Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Add private IPv6 addresses to preview blacklist #3312 | Felix Schäfer | 2018-06-01 | 1 | -0/+3 |
| | | | | | | | The added addresses are expected to be local or loopback addresses and shouldn't be spidered for previews. Signed-off-by: Felix Schäfer <felix@thegcat.net> | ||||
* | Run Prometheus on a different port, optionally. (#3274) | Amber Brown | 2018-05-31 | 1 | -0/+10 |
| | |||||
* | Fix default for send_server_notice_to_guests | Richard van der Hoff | 2018-05-25 | 1 | -1/+1 |
| | | | | bool("False") == True... | ||||
* | Avoid sending consent notice to guest users | Richard van der Hoff | 2018-05-25 | 1 | -1/+7 |
| | | | | we think it makes sense not to send the notices to guest users. | ||||
* | Allow overriding the server_notices user's avatar | Richard van der Hoff | 2018-05-23 | 1 | -3/+12 |
| | | | | probably should have done this in the first place, like @turt2live suggested. | ||||
* | Support for putting %(consent_uri)s in messages | Richard van der Hoff | 2018-05-23 | 1 | -4/+7 |
| | | | | | Make it possible to put the URI in the error message and the server notice that get sent by the server | ||||
* | Reject attempts to send event before privacy consent is given | Richard van der Hoff | 2018-05-22 | 1 | -0/+10 |
| | | | | | | Returns an M_CONSENT_NOT_GIVEN error (cf https://github.com/matrix-org/matrix-doc/issues/1252) if consent is not yet given. | ||||
* | Move consent config parsing into ConsentConfig | Richard van der Hoff | 2018-05-22 | 1 | -1/+15 |
| | | | | turns out we need to reuse this, so it's better in the config class. | ||||
* | Send users a server notice about consent | Richard van der Hoff | 2018-05-22 | 1 | -0/+8 |
| | | | | | When a user first syncs, we will send them a server notice asking them to consent to the privacy policy if they have not already done so. | ||||
* | Rename 'version' param on user consent config | Richard van der Hoff | 2018-05-22 | 1 | -4/+6 |
| | | | | we're going to use it for the version we require too. | ||||
* | Replace inline docstrings with "Attributes" in class docstring | Richard van der Hoff | 2018-05-18 | 1 | -23/+15 |
| | |||||
* | Infrastructure for a server notices room | Richard van der Hoff | 2018-05-17 | 2 | -1/+89 |
| | | | | | | | Server Notices use a special room which the user can't dismiss. They are created on demand when some other bit of the code calls send_notice. (This doesn't actually do much yet becuse we don't call send_notice anywhere) | ||||
* | ConsentResource to gather policy consent from users | Richard van der Hoff | 2018-05-15 | 4 | -3/+63 |
| | | | | | Hopefully there are enough comments and docs in this that it makes sense on its own. | ||||
* | Merge pull request #3085 from NotAFile/py3-config-text-mode | Richard van der Hoff | 2018-04-30 | 2 | -4/+4 |
|\ | | | | | Open config file in non-bytes mode | ||||
| * | open log_config in text mode too | Adrian Tschira | 2018-04-28 | 1 | -1/+1 |
| | | | | | | | | Signed-off-by: Adrian Tschira <nota@notafile.com> | ||||
| * | Open config file in non-bytes mode | Adrian Tschira | 2018-04-10 | 1 | -3/+3 |
| | | | | | | | | | | | | | | | | | | Nothing written into it is encoded, so it makes little sense, but it does break in python3 the way it was before. The variable names were adjusted to be less misleading. Signed-off-by: Adrian Tschira <nota@notafile.com> | ||||
* | | Merge pull request #3084 from NotAFile/py3-certs-byte-mode | Richard van der Hoff | 2018-04-30 | 1 | -2/+2 |
|\ \ | | | | | | | Open certificate files as bytes | ||||
| * | | Open certificate files as bytes | Adrian Tschira | 2018-04-10 | 1 | -2/+2 |
| |/ | | | | | | | | | | | That's what pyOpenSSL expects on python3 Signed-off-by: Adrian Tschira <nota@notafile.com> | ||||
* / | Use six.moves.urlparse | Adrian Tschira | 2018-04-15 | 1 | -2/+2 |
|/ | | | | | | The imports were shuffled around a bunch in py3 Signed-off-by: Adrian Tschira <nota@notafile.com> | ||||
* | Merge pull request #3074 from NotAFile/fix-py3-prints | Richard van der Hoff | 2018-04-09 | 1 | -5/+5 |
|\ | | | | | use python3-compatible prints | ||||
| * | use python3-compatible prints | Adrian Tschira | 2018-04-06 | 1 | -5/+5 |
| | | |||||
* | | Replace some type checks with six type checks | Adrian Tschira | 2018-04-07 | 2 | -5/+9 |
|/ | | | | Signed-off-by: Adrian Tschira <nota@notafile.com> | ||||
* | spell out not to massively increase bcrypt rounds | Matthew Hodgson | 2018-03-19 | 1 | -1/+3 |
| | |||||
* | Add replication http endpoint for event sending | Erik Johnston | 2018-02-07 | 1 | -0/+8 |
| | |||||
* | Add federation_domain_whitelist option (#2820) | Matthew Hodgson | 2018-01-22 | 1 | -0/+22 |
| | | | | | | Add federation_domain_whitelist gives a way to restrict which domains your HS is allowed to federate with. useful mainly for gracefully preventing a private but internet-connected HS from trying to federate to the wider public Matrix network | ||||
* | Merge pull request #2813 from matrix-org/matthew/registrations_require_3pid | Matthew Hodgson | 2018-01-22 | 1 | -0/+19 |
|\ | | | | | add registrations_require_3pid and allow_local_3pids | ||||
| * | rewrite based on PR feedback: | Matthew Hodgson | 2018-01-19 | 1 | -3/+9 |
