summary refs log tree commit diff
path: root/synapse/handlers (follow)
Commit message (Collapse)AuthorAgeFilesLines
* remove unused and unnecessary check for FederationDeniedError (#5645)Hubert Chathi2019-07-091-4/+1
| | | | | | | | | | FederationDeniedError is a subclass of SynapseError, which is a subclass of CodeMessageException, so if e is a FederationDeniedError, then this check for FederationDeniedError will never be reached since it will be caught by the check for CodeMessageException above. The check for CodeMessageException does almost the same thing as this check (since FederationDeniedError initialises with code=403 and msg="Federation denied with %s."), so may as well just keep allowing it to handle this case.
* Merge pull request #5644 from matrix-org/babolivier/profile-allow-selfBrendan Abolivier2019-07-091-0/+4
|\ | | | | Allow newly-registered users to lookup their own profiles
| * Allow newly-registered users to lookup their own profilesBrendan Abolivier2019-07-081-0/+4
| | | | | | | | When a user creates an account and the 'require_auth_for_profile_requests' config flag is set, and a client that performed the registration wants to lookup the newly-created profile, the request will be denied because the user doesn't share a room with themselves yet.
* | Remove access-token support from RegistrationHandler.register (#5641)Richard van der Hoff2019-07-081-24/+3
| | | | | | | | | | | | | | | | Nothing uses this now, so we can remove the dead code, and clean up the API. Since we're changing the shape of the return value anyway, we take the opportunity to give the method a better name.
* | Better logging for auto-join. (#5643)Richard van der Hoff2019-07-081-0/+7
|/ | | It was pretty unclear what was going on, so I've added a couple of log lines.
* Move get_or_create_user to test code (#5628)Richard van der Hoff2019-07-081-51/+0
| | | This is only used in tests, so...
* Remove support for invite_3pid_guest. (#5625)Richard van der Hoff2019-07-053-81/+0
| | | | | | | | | This has never been documented, and I'm not sure it's ever been used outside sytest. It's quite a lot of poorly-maintained code, so I'd like to get rid of it. For now I haven't removed the database table; I suggest we leave that for a future clearout.
* Move logging utilities out of the side drawer of util/ and into logging/ (#5606)Amber Brown2019-07-0412-35/+36
|
* Fix a number of "Starting txn from sentinel context" warnings (#5605)Richard van der Hoff2019-07-031-1/+9
| | | | Fixes #5602, #5603
* Complete the SAML2 implementation (#5422)Richard van der Hoff2019-07-021-0/+123
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * SAML2 Improvements and redirect stuff Signed-off-by: Alexander Trost <galexrt@googlemail.com> * Code cleanups and simplifications. Also: share the saml client between redirect and response handlers. * changelog * Revert redundant changes to static js * Move all the saml stuff out to a centralised handler * Add support for tracking SAML2 sessions. This allows us to correctly handle `allow_unsolicited: False`. * update sample config * cleanups * update sample config * rename BaseSSORedirectServlet for consistency * Address review comments
| * Merge branch 'develop' into rav/saml2_clientRichard van der Hoff2019-07-015-26/+64
| |\
| * | Address review commentsRichard van der Hoff2019-07-011-5/+7
| | |
| * | cleanupsRichard van der Hoff2019-06-271-1/+1
| | |
| * | Add support for tracking SAML2 sessions.Richard van der Hoff2019-06-261-2/+37
| | | | | | | | | | | | This allows us to correctly handle `allow_unsolicited: False`.
| * | Move all the saml stuff out to a centralised handlerRichard van der Hoff2019-06-261-0/+86
| | |
* | | Merge pull request #5507 from matrix-org/erikj/presence_sync_tighloopErik Johnston2019-07-011-2/+19
|\ \ \ | |_|/ |/| | Fix sync tightloop bug.
| * | Fixup commentErik Johnston2019-07-011-6/+13
| | |
| * | Fix sync tightloop bug.Erik Johnston2019-06-211-2/+12
| | | | | | | | | | | | | | | | | | | | | | | | If, for some reason, presence updates take a while to persist then it can trigger clients to tightloop calling `/sync` due to the presence handler returning updates but not advancing the stream token. Fixes #5503.
* | | Merge pull request #5576 from matrix-org/babolivier/3pid-invite-ratelimitBrendan Abolivier2019-06-281-0/+1
|\ \ \ | | | | | | | | Don't update the ratelimiter before sending a 3PID invite
| * | | Only ratelimit when sending the emailBrendan Abolivier2019-06-281-1/+2
| | | | | | | | | | | | | | | | If we do the opposite, an event can arrive after or while sending the email and the 3PID invite event will get ratelimited.
| * | | Don't update the ratelimiter before sending a 3PID inviteBrendan Abolivier2019-06-281-1/+1
| | |/ | |/| | | | | | | This would cause emails being sent, but Synapse responding with a 429 when creating the event. The client would then retry, and with bad timing the same scenario would happen again. Some testing I did ended up sending me 10 emails for one single invite because of this.
