summary refs log tree commit diff
Commit message (Collapse)AuthorAgeFilesLines
* ChangelogBrendan Abolivier2019-10-021-0/+1
|
* LintBrendan Abolivier2019-10-021-1/+3
|
* Don't 500 code when trying to exchange a revoked 3PID inviteBrendan Abolivier2019-10-021-2/+13
| | | | | | | | While this is not documented in the spec (but should be), Riot (and other clients) revoke 3PID invites by sending a m.room.third_party_invite event with an empty ({}) content to the room's state. When the invited 3PID gets associated with a MXID, the identity server (which doesn't know about revocations) sends down to the MXID's homeserver all of the undelivered invites it has for this 3PID. The homeserver then tries to talk to the inviting homeserver in order to exchange these invite for m.room.member events. When one of the invite is revoked, the inviting homeserver responds with a 500 error because it tries to extract a 'display_name' property from the content, which is empty. This might cause the invited server to consider that the server is down and not try to exchange other, valid invites (or at least delay it). This fix handles the case of revoked invites by avoiding trying to fetch a 'display_name' from the original invite's content, and letting the m.room.member event fail the auth rules (because, since the original invite's content is empty, it doesn't have public keys), which results in sending a 403 with the correct error message to the invited server.
* Merge branch 'erikj/fixup_devices_last_seen_query' of ↵Erik Johnston2019-10-018-11/+60
|\ | | | | | | github.com:matrix-org/synapse into develop
| * NewsfileErik Johnston2019-09-301-0/+1
| |
| * Fix `devices_last_seen` background update.Erik Johnston2019-09-303-7/+54
| | | | | | | | Fixes #6134.
| * Merge pull request #6117 from matrix-org/erikj/fix_sample_configErik Johnston2019-09-263-2/+3
| |\ | | | | | | Fix 'redaction_retention_period' sampel config to match guidelines
| | * NewsfileErik Johnston2019-09-261-0/+1
| | |
| | * Fix 'redaction_retention_period' sampel config to match guidelinesErik Johnston2019-09-262-2/+2
| |/
| * s/month/week/ to match configNeil Johnson2019-09-261-1/+1
| |
| * Update CHANGES.mdRichard van der Hoff2019-09-261-1/+1
| | | | | | formatting tweak
* | Drop unused tables (#6115)Richard van der Hoff2019-09-302-0/+21
| | | | | | | | | | | | These tables are unused since #5893 (as amended by #6047), so we can now drop them. Fixes #6048.
* | Edit SimpleHttpClient to reference that header keys can be passed as str or ↵Andrew Morgan2019-09-272-6/+7
| | | | | | | | bytes (#6077)
* | Merge pull request #6125 from matrix-org/babolivier/deactivation-inviteBrendan Abolivier2019-09-273-14/+92
|\ \ | | | | | | Reject pending invites on deactivation
| * | Incorporate reviewBrendan Abolivier2019-09-271-4/+2
| | |
| * | Update synapse/handlers/deactivate_account.pyBrendan Abolivier2019-09-271-1/+3
| | | | | | | | | Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
| * | Update synapse/handlers/deactivate_account.pyBrendan Abolivier2019-09-271-1/+1
| | | | | | | | | Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
| * | Update changelog.d/6125.featureBrendan Abolivier2019-09-271-1/+1
| | | | | | | | | Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
| * | okBrendan Abolivier2019-09-271-1/+3
| | |
| * | LintBrendan Abolivier2019-09-272-10/+2
| | |
| * | ChangelogBrendan Abolivier2019-09-271-0/+1
| | |
| * | Add test to validate the changeBrendan Abolivier2019-09-271-13/+57
| | |
| * | Fixup and add some loggingBrendan Abolivier2019-09-271-1/+9
| | |
| * | Reject pending invites on deactivationBrendan Abolivier2019-09-271-0/+31
|/ /
* | Move lookup-related functions from RoomMemberHandler to IdentityHandler (#5978)Andrew Morgan2019-09-273-364/+360
| | | | | | Just to have all the methods that make calls to identity services in one place.
* | Merge pull request #6108 from matrix-org/erikj/remove_get_user_by_req-spanErik Johnston2019-09-273-1/+22
|\ \ | | | | | | Add some helpful opentracing tags and remove get_user_by_req span
| * | isortErik Johnston2019-09-251-1/+1
| | |
| * | Add device and appservice tagsErik Johnston2019-09-251-0/+3
| | |
| * | NewsfileErik Johnston2019-09-251-0/+1
| | |
| * | Add tags for event_id and txn_id in event sendingErik Johnston2019-09-251-0/+18
| | | | | | | | | | | | This will make it easier to search for sending event requests.
| * | Don't create new span for get_user_by_reqErik Johnston2019-09-251-1/+0
| | | | | | | | | | | | | | | | | | We don't actually care about what happens in `get_user_by_req` and having it as a separate span means that the entity tag isn't added to the servlet spans, making it harder to search.
* | | Kill off half-implemented password-reset via sms (#6101)Richard van der Hoff2019-09-262-64/+2
| |/ |/| | | | | | | | | | | Doing a password reset via SMS has never worked, and in any case is a silly idea because msisdn recycling is a thing. See also matrix-org/matrix-doc#2303.