| | | | | | | | | | | | | | | | | | | * [ ] split config options into allowed_local_3pids and registrations_require_3pid * [ ] simplify and comment logic for picking registration flows * [ ] fix docstring and move check_3pid_allowed into a new util module * [ ] use check_3pid_allowed everywhere @erikjohnston PTAL | ||||
| * | add registrations_require_3pid | Matthew Hodgson | 2018-01-19 | 1 | -0/+13 |
| | | | | | | | | | | lets homeservers specify a whitelist for 3PIDs that users are allowed to associate with. Typically useful for stopping people from registering with non-work emails | ||||
* | | Fix passing wrong config to provider constructor | Erik Johnston | 2018-01-18 | 1 | -1/+1 |
| | | |||||
* | | Remove duplicate directory test | Erik Johnston | 2018-01-18 | 1 | -4/+0 |
| | | |||||
* | | Fixup comments | Erik Johnston | 2018-01-18 | 1 | -1/+5 |
| | | |||||
* | | Make storage providers more configurable | Erik Johnston | 2018-01-18 | 1 | -11/+72 |
|/ | |||||
* | fix typo | Matthew Hodgson | 2018-01-16 | 1 | -1/+1 |
| | |||||
* | Actually make it work | Erik Johnston | 2018-01-12 | 1 | -0/+5 |
| | |||||
* | Merge pull request #2763 from matrix-org/rav/fix_config_uts | Richard van der Hoff | 2018-01-09 | 1 | -2/+2 |
|\ | | | | | Fix broken config UTs | ||||
| * | Fix broken config UTs | Richard van der Hoff | 2018-01-09 | 1 | -2/+2 |
| | | | | | | | | | | https://github.com/matrix-org/synapse/pull/2755 broke log-config generation, which in turn broke the unit tests. | ||||
* | | Make indentation of generated log config consistent | Richard van der Hoff | 2018-01-09 | 1 | -17/+17 |
|/ | | | | (we had a mix of 2- and 4-space indents) | ||||
* | Remove 'verbosity'/'log_file' from generated cfg | Richard van der Hoff | 2018-01-05 | 1 | -8/+4 |
| | | | | | | ... because these only really exist to confuse people nowadays. Also bring log config more into line with the generated log config, by making `level_for_storage` apply to the `synapse.storage.SQL` logger rather than `synapse.storage`. | ||||
* | Merge pull request #2683 from seckrv/fix_pwd_auth_prov_typo | Richard van der Hoff | 2017-12-18 | 1 | -2/+2 |
|\ | | | | | synapse/config/password_auth_providers: Fixed bracket typo | ||||
| * | synapse/config/password_auth_providers: Fixed bracket typo | Richard von Seck | 2017-11-16 | 1 | -2/+2 |
| | | | | | | | | Signed-off-by: Richard von Seck <richard.von-seck@gmx.net> | ||||
* | | Allow binds to both :: and 0.0.0.0 | Silke Hofstra | 2017-12-17 | 1 | -5/+3 |
| | | | | | | | | | | | | | | | | | | | | Binding on 0.0.0.0 when :: is specified in the bind_addresses is now allowed. This causes a warning explaining the behaviour. Configuration changed to match. See #2232 Signed-off-by: Silke Hofstra <silke@slxh.eu> | ||||
* | | Adapt the default config to bind on IPv6. | Willem Mulder | 2017-12-17 | 1 | -8/+9 |
| | | | | | | | | | | | | | | | | | | Most deployments are on Linux (or Mac OS), so this would actually bind on both IPv4 and IPv6. Resolves #1886. Signed-off-by: Willem Mulder <willemmaster@hotmail.com> | ||||
* | | better doc | Matthew Hodgson | 2017-12-04 | 1 | -1/+4 |
| | | |||||
* | | switch to a simpler 'search_all_users' button as per review feedback | Matthew Hodgson | 2017-12-04 | 1 | -7/+8 |
| | | |||||
* | | Merge branch 'develop' into matthew/search-all-local-users | Matthew Hodgson | 2017-11-30 | 1 | -0/+6 |
|\ \ | |||||
| * | | Add config option to disable media_repo on main synapse | Richard van der Hoff | 2017-11-22 | 1 | -0/+6 |
| | | | | | | | | | | | | ... to stop us doing the cache cleanup jobs on the master. | ||||
* | | | specify default user_directory_include_pattern | Matthew Hodgson | 2017-11-30 | 1 | -0/+1 |
| | | | |||||
* | | | untested WIP but might actually work | Matthew Hodgson | 2017-11-29 | 1 | -3/+2 |
| | | | |||||
* | | | Add user_directory_include_pattern config param to expand search results to ↵ | Matthew Hodgson | 2017-11-29 | 2 | -1/+42 |
|/ / | | | | | | | | | | | | | | | | | | | additional users Initial commit; this doesn't work yet - the LIKE filtering seems too aggressive. It also needs _do_initial_spam to be aware of prepopulating the whole user_directory_search table with all users... ...and it needs a handle_user_signup() or something to be added so that new signups get incrementally added to the table too. Committing it here as a WIP | ||||
* / | Check group_id belongs to this domain | Luke Barnard | 2017-11-16 | 1 | -0/+1 |
|/ | |||||
* | Print instead of logging | David Baker | 2017-11-13 | 1 | -11/+4 |
| | | | | because we had to wait until the logger was set up | ||||
* | Make the commented config have the default | David Baker | 2017-11-09 | 1 | -1/+1 |
| | |||||
* | better comments | David Baker | 2017-11-08 | 1 | -2/+5 |
| | |||||
* | Log if any of the old config flags are set | David Baker | 2017-11-08 | 1 | -2/+24 |
| | |||||
* | Rename redact_content option to include_content | David Baker | 2017-11-08 | 1 | -15/+13 |
| | | | | | | | | | | | | | | | | | | The redact_content option never worked because it read the wrong config section. The PR introducing it (https://github.com/matrix-org/synapse/pull/2301) had feedback suggesting the name be changed to not re-use the term 'redact' but this wasn't incorporated. This reanmes the option to give it a less confusing name, and also means that people who've set the redact_content option won't suddenly see a behaviour change when upgrading synapse, but instead can set include_content if they want to. This PR also updates the wording of the config comment to clarify that this has no effect on event_id_only push. Includes https://github.com/matrix-org/synapse/pull/2422 | ||||