* | | Added possibilty to disable local password authentication (#5092)Daniel Hoffend2019-06-272-1/+4
| | | | | | | | | | | | | | | Signed-off-by: Daniel Hoffend <dh@dotlan.net>
* | | Review commentsErik Johnston2019-06-271-4/+4
| | |
* | | Refactor and comment sync device list codeErik Johnston2019-06-261-17/+53
| | |
* | | Rename get_users_whose_devices_changedErik Johnston2019-06-262-2/+2
| | |
* | | Refactor get_user_ids_changed to pull less from DBErik Johnston2019-06-262-18/+16
|/ / | | | | | | | | | | | | | | | | | | | | When a client asks for users whose devices have changed since a token we used to pull *all* users from the database since the token, which could easily be thousands of rows for old tokens. This PR changes this to only check for changes for users the client is actually interested in. Fixes #5553
* | Prevent multiple upgrades on the same room at once (#5051)Andrew Morgan2019-06-251-51/+89
| | | | | | | | | | | | | | Closes #4583 Does slightly less than #5045, which prevented a room from being upgraded multiple times, one after another. This PR still allows that, but just prevents two from happening at the same time. Mostly just to mitigate the fact that servers are slow and it can take a moment for the room upgrade to actually complete. We don't want people sending another request to upgrade the room when really they just thought the first didn't go through.
* | Merge pull request #5531 from matrix-org/erikj/workers_pagination_tokenErik Johnston2019-06-241-3/+1
|\ \ | | | | | | Fix /messages on workers when no from param specified.
| * | Fix /messages on workers when no from param specified.Erik Johnston2019-06-241-3/+1
| |/ | | | | | | | | | | | | If no `from` param is specified we calculate and use the "current token" that inlcuded typing, presence, etc. These are unused during pagination and are not available on workers, so we simply don't calculate them.
* | Allow configuration of the path used for ACME account keys.Richard van der Hoff2019-06-242-5/+38
| | | | | | | | | | Because sticking it in the same place as the config isn't necessarily the right thing to do.
* | Factor acme bits out to a separate file (#5521)Richard van der Hoff2019-06-242-53/+93
|/ | | This makes some of the conditional-import hoop-jumping easier.
* Run Black. (#5482)Amber Brown2019-06-2035-2765/+2187
|
* Merge pull request #5042 from matrix-org/erikj/fix_get_missing_events_errorErik Johnston2019-06-191-9/+19
|\ | | | | Handle the case of `get_missing_events` failing
| * Fix loglineErik Johnston2019-06-181-1/+1
| |
| * Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2019-06-1820-323/+1372
| |\ | | | | | | | | | erikj/fix_get_missing_events_error
| * | Handle the case of `get_missing_events` failingErik Johnston2019-04-101-9/+20
| | | | | | | | | | | | | | | | | | | | | Currently if a call to `/get_missing_events` fails we log an exception and stop processing the top level event we received over federation. Instead let's try and handle it sensibly given it is a somewhat expected failure mode.
* | | Merge pull request #5480 from matrix-org/erikj/extremities_dummy_eventsErik Johnston2019-06-191-1/+74
|\ \ \ | | | | | | | | Add experimental option to reduce extremities.
| * | | Run as background process and fix commentsErik Johnston2019-06-191-2/+5
| | | |
| * | | Add experimental option to reduce extremities.Erik Johnston2019-06-181-1/+71
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Adds new config option `cleanup_extremities_with_dummy_events` which periodically sends dummy events to rooms with more than 10 extremities. THIS IS REALLY EXPERIMENTAL.
* | | | Add some logging to 3pid invite sig verification (#5015)David Baker2019-06-181-8/+38
| |_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I had to add quite a lot of logging to diagnose a problem with 3pid invites - we only logged the one failure which isn't all that informative. NB. I'm not convinced the logic of this loop is right: I think it should just accept a single valid signature from a trusted source rather than fail if *any* signature is invalid. Also it should probably not skip the rest of middle loop if a check fails? However, I'm deliberately not changing the logic here.
* | | Add third party rules hook for 3PID invitesBrendan Abolivier2019-06-171-0/+10
| | |
* | | Add third party rules hook into create roomErik Johnston2019-06-171-1/+24
|/ /
* | Merge pull request #5385 from matrix-org/erikj/reduce_http_exceptionsErik Johnston2019-06-172-16/+17
|\ \ | | | | | | Handle HttpResponseException when using federation client.
| * | Handle HttpResponseException when using federation client.Erik Johnston2019-06-072-16/+17
| | | | | | | | | | | | Otherwise we just log exceptions everywhere.
* | | Merge pull request #5464 from matrix-org/erikj/3pid_remote_invite_stateErik Johnston2019-06-171-6/+0
|\ \ \ | | | | | | | | Fix 3PID invite room state over federation.
| * | | Fix 3PID invite room state over federation.Erik Johnston2019-06-141-6/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes that when a user exchanges a 3PID invite for a proper invite over federation it does not include the `invite_room_state` key. This was due to synapse incorrectly sending out two invite requests.
* | | | Merge pull request #5440 from matrix-org/babolivier/third_party_event_rulesBrendan Abolivier2019-06-142-4/+78
|\ \ \ \ | | | | | | | | | | Allow server admins to define implementations of extra rules for allowing or denying incoming events
| * | | | Add plugin APIs for implementations of custom event rules.Brendan Abolivier2019-06-142-4/+78
| |/ / /
* | | | Don't send renewal emails to deactivated usersBrendan Abolivier2019-06-142-0/+9
| | | |
* | | | Track deactivated accounts in the database (#5378)Brendan Abolivier2019-06-141-0/+4
|/ / /
* / / Fix defaults on checking threepidsErik Johnston2019-06-101-0/+1
|/ /
* | Add ability to perform password reset via email without trusting the ↵Andrew Morgan2019-06-062-14/+63
| | | | | | | | | | | | | | | | | | | | | | | | identity server (#5377) Sends password reset emails from the homeserver instead of proxying to the identity server. This is now the default behaviour for security reasons. If you wish to continue proxying password reset requests to the identity server you must now enable the email.trust_identity_server_for_password_resets option. This PR is a culmination of 3 smaller PRs which have each been separately reviewed: * #5308 * #5345 * #5368
* | Fix missing logcontext for PresenceHandler.on_shutdown. (#5369)Richard van der Hoff2019-06-061-1/+7
| | | | | | | | Fixes some warnings, and a scary-looking stacktrace when sytest kills the process.
