Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Special-case the default bind_addresses for metrics listener | Richard van der Hoff | 2019-02-13 | 1 | -1/+5 |
| | | | | | turns out it doesn't really support ipv6, so let's hack around that by only listening on ipv4 by default. | ||||
* | Merge pull request #4625 from matrix-org/rav/fix_generate_config_warnings | Erik Johnston | 2019-02-12 | 1 | -7/+2 |
|\ | | | | | fix self-signed cert notice from generate-config | ||||
| * | fix self-signed cert notice from generate-config | Richard van der Hoff | 2019-02-12 | 1 | -7/+2 |
| | | | | | | | | fixes #4620 | ||||
* | | Disable TLS by default (#4614) | Richard van der Hoff | 2019-02-12 | 2 | -27/+27 |
| | | |||||
* | | Fix error when loading cert if tls is disabled (#4618) | Richard van der Hoff | 2019-02-12 | 1 | -15/+42 |
|/ | | | | | | If TLS is disabled, it should not be an error if no cert is given. Fixes #4554. | ||||
* | fix tests | Richard van der Hoff | 2019-02-11 | 1 | -1/+1 |
| | |||||
* | Infer no_tls from presence of TLS listeners | Richard van der Hoff | 2019-02-11 | 3 | -12/+23 |
| | | | | | Rather than have to specify `no_tls` explicitly, infer whether we need to load the TLS keys etc from whether we have any TLS-enabled listeners. | ||||
* | Merge branch 'rav/tls_config_logging_fixes' into rav/tls_cert/work | Richard van der Hoff | 2019-02-11 | 1 | -18/+36 |
|\ | |||||
| * | Logging improvements around TLS certs | Richard van der Hoff | 2019-02-11 | 1 | -18/+36 |
| | | | | | | | | | | Log which file we're reading keys and certs from, and refactor the code a bit in preparation for other work | ||||
* | | Fail cleanly if listener config lacks a 'port' | Richard van der Hoff | 2019-02-11 | 1 | -0/+5 |
|/ | | | | ... otherwise we would fail with a mysterious KeyError or something later. | ||||
* | Clean up default listener configuration (#4586) | Richard van der Hoff | 2019-02-11 | 1 | -48/+81 |
| | | | | | | | | | | Rearrange the comments to try to clarify them, and expand on what some of it means. Use a sensible default 'bind_addresses' setting. For the insecure port, only bind to localhost, and enable x_forwarded, since apparently it's for use behind a load-balancer. | ||||
* | ACME Reprovisioning (#4522) | Amber Brown | 2019-02-11 | 1 | -1/+11 |
| | |||||
* | Be tolerant of blank TLS fingerprints config (#4589) | Amber Brown | 2019-02-11 | 1 | -1/+5 |
| | |||||
* | Merge pull request #4420 from matrix-org/jaywink/openid-listener | Erik Johnston | 2019-02-11 | 1 | -0/+10 |
|\ | | | | | New listener resource for the federation API "openid/userinfo" endpoint | ||||
| * | Fix flake8 issues | Jason Robinson | 2019-01-23 | 1 | -1/+1 |
| | | | | | | | | Signed-off-by: Jason Robinson <jasonr@matrix.org> | ||||
| * | Remove openid resource from default config | Jason Robinson | 2019-01-23 | 1 | -4/+13 |
| | | | | | | | | | | | | Instead document it commented out. Signed-off-by: Jason Robinson <jasonr@matrix.org> | ||||
| * | Split federation OpenID userinfo endpoint out of the federation resource | Jason Robinson | 2019-01-23 | 1 | -4/+5 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | This allows the OpenID userinfo endpoint to be active even if the federation resource is not active. The OpenID userinfo endpoint is called by integration managers to verify user actions using the client API OpenID access token. Without this verification, the integration manager cannot know that the access token is valid. The OpenID userinfo endpoint will be loaded in the case that either "federation" or "openid" resource is defined. The new "openid" resource is defaulted to active in default configuration. Signed-off-by: Jason Robinson <jasonr@matrix.org> | ||||
* | | Deduplicate some code in synapse.app (#4567) | Amber Brown | 2019-02-08 | 1 | -11/+5 |
| | | |||||
* | | Merge branch 'master' into develop | Richard van der Hoff | 2019-02-05 | 1 | -3/+3 |
|\ \ | |||||
| * | | Fix default ACME config for py2 (#4564) | Richard van der Hoff | 2019-02-05 | 1 | -1/+1 |
| | | | | | | | | | Fixes #4559 | ||||
| * | | fix typo in config comments (#4557) | Richard van der Hoff | 2019-02-05 | 1 | -2/+2 |
| | | | |||||
* | | | by default include m.room.encryption on invites (#3902) | Matthew Hodgson | 2019-01-30 | 1 | -0/+2 |
|/ / | | | | | | | | | | | | | | | * by default include m.room.encryption on invites * fix constant * changelog | ||||
* | | ACME config cleanups (#4525) | Richard van der Hoff | 2019-01-30 | 1 | -26/+74 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Handle listening for ACME requests on IPv6 addresses the weird url-but-not-actually-a-url-string doesn't handle IPv6 addresses without extra quoting. Building a string which you are about to parse again seems like a weird choice. Let's just use listenTCP, which is consistent with what we do elsewhere. * Clean up the default ACME config make it look a bit more consistent with everything else, and tweak the defaults to listen on port 80. * newsfile | ||||
* | | SIGHUP for TLS cert reloading (#4495) | Amber Brown | 2019-01-30 | 1 | -8/+11 |
| | | |||||
* | | Merge pull request #4512 from matrix-org/anoa/consent_dir | Andrew Morgan | 2019-01-29 | 1 | -1/+13 |
|\ \ | | | | | | | Check consent dir path on startup | ||||
| * | | Check consent dir path on startup | Andrew Morgan | 2019-01-29 | 1 | -1/+13 |
| | | | |||||
* | | | Merge pull request #4498 from matrix-org/travis/fix-docs-public_baseurl | Travis Ralston | 2019-01-29 | 1 | -1/+1 |
|\ \ \ | |/ / |/| | | Don't recommend :8448 to people on public_baseurl | ||||
| * | | Don't recommend :8448 to people on public_baseurl | Travis Ralston | 2019-01-28 | 1 | -1/+1 |
| | | | |||||
* | | | Do not generate self-signed TLS certificates by default. (#4509) | Amber Brown | 2019-01-29 | 1 | -43/+18 |
