Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Clean up backwards-compat hacks for ldap | Richard van der Hoff | 2017-10-31 | 1 | -20/+19 |
| | | | | | | | try to make the backwards-compat flows follow the same code paths as the modern impl. This commit should be non-functional. | ||||
* | fix typo | Matthew Hodgson | 2017-10-29 | 1 | -1/+1 |
| | |||||
* | Fix error when running synapse with no logfile | Richard van der Hoff | 2017-10-26 | 1 | -1/+5 |
| | | | | Fixes 'UnboundLocalError: local variable 'sighup' referenced before assignment' | ||||
* | tip for generating tls_fingerprints | Matthew Hodgson | 2017-10-24 | 1 | -0/+6 |
| | |||||
* | replace 'except:' with 'except Exception:' | Richard van der Hoff | 2017-10-23 | 1 | -1/+1 |
| | | | | what could possibly go wrong | ||||
* | Flake8 | Erik Johnston | 2017-10-19 | 1 | -4/+0 |
| | |||||
* | Add missing file... | Erik Johnston | 2017-10-19 | 1 | -0/+36 |
| | |||||
* | Add config to enable group creation | Erik Johnston | 2017-10-19 | 1 | -1/+2 |
| | |||||
* | Improve error handling for missing files (#2551) | Richard van der Hoff | 2017-10-17 | 3 | -17/+33 |
| | | | | | | | | | | | `os.path.exists` doesn't allow us to distinguish between permissions errors and the path actually not existing, which repeatedly confuses people. It also means that we try to overwrite existing key files, which is super-confusing. (cf issues #2455, #2379). Use os.stat instead. Also, don't recomemnd the the use of --generate-config, which screws everything up if you're using debian (cf #2455). | ||||
* | pep8 | David Baker | 2017-10-17 | 1 | -1/+2 |
| | |||||
* | Add config option to auto-join new users to rooms | David Baker | 2017-10-16 | 1 | -0/+6 |
| | | | | | New users who register on the server will be dumped into all rooms in auto_join_rooms in the config. | ||||
* | Copy everything to backup | Erik Johnston | 2017-10-12 | 1 | -1/+3 |
| | |||||
* | Basic implementation of backup media store | Erik Johnston | 2017-10-12 | 1 | -0/+18 |
| | |||||
* | Forgot the new file again :( | David Baker | 2017-09-27 | 1 | -0/+35 |
| | |||||
* | Make the spam checker a module | David Baker | 2017-09-26 | 1 | -1/+3 |
| | |||||
* | Factor out module loading to a separate place | David Baker | 2017-09-26 | 1 | -12/+10 |
| | | | | So it can be reused | ||||
* | Add a config option to block all room invites (#2457) | Richard van der Hoff | 2017-09-19 | 1 | -0/+10 |
| | | | | | - allows sysadmins the ability to lock down their servers so that people can't send their users room invites. | ||||
* | Fix process startup | Richard van der Hoff | 2017-08-16 | 1 | -10/+13 |
| | | | | escape the % that got added in 92168cb so that the process starts up ok. | ||||
* | explain why CPU affinity is a good idea | Matthew Hodgson | 2017-08-15 | 1 | -0/+8 |
| | |||||
* | Allow configuration of CPU affinity | Richard van der Hoff | 2017-08-15 | 2 | -0/+13 |
| | | | | | Make it possible to set the CPU affinity in the config file, so that we don't need to remember to do it manually every time. | ||||
* | Add a frontend proxy | Erik Johnston | 2017-07-07 | 1 | -0/+2 |
| | |||||
* | Change the config file generator to more descriptive explanation of ↵ | Caleb James DeLisle | 2017-06-24 | 1 | -3/+11 |
| | | | | push.redact_content | ||||
* | Fix TravisCI tests for PR #2301 - Fat finger mistake | Caleb James DeLisle | 2017-06-23 | 1 | -0/+37 |
| | |||||
* | Fix TravisCI tests for PR #2301 | Caleb James DeLisle | 2017-06-23 | 2 | -41/+1 |
| | |||||
* | Add configuration parameter to allow redaction of content from push messages ↵ | Caleb James DeLisle | 2017-06-23 | 2 | -1/+42 |
| | | | | for google/apple devices | ||||
* | Initial worker impl | Erik Johnston | 2017-06-16 | 1 | -0/+4 |
| | |||||
* | Configurable maximum number of events requested by /sync and /messages (#2220) | Pablo Saavedra | 2017-05-13 | 1 | -0/+6 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Set the limit on the returned events in the timeline in the get and sync operations. The default value is -1, means no upper limit. For example, using `filter_timeline_limit: 5000`: POST /_matrix/client/r0/user/user:id/filter { room: { timeline: { limit: 1000000000000000000 } } } GET /_matrix/client/r0/user/user:id/filter/filter:id { room: { timeline: { limit: 5000 } } } The server cuts down the room.timeline.limit. | ||||
* | web_server_root documentation fix | Matthew Wolff | 2017-04-17 | 1 | -0/+6 |
| | | | | Signed-off-by: Matthew Wolff <matthewjwolff@gmail.com> | ||||
* | trust a hypothetical future riot.im IS | Matthew Hodgson | 2017-04-10 | 1 | -0/+1 |
| | |||||
* | Merge pull request #2102 from DanielDent/add-auth-email | David Baker | 2017-04-10 | 1 | -0/+16 |
|\ | | | | | Support authenticated SMTP | ||||
| * | Support authenticated SMTP | Daniel Dent | 2017-04-05 | 1 | -0/+16 |
