summary refs log tree commit diff
path: root/synapse/api (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Fixup sliding sync comment (#17531)Erik Johnston2024-08-071-1/+1
| | | | c.f. https://github.com/element-hq/synapse/pull/17529#discussion_r1705780925
* SS: Reset connection if token is unrecognized (#17529)Erik Johnston2024-08-061-0/+18
| | | | | | | | | | | | | | This triggers the client to start a new sliding sync connection. If we don't do this and the client asks for the full range of rooms, we end up sending down all rooms and their state from scratch (which can be very slow) This causes things like https://github.com/element-hq/element-x-ios/issues/3115 after we restart the server --------- Co-authored-by: Eric Eastwood <eric.eastwood@beta.gouv.fr>
* Sliding Sync: Update filters to be robust against remote invite rooms (#17450)Eric Eastwood2024-07-301-0/+8
| | | | | | | | | | | | | | | Update `filters.is_encrypted` and `filters.types`/`filters.not_types` to be robust when dealing with remote invite rooms in Sliding Sync. Part of [MSC3575](https://github.com/matrix-org/matrix-spec-proposals/pull/3575): Sliding Sync Follow-up to https://github.com/element-hq/synapse/pull/17434 We now take into account current state, fallback to stripped state for invite/knock rooms, then historical state. If we can't determine the info needed to filter a room (either from state or stripped state), it is filtered out.
* Add a cache on `get_rooms_for_local_user_where_membership_is` (#17460)Erik Johnston2024-07-191-1/+1
| | | | | | | As it gets used in sliding sync. We basically invalidate it in all the same places as `get_rooms_for_user`. Most of the changes are due to needing the arguments you pass in to be hashable (which lists aren't)
* Fix docs on `record_action` to clarify the actions are applied (#17426)Travis Ralston2024-07-111-3/+2
| | | | | This looks like a copy/paste error: the function doesn't reject anything, but instead allows the action count to go through regardless. The remainder of the function's documentation appears correct.
* Add `rooms.bump_stamp` to Sliding Sync `/sync` for easier client-side ↵Eric Eastwood2024-07-081-0/+4
| | | | | | | | | | | | | | | sorting (#17395) `bump_stamp` corresponds to the `stream_ordering` of the latest `DEFAULT_BUMP_EVENT_TYPES` in the room. This helps clients sort more readily without them needing to pull in a bunch of the timeline to determine the last activity. `bump_event_types` is a thing because for example, we don't want display name changes to mark the room as unread and bump it to the top. For encrypted rooms, we just have to consider any activity as a bump because we can't see the content and the client has to figure it out for themselves. Outside of Synapse, `bump_stamp` is just a free-form counter so other implementations could use `received_ts`or `origin_server_ts` (see the [*Security considerations* section in MSC3575 about the potential pitfalls of using `origin_server_ts`](https://github.com/matrix-org/matrix-spec-proposals/blob/kegan/sync-v3/proposals/3575-sync.md#security-considerations)). It doesn't have any guarantee about always going up. In the Synapse case, it could go down if an event was redacted/removed (or purged in cases of retention policies). In the future, we could add `bump_event_types` as [MSC3575](https://github.com/matrix-org/matrix-spec-proposals/pull/3575) mentions if people need to customize the event types. --- In the Sliding Sync proxy, a similar [`timestamp` field was added](https://github.com/matrix-org/sliding-sync/pull/247) for the same purpose but the name is not obvious what it pertains to or what it's for. The `timestamp` field was also added to Ruma in https://github.com/ruma/ruma/pull/1622
* MSC3861: allow overriding the introspection endpoint (#17406)Quentin Gliech2024-07-081-2/+13
| | | | This makes it easier to go through an internal endpoint instead of the public facing URL when introspecting tokens, reducing latency.
* Allow enabling sliding sync per-user (#17393)Erik Johnston2024-07-053-1/+74
| | | Based on #17392
* Support MSC3916 by adding `_matrix/client/v1/media/download` endpoint (#17365)Shay2024-07-021-1/+2
|
* Include user membership on events (#17282)Richard van der Hoff2024-06-131-1/+1
| | | | | MSC4115 has now completed FCP, so we can enable it by default and switch to the stable identifier.
* Add Sliding Sync `/sync` endpoint (initial implementation) (#17187)Eric Eastwood2024-06-061-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Based on [MSC3575](https://github.com/matrix-org/matrix-spec-proposals/pull/3575): Sliding Sync This iteration only focuses on returning the list of room IDs in the sliding window API (without sorting/filtering). Rooms appear in the Sliding sync response based on: - `invite`, `join`, `knock`, `ban` membership events - Kicks (`leave` membership events where `sender` is different from the `user_id`/`state_key`) - `newly_left` (rooms that were left during the given token range, > `from_token` and <= `to_token`) - In order for bans/kicks to not show up, you need to `/forget` those rooms. This doesn't modify the event itself though and only adds the `forgotten` flag to `room_memberships` in Synapse. There isn't a way to tell when a room was forgotten at the moment so we can't factor it into the from/to range. ### Example request `POST http://localhost:8008/_matrix/client/unstable/org.matrix.msc3575/sync` ```json { "lists": { "foo-list": { "ranges": [ [0, 99] ], "sort": [ "by_notification_level", "by_recency", "by_name" ], "required_state": [ ["m.room.join_rules", ""], ["m.room.history_visibility", ""], ["m.space.child", "*"] ], "timeline_limit": 100 } } } ``` Response: ```json { "next_pos": "s58_224_0_13_10_1_1_16_0_1", "lists": { "foo-list": { "count": 1, "ops": [ { "op": "SYNC", "range": [0, 99], "room_ids": [ "!MmgikIyFzsuvtnbvVG:my.synapse.linux.server" ] } ] } }, "rooms": {}, "extensions": {} } ```
* Add a short sleep if the request is rate-limited (#17210)Erik Johnston2024-05-181-0/+4
| | | This helps prevent clients from "tight-looping" retrying their request.
* Add support for MSC4115 (#17104)Richard van der Hoff2024-04-291-0/+7
| | | | Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
* Improve event validation (#16908)Shay2024-03-191-0/+2
| | | As the title states.
* Bump black from 23.10.1 to 24.2.0 (#16936)dependabot[bot]2024-03-132-4/+5
|
* Stabilize support for Retry-After header (MSC4014) (#16947)Patrick Cloke2024-03-081-3/+2
|
* Correctly mention previous copyright (#16820)Erik Johnston2024-01-2312-0/+17
| | | | | During the migration the automated script to update the copyright headers accidentally got rid of some of the existing copyright lines. Reinstate them.
* Merge remote-tracking branch 'gitlab/clokep/license-license' into new_developErik Johnston2023-12-1313-139/+208
|\
| * Update license headersPatrick Cloke2023-11-2113-139/+208
| |
* | Keep track of `user_ips` and `monthly_active_users` when delegating auth ↵David Robertson2023-11-233-38/+53
|/ | | | | | | | | | | | | (#16672) * Describe `insert_client_ip` * Pull out client_ips and MAU tracking to BaseAuth * Define HAS_AUTHLIB once in tests sick of copypasting * Track ips and token usage when delegating auth * Test that we track MAU and user_ips * Don't track `__oidc_admin`
* Asynchronous Uploads (#15503)Sumner Evans2023-11-151-0/+2
| | | Support asynchronous uploads as defined in MSC2246.
