | | | Fix get_max_topological_token to never return None
| * | | Better wordsErik Johnston2019-06-061-1/+1
| | | |
| * | | NewsfileErik Johnston2019-05-211-0/+1
| | | |
| * | | Fix get_max_topological_token to never return NoneErik Johnston2019-05-211-1/+11
| | | |
* | | | Merge pull request #5089 from dnaf/m-heroes-empty-room-nameBrendan Abolivier2019-06-062-5/+5
|\ \ \ \ | | | | | | | | | | Make /sync return heroes if room name or canonical alias are empty
| * | | | Add credit in the changelogBrendan Abolivier2019-06-062-1/+1
| | | | |
| * | | | Simplify conditionBrendan Abolivier2019-06-061-2/+2
| | | | |
| * | | | Simplify conditionBrendan Abolivier2019-06-051-3/+2
| | | | |
| * | | | Merge branch 'develop' into m-heroes-empty-room-nameBrendan Abolivier2019-06-05350-3583/+9622
| |\ \ \ \
| * | | | | LintKatie Wolfe2019-04-241-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I probably should've just run autopep8 in the first place... Signed-off-by: Katie Wolfe <katie@dnaf.moe>
| * | | | | Clean up codeKatie Wolfe2019-04-241-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Katie Wolfe <katie@dnaf.moe>
| * | | | | Show heroes if room name or canonical alias are emptyKatie Wolfe2019-04-241-3/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #4194 Signed-off-by: Katie Wolfe <katie@dnaf.moe>
| * | | | | Add full stop to 5084.bugfixKatie Wolfe2019-04-241-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Katie Wolfe <katie@dnaf.moe>
| * | | | | Add changelog.d/5084.bugfixKatie Wolfe2019-04-241-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Katie Wolfe <katie@dnaf.moe>
| * | | | | Show heroes if room name or canonical alias are emptyKatie Wolfe2019-04-241-5/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #4194 Signed-off-by: Katie Wolfe <katie@dnaf.moe>
* | | | | | Merge pull request #5359 from matrix-org/rav/enable_tls_verificationRichard van der Hoff2019-06-064-12/+19
|\ \ \ \ \ \ | | | | | | | | | | | | | | Validate federation server TLS certificates by default.
| * \ \ \ \ \ Merge branch 'rav/fix_custom_ca' into rav/enable_tls_verificationRichard van der Hoff2019-06-0528-43/+219
| |\ \ \ \ \ \
| * | | | | | | Update sample configRichard van der Hoff2019-06-051-4/+4
| | | | | | | |
| * | | | | | | Validate federation server TLS certificates by default.Richard van der Hoff2019-06-053-8/+15
| | | | | | | |
* | | | | | | | Merge pull request #5361 from matrix-org/rav/generate_signing_keyRichard van der Hoff2019-06-062-0/+38
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | add a script to generate new signing_key files
| * | | | | | | | add a script to generate new signing_key filesRichard van der Hoff2019-06-052-0/+38
| | | | | | | | |
* | | | | | | | | Merge pull request #5355 from matrix-org/babolivier/heroes_left_membersBrendan Abolivier2019-06-062-15/+20
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | Include left members in room summaries' heroes
| * | | | | | | | | Properly format the changelogBrendan Abolivier2019-06-051-1/+1
| | | | | | | | | |
| * | | | | | | | | ChangelogBrendan Abolivier2019-06-051-0/+1
| | | | | | | | | |
| * | | | | | | | | Do user_id != me checks before deciding whether we should pick heroes from ↵Brendan Abolivier2019-06-051-15/+19
| | |_|_|_|/ / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | the joined members or the parted ones
* | | | | | | | | Merge pull request #5354 from matrix-org/rav/server_keys/99-room-v5Richard van der Hoff2019-06-062-5/+7
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | Implement room v5 which enforces signing key validity
| * | | | | | | | | Implement room v5 which enforces signing key validityRichard van der Hoff2019-06-052-5/+7
| | |_|/ / / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Implements [MSC2077](https://github.com/matrix-org/matrix-doc/pull/2077) and fixes #5247 and #4364.
