summary refs log tree commit diff
path: root/synapse (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Retry well known on fail.Erik Johnston2019-08-152-34/+114
| | | | | | If we have recently seen a valid well-known for a domain we want to retry on (non-final) errors a few times, to handle temporary blips in networking/etc.
* Merge pull request #5844 from matrix-org/erikj/retry_well_known_lookupErik Johnston2019-08-142-25/+65
|\ | | | | Retry well-known lookup before expiry.
| * Retry well-known lookup before expiry.Erik Johnston2019-08-132-25/+65
| | | | | | | | | | | | | | | | | | This gives a bit of a grace period where we can attempt to refetch a remote `well-known`, while still using the cached result if that fails. Hopefully this will make the well-known resolution a bit more torelant of failures, rather than it immediately treating failures as "no result" and caching that for an hour.
* | 1.3.0rc1 v1.3.0rc1Brendan Abolivier2019-08-131-1/+1
| |
* | fix config being a dict, actuallyAmber H. Brown2019-08-141-1/+1
| |
* | Merge pull request #5809 from matrix-org/erikj/handle_pusher_stopErik Johnston2019-08-133-21/+54
|\ \ | |/ |/| Handle pusher being deleted during processing.
| * Remove redundant returnErik Johnston2019-08-131-1/+0
| |
| * Clarify docstringErik Johnston2019-08-131-1/+1
| | | | | | Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
| * Handle pusher being deleted during processing.Erik Johnston2019-08-013-21/+55
| | | | | | | | | | Instead of throwing a StoreError lets break out of processing loop and mark the pusher as stopped.
* | Don't load the media repo when configured to use an external media repo (#5754)Amber Brown2019-08-136-91/+172
| |
* | Merge pull request #5836 from matrix-org/erikj/lower_bound_ttl_well_knownErik Johnston2019-08-132-149/+200
|\ \ | | | | | | Add a lower bound to well-known TTL.
| * | Make default well known cache global again.Erik Johnston2019-08-131-1/+4
| | |
| * | Move well known lookup into a separate clasErik Johnston2019-08-072-153/+197
| | |
| * | Add a lower bound for TTL on well known results.Erik Johnston2019-08-061-0/+4
| | | | | | | | | | | | | | | | | | | | | It costs both us and the remote server for us to fetch the well known for every single request we send, so we add a minimum cache period. This is set to 5m so that we still honour the basic premise of "refetch frequently".
* | | Merge pull request #5826 from matrix-org/erikj/reduce_event_pausesErik Johnston2019-08-131-128/+142
|\ \ \ | | | | | | | | Don't unnecessarily block notifying of new events.
| * | | Don't unnecessarily block notifying of new events.Erik Johnston2019-08-061-128/+142
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When persisting events we calculate new stream orderings up front. Before we notify about an event all events with lower stream orderings must have finished being persisted. This PR moves the assignment of stream ordering till *after* calculated the new current state and split the batch of events into separate chunks for persistence. This means that if it takes a long time to calculate new current state then it will not block events in other rooms being notified about. This should help reduce some global pauses in the events stream which can last for tens of seconds (if not longer), caused by some particularly expensive state resolutions.
* | | | Merge pull request #5788 from matrix-org/rav/metaredactionsRichard van der Hoff2019-08-121-101/+112
|\ \ \ \ | |_|/ / |/| | | Fix handling of redactions of redactions
| * | | Handle loops in redaction eventsRichard van der Hoff2019-07-301-60/+36
| | | |
| * | | recursively fetch redactionsRichard van der Hoff2019-07-301-32/+36
| | | |
| * | | split _get_events_from_db out of _enqueue_eventsRichard van der Hoff2019-07-291-32/+51
| | | |
| * | | Return dicts from _fetch_event_listRichard van der Hoff2019-07-291-15/+27
| | | |
* | | | Merge pull request #5825 from matrix-org/erikj/fix_empty_limited_syncErik Johnston2019-08-061-6/+37
|\ \ \ \ | | | | | | | | | | Handle TimelineBatch being limited and empty.
| * | | | Handle TimelineBatch being limited and empty.Erik Johnston2019-08-061-6/+37
| | |/ / | |/| | | | | | | | | | | | | | | | | | This hopefully addresses #5407 by gracefully handling an empty but limited TimelineBatch. We also add some logging to figure out how this is happening.
* / | | Return 404 instead of 403 when retrieving an event without perms (#5798)Andrew Morgan2019-08-061-3/+11
|/ / / | | | | | | | | | | | | Part of fixing matrix-org/sytest#652 Sytest PR: matrix-org/sytest#667
* | | Account validity: allow defining HTML templates to serve the us… (#5807)Brendan Abolivier2019-08-015-11/+71
|\ \ \ | | | | | | | | Account validity: allow defining HTML templates to serve the user on account renewal attempt
| * | | LintBrendan Abolivier2019-08-012-16/+9
| | | |
| * | | Allow defining HTML templates to serve the user on account renewalBrendan Abolivier2019-08-015-9/+76
| | | |
* | | | Merge pull request #5810 from matrix-org/erikj/no_server_reachableErik Johnston2019-08-011-4/+3
|\ \ \ \ | | | | | | | | | | Return 502 not 500 when failing to reach any remote server.
| * | | | Return 502 not 500 when failing to reach any remote server.Erik Johnston2019-08-011-4/+3
| | | | |
* | | | | Have ClientReaderSlavedStore inherit RegistrationStore (#5806)Andrew Morgan2019-08-011-21/+21
| | | | | | | | | | | | | | | Fixes #5803
* | | | | Merge pull request #5808 from matrix-org/erikj/parse_decode_errorErik Johnston2019-08-011-1/+6
|\ \ \ \ \ | |/ / / / |/| | | | Handle incorrectly encoded query params correctly
| * | | | Handle incorrectly encoded query params correctlyErik Johnston2019-08-011-1/+6
| | |_|/ | |/| |
* | | | Merge pull request #5805 from matrix-org/erikj/validate_stateErik Johnston2019-08-011-2/+9
|\ \ \ \ | | | | | | | | | | Validate well known state events are state events.
| * | | | Validate well-known state events are state events.Erik Johnston2019-07-311-2/+9
| | | | | | | | | | | | | | | | | | | | | | | | | Lets disallow sending things like memberships, topics etc as non-state events.
* | | | | Merge pull request #5801 from matrix-org/erikj/recursive_tombstoneErik Johnston2019-08-011-0/+9
|\ \ \ \ \ | |_|/ / / |/| | | | Don't allow clients to send tombstones that reference the same room
| * | | | Fix spelling.Erik Johnston2019-08-011-1/+3
| |/ / / | | | | | | | | | | | | Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
| * | | Don't allow clients to send tombstones that reference the same roomErik Johnston2019-07-311-0/+7
| | | |
* | | | Merge pull request #5802 from matrix-org/erikj/deny_redacting_different_roomErik Johnston2019-08-011-1/+3
|\ \ \ \ | | | | | | | | | | Deny redaction of events in a different room.
| * | | | Deny redaction of events in a different room.Erik Johnston2019-07-311-1/+3
| |/ / / | | | | | | | | | | | | | | | | We already correctly filter out such redactions, but we should also deny them over the CS API.
