summary refs log tree commit diff
path: root/synapse/handlers (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Re-implement unread counts (again) (#8059)Brendan Abolivier2020-09-021-15/+18
|
* Add experimental support for sharding event persister. (#8170)Erik Johnston2020-09-024-32/+47
| | | | | | This is *not* ready for production yet. Caveats: 1. We should write some tests... 2. The stream token that we use for events can get stalled at the minimum position of all writers. This means that new events may not be processed and e.g. sent down sync streams if a writer isn't writing or is slow.
* Fix errors when updating the user directory with invalid data (#8223)Patrick Cloke2020-09-012-1/+13
|
* Convert additional databases to async/await part 2 (#8200)Patrick Cloke2020-09-012-20/+5
|
* Move and rename `get_devices_with_keys_by_user` (#8204)Richard van der Hoff2020-09-011-1/+3
| | | | | | | | | | | | | | | | | | * Move `get_devices_with_keys_by_user` to `EndToEndKeyWorkerStore` this seems a better fit for it. This commit simply moves the existing code: no other changes at all. * Rename `get_devices_with_keys_by_user` to better reflect what it does. * get_device_stream_token abstract method To avoid referencing fields which are declared in the derived classes, make `get_device_stream_token` abstract, and define that in the classes which define `_device_list_id_gen`.
* Rename `get_e2e_device_keys` to better reflect its purpose (#8205)Richard van der Hoff2020-08-291-2/+2
| | | | | | | | | | | ... and to show that it does something slightly different to `_get_e2e_device_keys_txn`. `include_all_devices` and `include_deleted_devices` were never used (and `include_deleted_devices` was broken, since that would cause `None`s in the result which were not handled in the loop below. Add some typing too.
* Convert ReadWriteLock to async/await. (#8202)Patrick Cloke2020-08-281-23/+26
|
* Convert state and stream stores and related code to async (#8194)Patrick Cloke2020-08-281-1/+1
|
* Ensure that the OpenID Connect remote ID is a string. (#8190)Patrick Cloke2020-08-281-0/+3
|
* Convert additional database code to async/await. (#8195)Patrick Cloke2020-08-281-2/+2
|
* Define StateMap as immutable and add a MutableStateMap type. (#8183)Patrick Cloke2020-08-283-9/+19
|
* Move and refactor LoginRestServlet helper methods (#8182)Andrew Morgan2020-08-281-1/+87
| | | | | | | This is split out from https://github.com/matrix-org/synapse/pull/7438, which had gotten rather large. `LoginRestServlet` has a couple helper methods, `login_submission_legacy_convert` and `login_id_thirdparty_from_phone`. They're primarily used for converting legacy user login submissions to "identifier" dicts ([see spec](https://matrix.org/docs/spec/client_server/r0.6.1#post-matrix-client-r0-login)). Identifying information such as usernames or 3PID information used to be top-level in the login body. They're now supposed to be put inside an [identifier](https://matrix.org/docs/spec/client_server/r0.6.1#identifier-types) parameter instead. #7438's purpose is to allow using the new identifier parameter during User-Interactive Authentication, which is currently handled in AuthHandler. That's why I've moved these helper methods there. I also moved the refactoring of these method from #7438 as they're relevant.
* Convert simple_update* and simple_select* to async (#8173)Patrick Cloke2020-08-271-4/+2
|
* Do not propagate typing notifications from shadow-banned users. (#8176)Patrick Cloke2020-08-261-5/+16
|
* Remove unused parameter from, and add safeguard in, get_room_data (#8174)Andrew Morgan2020-08-261-8/+12
| | | | | | Small cleanup PR. * Removed the unused `is_guest` argument * Added a safeguard to a (currently) impossible code path, fixing static checking at the same time.
* Do not propagate profile changes of shadow-banned users into rooms. (#8157)Patrick Cloke2020-08-262-3/+16
|
* Do not allow send_nonmember_event to be called with shadow-banned users. (#8158)Patrick Cloke2020-08-251-5/+34
|
* Merge tag 'v1.19.1rc1' into developBrendan Abolivier2020-08-251-21/+25
|\ | | | | | | | | | | | | | | | | | | | | Synapse 1.19.1rc1 (2020-08-25) ============================== Bugfixes -------- - Fix a bug introduced in v1.19.0 where appservices with ratelimiting disabled would still be ratelimited when joining rooms. ([\#8139](https://github.com/matrix-org/synapse/issues/8139)) - Fix a bug introduced in v1.19.0 that would cause e.g. profile updates to fail due to incorrect application of rate limits on join requests. ([\#8153](https://github.com/matrix-org/synapse/issues/8153))
| * Fix join ratelimiter breaking profile updates and idempotency (#8153)Brendan Abolivier2020-08-241-21/+25
| |
| * Do not apply ratelimiting on joins to appservices (#8139)Will Hunt2020-08-241-6/+8
| | | | | | | | | | | | Add new method ratelimiter.can_requester_do_action and ensure that appservices are exempt from being ratelimited. Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> Co-authored-by: Erik Johnston <erik@matrix.org>
* | Add type hints for state. (#8140)Patrick Cloke2020-08-243-15/+21
| |
* | Stop shadow-banned users from sending non-member events. (#8142)Patrick Cloke2020-08-243-1/+34
| |
* | Allow capping a room's retention policy (#8104)Brendan Abolivier2020-08-241-7/+29
| |
* | Do not apply ratelimiting on joins to appservices (#8139)Will Hunt2020-08-211-6/+8
| | | | | | | | | | | | Add new method ratelimiter.can_requester_do_action and ensure that appservices are exempt from being ratelimited. Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> Co-authored-by: Erik Johnston <erik@matrix.org>
* | Allow denying or shadow banning registrations via the spam checker (#8034)Patrick Cloke2020-08-205-8/+76
| |
* | Stop shadow-banned users from sending invites. (#8095)Patrick Cloke2020-08-202-4/+74
| |
* | Improve the error code when trying to register using a name reserved for ↵Patrick Cloke2020-08-201-1/+3
| | | | | | | | guests. (#8135)
* | Use the JSON encoder without whitespace in more places. (#8124)Patrick Cloke2020-08-201-3/+2
| |
* | Be stricter about JSON that is accepted by Synapse (#8106)Patrick Cloke2020-08-195-15/+14
| |
* | Convert events worker database to async/await. (#8071)Patrick Cloke2020-08-183-15/+9
| |
* | Fix the return type of send_nonmember_events. (#8112)Patrick Cloke2020-08-181-1/+1
| |
* | Return the previous stream token if a non-member event is a duplicate. (#8093)Patrick Cloke2020-08-181-10/+15
| |
* | Use the default templates when a custom template file cannot be found (#8037)Andrew Morgan2020-08-173-28/+9
| | | | | | Fixes https://github.com/matrix-org/synapse/issues/6583
* | Convert stream database to async/await. (#8074)Patrick Cloke2020-08-171-1/+1
| |
* | Add a shadow-banned flag to users. (#8092)Patrick Cloke2020-08-141-0/+8
| |
* | Add type hints to synapse.handlers.room (#8090)Erik Johnston2020-08-141-38/+66
| |
* | Run `remove_push_actions_from_staging` in foreground (#8081)Richard van der Hoff2020-08-131-3/+1
|/ | | | | | | If we got an error persisting an event, we would try to remove the push actions asynchronously, which would lead to a 'Re-starting finished log context' warning. I don't think there's any need for this to be asynchronous.