* | | | | | | | | Merge pull request #5353 from matrix-org/rav/verify_key_loggingRichard van der Hoff2019-06-066-56/+86
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | Associate a request_name with each verify request, for logging
| * | | | | | | | | Associate a request_name with each verify request, for loggingRichard van der Hoff2019-06-056-56/+86
| |/ / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also: * rename VerifyKeyRequest->VerifyJsonRequest * calculate key_ids on VerifyJsonRequest construction * refactor things to pass around VerifyJsonRequests instead of 4-tuples
* | | | | | | | | Merge pull request #5362 from matrix-org/rav/fix_custom_caRichard van der Hoff2019-06-052-1/+2
|\ \ \ \ \ \ \ \ \ | | |_|_|/ / / / / | |/| | | | | | | Fix `federation_custom_ca_list` configuration option.
| * | | | | | | | Fix `federation_custom_ca_list` configuration option.Richard van der Hoff2019-06-052-1/+2
|/ / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | Previously, setting this option would cause an exception at startup.
* | | | | | | | Neilj/add r0.5 to versions (#5360)Neil Johnson2019-06-052-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | * Update _matrix/client/versions to reference support for r0.5.0
* | | | | | | | Fix background updates to handle redactions/rejections (#5352)Erik Johnston2019-06-065-12/+117
| |_|/ / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Fix background updates to handle redactions/rejections In background updates based on current state delta stream we need to handle that we may not have all the events (or at least that `get_events` may raise an exception).
* | | | | | | Fix notes about well-known and acme (#5357)Richard van der Hoff2019-06-052-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | fixes #4951
* | | | | | | Merge pull request #5317 from matrix-org/erikj/make_do_auth_non_essentialErik Johnston2019-06-052-12/+47
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Fix handling of failures when calling /event_auth.
| * | | | | | | Add logging when request fails and clarify we ignore errors.Erik Johnston2019-06-051-4/+12
| | | | | | | |
| * | | | | | | NewsfileErik Johnston2019-06-031-0/+1
| | | | | | | |
| * | | | | | | Fix handling of failures when calling /event_auth.Erik Johnston2019-06-031-12/+38
| | |_|_|_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When processing an incoming event over federation, we may try and resolve any unexpected differences in auth events. This is a non-essential process and so should not stop the processing of the event if it fails (e.g. due to the remote disappearing or not implementing the necessary endpoints). Fixes #3330
* | | | | | | Neilj/changelog clean up (#5356)Neil Johnson2019-06-0512-12/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * group together key validity refactors
* | | | | | | Neilj/mau tracking config explainer (#5284)Neil Johnson2019-06-053-0/+33
| |/ / / / / |/| | | | | | | | | | | | | | | | | Improve documentation of monthly active user blocking and mau_trial_days
* | | | | | Add a test room version where we enforce key validity (#5348)Richard van der Hoff2019-06-053-22/+38
| |/ / / / |/| | | |
* | | | | Clean up debug logging (#5347)Richard van der Hoff2019-06-054-8/+20
| | | | | | | | | | | | | | | Remove some spurious stuff, clarify some other stuff
* | | | | Rename VerifyKeyRequest.deferred field (#5343)Richard van der Hoff2019-06-052-12/+13
| | | | | | | | | | | | | | | it's a bit confusing
* | | | | Call RetryLimiter correctly (#5340)Richard van der Hoff2019-06-042-1/+8
| | | | | | | | | | | | | | | Fixes a regression introduced in #5335.
* | | | | Fix failure to fetch batches of PDUs (#5342)Richard van der Hoff2019-06-042-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | FederationClient.get_pdu is called in a loop to fetch a batch of PDUs. A failure to fetch one should not result in a failure of the whole batch. Add the missing `continue`.
* | | | | Rename get_events->get_events_from_store_or_dest (#5344)Richard van der Hoff2019-06-042-20/+14
| | | | | | | | | | | | | | | | | | | | | | | | | We have too many things called get_event, and it's hard to figure out what we mean. Also remove some unused params from the signature, and add some logging.