* | | | Merge pull request #5790 from matrix-org/erikj/groups_request_errorsErik Johnston2019-08-012-32/+60
|\ \ \ \ | | | | | | | | | | Handle RequestSendFailed exception correctly in more places.
| * | | | Don't log as exception when failing durig backfillErik Johnston2019-07-301-0/+3
| | | | |
| * | | | Correctly handle errors doing requests to group serversErik Johnston2019-07-291-32/+57
| | | | |
* | | | | Explicitly check that tombstone is a state event before notifying.Erik Johnston2019-07-311-1/+7
| |/ / / |/| | |
* | | | Change user deactivated errcode to USER_DEACTIVATED and use it (#5686)Andrew Morgan2019-07-311-1/+2
| | | | | | | | | | | | | | | | | | | | This is intended as an amendment to #5674 as using M_UNKNOWN as the errcode makes it hard for clients to differentiate between an invalid password and a deactivated user (the problem we were trying to solve in the first place). M_UNKNOWN was originally chosen as it was presumed than an MSC would have to be carried out to add a new code, but as Synapse often is the testing bed for new MSC implementations, it makes sense to try it out first in the wild and then add it into the spec if it is successful. Thus this PR return a new M_USER_DEACTIVATED code when a deactivated user attempts to login.
* | | | Remove duplicate return statementAndrew Morgan2019-07-311-1/+0
| | | |
* | | | Share SSL options for well-known requestsErik Johnston2019-07-312-11/+13
| | | |
* | | | Don't recreate columnErik Johnston2019-07-302-1/+22
| |/ / |/| |
* | | Fix current_state_events membership background update.Erik Johnston2019-07-302-1/+1
| | | | | | | | | | | | | | | | | | Turns out not all rooms are in `rooms`, so lets fetch the room list from `current_state_events`. We move the delta file to force it to be run again.
* | | Unwrap errorErik Johnston2019-07-301-1/+2
| | |
* | | Fix error handling when fetching remote device keysErik Johnston2019-07-301-3/+1
| | |
* | | Remove non-functional 'expire_access_token' setting (#5782)Richard van der Hoff2019-07-303-30/+6
| |/ |/| | | | | | | | | | | | | The `expire_access_token` didn't do what it sounded like it should do. What it actually did was make Synapse enforce the 'time' caveat on macaroons used as access tokens, but since our access token macaroons never contained such a caveat, it was always a no-op. (The code to add 'time' caveats was removed back in v0.18.5, in #1656)
* | Room Complexity Client Implementation (#5783)Amber Brown2019-07-305-11/+206
|/
* Merge pull request #5774 from matrix-org/erikj/fix_rejected_membershipErik Johnston2019-07-291-0/+6
|\ | | | | Fix room summary when rejected events are in state
| * Fix room summary when rejected events are in stateErik Johnston2019-07-261-0/+6
| | | | | | | | | | | | Annoyingly, `current_state_events` table can include rejected events, in which case the membership column will be null. To work around this lets just always filter out null membership for now.
* | Merge pull request #5752 from matrix-org/erikj/forgotten_userErik Johnston2019-07-292-35/+123
|\ \ | | | | | | Remove some more joins on room_memberships
| * | Expand commentErik Johnston2019-07-291-0/+5
| | |
| * | Remove lost commentErik Johnston2019-07-291-7/+0
| |/
| * Remove join when calculating room summaries.Erik Johnston2019-07-241-13/+21
| |
| * Remove join on room_memberships when fetching rooms for user.Erik Johnston2019-07-241-22/+36
| |
| * Add function to get all forgotten rooms for userErik Johnston2019-07-242-0/+68
| | | | | | | | | | | | This will allow us to efficiently filter out rooms that have been forgotten in other queries without having to join against the `room_memberships` table.
* | Merge pull request #5770 from matrix-org/erikj/fix_current_state_event_sqliteErik Johnston2019-07-291-2/+2
|\ \ | | | | | | Fix current_state bg update to work on old SQLite
| * | Fix current_state bg update to work on old SQLiteErik Johnston2019-07-291-2/+2
| | |
* | | Move some timeout checking logs to DEBUG #5785 Amber Brown2019-07-302-2/+2
| | |
* | | Update the device list cache when keys/query is called (#5693)Jorik Schellekens2019-07-292-74/+136
|/ /
* | Add kwargs and docBrendan Abolivier2019-07-291-2/+4
| |
* | Add ability to pass arguments to looping callsBrendan Abolivier2019-07-291-2/+2
| |
* | Merge branch 'master' into developRichard van der Hoff2019-07-262-1/+5
|\ \
| * | 1.2.1Richard van der Hoff2019-07-261-1/+1
| | |
| * | Merge branch 'erikj/log_leave_origin_mismatch' into release-v1.2.1Richard van der Hoff2019-07-262-4/+37
| |\ \
| * | | Log when we receive receipt from a different originErik Johnston2019-07-261-13/+22
| | | |
| * | | Fix DoS when there is a cycle in redaction eventsRichard van der Hoff2019-07-261-0/+4
| | | | | | | | | | | | | | | | | | | | Make sure that synapse doesn't explode when a redaction redacts itself, or there is a larger cycle.
* | | | Merge pull request #5744 from matrix-org/erikj/log_leave_origin_mismatchRichard van der Hoff2019-07-262-4/+37
|\ \ \ \ | | |/ / | |/| | Log when we receive a /make_* request from a different origin
| * | | Log when we receive a /make_* request from a different originRichard van der Hoff2019-07-262-4/+37
| | | |
* | | | Merge pull request #5767 from matrix-org/rav/redactions/cross_room_idRichard van der Hoff2019-07-251-0/+27
|\ \ \ \ | | |/ / | |/| | log when a redaction attempts to redact an event in a different room
| * | | log when a redaction attempts to redact an event in a different roomRichard van der Hoff2019-07-251-0/+27
| | | |
* | | | Fix some error cases in the caching layer. (#5749)Richard van der Hoff2019-07-251-32/+42
| | | | | | | | | | | | | | | | | | | | | | | | | | | | There was some inconsistent behaviour in the caching layer around how exceptions were handled - particularly synchronously-thrown ones. This seems to be most easily handled by pushing the creation of ObservableDeferreds down from CacheDescriptor to the Cache.
* | | | Merge branch 'master' into developAndrew Morgan2019-07-251-1/+1
|\| | |
| * | | 1.2.0 v1.2.0 github/release-v1.2.0 release-v1.2.0Andrew Morgan2019-07-251-1/+1
| |/ /
* | | Merge tag 'v1.2.0rc2' into developAndrew Morgan2019-07-248-26/+75
|\| | | | | | | | | | | | | | | | | | | | Bugfixes -------- - Fix a regression introduced in v1.2.0rc1 which led to incorrect labels on some prometheus metrics. ([\#5734](https://github.com/matrix-org/synapse/issues/5734))
| * | 1.2.0rc2 v1.2.0rc2Andrew Morgan2019-07-241-1/+1
| | |
| * | Fix servlet metric names (#5734)Jorik Schellekens2019-07-247-25/+74
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Fix servlet metric names Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com> * Remove redundant check * Cover all return paths
* | | Merge pull request #5743 from matrix-org/erikj/log_origin_receipts_mismatchErik Johnston2019-07-241-13/+22
|\ \ \ | | | | | | | | Log when we receive receipt from a different origin
| * | | Log when we receive receipt from a different originErik Johnston2019-07-231-13/+22
| | | |
* | | | Stop trying to fetch events with event_id=None. (#5753)Richard van der Hoff2019-07-243-11/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | `None` is not a valid event id, so queuing up a database fetch for it seems like a silly thing to do. I considered making `get_event` return `None` if `event_id is None`, but then its interaction with `allow_none` seemed uninituitive, and strong typing ftw.