* | Add a hook for custom rest endpoints | Richard van der Hoff | 2017-11-02 | 1 | -0/+7 |
| | | | | | Let the user specify custom modules which can be used for implementing extra endpoints. | ||||
* | Clean up backwards-compat hacks for ldap | Richard van der Hoff | 2017-10-31 | 1 | -20/+19 |
| | | | | | | | try to make the backwards-compat flows follow the same code paths as the modern impl. This commit should be non-functional. | ||||
* | fix typo | Matthew Hodgson | 2017-10-29 | 1 | -1/+1 |
| | |||||
* | Fix error when running synapse with no logfile | Richard van der Hoff | 2017-10-26 | 1 | -1/+5 |
| | | | | Fixes 'UnboundLocalError: local variable 'sighup' referenced before assignment' | ||||
* | tip for generating tls_fingerprints | Matthew Hodgson | 2017-10-24 | 1 | -0/+6 |
| | |||||
* | replace 'except:' with 'except Exception:' | Richard van der Hoff | 2017-10-23 | 1 | -1/+1 |
| | | | | what could possibly go wrong | ||||
* | Flake8 | Erik Johnston | 2017-10-19 | 1 | -4/+0 |
| | |||||
* | Add missing file... | Erik Johnston | 2017-10-19 | 1 | -0/+36 |
| | |||||
* | Add config to enable group creation | Erik Johnston | 2017-10-19 | 1 | -1/+2 |
| | |||||
* | Improve error handling for missing files (#2551) | Richard van der Hoff | 2017-10-17 | 3 | -17/+33 |
| | | | | | | | | | | | `os.path.exists` doesn't allow us to distinguish between permissions errors and the path actually not existing, which repeatedly confuses people. It also means that we try to overwrite existing key files, which is super-confusing. (cf issues #2455, #2379). Use os.stat instead. Also, don't recomemnd the the use of --generate-config, which screws everything up if you're using debian (cf #2455). | ||||
* | pep8 | David Baker | 2017-10-17 | 1 | -1/+2 |
| | |||||
* | Add config option to auto-join new users to rooms | David Baker | 2017-10-16 | 1 | -0/+6 |
| | | | | | New users who register on the server will be dumped into all rooms in auto_join_rooms in the config. | ||||
* | Copy everything to backup | Erik Johnston | 2017-10-12 | 1 | -1/+3 |
| | |||||
* | Basic implementation of backup media store | Erik Johnston | 2017-10-12 | 1 | -0/+18 |
| | |||||
* | Forgot the new file again :( | David Baker | 2017-09-27 | 1 | -0/+35 |
| | |||||
* | Make the spam checker a module | David Baker | 2017-09-26 | 1 | -1/+3 |
| | |||||
* | Factor out module loading to a separate place | David Baker | 2017-09-26 | 1 | -12/+10 |
| | | | | So it can be reused | ||||
* | Add a config option to block all room invites (#2457) | Richard van der Hoff | 2017-09-19 | 1 | -0/+10 |
| | | | | | - allows sysadmins the ability to lock down their servers so that people can't send their users room invites. | ||||
* | Fix process startup | Richard van der Hoff | 2017-08-16 | 1 | -10/+13 |
| | | | | escape the % that got added in 92168cb so that the process starts up ok. | ||||
* | explain why CPU affinity is a good idea | Matthew Hodgson | 2017-08-15 | 1 | -0/+8 |
| | |||||
* | Allow configuration of CPU affinity | Richard van der Hoff | 2017-08-15 | 2 | -0/+13 |
| | | | | | Make it possible to set the CPU affinity in the config file, so that we don't need to remember to do it manually every time. | ||||
* | Add a frontend proxy | Erik Johnston | 2017-07-07 | 1 | -0/+2 |
| | |||||
* | Change the config file generator to more descriptive explanation of ↵ | Caleb James DeLisle | 2017-06-24 | 1 | -3/+11 |
| | | | | push.redact_content | ||||
* | Fix TravisCI tests for PR #2301 - Fat finger mistake | Caleb James DeLisle | 2017-06-23 | 1 | -0/+37 |
| | |||||
* | Fix TravisCI tests for PR #2301 | Caleb James DeLisle | 2017-06-23 | 2 | -41/+1 |
| | |||||
* | Add configuration parameter to allow redaction of content from push messages ↵ | Caleb James DeLisle | 2017-06-23 | 2 | -1/+42 |
| | | | | for google/apple devices | ||||
* | Initial worker impl | Erik Johnston | 2017-06-16 | 1 | -0/+4 |
| | |||||
* | Configurable maximum number of events requested by /sync and /messages (#2220) | Pablo Saavedra | 2017-05-13 | 1 | -0/+6 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Set the limit on the returned events in the timeline in the get and sync operations. The default value is -1, means no upper limit. For example, using `filter_timeline_limit: 5000`: POST /_matrix/client/r0/user/user:id/filter { room: { timeline: { limit: 1000000000000000000 } } } GET /_matrix/client/r0/user/user:id/filter/filter:id { room: { timeline: { limit: 5000 } } } The server cuts down the room.timeline.limit. | ||||
* | web_server_root documentation fix | Matthew Wolff | 2017-04-17 | 1 | -0/+6 |
| | | | | Signed-off-by: Matthew Wolff <matthewjwolff@gmail.com> | ||||
* | trust a hypothetical future riot.im IS | Matthew Hodgson | 2017-04-10 | 1 | -0/+1 |
| | |||||
* | Merge pull request #2102 from DanielDent/add-auth-email | David Baker | 2017-04-10 | 1 | -0/+16 |
|\ | | | | | Support authenticated SMTP | ||||
| * | Support authenticated SMTP | Daniel Dent | 2017-04-05 | 1 | -0/+16 |
