summary refs log tree commit diff
path: root/synapse (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Merge remote-tracking branch 'origin/develop' into ↵David Baker2019-05-132-20/+35
|\ | | | | | | dbkr/add_dummy_flow_to_recaptcha_only
| * URL preview blacklisting fixes (#5155)Andrew Morgan2019-05-102-20/+35
| | | | | | Prevents a SynapseError being raised inside of a IResolutionReceiver and instead opts to just return 0 results. This thus means that we have to lump a failed lookup and a blacklisted lookup together with the same error message, but the substitute should be generic enough to cover both cases.
* | Re-order flows so that email auth is done lastDavid Baker2019-05-101-4/+12
| | | | | | | | | | | | It's more natural for the user if the bit that takes them away from the registration flow comes last. Adding the dummy stage allows us to do the stages in this order without the ambiguity.
* | CommentDavid Baker2019-05-101-0/+4
| |
* | Add a DUMMY stage to captcha-only registration flowDavid Baker2019-05-101-1/+1
|/ | | | | | | | | | | | | | | | This allows the client to complete the email last which is more natual for the user. Without this stage, if the client would complete the recaptcha (and terms, if enabled) stages and then the registration request would complete because you've now completed a flow, even if you were intending to complete the flow that's the same except has email auth at the end. Adding a dummy auth stage to the recaptcha-only flow means it's always unambiguous which flow the client was trying to complete. Longer term we should think about changing the protocol so the client explicitly says which flow it's trying to complete. vector-im/riot-web#9586
* Revert 085ae346ace418e0fc043ac5f568f85ebf80038eDavid Baker2019-05-101-1/+1
| | | | Accidentally went straight to develop
* Add a DUMMY stage to captcha-only registration flowDavid Baker2019-05-101-1/+1
| | | | | | | | | | | | | | | | This allows the client to complete the email last which is more natual for the user. Without this stage, if the client would complete the recaptcha (and terms, if enabled) stages and then the registration request would complete because you've now completed a flow, even if you were intending to complete the flow that's the same except has email auth at the end. Adding a dummy auth stage to the recaptcha-only flow means it's always unambiguous which flow the client was trying to complete. Longer term we should think about changing the protocol so the client explicitly says which flow it's trying to complete. https://github.com/vector-im/riot-web/issues/9586
* Run `black` on per_destination_queueRichard van der Hoff2019-05-091-35/+39
| | | | ... mostly to fix pep8 fails
* Limit the number of EDUs in transactions to 100 as expected by receiver (#5138)Quentin Dufour2019-05-092-27/+31
| | | Fixes #3951.
* add options to require an access_token to GET /profile and /publicRooms on ↵Matthew Hodgson2019-05-085-12/+114
| | | | | | | | | | | | | | | | | CS API (#5083) This commit adds two config options: * `restrict_public_rooms_to_local_users` Requires auth to fetch the public rooms directory through the CS API and disables fetching it through the federation API. * `require_auth_for_profile_requests` When set to `true`, requires that requests to `/profile` over the CS API are authenticated, and only returns the user's profile if the requester shares a room with the profile's owner, as per MSC1301. MSC1301 also specifies a behaviour for federation (only returning the profile if the server asking for it shares a room with the profile's owner), but that's currently really non-trivial to do in a not too expensive way. Next step is writing down a MSC that allows a HS to specify which user sent the profile query. In this implementation, Synapse won't send a profile query over federation if it doesn't believe it already shares a room with the profile's owner, though. Groups have been intentionally omitted from this commit.
* Merge pull request #5037 from matrix-org/erikj/limit_inflight_dnsErik Johnston2019-05-081-1/+82
|\ | | | | Limit in flight DNS requests
| * Limit in flight DNS requestsErik Johnston2019-04-091-1/+82
| | | | | | | | | | | | | | This is to work around a bug in twisted where a large number of concurrent DNS requests cause it to tight loop forever. c.f. https://twistedmatrix.com/trac/ticket/9620#ticket
* | Do checks on aliases for incoming m.room.aliases events (#5128)Brendan Abolivier2019-05-085-8/+55
| | | | | | | | | | Follow-up to #5124 Also added a bunch of checks to make sure everything (both the stuff added on #5124 and this PR) works as intended.
* | Merge pull request #5104 from matrix-org/erikj/ratelimit_3pid_inviteErik Johnston2019-05-071-0/+11
|\ \ | | | | | | Ratelimit 3pid invites
| * | Rate limit earlyErik Johnston2019-05-021-2/+3
| | |
| * | Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2019-04-2663-959/+1158
| |\ \ | | | | | | | | | | | | erikj/ratelimit_3pid_invite
| * | | Ratelimit 3pid invitesErik Johnston2019-04-261-0/+10
| | | | | | | | | | | | | | | | | | | | We do ratelimit sending the 3PID invite events, but that happens after spamming the identity server.
* | | | Remove the requirement to authenticate for /admin/server_version. (#5122)Richard van der Hoff2019-05-071-10/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This endpoint isn't much use for its intended purpose if you first need to get yourself an admin's auth token. I've restricted it to the `/_synapse/admin` path to make it a bit easier to lock down for those concerned about exposing this information. I don't imagine anyone is using it in anger currently.