* Fix possible AttributeError when account-api is called over unix socket (#16404)Christoph2023-10-091-1/+1
| | | Fixes #16396
* Convert simple_select_list_paginate_txn to return tuples. (#16433)Patrick Cloke2023-10-061-4/+0
|
* Convert more cached return values to immutable types (#16356)Patrick Cloke2023-09-201-4/+4
|
* Refactor `get_user_by_id` (#16316)Erik Johnston2023-09-142-2/+2
|
* Merge remote-tracking branch 'origin/release-v1.92' into developPatrick Cloke2023-09-062-88/+10
|\
| * Merge remote-tracking branch 'origin/release-v1.91' into release-v1.92Patrick Cloke2023-09-061-85/+6
| |\
| | * Revert MSC3861 introspection cache, admin impersonation and account lock ↵Quentin Gliech2023-09-061-85/+6
| | | | | | | | | | | | (#16258)
| * | Fix incorrect docstring for Ratelimiter. (#16255)Patrick Cloke2023-09-051-3/+4
| | |
* | | Track presence state per-device and combine to a user state. (#16066)Patrick Cloke2023-09-051-4/+39
|/ / | | | | | | | | | | | | | | | | | | | | Tracks presence on an individual per-device basis and combine the per-device state into a per-user state. This should help in situations where a user has multiple devices with conflicting status (e.g. one is syncing with unavailable and one is syncing with online). The tie-breaking is done by priority: BUSY > ONLINE > UNAVAILABLE > OFFLINE
* | Describe which rate limiter was hit in logs (#16135)David Robertson2023-08-302-9/+25
| |
* | Add `Retry-After` to M_LIMIT_EXCEEDED error responses (#16136)Will Hunt2023-08-241-1/+9
|/ | | Implements MSC4041 behind an experimental configuration flag.
* Add an admin endpoint to allow authorizing server to signal token ↵Shay2023-08-221-0/+13
| | | | revocations (#16125)
* MSC3861: allow impersonation by an admin using a query param (#16132)Mathieu Velten2023-08-181-3/+22
|
* Add response time metrics for introspection requests (#16131)Erik Johnston2023-08-181-7/+27
| | | See #16119
* Cache token introspection response from OIDC provider (#16117)Shay2023-08-171-2/+38
|
* Run pyupgrade for python 3.7 & 3.8. (#16110)Patrick Cloke2023-08-151-2/+1
|
* Implements admin API to lock an user (MSC3939) (#15870)Mathieu Velten2023-08-104-1/+30
|
* Support room version 11 (#15912)Patrick Cloke2023-07-181-224/+105
| | | | | And fix a bug in the implementation of the updated redaction format (MSC2174) where the top-level redacts field was not properly added for backwards-compatibility.
* Re-introduce the outbound federation proxy (#15913)Eric Eastwood2023-07-181-0/+7
| | | | | Allow configuring the set of workers to proxy outbound federation traffic through (`outbound_federation_restricted_to`). This is useful when you have a worker setup with `federation_sender` instances responsible for sending outbound federation requests and want to make sure *all* outbound federation traffic goes through those instances. Before this change, the generic workers would still contact federation themselves for things like profile lookups, backfill, etc. This PR allows you to set more strict access controls/firewall for all workers and only allow the `federation_sender`'s to contact the outside world.
* Remove experimental MSC2716 implementation to incrementally import history ↵Eric Eastwood2023-06-162-75/+0
| | | | | | | | | | | | into existing rooms (#15748) Context for why we're removing the implementation: - https://github.com/matrix-org/matrix-spec-proposals/pull/2716#issuecomment-1487441010 - https://github.com/matrix-org/matrix-spec-proposals/pull/2716#issuecomment-1504262734 Anyone wanting to continue MSC2716, should also address these leftover tasks: https://github.com/matrix-org/synapse/issues/10737 Closes https://github.com/matrix-org/synapse/issues/10737 in the fact that it is not longer necessary to track those things.
* Stabilize support for MSC3952: Intentional mentions. (#15520)Patrick Cloke2023-06-061-1/+1
|
* `N + 3`: Read from column `full_user_id` rather than `user_id` of tables ↵Shay2023-06-021-2/+2
| | | | `profiles` and `user_filters` (#15649)
* Add stricter mypy options (#15694)Patrick Cloke2023-05-311-1/+1
| | | | Enable warn_unused_configs, strict_concatenate, disallow_subclassing_any, and disallow_incomplete_defs.
* Enforce that an admin token also has the basic Matrix API scopeQuentin Gliech2023-05-301-5/+2
|
* Reject tokens with multiple device scopesQuentin Gliech2023-05-301-6/+24
|
* Make OIDC scope constantsQuentin Gliech2023-05-301-10/+15
|
* Handle errors when introspecting tokensQuentin Gliech2023-05-301-5/+37
| | | | | This returns a proper 503 when the introspection endpoint is not working for some reason, which should avoid logging out clients in those cases.
* Make AS tokens work & allow ASes to /registerQuentin Gliech2023-05-303-83/+88
|
* Add an admin token for MAS -> Synapse callsQuentin Gliech2023-05-301-0/+15
|
* Refactor config to be an experimental featureHugh Nimmo-Smith2023-05-301-25/+28
| | | | Also enforce you can't combine it with incompatible config options
* Actually enforce guest + return www-authenticate headerHugh Nimmo-Smith2023-05-302-5/+41
|
* MSC2967: Check access token scope for use as user and add guest supportHugh Nimmo-Smith2023-05-301-10/+20
|
* Use `name` claim as display name when registering users on the fly.Hugh Nimmo-Smith2023-05-301-1/+8
| | | | | This makes is so that the `name` claim got when introspecting the token is used as the display name when registering a user on the fly.
* Record the `sub` claims as an external_idQuentin Gliech2023-05-301-22/+37
|
* Handle the Synapse admin scopeQuentin Gliech2023-05-301-0/+3
|
* Save the scopes in the requesterQuentin Gliech2023-05-301-0/+1
|
* Initial MSC3964 support: delegation of auth to OIDC serverQuentin Gliech2023-05-301-0/+227
|
* Make the api.auth.Auth a ProtocolQuentin Gliech2023-05-303-241/+456
|
* Add `MSC3820opt2` as a known room version (#15678)Travis Ralston2023-05-261-0/+1
|
* Add MSC3820 (room version 11) option 2 unstable room version. (#15666)Travis Ralston2023-05-261-0/+24
|
* Properly parse event_fields in filters (#15607)Patrick Cloke2023-05-221-14/+1
| | | | | | | | The event_fields property in filters should use the proper escape rules, namely backslashes can be escaped with an additional backslash. This adds tests (adapted from matrix-js-sdk) and implements the logic to properly split the event_fields strings.
* Implement MSC3821 to update redaction rules (`third_party_invite.signed`) ↵Patrick Cloke2023-05-151-0/+40
| | | | | | (#15563) Updates the redaction rules to protect enough information that the event can still be properly verified.
* Implement MSC3389 to protect relations from redaction. (#15565)Patrick Cloke2023-05-151-0/+17
| | | | | | MSC3389 proposes protecting the relation type & parent event ID from redaction. This keeps the relation information intact after redaction which helps with some UX flaws (e.g. deleting an event causes it to no longer be in a thread, which is confusing).
* Stabilize MSC2659 support for AS ping endpoint. (#15528)Tulir Asokan2023-05-091-4/+4
|
* Use account data constants in more places. (#15554)Patrick Cloke2023-05-091-0/+1
|
* Factor out an `is_mine_server_name` method (#15542)Sean Quah2023-05-051-2/+2
| | | | | | | | | | | | Add an `is_mine_server_name` method, similar to `is_mine_id`. Ideally we would use this consistently, instead of sometimes comparing against `hs.hostname` and other times reaching into `hs.config.server.server_name`. Also fix a bug in the tests where `hs.hostname` would sometimes differ from `hs.config.server.server_name`. Signed-off-by: Sean Quah <seanq@matrix.org>
* Add column `full_user_id` to tables `profiles` and `user_filters`. (#15458)Shay2023-04-261-4/+2
|
* Implement MSC2174: move redacts to a content property. (#15395)Patrick Cloke2023-04-131-1/+2
| | | | | | | This moves `redacts` from being a top-level property to a `content` property in a new room version. MSC2176 (which was previously implemented) states to not `redact` this property.
* Implement MSC2175: remove the creator field from create events. (#15394)Patrick Cloke2023-04-062-0/+19
|
* Implement MSC3989 to redact the origin field. (#15393)Patrick Cloke2023-04-051-0/+37
| | | | This will be done in a future room version, for now an unstable room version is added which redacts the origin field.
