summary refs log tree commit diff
path: root/synapse/federation (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Implement MSC3383: include destination in X-Matrix auth header (#11398)Jan Christian Grünhage2022-04-191-8/+31
| | | | Co-authored-by: Jan Christian Grünhage <jan.christian@gruenhage.xyz> Co-authored-by: Marcus Hoffmann <bubu@bubu1.eu>
* Back out implementation of MSC2314 (#12474)Richard van der Hoff2022-04-192-18/+10
| | | | | | | | MSC2314 has now been closed, so we're backing out its implementation, which originally happened in #6176. Unfortunately it's not a direct revert, as that PR mixed in a bunch of unrelated changes to tests etc.
* Remove the unstable event field for `/send_join` per MSC3083. (#12395)Patrick Cloke2022-04-122-12/+0
| | | | | | | This was missed when initially stabilising room version 8 and was left in as a compatibility shim. Most homeservers have upgraded to a version which expects the proper field name, and the failure mode is reasonable (a user on an older server may have to attempt joining the room twice with an obscure error message the first time).
* Unify HTTP query parameter type hints (#12415)David Robertson2022-04-082-3/+5
| | | | | | * Pull out query param types to `synapse.http.types` * Use QueryParams everywhere * Simplify `encode_query_args` * Add annotation which would have caught #12410
* Fix fetching public rooms over federation (#12410)Erik Johnston2022-04-071-1/+1
| | | Broke by #12364
* Refactor and convert `Linearizer` to async (#12357)Sean Quah2022-04-051-5/+5
| | | | | | | | | | | Refactor and convert `Linearizer` to async. This makes a `Linearizer` cancellation bug easier to fix. Also refactor to use an async context manager, which eliminates an unlikely footgun where code that doesn't immediately use the context manager could forget to release the lock. Signed-off-by: Sean Quah <seanq@element.io>
* Fix a spec compliance issue where requests to the `/publicRooms` federation ↵reivilibre2022-04-051-2/+2
| | | | API would specify `limit` as a string. (#12364)
* Enhance logging for inbound federation events (#12301)Richard van der Hoff2022-03-251-1/+1
| | | | It is currently rather hard to see which rooms are causing inbound federation traffic. Add the room id to the logs.
* Return a 404 from `/state` for an outlier (#12087)Richard van der Hoff2022-03-211-4/+3
| | | | | * Replace `get_state_for_pdu` with `get_state_ids_for_pdu` and `get_events_as_list`. * Return a 404 from `/state` and `/state_ids` for an outlier
* Deprecate the groups/communities endpoints and add an experimental ↵Patrick Cloke2022-03-121-4/+11
| | | | configuration flag. (#12200)
* Rename get_tcp_replication to get_replication_command_handler. (#12192)Patrick Cloke2022-03-101-1/+1
| | | | | | Since the object it returns is a ReplicationCommandHandler. This is clean-up from adding support to Redis where the command handler was added as an additional layer of abstraction from the TCP protocol.
* Spread out sending device lists to remote hosts (#12132)Erik Johnston2022-03-043-10/+28
|
* Check if instances are lists, not sequences. (#12128)Patrick Cloke2022-03-021-4/+4
| | | | | As a str is a sequence, the checks were not granular enough and would allow lists or strings, when only lists were valid.
* Remove the unstable `/spaces` endpoint. (#12073)Patrick Cloke2022-02-283-303/+32
| | | | | | | | ...and various code supporting it. The /spaces endpoint was from an old version of MSC2946 and included both a Client-Server and Server-Server API. Note that the unstable /hierarchy endpoint (from the final version of MSC2946) is not yet removed.
* Actually fix bad debug logging rejecting device list & signing key ↵David Robertson2022-02-281-1/+1
| | | | transactions (#12098)
* Properly failover for unknown endpoints from Conduit/Dendrite. (#12077)Patrick Cloke2022-02-281-9/+13
| | | | | Before this fix, a legitimate 404 from a federation endpoint (e.g. due to an unknown room) would be treated as an unknown endpoint. This could cause unnecessary federation traffic.
* Remove `HomeServer.get_datastore()` (#12031)Richard van der Hoff2022-02-236-9/+10
| | | | | | | The presence of this method was confusing, and mostly present for backwards compatibility. Let's get rid of it. Part of #11733
* Implement account status endpoints (MSC3720) (#12001)Brendan Abolivier2022-02-224-2/+120
| | | | | See matrix-org/matrix-doc#3720 Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com>
* Faster joins: Support for calling `/federation/v1/state` (#12013)Richard van der Hoff2022-02-223-16/+157
| | | | This is an endpoint that we have server-side support for, but no client-side support. It's going to be useful for resyncing partial-stated rooms, so let's introduce it.
* remote join processing: get create event from state, not auth_chain (#12039)Richard van der Hoff2022-02-211-2/+4
| | | A follow-up to #12005, in which I apparently missed that there are a bunch of other places that assume the create event is in the auth chain.
* Minor typing fixes (#12034)Richard van der Hoff2022-02-211-9/+9
| | | | | | These started failing in https://github.com/matrix-org/synapse/pull/12031... I'm a bit mystified by how they ever worked.
* Faster joins: parse msc3706 fields in send_join response (#12011)Richard van der Hoff2022-02-172-32/+101
| | | Part of my work on #11249: add code to handle the new fields added in MSC3706.
* Use version string helper from matrix-common (#11979)David Robertson2022-02-141-3/+7
| | | | * Require latest matrix-common * Use the common function
* Implement MSC3706: partial state in `/send_join` response (#11967)Richard van der Hoff2022-02-122-11/+100
| | | | | | | | | | | | * Make `get_auth_chain_ids` return a Set It has a set internally, and a set is often useful where it gets used, so let's avoid converting to an intermediate list. * Minor refactors in `on_send_join_request` A little bit of non-functional groundwork * Implement MSC3706: partial state in /send_join response
* Improve opentracing for federation requests (#11870)Richard van der Hoff2022-02-031-19/+48
| | | | | | | | | The idea here is to set the parent span for incoming federation requests to the *outgoing* span on the other end. That means that you can see (most of) the full end-to-end flow when you have a process that includes federation requests. However, in order not to lose information, we still want a link to the `incoming-federation-request` span from the servlet, so we have to create another span to do exactly that.
* Fix losing incoming EDUs if debug logging enabled (#11890)David Robertson2022-02-021-2/+2
| | | | | | | | | * Fix losing incoming EDUs if debug logging enabled Fixes #11889. Homeservers should only be affected if the `synapse.8631_debug` logger was enabled for DEBUG mode. I am not sure if this merits a bugfix release: I think the logging can be disabled in config if anyone is affected? But it is still pretty bad.
* Add admin API to reset connection timeouts for remote server (#11639)Dirk Klimpel2022-01-255-25/+45
| | | * Fix get federation status of destination if no error occured
* Debug for device lists updates (#11760)David Robertson2022-01-202-0/+27
| | | | | | | | | | | | | | | | | | Debug for #8631. I'm having a hard time tracking down what's going wrong in that issue. In the reported example, I could see server A sending federation traffic to server B and all was well. Yet B reports out-of-sync device updates from A. I couldn't see what was _in_ the events being sent from A to B. So I have added some crude logging to track - when we have updates to send to a remote HS - the edus we actually accumulate to send - when a federation transaction includes a device list update edu - when such an EDU is received This is a bit of a sledgehammer.
* Fix a bug that corrupted the cache of federated space hierarchies (#11775)Sean Quah2022-01-201-9/+9
| | | | `FederationClient.get_room_hierarchy()` caches its return values, so refactor the code to avoid modifying the returned room summary.
* Remove `log_function` and its uses (#11761)Richard van der Hoff2022-01-184-59/+0
| | | | | | | I've never found this terribly useful. I think it was added in the early days of Synapse, without much thought as to what would actually be useful to log, and has just been cargo-culted ever since. Rather, it tends to clutter up debug logs with useless information.