| | | | | | | | | | | | | Closes (SYN-714) #1385 Signed-off-by: Daniel Dent <matrixcontrib@contactdaniel.net> | ||||
* | | Merge pull request #2097 from matrix-org/erikj/repl_tcp_client | Erik Johnston | 2017-04-05 | 1 | -1/+3 |
|\ \ | |/ |/| | Move to using TCP replication | ||||
| * | Remove unused worker config option | Erik Johnston | 2017-04-04 | 1 | -1/+0 |
| | | |||||
| * | Update all the workers and master to use TCP replication | Erik Johnston | 2017-04-03 | 1 | -0/+3 |
| | | |||||
* | | typo | Matthew Hodgson | 2017-03-15 | 1 | -1/+1 |
| | | |||||
* | | set default for turn_allow_guests correctly | Matthew Hodgson | 2017-03-15 | 1 | -1/+1 |
| | | |||||
* | | add setting (on by default) to support TURN for guests | Matthew Hodgson | 2017-03-15 | 1 | -0/+8 |
|/ | |||||
* | Add helpful texts to logger config options | Richard van der Hoff | 2017-03-13 | 1 | -5/+7 |
| | |||||
* | Merge pull request #1983 from matrix-org/rav/no_redirect_stdio | Richard van der Hoff | 2017-03-13 | 1 | -6/+28 |
|\ | | | | | Add an option to disable stdio redirect | ||||
| * | Add an option to disable stdio redirect | Richard van der Hoff | 2017-03-10 | 1 | -1/+12 |
| | | | | | | | | This makes it tractable to run synapse under pdb. | ||||
| * | Refactor logger config for workers | Richard van der Hoff | 2017-03-10 | 1 | -5/+16 |
| | | | | | | | | - to make it easier to add more config options. | ||||
* | | Reread log config on SIGHUP | Richard van der Hoff | 2017-03-10 | 1 | -10/+19 |
|/ | | | | When we are using a log_config file, reread it on SIGHUP. | ||||
* | Fix typo in config comments. | Tyler Smith | 2017-02-11 | 1 | -1/+1 |
| | | | | Signed-off-by: Tyler Smith <tylersmith.me@gmail.com> | ||||
* | Merge pull request #1835 from matrix-org/erikj/fix_workers | Erik Johnston | 2017-01-20 | 1 | -0/+10 |
|\ | | | | | Make worker listener config backwards compat | ||||
| * | Make worker listener config backwards compat | Erik Johnston | 2017-01-20 | 1 | -0/+10 |
| | | |||||
* | | Added default config for turn username and password | Marvin Steadfast | 2017-01-19 | 1 | -0/+5 |
| | | |||||
* | | Added username and password for turn server | Marvin Steadfast | 2017-01-19 | 1 | -1/+3 |
|/ | | | | | It makes it possible to use a turn server that needs a username and password instead of a token. | ||||
* | Allow configuring the Riot URL used in notification emails | Adrian Perez de Castro | 2017-01-13 | 1 | -0/+7 |
| | | | | | | | | | | The URLs used for notification emails were hardcoded to use either matrix.to or vector.im; but for self-hosted setups where Riot is also self-hosted it may be desirable to allow configuring an alternative Riot URL. Fixes #1809. Signed-off-by: Adrian Perez de Castro <aperez@igalia.com> | ||||
* | Merge pull request #1795 from matrix-org/erikj/port_defaults | Erik Johnston | 2017-01-13 | 1 | -4/+13 |
|\ | | | | | Restore default bind address | ||||
| * | Pop bind_address | Erik Johnston | 2017-01-10 | 1 | -1/+1 |
| | | |||||
| * | Restore default bind address | Erik Johnston | 2017-01-10 | 1 | -4/+13 |
| | | |||||
* | | Remove full_twisted_stacktraces option | Erik Johnston | 2017-01-12 | 1 | -8/+0 |
|/ | | | | | | | | | | | | | | | | | The debug 'full_twisted_stacktraces' flag caused synapse to rewrite twisted deferreds to always fire the callback on the next reactor tick. This was to force the deferred to always store the stacktraces on exceptions, and thus be more likely to have a full stacktrace when it reaches the final error handlers and gets printed to the logs. Dynamically rewriting things is generally bad, and in particular this change violates assumptions of various bits of Twisted. This wouldn't necessarily be so bad, but it turns out this option has been turned on on some production servers. Turning the option can cause e.g. #1778. For now, lets just entirely nuke this option. | ||||
* | Merge remote-tracking branch 'origin/release-v0.18.6' into develop | Mark Haines | 2016-12-30 | 1 | -3/+13 |
|\ | |||||
| * | Use the new twisted logging framework. | Mark Haines | 2016-12-30 | 1 | -3/+13 |
| | | | | | | | | | | Hopefully adding an observer to the new framework will avoid a memory leak https://twistedmatrix.com/trac/ticket/8164 | ||||
* | | Add IPv6 comment to default config | Johannes Löthberg | 2016-12-18 | 1 | -0/+4 |
| | | | | | | | | Signed-off-by: Johannes Löthberg <johannes@kyriasis.com> | ||||
* | | Make default homeserver config use bind_addresses | Johannes Löthberg | 2016-12-18 | 1 | -4/+5 |
|/ | | | | Signed-off-by: Johannes Löthberg <johannes@kyriasis.com> | ||||
* | Bugfix: Console logging handler missing default filter | pik | 2016-12-03 | 1 | -0/+1 |
| | |||||
* | Stop putting a time caveat on access tokens | Richard van der Hoff | 2016-11-29 | 1 | -6/+0 |
| | | | | | | | | The 'time' caveat on the access tokens was something of a lie, since we weren't enforcing it; more pertinently its presence stops us ever adding useful time caveats. Let's move in the right direction by not lying in our caveats. | ||||
* | Hook up the send queue and create a federation sender worker | Erik Johnston | 2016-11-16 | 1 | -0/+5 |
| | |||||
* | Use external ldap auth pacakge | Erik Johnston | 2016-11-15 | 1 | -7/+13 |
| | |||||
* | Merge pull request #1625 from DanielDent/patch-1 | Erik Johnston | 2016-11-12 | 1 | -2/+3 |
