summary refs log tree commit diff
path: root/synapse (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Bump twisted from 22.10.0 to 23.8.0 (#16235)dependabot[bot]2023-09-053-9/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Bump twisted from 22.10.0 to 23.8.0 Bumps [twisted](https://github.com/twisted/twisted) from 22.10.0 to 23.8.0. - [Release notes](https://github.com/twisted/twisted/releases) - [Changelog](https://github.com/twisted/twisted/blob/trunk/NEWS.rst) - [Commits](https://github.com/twisted/twisted/compare/twisted-22.10.0...twisted-23.8.0) --- updated-dependencies: - dependency-name: twisted dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Fix types * Fix lint * Newsfile --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Erik Johnston <erik@matrix.org>
* Don't wake up destination transaction queue if they're not due for retry. ↵Erik Johnston2023-09-0411-67/+161
| | | | (#16223)
* Add last_seen_ts to the admin users API (#16218)Mathieu Velten2023-09-046-2/+16
|
* Don't reset retry timers on "valid" error codes (#16221)Erik Johnston2023-09-043-3/+27
|
* Cache device resync requests over replication (#16241)David Robertson2023-09-041-1/+1
|
* Fix typo where we ended up with multiple `WorkerLocksHandler` (#16220)Erik Johnston2023-09-011-0/+1
| | | | | I don't think has caused any actual issues. Introduced in #15891
* Log the details of background update failures (#16212)David Robertson2023-09-011-2/+2
|
* Gracefully handle failing to thumbnail images (#16211)Erik Johnston2023-08-302-1/+9
|
* Fix rare bug that broke looping calls (#16210)Erik Johnston2023-08-301-14/+22
| | | | | | | | | | * Fix rare bug that broke looping calls We can't interact with the reactor from the main thread via looping call. Introduced in v1.90.0 / #15791. * Newsfile
* Stop writing to the event_txn_id table (#16175)Patrick Cloke2023-08-304-84/+21
|
* Describe which rate limiter was hit in logs (#16135)David Robertson2023-08-3014-92/+150
|
* Track currently syncing users by device for presence (#16172)Patrick Cloke2023-08-293-63/+128
| | | | | | | Refactoring to use both the user ID & the device ID when tracking the currently syncing users in the presence handler. This is done both locally and over replication. Note that the device ID is discarded but will be used in a future change.
* Bump mypy-zope & mypy. (#16188)Patrick Cloke2023-08-294-14/+32
|
* Bump ruff from 0.0.277 to 0.0.286 (#16198)dependabot[bot]2023-08-2917-33/+47
| | | | Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Support IPv6-only SMTP servers (#16155)Evilham2023-08-291-17/+11
| | | | Use Twisted HostnameEndpoint to connect to SMTP servers (instead of connectTCP/connectSSL) which properly supports IPv6-only servers.
* Fix inaccurate error message while trying to ban or unban a user with the ↵Chen Zhang2023-08-291-1/+7
| | | | same or higher PL (#16205)
* Pass the device ID around in the presence handler (#16171)Patrick Cloke2023-08-289-19/+63
| | | | | | Refactoring to pass the device ID (in addition to the user ID) through the presence handler (specifically the `user_syncing`, `set_state`, and `bump_presence_active_time` methods and their replication versions).
* Combine logic about not overriding BUSY presence. (#16170)Patrick Cloke2023-08-282-97/+68
| | | | | | | | | | | | | Simplify some of the presence code by reducing duplicated code between worker & non-worker modes. The main change is to push some of the logic from `user_syncing` into `set_state`. This is done by passing whether the user is setting the presence via a `/sync` with a new `is_sync` flag to `set_state`. If this is `true` some additional logic is performed: * Don't override `busy` presence. * Update the `last_user_sync_ts`. * Never update the status message.
* Task scheduler: add replication notify for new task to launch ASAP (#16184)Mathieu Velten2023-08-283-49/+73
|
* Prepare unit tests for Python 3.12 (#16099)V024602023-08-251-0/+1
|
* Validate input to POST /key/v2/query endpoint. (#16183)Patrick Cloke2023-08-251-10/+29
| | | To avoid 500 internal server errors with garbage input.
* Send proper JSON POST data to /publicRooms (#16185)Patrick Cloke2023-08-251-10/+6
| | | | The include_all_networks was previously sent in the JSON body as string "true" and "false" instead of boolean true and false.
* Add configuration setting for CAS protocol version (#15816)Aurélien Grimpard2023-08-242-2/+17
|
* Fix typechecking with twisted trunk (#16121)David Robertson2023-08-243-26/+27
|
* Add `Retry-After` to M_LIMIT_EXCEEDED error responses (#16136)Will Hunt2023-08-242-1/+18
| | | Implements MSC4041 behind an experimental configuration flag.
* Stabilize support for MSC3958 (suppress notifications from edits). (#16113)Patrick Cloke2023-08-232-6/+0
|
* Fix rare deadlock when using read/write locks (#16169) github/release-v1.91.0 release-v1.91.0Erik Johnston2023-08-232-37/+71
|
* Filter out unwanted user_agents from udv. (#16124)Neil Johnson2023-08-231-0/+5
|
* Fix rare deadlock when using read/write locks (#16133)Erik Johnston2023-08-231-0/+37
|
* Reduce DB contention on worker locks (#16160)Erik Johnston2023-08-231-0/+37
|
* Always update `retry_last_ts` (#16164)Erik Johnston2023-08-231-3/+3
|
* Task scheduler: mark task as active if we are scheduling ASAP (#16165)Mathieu Velten2023-08-232-2/+4
|
* Properly update retry_last_ts when hitting the maximum retry interval (#16156)DeepBlueV7.X2023-08-231-1/+3
| | | | | | | | | | | | | | | | | | | | | * Properly update retry_last_ts when hitting the maximum retry interval This was broken in 1.87 when the maximum retry interval got changed from almost infinite to a week (and made configurable). fixes #16101 Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de> * Add changelog * Change fix + add test * Add comment --------- Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de> Co-authored-by: Mathieu Velten <mathieuv@matrix.org>
* Only lock when we're backfilling (#16159)Erik Johnston2023-08-232-146/+156
|
* Increase perf of read/write locks (#16149)Erik Johnston2023-08-231-0/+30
| | | We do this by marking the tables as `UNLOGGED` in PostgreSQL.
