summary refs log tree commit diff
path: root/synapse/handlers (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Convert the device message and pagination handlers to async/await. (#7678)Patrick Cloke2020-06-162-31/+18
|
* Ensure etag is a string for GET room_keys/version response (#7691)Hubert Chathi2020-06-151-0/+1
|
* Fix "There was no active span when trying to log." error (#7698)Erik Johnston2020-06-151-0/+1
|
* Replace iteritems/itervalues/iterkeys with native versions. (#7692)Patrick Cloke2020-06-1513-81/+59
|
* Fix a typo when comparing the URI & method during UI Auth. (#7689)Patrick Cloke2020-06-121-1/+1
|
* Add option to enable encryption by default for new rooms (#7639)Andrew Morgan2020-06-102-29/+57
| | | | | | | | | Fixes https://github.com/matrix-org/synapse/issues/2431 Adds config option `encryption_enabled_by_default_for_room_type`, which determines whether encryption should be enabled with the default encryption algorithm in private or public rooms upon creation. Whether the room is private or public is decided based upon the room creation preset that is used. Part of this PR is also pulling out all of the individual instances of `m.megolm.v1.aes-sha2` into a constant variable to eliminate typos ala https://github.com/matrix-org/synapse/pull/7637 Based on #7637
* Convert the registration handler to async/await. (#7649)Patrick Cloke2020-06-081-66/+41
|
* Convert user directory handler and related classes to async/await. (#7640)Patrick Cloke2020-06-054-107/+73
|
* Add an option to disable autojoin for guest accounts (#6637)Travis Ralston2020-06-051-1/+7
| | | | Fixes https://github.com/matrix-org/synapse/issues/3177
* Typo fixes.Patrick Cloke2020-06-051-1/+1
|
* Allow new users to be registered via the admin API even if the monthly ↵Dirk Klimpel2020-06-051-1/+6
| | | | active user limit has been reached (#7263)
* Performance improvements and refactor of Ratelimiter (#7595)Andrew Morgan2020-06-054-56/+38
| | | | | | | | | | While working on https://github.com/matrix-org/synapse/issues/5665 I found myself digging into the `Ratelimiter` class and seeing that it was both: * Rather undocumented, and * causing a *lot* of config checks This PR attempts to refactor and comment the `Ratelimiter` class, as well as encourage config file accesses to only be done at instantiation. Best to be reviewed commit-by-commit.
* Cleanups to the OpenID Connect integration (#7628)Richard van der Hoff2020-06-031-7/+20
| | | | docs, default configs, comments. Nothing very significant.
* Check if the localpart is reserved for guests earlier in the registration ↵Brendan Abolivier2020-06-031-9/+9
| | | | | flow (#7625) This is so the user is warned about the username not being valid as soon as possible, rather than only once they've finished UIA.
* Fix exceptions when fetching events from a down host. (#7622)Erik Johnston2020-06-031-1/+1
| | | We already caught some exceptions, but not all.
* Clean up exception handling in SAML2ResponseResource (#7614)Richard van der Hoff2020-06-031-30/+11
| | | | | | | | | | | | | * Expose `return_html_error`, and allow it to take a Jinja2 template instead of a raw string * Clean up exception handling in SAML2ResponseResource * use the existing code in `return_html_error` instead of re-implementing it (giving it a jinja2 template rather than inventing a new form of template) * do the exception-catching in the REST layer rather than in the handler layer, to make sure we catch all exceptions.
* Process cross-signing keys when resyncing device lists (#7594)Brendan Abolivier2020-06-012-18/+62
| | | It looks like `user_device_resync` was ignoring cross-signing keys from the results received from the remote server. This patch fixes this, by processing these keys using the same process `_handle_signing_key_updates` does (and effectively factor that part out of that function).
* Convert groups local and server to async/await. (#7600)Patrick Cloke2020-06-011-47/+35
|
* Don't fail all of an iteration of the device list retry loop on error (#7609)Brendan Abolivier2020-06-011-15/+21
| | | Without this patch, if an error happens which isn't caught by `user_device_resync`, then `_maybe_retry_device_resync` would fail, without retrying the next users in the iteration. This patch fixes this so that it now only logs an error in this case.
* Fix 'FederationGroupsRoomsServlet' API when group has room server is not in. ↵Erik Johnston2020-05-291-8/+12
| | | | (#7599)
* allow emails to be passed through SAML (#7385)Christopher Cooper2020-05-271-2/+10
| | | Signed-off-by: Christopher Cooper <cooperc@ocf.berkeley.edu>
* Convert identity handler to async/await. (#7561)Patrick Cloke2020-05-262-63/+46
|
* Optimise some references to hs.config (#7546)Richard van der Hoff2020-05-221-3/+5
| | | These are surprisingly expensive, and we only really need to do them at startup.
* Add option to move event persistence off master (#7517)Erik Johnston2020-05-225-19/+61
|
* Add ability to wait for replication streams (#7542)Erik Johnston2020-05-225-70/+140
| | | | | | | The idea here is that if an instance persists an event via the replication HTTP API it can return before we receive that event over replication, which can lead to races where code assumes that persisting an event immediately updates various caches (e.g. current state of the room). Most of Synapse doesn't hit such races, so we don't do the waiting automagically, instead we do so where necessary to avoid unnecessary delays. We may decide to change our minds here if it turns out there are a lot of subtle races going on. People probably want to look at this commit by commit.
* Convert sending mail to async/await. (#7557)Erik Johnston2020-05-221-5/+4
| | | | Mainly because sometimes the email push code raises exceptions where the stack traces have gotten lost, which is hopefully fixed by this.