* Fix spinloop during partial state sync when a prev event is in backoff (#15351)Sean Quah2023-03-301-4/+13
| | | | | | | | Previously, we would spin in a tight loop until `update_state_for_partial_state_event` stopped raising `FederationPullAttemptBackoffError`s. Replace the spinloop with a wait until the backoff period has expired. Signed-off-by: Sean Quah <seanq@matrix.org>
* Implement MSC2659: application service ping endpoint (#15249)Tulir Asokan2023-03-161-0/+5
| | | Signed-off-by: Tulir Asokan <tulir@maunium.net>
* Update the error code for duplicate annotation (#15075)Richard van der Hoff2023-02-151-0/+4
|
* Faster joins: don't stall when a user joins during a fast join (#14606)Mathieu Velten2023-02-101-0/+22
| | | | | | | | | | | | | | | | Fixes #12801. Complement tests are at https://github.com/matrix-org/complement/pull/567. Avoid blocking on full state when handling a subsequent join into a partial state room. Also always perform a remote join into partial state rooms, since we do not know whether the joining user has been banned and want to avoid leaking history to banned users. Signed-off-by: Mathieu Velten <mathieuv@matrix.org> Co-authored-by: Sean Quah <seanq@matrix.org> Co-authored-by: David Robertson <davidr@element.io>
* Avoid fetching unused account data in sync. (#14973)Patrick Cloke2023-02-101-5/+25
| | | | | | | The per-room account data is no longer unconditionally fetched, even if all rooms will be filtered out. Global account data will not be fetched if it will all be filtered out.
* Tag federation request spans with the worker name (#15042)David Robertson2023-02-091-7/+0
| | | | | | | * Systematically include worker name as process info * Changelog * don't bother with inner setdefault
* Properly typecheck tests.api (#14983)David Robertson2023-02-031-2/+2
|
* Skip unused calculations in sync handler. (#14908)Patrick Cloke2023-02-021-0/+3
| | | | | | | | | If a sync request does not need to calculate per-room entries & is not generating presence & is not generating device list data (e.g. during initial sync) avoid the expensive calculation of room specific data. This is a micro-optimisation for clients syncing simply to receive to-device information.
* Implement MSC3952: Intentional mentions (#14823)Patrick Cloke2023-01-271-0/+3
| | | | | | | | MSC3952 defines push rules which searches for mentions in a list of Matrix IDs in the event body, instead of searching the entire event body for display name / local part. This is implemented behind an experimental configuration flag and does not yet implement the backwards compatibility pieces of the MSC.
* Use an enum for direction. (#14927)Patrick Cloke2023-01-271-0/+7
| | | | For better type safety we use an enum instead of strings to configure direction (backwards or forwards).
* Merge account data streams (#14826)Erik Johnston2023-01-131-0/+1
|
* Calculate rooms changed for device lists to work. (#14810)Patrick Cloke2023-01-111-3/+0
| | | | Back-out some changes from 7e582a25f8f350df29d7d83ca902bdb522d1bbaf (#14786) which skipped necessary logic to calculate device lists properly.
* Improve /sync performance of when passing filters with empty arrays. (#14786)Patrick Cloke2023-01-091-5/+8
| | | | | | | | | | | | | | | | This has two related changes: * It enables fast-path processing for an empty filter (`[]`) which was previously only used for wildcard not-filters (`["*"]`). * It special cases a `/sync` filter with no-rooms to skip all room processing, previously we would partially skip processing, but would generally still calculate intermediate values for each room which were then unused. Future changes might consider further optimizations: * Skip calculating per-room account data when all rooms are filtered (currently this is thrown away). * Make similar improvements to other endpoints which support filters.
* Improve validation of field size limits in events. (#14664)reivilibre2022-12-133-17/+27
|
* Respond with proper error responses on unknown paths. (#14621)Patrick Cloke2022-12-081-4/+2
| | | | Returns a proper 404 with an errcode of M_RECOGNIZED for unknown endpoints per MSC3743.
* Improve logging and opentracing for to-device message handling (#14598)Richard van der Hoff2022-12-061-0/+3
| | | | | | | A batch of changes intended to make it easier to trace to-device messages through the system. The intention here is that a client can set a property org.matrix.msgid in any to-device message it sends. That ID is then included in any tracing or logging related to the message. (Suggestions as to where this field should be documented welcome. I'm not enthusiastic about speccing it - it's very much an optional extra to help with debugging.) I've also generally improved the data we send to opentracing for these messages.
* Create MSC1767 (extensible events) room version; Implement MSC3932 (#14521)Travis Ralston2022-11-281-1/+28
| | | | | | | | | | | | * Add MSC1767's dedicated room version, based on v10 * Only enable MSC1767 room version if the config flag is on Using a similar technique to knocking: https://github.com/matrix-org/synapse/pull/6739/files#diff-3af529eedb0e00279bafb7369370c9654b37792af8eafa0925400e9281d57f0a * Support MSC3932: Extensible events room version feature flag * Changelog entry
* Initial support for MSC3931: Room version push rule feature flags (#14520)Travis Ralston2022-11-281-1/+20
| | | | | | | * Add support for MSC3931: Room Version Supports push rule condition * Create experimental flag for future work, and use it to gate MSC3931 * Changelog entry
* Remove redundant types from comments. (#14412)Patrick Cloke2022-11-161-1/+1
| | | | | | | Remove type hints from comments which have been added as Python type hints. This helps avoid drift between comments and reality, as well as removing redundant information. Also adds some missing type hints which were simple to fill in.
* Do not reject `/sync` requests with unrecognised filter fields (#14369)Sean Quah2022-11-071-4/+4
| | | | | | | | For forward compatibility, Synapse needs to ignore fields it does not recognise instead of raising an error. Fixes #14365. Signed-off-by: Sean Quah <seanq@matrix.org>
* Implement MSC3912: Relation-based redactions (#14260)Brendan Abolivier2022-11-031-0/+2
| | | Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com>
* Merge branch 'master' into developOlivier Wilkinson (reivilibre)2022-10-281-1/+7
|\
| * Fix room creation being rate limited too aggressively since Synapse v1.69.0. ↵reivilibre2022-10-281-1/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (#14314) * Introduce a test for the old behaviour which we want to restore * Reintroduce the old behaviour in a simpler way * Newsfile Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org> * Use 1 credit instead of 2 for creating a room: be more lenient than before Notably, the UI in Element Web was still broken after restoring to prior behaviour. After discussion, we agreed that it would be sensible to increase the limit. Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
* | Use servlets for /key/ endpoints. (#14229)Patrick Cloke2022-10-201-1/+1
| | | | | | | | | | To fix the response for unknown endpoints under that prefix. See MSC3743.
* | Explain `SynapseError` and `FederationError` better (#14191)Eric Eastwood2022-10-191-3/+21
|/ | | | | Explain `SynapseError` and `FederationError` better Spawning from https://github.com/matrix-org/synapse/pull/13816#discussion_r993262622
* Support filtering the /messages API by relation type (MSC3874). (#14148)Patrick Cloke2022-10-171-3/+24
| | | Gated behind an experimental configuration flag.