* Fix perf of `wait_for_stream_positions` (#16148)Erik Johnston2023-08-221-7/+12
|
* Disable `m.3pid_changes` capability when MSC3861 is enabled. (#16134)Mathieu Velten2023-08-222-1/+16
|
* Add an admin endpoint to allow authorizing server to signal token ↵Shay2023-08-227-0/+127
| | | | revocations (#16125)
* Disallow user_consent where experimental MSC3861 is enabled (#16127)Hugh Nimmo-Smith2023-08-221-0/+7
|
* Add `client_secret_path` as alternative for `client_secret` for OIDC config ↵Maximilian Bosch2023-08-211-1/+15
| | | | (#16030)
* Implements a task scheduler for resumable potentially long running tasks ↵Mathieu Velten2023-08-218-1/+644
| | | | (#15891)
* Speed up state res in rare case we don't have all events (#16116)Erik Johnston2023-08-181-23/+161
| | | | | | | If we don't have all the auth events in a room then not all state events will have a chain cover index. Even so, we can still use the chain cover index on the events that do have it, rather than bailing and using the slower functions. This situation should not arise for newly persisted rooms, as we check we have the full auth chain for each event, but can happen for existing rooms. c.f. #15245
* MSC3861: allow impersonation by an admin using a query param (#16132)Mathieu Velten2023-08-181-3/+22
|
* Allow filtering for admins in the list accounts admin API (#16114)Alexander Fechler2023-08-182-0/+13
|
* Add response time metrics for introspection requests (#16131)Erik Johnston2023-08-181-7/+27
| | | See #16119
* Add cache to `get_server_keys_json_for_remote` (#16123)Erik Johnston2023-08-183-63/+120
|
* Cache token introspection response from OIDC provider (#16117)Shay2023-08-171-2/+38
|
* Fix database performance of read/write worker locks (#16061)Erik Johnston2023-08-171-52/+35
| | | | | | | We were seeing serialization errors when taking out multiple read locks. The transactions were retried, so isn't causing any failures. Introduced in #15782.
* Override global statement timeout when creating indexes in Postgres (#16085)Shay2023-08-171-0/+12
|
* Disable caching in /sync corner case (#16080)Matthew Ma2023-08-171-10/+10
| | | Fixes #15502
* Rename pagination&purge locks and add comments explaining them (#16112)Mathieu Velten2023-08-167-19/+28
|
* Attempt to fix twisted trunk (#16115)David Robertson2023-08-151-1/+3
|
* Run pyupgrade for python 3.7 & 3.8. (#16110)Patrick Cloke2023-08-1521-71/+62
|
* Allow customizing IdP name and icon for SAML and CAS (#16094)Gabriel Rodríguez2023-08-114-10/+22
|
* Add linearizer on user ID to push rule PUT/DELETE requests (#16052)Nick Mills-Barrett2023-08-111-6/+22
| | | | | See: #16053 Signed off by Nick @ Beeper (@Fizzadar)
* Fix the type annotation on `run_db_interaction` in the Module API. (#16089)reivilibre2023-08-101-2/+2
| | | | | | | | | | | * Fix the method signature of `run_db_interaction` on the module API * Newsfile Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org> --------- Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
* Clean-up presence code (#16092)Patrick Cloke2023-08-101-94/+75
| | | | | | | | Misc. clean-ups to: * Use keyword arguments. * Return early (reducing indentation) of some functions. * Removing duplicated / unused code. * Use wrap_as_background_process.
* Implements admin API to lock an user (MSC3939) (#15870)Mathieu Velten2023-08-1013-10/+144
|
* Support MSC3814: Dehydrated Devices Part 2 (#16010)Shay2023-08-085-90/+174
|
* Allow modules to schedule delayed background calls. (#15993)reivilibre2023-08-081-0/+41
| | | | | | | | | | | | | | | * Add a module API function to provide `call_later` * Newsfile Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org> * Add comments * Update version number --------- Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
* Remove old rows from the `cache_invalidation_stream_by_instance` table ↵reivilibre2023-08-081-0/+130
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | automatically. (This table is not used when Synapse is configured to use SQLite.) (#15868) * Add a cache invalidation clean-up task * Run the cache invalidation stream clean-up on the background worker * Tune down * call_later is in millis! * Newsfile Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org> * fixup! Add a cache invalidation clean-up task * Update synapse/storage/databases/main/cache.py Co-authored-by: Eric Eastwood <erice@element.io> * Update synapse/storage/databases/main/cache.py Co-authored-by: Eric Eastwood <erice@element.io> * MILLISEC -> MS * Expand on comment * Move and tweak comment about Postgres * Use `wrap_as_background_process` --------- Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org> Co-authored-by: Eric Eastwood <erice@element.io>
* Fix endpoint improperly declaring support for MSC3814 (#16068)Shay2023-08-071-10/+8
|
* Drop backwards compat hack for event serialization (#16069)Shay2023-08-071-11/+1
|
* Fix deletion for Dehydrated Devices (#16046)Shay2023-08-042-4/+26
|
* Stabilize support for MSC3970: updated transaction semantics (scope to ↵Patrick Cloke2023-08-048-59/+47
| | | | | | | `device_id`) (#15629) For now this maintains compatible with old Synapses by falling back to using transaction semantics on a per-access token. A future version of Synapse will drop support for this.
* Move support for application service query parameter authorization behind a ↵Shay2023-08-032-9/+33
| | | | configuration option (#16017)
* Allow config of the backoff algorithm for the federation client. (#15754)Mathieu Velten2023-08-032-13/+34
| | | | | | | | | | | Adds three new configuration variables: * destination_min_retry_interval is identical to before (10mn). * destination_retry_multiplier is now 2 instead of 5, the maximum value will be reached slower. * destination_max_retry_interval is one day instead of (essentially) infinity. Capping this will cause destinations to continue to be retried sometimes instead of being lost forever. The previous value was 2 ^ 62 milliseconds.
* Allow modules to check whether the current worker is configured to run ↵reivilibre2023-08-031-0/+12
| | | | background tasks. (#15991)
* Add forward-compatibility for the redacts property (MSC2174). (#16013)Patrick Cloke2023-08-021-8/+10
| | | | | | | | The location of the redacts field changes in room version 11. Ensure it is copied to the *new* location for *old* room versions for forwards-compatibility with clients. Note that copying it to the *old* location for the *new* room version was previously handled.