* On upgrade room only send canonical alias once. (#7547)Erik Johnston2020-05-221-55/+60
| | | | | | | | Instead of doing a complicated dance of deleting and moving aliases one by one, which sends a canonical alias update into the old room for each one, lets do it all in one go. This also changes the function to move *all* local alias events to the new room, however that happens later on anyway.
* Fix exception reporting due to HTTP request errors. (#7556)Erik Johnston2020-05-221-0/+7
| | | | These are business as usual errors, rather than stuff we want to log at error.
* Retry to sync out of sync device lists (#7453)Brendan Abolivier2020-05-211-7/+73
| | | | | | | | | | | When a call to `user_device_resync` fails, we don't currently mark the remote user's device list as out of sync, nor do we retry to sync it. https://github.com/matrix-org/synapse/pull/6776 introduced some code infrastructure to mark device lists as stale/out of sync. This commit uses that code infrastructure to mark device lists as out of sync if processing an incoming device list update makes the device handler realise that the device list is out of sync, but we can't resync right now. It also adds a looping call to retry all failed resync every 30s. This shouldn't cause too much spam in the logs as this commit also removes the "Failed to handle device list update for..." warning logs when catching `NotRetryingDestination`. Fixes #7418
* Hash passwords earlier in the password reset process (#7538)Patrick Cloke2020-05-201-4/+1
| | | | This now matches the logic of the registration process as modified in 56db0b1365965c02ff539193e26c333b7f70d101 / #7523.
* Omit displayname or avatar_url if they aren't set instead of returning null ↵Aaron Raimist2020-05-191-2/+6
| | | | | | | | | (#7497) Per https://github.com/matrix-org/matrix-doc/issues/1436#issuecomment-410089470 they should be omitted instead of returning null or "". They aren't marked as required in the spec. Fixes https://github.com/matrix-org/synapse/issues/7333 Signed-off-by: Aaron Raimist <aaron@raim.ist>
* Merge tag 'v1.13.0rc3' into developPatrick Cloke2020-05-181-7/+2
|\ | | | | | | | | | | | | | | Synapse 1.13.0rc3 (2020-05-18) Bugfixes: - Hash passwords as early as possible during registration. #7523
| * Hash passwords earlier in the registration process (#7523)Patrick Cloke2020-05-181-7/+2
| |
* | Add type hints to room member handlers (#7513)Patrick Cloke2020-05-152-139/+173
| |
* | Support UI Authentication for OpenID Connect accounts (#7457)Patrick Cloke2020-05-152-20/+60
| |
* | Update the room member handler to use async/await. (#7507)Patrick Cloke2020-05-152-74/+58
| |
* | Ignore incoming presence updates when presence is disabled (#7508)Andrew Morgan2020-05-151-2/+4
| |
* | Merge tag 'v1.13.0rc2' into developRichard van der Hoff2020-05-141-19/+18
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.13.0rc2 (2020-05-14) ============================== Bugfixes -------- - Fix a long-standing bug which could cause messages not to be sent over federation, when state events with state keys matching user IDs (such as custom user statuses) were received. ([\#7376](https://github.com/matrix-org/synapse/issues/7376)) - Restore compatibility with non-compliant clients during the user interactive authentication process, fixing a problem introduced in v1.13.0rc1. ([\#7483](https://github.com/matrix-org/synapse/issues/7483)) Internal Changes ---------------- - Fix linting errors in new version of Flake8. ([\#7470](https://github.com/matrix-org/synapse/issues/7470))
| * Do not validate that the client dict is stable during UI Auth. (#7483)Patrick Cloke2020-05-131-19/+18
| | | | | | | | This backs out some of the validation for the client dictionary and logs if this changes during a user interactive authentication session instead.
* | Allow censoring of events to happen on workers. (#7492)Erik Johnston2020-05-131-2/+0
| | | | | | This is safe as we can now write to cache invalidation stream on workers, and is required for when we move event persistence off master.
* | Convert federation handler to async/await. (#7459)Patrick Cloke2020-05-112-21/+16
| |
* | Convert search code to async/await. (#7460)Patrick Cloke2020-05-111-24/+20
| |
* | Merge branch 'release-v1.13.0' into developAndrew Morgan2020-05-111-14/+40
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * release-v1.13.0: Don't UPGRADE database rows RST indenting Put rollback instructions in upgrade notes Fix changelog typo Oh yeah, RST Absolute URL it is then Fix upgrade notes link Provide summary of upgrade issues in changelog. Fix ) Move next version notes from changelog to upgrade notes Changelog fixes 1.13.0rc1 Documentation on setting up redis (#7446) Rework UI Auth session validation for registration (#7455) Fix errors from malformed log line (#7454) Drop support for redis.dbid (#7450)
| * Rework UI Auth session validation for registration (#7455)Patrick Cloke2020-05-081-14/+40
| | | | | | | | Be less strict about validation of UI authentication sessions during registration to match client expecations.
* | Implement OpenID Connect-based login (#7256)Quentin Gliech2020-05-082-2/+1000
| |
* | Merge branch 'release-v1.13.0' into developBrendan Abolivier2020-05-071-1/+3
|\|
| * Add a configuration setting for the dummy event threshold (#7422)Brendan Abolivier2020-05-071-1/+3
| | | | | | Add dummy_events_threshold which allows configuring the number of forward extremities a room needs for Synapse to send forward extremities in it.