* | Merge pull request #5089 from dnaf/m-heroes-empty-room-nameBrendan Abolivier2019-06-061-5/+4
|\ \ | | | | | | Make /sync return heroes if room name or canonical alias are empty
| * | Simplify conditionBrendan Abolivier2019-06-061-2/+2
| | |
| * | Simplify conditionBrendan Abolivier2019-06-051-3/+2
| | |
| * | Merge branch 'develop' into m-heroes-empty-room-nameBrendan Abolivier2019-06-0515-254/+832
| |\ \
| * | | LintKatie Wolfe2019-04-241-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | I probably should've just run autopep8 in the first place... Signed-off-by: Katie Wolfe <katie@dnaf.moe>
| * | | Clean up codeKatie Wolfe2019-04-241-2/+3
| | | | | | | | | | | | | | | | Signed-off-by: Katie Wolfe <katie@dnaf.moe>
| * | | Show heroes if room name or canonical alias are emptyKatie Wolfe2019-04-241-3/+4
| | | | | | | | | | | | | | | | | | | | | | | | Fixes #4194 Signed-off-by: Katie Wolfe <katie@dnaf.moe>
| * | | Show heroes if room name or canonical alias are emptyKatie Wolfe2019-04-241-5/+3
| | | | | | | | | | | | | | | | | | | | | | | | Fixes #4194 Signed-off-by: Katie Wolfe <katie@dnaf.moe>
* | | | Merge pull request #5355 from matrix-org/babolivier/heroes_left_membersBrendan Abolivier2019-06-061-15/+19
|\ \ \ \ | | | | | | | | | | Include left members in room summaries' heroes
| * | | | Do user_id != me checks before deciding whether we should pick heroes from ↵Brendan Abolivier2019-06-051-15/+19
| | |/ / | |/| | | | | | | | | | the joined members or the parted ones
* | | | Fix background updates to handle redactions/rejections (#5352)Erik Johnston2019-06-062-9/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Fix background updates to handle redactions/rejections In background updates based on current state delta stream we need to handle that we may not have all the events (or at least that `get_events` may raise an exception).
* | | | Add logging when request fails and clarify we ignore errors.Erik Johnston2019-06-051-4/+12
| | | |
* | | | Fix handling of failures when calling /event_auth.Erik Johnston2019-06-031-12/+38
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | When processing an incoming event over federation, we may try and resolve any unexpected differences in auth events. This is a non-essential process and so should not stop the processing of the event if it fails (e.g. due to the remote disappearing or not implementing the necessary endpoints). Fixes #3330
* | | Merge pull request #5309 from matrix-org/rav/limit_displayname_lengthRichard van der Hoff2019-06-012-0/+15
|\ \ \ | | | | | | | | Limit displaynames and avatar URLs
| * | | Limit displaynames and avatar URLsRichard van der Hoff2019-06-012-0/+15
| | | | | | | | | | | | | | | | | | | | | | | | These end up in join events everywhere, so let's limit them. Fixes #5079
* | | | Fix "db txn 'update_presence' from sentinel context" log messages (#5275)Richard van der Hoff2019-05-281-52/+47
| | | | | | | | | | | | | | | | | | | | Fixes #4414.
* | | | Merge pull request #5220 from matrix-org/erikj/dont_bundle_live_eventsErik Johnston2019-05-242-0/+6
|\ \ \ \ | | | | | | | | | | Don't bundle aggregations with events in /sync or /events or state queries
| * | | | Don't bundle aggs for /state and /members etc APIsErik Johnston2019-05-241-0/+3
| | | | |
| * | | | Don't bundle events in /sync or /eventsErik Johnston2019-05-211-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | As we'll send down the annotations too anyway, so this just ends up confusing clients.
* | | | | Add config option for setting homeserver's default room version (#5223)Andrew Morgan2019-05-231-2/+7
| | | | | | | | | | | | | | | | | | | | | | | | | Replaces DEFAULT_ROOM_VERSION constant with a method that first checks the config, then returns a hardcoded value if the option is not present. That hardcoded value is now located in the server.py config file.
* | | | | Simplifications and comments in do_auth (#5227)Richard van der Hoff2019-05-231-120/+181
| | | | | | | | | | | | | | | | | | | | | | | | | I was staring at this function trying to figure out wtf it was actually doing. This is (hopefully) a non-functional refactor which makes it a bit clearer.
* | | | | Room Statistics (#4338)Amber Brown2019-05-211-0/+325
| |/ / / |/| | |
* | | | Merge pull request #5212 from matrix-org/erikj/deny_multiple_reactionsErik Johnston2019-05-211-1/+15
|\ \ \ \ | | | | | | | | | | Block attempts to annotate the same event twice
| * | | | Fix wordsErik Johnston2019-05-211-3/+3
| | | | |
| * | | | Block attempts to annotate the same event twiceErik Johnston2019-05-201-1/+15
| |/ / /
* / / / Exclude soft-failed events from fwd-extremity candidates. (#5146)Richard van der Hoff2019-05-211-1/+6
|/ / / | | | | | | | | | | | | | | | | | | | | | When considering the candidates to be forward-extremities, we must exclude soft failures. Hopefully fixes #5090.