* Stop getting missing `prev_events` after we already know their signature is ↵Eric Eastwood2022-10-151-0/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | invalid (#13816) While https://github.com/matrix-org/synapse/pull/13635 stops us from doing the slow thing after we've already done it once, this PR stops us from doing one of the slow things in the first place. Related to - https://github.com/matrix-org/synapse/issues/13622 - https://github.com/matrix-org/synapse/pull/13635 - https://github.com/matrix-org/synapse/issues/13676 Part of https://github.com/matrix-org/synapse/issues/13356 Follow-up to https://github.com/matrix-org/synapse/pull/13815 which tracks event signature failures. With this PR, we avoid the call to the costly `_get_state_ids_after_missing_prev_event` because the signature failure will count as an attempt before and we filter events based on the backoff before calling `_get_state_ids_after_missing_prev_event` now. For example, this will save us 156s out of the 185s total that this `matrix.org` `/messages` request. If you want to see the full Jaeger trace of this, you can drag and drop this `trace.json` into your own Jaeger, https://gist.github.com/MadLittleMods/4b12d0d0afe88c2f65ffcc907306b761 To explain this exact scenario around `/messages` -> backfill, we call `/backfill` and first check the signatures of the 100 events. We see bad signature for `$luA4l7QHhf_jadH3mI-AyFqho0U2Q-IXXUbGSMq6h6M` and `$zuOn2Rd2vsC7SUia3Hp3r6JSkSFKcc5j3QTTqW_0jDw` (both member events). Then we process the 98 events remaining that have valid signatures but one of the events references `$luA4l7QHhf_jadH3mI-AyFqho0U2Q-IXXUbGSMq6h6M` as a `prev_event`. So we have to do the whole `_get_state_ids_after_missing_prev_event` rigmarole which pulls in those same events which fail again because the signatures are still invalid. - `backfill` - `outgoing-federation-request` `/backfill` - `_check_sigs_and_hash_and_fetch` - `_check_sigs_and_hash_and_fetch_one` for each event received over backfill - ❗ `$luA4l7QHhf_jadH3mI-AyFqho0U2Q-IXXUbGSMq6h6M` fails with `Signature on retrieved event was invalid.`: `unable to verify signature for sender domain xxx: 401: Failed to find any key to satisfy: _FetchKeyRequest(...)` - ❗ `$zuOn2Rd2vsC7SUia3Hp3r6JSkSFKcc5j3QTTqW_0jDw` fails with `Signature on retrieved event was invalid.`: `unable to verify signature for sender domain xxx: 401: Failed to find any key to satisfy: _FetchKeyRequest(...)` - `_process_pulled_events` - `_process_pulled_event` for each validated event - ❗ Event `$Q0iMdqtz3IJYfZQU2Xk2WjB5NDF8Gg8cFSYYyKQgKJ0` references `$luA4l7QHhf_jadH3mI-AyFqho0U2Q-IXXUbGSMq6h6M` as a `prev_event` which is missing so we try to get it - `_get_state_ids_after_missing_prev_event` - `outgoing-federation-request` `/state_ids` - ❗ `get_pdu` for `$luA4l7QHhf_jadH3mI-AyFqho0U2Q-IXXUbGSMq6h6M` which fails the signature check again - ❗ `get_pdu` for `$zuOn2Rd2vsC7SUia3Hp3r6JSkSFKcc5j3QTTqW_0jDw` which fails the signature check
* Use stable identifiers for MSC3771 & MSC3773. (#14050)Patrick Cloke2022-10-071-4/+9
| | | | | These are both part of Matrix 1.4 which has now been released. For now, support both the unstable and stable identifiers.
* Track notification counts per thread (implement MSC3773). (#13776)Patrick Cloke2022-10-042-0/+13
| | | | | | | | When retrieving counts of notifications segment the results based on the thread ID, but choose whether to return them as individual threads or as a single summed field by letting the client opt-in via a sync flag. The summarization code is also updated to be per thread, instead of per room.
* Allow admins to require a manual approval process before new accounts can be ↵Brendan Abolivier2022-09-292-0/+27
| | | | used (using MSC3866) (#13556)
* Faster Remote Room Joins: tell remote homeservers that we are unable to ↵reivilibre2022-09-231-0/+6
| | | | authorise them if they query a room which has partial state on our server. (#13823)
* Remove unused method in `synapse.api.auth.Auth`. (#13795)Quentin Gliech2022-09-141-9/+0
| | | | | Clean-up from b19060a29b4f73897847db2aba5d03ec819086e0 (#13094) and 73af10f419346a5f2d70131ac1ed8e69942edca0 (#13093) which removed all callers.
* Tag trace with instance name (#13761)Eric Eastwood2022-09-091-0/+7
| | | | | | | | We tag the Synapse instance name so that it's an easy jumping off point into the logs. Can also be used to filter for an instance that is under load. As suggested by @clokep and @reivilibre in, - https://github.com/matrix-org/synapse/pull/13729#discussion_r964719258 - https://github.com/matrix-org/synapse/pull/13729#discussion_r964733578
* Cancel the processing of key query requests when they time out. (#13680)reivilibre2022-09-071-0/+5
|
* Rename the `EventFormatVersions` enum values so that they line up with room ↵reivilibre2022-09-071-20/+25
| | | | version numbers. (#13706)
* Actually fix typechecking with latest types-jsonschema (#13724)David Robertson2022-09-061-4/+4
|
* Fix typechecking with latest `types-jsonschema` (#13712)David Robertson2022-09-051-4/+4
|
* Remove support for unstable private read receipts (#13653)Šimon Brandner2022-09-011-1/+0
| | | Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* `synapse.api.auth.Auth` cleanup: make permission-related methods use ↵Quentin Gliech2022-08-221-107/+95
| | | | | | | | | `Requester` instead of the `UserID` (#13024) Part of #13019 This changes all the permission-related methods to rely on the Requester instead of the UserID. This is a first step towards enabling scoped access tokens at some point, since I expect the Requester to have scope-related informations in it. It also changes methods which figure out the user/device/appservice out of the access token to return a Requester instead of something else. This avoids having store-related objects in the methods signatures.
* MSC2716v4 room version - remove namespace from MSC2716 event content fields ↵Eric Eastwood2022-08-192-22/+22
| | | | | | | | (#13551) Complement PR: https://github.com/matrix-org/complement/pull/450 As suggested in https://github.com/matrix-org/matrix-spec-proposals/pull/2716#discussion_r941444525
* Support stable identifiers for MSC2285: private read receipts. (#13273)Šimon Brandner2022-08-051-1/+2
| | | | | This adds support for the stable identifiers of MSC2285 while continuing to support the unstable identifiers behind the configuration flag. These will be removed in a future version.
* Instrument `/messages` for understandable traces in Jaeger (#13368)Eric Eastwood2022-08-031-1/+7
| | | | | | In Jaeger: - Before: huge list of uncategorized database calls - After: nice and collapsible into units of work
* Rename `RateLimitConfig` to `RatelimitSettings` (#13442)Dirk Klimpel2022-08-031-3/+3
|
* Use stable prefixes for MSC3827: filtering of `/publicRooms` by room type ↵Šimon Brandner2022-07-271-1/+1
| | | | | | (#13370) Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Implement MSC3848: Introduce errcodes for specific event sending failures ↵Will Hunt2022-07-272-13/+56
| | | | | (#13343) Implements MSC3848
* Allow rate limiters to passively record actions they cannot limit (#13253)David Robertson2022-07-131-12/+82
| | | Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
* Add support for room version 10 (#13220)Shay2022-07-131-0/+33
|
* Uniformize spam-checker API, part 5: expand other spam-checker callbacks to ↵David Teller2022-07-111-2/+8
| | | | | | return `Tuple[Codes, dict]` (#13044) Signed-off-by: David Teller <davidt@element.io> Co-authored-by: Brendan Abolivier <babolivier@matrix.org>
* Implement MSC3827: Filtering of `/publicRooms` by room type (#13031)Šimon Brandner2022-06-291-0/+10
| | | | Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Fix a long-standing bug which meant that rate limiting was not restrictive ↵reivilibre2022-06-151-1/+4
| | | | enough in some cases. (#13018)
* Move the "email unsubscribe" resource, refactor the macaroon generator & ↵Quentin Gliech2022-06-141-148/+45
| | | | | | | | | | | | | | | | | | | | | simplify the access token verification logic. (#12986) This simplifies the access token verification logic by removing the `rights` parameter which was only ever used for the unsubscribe link in email notifications. The latter has been moved under the `/_synapse` namespace, since it is not a standard API. This also makes the email verification link more secure, by embedding the app_id and pushkey in the macaroon and verifying it. This prevents the user from tampering the query parameters of that unsubscribe link. Macaroon generation is refactored: - Centralised all macaroon generation and verification logic to the `MacaroonGenerator` - Moved to `synapse.utils` - Changed the constructor to require only a `Clock`, hostname, and a secret key (instead of a full `Homeserver`). - Added tests for all methods.
* Decouple `synapse.api.auth_blocking.AuthBlocking` from ↵Quentin Gliech2022-06-141-14/+0
| | | | `synapse.api.auth.Auth`. (#13021)
* Reduce the amount of state we pull from the DB (#12811)Erik Johnston2022-06-061-23/+22
|
* Remove remaining bits of groups code. (#12936)Patrick Cloke2022-06-011-1/+0
| | | | | | * Update worker docs to remove group endpoints. * Removes an unused parameter to `ApplicationService`. * Break dependency between media repo and groups. * Avoid copying `m.room.related_groups` state events during room upgrades.