* | | | Merge branch 'master' into developRichard van der Hoff2019-05-034-13/+37
|\ \ \ \
| * | | | 0.99.3.2 v0.99.3.2 github/release-v0.99.3.2 release-v0.99.3.2Richard van der Hoff2019-05-031-1/+1
| | | | |
| * | | | pin urllib3 to <1.25Richard van der Hoff2019-05-031-0/+8
| | | | |
| * | | | 0.99.3.1Richard van der Hoff2019-05-031-1/+1
| | | | |
| * | | | Merge pull request #5134 from matrix-org/rav/url_preview_blacklistRichard van der Hoff2019-05-031-10/+21
| |\ \ \ \ | | | | | | | | | | | | Blacklist 0.0.0.0 and :: by default for URL previews
| | * | | | more config comment updatesRichard van der Hoff2019-05-031-2/+5
| | | | | |
| | * | | | Blacklist 0.0.0.0 and :: by default for URL previewsRichard van der Hoff2019-05-031-10/+18
| | | | | |
| * | | | | Merge pull request #5133 from matrix-org/rav/systemrandomRichard van der Hoff2019-05-031-2/+7
| |\ \ \ \ \ | | |/ / / / | |/| | | | Use SystemRandom for token generation.
| | * | | | Use SystemRandom for token generationRichard van der Hoff2019-05-031-2/+7
| | | | | |
* | | | | | Add admin api for sending server_notices (#5121)Richard van der Hoff2019-05-023-3/+118
| | | | | |
* | | | | | Merge pull request #5124 from matrix-org/babolivier/aliasesBrendan Abolivier2019-05-023-2/+34
|\ \ \ \ \ \ | | | | | | | | | | | | | | Add some limitations to alias creation
| * | | | | | Add some limitations to alias creationBrendan Abolivier2019-05-023-2/+34
| | | | | | |
* | | | | | | Factor out an "assert_requester_is_admin" function (#5120)Richard van der Hoff2019-05-023-76/+80
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Rather than copying-and-pasting the same four lines hundreds of times
* | | | | | | fix examplesRichard van der Hoff2019-05-011-4/+4
| | | | | | |
* | | | | | | Move admin api impl to its own packageRichard van der Hoff2019-05-013-5/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | It doesn't really belong under rest/client/v1 any more.
* | | | | | | Move admin API to a new prefixRichard van der Hoff2019-05-014-24/+64
| | | | | | |
* | | | | | | Move admin API away from ClientV1RestServletRichard van der Hoff2019-05-011-33/+33
|/ / / / / /
* | | | | | Add a default .m.rule.tombstone push rule (#4867)Travis Ralston2019-04-291-0/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add a default .m.rule.tombstone push rule In support of MSC1930: https://github.com/matrix-org/matrix-doc/pull/1930 * changelog * Appease the changelog linter
* | | | | | Merge pull request #5100 from matrix-org/rav/verification_hackeryRichard van der Hoff2019-04-292-18/+54
|\ \ \ \ \ \ | |_|_|_|/ / |/| | | | | Improve logging when event-signature checking fails
| * | | | | more logging improvementsRichard van der Hoff2019-04-251-8/+11
| | | | | |
| * | | | | remove extraneous exception loggingRichard van der Hoff2019-04-252-18/+34
| | | | | |
| * | | | | Clarify logging when PDU signature checking failsRichard van der Hoff2019-04-252-3/+20
| | | | | |
* | | | | | Fix infinite loop in presence handlerRichard van der Hoff2019-04-262-0/+23
|/ / / / / | | | | | | | | | | | | | | | Fixes #5102
* | | | | Config option for verifying federation certificates (MSC 1711) (#4967)Andrew Morgan2019-04-254-15/+121
| | | | |
* | | | | Remove log error for .well-known/matrix/client (#4972)Michael Kaye2019-04-241-1/+1
| | | | |
* | | | | Prevent "producer not unregistered" message (#5009)Amber Brown2019-04-241-0/+4
| | | | |
* | | | | Don't crash on lack of expiry templatesBrendan Abolivier2019-04-181-2/+6
| | | | |
* | | | | Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2019-04-17139-4477/+4027
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | babolivier/account_expiration
| * \ \ \ \ Merge pull request #5047 from matrix-org/babolivier/account_expirationBrendan Abolivier2019-04-1714-39/+573
| |\ \ \ \ \ | | | | | | | | | | | | | | Send out emails with links to extend an account's validity period
| * \ \ \ \ \ Merge pull request #5071 from matrix-org/babolivier/3pid-checkBrendan Abolivier2019-04-171-0/+18
| |\ \ \ \ \ \ | | | | | | | | | | | | | | | | Make sure we're not registering the same 3pid twice
| | * | | | | | Make sure we're not registering the same 3pid twiceBrendan Abolivier2019-04-171-0/+18
| | | |/ / / / | | |/| | | |
| * | | | | | Merge pull request #5070 from matrix-org/erikj/postpathErik Johnston2019-04-171-8/+8
| |\ \ \ \ \ \ | | | |_|_|/ / | | |/| | | | Remove usage of request.postpath
| | * | | | | Remove usage of request.postpathErik Johnston2019-04-161-8/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is an undocumented variable in twisted, and relies on the servlet being mounted in the right way. This also breaks getting push rules on workers.