* | Add more type hints to SAML handler. (#7445)Patrick Cloke2020-05-071-12/+16
| |
* | Merge branch 'release-v1.13.0' into developRichard van der Hoff2020-05-061-4/+8
|\|
| * Merge branch 'release-v1.13.0' into erikj/faster_device_lists_fetchRichard van der Hoff2020-05-059-281/+250
| |\
| * | Speed up fetching device lists changes in sync.Erik Johnston2020-05-051-4/+8
| | | | | | | | | | | | | | | Currently we copy `users_who_share_room` needlessly about three times, which is expensive when the set is large (which it can easily be).
* | | Convert the room handler to async/await. (#7396)Patrick Cloke2020-05-041-24/+18
| |/ |/|
* | async/await is_server_admin (#7363)Andrew Morgan2020-05-019-281/+250
|/
* Persist user interactive authentication sessions (#7302)Patrick Cloke2020-04-303-116/+63
| | | | | By persisting the user interactive authentication sessions to the database, this fixes situations where a user hits different works throughout their auth session and also allows sessions to persist through restarts of Synapse.
* Apply federation check for /publicRooms with filter list (#7367)Andrew Morgan2020-04-301-1/+5
|
* Convert some of the federation handler methods to async/await. (#7338)Patrick Cloke2020-04-241-25/+24
|
* Stop the master relaying USER_SYNC for other workers (#7318)Richard van der Hoff2020-04-223-105/+135
| | | | | | | Long story short: if we're handling presence on the current worker, we shouldn't be sending USER_SYNC commands over replication. In an attempt to figure out what is going on here, I ended up refactoring some bits of the presencehandler code, so the first 4 commits here are non-functional refactors to move this code slightly closer to sanity. (There's still plenty to do here :/). Suggest reviewing individual commits. Fixes (I hope) #7257.
* Merge branch 'release-v1.12.4' into developRichard van der Hoff2020-04-221-9/+139
|\
| * Query missing cross-signing keys on local sig upload (#7289)Andrew Morgan2020-04-221-9/+139
| |
* | import urllib.parse when using urllib.parse.quote (#7319)Andrew Morgan2020-04-221-1/+1
| |
* | Merge branch 'release-v1.12.4' into developRichard van der Hoff2020-04-201-129/+9
|\|
| * Revert "Query missing cross-signing keys on local sig upload"Richard van der Hoff2020-04-201-129/+9
| | | | | | | | | | | | This was incorrectly merged to the release branch before it was ready. This reverts commit 72fe2affb6ac86d433b80b6452da57052365aa26.
* | Merge branch 'release-v1.12.4' into developRichard van der Hoff2020-04-201-9/+129
|\|
| * Always send the user updates to their own device list (#7160)David Baker2020-04-202-3/+18
| |
| * Query missing cross-signing keys on local sig uploadAndrew Morgan2020-04-171-9/+129
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add changelog Save retrieved keys to the db lint Fix and de-brittle remote result dict processing Use query_user_devices instead, assume only master, self_signing key types Make changelog more useful Remove very specific exception handling Wrap get_verify_key_from_cross_signing_key in a try/except Note that _get_e2e_cross_signing_verify_key can raise a SynapseError lint Add comment explaining why this is useful Only fetch master and self_signing key types Fix log statements, docstrings Remove extraneous items from remote query try/except lint Factor key retrieval out into a separate function Send device updates, modeled after SigningKeyEduUpdater._handle_signing_key_updates Update method docstring
| * Only register devices edu handler on the master process (#7255)Andrew Morgan2020-04-141-7/+11
| |
* | Reject unknown UI auth sessions (instead of silently generating a new one) ↵Patrick Cloke2020-04-201-65/+94
| | | | | | | | (#7268)
* | Use a template for the SSO success page to allow for customization. (#7279)Patrick Cloke2020-04-171-32/+12
| |
* | Convert auth handler to async/await (#7261)Patrick Cloke2020-04-154-111/+115
| |
* | Only register devices edu handler on the master process (#7255)Andrew Morgan2020-04-141-7/+11
| |
* | Check on room creation if the user is allowed to publish the room to the ↵PeerD2020-04-131-0/+7
| | | | | | | | room directory. (#7260)
* | typosMatthew Hodgson2020-04-111-1/+1
| |
* | Default PL100 to enable encryption in a room (#7230)Andrew Morgan2020-04-091-0/+1
| |
* | Do not allow a deactivated user to login via SSO. (#7240)Patrick Cloke2020-04-093-6/+32
| |
* | Improve error responses when a remote server doesn't allow you to access its ↵Andrew Morgan2020-04-061-11/+12
| | | | | | | | public rooms list (#6899)
* | Support CAS in UI Auth flows. (#7186)Patrick Cloke2020-04-032-74/+91
| |
* | Support SAML in the user interactive authentication workflow. (#7102)Patrick Cloke2020-04-012-14/+153
| |
* | Allow admins to create aliases when they are not in the room (#7191)Patrick Cloke2020-04-011-1/+5
| |
* | Rewrite prune_old_outbound_device_pokes for efficiency (#7159)Richard van der Hoff2020-03-301-23/+2
| | | | | | | | make sure we clear out all but one update for the user
* | Transfer alias mappings when joining an upgraded room (#6946)Andrew Morgan2020-03-301-0/+3
| |
* | Merge pull request #7160 from ↵David Baker2020-03-302-3/+18
|\ \ | | | | | | | | | | | | matrix-org/dbkr/always_send_own_device_list_updates Always send the user updates to their own device list
| * | Add explanatory commentAndrew Morgan2020-03-302-1/+4
| | |
| * | blackDavid Baker2020-03-301-1/+3
| | |
| * | Just add own user ID to the list we track device changes forDavid Baker2020-03-302-7/+11
| | |
| * | Fix undefined variable & remove debug loggingDavid Baker2020-03-271-10/+2
| | |
| * | blackDavid Baker2020-03-271-4/+4
| | |
| * | Always send the user updates to their own device listDavid Baker2020-03-272-6/+20
| | | | | | | | | | | | | | | This will allow clients to notify users about new devices even if the user isn't in any rooms (yet).