* | | Limit UserIds to a length that fits in a state key (#5198)ReidAnderson2019-05-201-1/+10
| | |
* | | fix mapping of return values for get_or_register_3pid_guest (#5177)bytepoets-blo2019-05-171-1/+1
| | | | | | | | | * fix mapping of return values for get_or_register_3pid_guest
* | | Add option to disable per-room profilesBrendan Abolivier2019-05-161-0/+9
| | |
* | | Make /sync attempt to return device updates for both joined and invited ↵Matthew Hodgson2019-05-161-19/+25
| | | | | | | | | | | | users (#3484)
* | | Make all the rate limiting options more consistent (#5181)Amber Brown2019-05-151-2/+2
| | |
* | | Allow client event serialization to be asyncErik Johnston2019-05-145-52/+71
| | |
* | | add options to require an access_token to GET /profile and /publicRooms on ↵Matthew Hodgson2019-05-081-0/+43
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | CS API (#5083) This commit adds two config options: * `restrict_public_rooms_to_local_users` Requires auth to fetch the public rooms directory through the CS API and disables fetching it through the federation API. * `require_auth_for_profile_requests` When set to `true`, requires that requests to `/profile` over the CS API are authenticated, and only returns the user's profile if the requester shares a room with the profile's owner, as per MSC1301. MSC1301 also specifies a behaviour for federation (only returning the profile if the server asking for it shares a room with the profile's owner), but that's currently really non-trivial to do in a not too expensive way. Next step is writing down a MSC that allows a HS to specify which user sent the profile query. In this implementation, Synapse won't send a profile query over federation if it doesn't believe it already shares a room with the profile's owner, though. Groups have been intentionally omitted from this commit.
* | | Do checks on aliases for incoming m.room.aliases events (#5128)Brendan Abolivier2019-05-082-4/+33
| | | | | | | | | | | | | | | Follow-up to #5124 Also added a bunch of checks to make sure everything (both the stuff added on #5124 and this PR) works as intended.
* | | Merge pull request #5104 from matrix-org/erikj/ratelimit_3pid_inviteErik Johnston2019-05-071-0/+11
|\ \ \ | | | | | | | | Ratelimit 3pid invites
| * | | Rate limit earlyErik Johnston2019-05-021-2/+3
| | | |
| * | | Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2019-04-263-0/+263
| |\ \ \ | | | | | | | | | | | | | | | erikj/ratelimit_3pid_invite
| * | | | Ratelimit 3pid invitesErik Johnston2019-04-261-0/+10
| | | | | | | | | | | | | | | | | | | | | | | | | We do ratelimit sending the 3PID invite events, but that happens after spamming the identity server.
* | | | | Add some limitations to alias creationBrendan Abolivier2019-05-022-2/+23
| |/ / / |/| | |
* | | | Fix infinite loop in presence handlerRichard van der Hoff2019-04-261-0/+5
| |/ / |/| | | | | | | | Fixes #5102
* | | Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2019-04-1715-237/+275
|\ \ \ | | | | | | | | | | | | babolivier/account_expiration
| * \ \ Merge pull request #5047 from matrix-org/babolivier/account_expirationBrendan Abolivier2019-04-171-0/+228
| |\ \ \ | | |_|/ | |/| | Send out emails with links to extend an account's validity period
| * | | Add config option to block users from looking up 3PIDs (#5010)Brendan Abolivier2019-04-041-0/+5
| | |/ | |/|
| * | Prevent kicking users who aren't in the room (#4999)Andrew Morgan2019-04-041-0/+9
| | | | | | | | | Prevent kick events from succeeding if the user is not currently in the room.
| * | Fix grammar and document get_current_users_in_room (#4998)Andrew Morgan2019-04-038-14/+14
| | |
| * | Remove presence lists (#4989)Neil Johnson2019-04-031-165/+2
| | | | | | | | | Remove presence list support as per MSC 1819
| * | Merge pull request #4982 from matrix-org/erikj/msc1915Erik Johnston2019-04-033-15/+71
| |\ \ | | | | | | | | Implement MSC1915 - 3PID unbind APIs
| | * | Correctly handle id_server paramErik Johnston2019-04-021-0/+1
| | | |
| | * | Remove threepid binding if id server returns 400/404/501Erik Johnston2019-04-021-9/+10
| | | |
| | * | Fixup docstringsErik Johnston2019-04-021-2/+4
| | | |
| | * | Allowing specifying IS to use in unbind API.Erik Johnston2019-04-013-7/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | By default the homeserver will use the identity server used during the binding of the 3PID to unbind the 3PID. However, we need to allow clients to explicitly ask the homeserver to unbind via a particular identity server, for the case where the 3PID was bound out of band from the homeserver. Implements MSC915.
| | * | For unbind poke IS used during binding of 3PIDErik Johnston2019-04-011-9/+35
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This changes the behaviour from using the server specified trusted identity server to using the IS that used during the binding of the 3PID, if known. This is the behaviour specified by MSC1915.
| | * | Track IS used to bind 3PIDsErik Johnston2019-04-011-0/+15
| | | | | | | | | | | | | | | | | | | | This will then be used to know which IS to default to when unbinding the threepid.
| * | | Transfer related groups on room upgrade (#4990)Andrew Morgan2019-04-021-0/+1
| | | | | | | | | | | | Transfers the m.room.related_groups state event on room upgrade.
| * | | Collect room-version variations into one place (#4969)Richard van der Hoff2019-04-013-18/+13
| |/ / | | | | | | | | | Collect all the things that make room-versions different to one another into one place, so that it's easier to define new room versions.
