summary refs log tree commit diff
path: root/synapse/config/key.py (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Merge remote-tracking branch 'gitlab/clokep/license-license' into new_developErik Johnston2023-12-131-11/+16
|\
| * Update license headersPatrick Cloke2023-11-211-11/+16
| |
* | Write signing keys with file mode 0640 (#16740)elara-leitstellentechnik2023-12-081-2/+6
|/ | | | Co-authored-by: Fabian Klemp <fabian.klemp@frequentis.com>
* Fix a bug where Synapse fails to start if a signing key file contains an ↵reivilibre2022-09-081-1/+12
| | | | empty line. (#13738)
* Remove code generating comments in configuration file (#12941)Shay2022-06-141-91/+2
|
* Move the "email unsubscribe" resource, refactor the macaroon generator & ↵Quentin Gliech2022-06-141-2/+4
| | | | | | | | | | | | | | | | | | | | | simplify the access token verification logic. (#12986) This simplifies the access token verification logic by removing the `rights` parameter which was only ever used for the unsubscribe link in email notifications. The latter has been moved under the `/_synapse` namespace, since it is not a standard API. This also makes the email verification link more secure, by embedding the app_id and pushkey in the macaroon and verifying it. This prevents the user from tampering the query parameters of that unsubscribe link. Macaroon generation is refactored: - Centralised all macaroon generation and verification logic to the `MacaroonGenerator` - Moved to `synapse.utils` - Changed the constructor to require only a `Clock`, hostname, and a secret key (instead of a full `Homeserver`). - Added tests for all methods.
* Add missing type hints to config classes. (#12402)Patrick Cloke2022-04-111-3/+10
|
* Fix typechecker problems exposed by signedjson 1.1.2 (#12326)David Robertson2022-03-291-5/+8
|
* Additional type hints for the config module, part 2. (#11480)Patrick Cloke2021-12-091-15/+21
|
* Add missing type hints to config base classes (#11377)Patrick Cloke2021-11-231-1/+2
|
* Require direct references to configuration variables. (#10985)Patrick Cloke2021-10-061-2/+4
| | | | | | This removes the magic allowing accessing configurable variables directly from the config object. It is now required that a specific configuration class is used (e.g. `config.foo` must be replaced with `config.server.foo`).
* Remove redundant "coding: utf-8" lines (#9786)Jonathan de Jong2021-04-141-1/+0
| | | | | | | Part of #9744 Removes all redundant `# -*- coding: utf-8 -*-` lines from files, as python 3 automatically reads source code as utf-8 now. `Signed-off-by: Jonathan de Jong <jonathan@automatia.nl>`
* Enable flake8-bugbear, but disable most checks. (#9499)Jonathan de Jong2021-03-161-1/+5
| | | | * Adds B00 to ignored checks. * Fixes remaining issues.
* Stop sub-classing object (#8249)Patrick Cloke2020-09-041-1/+1
|
* Fix some DETECTED VIOLATIONS in the config file (#7550)Richard van der Hoff2020-05-221-2/+2
| | | consistency ftw
* Add an export_signing_key script (#6546)Richard van der Hoff2019-12-191-8/+15
| | | | | I want to do some key rotation, and it is silly that we don't have a way to do this.
* Remove usage of deprecated logger.warn method from codebase (#6271)Andrew Morgan2019-10-311-2/+2
| | | Replace every instance of `logger.warn` with `logger.warning` as the former is deprecated.
* Refactor HomeserverConfig so it can be typechecked (#6137)Amber Brown2019-10-101-0/+2
|
* Explicitly log when a homeserver does not have a trusted key server ↵Neil Johnson2019-09-261-4/+44
| | | | configured (#6090)
* Don't implicitly include server signing keyErik Johnston2019-08-231-7/+6
|
* Add config option for keys to use to sign keysErik Johnston2019-08-211-4/+31
| | | | | This allows servers to separate keys that are used to sign remote keys when acting as a notary server.
* Remove non-functional 'expire_access_token' setting (#5782)Richard van der Hoff2019-07-301-6/+0
| | | | | | | | The `expire_access_token` didn't do what it sounded like it should do. What it actually did was make Synapse enforce the 'time' caveat on macaroons used as access tokens, but since our access token macaroons never contained such a caveat, it was always a no-op. (The code to add 'time' caveats was removed back in v0.18.5, in #1656)
* Don't load the generated config as the default.Richard van der Hoff2019-06-241-1/+1
| | | | It's too confusing.
* Ensure that all config options have sensible defaultsRichard van der Hoff2019-06-241-5/+17
| | | | | This will enable us to skip the unintuitive behaviour where the generated config and default config are the same thing.
* Pass config_dir_path and data_dir_path into Config.read_config. (#5522)Richard van der Hoff2019-06-241-1/+1
| | | | | | * Pull config_dir_path and data_dir_path calculation out of read_config_files * Pass config_dir_path and data_dir_path into read_config
* Improve logging when generating config files (#5510)Richard van der Hoff2019-06-211-0/+1
| | | Make it a bit clearer what's going on.
* Run Black. (#5482)Amber Brown2019-06-201-3/+2
|
* Improve startup checks for insecure notary configs (#5392)Richard van der Hoff2019-06-101-4/+23
| | | | | | | | | | | | | It's not really a problem to trust notary responses signed by the old key so long as we are also doing TLS validation. This commit adds a check to the config parsing code at startup to check that we do not have the insecure matrix.org key without tls validation, and refuses to start without it. This allows us to remove the rather alarming-looking warning which happens at runtime.
