summary refs log tree commit diff
path: root/synapse/federation/transport (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Add most of the missing type hints to `synapse.federation`. (#11483)Patrick Cloke2021-12-023-27/+43
| | | This skips a few methods which are difficult to type.
* Add MSC3030 experimental client and federation API endpoints to get the ↵Eric Eastwood2021-12-023-1/+88
| | | | | | | | | | | | | | | | | | | | | | | | | closest event to a given timestamp (#9445) MSC3030: https://github.com/matrix-org/matrix-doc/pull/3030 Client API endpoint. This will also go and fetch from the federation API endpoint if unable to find an event locally or we found an extremity with possibly a closer event we don't know about. ``` GET /_matrix/client/unstable/org.matrix.msc3030/rooms/<roomID>/timestamp_to_event?ts=<timestamp>&dir=<direction> { "event_id": ... "origin_server_ts": ... } ``` Federation API endpoint: ``` GET /_matrix/federation/unstable/org.matrix.msc3030/timestamp_to_event/<roomID>?ts=<timestamp>&dir=<direction> { "event_id": ... "origin_server_ts": ... } ``` Co-authored-by: Erik Johnston <erik@matrix.org>
* Support the stable /hierarchy endpoint from MSC2946 (#11329)Patrick Cloke2021-11-292-5/+23
| | | | | | This also makes additional updates where the implementation had drifted from the approved MSC. Unstable endpoints will be removed at a later data.
* Return the stable `event` field from `/send_join` per MSC3083. (#11413)Patrick Cloke2021-11-291-1/+12
| | | | | This does not remove the unstable field and still parses both. Handling of the unstable field will need to be removed in the future.
* Add `use_float=true` to ijson calls in Synapse (#11217)Shay2021-11-011-0/+3
| | | | | | | | | | | | | * add use_float=true to ijson calls * lints * add changelog * Update changelog.d/11217.bugfix Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com> Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com>
* Annotate `log_function` decorator (#10943)reivilibre2021-10-271-4/+18
| | | Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
* Use direct references for configuration variables (part 6). (#10916)Patrick Cloke2021-09-291-1/+1
|
* Use direct references for configuration variables (part 4). (#10893)Patrick Cloke2021-09-231-1/+3
|
* Validate the max_rooms_per_space parameter to ensure it is non-negative. ↵Patrick Cloke2021-08-161-4/+18
| | | | (#10611)
* Experimental support for MSC3266 Room Summary API. (#10394)Michael Telatynski2021-08-161-2/+2
|
* Split `synapse.federation.transport.server` into multiple files. (#10590)Patrick Cloke2021-08-166-2158/+2218
|
* Support federation in the new spaces summary API (MSC2946). (#10569)Patrick Cloke2021-08-162-0/+50
|
* Convert Transaction and Edu object to attrs (#10542)Patrick Cloke2021-08-062-11/+2
| | | | | Instead of wrapping the JSON into an object, this creates concrete instances for Transaction and Edu. This allows for improved type hints and simplified code.
* Update the MSC3083 support to verify if joins are from an authorized server. ↵Patrick Cloke2021-07-261-1/+29
| | | | (#10254)
* Add type hints to synapse.federation.transport.client. (#10408)Patrick Cloke2021-07-261-201/+298
|
* Add type hints to additional servlet functions (#10437)Patrick Cloke2021-07-211-11/+2
| | | | | | | | | Improves type hints for: * parse_{boolean,integer} * parse_{boolean,integer}_from_args * parse_json_{value,object}_from_request And fixes any incorrect calls that resulted from unknown types.
* Use inline type hints in various other places (in `synapse/`) (#10380)Jonathan de Jong2021-07-152-17/+15
|
* Add type hints to get_domain_from_id and get_localpart_from_id. (#10385)Patrick Cloke2021-07-131-24/+72
|
* Add additional types to the federation transport server. (#10213)Patrick Cloke2021-06-281-114/+474
|
* Improve validation for `send_{join,leave,knock}` (#10225)Richard van der Hoff2021-06-241-6/+6
| | | The idea here is to stop people sending things that aren't joins/leaves/knocks through these endpoints: previously you could send anything you liked through them. I wasn't able to find any security holes from doing so, but it doesn't sound like a good thing.
* Expose opentracing trace id in response headers (#10199)Richard van der Hoff2021-06-181-0/+3
| | | Fixes: #9480
* Remove the experimental flag for knocking and use stable prefixes / ↵Patrick Cloke2021-06-152-44/+5
| | | | | | | endpoints. (#10167) * Room version 7 for knocking. * Stable prefixes and endpoints (both client and federation) for knocking. * Removes the experimental configuration flag.
* Implement knock feature (#6739)Sorunome2021-06-092-7/+107
| | | | | | This PR aims to implement the knock feature as proposed in https://github.com/matrix-org/matrix-doc/pull/2403 Signed-off-by: Sorunome mail@sorunome.de Signed-off-by: Andrew Morgan andrewm@element.io
* Add type hints to the federation server transport. (#10080)Patrick Cloke2021-06-081-69/+163
|
* Rewrite the KeyRing (#10035)Erik Johnston2021-06-021-1/+3
|
* Merge branch 'master' into developAndrew Morgan2021-06-011-0/+7
|\
| * Allow response of `/send_join` to be larger. (#10093)Erik Johnston2021-05-281-0/+7
| | | | | | Fixes #10087.
* | Set opentracing priority before setting other tags (#10092)Richard van der Hoff2021-05-281-1/+2
| | | | | | ... because tags on spans which aren't being sampled get thrown away.