* Add type hints to handlers.message and events.builder (#8067)Erik Johnston2020-08-122-13/+21
|
* Merge remote-tracking branch 'origin/develop' into erikj/type_serverErik Johnston2020-08-112-10/+36
|\
| * Add typing info to Notifier (#8058)Erik Johnston2020-08-111-4/+0
| |
| * Implement login blocking based on SAML attributes (#8052)Richard van der Hoff2020-08-111-6/+36
| | | | | | | | | | | | | | Hopefully this mostly speaks for itself. I also did a bit of cleaning up of the error handling. Fixes #8047
* | Change HomeServer definition to work with typing.Erik Johnston2020-08-111-3/+5
|/ | | | | | | | | | Duplicating function signatures between server.py and server.pyi is silly. This commit changes that by changing all `build_*` methods to `get_*` methods and changing the `_make_dependency_method` to work work as a descriptor that caches the produced value. There are some changes in other files that were made to fix the typing in server.py.
* Add an assertion on prev_events in create_new_client_event (#8041)Richard van der Hoff2020-08-101-0/+9
| | | | | | I think this would have caught all the cases in https://github.com/matrix-org/synapse/issues/7642 - and I think a 500 makes more sense here than a 403
* Revert #7736 (#8039)Brendan Abolivier2020-08-061-6/+0
|
* Convert synapse.api to async/await (#8031)Patrick Cloke2020-08-062-2/+2
|
* Convert run_as_background_process inner function to async. (#8032)Patrick Cloke2020-08-061-1/+1
|
* Improve performance of the register endpoint (#8009)Patrick Cloke2020-08-061-7/+12
|
* Rename database classes to make some sense (#8033)Erik Johnston2020-08-053-4/+4
|
* Convert streams to async. (#8014)Patrick Cloke2020-08-045-10/+10
|
* Remove signature check on v1 identity server lookups (#8001)Andrew Morgan2020-08-031-31/+3
| | | | | | | We've [decided](https://github.com/matrix-org/synapse/issues/5253#issuecomment-665976308) to remove the signature check for v1 lookups. The signature check has been removed in v2 lookups. v1 lookups are currently deprecated. As mentioned in the above linked issue, this verification was causing deployments for the vector.im and matrix.org IS deployments, and this change is the simplest solution, without being unjustified. Implementations are encouraged to use the v2 lookup API as it has [increased privacy benefits](https://github.com/matrix-org/matrix-doc/pull/2134).
* Prevent join->join membership transitions changing member count (#7977)Andrew Morgan2020-08-031-1/+1
| | | | | | | | | | | `StatsHandler` handles updates to the `current_state_delta_stream`, and updates room stats such as the amount of state events, joined users, etc. However, it counts every new join membership as a new user entering a room (and that user being in another room), whereas it's possible for a user's membership status to go from join -> join, for instance when they change their per-room profile information. This PR adds a check for join->join membership transitions, and bails out early, as none of the further checks are necessary at that point. Due to this bug, membership stats in many rooms have ended up being wildly larger than their true values. I am not sure if we also want to include a migration step which recalculates these statistics (possibly using the `_populate_stats_process_rooms` bg update). Bug introduced in the initial implementation https://github.com/matrix-org/synapse/pull/4338.
* Convert replication code to async/await. (#7987)Patrick Cloke2020-08-031-1/+1
|
* Convert ACME code to async/await. (#7989)Patrick Cloke2020-08-031-7/+4
|
* Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2020-07-316-37/+56
|\ | | | | | | erikj/add_rate_limiting_to_joins
| * Fix invite rejection when we have no forward-extremeties (#7980)Richard van der Hoff2020-07-301-8/+21
| | | | | | | | | | | | | | | | | | | | Thanks to some slightly overzealous cleanup in the `delete_old_current_state_events`, it's possible to end up with no `event_forward_extremities` in a room where we have outstanding local invites. The user would then get a "no create event in auth events" when trying to reject the invite. We can hack around it by using the dangling invite as the prev event.