* | more changelog updates v1.4.0rc1Richard van der Hoff2019-09-261-7/+7
| |
* | Changelog formattingRichard van der Hoff2019-09-261-2/+1
| |
* | changelogRichard van der Hoff2019-09-26132-132/+156
| |
* | Explicitly log when a homeserver does not have a trusted key server ↵Neil Johnson2019-09-264-16/+63
| | | | | | | | configured (#6090)
* | Merge commit '1b23f991a' into release-v1.4.0Richard van der Hoff2019-09-262-42/+152
|\ \
| * | Clarify upgrade notes ahead of 1.4.0 releaseNeil Johnson2019-09-262-42/+152
| | |
* | | bump versionRichard van der Hoff2019-09-261-1/+1
|/ /
* | Fix dummy event insertion consent bug (#6053)Neil Johnson2019-09-265-39/+266
| | | | | | Fixes #5905
* | Merge pull request #6098 from matrix-org/erikj/cleanup_user_ips_2Erik Johnston2019-09-267-11/+197
|\ \ | | | | | | Prune old rows in user_ips tables.
| * | Update comments and docstringRichard van der Hoff2019-09-251-4/+6
| | |
| * | Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2019-09-2542-495/+1317
| |\ \ | |/ / |/| | | | | erikj/cleanup_user_ips_2
* | | Merge pull request #6089 from matrix-org/erikj/cleanup_user_ipsErik Johnston2019-09-254-50/+179
|\ \ \ | | | | | | | | Move last seen info into devices table
| * \ \ Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2019-09-2540-491/+1314
| |\ \ \ | | | | | | | | | | | | | | | erikj/cleanup_user_ips
| * | | | Use if `is not None`Erik Johnston2019-09-251-1/+1
| | | | | | | | | | | | | | | Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* | | | | Enable cleaning up extremities with dummy events by default to prevent undue ↵Neil Johnson2019-09-252-3/+2
| |/ / / |/| | | | | | | | | | | build up of forward extremities. (#5884)
* | | | Threepid validity checks on msisdns should not be dependent on ↵Neil Johnson2019-09-252-29/+35
| | | | | | | | | | | | | | | | | | | | | | | | 'threepid_behaviour_email'. (#6104) Fixes #6103
* | | | Stop advertising unsupported flows for registration (#6107)Richard van der Hoff2019-09-255-16/+83
| | | | | | | | | | | | | | | | | | | | | | | | | | | | If email or msisdn verification aren't supported, let's stop advertising them for registration. Fixes #6100.
* | | | Refactor the user-interactive auth handling (#6105)Richard van der Hoff2019-09-255-141/+265
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Pull the checkers out to their own classes, rather than having them lost in a massive 1000-line class which does everything. This is also preparation for some more intelligent advertising of flows, as per #6100
* | | | Refactor code for calculating registration flows (#6106)Richard van der Hoff2019-09-254-83/+145
| |_|/ |/| | | | | | | | | | | | | | | | | | | | | | | because, frankly, it looked like it was written by an axe-murderer. This should be a non-functional change, except that where `m.login.dummy` was previously advertised *before* `m.login.terms`, it will now be advertised afterwards. AFAICT that should have no effect, and will be more consistent with the flows that involve passing a 3pid.
* | | Merge pull request #6092 from ↵Brendan Abolivier2019-09-243-6/+7
|\ \ \ | | | | | | | | | | | | | | | | matrix-org/babolivier/background_update_deactivated_return Fix the return value in the users_set_deactivated_flag background job
| * | | Incorporate reviewBrendan Abolivier2019-09-241-3/+3
| | | |
| * | | Fix loggingBrendan Abolivier2019-09-241-1/+1
| | | |
| * | | TypoBrendan Abolivier2019-09-231-1/+1
| | | |
| * | | ChangelogBrendan Abolivier2019-09-231-0/+1
| | | |
| * | | Fix the return value in the users_set_deactivated_flag background jobBrendan Abolivier2019-09-231-4/+4
| | | |
* | | | Merge pull request #6037 from matrix-org/rav/saml_mapping_workRichard van der Hoff2019-09-247-10/+280
|\ \ \ \ | | | | | | | | | | Update the process for mapping SAML2 users to matrix IDs
| * \ \ \ Merge remote-tracking branch 'origin/develop' into rav/saml_mapping_workRichard van der Hoff2019-09-247-8/+75
| |\ \ \ \ | |/ / / / |/| | | |
* | | | | remove unused parameter to get_user_id_by_threepid (#6099)Richard van der Hoff2019-09-242-1/+2
| | | | | | | | | | | | | | | Added in #5377, apparently in error
* | | | | Merge pull request #6069 from matrix-org/rav/fix_attribute_mappingRichard van der Hoff2019-09-243-7/+62
|\ \ \ \ \ | | | | | | | | | | | | Fix a bug with saml attribute maps.
| * | | | | docstrings and commentsRichard van der Hoff2019-09-241-7/+21
| | | | | |
| * | | | | Merge branch 'develop' into rav/fix_attribute_mappingRichard van der Hoff2019-09-19363-5354/+10634
| |\ \ \ \ \
| * | | | | | Fix a bug with saml attribute maps.Richard van der Hoff2019-09-193-7/+48
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes a bug where the default attribute maps were prioritised over user-specified ones, resulting in incorrect mappings. The problem is that if you call SPConfig.load() multiple times, it adds new attribute mappers to a list. So by calling it with the default config first, and then the user-specified config, we would always get the default mappers before the user-specified mappers. To solve this, let's merge the config dicts first, and then pass them to SPConfig.
* | | | | | | Add sid to next_link for email validation (#6097)J. Ryan Stinnett2019-09-242-0/+11
| | | | | | |
| | | * | | | Merge remote-tracking branch 'origin/develop' into rav/saml_mapping_workRichard van der Hoff2019-09-2451-231/+840
| | | |\ \ \ \ | |_|_|/ / / / |/| | | | | |
* | | | | | | Add submit_url response parameter to msisdn /requestToken (#6079)Andrew Morgan2019-09-234-1/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Second part of solving #6076 Fixes #6076 We return a submit_url parameter on calls to POST */msisdn/requestToken so that clients know where to submit token information to.
* | | | | | | Add an unstable feature flag for separate add/bind 3pid APIs (#6044)Andrew Morgan2019-09-232-0/+3
| | | | | | | | | | | | | | | | | | | | | Add a m.separate_add_and_bind flag set to True. See MSC2290's Backward Compatibility section for details.