* | | | | Merge pull request #5341 from matrix-org/babolivier/email_configBrendan Abolivier2019-06-042-42/+58
|\ \ \ \ \ | | | | | | | | | | | | Make account validity renewal emails work when email notifs are disabled
| * | | | | Only parse from email if providedBrendan Abolivier2019-06-041-4/+5
| | | | | |
| * | | | | LintBrendan Abolivier2019-06-041-1/+0
| | | | | |
| * | | | | Make account validity renewal emails work when email notifs are disabledBrendan Abolivier2019-06-042-42/+58
| | | | | |
* | | | | | Merge pull request #5324 from matrix-org/erikj/ignore_nullErik Johnston2019-06-042-0/+17
|\ \ \ \ \ \ | | | | | | | | | | | | | | Ignore room state with null bytes in for room stats
| * | | | | | FixErik Johnston2019-06-031-1/+2
| | | | | | |
| * | | | | | NewsfileErik Johnston2019-06-031-0/+1
| | | | | | |
| * | | | | | Ignore room state with null bytes in for room statsErik Johnston2019-06-031-0/+15
| | |_|_|_|/ | |/| | | |
* | | | | | Avoid rapidly backing-off a server if we ignore the retry interval (#5335)Richard van der Hoff2019-06-042-23/+38
|\ \ \ \ \ \
| * | | | | | Avoid rapidly backing-off a server if we ignore the retry intervalRichard van der Hoff2019-06-032-23/+38
| | | | | | |
* | | | | | | Don't do long retries when calling the key notary server. (#5334)Richard van der Hoff2019-06-042-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It takes at least 20 minutes to work through the long_retries schedule (11 attempts, each with a 60 second timeout, and 60 seconds between each request), so if the notary server isn't returning within the timeout, we'll just end up blocking whatever request is happening for 20 minutes. Ain't nobody got time for that.
* | | | | | | Merge pull request #5333 from ↵Richard van der Hoff2019-06-044-40/+66
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | matrix-org/rav/server_keys/09_improve_notary_server Fixes for the key-notary server
| * | | | | | | changelogRichard van der Hoff2019-06-041-0/+1
| | | | | | | |
| * | | | | | | Notary server: make requests to origins in parallelRichard van der Hoff2019-06-042-11/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ... else we're guaranteed to time out.
| * | | | | | | Don't bomb out on direct key fetches as soon as one failsRichard van der Hoff2019-06-042-29/+41
| | | | | | | |
| * | | | | | | Reduce timeout for outbound /key/v2/server requests.Richard van der Hoff2019-06-031-0/+13
| |/ / / / / /
* | | | | | | Improve docstrings on MatrixFederationClient. (#5332)Richard van der Hoff2019-06-042-16/+56
| | | | | | |
* | | | | | | Hawkowl/fix missing auth (#5328)Amber Brown2019-06-042-0/+2
|/ / / / / /
* | | | | | Enforce validity period on server_keys for fed requests. (#5321)Richard van der Hoff2019-06-036-88/+228
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When handling incoming federation requests, make sure that we have an up-to-date copy of the signing key. We do not yet enforce the validity period for event signatures.
* | | | | | Revert "Newsfile"Erik Johnston2019-06-031-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 4bd67db100efacc3d31a2f8187b7bdd4479d9bc3.
* | | | | | NewsfileErik Johnston2019-06-031-0/+1
|/ / / / /
* | | | | Merge pull request #5307 from ↵Richard van der Hoff2019-06-032-12/+3
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | matrix-org/rav/server_keys/07-fix-notary-cache-poison Stop overwriting server keys with other keys
| * | | | | Stop overwriting server keys with other keysRichard van der Hoff2019-05-312-12/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix a bug where we would discard a key result which the origin server is no longer returning. Fixes #5305.
* | | | | | Unify v1 and v2 REST client APIs (#5226)Amber Brown2019-06-0343-317/+296
| |_|/ / / |/| | | |
* | | | | Merge pull request #5309 from matrix-org/rav/limit_displayname_lengthRichard van der Hoff2019-06-014-2/+76
|\ \ \ \ \ | | | | | | | | | | | | Limit displaynames and avatar URLs
| * | | | | add some testsRichard van der Hoff2019-06-011-2/+60
| | | | | |
| * | | | | Limit displaynames and avatar URLsRichard van der Hoff2019-06-013-0/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | These end up in join events everywhere, so let's limit them. Fixes #5079
* | | | | | Merge pull request #5299 from matrix-org/rav/server_keys/05-rewrite-gsvk-againRichard van der Hoff2019-05-312-48/+54
|\ \ \ \ \ \ | | | | | | | | | | | | | | Rewrite get_server_verify_keys, again.
| * \ \ \ \ \ Merge remote-tracking branch 'origin/develop' into ↵Richard van der Hoff2019-05-3112-129/+147
| |\ \ \ \ \ \ | | | |/ / / / | | |/| | | | | | | | | | | rav/server_keys/05-rewrite-gsvk-again
| * | | | | | Rewrite get_server_verify_keys, again.Richard van der Hoff2019-05-302-48/+54
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Attempt to simplify the logic in get_server_verify_keys by splitting it into two methods.