| * | | | | | Merge pull request #5065 from matrix-org/erikj/fix_versionsErik Johnston2019-04-161-1/+1
| |\ \ \ \ \ \ | | | | | | | | | | | | | | | | VersionRestServlet doesn't take a param
| | * | | | | | VersionRestServlet doesn't take a paramErik Johnston2019-04-151-1/+1
| | | | | | | |
| * | | | | | | Add systemd-python to optional dependencies (#4339)Silke Hofstra2019-04-161-5/+9
| |/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Using systemd-python allows for logging to the systemd journal, as is documented in: `synapse/contrib/systemd/log_config.yaml`. Signed-off-by: Silke Hofstra <silke@slxh.eu>
| * | | | | | Merge pull request #5063 from matrix-org/erikj/move_endpointsErik Johnston2019-04-152-4/+14
| |\| | | | | | | | | | | | | | | | | | | Move some rest endpoints to client reader
| | * | | | | Only handle GET requests for /push_rulesErik Johnston2019-04-151-0/+7
| | | | | | |
| | * | | | | Move some rest endpoints to client readerErik Johnston2019-04-151-4/+7
| | | | | | |
| * | | | | | Remove periods from copyright headers (#5046)Andrew Morgan2019-04-119-9/+9
| | | | | | |
| * | | | | | Merge pull request #5033 from matrix-org/erikj/fix_schema_deltaErik Johnston2019-04-101-1/+3
| |\ \ \ \ \ \ | | | | | | | | | | | | | | | | Fix schema upgrade when dropping tables
| | * | | | | | Fix schema upgrade when dropping tablesErik Johnston2019-04-091-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We need to drop tables in the correct order due to foreign table constraints (on `application_services`), otherwise the DROP TABLE command will fail. Introduced in #4992.
| * | | | | | | Fix disappearing exceptions in manhole. (#5035)Richard van der Hoff2019-04-101-2/+57
| | |_|_|_|_|/ | |/| | | | | | | | | | | | Avoid sending syntax errors from the manhole to sentry.
| * | | | | | Merge pull request #5027 from matrix-org/babolivier/account_expirationBrendan Abolivier2019-04-095-0/+84
| |\ \ \ \ \ \ | | |/ / / / / | |/| | | | | Add time-based account expiration
| * | | | | | Merge pull request #5030 from matrix-org/rav/rewrite_g_s_v_kRichard van der Hoff2019-04-093-71/+72
| |\ \ \ \ \ \ | | | | | | | | | | | | | | | | Rewrite Datastore.get_server_verify_keys
| | * | | | | | Rewrite Datastore.get_server_verify_keysRichard van der Hoff2019-04-092-49/+63
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Rewrite this so that it doesn't hammer the database.
| | * | | | | | Replace SlavedKeyStore with a shimRichard van der Hoff2019-04-081-14/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | since we're pulling everything out of KeyStore anyway, we may as well simplify it.
| | * | | | | | Remove redundant merged_keys dictRichard van der Hoff2019-04-081-8/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There's no point in collecting a merged dict of keys: it is sufficient to consider just the new keys which have been fetched by the most recent key_fetch_fns.
| * | | | | | | Bump psycopg requirement (#5032)Richard van der Hoff2019-04-091-1/+3
| |/ / / / / /
| * | | | | | Remove unused server_tls_certificates functions (#5028)Richard van der Hoff2019-04-084-62/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | These have been unused since #4120, and with the demise of perspectives, it is unlikely that they will ever be used again.
| * | | | | | add context to phonehome stats (#5020)Neil Johnson2019-04-082-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | add context to phonehome stats
| * | | | | | Merge pull request #5024 from matrix-org/rav/record_correct_server_in_serverkeysRichard van der Hoff2019-04-081-1/+1
| |\ \ \ \ \ \ | | | | | | | | | | | | | | | | Fix from_server buglet in get_keys_from_perspectives
| | * | | | | | Fix from_server buglet in get_keys_from_perspectivesRichard van der Hoff2019-04-081-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | make sure we store the name of the server the keys came from, rather than the origin server, after doing a fetch-from-perspectives.
| * | | | | | | drop tables listed in #1830 (#4992)Neil Johnson2019-04-0824-752/+42
| |/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Tables dropped: * application_services, * application_services_regex, * transaction_id_to_pdu, * stats_reporting * current_state_resets * event_content_hashes * event_destinations * event_edge_hashes * event_signatures * feedback * room_hosts * state_forward_extremities
| * | | | | | Merge pull request #5001 from matrix-org/rav/keyring_cleanupsRichard van der Hoff2019-04-082-33/+50
| |\ \ \ \ \ \ | | | | | | | | | | | | | | | | Cleanups in the Keyring
| | * | | | | | Hoist server_name check out of process_v2_responseRichard van der Hoff2019-04-041-13/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It's easier to check it in the caller than to complicate the interface with an extra param.
| | * | | | | | Clean up Keyring.process_v2_responseRichard van der Hoff2019-04-041-23/+46
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make this just return the key dict, rather than a single-entry dict mapping the server name to the key dict. It's easy for the caller to get the server name from from the response object anyway.
| | * | | | | | Fix docstring on get_server_keys_jsonRichard van der Hoff2019-04-041-2/+2
| | | | | | | |
| * | | | | | | Add config option to block users from looking up 3PIDs (#5010)Brendan Abolivier2019-04-042-0/+10
| | |_|/ / / / | |/| | | | |
| * | | | | | Clean up the database pagination code (#5007)Amber Brown2019-04-052-67/+63
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * rewrite & simplify * changelog * cleanup potential sql injection
| * | | | | | Merge pull request #5002 from matrix-org/erikj/delete_groupErik Johnston2019-04-043-0/+136
| |\ \ \ \ \ \ | | | | | | | | | | | | | | | | Add delete group admin API
| | * | | | | | Add admin API for group deletionErik Johnston2019-04-031-0/+26
| | | | | | | |
| | * | | | | | Add functions to delete a groupErik Johnston2019-04-032-0/+110
| | | | | | | |
| * | | | | | | Prevent kicking users who aren't in the room (#4999)Andrew Morgan2019-04-041-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | Prevent kick events from succeeding if the user is not currently in the room.