* Properly setup the additional sequences in the portdb script. (#16043)Patrick Cloke2023-08-011-3/+15
| | | | | The un_partial_stated_event_stream_sequence and application_services_txn_id_seq were never properly configured in the portdb script, resulting in an error on start-up.
* Trim whitespace when setting display names (#16031)Mohit Rathee2023-08-011-1/+1
|
* Add metrics tracking for eviction to ResponseCache (#16028)Jason Little2023-08-011-2/+8
| | | | Track whether the ResponseCache is evicting due to invalidation or due to time.
* Combine duplicated code for calculating an event ID from a txn ID (#16023)Patrick Cloke2023-07-312-32/+35
| | | | Refactoring related to stabilization of MSC3970, refactor to combine code which has the same logic.
* Add ability to wait for locks and add locks to purge history / room deletion ↵Erik Johnston2023-07-3112-106/+654
| | | | | (#15791) c.f. #13476
* Clarify comment on key uploads over replication (#16016)Shay2023-07-271-2/+2
|
* Fix 404 on /profile when the display name is empty but not the avatar (#16012)Mathieu Velten2023-07-271-1/+1
|
* Remove support for legacy application service paths (#15964)Shay2023-07-261-71/+11
|
* Inline SQL queries using boolean parameters (#15525)Anshul Madnawat2023-07-267-25/+23
| | | | SQLite now supports TRUE and FALSE constants, simplify some queries by inlining those instead of passing them as arguments.
* Bump DB version to 79 since synapse v1.88 was already there (#15998)Mathieu Velten2023-07-266-16/+21
|
* Support MSC3814: Dehydrated Devices (#15929)Shay2023-07-244-9/+356
| | | | | | Signed-off-by: Nicolas Werner <n.werner@famedly.com> Co-authored-by: Nicolas Werner <n.werner@famedly.com> Co-authored-by: Nicolas Werner <89468146+nico-famedly@users.noreply.github.com> Co-authored-by: Hubert Chathi <hubert@uhoreg.ca>
* Resync stale devices in background (#15975)Erik Johnston2023-07-241-1/+8
| | | | This is so we don't block responding to federation transaction while we try and fetch the device lists.
* Properly handle redactions of creation events (#15973)Shay2023-07-231-3/+5
|
* Actually stop reading from column `user_id` of tables `profiles` (#15955)Shay2023-07-233-11/+10
|
* Speed up updating state in large rooms (#15971)Erik Johnston2023-07-204-131/+140
| | | This should speed up updating state in rooms with lots of state.
* Don't log exceptions for every non-200 response (#15969)Erik Johnston2023-07-201-4/+0
| | | Introduced in #15913
* Reduce the amount of state we pull out (#15968)Erik Johnston2023-07-203-12/+13
|
* Ensure a long state res does not starve CPU (#15960)Erik Johnston2023-07-191-1/+8
| | | We do this by yielding the reactor in hot loops.
* Fix bad merge of #15933 (#15958)Erik Johnston2023-07-192-0/+0
| | | This was because we reverted the bump of the schema version, so we were not applying the new deltas.
* Fix race in triggers for read/write locks. (#15933)Erik Johnston2023-07-194-98/+134
|
* Fix background schema updates failing over a large upgrade gap (#15887)Shay2023-07-181-0/+70
|
* Merge branch 'master' into developOlivier Wilkinson (reivilibre)2023-07-187-122/+16
|\
| * Revert "Stop writing to column `user_id` of tables `profiles` and ↵Shay2023-07-187-122/+16
| | | | | | | | | | | | | | | | | | `user_filters`. (#15953) * Revert "Stop writing to column `user_id` of tables `profiles` and `user_filters` (#15787)" This reverts commit f25b0f88081bb436bef914983cff7087b54eba5f. * newsfragement
* | Support room version 11 (#15912)Patrick Cloke2023-07-1815-271/+155
| | | | | | | | | | And fix a bug in the implementation of the updated redaction format (MSC2174) where the top-level redacts field was not properly added for backwards-compatibility.
* | Add a locality to a few presence metrics (#15952)Jason Little2023-07-181-13/+24
| |
* | Re-introduce the outbound federation proxy (#15913)Eric Eastwood2023-07-1812-50/+681
| | | | | | | | | | Allow configuring the set of workers to proxy outbound federation traffic through (`outbound_federation_restricted_to`). This is useful when you have a worker setup with `federation_sender` instances responsible for sending outbound federation requests and want to make sure *all* outbound federation traffic goes through those instances. Before this change, the generic workers would still contact federation themselves for things like profile lookups, backfill, etc. This PR allows you to set more strict access controls/firewall for all workers and only allow the `federation_sender`'s to contact the outside world.
* | Stop accepting 'user' parameter for application service registration. (#15928)Patrick Cloke2023-07-131-8/+4
| | | | | | This is unspecced, but has existed for a very long time.
* | Remove unneeded __init__. (#15926)Patrick Cloke2023-07-121-9/+0
| | | | | | | | Remove an __init__ which only calls super() without changing the input arguments.
* | Fix running with an empty experimental features section. (#15925)Patrick Cloke2023-07-121-1/+1
| |
* | Fix push for invites received over federation (#15820)Erik Johnston2023-07-121-1/+36
| |
* | Mark get_user_in_directory private since only used in tests (#15884)Mathieu Velten2023-07-121-8/+1
| |
* | Better warning in logs when we fail to fetch an alias (#15922)Eric Eastwood2023-07-111-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | **Before:** ``` Error retrieving alias ``` **After:** ``` Error retrieving alias #foo:bar -> 401 Unauthorized ``` *Spawning from creating the [manual testing strategy for the outbound federation proxy](https://github.com/matrix-org/synapse/pull/15773).*
* | Unix Sockets for HTTP Replication (#15708)Jason Little2023-07-113-19/+58
| | | | | | | | | | | | | | | | | | Unix socket support for `federation` and `client` Listeners has existed now for a little while(since [1.81.0](https://github.com/matrix-org/synapse/pull/15353)), but there was one last hold out before it could be complete: HTTP Replication communication. This should finish it up. The Listeners would have always worked, but would have had no way to be talked to/at. --------- Co-authored-by: Eric Eastwood <madlittlemods@gmail.com> Co-authored-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org> Co-authored-by: Eric Eastwood <erice@element.io>
* | Add + as an allowed character for Matrix IDs (MSC4009) (#15911)Patrick Cloke2023-07-115-33/+11
|/
* Add `Server` to Access-Control-Expose-Headers header (#15908)Michael Telatynski2023-07-111-1/+1
|
* Make the media `/upload` tracing less ambiguous (#15888)Eric Eastwood2023-07-102-42/+61
| | | | | | | | | | A lot of the functions have the same name in this space like `store_file`, and we also do it multiple times for different reasons (main media repo, other storage providers, thumbnails, etc) so it's good to differentiate them so your head doesn't explode. Follow-up to https://github.com/matrix-org/synapse/pull/15850 Tracing instrumentation to media `/upload` code paths to investigate https://github.com/matrix-org/synapse/issues/15841
* Revert "Federation outbound proxy" (#15910)Eric Eastwood2023-07-1010-546/+46
| | | | | | Revert "Federation outbound proxy (#15773)" This reverts commit b07b14b494ae1dd564b4c44f844c9a9545b3d08a.