* | | | | | | Merge pull request #5276 from matrix-org/babolivier/account_validity_job_deltaErik Johnston2019-05-315-9/+39
|\ \ \ \ \ \ \ | |_|/ / / / / |/| | | | | | Allow configuring a range for the account validity startup job
| * | | | | | Sample configBrendan Abolivier2019-05-311-1/+1
| | | | | | |
| * | | | | | Move delta from +10% to -10%Brendan Abolivier2019-05-313-5/+5
| | | | | | |
| * | | | | | Sample configBrendan Abolivier2019-05-311-8/+3
| | | | | | |
| * | | | | | Gah pythonBrendan Abolivier2019-05-311-1/+1
| | | | | | |
| * | | | | | Make max_delta equal to period * 10%Brendan Abolivier2019-05-313-32/+8
| | | | | | |
| * | | | | | TypoBrendan Abolivier2019-05-281-1/+1
| | | | | | |
| * | | | | | Config and changelogBrendan Abolivier2019-05-282-0/+8
| | | | | | |
| * | | | | | Allow configuring a range for the account validity startup jobBrendan Abolivier2019-05-283-2/+53
| | |_|/ / / | |/| | | | | | | | | | | | | | | | | | | | | | When enabling the account validity feature, Synapse will look at startup for registered account without an expiration date, and will set one equals to 'now + validity_period' for them. On large servers, it can mean that a large number of users will have the same expiration date, which means that they will all be sent a renewal email at the same time, which isn't ideal. In order to mitigate this, this PR allows server admins to define a 'max_delta' so that the expiration date is a random value in the [now + validity_period ; now + validity_period + max_delta] range. This allows renewal emails to be progressively sent over a configured period instead of being sent all in one big batch.
* | | | | | Merge pull request #5300 from ↵Richard van der Hoff2019-05-312-25/+9
|\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | matrix-org/rav/server_keys/06-fix-serverkeys-handling Remove some pointless exception handling
| * | | | | | Remove some pointless exception handlingRichard van der Hoff2019-05-302-25/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The verify_request deferred already returns a suitable SynapseError, so I don't really know what we expect to achieve by doing more wrapping, other than log spam. Fixes #4278.
* | | | | | | Merge pull request #5296 from ↵Richard van der Hoff2019-05-312-17/+22
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | matrix-org/rav/server_keys/04-use-attrs-for_verify-request use attr.s for VerifyKeyRequest
| * | | | | | use attr.s for VerifyKeyRequestRichard van der Hoff2019-05-302-17/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | because namedtuple is awful
* | | | | | | Merge pull request #5293 from Kagamihime/messages-federation-formatErik Johnston2019-05-312-0/+3
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Fix ignored filter field in `/messages` endpoint
| * | | | | | | Add changelogEisha Chen-yen-su2019-05-301-0/+1
| | | | | | | |
| * | | | | | | Fix ignored filter field in `/messages` endpointEisha Chen-yen-su2019-05-301-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes a bug which were causing the "event_format" field to be ignored in the filter of requests to the `/messages` endpoint of the CS API. Signed-off-by: Eisha Chen-yen-su <chenyensu0@gmail.com>
* | | | | | | | Merge pull request #5294 from matrix-org/erikj/speed_up_room_statsErik Johnston2019-05-315-87/+112
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | Speed up room stats background update
| * | | | | | | | NewsfileErik Johnston2019-05-311-0/+1
| | | | | | | | |
| * | | | | | | | Add indices. Remove room_ids accidentally addedErik Johnston2019-05-312-13/+56
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We have to do this by re-inserting a background update and recreating tables, as the tables only get created during a background update and will later be deleted. We also make sure that we remove any entries that should have been removed but weren't due to a race that has been fixed in a previous commit.