|/ / | |||||
* | | Fix quoting for allowed_local_3pids example config (#4476) | Richard van der Hoff | 2019-01-25 | 1 | -3/+3 |
| | | | | | | | | | | | | | | If you use double-quotes here, you have to escape your backslashes. It's much easier with single-quotes. (Note that the existing double-backslashes are already interpreted by python's """ parsing.) | ||||
* | | Merge pull request #4435 from matrix-org/neilj/fix_threepid_auth_check | Neil Johnson | 2019-01-24 | 1 | -5/+4 |
|\ \ | | | | | | | Neilj/fix threepid auth check | ||||
| * | | move guard out of is_threepid_reserved and into register.py | Neil Johnson | 2019-01-22 | 1 | -2/+0 |
| | | | |||||
| * | | Fix None guard in config.server.is_threepid_reserved | Neil Johnson | 2019-01-22 | 1 | -5/+6 |
| |/ | |||||
* | | Clarify docs for public_baseurl | David Baker | 2019-01-24 | 1 | -1/+5 |
| | | | | | | | | | | | | This is leading to problems with people upgrading to clients that support MSC1730 because people have this misconfigured, so try to make the docs completely unambiguous. | ||||
* | | Support ACME for certificate provisioning (#4384) | Amber Brown | 2019-01-23 | 2 | -26/+93 |
|/ | |||||
* | Merge pull request #4423 from matrix-org/neilj/disable_msisdn_on_registration | Neil Johnson | 2019-01-22 | 1 | -0/+9 |
|\ | | | | | Config option to disable requesting MSISDN on registration | ||||
| * | fix line length | Neil Johnson | 2019-01-21 | 1 | -1/+3 |
| | | |||||
| * | Config option to disable requesting MSISDN on registration | Neil Johnson | 2019-01-21 | 1 | -0/+7 |
| | | |||||
* | | Require ECDH key exchange & remove dh_params (#4429) | Amber Brown | 2019-01-22 | 1 | -40/+0 |
|/ | | | * remove dh_params and set better cipher string | ||||
* | Changing macaroon_secret_key no longer logs you out (#4387) | Richard van der Hoff | 2019-01-16 | 1 | -3/+0 |
| | |||||
* | Merge branch rav/macaroon_key_fix_0.34 into rav/macaroon_key_fix_0.34.1 | Richard van der Hoff | 2019-01-10 | 1 | -2/+2 |
|\ | | | | | | | Fixes #4371 | ||||
| * | Revert "Fix macaroon_secret_key fallback logic" | Richard van der Hoff | 2019-01-10 | 1 | -3/+3 |
| | | | | | | | | | | | | This is already fixed in 0.34.1, by 59f93bb This reverts commit efc522c55e996e420271de2d9094835dda52ade4. | ||||
| * | Merge branch 'rav/macaroon_key_fix' into rav/macaroon_key_fix_0.34 | Richard van der Hoff | 2019-01-10 | 1 | -5/+5 |
| |\ | |||||
| | * | Fix macaroon_secret_key fallback logic | Richard van der Hoff | 2019-01-10 | 1 | -3/+3 |
| | | | |||||
| | * | Fix fallback to signing key for macaroon-secret-key | Richard van der Hoff | 2019-01-10 | 1 | -2/+2 |
| | | | |||||
* | | | Fix synapse.config.__main__ on python 3 (#4356) | Amber Brown | 2019-01-08 | 1 | -1/+1 |
| | | | |||||
* | | | Check jinja version for consent resource (#4327) | Richard van der Hoff | 2019-01-07 | 1 | -1/+37 |
| | | | | | | | | | | | | | | | | | | | | | | | | * Raise a ConfigError if an invalid resource is specified * Require Jinja 2.9 for the consent resource * changelog | ||||
* | | | Add a script to generate a clean config file (#4315) | Richard van der Hoff | 2018-12-22 | 9 | -46/+89 |
| | | | |||||
* | | | Fix indentation in default config (#4313) | Richard van der Hoff | 2018-12-22 | 1 | -35/+35 |
| | | | | | | | | | These settings are not supposed to be under 'listeners'. | ||||
* | | | Merge branch 'release-v0.34.0' into develop | Richard van der Hoff | 2018-12-11 | 1 | -15/+27 |
|\| | | |||||
| * | | Stop installing Matrix Console by default | Richard van der Hoff | 2018-12-11 | 1 | -15/+27 |
| | | | | | | | | | | | | This is based on the work done by @krombel in #2601. | ||||
* | | | Implement SAML2 authentication (#4267) | Richard van der Hoff | 2018-12-07 | 2 | -1/+112 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This implements both a SAML2 metadata endpoint (at `/_matrix/saml2/metadata.xml`), and a SAML2 response receiver (at `/_matrix/saml2/authn_response`). If the SAML2 response matches what's been configured, we complete the SSO login flow by redirecting to the client url (aka `RelayState` in SAML2 jargon) with a login token. What we don't yet have is anything to build a SAML2 request and redirect the user to the identity provider. That is left as an exercise for the reader. | ||||
* | | | Rip out half-implemented m.login.saml2 support (#4265) | Richard van der Hoff | 2018-12-06 | 2 | -57/+1 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Rip out half-implemented m.login.saml2 support This was implemented in an odd way that left most of the work to the client, in a way that I really didn't understand. It's going to be a pain to maintain, so let's start by ripping it out. * drop undocumented dependency on dateutil It turns out we were relying on dateutil being pulled in transitively by pysaml2. There's no need for that bloat. | ||||
* | | | Implement .well-known handling (#4262) | Richard van der Hoff | 2018-12-05 | 1 | -0/+9 |
|/ / | | | | | | | Sometimes it's useful for synapse to generate its own .well-known file. | ||||
* | | Add an option to enable recording IPs for appservice users (#3831) | Travis Ralston | 2018-12-04 | 1 | -0/+5 |
| | | |||||
* | | Add an option to disable search for homeservers which may not be interested ↵ | Travis Ralston | 2018-12-04 | 1 | -1/+11 |
| | | | | | | | | | | | | in it (#4230) This is useful for homeservers not intended for users, such as bot-only homeservers or ones that only process IoT data. | ||||
* | | Remove riot.im from the list of trusted Identity Servers in the default ↵ | Neil Johnson | 2018-11-20 | 1 | -1/+3 |
| | | | | | | | | configuration (#4207) | ||||
* | | Add option to track MAU stats (but not limit people) (#3830) | Travis Ralston | 2018-11-15 | 1 | -0/+6 |
| | | |||||
* | | Add config variables for enabling terms auth and the policy name (#4142) | Travis Ralston | 2018-11-06 | 1 | -0/+18 |