* | | | Add a prometheus metric for active cache lookups. (#5750)Richard van der Hoff2019-07-242-2/+33
| | | | | | | | | | | | | | | | | | | | | | | | * Add a prometheus metric for active cache lookups. * changelog
* | | | Make Jaeger fully configurable (#5694)Jorik Schellekens2019-07-232-4/+29
| | | | | | | | | | | | | | | | | | | | | | | | * Allow Jaeger to be configured * Update sample config
* | | | Replace returnValue with return (#5736)Amber Brown2019-07-23162-1488/+1333
| |_|/ |/| |
* | | Opentracing Utils (#5722)Jorik Schellekens2019-07-232-101/+356
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add decerators for tracing functions * Use the new clean contexts * Context and edu utils * Move opentracing setters * Move whitelisting * Sectioning comments * Better args wrapper * Docstrings Co-Authored-By: Erik Johnston <erik@matrix.org> * Remove unused methods. * Don't use global * One tracing decorator to rule them all.
* | | Merge pull request #5732 from matrix-org/erikj/sdnotifyErik Johnston2019-07-2313-11/+59
|\ \ \ | |/ / |/| | Add process hooks to tell systemd our state.
| * | Call startup commands as system triggers.Erik Johnston2019-07-2211-11/+29
| | | | | | | | | | | | | | | This helps ensures that we only consider ourselves "up" once all the startup functions have completed.
| * | Add process hooks to tell systemd our state.Erik Johnston2019-07-222-0/+30
| | | | | | | | | | | | Fixes #5676.
* | | Speed up current state background update.Erik Johnston2019-07-231-18/+30
| | | | | | | | | | | | | | | Turns out that storing huge JSON arrays in the progress JSON isn't something that postgres particularly likes.
* | | Fix logging in workers (#5729)Amber Brown2019-07-221-0/+1
| | | | | | | | | This also adds a worker blacklist.
* | | Merge pull request #5730 from matrix-org/erikj/cache_versionsErik Johnston2019-07-221-2/+21
|\ \ \ | | | | | | | | Cache get_version_string.
| * | | Cache get_version_string.Erik Johnston2019-07-221-2/+21
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | The version of a module isn't going to change over the lifetime of the process (assuming no funky hot reloading is going on, which it isn't), so let's just cache the result to avoid spawning lots of git subprocesses. Fixes #5672.
* | | Merge pull request #5731 from matrix-org/jaywink/admin-user-list-user-typeJason Robinson2019-07-221-3/+3
|\ \ \ | | | | | | | | Add `user_type` to returned fields in admin API user list endpoints
| * | | Add `user_type` to returned fields in admin API user list endpointsJason Robinson2019-07-221-3/+3
| |/ / | | | | | | | | | | | | | | | | | | Mostly user type will be empty (normal user) but there is also the "support" user type. Signed-off-by: Jason Robinson <jasonr@matrix.org>
* | | Fix stack overflow in Keyring (#5724)Richard van der Hoff2019-07-221-51/+41
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Refactor Keyring._start_key_lookups There's an awful lot of deferreds and dictionaries flying around here. The whole thing can be made much simpler and achieve the same effect. * Add a delay to key lookup lock release to fix stack overflow A tactical call_later here should fix #5723 * changelog
| * | | Add a delay to key lookup lock release to fix stack overflowRichard van der Hoff2019-07-191-2/+8
| | | | | | | | | | | | | | | | A tactical call_later here should fix #5723
| * | | Refactor Keyring._start_key_lookupsRichard van der Hoff2019-07-191-51/+35
| | | | | | | | | | | | | | | | | | | | There's an awful lot of deferreds and dictionaries flying around here. The whole thing can be made much simpler and achieve the same effect.
* | | | Merge tag 'v1.2.0rc1' into developAndrew Morgan2019-07-221-1/+1
|\ \ \ \ | |_|/ / |/| | / | | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | v1.2.0rc1 Features -------- - Add support for opentracing. ([\#5544](https://github.com/matrix-org/synapse/issues/5544), [\#5712](https://github.com/matrix-org/synapse/issues/5712)) - Add ability to pull all locally stored events out of synapse that a particular user can see. ([\#5589](https://github.com/matrix-org/synapse/issues/5589)) - Add a basic admin command app to allow server operators to run Synapse admin commands separately from the main production instance. ([\#5597](https://github.com/matrix-org/synapse/issues/5597)) - Add `sender` and `origin_server_ts` fields to `m.replace`. ([\#5613](https://github.com/matrix-org/synapse/issues/5613)) - Add default push rule to ignore reactions. ([\#5623](https://github.com/matrix-org/synapse/issues/5623)) - Include the original event when asking for its relations. ([\#5626](https://github.com/matrix-org/synapse/issues/5626)) - Implement `session_lifetime` configuration option, after which access tokens will expire. ([\#5660](https://github.com/matrix-org/synapse/issues/5660)) - Return "This account has been deactivated" when a deactivated user tries to login. ([\#5674](https://github.com/matrix-org/synapse/issues/5674)) - Enable aggregations support by default ([\#5714](https://github.com/matrix-org/synapse/issues/5714)) Bugfixes -------- - Fix 'utime went backwards' errors on daemonization. ([\#5609](https://github.com/matrix-org/synapse/issues/5609)) - Various minor fixes to the federation request rate limiter. ([\#5621](https://github.com/matrix-org/synapse/issues/5621)) - Forbid viewing relations on an event once it has been redacted. ([\#5629](https://github.com/matrix-org/synapse/issues/5629)) - Fix requests to the `/store_invite` endpoint of identity servers being sent in the wrong format. ([\#5638](https://github.com/matrix-org/synapse/issues/5638)) - Fix newly-registered users not being able to lookup their own profile without joining a room. ([\#5644](https://github.com/matrix-org/synapse/issues/5644)) - Fix bug in #5626 that prevented the original_event field from actually having the contents of the original event in a call to `/relations`. ([\#5654](https://github.com/matrix-org/synapse/issues/5654)) - Fix 3PID bind requests being sent to identity servers as `application/x-form-www-urlencoded` data, which is deprecated. ([\#5658](https://github.com/matrix-org/synapse/issues/5658)) - Fix some problems with authenticating redactions in recent room versions. ([\#5699](https://github.com/matrix-org/synapse/issues/5699), [\#5700](https://github.com/matrix-org/synapse/issues/5700), [\#5707](https://github.com/matrix-org/synapse/issues/5707)) - Ignore redactions of m.room.create events. ([\#5701](https://github.com/matrix-org/synapse/issues/5701)) Updates to the Docker image --------------------------- - Base Docker image on a newer Alpine Linux version (3.8 -> 3.10). ([\#5619](https://github.com/matrix-org/synapse/issues/5619)) - Add missing space in default logging file format generated by the Docker image. ([\#5620](https://github.com/matrix-org/synapse/issues/5620)) Improved Documentation ---------------------- - Add information about nginx normalisation to reverse_proxy.rst. Contributed by @skalarproduktraum - thanks! ([\#5397](https://github.com/matrix-org/synapse/issues/5397)) - --no-pep517 should be --no-use-pep517 in the documentation to setup the development environment. ([\#5651](https://github.com/matrix-org/synapse/issues/5651)) - Improvements to Postgres setup instructions. Contributed by @Lrizika - thanks! ([\#5661](https://github.com/matrix-org/synapse/issues/5661)) - Minor tweaks to postgres