| * | | | | | | | Join against events to use its room_id indexErik Johnston2019-05-301-1/+6
| | | | | | | | |
| * | | | | | | | Move deletion from table inside txnErik Johnston2019-05-301-2/+5
| | | | | | | | |
| * | | | | | | | Fetch membership counts all at onceErik Johnston2019-05-302-38/+18
| | | | | | | | |
| * | | | | | | | Get events all at onceErik Johnston2019-05-301-33/+26
| | | | | | | | |
* | | | | | | | | Clarify that the admin change password endpoint logs them out (#5303)Travis Ralston2019-05-312-1/+2
| |_|_|_|/ / / / |/| | | | | | |
* | | | | | | | Merge branch 'master' into developErik Johnston2019-05-303-3/+17
|\ \ \ \ \ \ \ \ | |_|/ / / / / / |/| | | | | | |
| * | | | | | | 0.99.5.2 v0.99.5.2 github/release-v0.99.5 release-v0.99.5Erik Johnston2019-05-306-4/+16
| | | | | | | |
| * | | | | | | fix changelog for 0.99.5.1 (#5270)Richard van der Hoff2019-05-301-2/+1
| | | | | | | |
| * | | | | | | NewsfileErik Johnston2019-05-301-0/+1
| | | | | | | |
| * | | | | | | Add index to temp tableErik Johnston2019-05-301-0/+1
| | | | | | | |
| * | | | | | | Update synapse/storage/events_bg_updates.pyErik Johnston2019-05-301-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
| * | | | | | | Rename constantErik Johnston2019-05-301-3/+3
| | | | | | | |
| * | | | | | | Move event background updates to a separate fileErik Johnston2019-05-303-369/+405
| | | | | | | |
| * | | | | | | Fixup comments and loggingErik Johnston2019-05-302-9/+15
| | | | | | | |
| * | | | | | | NewsfileErik Johnston2019-05-301-0/+1
| | | | | | | |
| * | | | | | | Add testErik Johnston2019-05-301-0/+248
| | | | | | | |
| * | | | | | | Log actual number of entries deletedErik Johnston2019-05-302-5/+13
| | | | | | | |
| * | | | | | | Add DB bg update to cleanup extremities.Erik Johnston2019-05-302-0/+205
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Due to #5269 we may have extremities in our DB that we shouldn't have, so lets add a cleanup task such to remove those.
| * | | | | | | Correctly filter out extremities with soft failed prevs (#5274)Erik Johnston2019-05-302-3/+80
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we receive a soft failed event we, correctly, *do not* update the forward extremity table with the event. However, if we later receive an event that references the soft failed event we then need to remove the soft failed events prev events from the forward extremities table, otherwise we just build up forward extremities. Fixes #5269
* | | | | | | | Merge pull request #5291 from matrix-org/erikj/add_indexErik Johnston2019-05-302-0/+2
|\ \ \ \ \ \ \ \ | |_|/ / / / / / |/| | | | | | | Add index to temp bg update extremity table
| * | | | | | | NewsfileErik Johnston2019-05-301-0/+1
| | | | | | | |
| * | | | | | | Add index to temp tableErik Johnston2019-05-301-0/+1
|/ / / / / / /
* | | | | | | Merge pull request #5278 from matrix-org/erikj/cleanup_bad_extremitiesErik Johnston2019-05-307-181/+685
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Add DB bg update to cleanup extremities.
| * | | | | | | Update synapse/storage/events_bg_updates.pyErik Johnston2019-05-301-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
| * | | | | | | Rename constantErik Johnston2019-05-301-3/+3
| | | | | | | |
| * | | | | | | Move event background updates to a separate fileErik Johnston2019-05-303-369/+405
| | | | | | | |
| * | | | | | | Fixup comments and loggingErik Johnston2019-05-302-9/+15
| | | | | | | |
| * | | | | | | NewsfileErik Johnston2019-05-291-0/+1
| | | | | | | |
| * | | | | | | Add testErik Johnston2019-05-291-0/+248
| | | | | | | |
| * | | | | | | Log actual number of entries deletedErik Johnston2019-05-292-5/+13
| | | | | | | |
| * | | | | | | Add DB bg update to cleanup extremities.Erik Johnston2019-05-292-0/+205
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Due to #5269 we may have extremities in our DB that we shouldn't have, so lets add a cleanup task such to remove those.