* | | Add options to prevent users from changing their profile. (#7096)Dirk Klimpel2020-03-271-0/+16
|/ /
* | Merge pull request #7151 from matrix-org/jaywink/saml-redirect-fixJason Robinson2020-03-261-0/+4
|\ \ | | | | | | Allow RedirectResponse in SAML response handler
| * | Allow RedirectResponse in SAML response handlerJason Robinson2020-03-261-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | Allow custom SAML handlers to redirect after processing an auth response. Fixes #7149 Signed-off-by: Jason Robinson <jasonr@matrix.org>
* | | Refactor the CAS code (move the logic out of the REST layer to a handler) ↵Patrick Cloke2020-03-261-0/+204
| | | | | | | | | | | | (#7136)
* | | Allow server admins to define and enforce a password policy (MSC2000). (#7118)Dirk Klimpel2020-03-262-0/+95
|/ /
* | Validate that the session is not modified during UI-Auth (#7068)Patrick Cloke2020-03-261-4/+33
| |
* | Clean up some LoggingContext stuff (#7120)Richard van der Hoff2020-03-241-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Pull Sentinel out of LoggingContext ... and drop a few unnecessary references to it * Factor out LoggingContext.current_context move `current_context` and `set_context` out to top-level functions. Mostly this means that I can more easily trace what's actually referring to LoggingContext, but I think it's generally neater. * move copy-to-parent into `stop` this really just makes `start` and `stop` more symetric. It also means that it behaves correctly if you manually `set_log_context` rather than using the context manager. * Replace `LoggingContext.alive` with `finished` Turn `alive` into `finished` and make it a bit better defined.
* | Use the proper error code when a canonical alias that does not exist is ↵Patrick Cloke2020-03-231-19/+38
| | | | | | | | used. (#7109)
* | Remove concept of a non-limited stream. (#7011)Erik Johnston2020-03-202-4/+11
|/
* Add an option to the set password API to choose whether to logout other ↵Patrick Cloke2020-03-181-16/+25
| | | | devices. (#7085)
* Remove special casing of `m.room.aliases` events (#7034)Patrick Cloke2020-03-171-15/+1
|
* Revert "Add options to disable setting profile info for prevent changes. ↵Richard van der Hoff2020-03-171-16/+0
| | | | | | | (#7053)" This reverts commit 54dd28621b070ca67de9f773fe9a89e1f4dc19da, reversing changes made to 6640460d054e8f4444046a34bdf638921b31c01e.
* Fix buggy condition in account validity handler (#7074)Brendan Abolivier2020-03-161-1/+5
|
* Add type annotations and comments to auth handler (#7063)Patrick Cloke2020-03-121-89/+104
|
* Don't filter out dummy events when we're checking the visibility of stateBrendan Abolivier2020-03-111-1/+1
|
* Add options to disable setting profile info for prevent changes. (#7053)Brendan Abolivier2020-03-101-0/+16
|\
| * lint, fix testsdklimpel2020-03-091-1/+3
| |
| * updates after reviewdklimpel2020-03-091-4/+4
| |
| * lintdklimpel2020-03-081-4/+2
| |
| * changelogdklimpel2020-03-081-2/+8
| |
| * Add options to disable setting profile info for prevent changes.dklimpel2020-03-081-0/+10
| |
* | SAML2: render a comprehensible error page if something goes wrongBrendan Abolivier2020-03-101-1/+19
| | | | | | | | | | | | If an error happened while processing a SAML AuthN response, or a client ends up doing a `GET` request to `/authn_response`, then render a customisable error page rather than a confusing error.
* | LintBrendan Abolivier2020-03-061-2/+1
| |
* | Mention the session ID in the error messageBrendan Abolivier2020-03-061-2/+3
| |
* | LintBrendan Abolivier2020-03-061-1/+2
| |
* | Make sure that is_verified is a boolean when processing room keysBrendan Abolivier2020-03-061-0/+6
| |
* | Allow deleting an alias if the user has sufficient power level (#6986)Patrick Cloke2020-03-041-33/+74
| |
* | Merge branch 'master' into developBrendan Abolivier2020-03-032-3/+76
|\ \
| * | Fix wrong handler being used in SAML handlerBrendan Abolivier2020-03-031-3/+2
| | |
| * | Factor out complete_sso_login and expose it to the Module APIBrendan Abolivier2020-03-031-0/+74
| | |
* | | Validate the alt_aliases property of canonical alias events (#6971)Patrick Cloke2020-03-032-10/+51
| |/ |/|
* | Store room version on invite (#6983)Richard van der Hoff2020-02-261-0/+12
| | | | | | | | | | When we get an invite over federation, store the room version in the rooms table. The general idea here is that, when we pull the invite out again, we'll want to know what room_version it belongs to (so that we can later redact it if need be). So we need to store it somewhere...
* | Port PresenceHandler to async/await (#6991)Erik Johnston2020-02-262-108/+89
| |
* | Remove redundant store_room call (#6979)Richard van der Hoff2020-02-241-23/+0
| | | | | | | | | | `_process_received_pdu` is only called by `on_receive_pdu`, which ignores any events for unknown rooms, so this is redundant.
* | Upsert room version when we join over federation (#6968)Richard van der Hoff2020-02-241-10/+12
| | | | | | | | | | | | | | | | This is intended as a precursor to storing room versions when we receive an invite over federation, but has the happy side-effect of fixing #3374 at last. In short: change the store_room with try/except to a proper upsert which updates the right columns.