* Fix downgrading to previous version of Synapse (#15907)Erik Johnston2023-07-103-4/+17
| | | We do this by marking the constraint as deferrable.
* Stop writing to column `user_id` of tables `profiles` and `user_filters` ↵Shay2023-07-077-16/+122
| | | | (#15787)
* Remove `worker_replication_*` deprecated settings, with helpful errors on ↵Jason Little2023-07-071-21/+29
| | | | | | startup (#15860) Co-authored-by: reivilibre <oliverw@matrix.org>
* Update link to the clients webpage, fix #15825 (#15874)sarthak shah2023-07-061-1/+1
|
* Federation outbound proxy (#15773)Eric Eastwood2023-07-0510-46/+546
| | | | | | | Allow configuring the set of workers to proxy outbound federation traffic through (`outbound_federation_restricted_to`). This is useful when you have a worker setup with `federation_sender` instances responsible for sending outbound federation requests and want to make sure *all* outbound federation traffic goes through those instances. Before this change, the generic workers would still contact federation themselves for things like profile lookups, backfill, etc. This PR allows you to set more strict access controls/firewall for all workers and only allow the `federation_sender`'s to contact the outside world. The original code is from @erikjohnston's branches which I've gotten in-shape to merge.
* Remove support for Python 3.7 (#15851)Eric Eastwood2023-07-052-6/+3
| | | Fix https://github.com/matrix-org/synapse/issues/15836
* Add basic read/write lock (#15782)Erik Johnston2023-07-054-57/+447
|
* Add tracing to media `/upload` endpoint (#15850)Eric Eastwood2023-07-056-0/+26
| | | Add tracing instrumentation to media `/upload` code paths to investigate https://github.com/matrix-org/synapse/issues/15841
* Fix could not serialize access due to concurrent `DELETE` from ↵Jason Little2023-07-051-1/+6
| | | | | | | presence_stream (#15826) * Change update_presence to have a isolation level of READ_COMMITTED * changelog
* Add foreign key constraint to `event_forward_extremities`. (#15751)Erik Johnston2023-07-056-7/+440
|
* use Image.LANCZOS instead of Image.ANTIALIAS for thumbnail resize (#15876)an0nfunc2023-07-051-1/+1
| | | | | Image.ANTIALIAS is not defined in current pillow releases. Since ANTIALIAS was just using LANCZOS anyways, this is just a cosmetic change, but makes synapse work with most recent pillow releases. Signed-off-by: Giovanni Harting <539@idlegandalf.com>
* Add not_user_type param to the list accounts admin API (#15844)Michael Weimann2023-07-042-0/+46
| | | Signed-off-by: Michael Weimann <michaelw@element.io>
* devices: use combined ANY clause for faster cleanup (#15861)pacien2023-07-031-5/+9
| | | | | | | | | | | | | | | | | | | | | | | | | Old device entries for the same user were being removed in individual SQL commands, making the batch take way longer than necessary. This combines the commands into a single one with a IN/ANY clause. Example of log entry before the change, regularly observed with "log_min_duration_statement = 10000" in PostgreSQL's config: LOG: duration: 42538.282 ms statement: DELETE FROM device_lists_stream WHERE user_id = '@someone' AND device_id = 'someid1' AND stream_id < 123456789 ; DELETE FROM device_lists_stream WHERE user_id = '@someone' AND device_id = 'someid2' AND stream_id < 123456789 ; [repeated for each device ID of that user, potentially a lot...] With the patch applied on my instance for the past couple of days, I no longer notice overly long statements of that particular kind. Signed-off-by: pacien <pacien.trangirard@pacien.net>
* Add a timeout that aborts any Postgres statement taking more than 1 hour. ↵reivilibre2023-07-031-0/+13
| | | | | | | | | | | | | (#15853) * Add a timeout to Postgres statements * Newsfile Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org> --------- Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
* Fix sqlite `user_filters` upgrade (#15817)Shay2023-06-273-3/+91
|
* Add login spam checker API (#15838)Erik Johnston2023-06-264-4/+142
|
* Fix forgotten rooms missing in initial sync (#15815)Nicolas Werner2023-06-211-0/+13
| | | | | | | | If you leave a room and forget it, then rejoin it, the room would be missing from the next initial sync. fixes #13262 Signed-off-by: Nicolas Werner <n.werner@famedly.com>
* Fix harmless exception in port DB script (#15814)Erik Johnston2023-06-211-0/+3
| | | | | | | The port DB script would try and run database background tasks, which could fail if the data they acted on was in the process of being ported. These exceptions were non fatal. Fixes #15789
* Allow for the configuration of max request retries and min/max retry delays ↵Mathieu Velten2023-06-212-21/+54
| | | | in the matrix federation client (#15783)
* Switch from `matrix://` to `matrix-federation://` scheme for internal ↵Eric Eastwood2023-06-202-7/+16
| | | | | | | Synapse routing of outbound federation traffic (#15806) `matrix://` is a registered specced scheme nowadays and doesn't make sense for our internal to Synapse use case anymore. ([discussion] (https://github.com/matrix-org/synapse/pull/15773#discussion_r1227598679))
* Remove experimental MSC2716 implementation to incrementally import history ↵Eric Eastwood2023-06-1621-1582/+35
| | | | | | | | | | | | into existing rooms (#15748) Context for why we're removing the implementation: - https://github.com/matrix-org/matrix-spec-proposals/pull/2716#issuecomment-1487441010 - https://github.com/matrix-org/matrix-spec-proposals/pull/2716#issuecomment-1504262734 Anyone wanting to continue MSC2716, should also address these leftover tasks: https://github.com/matrix-org/synapse/issues/10737 Closes https://github.com/matrix-org/synapse/issues/10737 in the fact that it is not longer necessary to track those things.
