summary refs log tree commit diff
path: root/synapse/handlers (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Mitigate a race where /make_join could 403 for restricted rooms (#15080)Sean Quah2023-02-171-1/+15
| | | | | | | | | | | | | | | | | | | | | | | | | Previously, when creating a join event in /make_join, we would decide whether to include additional fields to satisfy restricted room checks based on the current state of the room. Then, when building the event, we would capture the forward extremities of the room to use as prev events. This is subject to race conditions. For example, when leaving and rejoining a room, the following sequence of events leads to a misleading 403 response: 1. /make_join reads the current state of the room and sees that the user is still in the room. It decides to omit the field required for restricted room joins. 2. The leave event is persisted and the room's forward extremities are updated. 3. /make_join builds the event, using the post-leave forward extremities. The event then fails the restricted room checks. To mitigate the race, we move the read of the forward extremities closer to the read of the current state. Ideally, we would compute the state based off the chosen prev events, but that can involve state resolution, which is expensive. Signed-off-by: Sean Quah <seanq@matrix.org>
* Use mypy 1.0 (#15052)David Robertson2023-02-162-5/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Update mypy and mypy-zope * Remove unused ignores These used to suppress ``` synapse/storage/engines/__init__.py:28: error: "__new__" must return a class instance (got "NoReturn") [misc] ``` and ``` synapse/http/matrixfederationclient.py:1270: error: "BaseException" has no attribute "reasons" [attr-defined] ``` (note that we check `hasattr(e, "reasons")` above) * Avoid empty body warnings, sometimes by marking methods as abstract E.g. ``` tests/handlers/test_register.py:58: error: Missing return statement [empty-body] tests/handlers/test_register.py:108: error: Missing return statement [empty-body] ``` * Suppress false positive about `JaegerConfig` Complaint was ``` synapse/logging/opentracing.py:450: error: Function "Type[Config]" could always be true in boolean context [truthy-function] ``` * Fix not calling `is_state()` Oops! ``` tests/rest/client/test_third_party_rules.py:428: error: Function "Callable[[], bool]" could always be true in boolean context [truthy-function] ``` * Suppress false positives from ParamSpecs ```` synapse/logging/opentracing.py:971: error: Argument 2 to "_custom_sync_async_decorator" has incompatible type "Callable[[Arg(Callable[P, R], 'func'), **P], _GeneratorContextManager[None]]"; expected "Callable[[Callable[P, R], **P], _GeneratorContextManager[None]]" [arg-type] synapse/logging/opentracing.py:1017: error: Argument 2 to "_custom_sync_async_decorator" has incompatible type "Callable[[Arg(Callable[P, R], 'func'), **P], _GeneratorContextManager[None]]"; expected "Callable[[Callable[P, R], **P], _GeneratorContextManager[None]]" [arg-type] ```` * Drive-by improvement to `wrapping_logic` annotation * Workaround false "unreachable" positives See https://github.com/Shoobx/mypy-zope/issues/91 ``` tests/http/test_proxyagent.py:626: error: Statement is unreachable [unreachable] tests/http/test_proxyagent.py:762: error: Statement is unreachable [unreachable] tests/http/test_proxyagent.py:826: error: Statement is unreachable [unreachable] tests/http/test_proxyagent.py:838: error: Statement is unreachable [unreachable] tests/http/test_proxyagent.py:845: error: Statement is unreachable [unreachable] tests/http/federation/test_matrix_federation_agent.py:151: error: Statement is unreachable [unreachable] tests/http/federation/test_matrix_federation_agent.py:452: error: Statement is unreachable [unreachable] tests/logging/test_remote_handler.py:60: error: Statement is unreachable [unreachable] tests/logging/test_remote_handler.py:93: error: Statement is unreachable [unreachable] tests/logging/test_remote_handler.py:127: error: Statement is unreachable [unreachable] tests/logging/test_remote_handler.py:152: error: Statement is unreachable [unreachable] ``` * Changelog * Tweak DBAPI2 Protocol to be accepted by mypy 1.0 Some extra context in: - https://github.com/matrix-org/python-canonicaljson/pull/57 - https://github.com/python/mypy/issues/6002 - https://mypy.readthedocs.io/en/latest/common_issues.html#covariant-subtyping-of-mutable-protocol-members-is-rejected * Pull in updated canonicaljson lib so the protocol check just works * Improve comments in opentracing I tried to workaround the ignores but found it too much trouble. I think the corresponding issue is https://github.com/python/mypy/issues/12909. The mypy repo has a PR claiming to fix this (https://github.com/python/mypy/pull/14677) which might mean this gets resolved soon? * Better annotation for INTERACTIVE_AUTH_CHECKERS * Drive-by AUTH_TYPE annotation, to remove an ignore
* Update the error code for duplicate annotation (#15075)Richard van der Hoff2023-02-151-1/+5
|
* Fix order of partial state tables when purging (#15068)David Robertson2023-02-141-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Fix order of partial state tables when purging `partial_state_rooms` has an FK on `events` pointing to the join event we get from `/send_join`, so we must delete from that table before deleting from `events`. **NB:** It would be nice to cancel any resync processes for the room being purged. We do not do this at present. To do so reliably we'd need an internal HTTP "replication" endpoint, because the worker doing the resync process may be different to that handling the purge request. The first time the resync process tries to write data after the deletion it will fail because we have deleted necessary data e.g. auth events. AFAICS it will not retry the resync, so the only downside to not cancelling the resync is a scary-looking traceback. (This is presumably extremely race-sensitive.) * Changelog * admist(?) -> between * Warn about a race * Fix typo, thanks Sean Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com> --------- Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com>
* Faster joins: Omit device list updates from partial state rooms in /sync ↵Sean Quah2023-02-141-0/+5
| | | | | | | | | | | | (#15069) ...when lazy loading of members is not enabled. It's weird to notify a client that another user's device list has changed when the client doesn't think that they share a room. Note that when a room is un-partial stated, device list updates are emitted for every member in that room over /sync. Signed-off-by: Sean Quah <seanq@matrix.org>
* Skip calculating unread push actions in `/sync` when `enable_push` is false. ↵Erik Johnston2023-02-141-0/+8
| | | | (#14980)
* Tweak comment on `_is_local_room_accessible` as part of room visibility in ↵reivilibre2023-02-131-2/+2
| | | | `/hierarchy` to clarify the condition for a room being visible. (#14834)
* Refactor arguments of `try_unbind_threepid(_with_id_server)` from dict to ↵Andrew Morgan2023-02-133-33/+26
| | | | separate args (#15053)
* Faster joins: don't stall when a user joins during a fast join (#14606)Mathieu Velten2023-02-107-53/+151
| | | | | | | | | | | | | | | | Fixes #12801. Complement tests are at https://github.com/matrix-org/complement/pull/567. Avoid blocking on full state when handling a subsequent join into a partial state room. Also always perform a remote join into partial state rooms, since we do not know whether the joining user has been banned and want to avoid leaking history to banned users. Signed-off-by: Mathieu Velten <mathieuv@matrix.org> Co-authored-by: Sean Quah <seanq@matrix.org> Co-authored-by: David Robertson <davidr@element.io>
* Return read-only collections from `@cached` methods (#13755)Sean Quah2023-02-104-8/+8
| | | | | | | | | | | | | It's important that collections returned from `@cached` methods are not modified, otherwise future retrievals from the cache will return the modified collection. This applies to the return values from `@cached` methods and the values inside the dictionaries returned by `@cachedList` methods. It's not necessary for the dictionaries returned by `@cachedList` methods themselves to be read-only. Signed-off-by: Sean Quah <seanq@matrix.org> Co-authored-by: David Robertson <davidr@element.io>
* Avoid fetching unused account data in sync. (#14973)Patrick Cloke2023-02-104-48/+57
| | | | | | | The per-room account data is no longer unconditionally fetched, even if all rooms will be filtered out. Global account data will not be fetched if it will all be filtered out.
* Avoid mutating cached values in `_generate_sync_entry_for_account_data` (#15047)Sean Quah2023-02-101-0/+2
|
* Refactor get_user_devices_from_cache to avoid mutating cached values. (#15040)Patrick Cloke2023-02-101-4/+7
| | | | | | | | The previous version of the code could mutate a cached value, but only if the input requested all devices of a user *and* a specific device. To avoid this nonsensical situation we no longer fetch a specific device ID if all of a user's devices are returned.
* Add a class UnpersistedEventContext to allow for the batching up of storing ↵Shay2023-02-093-37/+70
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | state groups (#14675) * add class UnpersistedEventContext * modify create new client event to create unpersistedeventcontexts * persist event contexts after creation * fix tests to persist unpersisted event contexts * cleanup * misc lints + cleanup * changelog + fix comments * lints * fix batch insertion? * reduce redundant calculation * add unpersisted event classes * rework compute_event_context, split into function that returns unpersisted event context and then persists it * use calculate_context_info to create unpersisted event contexts * update typing * $%#^&* * black * fix comments and consolidate classes, use attr.s for class * requested changes * lint * requested changes * requested changes * refactor to be stupidly explicit * clearer renaming and flow * make partial state non-optional * update docstrings --------- Co-authored-by: Erik Johnston <erik@matrix.org>
* Avoid mutating cached room aliases. (#15038)Patrick Cloke2023-02-091-1/+2
| | | | | This might cause incorrect data in other callers which are not expecting the canonical alias to be added into the response.
* Add final type hint to synapse.server. (#15035)Patrick Cloke2023-02-091-1/+1
|
* Limit concurrent event creation for a room to avoid state resolution when ↵Shay2023-02-081-3/+3
| | | | sending bursts of events to a local room (#14977)
* Faster joins: Refactor handling of servers in room (#14954)Sean Quah2023-02-032-5/+16
| | | | | | | | | | | | | | Ensure that the list of servers in a partial state room always contains the server we joined off. Also refactor `get_partial_state_servers_at_join` to return `None` when the given room is no longer partial stated, to explicitly indicate when the room has partial state. Otherwise it's not clear whether an empty list means that the room has full state, or the room is partial stated, but the server we joined off told us that there are no servers in the room. Signed-off-by: Sean Quah <seanq@matrix.org>
* Skip unused calculations in sync handler. (#14908)Patrick Cloke2023-02-021-125/+133
| | | | | | | | | If a sync request does not need to calculate per-room entries & is not generating presence & is not generating device list data (e.g. during initial sync) avoid the expensive calculation of room specific data. This is a micro-optimisation for clients syncing simply to receive to-device information.
* Do not calculate presence or ephemeral events when they are filtered out ↵Patrick Cloke2023-02-021-10/+9
| | | | | | | | (#14970) This expands the previous optimisation from being only for initial sync to being for all sync requests. It also inverts some of the logic to be inclusive instead of exclusive.
* Add helper to parse an enum from query args & use it. (#14956)Patrick Cloke2023-02-013-6/+7
| | | | | | | | The `parse_enum` helper pulls an enum value from the query string (by delegating down to the parse_string helper with values generated from the enum). This is used to pull out "f" and "b" in most places and then we thread the resulting Direction enum throughout more code.
* Add more user information to export-data command. (#14894)Dirk Klimpel2023-02-011-0/+43
| | | | | | * The user's profile information. * The user's devices. * The user's connections / IP address information.