| * | | | | | | Avoid redundant URL encoding (#4555)Marcel Krüger2019-04-041-1/+1
| |/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Do not double encode fallback redirect URL Signed-off-by: Marcel Fabian Krüger <zauguin@gmail.com>
| * / / / / / Fix grammar and document get_current_users_in_room (#4998)Andrew Morgan2019-04-0311-18/+29
| |/ / / / /
| * | | | | Remove presence lists (#4989)Neil Johnson2019-04-037-338/+22
| | | | | | | | | | | | | | | | | | Remove presence list support as per MSC 1819
| * | | | | Merge pull request #4982 from matrix-org/erikj/msc1915Erik Johnston2019-04-036-17/+215
| |\ \ \ \ \ | | | | | | | | | | | | | | Implement MSC1915 - 3PID unbind APIs
| | * | | | | Correctly handle id_server paramErik Johnston2019-04-021-0/+1
| | | | | | |
| | * | | | | Remove threepid binding if id server returns 400/404/501Erik Johnston2019-04-021-9/+10
| | | | | | |
| | * | | | | Fixup docstringsErik Johnston2019-04-023-7/+9
| | | | | | |
| | * | | | | Add unbind API to /r0 as it is now stabalisedErik Johnston2019-04-011-1/+1
| | | | | | |
| | * | | | | Grandfather in existing user threepidsErik Johnston2019-04-012-0/+37
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We assume, as we did before, that users bound their threepid to one of the trusted identity servers. So we simply fill the new table with all threepids in `user_threepids` joined with the trusted identity servers.
| | * | | | | Allowing specifying IS to use in unbind API.Erik Johnston2019-04-014-8/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | By default the homeserver will use the identity server used during the binding of the 3PID to unbind the 3PID. However, we need to allow clients to explicitly ask the homeserver to unbind via a particular identity server, for the case where the 3PID was bound out of band from the homeserver. Implements MSC915.
| | * | | | | For unbind poke IS used during binding of 3PIDErik Johnston2019-04-011-9/+35
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This changes the behaviour from using the server specified trusted identity server to using the IS that used during the binding of the 3PID, if known. This is the behaviour specified by MSC1915.
| | * | | | | Track IS used to bind 3PIDsErik Johnston2019-04-013-0/+119
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This will then be used to know which IS to default to when unbinding the threepid.
| * | | | | | Run black on the rest of the storage module (#4996)Amber Brown2019-04-0341-2455/+2130
| | | | | | |
| * | | | | | Merge pull request #4991 from matrix-org/erikj/stagger_push_startupErik Johnston2019-04-024-8/+73
| |\ \ \ \ \ \ | | | | | | | | | | | | | | | | Make starting pushers faster during start up
| | * | | | | | Make starting pushers faster during start upErik Johnston2019-04-024-8/+73
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We start all pushers on start up and immediately start a background process to fetch push to send. This makes start up incredibly painful when dealing with many pushers. Instead, let's do a quick fast DB check to see if there *may* be push to send and only start the background processes for those pushers. We also stagger starting up and doing those checks so that we don't try and handle all pushers at once.
| * | | | | | | Transfer related groups on room upgrade (#4990)Andrew Morgan2019-04-022-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | Transfers the m.room.related_groups state event on room upgrade.
| * | | | | | | Add config.signing_key_path. (#4974)Richard van der Hoff2019-04-021-1/+2
| |/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As requested by @andrewshadura
| * | | | | | Fix sync bug when accepting invites (#4956)Richard van der Hoff2019-04-023-20/+40
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Hopefully this time we really will fix #4422. We need to make sure that the cache on `get_rooms_for_user_with_stream_ordering` is invalidated *before* the SyncHandler is notified for the new events, and we can now do so reliably via the `events` stream.
| * | | | | | Merge branch 'master' into developNeil Johnson2019-04-011-1/+1
| |\ \ \ \ \ \ | | | |_|/ / / | | |/| | | |
| * | | | | | Collect room-version variations into one place (#4969)Richard van der Hoff2019-04-0118-142/+188
| | |/ / / / | |/| | | | | | | | | | | | | | | | Collect all the things that make room-versions different to one another into one place, so that it's easier to define new room versions.
| * | | | | Merge pull request #4955 from matrix-org/rav/merge_state_into_eventsRichard van der Hoff2019-03-288-49/+140
| |\ \ \ \ \ | | | | | | | | | | | | | | Combine the CurrentStateDeltaStream into the EventStream
| | * | | | | Combine the CurrentStateDeltaStream into the EventStreamRichard van der Hoff2019-03-275-33/+43
| | | | | | |
| | * | | | | Make EventStream rows have a typeRichard van der Hoff2019-03-274-17/+98
| | | | | | | | | | | | | | | | | | | | | | | | | | | | ... as a precursor to combining it with the CurrentStateDelta stream.
| * | | | | | Merge pull request #4954 from matrix-org/rav/refactor_parse_rowRichard van der Hoff2019-03-283-5/+21
| |\ \ \ \ \ \ | | | | | | | | | | | | | | | | Refactors to replication stream row update/parsing
| | * \ \ \ \ \ Merge remote-tracking branch 'origin/develop' into rav/refactor_parse_rowRichard van der Hoff2019-03-282-380/+335
| | |\ \ \ \ \ \ | | | |/ / / / / | | |/| | | | |
| | * | | | | | Skip building a ROW_TYPE when building updatesRichard van der Hoff2019-03-271-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We're about to turn it straight into a JSON object anyway so building a ROW_TYPE is a bit pointless, and reduces flexibility in the update_function.