* | | | | | | Merge pull request #6064 from matrix-org/rav/saml_config_cleanupRichard van der Hoff2019-09-233-102/+122
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Make the sample saml config closer to our standards
* | | | | | | | Use the federation blacklist for requests to untrusted Identity Servers (#6000)Andrew Morgan2019-09-235-4/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Uses a SimpleHttpClient instance equipped with the federation_ip_range_blacklist list for requests to identity servers provided by user input. Does not use a blacklist when contacting identity servers specified by account_threepid_delegates. The homeserver trusts the latter and we don't want to prevent homeserver admins from specifying delegates that are on internal IP addresses. Fixes #5935
* | | | | | | | Add m.id_access_token to /versions unstable_features (MSC2264) (#5974)Andrew Morgan2019-09-232-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Adds a flag to /versions' unstable_features section indicating that this Synapse understands what an id_access_token is, as per MSC2264. Fixes #5927
* | | | | | | | Add m.require_identity_server to /versions unstable_flags (#5972)Andrew Morgan2019-09-232-1/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As MSC2263 states, m.require_identity_server must be set to false when it does not require an identity server to be provided by the client for the purposes of email registration or password reset. Adds an m.require_identity_server flag to /versionss unstable_flags section. This will advertise that Synapse no longer needs id_server as a parameter.
* | | | | | | | Add POST submit_token endpoint for MSISDN (#6078)Andrew Morgan2019-09-233-2/+80
| |_|_|_|/ / / |/| | | | | | | | | | | | | First part of solving #6076
* | | | | | | Implement MSC2290 (#6043)Andrew Morgan2019-09-237-134/+203
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Implements MSC2290. This PR adds two new endpoints, /unstable/account/3pid/add and /unstable/account/3pid/bind. Depending on the progress of that MSC the unstable prefix may go away. This PR also removes the blacklist on some 3PID tests which occurs in #6042, as the corresponding Sytest PR changes them to use the new endpoints. Finally, it also modifies the account deactivation code such that it doesn't just try to deactivate 3PIDs that were bound to the user's account, but any 3PIDs that were bound through the homeserver on that user's account.
| | | | * | | Merge commit '33757bad1' into rav/saml_mapping_workRichard van der Hoff2019-09-201-1/+2
| | | | |\ \ \
| | | | | * | | More better loggingRichard van der Hoff2019-09-201-1/+2
| | | | | | | |
| | | | * | | | Update 6037.featureRichard van der Hoff2019-09-191-1/+1
| | | | | | | |
| | | | * | | | Merge branch 'rav/saml_config_cleanup' into rav/saml_mapping_workRichard van der Hoff2019-09-191-0/+1
| | | | |\ \ \ \ | | |_|_|/ / / / | |/| | | | | |
| * | | | | | | Merge branch 'develop' into rav/saml_config_cleanupRichard van der Hoff2019-09-19363-5354/+10634
| |\ \ \ \ \ \ \ | | | |/ / / / / | | |/| | | | |
| * | | | | | | Add changelogRichard van der Hoff2019-09-191-0/+1
| | | | | | | |
| | | | * | | | Merge branch 'develop' into rav/saml_mapping_workRichard van der Hoff2019-09-19363-5354/+10634
| | | | |\ \ \ \ | | | |_|/ / / / | | |/| | / / / | | | | |/ / /
| | | | * | | better loggingRichard van der Hoff2019-09-191-0/+2
| | | | | | |
| | | | * | | changelogRichard van der Hoff2019-09-131-0/+1
| | | | | | |
| | | | * | | Record mappings from saml users in an external tableRichard van der Hoff2019-09-136-10/+276
| | |_|/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | We want to assign unique mxids to saml users based on an incrementing suffix. For that to work, we need to record the allocated mxid in a separate table.
| * | | | | Make the sample saml config closer to our standardsRichard van der Hoff2019-09-132-102/+121
| | |/ / / | |/| | | | | | | | | | | | | It' still not great, thanks to the nested dictionaries, but it's better.
| | | | * Review commentsErik Johnston2019-09-254-7/+4
| | | | |
| | | | * NewsfileErik Johnston2019-09-241-0/+1
| | | | |
| | | | * Test that pruning of old user IPs worksErik Johnston2019-09-241-0/+71
| | | | |
| | | | * Prune rows in user_ips older than configured periodErik Johnston2019-09-243-8/+73
| | | | | | | | | | | | | | | | | | | | Defaults to pruning everything older than 28d.
| | | | * Add has_completed_background_updateErik Johnston2019-09-241-1/+24
| | | | | | | | | | | | | | | | | | | | This allows checking if a specific background update has completed.
| | | | * Add wrap_as_background_process decorator.Erik Johnston2019-09-241-1/+28
| | | |/ | | | | | | | | | | | | | | | | This does the same thing as `run_as_background_process` but means we don't need to create superfluous functions.
| | | * Test background updateErik Johnston2019-09-231-0/+79
| | | |
| | | * NewsfileErik Johnston2019-09-231-0/+1
| | | |
| | | * Query devices table for last seen info.Erik Johnston2019-09-232-50/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a) simpler than querying user_ips directly and b) means we can purge older entries from user_ips without losing the required info. The storage functions now no longer return the access_token, since it was unused.
| | | * Add BG update to populate devices last seen infoErik Johnston2019-09-232-0/+55
| | | |
| | | * Add last seen info to devices table.Erik Johnston2019-09-232-0/+36
| |_|/ |/| | | | | | | | | | | This allows us to purge old user_ips entries without having to preserve the latest last seen info for active devices.
* | | Disable /register/available if registration is disabled (#6082)Andrew Morgan2019-09-232-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #6066 This register endpoint should be disabled if registration is disabled, otherwise we're giving anyone the ability to check if a username exists on a server when we don't need to be. Error code is 403 (Forbidden) as that's the same returned by /register when registration is disabled.
* | | Generalize email sending logging (#6075)Andrew Morgan2019-09-232-1/+2
| | | | | | | | | | | | | | | | | | | | | In ancient times Synapse would only send emails when it was notifying a user about a message they received... Now it can do all sorts of neat things! Change the logging so it's not just about notifications.