| | | | | | | | | | | | | Closes (SYN-714) #1385 Signed-off-by: Daniel Dent <matrixcontrib@contactdaniel.net> | ||||
* | | Merge pull request #2097 from matrix-org/erikj/repl_tcp_client | Erik Johnston | 2017-04-05 | 1 | -1/+3 |
|\ \ | |/ |/| | Move to using TCP replication | ||||
| * | Remove unused worker config option | Erik Johnston | 2017-04-04 | 1 | -1/+0 |
| | | |||||
| * | Update all the workers and master to use TCP replication | Erik Johnston | 2017-04-03 | 1 | -0/+3 |
| | | |||||
* | | typo | Matthew Hodgson | 2017-03-15 | 1 | -1/+1 |
| | | |||||
* | | set default for turn_allow_guests correctly | Matthew Hodgson | 2017-03-15 | 1 | -1/+1 |
| | | |||||
* | | add setting (on by default) to support TURN for guests | Matthew Hodgson | 2017-03-15 | 1 | -0/+8 |
|/ | |||||
* | Add helpful texts to logger config options | Richard van der Hoff | 2017-03-13 | 1 | -5/+7 |
| | |||||
* | Merge pull request #1983 from matrix-org/rav/no_redirect_stdio | Richard van der Hoff | 2017-03-13 | 1 | -6/+28 |
|\ | | | | | Add an option to disable stdio redirect | ||||
| * | Add an option to disable stdio redirect | Richard van der Hoff | 2017-03-10 | 1 | -1/+12 |
| | | | | | | | | This makes it tractable to run synapse under pdb. | ||||
| * | Refactor logger config for workers | Richard van der Hoff | 2017-03-10 | 1 | -5/+16 |
| | | | | | | | | - to make it easier to add more config options. | ||||
* | | Reread log config on SIGHUP | Richard van der Hoff | 2017-03-10 | 1 | -10/+19 |
|/ | | | | When we are using a log_config file, reread it on SIGHUP. | ||||
* | Fix typo in config comments. | Tyler Smith | 2017-02-11 | 1 | -1/+1 |
| | | | | Signed-off-by: Tyler Smith <tylersmith.me@gmail.com> | ||||
* | Merge pull request #1835 from matrix-org/erikj/fix_workers | Erik Johnston | 2017-01-20 | 1 | -0/+10 |
|\ | | | | | Make worker listener config backwards compat | ||||
| * | Make worker listener config backwards compat | Erik Johnston | 2017-01-20 | 1 | -0/+10 |
| | | |||||
* | | Added default config for turn username and password | Marvin Steadfast | 2017-01-19 | 1 | -0/+5 |
| | | |||||
* | | Added username and password for turn server | Marvin Steadfast | 2017-01-19 | 1 | -1/+3 |
|/ | | | | | It makes it possible to use a turn server that needs a username and password instead of a token. | ||||
* | Allow configuring the Riot URL used in notification emails | Adrian Perez de Castro | 2017-01-13 | 1 | -0/+7 |
| | | | | | | | | | | The URLs used for notification emails were hardcoded to use either matrix.to or vector.im; but for self-hosted setups where Riot is also self-hosted it may be desirable to allow configuring an alternative Riot URL. Fixes #1809. Signed-off-by: Adrian Perez de Castro <aperez@igalia.com> | ||||
* | Merge pull request #1795 from matrix-org/erikj/port_defaults | Erik Johnston | 2017-01-13 | 1 | -4/+13 |
|\ | | | | | Restore default bind address | ||||
| * | Pop bind_address | Erik Johnston | 2017-01-10 | 1 | -1/+1 |
| | | |||||
| * | Restore default bind address | Erik Johnston | 2017-01-10 | 1 | -4/+13 |
| | | |||||
* | | Remove full_twisted_stacktraces option | Erik Johnston | 2017-01-12 | 1 | -8/+0 |
|/ | | | | | | | | | | | | | | | | | The debug 'full_twisted_stacktraces' flag caused synapse to rewrite twisted deferreds to always fire the callback on the next reactor tick. This was to force the deferred to always store the stacktraces on exceptions, and thus be more likely to have a full stacktrace when it reaches the final error handlers and gets printed to the logs. Dynamically rewriting things is generally bad, and in particular this change violates assumptions of various bits of Twisted. This wouldn't necessarily be so bad, but it turns out this option has been turned on on some production servers. Turning the option can cause e.g. #1778. For now, lets just entirely nuke this option. | ||||
* | Merge remote-tracking branch 'origin/release-v0.18.6' into develop | Mark Haines | 2016-12-30 | 1 | -3/+13 |
|\ | |||||
| * | Use the new twisted logging framework. | Mark Haines | 2016-12-30 | 1 | -3/+13 |
| | | | | | | | | | | Hopefully adding an observer to the new framework will avoid a memory leak https://twistedmatrix.com/trac/ticket/8164 | ||||
* | | Add IPv6 comment to default config | Johannes Löthberg | 2016-12-18 | 1 | -0/+4 |
| | | | | | | | | Signed-off-by: Johannes Löthberg <johannes@kyriasis.com> | ||||
* | | Make default homeserver config use bind_addresses | Johannes Löthberg | 2016-12-18 | 1 | -4/+5 |
|/ | | | | Signed-off-by: Johannes Löthberg <johannes@kyriasis.com> | ||||
* | Bugfix: Console logging handler missing default filter | pik | 2016-12-03 | 1 | -0/+1 |
| | |||||
* | Stop putting a time caveat on access tokens | Richard van der Hoff | 2016-11-29 | 1 | -6/+0 |