| * Convert federation client to async/await. (#7975)Patrick Cloke2020-07-301-21/+14
| |
| * Convert appservice to async. (#7973)Patrick Cloke2020-07-301-5/+5
| |
| * Add additional logging for SAML sessions. (#7971)Patrick Cloke2020-07-291-0/+3
| |
| * Re-implement unread counts (#7736)Brendan Abolivier2020-07-291-0/+6
| |
| * Option to allow server admins to join complex rooms (#7902)lugino-emeritus2020-07-281-2/+6
| | | | | | | | | | Fixes #7901. Signed-off-by: Niklas Tittjung <nik_t.01@web.de>
| * Convert a synapse.events to async/await. (#7949)Patrick Cloke2020-07-271-1/+1
| |
* | Add ratelimiting on joinsErik Johnston2020-07-311-2/+35
|/
* Remove hacky error handling for inlineDeferreds. (#7950)Patrick Cloke2020-07-272-21/+12
|
* Convert state resolution to async/await (#7942)Patrick Cloke2020-07-241-2/+2
|
* Fix up types and comments that refer to Deferreds. (#7945)Patrick Cloke2020-07-247-157/+172
|
* Convert presence handler helpers to async/await. (#7939)Patrick Cloke2020-07-231-23/+20
|
* Update the auth providers to be async. (#7935)Patrick Cloke2020-07-232-19/+23
|
* Follow-up to admin API to re-activate accounts (#7908)Patrick Cloke2020-07-221-4/+18
|
* Convert the message handler to async/await. (#7884)Patrick Cloke2020-07-221-136/+152
|
* Add debugging to sync response generation (#7929)Richard van der Hoff2020-07-221-2/+15
|
* Convert room list handler to async/await. (#7912)Patrick Cloke2020-07-211-33/+29
|
* Fix deprecation warning: import ABC from collections.abc (#7892)Karthikeyan Singaravelan2020-07-201-1/+1
|
* Fix TypeError in synapse.notifier (#7880)Erik Johnston2020-07-171-0/+8
| | | Fixes #7774
* Convert device handler to async/await (#7871)Patrick Cloke2020-07-171-136/+105
|
* Convert _base, profile, and _receipts handlers to async/await (#7860)Patrick Cloke2020-07-174-53/+41
|
* Reject attempts to join empty rooms over federation (#7859)Richard van der Hoff2020-07-161-2/+13
| | | | | | We shouldn't allow others to make_join through us if we've left the room; reject such attempts with a 404. Fixes #7835. Fixes #6958.
* Allow moving typing off master (#7869)Erik Johnston2020-07-161-74/+167
|
* Merge pull request #7866 from matrix-org/rav/fix_guest_user_idRichard van der Hoff2020-07-161-21/+1
|\ | | | | Fix guest user registration with lots of client readers
| * Use a postgres sequence to generate guest user IDsRichard van der Hoff2020-07-161-21/+1
| |
* | Add some tiny type annotations (#7870)Richard van der Hoff2020-07-161-6/+4
| | | | | | I found these made pycharm have more of a clue as to what was going on in other places.
* | Ensure that calls to `json.dumps` are compatible with the standard library ↵Patrick Cloke2020-07-151-1/+2
| | | | | | | | json. (#7836)
* | Merge branch 'erikj/faster_typing' of github.com:matrix-org/synapse into developErik Johnston2020-07-151-2/+2
|\ \ | |/ |/|
| * Fix typoErik Johnston2020-07-151-1/+1
| |
| * Use get_users_in_room rather than state handler in typing for speedErik Johnston2020-07-151-2/+2
| |
* | Allow accounts to be re-activated from the admin APIs. (#7847)Patrick Cloke2020-07-151-20/+28
|/
* Convert E2E key and room key handlers to async/await. (#7851)Patrick Cloke2020-07-152-124/+98
|
* Add delete room admin endpoint (#7613)Dirk Klimpel2020-07-141-2/+206
| | | | | | | | | | | | | | | | | | The Delete Room admin API allows server admins to remove rooms from server and block these rooms. `DELETE /_synapse/admin/v1/rooms/<room_id>` It is a combination and improvement of "[Shutdown room](https://github.com/matrix-org/synapse/blob/develop/docs/admin_api/shutdown_room.md)" and "[Purge room](https://github.com/matrix-org/synapse/blob/develop/docs/admin_api/purge_room.md)" API. Fixes: #6425 It also fixes a bug in [synapse/storage/data_stores/main/room.py](synapse/storage/data_stores/main/room.py) in ` get_room_with_stats`. It should return `None` if the room is unknown. But it returns an `IndexError`. https://github.com/matrix-org/synapse/blob/901b1fa561e3cc661d78aa96d59802cf2078cb0d/synapse/storage/data_stores/main/room.py#L99-L105 Related to: - #5575 - https://github.com/Awesome-Technologies/synapse-admin/issues/17 Signed-off-by: Dirk Klimpel dirk@klimpel.org
* Support handling registration requests across multiple client readers. (#7830)Patrick Cloke2020-07-131-1/+2
|
* Do not use canonicaljson to magically handle decoding bytes from JSON. (#7802)Patrick Cloke2020-07-101-1/+1
|
* Fix resync remote devices on receive PDU in worker mode. (#7815)Erik Johnston2020-07-101-8/+19
| | | | | | The replication client requires that arguments are given as keyword arguments, which was not done in this case. We also pull out the logic so that we can catch and handle any exceptions raised, rather than leaving them unhandled.
* Fix recursion error when fetching auth chain over federation (#7817)Erik Johnston2020-07-101-12/+37
| | | | | | | | | | | | | | | When fetching the state of a room over federation we receive the event IDs of the state and auth chain. We then fetch those events that we don't already have. However, we used a function that recursively fetched any missing auth events for the fetched events, which can lead to a lot of recursion if the server is missing most of the auth chain. This work is entirely pointless because would have queued up the missing events in the auth chain to be fetched already. Let's just diable the recursion, since it only gets called from one place anyway.