* Use auto_attribs/native type hints for attrs classes. (#11692)Patrick Cloke2022-01-131-6/+6
|
* Strip unauthorized fields from `unsigned` object in events received over ↵Shay2022-01-061-0/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | federation (#11530) * add some tests to verify we are stripping unauthorized fields out of unsigned * add function to strip unauthorized fields from the unsigned object of event * newsfragment * update newsfragment number * add check to on_send_membership_event * refactor tests * fix lint error * slightly refactor tests and add some comments * slight refactor * refactor tests * fix import error * slight refactor * remove unsigned filtration code from synapse/handlers/federation_event.py * lint * move unsigned filtering code to event base * refactor tests * update newsfragment * requested changes * remove unused retun values
* Refactor the way we set `outlier` (#11634)Richard van der Hoff2022-01-052-37/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * `_auth_and_persist_outliers`: mark persisted events as outliers Mark any events that get persisted via `_auth_and_persist_outliers` as, well, outliers. Currently this will be a no-op as everything will already be flagged as an outlier, but I'm going to change that. * `process_remote_join`: stop flagging as outlier The events are now flagged as outliers later on, by `_auth_and_persist_outliers`. * `send_join`: remove `outlier=True` The events created here are returned in the result of `send_join` to `FederationHandler.do_invite_join`. From there they are passed into `FederationEventHandler.process_remote_join`, which passes them to `_auth_and_persist_outliers`... which sets the `outlier` flag. * `get_event_auth`: remove `outlier=True` stop flagging the events returned by `get_event_auth` as outliers. This method is only called by `_get_remote_auth_chain_for_event`, which passes the results into `_auth_and_persist_outliers`, which will flag them as outliers. * `_get_remote_auth_chain_for_event`: remove `outlier=True` we pass all the events into `_auth_and_persist_outliers`, which will now flag the events as outliers. * `_check_sigs_and_hash_and_fetch`: remove unused `outlier` parameter This param is now never set to True, so we can remove it. * `_check_sigs_and_hash_and_fetch_one`: remove unused `outlier` param This is no longer set anywhere, so we can remove it. * `get_pdu`: remove unused `outlier` parameter ... and chase it down into `get_pdu_from_destination_raw`. * `event_from_pdu_json`: remove redundant `outlier` param This is never set to `True`, so can be removed. * changelog * update docstring
* Re-apply: Move glob_to_regex and re_word_boundary to matrix-python-common ↵reivilibre2022-01-051-1/+2
| | | | | #11505 (#11687) Co-authored-by: Sean Quah <seanq@element.io>
* `FederationClient.backfill`: stop flagging events as outliers (#11632)Richard van der Hoff2022-01-041-1/+1
| | | | | | | | | | | | | | | | | | | | | Events returned by `backfill` should not be flagged as outliers. Fixes: ``` AssertionError: null File "synapse/handlers/federation.py", line 313, in try_backfill dom, room_id, limit=100, extremities=extremities File "synapse/handlers/federation_event.py", line 517, in backfill await self._process_pulled_events(dest, events, backfilled=True) File "synapse/handlers/federation_event.py", line 642, in _process_pulled_events await self._process_pulled_event(origin, ev, backfilled=backfilled) File "synapse/handlers/federation_event.py", line 669, in _process_pulled_event assert not event.internal_metadata.is_outlier() ``` See https://sentry.matrix.org/sentry/synapse-matrixorg/issues/231992 Fixes #8894.
* Convert all namedtuples to attrs. (#11665)Patrick Cloke2021-12-302-29/+23
| | | To improve type hints throughout the code.
* Improve opentracing for incoming HTTP requests (#11618)Richard van der Hoff2021-12-201-26/+13
| | | | | | | | | | | | | | | | | | | | | | * remove `start_active_span_from_request` Instead, pull out a separate function, `span_context_from_request`, to extract the parent span, which we can then pass into `start_active_span` as normal. This seems to be clearer all round. * Remove redundant tags from `incoming-federation-request` These are all wrapped up inside a parent span generated in AsyncResource, so there's no point duplicating all the tags that are set there. * Leave request spans open until the request completes It may take some time for the response to be encoded into JSON, and that JSON to be streamed back to the client, and really we want that inside the top-level span, so let's hand responsibility for closure to the SynapseRequest. * opentracing logs for HTTP request events * changelog
* Add missing type hints to `synapse.logging.context` (#11556)Sean Quah2021-12-141-5/+4
|
* Revert "Move `glob_to_regex` and `re_word_boundary` to ↵Sean Quah2021-12-071-2/+1
| | | | | | `matrix-python-common` (#11505) (#11527) This reverts commit a77c36989785c0d5565ab9a1169f4f88e512ce8a.
* Move `glob_to_regex` and `re_word_boundary` to `matrix-python-common` (#11505)Sean Quah2021-12-061-1/+2
|
* Add most of the missing type hints to `synapse.federation`. (#11483)Patrick Cloke2021-12-028-49/+77
| | | This skips a few methods which are difficult to type.
* Add MSC3030 experimental client and federation API endpoints to get the ↵Eric Eastwood2021-12-025-1/+208
| | | | | | | | | | | | | | | | | | | | | | | | | closest event to a given timestamp (#9445) MSC3030: https://github.com/matrix-org/matrix-doc/pull/3030 Client API endpoint. This will also go and fetch from the federation API endpoint if unable to find an event locally or we found an extremity with possibly a closer event we don't know about. ``` GET /_matrix/client/unstable/org.matrix.msc3030/rooms/<roomID>/timestamp_to_event?ts=<timestamp>&dir=<direction> { "event_id": ... "origin_server_ts": ... } ``` Federation API endpoint: ``` GET /_matrix/federation/unstable/org.matrix.msc3030/timestamp_to_event/<roomID>?ts=<timestamp>&dir=<direction> { "event_id": ... "origin_server_ts": ... } ``` Co-authored-by: Erik Johnston <erik@matrix.org>
* Support the stable /hierarchy endpoint from MSC2946 (#11329)Patrick Cloke2021-11-293-10/+49
| | | | | | This also makes additional updates where the implementation had drifted from the approved MSC. Unstable endpoints will be removed at a later data.
* Return the stable `event` field from `/send_join` per MSC3083. (#11413)Patrick Cloke2021-11-292-2/+16
| | | | | This does not remove the unstable field and still parses both. Handling of the unstable field will need to be removed in the future.
* Split out federated PDU retrieval into a non-cached version (#11242)Eric Eastwood2021-11-091-22/+58
| | | | Context: https://github.com/matrix-org/synapse/pull/11114/files#r741643968
* Handle federation inbound instances being killed more gracefully (#11262)Erik Johnston2021-11-081-0/+5
| | | | | | | | | | | | | | | | | * Make lock better handle process being killed If the process gets killed and restarted (so that it didn't have a chance to drop its locks gracefully) then there may still be locks in the DB that are for the same instance that haven't yet timed out but are safe to delete. We handle this case by a) checking if the current instance already has taken out the lock, and b) if not then ignoring locks that are for the same instance. * Periodically check for old staged events This is to protect against other instances dying and their locks timing out.
* Enable passing typing stream writers as a list. (#11237)Nick Barrett2021-11-031-4/+0
| | | | This makes the typing stream writer config match the other stream writers that only currently support a single worker.
* Add `use_float=true` to ijson calls in Synapse (#11217)Shay2021-11-011-0/+3
| | | | | | | | | | | | | * add use_float=true to ijson calls * lints * add changelog * Update changelog.d/11217.bugfix Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com> Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com>
* Annotate `log_function` decorator (#10943)reivilibre2021-10-274-11/+39
| | | Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
* Add type hints for most `HomeServer` parameters (#11095)Sean Quah2021-10-222-5/+11
|
* Strip "join_authorised_via_users_server" from join events which do not need ↵Patrick Cloke2021-09-303-9/+9
| | | | | | | it. (#10933) This fixes a "Event not signed by authorising server" error when transition room member from join -> join, e.g. when updating a display name or avatar URL for restricted rooms.
* add event id to logcontext when handling incoming PDUs (#10936)Richard van der Hoff2021-09-291-1/+4
|
* Use direct references for configuration variables (part 6). (#10916)Patrick Cloke2021-09-291-1/+1
|
* Factor out common code for persisting fetched auth events (#10896)Richard van der Hoff2021-09-241-2/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Factor more stuff out of `_get_events_and_persist` It turns out that the event-sorting algorithm in `_get_events_and_persist` is also useful in other circumstances. Here we move the current `_auth_and_persist_fetched_events` to `_auth_and_persist_fetched_events_inner`, and then factor the sorting part out to `_auth_and_persist_fetched_events`. * `_get_remote_auth_chain_for_event`: remove redundant `outlier` assignment `get_event_auth` returns events with the outlier flag already set, so this is redundant (though we need to update a test where `get_event_auth` is mocked). * `_get_remote_auth_chain_for_event`: move existing-event tests earlier Move a couple of tests outside the loop. This is a bit inefficient for now, but a future commit will make it better. It should be functionally identical. * `_get_remote_auth_chain_for_event`: use `_auth_and_persist_fetched_events` We can use the same codepath for persisting the events fetched as part of an auth chain as for those fetched individually by `_get_events_and_persist` for building the state at a backwards extremity. * `_get_remote_auth_chain_for_event`: use a dict for efficiency `_auth_and_persist_fetched_events` sorts the events itself, so we no longer need to care about maintaining the ordering from `get_event_auth` (and no longer need to sort by depth in `get_event_auth`). That means that we can use a map, making it easier to filter out events we already have, etc. * changelog * `_auth_and_persist_fetched_events`: improve docstring
* Use direct references for configuration variables (part 4). (#10893)Patrick Cloke2021-09-231-1/+3
|
* Remove unnecessary parentheses around tuples returned from methods (#10889)Andrew Morgan2021-09-231-2/+2
|
* Use direct references for some configuration variables (part 2) (#10812)Patrick Cloke2021-09-152-2/+2
|
* Use direct references for some configuration variables (#10798)Patrick Cloke2021-09-131-1/+2
| | | | Instead of proxying through the magic getter of the RootConfig object. This should be more performant (and is more explicit).