* | Change displayname of user as admin in rooms (#6876)Dirk Klimpel2020-02-211-1/+11
| |
* | Stop returning aliases as part of the room list. (#6970)Patrick Cloke2020-02-211-9/+0
| |
* | Clarify list/set/dict/tuple comprehensions and enforce via flake8 (#6957)Patrick Cloke2020-02-219-35/+33
| | | | | | | | Ensure good comprehension hygiene using flake8-comprehensions.
* | Merge branch 'master' into developRichard van der Hoff2020-02-211-5/+5
|\|
| * Small grammar fixes to the ACME v1 deprecation notice (#6944)Andrew Morgan2020-02-211-5/+5
| | | | | | Some small fixes to the copy in #6907.
* | Do not send alias events when creating / upgrading a room (#6941)Patrick Cloke2020-02-202-40/+15
|/ | | Stop emitting room alias update events during room creation/upgrade.
* Merge pull request #6949 from matrix-org/rav/list_room_aliases_peekableRichard van der Hoff2020-02-195-33/+22
|\ | | | | Make room alias lists peekable
| * Make room alias lists peekableRichard van der Hoff2020-02-191-1/+3
| | | | | | | | | | | | As per https://github.com/matrix-org/matrix-doc/pull/2432#pullrequestreview-360566830, make room alias lists accessible to users outside world_readable rooms.
| * Add `allow_departed_users` param to `check_in_room_or_world_readable`Richard van der Hoff2020-02-193-6/+14
| | | | | | | | | | | | | | ... and set it everywhere it's called. while we're here, rename it for consistency with `check_user_in_room` (and to help check that I haven't missed any instances)
| * Refactor the membership check methods in AuthRichard van der Hoff2020-02-182-28/+7
| | | | | | | | | | these were getting a bit unwieldy, so let's combine `check_joined_room` and `check_user_was_in_room` into a single `check_user_in_room`.
* | Merge pull request #6945 from matrix-org/babolivier/fix-retention-debug-logBrendan Abolivier2020-02-191-1/+1
|\ \ | |/ |/| Fix log in message retention purge jobs
| * Fix log in message retention purge jobsBrendan Abolivier2020-02-181-1/+1
| |
* | Implement GET /_matrix/client/r0/rooms/{roomId}/aliases (#6939)Richard van der Hoff2020-02-181-1/+16
| | | | | | | | | | per matrix-org/matrix-doc#2432
* | Merge pull request #6907 from matrix-org/babolivier/acme-configBrendan Abolivier2020-02-181-1/+15
|\ \ | |/ |/| Add mention and warning about ACME v1 deprecation to the TLS config
| * Make the log more noticeableBrendan Abolivier2020-02-181-1/+2
| |
| * Print the error as an error log and raise the same exception we gotBrendan Abolivier2020-02-181-9/+10
| |
| * LintBrendan Abolivier2020-02-131-6/+7
| |
| * LintBrendan Abolivier2020-02-131-7/+6
| |
| * Add a comprehensive error when failing to register for an ACME accountBrendan Abolivier2020-02-131-1/+13
| |
* | Stop sending events when creating or deleting aliases (#6904)Patrick Cloke2020-02-182-40/+41
| | | | | | Stop sending events when creating or deleting associations (room aliases). Send an updated canonical alias event if one of the alt_aliases is deleted.
* | Raise the default power levels for invites, tombstones and server acls (#6834)Andrew Morgan2020-02-171-1/+9
| |
* | Filter the results of user directory searching via the spam checker (#6888)Patrick Cloke2020-02-141-2/+12
|/ | | Add a method to the spam checker to filter the user directory results.
* Merge branch 'release-v1.10.0' into developRichard van der Hoff2020-02-111-0/+1
|\
| * filter out m.room.aliases from /sync state blocks (#6884)Matthew Hodgson2020-02-101-0/+1
| | | | | | We forgot to filter out aliases from /sync state blocks as well as the timeline.
* | Reject device display names that are too long (#6882)Patrick Cloke2020-02-101-1/+13
| | | | | | | | | | | | | | | | * Reject device display names that are too long. Too long is currently defined as 100 characters in length. * Add a regression test for rejecting a too long device display name.
* | Add support for putting fed user query API on workers (#6873)Erik Johnston2020-02-071-19/+16
| |
* | Allow moving group read APIs to workers (#6866)Erik Johnston2020-02-071-131/+139
| |
* | Admin api to add an email address (#6789)Dirk Klimpel2020-02-072-0/+10
| |
* | Limit the number of events that can be requested when backfilling events (#6864)Patrick Cloke2020-02-061-0/+4
| | | | | | Limit the maximum number of events requested when backfilling events.
* | pass room version into FederationClient.send_join (#6854)Richard van der Hoff2020-02-061-2/+1
| | | | | | | | ... which allows us to sanity-check the create event.