documentation. ([\#5675](https://github.com/matrix-org/synapse/issues/5675)) Deprecations and Removals ------------------------- - Remove support for the `invite_3pid_guest` configuration setting. ([\#5625](https://github.com/matrix-org/synapse/issues/5625)) Internal Changes ---------------- - Move logging code out of `synapse.util` and into `synapse.logging`. ([\#5606](https://github.com/matrix-org/synapse/issues/5606), [\#5617](https://github.com/matrix-org/synapse/issues/5617)) - Add a blacklist file to the repo to blacklist certain sytests from failing CI. ([\#5611](https://github.com/matrix-org/synapse/issues/5611)) - Make runtime errors surrounding password reset emails much clearer. ([\#5616](https://github.com/matrix-org/synapse/issues/5616)) - Remove dead code for persiting outgoing federation transactions. ([\#5622](https://github.com/matrix-org/synapse/issues/5622)) - Add `lint.sh` to the scripts-dev folder which will run all linting steps required by CI. ([\#5627](https://github.com/matrix-org/synapse/issues/5627)) - Move RegistrationHandler.get_or_create_user to test code. ([\#5628](https://github.com/matrix-org/synapse/issues/5628)) - Add some more common python virtual-environment paths to the black exclusion list. ([\#5630](https://github.com/matrix-org/synapse/issues/5630)) - Some counter metrics exposed over Prometheus have been renamed, with the old names preserved for backwards compatibility and deprecated. See `docs/metrics-howto.rst` for details. ([\#5636](https://github.com/matrix-org/synapse/issues/5636)) - Unblacklist some user_directory sytests. ([\#5637](https://github.com/matrix-org/synapse/issues/5637)) - Factor out some redundant code in the login implementation. ([\#5639](https://github.com/matrix-org/synapse/issues/5639)) - Update ModuleApi to avoid register(generate_token=True). ([\#5640](https://github.com/matrix-org/synapse/issues/5640)) - Remove access-token support from `RegistrationHandler.register`, and rename it. ([\#5641](https://github.com/matrix-org/synapse/issues/5641)) - Remove access-token support from `RegistrationStore.register`, and rename it. ([\#5642](https://github.com/matrix-org/synapse/issues/5642)) - Improve logging for auto-join when a new user is created. ([\#5643](https://github.com/matrix-org/synapse/issues/5643)) - Remove unused and unnecessary check for FederationDeniedError in _exception_to_failure. ([\#5645](https://github.com/matrix-org/synapse/issues/5645)) - Fix a small typo in a code comment. ([\#5655](https://github.com/matrix-org/synapse/issues/5655)) - Clean up exception handling around client access tokens. ([\#5656](https://github.com/matrix-org/synapse/issues/5656)) - Add a mechanism for per-test homeserver configuration in the unit tests. ([\#5657](https://github.com/matrix-org/synapse/issues/5657)) - Inline issue_access_token. ([\#5659](https://github.com/matrix-org/synapse/issues/5659)) - Update the sytest BuildKite configuration to checkout Synapse in `/src`. ([\#5664](https://github.com/matrix-org/synapse/issues/5664)) - Add a `docker` type to the towncrier configuration. ([\#5673](https://github.com/matrix-org/synapse/issues/5673)) - Convert `synapse.federation.transport.server` to `async`. Might improve some stack traces. ([\#5689](https://github.com/matrix-org/synapse/issues/5689)) - Documentation for opentracing. ([\#5703](https://github.com/matrix-org/synapse/issues/5703))
| * | 1.2.0rc1Andrew Morgan2019-07-221-1/+1
| | |
* | | Merge branch 'release-v1.2.0' into developJorik Schellekens2019-07-222-12/+127
|\| |
| * | Opentracing Documentation (#5703)Jorik Schellekens2019-07-222-12/+127
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Opentracing survival guide * Update decorator names in doc * Doc cleanup These are all alterations as a result of comments in #5703, it includes mostly typos and clarifications. The most interesting changes are: - Split developer and user docs into two sections - Add a high level description of OpenTracing * newsfile * Move contributer specific info to docstring. * Sample config. * Trailing whitespace. * Update 5703.misc * Apply suggestions from code review Mostly just rewording parts of the docs for clarity. Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* | | Merge pull request #5720 from matrix-org/erikj/transactions_upsertErik Johnston2019-07-191-0/+20
|\ \ \ | | | | | | | | Use upsert when updating destination retry interval
| * | | Use upsert when updating destination retry intervalErik Johnston2019-07-191-0/+20
| | |/ | |/|
* | | Merge pull request #5713 from matrix-org/erikj/use_cache_for_filtered_stateErik Johnston2019-07-191-2/+6
|\ \ \ | | | | | | | | Delegate to cached version when using get_filtered_current_state_ids
| * | | Delegate to cached version when using get_filtered_current_state_idsErik Johnston2019-07-181-2/+6
| | | | | | | | | | | | | | | | In the case where it gets called with `StateFilter.all()`
* | | | Merge pull request #5706 from matrix-org/erikj/add_memberships_to_current_stateErik Johnston2019-07-197-41/+194
|\ \ \ \ | | | | | | | | | | Add membership column to current_state_events table
| * | | | LoggingTransaction accepts None for callback lists.Erik Johnston2019-07-193-6/+16
| | | | | | | | | | | | | | | | | | | | | | | | | Its a bit disingenuousto give LoggingTransaction lists to append callbacks to if we're not going to run the callbacks.
| * | | | Update comment for new columnErik Johnston2019-07-191-0/+3
| | | | |
| * | | | Use the current_state_events.membership columnErik Johnston2019-07-181-17/+37
| | | | |
| * | | | Track if current_state_events.membership is up to dateErik Johnston2019-07-181-0/+45
| | | | |
| * | | | Add background update for current_state_events.membership columnErik Johnston2019-07-182-0/+54
| | | | |
| * | | | Add membership column to current_state_events table.Erik Johnston2019-07-185-20/+41
| | | | | | | | | | | | | | | | | | | | | | | | | It turns out that doing a join is surprisingly expensive for the DB to do when room_membership table is larger than the disk cache.
* | | | | Don't accept opentracing data from clients. (#5715)Jorik Schellekens2019-07-191-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Don't accept opentracing data from clients. * newsfile
* | | | | Add 'rel' attribute to default welcome page. (#5695)Neil Johnson2019-07-191-2/+2
| |_|/ / |/| | | | | | | | | | | add rel attribute as a precaution against reverse tabnabbing in future
* | | | Remove non-dedicated logging options and command line arguments (#5678)Amber Brown2019-07-192-75/+12
| |_|/ |/| |
* | | enable aggregations support by defaultNeil Johnson2019-07-181-1/+1
| |/ |/|
* | Clean up opentracing configuration options (#5712)Richard van der Hoff2019-07-183-48/+61
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Clean up config settings and dead code. This is mostly about cleaning up the config format, to bring it into line with our conventions. In particular: * There should be a blank line after `## Section ##' headings * There should be a blank line between each config setting * There should be a `#`-only line between a comment and the setting it describes * We don't really do the `# #` style commenting-out of whole sections if we can help it * rename `tracer_enabled` to `enabled` While we're here, do more config parsing upfront, which makes it easier to use later on. Also removes redundant code from LogContextScopeManager. Also changes the changelog fragment to a `feature` - it's exciting!