* `update_membership` declaration: now always returns an event id. (#7809)Richard van der Hoff2020-07-092-5/+5
|
* Fix `can only concatenate list (not "tuple") to list` exception (#7810)Richard van der Hoff2020-07-091-1/+1
| | | It seems auth_events can be either a list or a tuple, depending on Things.
* Generate real events when we reject invites (#7804)Richard van der Hoff2020-07-093-76/+158
| | | | | | | | Fixes #2181. The basic premise is that, when we fail to reject an invite via the remote server, we can generate our own out-of-band leave event and persist it as an outlier, so that we have something to send to the client.
* Add `HomeServer.signing_key` property (#7805)Richard van der Hoff2020-07-082-2/+2
| | | ... instead of duplicating `config.signing_key[0]` everywhere
* Stop passing bytes when dumping JSON (#7799)Patrick Cloke2020-07-081-2/+2
|
* Refactor getting replication updates from database v2. (#7740)Erik Johnston2020-07-071-0/+3
|
* Convert the appservice handler to async/await. (#7775)Patrick Cloke2020-07-061-42/+32
|
* isort 5 compatibility (#7786)Will Hunt2020-07-052-4/+2
| | | The CI appears to use the latest version of isort, which is a problem when isort gets a major version bump. Rather than try to pin the version, I've done the necessary to make isort5 happy with synapse.
* Fix inconsistent handling of upper and lower cases of email addresses. (#7021)Dirk Klimpel2020-07-031-2/+3
| | | fixes #7016
* Merge tag 'v1.16.0rc2' into developPatrick Cloke2020-07-021-1/+1
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.16.0rc2 (2020-07-02) ============================== Synapse 1.16.0rc2 includes the security fixes released with Synapse 1.15.2. Please see [below](https://github.com/matrix-org/synapse/blob/master/CHANGES.md#synapse-1152-2020-07-02) for more details. Improved Documentation ---------------------- - Update postgres image in example `docker-compose.yaml` to tag `12-alpine`. ([\#7696](https://github.com/matrix-org/synapse/issues/7696)) Internal Changes ---------------- - Add some metrics for inbound and outbound federation latencies: `synapse_federation_server_pdu_process_time` and `synapse_event_processing_lag_by_event`. ([\#7771](https://github.com/matrix-org/synapse/issues/7771))
| * Merge branch 'master' into release-v1.16.0Patrick Cloke2020-07-023-35/+14
| |\
| * | Fix new metric where we used ms instead of seconds (#7771)Erik Johnston2020-07-011-1/+1
| | | | | | | | | | | | Introduced in #7755, not yet released.
* | | Merge branch 'master' into developPatrick Cloke2020-07-023-35/+14
|\ \ \ | | |/ | |/|
| * | Correctly handle outliers as prev events over federationErik Johnston2020-07-021-3/+3
| | |
| * | Ensure that HTML pages served from Synapse include headers to avoid embedding.Patrick Cloke2020-07-022-32/+11
| | |
* | | Add early returns to `_check_for_soft_fail` (#7769)Richard van der Hoff2020-07-011-64/+55
| | | | | | | | | | | | my editor was complaining about unset variables, so let's add some early returns to fix that and reduce indentation/cognitive load.
* | | Type checking for `FederationHandler` (#7770)Richard van der Hoff2020-07-011-17/+30
| |/ |/| | | fix a few things to make this pass mypy.
* | Back out MSC2625 implementation (#7761)Brendan Abolivier2020-07-011-3/+0
| |
* | Additional configuration options for auto-join rooms (#7763)Patrick Cloke2020-06-301-62/+168
| |
* | Add some metrics for inbound and outbound federation processing times (#7755)Erik Johnston2020-06-301-0/+6
| |
* | Yield during large v2 state res. (#7735)Erik Johnston2020-06-241-0/+1
| | | | | | | | | | | | | | | | | | | | | | State res v2 across large data sets can be very CPU intensive, and if all the relevant events are in the cache the algorithm will run from start to finish within a single reactor tick. This can result in blocking the reactor tick for several seconds, which can have major repercussions on other requests. To fix this we simply add the occaisonal `sleep(0)` during iterations to yield execution until the next reactor tick. The aim is to only do this for large data sets so that we don't impact otherwise quick resolutions.=
* | Convert directory handler to async/await (#7727)Patrick Cloke2020-06-222-40/+32
| |
* | Convert the typing handler to async/await. (#7679)Patrick Cloke2020-06-171-18/+11
| |
* | Implement unread counter (MSC2625) (#7673)Brendan Abolivier2020-06-171-0/+3
|\ \ | | | | | | Implementation of https://github.com/matrix-org/matrix-doc/pull/2625
| * \ Merge branch 'develop' into babolivier/mark_unreadBrendan Abolivier2020-06-1514-82/+60
| |\ \
| * \ \ Merge branch 'develop' into babolivier/mark_unreadBrendan Abolivier2020-06-152-29/+57
| |\ \ \
| * | | | Appease mypyBrendan Abolivier2020-06-101-1/+1
| | | | |
| * | | | LintBrendan Abolivier2020-06-101-3/+3
| | | | |
| * | | | Use temporary prefixes as per the MSCBrendan Abolivier2020-06-101-1/+3
| | | | |
| * | | | Add a new unread_counter to sync responsesBrendan Abolivier2020-06-101-0/+1
| | |_|/ | |/| |
* | | | Refactor getting replication updates from database. (#7636)Erik Johnston2020-06-162-11/+58
| | | | | | | | | | | | The aim here is to make it easier to reason about when streams are limited and when they're not, by moving the logic into the database functions themselves. This should mean we can kill of `db_query_to_update_function` function.