| | | | | | | | | The 'time' caveat on the access tokens was something of a lie, since we weren't enforcing it; more pertinently its presence stops us ever adding useful time caveats. Let's move in the right direction by not lying in our caveats. | ||||
* | Hook up the send queue and create a federation sender worker | Erik Johnston | 2016-11-16 | 1 | -0/+5 |
| | |||||
* | Use external ldap auth pacakge | Erik Johnston | 2016-11-15 | 1 | -7/+13 |
| | |||||
* | Merge pull request #1625 from DanielDent/patch-1 | Erik Johnston | 2016-11-12 | 1 | -2/+3 |
|\ | | | | | Add support for durations in minutes | ||||
| * | Add support for durations in minutes | Daniel Dent | 2016-11-12 | 1 | -2/+3 |
| | | |||||
* | | Don't assume providers raise ConfigError's | Erik Johnston | 2016-11-08 | 1 | -2/+7 |
| | | |||||
* | | default config: blacklist more internal ips | Euan Kemp | 2016-11-06 | 1 | -0/+2 |
|/ | |||||
* | Allow Configurable Rate Limiting Per AS | Luke Barnard | 2016-10-18 | 1 | -0/+6 |
| | | | | This adds a flag loaded from the registration file of an AS that will determine whether or not its users are rate limited (by ratelimit in _base.py). Needed for IRC bridge reasons - see https://github.com/matrix-org/matrix-appservice-irc/issues/240. | ||||
* | Merge pull request #1167 from matrix-org/markjh/fingerprints | Mark Haines | 2016-10-12 | 1 | -0/+38 |
|\ | | | | | Add config option for adding additional TLS fingerprints | ||||
| * | Explain how long the servers can cache the TLS fingerprints for | Mark Haines | 2016-10-12 | 1 | -3/+4 |
| | | |||||
| * | Improve comment formatting | Mark Haines | 2016-10-12 | 1 | -1/+1 |
| | | |||||
| * | Add config option for adding additional TLS fingerprints | Mark Haines | 2016-10-11 | 1 | -0/+37 |
| | | |||||
* | | Implement pluggable password auth | Erik Johnston | 2016-10-03 | 3 | -103/+64 |
|/ | | | | | | Allows delegating the password auth to an external module. This also moves the LDAP auth to using this system, allowing it to be removed from the synapse tree entirely in the future. | ||||
* | Remove support for aggregate room lists | Erik Johnston | 2016-09-15 | 1 | -9/+0 |
| | |||||
* | flake8 | Kegan Dougal | 2016-08-30 | 1 | -2/+3 |
| | |||||
* | Use None instead of the empty string | Kegan Dougal | 2016-08-30 | 1 | -4/+11 |
| | | | | Change how we validate the 'url' field as a result. | ||||
* | Flake8 | Kegan Dougal | 2016-08-30 | 1 | -1/+2 |
| | |||||
* | Allow application services to have an optional 'url' | Kegan Dougal | 2016-08-30 | 1 | -0/+6 |
| | | | | | | If 'url' is not specified, they will not be pushed for events or queries. This is useful for bots who simply wish to reserve large chunks of user/alias namespace, and don't care about being pushed for events. | ||||
* | Merge pull request #1026 from matrix-org/paul/thirdpartylookup | Paul Evans | 2016-08-18 | 1 | -0/+10 |
|\ | | | | | 3rd party entity lookup | ||||
| * | Filter 3PU lookups by only ASes that declare knowledge of that protocol | Paul "LeoNerd" Evans | 2016-08-18 | 1 | -0/+10 |
| | | |||||
* | | Add appservice worker | Erik Johnston | 2016-08-18 | 1 | -0/+1 |
|/ | |||||
* | Update password config comment | Kent Shikama | 2016-07-06 | 1 | -1/+1 |
| | | | | Signed-off-by: Kent Shikama <kent@kentshikama.com> | ||||
* | Remove default password pepper string | Kent Shikama | 2016-07-05 | 1 | -2/+1 |
| | |||||
* | Fix password config | Kent Shikama | 2016-07-05 | 1 | -1/+1 |
| | |||||
* | Fix pep8 | Kent Shikama | 2016-07-05 | 1 | -1/+1 |
| | |||||
* | Add comment to prompt changing of pepper | Kent Shikama | 2016-07-05 | 1 | -0/+1 |
| | |||||
* | Add pepper to password hashing | Kent Shikama | 2016-07-05 | 1 | -1/+5 |
| | | | | Signed-off-by: Kent Shikama <kent@kentshikama.com> | ||||
* | remove vector.im from default secondary DS list | Matthew Hodgson | 2016-06-27 | 1 | -1/+0 |
| | |||||
* | Merge branch 'master' into develop | Mark Haines | 2016-06-23 | 1 | -0/+1 |
|\ | |||||
| * | Merge branch 'release-v0.16.1' of github.com:matrix-org/synapse v0.16.1 | Erik Johnston | 2016-06-20 | 5 | -107/+210 |
| |\ | |||||
| * | | point to the CAPTCHA docs | Matthew Hodgson | 2016-06-12 | 1 | -0/+1 |
| | | | |||||
* | | | Rework ldap integration with ldap3 | Martin Weinelt | 2016-06-22 | 1 | -27/+75 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use the pure-python ldap3 library, which eliminates the need for a system dependency. Offer both a `search` and `simple_bind` mode, for more sophisticated ldap scenarios. - `search` tries to find a matching DN within the `user_base` while employing the `user_filter`, then tries the bind when a single matching DN was found. - `simple_bind` tries the bind against a specific DN by combining the localpart and `user_base` Offer support for STARTTLS on a plain connection. The configuration was changed to reflect these new possibilities. Signed-off-by: Martin Weinelt <hexa@darmstadt.ccc.de> | ||||