| | | | | | | | | So people can still collect consent the old way if they want to. | ||||
* | | Set the encoding to UTF8 in the default logconfig (#4138) | Amber Brown | 2018-11-03 | 1 | -0/+1 |
| | | |||||
* | | Merge branch 'develop' of github.com:matrix-org/synapse into ↵ | Erik Johnston | 2018-10-25 | 5 | -88/+92 |
|\ \ | | | | | | | | | | erikj/alias_disallow_list | ||||
| * \ | Merge branch 'develop' of github.com:matrix-org/synapse into ↵ | Neil Johnson | 2018-10-25 | 4 | -68/+91 |
| |\ \ | | | | | | | | | | | | | matthew/autocreate_autojoin | ||||
| | * | | Fix a number of flake8 errors | Richard van der Hoff | 2018-10-24 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Broadly three things here: * disable W504 which seems a bit whacko * remove a bunch of `as e` expressions from exception handlers that don't use them * use `r""` for strings which include backslashes Also, we don't use pep8 any more, so we can get rid of the duplicate config there. | ||||
| | * | | Make scripts/ and scripts-dev/ pass pyflakes (and the rest of the codebase ↵ | Amber Brown | 2018-10-20 | 2 | -63/+60 |
| | | | | | | | | | | | | | | | | on py3) (#4068) | ||||
| | * | | Calculate absolute path for email templates | Richard van der Hoff | 2018-10-19 | 1 | -22/+18 |
| | | | | |||||
| * | | | isort | Neil Johnson | 2018-10-24 | 1 | -2/+1 |
| | | | | |||||
| * | | | remove errant exception and style | Neil Johnson | 2018-10-23 | 1 | -1/+1 |
| | | | | |||||
| * | | | clean up config error logic and imports | Neil Johnson | 2018-10-17 | 1 | -5/+4 |
| | | | | |||||
| * | | | improve auto room join logic, comments and tests | Neil Johnson | 2018-10-12 | 1 | -1/+10 |
| | | | | |||||
| * | | | fix UTs | Matthew Hodgson | 2018-09-28 | 1 | -1/+1 |
| | | | | |||||
| * | | | untested stab at autocreating autojoin rooms | Matthew Hodgson | 2018-09-28 | 1 | -0/+4 |
| | | | | |||||
* | | | | Use allow/deny | Erik Johnston | 2018-10-25 | 1 | -6/+6 |
| | | | | |||||
* | | | | Use match rather than search | Erik Johnston | 2018-10-24 | 1 | -2/+3 |
| | | | | |||||
* | | | | Add config option to control alias creation | Erik Johnston | 2018-10-19 | 2 | -1/+103 |
| |/ / |/| | | |||||
* | | | Put the warning blob at the top of the file | Richard van der Hoff | 2018-10-17 | 1 | -6/+9 |
| | | | |||||
* | | | Ship the email templates as package_data | Richard van der Hoff | 2018-10-17 | 1 | -3/+30 |
|/ / | | | | | | | | | | | | | | | | | | | move the example email templates into the synapse package so that they can be used as package data, which should mean that all of the packaging mechanisms (pip, docker, debian, arch, etc) should now come with the example templates. In order to grandfather in people who relied on the templates being in the old place, check for that situation and fall back to using the defaults if the templates directory does not exist. | ||||
* | | Replaced all occurences of e.message with str(e) | Schnuffle | 2018-09-27 | 1 | -1/+1 |
| | | | | | | | | Signed-off-by: Schnuffle <schnuffle@github.com> | ||||
* | | Remove some superfluous logging (#3855) | Amber Brown | 2018-09-13 | 1 | -1/+16 |
| | | |||||
* | | Fix jwt import check | Richard van der Hoff | 2018-09-07 | 2 | -1/+1 |
| | | | | | | | | | | | | | | This handy code attempted to check that we could import jwt, but utterly failed to check it was the right jwt. Fixes https://github.com/matrix-org/synapse/issues/3793 | ||||
* | | move threepid checker to config, add missing yields | Neil Johnson | 2018-08-31 | 1 | -0/+17 |
| | | |||||
* | | Change admin_uri to admin_contact in config and errors | Erik Johnston | 2018-08-24 | 1 | -2/+2 |
| | | |||||
* | | Implement trail users | Erik Johnston | 2018-08-23 | 1 | -0/+6 |
| | | |||||
* | | Port over enough to get some sytests running on Python 3 (#3668) | Amber Brown | 2018-08-20 | 1 | -1/+2 |
| | | |||||
* | | Integrate presence from hotfixes (#3694) | Amber Brown | 2018-08-18 | 1 | -0/+6 |
| | | |||||
* | | server limits config docs | Neil Johnson | 2018-08-17 | 1 | -0/+26 |
| | | |||||
* | | add new error type ResourceLimit | Neil Johnson | 2018-08-16 | 1 | -0/+1 |
| | | |||||
* | | update admin email to uri | Neil Johnson | 2018-08-15 | 1 | -1/+1 |
| | | |||||
* | | replace admin_email with admin_uri for greater flexibility | Neil Johnson | 2018-08-15 | 1 | -1/+1 |
| | | |||||
* | | support admin_email config and pass through into blocking errors, return ↵ | Neil Johnson | 2018-08-13 | 1 | -0/+4 |
| | | | | | | | | AuthError in all cases | ||||
* | | Revert "support admin_email config and pass through into blocking errors, ↵ | Neil Johnson | 2018-08-13 | 1 | -4/+0 |
| | | | | | | | | | | | | return AuthError in all cases" This reverts commit 0d43f991a19840a224d3dac78d79f13d78212ee6. | ||||
* | | support admin_email config and pass through into blocking errors, return ↵ | Neil Johnson | 2018-08-13 | 1 | -0/+4 |
| | | | | | | | | AuthError in all cases | ||||
* | | log *after* reloading log config | Richard van der Hoff | 2018-08-10 | 1 | -2/+1 |
| | | | | | | | | ... because logging *before* reloading means the log message gets lost in the old MemoryLogger | ||||
* | | Merge branch 'develop' into neilj/disable_hs | Neil Johnson | 2018-08-08 | 1 | -0/+3 |
|\ \ | |||||
| * | | implement reserved users for mau limits | Neil Johnson | 2018-08-07 | 1 | -1/+1 |
| | | | |||||
| * | | load mau limit threepids | Neil Johnson | 2018-08-06 | 1 | -0/+3 |
| | | | |||||
* | | | disable HS from config | Neil Johnson | 2018-08-04 | 1 | -0/+4 |
|/ / | |||||
* / | fix (lots of) py3 test failures | Neil Johnson | 2018-08-03 | 1 | -2/+2 |
|/ | |||||
* | Merge branch 'master' into develop | Richard van der Hoff | 2018-08-02 | 1 | -0/+2 |
|\ | |||||