* Fix M_USER_ACCOUNT_SUSPENDED error code for spec compliance (#12923)Travis Ralston2022-05-311-1/+1
|
* Revert "Fix M_USER_ACCOUNT_SUSPENDED error code for spec compliance (#12922)"Travis Ralston2022-05-301-1/+1
| | | | This reverts commit e0fae823e9938618a260adadb82bfee6e4c2f907.
* Fix M_USER_ACCOUNT_SUSPENDED error code for spec compliance (#12922)Travis Ralston2022-05-311-1/+1
| | | `M_` is a reserved namespace.
* Uniformize spam-checker API, part 3: Expand check_event_for_spam with the ↵David Teller2022-05-301-10/+13
| | | | | ability to return additional fields (#12846) Signed-off-by: David Teller <davidt@element.io>
* Add code M_USER_ACCOUNT_SUSPENDED, as per MSC3823. (#12845)David Teller2022-05-271-0/+7
| | | | Signed-off-by: David Teller <davidt@element.io> Co-authored-by: Brendan Abolivier <babolivier@matrix.org>
* Additional constants for EDU types. (#12884)Patrick Cloke2022-05-272-3/+9
| | | Instead of hard-coding strings in many places.
* Remove user-visible groups/communities code (#12553)Patrick Cloke2022-05-251-5/+0
| | | | | | | | | Makes it so that groups/communities no longer exist from a user-POV. E.g. we remove: * All API endpoints (including Client-Server, Server-Server, and admin). * Documented configuration options (and the experimental flag, which is now unused). * Special handling during room upgrades. * The `groups` section of the `/sync` response.
* Uniformize spam-checker API, part 2: check_event_for_spam (#12808)David Teller2022-05-231-3/+1
| | | Signed-off-by: David Teller <davidt@element.io>
* Uniformize spam-checker API, part 1: the `Code` enum. (#12703)David Teller2022-05-201-2/+9
|
* Add a new room version for MSC3787's knock+restricted join rule (#12623)Travis Ralston2022-05-172-0/+34
|
* Fix incorrect type hint in filtering code. (#12695)Patrick Cloke2022-05-101-2/+3
|
* Improve comments and error messages around access tokens. (#12577)reivilibre2022-05-051-8/+11
|
* Use `getClientAddress` instead of `getClientIP`. (#12599)Patrick Cloke2022-05-041-2/+2
| | | | | getClientIP was deprecated in Twisted 18.4.0, which also added getClientAddress. The Synapse minimum version for Twisted is currently 18.9.0, so all supported versions have the new API.
* Implement changes to MSC2285 (hidden read receipts) (#12168)Šimon Brandner2022-05-041-4/+2
| | | | | * Changes hidden read receipts to be a separate receipt type (instead of a field on `m.read`). * Updates the `/receipts` endpoint to accept `m.fully_read`.
* Implement MSC2815: allow room moderators to view redacted event content (#12427)Tulir Asokan2022-04-201-0/+18
| | | | | | Implements matrix-org/matrix-spec-proposals#2815 Signed-off-by: Tulir Asokan <tulir@maunium.net>
* Remove references to unstable identifiers from MSC3440. (#12382)Patrick Cloke2022-04-122-14/+0
| | | | | Removes references to unstable thread relation, unstable identifiers for filtering parameters, and the experimental config flag.
* Bump `black` and `click` versions (#12320)David Robertson2022-03-291-1/+1
|
* Support stable identifiers for MSC3440: Threading (#12151)Patrick Cloke2022-03-102-12/+15
| | | | The unstable identifiers are still supported if the experimental configuration flag is enabled. The unstable identifiers will be removed in a future release.
* Fix `PushRuleEvaluator` and `Filter` to work on frozendicts (#12100)Richard van der Hoff2022-02-281-2/+3
| | | | | | | | | | * Fix `PushRuleEvaluator` to work on frozendicts frozendicts do not (necessarily) inherit from dict, so this needs to handle them correctly. * Fix event filtering for frozen events Looks like this one was introduced by #11194.
* Remove `HomeServer.get_datastore()` (#12031)Richard van der Hoff2022-02-233-4/+4
| | | | | | | The presence of this method was confusing, and mostly present for backwards compatibility. Let's get rid of it. Part of #11733
* Fix M_WRONG_ROOM_KEYS_VERSION error not including `current_version` field ↵Michael Telatynski2022-02-141-0/+3
| | | | | (#11988) Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Stabilise MSC3231 (Token Based Registration) (#11867)Jonathan de Jong2022-02-041-1/+1
|
* Remove support for the webclient listener. (#11895)Patrick Cloke2022-02-031-1/+0
| | | Also remove support for non-HTTP(S) web_client_location.
* Use auto_attribs/native type hints for attrs classes. (#11692)Patrick Cloke2022-01-131-15/+15
|
* Allow tracking puppeted users for MAU (#11561)Jason Robinson2022-01-121-0/+13
| | | | | | | | | | | | | | | Currently when puppeting another user, the user doing the puppeting is tracked for client IPs and MAU (if configured). When tracking MAU is important, it becomes necessary to be possible to also track the client IPs and MAU of puppeted users. As an example a client that manages user creation and creation of tokens via the Synapse admin API, passing those tokens for the client to use. This PR adds optional configuration to enable tracking of puppeted users into monthly active users. The default behaviour stays the same. Signed-off-by: Jason Robinson <jasonr@matrix.org>
* Convert all namedtuples to attrs. (#11665)Patrick Cloke2021-12-301-2/+1
| | | To improve type hints throughout the code.
* Various opentracing enhancements (#11619)Richard van der Hoff2021-12-211-16/+37
| | | | | | | | | | | | | | | | | | | | | | | | | * Wrap `auth.get_user_by_req` in an opentracing span give `get_user_by_req` its own opentracing span, since it can result in a non-trivial number of sub-spans which it is useful to group together. This requires a bit of reorganisation because it also sets some tags (and may force tracing) on the servlet span. * Emit opentracing span for encoding json responses This can be a significant time sink. * Rename all sync spans with a prefix * Write an opentracing span for encoding sync response * opentracing span to group generate_room_entries * opentracing spans within sync.encode_response * changelog * Use the `trace` decorator instead of context managers
* Add experimental support for MSC3202: allowing application services to ↵reivilibre2021-12-151-14/+72
| | | | masquerade as specific devices. (#11538)
* Add a constant for receipt types (m.read). (#11531)Patrick Cloke2021-12-081-0/+4
| | | And expand some type hints in the receipts storage module.
* Annotate string constants in `synapse.api.constants` with `Final` (#11356)Sean Quah2021-11-251-98/+100
| | | | | | | | | | This change makes mypy complain if the constants are ever reassigned, and, more usefully, makes mypy type them as `Literal`s instead of `str`s, allowing code of the following form to pass mypy: ```py def do_something(membership: Literal["join", "leave"], ...): ... do_something(Membership.JOIN, ...) ```
* Add support for `/_matrix/media/v3` APIs (#11371)Aaron R2021-11-171-1/+2
| | | | | | | | | | | | | * Add support for `/_matrix/media/v3` APIs Signed-off-by: Aaron Raimist <aaron@raim.ist> * Update `workers.md` to use v3 client and media APIs Signed-off-by: Aaron Raimist <aaron@raim.ist> * Add changelog Signed-off-by: Aaron Raimist <aaron@raim.ist>
* Support filtering by relations per MSC3440 (#11236)Patrick Cloke2021-11-091-31/+84
| | | | Adds experimental support for `relation_types` and `relation_senders` fields for filters.
* Default value for `public_baseurl` (#11210)Richard van der Hoff2021-11-081-3/+0
| | | | | We might as well use a default value for `public_baseurl` based on `server_name` - in many cases, it will be correct.
* Make `check_event_allowed` module API callback not fail open (accept events) ↵reivilibre2021-11-011-0/+7
| | | | when an exception is raised (#11033)
* Refactor `Filter` to handle fields according to data being filtered. (#11194)Patrick Cloke2021-10-271-61/+78
| | | | This avoids filtering against fields which cannot exist on an event source. E.g. presence updates don't have a room.
* Add a thread relation type per MSC3440. (#11088)Patrick Cloke2021-10-211-0/+1
| | | | Adds experimental support for MSC3440's `io.element.thread` relation type (and the aggregation for it).