* Add types to synapse.util. (#10601)reivilibre2021-09-101-2/+6
|
* Split `FederationHandler` in half (#10692)Richard van der Hoff2021-08-261-2/+5
| | | The idea here is to take anything to do with incoming events and move it out to a separate handler, as a way of making FederationHandler smaller.
* Cache the result of fetching the room hierarchy over federation. (#10647)Patrick Cloke2021-08-261-40/+66
|
* Do not include stack traces for known exceptions when trying multiple ↵Patrick Cloke2021-08-231-1/+6
| | | | federation destinations. (#10662)
* Split `on_receive_pdu` in half (#10640)Richard van der Hoff2021-08-191-3/+1
| | | Here we split on_receive_pdu into two functions (on_receive_pdu and process_pulled_event), rather than having both cases in the same method. There's a tiny bit of overlap, but not that much.
* Attempt to pull from the legacy spaces summary API over federation. (#10583)Patrick Cloke2021-08-171-9/+55
| | | | | | | If the new /hierarchy API does not exist on all destinations, fallback to querying the /spaces API and translating the results. This is a backwards compatibility hack since not all of the federated homeservers will update at the same time.
* Validate the max_rooms_per_space parameter to ensure it is non-negative. ↵Patrick Cloke2021-08-161-4/+18
| | | | (#10611)
* Experimental support for MSC3266 Room Summary API. (#10394)Michael Telatynski2021-08-161-2/+2
|
* Split `synapse.federation.transport.server` into multiple files. (#10590)Patrick Cloke2021-08-166-2158/+2218
|
* Clean up some logging in the federation event handler (#10591)Richard van der Hoff2021-08-161-0/+1
| | | | | | | | | | | | | | | | | | | * Include outlier status in `str(event)` In places where we log event objects, knowing whether or not you're dealing with an outlier is super useful. * Remove duplicated logging in get_missing_events When we process events received from get_missing_events, we log them twice (once in `_get_missing_events_for_pdu`, and once in `on_receive_pdu`). Reduce the duplication by removing the logging in `on_receive_pdu`, and ensuring the call sites do sensible logging. * log in `on_receive_pdu` when we already have the event * Log which prev_events we are missing * changelog
* Support federation in the new spaces summary API (MSC2946). (#10569)Patrick Cloke2021-08-163-0/+132
|
* Fix a harmless exception when the staged events queue is empty. (#10592)Patrick Cloke2021-08-131-5/+10
|
* Convert Transaction and Edu object to attrs (#10542)Patrick Cloke2021-08-066-92/+74
| | | | | Instead of wrapping the JSON into an object, this creates concrete instances for Transaction and Edu. This allows for improved type hints and simplified code.
* Fix exceptions in logs when failing to get remote room list (#10541)Erik Johnston2021-08-061-1/+2
|
* Refactoring before implementing the updated spaces summary. (#10527)Patrick Cloke2021-08-051-9/+14
| | | | | This should have no user-visible changes, but refactors some pieces of the SpaceSummaryHandler before adding support for the updated MSC2946.
* Prune inbound federation queues if they get too long (#10390)Erik Johnston2021-08-021-0/+17
|
* Improve failover logic for MSC3083 restricted rooms. (#10447)Patrick Cloke2021-07-291-4/+39
| | | | | If the federation client receives an M_UNABLE_TO_AUTHORISE_JOIN or M_UNABLE_TO_GRANT_JOIN response it will attempt another server before giving up completely.
* Update the MSC3083 support to verify if joins are from an authorized server. ↵Patrick Cloke2021-07-264-19/+141
| | | | (#10254)
* Add type hints to synapse.federation.transport.client. (#10408)Patrick Cloke2021-07-261-201/+298
|
* Add type hints to additional servlet functions (#10437)Patrick Cloke2021-07-211-11/+2
| | | | | | | | | Improves type hints for: * parse_{boolean,integer} * parse_{boolean,integer}_from_args * parse_json_{value,object}_from_request And fixes any incorrect calls that resulted from unknown types.
* Do not include signatures/hashes in make_{join,leave,knock} responses. (#10404)Patrick Cloke2021-07-161-6/+3
| | | | These signatures would end up invalid since the joining/leaving/knocking server would modify the response before calling send_{join,leave,knock}.
* Stagger send presence to remotes (#10398)Erik Johnston2021-07-152-5/+107
| | | | | | This is to help with performance, where trying to connect to thousands of hosts at once can consume a lot of CPU (due to TLS etc). Co-authored-by: Brendan Abolivier <babolivier@matrix.org>
* Use inline type hints in various other places (in `synapse/`) (#10380)Jonathan de Jong2021-07-157-72/+62
|
* Add type hints to get_domain_from_id and get_localpart_from_id. (#10385)Patrick Cloke2021-07-131-24/+72
|
* Ensure we always drop the federation inbound lock (#10336)Erik Johnston2021-07-091-0/+1
|
* Handle old staged inbound events (#10303)Erik Johnston2021-07-061-10/+57
| | | | | | | We might have events in the staging area if the service was restarted while there were unhandled events in the staging area. Fixes #10295
* Move methods involving event authentication to EventAuthHandler. (#10268)Patrick Cloke2021-07-011-3/+3
| | | Instead of mixing them with user authentication methods.
* Fix the inbound PDU metric (#10279)Erik Johnston2021-06-301-17/+20
| | | This broke in #10272
* Merge branch 'release-v1.37' into developRichard van der Hoff2021-06-291-2/+96
|\
| * Handle inbound events from federation asynchronously (#10272)Erik Johnston2021-06-291-2/+96
| | | | | | | | | | | | | | | | | | | | | | Fixes #9490 This will break a couple of SyTest that are expecting failures to be added to the response of a federation /send, which obviously doesn't happen now that things are asynchronous. Two drawbacks: Currently there is no logic to handle any events left in the staging area after restart, and so they'll only be handled on the next incoming event in that room. That can be fixed separately. We now only process one event per room at a time. This can be fixed up further down the line.
* | Soft-fail spammy events received over federation (#10263)Richard van der Hoff2021-06-291-6/+6
| |
* | Add additional types to the federation transport server. (#10213)Patrick Cloke2021-06-281-114/+474
| |
* | Improve validation for `send_{join,leave,knock}` (#10225)Richard van der Hoff2021-06-242-55/+78
|/ | | The idea here is to stop people sending things that aren't joins/leaves/knocks through these endpoints: previously you could send anything you liked through them. I wasn't able to find any security holes from doing so, but it doesn't sound like a good thing.
* Expose opentracing trace id in response headers (#10199)Richard van der Hoff2021-06-181-0/+3
| | | Fixes: #9480
* Remove the experimental flag for knocking and use stable prefixes / ↵Patrick Cloke2021-06-153-51/+7
| | | | | | | endpoints. (#10167) * Room version 7 for knocking. * Stable prefixes and endpoints (both client and federation) for knocking. * Removes the experimental configuration flag.
* Implement knock feature (#6739)Sorunome2021-06-094-8/+277
| | | | | | This PR aims to implement the knock feature as proposed in https://github.com/matrix-org/matrix-doc/pull/2403 Signed-off-by: Sorunome mail@sorunome.de Signed-off-by: Andrew Morgan andrewm@element.io
* Add type hints to the federation server transport. (#10080)Patrick Cloke2021-06-082-72/+166
|
* When joining a remote room limit the number of events we concurrently check ↵Erik Johnston2021-06-082-217/+173
| | | | | signatures/hashes for (#10117) If we do hundreds of thousands at once the memory overhead can easily reach 500+ MB.
* Rewrite the KeyRing (#10035)Erik Johnston2021-06-021-1/+3
|
* Merge branch 'master' into developAndrew Morgan2021-06-011-0/+7
|\
| * Allow response of `/send_join` to be larger. (#10093)Erik Johnston2021-05-281-0/+7
| | | | | | Fixes #10087.