* | Support Prometheus_client 0.4.0+ (#5636)Amber Brown2019-07-1816-47/+288
| |
* | Remove the ability to query relations when the original event was redacted. ↵Andrew Morgan2019-07-183-36/+66
| | | | | | | | | | | | | | (#5629) Fixes #5594 Forbid viewing relations on an event once it has been redacted.
* | Convert synapse.federation.transport.server to async (#5689)Richard van der Hoff2019-07-181-242/+188
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Convert BaseFederationServlet._wrap to async Empirically, this fixes some lost stacktraces. It should be safe because the wrapped function is called from JsonResource._async_render, which is already async. * Convert the rest of synapse.federation.transport.server to async We may as well do the whole file while we're here. * changelog * flake8
* | Ignore redactions of m.room.create events (#5701)Richard van der Hoff2019-07-173-24/+36
| |
* | More refactoring in `get_events_as_list` (#5707)Richard van der Hoff2019-07-171-27/+37
| | | | | | | | | | | | | | | | We can now use `_get_events_from_cache_or_db` rather than going right back to the database, which means that (a) we can benefit from caching, and (b) it opens the way forward to more extensive checks on the original event. We now always require the original event to exist before we will serve up a redaction.
* | Fix redaction authentication (#5700)Richard van der Hoff2019-07-171-85/+129
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Ensures that redactions are correctly authenticated for recent room versions. There are a few things going on here: * `_fetch_event_rows` is updated to return a dict rather than a list of rows. * Rather than returning multiple copies of an event which was redacted multiple times, it returns the redactions as a list within the dict. * It also returns the actual rejection reason, rather than merely the fact that it was rejected, so that we don't have to query the table again in `_get_event_from_row`. * The redaction handling is factored out of `_get_event_from_row`, and now checks if any of the redactions are valid.
* | Refactor `get_events_as_list` (#5699)Richard van der Hoff2019-07-171-48/+74
|/ | | | | | | | | | | A couple of changes here: * get rid of a redundant `allow_rejected` condition - we should already have filtered out any rejected events before we get to that point in the code, and the redundancy is confusing. Instead, let's stick in an assertion just to make double-sure we aren't leaking rejected events by mistake. * factor out a `_get_events_from_cache_or_db` method, which is going to be important for a forthcoming fix to redactions.
* Remove pointless descriptionErik Johnston2019-07-161-1/+0
|
* Clean up arg name and remove lying commentErik Johnston2019-07-161-7/+5
|
* Fix typo in synapse/app/admin_cmd.pyErik Johnston2019-07-161-1/+1
| | | Co-Authored-By: Aaron Raimist <aaron@raim.ist>
* Fix invoking add_argument from homeserver.pyErik Johnston2019-07-151-1/+1
|
* s/exfiltrate_user_data/export_user_data/Erik Johnston2019-07-151-1/+1
|
* Add FileExfiltrationWriterErik Johnston2019-07-151-1/+69
|
* Merge branch 'develop' of github.com:matrix-org/synapse into erikj/admin_api_cmdErik Johnston2019-07-15111-1621/+2238
|\
| * Return a different error from Invalid Password when a user is deactivated ↵Andrew Morgan2019-07-152-0/+25
| | | | | | | | | | (#5674) Return `This account has been deactivated` instead of `Invalid password` when a user is deactivated.
| * Merge pull request #5589 from matrix-org/erikj/admin_exfiltrate_dataErik Johnston2019-07-153-6/+211
| |\ | | | | | | Add basic function to get all data for a user out of synapse
| | * Fixup docstringsErik Johnston2019-07-121-7/+5
| | |
| | * pep8Erik Johnston2019-07-051-4/+0
| | |
| | * Remove FileExfiltrationWriterErik Johnston2019-07-051-63/+0
| | |
| | * Merge branch 'develop' of github.com:matrix-org/synapse into ↵Erik Johnston2019-07-0584-1027/+1237
| | |\ | | | | | | | | | | | | erikj/admin_exfiltrate_data
| | * | Assume key existence. Update docstringsErik Johnston2019-07-052-9/+11
| | | |
| | * | Fixup from review comments.Erik Johnston2019-07-041-17/+22
| | | |
| | * | Apply comment fixups from code reviewErik Johnston2019-07-031-6/+6
| | | | | | | | | | | | Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
| * | | Implement access token expiry (#5660)Richard van der Hoff2019-07-127-20/+105
| | | | | | | | | | | | | | | | Record how long an access token is valid for, and raise a soft-logout once it expires.
| * | | fix typo: backgroud -> backgroundAndrew Morgan2019-07-122-5/+5
| | | |
| * | | small typo fix (#5655)Andrew Morgan2019-07-111-1/+1
| | | |
| * | | Clean up exception handling for access_tokens (#5656)Richard van der Hoff2019-07-114-93/+86
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | First of all, let's get rid of `TOKEN_NOT_FOUND_HTTP_STATUS`. It was a hack we did at one point when it was possible to return either a 403 or a 401 if the creds were missing. We always return a 401 in these cases now (thankfully), so it's not needed. Let's also stop abusing `AuthError` for these cases. Honestly they have nothing that relates them to the other places that `AuthError` is used, other than the fact that they are loosely under the 'Auth' banner. It makes no sense for them to share exception classes. Instead, let's add a couple of new exception classes: `InvalidClientTokenError` and `MissingClientTokenError`, for the `M_UNKNOWN_TOKEN` and `M_MISSING_TOKEN` cases respectively - and an `InvalidClientCredentialsError` base class for the two of them.
| * | | Add basic opentracing support (#5544)Jorik Schellekens2019-07-1110-12/+615
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Configure and initialise tracer Includes config options for the tracer and sets up JaegerClient. * Scope manager using LogContexts We piggy-back our tracer scopes by using log context. The current log context gives us the current scope. If new scope is created we create a stack of scopes in the context. * jaeger is a dependency now * Carrier inject and extraction for Twisted Headers * Trace federation requests on the way in and out. The span is created in _started_processing and closed in _finished_processing because we need a meaningful log context. * Create logcontext for new scope. Instead of having a stack of scopes in a logcontext we create a new context for a new scope if the current logcontext already has a scope. * Remove scope from logcontext if logcontext is top level * Disable tracer if not configured * typo * Remove dependence on jaeger internals * bools * Set service name * :Explicitely state that the tracer is disabled * Black is the new black * Newsfile * Code style * Use the new config setup. * Generate config. * Copyright * Rename config to opentracing * Remove user whitelisting * Empty whitelist by default * User ConfigError instead of RuntimeError * Use isinstance * Use tag constants for opentracing. * Remove debug comment and no need to explicitely record error * Two errors a "s(c)entry" * Docstrings! * Remove debugging brainslip * Homeserver Whitlisting * Better opentracing config comment * linting * Inclue worker name in service_name * Make opentracing an optional dependency * Neater config retreival * Clean up dummy tags * Instantiate tracing as object instead of global class * Inlcude opentracing as a homeserver member. * Thread opentracing to the request level * Reference opetnracing through hs * Instantiate dummy opentracin g for tests. * About to revert, just keeping the unfinished changes just in case * Revert back to global state, commit number: 9ce4a3d9067bf9889b86c360c05ac88618b85c4f * Use class level methods in tracerutils * Start and stop requests spans in a place where we have access to the authenticated entity * Seen it, isort it * Make sure to close the active span. * I'm getting black and blue from this. * Logger formatting Co-Authored-By: Erik Johnston <erik@matrix.org> * Outdated comment * Import opentracing at the top * Return a contextmanager * Start tracing client requests from the servlet * Return noop context manager if not tracing * Explicitely say that these are federation requests * Include servlet name in client requests * Use context manager * Move opentracing to logging/ * Seen it, isort it again! * Ignore twisted return exceptions on context exit * Escape the scope * Scopes should be entered to make them useful. * Nicer decorator names * Just one init, init? * Don't need to close something that isn't open * Docs make you smarter
| * | | Inline issue_access_token (#5659)Richard van der Hoff2019-07-111-7/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | this is only used in one place, so it's clearer if we inline it and reduce the API surface. Also, fixes a buglet where we would create an access token even if we were about to block the user (we would never return the AT, so the user could never use it, but it was still created and added to the db.)