* | Merge tag 'v1.35.0rc2' into developErik Johnston2021-05-271-1/+1
|\| | | | | | | | | | | | | | | | | | | Synapse 1.35.0rc2 (2021-05-27) ============================== Bugfixes -------- - Fix a bug introduced in v1.35.0rc1 when calling the spaces summary API via a GET request. ([\#10079](https://github.com/matrix-org/synapse/issues/10079))
| * Pass the origin when calculating the spaces summary over GET. (#10079)Patrick Cloke2021-05-271-1/+1
| | | | | | | | Fixes a bug due to conflicting PRs which were merged. (One added a new caller to a method, the other added a new parameter to the same method.)
* | Remove the experimental spaces enabled flag. (#10063)Patrick Cloke2021-05-261-7/+6
|/ | | | In lieu of just always enabling the unstable spaces endpoint and unstable room version.
* Don't hammer the database for destination retry timings every ~5mins (#10036)Erik Johnston2021-05-211-1/+1
|
* Use ijson to parse the response to `/send_join`, reducing memory usage. (#9958)Erik Johnston2021-05-201-4/+81
| | | Instead of parsing the full response to `/send_join` into Python objects (which can be huge for large rooms) and *then* parsing that into events, we instead use ijson to stream parse the response directly into `EventBase` objects.
* Allow a user who could join a restricted room to see it in spaces summary. ↵Patrick Cloke2021-05-201-1/+1
| | | | | | (#9922) This finishes up the experimental implementation of MSC3083 by showing the restricted rooms in the spaces summary (from MSC2946).
* Support fetching the spaces summary via GET over federation. (#9947)Patrick Cloke2021-05-112-0/+27
| | | | | | | | | | | Per changes in MSC2946, the C-S and S-S APIs for spaces summary should use GET requests. Until this is stable, the POST endpoints still exist. This does not switch federation requests to use the GET version yet since it is newly added and already deployed servers might not support it. When switching to the stable endpoint we should switch to GET requests.
* Remove redundant "coding: utf-8" lines (#9786)Jonathan de Jong2021-04-143-3/+0
| | | | | | | Part of #9744 Removes all redundant `# -*- coding: utf-8 -*-` lines from files, as python 3 automatically reads source code as utf-8 now. `Signed-off-by: Jonathan de Jong <jonathan@automatia.nl>`
* Fix duplicate logging of exceptions in transaction processing (#9780)Richard van der Hoff2021-04-091-7/+3
| | | There's no point logging this twice.
* Add type hints to the federation handler and server. (#9743)Patrick Cloke2021-04-061-2/+2
|
* Spaces summary: call out to other servers (#9653)Richard van der Hoff2021-03-241-1/+34
| | | | | When we hit an unknown room in the space tree, see if there are other servers that we might be able to poll to get the data. Fixes: #9447
* Federation API for Space summary (#9652)Richard van der Hoff2021-03-231-9/+58
| | | | | Builds on the work done in #9643 to add a federation API for space summaries. There's a bit of refactoring of the existing client-server code first, to avoid too much duplication.
* Add configs to make profile data more private (#9203)AndrewFerr2021-02-191-4/+3
| | | | | | | Add off-by-default configuration settings to: - disable putting an invitee's profile info in invite events - disable profile lookup via federation Signed-off-by: Andrew Ferrazzutti <fair@miscworks.net>
* Add type hints to groups code. (#9393)Patrick Cloke2021-02-171-2/+39
|
* Update black, and run auto formatting over the codebase (#9381)Eric Eastwood2021-02-162-96/+54
| | | | | | | - Update black version to the latest - Run black auto formatting over the codebase - Run autoformatting according to [`docs/code_style.md `](https://github.com/matrix-org/synapse/blob/80d6dc9783aa80886a133756028984dbf8920168/docs/code_style.md) - Update `code_style.md` docs around installing black to use the correct version
* Support icons for Identity Providers (#9154)Richard van der Hoff2021-01-201-1/+1
|
* Add type hints to the crypto module. (#8999)Patrick Cloke2021-01-041-1/+1
|
* Merge pull request #8858 from matrix-org/rav/sso_uiaRichard van der Hoff2020-12-021-1/+1
|\ | | | | UIA: offer only available auth flows
| * fix up various test casesRichard van der Hoff2020-12-021-1/+1
| | | | | | | | | | A few test cases were relying on being able to mount non-client servlets on the test resource. it's better to give them their own Resources.
* | Apply an IP range blacklist to push and key revocation requests. (#8821)Patrick Cloke2020-12-021-1/+1
|/ | | | | | | | | | | | Replaces the `federation_ip_range_blacklist` configuration setting with an `ip_range_blacklist` setting with wider scope. It now applies to: * Federation * Identity servers * Push notifications * Checking key validitity for third-party invite events The old `federation_ip_range_blacklist` setting is still honored if present, but with reduced scope (it only applies to federation and identity servers).
* Consistently use room_id from federation request body (#8776)Richard van der Hoff2020-11-191-35/+33
| | | | | | | | | | | | | * Consistently use room_id from federation request body Some federation APIs have a redundant `room_id` path param (see https://github.com/matrix-org/matrix-doc/issues/2330). We should make sure we consistently use either the path param or the body param, and the body param is easier. * Kill off some references to "context" Once upon a time, "rooms" were known as "contexts". I think this kills of the last references to "contexts".