* | Third party event rules Update (#6781)PeerD2020-02-061-1/+5
| |
* | Reduce amount of logging at INFO level. (#6862)Erik Johnston2020-02-064-11/+11
| | | | | | | | | | | | | | | | A lot of the things we log at INFO are now a bit superfluous, so lets make them DEBUG logs to reduce the amount we log by default. Co-Authored-By: Brendan Abolivier <babolivier@matrix.org> Co-authored-by: Brendan Abolivier <github@brendanabolivier.com>
* | Merge pull request #6823 from matrix-org/rav/redact_changes/5Richard van der Hoff2020-02-061-6/+2
|\ \ | | | | | | pass room versions around
| * | Pass room version object into `FederationClient.get_pdu`Richard van der Hoff2020-02-051-6/+2
| | |
* | | Merge tag 'v1.10.0rc2' into developErik Johnston2020-02-064-17/+69
|\ \ \ | |/ / |/| / | |/ | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.10.0rc2 (2020-02-06) ============================== Bugfixes -------- - Fix an issue with cross-signing where device signatures were not sent to remote servers. ([\#6844](https://github.com/matrix-org/synapse/issues/6844)) - Fix to the unknown remote device detection which was introduced in 1.10.rc1. ([\#6848](https://github.com/matrix-org/synapse/issues/6848)) Internal Changes ---------------- - Detect unexpected sender keys on remote encrypted events and resync device lists. ([\#6850](https://github.com/matrix-org/synapse/issues/6850))
| * Check sender_key matches on inbound encrypted events. (#6850)Erik Johnston2020-02-052-14/+66
| | | | | | If they don't then the device lists are probably out of sync.
| * Fix detecting unknown devices from remote encrypted events. (#6848)Erik Johnston2020-02-043-3/+3
| | | | | | | | | | | | | | | | We were looking at the wrong event type (`m.room.encryption` vs `m.room.encrypted`). Also fixup the duplicate `EvenTypes` entries. Introduced in #6776.
* | Merge pull request #6837 from matrix-org/rav/federation_asyncRichard van der Hoff2020-02-043-235/+211
|\ \ | | | | | | Port much of `synapse.handlers.federation` to async/await.
| * | make FederationHandler.send_invite asyncRichard van der Hoff2020-02-032-6/+4
| | |
| * | make FederationHandler.on_get_missing_events asyncRichard van der Hoff2020-02-031-5/+4
| | |
| * | make FederationHandler.user_joined_room asyncRichard van der Hoff2020-02-031-3/+3
| | |
| * | make FederationHandler._clean_room_for_join asyncRichard van der Hoff2020-02-031-4/+4
| | |
| * | make FederationHandler._notify_persisted_event asyncRichard van der Hoff2020-02-031-4/+6
| | |
| * | make FederationHandler.persist_events_and_notify asyncRichard van der Hoff2020-02-031-10/+10
| | |
| * | make FederationHandler._make_and_verify_event asyncRichard van der Hoff2020-02-031-5/+10
| | |
| * | make FederationHandler.do_remotely_reject_invite asyncRichard van der Hoff2020-02-032-8/+11
| | |
| * | make FederationHandler._check_for_soft_fail asyncRichard van der Hoff2020-02-031-13/+9
| | |
| * | make FederationHandler._persist_auth_tree asyncRichard van der Hoff2020-02-031-11/+7
| | |
| * | make FederationHandler.do_invite_join asyncRichard van der Hoff2020-02-032-18/+18
| | |
| * | make FederationHandler.on_event_auth asyncRichard van der Hoff2020-02-031-5/+4
| | |
| * | make FederationHandler.on_exchange_third_party_invite_request asyncRichard van der Hoff2020-02-031-14/+12
| | |
| * | make FederationHandler.construct_auth_difference asyncRichard van der Hoff2020-02-031-3/+4
| | |
| * | make FederationHandler._update_context_for_auth_events asyncRichard van der Hoff2020-02-031-10/+10
| | |
| * | make FederationHandler._update_auth_events_and_context_for_auth asyncRichard van der Hoff2020-02-031-20/+21
| | |
| * | make FederationHandler.do_auth asyncRichard van der Hoff2020-02-031-10/+14
| | |
| * | make FederationHandler._prep_event asyncRichard van der Hoff2020-02-031-23/+10
| | |
| * | make FederationHandler._handle_new_event asyncRichard van der Hoff2020-02-031-6/+7
| | |
| * | make FederationHandler._handle_new_events asyncRichard van der Hoff2020-02-031-8/+6
| | |
| * | make FederationHandler.on_make_leave_request asyncRichard van der Hoff2020-02-031-13/+10
| | |
| * | make FederationHandler.on_send_leave_request asyncRichard van der Hoff2020-02-031-5/+3
| | |
| * | make FederationHandler.on_make_join_request asyncRichard van der Hoff2020-02-031-13/+10
| | |
| * | make FederationHandler.on_invite_request asyncRichard van der Hoff2020-02-031-5/+4
| | |
| * | make FederationHandler.on_send_join_request asyncRichard van der Hoff2020-02-031-9/+7
| | |
| * | make FederationHandler.on_query_auth asyncRichard van der Hoff2020-02-031-7/+6
| |/
* / Add typing to SyncHandler (#6821)Erik Johnston2020-02-031-341/+364
|/ | | | Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* pass room_version into compute_event_signature (#6807)Richard van der Hoff2020-01-311-1/+4
|
* Merge pull request #6820 from matrix-org/rav/get_room_version_idRichard van der Hoff2020-01-314-14/+16
|\ | | | | Make `get_room_version` return a RoomVersion object
| * s/get_room_version/get_room_version_id/Richard van der Hoff2020-01-314-14/+16
| | | | | | | | | | ... to make way for a forthcoming get_room_version which returns a RoomVersion object.
* | Fix bug with getting missing auth event during join 500'ed (#6810)Erik Johnston2020-01-311-1/+5
|/
* pass room version into FederationHandler.on_invite_request (#6805)Richard van der Hoff2020-01-301-3/+3
|
* Resync remote device list when detected as stale. (#6786)Erik Johnston2020-01-302-4/+24
|
* Make /directory/room/<alias> handle restrictive power levelsRichard van der Hoff2020-01-291-1/+6
| | | | | Fixes a bug where the alias would be added, but `PUT /directory/room/<alias>` would return a 403.
