summary refs log tree commit diff
path: root/synapse/handlers (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #1686 from matrix-org/rav/fix_federation_key_failsRichard van der Hoff2016-12-121-0/+10
|\ | | | | E2E key query: handle federation fails
| * Remove unused importRichard van der Hoff2016-12-121-1/+0
| |
| * E2E key query: handle federation failsRichard van der Hoff2016-12-091-0/+11
| | | | | | | | Don't fail the whole request if we can't connect to a particular server.
* | Fix rare notifier bug where listeners dont timeoutErik Johnston2016-12-091-0/+1
| | | | | | | | | | | | There was a race condition that caused the notifier to 'miss' the timeout notification, since there were no other checks for the timeout this caused listeners to get stuck in a loop until something happened.
* | Fix ignored read-receiptsRichard van der Hoff2016-12-081-1/+5
|/ | | | | Don't ignore read-receipts which arrive in the same EDU as a read-receipt for an old event.
* Prevent user tokens being used as guest tokens (#1675)Richard van der Hoff2016-12-061-1/+1
| | | | | Make sure that a user cannot pretend to be a guest by adding 'guest = True' caveats.
* Merge pull request #653 from matrix-org/erikj/preset_guest_joinErik Johnston2016-12-051-0/+10
|\ | | | | Enable guest access for private rooms by default
| * Enable guest access for private rooms by defaultErik Johnston2016-03-171-0/+10
| |
* | Merge pull request #1649 from matrix-org/dbkr/log_ui_auth_argsErik Johnston2016-12-051-1/+9
|\ \ | | | | | | Log the args that we have on UI auth completion
| * | Clarify that creds doesn not contain passwords.David Baker2016-11-241-1/+3
| | |
| * | Log the args that we have on UI auth completionDavid Baker2016-11-241-1/+7
| | | | | | | | | | | | | | | This will be super helpful for debugging if we have more registration woes.
* | | Rip out more refresh_token codeRichard van der Hoff2016-11-301-10/+0
| | | | | | | | | | | | | | | | | | | | | | | | We might as well treat all refresh_tokens as invalid. Just return a 403 from /tokenrefresh, so that we don't have a load of dead, untestable code hanging around. Still TODO: removing the table from the schema.
* | | Merge branch 'develop' into rav/no_more_refresh_tokensRichard van der Hoff2016-11-302-8/+8
|\ \ \
| * | | Stop putting a time caveat on access tokensRichard van der Hoff2016-11-292-8/+8
| |/ / | | | | | | | | | | | | | | | | | | | | | The 'time' caveat on the access tokens was something of a lie, since we weren't enforcing it; more pertinently its presence stops us ever adding useful time caveats. Let's move in the right direction by not lying in our caveats.
* / / Stop generating refresh tokensRichard van der Hoff2016-11-281-16/+4
|/ / | | | | | | | | | | | | Since we're not doing refresh tokens any more, we should start killing off the dead code paths. /tokenrefresh itself is a bit of a thornier subject, since there might be apps out there using it, but we can at least not generate refresh tokens on new logins.
* | Shuffle receipt handler around so that worker apps don't need to load itErik Johnston2016-11-233-6/+4
| |
* | Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2016-11-231-9/+22
|\ \ | | | | | | | | | erikj/split_out_fed_txn
| * | Return early on /sync code paths if a '*' filter is usedKegan Dougal2016-11-221-9/+22
| | | | | | | | | | | | | | | | | | | | | | | | This is currently very conservative in that it only does this if there is no `since` token. This limits the risk to clients likely to be doing one-off syncs (like bridges), but does mean that normal human clients won't benefit from the time savings here. If the savings are large enough, I would consider generalising this to just check the filter.
* | | Remove explicit calls to send_pduErik Johnston2016-11-211-53/+0
| | |
* | | Handle sending events and device messages over federationErik Johnston2016-11-171-12/+1
| | |
* | | Use new federation_sender DIErik Johnston2016-11-165-14/+16
|/ /
* | Use external ldap auth pacakgeErik Johnston2016-11-151-0/+2
| |
* | Sample correctlyErik Johnston2016-11-081-1/+3
| |
* | Limit the number of prev_events of new eventsErik Johnston2016-11-081-0/+13
| |
* | Don't error on non-ascii passwordsDavid Baker2016-11-031-1/+1
| |
* | Fix infinite typing bugErik Johnston2016-10-241-2/+10
| | | | | | | | | | | | | | There's a bug somewhere that causes typing notifications to not be timed out properly. By adding a paranoia timer and using correct inequalities notifications should stop being stuck, even if it the root cause hasn't been fixed.
* | Fix incredubly slow back pagination queryErik Johnston2016-10-242-4/+7
| | | | | | | | | | | | | | If a client didn't specify a from token when paginating backwards synapse would attempt to query the (global) maximum topological token. This a) doesn't make much sense since they're room specific and b) there are no indices that lets postgres do this efficiently.