| | * | | | | | Add parse_row method to replication stream classRichard van der Hoff2019-03-273-3/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This will allow individual stream classes to override how a row is parsed.
| * | | | | | | remove log line for password (#4965)Neil Johnson2019-03-281-2/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove log line for password.
| * | | | | | | Allow password providers to bind emails (#4947)Andrew Morgan2019-03-282-4/+22
| | | | | | | | | | | | | | | | | | | | | | | | This PR allows password provider modules to bind email addresses when a user is registering and is motivated by matrix-org/matrix-synapse-ldap3#58
| * | | | | | | Merge pull request #4942 from matrix-org/erikj/fix_presenceErik Johnston2019-03-283-32/+236
| |\ \ \ \ \ \ \ | | |_|/ / / / / | |/| | | | | | Use event streams to calculate presence
| | * | | | | | Use an assertErik Johnston2019-03-281-2/+1
| | | | | | | |
| | * | | | | | Review commentsErik Johnston2019-03-281-44/+62
| | | | | | | |
| | * | | | | | Use event streams to calculate presenceErik Johnston2019-03-273-32/+219
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Primarily this fixes a bug in the handling of remote users joining a room where the server sent out the presence for all local users in the room to all servers in the room. We also change to using the state delta stream, rather than the distributor, as it will make it easier to split processing out of the master process (as well as being more flexible). Finally, when sending presence states to newly joined servers we filter out old presence states to reduce the number sent. Initially we filter out states that are offline and have a last active more than a week ago, though this can be changed down the line. Fixes #3962
| * | | | | | | Merge pull request #4953 from matrix-org/rav/refactor_replication_streamsRichard van der Hoff2019-03-286-76/+133
| |\ \ \ \ \ \ \ | | | |/ / / / / | | |/| | | | | Split up replication.tcp.streams into smaller files
| | * | | | | | move FederationStream out to its own fileRichard van der Hoff2019-03-274-23/+43
| | | | | | | |
| | * | | | | | move EventsStream out to its own fileRichard van der Hoff2019-03-273-23/+42
| | | | | | | |
| | * | | | | | Move replication.tcp.streams into a packageRichard van der Hoff2019-03-273-34/+52
| | | | | | | |
| * | | | | | | Run `black` on some storage modules that the stats branch touches (#4959)Amber Brown2019-03-292-380/+335
| |/ / / / / /
| * / / / / / Fix/improve some docstrings in the replication code. (#4949)Richard van der Hoff2019-03-272-7/+19
| |/ / / / /
* | | | / / Add management endpoints for account validityBrendan Abolivier2019-04-175-18/+116
| |_|_|/ / |/| | | |
* | | | | Send out emails with links to extend an account's validity periodBrendan Abolivier2019-04-1714-39/+573
| |_|/ / |/| | |
* | | | Add account expiration featureBrendan Abolivier2019-04-096-1/+85
| |/ / |/| |
* | | 0.99.3 v0.99.3 github/release-v0.99.3 release-v0.99.3Neil Johnson2019-04-011-1/+1
| | |
* | | bump versionNeil Johnson2019-03-271-1/+1
|/ /
* | Support 3PID login in password providers (#4931)Andrew Morgan2019-03-266-26/+122
| | | | | | | | | | Adds a new method, check_3pid_auth, which gives password providers the chance to allow authentication with third-party identifiers such as email or msisdn.
* | Use the state event amount for userdir import batching, not room count (#4944)Amber Brown2019-03-271-8/+20
| |
* | Make federation endpoints more tolerant of trailing slashes v2 (#4935)Andrew Morgan2019-03-263-8/+9
| | | | | | Redo of https://github.com/matrix-org/synapse/pull/4840
* | Fix ClientReplicationStreamProtocol.__str__ (#4929)Richard van der Hoff2019-03-252-4/+5
| | | | | | | | | | | | | | | | `__str__` depended on `self.addr`, which was absent from ClientReplicationStreamProtocol, so attempting to call str on such an object would raise an exception. We can calculate the peer addr from the transport, so there is no need for addr anyway.
* | Fix bug where read-receipts lost their timestamps (#4927)Richard van der Hoff2019-03-253-12/+30
| | | | | | | | | | Make sure that they are sent correctly over the replication stream. Fixes: #4898
* | Refactor out state delta handling into its own class (#4917)Amber Brown2019-03-254-110/+151
| |
* | Merge pull request #4869 from matrix-org/erikj/yaml_loadErik Johnston2019-03-223-5/+5
|\ \ | | | | | | Fix yaml warnings by using safe_load
| * | Use yaml safe_loadErik Johnston2019-03-223-5/+5
| | |
* | | Remove trailing slashes from outbound federation requests and retry on 400 ↵Andrew Morgan2019-03-212-17/+89
|\ \ \ | |/ / |/| | | | | | | | (#4840) As per #3622, we remove trailing slashes from outbound federation requests. However, to ensure that we remain backwards compatible with previous versions of Synapse, if we receive a HTTP 400 with `M_UNRECOGNIZED`, then we are likely talking to an older version of Synapse in which case we retry with a trailing slash appended to the request path.