|\ | | | | | Add support for durations in minutes | ||||
| * | Add support for durations in minutes | Daniel Dent | 2016-11-12 | 1 | -2/+3 |
| | | |||||
* | | Don't assume providers raise ConfigError's | Erik Johnston | 2016-11-08 | 1 | -2/+7 |
| | | |||||
* | | default config: blacklist more internal ips | Euan Kemp | 2016-11-06 | 1 | -0/+2 |
|/ | |||||
* | Allow Configurable Rate Limiting Per AS | Luke Barnard | 2016-10-18 | 1 | -0/+6 |
| | | | | This adds a flag loaded from the registration file of an AS that will determine whether or not its users are rate limited (by ratelimit in _base.py). Needed for IRC bridge reasons - see https://github.com/matrix-org/matrix-appservice-irc/issues/240. | ||||
* | Merge pull request #1167 from matrix-org/markjh/fingerprints | Mark Haines | 2016-10-12 | 1 | -0/+38 |
|\ | | | | | Add config option for adding additional TLS fingerprints | ||||
| * | Explain how long the servers can cache the TLS fingerprints for | Mark Haines | 2016-10-12 | 1 | -3/+4 |
| | | |||||
| * | Improve comment formatting | Mark Haines | 2016-10-12 | 1 | -1/+1 |
| | | |||||
| * | Add config option for adding additional TLS fingerprints | Mark Haines | 2016-10-11 | 1 | -0/+37 |
| | | |||||
* | | Implement pluggable password auth | Erik Johnston | 2016-10-03 | 3 | -103/+64 |
|/ | | | | | | Allows delegating the password auth to an external module. This also moves the LDAP auth to using this system, allowing it to be removed from the synapse tree entirely in the future. | ||||
* | Remove support for aggregate room lists | Erik Johnston | 2016-09-15 | 1 | -9/+0 |
| | |||||
* | flake8 | Kegan Dougal | 2016-08-30 | 1 | -2/+3 |
| | |||||
* | Use None instead of the empty string | Kegan Dougal | 2016-08-30 | 1 | -4/+11 |
| | | | | Change how we validate the 'url' field as a result. | ||||
* | Flake8 | Kegan Dougal | 2016-08-30 | 1 | -1/+2 |
| | |||||
* | Allow application services to have an optional 'url' | Kegan Dougal | 2016-08-30 | 1 | -0/+6 |
| | | | | | | If 'url' is not specified, they will not be pushed for events or queries. This is useful for bots who simply wish to reserve large chunks of user/alias namespace, and don't care about being pushed for events. | ||||
* | Merge pull request #1026 from matrix-org/paul/thirdpartylookup | Paul Evans | 2016-08-18 | 1 | -0/+10 |
|\ | | | | | 3rd party entity lookup | ||||
| * | Filter 3PU lookups by only ASes that declare knowledge of that protocol | Paul "LeoNerd" Evans | 2016-08-18 | 1 | -0/+10 |
| | | |||||
* | | Add appservice worker | Erik Johnston | 2016-08-18 | 1 | -0/+1 |
|/ | |||||
* | Update password config comment | Kent Shikama | 2016-07-06 | 1 | -1/+1 |
| | | | | Signed-off-by: Kent Shikama <kent@kentshikama.com> | ||||
* | Remove default password pepper string | Kent Shikama | 2016-07-05 | 1 | -2/+1 |
| | |||||
* | Fix password config | Kent Shikama | 2016-07-05 | 1 | -1/+1 |
| | |||||
* | Fix pep8 | Kent Shikama | 2016-07-05 | 1 | -1/+1 |
| | |||||
* | Add comment to prompt changing of pepper | Kent Shikama | 2016-07-05 | 1 | -0/+1 |
| | |||||
* | Add pepper to password hashing | Kent Shikama | 2016-07-05 | 1 | -1/+5 |
| | | | | Signed-off-by: Kent Shikama <kent@kentshikama.com> | ||||
* | remove vector.im from default secondary DS list | Matthew Hodgson | 2016-06-27 | 1 | -1/+0 |
| | |||||
* | Merge branch 'master' into develop | Mark Haines | 2016-06-23 | 1 | -0/+1 |
|\ | |||||
| * | Merge branch 'release-v0.16.1' of github.com:matrix-org/synapse v0.16.1 | Erik Johnston | 2016-06-20 | 5 | -107/+210 |
| |\ | |||||
| * | | point to the CAPTCHA docs | Matthew Hodgson | 2016-06-12 | 1 | -0/+1 |
| | | | |||||
* | | | Rework ldap integration with ldap3 | Martin Weinelt | 2016-06-22 | 1 | -27/+75 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use the pure-python ldap3 library, which eliminates the need for a system dependency. Offer both a `search` and `simple_bind` mode, for more sophisticated ldap scenarios. - `search` tries to find a matching DN within the `user_base` while employing the `user_filter`, then tries the bind when a single matching DN was found. - `simple_bind` tries the bind against a specific DN by combining the localpart and `user_base` Offer support for STARTTLS on a plain connection. The configuration was changed to reflect these new possibilities. Signed-off-by: Martin Weinelt <hexa@darmstadt.ccc.de> | ||||
* | | | Remove the legacy v0 content upload API. | Mark Haines | 2016-06-21 | 1 | -20/+0 |
| |/ |/| | | | | | | | | | The existing content can still be downloaded. The last upload to the matrix.org server was in January 2015, so it is probably safe to remove the upload API. | ||||
* | | Turn use_frozen_events off by default | Erik Johnston | 2016-06-17 | 1 | -1/+1 |
| | | |||||
* | | Use worker_ prefixes for worker config, use existing support for multiple ↵ | Mark Haines | 2016-06-16 | 1 | -41/+8 |
| | | | | | | | | config files | ||||
* | | Access the event_cache_size directly from the server object. | Mark Haines | 2016-06-16 | 1 | -14/+0 |
| | | | | | | | | | | This means that the workers can override the event_cache_size directly without clobbering the value in the main synapse config. | ||||
* | | Access replication_url from the worker config directly | Mark Haines | 2016-06-16 | 1 | -4/+0 |
| | | |||||