* | Set opentracing priority before setting other tags (#10092)Richard van der Hoff2021-05-281-1/+2
| | | | | | ... because tags on spans which aren't being sampled get thrown away.
* | Merge tag 'v1.35.0rc2' into developErik Johnston2021-05-271-1/+1
|\| | | | | | | | | | | | | | | | | | | Synapse 1.35.0rc2 (2021-05-27) ============================== Bugfixes -------- - Fix a bug introduced in v1.35.0rc1 when calling the spaces summary API via a GET request. ([\#10079](https://github.com/matrix-org/synapse/issues/10079))
| * Pass the origin when calculating the spaces summary over GET. (#10079)Patrick Cloke2021-05-271-1/+1
| | | | | | | | Fixes a bug due to conflicting PRs which were merged. (One added a new caller to a method, the other added a new parameter to the same method.)
* | Remove the experimental spaces enabled flag. (#10063)Patrick Cloke2021-05-261-7/+6
|/ | | | In lieu of just always enabling the unstable spaces endpoint and unstable room version.
* Don't hammer the database for destination retry timings every ~5mins (#10036)Erik Johnston2021-05-211-1/+1
|
* Add `Keyring.verify_events_for_server` and reduce memory usage (#10018)Erik Johnston2021-05-201-12/+5
| | | | | | Also add support for giving a callback to generate the JSON object to verify. This should reduce memory usage, as we no longer have the event in memory in dict form (which has a large memory footprint) for extend periods of time.
* Use ijson to parse the response to `/send_join`, reducing memory usage. (#9958)Erik Johnston2021-05-202-22/+91
| | | Instead of parsing the full response to `/send_join` into Python objects (which can be huge for large rooms) and *then* parsing that into events, we instead use ijson to stream parse the response directly into `EventBase` objects.
* Allow a user who could join a restricted room to see it in spaces summary. ↵Patrick Cloke2021-05-201-1/+1
| | | | | | (#9922) This finishes up the experimental implementation of MSC3083 by showing the restricted rooms in the spaces summary (from MSC2946).
* Support fetching the spaces summary via GET over federation. (#9947)Patrick Cloke2021-05-112-0/+27
| | | | | | | | | | | Per changes in MSC2946, the C-S and S-S APIs for spaces summary should use GET requests. Until this is stable, the POST endpoints still exist. This does not switch federation requests to use the GET version yet since it is newly added and already deployed servers might not support it. When switching to the stable endpoint we should switch to GET requests.
* Add debug logging for issue #9533 (#9959)Richard van der Hoff2021-05-111-0/+9
| | | | | Hopefully this will help us track down where to-device messages are getting lost/delayed.
* Fix `m.room_key_request` to-device messages (#9961)Richard van der Hoff2021-05-111-19/+0
| | | fixes #9960
* Revert "Experimental Federation Speedup (#9702)"Andrew Morgan2021-04-282-102/+58
| | | | This reverts commit 05e8c70c059f8ebb066e029bc3aa3e0cefef1019.
* Pass errors back to the client when trying multiple federation destinations. ↵Patrick Cloke2021-04-271-58/+60
| | | | | | | | (#9868) This ensures that something like an auth error (403) will be returned to the requester instead of attempting to try more servers, which will likely result in the same error, and then passing back a generic 400 error.
* Remove `synapse.types.Collection` (#9856)Richard van der Hoff2021-04-221-2/+12
| | | This is no longer required, since we have dropped support for Python 3.5.
* Fix bug where we sent remote presence states to remote servers (#9850)Erik Johnston2021-04-201-0/+4
|
* Fix (final) Bugbear violations (#9838)Jonathan de Jong2021-04-201-2/+2
|
* Don't send normal presence updates over federation replication stream (#9828)Erik Johnston2021-04-192-163/+3
|
* remove `HomeServer.get_config` (#9815)Richard van der Hoff2021-04-142-2/+2
| | | | Every single time I want to access the config object, I have to remember whether or not we use `get_config`. Let's just get rid of it.
* Experimental Federation Speedup (#9702)Jonathan de Jong2021-04-142-62/+93
| | | | | This basically speeds up federation by "squeezing" each individual dual database call (to destinations and destination_rooms), which previously happened per every event, into one call for an entire batch (100 max). Signed-off-by: Jonathan de Jong <jonathan@automatia.nl>
* Remove redundant "coding: utf-8" lines (#9786)Jonathan de Jong2021-04-1413-13/+0
| | | | | | | Part of #9744 Removes all redundant `# -*- coding: utf-8 -*-` lines from files, as python 3 automatically reads source code as utf-8 now. `Signed-off-by: Jonathan de Jong <jonathan@automatia.nl>`
* Fix duplicate logging of exceptions in transaction processing (#9780)Richard van der Hoff2021-04-091-7/+3
| | | There's no point logging this twice.
* Bugbear: Add Mutable Parameter fixes (#9682)Jonathan de Jong2021-04-081-2/+3
| | | | | | | Part of #9366 Adds in fixes for B006 and B008, both relating to mutable parameter lint errors. Signed-off-by: Jonathan de Jong <jonathan@automatia.nl>
* Fix sharded federation sender sometimes using 100% CPU.Erik Johnston2021-04-081-2/+4
| | | | | | | We pull all destinations requiring catchup from the DB in batches. However, if all those destinations get filtered out (due to the federation sender being sharded), then the `last_processed` destination doesn't get updated, and we keep requesting the same set repeatedly.
* Add a Synapse Module for configuring presence update routing (#9491)Andrew Morgan2021-04-061-1/+18
| | | | | | | | | | | | At the moment, if you'd like to share presence between local or remote users, those users must be sharing a room together. This isn't always the most convenient or useful situation though. This PR adds a module to Synapse that will allow deployments to set up extra logic on where presence updates should be routed. The module must implement two methods, `get_users_for_states` and `get_interested_users`. These methods are given presence updates or user IDs and must return information that Synapse will use to grant passing presence updates around. A method is additionally added to `ModuleApi` which allows triggering a set of users to receive the current, online presence information for all users they are considered interested in. This is the equivalent of that user receiving presence information during an initial sync. The goal of this module is to be fairly generic and useful for a variety of applications, with hard requirements being: * Sending state for a specific set or all known users to a defined set of local and remote users. * The ability to trigger an initial sync for specific users, so they receive all current state.
* Add type hints to expiring cache. (#9730)Patrick Cloke2021-04-061-1/+1
|
* Add type hints to the federation handler and server. (#9743)Patrick Cloke2021-04-062-15/+15
|
* Improve tracing for to device messages (#9686)Erik Johnston2021-04-011-0/+8
|
* Make RateLimiter class check for ratelimit overrides (#9711)Erik Johnston2021-03-301-1/+4
| | | | | | | This should fix a class of bug where we forget to check if e.g. the appservice shouldn't be ratelimited. We also check the `ratelimit_override` table to check if the user has ratelimiting disabled. That table is really only meant to override the event sender ratelimiting, so we don't use any values from it (as they might not make sense for different rate limits), but we do infer that if ratelimiting is disabled for the user we should disabled all ratelimits. Fixes #9663
* Add type hints for the federation sender. (#9681)Patrick Cloke2021-03-292-44/+160
| | | | Includes an abstract base class which both the FederationSender and the FederationRemoteSendQueue must implement.
* Fixed undefined variable error in catchup (#9664)Erik Johnston2021-03-241-0/+2
| | | | | Broke in #9640 Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
* Spaces summary: call out to other servers (#9653)Richard van der Hoff2021-03-242-11/+204
| | | | | When we hit an unknown room in the space tree, see if there are other servers that we might be able to poll to get the data. Fixes: #9447
* Federation API for Space summary (#9652)Richard van der Hoff2021-03-231-9/+58
| | | | | Builds on the work done in #9643 to add a federation API for space summaries. There's a bit of refactoring of the existing client-server code first, to avoid too much duplication.
* Import HomeServer from the proper module. (#9665)Patrick Cloke2021-03-231-1/+1
|
* Make federation catchup send last event from any server. (#9640)Erik Johnston2021-03-182-38/+91
| | | | | | | | | | | | | | Currently federation catchup will send the last *local* event that we failed to send to the remote. This can cause issues for large rooms where lots of servers have sent events while the remote server was down, as when it comes back up again it'll be flooded with events from various points in the DAG. Instead, let's make it so that all the servers send the most recent events, even if its not theirs. The remote should deduplicate the events, so there shouldn't be much overhead in doing this. Alternatively, the servers could only send local events if they were also extremities and hope that the other server will send the event over, but that is a bit risky.