| * | Merge pull request #3377 from Valodim/note-affinity | Richard van der Hoff | 2018-07-19 | 1 | -0/+2 |
| |\ | | | | | | | document that the affinity package is required for the cpu_affinity setting | ||||
| | * | add note that the affinity package is required for the cpu_affinity setting | Vincent Breitmoser | 2018-06-09 | 1 | -0/+2 |
| | | | |||||
| | * | Merge tag 'v0.31.0' | Neil Johnson | 2018-06-06 | 3 | -1/+20 |
| | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changes in synapse v0.31.0 (2018-06-06) ====================================== Most notable change from v0.30.0 is to switch to python prometheus library to improve system stats reporting. WARNING this changes a number of prometheus metrics in a backwards-incompatible manner. For more details, see `docs/metrics-howto.rst <docs/metrics-howto.rst#removal-of-deprecated-metrics--time-based-counters-becoming-histograms-in-0310>`_. Bug Fixes: * Fix metric documentation tables (PR #3341) * Fix LaterGuage error handling (694968f) * Fix replication metrics (b7e7fd2) Changes in synapse v0.31.0-rc1 (2018-06-04) ========================================== Features: * Switch to the Python Prometheus library (PR #3256, #3274) * Let users leave the server notice room after joining (PR #3287) Changes: * daily user type phone home stats (PR #3264) * Use iter* methods for _filter_events_for_server (PR #3267) * Docs on consent bits (PR #3268) * Remove users from user directory on deactivate (PR #3277) * Avoid sending consent notice to guest users (PR #3288) * disable CPUMetrics if no /proc/self/stat (PR #3299) * Add local and loopback IPv6 addresses to url_preview_ip_range_blacklist (PR #3312) Thanks to @thegcat! * Consistently use six's iteritems and wrap lazy keys/values in list() if they're not meant to be lazy (PR #3307) * Add private IPv6 addresses to example config for url preview blacklist (PR #3317) Thanks to @thegcat! * Reduce stuck read-receipts: ignore depth when updating (PR #3318) * Put python's logs into Trial when running unit tests (PR #3319) Changes, python 3 migration: * Replace some more comparisons with six (PR #3243) Thanks to @NotAFile! * replace some iteritems with six (PR #3244) Thanks to @NotAFile! * Add batch_iter to utils (PR #3245) Thanks to @NotAFile! * use repr, not str (PR #3246) Thanks to @NotAFile! * Misc Python3 fixes (PR #3247) Thanks to @NotAFile! * Py3 storage/_base.py (PR #3278) Thanks to @NotAFile! * more six iteritems (PR #3279) Thanks to @NotAFile! * More Misc. py3 fixes (PR #3280) Thanks to @NotAFile! * remaining isintance fixes (PR #3281) Thanks to @NotAFile! * py3-ize state.py (PR #3283) Thanks to @NotAFile! * extend tox testing for py3 to avoid regressions (PR #3302) Thanks to @krombel! * use memoryview in py3 (PR #3303) Thanks to @NotAFile! Bugs: * Fix federation backfill bugs (PR #3261) * federation: fix LaterGauge usage (PR #3328) Thanks to @intelfx! | ||||
* | | | | remove need to plot limit_usage_by_mau | Neil Johnson | 2018-08-01 | 1 | -3/+6 |
| | | | | |||||
* | | | | coding style | Neil Johnson | 2018-07-31 | 1 | -1/+1 |
| | | | | |||||
* | | | | limit register and sign in on number of monthly users | Neil Johnson | 2018-07-30 | 1 | -0/+5 |
| | | | | |||||
* | | | | Comment dummy TURN parameters in default config | David Baker | 2018-07-11 | 1 | -2/+2 |
|/ / / | | | | | | | | | | | | | | | | | | | This default config is parsed and used a base before the actual config is overlaid, so with these values not commented out, the code to detect when no turn params were set and refuse to generate credentials was never firing because the dummy default was always set. | ||||
* | | | run isort | Amber Brown | 2018-07-09 | 13 | -51/+59 |
| | | | |||||
* | | | More server_name validation | Richard van der Hoff | 2018-07-04 | 1 | -2/+9 |
| | | | | | | | | | | | | | | | | | | | | | | | | We need to do a bit more validation when we get a server name, but don't want to be re-doing it all over the shop, so factor out a separate parse_and_validate_server_name, and do the extra validation. Also, use it to verify the server name in the config file. | ||||
* | | | fix tests | Matthew Hodgson | 2018-06-28 | 1 | -0/+1 |
| | | | |||||
* | | | add ip_range_whitelist parameter to limit where ASes can connect from | Matthew Hodgson | 2018-06-28 | 1 | -1/+10 |
| | | | |||||
* | | | Write a clear restart indicator in logs | Richard van der Hoff | 2018-06-20 | 1 | -6/+18 |
| | | | | | | | | | | | | | | | I'm fed up with never being able to find the point a server restarted in the logs. | ||||
* | | | Merge remote-tracking branch 'origin/master' into develop | Richard van der Hoff | 2018-06-05 | 1 | -0/+3 |
|\| | | |/ |/| | |||||
| * | remove trailing whitespace | Richard van der Hoff | 2018-05-30 | 1 | -2/+2 |
| | | |||||
| * | fix english and wrap comment | Richard van der Hoff | 2018-05-30 | 1 | -1/+2 |
| | | |||||
| * | add link to thorough instruction how to configure consent | Ruben Barkow | 2018-05-25 | 1 | -0/+2 |
| | | |||||
* | | Add private IPv6 addresses to preview blacklist #3312 | Felix Schäfer | 2018-06-01 | 1 | -0/+3 |
| | | | | | | | | | | | | | | The added addresses are expected to be local or loopback addresses and shouldn't be spidered for previews. Signed-off-by: Felix Schäfer <felix@thegcat.net> | ||||
* | | Run Prometheus on a different port, optionally. (#3274) | Amber Brown | 2018-05-31 | 1 | -0/+10 |
| | | |||||
* | | Fix default for send_server_notice_to_guests | Richard van der Hoff | 2018-05-25 | 1 | -1/+1 |
| | | | | | | | | bool("False") == True... | ||||
* | | Avoid sending consent notice to guest users | Richard van der Hoff | 2018-05-25 | 1 | -1/+7 |
|/ | | | | we think it makes sense not to send the notices to guest users. | ||||
* | Allow overriding the server_notices user's avatar | Richard van der Hoff | 2018-05-23 | 1 | -3/+12 |