* Fix "Re-starting finished log context" spam when creating events (#14947)Sean Quah2023-01-311-1/+3
| | | | | | | | | | | `run_in_background` calls re-use the current logging context. When they are not awaited, they can complete after the current logging context has been marked as finished, which leads to log spam. Use `run_as_background_process` instead. Fixes one of the instances of #13090. Signed-off-by: Sean Quah <seanq@matrix.org>
* Prefer `type(x) is int` to `isinstance(x, int)` (#14945)David Robertson2023-01-311-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Perfer `type(x) is int` to `isinstance(x, int)` This covered all additional instances I could see where `x` was user-controlled. The remaining cases are ``` $ rg -s 'isinstance.*[^_]int' tests/replication/_base.py 576: if isinstance(obj, int): synapse/util/caches/stream_change_cache.py 136: assert isinstance(stream_pos, int) 214: assert isinstance(stream_pos, int) 246: assert isinstance(stream_pos, int) 267: assert isinstance(stream_pos, int) synapse/replication/tcp/external_cache.py 133: if isinstance(result, int): synapse/metrics/__init__.py 100: if isinstance(calls, (int, float)): synapse/handlers/appservice.py 262: assert isinstance(new_token, int) synapse/config/_util.py 62: if isinstance(p, int): ``` which cover metrics, logic related to `jsonschema`, and replication and data streams. AFAICS these are all internal to Synapse * Changelog
* Merge branch 'release-v1.76' into developDavid Robertson2023-01-271-7/+17
|\
| * Batch look-ups to see if rooms are partial stated. (#14917)Patrick Cloke2023-01-261-7/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Batch look-ups to see if rooms are partial stated. * Fix issues found in linting. * Fix typo. * Apply suggestions from code review Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com> * Clarify comments. Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com> * Also improve the cache size while we're at it * is_partial_state_rooms -> is_partial_state_room_batched * Run `black` * Improve annotation for `simple_select_many_batch` * Fix is_partial_state_room_batched impl * Okay, _actually_ fix impl * Update description. * Update synapse/storage/databases/main/room.py Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> * Run black. Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com> Co-authored-by: David Robertson <davidr@element.io>
* | Use an enum for direction. (#14927)Patrick Cloke2023-01-274-9/+25
| | | | | | | | For better type safety we use an enum instead of strings to configure direction (backwards or forwards).
* | Use StrCollection in place of Collection[str] in (most) handlers code. (#14922)Patrick Cloke2023-01-2611-56/+40
| | | | | | | | Due to the increased safety of StrCollection over Collection[str] and Sequence[str].
* | Fix a bug in the send_local_online_presence_to module API (#14880)Patrick Cloke2023-01-251-6/+12
|/ | | | | | | Destination was being used incorrectly (a single destination instead of a list of destinations was being passed). This also updates some of the types in the area to not use Collection[str], which is a footgun.
* Faster joins: omit partial rooms from eager syncs until the resync completes ↵David Robertson2023-01-232-20/+60
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (#14870) * Allow `AbstractSet` in `StrCollection` Or else frozensets are excluded. This will be useful in an upcoming commit where I plan to change a function that accepts `List[str]` to accept `StrCollection` instead. * `rooms_to_exclude` -> `rooms_to_exclude_globally` I am about to make use of this exclusion mechanism to exclude rooms for a specific user and a specific sync. This rename helps to clarify the distinction between the global config and the rooms to exclude for a specific sync. * Better function names for internal sync methods * Track a list of excluded rooms on SyncResultBuilder I plan to feed a list of partially stated rooms for this sync to ignore * Exclude partial state rooms during eager sync using the mechanism established in the previous commit * Track un-partial-state stream in sync tokens So that we can work out which rooms have become fully-stated during a given sync period. * Fix mutation of `@cached` return value This was fouling up a complement test added alongside this PR. Excluding a room would mean the set of forgotten rooms in the cache would be extended. This means that room could be erroneously considered forgotten in the future. Introduced in #12310, Synapse 1.57.0. I don't think this had any user-visible side effects (until now). * SyncResultBuilder: track rooms to force as newly joined Similar plan as before. We've omitted rooms from certain sync responses; now we establish the mechanism to reintroduce them into future syncs. * Read new field, to present rooms as newly joined * Force un-partial-stated rooms to be newly-joined for eager incremental syncs only, provided they're still fully stated * Notify user stream listeners to wake up long polling syncs * Changelog * Typo fix Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com> * Unnecessary list cast Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com> * Rephrase comment Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com> * Another comment Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com> * Fixup merge(?) * Poke notifier when receiving un-partial-stated msg over replication * Fixup merge whoops Thanks MV :) Co-authored-by: Mathieu Velen <mathieuv@matrix.org> Co-authored-by: Mathieu Velten <mathieuv@matrix.org> Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com>
* Faster joins: Update room stats and the user directory on workers when ↵Sean Quah2023-01-231-3/+4
| | | | | | | | | | | | | | | | | | | | | | | finishing join (#14874) * Faster joins: Update room stats and user directory on workers when done When finishing a partial state join to a room, we update the current state of the room without persisting additional events. Workers receive notice of the current state update over replication, but neglect to wake the room stats and user directory updaters, which then get incidentally triggered the next time an event is persisted or an unrelated event persister sends out a stream position update. We wake the room stats and user directory updaters at the appropriate time in this commit. Part of #12814 and #12815. Signed-off-by: Sean Quah <seanq@matrix.org> * fixup comment Signed-off-by: Sean Quah <seanq@matrix.org>
* Enable Faster Remote Room Joins against worker-mode Synapse. (#14752)reivilibre2023-01-222-3/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Enable Complement tests for Faster Remote Room Joins on worker-mode * (dangerous) Add an override to allow Complement to use FRRJ under workers * Newsfile Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org> * Fix race where we didn't send out replication notification * MORE HACKS * Fix get_un_partial_stated_rooms_token to take instance_name * Fix bad merge * Remove warning * Correctly advance un_partial_stated_room_stream * Fix merge * Add another notify_replication * Fixups * Create a separate ReplicationNotifier * Fix test * Fix portdb * Create a separate ReplicationNotifier * Fix test * Fix portdb * Fix presence test * Newsfile * Apply suggestions from code review * Update changelog.d/14752.misc Co-authored-by: Erik Johnston <erik@matrix.org> * lint Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org> Co-authored-by: Erik Johnston <erik@matrix.org>
* Faster joins: Fix incompatibility with restricted joins (#14882)Sean Quah2023-01-221-81/+134
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Avoid clearing out forward extremities when doing a second remote join When joining a restricted room where the local homeserver does not have a user able to issue invites, we perform a second remote join. We want to avoid clearing out forward extremities in this case because the forward extremities we have are up to date and clearing out forward extremities creates a window in which the room can get bricked if Synapse crashes. Signed-off-by: Sean Quah <seanq@matrix.org> * Do a full join when doing a second remote join into a full state room We cannot persist a partial state join event into a joined full state room, so we perform a full state join for such rooms instead. As a future optimization, we could always perform a partial state join and compute or retrieve the full state ourselves if necessary. Signed-off-by: Sean Quah <seanq@matrix.org> * Add lock around partial state flag for rooms Signed-off-by: Sean Quah <seanq@matrix.org> * Preserve partial state info when doing a second partial state join Signed-off-by: Sean Quah <seanq@matrix.org> * Add newsfile * Add a TODO(faster_joins) marker Signed-off-by: Sean Quah <seanq@matrix.org>
* Faster joins: Avoid starting duplicate partial state syncs (#14844)Sean Quah2023-01-201-8/+98
| | | | | | | | | | | | | | | | | | Currently, we will try to start a new partial state sync every time we perform a remote join, which is undesirable if there is already one running for a given room. We intend to perform remote joins whenever additional local users wish to join a partial state room, so let's ensure that we do not start more than one concurrent partial state sync for any given room. ------------------------------------------------------------------------ There is a race condition where the homeserver leaves a room and later rejoins while the partial state sync from the previous membership is still running. There is no guarantee that the previous partial state sync will process the latest join, so we restart it if needed. Signed-off-by: Sean Quah <seanq@matrix.org>
* Wait for streams to catch up when processing HTTP replication. (#14820)Erik Johnston2023-01-181-0/+4
| | | | This should hopefully mitigate a class of races where data gets out of sync due a HTTP replication request racing with the replication streams.
* Add an early return when handling no-op presence updates. (#14855)Erik Johnston2023-01-161-0/+5
| | | This stops us from incrementing the presence stream position for no-op updates.
* Implement MSC3890: Remotely silence local notifications (#14775)Andrew Morgan2023-01-131-1/+10
|
* Merge account data streams (#14826)Erik Johnston2023-01-133-6/+20
|
* Merge remote-tracking branch 'origin/release-v1.75' into developRichard van der Hoff2023-01-121-4/+0
|\
| * Calculate rooms changed for device lists to work. (#14810)Patrick Cloke2023-01-111-4/+0
| | | | | | | | Back-out some changes from 7e582a25f8f350df29d7d83ca902bdb522d1bbaf (#14786) which skipped necessary logic to calculate device lists properly.
* | Faster remote room joins (worker mode): do not populate external ↵reivilibre2023-01-111-5/+16
|/ | | | | | hosts-in-room cache when sending events as this requires blocking for full state. (#14749) Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org> Co-authored-by: Sean Quah <seanq@matrix.org>
* Batch up replication requests to request the resyncing of remote users's ↵reivilibre2023-01-104-66/+155
| | | | devices. (#14716)
* Improve /sync performance of when passing filters with empty arrays. (#14786)Patrick Cloke2023-01-092-4/+12
| | | | | | | | | | | | | | | | This has two related changes: * It enables fast-path processing for an empty filter (`[]`) which was previously only used for wildcard not-filters (`["*"]`). * It special cases a `/sync` filter with no-rooms to skip all room processing, previously we would partially skip processing, but would generally still calculate intermediate values for each room which were then unused. Future changes might consider further optimizations: * Skip calculating per-room account data when all rooms are filtered (currently this is thrown away). * Make similar improvements to other endpoints which support filters.
* Support RFC7636 PKCE in the OAuth 2.0 flow. (#14750)Patrick Cloke2023-01-041-7/+47
| | | | | | | PKCE can protect against certain attacks and is enabled by default. Support can be controlled manually by setting the pkce_method of each oidc_providers entry to 'auto' (default), 'always', or 'never'. This is required by Twitter OAuth 2.0 support.
* Support non-OpenID compliant user info endpoints (#14753)Patrick Cloke2023-01-041-8/+23
| | | | | | | | OpenID specifies the format of the user info endpoint and some OAuth 2.0 IdPs do not follow it, e.g. NextCloud and Twitter. This adds subject_template and picture_template options to the default mapping provider for more flexibility in matching those user info responses.
* Add experimental support for MSC3391: deleting account data (#14714)Andrew Morgan2023-01-011-8/+103
|
* Actually use the picture_claim as configured in OIDC config. (#14751)Patrick Cloke2022-12-291-1/+1
| | | | Previously it was only using the default value ("picture") when fetching the picture from the user info.
* Log to-device msgids when we return them over /sync (#14724)Richard van der Hoff2022-12-231-7/+13
|
* Add missing type hints to tests.handlers. (#14680)Patrick Cloke2022-12-161-1/+1
| | | And do not allow untyped defs in tests.handlers.
* Make `handle_new_client_event` throws `PartialStateConflictError` (#14665)Mathieu Velten2022-12-155-235/+349
| | | | | | | Then adapts calling code to retry when needed so it doesn't 500 to clients. Signed-off-by: Mathieu Velten <mathieuv@matrix.org> Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com>
* Faster remote room joins: stream the un-partial-stating of events over ↵reivilibre2022-12-141-0/+2
| | | | replication. [rei:frrj/streams/unpsr] (#14545)
* Use the room type from stats in hierarchy response. (#14263)Patrick Cloke2022-12-131-9/+5
| | | | | | | | | This avoids pulling additional state information (and events) from the database for each item returned in the hierarchy response. The room type might be out of date until a background update finishes running, the worst impact of this would be spaces being treated as rooms in the hierarchy response. This should self-heal once the background update finishes.