* Add ability for access tokens to belong to one user but grant access to ↵Erik Johnston2020-10-291-1/+1
| | | | | | | | | | another user. (#8616) We do it this way round so that only the "owner" can delete the access token (i.e. `/logout/all` by the "owner" also deletes that token, but `/logout/all` by the "target user" doesn't). A future PR will add an API for creating such a token. When the target user and authenticated entity are different the `Processed request` log line will be logged with a: `{@admin:server as @bob:server} ...`. I'm not convinced by that format (especially since it adds spaces in there, making it harder to use `cut -d ' '` to chop off the start of log lines). Suggestions welcome.
* Simplify super() calls to Python 3 syntax. (#8344)Patrick Cloke2020-09-181-7/+3
| | | | | | | This converts calls like super(Foo, self) -> super(). Generated with: sed -i "" -Ee 's/super\([^\(]+\)/super()/g' **/*.py
* Fix ratelimiting for federation `/send` requests. (#8342)Erik Johnston2020-09-181-5/+8
| | | c.f. #8295 for rationale
* Stop sub-classing object (#8249)Patrick Cloke2020-09-042-3/+3
|
* Convert federation client to async/await. (#7975)Patrick Cloke2020-07-301-56/+40
|
* Abort federation requests if the client disconnects early (#7930)Richard van der Hoff2020-07-231-0/+6
| | | | | | | | | | | | | | | | | | | | | For inbound federation requests, if a given remote server makes too many requests at once, we start stacking them up rather than processing them immediatedly. However, that means that there is a fair chance that the requesting server will disconnect before we start processing the request. In that case, if it was a read-only request (ie, a GET request), there is absolutely no point in building a response (and some requests are quite expensive to handle). Even in the case of a POST request, one of two things will happen: * Most likely, the requesting server will retry the request and we'll get the information anyway. * Even if it doesn't, the requesting server has to assume that we didn't get the memo, and act accordingly. In short, we're better off aborting the request at this point rather than ploughing on with what might be a quite expensive request.
* Convert room list handler to async/await. (#7912)Patrick Cloke2020-07-211-8/+2
|
* Fix some spelling mistakes / typos. (#7811)Patrick Cloke2020-07-092-3/+3
|
* Merge different Resource implementation classes (#7732)Erik Johnston2020-07-031-5/+1
|
* Replace all remaining six usage with native Python 3 equivalents (#7704)Dagfinn Ilmari Mannsåker2020-06-161-2/+1
|
* Further improvements to requesting the public rooms list on a homeserver ↵Andrew Morgan2020-05-011-14/+42
| | | | which has it set to private (#7368)
* Query missing cross-signing keys on local sig upload (#7289)Andrew Morgan2020-04-221-9/+40
|
* Revert "Query missing cross-signing keys on local sig upload"Richard van der Hoff2020-04-201-11/+3
| | | | | | This was incorrectly merged to the release branch before it was ready. This reverts commit 72fe2affb6ac86d433b80b6452da57052365aa26.
* Query missing cross-signing keys on local sig uploadAndrew Morgan2020-04-171-3/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add changelog Save retrieved keys to the db lint Fix and de-brittle remote result dict processing Use query_user_devices instead, assume only master, self_signing key types Make changelog more useful Remove very specific exception handling Wrap get_verify_key_from_cross_signing_key in a try/except Note that _get_e2e_cross_signing_verify_key can raise a SynapseError lint Add comment explaining why this is useful Only fetch master and self_signing key types Fix log statements, docstrings Remove extraneous items from remote query try/except lint Factor key retrieval out into a separate function Send device updates, modeled after SigningKeyEduUpdater._handle_signing_key_updates Update method docstring
* Remove unused federation endpoint (`query_auth`) (#7026)Patrick Cloke2020-03-171-12/+0
|
* Reduce amount of logging at INFO level. (#6862)Erik Johnston2020-02-061-1/+1
| | | | | | | | A lot of the things we log at INFO are now a bit superfluous, so lets make them DEBUG logs to reduce the amount we log by default. Co-Authored-By: Brendan Abolivier <babolivier@matrix.org> Co-authored-by: Brendan Abolivier <github@brendanabolivier.com>
* Fix `room_version` in `on_invite_request` flow (#6827)Richard van der Hoff2020-02-031-2/+2
| | | | I messed this up a bit in #6805, but fortunately we weren't actually doing anything with the room_version so it didn't matter that it was a str not a RoomVersion.
* Fix sending server up commands from workers (#6811)Erik Johnston2020-01-302-12/+19
| | | | Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
* Wake up transaction queue when remote server comes back online (#6706)Erik Johnston2020-01-171-1/+18
| | | | | This will be used to retry outbound transactions to a remote server if we think it might have come back up.
* Merge pull request #6349 from matrix-org/babolivier/msc1802Brendan Abolivier2019-12-112-6/+59
|\ | | | | Implement v2 APIs for send_join and send_leave
| * Merge branch 'develop' into babolivier/msc1802Brendan Abolivier2019-12-053-9/+9
| |\
| * | Fix prefix for v2/send_leaveBrendan Abolivier2019-11-111-0/+2
| | |
| * | Add server-side support to the v2 APIBrendan Abolivier2019-11-111-4/+26
| | |
| * | Implement v2 API for send_leaveBrendan Abolivier2019-11-111-1/+19
| | |
| * | Implement v2 API for send_joinBrendan Abolivier2019-11-111-1/+12
| | |
* | | Remove fallback for missing /federation/v1/state_ids API (#6488)Richard van der Hoff2019-12-091-24/+0
| |/ |/| | | | | This API was added way back in 0.17.0; the code here is annoying to maintain and entirely redundant.
* | Implementation of MSC2314 (#6176)Amber Brown2019-11-281-3/+3
| |
* | Replace instance variations of homeserver with correct case/spacingAndrew Morgan2019-11-123-6/+6
|/
* Remove usage of deprecated logger.warn method from codebase (#6271)Andrew Morgan2019-10-311-3/+5
| | | Replace every instance of `logger.warn` with `logger.warning` as the former is deprecated.