* | Merge pull request #1175 from ↵Luke Barnard2016-10-201-0/+6
|\ \ | | | | | | | | | | | | matrix-org/luke/feature-configurable-as-rate-limiting Allow Configurable Rate Limiting Per AS
| * | as_user->app_service, less redundant comments, better positioned commentsLuke Barnard2016-10-201-6/+3
| | |
| * | Use real AS object by passing it through the requesterLuke Barnard2016-10-201-8/+3
| | | | | | | | | | | | This means synapse does not have to check if the AS is interested, but instead it effectively re-uses what it already knew about the requesting user
| * | Allow Configurable Rate Limiting Per ASLuke Barnard2016-10-181-0/+14
| | | | | | | | | | | | This adds a flag loaded from the registration file of an AS that will determine whether or not its users are rate limited (by ratelimit in _base.py). Needed for IRC bridge reasons - see https://github.com/matrix-org/matrix-appservice-irc/issues/240.
* | | Merge pull request #1176 from matrix-org/erikj/eager_ratelimit_checkErik Johnston2016-10-191-1/+16
|\ \ \ | | | | | | | | Check whether to ratelimit sooner to avoid work
| * | | CommentErik Johnston2016-10-191-0/+3
| | | |
| * | | Check whether to ratelimit sooner to avoid workErik Johnston2016-10-191-1/+13
| |/ /
* / / Convert emails to lowercase when storingDavid Baker2016-10-191-0/+12
|/ / | | | | | | And db migration sql to convert existing addresses.
* | Merge pull request #1155 from matrix-org/erikj/pluggable_pwd_authErik Johnston2016-10-121-295/+39
|\ \ | | | | | | Implement pluggable password auth
| * | Implement pluggable password authErik Johnston2016-10-031-295/+39
| | | | | | | | | | | | | | | | | | Allows delegating the password auth to an external module. This also moves the LDAP auth to using this system, allowing it to be removed from the synapse tree entirely in the future.
* | | Merge pull request #1166 from matrix-org/rav/grandfather_broken_riot_signupRichard van der Hoff2016-10-111-3/+14
|\ \ \ | | | | | | | | Work around email-spamming Riot bug
| * | | Work around email-spamming Riot bugRichard van der Hoff2016-10-111-3/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 5d9546f9 introduced a change to synapse behaviour, in that failures in the interactive-auth process would return the flows and params data as well as an error code (as specced in https://github.com/matrix-org/matrix-doc/pull/397). That change exposed a bug in Riot which would make it request a new validation token (and send a new email) each time it got a 401 with a `flows` parameter (see https://github.com/vector-im/vector-web/issues/2447 and the fix at https://github.com/matrix-org/matrix-react-sdk/pull/510). To preserve compatibility with broken versions of Riot, grandfather in the old behaviour for the email validation stage.
* | | | Merge pull request #1157 from Rugvip/nolimitErik Johnston2016-10-117-32/+30
|\ \ \ \ | |/ / / |/| | | Remove rate limiting from app service senders and fix get_or_create_user requester
| * | | rest/client/v1/register: use the correct requester in createUserPatrik Oldsberg2016-10-061-4/+2
| | | | | | | | | | | | | | | | Signed-off-by: Patrik Oldsberg <patrik.oldsberg@ericsson.com>
| * | | handlers/profile: added admin override for set_displayname and set_avatar_urlPatrik Oldsberg2016-10-061-4/+4
| | | | | | | | | | | | | | | | Signed-off-by: Patrik Oldsberg <patrik.oldsberg@ericsson.com>
| * | | handers: do not ratelimit app service sendersPatrik Oldsberg2016-10-061-1/+7
| | | | | | | | | | | | | | | | Signed-off-by: Patrik Oldsberg <patrik.oldsberg@ericsson.com>
| * | | storage/appservice: make appservice methods only relying on the cache ↵Patrik Oldsberg2016-10-065-23/+17
| |/ / | | | | | | | | | synchronous
* | | Merge pull request #1160 from matrix-org/rav/401_on_password_failRichard van der Hoff2016-10-071-32/+52
|\ \ \ | |/ / |/| | Interactive Auth: Return 401 from for incorrect password
| * | Interactive Auth: Return 401 from for incorrect passwordRichard van der Hoff2016-10-071-32/+52
| | | | | | | | | | | | | | | | | | | | | | | | | | | This requires a bit of fettling, because I want to return a helpful error message too but we don't want to distinguish between unknown user and invalid password. To avoid hardcoding the error message into 15 places in the code, I've had to refactor a few methods to return None instead of throwing. Fixes https://matrix.org/jira/browse/SYN-744
* | | Restructure ldap authenticationMartin Weinelt2016-09-291-87/+192
|/ / | | | | | | | | | | | | | | - properly parse return values of ldap bind() calls - externalize authentication methods - change control flow to be more error-resilient - unbind ldap connections in many places - improve log messages and loglevels
* | Move FEDERATION_PING_INTERVAL timer. Update log lineErik Johnston2016-09-231-8/+10
| |
* | Time out typing over federationErik Johnston2016-09-231-70/+105
| |
* | Merge pull request #1136 from matrix-org/erikj/fix_signed_3pidErik Johnston2016-09-221-6/+9
|\ \ | | | | | | Allow invites via 3pid to bypass sender sig check
| * | Add commentsErik Johnston2016-09-221-0/+3
| | |
| * | Allow invites via 3pid to bypass sender sig checkErik Johnston2016-09-221-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When a server sends a third party invite another server may be the one that the inviting user registers with. In this case it is that remote server that will issue an actual invitation, and wants to do it "in the name of" the original invitee. However, the new proper invite will not be signed by the original server, and thus other servers would reject the invite if it was seen as coming from the original user. To fix this, a special case has been added to the auth rules whereby another server can send an invite "in the name of" another server's user, so long as that user had previously issued a third party invite that is now being accepted.