| * | Allow password providers to bind emails (#4947)Andrew Morgan2019-03-281-0/+17
| | | | | | | | | This PR allows password provider modules to bind email addresses when a user is registering and is motivated by matrix-org/matrix-synapse-ldap3#58
| * | Use an assertErik Johnston2019-03-281-2/+1
| | |
| * | Review commentsErik Johnston2019-03-281-44/+62
| | |
| * | Use event streams to calculate presenceErik Johnston2019-03-271-29/+130
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Primarily this fixes a bug in the handling of remote users joining a room where the server sent out the presence for all local users in the room to all servers in the room. We also change to using the state delta stream, rather than the distributor, as it will make it easier to split processing out of the master process (as well as being more flexible). Finally, when sending presence states to newly joined servers we filter out old presence states to reduce the number sent. Initially we filter out states that are offline and have a last active more than a week ago, though this can be changed down the line. Fixes #3962
* | | Add management endpoints for account validityBrendan Abolivier2019-04-171-4/+29
| |/ |/|
* | Send out emails with links to extend an account's validity periodBrendan Abolivier2019-04-171-0/+228
|/
* Support 3PID login in password providers (#4931)Andrew Morgan2019-03-263-8/+51
| | | | | Adds a new method, check_3pid_auth, which gives password providers the chance to allow authentication with third-party identifiers such as email or msisdn.
* Refactor out state delta handling into its own class (#4917)Amber Brown2019-03-252-46/+75
|
* Merge pull request #4908 from matrix-org/erikj/block_peek_on_blocked_roomsErik Johnston2019-03-212-2/+11
|\ | | | | Deny peeking into rooms that have been blocked
| * Deny peeking into rooms that have been blockedErik Johnston2019-03-212-2/+11
| |
* | Merge pull request #4904 from matrix-org/erikj/fix_shutdownErik Johnston2019-03-214-2/+13
|\| | | | | Fixup shutdown room API
| * Revert spurious deleteErik Johnston2019-03-201-0/+4
| |
| * Use flagsErik Johnston2019-03-204-13/+13
| |
| * Move requester check into assert_accepted_privacy_policyErik Johnston2019-03-201-5/+8
| |
| * Only require consent for events with an associated requestErik Johnston2019-03-201-1/+5
| | | | | | | | | | | | | | | | | | There are a number of instances where a server or admin may puppet a user to join/leave rooms, which we don't want to fail if the user has not consented to the privacy policy. We fix this by adding a check to test if the requester has an associated access_token, which is used as a proxy to answer the question of whether the action is being done on behalf of a real request from the user.
* | Merge pull request #4896 from matrix-org/erikj/disable_room_directoryErik Johnston2019-03-212-0/+22
|\ \ | |/ |/| Add option to disable search room lists
| * Disable publishing to room list when its disabledErik Johnston2019-03-201-0/+8
| |
| * Pull out config optionErik Johnston2019-03-201-3/+3
| |
| * Return before we logErik Johnston2019-03-201-4/+5
| |
| * Add option to disable search room listsErik Johnston2019-03-191-0/+13
| | | | | | | | This disables both local and remote room list searching.
* | Batch up outgoing read-receipts to reduce federation traffic. (#4890)Richard van der Hoff2019-03-201-1/+1
|/ | | | Rate-limit outgoing read-receipts as per #4730.
* fix test_auto_create_auto_join_where_no_consent (#4886)Neil Johnson2019-03-192-3/+15
|
* Migrate the user directory initial population to a background task (#4864)Amber Brown2019-03-191-160/+13
|
* Add ratelimiting on failed login attempts (#4865)Brendan Abolivier2019-03-181-5/+23
|
* Add ratelimiting on login (#4821)Brendan Abolivier2019-03-152-2/+38
| | | Add two ratelimiters on login (per-IP address and per-userID).
* Merge pull request #4852 from matrix-org/rav/move_rr_sending_to_workerRichard van der Hoff2019-03-151-55/+24
|\ | | | | Move client receipt processing to federation sender worker.
| * Move client receipt processing to federation sender worker.Richard van der Hoff2019-03-131-33/+4
| | | | | | | | | | This is mostly a prerequisite for #4730, but also fits with the general theme of "move everything off the master that we possibly can".
| * declare a ReadReceipt classRichard van der Hoff2019-03-131-24/+22
| | | | | | | | | | I'm going to use this in queues and things, so it'll be useful to give it more of a structure.
* | Merge pull request #4846 from matrix-org/hawkowl/userdir-searchErik Johnston2019-03-141-48/+77
|\ \ | |/ |/| Improve searching in the userdir
| * fixupAmber Brown2019-03-131-1/+1
| |
| * fixupAmber Brown2019-03-121-47/+70
| |
| * fixesAmber Brown2019-03-121-39/+6
| |
| * initialAmber Brown2019-03-111-1/+40
| |
* | Transfer local user's push rules on room upgrade (#4838)Andrew Morgan2019-03-121-0/+4
|/ | | Transfer push rules (notifications) on room upgrade
* Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2019-03-084-205/+155
|\ | | | | | | erikj/soft_fail_impl
| * Merge pull request #4829 from matrix-org/erikj/device_list_seen_updatesErik Johnston2019-03-081-3/+7
| |\ | | | | | | When re-syncing device lists reset the state
| | * When re-syncing device lists reset the stateErik Johnston2019-03-071-3/+7
| | | | | | | | | | | | | | | | | | | | | We keep track of what stream IDs we've seen so that we know what updates we've handled or missed. If we re-sync we don't know if the updates we've seen are included in the re-sync (there may be a race), so we should reset the seen updates.