* | | Comment on what's going on in clobber_with_worker_config | Mark Haines | 2016-06-16 | 1 | -1/+12 |
| | | |||||
* | | Add worker config module | Mark Haines | 2016-06-16 | 1 | -0/+71 |
| | | |||||
* | | Inline the synchrotron and pusher configs into the main config | Mark Haines | 2016-06-16 | 3 | -63/+74 |
| | | |||||
* | | Add function to load config without generating it | Mark Haines | 2016-06-09 | 1 | -43/+104 |
|/ | | | | | | | | | | | | | | | | Renames ``load_config`` to ``load_or_generate_config`` Adds a method called ``load_config`` that just loads the config. The main synapse.app.homeserver will continue to use ``load_or_generate_config`` to retain backwards compat. However new worker processes can use ``load_config`` to load the config avoiding some of the cruft needed to generate the config. As the new ``load_config`` method is expected to be used by new configs it removes support for the legacy commandline overrides that ``load_or_generate_config`` supports | ||||
* | Allow setting of gc.set_thresholds | Erik Johnston | 2016-06-07 | 1 | -1/+18 |
| | |||||
* | brand the email from header | Matthew Hodgson | 2016-06-02 | 1 | -1/+1 |
| | |||||
* | Add vector.im to default secondary_directory_servers and add comment ↵ | David Baker | 2016-05-31 | 1 | -0/+4 |
| | | | | explaining it's not a permanent solution | ||||
* | Add federation room list servlet | David Baker | 2016-05-31 | 1 | -0/+6 |
| | |||||
* | Move the functions for parsing app service config | Mark Haines | 2016-05-17 | 1 | -1/+106 |
| | |||||
* | Clean up the blacklist/whitelist handling. | Mark Haines | 2016-05-16 | 1 | -6/+6 |
| | | | | | | | Always set the config key with an empty list, even if a list isn't specified. This means that the codepaths are the same for both the empty list and for a missing key. Since the behaviour is the same for both cases this makes the code somewhat easier to reason about. | ||||
* | Merge branch 'develop' into matthew/preview_url_ip_whitelist | Mark Haines | 2016-05-16 | 5 | -1/+119 |
|\ | |||||
| * | Create user with expiry | Negi Fazeli | 2016-05-13 | 2 | -0/+11 |
| | | | | | | | | | | | | - Add unittests for client, api and handler Signed-off-by: Negar Fazeli <negar.fazeli@ericsson.com> | ||||
| * | More consistent config naming | David Baker | 2016-05-10 | 1 | -1/+1 |
| | | |||||
| * | Add config option to not send email notifs for new users | David Baker | 2016-05-10 | 1 | -0/+4 |
| | | |||||
| * | fix layout; handle app naming in synapse, not jinja | Matthew Hodgson | 2016-05-05 | 1 | -0/+5 |
| | | |||||
| * | fix assorted typos in default config | Matthew Hodgson | 2016-05-04 | 1 | -3/+3 |
| | | |||||
| * | Try imports in config | David Baker | 2016-04-29 | 1 | -0/+7 |
| | | |||||
| * | Default enable email notifs to False | David Baker | 2016-04-29 | 1 | -1/+1 |
| | | |||||
| * | Correct public_baseurl default | David Baker | 2016-04-29 | 1 | -2/+2 |
| | | |||||
| * | Nicer get() shorthand | David Baker | 2016-04-29 | 1 | -3/+2 |
| | | |||||
| * | Remove redundant docstring | David Baker | 2016-04-29 | 1 | -4/+0 |
| | | |||||
| * | Correct default template and add text template | David Baker | 2016-04-29 | 1 | -1/+2 |
| | | |||||
| * | Send mail notifs with a plaintext part too | David Baker | 2016-04-29 | 1 | -0/+2 |
| | | |||||
| * | Merge remote-tracking branch 'origin/develop' into dbkr/email_notifs | David Baker | 2016-04-29 | 2 | -1/+19 |
| |\ | |||||
| * | | pep8 | David Baker | 2016-04-28 | 1 | -1/+1 |
| | | | |||||
| * | | Hopefully all remaining bits for email notifs | David Baker | 2016-04-27 | 2 | -1/+16 |
| | | | | | | | | | | | | Add public facing base url to the server so synapse knows what URL to use when converting mxc to http urls for use in emails | ||||
| * | | Generate mails from a template | David Baker | 2016-04-20 | 1 | -10/+25 |
| | | | |||||
| * | | Send a rather basic email notif | David Baker | 2016-04-20 | 2 | -1/+64 |
| | | | | | | | | | | | | Also pep8 fixes | ||||
* | | | add a url_preview_ip_range_whitelist config param so we can whitelist the ↵ | Matthew Hodgson | 2016-05-01 | 1 | -0/+14 |
| |/ |/| | | | | | matrix.org IP space | ||||
* | | Make pyjwt dependency optional | Erik Johnston | 2016-04-25 | 1 | -1/+16 |
| | | |||||
* | | Merge pull request #746 from matrix-org/markjh/split_out_pusher | Mark Haines | 2016-04-22 | 1 | -0/+1 |
|\ \ | | | | | | | Optionally split out the pushers into a separate process | ||||
| * | | Optionally split out the pushers into a separate process | Mark Haines | 2016-04-21 | 1 | -0/+1 |
| |/ | |||||
* | | Merge pull request #687 from nikriek/jwt-fix | Erik Johnston | 2016-04-21 | 1 | -0/+2 |
|\ \ | |/ |/| | Fix issues with JWT login | ||||
| * | Fix issues with JWT login | Niklas Riekenbrauck | 2016-04-21 | 1 | -0/+2 |
| | | |||||
* | | Give install requirements | Erik Johnston | 2016-04-13 | 1 | -1/+7 |
| | | |||||
* | | Add back in helpful description for missing url_preview_ip_range_blacklist | Erik Johnston | 2016-04-13 | 1 | -1/+5 |
| | | |||||
* | | Sanitize the optional dependencies for spider API | Erik Johnston | 2016-04-13 | 1 | -10/+28 |
| | | |||||
* | | Merge pull request #688 from matrix-org/matthew/preview_urls | Matthew Hodgson | 2016-04-11 | 1 | -2/+75 |
|\ \ | | | | | | | URL previewing support | ||||
| * | | fix typo | Matthew Hodgson | 2016-04-08 | 1 | -1/+1 |