* | | Merge pull request #1132 from matrix-org/erikj/initial_sync_splitErik Johnston2016-09-222-378/+446
|\ \ \ | |/ / |/| | Support /initialSync in synchrotron worker
| * | Support /initialSync in synchrotron workerErik Johnston2016-09-212-378/+446
| | |
* | | Add total_room_count_estimate to /publicRoomsErik Johnston2016-09-211-0/+3
|/ /
* | Merge pull request #1130 from matrix-org/erikj/fix_pubroom_pagErik Johnston2016-09-191-12/+25
|\ \ | | | | | | Handle fact that _generate_room_entry may not return a room entry
| * | PEP8Erik Johnston2016-09-171-1/+1
| | |
| * | Handle fact that _generate_room_entry may not return a room entryErik Johnston2016-09-171-12/+25
| | |
* | | Merge pull request #1129 from matrix-org/erikj/fix_pubroom_pagErik Johnston2016-09-171-110/+123
|\| | | | | | | | Fix and clean up publicRooms pagination
| * | SpellingErik Johnston2016-09-171-1/+1
| | |
| * | Fix and clean up publicRooms paginationErik Johnston2016-09-171-110/+123
| | |
* | | Make public room search case insensitiveDavid Baker2016-09-161-4/+4
|/ /
* | CommentErik Johnston2016-09-161-0/+2
| |
* | Add remote reoom cacheErik Johnston2016-09-161-2/+23
| |
* | Support filtering remote room listsErik Johnston2016-09-161-3/+9
| |
* | Filter remote rooms lists locallyErik Johnston2016-09-161-10/+24
| |
* | Don't cache searched in /publicRoomsErik Johnston2016-09-161-1/+5
| |
* | Add very basic filter API to /publicRoomsErik Johnston2016-09-151-5/+18
| |
* | Change the way we calculate new_limit in /publicRooms and add POST APIErik Johnston2016-09-151-15/+33
| |
* | Merge pull request #1121 from matrix-org/erikj/public_room_paginateErik Johnston2016-09-151-84/+196
|\ \ | | | | | | Add pagination support to publicRooms
| * | Base public room list off of public_rooms streamErik Johnston2016-09-151-7/+27
| | |
| * | Pass since/from parameters over federationErik Johnston2016-09-151-29/+26
| | |
| * | Allow paginating both forwards and backwardsErik Johnston2016-09-151-21/+50
| | |
| * | Remove support for aggregate room listsErik Johnston2016-09-151-55/+0
| | |
| * | Accept optional token to public room listErik Johnston2016-09-151-7/+75
| | |
| * | Calculate the public room list from a stream_orderingErik Johnston2016-09-141-3/+40
| | |
| * | Refactor public rooms to not pull out the full state for each roomErik Johnston2016-09-141-14/+30
| | |
* | | Merge pull request #1117 from matrix-org/erikj/fix_stateErik Johnston2016-09-141-0/+4
|\ \ \ | |/ / |/| | Ensure we don't mutate state cache entries
| * | Ensure we don't mutate state cache entriesErik Johnston2016-09-141-0/+4
| | |
* | | Move RoomListHandler into a separate fileErik Johnston2016-09-142-158/+185
|/ /
* | Merge pull request #1111 from matrix-org/matthew/device-idsMatthew Hodgson2016-09-141-1/+1
|\ \ | | | | | | make device IDs more useful for human disambiguation
| * | make device IDs more useful for human disambiguationMatthew Hodgson2016-09-131-1/+1
| | |
* | | Merge pull request #1116 from matrix-org/paul/tiny-fixesPaul Evans2016-09-131-2/+2
|\ \ \ | | | | | | | | Fix typo "persiting"
| * | | Fix typo "persiting"Paul "LeoNerd" Evans2016-09-131-2/+2
| | | |
* | | | Limit how often we ask for keys from dead serversMark Haines2016-09-131-11/+30
|/ / /
* | | Move the E2E key handling into the e2e handlerMark Haines2016-09-131-3/+102
| | |
* | | Merge pull request #1110 from matrix-org/markjh/e2e_timeoutMark Haines2016-09-131-21/+43
|\ \ \ | | | | | | | | Add a timeout parameter for end2end key queries.
| * | | Add a timeout parameter for end2end key queries.Mark Haines2016-09-121-21/+43
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a timeout parameter for controlling how long synapse will wait for responses from remote servers. For servers that fail include how they failed to make it easier to debug. Fetch keys from different servers in parallel rather than in series. Set the default timeout to 10s.