* Set the PL for aliases events to 0.Richard van der Hoff2020-01-291-2/+15
|
* Factor out a `copy_power_levels_contents` methodRichard van der Hoff2020-01-291-12/+11
| | | | I'm going to need another copy (hah!) of this.
* Fix bug when querying remote user keys that require a resync. (#6796)Erik Johnston2020-01-291-1/+2
| | | | We ended up only returning a single device, rather than all of them.
* Detect unknown remote devices and mark cache as stale (#6776)Erik Johnston2020-01-282-2/+75
| | | | We just mark the fact that the cache may be stale in the database for now.
* Pass room version object into event_auth.check and check_redaction (#6788)Richard van der Hoff2020-01-282-9/+17
| | | | | | | These are easier to work with than the strings and we normally have one around. This fixes `FederationHander._persist_auth_tree` which was passing a RoomVersion object into event_auth.check instead of a string.
* Add `rooms.room_version` column (#6729)Erik Johnston2020-01-272-35/+82
| | | This is so that we don't have to rely on pulling it out from `current_state_events` table.
* Validate client_secret parameter (#6767)Andrew Morgan2020-01-241-1/+3
|
* Remove unnecessary abstractions in admin handler (#6751)Andrew Morgan2020-01-221-62/+0
|
* Add more logging around message retention policies support (#6717)Brendan Abolivier2020-01-171-0/+13
| | | So we can debug issues like #6683 more easily
* Merge pull request #6714 from matrix-org/babolivier/retention_select_eventBrendan Abolivier2020-01-171-1/+1
|\ | | | | Fix instantiation of message retention purge jobs
| * Fix instantiation of message retention purge jobsBrendan Abolivier2020-01-151-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When figuring out which topological token to start a purge job at, we need to do the following: 1. Figure out a timestamp before which events will be purged 2. Select the first stream ordering after that timestamp 3. Select info about the first event after that stream ordering 4. Build a topological token from that info In some situations (e.g. quiet rooms with a short max_lifetime), there might not be an event after the stream ordering at step 3, therefore we abort the purge with the error `No event found`. To mitigate that, this patch fetches the first event _before_ the stream ordering, instead of after.
* | Merge pull request #6724 from matrix-org/rav/log_saml_attributesRichard van der Hoff2020-01-171-1/+12
|\ \ | | | | | | Log saml assertions rather than the whole response
| * | Log saml assertions rather than the whole responseRichard van der Hoff2020-01-161-1/+12
| | | | | | | | | | | | | | | | | | ... since the whole response is huge. We even need to break up the assertions, since kibana otherwise truncates them.
* | | Delegate remote_user_id mapping to the saml mapping provider (#6723)Richard van der Hoff2020-01-171-6/+21
|/ / | | | | Turns out that figuring out a remote user id for the SAML user isn't quite as obvious as it seems. Factor it out to the SamlMappingProvider so that it's easy to control.
* | Add StateMap type alias (#6715)Erik Johnston2020-01-163-28/+31
| |
* | Port synapse.replication.tcp to async/await (#6666)Erik Johnston2020-01-161-1/+1
| | | | | | | | | | | | | | | | | | | | * Port synapse.replication.tcp to async/await * Newsfile * Correctly document type of on_<FOO> functions as async * Don't be overenthusiastic with the asyncing....
* | Add `local_current_membership` table (#6655)Erik Johnston2020-01-156-6/+6
|/ | | | | | | Currently we rely on `current_state_events` to figure out what rooms a user was in and their last membership event in there. However, if the server leaves the room then the table may be cleaned up and that information is lost. So lets add a table that separately holds that information.
* Kill off RegistrationError (#6691)Richard van der Hoff2020-01-131-9/+3
| | | This is pretty pointless. Let's just use SynapseError.
* Don't assign numeric IDs for empty usernames (#6690)Richard van der Hoff2020-01-131-1/+1
| | | | Fix a bug where we would assign a numeric userid if somebody tried registering with an empty username
* Pass client redirect URL into SAML mapping providersRichard van der Hoff2020-01-121-4/+11
|
* Pass the module_api into the SamlMappingProviderRichard van der Hoff2020-01-121-2/+5
| | | | | ... for consistency with other modules, and because we'll need it sooner or later and it will be a pain to introduce later.
* Allow admin users to create or modify users without a shared secret (#6495)Manuel Stahl2020-01-091-0/+9
| | | Signed-off-by: Manuel Stahl <manuel.stahl@awesome-technologies.de>
* Correctly proxy remote group HTTP errors. (#6654)Erik Johnston2020-01-071-0/+16
| | | | | e.g. if remote returns a 404 then that shouldn't be treated as an error but should be proxied through.
* Merge pull request #6652 from matrix-org/babolivier/depth_missing_eventsBrendan Abolivier2020-01-071-2/+2
|\ | | | | Fix conditions failing if min_depth = 0
| * Fix conditions failing if min_depth = 0Brendan Abolivier2020-01-071-2/+2
| | | | | | | | This could result in Synapse not fetching prev_events for new events in the room if it has missed some events.