| * | Clean up backoff_on_404 and metehod callsAndrew Morgan2019-03-211-9/+13
| | |
| * | kwargs doesn't like commas on calling funcs either. TILAndrew Morgan2019-03-201-2/+2
| | |
| * | lintAndrew Morgan2019-03-201-2/+6
| | |
| * | New test, fix issuesAndrew Morgan2019-03-201-49/+28
| | |
| * | Fix comments. v0.99.2 -> v0.99.3Andrew Morgan2019-03-201-5/+5
| | |
| * | Just return if not doing any trailing slash shennanigansAndrew Morgan2019-03-201-0/+2
| | |
| * | lintAndrew Morgan2019-03-181-1/+1
| | |
| * | Better exception handlingAndrew Morgan2019-03-181-16/+17
| | |
| * | Correct var nameAndrew Morgan2019-03-131-2/+2
| | |
| * | receiving a 400 caused an exception. handle itAndrew Morgan2019-03-131-5/+12
| | |
| * | is this what purgatory feels likeAndrew Morgan2019-03-131-3/+3
| | |
| * | i should have given up x2Andrew Morgan2019-03-131-18/+13
| | |
| * | i should have given upAndrew Morgan2019-03-131-1/+1
| | |
| * | there comes a time when you should give up. but you dontAndrew Morgan2019-03-131-1/+1
| | |
| * | as aboveAndrew Morgan2019-03-131-2/+4
| | |
| * | no kwargs todayAndrew Morgan2019-03-131-7/+12
| | |
| * | Or perhaps I was the one who was drunkAndrew Morgan2019-03-131-6/+3
| | |
| * | go home python, you're drunkAndrew Morgan2019-03-131-4/+2
| | |
| * | Syntax checker is borkAndrew Morgan2019-03-131-6/+5
| | |
| * | Destructure againAndrew Morgan2019-03-131-7/+8
| | |
| * | Are you happy nowAndrew Morgan2019-03-131-2/+2
| | |
| * | Syntax testAndrew Morgan2019-03-131-6/+5
| | |
| * | Remove testing codeAndrew Morgan2019-03-131-3/+0
| | |
| * | Add missing docstring detailAndrew Morgan2019-03-131-1/+1
| | |
| * | Fix syntax issuesAndrew Morgan2019-03-131-7/+10
| | |
| * | Switch to wrapper function around _send_requestAndrew Morgan2019-03-132-37/+76
| | |
| * | Retry on 400:M_UNRECOGNIZEDAndrew Morgan2019-03-131-6/+10
| | |
| * | Fix paranthesis indentAndrew Morgan2019-03-131-1/+2
| | |
| * | Add workaround noteAndrew Morgan2019-03-131-10/+4
| | |
| * | Cleaner way of implementing trailing slashesAndrew Morgan2019-03-122-68/+62
| | |
| * | Merge branch 'develop' into anoa/trailing_slashes_clientAndrew Morgan2019-03-112-9/+9
| |\ \
| * \ \ Merge branch 'develop' into anoa/trailing_slashes_clientAndrew Morgan2019-03-114-19/+53
| |\ \ \
| * | | | lintAndrew Morgan2019-03-081-1/+3
| | | | |
| * | | | Retry certain federation requests on 404Andrew Morgan2019-03-082-5/+50
| | | | |
| * | | | Remove trailing slashes from outbound federation requestsAndrew Morgan2019-03-081-7/+7
| | | | |
* | | | | Merge pull request #4908 from matrix-org/erikj/block_peek_on_blocked_roomsErik Johnston2019-03-212-2/+11
|\ \ \ \ \ | | | | | | | | | | | | Deny peeking into rooms that have been blocked
| * | | | | Deny peeking into rooms that have been blockedErik Johnston2019-03-212-2/+11
| | | | | |
* | | | | | Merge pull request #4904 from matrix-org/erikj/fix_shutdownErik Johnston2019-03-216-24/+62
|\| | | | | | | | | | | | | | | | | Fixup shutdown room API
| * | | | | Fix upsertErik Johnston2019-03-211-0/+1
| | | | | |
| * | | | | Revert spurious deleteErik Johnston2019-03-201-0/+4
| | | | | |
| * | | | | comment block_roomErik Johnston2019-03-201-0/+9
| | | | | |
| * | | | | Use flagsErik Johnston2019-03-205-15/+17
| | | | | |
| * | | | | Move requester check into assert_accepted_privacy_policyErik Johnston2019-03-201-5/+8
| | | | | |
| * | | | | Gracefully handle failing to kick userErik Johnston2019-03-201-19/+27
| | | | | |
| * | | | | Log new room IDErik Johnston2019-03-201-1/+6
| | | | | |
| * | | | | Only require consent for events with an associated requestErik Johnston2019-03-201-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There are a number of instances where a server or admin may puppet a user to join/leave rooms, which we don't want to fail if the user has not consented to the privacy policy. We fix this by adding a check to test if the requester has an associated access_token, which is used as a proxy to answer the question of whether the action is being done on behalf of a real request from the user.
| * | | | | Allow blocking a room multiple timesErik Johnston2019-03-201-2/+4
| | | | | |
* | | | | | Merge pull request #4896 from matrix-org/erikj/disable_room_directoryErik Johnston2019-03-213-0/+32
|\ \ \ \ \ \ | | | | | | | | | | | | | | Add option to disable search room lists
| * | | | | | Disable publishing to room list when its disabledErik Johnston2019-03-201-0/+8
| | | | | | |
| * | | | | | Pull out config optionErik Johnston2019-03-201-3/+3
| | | | | | |
| * | | | | | Return before we logErik Johnston2019-03-201-4/+5
| | | | | | |
| * | | | | | Fix up config commentsErik Johnston2019-03-201-3/+4
| | | | | | |
| * | | | | | Add option to disable search room listsErik Johnston2019-03-192-0/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | This disables both local and remote room list searching.