* | | | Add is_direct param to /createRoomErik Johnston2016-09-121-0/+6
|/ / /
* | | Merge branch 'develop' of github.com:matrix-org/synapse into erikj/batch_edusErik Johnston2016-09-091-2/+31
|\| |
| * | Merge pull request #1091 from matrix-org/paul/third-party-lookupPaul Evans2016-09-091-2/+31
| |\ \ | | | | | | | | Improvements to 3PE lookup API
| | * | Reject malformed 3PE query metadata results earlier in AS API handling codePaul "LeoNerd" Evans2016-09-091-9/+5
| | | |
| | * | Minor fixes from PR commentsPaul "LeoNerd" Evans2016-09-091-2/+2
| | | |
| | * | Efficiency fix for lookups of a single protocolPaul "LeoNerd" Evans2016-09-091-1/+4
| | | |
| | * | Don't corrupt shared cache on subsequent protocol requestsPaul "LeoNerd" Evans2016-09-091-0/+2
| | | |
| | * | Collect up all the "instances" lists of individual AS protocol results into ↵Paul "LeoNerd" Evans2016-09-081-1/+29
| | | | | | | | | | | | | | | | one combined answer to the client
* | | | Clobber EDUs in send queueErik Johnston2016-09-093-15/+7
|/ / /
* / / Deduplicate presence in _update_statesErik Johnston2016-09-091-0/+6
|/ /
* | Merge pull request #1082 from matrix-org/erikj/remote_public_roomsErik Johnston2016-09-081-0/+10
|\ \ | | | | | | Add server param to /publicRooms
| * | Add server param to /publicRoomsErik Johnston2016-09-081-0/+10
| | |
* | | Check the user_id for presence/typing matches originErik Johnston2016-09-082-1/+15
| | |
* | | Merge branch 'develop' into markjh/direct_to_device_federationMark Haines2016-09-083-54/+35
|\| |
| * | Record counts of state changesErik Johnston2016-09-061-0/+4
| | |
| * | Short circuit if presence is the sameErik Johnston2016-09-061-0/+3
| | |
| * | Fiddle should_notify to better report statsErik Johnston2016-09-061-12/+7
| | |
| * | Merge pull request #1070 from matrix-org/erikj/presence_statsErik Johnston2016-09-051-0/+8
| |\ \ | | | | | | | | Record why we have chosen to notify
| | * | Record why we have chosen to notifyErik Johnston2016-09-051-0/+8
| | | |
| * | | Use get_joined_users_from_context instead of manually looking up hostsErik Johnston2016-09-052-46/+17
| |/ /
* | | Add a new method to enqueue the device messages rather than sending a dummy EDUMark Haines2016-09-071-7/+3
| | |
* | | Send device messages over federationMark Haines2016-09-061-0/+121
|/ /
* | Merge pull request #1067 from matrix-org/markjh/idempotentMark Haines2016-09-051-0/+6
|\ \ | | | | | | Fix membership changes to be idempotent
| * | Fix membership changes to be idempotentMark Haines2016-09-021-0/+6
| | |
* | | Merge pull request #1066 from matrix-org/markjh/direct_to_device_lowerboundMark Haines2016-09-021-1/+1
|\ \ \ | | | | | | | | Only return new device messages in /sync
| * | | Only return new device messages in /syncMark Haines2016-09-021-1/+1
| |/ /
* | | Merge pull request #1064 from matrix-org/erikj/on_receive_checkErik Johnston2016-09-021-6/+18
|\ \ \ | | | | | | | | Only check if host is in room if we have state and auth_chain
| * | | Comment on when auth chain and state are NoneErik Johnston2016-09-021-0/+3
| | | |
| * | | CommentErik Johnston2016-09-021-0/+3
| | | |
| * | | Only check if host is in room if we have state and auth_chainErik Johnston2016-09-021-6/+12
| |/ /
* | | DocstringsErik Johnston2016-09-021-0/+4
| | |
* | | Only pull out IDs from DB for /state_ids/ requestErik Johnston2016-09-021-0/+26
|/ /
* | Fix typo in log lineErik Johnston2016-09-011-1/+1
| |
* | Correctly handle the difference between prev and current stateErik Johnston2016-08-313-17/+30
| |
* | Merge pull request #1055 from matrix-org/erikj/occaisonally_persistErik Johnston2016-08-301-0/+28
|\ \ | | | | | | Occaisonally persist unpersisted presence updates
| * | Check correct variableErik Johnston2016-08-301-1/+1
| | |
| * | Occaisonally persist unpersisted presence updatesErik Johnston2016-08-301-0/+28
| | |
* | | Don't notify for online -> online transitions.Erik Johnston2016-08-301-1/+6
|/ / | | | | | | | | Specifically, if currently_active remains true then we should not notify if only the last active time changes.