| * | | Merge pull request #5658 from matrix-org/babolivier/is-jsonBrendan Abolivier2019-07-101-1/+1
| |\ \ \ | | | | | | | | | | Send 3PID bind requests as JSON data
| | * | | TypoBrendan Abolivier2019-07-101-1/+1
| | | | |
| | * | | Send 3PID bind requests as JSON dataBrendan Abolivier2019-07-101-1/+1
| | | | |
| * | | | Remove access-token support from RegistrationStore.register (#5642)Richard van der Hoff2019-07-102-21/+5
| |/ / / | | | | | | | | | | | | | | | | The 'token' param is no longer used anywhere except the tests, so let's kill that off too.
| * | | Don't bundle aggregations when retrieving the original event (#5654)Andrew Morgan2019-07-101-2/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | A fix for PR #5626, which returned the original event content as part of a call to /relations. Only problem was that we were attempting to aggregate the relations on top of it when we did so. We now set bundle_aggregations to False in the get_event call. We also do this when pulling the relation events as well, because edits of edits are not something we'd like to support here.
| * | | Merge pull request #5638 from matrix-org/babolivier/invite-jsonBrendan Abolivier2019-07-091-4/+18
| |\ \ \ | | | | | | | | | | Use JSON when querying the IS's /store-invite endpoint
| | * \ \ Merge branch 'develop' into babolivier/invite-jsonBrendan Abolivier2019-07-08105-1513/+1630
| | |\ \ \
| | * | | | LintBrendan Abolivier2019-07-081-1/+2
| | | | | |
| | * | | | Use application/json when querying the IS's /store-invite endpointBrendan Abolivier2019-07-081-4/+17
| | | | | |
| * | | | | remove unused and unnecessary check for FederationDeniedError (#5645)Hubert Chathi2019-07-091-4/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | FederationDeniedError is a subclass of SynapseError, which is a subclass of CodeMessageException, so if e is a FederationDeniedError, then this check for FederationDeniedError will never be reached since it will be caught by the check for CodeMessageException above. The check for CodeMessageException does almost the same thing as this check (since FederationDeniedError initialises with code=403 and msg="Federation denied with %s."), so may as well just keep allowing it to handle this case.
| * | | | | Include the original event in /relations (#5626)Andrew Morgan2019-07-092-4/+6
| | | | | | | | | | | | | | | | | | When asking for the relations of an event, include the original event in the response. This will mostly be used for efficiently showing edit history, but could be useful in other circumstances.
| * | | | | Merge pull request #5644 from matrix-org/babolivier/profile-allow-selfBrendan Abolivier2019-07-091-0/+4
| |\ \ \ \ \ | | | | | | | | | | | | | | Allow newly-registered users to lookup their own profiles
| | * | | | | Allow newly-registered users to lookup their own profilesBrendan Abolivier2019-07-081-0/+4
| | | |/ / / | | |/| | | | | | | | | | | | | | | When a user creates an account and the 'require_auth_for_profile_requests' config flag is set, and a client that performed the registration wants to lookup the newly-created profile, the request will be denied because the user doesn't share a room with themselves yet.
| * | | | | Remove access-token support from RegistrationHandler.register (#5641)Richard van der Hoff2019-07-086-56/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Nothing uses this now, so we can remove the dead code, and clean up the API. Since we're changing the shape of the return value anyway, we take the opportunity to give the method a better name.
| * | | | | Better logging for auto-join. (#5643)Richard van der Hoff2019-07-081-0/+7
| |/ / / / | | | | | | | | | | It was pretty unclear what was going on, so I've added a couple of log lines.
| * | | | Update ModuleApi to avoid register(generate_token=True) (#5640)Richard van der Hoff2019-07-081-8/+56
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Update ModuleApi to avoid register(generate_token=True) This is the only place this is still used, so I'm trying to kill it off. * changelog
| * | | | Factor out some redundant code in the login impl (#5639)Richard van der Hoff2019-07-081-39/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Factor out some redundant code in the login impl Also fixes a redundant access_token which was generated during jwt login. * changelog
| * | | | Move get_or_create_user to test code (#5628)Richard van der Hoff2019-07-081-51/+0
| | | | | | | | | | | | | | | This is only used in tests, so...
| * | | | Add default push rule to ignore reactions (#5623)J. Ryan Stinnett2019-07-051-0/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds a default push rule following the proposal in [MSC2153](https://github.com/matrix-org/matrix-doc/pull/2153). See also https://github.com/vector-im/riot-web/issues/10208 See also https://github.com/matrix-org/matrix-js-sdk/pull/976
| * | | | Add origin_server_ts and sender fields to m.replace (#5613)Andrew Morgan2019-07-051-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | Riot team would like some extra fields as part of m.replace, so here you go. Fixes: #5598
| * | | | Remove support for invite_3pid_guest. (#5625)Richard van der Hoff2019-07-056-196/+2
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This has never been documented, and I'm not sure it's ever been used outside sytest. It's quite a lot of poorly-maintained code, so I'd like to get rid of it. For now I haven't removed the database table; I suggest we leave that for a future clearout.
| * | | remove dead transaction persist code (#5622)Richard van der Hoff2019-07-053-69/+0
| | | | | | | | | | | | | | | | this hasn't done anything for years
| * | | Fixes to the federation rate limiter (#5621)Richard van der Hoff2019-07-052-10/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | - Put the default window_size back to 1000ms (broken by #5181) - Make the `rc_federation` config actually do something - fix an off-by-one error in the 'concurrent' limit - Avoid creating an unused `_PerHostRatelimiter` object for every single incoming request
| * | | Make errors about email password resets much clearer (#5616)Andrew Morgan2019-07-051-11/+8
| | | | | | | | | | | | The runtime errors that dealt with local email password resets talked about config options that users may not even have in their config file yet (if upgrading). Instead, the cryptic errors are now replaced with hopefully much more helpful ones.