| * | Add some debug logging for device list handlingErik Johnston2019-03-071-2/+38
| |/
| * Rewrite userdir to be faster (#4537)Amber Brown2019-03-071-185/+37
| |
| * Merge pull request #4815 from matrix-org/erikj/docstringsErik Johnston2019-03-061-7/+26
| |\ | | | | | | Add docstrings from matrix-org-hotfixes
| | * Add docstrings from matrix-org-hotfixesErik Johnston2019-03-061-7/+26
| | |
| * | Port #4422 debug logging from hotfixesErik Johnston2019-03-061-7/+46
| |/
| * Make registration ratelimiter separate from the main events oneBrendan Abolivier2019-03-061-1/+1
| |
| * Revert "Split ratelimiters in two (one for events, one for registration)"Brendan Abolivier2019-03-063-3/+3
| | | | | | | | This reverts commit d7dbad3526136cfc9fdbd568635be5016fb637db.
| * Split ratelimiters in two (one for events, one for registration)Brendan Abolivier2019-03-053-3/+3
| |
* | Factor out soft fail checksErik Johnston2019-03-081-5/+22
| |
* | Implement soft failErik Johnston2019-03-061-1/+76
|/
* Add rate-limiting on registration (#4735)Brendan Abolivier2019-03-052-10/+33
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Rate-limiting for registration * Add unit test for registration rate limiting * Add config parameters for rate limiting on auth endpoints * Doc * Fix doc of rate limiting function Co-Authored-By: babolivier <contact@brendanabolivier.com> * Incorporate review * Fix config parsing * Fix linting errors * Set default config for auth rate limiting * Fix tests * Add changelog * Advance reactor instead of mocked clock * Move parameters to registration specific config and give them more sensible default values * Remove unused config options * Don't mock the rate limiter un MAU tests * Rename _register_with_store into register_with_store * Make CI happy * Remove unused import * Update sample config * Fix ratelimiting test for py2 * Add non-guest test
* Merge pull request #4699 from matrix-org/erikj/stop_fed_not_in_roomErik Johnston2019-03-051-0/+46
|\ | | | | Stop backpaginating when events not visible
| * clarify commentsErik Johnston2019-03-051-8/+11
| |
| * Only check history visibility when filteringErik Johnston2019-03-041-1/+3
| | | | | | | | | | | | When filtering events to send to server we check more than just history visibility. However when deciding whether to backfill or not we only care about the history visibility.
| * s/get_forward_events/get_successor_events/Erik Johnston2019-03-041-1/+1
| |
| * Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2019-03-046-52/+137
| |\ | | | | | | | | | erikj/stop_fed_not_in_room
| * | Update commentsErik Johnston2019-02-271-3/+13
| | |
| * | Stop backpaginating when events not visibleErik Johnston2019-02-201-0/+31
| | |
* | | Merge pull request #4796 from matrix-org/erikj/factor_out_e2e_keysErik Johnston2019-03-051-168/+174
|\ \ \ | | | | | | | | Allow /keys/{changes,query} API to run on worker
| * | | Allow /keys/{changes,query} API to run on workerErik Johnston2019-03-041-2/+2
| | | |
| * | | Split DeviceHandler into master and workerErik Johnston2019-03-041-168/+174
| | | |
* | | | Clean up read-receipt handling.Richard van der Hoff2019-03-041-59/+44
|/ / / | | | | | | | | | | | | | | | | | | Remove a call to run_as_background_process: there is no need to run this as a background process, because build_and_send_edu does not block. We may as well inline the whole of _push_remotes.
* | / Avoid rebuilding Edu objects in worker mode (#4770)Richard van der Hoff2019-03-043-5/+5
| |/ |/| | | | | | | In worker mode, on the federation sender, when we receive an edu for sending over the replication socket, it is parsed into an Edu object. There is no point extracting the contents of it so that we can then immediately build another Edu.
* | Fix incorrect log about not persisting duplicate state event. (#4776)Richard van der Hoff2019-03-011-3/+4
| | | | | | We were logging this when it was not true.