* Add missing type hints to synapse.api. (#11109)Patrick Cloke2021-10-186-94/+75
| | | | * Convert UserPresenceState to attrs. * Remove args/kwargs from error classes and explicitly pass msg/errorcode.
* Remove the deprecated BaseHandler. (#11005)Patrick Cloke2021-10-081-0/+86
| | | | | | | | The shared ratelimit function was replaced with a dedicated RequestRatelimiter class (accessible from the HomeServer object). Other properties were copied to each sub-class that inherited from BaseHandler.
* Add type hints to filtering classes. (#10958)Patrick Cloke2021-10-011-43/+74
|
* Strip "join_authorised_via_users_server" from join events which do not need ↵Patrick Cloke2021-09-301-0/+3
| | | | | | | it. (#10933) This fixes a "Event not signed by authorising server" error when transition room member from join -> join, e.g. when updating a display name or avatar URL for restricted rooms.
* Fix AuthBlocking check when requester is appservice (#10881)Jason Robinson2021-09-241-1/+1
| | | | | If the MAU count had been reached, Synapse incorrectly blocked appservice users even though they've been explicitly configured not to be tracked (the default). This was due to bypassing the relevant if as it was chained behind another earlier hit if as an elif. Signed-off-by: Jason Robinson <jasonr@matrix.org>
* Use direct references for configuration variables (part 4). (#10893)Patrick Cloke2021-09-231-2/+2
|
* Rename MSC2716 things from `chunk` to `batch` to match `/batch_send` ↵Eric Eastwood2021-09-212-24/+8
| | | | | | | | endpoint (#10838) See https://github.com/matrix-org/matrix-doc/pull/2716#discussion_r684574497 Dropping support for older MSC2716 room versions so we don't have to worry about supporting both chunk and batch events.
* Use direct references for some configuration variables (part 2) (#10812)Patrick Cloke2021-09-152-9/+11
|
* Use direct references for some configuration variables (#10798)Patrick Cloke2021-09-131-2/+2
| | | | Instead of proxying through the magic getter of the RootConfig object. This should be more performant (and is more explicit).
* Add types to synapse.util. (#10601)reivilibre2021-09-101-4/+4
|
* Prefer room v9 for restricted rooms. (#10772)Patrick Cloke2021-09-091-1/+1
| | | | | Hint to clients via the room capabilities API (MSC3244) that room version 9 should be preferred for creating a room with restricted join rules (instead of room version 8).
* Add a constant for m.federate. (#10775)Patrick Cloke2021-09-081-0/+3
|
* Merge tag 'v1.42.0rc2' into developBrendan Abolivier2021-09-061-0/+31
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.42.0rc2 (2021-09-06) ============================== This version of Synapse removes deprecated room-management admin APIs, removes out-of-date email pushers, and improves error handling for fallback templates for user-interactive authentication. For more information on these points, server administrators are encouraged to read [the upgrade notes](docs/upgrade.md#upgrading-to-v1420). Features -------- - Support room version 9 from [MSC3375](https://github.com/matrix-org/matrix-doc/pull/3375). ([\#10747](https://github.com/matrix-org/synapse/issues/10747)) Internal Changes ---------------- - Print a warning when using one of the deprecated `template_dir` settings. ([\#10768](https://github.com/matrix-org/synapse/issues/10768))
| * Support MSC3375: room version 9. (#10747)Patrick Cloke2021-09-031-0/+31
| |
* | Move `maybe_kick_guest_users` out of `BaseHandler` (#10744)Richard van der Hoff2021-09-061-0/+9
| | | | | | This is part of my ongoing war against BaseHandler. I've moved kick_guest_users into RoomMemberHandler (since it calls out to that handler anyway), and split maybe_kick_guest_users into the two places it is called.
* | Populate `rooms.creator` field for easy lookup (#10697)Eric Eastwood2021-09-011-0/+3
|/ | | | | | Part of https://github.com/matrix-org/synapse/pull/10566 - Fill in creator whenever we insert into the rooms table - Add background update to backfill any missing creator values
* Merge branch 'master' into developErik Johnston2021-08-241-1/+1
|\
| * Set room version 8 as preferred for restricted rooms. (#10571)Patrick Cloke2021-08-201-1/+1
| |
* | Implement MSC3231: Token authenticated registration (#10142)Callum Brown2021-08-211-0/+1
| | | | | | | | | | Signed-off-by: Callum Brown <callum@calcuode.com> This is part of my GSoC project implementing [MSC3231](https://github.com/matrix-org/matrix-doc/pull/3231).
* | Validate device_keys for C-S /keys/query requests (#10593)David Robertson2021-08-201-0/+8
|/ | | | | | | | * Validate device_keys for C-S /keys/query requests Closes #10354 A small, not particularly critical fix. I'm interested in seeing if we can find a more systematic approach though. #8445 is the place for any discussion.
* When redacting, keep event fields around that maintain the historical event ↵Eric Eastwood2021-08-091-5/+32
| | | | | | | | | | | | | | | structure intact (MSC2716) (#10538) * Keep event fields that maintain the historical event structure intact Fix https://github.com/matrix-org/synapse/issues/10521 * Add changelog * Bump room version * Better changelog text * Fix up room version after develop merge
* Support MSC3289: Room version 8 (#10449)Patrick Cloke2021-08-092-15/+15
| | | This adds support for MSC3289: room version 8. This is room version 7 + MSC3083.
* Make historical events discoverable from backfill for servers without any ↵Eric Eastwood2021-07-282-3/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | scrollback history (MSC2716) (#10245) * Make historical messages available to federated servers Part of MSC2716: https://github.com/matrix-org/matrix-doc/pull/2716 Follow-up to https://github.com/matrix-org/synapse/pull/9247 * Debug message not available on federation * Add base starting insertion point when no chunk ID is provided * Fix messages from multiple senders in historical chunk Follow-up to https://github.com/matrix-org/synapse/pull/9247 Part of MSC2716: https://github.com/matrix-org/matrix-doc/pull/2716 --- Previously, Synapse would throw a 403, `Cannot force another user to join.`, because we were trying to use `?user_id` from a single virtual user which did not match with messages from other users in the chunk. * Remove debug lines * Messing with selecting insertion event extremeties * Move db schema change to new version * Add more better comments * Make a fake requester with just what we need See https://github.com/matrix-org/synapse/pull/10276#discussion_r660999080 * Store insertion events in table * Make base insertion event float off on its own See https://github.com/matrix-org/synapse/pull/10250#issuecomment-875711889 Conflicts: synapse/rest/client/v1/room.py * Validate that the app service can actually control the given user See https://github.com/matrix-org/synapse/pull/10276#issuecomment-876316455 Conflicts: synapse/rest/client/v1/room.py * Add some better comments on what we're trying to check for * Continue debugging * Share validation logic * Add inserted historical messages to /backfill response * Remove debug sql queries * Some marker event implemntation trials * Clean up PR * Rename insertion_event_id to just event_id * Add some better sql comments * More accurate description * Add changelog * Make it clear what MSC the change is part of * Add more detail on which insertion event came through * Address review and improve sql queries * Only use event_id as unique constraint * Fix test case where insertion event is already in the normal DAG * Remove debug changes * Switch to chunk events so we can auth via power_levels Previously, we were using `content.chunk_id` to connect one chunk to another. But these events can be from any `sender` and we can't tell who should be able to send historical events. We know we only want the application service to do it but these events have the sender of a real historical message, not the application service user ID as the sender. Other federated homeservers also have no indicator which senders are an application service on the originating homeserver. So we want to auth all of the MSC2716 events via power_levels and have them be sent by the application service with proper PL levels in the room. * Switch to chunk events for federation * Add unstable room version to support new historical PL * Fix federated events being rejected for no state_groups Add fix from https://github.com/matrix-org/synapse/pull/10439 until it merges. * Only connect base insertion event to prev_event_ids Per discussion with @erikjohnston, https://matrix.to/#/!UytJQHLQYfvYWsGrGY:jki.re/$12bTUiObDFdHLAYtT7E-BvYRp3k_xv8w0dUQHibasJk?via=jki.re&via=matrix.org * Make it possible to get the room_version with txn * Allow but ignore historical events in unsupported room version See https://github.com/matrix-org/synapse/pull/10245#discussion_r675592489 We can't reject historical events on unsupported room versions because homeservers without knowledge of MSC2716 or the new room version don't reject historical events either. Since we can't rely on the auth check here to stop historical events on unsupported room versions, I've added some additional checks in the processing/persisting code (`synapse/storage/databases/main/events.py` -> `_handle_insertion_event` and `_handle_chunk_event`). I've had to do some refactoring so there is method to fetch the room version by `txn`. * Move to unique index syntax See https://github.com/matrix-org/synapse/pull/10245#discussion_r675638509 * High-level document how the insertion->chunk lookup works * Remove create_event fallback for room_versions See https://github.com/matrix-org/synapse/pull/10245/files#r677641879 * Use updated method name