* use %r to __repr__ objectsMichael Kaye2019-10-241-2/+2
| | | | This avoids calculating __repr__ unless we are going to log.
* rip out some unreachable codeRichard van der Hoff2019-10-171-11/+0
| | | | The only possible rejection reason is AUTH_ERROR, so all of this is unreachable.
* Land improved room list based on room stats (#6019)Erik Johnston2019-10-021-0/+8
| | | | Use room_stats and room_state for room directory search
* Fix exception when resetting retry timingsRichard van der Hoff2019-09-201-1/+1
| | | | | | | | Fixes: > TypeError: set_destination_retry_timings() missing 1 required positional argument: 'retry_interval' Introduced in #6016.
* Remove origin parameter from add_display_name_to_third_party_invite and add ↵Andrew Morgan2019-09-111-1/+1
| | | | | | | params to docstring (#6010) Another small fixup noticed during work on a larger PR. The `origin` field of `add_display_name_to_third_party_invite` is not used and likely was just carried over from the `on_PUT` method of `FederationThirdPartyInviteExchangeServlet` which, like all other servlets, provides an `origin` argument. Since it's not used anywhere in the handler function though, we should remove it from the function arguments.
* Add opentracing to all client servlets (#5983)Jorik Schellekens2019-09-051-1/+5
|
* Merge pull request #5859 from matrix-org/rei/msc2197reivilibre2019-08-282-15/+67
|\ | | | | MSC2197 Search Filters over Federation
| * Use MSC2197 on stable prefix as it has almost finished FCPOlivier Wilkinson (reivilibre)2019-08-202-26/+4
| | | | | | | | Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
| * Add support for inbound MSC2197 requests on unstable Federation APIOlivier Wilkinson (reivilibre)2019-08-151-1/+59
| | | | | | | | Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
| * Support MSC2197 outbound with unstable prefixOlivier Wilkinson (reivilibre)2019-08-151-15/+31
| | | | | | | | Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
* | Opentracing across workers (#5771)Jorik Schellekens2019-08-221-15/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Propagate opentracing contexts across workers Also includes some Convenience modifications to opentracing for servlets, notably: - Add boolean to skip the whitelisting check on inject extract methods. - useful when injecting into carriers locally. Otherwise we'd always have to include our own servername and whitelist our servername - start_active_span_from_request instead of header - Add boolean to decide whether to extract context from a request to a servlet
* | Opentracing misc (#5856)Jorik Schellekens2019-08-161-6/+7
| | | | | | | | | | | | | | | | | | | | | | Add authenticated_entity and servlet_names tags. Functionally: - Add a tag for authenticated_entity - Add a tag for servlet_names Stylistically: Moved to importing methods directly from opentracing.
* | Wrap `get_local_public_room_list` call in `maybeDeferred` because itOlivier Wilkinson (reivilibre)2019-08-141-2/+8
|/ | | | | | | is cached and so does not always return a `Deferred`. `await` does not silently pass-through non-Deferreds like `yield` used to. Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
* Room Complexity Client Implementation (#5783)Amber Brown2019-07-301-7/+24
|
* Merge tag 'v1.2.0rc2' into developAndrew Morgan2019-07-241-1/+3
|\ | | | | | | | | | | | | Bugfixes -------- - Fix a regression introduced in v1.2.0rc1 which led to incorrect labels on some prometheus metrics. ([\#5734](https://github.com/matrix-org/synapse/issues/5734))
| * Fix servlet metric names (#5734)Jorik Schellekens2019-07-241-1/+3
| | | | | | | | | | | | | | | | | | | | * Fix servlet metric names Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com> * Remove redundant check * Cover all return paths
* | Replace returnValue with return (#5736)Amber Brown2019-07-231-15/+15
|/
* Convert synapse.federation.transport.server to async (#5689)Richard van der Hoff2019-07-181-242/+188
| | | | | | | | | | | | | | | | * Convert BaseFederationServlet._wrap to async Empirically, this fixes some lost stacktraces. It should be safe because the wrapped function is called from JsonResource._async_render, which is already async. * Convert the rest of synapse.federation.transport.server to async We may as well do the whole file while we're here. * changelog * flake8
* Add basic opentracing support (#5544)Jorik Schellekens2019-07-111-5/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Configure and initialise tracer Includes config options for the tracer and sets up JaegerClient. * Scope manager using LogContexts We piggy-back our tracer scopes by using log context. The current log context gives us the current scope. If new scope is created we create a stack of scopes in the context. * jaeger is a dependency now * Carrier inject and extraction for Twisted Headers * Trace federation requests on the way in and out. The span is created in _started_processing and closed in _finished_processing because we need a meaningful log context. * Create logcontext for new scope. Instead of having a stack of scopes in a logcontext we create a new context for a new scope if the current logcontext already has a scope. * Remove scope from logcontext if logcontext is top level * Disable tracer if not configured * typo * Remove dependence on jaeger internals * bools * Set service name * :Explicitely state that the tracer is disabled * Black is the new black * Newsfile * Code style * Use the new config setup. * Generate config. * Copyright * Rename config to opentracing * Remove user whitelisting * Empty whitelist by default * User ConfigError instead of RuntimeError * Use isinstance * Use tag constants for