* | | | Replace all remaining six usage with native Python 3 equivalents (#7704)Dagfinn Ilmari Mannsåker2020-06-166-22/+13
| | | |
* | | | Convert the device message and pagination handlers to async/await. (#7678)Patrick Cloke2020-06-162-31/+18
| | | |
* | | | Ensure etag is a string for GET room_keys/version response (#7691)Hubert Chathi2020-06-151-0/+1
| | | |
* | | | Fix "There was no active span when trying to log." error (#7698)Erik Johnston2020-06-151-0/+1
| |_|/ |/| |
* | | Replace iteritems/itervalues/iterkeys with native versions. (#7692)Patrick Cloke2020-06-1513-81/+59
| | |
* | | Fix a typo when comparing the URI & method during UI Auth. (#7689)Patrick Cloke2020-06-121-1/+1
| |/ |/|
* | Add option to enable encryption by default for new rooms (#7639)Andrew Morgan2020-06-102-29/+57
|/ | | | | | | | | Fixes https://github.com/matrix-org/synapse/issues/2431 Adds config option `encryption_enabled_by_default_for_room_type`, which determines whether encryption should be enabled with the default encryption algorithm in private or public rooms upon creation. Whether the room is private or public is decided based upon the room creation preset that is used. Part of this PR is also pulling out all of the individual instances of `m.megolm.v1.aes-sha2` into a constant variable to eliminate typos ala https://github.com/matrix-org/synapse/pull/7637 Based on #7637
* Convert the registration handler to async/await. (#7649)Patrick Cloke2020-06-081-66/+41
|
* Convert user directory handler and related classes to async/await. (#7640)Patrick Cloke2020-06-054-107/+73
|
* Add an option to disable autojoin for guest accounts (#6637)Travis Ralston2020-06-051-1/+7
| | | | Fixes https://github.com/matrix-org/synapse/issues/3177
* Typo fixes.Patrick Cloke2020-06-051-1/+1
|
* Allow new users to be registered via the admin API even if the monthly ↵Dirk Klimpel2020-06-051-1/+6
| | | | active user limit has been reached (#7263)
* Performance improvements and refactor of Ratelimiter (#7595)Andrew Morgan2020-06-054-56/+38
| | | | | | | | | | While working on https://github.com/matrix-org/synapse/issues/5665 I found myself digging into the `Ratelimiter` class and seeing that it was both: * Rather undocumented, and * causing a *lot* of config checks This PR attempts to refactor and comment the `Ratelimiter` class, as well as encourage config file accesses to only be done at instantiation. Best to be reviewed commit-by-commit.
* Cleanups to the OpenID Connect integration (#7628)Richard van der Hoff2020-06-031-7/+20
| | | | docs, default configs, comments. Nothing very significant.
* Check if the localpart is reserved for guests earlier in the registration ↵Brendan Abolivier2020-06-031-9/+9
| | | | | flow (#7625) This is so the user is warned about the username not being valid as soon as possible, rather than only once they've finished UIA.
* Fix exceptions when fetching events from a down host. (#7622)Erik Johnston2020-06-031-1/+1
| | | We already caught some exceptions, but not all.
* Clean up exception handling in SAML2ResponseResource (#7614)Richard van der Hoff2020-06-031-30/+11
| | | | | | | | | | | | | * Expose `return_html_error`, and allow it to take a Jinja2 template instead of a raw string * Clean up exception handling in SAML2ResponseResource * use the existing code in `return_html_error` instead of re-implementing it (giving it a jinja2 template rather than inventing a new form of template) * do the exception-catching in the REST layer rather than in the handler layer, to make sure we catch all exceptions.
* Process cross-signing keys when resyncing device lists (#7594)Brendan Abolivier2020-06-012-18/+62
| | | It looks like `user_device_resync` was ignoring cross-signing keys from the results received from the remote server. This patch fixes this, by processing these keys using the same process `_handle_signing_key_updates` does (and effectively factor that part out of that function).
* Convert groups local and server to async/await. (#7600)Patrick Cloke2020-06-011-47/+35
|
* Don't fail all of an iteration of the device list retry loop on error (#7609)Brendan Abolivier2020-06-011-15/+21
| | | Without this patch, if an error happens which isn't caught by `user_device_resync`, then `_maybe_retry_device_resync` would fail, without retrying the next users in the iteration. This patch fixes this so that it now only logs an error in this case.
* Fix 'FederationGroupsRoomsServlet' API when group has room server is not in. ↵Erik Johnston2020-05-291-8/+12
| | | | (#7599)
* allow emails to be passed through SAML (#7385)Christopher Cooper2020-05-271-2/+10
| | | Signed-off-by: Christopher Cooper <cooperc@ocf.berkeley.edu>
* Convert identity handler to async/await. (#7561)Patrick Cloke2020-05-262-63/+46
|
* Optimise some references to hs.config (#7546)Richard van der Hoff2020-05-221-3/+5
| | | These are surprisingly expensive, and we only really need to do them at startup.
* Add option to move event persistence off master (#7517)Erik Johnston2020-05-225-19/+61
|
* Add ability to wait for replication streams (#7542)Erik Johnston2020-05-225-70/+140
| | | | | | | The idea here is that if an instance persists an event via the replication HTTP API it can return before we receive that event over replication, which can lead to races where code assumes that persisting an event immediately updates various caches (e.g. current state of the room). Most of Synapse doesn't hit such races, so we don't do the waiting automagically, instead we do so where necessary to avoid unnecessary delays. We may decide to change our minds here if it turns out there are a lot of subtle races going on. People probably want to look at this commit by commit.
* Convert sending mail to async/await. (#7557)Erik Johnston2020-05-221-5/+4
| | | | Mainly because sometimes the email push code raises exceptions where the stack traces have gotten lost, which is hopefully fixed by this.
* On upgrade room only send canonical alias once. (#7547)Erik Johnston2020-05-221-55/+60
| | | | | | | | Instead of doing a complicated dance of deleting and moving aliases one by one, which sends a canonical alias update into the old room for each one, lets do it all in one go. This also changes the function to move *all* local alias events to the new room, however that happens later on anyway.