* | | | Remove the legacy v0 content upload API. | Mark Haines | 2016-06-21 | 1 | -20/+0 |
| |/ |/| | | | | | | | | | The existing content can still be downloaded. The last upload to the matrix.org server was in January 2015, so it is probably safe to remove the upload API. | ||||
* | | Turn use_frozen_events off by default | Erik Johnston | 2016-06-17 | 1 | -1/+1 |
| | | |||||
* | | Use worker_ prefixes for worker config, use existing support for multiple ↵ | Mark Haines | 2016-06-16 | 1 | -41/+8 |
| | | | | | | | | config files | ||||
* | | Access the event_cache_size directly from the server object. | Mark Haines | 2016-06-16 | 1 | -14/+0 |
| | | | | | | | | | | This means that the workers can override the event_cache_size directly without clobbering the value in the main synapse config. | ||||
* | | Access replication_url from the worker config directly | Mark Haines | 2016-06-16 | 1 | -4/+0 |
| | | |||||
* | | Comment on what's going on in clobber_with_worker_config | Mark Haines | 2016-06-16 | 1 | -1/+12 |
| | | |||||
* | | Add worker config module | Mark Haines | 2016-06-16 | 1 | -0/+71 |
| | | |||||
* | | Inline the synchrotron and pusher configs into the main config | Mark Haines | 2016-06-16 | 3 | -63/+74 |
| | | |||||
* | | Add function to load config without generating it | Mark Haines | 2016-06-09 | 1 | -43/+104 |
|/ | | | | | | | | | | | | | | | | Renames ``load_config`` to ``load_or_generate_config`` Adds a method called ``load_config`` that just loads the config. The main synapse.app.homeserver will continue to use ``load_or_generate_config`` to retain backwards compat. However new worker processes can use ``load_config`` to load the config avoiding some of the cruft needed to generate the config. As the new ``load_config`` method is expected to be used by new configs it removes support for the legacy commandline overrides that ``load_or_generate_config`` supports | ||||
* | Allow setting of gc.set_thresholds | Erik Johnston | 2016-06-07 | 1 | -1/+18 |
| | |||||
* | brand the email from header | Matthew Hodgson | 2016-06-02 | 1 | -1/+1 |
| | |||||
* | Add vector.im to default secondary_directory_servers and add comment ↵ | David Baker | 2016-05-31 | 1 | -0/+4 |
| | | | | explaining it's not a permanent solution | ||||
* | Add federation room list servlet | David Baker | 2016-05-31 | 1 | -0/+6 |
| | |||||
* | Move the functions for parsing app service config | Mark Haines | 2016-05-17 | 1 | -1/+106 |
| | |||||
* | Clean up the blacklist/whitelist handling. | Mark Haines | 2016-05-16 | 1 | -6/+6 |
| | | | | | | | Always set the config key with an empty list, even if a list isn't specified. This means that the codepaths are the same for both the empty list and for a missing key. Since the behaviour is the same for both cases this makes the code somewhat easier to reason about. | ||||
* | Merge branch 'develop' into matthew/preview_url_ip_whitelist | Mark Haines | 2016-05-16 | 5 | -1/+119 |
|\ | |||||
| * | Create user with expiry | Negi Fazeli | 2016-05-13 | 2 | -0/+11 |
| | | | | | | | | | | | | - Add unittests for client, api and handler Signed-off-by: Negar Fazeli <negar.fazeli@ericsson.com> | ||||
| * | More consistent config naming | David Baker | 2016-05-10 | 1 | -1/+1 |
| | | |||||
| * | Add config option to not send email notifs for new users | David Baker | 2016-05-10 | 1 | -0/+4 |
| | | |||||
| * | fix layout; handle app naming in synapse, not jinja | Matthew Hodgson | 2016-05-05 | 1 | -0/+5 |
| | | |||||
| * | fix assorted typos in default config | Matthew Hodgson | 2016-05-04 | 1 | -3/+3 |
| | | |||||
| * | Try imports in config | David Baker | 2016-04-29 | 1 | -0/+7 |
| | | |||||
| * | Default enable email notifs to False | David Baker | 2016-04-29 | 1 | -1/+1 |
| | | |||||
| * | Correct public_baseurl default | David Baker | 2016-04-29 | 1 | -2/+2 |
| | | |||||
| * | Nicer get() shorthand | David Baker | 2016-04-29 | 1 | -3/+2 |
| | | |||||
| * | Remove redundant docstring | David Baker | 2016-04-29 | 1 | -4/+0 |
| | | |||||
| * | Correct default template and add text template | David Baker | 2016-04-29 | 1 | -1/+2 |
| | | |||||
| * | Send mail notifs with a plaintext part too | David Baker | 2016-04-29 | 1 | -0/+2 |
| | | |||||
| * | Merge remote-tracking branch 'origin/develop' into dbkr/email_notifs | David Baker | 2016-04-29 | 2 | -1/+19 |
| |\ | |||||
| * | | pep8 | David Baker | 2016-04-28 | 1 | -1/+1 |
| | | | |||||
| * | | Hopefully all remaining bits for email notifs | David Baker | 2016-04-27 | 2 | -1/+16 |
| | | | | | | | | | | | | Add public facing base url to the server so synapse knows what URL to use when converting mxc to http urls for use in emails | ||||
| * | | Generate mails from a template | David Baker | 2016-04-20 | 1 | -10/+25 |
| | | | |||||
| * | | Send a rather basic email notif | David Baker | 2016-04-20 | 2 | -1/+64 |