* | | | | | | | Merge pull request #5256 from aaronraimist/logout-correct-errorErik Johnston2019-05-302-18/+10
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | Show correct error when logging out and access token is missing
| * | | | | | | | LintAaron Raimist2019-05-291-2/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Aaron Raimist <aaron@raim.ist>
| * | | | | | | | Get rid of try exceptAaron Raimist2019-05-271-16/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Aaron Raimist <aaron@raim.ist>
| * | | | | | | | Add changelogAaron Raimist2019-05-251-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Aaron Raimist <aaron@raim.ist>
| * | | | | | | | Show correct error when logging out and access token is missingAaron Raimist2019-05-241-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Aaron Raimist <aaron@raim.ist>
* | | | | | | | | Remove spurious debug from MatrixFederationHttpClient.get_json (#5287) v0.99.5.1.dev0Richard van der Hoff2019-05-292-4/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | This is just unhelpful spam
* | | | | | | | | Improve logging for logcontext leaks. (#5288)Richard van der Hoff2019-05-292-9/+14
| | | | | | | | |
* | | | | | | | | Merge pull request #5283 from aaronraimist/captcha-docsErik Johnston2019-05-292-0/+2
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | Specify the type of reCAPTCHA key to use (#5013)
| * | | | | | | | | Add changelogAaron Raimist2019-05-281-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Aaron Raimist <aaron@raim.ist>
| * | | | | | | | | Specify the type of reCAPTCHA key to use (#5013)Aaron Raimist2019-05-281-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Aaron Raimist <aaron@raim.ist>
* | | | | | | | | | Implement the SHHS complexity API (#5216)Amber Brown2019-05-306-5/+180
| | | | | | | | | |
* | | | | | | | | | Serve CAS login over r0 (#5286)Amber Brown2019-05-302-2/+3
| | | | | | | | | |
* | | | | | | | | | Fix error when downloading thumbnail with width/height param missing (#5258)Aaron Raimist2019-05-292-2/+3
| |_|/ / / / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix error when downloading thumbnail with width/height param missing Fixes #2748 Signed-off-by: Aaron Raimist <aaron@raim.ist>
* | | | | | | | | Correctly filter out extremities with soft failed prevs (#5274)Erik Johnston2019-05-292-3/+80
| |_|_|/ / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we receive a soft failed event we, correctly, *do not* update the forward extremity table with the event. However, if we later receive an event that references the soft failed event we then need to remove the soft failed events prev events from the forward extremities table, otherwise we just build up forward extremities. Fixes #5269
* | | | | | | | Fix dropped logcontexts during high outbound traffic. (#5277)Richard van der Hoff2019-05-292-7/+14
| | | | | | | | | | | | | | | | | | | | | | | | Fixes #5271.
* | | | | | | | Merge pull request #5282 from aaronraimist/user-directoryAmber Brown2019-05-294-13/+10
|\ \ \ \ \ \ \ \ | |/ / / / / / / |/| | | | | | | Fix docs on resetting the user directory (#5036)
| * | | | | | | regenerate sample configAmber Brown2019-05-291-3/+3
| | | | | | | |
| * | | | | | | Rename 5282.misc to 5282.docAmber Brown2019-05-291-0/+0
| | | | | | | |
| * | | | | | | Add changelogAaron Raimist2019-05-281-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Aaron Raimist <aaron@raim.ist>
| * | | | | | | Fix docs on resetting the user directory (#5036)Aaron Raimist2019-05-282-10/+6
|/ / / / / / / | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Aaron Raimist <aaron@raim.ist>
* | | | | | | Merge pull request #5251 from matrix-org/rav/server_keys/01-check_sigRichard van der Hoff2019-05-283-50/+168
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Ensure that server_keys fetched via a notary server are correctly signed.
| * | | | | | | changelogRichard van der Hoff2019-05-241-0/+1
| | | | | | | |
| * | | | | | | Improve error handling/logging for perspectives-key fetching.Richard van der Hoff2019-05-241-28/+77
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In particular, don't give up on the first failure.
| * | | | | | | Require sig from origin server on perspectives responsesRichard van der Hoff2019-05-232-22/+90
| | | | | | | |
* | | | | | | | Fix "db txn 'update_presence' from sentinel context" log messages (#5275)Richard van der Hoff2019-05-282-52/+48
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #4414.