* Merge tag 'v1.39.0rc3' into developErik Johnston2021-07-281-0/+8
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.39.0rc3 (2021-07-28) ============================== Bugfixes -------- - Fix a bug introduced in Synapse 1.38 which caused an exception at startup when SAML authentication was enabled. ([\#10477](https://github.com/matrix-org/synapse/issues/10477)) - Fix a long-standing bug where Synapse would not inform clients that a device had exhausted its one-time-key pool, potentially causing problems decrypting events. ([\#10485](https://github.com/matrix-org/synapse/issues/10485)) - Fix reporting old R30 stats as R30v2 stats. Introduced in v1.39.0rc1. ([\#10486](https://github.com/matrix-org/synapse/issues/10486)) Internal Changes ---------------- - Fix an error which prevented the Github Actions workflow to build the docker images from running. ([\#10461](https://github.com/matrix-org/synapse/issues/10461)) - Fix release script to correctly version debian changelog when doing RCs. ([\#10465](https://github.com/matrix-org/synapse/issues/10465))
| * Always communicate device OTK counts to clients (#10485)Andrew Morgan2021-07-271-0/+8
| | | | | | Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* | Support for MSC2285 (hidden read receipts) (#10413)Šimon Brandner2021-07-281-0/+4
| | | | | | Implementation of matrix-org/matrix-doc#2285
* | Update the MSC3083 support to verify if joins are from an authorized server. ↵Patrick Cloke2021-07-262-1/+4
| | | | | | | | (#10254)
* | Switch to `chunk` events so we can auth via power_levels (MSC2716) (#10432)Eric Eastwood2021-07-211-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, we were using `content.chunk_id` to connect one chunk to another. But these events can be from any `sender` and we can't tell who should be able to send historical events. We know we only want the application service to do it but these events have the sender of a real historical message, not the application service user ID as the sender. Other federated homeservers also have no indicator which senders are an application service on the originating homeserver. So we want to auth all of the MSC2716 events via power_levels and have them be sent by the application service with proper PL levels in the room.
* | MSC3244 room capabilities implementation (#10283)Michael Telatynski2021-07-201-2/+36
|/
* Add a module type for account validity (#9884)Brendan Abolivier2021-07-161-7/+10
| | | | | This adds an API for third-party plugin modules to implement account validity, so they can provide this feature instead of Synapse. The module implementing the current behaviour for this feature can be found at https://github.com/matrix-org/synapse-email-account-validity. To allow for a smooth transition between the current feature and the new module, hooks have been added to the existing account validity endpoints to allow their behaviours to be overridden by a module.
* Use inline type hints in various other places (in `synapse/`) (#10380)Jonathan de Jong2021-07-155-10/+8
|
* Fix messages from multiple senders in historical chunk (MSC2716) (#10276)Eric Eastwood2021-07-131-4/+33
| | | | | | | Fix messages from multiple senders in historical chunk. This also means that an app service does not need to define `?user_id` when using this endpoint. Follow-up to https://github.com/matrix-org/synapse/pull/9247 Part of MSC2716: https://github.com/matrix-org/matrix-doc/pull/2716
* Move methods involving event authentication to EventAuthHandler. (#10268)Patrick Cloke2021-07-011-73/+2
| | | Instead of mixing them with user authentication methods.
* Correct type hints for synapse.event_auth. (#10253)Patrick Cloke2021-06-301-2/+3
|
* Do not recurse into non-spaces in the spaces summary. (#10256)Patrick Cloke2021-06-291-0/+6
| | | | | Previously m.child.room events in non-space rooms would be treated as part of the room graph, but this is no longer supported.
* MSC2918 Refresh tokens implementation (#9450)Quentin Gliech2021-06-241-0/+5
| | | | | | | | | | This implements refresh tokens, as defined by MSC2918 This MSC has been implemented client side in Hydrogen Web: vector-im/hydrogen-web#235 The basics of the MSC works: requesting refresh tokens on login, having the access tokens expire, and using the refresh token to get a new one. Signed-off-by: Quentin Gliech <quentingliech@gmail.com>
* Add endpoints for backfilling history (MSC2716) (#9247)Eric Eastwood2021-06-222-5/+17
| | | Work on https://github.com/matrix-org/matrix-doc/pull/2716
* Update MSC3083 support per changes in the MSC. (#10189)Patrick Cloke2021-06-171-0/+6
| | | Adds a "type" field and generalize "space" to "room_id".
* Make opentracing trace into event persistence (#10134)Richard van der Hoff2021-06-161-2/+2
| | | | | | | | | | | | | | * Trace event persistence When we persist a batch of events, set the parent opentracing span to the that from the request, so that we can trace all the way in. * changelog * When we force tracing, set a baggage item ... so that we can check again later. * Link in both directions between persist_events spans
* Remove support for unstable MSC1772 prefixes. (#10161)Patrick Cloke2021-06-151-3/+0
| | | | The stable prefixes have been supported since v1.34.0. The unstable prefixes are not supported by any known clients.
* Remove the experimental flag for knocking and use stable prefixes / ↵Patrick Cloke2021-06-152-5/+6
| | | | | | | endpoints. (#10167) * Room version 7 for knocking. * Stable prefixes and endpoints (both client and federation) for knocking. * Removes the experimental configuration flag.
* Implement knock feature (#6739)Sorunome2021-06-093-4/+29
| | | | | | This PR aims to implement the knock feature as proposed in https://github.com/matrix-org/matrix-doc/pull/2403 Signed-off-by: Sorunome mail@sorunome.de Signed-off-by: Andrew Morgan andrewm@element.io
* Set opentracing priority before setting other tags (#10092)Richard van der Hoff2021-05-281-4/+4
| | | ... because tags on spans which aren't being sampled get thrown away.
* Remove the experimental spaces enabled flag. (#10063)Patrick Cloke2021-05-261-1/+1
| | | | In lieu of just always enabling the unstable spaces endpoint and unstable room version.
* Support enabling opentracing by user (#9978)Richard van der Hoff2021-05-141-0/+5
| | | | | Add a config option which allows enabling opentracing by user id, eg for debugging requests made by a test user.
* Correctly ratelimit invites when creating a room (#9968)Brendan Abolivier2021-05-121-5/+17
| | | | | * Correctly ratelimit invites when creating a room Also allow ratelimiting for more than one action at a time.
* Fix `m.room_key_request` to-device messages (#9961)Richard van der Hoff2021-05-111-1/+4
| | | fixes #9960
* Follow-up to #9915 to correct the identifier for room types.Patrick Cloke2021-05-051-1/+1
|
* Support stable MSC1772 spaces identifiers. (#9915)Patrick Cloke2021-05-051-0/+3
| | | | Support both the unstable and stable identifiers. A future release will disable the unstable identifiers.
* Improved validation for received requests (#9817)Richard van der Hoff2021-04-231-0/+3
| | | | | | * Simplify `start_listening` callpath * Correctly check the size of uploaded files
* Add type hints to auth and auth_blocking. (#9876)Patrick Cloke2021-04-232-42/+45
|
* Check for space membership during a remote join of a restricted room (#9814)Patrick Cloke2021-04-231-0/+1
| | | | | | When receiving a /send_join request for a room with join rules set to 'restricted', check if the user is a member of the spaces defined in the 'allow' key of the join rules. This only applies to an experimental room version, as defined in MSC3083.