* | Comment about message deletionErik Johnston2016-08-301-0/+3
| |
* | Fix checkErik Johnston2016-08-301-2/+1
| |
* | Noop get_new_messages_for_device if token hasn't changedErik Johnston2016-08-301-9/+12
| |
* | Merge pull request #1049 from matrix-org/erikj/presence_users_in_roomErik Johnston2016-08-306-13/+28
|\ \ | | | | | | Use state handler instead of get_users_in_room/get_joined_hosts
| * | Use state handler instead of get_users_in_room/get_joined_hostsErik Johnston2016-08-266-13/+28
| | |
* | | Merge remote-tracking branch 'origin/develop' into markjh/direct_to_deviceMark Haines2016-08-265-167/+309
|\| |
| * | Measure _filter_events_for_serverErik Johnston2016-08-261-0/+2
| | |
| * | Don't pull out full state for _filter_events_for_serverErik Johnston2016-08-261-1/+25
| | |
| * | Merge branch 'develop' of github.com:matrix-org/synapse into erikj/state_idsErik Johnston2016-08-262-1/+13
| |\ \
| | * \ Merge pull request #1043 from matrix-org/erikj/backfill_fixErik Johnston2016-08-261-1/+3
| | |\ \ | | | | | | | | | | Fix None check in backfill
| | | * | Fix None check in backfillErik Johnston2016-08-251-1/+3
| | | | |
| * | | | Make sync not pull out full stateErik Johnston2016-08-251-34/+41
| | | | |
| * | | | Replace context.current_state with context.current_state_idsErik Johnston2016-08-254-131/+226
| | | | |
| * | | | Pull out event ids rather than full events for stateErik Johnston2016-08-251-0/+12
| | |/ / | |/| |
* | | | Merge branch 'develop' into markjh/direct_to_deviceMark Haines2016-08-254-36/+57
|\ \ \ \ | | |/ / | |/| |
| * | | Merge pull request #1041 from matrix-org/paul/third-party-lookupPaul Evans2016-08-251-0/+10
| |\ \ \ | | |/ / | |/| | Extend 3PE lookup APIs for metadata query
| | * | Don't need toplevel cache on 3PE lookup metadata any morePaul "LeoNerd" Evans2016-08-251-8/+0
| | | |
| | * | Actually query over AS API for 3PE lookup metadataPaul "LeoNerd" Evans2016-08-251-13/+1
| | | |
| | * | Move static knowledge of protocol metadata into AS handler; cache the resultPaul "LeoNerd" Evans2016-08-241-2/+24
| | | |
| | * | Initial hack at the 3PN protocols metadata lookup APIPaul "LeoNerd" Evans2016-08-241-0/+8
| | | |
| * | | Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2016-08-241-2/+2
| |\| | | | | | | | | | | | | | erikj/preserve_log_contexts
| * | | Preserve some logcontextsErik Johnston2016-08-244-36/+47
| | | |
* | | | Add store-and-forward direct-to-device messagingMark Haines2016-08-251-1/+42
| |/ / |/| |
* | | Merge branch 'develop' of github.com:matrix-org/synapse into erikj/paginationErik Johnston2016-08-241-2/+12
|\| |
| * | Pass through user-supplied content in /join/$room_idKegan Dougal2016-08-231-2/+12
| | | | | | | | | | | | | | | | | | | | | It was always intended to allow custom keys on the join event, but this has at some point been lost. Restore it. If the user specifies keys like "avatar_url" then they will be clobbered.
* | | Add None checks to backfillErik Johnston2016-08-241-2/+2
|/ /
* | defer.returnValue must not be called within MeasureErik Johnston2016-08-191-7/+7
| |
* | Merge pull request #1026 from matrix-org/paul/thirdpartylookupPaul Evans2016-08-181-0/+24
|\ \ | | | | | | 3rd party entity lookup
| * | Move validation logic for AS 3PE query response into ApplicationServiceApi ↵Paul "LeoNerd" Evans2016-08-181-44/+2
| | | | | | | | | | | | class, to keep the handler logic neater
| * | More warnings about invalid results from AS 3PE queryPaul "LeoNerd" Evans2016-08-181-2/+7
| | |
| * | Avoid so much copypasta between 3PU and 3PL query by unifying around a ↵Paul "LeoNerd" Evans2016-08-181-26/+9
| | | | | | | | | | | | ThirdPartyEntityKind enumeration
| * | Minor syntax neateningsPaul "LeoNerd" Evans2016-08-181-14/+8
| | |
| * | Appease pep8Paul "LeoNerd" Evans2016-08-181-0/+2
| | |
| * | Copypasta the 3PU support code to also do 3PLPaul "LeoNerd" Evans2016-08-181-3/+30
| | |
| * | Log a warning if an AS yields an invalid 3PU lookup resultPaul "LeoNerd" Evans2016-08-181-1/+6
| | |
| * | Scattergather the call out to ASes; validate received resultsPaul "LeoNerd" Evans2016-08-181-7/+34
| | |
| * | Filter 3PU lookups by only ASes that declare knowledge of that protocolPaul "LeoNerd" Evans2016-08-181-2/+4
| | |
| * | Merge remote-tracking branch 'origin/develop' into paul/thirdpartylookupPaul "LeoNerd" Evans2016-08-185-62/+82
| |\ \
| * | | Extend individual list results into the main return list, don't appendPaul "LeoNerd" Evans2016-08-181-1/+1
| | | |
| * | | Thread 3PU lookup through as far as the AS API object; which currently noöps itPaul "LeoNerd" Evans2016-08-171-0/+21
| | | |
* | | | Add appservice workerErik Johnston2016-08-181-38/+51
| |/ / |/| |
* | | Make AppserviceHandler stream events from databaseErik Johnston2016-08-181-21/+44
| | | | | | | | | | | | | | | | | | | | | | | | | | | This is for two reasons: 1. Suppresses duplicates correctly, as the notifier doesn't do any duplicate suppression. 2. Makes it easier to connect the AppserviceHandler to the replication stream.