| | | | | | | | | | | | | Also pep8 fixes | ||||
* | | | add a url_preview_ip_range_whitelist config param so we can whitelist the ↵ | Matthew Hodgson | 2016-05-01 | 1 | -0/+14 |
| |/ |/| | | | | | matrix.org IP space | ||||
* | | Make pyjwt dependency optional | Erik Johnston | 2016-04-25 | 1 | -1/+16 |
| | | |||||
* | | Merge pull request #746 from matrix-org/markjh/split_out_pusher | Mark Haines | 2016-04-22 | 1 | -0/+1 |
|\ \ | | | | | | | Optionally split out the pushers into a separate process | ||||
| * | | Optionally split out the pushers into a separate process | Mark Haines | 2016-04-21 | 1 | -0/+1 |
| |/ | |||||
* | | Merge pull request #687 from nikriek/jwt-fix | Erik Johnston | 2016-04-21 | 1 | -0/+2 |
|\ \ | |/ |/| | Fix issues with JWT login | ||||
| * | Fix issues with JWT login | Niklas Riekenbrauck | 2016-04-21 | 1 | -0/+2 |
| | | |||||
* | | Give install requirements | Erik Johnston | 2016-04-13 | 1 | -1/+7 |
| | | |||||
* | | Add back in helpful description for missing url_preview_ip_range_blacklist | Erik Johnston | 2016-04-13 | 1 | -1/+5 |
| | | |||||
* | | Sanitize the optional dependencies for spider API | Erik Johnston | 2016-04-13 | 1 | -10/+28 |
| | | |||||
* | | Merge pull request #688 from matrix-org/matthew/preview_urls | Matthew Hodgson | 2016-04-11 | 1 | -2/+75 |
|\ \ | | | | | | | URL previewing support | ||||
| * | | fix typo | Matthew Hodgson | 2016-04-08 | 1 | -1/+1 |
| | | | |||||
| * | | Add url_preview_enabled config option to turn on/off preview_url endpoint. ↵ | Matthew Hodgson | 2016-04-08 | 1 | -4/+73 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | defaults to off. Add url_preview_ip_range_blacklist to let admins specify internal IP ranges that must not be spidered. Add url_preview_url_blacklist to let admins specify URL patterns that must not be spidered. Implement a custom SpiderEndpoint and associated support classes to implement url_preview_ip_range_blacklist Add commentary and generally address PR feedback | ||||
| * | | Merge branch 'develop' into matthew/preview_urls | Matthew Hodgson | 2016-04-04 | 2 | -1/+39 |
| |\| | |||||
| * | | Merge branch 'develop' into matthew/preview_urls | Matthew Hodgson | 2016-03-27 | 7 | -25/+118 |
| |\ \ | |||||
| * | | | initial WIP of a tentative preview_url endpoint - incomplete, untested, ↵ | Matthew Hodgson | 2016-01-24 | 1 | -1/+5 |
| | | | | | | | | | | | | | | | | experimental, etc. just putting it here for safekeeping for now | ||||
* | | | | add tls property | Christoph Witzany | 2016-04-06 | 1 | -6/+10 |
| | | | | |||||
* | | | | Introduce LDAP authentication | Christoph Witzany | 2016-04-06 | 2 | -1/+50 |
| |_|/ |/| | | |||||
* | | | Add JWT support | Niklas Riekenbrauck | 2016-03-29 | 2 | -1/+39 |
| |/ |/| | |||||
* | | Add config to create guest account on 3pid invite | Erik Johnston | 2016-03-14 | 1 | -0/+4 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, when a 3pid invite request is sent to an identity server, it includes a provisioned guest access token. This allows the link in the, say, invite email to include the guest access token ensuring that the same account is used each time the link is clicked. This flow has a number of flaws, including when using different servers or servers that have guest access disabled. For now, we keep this implementation but hide it behind a config option until a better flow is implemented. | ||||
* | | Use syntax that works on both py2.7 and py3 | Mark Haines | 2016-03-07 | 2 | -2/+2 |
| | | |||||
* | | config,handlers/_base: added homeserver config for what state is included in ↵ | Patrik Oldsberg | 2016-03-04 | 2 | -1/+42 |
| | | | | | | | | | | | | a room invite Signed-off-by: Patrik Oldsberg <patrik.oldsberg@ericsson.com> | ||||
* | | add 800x600 thumbnails to make vector look prettier (and anyone else who ↵ | Matthew Hodgson | 2016-03-02 | 1 | -0/+3 |
| | | | | | | | | likes big thumbnails) | ||||
* | | Derive macaroon_secret_key from signing key. | Erik Johnston | 2016-02-08 | 2 | -16/+30 |
| | | | | | | | | | | | | Unfortunately, there are people that are running synapse without a `macaroon_sercret_key` set. Mandating they set one is a good solution, except that breaking auto upgrades is annoying. | ||||
* | | Error if macaroon key is missing from config | Daniel Wagner-Hall | 2016-02-05 | 3 | -18/+42 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | Currently we store all access tokens in the DB, and fall back to that check if we can't validate the macaroon, so our fallback works here, but for guests, their macaroons don't get persisted, so we don't get to find them in the database. Each restart, we generate a new ephemeral key, so guests lose access after each server restart. I tried to fix up the config stuff to be less insane, but gave up, so instead I bolt on yet another piece of custom one-off insanity. Also, add some basic tests for config generation and loading. | ||||