| | | | |||||
| * | | Add url_preview_enabled config option to turn on/off preview_url endpoint. ↵ | Matthew Hodgson | 2016-04-08 | 1 | -4/+73 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | defaults to off. Add url_preview_ip_range_blacklist to let admins specify internal IP ranges that must not be spidered. Add url_preview_url_blacklist to let admins specify URL patterns that must not be spidered. Implement a custom SpiderEndpoint and associated support classes to implement url_preview_ip_range_blacklist Add commentary and generally address PR feedback | ||||
| * | | Merge branch 'develop' into matthew/preview_urls | Matthew Hodgson | 2016-04-04 | 2 | -1/+39 |
| |\| | |||||
| * | | Merge branch 'develop' into matthew/preview_urls | Matthew Hodgson | 2016-03-27 | 7 | -25/+118 |
| |\ \ | |||||
| * | | | initial WIP of a tentative preview_url endpoint - incomplete, untested, ↵ | Matthew Hodgson | 2016-01-24 | 1 | -1/+5 |
| | | | | | | | | | | | | | | | | experimental, etc. just putting it here for safekeeping for now | ||||
* | | | | add tls property | Christoph Witzany | 2016-04-06 | 1 | -6/+10 |
| | | | | |||||
* | | | | Introduce LDAP authentication | Christoph Witzany | 2016-04-06 | 2 | -1/+50 |
| |_|/ |/| | | |||||
* | | | Add JWT support | Niklas Riekenbrauck | 2016-03-29 | 2 | -1/+39 |
| |/ |/| | |||||
* | | Add config to create guest account on 3pid invite | Erik Johnston | 2016-03-14 | 1 | -0/+4 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, when a 3pid invite request is sent to an identity server, it includes a provisioned guest access token. This allows the link in the, say, invite email to include the guest access token ensuring that the same account is used each time the link is clicked. This flow has a number of flaws, including when using different servers or servers that have guest access disabled. For now, we keep this implementation but hide it behind a config option until a better flow is implemented. | ||||
* | | Use syntax that works on both py2.7 and py3 | Mark Haines | 2016-03-07 | 2 | -2/+2 |
| | | |||||
* | | config,handlers/_base: added homeserver config for what state is included in ↵ | Patrik Oldsberg | 2016-03-04 | 2 | -1/+42 |
| | | | | | | | | | | | | a room invite Signed-off-by: Patrik Oldsberg <patrik.oldsberg@ericsson.com> | ||||
* | | add 800x600 thumbnails to make vector look prettier (and anyone else who ↵ | Matthew Hodgson | 2016-03-02 | 1 | -0/+3 |
| | | | | | | | | likes big thumbnails) | ||||
* | | Derive macaroon_secret_key from signing key. | Erik Johnston | 2016-02-08 | 2 | -16/+30 |
| | | | | | | | | | | | | Unfortunately, there are people that are running synapse without a `macaroon_sercret_key` set. Mandating they set one is a good solution, except that breaking auto upgrades is annoying. | ||||
* | | Error if macaroon key is missing from config | Daniel Wagner-Hall | 2016-02-05 | 3 | -18/+42 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | Currently we store all access tokens in the DB, and fall back to that check if we can't validate the macaroon, so our fallback works here, but for guests, their macaroons don't get persisted, so we don't get to find them in the database. Each restart, we generate a new ephemeral key, so guests lose access after each server restart. I tried to fix up the config stuff to be less insane, but gave up, so instead I bolt on yet another piece of custom one-off insanity. Also, add some basic tests for config generation and loading. | ||||
* | | Rename config field to reflect yaml name | Daniel Wagner-Hall | 2016-02-03 | 1 | -3/+3 |
| | | |||||
* | | Add config option for setting the trusted id servers, disabling checking the ↵ | Mark Haines | 2016-01-29 | 1 | -0/+7 |
|/ | | | | ID server in integration tests | ||||
* | Merge pull request #473 from matrix-org/erikj/ssh_manhole | Erik Johnston | 2016-01-07 | 1 | -1/+1 |
|\ | | | | | Change manhole to use ssh | ||||
| * | s/telnet/ssh/ | Erik Johnston | 2016-01-07 | 1 | -1/+1 |
| | | |||||
* | | copyrights | Matthew Hodgson | 2016-01-07 | 17 | -17/+17 |
| | | |||||
* | | Config Comment mixup in captcha public/private key | Robin Lambertz | 2016-01-06 | 1 | -2/+2 |
|/ | |||||
* | Added a single line to explain what the server_name is used for | Mads R. Christensen | 2015-12-02 | 1 | -0/+1 |
| | |||||
* | Comment | Erik Johnston | 2015-11-19 | 1 | -0/+2 |
| | |||||
* | Split out text for missing config options. | Erik Johnston | 2015-11-18 | 1 | -16/+26 |
| | | | | | This allows packages to more easily override the default messages to include package specific options. | ||||
* | Merge branch 'develop' into sh-cas-auth-via-homeserver | Steven Hammerton | 2015-11-17 | 1 | -1/+5 |
|\ | |||||
| * | Fix race creating directories | Daniel Wagner-Hall | 2015-11-12 | 1 | -1/+5 |
| | | |||||
* | | Allow hs to do CAS login completely and issue the client with a login token ↵ | Steven Hammerton | 2015-11-05 | 1 | -1/+1 |
| | | | | | | | | that can be redeemed for the usual successful login response | ||||
* | | Add service URL to CAS config | Steven Hammerton | 2015-11-04 | 1 | -0/+3 |
|/ | |||||
* | Allow guests to register and call /events?room_id= | Daniel Wagner-Hall | 2015-11-04 | 1 | -0/+6 |