| * | | Improve the backwards compatibility re-exports of synapse.logging.context ↵Amber Brown2019-07-053-5/+61
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (#5617) * Improve the backwards compatibility re-exports of synapse.logging.context. * reexport logformatter too
| * | | Merge branch 'master' of github.com:matrix-org/synapse into developErik Johnston2019-07-041-1/+1
| |\ \ \
| | * | | 1.1.0Erik Johnston2019-07-041-1/+1
| | | | |
| * | | | Move logging utilities out of the side drawer of util/ and into logging/ (#5606)Amber Brown2019-07-0471-141/+153
| | | | |
| * | | | Fix 'utime went backwards' errors on daemonization. (#5609)Richard van der Hoff2019-07-032-31/+43
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Fix 'utime went backwards' errors on daemonization. Fixes #5608 * remove spurious debug
| * | | 1.1.0rc2 v1.1.0rc2Richard van der Hoff2019-07-031-1/+1
| | | |
| * | | Fix a number of "Starting txn from sentinel context" warnings (#5605)Richard van der Hoff2019-07-034-6/+34
| | | | | | | | | | | | | | | | Fixes #5602, #5603
| * | | Fix media repo breaking (#5593)Amber Brown2019-07-023-12/+24
| | | |
| * | | prepare v1.1.0rc1Richard van der Hoff2019-07-021-1/+1
| | | |
| * | | Complete the SAML2 implementation (#5422)Richard van der Hoff2019-07-025-44/+209
| |\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * SAML2 Improvements and redirect stuff Signed-off-by: Alexander Trost <galexrt@googlemail.com> * Code cleanups and simplifications. Also: share the saml client between redirect and response handlers. * changelog * Revert redundant changes to static js * Move all the saml stuff out to a centralised handler * Add support for tracking SAML2 sessions. This allows us to correctly handle `allow_unsolicited: False`. * update sample config * cleanups * update sample config * rename BaseSSORedirectServlet for consistency * Address review comments
| | * \ \ Merge branch 'develop' into rav/saml2_clientRichard van der Hoff2019-07-0122-205/+303
| | |\ \ \
| | * | | | Address review commentsRichard van der Hoff2019-07-011-5/+7
| | | | | |
| | * | | | rename BaseSSORedirectServlet for consistencyRichard van der Hoff2019-06-271-3/+3
| | | | | |
| | * | | | cleanupsRichard van der Hoff2019-06-273-11/+18
| | | | | |
| | * | | | Add support for tracking SAML2 sessions.Richard van der Hoff2019-06-262-3/+56
| | | | | | | | | | | | | | | | | | | | | | | | This allows us to correctly handle `allow_unsolicited: False`.
| | * | | | Move all the saml stuff out to a centralised handlerRichard van der Hoff2019-06-264-50/+96
| | | | | |
| | * | | | Revert redundant changes to static jsRichard van der Hoff2019-06-261-4/+2
| | | | | |
| | * | | | Merge branch 'develop' into rav/saml2_clientRichard van der Hoff2019-06-26304-9516/+9216
| | |\ \ \ \
| | * \ \ \ \ Merge tag 'v1.0.0rc3' into rav/saml2_clientRichard van der Hoff2019-06-114-2/+7
| | |\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.0.0rc3 (2019-06-10) ============================= Security: Fix authentication bug introduced in 1.0.0rc1. Please upgrade to rc3 immediately
| | * | | | | | Code cleanups and simplifications.Richard van der Hoff2019-06-116-50/+53
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also: share the saml client between redirect and response handlers.
| | * | | | | | Merge remote-tracking branch 'origin/develop' into rav/saml2_clientRichard van der Hoff2019-06-1085-861/+4648
| | |\ \ \ \ \ \
| | * | | | | | | SAML2 Improvements and redirect stuffAlexander Trost2019-06-025-2/+55
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Alexander Trost <galexrt@googlemail.com>
| * | | | | | | | Fix JWT login with new users (#5586)PauRE2019-07-021-6/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Pau Rodriguez-Estivill <prodrigestivill@gmail.com>
* | | | | | | | | Use set_defaults(func=) styleErik Johnston2019-07-151-11/+8
| | | | | | | | |
* | | | | | | | | Move creation of ArgumentParser to callerErik Johnston2019-07-152-11/+8
| | | | | | | | |
* | | | | | | | | Fix up commentsErik Johnston2019-07-152-3/+3
| | | | | | | | |
* | | | | | | | | Change add_arguments to be a static methodErik Johnston2019-07-155-5/+39
| | | | | | | | |
* | | | | | | | | Add basic admin cmd appErik Johnston2019-07-023-6/+257
| |_|_|_|_|_|_|/ |/| | | | | | |
* | | | | | | | Add basic function to get all data for a user out of synapseErik Johnston2019-07-022-0/+267
|/ / / / / / /
* | | | | | | fix async/await consentresource (#5585)Amber Brown2019-07-011-1/+3
| | | | | | | | | | | | | | | | | | | | | Fixes #5582
* | | | | | | Merge pull request #5507 from matrix-org/erikj/presence_sync_tighloopErik Johnston2019-07-011-2/+19
|\ \ \ \ \ \ \ | |_|_|_|_|/ / |/| | | | | | Fix sync tightloop bug.
| * | | | | | Fixup commentErik Johnston2019-07-011-6/+13
| | | | | | |
| * | | | | | Fix sync tightloop bug.Erik Johnston2019-06-211-2/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If, for some reason, presence updates take a while to persist then it can trigger clients to tightloop calling `/sync` due to the presence handler returning updates but not advancing the stream token. Fixes #5503.
* | | | | | | Make the http server handle coroutine-making REST servlets (#5475)Amber Brown2019-06-299-156/+114
| | | | | | |
* | | | | | | Merge pull request #5576 from matrix-org/babolivier/3pid-invite-ratelimitBrendan Abolivier2019-06-281-0/+1
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Don't update the ratelimiter before sending a 3PID invite
| * | | | | | | Only ratelimit when sending the emailBrendan Abolivier2019-06-281-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If we do the opposite, an event can arrive after or while sending the email and the 3PID invite event will get ratelimited.
| * | | | | | | Don't update the ratelimiter before sending a 3PID inviteBrendan Abolivier2019-06-281-1/+1
| | |_|_|_|_|/ | |/| | | | | | | | | | | | | | | | | | | This would cause emails being sent, but Synapse responding with a 429 when creating the event. The client would then retry, and with bad timing the same scenario would happen again. Some testing I did ended up sending me 10 emails for one single invite because of this.