| | | | | probably should have done this in the first place, like @turt2live suggested. | ||||
* | Support for putting %(consent_uri)s in messages | Richard van der Hoff | 2018-05-23 | 1 | -4/+7 |
| | | | | | Make it possible to put the URI in the error message and the server notice that get sent by the server | ||||
* | Reject attempts to send event before privacy consent is given | Richard van der Hoff | 2018-05-22 | 1 | -0/+10 |
| | | | | | | Returns an M_CONSENT_NOT_GIVEN error (cf https://github.com/matrix-org/matrix-doc/issues/1252) if consent is not yet given. | ||||
* | Move consent config parsing into ConsentConfig | Richard van der Hoff | 2018-05-22 | 1 | -1/+15 |
| | | | | turns out we need to reuse this, so it's better in the config class. | ||||
* | Send users a server notice about consent | Richard van der Hoff | 2018-05-22 | 1 | -0/+8 |
| | | | | | When a user first syncs, we will send them a server notice asking them to consent to the privacy policy if they have not already done so. | ||||
* | Rename 'version' param on user consent config | Richard van der Hoff | 2018-05-22 | 1 | -4/+6 |
| | | | | we're going to use it for the version we require too. | ||||
* | Replace inline docstrings with "Attributes" in class docstring | Richard van der Hoff | 2018-05-18 | 1 | -23/+15 |
| | |||||
* | Infrastructure for a server notices room | Richard van der Hoff | 2018-05-17 | 2 | -1/+89 |
| | | | | | | | Server Notices use a special room which the user can't dismiss. They are created on demand when some other bit of the code calls send_notice. (This doesn't actually do much yet becuse we don't call send_notice anywhere) | ||||
* | ConsentResource to gather policy consent from users | Richard van der Hoff | 2018-05-15 | 4 | -3/+63 |
| | | | | | Hopefully there are enough comments and docs in this that it makes sense on its own. | ||||
* | Merge pull request #3085 from NotAFile/py3-config-text-mode | Richard van der Hoff | 2018-04-30 | 2 | -4/+4 |
|\ | | | | | Open config file in non-bytes mode | ||||
| * | open log_config in text mode too | Adrian Tschira | 2018-04-28 | 1 | -1/+1 |
| | | | | | | | | Signed-off-by: Adrian Tschira <nota@notafile.com> | ||||
| * | Open config file in non-bytes mode | Adrian Tschira | 2018-04-10 | 1 | -3/+3 |
| | | | | | | | | | | | | | | | | | | Nothing written into it is encoded, so it makes little sense, but it does break in python3 the way it was before. The variable names were adjusted to be less misleading. Signed-off-by: Adrian Tschira <nota@notafile.com> | ||||
* | | Merge pull request #3084 from NotAFile/py3-certs-byte-mode | Richard van der Hoff | 2018-04-30 | 1 | -2/+2 |
|\ \ | | | | | | | Open certificate files as bytes | ||||
| * | | Open certificate files as bytes | Adrian Tschira | 2018-04-10 | 1 | -2/+2 |
| |/ | | | | | | | | | | | That's what pyOpenSSL expects on python3 Signed-off-by: Adrian Tschira <nota@notafile.com> | ||||
* / | Use six.moves.urlparse | Adrian Tschira | 2018-04-15 | 1 | -2/+2 |
|/ | | | | | | The imports were shuffled around a bunch in py3 Signed-off-by: Adrian Tschira <nota@notafile.com> | ||||
* | Merge pull request #3074 from NotAFile/fix-py3-prints | Richard van der Hoff | 2018-04-09 | 1 | -5/+5 |
|\ | | | | | use python3-compatible prints | ||||
| * | use python3-compatible prints | Adrian Tschira | 2018-04-06 | 1 | -5/+5 |
| | | |||||
* | | Replace some type checks with six type checks | Adrian Tschira | 2018-04-07 | 2 | -5/+9 |
|/ | | | | Signed-off-by: Adrian Tschira <nota@notafile.com> | ||||
* | spell out not to massively increase bcrypt rounds | Matthew Hodgson | 2018-03-19 | 1 | -1/+3 |
| | |||||
* | Add replication http endpoint for event sending | Erik Johnston | 2018-02-07 | 1 | -0/+8 |
| | |||||
* | Add federation_domain_whitelist option (#2820) | Matthew Hodgson | 2018-01-22 | 1 | -0/+22 |
| | | | | | | Add federation_domain_whitelist gives a way to restrict which domains your HS is allowed to federate with. useful mainly for gracefully preventing a private but internet-connected HS from trying to federate to the wider public Matrix network | ||||
* | Merge pull request #2813 from matrix-org/matthew/registrations_require_3pid | Matthew Hodgson | 2018-01-22 | 1 | -0/+19 |
|\ | | | | | add registrations_require_3pid and allow_local_3pids | ||||
| * | rewrite based on PR feedback: | Matthew Hodgson | 2018-01-19 | 1 | -3/+9 |
| | | | | | | | | | | | | | | | | | | * [ ] split config options into allowed_local_3pids and registrations_require_3pid * [ ] simplify and comment logic for picking registration flows * [ ] fix docstring and move check_3pid_allowed into a new util module * [ ] use check_3pid_allowed everywhere @erikjohnston PTAL | ||||
| * | add registrations_require_3pid | Matthew Hodgson | 2018-01-19 | 1 | -0/+13 |
| | | | | | | | | | | lets homeservers specify a whitelist for 3PIDs that users are allowed to associate with. Typically useful for stopping people from registering with non-work emails | ||||
* | | Fix passing wrong config to provider constructor | Erik Johnston | 2018-01-18 | 1 | -1/+1 |
| | | |||||
* | | Remove duplicate directory test | Erik Johnston | 2018-01-18 | 1 | -4/+0 |
| | | |||||
* | | Fixup comments | Erik Johnston | 2018-01-18 | 1 | -1/+5 |
| | | |||||
* | | Make storage providers more configurable | Erik Johnston | 2018-01-18 | 1 | -11/+72 |
|/ | |||||
* | fix typo | Matthew Hodgson | 2018-01-16 | 1 | -1/+1 |
| | |||||
* | Actually make it work | Erik Johnston | 2018-01-12 | 1 | -0/+5 |
| | |||||
* | Merge pull request #2763 from matrix-org/rav/fix_config_uts | Richard van der Hoff | 2018-01-09 | 1 | -2/+2 |
|\ | | | | | Fix broken config UTs | ||||
| * | Fix broken config UTs | Richard van der Hoff | 2018-01-09 | 1 | -2/+2 |