* | | Return timeout error to user for identity server calls (#6073)Andrew Morgan2019-09-233-11/+38
| | |
* | | Merge pull request #6072 from matrix-org/rav/fix_retry_resetRichard van der Hoff2019-09-232-1/+2
|\ \ \ | | | | | | | | Fix exception when resetting retry timings
| * | | Fix exception when resetting retry timingsRichard van der Hoff2019-09-202-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes: > TypeError: set_destination_retry_timings() missing 1 required positional argument: 'retry_interval' Introduced in #6016.
* | | | fix broken copyrightsMatthew Hodgson2019-09-232-2/+2
| | | |
* | | | Allow HS to send emails when adding an email to the HS (#6042)Andrew Morgan2019-09-2012-72/+359
| | | |
* | | | Remove trailing slash ability from password reset's submit_token endpoint ↵Andrew Morgan2019-09-202-1/+2
|/ / / | | | | | | | | | | | | (#6074) Remove trailing slash ability from the password reset submit_token endpoint. Since we provide the link in an email, and have never sent it with a trailing slash, there's no point for us to accept them on the endpoint.
* | | Ensure email validation link parameters are URL-encoded (#6063)Andrew Morgan2019-09-202-4/+7
| | | | | | | | | The validation links sent via email had their query parameters inserted without any URL-encoding. Surprisingly this didn't seem to cause any issues, but if a user were to put a `/` in their client_secret it could lead to problems.
* | | Drop support for bind param on POST /account/3pid (MSC2290) (#6067)Andrew Morgan2019-09-203-4/+10
| | | | | | | | | As per [MSC2290](https://github.com/matrix-org/matrix-doc/pull/2290/files#diff-05cde9463e9209b701312b3baf2fb2ebR151), we're dropping the bind parameter from `/account/3pid`. This endpoint can now only be used for adding threepid's to the user's account on the homeserver.
* | | Docker: support SYNAPSE_WORKER envvar (#6058)Michael Kaye2019-09-193-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Allow passing SYNAPSE_WORKER envvar * changelog.d * Document SYNAPSE_WORKER. Attempting to imply that you don't need to change this default unless you're in worker mode. Also aware that there's a bigger problem of attempting to document a complete working configuration of workers using docker, as we currently only document to use `synctl` for worker mode, and synctl doesn't work that way in docker.
* | | Use unstable prefix for 3PID unbind API (#6062)J. Ryan Stinnett2019-09-193-2/+3
| | |
* | | Update the upgrade notes (#6050)Richard van der Hoff2019-09-192-27/+54
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * make it clear that if you installed from a package manager, you should use that to upgrade * Document the new way of getting the server version (cf #4878) * Write some words about downgrading.
* | | Add some notes on rolling back to v1.3.1. (#6049)Richard van der Hoff2019-09-192-0/+26
| | |
* | | Undo the deletion of some tables (#6047)Richard van der Hoff2019-09-193-21/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a partial revert of #5893. The problem is that if we drop these tables in the same release as removing the code that writes to them, it prevents users users from being able to roll back to a previous release. So let's leave the tables in place for now, and remember to drop them in a subsequent release. (Note that these tables haven't been *read* for *years*, so any missing rows resulting from a temporary upgrade to vNext won't cause a problem.)
* | | Remove POST method from password reset submit_token endpoint (#6056)Andrew Morgan2019-09-192-17/+1
| | | | | | | | | Removes the POST method from `/password_reset/<medium>/submit_token/` as it's only used by phone number verification which Synapse does not support yet.
* | | Fix typo in account_threepid_delegates config (#6028)Jorik Schellekens2019-09-183-2/+3
| | |
* | | Give appropriate exit codes when synctl fails (#5992)Jorik Schellekens2019-09-182-4/+40
| | |
* | | Fix logcontext spam on non-Linux platforms (#6059)J. Ryan Stinnett2019-09-182-2/+12
| |/ |/| | | | | | | | | | | This checks whether the current platform supports thread resource usage tracking before logging a warning to avoid log spam. Fixes https://github.com/matrix-org/synapse/issues/6055
* | fix sample configRichard van der Hoff2019-09-181-1/+1
| | | | | | | | this was apparently broken by #6040.
* | v2 3PID Invites (part of MSC2140) (#5979)Andrew Morgan2019-09-172-23/+82
| | | | | | | | | | | | | | 3PID invites require making a request to an identity server to check that the invited 3PID has an Matrix ID linked, and if so, what it is. These requests are being made on behalf of a user. The user will supply an identity server and an access token for that identity server. The homeserver will then forward this request with the access token (using an `Authorization` header) and, if the given identity server doesn't support v2 endpoints, will fall back to v1 (which doesn't require any access tokens). Requires: ~~#5976~~
* | (#5849) Convert rst to markdown (#6040)dstipp2019-09-1741-2192/+2088
| | | | | | | | | | Converting some of the rst documentation to markdown. Attempted to preserve whitespace and line breaks to minimize cosmetic change.
* | Fix race condition in room stats. (#6029)Erik Johnston2019-09-172-4/+11
| | | | | | | | | | Broke in #5971 Basically the bug is that if get_current_state_deltas returns no new updates and we then take the max pos, its possible that we miss an update that happens in between the two calls. (e.g. get_current_state_deltas looks up to stream pos 5, then an event persists and so getting the max stream pos returns 6, meaning that next time we check for things with a stream pos bigger than 6)
* | Add 'failure_ts' column to 'destinations' table (#6016)Richard van der Hoff2019-09-177-12/+195
| | | | | | | | Track the time that a server started failing at, for general analysis purposes.
* | Fix well-known lookups with the federation certificate whitelist (#5997)Amber Brown2019-09-145-15/+63
| |
* | Add developer docs for using SAML without a server (#6032)Travis Ralston2019-09-132-0/+38
| |
* | Fix for structured logging tests stomping on logs (#6023)Amber Brown2019-09-1313-41/+154
| |
* | Remove the cap on federation retry interval. (#6026)Richard van der Hoff2019-09-122-2/+3
| | | | | | | | | | | | Essentially the intention here is to end up blacklisting servers which never respond to federation requests. Fixes https://github.com/matrix-org/synapse/issues/5113.