* Don't go into federation catch up mode so easily (#9561)Erik Johnston2021-03-152-153/+182
| | | | | | | | | | Federation catch up mode is very inefficient if the number of events that the remote server has missed is small, since handling gaps can be very expensive, c.f. #9492. Instead of going into catch up mode whenever we see an error, we instead do so only if we've backed off from trying the remote for more than an hour (the assumption being that in such a case it is more than a transient failure).
* Fix additional type hints from Twisted 21.2.0. (#9591)Patrick Cloke2021-03-121-3/+5
|
* Reject concurrent transactions (#9597)Richard van der Hoff2021-03-121-35/+42
| | | | | | If more transactions arrive from an origin while we're still processing the first one, reject them. Hopefully a quick fix to https://github.com/matrix-org/synapse/issues/9489
* Improve logging when processing incoming transactions (#9596)Richard van der Hoff2021-03-121-27/+34
| | | Put the room id in the logcontext, to make it easier to understand what's going on.
* Use the chain cover index in get_auth_chain_ids. (#9576)Patrick Cloke2021-03-101-2/+4
| | | | This uses a simplified version of get_chain_cover_difference to calculate auth chain of events.
* Fix additional type hints. (#9543)Patrick Cloke2021-03-091-1/+1
| | | Type hint fixes due to Twisted 21.2.0 adding type hints.
* Add ResponseCache tests. (#9458)Jonathan de Jong2021-03-081-5/+8
|
* Replace `last_*_pdu_age` metrics with timestamps (#9540)Richard van der Hoff2021-03-042-12/+9
| | | | | | | | Following the advice at https://prometheus.io/docs/practices/instrumentation/#timestamps-not-time-since, it's preferable to export unix timestamps, not ages. There doesn't seem to be any particular naming convention for timestamp metrics.
* Ratelimit cross-user key sharing requests. (#8957)Patrick Cloke2021-02-191-2/+18
|
* Be smarter about which hosts to send presence to when processing room joins ↵Andrew Morgan2021-02-191-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | (#9402) This PR attempts to eliminate unnecessary presence sending work when your local server joins a room, or when a remote server joins a room your server is participating in by processing state deltas in chunks rather than individually. --- When your server joins a room for the first time, it requests the historical state as well. This chunk of new state is passed to the presence handler which, after filtering that state down to only membership joins, will send presence updates to homeservers for each join processed. It turns out that we were being a bit naive and processing each event individually, and sending out presence updates for every one of those joins. Even if many different joins were users on the same server (hello IRC bridges), we'd send presence to that same homeserver for every remote user join we saw. This PR attempts to deduplicate all of that by processing the entire batch of state deltas at once, instead of only doing each join individually. We process the joins and note down which servers need which presence: * If it was a local user join, send that user's latest presence to all servers in the room * If it was a remote user join, send the presence for all local users in the room to that homeserver We deduplicate by inserting all of those pending updates into a dictionary of the form: ``` { server_name1: {presence_update1, ...}, server_name2: {presence_update1, presence_update2, ...} } ``` Only after building this dict do we then start sending out presence updates.
* Add configs to make profile data more private (#9203)AndrewFerr2021-02-191-4/+3
| | | | | | | Add off-by-default configuration settings to: - disable putting an invitee's profile info in invite events - disable profile lookup via federation Signed-off-by: Andrew Ferrazzutti <fair@miscworks.net>
* Add type hints to groups code. (#9393)Patrick Cloke2021-02-171-2/+39
|
* Update black, and run auto formatting over the codebase (#9381)Eric Eastwood2021-02-1610-127/+99
| | | | | | | - Update black version to the latest - Run black auto formatting over the codebase - Run autoformatting according to [`docs/code_style.md `](https://github.com/matrix-org/synapse/blob/80d6dc9783aa80886a133756028984dbf8920168/docs/code_style.md) - Update `code_style.md` docs around installing black to use the correct version
* Ratelimit invites by room and target user (#9258)Erik Johnston2021-01-291-1/+1
|
* Precompute joined hosts and store in Redis (#9198)Erik Johnston2021-01-261-15/+35
|
* Merge tag 'v1.26.0rc1' into developPatrick Cloke2021-01-202-2/+2
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.26.0rc1 (2021-01-20) ============================== This release brings a new schema version for Synapse and rolling back to a previous verious is not trivial. Please review [UPGRADE.rst](UPGRADE.rst) for more details on these changes and for general upgrade guidance. Features -------- - Add support for multiple SSO Identity Providers. ([\#9015](https://github.com/matrix-org/synapse/issues/9015), [\#9017](https://github.com/matrix-org/synapse/issues/9017), [\#9036](https://github.com/matrix-org/synapse/issues/9036), [\#9067](https://github.com/matrix-org/synapse/issues/9067), [\#9081](https://github.com/matrix-org/synapse/issues/9081), [\#9082](https://github.com/matrix-org/synapse/issues/9082), [\#9105](https://github.com/matrix-org/synapse/issues/9105), [\#9107](https://github.com/matrix-org/synapse/issues/9107), [\#9109](https://github.com/matrix-org/synapse/issues/9109), [\#9110](https://github.com/matrix-org/synapse/issues/9110), [\#9127](https://github.com/matrix-org/synapse/issues/9127), [\#9153](https://github.com/matrix-org/synapse/issues/9153), [\#9154](https://github.com/matrix-org/synapse/issues/9154), [\#9177](https://github.com/matrix-org/synapse/issues/9177)) - During user-interactive authentication via single-sign-on, give a better error if the user uses the wrong account on the SSO IdP. ([\#9091](https://github.com/matrix-org/synapse/issues/9091)) - Give the `public_baseurl` a default value, if it is not explicitly set in the configuration file. ([\#9159](https://github.com/matrix-org/synapse/issues/9159)) - Improve performance when calculating ignored users in large rooms. ([\#9024](https://github.com/matrix-org/synapse/issues/9024)) - Implement [MSC2176](https://github.com/matrix-org/matrix-doc/pull/2176) in an experimental room version. ([\#8984](https://github.com/matrix-org/synapse/issues/8984)) - Add an admin API for protecting local media from quarantine. ([\#9086](https://github.com/matrix-org/synapse/issues/9086)) - Remove a user's avatar URL and display name when deactivated with the Admin API. ([\#8932](https://github.com/matrix-org/synapse/issues/8932)) - Update `/_synapse/admin/v1/users/<user_id>/joined_rooms` to work for both local and remote users. ([\#8948](https://github.com/matrix-org/synapse/issues/8948)) - Add experimental support for handling to-device messages on worker processes. ([\#9042](https://github.com/matrix-org/synapse/issues/9042), [\#9043](https://github.com/matrix-org/synapse/issues/9043), [\#9044](https://github.com/matrix-org/synapse/issues/9044), [\#9130](https://github.com/matrix-org/synapse/issues/9130)) - Add experimental support for handling `/keys/claim` and `/room_keys` APIs on worker processes. ([\#9068](https://github.com/matrix-org/synapse/issues/9068)) - Add experimental support for handling `/devices` API on worker processes. ([\#9092](https://github.com/matrix-org/synapse/issues/9092)) - Add experimental support for moving off receipts and account data persistence off master. ([\#9104](https://github.com/matrix-org/synapse/issues/9104), [\#9166](https://github.com/matrix-org/synapse/issues/9166)) Bugfixes -------- - Fix a long-standing issue where an internal server error would occur when requesting a profile over federation that did not include a display name / avatar URL. ([\#9023](https://github.com/matrix-org/synapse/issues/9023)) - Fix a long-standing bug where some caches could grow larger than configured. ([\#9028](https://github.com/matrix-org/synapse/issues/9028)) - Fix error handling during insertion of client IPs into the database. ([\#9051](https://github.com/matrix-org/synapse/issues/9051)) - Fix bug where we didn't correctly record CPU time spent in `on_new_event` block. ([\#9053](https://github.com/matrix-org/synapse/issues/9053)) - Fix a minor bug which could cause confusing error messages from invalid configurations. ([\#9054](https://github.com/matrix-org/synapse/issues/9054)) - Fix incorrect exit code when there is an error at startup. ([\#9059](https://github.com/matrix-org/synapse/issues/9059)) - Fix `JSONDecodeError` spamming the logs when sending transactions to remote servers. ([\#9070](https://github.com/matrix-org/synapse/issues/9070)) - Fix "Failed to send request" errors when a client provides an invalid room alias. ([\#9071](https://github.com/matrix-org/synapse/issues/9071)) - Fix bugs in federation catchup logic that caused outbound federation to be delayed for large servers after start up. Introduced in v1.8.0 and v1.21.0. ([\#9114](https://github.com/matrix-org/synapse/issues/9114), [\#9116](https://github.com/matrix-org/synapse/issues/9116)) - Fix