* | | Rename config field to reflect yaml name | Daniel Wagner-Hall | 2016-02-03 | 1 | -3/+3 |
| | | |||||
* | | Add config option for setting the trusted id servers, disabling checking the ↵ | Mark Haines | 2016-01-29 | 1 | -0/+7 |
|/ | | | | ID server in integration tests | ||||
* | Merge pull request #473 from matrix-org/erikj/ssh_manhole | Erik Johnston | 2016-01-07 | 1 | -1/+1 |
|\ | | | | | Change manhole to use ssh | ||||
| * | s/telnet/ssh/ | Erik Johnston | 2016-01-07 | 1 | -1/+1 |
| | | |||||
* | | copyrights | Matthew Hodgson | 2016-01-07 | 17 | -17/+17 |
| | | |||||
* | | Config Comment mixup in captcha public/private key | Robin Lambertz | 2016-01-06 | 1 | -2/+2 |
|/ | |||||
* | Added a single line to explain what the server_name is used for | Mads R. Christensen | 2015-12-02 | 1 | -0/+1 |
| | |||||
* | Comment | Erik Johnston | 2015-11-19 | 1 | -0/+2 |
| | |||||
* | Split out text for missing config options. | Erik Johnston | 2015-11-18 | 1 | -16/+26 |
| | | | | | This allows packages to more easily override the default messages to include package specific options. | ||||
* | Merge branch 'develop' into sh-cas-auth-via-homeserver | Steven Hammerton | 2015-11-17 | 1 | -1/+5 |
|\ | |||||
| * | Fix race creating directories | Daniel Wagner-Hall | 2015-11-12 | 1 | -1/+5 |
| | | |||||
* | | Allow hs to do CAS login completely and issue the client with a login token ↵ | Steven Hammerton | 2015-11-05 | 1 | -1/+1 |
| | | | | | | | | that can be redeemed for the usual successful login response | ||||
* | | Add service URL to CAS config | Steven Hammerton | 2015-11-04 | 1 | -0/+3 |
|/ | |||||
* | Allow guests to register and call /events?room_id= | Daniel Wagner-Hall | 2015-11-04 | 1 | -0/+6 |
| | | | | | | | This follows the same flows-based flow as regular registration, but as the only implemented flow has no requirements, it auto-succeeds. In the future, other flows (e.g. captcha) may be required, so clients should treat this like the regular registration flow choices. | ||||
* | Merge branch 'release-v0.10.1' of github.com:matrix-org/synapse into develop | Erik Johnston | 2015-10-23 | 4 | -3/+39 |
|\ | |||||
| * | Add config option to disable password login | Erik Johnston | 2015-10-22 | 4 | -3/+39 |
| | | |||||
* | | Add config for how many bcrypt rounds to use for password hashes | Mark Haines | 2015-10-16 | 1 | -0/+6 |
|/ | | | | | By default we leave it at the default value of 12. But now we can reduce it for preparing users for loadtests or running integration tests. | ||||
* | Only turn on the twisted deferred debugging if full_twisted_stacktraces is ↵ | Mark Haines | 2015-10-13 | 1 | -0/+8 |
| | | | | set in the config | ||||
* | Default cas_required_attributes to empty dictionary | Steven Hammerton | 2015-10-12 | 1 | -1/+1 |
| | |||||
* | Support multiple required attributes in CAS response, and in a nicer config ↵ | Steven Hammerton | 2015-10-12 | 1 | -15/+4 |
| | | | | format too | ||||
* | Allow optional config params for a required attribute and it's value, if ↵ | Steven Hammerton | 2015-10-12 | 1 | -0/+15 |
| | | | | specified any CAS user must have the given attribute and the value must equal | ||||
* | Provide ability to login using CAS | Steven Hammerton | 2015-10-10 | 2 | -1/+41 |
| | |||||
* | Preserve version string in user agent | Daniel Wagner-Hall | 2015-10-05 | 1 | -1/+1 |
| | |||||
* | Allow synapse's useragent to be customized | Daniel Wagner-Hall | 2015-10-02 | 1 | -0/+1 |
| | | | | | This will allow me to write tests which verify which server made HTTP requests in a federation context. | ||||
* | Front-load spaces | Daniel Wagner-Hall | 2015-09-22 | 1 | -7/+7 |
| | |||||
* | Implement configurable stats reporting | Daniel Wagner-Hall | 2015-09-22 | 14 | -19/+58 |
| | | | | | | | | | | SYN-287 This requires that HS owners either opt in or out of stats reporting. When --generate-config is passed, --report-stats must be specified If an already-generated config is used, and doesn't have the report_stats key, it is requested to be set. | ||||
* | Merge pull request #272 from matrix-org/daniel/insecureclient | Daniel Wagner-Hall | 2015-09-15 | 1 | -0/+8 |
|\ | | | | | Allow configuration to ignore invalid SSL certs | ||||
| * | Use shorter config key name | Daniel Wagner-Hall | 2015-09-15 | 1 | -3/+3 |
| | | |||||
| * | Merge branch 'daniel/insecureclient' into develop | Daniel Wagner-Hall | 2015-09-09 | 1 | -0/+8 |
| |\ | |||||
| | * | Better document the intent of the insecure SSL setting | Daniel Wagner-Hall | 2015-09-09 | 1 | -2/+6 |
| | | | |||||
| | * | Allow configuration to ignore invalid SSL certs | Daniel Wagner-Hall | 2015-09-09 | 1 | -0/+4 |
| | | | | | | | | | | | | | | | This will be useful for sytest, and sytest only, hence the aggressive config key name. | ||||