| | | | | | | | This follows the same flows-based flow as regular registration, but as the only implemented flow has no requirements, it auto-succeeds. In the future, other flows (e.g. captcha) may be required, so clients should treat this like the regular registration flow choices. | ||||
* | Merge branch 'release-v0.10.1' of github.com:matrix-org/synapse into develop | Erik Johnston | 2015-10-23 | 4 | -3/+39 |
|\ | |||||
| * | Add config option to disable password login | Erik Johnston | 2015-10-22 | 4 | -3/+39 |
| | | |||||
* | | Add config for how many bcrypt rounds to use for password hashes | Mark Haines | 2015-10-16 | 1 | -0/+6 |
|/ | | | | | By default we leave it at the default value of 12. But now we can reduce it for preparing users for loadtests or running integration tests. | ||||
* | Only turn on the twisted deferred debugging if full_twisted_stacktraces is ↵ | Mark Haines | 2015-10-13 | 1 | -0/+8 |
| | | | | set in the config | ||||
* | Default cas_required_attributes to empty dictionary | Steven Hammerton | 2015-10-12 | 1 | -1/+1 |
| | |||||
* | Support multiple required attributes in CAS response, and in a nicer config ↵ | Steven Hammerton | 2015-10-12 | 1 | -15/+4 |
| | | | | format too | ||||
* | Allow optional config params for a required attribute and it's value, if ↵ | Steven Hammerton | 2015-10-12 | 1 | -0/+15 |
| | | | | specified any CAS user must have the given attribute and the value must equal | ||||
* | Provide ability to login using CAS | Steven Hammerton | 2015-10-10 | 2 | -1/+41 |
| | |||||
* | Preserve version string in user agent | Daniel Wagner-Hall | 2015-10-05 | 1 | -1/+1 |
| | |||||
* | Allow synapse's useragent to be customized | Daniel Wagner-Hall | 2015-10-02 | 1 | -0/+1 |
| | | | | | This will allow me to write tests which verify which server made HTTP requests in a federation context. | ||||
* | Front-load spaces | Daniel Wagner-Hall | 2015-09-22 | 1 | -7/+7 |
| | |||||
* | Implement configurable stats reporting | Daniel Wagner-Hall | 2015-09-22 | 14 | -19/+58 |
| | | | | | | | | | | SYN-287 This requires that HS owners either opt in or out of stats reporting. When --generate-config is passed, --report-stats must be specified If an already-generated config is used, and doesn't have the report_stats key, it is requested to be set. | ||||
* | Merge pull request #272 from matrix-org/daniel/insecureclient | Daniel Wagner-Hall | 2015-09-15 | 1 | -0/+8 |
|\ | | | | | Allow configuration to ignore invalid SSL certs | ||||
| * | Use shorter config key name | Daniel Wagner-Hall | 2015-09-15 | 1 | -3/+3 |
| | | |||||
| * | Merge branch 'daniel/insecureclient' into develop | Daniel Wagner-Hall | 2015-09-09 | 1 | -0/+8 |
| |\ | |||||
| | * | Better document the intent of the insecure SSL setting | Daniel Wagner-Hall | 2015-09-09 | 1 | -2/+6 |
| | | | |||||
| | * | Allow configuration to ignore invalid SSL certs | Daniel Wagner-Hall | 2015-09-09 | 1 | -0/+4 |
| | | | | | | | | | | | | | | | This will be useful for sytest, and sytest only, hence the aggressive config key name. | ||||
* | | | Hacky attempt at catching SIGHUP and rotating the logfile around | Paul "LeoNerd" Evans | 2015-09-14 | 1 | -0/+14 |
|/ / | |||||
* | | Merge branch 'master' into develop | Mark Haines | 2015-09-07 | 1 | -1/+1 |
|\ \ | |/ |/| | | | | | Conflicts: setup.py | ||||
| * | Lists use 'append' | Erik Johnston | 2015-09-02 | 1 | -1/+1 |
| | | |||||
* | | Merge branch 'release-v0.10.0' of github.com:matrix-org/synapse into develop | Erik Johnston | 2015-09-01 | 1 | -0/+2 |
|\| | |||||
| * | Actually add config path | Erik Johnston | 2015-08-28 | 1 | -0/+2 |
| | | |||||
* | | Merge branch 'release-v0.10.0' into develop | Mark Haines | 2015-08-28 | 3 | -8/+80 |
|\| | | | | | | | | | | | | | Conflicts: synapse/handlers/auth.py synapse/python_dependencies.py synapse/rest/client/v1/login.py | ||||
| * | Merge pull request #250 from matrix-org/erikj/generated_directory | Erik Johnston | 2015-08-25 | 1 | -2/+15 |
| |\ | | | | | | | Add config option to specify where generated files should be dumped | ||||
| | * | Update config doc | Erik Johnston | 2015-08-25 | 1 | -1/+2 |
| | | | |||||
| | * | s/--generated-directory/--keys-directory/ | Erik Johnston | 2015-08-25 | 1 | -7/+7 |
| | | | |||||
| | * | Add config option to specify where generated files should be dumped | Erik Johnston | 2015-08-25 | 1 | -2/+14 |
| | | | |||||
| * | | Warn if we encounter unexpected files in config directories | Erik Johnston | 2015-08-25 | 1 | -7/+17 |
| |/ | |||||
| * | Allow specifying directories as config files | Erik Johnston | 2015-08-25 | 1 | -6/+24 |
| | | |||||
| * | Merge pull request #245 from matrix-org/erikj/configurable_client_location | Erik Johnston | 2015-08-25 | 1 | -0/+1 |
| |\ | | | | | | | Allow specifying a directory to host a web client from | ||||
| | * | Allow specifying a directory to host a web client from | Erik Johnston | 2015-08-25 | 1 | -0/+1 |
| | | | |||||
| * | | Fix typo when using sys.stderr.write | Erik Johnston | 2015-08-25 | 1 | -1/+1 |
| | | | |||||
| * | | Add utility to parse config and print out a key | Erik Johnston | 2015-08-25 | 1 | -0/+30 |
| |/ | | | | | | | | | | | | | | | | | Usage: ``` $ python -m synapse.config read server_name -c homeserver.yaml localhost ``` | ||||
* | | Fix typo in module imports and package dependencies | Mark Haines | 2015-08-25 | 1 | -1/+1 |
| | |