* | Fix bug in calculating the federation retry backoff period (#6025)Richard van der Hoff2019-09-122-2/+4
| | | | | | | | This was intended to introduce an element of jitter; instead it gave you a 30/60 chance of resetting to zero.
* | Merge pull request #6024 from matrix-org/dbkr/fix_sso_fallback_loginDavid Baker2019-09-122-1/+2
|\ \ | | | | | | Fix SSO fallback login
| * | changelogDavid Baker2019-09-121-0/+1
| | |
| * | Fix SSO fallback loginDavid Baker2019-09-121-1/+1
|/ / | | | | | | | | Well, it worked, but forgot to remove the thing saying login was unavailable.
* | add report_stats_endpoint config option (#6012)Sorunome2019-09-124-2/+19
| | | | | | This PR adds the optional `report_stats_endpoint` to configure where stats are reported to, if enabled.
* | Blow up config if opentracing is missing (#5985)Jorik Schellekens2019-09-122-0/+8
| | | | | | | | * Blow up config if opentracing is missing
* | Merge pull request #6020 from matrix-org/jaywink/allow-support-users-to-registerJason Robinson2019-09-123-2/+28
|\ \ | | | | | | Ensure support users can be registered even if MAU limit is reached
| * | Ensure support users can be registered even if MAU limit is reachedJason Robinson2019-09-113-2/+28
|/ / | | | | | | | | | | | | | | | | This allows support users to be created even on MAU limits via the admin API. Support users are excluded from MAU after creation, so it makes sense to exclude them in creation - except if the whole host is in disabled state. Signed-off-by: Jason Robinson <jasonr@matrix.org>
* | Use the v2 Identity Service API for lookups (MSC2134 + MSC2140) (#5976)Andrew Morgan2019-09-116-35/+238
| | | | | | | | | | | | | | This is a redo of https://github.com/matrix-org/synapse/pull/5897 but with `id_access_token` accepted. Implements [MSC2134](https://github.com/matrix-org/matrix-doc/pull/2134) plus Identity Service v2 authentication ala [MSC2140](https://github.com/matrix-org/matrix-doc/pull/2140). Identity lookup-related functions were also moved from `RoomMemberHandler` to `IdentityHandler`.
* | Merge pull request #6015 from matrix-org/erikj/ratelimit_admin_redactionErik Johnston2019-09-117-12/+103
|\ \ | | | | | | Allow use of different ratelimits for admin redactions.
| * | Update sample configErik Johnston2019-09-111-1/+1
| | |
| * | Fix commentsErik Johnston2019-09-114-5/+5
| | | | | | | | | Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
| * | Add test for admin redaction ratelimiting.Erik Johnston2019-09-111-0/+25
| | |
| * | Fix how we check for self redactionErik Johnston2019-09-111-4/+18
| | |
| * | Update sample configErik Johnston2019-09-111-0/+7
| | |
| * | NewsfileErik Johnston2019-09-111-0/+1
| | |
| * | Allow use of different ratelimits for admin redactions.Erik Johnston2019-09-114-12/+56
| | | | | | | | | | | | | | | This is useful to allow room admins to quickly deal with a large number of abusive messages.
* | | Clean up some code in the retry logic (#6017)Richard van der Hoff2019-09-113-36/+14
| | | | | | | | | | | | * remove some unused code * make things which were constants into constants for efficiency and clarity
* | | Add note about extra arg to send_membership_event, remove arg in ↵Andrew Morgan2019-09-112-10/+3
| | | | | | | | | | | | | | | | | | | | | | | | remote_reject_invite (#6009) Some small fixes to `room_member.py` found while doing other PRs. 1. Add requester to the base `_remote_reject_invite` method. 2. `send_membership_event`'s docstring was out of date and took in a `remote_room_hosts` arg that was not used and no calling function provided.
* | | Check dependencies on setup in the nicer way. (#5989)Jorik Schellekens2019-09-114-28/+20
| | |
* | | Fix existing v2 identity server calls (MSC2140) (#6013)Andrew Morgan2019-09-112-2/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Two things I missed while implementing [MSC2140](https://github.com/matrix-org/matrix-doc/pull/2140/files#diff-c03a26de5ac40fb532de19cb7fc2aaf7R80). 1. Access tokens should be provided to the identity server as `access_token`, not `id_access_token`, even though the homeserver may accept the tokens as `id_access_token`. 2. Access tokens must be sent to the identity server in a query parameter, the JSON body is not allowed. We now send the access token as part of an `Authorization: ...` header, which fixes both things. The breaking code was added in https://github.com/matrix-org/synapse/pull/5892 Sytest PR: https://github.com/matrix-org/sytest/pull/697
* | | Remove origin parameter from add_display_name_to_third_party_invite and add ↵Andrew Morgan2019-09-114-4/+10
|/ / | | | | | | | | | | | | params to docstring (#6010) Another small fixup noticed during work on a larger PR. The `origin` field of `add_display_name_to_third_party_invite` is not used and likely was just carried over from the `on_PUT` method of `FederationThirdPartyInviteExchangeServlet` which, like all other servlets, provides an `origin` argument. Since it's not used anywhere in the handler function though, we should remove it from the function arguments.