* | Merge branch 'develop' of github.com:matrix-org/synapse into ↵Andrew Morgan2019-02-2621-482/+1672
|\ \ | | | | | | | | | anoa/public_rooms_federate_develop
| * | Revert "Prevent showing non-fed rooms in fed /publicRooms"Andrew Morgan2019-02-261-65/+11
| | |
| * | Merge pull request #4736 from matrix-org/anoa/public_rooms_federateAndrew Morgan2019-02-261-11/+65
| |\ \ | | | | | | | | Config option to prevent showing non-fed rooms in fed /publicRooms
| | * | Cleaner chunk logicAndrew Morgan2019-02-261-5/+4
| | | |
| | * | Correct indentAndrew Morgan2019-02-261-3/+3
| | | |
| | * | Correct docstring types and chunk logicAndrew Morgan2019-02-261-10/+11
| | | |
| | * | Clean up room chunk logicAndrew Morgan2019-02-261-6/+8
| | | |
| | * | Make not showing non-federated rooms the defaultAndrew Morgan2019-02-261-1/+1
| | | |
| | * | Result may be NoneAndrew Morgan2019-02-261-1/+1
| | | |
| | * | Address rich commentsAndrew Morgan2019-02-261-6/+30
| | | |
| | * | elif not else ifAndrew Morgan2019-02-251-1/+1
| | | |
| | * | syntax derpAndrew Morgan2019-02-251-1/+1
| | | |
| | * | Simplify call to generate_room_entryAndrew Morgan2019-02-251-17/+13
| | | |
| | * | Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2019-02-2521-477/+1620
| | |\ \ | | | | | | | | | | | | | | | anoa/public_rooms_federate
| | * | | Docs and arg name clarificationAndrew Morgan2019-02-251-2/+15
| | | | |
| | * | | Don't restrict non-fed rooms over client APIsAndrew Morgan2019-02-251-11/+18
| | | | |
| | * | | Config option to prevent showing non-fed rooms in fed /publicRoomsAndrew Morgan2019-02-251-2/+15
| | | | |
| * | | | switch from google.com to recaptcha.net for reCAPTCHA (#4731)Matthew Hodgson2019-02-251-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * add trivial clarification about jemalloc * switch from google.com to recaptcha.net because https://developers.google.com/recaptcha/docs/faq#can-i-use-recaptcha-globally
| * | | | Merge pull request #4737 from matrix-org/erikj/failure_log_tbErik Johnston2019-02-251-1/+5
| |\ \ \ \ | | | | | | | | | | | | Log tracebacks correctly
| | * | | | Log tracebacks correctlyErik Johnston2019-02-251-1/+5
| | | |/ / | | |/| |
| * | | | Fix typoErik Johnston2019-02-251-1/+1
| | | | |
| * | | | More commentsErik Johnston2019-02-251-0/+4
| | | | |
| * | | | Assert rather than clobber the valuesErik Johnston2019-02-251-2/+2
| | | | |
| * | | | Add comments and paranoiaErik Johnston2019-02-251-2/+23
| | | | |
| * | | | Fix backfill storing incorrect state for eventsErik Johnston2019-02-221-1/+4
| |/ / /
| * | | Run push_receipts_to_remotes as background job (#4707)Richard van der Hoff2019-02-211-34/+34
| | | | | | | | | | | | I suspect the CPU usage metrics for this are going to /dev/null at the moment.
| * | | Merge pull request #4263 from rkfg/developErik Johnston2019-02-211-1/+1
| |\ \ \ | | |_|/ | |/| | Prevent crash on pagination.
| | * | Prevent crash on pagination.rkfg2018-12-061-1/+1
| | | |
| * | | Fix registration on workers (#4682)Erik Johnston2019-02-203-8/+196
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Move RegistrationHandler init to HomeServer * Move post registration actions to RegistrationHandler * Add post regisration replication endpoint * Newsfile
| * | | Merge pull request #4652 from matrix-org/babolivier/acme-delegatedBrendan Abolivier2019-02-191-4/+5
| |\ \ \ | | | | | | | | | | Support .well-known delegation when issuing certificates through ACME
| | * | | Fetch ACME domain into an instance memberBrendan Abolivier2019-02-191-4/+5
| | | | |
| | * | | Use a configuration parameter to give the domain to generate a certificate forBrendan Abolivier2019-02-181-25/+4
| | | | |
| | * | | Merge branch 'develop' into babolivier/acme-delegatedBrendan Abolivier2019-02-183-10/+35
| | |\ \ \
| | * | | | Typo in info logAndrew Morgan2019-02-181-1/+1
| | | | | | | | | | | | | | | | | | Co-Authored-By: babolivier <contact@brendanabolivier.com>
| | * | | | Various cosmetics to make TravisCI happyBrendan Abolivier2019-02-151-2/+5
| | | | | |
| | * | | | Remove unused importBrendan Abolivier2019-02-151-1/+0
| | | | | |
| | * | | | Support .well-known delegation when issuing certificates through ACMEBrendan Abolivier2019-02-151-4/+23
| | | | | |
| * | | | | Merge pull request #4642 from matrix-org/anoa/bans_room_upgradeAndrew Morgan2019-02-191-0/+22
| |\ \ \ \ \ | | | | | | | | | | | | | | Transfer bans on room upgrade
| | * | | | | lintAndrew Morgan2019-02-181-1/+3
| | | | | | |
| | * | | | | Move member event processing and changelog fixAndrew Morgan2019-02-181-9/+7
| | | | | | |
| | * | | | | Membership events are done laterAndrew Morgan2019-02-181-12/+20
| | | | | | |
| | * | | | | Transfer bans on room upgradeAndrew Morgan2019-02-181-0/+14
| | |/ / / /
| * | | | | Merge pull request #4666 from matrix-org/erikj/register_login_splitErik Johnston2019-02-181-8/+106
| |\ \ \ \ \ | | | | | | | | | | | | | | Split out registration to worker
| | * | | | | Move register_device into handlerErik Johnston2019-02-181-4/+47
| | | | | | |
| | * | | | | Split out registration to workerErik Johnston2019-02-181-4/+59
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This allows registration to be handled by a worker, though the actual write to the database still happens on master. Note: due to the in-memory session map all registration requests must be handled by the same worker.
| * | | | | | Merge pull request #4668 from matrix-org/erikj/catch_exceptionsErik Johnston2019-02-181-5/+9
| |\ \ \ \ \ \ | | | | | | | | | | | | | | | | Correctly handle HttpResponseException when handling device updates
| | * | | | | | pep8Erik Johnston2019-02-181-1/+5
| | | | | | | |
| | * | | | | | Correctly handle HttpResponseExceptionErik Johnston2019-02-181-4/+4
| | | |_|/ / / | | |/| | | |
| * | | | | | Merge pull request #4667 from matrix-org/erikj/fix_revoke_guest_access_workersErik Johnston2019-02-181-1/+1
| |\ \ \ \ \ \ | | |/ / / / / | |/| | | | | Fix kicking guest users in worker mode
| | * | | | | Fix kicking guest users in worker modeErik Johnston2019-02-181-1/+1
| | |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When guest_access changes from allowed to forbidden all local guest users should be kicked from the room. This did not happen when revocation was received from federation on a worker. Presumably broken in #4141
| * | | | | Merge pull request #4643 from matrix-org/erikj/catch_exceptionsErik Johnston2019-02-182-5/+11
| |\ \ \ \ \ | | |/ / / / | |/| | | | Correctly handle RequestSendFailed exceptions
| | * | | | Correctly handle RequestSendFailed exceptionsErik Johnston2019-02-142-5/+11
| | |/ / / | | | | | | | | | | | | | | | This mainly reduces the number of exceptions we log.