corruption of `pushers` data when a postgres bouncer is used. ([\#9117](https://github.com/matrix-org/synapse/issues/9117)) - Fix minor bugs in handling the `clientRedirectUrl` parameter for SSO login. ([\#9128](https://github.com/matrix-org/synapse/issues/9128)) - Fix "Unhandled error in Deferred: BodyExceededMaxSize" errors when .well-known files that are too large. ([\#9108](https://github.com/matrix-org/synapse/issues/9108)) - Fix "UnboundLocalError: local variable 'length' referenced before assignment" errors when the response body exceeds the expected size. This bug was introduced in v1.25.0. ([\#9145](https://github.com/matrix-org/synapse/issues/9145)) - Fix a long-standing bug "ValueError: invalid literal for int() with base 10" when `/publicRooms` is requested with an invalid `server` parameter. ([\#9161](https://github.com/matrix-org/synapse/issues/9161)) Improved Documentation ---------------------- - Add some extra docs for getting Synapse running on macOS. ([\#8997](https://github.com/matrix-org/synapse/issues/8997)) - Correct a typo in the `systemd-with-workers` documentation. ([\#9035](https://github.com/matrix-org/synapse/issues/9035)) - Correct a typo in `INSTALL.md`. ([\#9040](https://github.com/matrix-org/synapse/issues/9040)) - Add missing `user_mapping_provider` configuration to the Keycloak OIDC example. Contributed by @chris-ruecker. ([\#9057](https://github.com/matrix-org/synapse/issues/9057)) - Quote `pip install` packages when extras are used to avoid shells interpreting bracket characters. ([\#9151](https://github.com/matrix-org/synapse/issues/9151)) Deprecations and Removals ------------------------- - Remove broken and unmaintained `demo/webserver.py` script. ([\#9039](https://github.com/matrix-org/synapse/issues/9039)) Internal Changes ---------------- - Improve efficiency of large state resolutions. ([\#8868](https://github.com/matrix-org/synapse/issues/8868), [\#9029](https://github.com/matrix-org/synapse/issues/9029), [\#9115](https://github.com/matrix-org/synapse/issues/9115), [\#9118](https://github.com/matrix-org/synapse/issues/9118), [\#9124](https://github.com/matrix-org/synapse/issues/9124)) - Various clean-ups to the structured logging and logging context code. ([\#8939](https://github.com/matrix-org/synapse/issues/8939)) - Ensure rejected events get added to some metadata tables. ([\#9016](https://github.com/matrix-org/synapse/issues/9016)) - Ignore date-rotated homeserver logs saved to disk. ([\#9018](https://github.com/matrix-org/synapse/issues/9018)) - Remove an unused column from `access_tokens` table. ([\#9025](https://github.com/matrix-org/synapse/issues/9025)) - Add a `-noextras` factor to `tox.ini`, to support running the tests with no optional dependencies. ([\#9030](https://github.com/matrix-org/synapse/issues/9030)) - Fix running unit tests when optional dependencies are not installed. ([\#9031](https://github.com/matrix-org/synapse/issues/9031)) - Allow bumping schema version when using split out state database. ([\#9033](https://github.com/matrix-org/synapse/issues/9033)) - Configure the linters to run on a consistent set of files. ([\#9038](https://github.com/matrix-org/synapse/issues/9038)) - Various cleanups to device inbox store. ([\#9041](https://github.com/matrix-org/synapse/issues/9041)) - Drop unused database tables. ([\#9055](https://github.com/matrix-org/synapse/issues/9055)) - Remove unused `SynapseService` class. ([\#9058](https://github.com/matrix-org/synapse/issues/9058)) - Remove unnecessary declarations in the tests for the admin API. ([\#9063](https://github.com/matrix-org/synapse/issues/9063)) - Remove `SynapseRequest.get_user_agent`. ([\#9069](https://github.com/matrix-org/synapse/issues/9069)) - Remove redundant `Homeserver.get_ip_from_request` method. ([\#9080](https://github.com/matrix-org/synapse/issues/9080)) - Add type hints to media repository. ([\#9093](https://github.com/matrix-org/synapse/issues/9093)) - Fix the wrong arguments being passed to `BlacklistingAgentWrapper` from `MatrixFederationAgent`. Contributed by Timothy Leung. ([\#9098](https://github.com/matrix-org/synapse/issues/9098)) - Reduce the scope of caught exceptions in `BlacklistingAgentWrapper`. ([\#9106](https://github.com/matrix-org/synapse/issues/9106)) - Improve `UsernamePickerTestCase`. ([\#9112](https://github.com/matrix-org/synapse/issues/9112)) - Remove dependency on `distutils`. ([\#9125](https://github.com/matrix-org/synapse/issues/9125)) - Enforce that replication HTTP clients are called with keyword arguments only. ([\#9144](https://github.com/matrix-org/synapse/issues/9144)) - Fix the Python 3.5 / old dependencies build in CI. ([\#9146](https://github.com/matrix-org/synapse/issues/9146)) - Replace the old `perspectives` option in the Synapse docker config file template with `trusted_key_servers`. ([\#9157](https://github.com/matrix-org/synapse/issues/9157))
| * Support icons for Identity Providers (#9154)Richard van der Hoff2021-01-202-2/+2
| |
* | Various improvements to the federation client. (#9129)Patrick Cloke2021-01-201-58/+67
|/ | | | * Type hints for `FederationClient`. * Using `async` functions instead of returning `Awaitable` instances.
* Support routing edu's to multiple instances (#9042)Erik Johnston2021-01-071-5/+16
| | | This is in preparation for moving `SendToDeviceServlet` off master
* Add type hints to the crypto module. (#8999)Patrick Cloke2021-01-041-1/+1
|
* Allow spam-checker modules to be provide async methods. (#8890)David Teller2020-12-111-1/+6
| | | | Spam checker modules can now provide async methods. This is implemented in a backwards-compatible manner.
* Merge pull request #8858 from matrix-org/rav/sso_uiaRichard van der Hoff2020-12-021-1/+1
|\ | | | | UIA: offer only available auth flows
| * fix up various test casesRichard van der Hoff2020-12-021-1/+1
| | | | | | | | | | A few test cases were relying on being able to mount non-client servlets on the test resource. it's better to give them their own Resources.
* | Apply an IP range blacklist to push and key revocation requests. (#8821)Patrick Cloke2020-12-022-2/+1
|/ | | | | | | | | | | | Replaces the `federation_ip_range_blacklist` configuration setting with an `ip_range_blacklist` setting with wider scope. It now applies to: * Federation * Identity servers * Push notifications * Checking key validitity for third-party invite events The old `federation_ip_range_blacklist` setting is still honored if present, but with reduced scope (it only applies to federation and identity servers).
* Consistently use room_id from federation request body (#8776)Richard van der Hoff2020-11-192-48/+43
| | | | | | | | | | | | | * Consistently use room_id from federation request body Some federation APIs have a redundant `room_id` path param (see https://github.com/matrix-org/matrix-doc/issues/2330). We should make sure we consistently use either the path param or the body param, and the body param is easier. * Kill off some references to "context" Once upon a time, "rooms" were known as "contexts". I think this kills of the last references to "contexts".
* Add ability for access tokens to belong to one user but grant access to ↵Erik Johnston2020-10-291-1/+1
| | | | | | | | | | another user. (#8616) We do it this way round so that only the "owner" can delete the access token (i.e. `/logout/all` by the "owner" also deletes that token, but `/logout/all` by the "target user" doesn't). A future PR will add an API for creating such a token. When the target user and authenticated entity are different the `Processed request` log line will be logged with a: `{@admin:server as @bob:server} ...`. I'm not convinced by that format (especially since it adds spaces in there, making it harder to use `cut -d ' '` to chop off the start of log lines). Suggestions welcome.
* Fix not sending events over federation when using sharded event persisters ↵Erik Johnston2020-10-142-3/+8
| | | | | | | | | | | | | | | | | (#8536) * Fix outbound federaion with multiple event persisters. We incorrectly notified federation senders that the minimum persisted stream position had advanced when we got an `RDATA` from an event persister. Notifying of federation senders already correctly happens in the notifier, so we just delete the offending line. * Change some interfaces to use RoomStreamToken. By enforcing use of `RoomStreamTokens` we make it less likely that people pass in random ints that they got from somewhere random.
* Add type hints to response cache. (#8507)Patrick Cloke2020-10-091-3/+5
|
* Remove the deprecated Handlers object (#8494)Patrick Cloke2020-10-091-1/+6
| | | All handlers now available via get_*_handler() methods on the HomeServer.
* Add type hints to some handlers (#8505)Patrick Cloke2020-10-091-1/+1
|
* Remove stream ordering from Metadata dict (#8452)Richard van der Hoff2020-10-052-0/+4
| | | | | | | | There's no need for it to be in the dict as well as the events table. Instead, we store it in a separate attribute in the EventInternalMetadata object, and populate that on load. This means that we can rely on it being correctly populated for any event which has been persited to the database.