* | | | Hacky attempt at catching SIGHUP and rotating the logfile around | Paul "LeoNerd" Evans | 2015-09-14 | 1 | -0/+14 |
|/ / | |||||
* | | Merge branch 'master' into develop | Mark Haines | 2015-09-07 | 1 | -1/+1 |
|\ \ | |/ |/| | | | | | Conflicts: setup.py | ||||
| * | Lists use 'append' | Erik Johnston | 2015-09-02 | 1 | -1/+1 |
| | | |||||
* | | Merge branch 'release-v0.10.0' of github.com:matrix-org/synapse into develop | Erik Johnston | 2015-09-01 | 1 | -0/+2 |
|\| | |||||
| * | Actually add config path | Erik Johnston | 2015-08-28 | 1 | -0/+2 |
| | | |||||
* | | Merge branch 'release-v0.10.0' into develop | Mark Haines | 2015-08-28 | 3 | -8/+80 |
|\| | | | | | | | | | | | | | Conflicts: synapse/handlers/auth.py synapse/python_dependencies.py synapse/rest/client/v1/login.py | ||||
| * | Merge pull request #250 from matrix-org/erikj/generated_directory | Erik Johnston | 2015-08-25 | 1 | -2/+15 |
| |\ | | | | | | | Add config option to specify where generated files should be dumped | ||||
| | * | Update config doc | Erik Johnston | 2015-08-25 | 1 | -1/+2 |
| | | | |||||
| | * | s/--generated-directory/--keys-directory/ | Erik Johnston | 2015-08-25 | 1 | -7/+7 |
| | | | |||||
| | * | Add config option to specify where generated files should be dumped | Erik Johnston | 2015-08-25 | 1 | -2/+14 |
| | | | |||||
| * | | Warn if we encounter unexpected files in config directories | Erik Johnston | 2015-08-25 | 1 | -7/+17 |
| |/ | |||||
| * | Allow specifying directories as config files | Erik Johnston | 2015-08-25 | 1 | -6/+24 |
| | | |||||
| * | Merge pull request #245 from matrix-org/erikj/configurable_client_location | Erik Johnston | 2015-08-25 | 1 | -0/+1 |
| |\ | | | | | | | Allow specifying a directory to host a web client from | ||||
| | * | Allow specifying a directory to host a web client from | Erik Johnston | 2015-08-25 | 1 | -0/+1 |
| | | | |||||
| * | | Fix typo when using sys.stderr.write | Erik Johnston | 2015-08-25 | 1 | -1/+1 |
| | | | |||||
| * | | Add utility to parse config and print out a key | Erik Johnston | 2015-08-25 | 1 | -0/+30 |
| |/ | | | | | | | | | | | | | | | | | Usage: ``` $ python -m synapse.config read server_name -c homeserver.yaml localhost ``` | ||||
* | | Fix typo in module imports and package dependencies | Mark Haines | 2015-08-25 | 1 | -1/+1 |
| | | |||||
* | | Remove syutil dependency in favour of smaller single-purpose libraries | Mark Haines | 2015-08-24 | 1 | -19/+16 |
| | | |||||
* | | Merge branch 'develop' into auth | Daniel Wagner-Hall | 2015-08-20 | 1 | -0/+59 |
|\| | |||||
| * | Fix flake8 warning | Mark Haines | 2015-08-13 | 1 | -0/+1 |
| | | |||||
| * | Merge remote-tracking branch 'origin/develop' into ↵ | Mark Haines | 2015-08-13 | 2 | -41/+48 |
| |\ | | | | | | | | | | erikj/generate_presice_thumbnails | ||||
| * | | Doc-string for config ultility function | Mark Haines | 2015-08-12 | 1 | -0/+11 |
| | | | |||||
| * | | Add config option for setting the list of thumbnail sizes to precalculate | Mark Haines | 2015-08-12 | 1 | -0/+39 |
| | | | |||||
| * | | Make a config option for whether to generate new thumbnail sizes dynamically | Mark Haines | 2015-08-12 | 1 | -0/+8 |
| | | | |||||
* | | | Issue macaroons as opaque auth tokens | Daniel Wagner-Hall | 2015-08-18 | 1 | -0/+4 |
| |/ |/| | | | | | | | | | | | | | | | | | | | | | | | This just replaces random bytes with macaroons. The macaroons are not inspected by the client or server. In particular, they claim to have an expiry time, but nothing verifies that they have not expired. Follow-up commits will actually enforce the expiration, and allow for token refresh. See https://bit.ly/matrix-auth for more information | ||||
* | | Fix the --generate-keys option. Make it do the same thing as ↵ | Mark Haines | 2015-08-12 | 1 | -45/+36 |
| | | | | | | | | --generate-config does when the config file exists, but without printing a warning | ||||
* | | Add a --generate-keys option | Paul "LeoNerd" Evans | 2015-08-07 | 1 | -0/+9 |
| | | |||||
* | | Only print the pidfile path on startup if requested by a commandline flag | Paul "LeoNerd" Evans | 2015-08-07 | 1 | -0/+7 |
|/ | |||||
* | Merge branch 'master' of github.com:matrix-org/synapse into develop | Erik Johnston | 2015-07-21 | 1 | -2/+2 |
|\ | |||||
| * | typo | Matthew Hodgson | 2015-07-08 | 1 | -2/+2 |
| | | |||||
* | | Close, but no cigar. | David Baker | 2015-07-14 | 1 | -2/+2 |
| | | |||||
* | | Small tweaks to SAML2 configuration. | Erik Johnston | 2015-07-10 | 1 | -18/+30 |
| | | | | | | | | | | - Add saml2 config docs to default config. - Use existence of saml2 config to indicate if saml2 should be enabled. | ||||
* | | Merge pull request #201 from EricssonResearch/msba/saml2-develop | Erik Johnston | 2015-07-10 | 2 | -2/+45 |
|\ \ | | | | | | | Integrate SAML2 basic authentication - uses pysaml2 | ||||