* | | | | | | | Merge pull request #5268 from matrix-org/babolivier/account_validity_fix_schemaBrendan Abolivier2019-05-282-0/+4
|\ \ \ \ \ \ \ \ | | |_|_|/ / / / | |/| | | | | | Fix schema update for account validity
| * | | | | | | ChangelogBrendan Abolivier2019-05-281-0/+1
| | | | | | | |
| * | | | | | | Fix schema update for account validityBrendan Abolivier2019-05-281-0/+3
| | | | | | | |
* | | | | | | | Merge pull request #5260 from matrix-org/travis/fix-room-bg-taskErik Johnston2019-05-252-1/+2
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | Fix logging for room stats background update
| * | | | | | | | ChangelogTravis Ralston2019-05-251-0/+1
| | | | | | | | |
| * | | | | | | | Fix logging for room stats background updateTravis Ralston2019-05-251-1/+1
| | | | | | | | |
* | | | | | | | | Merge pull request #5257 from aaronraimist/fix-error-code-publicroomsErik Johnston2019-05-252-1/+2
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | Fix error code for invalid parameter
| * | | | | | | | | Add changelogAaron Raimist2019-05-241-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Aaron Raimist <aaron@raim.ist>
| * | | | | | | | | Fix error code for invalid parameterAaron Raimist2019-05-241-1/+1
| | |_|_|/ / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Aaron Raimist <aaron@raim.ist>
* / | | | | | | | Simplification to Keyring.wait_for_previous_lookups. (#5250)Richard van der Hoff2019-05-243-9/+7
|/ / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The list of server names was redundant, since it was equivalent to the keys on the server_to_deferred map. This reduces the number of large lists being passed around, and has the benefit of deduplicating the entries in `wait_on`.
* | | | | | | | Fix appservice timestamp massaging (#5233)Tulir Asokan2019-05-242-1/+7
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Tulir Asokan <tulir@maunium.net>
* | | | | | | | Add missing blank line in config (#5249)Richard van der Hoff2019-05-243-0/+3
| | | | | | | |
* | | | | | | | Merge pull request #5220 from matrix-org/erikj/dont_bundle_live_eventsErik Johnston2019-05-245-2/+13
|\ \ \ \ \ \ \ \ | |/ / / / / / / |/| | | | | | | Don't bundle aggregations with events in /sync or /events or state queries
| * | | | | | | Don't bundle aggs for /state and /members etc APIsErik Johnston2019-05-241-0/+3
| | | | | | | |
| * | | | | | | NewsfileErik Johnston2019-05-211-0/+1
| | | | | | | |
| * | | | | | | Don't bundle events in /sync or /eventsErik Johnston2019-05-213-2/+9
| | |_|_|_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | As we'll send down the annotations too anyway, so this just ends up confusing clients.
* | | | | | | Merge pull request #5244 from matrix-org/rav/server_keys/00-factor-out-fetchersErik Johnston2019-05-234-149/+207
|\ \ \ \ \ \ \ | | |_|/ / / / | |/| | | | | Factor out KeyFetchers from KeyRing
| * | | | | | Fix remote_key_resourceRichard van der Hoff2019-05-231-3/+3
| | | | | | |
| * | | | | | Factor out KeyFetchers from KeyRingRichard van der Hoff2019-05-233-146/+204
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Rather than have three methods which have to have the same interface, factor out a separate interface which is provided by three implementations. I find it easier to grok the code this way.
* | | | | | | Add config option for setting homeserver's default room version (#5223)Andrew Morgan2019-05-237-10/+57
|/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | Replaces DEFAULT_ROOM_VERSION constant with a method that first checks the config, then returns a hardcoded value if the option is not present. That hardcoded value is now located in the server.py config file.
* | | | | | Store key validity time in the storage layerRichard van der Hoff2019-05-236-46/+122
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a first step to checking that the key is valid at the required moment. The idea here is that, rather than passing VerifyKey objects in and out of the storage layer, we instead pass FetchKeyResult objects, which simply wrap the VerifyKey and add a valid_until_ts field.
* | | | | | Simplify process_v2_response (#5236)Richard van der Hoff2019-05-232-21/+30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Pass time_added_ms into process_v2_response * Simplify process_v2_response We can merge old_verify_keys into verify_keys, and reduce the number of dicts flying around.
* | | | | | Remove unused VerifyKey.expired and .time_added fields (#5235)Richard van der Hoff2019-05-232-3/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | These were never used, and poking arbitary data into objects from other packages seems confusing at best.