* Stop hardcoding trust of old matrix.org key (#5374)Richard van der Hoff2019-06-061-39/+189
| | | | | | | | | | | | | | | | | There are a few changes going on here: * We make checking the signature on a key server response optional: if no verify_keys are specified, we trust to TLS to validate the connection. * We change the default config so that it does not require responses to be signed by the old key. * We replace the old 'perspectives' config with 'trusted_key_servers', which is also formatted slightly differently. * We emit a warning to the logs every time we trust a key server response signed by the old key.
* Add config.signing_key_path. (#4974)Richard van der Hoff2019-04-021-1/+2
| | | | | | As requested by @andrewshadura
* Use a regular HomeServerConfig object for unit testsRichard van der Hoff2019-03-191-1/+6
| | | | | | | Rather than using a Mock for the homeserver config, use a genuine HomeServerConfig object. This makes for a more realistic test, and means that we don't have to keep remembering to add things to the mock config every time we add a new config setting.
* Comment out most options in the generated config. (#4863)Richard van der Hoff2019-03-191-12/+18
| | | | | | | | | | | | | | | | | | | | Make it so that most options in the config are optional, and commented out in the generated config. The reasons this is a good thing are as follows: * If we decide that we should change the default for an option, we can do so, and only those admins that have deliberately chosen to override that option will be stuck on the old setting. * It moves us towards a point where we can get rid of the super-surprising feature of synapse where the default settings for the config come from the generated yaml. * It makes setting up a test config for unit testing an order of magnitude easier (see forthcoming PR). * It makes the generated config more consistent, and hopefully easier for users to understand.
* Attempt to make default config more consistentRichard van der Hoff2019-02-191-2/+9
| | | | | | The general idea here is that config examples should just have a hash and no extraneous whitespace, both to make it easier for people who don't understand yaml, and to make the examples stand out from the comments.
* config: Remove a repeated word from a logger warningJuuso "Linda" Lapinlampi2019-02-151-1/+1
| | | | The warning for missing macaroon_secret_key was "missing missing".
* Changing macaroon_secret_key no longer logs you out (#4387)Richard van der Hoff2019-01-161-3/+0
|
* Merge branch rav/macaroon_key_fix_0.34 into rav/macaroon_key_fix_0.34.1Richard van der Hoff2019-01-101-2/+2
|\ | | | | | | Fixes #4371
| * Revert "Fix macaroon_secret_key fallback logic"Richard van der Hoff2019-01-101-3/+3
| | | | | | | | | | | | This is already fixed in 0.34.1, by 59f93bb This reverts commit efc522c55e996e420271de2d9094835dda52ade4.
| * Fix macaroon_secret_key fallback logicRichard van der Hoff2019-01-101-3/+3
| |
| * Fix fallback to signing key for macaroon-secret-keyRichard van der Hoff2019-01-101-2/+2
| |
* | Add a script to generate a clean config file (#4315)Richard van der Hoff2018-12-221-9/+18
|/
* run isortAmber Brown2018-07-091-9/+12
|
* ConsentResource to gather policy consent from usersRichard van der Hoff2018-05-151-0/+10
| | | | | Hopefully there are enough comments and docs in this that it makes sense on its own.
* Improve error handling for missing files (#2551)Richard van der Hoff2017-10-171-4/+4
| | | | | | | | | | | `os.path.exists` doesn't allow us to distinguish between permissions errors and the path actually not existing, which repeatedly confuses people. It also means that we try to overwrite existing key files, which is super-confusing. (cf issues #2455, #2379). Use os.stat instead. Also, don't recomemnd the the use of --generate-config, which screws everything up if you're using debian (cf #2455).
* Create user with expiryNegi Fazeli2016-05-131-0/+5
| | | | | | - Add unittests for client, api and handler Signed-off-by: Negar Fazeli <negar.fazeli@ericsson.com>
* Derive macaroon_secret_key from signing key.Erik Johnston2016-02-081-1/+27
| | | | | | Unfortunately, there are people that are running synapse without a `macaroon_sercret_key` set. Mandating they set one is a good solution, except that breaking auto upgrades is annoying.
* copyrightsMatthew Hodgson2016-01-071-1/+1
|
* Implement configurable stats reportingDaniel Wagner-Hall2015-09-221-1/+1
| | | | | | | | | | SYN-287 This requires that HS owners either opt in or out of stats reporting. When --generate-config is passed, --report-stats must be specified If an already-generated config is used, and doesn't have the report_stats key, it is requested to be set.
* Fix typo in module imports and package dependenciesMark Haines2015-08-251-1/+1
|
* Remove syutil dependency in favour of smaller single-purpose librariesMark Haines2015-08-241-19/+16
|
* Update key.pyMark Haines2015-04-301-1/+2
|
* Write a default log_config when generating configMark Haines2015-04-301-1/+1
|
* Add a random string to the auto generated key idMark Haines2015-04-301-1/+3
|
* Manually generate the default config yaml, remove most of the commandline ↵Mark Haines2015-04-301-78/+61
| | | | arguments for synapse anticipating that people will use the yaml instead. Simpify implementing config options by not requiring the classes to hit the super class
* Add config for setting the perspective serversMark Haines2015-04-241-2/+20
|
* Add a config file for perspective serversMark Haines2015-04-241-0/+19
|
* Move the key related config parser into a separate fileMark Haines2015-04-241-0/+110