* Merge tag 'v1.21.0rc2' into developRichard van der Hoff2020-10-021-1/+1
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.21.0rc2 (2020-10-02) ============================== Features -------- - Convert additional templates from inline HTML to Jinja2 templates. ([\#8444](https://github.com/matrix-org/synapse/issues/8444)) Bugfixes -------- - Fix a regression in v1.21.0rc1 which broke thumbnails of remote media. ([\#8438](https://github.com/matrix-org/synapse/issues/8438)) - Do not expose the experimental `uk.half-shot.msc2778.login.application_service` flow in the login API, which caused a compatibility problem with Element iOS. ([\#8440](https://github.com/matrix-org/synapse/issues/8440)) - Fix malformed log line in new federation "catch up" logic. ([\#8442](https://github.com/matrix-org/synapse/issues/8442)) - Fix DB query on startup for negative streams which caused long start up times. Introduced in [\#8374](https://github.com/matrix-org/synapse/issues/8374). ([\#8447](https://github.com/matrix-org/synapse/issues/8447))
| * Fix malformed log line in new federation "catch up" logic (#8442)Richard van der Hoff2020-10-021-1/+1
| |
* | Enable mypy checking for unreachable code and fix instances. (#8432)Patrick Cloke2020-10-011-3/+2
|/
* Add prometheus metrics to track federation delays (#8430)Richard van der Hoff2020-10-012-1/+45
| | | | | Add a pair of federation metrics to track the delays in sending PDUs to/from particular servers.
* Mypy fixes for `synapse.handlers.federation` (#8422)Richard van der Hoff2020-09-291-1/+3
| | | For some reason, an apparently unrelated PR upset mypy about this module. Here are a number of little fixes.
* Merge tag 'v1.20.0rc5' into developPatrick Cloke2020-09-181-5/+3
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.20.0rc5 (2020-09-18) ============================== In addition to the below, Synapse 1.20.0rc5 also includes the bug fix that was included in 1.19.3. Features -------- - Add flags to the `/versions` endpoint for whether new rooms default to using E2EE. ([\#8343](https://github.com/matrix-org/synapse/issues/8343)) Bugfixes -------- - Fix rate limiting of federation `/send` requests. ([\#8342](https://github.com/matrix-org/synapse/issues/8342)) - Fix a longstanding bug where back pagination over federation could get stuck if it failed to handle a received event. ([\#8349](https://github.com/matrix-org/synapse/issues/8349)) Internal Changes ---------------- - Blacklist [MSC2753](https://github.com/matrix-org/matrix-doc/pull/2753) SyTests until it is implemented. ([\#8285](https://github.com/matrix-org/synapse/issues/8285))
| * Merge tag 'v1.19.3' into release-v1.20.0Patrick Cloke2020-09-181-5/+3
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1.19.3 Synapse 1.19.3 (2020-09-18) =========================== Bugfixes -------- - Partially mitigate bug where newly joined servers couldn't get past events in a room when there is a malformed event. ([\#8350](https://github.com/matrix-org/synapse/issues/8350))
| | * Use _check_sigs_and_hash_and_fetch to validate backfill requests (#8350)Andrew Morgan2020-09-181-5/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a bit of a hack, as `_check_sigs_and_hash_and_fetch` is intended for attempting to pull an event from the database/(re)pull it from the server that originally sent the event if checking the signature of the event fails. During backfill we *know* that we won't have the event in our database, however it is still useful to be able to query the original sending server as the server we're backfilling from may be acting maliciously. The main benefit and reason for this change however is that `_check_sigs_and_hash_and_fetch` will drop an event during backfill if it cannot be successfully validated, whereas the current code will simply fail the backfill request - resulting in the client's /messages request silently being dropped. This is a quick patch to fix backfilling rooms that contain malformed events. A better implementation in planned in future.
* | | Catch-up after Federation Outage (bonus): Catch-up on Synapse Startup (#8322)reivilibre2020-09-181-0/+51
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net> Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> * Fix _set_destination_retry_timings This came about because the code assumed that retry_interval could not be NULL — which has been challenged by catch-up.
* | | Simplify super() calls to Python 3 syntax. (#8344)Patrick Cloke2020-09-183-9/+5
| | | | | | | | | | | | | | | | | | | | | This converts calls like super(Foo, self) -> super(). Generated with: sed -i "" -Ee 's/super\([^\(]+\)/super()/g' **/*.py
* | | Merge remote-tracking branch 'origin/release-v1.20.0' into developErik Johnston2020-09-182-17/+48
|\| |
| * | Fix ratelimiting for federation `/send` requests. (#8342)Erik Johnston2020-09-182-17/+48
| | | | | | | | | c.f. #8295 for rationale
| * | Merge branch 'erikj/fix_origin_check' into release-v1.20.0Erik Johnston2020-09-161-3/+4
| |\|
* | | Merge branch 'erikj/fix_origin_check' into developErik Johnston2020-09-161-3/+4
|\ \ \ | | |/ | |/|
| * | Don't assume that an event has an origin fieldErik Johnston2020-09-161-3/+4
| | | | | | | | | | | | This fixes #8319.
* | | Catch-up after Federation Outage (split, 4): catch-up loop (#8272)reivilibre2020-09-151-4/+125
| | |
* | | Catch up after Federation Outage (split, 2): Track last successful stream ↵reivilibre2020-09-041-0/+11
| | | | | | | | | | | | | | | ordering after transmission (#8247) Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* | | Catch-up after Federation Outage (split, 1) (#8230)reivilibre2020-09-041-2/+9
| |/ |/| | | Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
* | Stop sub-classing object (#8249)Patrick Cloke2020-09-049-11/+11
| |
* | Remove obsolete order field in `send_new_transaction` (#8245)reivilibre2020-09-033-28/+22
| | | | | | Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* | Convert additional database code to async/await. (#8195)Patrick Cloke2020-08-281-8/+11
| |
* | Convert calls of async database methods to async (#8166)Patrick Cloke2020-08-272-10/+10
| |
* | Add type hints for state. (#8140)Patrick Cloke2020-08-241-2/+2
| |
* | Be stricter about JSON that is accepted by Synapse (#8106)Patrick Cloke2020-08-192-6/+4
| |
* | Convert stream database to async/await. (#8074)Patrick Cloke2020-08-173-3/+3
| |
* | Drop federation transmission queues during a significant remote outage. (#7864)reivilibre2020-08-131-0/+22
|/ | | | | | | | | | | | | * Empty federation transmission queues when we are backing off. Fixes #7828. Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net> * Address feedback Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net> * Reword newsfile
* Fix typing for notifier (#8064)Erik Johnston2020-08-121-2/+5
|
* Merge branch 'master' into developOlivier Wilkinson (reivilibre)2020-07-303-3/+3
|\
| * Update worker docs with recent enhancements (#7969)Erik Johnston2020-07-293-3/+3
| |
* | Convert federation client to async/await. (#7975)Patrick Cloke2020-07-303-73/+50
|/
* Convert state resolution to async/await (#7942)Patrick Cloke2020-07-241-1/+3
|
* Convert presence handler helpers to async/await. (#7939)Patrick Cloke2020-07-231-1/+3
|
* Put a cache on `/state_ids` (#7931)Richard van der Hoff2020-07-231-2/+11
| | | | | | | | | | | | | | | | | | If we send out an event which refers to `prev_events` which other servers in the federation are missing, then (after a round or two of backfill attempts), they will end up asking us for `/state_ids` at a particular point in the DAG. As per https://github.com/matrix-org/synapse/issues/7893, this is quite expensive, and we tend to see lots of very similar requests around the same time. We can therefore handle this much more efficiently by using a cache, which (a) ensures that if we see the same request from multiple servers (or even the same server, multiple times), then they share the result, and (b) any other servers that miss the initial excitement can also benefit from the work. [It's interesting to note that `/state` has a cache for exactly this reason. `/state` is now essentially unused and replaced with `/state_ids`, but evidently when we replaced it we forgot to add a cache to the new endpoint.]
* Abort federation requests if the client disconnects early (#7930)Richard van der Hoff2020-07-231-0/+6
| | | | | | | | | | | | | | | | | | | | | For inbound federation requests, if a given remote server makes too many requests at once, we start stacking them up rather than processing them immediatedly. However, that means that there is a fair chance that the requesting server will disconnect before we start processing the request. In that case, if it was a read-only request (ie, a GET request), there is absolutely no point in building a response (and some requests are quite expensive to handle). Even in the case of a POST request, one of two things will happen: * Most likely, the requesting server will retry the request and we'll get the information anyway. * Even if it doesn't, the requesting server has to assume that we didn't get the memo, and act accordingly. In short, we're better off aborting the request at this point rather than ploughing on with what might be a quite expensive request.