* Don't always lock "user_ips" table when performing non-native upsert (#15788)Andrew Morgan2023-06-161-1/+1
|
* push rules: fix internal conversion from _type to value (#15781)Mathieu Velten2023-06-161-15/+11
| | | Also fix wrong rule names for `is_user_mention` and `is_room_mention`.
* Regularly try to wake up dests instead of waiting for next PDU/EDU (#15743)Mathieu Velten2023-06-161-18/+16
|
* Fix unsafe hotserving behaviour for non-multimedia uploads. (#15680)Josh Qou2023-06-151-3/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | * Fix unsafe hotserving behaviour for non-multimedia uploads. * invert disposition assert * test_media_storage.py: run lint * test_base.py: /inline/attachment/s * Only return attachment for disposition type, update tests * Update synapse/media/_base.py Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> * Update changelog.d/15680.bugfix Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> * add attribution * Update changelog. --------- Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
* Fix joining rooms through aliases where the alias server isn't a real ↵Tulir Asokan2023-06-141-1/+1
| | | | homeserver (#15776)
* Merge branch 'release-v1.86' into developMathieu Velten2023-06-143-23/+10
|\
| * Revert "Allow for the configuration of max request retries and min/max retry ↵Mathieu Velten2023-06-142-22/+9
| | | | | | | | | | | | delays in the matrix federation client (#12504)" This reverts commit d84e66144dc12dacf71c987a2ba802dd59c0b68e.
| * Fix empty scope when having version mismatch between workers (#15774)Mathieu Velten2023-06-141-1/+1
| |
* | Prefill events after invalidate not before when persisting events (#15758)Jason Little2023-06-143-5/+20
| | | | | | | | | | Fixes #15757
* | Document `looping_call()` functionality that will wait for the given ↵Eric Eastwood2023-06-131-0/+5
| | | | | | | | | | | | | | function to finish before scheduling another (#15772) Thanks to @erikjohnston for clarifying, https://github.com/matrix-org/synapse/pull/15743#discussion_r1226544457 We don't have to worry about calls stacking up if the given function takes longer than the scheduled time.
* | Replace `EventContext` fields `prev_group` and `delta_ids` with field ↵Shay2023-06-132-52/+112
| | | | | | | | `state_group_deltas` (#15233)
* | Fix MSC3983 support: only one OTK per device was returned through federation ↵Mathieu Velten2023-06-131-1/+3
| | | | | | | | (#15770)
* | Avoid backfill when we already have messages to return (#15737)Eric Eastwood2023-06-131-22/+115
| | | | | | | | | | We now only block the client to backfill when we see a large gap in the events (more than 2 events missing in a row according to `depth`), more than 3 single-event holes, or not enough messages to fill the response. Otherwise, we return the messages directly to the client and backfill in the background for eventual consistency sake. Fix https://github.com/matrix-org/synapse/issues/15696
* | Fix MSC3983 support: Use the unstable /keys/claim federation endpoint if ↵Patrick Cloke2023-06-131-1/+4
|/ | | | multiple keys are requested (#15755)
* Backfill in the background if we're doing it "just because" (#15710)Eric Eastwood2023-06-091-4/+14
| | | Fix https://github.com/matrix-org/synapse/issues/15702
* Allow for the configuration of max request retries and min/max retry delays ↵Shay2023-06-092-9/+22
| | | | | | | in the matrix federation client (#12504) Co-authored-by: Mathieu Velten <mathieuv@matrix.org> Co-authored-by: Erik Johnston <erik@matrix.org>
* Merge branch 'master' into developErik Johnston2023-06-081-1/+1
|\
| * Fix using TLS for replication (#15746)Erik Johnston2023-06-081-1/+1
| | | | | | Fixes #15744.
* | Clear event caches when we purge history (#15609)Erik Johnston2023-06-085-6/+178
| | | | | | | | | | | | | | This should help a little with #13476 --------- Co-authored-by: Patrick Cloke <patrickc@matrix.org>
* | Quick & dirty metric for background update status (#15740)David Robertson2023-06-073-1/+39
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Quick & dirty metric for background update status * Changelog * Remove debug Co-authored-by: Mathieu Velten <mathieuv@matrix.org> * Actually write to _aborted --------- Co-authored-by: Mathieu Velten <mathieuv@matrix.org>
* | Remove superfluous `room_memberships` join from background update (#15733)Eric Eastwood2023-06-071-1/+0
| | | | | | Spawning from https://github.com/matrix-org/synapse/pull/15731
* | Check required power levels earlier in createRoom handler. (#15695)Grant McLean2023-06-071-14/+62
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Check required power levels earlier in createRoom handler. - If a server was configured to reject the creation of rooms with E2EE enabled (by specifying an unattainably high power level for "m.room.encryption" in default_power_level_content_override), the 403 error was not being triggered until after the room was created and before the "m.room.power_levels" was sent. This allowed a user to access the partially-configured room and complete the setup of E2EE and power levels manually. - This change causes the power level overrides to be checked earlier and the request to be rejected before the user gains access to the room. - A new `_validate_room_config` method is added to contain checks that should be run before a room is created. - The new test case confirms that a user request is rejected by the new validation method. Signed-off-by: Grant McLean <grant@catalyst.net.nz> * Add a changelog file. * Formatting fix for black. * Remove unneeded line from test. --------- Signed-off-by: Grant McLean <grant@catalyst.net.nz>
* | Merge branch 'master' into developErik Johnston2023-06-071-1/+21
|\|
| * Fix schema delta error in 1.85 (#15739)Erik Johnston2023-06-071-2/+14
| | | | | | | | Some users seem to have multiple rows per user / room with a null thread ID, which we need to handle.