* | | | | | | Don't log GC 0s at INFO (#5557)Amber Brown2019-06-281-1/+4
| | | | | | |
* | | | | | | Update the TLS cipher string and provide configurability for TLS on outgoing ↵Amber Brown2019-06-282-7/+64
| | | | | | | | | | | | | | | | | | | | | | | | | | | | federation (#5550)
* | | | | | | Added possibilty to disable local password authentication (#5092)Daniel Hoffend2019-06-273-1/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Daniel Hoffend <dh@dotlan.net>
* | | | | | | Make it clearer that the template dir is relative to synapse's root dir (#5543)Andrew Morgan2019-06-271-1/+9
| | | | | | | | | | | | | | | | | | | | | Helps address #5444
* | | | | | | Merge pull request #5559 from matrix-org/erikj/refactor_changed_devicesErik Johnston2019-06-273-37/+97
|\ \ \ \ \ \ \ | |/ / / / / / |/| | | | | | Refactor devices changed query to pull less from DB
| * | | | | | Review commentsErik Johnston2019-06-272-7/+5
| | | | | | |
| * | | | | | Refactor and comment sync device list codeErik Johnston2019-06-261-17/+53
| | | | | | |
| * | | | | | Use batch_iter and correct docstringErik Johnston2019-06-261-15/+12
| | | | | | |
| * | | | | | Rename get_users_whose_devices_changedErik Johnston2019-06-263-5/+5
| | | | | | |
| * | | | | | Refactor get_user_ids_changed to pull less from DBErik Johnston2019-06-263-28/+57
| | |_|_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When a client asks for users whose devices have changed since a token we used to pull *all* users from the database since the token, which could easily be thousands of rows for old tokens. This PR changes this to only check for changes for users the client is actually interested in. Fixes #5553
* / | | | | Fix JWT login (#5555)PauRE2019-06-272-1/+2
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Fix JWT login with register Signed-off-by: Pau Rodriguez-Estivill <prodrigestivill@gmail.com> * Add pyjwt conditional dependency Signed-off-by: Pau Rodriguez-Estivill <prodrigestivill@gmail.com> * Added changelog file Signed-off-by: Pau Rodriguez-Estivill <prodrigestivill@gmail.com> * Improved changelog description Signed-off-by: Pau Rodriguez-Estivill <prodrigestivill@gmail.com>
* | | | | Prevent multiple upgrades on the same room at once (#5051)Andrew Morgan2019-06-252-52/+90
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Closes #4583 Does slightly less than #5045, which prevented a room from being upgraded multiple times, one after another. This PR still allows that, but just prevents two from happening at the same time. Mostly just to mitigate the fact that servers are slow and it can take a moment for the room upgrade to actually complete. We don't want people sending another request to upgrade the room when really they just thought the first didn't go through.
* | | | | Merge pull request #5524 from matrix-org/rav/new_cmdline_optionsRichard van der Hoff2019-06-242-5/+41
|\ \ \ \ \ | | | | | | | | | | | | Add --data-dir and --open-private-ports options.
| * | | | | Add "--open-private-ports" cmdline optionRichard van der Hoff2019-06-242-5/+26
| | | | | | | | | | | | | | | | | | | | | | | | This is helpful when generating a config file for running synapse under docker.
| * | | | | Add --data-directory commandline argumentRichard van der Hoff2019-06-241-0/+15
| | | | | | | | | | | | | | | | | | | | | | | | We don't necessarily want to put the data in the cwd.
* | | | | | Merge pull request #5523 from matrix-org/rav/arg_defaultsRichard van der Hoff2019-06-2429-107/+87
|\| | | | | | | | | | | | | | | | | Stop conflating generated config and default config
| * | | | | Don't load the generated config as the default.Richard van der Hoff2019-06-2429-94/+60
| | | | | | | | | | | | | | | | | | | | | | | | It's too confusing.
| * | | | | Ensure that all config options have sensible defaultsRichard van der Hoff2019-06-244-13/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This will enable us to skip the unintuitive behaviour where the generated config and default config are the same thing.
* | | | | | Merge pull request #5499 from matrix-org/rav/cleanup_metricsRichard van der Hoff2019-06-242-29/+52
|\ \ \ \ \ \ | | | | | | | | | | | | | | Cleanups and sanity-checking in cpu and db metrics
| * | | | | | blackRichard van der Hoff2019-06-241-6/+2
| | | | | | |
| * | | | | | Avoid raising exceptions in metricsRichard van der Hoff2019-06-241-8/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Sentry will catch the errors if they happen, so that should be good enough, and woun't make things explode if we hit the error condition.
| * | | | | | Merge branch 'develop' into rav/cleanup_metricsRichard van der Hoff2019-06-24291-9106/+8018
| |\ \ \ \ \ \
| * | | | | | | Sanity-checking for metrics updatesRichard van der Hoff2019-06-191-7/+33
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Check that our clocks go forward.
| * | | | | | | Simplify PerformanceCounters.update interfaceRichard van der Hoff2019-06-191-11/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | we already have the duration for the update, so may as well use it rather than passing extra params around and recalculating it.
| * | | | | | | Remove unused _get_event_countersRichard van der Hoff2019-06-191-7/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This has been redundant since cdb3757942fefdcdc3d33b9c6d7c9e44decefd6f.
* | | | | | | | Merge pull request #5534 from matrix-org/babolivier/federation-publicroomsBrendan Abolivier2019-06-243-15/+39
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | Split public rooms directory auth config in two
| * | | | | | | | Split public rooms directory auth config in twoBrendan Abolivier2019-06-243-15/+39
| | | | | | | | |
* | | | | | | | | Merge pull request #5531 from matrix-org/erikj/workers_pagination_tokenErik Johnston2019-06-242-17/+19
|\ \ \ \ \ \ \ \ \ | |_|_|_|/ / / / / |/| | | | | | | | Fix /messages on workers when no from param specified.
| * | | | | | | | Fix /messages on workers when no from param specified.Erik Johnston2019-06-242-17/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If no `from` param is specified we calculate and use the "current token" that inlcuded typing, presence, etc. These are unused during pagination and are not available on workers, so we simply don't calculate them.
* | | | | | | | | Remove unused Config.config_dir_path attributeRichard van der Hoff2019-06-241-3/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is no longer used and only serves to confuse.
* | | | | | | | | Allow configuration of the path used for ACME account keys.Richard van der Hoff2019-06-243-7/+52
| |/ / / / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Because sticking it in the same place as the config isn't necessarily the right thing to do.
* | | | | | | | Pass config_dir_path and data_dir_path into Config.read_config. (#5522)Richard van der Hoff2019-06-2430-63/+99
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Pull config_dir_path and data_dir_path calculation out of read_config_files * Pass config_dir_path and data_dir_path into read_config
* | | | | | | | Factor acme bits out to a separate file (#5521)Richard van der Hoff2019-06-242-53/+93
|/ / / / / / / | | | | | | | | | | | | | | This makes some of the conditional-import hoop-jumping easier.
* | | | | | | Merge pull request #5498 from matrix-org/rav/fix_clock_reversalRichard van der Hoff2019-06-241-6/+14
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Use monotonic clock where possible for metrics
| * | | | | | | Use monotonic clock where possible for metricsRichard van der Hoff2019-06-191-6/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes intermittent errors observed on Apple hardware which were caused by time.clock() appearing to go backwards when called from different threads. Also fixes a bug where database activity times were logged as 1/1000 of their correct ratio due to confusion between milliseconds and seconds.
* | | | | | | | Drop support for cpu_affinity (#5525)Richard van der Hoff2019-06-224-51/+1
| |_|/ / / / / |/| | | | | | | | | | | | | This has no useful purpose on python3, and is generally a source of confusion.
* | | | | | | Improve help and cmdline option names for --generate-config options (#5512)Richard van der Hoff2019-06-211-22/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * group the arguments together into a group * add new names "--generate-missing-config" and "--config-directory" for existing cmdline options "--generate-keys" and "--keys-dir", which better reflect their purposes.
* | | | | | | Refactor Config parser and add some comments. (#5511)Richard van der Hoff2019-06-211-14/+35
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Add some comments, and simplify `read_config_files`.
* | | | | | | Improve logging when generating config files (#5510)Richard van der Hoff2019-06-213-1/+7
| | | | | | | | | | | | | | | | | | | | | Make it a bit clearer what's going on.
* | | | | | | Only import jinja2 when needed (#5514)Andrew Morgan2019-06-211-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes https://github.com/matrix-org/synapse/issues/5431 `jinja2` was being imported even when it wasn't strictly necessary. This made it required to run Synapse, even if the functionality that required it wasn't enabled. This was causing new Synapse installations to crash on startup. Email modules are now required.