* Fix exception reporting due to HTTP request errors. (#7556)Erik Johnston2020-05-221-0/+7
| | | | These are business as usual errors, rather than stuff we want to log at error.
* Retry to sync out of sync device lists (#7453)Brendan Abolivier2020-05-211-7/+73
| | | | | | | | | | | When a call to `user_device_resync` fails, we don't currently mark the remote user's device list as out of sync, nor do we retry to sync it. https://github.com/matrix-org/synapse/pull/6776 introduced some code infrastructure to mark device lists as stale/out of sync. This commit uses that code infrastructure to mark device lists as out of sync if processing an incoming device list update makes the device handler realise that the device list is out of sync, but we can't resync right now. It also adds a looping call to retry all failed resync every 30s. This shouldn't cause too much spam in the logs as this commit also removes the "Failed to handle device list update for..." warning logs when catching `NotRetryingDestination`. Fixes #7418
* Hash passwords earlier in the password reset process (#7538)Patrick Cloke2020-05-201-4/+1
| | | | This now matches the logic of the registration process as modified in 56db0b1365965c02ff539193e26c333b7f70d101 / #7523.
* Omit displayname or avatar_url if they aren't set instead of returning null ↵Aaron Raimist2020-05-191-2/+6
| | | | | | | | | (#7497) Per https://github.com/matrix-org/matrix-doc/issues/1436#issuecomment-410089470 they should be omitted instead of returning null or "". They aren't marked as required in the spec. Fixes https://github.com/matrix-org/synapse/issues/7333 Signed-off-by: Aaron Raimist <aaron@raim.ist>
* Merge tag 'v1.13.0rc3' into developPatrick Cloke2020-05-181-7/+2
|\ | | | | | | | | | | | | | | Synapse 1.13.0rc3 (2020-05-18) Bugfixes: - Hash passwords as early as possible during registration. #7523
| * Hash passwords earlier in the registration process (#7523)Patrick Cloke2020-05-181-7/+2
| |
* | Add type hints to room member handlers (#7513)Patrick Cloke2020-05-152-139/+173
| |
* | Support UI Authentication for OpenID Connect accounts (#7457)Patrick Cloke2020-05-152-20/+60
| |
* | Update the room member handler to use async/await. (#7507)Patrick Cloke2020-05-152-74/+58
| |
* | Ignore incoming presence updates when presence is disabled (#7508)Andrew Morgan2020-05-151-2/+4
| |
* | Merge tag 'v1.13.0rc2' into developRichard van der Hoff2020-05-141-19/+18
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.13.0rc2 (2020-05-14) ============================== Bugfixes -------- - Fix a long-standing bug which could cause messages not to be sent over federation, when state events with state keys matching user IDs (such as custom user statuses) were received. ([\#7376](https://github.com/matrix-org/synapse/issues/7376)) - Restore compatibility with non-compliant clients during the user interactive authentication process, fixing a problem introduced in v1.13.0rc1. ([\#7483](https://github.com/matrix-org/synapse/issues/7483)) Internal Changes ---------------- - Fix linting errors in new version of Flake8. ([\#7470](https://github.com/matrix-org/synapse/issues/7470))
| * Do not validate that the client dict is stable during UI Auth. (#7483)Patrick Cloke2020-05-131-19/+18
| | | | | | | | This backs out some of the validation for the client dictionary and logs if this changes during a user interactive authentication session instead.
* | Allow censoring of events to happen on workers. (#7492)Erik Johnston2020-05-131-2/+0
| | | | | | This is safe as we can now write to cache invalidation stream on workers, and is required for when we move event persistence off master.
* | Convert federation handler to async/await. (#7459)Patrick Cloke2020-05-112-21/+16
| |
* | Convert search code to async/await. (#7460)Patrick Cloke2020-05-111-24/+20
| |
* | Merge branch 'release-v1.13.0' into developAndrew Morgan2020-05-111-14/+40
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * release-v1.13.0: Don't UPGRADE database rows RST indenting Put rollback instructions in upgrade notes Fix changelog typo Oh yeah, RST Absolute URL it is then Fix upgrade notes link Provide summary of upgrade issues in changelog. Fix ) Move next version notes from changelog to upgrade notes Changelog fixes 1.13.0rc1 Documentation on setting up redis (#7446) Rework UI Auth session validation for registration (#7455) Fix errors from malformed log line (#7454) Drop support for redis.dbid (#7450)
| * Rework UI Auth session validation for registration (#7455)Patrick Cloke2020-05-081-14/+40
| | | | | | | | Be less strict about validation of UI authentication sessions during registration to match client expecations.
* | Implement OpenID Connect-based login (#7256)Quentin Gliech2020-05-082-2/+1000
| |
* | Merge branch 'release-v1.13.0' into developBrendan Abolivier2020-05-071-1/+3
|\|
| * Add a configuration setting for the dummy event threshold (#7422)Brendan Abolivier2020-05-071-1/+3
| | | | | | Add dummy_events_threshold which allows configuring the number of forward extremities a room needs for Synapse to send forward extremities in it.
* | Add more type hints to SAML handler. (#7445)Patrick Cloke2020-05-071-12/+16
| |
* | Merge branch 'release-v1.13.0' into developRichard van der Hoff2020-05-061-4/+8
|\|
| * Merge branch 'release-v1.13.0' into erikj/faster_device_lists_fetchRichard van der Hoff2020-05-059-281/+250
| |\
| * | Speed up fetching device lists changes in sync.Erik Johnston2020-05-051-4/+8
| | | | | | | | | | | | | | | Currently we copy `users_who_share_room` needlessly about three times, which is expensive when the set is large (which it can easily be).