| * | | | Only fetch aliases when publishing roomsErik Johnston2019-02-141-15/+15
| | | | |
| * | | | Add configurable room list publishing rulesErik Johnston2019-02-141-5/+24
| |/ / / | | | | | | | | | | | | | | | | This allows specifying who and what is allowed to be published onto the public room list
| * | | Run `black` on user directory code (#4635)Amber Brown2019-02-131-44/+50
| | | |
| * | | Merge pull request #4608 from matrix-org/anoa/acls_room_upgradeErik Johnston2019-02-121-0/+1
| |\ \ \ | | | | | | | | | | Transfer Server ACLs on room upgrade
| | * | | Transfer Server ACLs on room upgradeAndrew Morgan2019-02-111-0/+1
| | | | |
| * | | | make sure version is in body and wrap in linearizer queueHubert Chathi2019-02-081-11/+26
| | | | | | | | | | | | | | | | | | | | also add tests
| * | | | re-try to make isort happyHubert Chathi2019-02-061-1/+1
| | | | |
| * | | | fix import to make isort happyHubert Chathi2019-02-061-2/+7
| | | | |
| * | | | add new endpoint to update backup versionsHubert Chathi2019-02-061-1/+33
| | | | |
| * | | | return proper error codes for some 404sHubert Chathi2019-02-061-4/+16
| |/ / /
| * | | Merge pull request #4530 from matrix-org/anoa/room_upgrade_federatableAndrew Morgan2019-01-311-0/+10
| |\ \ \ | | | | | | | | | | Copy over non-federatable trait on room upgrade
| | * | | New function for getting room's create eventAndrew Morgan2019-01-311-7/+1
| | | | |
| | * | | Merge branch 'develop' of github.com:matrix-org/synapse into ↵Andrew Morgan2019-01-311-1/+13
| | |\ \ \ | | | | | | | | | | | | | | | | | | anoa/room_upgrade_federatable
| | * | | | lintAndrew Morgan2019-01-311-2/+4
| | | | | |
| | * | | | Copy over non-federatable trait on room upgradeAndrew Morgan2019-01-301-0/+14
| | | | | |
| * | | | | Add some debug for membership syncing issues (#4538)Richard van der Hoff2019-01-311-2/+11
| | |/ / / | |/| | | | | | | | I can't figure out what's going on with #4422 and #4436; perhaps this will help.
| * | | | Fix remote invite rejections not comming down syncErik Johnston2019-01-301-1/+13
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This was broken in PR #4405, commit 886e5ac, where we changed remote rejections to be outliers. The fix is to explicitly add the leave event in when we know its an out of band invite. We can't always add the event as if the server is/was in the room there might be more events to send down the sync than just the leave.
| * | | ACME config cleanups (#4525)Richard van der Hoff2019-01-301-12/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Handle listening for ACME requests on IPv6 addresses the weird url-but-not-actually-a-url-string doesn't handle IPv6 addresses without extra quoting. Building a string which you are about to parse again seems like a weird choice. Let's just use listenTCP, which is consistent with what we do elsewhere. * Clean up the default ACME config make it look a bit more consistent with everything else, and tweak the defaults to listen on port 80. * newsfile
| * | | Fix flake8 (#4519)Amber Brown2019-01-302-3/+3
| | | |
| * | | Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2019-01-292-1/+10
| |\ \ \ | | | | | | | | | | | | | | | erikj/redactions_eiah
| | * | | Use snder and not event ID domain to check if oursErik Johnston2019-01-291-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The transaction queue only sends out events that we generate. This was done by checking domain of event ID, but that can no longer be used. Instead, we may as well use the sender field.
| | * | | Remove event ID usage when checking if new roomErik Johnston2019-01-291-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | The event ID is changing, so we can no longer get the domain from it. On the other hand, the check is unnecessary.
| * | | | Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2019-01-292-29/+7
| |\| | | | | | | | | | | | | | | | | | erikj/redactions_eiah
| | * | | Merge pull request #4481 from matrix-org/erikj/event_builderErik Johnston2019-01-291-28/+6
| | |\ \ \ | | | | | | | | | | | | Refactor event building into EventBuilder
| | | * | | Correctly set context.app_serviceErik Johnston2019-01-291-0/+2
| | | | | |
| | | * | | Refactor event building into EventBuilderErik Johnston2019-01-291-29/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is so that everything is done in one place, making it easier to change the event format based on room version
| | * | | | Fixup calls to `comput_event_signature`Erik Johnston2019-01-291-1/+1
| | |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We currently pass FrozenEvent instead of `dict` to `compute_event_signature`, which works by accident due to `dict(event)` producing the correct result. This fixes PR #4493 commit 855a151
| * / / / Implement rechecking of redactionsErik Johnston2019-01-291-1/+5
| |/ / /
| * | | Merge pull request #4494 from matrix-org/erikj/fixup_event_validatorErik Johnston2019-01-292-3/+8
| |\ \ \ | | | | | | | | | | Split up event validation between event and builder