* | | | | | Rewrite store_server_verify_key to store several keys at once (#5234)Richard van der Hoff2019-05-235-87/+96
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Storing server keys hammered the database a bit. This replaces the implementation which stored a single key, with one which can do many updates at once.
* | | | | | Simplifications and comments in do_auth (#5227)Richard van der Hoff2019-05-233-121/+183
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I was staring at this function trying to figure out wtf it was actually doing. This is (hopefully) a non-functional refactor which makes it a bit clearer.
* | | | | | Run black on synapse.crypto.keyring (#5232)Richard van der Hoff2019-05-222-149/+138
| | | | | |
* | | | | | Merge branch 'master' into developNeil Johnson2019-05-223-3/+11
|\ \ \ \ \ \ | | |_|/ / / | |/| | | |
| * | | | | 0.99.5.1 v0.99.5.1Neil Johnson2019-05-223-3/+11
| | | | | |
| * | | | | Revert "0.99.5"Neil Johnson2019-05-223-11/+3
| | | | | | | | | | | | | | | | | | | | | | | | This reverts commit c31e375ade1b59a7fe38628337e9e1aa3de91feb.
| * | | | | 0.99.5Neil Johnson2019-05-223-3/+11
| | | | | |
* | | | | | remove urllib3 pin (#5230)Marcus Hoffmann2019-05-222-8/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | requests 2.22.0 as been released supporting urllib3 1.25.2 Signed-off-by: Marcus Hoffmann <bubu@bubu1.eu>
* | | | | | Merge branch 'master' into developNeil Johnson2019-05-223-1/+11
|\| | | | |
| * | | | | 0.99.5 v0.99.5Neil Johnson2019-05-223-1/+11
| | |_|/ / | |/| | |
* | | | | Neilj/ensure get profileinfo available in client reader slaved store (#5213)Neil Johnson2019-05-222-0/+3
| | | | | | | | | | | | | | | * expose SlavedProfileStore to ClientReaderSlavedStore
* | | | | Update README.md (#5222)Steffen2019-05-221-1/+1
| | | | | | | | | | | | | | | Add missing backslash
* | | | | Merge branch 'master' into developRichard van der Hoff2019-05-2228-27/+40
|\| | | |
| * | | | update changelog v0.99.5rc1Richard van der Hoff2019-05-213-3/+1
| | | | |
| * | | | Merge commit 'f4c80d70f' into release-v0.99.5Richard van der Hoff2019-05-215-6/+89
| |\ \ \ \
| * | | | | Fix spelling in changelogRichard van der Hoff2019-05-211-1/+1
| | | | | |
| * | | | | 0.99.5rc1Richard van der Hoff2019-05-2126-25/+40
| | | | | |
* | | | | | Room Statistics (#4338)Amber Brown2019-05-2115-13/+1306
| |/ / / / |/| | | |
* | | | | Merge pull request #5203 from matrix-org/erikj/aggregate_by_senderErik Johnston2019-05-212-1/+2
|\ \ \ \ \ | | | | | | | | | | | | Only count aggregations from distinct senders
| * | | | | NewsfileErik Johnston2019-05-211-0/+1
| | | | | |
| * | | | | Only count aggregations from distinct sendersErik Johnston2019-05-171-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | As a user isn't allowed to send a single emoji more than once.
* | | | | | Merge pull request #5212 from matrix-org/erikj/deny_multiple_reactionsErik Johnston2019-05-214-5/+87
|\ \ \ \ \ \ | |_|/ / / / |/| | | | | Block attempts to annotate the same event twice
| * | | | | Fix wordsErik Johnston2019-05-211-3/+3
| | | | | |
| * | | | | NewsfileErik Johnston2019-05-201-0/+1
| | | | | |
| * | | | | Block attempts to annotate the same event twiceErik Johnston2019-05-203-5/+86
| | | | | |
* | | | | | Introduce room v4 which updates event ID format. (#5217)Richard van der Hoff2019-05-213-5/+6
| | | | | | | | | | | | | | | | | | Implements https://github.com/matrix-org/matrix-doc/pull/2002.
* | | | | | Exclude soft-failed events from fwd-extremity candidates. (#5146)Richard van der Hoff2019-05-213-3/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When considering the candidates to be forward-extremities, we must exclude soft failures. Hopefully fixes #5090.