* | Merge pull request #6011 from matrix-org/anoa/fix_3pid_validationErik Johnston2019-09-104-42/+46
|\ \ | | | | | | Use account_threepid_delegate for 3pid validation
| * | Add changelogAndrew Morgan2019-09-103-4/+5
| | |
| * | Use account_threepid_delegate for 3pid validationAndrew Morgan2019-09-103-42/+45
| | |
* | | Merge pull request #6004 from matrix-org/jaywink/autojoin-create-real-usersJason Robinson2019-09-094-10/+69
|\ \ \ | | | | | | | | Only count real users when checking for auto-creation of auto-join room
| * | | Fix code style, againJason Robinson2019-09-091-3/+1
| | | | | | | | | | | | | | | | Signed-off-by: Jason Robinson <jasonr@matrix.org>
| * | | Simplify count_real_users SQL to only count user_type is null rowsJason Robinson2019-09-091-1/+1
| | | | | | | | | | | | | | | | Signed-off-by: Jason Robinson <jasonr@matrix.org>
| * | | Simplify is_real_user_txn check to trust user_type is null if real userJason Robinson2019-09-091-1/+1
| | | | | | | | | | | | | | | | Signed-off-by: Jason Robinson <jasonr@matrix.org>
| * | | Auto-fix a few code style issuesJason Robinson2019-09-091-4/+4
| | | | | | | | | | | | | | | | Signed-off-by: Jason Robinson <jasonr@matrix.org>
| * | | Only count real users when checking for auto-creation of auto-join roomJason Robinson2019-09-094-10/+71
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously if the first registered user was a "support" or "bot" user, when the first real user registers, the auto-join rooms were not created. Fix to exclude non-real (ie users with a special user type) users when counting how many users there are to determine whether we should auto-create a room. Signed-off-by: Jason Robinson <jasonr@matrix.org>
* | | | Merge pull request #5934 from matrix-org/erikj/censor_redactionsErik Johnston2019-09-096-2/+220
|\ \ \ \ | | | | | | | | | | Censor redactions in DB after a month
| * | | | Fix commentsErik Johnston2019-09-091-2/+3
| | | | |
| * | | | Default to censoring redactions after seven daysErik Johnston2019-09-092-7/+11
| | | | |
| * | | | Use better names in SQLErik Johnston2019-09-091-5/+8
| | | | |
| * | | | Fixup commentErik Johnston2019-09-091-4/+12
| | | | |
| * | | | Don't start looping call unless enabledErik Johnston2019-09-091-1/+2
| | | | |
| * | | | Handle setting retention period to 0Erik Johnston2019-09-092-2/+2
| | | | |
| * | | | Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2019-09-05144-1781/+2395
| |\ \ \ \ | | | | | | | | | | | | | | | | | | erikj/censor_redactions
| * | | | | Fix testErik Johnston2019-09-051-1/+3
| | | | | |
| * | | | | Make redaction retention period configurableErik Johnston2019-09-054-3/+27
| | | | | |
| * | | | | NewsfileErik Johnston2019-08-301-0/+1
| | | | | |
| * | | | | Censor redactions in DB after a monthErik Johnston2019-08-303-1/+175
| | | | | |
* | | | | | Add a build info metric to Prometheus (#6005)Amber Brown2019-09-103-2/+33
| | | | | |
* | | | | | Merge pull request #6003 from matrix-org/erikj/push_opentracingErik Johnston2019-09-092-1/+13
|\ \ \ \ \ \ | |_|_|/ / / |/| | | | | Add opentracing span for HTTP push
| * | | | | NewsfileErik Johnston2019-09-091-0/+1
| | | | | |
| * | | | | Add opentracing span for HTTP pushErik Johnston2019-09-091-1/+12
|/ / / / /
* | | | | Servers-known-about statistic (#5981)Amber Brown2019-09-077-60/+226
| | | | |
* | | | | Ensure a sid parameter is passed to bind_threepid (#5995)Andrew Morgan2019-09-062-1/+8
| | | | | | | | | | | | | | | `sid` is required to be part of `three_pid_creds`. We were 500'ing if it wasn't provided instead of returning `M_MISSING_PARAM`.
* | | | | Merge pull request #5998 from matrix-org/erikj/fixup_federate_flagErik Johnston2019-09-063-2/+7
|\ \ \ \ \ | |_|_|/ / |/| | | | Correctly handle non-bool m.federate flag
| * | | | NewsfileErik Johnston2019-09-061-0/+1
| | | | |
| * | | | Correctly handle non-bool m.federate flagErik Johnston2019-09-062-2/+6
| | | | |
* | | | | Merge pull request #5993 from matrix-org/anoa/worker_store_regErik Johnston2019-09-062-79/+80
|\ \ \ \ \ | | | | | | | | | | | | Move get_threepid_validation_session and delete_threepid_session into RegistrationWorkerStore
| * | | | | Move delete_threepid_session into RegistrationWorkerStoreAndrew Morgan2019-09-061-25/+25
| | | | | |
| * | | | | Change changelogAndrew Morgan2019-09-062-1/+1
| | | | | |
| * | | | | Move get_threepid_validation_session into RegistrationWorkerStoreAndrew Morgan2019-09-061-54/+54
| | | | | |
| * | | | | Add changelogAndrew Morgan2019-09-061-0/+1
| |/ / / /
* | | | | Merge pull request #5994 from matrix-org/anoa/html_template_fixErik Johnston2019-09-063-2/+3
|\ \ \ \ \ | |/ / / / |/| | | | Fix destructuring assumption bug with using load_jinja2_templates
| * | | | Apply suggestions from code reviewAndrew Morgan2019-09-062-2/+2
| | | | | | | | | | | | | | | Co-Authored-By: Erik Johnston <erik@matrix.org>
| * | | | Add changelogAndrew Morgan2019-09-061-0/+1
| | | | |
| * | | | Fix destructuring assumption bugAndrew Morgan2019-09-062-2/+2
|/ / / /
* | | | Merge pull request #5991 from matrix-org/erikj/fix_tracing_funcsErik Johnston2019-09-062-5/+6
|\ \ \ \ | | | | | | | | | | Don't assume there is a 'self' arg in @trace decorator
| * | | | Update changelogErik Johnston2019-09-061-1/+1
| | | | |
| * | | | NewsfileErik Johnston2019-09-061-0/+1
| | | | |
| * | | | Don't assume there is a 'self' arg in @trace decoratorErik Johnston2019-09-061-5/+5
| | | | |
* | | | | Allow Synapse to send registration emails + choose Synapse or an external ↵Andrew Morgan2019-09-0629-302/+820
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | server to handle 3pid validation (#5987) This is a combination of a few different PRs, finally all being merged into `develop`: * #5875 * #5876 * #5868 (This one added the `/versions` flag but the flag itself was actually [backed out](https://github.com/matrix-org/synapse/commit/891afb57cbdf9867f2848341b29c75d6f35eef5a#diff-e591d42d30690ffb79f63bb726200891) in #5969. What's left is just giving /versions access to the config file, which could be useful in the future) * #5835 * #5969 * #5940 Clients should not actually use the new registration functionality until https://github.com/matrix-org/synapse/pull/5972 is merged. UPGRADE.rst, changelog entries and config file changes should all be reviewed closely before this PR is merged.