* Convert room list handler to async/await. (#7912)Patrick Cloke2020-07-211-8/+2
|
* Convert synapse.app to async/await. (#7868)Patrick Cloke2020-07-171-21/+19
|
* Allow moving typing off master (#7869)Erik Johnston2020-07-161-51/+74
|
* Add ability to run multiple pusher instances (#7855)Erik Johnston2020-07-162-9/+9
| | | This reuses the same scheme as federation sender sharding
* Remove obsolete comment.Olivier Wilkinson (reivilibre)2020-07-161-2/+0
| | | | | | | | It was correct at the time of our friend Jorik writing it (checking git blame), but the world has moved now and it is no longer a generator. Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
* Ensure that calls to `json.dumps` are compatible with the standard library ↵Patrick Cloke2020-07-151-1/+1
| | | | json. (#7836)
* Do not use canonicaljson to magically handle decoding bytes from JSON. (#7802)Patrick Cloke2020-07-101-3/+3
|
* Add ability to shard the federation sender (#7798)Erik Johnston2020-07-103-3/+81
|
* Fix some spelling mistakes / typos. (#7811)Patrick Cloke2020-07-096-11/+11
|
* Add `HomeServer.signing_key` property (#7805)Richard van der Hoff2020-07-081-1/+1
| | | ... instead of duplicating `config.signing_key[0]` everywhere
* Merge different Resource implementation classes (#7732)Erik Johnston2020-07-031-5/+1
|
* Fix new metric where we used ms instead of seconds (#7771)Erik Johnston2020-07-011-1/+1
| | | | Introduced in #7755, not yet released.
* Add some metrics for inbound and outbound federation processing times (#7755)Erik Johnston2020-06-302-17/+30
|
* Replace all remaining six usage with native Python 3 equivalents (#7704)Dagfinn Ilmari Mannsåker2020-06-163-8/+3
|
* Replace iteritems/itervalues/iterkeys with native versions. (#7692)Patrick Cloke2020-06-154-14/+9
|
* add a commentRichard van der Hoff2020-05-211-0/+3
|
* Strictly enforce canonicaljson requirements in a new room version (#7381)Patrick Cloke2020-05-141-1/+5
|
* Fix typing annotations in synapse/federation (#7382)Richard van der Hoff2020-05-051-15/+31
| | | | We're pretty close to having mypy working for `synapse.federation`, so let's finish the job.
* Fix catchup-on-reconnect for the Federation Stream (#7374)Richard van der Hoff2020-05-054-25/+39
| | | | looks like we managed to break this during the refactorathon.
* async/await is_server_admin (#7363)Andrew Morgan2020-05-011-3/+2
|
* Further improvements to requesting the public rooms list on a homeserver ↵Andrew Morgan2020-05-012-23/+70
| | | | which has it set to private (#7368)
* Merge branch 'release-v1.12.4' into developRichard van der Hoff2020-04-221-9/+40
|\
| * Query missing cross-signing keys on local sig upload (#7289)Andrew Morgan2020-04-221-9/+40
| |
* | Merge branch 'release-v1.12.4' into developRichard van der Hoff2020-04-201-11/+3
|\|
| * Revert "Query missing cross-signing keys on local sig upload"Richard van der Hoff2020-04-201-11/+3
| | | | | | | | | | | | This was incorrectly merged to the release branch before it was ready. This reverts commit 72fe2affb6ac86d433b80b6452da57052365aa26.
* | Merge branch 'release-v1.12.4' into developRichard van der Hoff2020-04-201-3/+11
|\|
| * Query missing cross-signing keys on local sig uploadAndrew Morgan2020-04-171-3/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add changelog Save retrieved keys to the db lint Fix and de-brittle remote result dict processing Use query_user_devices instead, assume only master, self_signing key types Make changelog more useful Remove very specific exception handling Wrap get_verify_key_from_cross_signing_key in a try/except Note that _get_e2e_cross_signing_verify_key can raise a SynapseError lint Add comment explaining why this is useful Only fetch master and self_signing key types Fix log statements, docstrings Remove extraneous items from remote query try/except lint Factor key retrieval out into a separate function Send device updates, modeled after SigningKeyEduUpdater._handle_signing_key_updates Update method docstring
* | Add typing information to federation_server. (#7219)Patrick Cloke2020-04-071-66/+107
| |
* | Move catchup of replication streams to worker. (#7024)Erik Johnston2020-03-251-0/+9
| | | | | | This changes the replication protocol so that the server does not send down `RDATA` for rows that happened before the client connected. Instead, the server will send a `POSITION` and clients then query the database (or master out of band) to get up to date.
* | Clean up some LoggingContext stuff (#7120)Richard van der Hoff2020-03-241-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Pull Sentinel out of LoggingContext ... and drop a few unnecessary references to it * Factor out LoggingContext.current_context move `current_context` and `set_context` out to top-level functions. Mostly this means that I can more easily trace what's actually referring to LoggingContext, but I think it's generally neater. * move copy-to-parent into `stop` this really just makes `start` and `stop` more symetric. It also means that it behaves correctly if you manually `set_log_context` rather than using the context manager. * Replace `LoggingContext.alive` with `finished` Turn `alive` into `finished` and make it a bit better defined.
* | Convert `*StreamRow` classes to inner classes (#7116)Richard van der Hoff2020-03-231-1/+1
| | | | | | | | | | This just helps keep the rows closer to their streams, so that it's easier to see what the format of each stream is.
* | Fix a bug in the federation API which could cause occasional "Failed to get ↵Patrick Cloke2020-03-193-30/+21
|/ | | | PDU" errors (#7089).
* Remove unused federation endpoint (`query_auth`) (#7026)Patrick Cloke2020-03-174-146/+79
|
* Add some type annotations to the federation base & client classes (#6995)Patrick Cloke2020-02-282-28/+42
|
* Merge remote-tracking branch 'origin/release-v1.11.1' into developPatrick Cloke2020-02-271-6/+8
|\
| * Cast a coroutine into a Deferred in the federation base (#6996)Patrick Cloke2020-02-261-6/+8
| | | | | | | | Properly convert a coroutine into a Deferred in federation_base to fix an error when joining a room.
* | Clarify list/set/dict/tuple comprehensions and enforce via flake8 (#6957)Patrick Cloke2020-02-211-2/+2
|/ | | | Ensure good comprehension hygiene using flake8-comprehensions.
* Add support for putting fed user query API on workers (#6873)Erik Johnston2020-02-071-2/+5
|
* Add a `make_event_from_dict` method (#6858)Richard van der Hoff2020-02-071-3/+2
| | | | | | | ... and use it in places where it's trivial to do so. This will make it easier to pass room versions into the FrozenEvent constructors.
* Add typing to synapse.federation.sender (#6871)Erik Johnston2020-02-075-105/+128
|
* Pass room_version into `event_from_pdu_json`Richard van der Hoff2020-02-063-58/+46
| | | | It's called from all over the shop, so this one's a bit messy.
* pass room version into FederationClient.send_join (#6854)Richard van der Hoff2020-02-061-28/+32
| | | | ... which allows us to sanity-check the create event.
* Reduce amount of logging at INFO level. (#6862)Erik Johnston2020-02-062-4/+4
| | | | | | | | A lot of the things we log at INFO are now a bit superfluous, so lets make them DEBUG logs to reduce the amount we log by default. Co-Authored-By: Brendan Abolivier <babolivier@matrix.org> Co-authored-by: Brendan Abolivier <github@brendanabolivier.com>
* Simplify `room_version` handling in `FederationClient.send_invite`Richard van der Hoff2020-02-051-10/+6
|
* Pass room version object into `FederationClient.get_pdu`Richard van der Hoff2020-02-051-3/+5
|
* make FederationClient._do_send_invite asyncRichard van der Hoff2020-02-051-10/+7
|
* Apply suggestions from code reviewRichard van der Hoff2020-02-051-2/+4
| | | Co-Authored-By: Erik Johnston <erik@matrix.org>
* make FederationClient.send_invite asyncRichard van der Hoff2020-02-031-6/+5
|
* make FederationClient.get_missing_events asyncRichard van der Hoff2020-02-031-20/+20
|
* make FederationClient._do_send_leave asyncRichard van der Hoff2020-02-031-4/+3
|
* make FederationClient.send_leave.send_request asyncRichard van der Hoff2020-02-031-5/+2
|
* make FederationClient._do_send_join asyncRichard van der Hoff2020-02-031-4/+3
|