| | | | | | | | | | | https://github.com/matrix-org/synapse/pull/2755 broke log-config generation, which in turn broke the unit tests. | ||||
* | | Make indentation of generated log config consistent | Richard van der Hoff | 2018-01-09 | 1 | -17/+17 |
|/ | | | | (we had a mix of 2- and 4-space indents) | ||||
* | Remove 'verbosity'/'log_file' from generated cfg | Richard van der Hoff | 2018-01-05 | 1 | -8/+4 |
| | | | | | | ... because these only really exist to confuse people nowadays. Also bring log config more into line with the generated log config, by making `level_for_storage` apply to the `synapse.storage.SQL` logger rather than `synapse.storage`. | ||||
* | Merge pull request #2683 from seckrv/fix_pwd_auth_prov_typo | Richard van der Hoff | 2017-12-18 | 1 | -2/+2 |
|\ | | | | | synapse/config/password_auth_providers: Fixed bracket typo | ||||
| * | synapse/config/password_auth_providers: Fixed bracket typo | Richard von Seck | 2017-11-16 | 1 | -2/+2 |
| | | | | | | | | Signed-off-by: Richard von Seck <richard.von-seck@gmx.net> | ||||
* | | Allow binds to both :: and 0.0.0.0 | Silke Hofstra | 2017-12-17 | 1 | -5/+3 |
| | | | | | | | | | | | | | | | | | | | | Binding on 0.0.0.0 when :: is specified in the bind_addresses is now allowed. This causes a warning explaining the behaviour. Configuration changed to match. See #2232 Signed-off-by: Silke Hofstra <silke@slxh.eu> | ||||
* | | Adapt the default config to bind on IPv6. | Willem Mulder | 2017-12-17 | 1 | -8/+9 |
| | | | | | | | | | | | | | | | | | | Most deployments are on Linux (or Mac OS), so this would actually bind on both IPv4 and IPv6. Resolves #1886. Signed-off-by: Willem Mulder <willemmaster@hotmail.com> | ||||
* | | better doc | Matthew Hodgson | 2017-12-04 | 1 | -1/+4 |
| | | |||||
* | | switch to a simpler 'search_all_users' button as per review feedback | Matthew Hodgson | 2017-12-04 | 1 | -7/+8 |
| | | |||||
* | | Merge branch 'develop' into matthew/search-all-local-users | Matthew Hodgson | 2017-11-30 | 1 | -0/+6 |
|\ \ | |||||
| * | | Add config option to disable media_repo on main synapse | Richard van der Hoff | 2017-11-22 | 1 | -0/+6 |
| | | | | | | | | | | | | ... to stop us doing the cache cleanup jobs on the master. | ||||
* | | | specify default user_directory_include_pattern | Matthew Hodgson | 2017-11-30 | 1 | -0/+1 |
| | | | |||||
* | | | untested WIP but might actually work | Matthew Hodgson | 2017-11-29 | 1 | -3/+2 |
| | | | |||||
* | | | Add user_directory_include_pattern config param to expand search results to ↵ | Matthew Hodgson | 2017-11-29 | 2 | -1/+42 |
|/ / | | | | | | | | | | | | | | | | | | | additional users Initial commit; this doesn't work yet - the LIKE filtering seems too aggressive. It also needs _do_initial_spam to be aware of prepopulating the whole user_directory_search table with all users... ...and it needs a handle_user_signup() or something to be added so that new signups get incrementally added to the table too. Committing it here as a WIP | ||||
* / | Check group_id belongs to this domain | Luke Barnard | 2017-11-16 | 1 | -0/+1 |
|/ | |||||
* | Print instead of logging | David Baker | 2017-11-13 | 1 | -11/+4 |
| | | | | because we had to wait until the logger was set up | ||||
* | Make the commented config have the default | David Baker | 2017-11-09 | 1 | -1/+1 |
| | |||||
* | better comments | David Baker | 2017-11-08 | 1 | -2/+5 |
| | |||||
* | Log if any of the old config flags are set | David Baker | 2017-11-08 | 1 | -2/+24 |
| | |||||
* | Rename redact_content option to include_content | David Baker | 2017-11-08 | 1 | -15/+13 |
| | | | | | | | | | | | | | | | | | | The redact_content option never worked because it read the wrong config section. The PR introducing it (https://github.com/matrix-org/synapse/pull/2301) had feedback suggesting the name be changed to not re-use the term 'redact' but this wasn't incorporated. This reanmes the option to give it a less confusing name, and also means that people who've set the redact_content option won't suddenly see a behaviour change when upgrading synapse, but instead can set include_content if they want to. This PR also updates the wording of the config comment to clarify that this has no effect on event_id_only push. Includes https://github.com/matrix-org/synapse/pull/2422 | ||||
* | Add a hook for custom rest endpoints | Richard van der Hoff | 2017-11-02 | 1 | -0/+7 |
| | | | | | Let the user specify custom modules which can be used for implementing extra endpoints. | ||||
* | Clean up backwards-compat hacks for ldap | Richard van der Hoff | 2017-10-31 | 1 | -20/+19 |
| | | | | | | | try to make the backwards-compat flows follow the same code paths as the modern impl. This commit should be non-functional. | ||||
* | fix typo | Matthew Hodgson | 2017-10-29 | 1 | -1/+1 |
| | |||||
* | Fix error when running synapse with no logfile | Richard van der Hoff | 2017-10-26 | 1 | -1/+5 |
| | | | | Fixes 'UnboundLocalError: local variable 'sighup' referenced before assignment' | ||||
* | tip for generating tls_fingerprints | Matthew Hodgson | 2017-10-24 | 1 | -0/+6 |
| | |||||
* | replace 'except:' with 'except Exception:' | Richard van der Hoff | 2017-10-23 | 1 | -1/+1 |
| | | | | what could possibly go wrong | ||||
* | Flake8 | Erik Johnston | 2017-10-19 | 1 | -4/+0 |
| | |||||
* | Add missing file... | Erik Johnston | 2017-10-19 | 1 | -0/+36 |
| | |||||
* | Add config to enable group creation | Erik Johnston | 2017-10-19 | 1 | -1/+2 |
| | |||||
* | Improve error handling for missing files (#2551) | Richard van der Hoff | 2017-10-17 | 3 | -17/+33 |
| | | | | | | | | | | | `os.path.exists` doesn't allow us to distinguish between permissions errors and the path actually not existing, which repeatedly confuses people. It also means that we try to overwrite existing key files, which is super-confusing. (cf issues #2455, #2379). Use os.stat instead. Also, don't recomemnd the the use of --generate-config, which screws everything up if you're using debian (cf #2455). | ||||
