| Commit message (Collapse) | Author | Files | Lines |
|---|
|
identity server (#5377)
Sends password reset emails from the homeserver instead of proxying to the identity server. This is now the default behaviour for security reasons. If you wish to continue proxying password reset requests to the identity server you must now enable the email.trust_identity_server_for_password_resets option.
This PR is a culmination of 3 smaller PRs which have each been separately reviewed:
* #5308
* #5345
* #5368
|
|
There are a few changes going on here:
* We make checking the signature on a key server response optional: if no
verify_keys are specified, we trust to TLS to validate the connection.
* We change the default config so that it does not require responses to be
signed by the old key.
* We replace the old 'perspectives' config with 'trusted_key_servers', which
is also formatted slightly differently.
* We emit a warning to the logs every time we trust a key server response
signed by the old key.
|
|
|
|
1.0 upgrade/install notes
|
|
|
|
* Regen sample config before kicking off agents
* Add changelog
|
|
Fixes some warnings, and a scary-looking stacktrace when sytest kills the
process.
|
|
|
|
|
|
|
|
Previously, setting this option would cause an exception at startup.
|
|
* Update _matrix/client/versions to reference support for r0.5.0
|
|
* Fix background updates to handle redactions/rejections
In background updates based on current state delta stream we need to
handle that we may not have all the events (or at least that
`get_events` may raise an exception).
|
|
|
|
|
|
fixes #4951
|