* Improve validation of field size limits in events. (#14664)reivilibre2022-12-131-0/+20
|
* Allow selecting "prejoin" events by state keys (#14642)David Robertson2022-12-131-11/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Declare new config * Parse new config * Read new config * Don't use trial/our TestCase where it's not needed Before: ``` $ time trial tests/events/test_utils.py > /dev/null real 0m2.277s user 0m2.186s sys 0m0.083s ``` After: ``` $ time trial tests/events/test_utils.py > /dev/null real 0m0.566s user 0m0.508s sys 0m0.056s ``` * Helper to upsert to event fields without exceeding size limits. * Use helper when adding invite/knock state Now that we allow admins to include events in prejoin room state with arbitrary state keys, be a good Matrix citizen and ensure they don't accidentally create an oversized event. * Changelog * Move StateFilter tests should have done this in #14668 * Add extra methods to StateFilter * Use StateFilter * Ensure test file enforces typed defs; alphabetise * Workaround surprising get_current_state_ids * Whoops, fix mypy
* Move `StateFilter` to `synapse.types` (#14668)David Robertson2022-12-129-9/+9
| | | | | * Move `StateFilter` to `synapse.types` * Changelog
* Revert the deletion of stale devices due to performance issues. (#14662)reivilibre2022-12-121-32/+1
|
* Limit the number of devices we delete at once (#14649)Erik Johnston2022-12-091-1/+3
|
* Delete stale non-e2e devices for users, take 2 (#14595)Erik Johnston2022-12-091-1/+30
| | | | | This should help reduce the number of devices e.g. simple bots the repeatedly login rack up. We only delete non-e2e devices as they should be safe to delete, whereas if we delete e2e devices for a user we may accidentally break their ability to receive e2e keys for a message.
* Improve logging and opentracing for to-device message handling (#14598)Richard van der Hoff2022-12-063-24/+41
| | | | | | | A batch of changes intended to make it easier to trace to-device messages through the system. The intention here is that a client can set a property org.matrix.msgid in any to-device message it sends. That ID is then included in any tracing or logging related to the message. (Suggestions as to where this field should be documented welcome. I'm not enthusiastic about speccing it - it's very much an optional extra to help with debugging.) I've also generally improved the data we send to opentracing for these messages.
* Better return type for `get_all_entities_changed` (#14604)Erik Johnston2022-12-054-13/+17
| | | | Help callers from using the return value incorrectly by ensuring that callers explicitly check if there was a cache hit or not.
* Faster remote room joins: stream the un-partial-stating of rooms over ↵reivilibre2022-12-052-1/+5
| | | | replication. [rei:frrj/streams/unpsr] (#14473)
* Properly handle unknown results for the stream change cache. (#14592)Patrick Cloke2022-12-021-2/+2
| | | | | | StreamChangeCache.get_all_changed_entities can return None to signify it does not have information at the given stream position. Two callers (related to device lists and presence) were treating this response the same as an empty list (i.e. there being no updates).
* Revert "POC delete stale non-e2e devices for users (#14038)" (#14582)David Robertson2022-11-291-12/+1
|
* POC delete stale non-e2e devices for users (#14038)Erik Johnston2022-11-291-1/+12
| | | | | | | | This should help reduce the number of devices e.g. simple bots the repeatedly login rack up. We only delete non-e2e devices as they should be safe to delete, whereas if we delete e2e devices for a user we may accidentally break their ability to receive e2e keys for a message. Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com>
* Fix possible variable shadow in `create_new_client_event` (#14575)Shay2022-11-281-2/+4
|
* Use `device_one_time_keys_count` to match MSC3202 (#14565)Andrew Ferrazzutti2022-11-281-3/+3
| | | | | | | | | | | | | | | | | | | * Use `device_one_time_keys_count` to match MSC3202 Rename the `device_one_time_key_counts` key in responses to `device_one_time_keys_count` to match the name specified by MSC3202. Also change related variable/class names for consistency. Signed-off-by: Andrew Ferrazzutti <andrewf@element.io> * Update changelog.d/14565.misc * Revert name change for `one_time_key_counts` key as this is a different key altogether from `device_one_time_keys_count`, which is used for `/sync` instead of appservice transactions. Signed-off-by: Andrew Ferrazzutti <andrewf@element.io>
* Include thread information when sending receipts over federation. (#14466)Patrick Cloke2022-11-281-1/+0
| | | | | | | | | | | | Include the thread_id field when sending read receipts over federation. This might result in the same user having multiple read receipts per-room, meaning multiple EDUs must be sent to encapsulate those receipts. This restructures the PerDestinationQueue APIs to support multiple receipt EDUs, queue_read_receipt now becomes linear time in the number of queued threaded receipts in the room for the given user, it is expected this is a small number since receipt EDUs are sent as filler in transactions.
* Add support for handling avatar with SSO login (#13917)Ashish Kumar2022-11-252-0/+118
| | | | | | | | This commit adds support for handling a provided avatar picture URL when logging in via SSO. Signed-off-by: Ashish Kumar <ashfame@users.noreply.github.com> Fixes #9357.
* Implement message forward pagination from start when no from is given, fixes ↵Benjamin Kampmann2022-11-241-0/+6
| | | | | #12383 (#14149) Fixes https://github.com/matrix-org/synapse/issues/12383
* Faster joins: use servers list approximation in `assert_host_in_room` (#14515)Mathieu Velten2022-11-241-11/+17
| | | Signed-off-by: Mathieu Velten <mathieuv@matrix.org>
* Add a type hint for `get_device_handler()` and fix incorrect types. (#14055)Patrick Cloke2022-11-226-45/+104
| | | | | This was the last untyped handler from the HomeServer object. Since it was being treated as Any (and thus unchecked) it was being used incorrectly in a few places.
* Track unconverted device list outbound pokes using a position instead (#14516)Sean Quah2022-11-221-3/+27
| | | | | | | | | | | | | | | | | | | | | When a local device list change is added to `device_lists_changes_in_room`, the `converted_to_destinations` flag is set to `FALSE` and the `_handle_new_device_update_async` background process is started. This background process looks for unconverted rows in `device_lists_changes_in_room`, copies them to `device_lists_outbound_pokes` and updates the flag. To update the `converted_to_destinations` flag, the database performs a `DELETE` and `INSERT` internally, which fragments the table. To avoid this, track unconverted rows using a `(stream ID, room ID)` position instead of the flag. From now on, the `converted_to_destinations` column indicates rows that need converting to outbound pokes, but does not indicate whether the conversion has already taken place. Closes #14037. Signed-off-by: Sean Quah <seanq@matrix.org>
* Parallelize calls to fetch bundled aggregations. (#14510)Patrick Cloke2022-11-221-32/+51
| | | | The bundled aggregations for annotations, references, and edits can be parallelized.
* Batch fetch bundled references (#14508)Patrick Cloke2022-11-221-69/+59
| | | | | | | | | Avoid an n+1 query problem and fetch the bundled aggregations for m.reference relations in a single query instead of a query per event. This applies similar logic for as was previously done for edits in 8b309adb436c162510ed1402f33b8741d71fc058 (#11660; threads in b65acead428653b988351ae8d7b22127a22039cd (#11752); and annotations in 1799a54a545618782840a60950ef4b64da9ee24d (#14491).
* Batch fetch bundled annotations (#14491)Patrick Cloke2022-11-221-84/+113
| | | | | | | | Avoid an n+1 query problem and fetch the bundled aggregations for m.annotation relations in a single query instead of a query per event. This applies similar logic for as was previously done for edits in 8b309adb436c162510ed1402f33b8741d71fc058 (#11660) and threads in b65acead428653b988351ae8d7b22127a22039cd (#11752).
* Faster joins: filter out non local events when a room doesn't have its full ↵Mathieu Velten2022-11-211-5/+10
| | | | | | state (#14404) Signed-off-by: Mathieu Velten <mathieuv@matrix.org>
* Fix an invalid comparison of `UserPresenceState` to `str` (#14393)Andrew Morgan2022-11-161-1/+1
|
* Remove redundant types from comments. (#14412)Patrick Cloke2022-11-167-10/+11
| | | | | | | Remove type hints from comments which have been added as Python type hints. This helps avoid drift between comments and reality, as well as removing redundant information. Also adds some missing type hints which were simple to fill in.
* Don't filter state in /context response (#14461)Erik Johnston2022-11-161-1/+1
| | | We don't filter state usually, so doing so here is a waste of time. This is not much of an issue for clients that enable lazy loading of members, since there will be fewer state events.
* Include heroes in partial join responses' state (#14442)David Robertson2022-11-151-17/+3
| | | | | | | | | | | * Pull out hero selection logic * Include heroes in partial join response's state * Changelog * Fixup trial test * Remove TODO
* Quieter logging for stateres failure at missing prev events (#14346)David Robertson2022-11-101-3/+2
|
* Correctly create power level event during initial room creation (#14361)Shay2022-11-071-2/+23
|
* Bump flake8-bugbear from 22.9.23 to 22.10.27 (#14329)dependabot[bot]2022-11-041-2/+4
| | | | | Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: GitHub Actions <github-actions[bot]@users.noreply.github.com> Co-authored-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
* Implement MSC3912: Relation-based redactions (#14260)Brendan Abolivier2022-11-032-10/+93
| | | Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com>
* Allow PUT/GET of aliases during faster join (#14292)David Robertson2022-11-011-2/+2
| | | without blocking on full state.
* Support OIDC backchannel logouts (#11414)Quentin Gliech2022-10-312-36/+416
| | | | | | | If configured an OIDC IdP can log a user's session out of Synapse when they log out of the identity provider. The IdP sends a request directly to Synapse (and must be configured with an endpoint) when a user logs out.
* Prevent federation user keys query from returning device names if disallowed ↵Andrew Morgan2022-10-281-4/+33
| | | | (#14304)
* Merge branch 'master' into developOlivier Wilkinson (reivilibre)2022-10-281-5/+11
|\
| * Fix room creation being rate limited too aggressively since Synapse v1.69.0. ↵reivilibre2022-10-281-5/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (#14314) * Introduce a test for the old behaviour which we want to restore * Reintroduce the old behaviour in a simpler way * Newsfile Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org> * Use 1 credit instead of 2 for creating a room: be more lenient than before Notably, the UI in Element Web was still broken after restoring to prior behaviour. After discussion, we agreed that it would be sensible to increase the limit. Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
* | Refactor MSC3030 `/timestamp_to_event` to move away from our snowflake pull ↵Eric Eastwood2022-10-263-100/+72
| | | | | | | | | | | | | | | | | | from `destination` pattern (#14096) 1. `federation_client.timestamp_to_event(...)` now handles all `destination` looping and uses our generic `_try_destination_list(...)` helper. 2. Consistently handling `NotRetryingDestination` and `FederationDeniedError` across `get_pdu` , backfill, and the generic `_try_destination_list` which is used for many places we use this pattern. 3. `get_pdu(...)` now returns `PulledPduInfo` so we know which `destination` we ended up pulling the PDU from
* | fix broken avatar checks when server_name contains a port (#13927)Ashish Kumar2022-10-261-1/+5
| | | | | | | | | | | | Fixes check_avatar_size_and_mime_type() to successfully update avatars on homeservers running on non-default ports which it would mistakenly treat as remote homeserver while validating the avatar's size and mime type. Signed-off-by: Ashish Kumar ashfame@users.noreply.github.com
* | Save login tokens in database (#13844)Quentin Gliech2022-10-261-10/+54
| | | | | | | | | | | | | | | | | | | | | | * Save login tokens in database Signed-off-by: Quentin Gliech <quenting@element.io> * Add upgrade notes * Track login token reuse in a Prometheus metric Signed-off-by: Quentin Gliech <quenting@element.io>
* | Refactor OIDC tests to better mimic an actual OIDC provider. (#13910)Quentin Gliech2022-10-251-4/+11
| | | | | | | | | | | | | | | | | | This implements a fake OIDC server, which intercepts calls to the HTTP client. Improves accuracy of tests by covering more internal methods. One particular example was the ID token validation, which previously mocked. This uncovered an incorrect dependency: Synapse actually requires at least authlib 0.15.1, not 0.14.0.