* | | | | | | Merge pull request #4895 from matrix-org/erikj/disable_user_searchErik Johnston2019-03-202-0/+15
|\ \ \ \ \ \ \ | |_|/ / / / / |/| | | | | | Add option to disable searching in the user dir
| * | | | | | Fix up sample configErik Johnston2019-03-201-2/+4
| | | | | | |
| * | | | | | Update synapse/config/user_directory.pyRichard van der Hoff2019-03-201-1/+1
| | | | | | | | | | | | | | | | | | | | | Co-Authored-By: erikjohnston <erikj@jki.re>
| * | | | | | Add option to disable searching in the user dirErik Johnston2019-03-192-0/+13
| |/ / / / / | | | | | | | | | | | | | | | | | | We still populate it, as it can still be accessed via the admin API.
* | | | | | Batching in the user directory import (#4900)Amber Brown2019-03-211-0/+13
| | | | | |
* | | | | | Add a config option for torture-testing worker replication. (#4902)Richard van der Hoff2019-03-202-1/+22
| | | | | | | | | | | | | | | | | | Setting this to 50 or so makes a bunch of sytests fail in worker mode.
* | | | | | Batch up outgoing read-receipts to reduce federation traffic. (#4890)Richard van der Hoff2019-03-204-22/+171
|/ / / / / | | | | | | | | | | | | | | | Rate-limit outgoing read-receipts as per #4730.
* | | | | Use a regular HomeServerConfig object for unit testsRichard van der Hoff2019-03-192-2/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Rather than using a Mock for the homeserver config, use a genuine HomeServerConfig object. This makes for a more realistic test, and means that we don't have to keep remembering to add things to the mock config every time we add a new config setting.
* | | | | Merge remote-tracking branch 'origin/develop' into HEADRichard van der Hoff2019-03-193-4/+16
|\ \ \ \ \
| * | | | | fix test_auto_create_auto_join_where_no_consent (#4886)Neil Johnson2019-03-192-3/+15
| | | | | |
| * | | | | Fix user directory background update (#4887)Erik Johnston2019-03-191-1/+1
| | | | | |
* | | | | | Enforce hs_disabled_message correctlyRichard van der Hoff2019-03-191-3/+5
|/ / / / / | | | | | | | | | | | | | | | | | | | | Fixes a bug where hs_disabled_message was not enforced for 3pid-based requests if there was no server_notices_mxid configured.
* | | | | Comment out most options in the generated config. (#4863)Richard van der Hoff2019-03-1914-98/+149
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make it so that most options in the config are optional, and commented out in the generated config. The reasons this is a good thing are as follows: * If we decide that we should change the default for an option, we can do so, and only those admins that have deliberately chosen to override that option will be stuck on the old setting. * It moves us towards a point where we can get rid of the super-surprising feature of synapse where the default settings for the config come from the generated yaml. * It makes setting up a test config for unit testing an order of magnitude easier (see forthcoming PR). * It makes the generated config more consistent, and hopefully easier for users to understand.
* | | | | Migrate the user directory initial population to a background task (#4864)Amber Brown2019-03-194-256/+325
| | | | |
* | | | | Add ratelimiting on failed login attempts (#4865)Brendan Abolivier2019-03-182-5/+32
| | | | |
* | | | | Add ratelimiting on login (#4821)Brendan Abolivier2019-03-156-22/+102
| | | | | | | | | | | | | | | Add two ratelimiters on login (per-IP address and per-userID).
* | | | | Merge pull request #4855 from matrix-org/rav/refactor_transaction_queueRichard van der Hoff2019-03-157-761/+864
|\ \ \ \ \ | | | | | | | | | | | | Split TransactionQueue up
| * | | | | Rename and move the classesRichard van der Hoff2019-03-137-811/+864
| | | | | |
| * | | | | Factor per-destination stuff out of TransactionQueueRichard van der Hoff2019-03-131-132/+182
| | | | | | | | | | | | | | | | | | | | | | | | This is easier than having to have a million fields keyed on destination.
* | | | | | Merge pull request #4852 from matrix-org/rav/move_rr_sending_to_workerRichard van der Hoff2019-03-155-55/+110
|\| | | | | | | | | | | | | | | | | Move client receipt processing to federation sender worker.
| * | | | | Move client receipt processing to federation sender worker.Richard van der Hoff2019-03-134-33/+78
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is mostly a prerequisite for #4730, but also fits with the general theme of "move everything off the master that we possibly can".
| * | | | | declare a ReadReceipt classRichard van der Hoff2019-03-132-24/+34
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I'm going to use this in queues and things, so it'll be useful to give it more of a structure.
* | | | | | Merge pull request #4853 from matrix-org/erikj/worker_docker_ciErik Johnston2019-03-154-17/+53
|\ \ \ \ \ \ | | | | | | | | | | | | | | Allow passing --daemonize to workers
| * | | | | | Correctly handle all command line optionsErik Johnston2019-03-143-16/+42
| | | | | | |
| * | | | | | Allow passing --daemonize to workersErik Johnston2019-03-132-1/+11
| | | | | | |
* | | | | | | Revert "Make federation endpoints more tolerant of trailing slashes for some ↵Erik Johnston2019-03-142-8/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | endpoints (#4793)" This reverts commit 290552fd836f4ae2dc1d893a7f72f7fff85365d3.