* | | Make notify_interested_services fasterErik Johnston2016-08-171-23/+8
| | |
* | | Measure notify_interested_servicesErik Johnston2016-08-171-19/+22
| | |
* | | Merge pull request #1012 from matrix-org/erikj/limit_backfill_uriErik Johnston2016-08-161-4/+5
|\ \ \ | | | | | | | | Limit number of extremeties in backfill request
| * | | Limit number of extremeties in backfill requestErik Johnston2016-08-161-4/+5
| | | | | | | | | | | | | | | | | | | | This works around a bug where if we make a backfill request with too many extremeties it causes the request URI to be too long.
* | | | Refactor user_delete_access_tokens. Invalidate get_user_by_access_token to ↵Erik Johnston2016-08-151-3/+3
|/ / / | | | | | | | | | slaves.
* | | Merge pull request #1009 from matrix-org/erikj/event_splitErik Johnston2016-08-152-11/+19
|\ \ \ | |/ / |/| | Split out /events to synchrotron
| * | Make synchrotron accept /eventsErik Johnston2016-08-122-11/+19
| | |
* | | Log the value which is observed in the first place.Daniel Ehlers2016-08-141-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | The name 'result' is of bool type and has no len property, resulting in a TypeError. Futhermore in the flow control conn.response is observed and hence should be reported. Signed-off-by: Daniel Ehlers <sargon@toppoint.de>
* | | Fix AttributeError when bind_dn is not defined.Daniel Ehlers2016-08-141-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | In case one does not define bind_dn in ldap configuration, filter attribute is not declared. Since auth code only uses ldap_filter attribute when according LDAP mode is selected, it is safe to only declare the attribute in that case. Signed-off-by: Daniel Ehlers <sargon@toppoint.de>
* | | Only process one local membership event per room at a timeErik Johnston2016-08-121-1/+1
|/ /
* | Merge pull request #997 from Half-Shot/developErik Johnston2016-08-111-3/+6
|\ \ | | | | | | Don't change status_msg on /sync
| * | Don't change status_msg on /syncWill Hunt2016-08-101-3/+6
| | |
* | | Also check if server is in the roomErik Johnston2016-08-101-2/+7
| | |
* | | Correctly auth /event/ requestsErik Johnston2016-08-101-5/+6
| | |
* | | Only resign our own eventsErik Johnston2016-08-101-9/+10
|/ /
* | /login: Respond with a 403 when we get an invalid m.login.tokenRichard van der Hoff2016-08-091-3/+3
| |
* | Fix login with m.login.tokenRichard van der Hoff2016-08-081-13/+4
| | | | | | | | | | login with token (as used by CAS auth) was broken by 067596d, such that it always returned a 401.
* | Fix backfill auth eventsErik Johnston2016-08-051-21/+50
| |
* | keys/query: Omit device displayname if nullRichard van der Hoff2016-08-041-3/+4
| | | | | | | | ... which makes it more consistent with user displaynames.
* | Include device name in /keys/query responseRichard van der Hoff2016-08-031-3/+8
| | | | | | | | Add an 'unsigned' section which includes the device display name.
* | keys/query: return all users which were asked forRichard van der Hoff2016-08-031-3/+6
| | | | | | | | | | | | In the situation where all of a user's devices get deleted, we want to indicate this to a client, so we want to return an empty dictionary, rather than nothing at all.
* | Merge branch 'rav/null_default_device_displayname' into developRichard van der Hoff2016-08-031-1/+1
|\ \
| * | PEP8Richard van der Hoff2016-08-031-1/+1
| | |
| * | Default device_display_name to nullRichard van der Hoff2016-08-031-1/+1
| | | | | | | | | | | | | | | | | | It turns out that it's more useful to return a null device display name (and let clients decide how to handle it: eg, falling back to device_id) than using a constant string like "unknown device".