* | Add initial power level event to batch of bulk persisted events when ↵Shay2022-10-214-43/+18
| | | | | | | | creating a new room. (#14228)
* | Show erasure status when listing users in the Admin API (#14205)Tadeusz Sośnierz2022-10-211-0/+1
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Show erasure status when listing users in the Admin API * Use USING when joining erased_users * Add changelog entry * Revert "Use USING when joining erased_users" This reverts commit 30bd2bf106415caadcfdbdd1b234ef2b106cc394. * Make the erased check work on postgres * Add a testcase for showing erased user status * Appease the style linter * Explicitly convert `erased` to bool to make SQLite consistent with Postgres This also adds us an easy way in to fix the other accidentally integered columns. * Move erasure status test to UsersListTestCase * Include user erased status when fetching user info via the admin API * Document the erase status in user_admin_api * Appease the linter and mypy * Signpost comments in tests Co-authored-by: Tadeusz Sośnierz <tadeusz@sosnierz.com> Co-authored-by: David Robertson <david.m.robertson1@gmail.com>
* Prepatory work for adding power level event to batched events (#14214)Shay2022-10-184-16/+28
|
* Implementation of HTTP 307 response for MSC3886 POST endpoint (#14018)Hugh Nimmo-Smith2022-10-181-1/+1
| | | | Co-authored-by: reivilibre <olivier@librepush.net> Co-authored-by: Andrew Morgan <andrewm@element.io>
* When restarting a partial join resync, prioritise the server which actioned ↵David Robertson2022-10-182-24/+38
| | | | a partial join (#14126)
* Avoid checking the event cache when backfilling events (#14164)Andrew Morgan2022-10-181-13/+34
|
* Use Pydantic when PUTting room aliases (#14179)David Robertson2022-10-171-8/+11
|
* Stop getting missing `prev_events` after we already know their signature is ↵Eric Eastwood2022-10-152-0/+47
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | invalid (#13816) While https://github.com/matrix-org/synapse/pull/13635 stops us from doing the slow thing after we've already done it once, this PR stops us from doing one of the slow things in the first place. Related to - https://github.com/matrix-org/synapse/issues/13622 - https://github.com/matrix-org/synapse/pull/13635 - https://github.com/matrix-org/synapse/issues/13676 Part of https://github.com/matrix-org/synapse/issues/13356 Follow-up to https://github.com/matrix-org/synapse/pull/13815 which tracks event signature failures. With this PR, we avoid the call to the costly `_get_state_ids_after_missing_prev_event` because the signature failure will count as an attempt before and we filter events based on the backoff before calling `_get_state_ids_after_missing_prev_event` now. For example, this will save us 156s out of the 185s total that this `matrix.org` `/messages` request. If you want to see the full Jaeger trace of this, you can drag and drop this `trace.json` into your own Jaeger, https://gist.github.com/MadLittleMods/4b12d0d0afe88c2f65ffcc907306b761 To explain this exact scenario around `/messages` -> backfill, we call `/backfill` and first check the signatures of the 100 events. We see bad signature for `$luA4l7QHhf_jadH3mI-AyFqho0U2Q-IXXUbGSMq6h6M` and `$zuOn2Rd2vsC7SUia3Hp3r6JSkSFKcc5j3QTTqW_0jDw` (both member events). Then we process the 98 events remaining that have valid signatures but one of the events references `$luA4l7QHhf_jadH3mI-AyFqho0U2Q-IXXUbGSMq6h6M` as a `prev_event`. So we have to do the whole `_get_state_ids_after_missing_prev_event` rigmarole which pulls in those same events which fail again because the signatures are still invalid. - `backfill` - `outgoing-federation-request` `/backfill` - `_check_sigs_and_hash_and_fetch` - `_check_sigs_and_hash_and_fetch_one` for each event received over backfill - ❗ `$luA4l7QHhf_jadH3mI-AyFqho0U2Q-IXXUbGSMq6h6M` fails with `Signature on retrieved event was invalid.`: `unable to verify signature for sender domain xxx: 401: Failed to find any key to satisfy: _FetchKeyRequest(...)` - ❗ `$zuOn2Rd2vsC7SUia3Hp3r6JSkSFKcc5j3QTTqW_0jDw` fails with `Signature on retrieved event was invalid.`: `unable to verify signature for sender domain xxx: 401: Failed to find any key to satisfy: _FetchKeyRequest(...)` - `_process_pulled_events` - `_process_pulled_event` for each validated event - ❗ Event `$Q0iMdqtz3IJYfZQU2Xk2WjB5NDF8Gg8cFSYYyKQgKJ0` references `$luA4l7QHhf_jadH3mI-AyFqho0U2Q-IXXUbGSMq6h6M` as a `prev_event` which is missing so we try to get it - `_get_state_ids_after_missing_prev_event` - `outgoing-federation-request` `/state_ids` - ❗ `get_pdu` for `$luA4l7QHhf_jadH3mI-AyFqho0U2Q-IXXUbGSMq6h6M` which fails the signature check again - ❗ `get_pdu` for `$zuOn2Rd2vsC7SUia3Hp3r6JSkSFKcc5j3QTTqW_0jDw` which fails the signature check
* Do not allow a None-limit on PaginationConfig. (#14146)Patrick Cloke2022-10-148-36/+11
| | | | | | | The callers either set a default limit or manually handle a None-limit later on (by setting a default value). Update the callers to always instantiate PaginationConfig with a default limit and then assume the limit is non-None.
* Add an API for listing threads in a room. (#13394)Patrick Cloke2022-10-131-1/+85
| | | | | | | | | Implement the /threads endpoint from MSC3856. This is currently unstable and behind an experimental configuration flag. It includes a background update to backfill data, results from the /threads endpoint will be partial until that finishes.
* Fix a bug where the joined hosts for a given event were not being properly ↵Shay2022-10-122-45/+50
| | | | cached (#14125)
* Correct field name for stripped state events when knocking. ↵Andrew Morgan2022-10-121-4/+16
| | | | `knock_state_events` -> `knock_room_state` (#14102)
* Fix a bug where redactions were not being sent over federation if we did not ↵Shay2022-10-111-3/+6
| | | | have the original event. (#13813)
* Remove support for the unstable dir flag on relations. (#14106)Patrick Cloke2022-10-071-17/+16
| | | | | | From MSC3715, this was unused by clients (and there was no way for clients to know it was supported). Matrix 1.4 defines the stable field.
* Use stable identifiers for MSC3771 & MSC3773. (#14050)Patrick Cloke2022-10-072-13/+5
| | | | | These are both part of Matrix 1.4 which has now been released. For now, support both the unstable and stable identifiers.
* Batch up notifications after event persistence (#14033)Shay2022-10-052-15/+14
|
* Remove get rooms for user with stream ordering (#13991)Nick Mills-Barrett2022-10-041-80/+69
| | | | | | By getting the joined rooms before the current token we avoid any reading history to confirm a user *was* in a room. We can then use any membership change events, which we already fetch during sync, to determine the final list of joined room IDs.
* Track notification counts per thread (implement MSC3773). (#13776)Patrick Cloke2022-10-041-5/+35
| | | | | | | | When retrieving counts of notifications segment the results based on the thread ID, but choose whether to return them as individual threads or as a single summed field by letting the client opt-in via a sync flag. The summarization code is also updated to be per thread, instead of per room.
* Do not return unspecced original_event field when using the stable ↵Patrick Cloke2022-10-031-12/+13
| | | | | | | | | | /relations endpoint. (#14025) Keep the old behavior (of including the original_event field) for any requests to the /unstable version of the endpoint, but do not include the field when the /v1 version is used. This should avoid new clients from depending on this field, but will not help with current dependencies.
* Add query parameter `ts` to allow appservices set the `origin_server_ts` for ↵lukasdenk2022-10-031-0/+13
| | | | | | | state events. (#11866) MSC3316 declares that both /rooms/{roomId}/send and /rooms/{roomId}/state should accept a ts parameter for appservices. This change expands support to /state and adds tests.
* Fix twisted trunk mypy errors (#14012)David Robertson2022-10-032-0/+6
|
* Revert the general exception recording introduced in #13814 (#13969)Eric Eastwood2022-10-031-10/+0
| | | | | | | | | * Maybe not catch all errors to avoid things in the nature-of CancelledError See https://github.com/matrix-org/synapse/pull/13815#discussion_r983384698 * Remove general exception tracking * Add changelog
* Fix `get_users_in_room` mis-use in `transfer_room_state_on_room_upgrade` ↵Eric Eastwood2022-09-301-2/+2
| | | | | | | | | | | | | | (#13960) Spawning from looking into `get_users_in_room` while investigating https://github.com/matrix-org/synapse/issues/13942#issuecomment-1262787050. See https://github.com/matrix-org/synapse/pull/13575#discussion_r953023755 for the original exploration around finding `get_users_in_room` mis-uses. Related to the following PRs where we also cleaned up some `get_users_in_room` mis-uses: - https://github.com/matrix-org/synapse/pull/13605 - https://github.com/matrix-org/synapse/pull/13608 - https://github.com/matrix-org/synapse/pull/13606 - https://github.com/matrix-org/synapse/pull/13958
* Clarifications in user directory for users who share rooms tracking (#13966)Eric Eastwood2022-09-301-12/+24
| | | | | Spawned while working on [`get_users_in_room` mis-uses](https://github.com/matrix-org/synapse/pull/13958#discussion_r984074897) and thinking we could use `get_local_users_in_room` here but we can't. From first glance, it seemed like this was only using local users from all of the `is_mine_id(user_id)` checks but I see that it does actually use remote users. Just making things a little more clear here what it does and mentions remote users so maybe that will be more obvious in the future.
* Discourage automatic replies to Synapse's emails (#13957)David Robertson2022-09-301-0/+13
| | | Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
* Fix performance regression in `get_users_in_room` (#13972)Erik Johnston2022-09-302-2/+6
| | | | | Fixes #13942. Introduced in #13575. Basically, let's only get the ordered set of hosts out of the DB if we need an ordered set of hosts. Since we split the function up the caching won't be as good, but I think it will still be fine as e.g. multiple backfill requests for the same room will hit the cache.
* Optimise get_rooms_for_user (drop with_stream_ordering) (#13787)Nick Mills-Barrett2022-09-292-14/+6
|
* Allow admins to require a manual approval process before new accounts can be ↵Brendan Abolivier2022-09-293-0/+24
| | | | used (using MSC3866) (#13556)
* Improve backfill robustness by trying more servers. (#13890)reivilibre2022-09-291-2/+31
| | | Co-authored-by: Eric Eastwood <erice@element.io>
* Handle local device list updates during partial join (#13934)Erik Johnston2022-09-281-2/+82
|
* Limit and filter the number of backfill points to get from the database (#13879)Eric Eastwood2022-09-281-48/+61
| | | | | | | | | There is no need to grab thousands of backfill points when we only need 5 to make the `/backfill` request with. We need to grab a few extra in case the first few aren't visible in the history. Previously, we grabbed thousands of backfill points from the database, then sorted and filtered them in the app. Fetching the 4.6k backfill points for `#matrix:matrix.org` from the database takes ~50ms - ~570ms so it's not like this saves a lot of time 🤷. But it might save us more time now that `get_backfill_points_in_room`/`get_insertion_event_backward_extremities_in_room` are more complicated after https://github.com/matrix-org/synapse/pull/13635 This PR moves the filtering and limiting to the SQL query so we just have less data to work with in the first place. Part of https://github.com/matrix-org/synapse/issues/13356
* Handle remote device list updates during partial join (#13913)Erik Johnston2022-09-282-0/+66
| | | | | | | c.f. #12993 (comment), point 3 This stores all device list updates that we receive while partial joins are ongoing, and processes them once we have the full state. Note: We don't actually process the device lists in the same ways as if we weren't partially joined. Instead of updating the device list remote cache, we simply notify local users that a change in the remote user's devices has happened. I think this is safe as if the local user requests the keys for the remote user and we don't have them we'll simply fetch them as normal.