* | pep8 | David Baker | 2017-10-17 | 1 | -1/+2 |
| | |||||
* | Add config option to auto-join new users to rooms | David Baker | 2017-10-16 | 1 | -0/+6 |
| | | | | | New users who register on the server will be dumped into all rooms in auto_join_rooms in the config. | ||||
* | Copy everything to backup | Erik Johnston | 2017-10-12 | 1 | -1/+3 |
| | |||||
* | Basic implementation of backup media store | Erik Johnston | 2017-10-12 | 1 | -0/+18 |
| | |||||
* | Forgot the new file again :( | David Baker | 2017-09-27 | 1 | -0/+35 |
| | |||||
* | Make the spam checker a module | David Baker | 2017-09-26 | 1 | -1/+3 |
| | |||||
* | Factor out module loading to a separate place | David Baker | 2017-09-26 | 1 | -12/+10 |
| | | | | So it can be reused | ||||
* | Add a config option to block all room invites (#2457) | Richard van der Hoff | 2017-09-19 | 1 | -0/+10 |
| | | | | | - allows sysadmins the ability to lock down their servers so that people can't send their users room invites. | ||||
* | Fix process startup | Richard van der Hoff | 2017-08-16 | 1 | -10/+13 |
| | | | | escape the % that got added in 92168cb so that the process starts up ok. | ||||
* | explain why CPU affinity is a good idea | Matthew Hodgson | 2017-08-15 | 1 | -0/+8 |
| | |||||
* | Allow configuration of CPU affinity | Richard van der Hoff | 2017-08-15 | 2 | -0/+13 |
| | | | | | Make it possible to set the CPU affinity in the config file, so that we don't need to remember to do it manually every time. | ||||
* | Add a frontend proxy | Erik Johnston | 2017-07-07 | 1 | -0/+2 |
| | |||||
* | Change the config file generator to more descriptive explanation of ↵ | Caleb James DeLisle | 2017-06-24 | 1 | -3/+11 |
| | | | | push.redact_content | ||||
* | Fix TravisCI tests for PR #2301 - Fat finger mistake | Caleb James DeLisle | 2017-06-23 | 1 | -0/+37 |
| | |||||
* | Fix TravisCI tests for PR #2301 | Caleb James DeLisle | 2017-06-23 | 2 | -41/+1 |
| | |||||
* | Add configuration parameter to allow redaction of content from push messages ↵ | Caleb James DeLisle | 2017-06-23 | 2 | -1/+42 |
| | | | | for google/apple devices | ||||
* | Initial worker impl | Erik Johnston | 2017-06-16 | 1 | -0/+4 |
| | |||||
* | Configurable maximum number of events requested by /sync and /messages (#2220) | Pablo Saavedra | 2017-05-13 | 1 | -0/+6 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Set the limit on the returned events in the timeline in the get and sync operations. The default value is -1, means no upper limit. For example, using `filter_timeline_limit: 5000`: POST /_matrix/client/r0/user/user:id/filter { room: { timeline: { limit: 1000000000000000000 } } } GET /_matrix/client/r0/user/user:id/filter/filter:id { room: { timeline: { limit: 5000 } } } The server cuts down the room.timeline.limit. | ||||
* | web_server_root documentation fix | Matthew Wolff | 2017-04-17 | 1 | -0/+6 |
| | | | | Signed-off-by: Matthew Wolff <matthewjwolff@gmail.com> | ||||
* | trust a hypothetical future riot.im IS | Matthew Hodgson | 2017-04-10 | 1 | -0/+1 |
| | |||||
* | Merge pull request #2102 from DanielDent/add-auth-email | David Baker | 2017-04-10 | 1 | -0/+16 |
|\ | | | | | Support authenticated SMTP | ||||
| * | Support authenticated SMTP | Daniel Dent | 2017-04-05 | 1 | -0/+16 |
| | | | | | | | | | | | | Closes (SYN-714) #1385 Signed-off-by: Daniel Dent <matrixcontrib@contactdaniel.net> | ||||
* | | Merge pull request #2097 from matrix-org/erikj/repl_tcp_client | Erik Johnston | 2017-04-05 | 1 | -1/+3 |
|\ \ | |/ |/| | Move to using TCP replication | ||||
| * | Remove unused worker config option | Erik Johnston | 2017-04-04 | 1 | -1/+0 |
| | | |||||
| * | Update all the workers and master to use TCP replication | Erik Johnston | 2017-04-03 | 1 | -0/+3 |
| | | |||||
* | | typo | Matthew Hodgson | 2017-03-15 | 1 | -1/+1 |
| | | |||||
* | | set default for turn_allow_guests correctly | Matthew Hodgson | 2017-03-15 | 1 | -1/+1 |
| | | |||||
* | | add setting (on by default) to support TURN for guests | Matthew Hodgson | 2017-03-15 | 1 | -0/+8 |
|/ | |||||
* | Add helpful texts to logger config options | Richard van der Hoff | 2017-03-13 | 1 | -5/+7 |
| | |||||
* | Merge pull request #1983 from matrix-org/rav/no_redirect_stdio | Richard van der Hoff | 2017-03-13 | 1 | -6/+28 |
|\ | | | | | Add an option to disable stdio redirect | ||||
| * | Add an option to disable stdio redirect | Richard van der Hoff | 2017-03-10 | 1 | -1/+12 |
| | | | | | | | | This makes it tractable to run synapse under pdb. | ||||
| * | Refactor logger config for workers | Richard van der Hoff | 2017-03-10 | 1 | -5/+16 |
| | | | | | | | | - to make it easier to add more config options. | ||||
* | | Reread log config on SIGHUP | Richard van der Hoff | 2017-03-10 | 1 | -10/+19 |
|/ | | | | When we are using a log_config file, reread it on SIGHUP. | ||||
* | Fix typo in config comments. | Tyler Smith | 2017-02-11 | 1 | -1/+1 |
| | | | | Signed-off-by: Tyler Smith <tylersmith.me@gmail.com> | ||||
* | Merge pull request #1835 from matrix-org/erikj/fix_workers | Erik Johnston | 2017-01-20 | 1 | -0/+10 |
|\ | | | | | Make worker listener config backwards compat | ||||
| * | Make worker listener config backwards compat | Erik Johnston | 2017-01-20 | 1 | -0/+10 |
| | | |||||
* | | Added default config for turn username and password | Marvin Steadfast | 2017-01-19 | 1 | -0/+5 |
| | | |||||
* | | Added username and password for turn server | Marvin Steadfast | 2017-01-19 | 1 | -1/+3 |
|/ | | | | | It makes it possible to use a turn server that needs a username and password instead of a token. | ||||