* | | E2eKeysHandler: minor tweaksRichard van der Hoff2016-08-031-5/+3
| | | | | | | | | | | | PR feedback
* | | Merge branch 'develop' into rav/refactor_device_queryMark Haines2016-08-033-9/+4
|\| |
| * | Merge pull request #940 from matrix-org/erikj/fed_state_cacheErik Johnston2016-08-023-9/+4
| |\ \ | | | | | | | | Cache federation state responses
| | * | Cache federation state responsesErik Johnston2016-07-213-9/+4
| | | |
* | | | E2E keys: Make federation query share code with client queryRichard van der Hoff2016-08-021-25/+90
| | | | | | | | | | | | | | | | | | | | Refactor the e2e query handler to separate out the local query, and then make the federation handler use it.
* | | | Move e2e query logic into a handlerRichard van der Hoff2016-08-011-0/+67
|/ / /
* | | Merge pull request #958 from matrix-org/paul/SYN-738Paul Evans2016-07-291-0/+7
|\ \ \ | | | | | | | | Forbid non-ASes from registering users whose names begin with '_'
| * | | Forbid non-ASes from registering users whose names begin with '_' (SYN-738)Paul "LeoNerd" Evans2016-07-271-0/+7
| | | |
* | | | Mention that func will fetch auth eventsErik Johnston2016-07-291-0/+2
| | | |
* | | | Update docstringErik Johnston2016-07-291-0/+6
| | | |
* | | | Handle the case of missing auth events when joining a roomErik Johnston2016-07-281-4/+23
| | | |
* | | | Delete e2e keys on device deleteRichard van der Hoff2016-07-271-0/+4
|/ / /
* | | Add `create_requester` functionRichard van der Hoff2016-07-264-29/+32
| | | | | | | | | | | | | | | Wrap the `Requester` constructor with a function which provides sensible defaults, and use it throughout
* | | Delete refresh tokens when deleting devicesRichard van der Hoff2016-07-261-2/+4
| | |
* | | Implement updating devicesRichard van der Hoff2016-07-261-0/+24
| | | | | | | | | | | | You can update the displayname of devices now.
* | | Implement deleting devicesRichard van der Hoff2016-07-262-3/+46
| | |
* | | Use get to avoid KeyErrorsDavid Baker2016-07-221-1/+1
| | |
* | | Log the hostname the reCAPTCHA was completed onDavid Baker2016-07-221-2/+11
| | | | | | | | | | | | This could be useful information to have in the logs. Also comment about how & why we don't verify the hostname.
* | | make /devices return a listRichard van der Hoff2016-07-211-5/+5
| | | | | | | | | | | | Turns out I specced this to return a list of devices rather than a dict of them
* | | Fix PEP8 errorsRichard van der Hoff2016-07-211-1/+1
| | |
* | | Implement GET /device/{deviceId}Richard van der Hoff2016-07-211-9/+37
| | |
* | | GET /devices endpointRichard van der Hoff2016-07-201-0/+27
|/ / | | | | | | | | | | | | implement a GET /devices endpoint which lists all of the user's devices. It also returns the last IP where we saw that device, so there is some dancing to fish that out of the user_ips table.
* | Merge pull request #935 from matrix-org/erikj/backfill_notifsErik Johnston2016-07-201-5/+6
|\ \ | | | | | | Don't notify pusher pool for backfilled events
| * | Don't notify pusher pool for backfilled eventsErik Johnston2016-07-201-5/+6
| | |
* | | Merge pull request #933 from matrix-org/rav/type_annotationsRichard van der Hoff2016-07-202-0/+8
|\ \ \ | | | | | | | | Type annotations
| * | | Type annotationsRichard van der Hoff2016-07-192-0/+8
| | | | | | | | | | | | | | | | | | | | Add some type annotations to help PyCharm (in particular) to figure out the types of a bunch of things.
* | | | Merge pull request #932 from matrix-org/rav/register_refactorDavid Baker2016-07-201-5/+8
|\ \ \ \ | |_|/ / |/| | | Further registration refactoring
| * | | Further registration refactoringRichard van der Hoff2016-07-191-5/+8
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * `RegistrationHandler.appservice_register` no longer issues an access token: instead it is left for the caller to do it. (There are two of these, one in `synapse/rest/client/v1/register.py`, which now simply calls `AuthHandler.issue_access_token`, and the other in `synapse/rest/client/v2_alpha/register.py`, which is covered below). * In `synapse/rest/client/v2_alpha/register.py`, move the generation of access_tokens into `_create_registration_details`. This means that the normal flow no longer needs to call `AuthHandler.issue_access_token`; the shared-secret flow can tell `RegistrationHandler.register` not to generate a token; and the appservice flow continues to work despite the above change.
* | | Merge pull request #922 from matrix-org/erikj/file_api2Erik Johnston2016-07-201-4/+12
|\ \ \ | |/ / |/| | Feature: Add filter to /messages. Add 'contains_url' to filter.
| * | Add filter param to /messages APIErik Johnston2016-07-141-4/+12
| | |
* | | Merge pull request #929 from matrix-org/rav/support_deviceid_in_loginRichard van der Hoff2016-07-192-8/+82
|\ \ \ | | | | | | | | Add device_id support to /login
| * | | Add device_id support to /loginRichard van der Hoff2016-07-182-8/+82
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a 'devices' table to the storage, as well as a 'device_id' column to refresh_tokens. Allow the client to pass a device_id, and initial_device_display_name, to /login. If login is successful, then register the device in the devices table if it wasn't known already. If no device_id was supplied, make one up. Associate the device_id with the access token and refresh token, so that we can get at it again later. Ensure that the device_id is copied from the refresh token to the access_token when the token is refreshed.