| * Fix schema delta error in 1.85 (#15738)Erik Johnston2023-06-071-0/+8
| | | | | | | | | | | | | | | | There appears to be a race where you can end up with entries in `event_push_summary` with both a `NULL` and `main` thread ID. Fixes #15736 Introduced in #15597
* | No need for the extra join since `membership` is built-in to ↵Eric Eastwood2023-06-061-4/+3
| | | | | | | | | | | | | | `current_state_events` (#15731) This helps with the upstream `is_host_joined()` and `is_host_invited()` functions. `membership` was added to `current_state_events` in https://github.com/matrix-org/synapse/pull/5706 and forced in https://github.com/matrix-org/synapse/pull/13745
* | Trace functions which return `Awaitable` (#15650)Eric Eastwood2023-06-061-11/+26
| |
* | Update error to more plainly explain we can only authorize our own events ↵Eric Eastwood2023-06-061-1/+1
| | | | | | | | (#15725)
* | Add context for when/why to use the `long_retries` option when sending ↵Eric Eastwood2023-06-061-2/+9
| | | | | | | | Federation requests (#15721)
* | Improve performance of user directory search (#15729)Shay2023-06-061-4/+8
| |
* | Remove some unused `server_name` fields (#15723)Sean Quah2023-06-065-5/+0
| | | | | | Signed-off-by: Sean Quah <seanq@matrix.org>
* | Stabilize support for MSC3952: Intentional mentions. (#15520)Patrick Cloke2023-06-066-23/+4
| |
* | Some house keeping on `maybe_backfill()` functions (#15709)Eric Eastwood2023-06-051-0/+17
| |
* | `N + 3`: Read from column `full_user_id` rather than `user_id` of tables ↵Shay2023-06-0216-41/+225
| | | | | | | | `profiles` and `user_filters` (#15649)
* | Add a catch-all * to the supported relation types when redacting (#15705)Mathieu Velten2023-06-022-5/+41
| | | | | | This is an update to MSC3912 implementation
* | Log when events are (unexpectedly) filtered out of responses in tests (#14213)Eric Eastwood2023-06-011-7/+7
| | | | | | | | | | See https://github.com/matrix-org/synapse/pull/14095#discussion_r990335492 This is useful because when see that a relevant event is an `outlier` or `soft-failed`, then that's a good unexpected indicator explaining why it's not showing up. `filter_events_for_client` is used in `/sync`, `/messages`, `/context` which are all common end-to-end assertion touch points (also notifications, relations).
* | Merge branch 'release-v1.85' into developH. Shay2023-06-014-2/+53
|\|
| * Speed up background jobs populate_full_user_id_user_filters and ↵Shay2023-05-312-2/+2
| | | | | | | | populate_full_user_id_profiles (#15700)
| * Fix a performance issue introduced in Synapse v1.83.0 which meant that ↵reivilibre2023-05-312-0/+51
| | | | | | | | | | | | | | | | | | | | | | | | | | purging rooms was very slow and database-intensive. (#15693) * Add indices required to efficiently validate new foreign key constraints on stream_ordering * Newsfile Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org> --------- Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
* | Cache requests for user's devices from federation (#15675)Erik Johnston2023-06-012-2/+69
| | | | | | | | This should mitigate the issue where lots of different servers requests the same user's devices all at once.
* | Implement stable support for MSC3882 to allow an existing device/session to ↵Hugh Nimmo-Smith2023-06-016-33/+75
| | | | | | | | | | | | | | | | generate a login token for use on a new device/session (#15388) Implements stable support for MSC3882; this involves updating Synapse's support to match the MSC / the spec says. Continue to support the unstable version to allow clients to transition.
* | Add stubs package for lxml. (#15697)Patrick Cloke2023-05-312-36/+75
| | | | | | | | | | | | | | The stubs have some issues so this has some generous cast and ignores in it, but it is better than not having stubs. Note that confusing that Element is a function which creates _Element instances (and similarly for Comment).
* | Add get_canonical_room_alias to module API (#15450)Gabriel Féron2023-05-312-1/+28
| | | | | | Co-authored-by: Boxdot <d@zerovolt.org>
* | Add stricter mypy options (#15694)Patrick Cloke2023-05-318-20/+18
| | | | | | | | Enable warn_unused_configs, strict_concatenate, disallow_subclassing_any, and disallow_incomplete_defs.
* | Enforce that an admin token also has the basic Matrix API scopeQuentin Gliech2023-05-301-5/+2
| |
* | Make the config tests spawn the homeserver only when neededQuentin Gliech2023-05-301-12/+28
| |
* | Reject tokens with multiple device scopesQuentin Gliech2023-05-301-6/+24
| |
* | Make OIDC scope constantsQuentin Gliech2023-05-301-10/+15
| |
* | Handle errors when introspecting tokensQuentin Gliech2023-05-301-5/+37
| | | | | | | | | | This returns a proper 503 when the introspection endpoint is not working for some reason, which should avoid logging out clients in those cases.
* | Disable incompatible Admin API endpointsQuentin Gliech2023-05-302-8/+21
| |
* | Make AS tokens work & allow ASes to /registerQuentin Gliech2023-05-304-83/+157
| |
* | Add an admin token for MAS -> Synapse callsQuentin Gliech2023-05-302-0/+24
| |
* | Refactor config to be an experimental featureHugh Nimmo-Smith2023-05-3015-83/+258
| | | | | | | | Also enforce you can't combine it with incompatible config options
* | Disable account related endpoints when using OAuth delegationQuentin Gliech2023-05-307-16/+66
| |
* | Actually enforce guest + return www-authenticate headerHugh Nimmo-Smith2023-05-303-5/+47
| |
* | MSC2967: Check access token scope for use as user and add guest supportHugh Nimmo-Smith2023-05-301-10/+20
| |
* | Use `name` claim as display name when registering users on the fly.Hugh Nimmo-Smith2023-05-301-1/+8
| | | | | | | | | | This makes is so that the `name` claim got when introspecting the token is used as the display name when registering a user on the fly.
* | Record the `sub` claims as an external_idQuentin Gliech2023-05-301-22/+37
| |
* | Handle the Synapse admin scopeQuentin Gliech2023-05-301-0/+3
| |
* | Save the scopes in the requesterQuentin Gliech2023-05-302-0/+9
| |
* | MSC2965: OIDC Provider discovery via well-known documentQuentin Gliech2023-05-301-0/+9
| |
* | Expose the public keys used for client authentication on an endpointQuentin Gliech2023-05-302-0/+78
| |
* | Initial MSC3964 support: delegation of auth to OIDC serverQuentin Gliech2023-05-303-1/+260
| |
* | Make the api.auth.Auth a ProtocolQuentin Gliech2023-05-304-242/+458
| |
* | Remove unused `FederationServer.__str__` override (#15690)Sean Quah2023-05-301-3/+0
|/ | | Signed-off-by: Sean Quah <seanq@matrix.org>
* Add Unix socket support for Redis connections (#15644)Jason Little2023-05-264-23/+92
| | | | Adds a new configuration setting to connect to Redis via a Unix socket instead of over TCP. Disabled by default.