* | Allow configuring the Riot URL used in notification emails | Adrian Perez de Castro | 2017-01-13 | 1 | -0/+7 |
| | | | | | | | | | | The URLs used for notification emails were hardcoded to use either matrix.to or vector.im; but for self-hosted setups where Riot is also self-hosted it may be desirable to allow configuring an alternative Riot URL. Fixes #1809. Signed-off-by: Adrian Perez de Castro <aperez@igalia.com> | ||||
* | Merge pull request #1795 from matrix-org/erikj/port_defaults | Erik Johnston | 2017-01-13 | 1 | -4/+13 |
|\ | | | | | Restore default bind address | ||||
| * | Pop bind_address | Erik Johnston | 2017-01-10 | 1 | -1/+1 |
| | | |||||
| * | Restore default bind address | Erik Johnston | 2017-01-10 | 1 | -4/+13 |
| | | |||||
* | | Remove full_twisted_stacktraces option | Erik Johnston | 2017-01-12 | 1 | -8/+0 |
|/ | | | | | | | | | | | | | | | | | The debug 'full_twisted_stacktraces' flag caused synapse to rewrite twisted deferreds to always fire the callback on the next reactor tick. This was to force the deferred to always store the stacktraces on exceptions, and thus be more likely to have a full stacktrace when it reaches the final error handlers and gets printed to the logs. Dynamically rewriting things is generally bad, and in particular this change violates assumptions of various bits of Twisted. This wouldn't necessarily be so bad, but it turns out this option has been turned on on some production servers. Turning the option can cause e.g. #1778. For now, lets just entirely nuke this option. | ||||
* | Merge remote-tracking branch 'origin/release-v0.18.6' into develop | Mark Haines | 2016-12-30 | 1 | -3/+13 |
|\ | |||||
| * | Use the new twisted logging framework. | Mark Haines | 2016-12-30 | 1 | -3/+13 |
| | | | | | | | | | | Hopefully adding an observer to the new framework will avoid a memory leak https://twistedmatrix.com/trac/ticket/8164 | ||||
* | | Add IPv6 comment to default config | Johannes Löthberg | 2016-12-18 | 1 | -0/+4 |
| | | | | | | | | Signed-off-by: Johannes Löthberg <johannes@kyriasis.com> | ||||
* | | Make default homeserver config use bind_addresses | Johannes Löthberg | 2016-12-18 | 1 | -4/+5 |
|/ | | | | Signed-off-by: Johannes Löthberg <johannes@kyriasis.com> | ||||
* | Bugfix: Console logging handler missing default filter | pik | 2016-12-03 | 1 | -0/+1 |
| | |||||
* | Stop putting a time caveat on access tokens | Richard van der Hoff | 2016-11-29 | 1 | -6/+0 |
| | | | | | | | | The 'time' caveat on the access tokens was something of a lie, since we weren't enforcing it; more pertinently its presence stops us ever adding useful time caveats. Let's move in the right direction by not lying in our caveats. | ||||
* | Hook up the send queue and create a federation sender worker | Erik Johnston | 2016-11-16 | 1 | -0/+5 |
| | |||||
* | Use external ldap auth pacakge | Erik Johnston | 2016-11-15 | 1 | -7/+13 |
| | |||||
* | Merge pull request #1625 from DanielDent/patch-1 | Erik Johnston | 2016-11-12 | 1 | -2/+3 |
|\ | | | | | Add support for durations in minutes | ||||
| * | Add support for durations in minutes | Daniel Dent | 2016-11-12 | 1 | -2/+3 |
| | | |||||
* | | Don't assume providers raise ConfigError's | Erik Johnston | 2016-11-08 | 1 | -2/+7 |
| | | |||||
* | | default config: blacklist more internal ips | Euan Kemp | 2016-11-06 | 1 | -0/+2 |
|/ | |||||
* | Allow Configurable Rate Limiting Per AS | Luke Barnard | 2016-10-18 | 1 | -0/+6 |
| | | | | This adds a flag loaded from the registration file of an AS that will determine whether or not its users are rate limited (by ratelimit in _base.py). Needed for IRC bridge reasons - see https://github.com/matrix-org/matrix-appservice-irc/issues/240. | ||||
* | Merge pull request #1167 from matrix-org/markjh/fingerprints | Mark Haines | 2016-10-12 | 1 | -0/+38 |
|\ | | | | | Add config option for adding additional TLS fingerprints | ||||
| * | Explain how long the servers can cache the TLS fingerprints for | Mark Haines | 2016-10-12 | 1 | -3/+4 |
| | | |||||
| * | Improve comment formatting | Mark Haines | 2016-10-12 | 1 | -1/+1 |
| | | |||||
| * | Add config option for adding additional TLS fingerprints | Mark Haines | 2016-10-11 | 1 | -0/+37 |
| | | |||||
* | | Implement pluggable password auth | Erik Johnston | 2016-10-03 | 3 | -103/+64 |
|/ | | | | | | Allows delegating the password auth to an external module. This also moves the LDAP auth to using this system, allowing it to be removed from the synapse tree entirely in the future. | ||||
* | Remove support for aggregate room lists | Erik Johnston | 2016-09-15 | 1 | -9/+0 |
| | |||||
* | flake8 | Kegan Dougal | 2016-08-30 | 1 | -2/+3 |
| | |||||
* | Use None instead of the empty string | Kegan Dougal | 2016-08-30 | 1 | -4/+11 |
| | | | | Change how we validate the 'url' field as a result. | ||||
* | Flake8 | Kegan Dougal | 2016-08-30 | 1 | -1/+2 |
| | |||||
* | Allow application services to have an optional 'url' | Kegan Dougal | 2016-08-30 | 1 | -0/+6 |
| | | | | | | If 'url' is not specified, they will not be pushed for events or queries. This is useful for bots who simply wish to reserve large chunks of user/alias namespace, and don't care about being pushed for events. | ||||
* | Merge pull request #1026 from matrix-org/paul/thirdpartylookup | Paul Evans | 2016-08-18 | 1 | -0/+10 |
|\ | | | | | 3rd party entity lookup | ||||
| * | Filter 3PU lookups by only ASes that declare knowledge of that protocol | Paul "LeoNerd" Evans | 2016-08-18 | 1 | -0/+10 |
| | | |||||
* | | Add appservice worker | Erik Johnston | 2016-08-18 | 1 | -0/+1 |
|/ | |||||
* | Update password config comment | Kent Shikama | 2016-07-06 | 1 | -1/+1 |
| | | | | Signed-off-by: Kent Shikama <kent@kentshikama.com> | ||||
* | Remove default password pepper string | Kent Shikama | 2016-07-05 | 1 | -2/+1 |
| |