* | | Convert the room handler to async/await. (#7396)Patrick Cloke2020-05-041-24/+18
| |/ |/|
* | async/await is_server_admin (#7363)Andrew Morgan2020-05-019-281/+250
|/
* Persist user interactive authentication sessions (#7302)Patrick Cloke2020-04-303-116/+63
| | | | | By persisting the user interactive authentication sessions to the database, this fixes situations where a user hits different works throughout their auth session and also allows sessions to persist through restarts of Synapse.
* Apply federation check for /publicRooms with filter list (#7367)Andrew Morgan2020-04-301-1/+5
|
* Convert some of the federation handler methods to async/await. (#7338)Patrick Cloke2020-04-241-25/+24
|
* Stop the master relaying USER_SYNC for other workers (#7318)Richard van der Hoff2020-04-223-105/+135
| | | | | | | Long story short: if we're handling presence on the current worker, we shouldn't be sending USER_SYNC commands over replication. In an attempt to figure out what is going on here, I ended up refactoring some bits of the presencehandler code, so the first 4 commits here are non-functional refactors to move this code slightly closer to sanity. (There's still plenty to do here :/). Suggest reviewing individual commits. Fixes (I hope) #7257.
* Merge branch 'release-v1.12.4' into developRichard van der Hoff2020-04-221-9/+139
|\
| * Query missing cross-signing keys on local sig upload (#7289)Andrew Morgan2020-04-221-9/+139
| |
* | import urllib.parse when using urllib.parse.quote (#7319)Andrew Morgan2020-04-221-1/+1
| |
* | Merge branch 'release-v1.12.4' into developRichard van der Hoff2020-04-201-129/+9
|\|
| * Revert "Query missing cross-signing keys on local sig upload"Richard van der Hoff2020-04-201-129/+9
| | | | | | | | | | | | This was incorrectly merged to the release branch before it was ready. This reverts commit 72fe2affb6ac86d433b80b6452da57052365aa26.
* | Merge branch 'release-v1.12.4' into developRichard van der Hoff2020-04-201-9/+129
|\|
| * Always send the user updates to their own device list (#7160)David Baker2020-04-202-3/+18
| |
| * Query missing cross-signing keys on local sig uploadAndrew Morgan2020-04-171-9/+129
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add changelog Save retrieved keys to the db lint Fix and de-brittle remote result dict processing Use query_user_devices instead, assume only master, self_signing key types Make changelog more useful Remove very specific exception handling Wrap get_verify_key_from_cross_signing_key in a try/except Note that _get_e2e_cross_signing_verify_key can raise a SynapseError lint Add comment explaining why this is useful Only fetch master and self_signing key types Fix log statements, docstrings Remove extraneous items from remote query try/except lint Factor key retrieval out into a separate function Send device updates, modeled after SigningKeyEduUpdater._handle_signing_key_updates Update method docstring
| * Only register devices edu handler on the master process (#7255)Andrew Morgan2020-04-141-7/+11
| |
* | Reject unknown UI auth sessions (instead of silently generating a new one) ↵Patrick Cloke2020-04-201-65/+94
| | | | | | | | (#7268)
* | Use a template for the SSO success page to allow for customization. (#7279)Patrick Cloke2020-04-171-32/+12
| |
* | Convert auth handler to async/await (#7261)Patrick Cloke2020-04-154-111/+115
| |
* | Only register devices edu handler on the master process (#7255)Andrew Morgan2020-04-141-7/+11
| |
* | Check on room creation if the user is allowed to publish the room to the ↵PeerD2020-04-131-0/+7
| | | | | | | | room directory. (#7260)
* | typosMatthew Hodgson2020-04-111-1/+1
| |
* | Default PL100 to enable encryption in a room (#7230)Andrew Morgan2020-04-091-0/+1
| |
* | Do not allow a deactivated user to login via SSO. (#7240)Patrick Cloke2020-04-093-6/+32
| |
* | Improve error responses when a remote server doesn't allow you to access its ↵Andrew Morgan2020-04-061-11/+12
| | | | | | | | public rooms list (#6899)
* | Support CAS in UI Auth flows. (#7186)Patrick Cloke2020-04-032-74/+91
| |
* | Support SAML in the user interactive authentication workflow. (#7102)Patrick Cloke2020-04-012-14/+153
| |
* | Allow admins to create aliases when they are not in the room (#7191)Patrick Cloke2020-04-011-1/+5
| |
* | Rewrite prune_old_outbound_device_pokes for efficiency (#7159)Richard van der Hoff2020-03-301-23/+2
| | | | | | | | make sure we clear out all but one update for the user
* | Transfer alias mappings when joining an upgraded room (#6946)Andrew Morgan2020-03-301-0/+3
| |
* | Merge pull request #7160 from ↵David Baker2020-03-302-3/+18
|\ \ | | | | | | | | | | | | matrix-org/dbkr/always_send_own_device_list_updates Always send the user updates to their own device list
| * | Add explanatory commentAndrew Morgan2020-03-302-1/+4
| | |
| * | blackDavid Baker2020-03-301-1/+3
| | |
| * | Just add own user ID to the list we track device changes forDavid Baker2020-03-302-7/+11
| | |
| * | Fix undefined variable & remove debug loggingDavid Baker2020-03-271-10/+2
| | |
| * | blackDavid Baker2020-03-271-4/+4
| | |
| * | Always send the user updates to their own device listDavid Baker2020-03-272-6/+20
| | | | | | | | | | | | | | | This will allow clients to notify users about new devices even if the user isn't in any rooms (yet).