* fix: Push notifications for invite over federation (#13719)Kateřina Churanová2022-09-282-3/+11
|
* Persist CreateRoom events to DB in a batch (#13800)Shay2022-09-284-331/+367
|
* Prepatory work for batching events to send (#13487)Shay2022-09-282-106/+224
| | | This PR begins work on batching up events during the creation of a room. The PR splits out the creation and sending/persisting of the events. The first three events in the creation of the room-creating the room, joining the creator to the room, and the power levels event are sent sequentially, while the subsequent events are created and collected to be sent at the end of the function. This is currently done by appending them to a list and then iterating over the list to send, the next step (after this PR) would be to send and persist the collected events as a batch.
* Add new columns tracking when we partial-joined (#13892)David Robertson2022-09-271-1/+13
|
* Carry IdP Session IDs through user-mapping sessions. (#13839)Quentin Gliech2022-09-271-0/+9
| | | Since #11482, we're saving sessions IDs from upstream IdPs, but we've been losing them when the user goes through a user mapping session on account registration.
* Faster room joins: Fix spurious error when joining a room (#13872)Sean Quah2022-09-271-3/+19
| | | | | | | | | | | | | | | | During a `lazy_load_members` `/sync`, we look through auth events in rooms with partial state to find prior membership events. When such a membership is not found, an error is logged. Since the first join event for a user never has a prior membership event to cite, the error would always be logged when one appeared in the room timeline. Avoid logging errors for such events. Introduced in #13477. Signed-off-by: Sean Quah <seanq@matrix.org>
* typing: check origin server of typing event against room's servers (#13830)Mathieu Velten2022-09-261-2/+5
| | | | | | | This is also using the partial state approximation if needed so we do not block here during a fast join. Signed-off-by: Mathieu Velten <mathieuv@matrix.org> Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com>
* Only try to backfill event if we haven't tried before recently (#13635)Eric Eastwood2022-09-231-3/+1
| | | | | | | | | | Only try to backfill event if we haven't tried before recently (exponential backoff). No need to keep trying the same backfill point that fails over and over. Fix https://github.com/matrix-org/synapse/issues/13622 Fix https://github.com/matrix-org/synapse/issues/8451 Follow-up to https://github.com/matrix-org/synapse/pull/13589 Part of https://github.com/matrix-org/synapse/issues/13356
* Faster room joins: Avoid blocking `/keys/changes` (#13888)Sean Quah2022-09-231-2/+5
| | | | | | | | | Part of the work for #12993. Once #12993 is fully resolved, we expect `/keys/changes` to behave sensibly when joined to a room with partial state. Signed-off-by: Sean Quah <seanq@matrix.org>
* Accept & store thread IDs for receipts (implement MSC3771). (#13782)Patrick Cloke2022-09-231-2/+21
| | | | Updates the `/receipts` endpoint and receipt EDU handler to parse a `thread_id` from the body and insert it in the database.
* Send device list updates out to servers in partially joined rooms (#13874)Sean Quah2022-09-231-1/+5
| | | | | | | | | | | Use the provided list of servers in the room from the `/send_join` response, since we will not know which users are in the room. This isn't sufficient to ensure that all remote servers receive the right device list updates, since the `/send_join` response may be inaccurate or we may calculate the membership state of new users in the room incorrectly. Signed-off-by: Sean Quah <seanq@matrix.org>
* Faster Remote Room Joins: tell remote homeservers that we are unable to ↵reivilibre2022-09-236-32/+45
| | | | authorise them if they query a room which has partial state on our server. (#13823)
* Support enabling/disabling pushers (from MSC3881) (#13799)Brendan Abolivier2022-09-211-2/+2
| | | Partial implementation of MSC3881
* Correct documentation for map_user_attributes of OpenID Mapping Providers ↵Peter Scheu2022-09-211-0/+3
| | | | | (#13836) Co-authored-by: David Robertson <davidr@element.io>
* Remove the `complete_sso_login` method from the Module API which was ↵Quentin Gliech2022-09-201-33/+1
| | | | | deprecated in Synapse 1.13.0. (#13843) Signed-off-by: Quentin Gliech <quenting@element.io>
* Port the push rule classes to Rust. (#13768)Erik Johnston2022-09-201-1/+4
|
* Remove error spam when users query the keys of departed remote users (#13826)Sean Quah2022-09-161-9/+12
| | | | The error message introduced in #13749 has turned out to be very spammy. Remove it for now.
* Record any exception when processing a pulled event (#13814)Eric Eastwood2022-09-151-0/+10
| | | | | Part of https://github.com/matrix-org/synapse/issues/13700 and https://github.com/matrix-org/synapse/issues/13356 Follow-up to https://github.com/matrix-org/synapse/pull/13589
* Keep track when we try and fail to process a pulled event (#13589)Eric Eastwood2022-09-141-0/+7
| | | | | | | | | | | | | | We can follow-up this PR with: 1. Only try to backfill from an event if we haven't tried recently -> https://github.com/matrix-org/synapse/issues/13622 1. When we decide to backfill that event again, process it in the background so it doesn't block and make `/messages` slow when we know it will probably fail again -> https://github.com/matrix-org/synapse/issues/13623 1. Generally track failures everywhere we try and fail to pull an event over federation -> https://github.com/matrix-org/synapse/issues/13700 Fix https://github.com/matrix-org/synapse/issues/13621 Part of https://github.com/matrix-org/synapse/issues/13356 Mentioned in [internal doc](https://docs.google.com/document/d/1lvUoVfYUiy6UaHB6Rb4HicjaJAU40-APue9Q4vzuW3c/edit#bookmark=id.qv7cj51sv9i5)
* Deduplicate `is_server_notices_room`. (#13780)reivilibre2022-09-142-18/+2
|
* Fix bug in device list caching when remote users leave rooms (#13749)Sean Quah2022-09-142-11/+26
| | | | | | | | | | | | When a remote user leaves the last room shared with the homeserver, we have to mark their device list as unsubscribed, otherwise we would hold on to a stale device list in our cache. Crucially, the device list would remain cached even after the remote user rejoined the room, which could lead to E2EE failures until the next change to the remote user's device list. Fixes #13651. Signed-off-by: Sean Quah <seanq@matrix.org>
* Re-type hint some collections in `/sync` code as read-only (#13754)Sean Quah2022-09-081-10/+10
| | | | Signed-off-by: Sean Quah <seanq@matrix.org>
* Add timestamp to user's consent (#13741)Dirk Klimpel2022-09-081-0/+1
| | | Co-authored-by: reivilibre <olivier@librepush.net>
* Cancel the processing of key query requests when they time out. (#13680)reivilibre2022-09-072-16/+27
|
* Add Admin API to Fetch Messages Within a Particular Window (#13672)Connor Davis2022-09-071-13/+24
| | | This adds two new admin APIs that allow us to fetch messages from a room within a particular time.
* Remove the unspecced room_id field in the /hierarchy response. (#13506)reivilibre2022-09-061-1/+0
| | | | | | | | | | | This is a re-do of 57d334a13d983406ea452dfa203bbe4837509c4e (#13365), which was backed out in 12abd724974a2311d5311272d26d2f8aa11734a9 (#13501). The `room_id` field represented the parent space for each room and was made redundant by changes in the API shape where the `children_state` is now nested underneath each `room`. The room ID of each child is in the `state_key` field and is still available.
* Remove support for unstable private read receipts (#13653)Šimon Brandner2022-09-011-23/+6
| | | Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Drop support for calling `/_matrix/client/v3/rooms/{roomId}/invite` without ↵Jacek Kuśnierz2022-08-313-125/+43
| | | | | | | an `id_access_token` (#13241) Fixes #13206 Signed-off-by: Jacek Kusnierz jacek.kusnierz@tum.de
* Fix that user cannot `/forget` rooms after the last member has left (#13546)Dirk Klimpel2022-08-301-2/+5
|
* Optimize how we calculate `likely_domains` during backfill (#13575)Eric Eastwood2022-08-302-51/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Optimize how we calculate `likely_domains` during backfill because I've seen this take 17s in production just to `get_current_state` which is used to `get_domains_from_state` (see case [*2. Loading tons of events* in the `/messages` investigation issue](https://github.com/matrix-org/synapse/issues/13356)). There are 3 ways we currently calculate hosts that are in the room: 1. `get_current_state` -> `get_domains_from_state` - Used in `backfill` to calculate `likely_domains` and `/timestamp_to_event` because it was cargo-culted from `backfill` - This one is being eliminated in favor of `get_current_hosts_in_room` in this PR 🕳 1. `get_current_hosts_in_room` - Used for other federation things like sending read receipts and typing indicators 1. `get_hosts_in_room_at_events` - Used when pushing out events over federation to other servers in the `_process_event_queue_loop` Fix https://github.com/matrix-org/synapse/issues/13626 Part of https://github.com/matrix-org/synapse/issues/13356 Mentioned in [internal doc](https://docs.google.com/document/d/1lvUoVfYUiy6UaHB6Rb4HicjaJAU40-APue9Q4vzuW3c/edit#bookmark=id.2tvwz3yhcafh) ### Query performance #### Before The query from `get_current_state` sucks just because we have to get all 80k events. And we see almost the exact same performance locally trying to get all of these events (16s vs 17s): ``` synapse=# SELECT type, state_key, event_id FROM current_state_events WHERE room_id = '!OGEhHVWSdvArJzumhm:matrix.org'; Time: 16035.612 ms (00:16.036) synapse=# SELECT type, state_key, event_id FROM current_state_events WHERE room_id = '!OGEhHVWSdvArJzumhm:matrix.org'; Time: 4243.237 ms (00:04.243) ``` But what about `get_current_hosts_in_room`: When there is 8M rows in the `current_state_events` table, the previous query in `get_current_hosts_in_room` took 13s from complete freshness (when the events were first added). But takes 930ms after a Postgres restart or 390ms if running back to back to back. ```sh $ psql synapse synapse=# \timing on synapse=# SELECT COUNT(DISTINCT substring(state_key FROM '@[^:]*:(.*)$')) FROM current_state_events WHERE type = 'm.room.member' AND membership = 'join' AND room_id = '!OGEhHVWSdvArJzumhm:matrix.org'; count ------- 4130 (1 row) Time: 13181.598 ms (00:13.182) synapse=# SELECT COUNT(*) from current_state_events where room_id = '!OGEhHVWSdvArJzumhm:matrix.org'; count ------- 80814 synapse=# SELECT COUNT(*) from current_state_events; count --------- 8162847 synapse=# SELECT pg_size_pretty( pg_total_relation_size('current_state_events') ); pg_size_pretty ---------------- 4702 MB ``` #### After I'm not sure how long it takes from complete freshness as I only really get that opportunity once (maybe restarting computer but that's cumbersome) and it's not really relevant to normal operating times. Maybe you get closer to the fresh times the more access variability there is so that Postgres caches aren't as exact. Update: The longest I've seen this run for is 6.4s and 4.5s after a computer restart. After a Postgres restart, it takes 330ms and running back to back takes 260ms. ```sh $ psql synapse synapse=# \timing on Timing is on. synapse=# SELECT substring(c.state_key FROM '@[^:]*:(.*)$') as host FROM current_state_events c /* Get the depth of the event from the events table */ INNER JOIN events AS e USING (event_id) WHERE c.type = 'm.room.member' AND c.membership = 'join' AND c.room_id = '!OGEhHVWSdvArJzumhm:matrix.org' GROUP BY host ORDER BY min(e.depth) ASC; Time: 333.800 ms ``` #### Going further To improve things further we could add a `limit` parameter to `get_current_hosts_in_room`. Realistically, we don't need 4k domains to choose from because there is no way we're going to query that many before we a) probably get an answer or b) we give up. Another thing we can do is optimize the query to use a index skip scan: - https://wiki.postgresql.org/wiki/Loose_indexscan - Index Skip Scan, https://commitfest.postgresql.org/37/1741/ - https://www.timescale.com/blog/how-we-made-distinct-queries-up-to-8000x-faster-on-postgresql/
* Move the execution of the retention purge_jobs to the main worker (#13632)Brad Murray2022-08-261-4/+2
| | | | | Fixes #9927 Signed-off-by: Brad Murray brad@beeper.com
* Comment about a better future where we can get the state diff between two ↵Eric Eastwood2022-08-241-0/+8
| | | | | | | | | | events (#13586) Split off from https://github.com/matrix-org/synapse/pull/13561 Part of https://github.com/matrix-org/synapse/issues/13356 Mentioned in [internal doc](https://docs.google.com/document/d/1lvUoVfYUiy6UaHB6Rb4HicjaJAU40-APue9Q4vzuW3c/edit#bookmark=id.2tvwz3yhcafh)
* Update `get_users_in_room` mis-use to get hosts with dedicated ↵Eric Eastwood2022-08-244-12/+18
| | | | | `get_current_hosts_in_room` (#13605) See https://github.com/matrix-org/synapse/pull/13575#discussion_r953023755
* Directly lookup local membership instead of getting all members in a room ↵Eric Eastwood2022-08-244-9/+19
| | | | | first (`get_users_in_room` mis-use) (#13608) See https://github.com/matrix-org/synapse/pull/13575#discussion_r953023755
* Use dedicated `get_local_users_in_room` to find local users when calculating ↵Eric Eastwood2022-08-241-6/+3
| | | | | | | `join_authorised_via_users_server` of a `/make_join` request (#13606) Use dedicated `get_local_users_in_room` to find local users when calculating `join_authorised_via_users_server` ("the authorising user for joining a restricted room") of a `/make_join` request. Found while working on https://github.com/matrix-org/synapse/pull/13575#discussion_r953023755 but it's not related.