* | Merge pull request #6629 from matrix-org/rav/kill_event_reference_hashesRichard van der Hoff2020-01-062-34/+20
|\ \ | | | | | | Remove a bunch of unused code from event creation
| * | Remove unused hashes and depths from _update_membership paramsRichard van der Hoff2020-01-061-13/+4
| | |
| * | Remove unused hashes and depths from create_event paramsRichard van der Hoff2020-01-062-17/+12
| | |
| * | Remove unused hashes and depths from create_new_client_event paramsRichard van der Hoff2020-01-061-12/+14
| | |
| * | replace get_prev_events_and_hashes_for_room with get_prev_events_for_room in ↵Richard van der Hoff2020-01-061-9/+3
| | | | | | | | | | | | create_new_client_event
| * | rename get_prev_events_for_room to get_prev_events_and_hashes_for_roomRichard van der Hoff2020-01-062-3/+7
| | | | | | | | | | | | ... to make way for a new method which just returns the event ids
* | | Fix some test failures when frozen_dicts are enabled (#6642)Richard van der Hoff2020-01-062-6/+11
| | | | | | | | | | | | Fixes #4026
* | | Fix an error which was thrown by the PresenceHandler _on_shutdown handler. ↵Richard van der Hoff2020-01-061-7/+2
|/ / | | | | | | (#6640)
* / Fix power levels being incorrectly set in old and new rooms after a room ↵Andrew Morgan2020-01-061-7/+10
|/ | | | | | upgrade (#6633) Modify a copy of an upgraded room's PL before sending to the new room
* Merge branch 'master' into developRichard van der Hoff2019-12-201-1/+4
|\
| * Fix exceptions when attempting to backfill (#6576)Richard van der Hoff2019-12-201-1/+4
| | | | | | Fixes #6575
* | Change EventContext to use the Storage class (#6564)Erik Johnston2019-12-205-16/+16
| |
* | Port some admin handlers to async/await (#6559)Erik Johnston2019-12-192-54/+41
| |
* | Add database config class (#6513)Erik Johnston2019-12-181-1/+1
| | | | | | | | | | This encapsulates config for a given database and is the way to get new connections.
* | Merge release-v1.7.1 into developRichard van der Hoff2019-12-182-2/+6
|\|
| * Merge pull request #6553 from matrix-org/babolivier/fix-context-filterBrendan Abolivier2019-12-161-2/+5
| |\ | | | | | | Use the filtered version of an event when responding to /context requests for that event
| | * Incorporate reviewBrendan Abolivier2019-12-161-1/+1
| | |
| | * Use the filtered version of an event when responding to /context requests ↵Brendan Abolivier2019-12-161-1/+4
| | | | | | | | | | | | | | | | | | for that event Sometimes the filtering function can return a pruned version of an event (on top of either the event itself or an empty list), if it thinks the user should be able to see that there's an event there but not the content of that event. Therefore, the previous logic of 'if filtered is empty then we can use the event we retrieved from the database' is flawed, and we should use the event returned by the filtering function.
| * | Exclude rejected state events when calculating state at backwards extrems ↵Richard van der Hoff2019-12-161-1/+1
| | | | | | | | | | | | | | | (#6527) This fixes a weird bug where, if you were determined enough, you could end up with a rejected event forming part of the state at a backwards-extremity. Authing that backwards extrem would then lead to us trying to pull the rejected event from the db (with allow_rejected=False), which would fail with a 404.
| * | Persist auth/state events at backwards extremities when we fetch them (#6526)Richard van der Hoff2019-12-161-163/+80
| | | | | | | | | | | | The main point here is to make sure that the state returned by _get_state_in_room has been authed before we try to use it as state in the room.
| * | sanity-checking for events used in state res (#6531)Richard van der Hoff2019-12-161-0/+1
| | | | | | | | | | | | | | | When we perform state resolution, check that all of the events involved are in the right room.
| * | Check the room_id of events when fetching room state/auth (#6524)Richard van der Hoff2019-12-161-24/+54
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we request the state/auth_events to populate a backwards extremity (on backfill or in the case of missing events in a transaction push), we should check that the returned events are in the right room rather than blindly using them in the room state or auth chain. Given that _get_events_from_store_or_dest takes a room_id, it seems clear that it should be sanity-checking the room_id of the requested events, so let's do it there.
| * | Add `include_event_in_state` to _get_state_for_room (#6521)Richard van der Hoff2019-12-161-18/+21
| | | | | | | | | | | | | | | | | | Make it return the state *after* the requested event, rather than the one before it. This is a bit easier and requires fewer calls to get_events_from_store_or_dest.
| * | Move get_state methods into FederationHandler (#6503)Richard van der Hoff2019-12-161-6/+95
| |/ | | | | | | | | This is a non-functional refactor as a precursor to some other work.
* | Remove unused `get_pagination_rows` methods. (#6557)Erik Johnston2019-12-173-18/+0
| | | | | | Remove unused get_pagination_rows methods
* | Add option to allow profile queries without sharing a room (#6523)Will Hunt2019-12-161-1/+5
| |
* | Exclude rejected state events when calculating state at backwards extrems ↵Richard van der Hoff2019-12-161-1/+1
| | | | | | | | | | (#6527) This fixes a weird bug where, if you were determined enough, you could end up with a rejected event forming part of the state at a backwards-extremity. Authing that backwards extrem would then lead to us trying to pull the rejected event from the db (with allow_rejected=False), which would fail with a 404.
* | Persist auth/state events at backwards extremities when we fetch them (#6526)Richard van der Hoff2019-12-161-167/+80
| | | | | | The main point here is to make sure that the state returned by _get_state_in_room has been authed before we try to use it as state in the room.
* | sanity-checking for events used in state res (#6531)Richard van der Hoff2019-12-131-0/+1
| | | | | | | | | | | | | | When we perform state resolution, check that all of the events involved are in the right room.
* | Merge pull request #6496 from matrix-org/erikj/initial_sync_asnycErik Johnston2019-12-131-52/+44
|\ \ | | | | | | Port synapse.handlers.initial_sync to async/await
| * \ Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2019-12-118-236/+452
| |\ \ | | | | | | | | | | | | erikj/initial_sync_asnyc