| * | | Make SAML2 optional and add some references/comments | Muthu Subramanian | 2015-07-09 | 1 | -0/+14 |
| | | | |||||
| * | | code beautify | Muthu Subramanian | 2015-07-08 | 2 | -1/+3 |
| | | | |||||
| * | | Integrate SAML2 basic authentication - uses pysaml2 | Muthu Subramanian | 2015-07-08 | 2 | -3/+30 |
| |/ | |||||
* | | We don't want semicolons. | Erik Johnston | 2015-07-09 | 1 | -1/+1 |
| | | |||||
* | | remove the tls_certificate_chain_path param and simply support ↵ | Matthew Hodgson | 2015-07-09 | 1 | -21/+9 |
| | | | | | | | | tls_certificate_path pointing to a file containing a chain of certificates | ||||
* | | document tls_certificate_chain_path more clearly | Matthew Hodgson | 2015-07-09 | 1 | -0/+5 |
| | | |||||
* | | oops, context.tls_certificate_chain_file() expects a file, not a certificate. | Matthew Hodgson | 2015-07-08 | 1 | -4/+1 |
| | | |||||
* | | *cough* | Matthew Hodgson | 2015-07-08 | 1 | -2/+3 |
| | | |||||
* | | add new optional config for tls_certificate_chain_path for folks with ↵ | Matthew Hodgson | 2015-07-08 | 1 | -3/+17 |
|/ | | | | intermediary SSL certs | ||||
* | Make upload dir a configurable path. | Eric Myhre | 2015-06-18 | 1 | -0/+5 |
| | | | | | | Fixes SYN-425. Signed-off-by: Eric Myhre <hash@exultant.us> | ||||
* | Correct -H SERVER_NAME in config-missing complaint message | Paul "LeoNerd" Evans | 2015-06-16 | 1 | -2/+2 |
| | |||||
* | Remove redundant newline | Erik Johnston | 2015-06-15 | 1 | -2/+1 |
| | |||||
* | Document listener config. Remove deprecated config options | Erik Johnston | 2015-06-15 | 2 | -36/+42 |
| | |||||
* | Add backwards compat support for metrics, manhole and webclient config options | Erik Johnston | 2015-06-12 | 2 | -9/+27 |
| | |||||
* | Correctly handle x_forwaded listener option | Erik Johnston | 2015-06-12 | 1 | -0/+2 |
| | |||||
* | Use config.listeners | Erik Johnston | 2015-06-12 | 1 | -30/+84 |
| | |||||
* | Begin changing the config format | Erik Johnston | 2015-06-11 | 1 | -8/+24 |
| | |||||
* | Add config option to disable compression of http responses | Erik Johnston | 2015-06-01 | 1 | -0/+6 |
| | |||||
* | Merge pull request #170 from matrix-org/markjh/SYT-8-recaptcha | Mark Haines | 2015-05-29 | 1 | -0/+4 |
|\ | | | | | Allow endpoint for verifying recaptcha to be configured | ||||
| * | Merge branch 'develop' into markjh/SYT-8-recaptcha | Mark Haines | 2015-05-29 | 1 | -1/+1 |
| |\ | | | | | | | | | | | | | Conflicts: synapse/handlers/auth.py | ||||
| * | | Add config for setting the recaptcha verify api endpoint, so we can test it ↵ | Mark Haines | 2015-05-29 | 1 | -0/+4 |
| | | | | | | | | | | | | in sytest | ||||
* | | | Add config option to turn off freezing events. Use new encode_json api and ↵ | Erik Johnston | 2015-05-29 | 1 | -0/+1 |
| |/ |/| | | | | | ujson.loads | ||||
* | | Registration should be disabled by default | Erik Johnston | 2015-05-28 | 1 | -1/+1 |
|/ | |||||
* | s/metric_interface/metric_bind_host/ | Erik Johnston | 2015-05-22 | 1 | -3/+3 |
| | |||||
* | Enable changing the interface the metrics listener binds to | Erik Johnston | 2015-05-22 | 1 | -1/+5 |
| | |||||
* | Merge branch 'develop' of github.com:matrix-org/synapse into develop | David Baker | 2015-05-07 | 1 | -18/+29 |
|\ | |||||
| * | Fix the --help option for synapse | Mark Haines | 2015-05-05 | 1 | -18/+29 |
| | | |||||
* | | Typo | David Baker | 2015-05-07 | 1 | -1/+1 |
|/ | |||||
* | Use the daemonize key from the config if it exists | Mark Haines | 2015-05-01 | 1 | -1/+4 |
| | |||||
* | Allow generate-config to run against an existing config file to generate ↵ | Mark Haines | 2015-05-01 | 3 | -14/+26 |
| | | | | default keys | ||||
* | Allow "manhole" to be ommited from the config | Mark Haines | 2015-04-30 | 1 | -1/+1 |
| | |||||
* | Remove the ~, comment the lines instead | Mark Haines | 2015-04-30 | 2 | -2/+2 |
| | |||||
* | Update key.py | Mark Haines | 2015-04-30 | 1 | -1/+2 |
| | |||||
* | Update metrics.py | Mark Haines | 2015-04-30 | 1 | -2/+2 |
| | |||||
* | Merge branch 'develop' into markjh/config_cleanup | Mark Haines | 2015-04-30 | 1 | -0/+1 |
|\ | | | | | | | | | Conflicts: synapse/config/captcha.py | ||||
| * | Undo changes to logger config, ie. remove the access_log_file option: ↵ | David Baker | 2015-04-30 | 1 | -16/+0 |
| | | | | | | | | decision is to support this through log_config rather tan adding an option. | ||||
| * | Do access log using python's logging stuff, just under a separate logger name | David Baker | 2015-04-30 | 1 | -0/+11 |
| | | |||||
| * | Add an access_log | David Baker | 2015-04-30 | 2 | -0/+7 |
| | | | | | | | | SYN-161 #resolve | ||||
* | | Write a default log_config when generating config | Mark Haines | 2015-04-30 | 4 | -4/+57 |
| | | |||||
* | | Don't break when sizes or durations are given as integers | Mark Haines | 2015-04-30 | 1 | -9/+12 |
| | |