* | | | Trace how long it takes for the send trasaction to complete, including ↵Jorik Schellekens2019-09-054-38/+58
| | | | | | | | | | | | | | | | retrys (#5986)
* | | | Gracefully handle log context slips and missing opentracing import errors. ↵Jorik Schellekens2019-09-052-24/+59
| |/ / |/| | | | | | | | (#5988)
* | | Merge pull request #5984 from ↵Erik Johnston2019-09-055-8/+16
|\ \ \ | | | | | | | | | | | | | | | | matrix-org/joriks/opentracing_link_send_to_edu_contexts Link the send loop with the edus contexts
| * | | use access methods (duh..)Jorik Schellekens2019-09-051-1/+3
| | | | | | | | | | | | Co-Authored-By: Erik Johnston <erik@matrix.org>
| * | | Bugfix phrasingJorik Schellekens2019-09-051-1/+1
| | | | | | | | | | | | Co-Authored-By: Erik Johnston <erik@matrix.org>
| * | | Opentracing context cannot be noneJorik Schellekens2019-09-051-1/+1
| | | |
| * | | newsfileJorik Schellekens2019-09-051-0/+1
| | | |
| * | | Link the send loop with the edus contextsJorik Schellekens2019-09-053-7/+12
| | | | | | | | | | | | | | | | | | | | | | | | The contexts were being filtered too early so the send loop wasn't being linked to them unless the destination was whitelisted.
* | | | Add opentracing to all client servlets (#5983)Jorik Schellekens2019-09-056-18/+26
| | | |
* | | | Switch to using v2 Identity Service APIs other than lookup (MSC 2140) (#5892)Andrew Morgan2019-09-054-47/+132
| | | |
* | | | Fix opentracing contexts missing from outbound replication requests (#5982)Jorik Schellekens2019-09-052-4/+17
| | | |
* | | | Add POST /_matrix/client/r0/account/3pid/unbind (MSC2140) (#5980)Andrew Morgan2019-09-053-1/+36
|/ / / | | | | | | Implements `POST /_matrix/client/r0/account/3pid/unbind` from [MSC2140](https://github.com/matrix-org/matrix-doc/blob/dbkr/tos_2/proposals/2140-terms-of-service-2.md#post-_matrixclientr0account3pidunbind).
* | | Remove bind_email and bind_msisdn (#5964)Andrew Morgan2019-09-044-64/+10
| | | | | | | | | Removes the `bind_email` and `bind_msisdn` parameters from the `/register` C/S API endpoint as per [MSC2140: Terms of Service for ISes and IMs](https://github.com/matrix-org/matrix-doc/pull/2140/files#diff-c03a26de5ac40fb532de19cb7fc2aaf7R107).
* | | Cleanup event auth type initialisation (#5975)Andrew Morgan2019-09-042-5/+6
| | | | | | | | | Very small code cleanup.
* | | Fix and refactor room and user stats (#5971)Erik Johnston2019-09-0411-641/+1642
| | | | | | | | | Previously the stats were not being correctly populated.
* | | code cleanupsAndrew Morgan2019-09-031-7/+2
| | |
* | | Ensure the list media admin API is always available (#5966)Travis Ralston2019-09-032-2/+6
| | | | | | | | | | | | | | | | | | | | | | | | * Ensure the list media admin API is always available This API is required for some external media repo implementations to operate (mostly for doing quarantine operations on a room). * changelog
* | | Fix docstringAndrew Morgan2019-09-031-2/+1
| | |
* | | Remove unnecessary variable declarationAndrew Morgan2019-09-031-1/+0
| | |
* | | Docker packaging should not su-exec or chmod if already running as UID/GID ↵Michael Kaye2019-09-032-35/+50
| | | | | | | | | | | | | | | | | | | | | | | | (#5970) Adjust su-exec to only be used if needed. If UID == getuid() and GID == getgid() then we do not need to su-exec, and chmod will not work.
* | | Ensure an auth instance is available to ListMediaInRoom (#5967)Travis Ralston2019-09-032-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | * Ensure an auth instance is available to ListMediaInRoom Fixes https://github.com/matrix-org/synapse/issues/5737 * Changelog
* | | fix typoMatthew Hodgson2019-09-031-1/+1
| | |
* | | Remove double return statements (#5962)Andrew Morgan2019-09-0315-20/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove all the "double return" statements which were a result of us removing all the instances of ``` defer.returnValue(...) return ``` statements when we switched to python3 fully.
* | | Opentrace device lists (#5853)Jorik Schellekens2019-09-038-58/+118
| | | | | | | | | Trace device list changes.
* | | Remove unused methods from c/s api v1 in register.py (#5963)Andrew Morgan2019-09-023-137/+2
| | | | | | | | | These methods were part of the v1 C/S API. Remove them as they are no longer used by any code paths.