* | | | | | | Merge pull request #4846 from matrix-org/hawkowl/userdir-searchErik Johnston2019-03-147-123/+183
|\ \ \ \ \ \ \ | |/ / / / / / |/| | | | | | Improve searching in the userdir
| * | | | | | fixupAmber Brown2019-03-132-2/+2
| | | | | | |
| * | | | | | fixupAmber Brown2019-03-133-55/+16
| | | | | | |
| * | | | | | fixupAmber Brown2019-03-121-1/+1
| | | | | | |
| * | | | | | fixupAmber Brown2019-03-121-1/+2
| | | | | | |
| * | | | | | fixupAmber Brown2019-03-123-160/+139
| | | | | | |
| * | | | | | fixupAmber Brown2019-03-121-1/+1
| | | | | | |
| * | | | | | use the old methodAmber Brown2019-03-121-3/+2
| | | | | | |
| * | | | | | fixAmber Brown2019-03-121-1/+1
| | | | | | |
| * | | | | | pep8Amber Brown2019-03-121-2/+1
| | | | | | |
| * | | | | | fixesAmber Brown2019-03-123-48/+62
| | | | | | |
| * | | | | | master startupAmber Brown2019-03-112-0/+9
| | | | | | |
| * | | | | | Merge remote-tracking branch 'origin/develop' into hawkowl/userdir-searchAmber Brown2019-03-114-19/+53
| |\ \ \ \ \ \ | | | |_|/ / / | | |/| | | |
| * | | | | | initialAmber Brown2019-03-114-4/+102
| | |_|/ / / | |/| | | |
* | | | | | Document using a certificate with a full chain (#4849)Andrew Morgan2019-03-131-0/+5
| |_|/ / / |/| | | |
* | | | | Transfer local user's push rules on room upgrade (#4838)Andrew Morgan2019-03-122-0/+61
| | | | | | | | | | | | | | | Transfer push rules (notifications) on room upgrade
* | | | | Clarify what registration_shared_secret allows for (#2885) (#4844)Aaron Raimist2019-03-111-2/+2
| |_|/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Clarify what registration_shared_secret allows for (#2885) Signed-off-by: Aaron Raimist <aaron@raim.ist> * Add changelog Signed-off-by: Aaron Raimist <aaron@raim.ist>
* | | | Make federation endpoints more tolerant of trailing slashes for some ↵Andrew Morgan2019-03-112-8/+8
| | | | | | | | | | | | | | | | | | | | endpoints (#4793) Server side of a solution towards #3622.
* | | | Correctly log expected errors when fetching server keysErik Johnston2019-03-111-2/+2
| |/ / |/| |
* | | fix incorrect encoding of filenames with spaces in (#2090)Matthew Hodgson2019-03-111-3/+51
| | | | | | | | | | | | fixes https://github.com/vector-im/riot-web/issues/3155
* | | Add comment to schemaErik Johnston2019-03-081-0/+2
| | |
* | | Make `prev_state` field optionalErik Johnston2019-03-082-16/+0
|/ / | | | | | | | | | | | | The `prev_state` field on events is not specced and so synapse shouldn't explode if an event is missing the field. Fixes #4787
* | Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2019-03-0817-426/+384
|\ \ | | | | | | | | | erikj/soft_fail_impl
| * \ Merge pull request #4829 from matrix-org/erikj/device_list_seen_updatesErik Johnston2019-03-081-3/+7
| |\ \ | | | | | | | | When re-syncing device lists reset the state
| | * | When re-syncing device lists reset the stateErik Johnston2019-03-071-3/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | We keep track of what stream IDs we've seen so that we know what updates we've handled or missed. If we re-sync we don't know if the updates we've seen are included in the re-sync (there may be a race), so we should reset the seen updates.
| * | | Add some debug logging for device list handlingErik Johnston2019-03-071-2/+38
| |/ /
| * | Rewrite userdir to be faster (#4537)Amber Brown2019-03-073-366/+174
| | |
| * | Merge pull request #4779 from matrix-org/travis/iconsTravis Ralston2019-03-063-7/+7
| |\ \ | | | | | | | | Use static locations for Riot icons
| | * | Use static locations for Riot iconsTravis Ralston2019-03-013-7/+7
| | | | | | | | | | | | See https://github.com/vector-im/riot-web/issues/9009
| * | | Merge pull request #4818 from matrix-org/erikj/prefill_client_ipsErik Johnston2019-03-061-0/+2
| |\ \ \ | | | | | | | | | | Prefill client IPs cache on workers
| | * | | Prefill client IPs cache on workersErik Johnston2019-03-061-0/+2
| | | | |
| * | | | Merge pull request #4815 from matrix-org/erikj/docstringsErik Johnston2019-03-062-7/+45
| |\ \ \ \ | | | | | | | | | | | | Add docstrings from matrix-org-hotfixes
| | * | | | Add docstrings from matrix-org-hotfixesErik Johnston2019-03-062-7/+45
| | |/ / /
| * | | | Merge pull request #4816 from matrix-org/erikj/4422_debugErik Johnston2019-03-061-7/+46
| |\ \ \ \ | | | | | | | | | | | | Port #4422 debug logging from hotfixes
| | * | | | Port #4422 debug logging from hotfixesErik Johnston2019-03-061-7/+46
| | |/ / /
| * / / / Send message after room has been shutdownErik Johnston2019-03-061-11/+11
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently the explanation message is sent to the abuse room before any users are forced joined, which means it tends to get lost in the backlog of joins. So instead we send the message *after* we've forced joined everyone.