* Merge tag 'v1.66.0rc1' into developDavid Robertson2022-08-232-73/+4
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.66.0rc1 (2022-08-23) ============================== This release removes the ability for homeservers to delegate email ownership verification and password reset confirmation to identity servers. This removal was originally planned for Synapse 1.64, but was later deferred until now. See the [upgrade notes](https://matrix-org.github.io/synapse/v1.66/upgrade.html#upgrading-to-v1660) for more details. Features -------- - Improve validation of request bodies for the following client-server API endpoints: [`/account/password`](https://spec.matrix.org/v1.3/client-server-api/#post_matrixclientv3accountpassword), [`/account/password/email/requestToken`](https://spec.matrix.org/v1.3/client-server-api/#post_matrixclientv3accountpasswordemailrequesttoken), [`/account/deactivate`](https://spec.matrix.org/v1.3/client-server-api/#post_matrixclientv3accountdeactivate) and [`/account/3pid/email/requestToken`](https://spec.matrix.org/v1.3/client-server-api/#post_matrixclientv3account3pidemailrequesttoken). ([\#13188](https://github.com/matrix-org/synapse/issues/13188), [\#13563](https://github.com/matrix-org/synapse/issues/13563)) - Add forgotten status to [Room Details Admin API](https://matrix-org.github.io/synapse/latest/admin_api/rooms.html#room-details-api). ([\#13503](https://github.com/matrix-org/synapse/issues/13503)) - Add an experimental implementation for [MSC3852 (Expose user agents on `Device`)](https://github.com/matrix-org/matrix-spec-proposals/pull/3852). ([\#13549](https://github.com/matrix-org/synapse/issues/13549)) - Add `org.matrix.msc2716v4` experimental room version with updated content fields. Part of [MSC2716 (Importing history)](https://github.com/matrix-org/matrix-spec-proposals/pull/2716). ([\#13551](https://github.com/matrix-org/synapse/issues/13551)) - Add support for compression to federation responses. ([\#13537](https://github.com/matrix-org/synapse/issues/13537)) - Improve performance of sending messages in rooms with thousands of local users. ([\#13522](https://github.com/matrix-org/synapse/issues/13522), [\#13547](https://github.com/matrix-org/synapse/issues/13547)) Bugfixes -------- - Faster room joins: make `/joined_members` block whilst the room is partial stated. ([\#13514](https://github.com/matrix-org/synapse/issues/13514)) - Fix a bug introduced in Synapse 1.21.0 where the [`/event_reports` Admin API](https://matrix-org.github.io/synapse/develop/admin_api/event_reports.html) could return a total count which was larger than the number of results you can actually query for. ([\#13525](https://github.com/matrix-org/synapse/issues/13525)) - Fix a bug introduced in Synapse 1.52.0 where sending server notices fails if `max_avatar_size` or `allowed_avatar_mimetypes` is set and not `system_mxid_avatar_url`. ([\#13566](https://github.com/matrix-org/synapse/issues/13566)) - Fix a bug where the `opentracing.force_tracing_for_users` config option would not apply to [`/sendToDevice`](https://spec.matrix.org/v1.3/client-server-api/#put_matrixclientv3sendtodeviceeventtypetxnid) and [`/keys/upload`](https://spec.matrix.org/v1.3/client-server-api/#post_matrixclientv3keysupload) requests. ([\#13574](https://github.com/matrix-org/synapse/issues/13574)) Improved Documentation ---------------------- - Add `openssl` example for generating registration HMAC digest. ([\#13472](https://github.com/matrix-org/synapse/issues/13472)) - Tidy up Synapse's README. ([\#13491](https://github.com/matrix-org/synapse/issues/13491)) - Document that event purging related to the `redaction_retention_period` config option is executed only every 5 minutes. ([\#13492](https://github.com/matrix-org/synapse/issues/13492)) - Add a warning to retention documentation regarding the possibility of database corruption. ([\#13497](https://github.com/matrix-org/synapse/issues/13497)) - Document that the `DOCKER_BUILDKIT=1` flag is needed to build the docker image. ([\#13515](https://github.com/matrix-org/synapse/issues/13515)) - Add missing links in `user_consent` section of configuration manual. ([\#13536](https://github.com/matrix-org/synapse/issues/13536)) - Fix the doc and some warnings that were referring to the nonexistent `custom_templates_directory` setting (instead of `custom_template_directory`). ([\#13538](https://github.com/matrix-org/synapse/issues/13538)) Deprecations and Removals ------------------------- - Remove the ability for homeservers to delegate email ownership verification and password reset confirmation to identity servers. See [upgrade notes](https://matrix-org.github.io/synapse/v1.66/upgrade.html#upgrading-to-v1660) for more details. Internal Changes ---------------- - Update the rejected state of events during de-partial-stating. ([\#13459](https://github.com/matrix-org/synapse/issues/13459)) - Avoid blocking lazy-loading `/sync`s during partial joins due to remote memberships. Pull remote memberships from auth events instead of the room state. ([\#13477](https://github.com/matrix-org/synapse/issues/13477)) - Refuse to start when faster joins is enabled on a deployment with workers, since worker configurations are not currently supported. ([\#13531](https://github.com/matrix-org/synapse/issues/13531)) - Allow use of both `@trace` and `@tag_args` stacked on the same function. ([\#13453](https://github.com/matrix-org/synapse/issues/13453)) - Instrument the federation/backfill part of `/messages` for understandable traces in Jaeger. ([\#13489](https://github.com/matrix-org/synapse/issues/13489)) - Instrument `FederationStateIdsServlet` (`/state_ids`) for understandable traces in Jaeger. ([\#13499](https://github.com/matrix-org/synapse/issues/13499), [\#13554](https://github.com/matrix-org/synapse/issues/13554)) - Track HTTP response times over 10 seconds from `/messages` (`synapse_room_message_list_rest_servlet_response_time_seconds`). ([\#13533](https://github.com/matrix-org/synapse/issues/13533)) - Add metrics to track how the rate limiter is affecting requests (sleep/reject). ([\#13534](https://github.com/matrix-org/synapse/issues/13534), [\#13541](https://github.com/matrix-org/synapse/issues/13541)) - Add metrics to time how long it takes us to do backfill processing (`synapse_federation_backfill_processing_before_time_seconds`, `synapse_federation_backfill_processing_after_time_seconds`). ([\#13535](https://github.com/matrix-org/synapse/issues/13535), [\#13584](https://github.com/matrix-org/synapse/issues/13584)) - Add metrics to track rate limiter queue timing (`synapse_rate_limit_queue_wait_time_seconds`). ([\#13544](https://github.com/matrix-org/synapse/issues/13544)) - Update metrics to track `/messages` response time by room size. ([\#13545](https://github.com/matrix-org/synapse/issues/13545)) - Refactor methods in `synapse.api.auth.Auth` to use `Requester` objects everywhere instead of user IDs. ([\#13024](https://github.com/matrix-org/synapse/issues/13024)) - Clean-up tests for notifications. ([\#13471](https://github.com/matrix-org/synapse/issues/13471)) - Add some miscellaneous comments to document sync, especially around `compute_state_delta`. ([\#13474](https://github.com/matrix-org/synapse/issues/13474)) - Use literals in place of `HTTPStatus` constants in tests. ([\#13479](https://github.com/matrix-org/synapse/issues/13479), [\#13488](https://github.com/matrix-org/synapse/issues/13488)) - Add comments about how event push actions are rotated. ([\#13485](https://github.com/matrix-org/synapse/issues/13485)) - Modify HTML template content to better support mobile devices' screen sizes. ([\#13493](https://github.com/matrix-org/synapse/issues/13493)) - Add a linter script which will reject non-strict types in Pydantic models. ([\#13502](https://github.com/matrix-org/synapse/issues/13502)) - Reduce the number of tests using legacy TCP replication. ([\#13543](https://github.com/matrix-org/synapse/issues/13543)) - Allow specifying additional request fields when using the `HomeServerTestCase.login` helper method. ([\#13549](https://github.com/matrix-org/synapse/issues/13549)) - Make `HomeServerTestCase` load any configured homeserver modules automatically. ([\#13558](https://github.com/matrix-org/synapse/issues/13558))
| * Drop support for delegating email validation, round 2 (#13596)David Robertson2022-08-232-73/+4
| |
* | Cache user IDs instead of profile objects (#13573)Nick Mills-Barrett2022-08-231-2/+2
|/ | | The profile objects are never used and increase cache size significantly.
* Fix that sending server notices fail if avatar is `None` (#13566)Dirk Klimpel2022-08-231-1/+1
| | | Indroduced in #11846.
* Fix Prometheus metrics being negative (mixed up start/end) (#13584)Eric Eastwood2022-08-232-1/+16
| | | | | | | Fix: - https://github.com/matrix-org/synapse/pull/13535#discussion_r949582508 - https://github.com/matrix-org/synapse/pull/13533#discussion_r949577244
* `synapse.api.auth.Auth` cleanup: make permission-related methods use ↵Quentin Gliech2022-08-2210-54/+59
| | | | | | | | | `Requester` instead of the `UserID` (#13024) Part of #13019 This changes all the permission-related methods to rely on the Requester instead of the UserID. This is a first step towards enabling scoped access tokens at some point, since I expect the Requester to have scope-related informations in it. It also changes methods which figure out the user/device/appservice out of the access token to return a Requester instead of something else. This avoids having store-related objects in the methods signatures.
* MSC2716v4 room version - remove namespace from MSC2716 event content fields ↵Eric Eastwood2022-08-191-1/+1
| | | | | | | | (#13551) Complement PR: https://github.com/matrix-org/complement/pull/450 As suggested in https://github.com/matrix-org/matrix-spec-proposals/pull/2716#discussion_r941444525
* Implement MSC3852: Expose `last_seen_user_agent` to users for their own ↵Andrew Morgan2022-08-191-1/+8
| | | | devices; also expose to Admin API (#13549)
* Avoid blocking lazy-loading `/sync`s during partial joins (#13477)Sean Quah2022-08-181-30/+223
| | | | | | | | | | | | | | | | | Use a state filter or accept partial state in a few places where we request state, to avoid blocking. To make lazy-loading `/sync`s work, we need to provide the memberships of event senders, which are not guaranteed to be in the room state. Instead we dig through auth events for memberships to present to clients. The auth events of an event are guaranteed to contain a passable membership event, otherwise the event would have been rejected. Note that this only covers the common code paths encountered during testing. There has been no exhaustive checking of all sync code paths. Fixes #13146. Signed-off-by: Sean Quah <seanq@matrix.org>
* Time how long it takes us to do backfill processing (#13535)Eric Eastwood2022-08-172-16/+89
|
* Instrument the federation/backfill part of `/messages` (#13489)Eric Eastwood2022-08-162-15/+107
| | | | | | | | | Instrument the federation/backfill part of `/messages` so it's easier to follow what's going on in Jaeger when viewing a trace. Split out from https://github.com/matrix-org/synapse/pull/13440 Follow-up from https://github.com/matrix-org/synapse/pull/13368 Part of https://github.com/matrix-org/synapse/issues/13356
* Faster room joins: make `/joined_members` block whilst the room is partial ↵reivilibre2022-08-161-1/+5
| | | | stated. (#13514)
* Instrument `FederationStateIdsServlet` - `/state_ids` (#13499)Eric Eastwood2022-08-151-1/+3
| | | Instrument FederationStateIdsServlet - `/state_ids` so it's easier to follow what's going on in Jaeger when viewing a trace.