* | | Add options to prevent users from changing their profile. (#7096)Dirk Klimpel2020-03-271-0/+16
|/ /
* | Merge pull request #7151 from matrix-org/jaywink/saml-redirect-fixJason Robinson2020-03-261-0/+4
|\ \ | | | | | | Allow RedirectResponse in SAML response handler
| * | Allow RedirectResponse in SAML response handlerJason Robinson2020-03-261-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | Allow custom SAML handlers to redirect after processing an auth response. Fixes #7149 Signed-off-by: Jason Robinson <jasonr@matrix.org>
* | | Refactor the CAS code (move the logic out of the REST layer to a handler) ↵Patrick Cloke2020-03-261-0/+204
| | | | | | | | | | | | (#7136)
* | | Allow server admins to define and enforce a password policy (MSC2000). (#7118)Dirk Klimpel2020-03-262-0/+95
|/ /
* | Validate that the session is not modified during UI-Auth (#7068)Patrick Cloke2020-03-261-4/+33
| |
* | Clean up some LoggingContext stuff (#7120)Richard van der Hoff2020-03-241-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Pull Sentinel out of LoggingContext ... and drop a few unnecessary references to it * Factor out LoggingContext.current_context move `current_context` and `set_context` out to top-level functions. Mostly this means that I can more easily trace what's actually referring to LoggingContext, but I think it's generally neater. * move copy-to-parent into `stop` this really just makes `start` and `stop` more symetric. It also means that it behaves correctly if you manually `set_log_context` rather than using the context manager. * Replace `LoggingContext.alive` with `finished` Turn `alive` into `finished` and make it a bit better defined.
* | Use the proper error code when a canonical alias that does not exist is ↵Patrick Cloke2020-03-231-19/+38
| | | | | | | | used. (#7109)
* | Remove concept of a non-limited stream. (#7011)Erik Johnston2020-03-202-4/+11
|/
* Add an option to the set password API to choose whether to logout other ↵Patrick Cloke2020-03-181-16/+25
| | | | devices. (#7085)
* Remove special casing of `m.room.aliases` events (#7034)Patrick Cloke2020-03-171-15/+1
|
* Revert "Add options to disable setting profile info for prevent changes. ↵Richard van der Hoff2020-03-171-16/+0
| | | | | | | (#7053)" This reverts commit 54dd28621b070ca67de9f773fe9a89e1f4dc19da, reversing changes made to 6640460d054e8f4444046a34bdf638921b31c01e.
* Fix buggy condition in account validity handler (#7074)Brendan Abolivier2020-03-161-1/+5
|
* Add type annotations and comments to auth handler (#7063)Patrick Cloke2020-03-121-89/+104
|
* Don't filter out dummy events when we're checking the visibility of stateBrendan Abolivier2020-03-111-1/+1
|
* Add options to disable setting profile info for prevent changes. (#7053)Brendan Abolivier2020-03-101-0/+16
|\
| * lint, fix testsdklimpel2020-03-091-1/+3
| |
| * updates after reviewdklimpel2020-03-091-4/+4
| |
| * lintdklimpel2020-03-081-4/+2
| |
| * changelogdklimpel2020-03-081-2/+8
| |
| * Add options to disable setting profile info for prevent changes.dklimpel2020-03-081-0/+10
| |
* | SAML2: render a comprehensible error page if something goes wrongBrendan Abolivier2020-03-101-1/+19
| | | | | | | | | | | | If an error happened while processing a SAML AuthN response, or a client ends up doing a `GET` request to `/authn_response`, then render a customisable error page rather than a confusing error.
* | LintBrendan Abolivier2020-03-061-2/+1
| |
* | Mention the session ID in the error messageBrendan Abolivier2020-03-061-2/+3
| |
* | LintBrendan Abolivier2020-03-061-1/+2
| |
* | Make sure that is_verified is a boolean when processing room keysBrendan Abolivier2020-03-061-0/+6
| |
* | Allow deleting an alias if the user has sufficient power level (#6986)Patrick Cloke2020-03-041-33/+74
| |
* | Merge branch 'master' into developBrendan Abolivier2020-03-032-3/+76
|\ \
| * | Fix wrong handler being used in SAML handlerBrendan Abolivier2020-03-031-3/+2
| | |
| * | Factor out complete_sso_login and expose it to the Module APIBrendan Abolivier2020-03-031-0/+74
| | |
* | | Validate the alt_aliases property of canonical alias events (#6971)Patrick Cloke2020-03-032-10/+51
| |/ |/|
* | Store room version on invite (#6983)Richard van der Hoff2020-02-261-0/+12
| | | | | | | | | | When we get an invite over federation, store the room version in the rooms table. The general idea here is that, when we pull the invite out again, we'll want to know what room_version it belongs to (so that we can later redact it if need be). So we need to store it somewhere...
* | Port PresenceHandler to async/await (#6991)Erik Johnston2020-02-262-108/+89
| |
* | Remove redundant store_room call (#6979)Richard van der Hoff2020-02-241-23/+0
| | | | | | | | | | `_process_received_pdu` is only called by `on_receive_pdu`, which ignores any events for unknown rooms, so this is redundant.
* | Upsert room version when we join over federation (#6968)Richard van der Hoff2020-02-241-10/+12
| | | | | | | | | | | | | | | | This is intended as a precursor to storing room versions when we receive an invite over federation, but has the happy side-effect of fixing #3374 at last. In short: change the store_room with try/except to a proper upsert which updates the right columns.
* | Change displayname of user as admin in rooms (#6876)Dirk Klimpel2020-02-211-1/+11
| |
* | Stop returning aliases as part of the room list. (#6970)Patrick Cloke2020-02-211-9/+0
| |
* | Clarify list/set/dict/tuple comprehensions and enforce via flake8 (#6957)Patrick Cloke2020-02-219-35/+33
| | | | | | | | Ensure good comprehension hygiene using flake8-comprehensions.
* | Merge branch 'master' into developRichard van der Hoff2020-02-211-5/+5
|\|
| * Small grammar fixes to the ACME v1 deprecation notice (#6944)Andrew Morgan2020-02-211-5/+5
| | | | | | Some small fixes to the copy in #6907.