* Port "Allow users to click account renewal links multiple times without ↵Andrew Morgan2021-04-191-2/+4
| | | | | hitting an 'Invalid Token' page #74" from synapse-dinsic (#9832) This attempts to be a direct port of https://github.com/matrix-org/synapse-dinsic/pull/74 to mainline. There was some fiddling required to deal with the changes that have been made to mainline since (mainly dealing with the split of `RegistrationWorkerStore` from `RegistrationStore`, and the changes made to `self.make_request` in test code).
* Remove redundant "coding: utf-8" lines (#9786)Jonathan de Jong2021-04-149-9/+0
| | | | | | | Part of #9744 Removes all redundant `# -*- coding: utf-8 -*-` lines from files, as python 3 automatically reads source code as utf-8 now. `Signed-off-by: Jonathan de Jong <jonathan@automatia.nl>`
* Require AppserviceRegistrationType (#9548)Will Hunt2021-04-121-0/+5
| | | This change ensures that the appservice registration behaviour follows the spec. We decided to do this for Dendrite, so it made sense to also make a PR for synapse to correct the behaviour.
* Add an experimental room version to support restricted join rules. (#9717)Patrick Cloke2021-03-312-1/+25
| | | Per MSC3083.
* Make RateLimiter class check for ratelimit overrides (#9711)Erik Johnston2021-03-301-45/+55
| | | | | | | This should fix a class of bug where we forget to check if e.g. the appservice shouldn't be ratelimited. We also check the `ratelimit_override` table to check if the user has ratelimiting disabled. That table is really only meant to override the event sender ratelimiting, so we don't use any values from it (as they might not make sense for different rate limits), but we do infer that if ratelimiting is disabled for the user we should disabled all ratelimits. Fixes #9663
* Make it possible to use dmypy (#9692)Erik Johnston2021-03-261-0/+5
| | | | | | | | | Running `dmypy run` will do a `mypy` check while spinning up a daemon that makes rerunning `dmypy run` a lot faster. `dmypy` doesn't support `follow_imports = silent` and has `local_partial_types` enabled, so this PR enables those options and fixes the issues that were newly raised. Note that `local_partial_types` will be enabled by default in upcoming mypy releases.
* Merge branch 'develop' into babolivier/msc3026Brendan Abolivier2021-03-191-0/+6
|\
| * Initial spaces summary API (#9643)Richard van der Hoff2021-03-181-0/+6
| | | | | | This is very bare-bones for now: federation will come soon, while pagination is descoped for now but will come later.
* | Implement MSC3026: busy presence stateBrendan Abolivier2021-03-181-0/+1
|/
* Fix additional type hints from Twisted 21.2.0. (#9591)Patrick Cloke2021-03-121-1/+1
|
* Record the SSO Auth Provider in the login token (#9510)Richard van der Hoff2021-03-041-32/+9
| | | This great big stack of commits is a a whole load of hoop-jumping to make it easier to store additional values in login tokens, and then to actually store the SSO Identity Provider in the login token. (Making use of that data will follow in a subsequent PR.)
* Ratelimit cross-user key sharing requests. (#8957)Patrick Cloke2021-02-192-6/+11
|
* Add type hints to groups code. (#9393)Patrick Cloke2021-02-171-0/+5
|
* Update black, and run auto formatting over the codebase (#9381)Eric Eastwood2021-02-164-19/+24
| | | | | | | - Update black version to the latest - Run black auto formatting over the codebase - Run autoformatting according to [`docs/code_style.md `](https://github.com/matrix-org/synapse/blob/80d6dc9783aa80886a133756028984dbf8920168/docs/code_style.md) - Update `code_style.md` docs around installing black to use the correct version
* Backout changes for automatically calculating the public baseurl. (#9313)Patrick Cloke2021-02-111-0/+2
| | | | This breaks some people's configurations (if their Client-Server API is not accessed via port 443).
* Give `public_baseurl` a default value (#9159)Richard van der Hoff2021-01-201-2/+0
|
* Kill off `HomeServer.get_ip_from_request()` (#9080)Richard van der Hoff2021-01-121-2/+2
| | | Homeserver.get_ip_from_request() used to be a bit more complicated, but now it is totally redundant. Let's get rid of it.
* Remove SynapseRequest.get_user_agent (#9069)Richard van der Hoff2021-01-121-1/+2
| | | | | | | | | | | SynapseRequest is in danger of becoming a bit of a dumping-ground for "useful stuff relating to Requests", which isn't really its intention (its purpose is to override render, finished and connectionLost to set up the LoggingContext and write the right entries to the request log). Putting utility functions inside SynapseRequest means that lots of our code ends up requiring a SynapseRequest when there is nothing synapse-specific about the Request at all, and any old twisted.web.iweb.IRequest will do. This increases code coupling and makes testing more difficult. In short: move get_user_agent out to a utility function.
* Implement MSC2176: Updated redaction rules (#8984)Patrick Cloke2021-01-051-6/+26
| | | | An experimental room version ("org.matrix.msc2176") contains the new redaction rules for testing.
* Merge remote-tracking branch 'origin/erikj/as_mau_block' into developErik Johnston2020-12-181-0/+7
|\
| * Don't MAU limit AS ghost usersErik Johnston2020-12-171-0/+7
| |
* | Try and drop stale extremities. (#8929)Erik Johnston2020-12-181-0/+2
| | | | | | | | If we see stale extremities while persisting events, and notice that they don't change the result of state resolution, we drop them.
* | Do not assume that the contents dictionary includes history_visibility. (#8945)Patrick Cloke2020-12-162-2/+10
| |
* | Honour AS ratelimit settings for /login requests (#8920)Erik Johnston2020-12-111-1/+3
|/ | | | Fixes #8846.
* Add admin API for logging in as a user (#8617)Erik Johnston2020-11-171-4/+29
|
* Add ability for access tokens to belong to one user but grant access to ↵Erik Johnston2020-10-291-67/+46
| | | | | | | | | | another user. (#8616) We do it this way round so that only the "owner" can delete the access token (i.e. `/logout/all` by the "owner" also deletes that token, but `/logout/all` by the "target user" doesn't). A future PR will add an API for creating such a token. When the target user and authenticated entity are different the `Processed request` log line will be logged with a: `{@admin:server as @bob:server} ...`. I'm not convinced by that format (especially since it adds spaces in there, making it harder to use `cut -d ' '` to chop off the start of log lines). Suggestions welcome.
* Fix handling of User-Agent headers with bad utf-8. (#8632)Erik Johnston2020-10-231-3/+1
|
* type annotations for LruCacheRichard van der Hoff2020-10-161-1/+3
|
* Make LruCache register its own metrics (#8561)Richard van der Hoff2020-10-161-3/+1
| | | | | rather than have everything that instantiates an LruCache manage metrics separately, have LruCache do it itself.
* Do not assume that account data is of the correct form. (#8454)Patrick Cloke2020-10-051-0/+5
| | | | This fixes a bug where `m.ignored_user_list` was assumed to be a dict, leading to odd behavior for users who set it to something else.
* Don't push if an user account has expired (#8353)Mathieu Velten2020-09-231-5/+1
|
* Simplify super() calls to Python 3 syntax. (#8344)Patrick Cloke2020-09-182-28/+24
| | | | | | | This converts calls like super(Foo, self) -> super(). Generated with: sed -i "" -Ee 's/super\([^\(]+\)/super()/g' **/*.py
* Show a confirmation page during user password reset (#8004)Andrew Morgan2020-09-101-0/+1
| | | | | This PR adds a confirmation step to resetting your user password between clicking the link in your email and your password actually being reset. This is to better align our password reset flow with the industry standard of requiring a confirmation from the user after email validation.
* Directly import json from the standard library. (#8259)Patrick Cloke2020-09-081-1/+1
| | | | | By importing from canonicaljson the simplejson module was still being used in some situations. After this change the std lib json is consistenty used throughout Synapse.
* Stop sub-classing object (#8249)Patrick Cloke2020-09-048-26/+26
|
* Do not apply ratelimiting on joins to appservices (#8139)Will Hunt2020-08-211-0/+37
| | | | | | Add new method ratelimiter.can_requester_do_action and ensure that appservices are exempt from being ratelimited. Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> Co-authored-by: Erik Johnston <erik@matrix.org>
* Stop shadow-banned users from sending invites. (#8095)Patrick Cloke2020-08-201-0/+8
|