opentracing. * Remove debug comment and no need to explicitely record error * Two errors a "s(c)entry" * Docstrings! * Remove debugging brainslip * Homeserver Whitlisting * Better opentracing config comment * linting * Inclue worker name in service_name * Make opentracing an optional dependency * Neater config retreival * Clean up dummy tags * Instantiate tracing as object instead of global class * Inlcude opentracing as a homeserver member. * Thread opentracing to the request level * Reference opetnracing through hs * Instantiate dummy opentracin g for tests. * About to revert, just keeping the unfinished changes just in case * Revert back to global state, commit number: 9ce4a3d9067bf9889b86c360c05ac88618b85c4f * Use class level methods in tracerutils * Start and stop requests spans in a place where we have access to the authenticated entity * Seen it, isort it * Make sure to close the active span. * I'm getting black and blue from this. * Logger formatting Co-Authored-By: Erik Johnston <erik@matrix.org> * Outdated comment * Import opentracing at the top * Return a contextmanager * Start tracing client requests from the servlet * Return noop context manager if not tracing * Explicitely say that these are federation requests * Include servlet name in client requests * Use context manager * Move opentracing to logging/ * Seen it, isort it again! * Ignore twisted return exceptions on context exit * Escape the scope * Scopes should be entered to make them useful. * Nicer decorator names * Just one init, init? * Don't need to close something that isn't open * Docs make you smarter
* Move logging utilities out of the side drawer of util/ and into logging/ (#5606)Amber Brown2019-07-042-2/+2
|
* Split public rooms directory auth config in twoBrendan Abolivier2019-06-241-4/+4
|
* Run Black. (#5482)Amber Brown2019-06-202-288/+243
|
* Associate a request_name with each verify request, for loggingRichard van der Hoff2019-06-051-1/+3
| | | | | | | Also: * rename VerifyKeyRequest->VerifyJsonRequest * calculate key_ids on VerifyJsonRequest construction * refactor things to pass around VerifyJsonRequests instead of 4-tuples
* Enforce validity period on server_keys for fed requests. (#5321)Richard van der Hoff2019-06-031-1/+3
| | | | | | | | When handling incoming federation requests, make sure that we have an up-to-date copy of the signing key. We do not yet enforce the validity period for event signatures.
* Implement the SHHS complexity API (#5216)Amber Brown2019-05-301-1/+30
|
* Make all the rate limiting options more consistent (#5181)Amber Brown2019-05-151-5/+1
|
* add options to require an access_token to GET /profile and /publicRooms on ↵Matthew Hodgson2019-05-081-0/+10
| | | | | | | | | | | | | | | | | CS API (#5083) This commit adds two config options: * `restrict_public_rooms_to_local_users` Requires auth to fetch the public rooms directory through the CS API and disables fetching it through the federation API. * `require_auth_for_profile_requests` When set to `true`, requires that requests to `/profile` over the CS API are authenticated, and only returns the user's profile if the requester shares a room with the profile's owner, as per MSC1301. MSC1301 also specifies a behaviour for federation (only returning the profile if the server asking for it shares a room with the profile's owner), but that's currently really non-trivial to do in a not too expensive way. Next step is writing down a MSC that allows a HS to specify which user sent the profile query. In this implementation, Synapse won't send a profile query over federation if it doesn't believe it already shares a room with the profile's owner, though. Groups have been intentionally omitted from this commit.
* Collect room-version variations into one place (#4969)Richard van der Hoff2019-04-011-2/+2
| | | | Collect all the things that make room-versions different to one another into one place, so that it's easier to define new room versions.
* Make federation endpoints more tolerant of trailing slashes v2 (#4935)Andrew Morgan2019-03-262-8/+8
| | | Redo of https://github.com/matrix-org/synapse/pull/4840
* Remove trailing slashes from outbound federation requests and retry on 400 ↵Andrew Morgan2019-03-211-7/+14
|\ | | | | | | | | (#4840) As per #3622, we remove trailing slashes from outbound federation requests. However, to ensure that we remain backwards compatible with previous versions of Synapse, if we receive a HTTP 400 with `M_UNRECOGNIZED`, then we are likely talking to an older version of Synapse in which case we retry with a trailing slash appended to the request path.
| * Switch to wrapper function around _send_requestAndrew Morgan2019-03-131-5/+5
| |
| * Cleaner way of implementing trailing slashesAndrew Morgan2019-03-121-5/+10
| |
| * Merge branch 'develop' into anoa/trailing_slashes_clientAndrew Morgan2019-03-111-7/+7
| |\
| * | lintAndrew Morgan2019-03-081-1/+3
| | |
| * | Retry certain federation requests on 404Andrew Morgan2019-03-081-5/+5
| | |
| * | Remove trailing slashes from outbound federation requestsAndrew Morgan2019-03-081-7/+7
| | |
* | | Revert "Make federation endpoints more tolerant of trailing slashes for some ↵Erik Johnston2019-03-142-8/+8
| |/ |/| | | | | | | | | endpoints (#4793)" This reverts commit 290552fd836f4ae2dc1d893a7f72f7fff85365d3.
* | Make federation endpoints more tolerant of trailing slashes for some ↵Andrew Morgan2019-03-112-8/+8
|/ | | | | endpoints (#4793) Server side of a solution towards #3622.
* Remove unnecessary dollar signsAndrew Morgan2019-03-041-22/+22
| | | | | A dollar sign is already appended to the end of each PATH, so there's no need to add one in the PATH declaration as well.