* | | fix thumbnail storage location (#5915)L0ric02019-09-022-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * fix thumbnail storage location Signed-off-by: Lorenz Steinert <lorenz@steinerts.de> * Add changelog file. Signed-off-by: Lorenz Steinert <lorenz@steinerts.de> * Update Changelog Signed-off-by: Lorenz Steinert <lorenz@steinerts.de>
* | | Update INSTALL.md to say that Python 2 is no longer supported (#5953)Aaron Raimist2019-09-022-2/+3
| | | | | | | | | | | | Signed-off-by: Aaron Raimist <aaron@raim.ist>
* | | Revert "Add m.id_access_token flag (#5930)" (#5945)Andrew Morgan2019-08-302-7/+1
| | | | | | | | | This reverts commit 4765f0cfd95f6160f32c75481651d125f343cd58.
* | | Remove unnecessary parentheses around return statements (#5931)Andrew Morgan2019-08-3081-286/+287
| | | | | | | | | | | | | | | Python will return a tuple whether there are parentheses around the returned values or not. I'm just sick of my editor complaining about this all over the place :)
* | | Move buildkite config to the pipelines repo (#5943)Amber Brown2019-08-313-310/+16
| | |
* | | Add m.id_access_token flag (#5930)Andrew Morgan2019-08-302-1/+7
| | | | | | | | | | | | | | | Adds a flag to `/versions`' `unstable_features` section indicating that this Synapse understands what an `id_access_token` is, as per https://github.com/matrix-org/synapse/issues/5927#issuecomment-523566043 Fixes #5927
* | | Removed unused jenkins/ folder and script (#5938)Amber Brown2019-08-302-16/+1
| | |
* | | Revert "Use the v2 lookup API for 3PID invites (#5897)" (#5937)Andrew Morgan2019-08-304-166/+9
| | | | | | | | | | | | | | | This reverts commit 71fc04069a5770a204c3514e0237d7374df257a8. This broke 3PID invites as #5892 was required for it to work correctly.
* | | Fix buildkite pipeline plugin matrix-org/annotate using the wrong variable ↵Amber Brown2019-08-301-3/+3
| | | | | | | | | | | | config
* | | Fix coverage in sytest and use plugins for buildkite (#5922)Amber Brown2019-08-298-32/+92
|/ /
* | Add a link to python's logging config schema (#5926)Jorik Schellekens2019-08-283-2/+5
| |
* | Merge pull request #5902 from matrix-org/hs/exempt-support-users-from-consentWill Hunt2019-08-285-2/+9
|\ \ | | | | | | Exempt support users from consent
| * | Removing entry for 5903Will Hunt2019-08-281-1/+0
| | |
| * | Apply suggestions from code reviewWill Hunt2019-08-231-2/+2
| | | | | | | | | Co-Authored-By: Erik Johnston <erik@matrix.org>
| * | Update changelogHalf-Shot2019-08-231-1/+1
| | |
| * | Exempt bot usersHalf-Shot2019-08-231-1/+1
| | |
| * | Merge branch 'hs/bot-user-type' into hs/exempt-support-users-from-consentHalf-Shot2019-08-232-1/+3
| |\ \
| | * | Add changelogHalf-Shot2019-08-231-0/+1
| | | |
| | * | Add bot typeHalf-Shot2019-08-231-1/+2
| | | |
| * | | Fix registration testHalf-Shot2019-08-231-0/+1
| | | |
| * | | newsfile 5902Half-Shot2019-08-231-0/+1
| | | |
| * | | Ignore consent for support usersHalf-Shot2019-08-231-0/+1
| | | |
| * | | Return user_type in get_user_by_idHalf-Shot2019-08-231-1/+4
| |/ /
* | | Let synctl use a config directory. (#5904)Jorik Schellekens2019-08-283-6/+15
| | | | | | | | | * Let synctl use a config directory.
* | | Use the v2 lookup API for 3PID invites (#5897)Andrew Morgan2019-08-284-9/+166
| | | | | | | | | | | | | | | | | | | | | Fixes https://github.com/matrix-org/synapse/issues/5861 Adds support for the v2 lookup API as defined in [MSC2134](https://github.com/matrix-org/matrix-doc/pull/2134). Currently this is only used for 3PID invites. Sytest PR: https://github.com/matrix-org/sytest/pull/679
* | | Config templating (#5900)Jorik Schellekens2019-08-289-46/+366
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Template config files * Imagine a system composed entirely of x, y, z etc and the basic operations.. Wait George, why XOR? Why not just neq? George: Eh, I didn't think of that.. Co-Authored-By: Erik Johnston <erik@matrix.org>
* | | Implement a structured logging output system. (#5680)Amber Brown2019-08-2831-82/+1328
| | |
* | | Fix a cache-invalidation bug for worker-based deployments (#5920)Richard van der Hoff2019-08-282-8/+17
| | | | | | | | | | | | | | | | | | | | | | | | Some of the caches on worker processes were not being correctly invalidated when a room's state was changed in a way that did not affect the membership list of the room. We need to make sure we send out cache invalidations even when no memberships are changing.
* | | Merge pull request #5914 from matrix-org/rei/admin_getadminreivilibre2019-08-285-9/+62
|\ \ \ | | | | | | | | Add GET method to admin API /users/@user:dom/admin
| * | | Document GET method for retrieving admin bit of user in admin APIOlivier Wilkinson (reivilibre)2019-08-271-0/+19
| | | | | | | | | | | | | | | | Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
| * | | Add GET method to admin API /users/@user:dom/adminOlivier Wilkinson (reivilibre)2019-08-274-9/+43
| | | | | | | | | | | | | | | | Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
* | | | Typographical corrections in docker/README (#5921)Victor Goff2019-08-281-5/+5
| | | |
* | | | Merge pull request #5859 from matrix-org/rei/msc2197reivilibre2019-08-284-16/+96
|\ \ \ \ | | | | | | | | | | MSC2197 Search Filters over Federation
| * | | | Newsfile on one lineOlivier Wilkinson (reivilibre)2019-08-201-2/+1
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
| * | | | Use MSC2197 on stable prefix as it has almost finished FCPOlivier Wilkinson (reivilibre)2019-08-202-26/+4
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>