* Add `MSC3820opt2` as a known room version (#15678)Travis Ralston2023-05-261-0/+1
|
* Set thread_id column to non-null for ↵Patrick Cloke2023-05-268-223/+291
| | | | | | | | | | | | | | | | event_push_{actions,actions_staging,summary} (#15597) Updates the database schema to require a thread_id (by adding a constraint that the column is non-null) for event_push_actions, event_push_actions_staging, and event_push_actions_summary. For PostgreSQL we add the constraint as NOT VALID, then VALIDATE the constraint a background job to avoid locking the table during an upgrade. Each table is updated as a separate schema delta to avoid deadlocks between them. For SQLite we simply rebuild the table & copy the data.
* Merge branch 'master' into developOlivier Wilkinson (reivilibre)2023-05-261-1/+1
|\
| * Fix a bug introduced in Synapse v1.84.0 where workers do not start up when ↵reivilibre2023-05-261-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | no `instance_map` was provided. (#15672) * Fix #15669: always populate instance map even if it was empty * Fix some tests * Fix more tests * Newsfile Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org> * CI fix: don't forget to update apt repository sources before installing olddeps deps * Add test testing the backwards compatibility --------- Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
| * `traceback.format_exception(...)` usage that is compatible with Python 3.7 ↵Eric Eastwood2023-05-161-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | and 3.11 (#15599) * Usage that is compatible with Python 3.8 and 3.11 > Since Python 3.10, instead of passing value and tb, an exception object can be passed as the first argument. If value and tb are provided, the first argument is ignored in order to provide backwards compatibility. > > -- https://docs.python.org/3/library/traceback.html * Add changelog
* | Add MSC3820 (room version 11) option 2 unstable room version. (#15666)Travis Ralston2023-05-261-0/+24
| |
* | Process previously failed backfill events in the background (#15585)Eric Eastwood2023-05-243-9/+119
| | | | | | | | | | | | | | | | | | Process previously failed backfill events in the background because they are bound to fail again and we don't need to waste time holding up the request for something that is bound to fail again. Fix https://github.com/matrix-org/synapse/issues/13623 Follow-up to https://github.com/matrix-org/synapse/issues/13621 and https://github.com/matrix-org/synapse/issues/13622 Part of making `/messages` faster: https://github.com/matrix-org/synapse/issues/13356
* | Add requesting user id parameter to key claim methods in ↵Shay2023-05-244-10/+23
| | | | | | | | `TransportLayerClient` (#15663)
* | Speed up user directory rebuild for users some more... (#15665)Erik Johnston2023-05-241-76/+114
| |
* | Improve type hints for cached decorator. (#15658)Patrick Cloke2023-05-242-3/+5
| | | | | | | | | | The cached decorators always return a Deferred, which was not properly propagated. It was close enough when wrapping coroutines, but failed if a bare function was wrapped.
* | Fix `@trace` not wrapping some state methods that return coroutines ↵Eric Eastwood2023-05-231-7/+8
| | | | | | | | | | | | | | | | | | | | | | correctly (#15647) ``` 2023-05-21 09:30:09,288 - synapse.logging.opentracing - 940 - ERROR - POST-1 - @trace may not have wrapped StateStorageController.get_state_for_groups correctly! The function is not async but returned a coroutine ``` Tracing instrumentation for these functions originally introduced in https://github.com/matrix-org/synapse/pull/15610
* | Consolidate logic to check for deactivated users. (#15634)Patrick Cloke2023-05-234-29/+30
| | | | | | | | | | | | | | This moves the deactivated user check to the method which all login types call. Additionally updates the application service tests to be more realistic by removing invalid tests and fixing server names.
* | Use a custom scheme & the worker name for replication requests. (#15578)Jason Little2023-05-233-19/+34
| | | | | | | | | | | | | | | | All the information needed is already in the `instance_map`, so use that instead of passing the hostname / IP & port manually for each replication request. This consolidates logic for future improvements of using e.g. UNIX sockets for workers.
* | Remove outdated comment in log config (#15648)Andrew Morgan2023-05-221-3/+1
| |
* | Properly parse event_fields in filters (#15607)Patrick Cloke2023-05-222-28/+59
| | | | | | | | | | | | | | | | The event_fields property in filters should use the proper escape rules, namely backslashes can be escaped with an additional backslash. This adds tests (adapted from matrix-js-sdk) and implements the logic to properly split the event_fields strings.
* | Instrument `state` and `state_group` storage related things (tracing) (#15610)Eric Eastwood2023-05-195-0/+62
| | | | | | | | | | Instrument `state` and `state_group` storage related things (tracing) so it's a little more clear where these database transactions are coming from as there is a lot of wires crossing in these functions. Part of `/messages` performance investigation: https://github.com/matrix-org/synapse/issues/13356
* | Trace how many new events from the backfill response we need to process (#15633)Eric Eastwood2023-05-191-0/+5
| | | | | | You can kinda derive this information from how many `_process_pulled_event` spans there are but it would be nice to quickly glance.
* | Remove old R30 because R30v2 supercedes it (#10428)reivilibre2023-05-192-87/+0
| | | | | | | | | | R30v2 has been out since 2021-07-19 (https://github.com/matrix-org/synapse/pull/10332) and we started collecting stats on 2021-08-16. Since it's been over a year now (almost 2 years), this is enough grace period for us to now rip it out.
* | Rename blacklist/whitelist internally. (#15620)Patrick Cloke2023-05-1913-129/+117
| | | | | | | | Avoid renaming configuration settings for now and rename internal code to use blocklist and allowlist instead.
* | Do not allow deactivated users to login with JWT. (#15624)Patrick Cloke2023-05-193-65/+137
| | | | | | | | | | To improve the organization of this code it moves the JWT login checks to a separate handler and then fixes the bug (and a deprecation warning).