* Make 'event_id' a required parameter in federated state requests (#4741)Amber Brown2019-02-271-2/+2
| | | | | | | | | | | | | | * make 'event_id' a required parameter in federated state requests As per the spec: https://matrix.org/docs/spec/server_server/r0.1.1.html#id40 Signed-off-by: Joseph Weston <joseph@weston.cloud> * add changelog entry for bugfix Signed-off-by: Joseph Weston <joseph@weston.cloud> * Update server.py
* Merge branch 'develop' of github.com:matrix-org/synapse into ↵Andrew Morgan2019-02-262-124/+241
|\ | | | | | | anoa/public_rooms_federate_develop
| * Revert "Prevent showing non-fed rooms in fed /publicRooms"Andrew Morgan2019-02-261-2/+1
| |
| * Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2019-02-252-124/+241
| |\ | | | | | | | | | anoa/public_rooms_federate
| | * Merge pull request #4420 from matrix-org/jaywink/openid-listenerErik Johnston2019-02-111-42/+95
| | |\ | | | | | | | | New listener resource for the federation API "openid/userinfo" endpoint
| | | * Document `servlet_groups` parametersJason Robinson2019-01-231-0/+23
| | | | | | | | | | | | | | | | Signed-off-by: Jason Robinson <jasonr@matrix.org>
| | | * Split federation OpenID userinfo endpoint out of the federation resourceJason Robinson2019-01-231-42/+72
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This allows the OpenID userinfo endpoint to be active even if the federation resource is not active. The OpenID userinfo endpoint is called by integration managers to verify user actions using the client API OpenID access token. Without this verification, the integration manager cannot know that the access token is valid. The OpenID userinfo endpoint will be loaded in the case that either "federation" or "openid" resource is defined. The new "openid" resource is defaulted to active in default configuration. Signed-off-by: Jason Robinson <jasonr@matrix.org>
| | * | Implement fallback for V2 invite APIErik Johnston2019-01-281-2/+37
| | | | | | | | | | | | | | | | | | | | If the room version is either 1 or 2 then a server should retry failed `/v2/invite` requests with the v1 API
| | * | Require event format version to parse or create eventsErik Johnston2019-01-251-2/+2
| | | |
| | * | Revert "Require event format version to parse or create events"Erik Johnston2019-01-251-2/+2
| | | |
| | * | Require event format version to parse or create eventsErik Johnston2019-01-231-2/+2
| | |/
| | * Add /v2/invite federation APIErik Johnston2019-01-151-4/+38
| | |
| | * Add groundwork for new versions of federation APIsErik Johnston2019-01-152-67/+71
| | |
| | * Remove the unused /pull federation API (#4118)Amber Brown2018-10-311-9/+0
| | |
| * | Don't restrict non-fed rooms over client APIsAndrew Morgan2019-02-251-1/+2
| |/
* / Prevent showing non-fed rooms in fed /publicRoomsAndrew Morgan2019-02-261-1/+2
|/
* Fix incorrect truncation in get_missing_eventsRichard van der Hoff2018-10-161-2/+0
| | | | | | | | | It's quite important that get_missing_events returns the *latest* events in the room; however we were pulling event ids out of the database until we got *at least* 10, and then taking the *earliest* of the results. We also shouldn't really be relying on depth, and should be checking the room_id.
* Various cleanups in the federation client code (#4031)Richard van der Hoff2018-10-161-8/+11
| | | | | | | | | | | | | | - Improve logging: log things in the right order, include destination and txids in all log lines, don't log successful responses twice - Fix the docstring on TransportLayerClient.send_transaction - Don't use treq.request, which is overcomplicated for our purposes: just use a twisted.web.client.Agent. - simplify the logic for setting up the bodyProducer - fix bytes/str confusions
* Port federation/ to py3 (#3847)Amber Brown2018-09-122-15/+14
|
* Merge branch 'master' into developRichard van der Hoff2018-09-061-1/+1
|\
| * Fix origin handling for pushed transactionsRichard van der Hoff2018-09-051-1/+1
| | | | | | | | | | Use the actual origin for push transactions, rather than whatever the remote server claimed.
* | Merge pull request #3735 from matrix-org/travis/federation-spellingRichard van der Hoff2018-08-221-1/+1
|\ \ | | | | | | limt -> limit
| * | limt -> limitTravis Ralston2018-07-311-1/+1
| | |
* | | Log more detail when we fail to authenticate requestErik Johnston2018-08-211-3/+3
| | |
* | | Don't log exceptions when failing to fetch server keysErik Johnston2018-08-211-2/+2
| |/ |/| | | | | | | Not being able to resolve or connect to remote servers is an expected error, so we shouldn't log at ERROR with stacktraces.
* | include known room versions in outgoing make_joinsRichard van der Hoff2018-08-061-1/+4
| |
* | Enforce compatibility when processing make_join requestsRichard van der Hoff2018-08-031-1/+23
| | | | | | | | | | | | Reject make_join requests from servers which do not support the room version. Also include the room version in the response.
* | Docstrings for BaseFederationServletRichard van der Hoff2018-08-031-0/+47
| | | | | | | | ... to save me reverse-engineering this stuff again.
* | Python 3: Convert some unicode/bytes uses (#3569)Amber Brown2018-08-021-1/+1
|/
* Remove pdu_failures from transactionsTravis Ralston2018-07-301-2/+1
| | | The field is never read from, and all the opportunities given to populate it are not utilized. It should be very safe to remove this.
* Update the send_leave path to be an event_idTravis Ralston2018-07-261-2/+2
| | | It's still not used, however the parameter is an event ID not a transaction ID.
* run isortAmber Brown2018-07-092-15/+15
|
* Implementation of server_aclsRichard van der Hoff2018-07-041-2/+6
| | | | | ... as described at https://docs.google.com/document/d/1EttUVzjc2DWe2ciw4XPtNpUpIl9lWXGEsy2ewDS7rtw.