* Merge branch 'release-v1.65' into developOlivier Wilkinson (reivilibre)2022-08-111-0/+1
|\
| * Revert 'Remove the unspecced field in the response. (#13365)' to give more ↵reivilibre2022-08-111-0/+1
| | | | | | | | time for clients to update. (#13501)
* | Add some miscellaneous comments around sync (#13474)Sean Quah2022-08-101-38/+78
|/ | | | | | | | Add some miscellaneous comments to document sync, especially around `compute_state_delta`. Signed-off-by: Sean Quah <seanq@matrix.org> Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Support stable identifiers for MSC2285: private read receipts. (#13273)Šimon Brandner2022-08-052-17/+30
| | | | | This adds support for the stable identifiers of MSC2285 while continuing to support the unstable identifiers behind the configuration flag. These will be removed in a future version.
* Faster Room Joins: prevent Synapse from answering federated join requests ↵reivilibre2022-08-041-0/+17
| | | | for a room which it has not fully joined yet. (#13416)
* Fix rooms not being properly excluded from incremental sync (#13408)Brendan Abolivier2022-08-041-10/+15
|
* Add some tracing spans to give insight into local joins (#13439)Shay2022-08-032-33/+39
|
* Instrument `/messages` for understandable traces in Jaeger (#13368)Eric Eastwood2022-08-034-0/+11
| | | | | | In Jaeger: - Before: huge list of uncategorized database calls - After: nice and collapsible into units of work
* Return 404 or member list when getting joined_members after leaving (#13374)andrew do2022-08-031-2/+4
| | | | | | Signed-off-by: Andrew Doh <andrewddo@gmail.com> Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> Co-authored-by: Andrew Morgan <andrewm@element.io> Co-authored-by: Brendan Abolivier <babolivier@matrix.org>
* Fix error when out of servers to sync partial state with (#13432)Sean Quah2022-08-021-2/+3
| | | | | so that we raise the intended error instead. Signed-off-by: Sean Quah <seanq@matrix.org>
* Faster Room Joins: don't leave a stuck room partial state flag if the join ↵reivilibre2022-08-011-14/+18
| | | | fails. (#13403)
* Fix missing import in `federation_event` handler. (#13431)Patrick Cloke2022-08-011-0/+1
| | | | #13404 removed an import of `Optional` which was still needed due to #13413 added more usages.
* Refactor `_resolve_state_at_missing_prevs` to return an `EventContext` (#13404)Sean Quah2022-08-011-82/+44
| | | | | | | | Previously, `_resolve_state_at_missing_prevs` returned the resolved state before an event and a partial state flag. These were unwieldy to carry around would only ever be used to build an event context. Build the event context directly instead. Signed-off-by: Sean Quah <seanq@matrix.org>
* Faster joins: fix rejected events becoming un-rejected during resync (#13413)Richard van der Hoff2022-08-011-3/+26
| | | | | Make sure that we re-check the auth rules during state resync, otherwise rejected events get un-rejected.
* Merge tag 'v1.64.0rc2' into developRichard van der Hoff2022-07-292-4/+73
|\ | | | | | | | | | | | | Synapse 1.64.0rc2 (2022-07-29) ============================== This RC reintroduces support for `account_threepid_delegates.email`, which was removed in 1.64.0rc1. It remains deprecated and will be removed altogether in a future release. ([\#13406](https://github.com/matrix-org/synapse/issues/13406))
| * Revert "Drop support for delegating email validation (#13192)" (#13406)3nprob2022-07-292-4/+73
| | | | | | | | | | Reverts commit fa71bb18b527d1a3e2629b48640ea67fff2f8c59, and tweaks documentation. Signed-off-by: 3nprob <git@3n.anonaddy.com>
* | Use stable prefixes for MSC3827: filtering of `/publicRooms` by room type ↵Šimon Brandner2022-07-271-1/+1
| | | | | | | | | | | | (#13370) Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* | Implement MSC3848: Introduce errcodes for specific event sending failures ↵Will Hunt2022-07-273-5/+15
| | | | | | | | | | (#13343) Implements MSC3848
* | Make minor clarifications to the error messages given when we fail to join a ↵reivilibre2022-07-271-1/+5
| | | | | | | | room via any server. (#13160)
* | Copy room serials before handling in `get_new_events_as` (#13392)Nick Mills-Barrett2022-07-261-3/+10
| |
* | Remove the unspecced `room_id` field in the `/hierarchy` response. (#13365)Patrick Cloke2022-07-261-1/+0
| | | | | | | | | | | | | | | | | | The `room_id` field represented the parent space for each room and was made redundant by changes in the API shape where the `children_state` is now nested underneath each `room`. The room ID of each child is in the `state_key` field and is still available.
* | Fix infinite loop in partial-state resync (#13353)Richard van der Hoff2022-07-261-7/+7
| | | | | | | | | | Make sure that we only pull out events from the db once they have no prev-events with partial state.
* | Faster room joins: avoid blocking when pulling events with missing prevs ↵Sean Quah2022-07-262-24/+96
| | | | | | | | | | | | | | | | | | (#13355) Avoid blocking on full state in `_resolve_state_at_missing_prevs` and return a new flag indicating whether the resolved state is partial. Thread that flag around so that it makes it into the event context. Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* | Remove unused argument for get_relations_for_event. (#13383)Patrick Cloke2022-07-261-3/+0
|/
* Support Implicit TLS for sending emails (#13317)Jan Schär2022-07-251-10/+26
| | | | | | | | | | Previously, TLS could only be used with STARTTLS. Add a new option `force_tls`, where TLS is used from the start. Implicit TLS is recommended over STARTLS, see https://datatracker.ietf.org/doc/html/rfc8314 Fixes #8046. Signed-off-by: Jan Schär <jan@jschaer.ch>
* Refactor presence so we can prune user in room caches (#13313)Erik Johnston2022-07-251-76/+36
| | | | | | | | See #10826 and #10786 for context as to why we had to disable pruning on those caches. Now that `get_users_who_share_room_with_user` is called frequently only for presence, we just need to make calls to it less frequent and then we can remove the various levels of caching that is going on.
* Backfill remote event fetched by MSC3030 so we can paginate from it later ↵Eric Eastwood2022-07-222-15/+93
| | | | | | | | | (#13205) Depends on https://github.com/matrix-org/synapse/pull/13320 Complement tests: https://github.com/matrix-org/complement/pull/406 We could use the same method to backfill for `/context` as well in the future, see https://github.com/matrix-org/synapse/issues/3848
* Skip soft fail checks for rooms with partial state (#13354)Sean Quah2022-07-221-0/+10
| | | | | | | | | | | | When a room has the partial state flag, we may not have an accurate `m.room.member` event for event senders in the room's current state, and so cannot perform soft fail checks correctly. Skip the soft fail check entirely in this case. As an alternative, we could block until we have full state, but that would prevent us from receiving incoming events over federation, which is undesirable. Signed-off-by: Sean Quah <seanq@matrix.org>
* Add missing types to opentracing. (#13345)Patrick Cloke2022-07-213-14/+14
| | | After this change `synapse.logging` is fully typed.
* Update `get_pdu` to return the original, pristine `EventBase` (#13320)Eric Eastwood2022-07-201-4/+18
| | | | | | | | | | | | Update `get_pdu` to return the untouched, pristine `EventBase` as it was originally seen over federation (no metadata added). Previously, we returned the same `event` reference that we stored in the cache which downstream code modified in place and added metadata like setting it as an `outlier` and essentially poisoned our cache. Now we always return a copy of the `event` so the original can stay pristine in our cache and re-used for the next cache call. Split out from https://github.com/matrix-org/synapse/pull/13205 As discussed at: - https://github.com/matrix-org/synapse/pull/13205#discussion_r918365746 - https://github.com/matrix-org/synapse/pull/13205#discussion_r918366125 Related to https://github.com/matrix-org/synapse/issues/12584. This PR doesn't fix that issue because it hits [`get_event` which exists from the local database before it tries to `get_pdu`](https://github.com/matrix-org/synapse/blob/7864f33e286dec22368dc0b11c06eebb1462a51e/synapse/federation/federation_client.py#L581-L594).
* Fix spurious warning when fetching state after a missing prev event (#13258)Sean Quah2022-07-191-0/+3
|
* Add type annotations to `trace` decorator. (#13328)Patrick Cloke2022-07-191-7/+9
| | | | Functions that are decorated with `trace` are now properly typed and the type hints for them are fixed.
* Rate limit joins per-room (#13276)David Robertson2022-07-193-0/+52
|
* Revert "Make all `process_replication_rows` methods async (#13304)" (#13312)Erik Johnston2022-07-181-2/+2
| | | This reverts commit 5d4028f217f178fcd384d5bfddd92225b4e78c51.
* Don't pull out full state when sending dummy events (#13310)Erik Johnston2022-07-181-7/+1
|
* Make all `process_replication_rows` methods async (#13304)Nick Mills-Barrett2022-07-171-2/+2
| | | | | More prep work for asyncronous caching, also makes all process_replication_rows methods consistent (presence handler already is so). Signed off by Nick @ Beeper (@Fizzadar)
* Use state before join to determine if we `_should_perform_remote_join` (#13270)David Robertson2022-07-151-15/+20
| | | Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Federation Sender & Appservice Pusher Stream Optimisations (#13251)Nick Mills-Barrett2022-07-151-5/+6
| | | | | | | | | | | | | * Replace `get_new_events_for_appservice` with `get_all_new_events_stream` The functions were near identical and this brings the AS worker closer to the way federation senders work which can allow for multiple workers to handle AS traffic. * Pull received TS alongside events when processing the stream This avoids an extra query -per event- when both federation sender and appservice pusher process events.
* Rip out auth-event reconciliation code (#12943)Richard van der Hoff2022-07-141-195/+82
| | | | | | | There is a corner in `_check_event_auth` (long known as "the weird corner") where, if we get an event with auth_events which don't match those we were expecting, we attempt to resolve the diffence between our state and the remote's with a state resolution. This isn't specced, and there's general agreement we shouldn't be doing it. However, it turns out that the faster-joins code was relying on it, so we need to introduce something similar (but rather simpler) for that.