* | | | Summary lineMark Haines2016-07-191-2/+1
| | | |
* | | | Update docstring on Handlers.Mark Haines2016-07-191-3/+15
|/ / / | | | | | | | | | To indicate it is deprecated.
* | | Refactor login flowRichard van der Hoff2016-07-181-47/+59
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make sure that we have the canonical user_id *before* calling get_login_tuple_for_user_id. Replace login_with_password with a method which just validates the password, and have the caller call get_login_tuple_for_user_id. This brings the password flow into line with the other flows, and will give us a place to register the device_id if necessary.
* | | Fix a doc-commentRichard van der Hoff2016-07-181-1/+1
| | | | | | | | | | | | The `store` in a handler is a generic DataStore, not just an events.StateStore.
* | | Merge pull request #919 from matrix-org/erikj/auth_fixErik Johnston2016-07-151-2/+6
|\ \ \ | | | | | | | | Various auth.py fixes.
| * | | CommentErik Johnston2016-07-151-0/+4
| | | |
| * | | Check sender signed eventErik Johnston2016-07-141-2/+2
| |/ /
* / / Bug fix: expire invalid access tokensNegar Fazeli2016-07-132-5/+6
|/ /
* | Merge branch 'erikj/shared_secret' into erikj/test2Erik Johnston2016-07-063-17/+34
|\ \
| * | Add an admin option to shared secret registrationErik Johnston2016-07-051-1/+3
| | |
| * | Merge pull request #904 from ↵David Baker2016-07-051-14/+27
| |\ \ | | | | | | | | | | | | | | | | matrix-org/dbkr/register_email_no_untrusted_id_server requestToken update
| | * | requestToken updateDavid Baker2016-06-301-14/+27
| | | | | | | | | | | | | | | | | | | | | | | | Don't send requestToken request to untrusted ID servers Also correct the THREEPID_IN_USE error to add the M_ prefix. This is a backwards incomaptible change, but the only thing using this is the angular client which is now unmaintained, so it's probably better to just do this now.
| * | | Fix password configKent Shikama2016-07-051-2/+2
| | | |
| * | | Fix pep8Kent Shikama2016-07-051-1/+2
| | | |
| * | | Add pepper to password hashingKent Shikama2016-07-051-2/+3
| | | | | | | | | | | | | | | | Signed-off-by: Kent Shikama <kent@kentshikama.com>
* | | | Add ReadWriteLock for pagination and history pruneErik Johnston2016-07-051-34/+36
| | | |
* | | | Add purge_history APIErik Johnston2016-07-052-1/+14
|/ / /
* | | Fix style violationsKent Shikama2016-07-041-1/+2
| | | | | | | | | | | | Signed-off-by: Kent Shikama <kent@kentshikama.com>
* | | Optionally include password hash in createUser endpointKent Shikama2016-07-031-2/+2
|/ / | | | | | | Signed-off-by: Kent Shikama <kent@kentshikama.com>
* | Rework ldap integration with ldap3Martin Weinelt2016-06-221-33/+170
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use the pure-python ldap3 library, which eliminates the need for a system dependency. Offer both a `search` and `simple_bind` mode, for more sophisticated ldap scenarios. - `search` tries to find a matching DN within the `user_base` while employing the `user_filter`, then tries the bind when a single matching DN was found. - `simple_bind` tries the bind against a specific DN by combining the localpart and `user_base` Offer support for STARTTLS on a plain connection. The configuration was changed to reflect these new possibilities. Signed-off-by: Martin Weinelt <hexa@darmstadt.ccc.de>
* | Add a comment on why we don't create a profile for upgrading usersMark Haines2016-06-171-0/+1
| |
* | Remove registered_users from the distributor.Mark Haines2016-06-172-20/+10
| | | | | | | | | | | | | | | | | | | | The only place that was observed was to set the profile. I've made it so that the profile is set within store.register in the same transaction that creates the user. This required some slight changes to the registration code for upgrading guest users, since it previously relied on the distributor swallowing errors if the profile already existed.
* | Only re-sign our own eventsErik Johnston2016-06-171-6/+9
| |
* | Fix TypeError in call to bcrypt.hashpwSalvatore LaMendola2016-06-161-1/+1
| | | | | | | | | | | | | | | | - At the very least, this TypeError caused logins to fail on my own running instance of Synapse, and the simple (explicit) UTF-8 conversion resolved login errors for me. Signed-off-by: Salvatore LaMendola <salvatore.lamendola@gmail.com>
* | Correctly mark backfilled events as backfilledErik Johnston2016-06-151-14/+16
| |
* | Fix a bug caused by a change in auth_handler functionNegar Fazeli2016-06-081-2/+2
| | | | | | | | Fix the relevant unit test cases