* More server_name validationRichard van der Hoff2018-07-041-2/+3
| | | | | | | | We need to do a bit more validation when we get a server name, but don't want to be re-doing it all over the shop, so factor out a separate parse_and_validate_server_name, and do the extra validation. Also, use it to verify the server name in the config file.
* Reject invalid server names (#3480)Richard van der Hoff2018-07-031-22/+44
| | | | | Make sure that server_names used in auth headers are sane, and reject them with a sensible error code, before they disappear off into the depths of the system.
* Improve exception handling for background processesRichard van der Hoff2018-04-271-3/+10
| | | | | | | | | | | | | | | | | | There were a bunch of places where we fire off a process to happen in the background, but don't have any exception handling on it - instead relying on the unhandled error being logged when the relevent deferred gets garbage-collected. This is unsatisfactory for a number of reasons: - logging on garbage collection is best-effort and may happen some time after the error, if at all - it can be hard to figure out where the error actually happened. - it is logged as a scary CRITICAL error which (a) I always forget to grep for and (b) it's not really CRITICAL if a background process we don't care about fails. So this is an attempt to add exception handling to everything we fire off into the background.
* fix federation_domain_whitelistMatthew Hodgson2018-04-131-6/+6
| | | | we were checking the wrong server_name on inbound requests
* revert last to PR properlyMatthew Hodgson2018-04-131-6/+6
|
* correctly auth inbound federation_domain_whitelist reqsMatthew Hodgson2018-04-131-6/+6
|
* Ensure slashes are escapedErik Johnston2018-04-101-1/+1
|
* URL quote path segments over federationErik Johnston2018-04-101-48/+80
|
* pep8Luke Barnard2018-04-061-1/+1
|
* Fix federation client `set_group_joinable` typoLuke Barnard2018-04-061-1/+1
|
* Implement group join APIDavid Baker2018-04-062-0/+31
|
* use PUT instead of POST for federating groups/m.join_policyKrombel2018-04-062-2/+2
|
* Use "/settings/" (plural)Luke Barnard2018-04-052-2/+2
|
* Use join_policy API instead of joinableLuke Barnard2018-04-032-6/+6
| | | | | | | | | | | | | | | | | The API is now under /groups/$group_id/setting/m.join_policy and expects a JSON blob of the shape ```json { "m.join_policy": { "type": "invite" } } ``` where "invite" could alternatively be "open".
* pep8David Baker2018-03-281-2/+1
|
* Add joinability for groupsDavid Baker2018-03-282-0/+37
| | | | | Adds API to set the 'joinable' flag, and corresponding flag in the table.
* s/replication_server/federation_serverErik Johnston2018-03-131-1/+1
|
* Split replication layer into twoErik Johnston2018-03-131-1/+1
|
* Add federation_domain_whitelist option (#2820)Matthew Hodgson2018-01-222-1/+11
| | | | | | Add federation_domain_whitelist gives a way to restrict which domains your HS is allowed to federate with. useful mainly for gracefully preventing a private but internet-connected HS from trying to federate to the wider public Matrix network
* Add bracketsErik Johnston2017-11-091-2/+4
|
* Have an explicit API to update room configErik Johnston2017-11-082-1/+36
|
* Revert "Modify group room association API to allow modification of is_public"Erik Johnston2017-11-082-7/+6
|
* Update docs for updating room group associationLuke Barnard2017-11-011-1/+1
|
* Flake8Luke Barnard2017-10-311-3/+4
|
* Modify group room association API to allow modification of is_publicLuke Barnard2017-10-312-4/+4
| | | | also includes renamings to make things more consistent.
* Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2017-10-241-3/+3
|\ | | | | | | erikj/group_fed_update_profile
| * replace 'except:' with 'except Exception:'Richard van der Hoff2017-10-231-3/+3
| | | | | | | | what could possibly go wrong
* | Correctly wire in update group profile over federationErik Johnston2017-10-232-11/+31
|/
* Fix typoErik Johnston2017-10-191-1/+1
|
* Fix typo in group attestation handlingErik Johnston2017-10-191-1/+1
|
* DelintLuke Barnard2017-10-161-0/+2
|
* Implement GET /groups/$groupId/invited_usersLuke Barnard2017-10-162-1/+30
|
* Fix typo in invite to groupErik Johnston2017-10-111-1/+1
|
* Add remove room APIErik Johnston2017-09-262-1/+25
|
* Add bulk group publicised lookup APIErik Johnston2017-08-092-0/+32
|
* Add update group profile APIErik Johnston2017-07-201-0/+12
|
* CommentsErik Johnston2017-07-181-1/+1
|
* CommentsErik Johnston2017-07-181-0/+40
|
* Fix typosErik Johnston2017-07-181-2/+2
|
* Correctly parse query paramsErik Johnston2017-07-181-19/+19
|
* Add client apisErik Johnston2017-07-181-9/+187
|
* CommentsErik Johnston2017-07-181-15/+19
|
* Add local group server supportErik Johnston2017-07-172-0/+121
|
* Ensure category and role ids are non-nullErik Johnston2017-07-141-0/+24
|
* CommentsErik Johnston2017-07-131-0/+8
|
* Add summary APIs to federationErik Johnston2017-07-131-11/+223
|
* Add group summary APIsErik Johnston2017-07-121-0/+17
|
* Add federation API for adding room to groupErik Johnston2017-07-111-0/+18
|
* CommentErik Johnston2017-07-112-0/+26
|
* Initial group server implementationErik Johnston2017-07-102-1/+176
|
* Separate federation servlet into different listsErik Johnston2017-07-051-8/+16
|
* Use preserve_fn and add logsErik Johnston2017-05-051-1/+3
|
* Always mark remotes as up if we receive a signed request from themErik Johnston2017-05-051-0/+7
|
* Try harder when sending leave eventsRichard van der Hoff2017-04-211-1/+19
| | | | | When we're rejecting invites, ignore the backoff data, so that we have a better chance of not getting the room out of sync.