* Don't pull out state in `compute_event_context` for unconflicted state (#13267)Erik Johnston2022-07-141-1/+6
|
* Call the v2 identity service `/3pid/unbind` endpoint, rather than v1. (#13240)Jacek Kuśnierz2022-07-131-2/+2
| | | | | | | | | | | * Drop support for v1 unbind Signed-off-by: Jacek Kusnierz <jacek.kusnierz@tum.de> * Add changelog Signed-off-by: Jacek Kusnierz <jacek.kusnierz@tum.de> * Update changelog.d/13240.misc
* Optimise room creation event lookups part 2 (#13224)Nick Mills-Barrett2022-07-132-15/+73
|
* Drop support for calling `/_matrix/client/v3/account/3pid/bind` without an ↵Jacek Kuśnierz2022-07-121-24/+6
| | | | | | | `id_access_token` (#13239) Fixes #13201 Signed-off-by: Jacek Kusnierz jacek.kusnierz@tum.de
* Drop support for delegating email validation (#13192)Richard van der Hoff2022-07-122-73/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Drop support for delegating email validation Delegating email validation to an IS is insecure (since it allows the owner of the IS to do a password reset on your HS), and has long been deprecated. It will now cause a config error at startup. * Update unit test which checks for email verification Give it an `email` config instead of a threepid delegate * Remove unused method `requestEmailToken` * Simplify config handling for email verification Rather than an enum and a boolean, all we need here is a single bool, which says whether we are or are not doing email verification. * update docs * changelog * upgrade.md: fix typo * update version number this will be in 1.64, not 1.63 * update version number this one too
* Reduce event lookups during room creation by passing known event IDs (#13210)Nick Mills-Barrett2022-07-111-2/+16
| | | | | | | | Inspired by the room batch handler, this uses previous event inserts to pre-populate prev events during room creation, reducing the number of queries required to create a room. Signed off by Nick @ Beeper (@Fizzadar)
* Uniformize spam-checker API, part 5: expand other spam-checker callbacks to ↵David Teller2022-07-114-12/+36
| | | | | | return `Tuple[Codes, dict]` (#13044) Signed-off-by: David Teller <davidt@element.io> Co-authored-by: Brendan Abolivier <babolivier@matrix.org>
* Fix exception when using MSC3030 to look for remote federated events before ↵Eric Eastwood2022-07-071-1/+5
| | | | | | | | | | | | | | | | room creation (#13197) Complement tests: https://github.com/matrix-org/complement/pull/405 This happens when you have some messages imported before the room is created. Then use MSC3030 to look backwards before the room creation from a remote federated server. The server won't find anything locally, but will ask over federation which will have the remote event. The previous logic would choke on not having the local event assigned. ``` Failed to fetch /timestamp_to_event from hs2 because of exception(UnboundLocalError) local variable 'local_event' referenced before assignment args=("local variable 'local_event' referenced before assignment",) ```
* Faster room joins: fix race in recalculation of current room state (#13151)Sean Quah2022-07-071-7/+2
| | | | | | | | | | | Bounce recalculation of current state to the correct event persister and move recalculation of current state into the event persistence queue, to avoid concurrent updates to a room's current state. Also give recalculation of a room's current state a real stream ordering. Signed-off-by: Sean Quah <seanq@matrix.org>
* Use a single query in `ProfileHandler.get_profile` (#13209)Nick Mills-Barrett2022-07-071-12/+7
|
* Handle race between persisting an event and un-partial stating a room (#13100)Sean Quah2022-07-053-50/+119
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Whenever we want to persist an event, we first compute an event context, which includes the state at the event and a flag indicating whether the state is partial. After a lot of processing, we finally try to store the event in the database, which can fail for partial state events when the containing room has been un-partial stated in the meantime. We detect the race as a foreign key constraint failure in the data store layer and turn it into a special `PartialStateConflictError` exception, which makes its way up to the method in which we computed the event context. To make things difficult, the exception needs to cross a replication request: `/fed_send_events` for events coming over federation and `/send_event` for events from clients. We transport the `PartialStateConflictError` as a `409 Conflict` over replication and turn `409`s back into `PartialStateConflictError`s on the worker making the request. All client events go through `EventCreationHandler.handle_new_client_event`, which is called in *a lot* of places. Instead of trying to update all the code which creates client events, we turn the `PartialStateConflictError` into a `429 Too Many Requests` in `EventCreationHandler.handle_new_client_event` and hope that clients take it as a hint to retry their request. On the federation event side, there are 7 places which compute event contexts. 4 of them use outlier event contexts: `FederationEventHandler._auth_and_persist_outliers_inner`, `FederationHandler.do_knock`, `FederationHandler.on_invite_request` and `FederationHandler.do_remotely_reject_invite`. These events won't have the partial state flag, so we do not need to do anything for then. The remaining 3 paths which create events are `FederationEventHandler.process_remote_join`, `FederationEventHandler.on_send_membership_event` and `FederationEventHandler._process_received_pdu`. We can't experience the race in `process_remote_join`, unless we're handling an additional join into a partial state room, which currently blocks, so we make no attempt to handle it correctly. `on_send_membership_event` is only called by `FederationServer._on_send_membership_event`, so we catch the `PartialStateConflictError` there and retry just once. `_process_received_pdu` is called by `on_receive_pdu` for incoming events and `_process_pulled_event` for backfill. The latter should never try to persist partial state events, so we ignore it. We catch the `PartialStateConflictError` in `on_receive_pdu` and retry just once. Refering to the graph of code paths in https://github.com/matrix-org/synapse/issues/12988#issuecomment-1156857648 may make the above make more sense. Signed-off-by: Sean Quah <seanq@matrix.org>
* Fix application service not being able to join remote federated room without ↵Eric Eastwood2022-07-051-9/+23
| | | | | | | a profile set (#13131) Fix https://github.com/matrix-org/synapse/issues/4778 Complement tests: https://github.com/matrix-org/complement/pull/399
* `_process_received_pdu`: Improve exception handling (#13145)Richard van der Hoff2022-07-011-7/+6
| | | | `_check_event_auth` is expected to raise `AuthError`s, so no need to log it again.
* Don't process /send requests for users who have hit their ratelimit (#13134)Shay2022-06-301-0/+3
|
* Rate limiting invites per issuer (#13125)David Teller2022-06-301-2/+18
| | | Co-authored-by: reivilibre <oliverw@matrix.org>
* Implement MSC3827: Filtering of `/publicRooms` by room type (#13031)Šimon Brandner2022-06-292-3/+23
| | | | Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Use new `device_list_changes_in_room` table when getting device list changes ↵Erik Johnston2022-06-172-31/+57
| | | | (#13045)
* Fix logging context misuse when we fail to persist a federation event (#13089)Sean Quah2022-06-171-4/+2
| | | | | | | | | When we fail to persist a federation event, we kick off a task to remove its push actions in the background, using the current logging context. Since we don't `await` that task, we may finish our logging context before the task finishes. There's no reason to not `await` the task, so let's do that. Signed-off-by: Sean Quah <seanq@matrix.org>
* Reduce the duplication of code that invokes the rate limiter. (#13070)reivilibre2022-06-161-27/+3
|
* Move some event auth checks out to a different method (#13065)Richard van der Hoff2022-06-152-12/+23
| | | | | | | | | | | | | | * Add auth events to events used in tests * Move some event auth checks out to a different method Some of the event auth checks apply to an event's auth_events, rather than the state at the event - which means they can play no part in state resolution. Move them out to a separate method. * Rename check_auth_rules_for_event Now it only checks the state-dependent auth rules, it needs a better name.
* Speed up `get_unread_event_push_actions_by_room` (#13005)Erik Johnston2022-06-151-7/+3
| | | | | | | | | | | Fixes #11887 hopefully. The core change here is that `event_push_summary` now holds a summary of counts up until a much more recent point, meaning that the range of rows we need to count in `event_push_actions` is much smaller. This needs two major changes: 1. When we get a receipt we need to recalculate `event_push_summary` rather than just delete it 2. The logic for deleting `event_push_actions` is now divorced from calculating `event_push_summary`. In future it would be good to calculate `event_push_summary` while we persist a new event (it should just be a case of adding one to the relevant rows in `event_push_summary`), as that will further simplify the get counts logic and remove the need for us to periodically update `event_push_summary` in a background job.
* Move the "email unsubscribe" resource, refactor the macaroon generator & ↵Quentin Gliech2022-06-142-231/+9
| | | | | | | | | | | | | | | | | | | | | simplify the access token verification logic. (#12986) This simplifies the access token verification logic by removing the `rights` parameter which was only ever used for the unsubscribe link in email notifications. The latter has been moved under the `/_synapse` namespace, since it is not a standard API. This also makes the email verification link more secure, by embedding the app_id and pushkey in the macaroon and verifying it. This prevents the user from tampering the query parameters of that unsubscribe link. Macaroon generation is refactored: - Centralised all macaroon generation and verification logic to the `MacaroonGenerator` - Moved to `synapse.utils` - Changed the constructor to require only a `Clock`, hostname, and a secret key (instead of a full `Homeserver`). - Added tests for all methods.
* Decouple `synapse.api.auth_blocking.AuthBlocking` from ↵Quentin Gliech2022-06-145-8/+11
| | | | `synapse.api.auth.Auth`. (#13021)
* Uniformize spam-checker API, part 4: port other spam-checker callbacks to ↵David Teller2022-06-135-38/+55
| | | | | return `Union[Allow, Codes]`. (#12857) Co-authored-by: Brendan Abolivier <babolivier@matrix.org>
* Merge branch 'rav/simplify_event_auth_interface' into developRichard van der Hoff2022-06-135-54/+19
|\
| * Remove redundant `room_version` param from `check_auth_rules_from_context`Richard van der Hoff2022-06-124-35/+8
| | | | | | | | It's now implied by the room_version property on the event.
| * Remove `room_version` param from `check_auth_rules_for_event`Richard van der Hoff2022-06-122-13/+5
| | | | | | | | | | | | | | Instead, use the `room_version` property of the event we're checking. The `room_version` was originally added as a parameter somewhere around #4482, but really it's been redundant since #6875 added a `room_version` field to `EventBase`.
| * Remove `room_version` param from `validate_event_for_room_version`Richard van der Hoff2022-06-124-6/+6
| | | | | | | | | | | | | | Instead, use the `room_version` property of the event we're validating. The `room_version` was originally added as a parameter somewhere around #4482, but really it's been redundant since #6875 added a `room_version` field to `EventBase`.
* | Faster joins: add issue links to the TODOs (#13004)Richard van der Hoff2022-06-093-1/+15
| | | | | | | | ... to help us keep track of these things
* | Return the same error message from `/login` when password is incorrect and ↵Daniel Aloni2022-06-071-2/+6
| | | | | | | | when account doesn't exist. (#12738)
* | Consolidate the logic of delete_device/delete_devices. (#12970)Patrick Cloke2022-06-071-31/+2
|/ | | | | | | | By always using delete_devices and sometimes passing a list with a single device ID. Previously these methods had gotten out of sync with each other and it seems there's little benefit to the single-device variant.
* Remove remaining pieces of groups code. (#12966)Patrick Cloke2022-06-061-82/+1
| | | | | * Remove an unused stream ID generator. * Remove the now unused remote profile cache.
* Reduce state pulled from DB due to sending typing and receipts over ↵Erik Johnston2022-06-061-2/+5
| | | | | federation (#12964) Reducing the amount of state we pull from the DB is useful as fetching state is expensive in terms of DB, CPU and memory.
* Implement MSC3816, consider the root event for thread participation. (#12766)Patrick Cloke2022-06-061-21/+37
| | | | As opposed to only considering a user to have "participated" if they replied to the thread.
* Reduce the amount of state we pull from the DB (#12811)Erik Johnston2022-06-068-15/+40
|
* Wait for lazy join to complete when getting current state (#12872)Erik Johnston2022-06-0113-21/+63
|
* Remove remaining bits of groups code. (#12936)Patrick Cloke2022-06-011-1/+0
| | | | | | * Update worker docs to remove group endpoints. * Removes an unused parameter to `ApplicationService`. * Break dependency between media repo and groups. * Avoid copying `m.room.related_groups` state events during room upgrades.
* Fix 404 on `/sync` when the last event is a redaction of an unknown/purged ↵Richard van der Hoff2022-06-012-45/+96
| | | | | | | | | | | event (#12905) Currently, we try to pull the event corresponding to a sync token from the database. However, when we fetch redaction events, we check the target of that redaction (because we aren't allowed to send redactions to clients without validating them). So, if the sync token points to a redaction of an event that we don't have, we have a problem. It turns out we don't really need that event, and can just work with its ID and metadata, which sidesteps the whole problem.