* Fix some lies, and other clarifications, in docstringsRichard van der Hoff2017-04-211-0/+20
| | | | | The documentation on get_json has been wrong ever since the very first commit to synapse...
* Ignore backoff history for invites, aliases, and roomdirsRichard van der Hoff2017-03-231-1/+5
| | | | | Add a param to the federation client which lets us ignore historical backoff data for federation queries, and set it for a handful of operations.
* push federation retry limiter down to matrixfederationclientRichard van der Hoff2017-03-231-0/+1
| | | | | rather than having to instrument everywhere we make a federation call, make the MatrixFederationHttpClient manage the retry limiter.
* Implement device key caching over federationErik Johnston2017-01-262-0/+34
|
* limit total timeout for get_missing_events to 10sMatthew Hodgson2016-12-311-2/+3
|
* Add new API appservice specific public room listErik Johnston2016-12-062-3/+25
|
* Support filtering remote room listsErik Johnston2016-09-161-1/+4
|
* Pass since/from parameters over federationErik Johnston2016-09-152-3/+16
|
* Add a timeout parameter for end2end key queries.Mark Haines2016-09-121-2/+4
| | | | | | | | | | Add a timeout parameter for controlling how long synapse will wait for responses from remote servers. For servers that fail include how they failed to make it easier to debug. Fetch keys from different servers in parallel rather than in series. Set the default timeout to 10s.
* Add federation /version APIErik Johnston2016-08-051-1/+17
|
* Change the way we specify if we require auth or notErik Johnston2016-08-051-40/+55
|
* Merge branch 'develop' of github.com:matrix-org/synapse into erikj/state_ids_apiErik Johnston2016-08-041-3/+1
|\
| * E2E keys: Make federation query share code with client queryRichard van der Hoff2016-08-021-3/+1
| | | | | | | | | | Refactor the e2e query handler to separate out the local query, and then make the federation handler use it.
* | Add /state_ids federation APIErik Johnston2016-08-032-0/+34
|/ | | | | The new API only returns the event_ids for the state, as most requesters will already have the vast majority of the events already.
* Linearize some federation endpoints based on (origin, room_id)Erik Johnston2016-06-171-1/+1
|
* Disable responding with canonical json for federationErik Johnston2016-06-171-1/+1
|
* Fix up federation PublicRoomListErik Johnston2016-06-081-1/+1
|
* Enable auth on federation PublicRoomListErik Johnston2016-06-081-5/+0
|
* pep8David Baker2016-06-011-1/+3
|
* Basic, un-cached support for secondary_directory_serversDavid Baker2016-05-312-1/+13
|
* Fix c+p failDavid Baker2016-05-311-17/+0
|
* Add federation room list servletDavid Baker2016-05-311-1/+64
|
* Add an openidish mechanism for proving to third parties that you own a given ↵Mark Haines2016-05-051-1/+46
| | | | user_id
* Fix typo in event_auth servlet pathErik Johnston2016-04-291-1/+1
|
* Lower timeout for make_membership_eventErik Johnston2016-04-151-1/+2
| | | | | Calls to make_membership_event are done in response to client requests, and so should not be retried over long timeframes.
* Intern all the thingsErik Johnston2016-03-231-14/+14
|
* Use parse_json_object_from_request to parse JSON out of request bodiesMark Haines2016-03-111-2/+2
|
* Add profile information to invitesErik Johnston2016-03-041-0/+1
|
* Allow third_party_signed to be specified on /joinDaniel Wagner-Hall2016-02-231-1/+11
|
* Remove redundated BaseHomeServerErik Johnston2016-01-263-84/+54
|
* copyrightsMatthew Hodgson2016-01-073-3/+3
|
* Host /unstable and /r0 versions of r0 APIsDaniel Wagner-Hall2015-12-011-1/+1
|
* Only retry federation requests for a long time for background requestsErik Johnston2015-11-171-0/+1
|
* Exchange 3pid invites for m.room.member invitesDaniel Wagner-Hall2015-11-052-3/+52
|
* Allow rejecting invitesDaniel Wagner-Hall2015-10-202-2/+42
| | | | | This is done by using the same /leave flow as you would use if you had already accepted the invite and wanted to leave.
* Implement third party identifier invitesDaniel Wagner-Hall2015-10-012-3/+4
|
* Get the end-to-end key federation workingMark Haines2015-07-242-8/+8
|
* Add federation support for end-to-end key requestsMark Haines2015-07-232-0/+90
|
* Log more when we have processed the requestErik Johnston2015-06-151-0/+1
|
* Log where a request came from in federationErik Johnston2015-06-021-0/+2
|
* Merge pull request #156 from matrix-org/erikj/join_perfMark Haines2015-05-221-2/+4
|\ | | | | Make joining #matrix:matrix.org over federation quicker
| * Add doc stringsErik Johnston2015-05-221-0/+2
| |
| * Add a timeout param to get_eventErik Johnston2015-05-191-2/+2
| |
* | Log origin and stats of incoming transactionsErik Johnston2015-05-221-0/+8
|/
* Add missing servlet to listErik Johnston2015-03-191-0/+1
|
* Count incoming HTTP requests per servlet that respondsPaul "LeoNerd" Evans2015-03-121-0/+4
|