* | Remove experimental configuration flags & unstable values for faster joins ↵Patrick Cloke2023-05-194-51/+4
| | | | | | | | | | | | | | (#15625) Synapse will no longer send (or respond to) the unstable flags for faster joins. These were only available behind a configuration flag and handled in parallel with the stable flags.
* | Fix `HomeServer`s leaking during `trial` test runs (#15630)Sean Quah2023-05-191-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This change fixes two memory leaks during `trial` test runs. Garbage collection is disabled during each test case and a gen-0 GC is run at the end of each test. However, when the gen-0 GC is run, the `TestCase` object usually still holds references to the `HomeServer` used during the test. As a result, the `HomeServer` gets promoted to gen-1 and then never garbage collected. Fix this by periodically running full GCs. Additionally, fix `HomeServer`s leaking after tests that touch inbound federation due to `FederationRateLimiter`s adding themselves to a global set, by turning the set into a `WeakSet`. Resolves #15622. Signed-off-by: Sean Quah <seanq@matrix.org>
* | Handle missing previous read marker event. (#15464)Nick Mills-Barrett2023-05-182-10/+14
| | | | | | | | | | If the previous read marker is pointing to an event that no longer exists (e.g. due to retention) then assume that the newly given read marker is newer.
* | Update Mutual Rooms (MSC2666) implementation (#15621)Jonathan de Jong2023-05-182-13/+32
| | | | | | | | | | | | | | | | To track changes in MSC2666: - The change from `/mutual_rooms/{user_id}` to `/mutual_rooms?user_id={user_id}`. - The addition of `next_batch_token` (and logic). - Unstable flag now being `uk.half-shot.msc2666.query_mutual_rooms`. - The error code when your own user is requested.
* | Re-type config paths in `ConfigError`s to be `StrSequence`s (#15615)Sean Quah2023-05-187-26/+30
| | | | | | | | | | | | Part of #14809. Signed-off-by: Sean Quah <seanq@matrix.org>
* | Fix error message when `app_service_config_files` validation fails (#15614)Sean Quah2023-05-181-2/+1
| | | | | | | | | | | | | | | | | | | | The second argument of `ConfigError` is a path, passed as an optional `Iterable[str]` and not a `str`. If a string is passed directly, Synapse unhelpfully emits "Error in configuration at a.p.p._.s.e.r.v.i.c.e._.c.o.n.f.i.g._.f.i.l.e.s'" when the config option has the wrong data type. Signed-off-by: Sean Quah <seanq@matrix.org>
* | Add a new admin API to create a new device for a user. (#15611)Quentin Gliech2023-05-171-0/+29
| | | | | | | | This allows an external service (e.g. the matrix-authentication-service) to create devices for users.
* | Apply url_preview_url_blacklist to oEmbed and pre-cached images (#15601)Patrick Cloke2023-05-161-46/+75
| | | | | | | | | | | | | | | | There are two situations which were previously not properly checked: 1. If the requested URL was replaced with an oEmbed URL, then the oEmbed URL was not checked against url_preview_url_blacklist. 2. Follow-up URLs (either via autodiscovery of oEmbed or to pre-cache images) were not checked against url_preview_url_blacklist.
* | Update code to refer to "workers". (#15606)Patrick Cloke2023-05-1610-35/+22
| | | | | | | | A bunch of comments and variables are out of date and use obsolete terms.
* | Add not null constraint to column `full_user_id` of tables `profiles` and ↵Shay2023-05-167-4/+267
| | | | | | | | `user_filters` (#15537)
* | `traceback.format_exception(...)` usage that is compatible with Python 3.7 ↵Eric Eastwood2023-05-161-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | and 3.11 (#15599) * Usage that is compatible with Python 3.8 and 3.11 > Since Python 3.10, instead of passing value and tb, an exception object can be passed as the first argument. If value and tb are provided, the first argument is ignored in order to provide backwards compatibility. > > -- https://docs.python.org/3/library/traceback.html * Add changelog
* | Fix subscriptable type usage in Python <3.9 (#15604)Eric Eastwood2023-05-161-2/+1
|/ | | | | | | | | | | | Fix the following `mypy` errors when running `mypy` with Python 3.7: ``` synapse/storage/controllers/stats.py:58: error: "Counter" is not subscriptable, use "typing.Counter" instead [misc] tests/test_state.py:267: error: "dict" is not subscriptable, use "typing.Dict" instead [misc] ``` Part of https://github.com/matrix-org/synapse/issues/15603 In Python 3.9, `typing` is deprecated and the types are subscriptable (generics) by default, https://peps.python.org/pep-0585/#implementation
* Export `run_as_background_process` from the module API (#15577)Shay2023-05-151-0/+1
|
* Implement MSC3821 to update redaction rules (`third_party_invite.signed`) ↵Patrick Cloke2023-05-152-0/+50
| | | | | | (#15563) Updates the redaction rules to protect enough information that the event can still be properly verified.
* Reject instead of erroring on invalid membership events. (#15564)Patrick Cloke2023-05-151-6/+11
| | | | Instead of resulting in an internal server error for invalid events, return that the event is invalid.
* Implement MSC3389 to protect relations from redaction. (#15565)Patrick Cloke2023-05-152-0/+29
| | | | | | MSC3389 proposes protecting the relation type & parent event ID from redaction. This keeps the relation information intact after redaction which helps with some UX flaws (e.g. deleting an event causes it to no longer be in a thread, which is confusing).
* Add an unstable feature flag for MSC3981 to the /versions endpoint (#15558)Michael Weimann2023-05-151-0/+2
| | | | Signed-off-by: Michael Weimann <michaelw@matrix.org> Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
* Declare support for Matrix 1.6 (#15559)Patrick Cloke2023-05-123-1/+22
| | | | | | | Adds logging for key server requests which include a key ID. This is technically in violation of the 1.6 spec, but is the only way to remain backwards compatibly with earlier versions of Synapse (and possibly other homeservers) which *did* include the key ID.
* Revert "Set thread_id column to non-null for ↵Erik Johnston2023-05-126-224/+234
| | | | | event_push_{actions,actions_staging,summary} (#15437)" (#15580) This reverts commit a7b3e9ce65335e452de216cb42b9e724e8f3ad1d.
* Print full startup/initialization error (#15569)Eric Eastwood2023-05-111-1/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I found the error in the **Before** really vague and obtuse and didn't realize port `5432` corresponded to the Postgres port until searching the codebase. It says to check the logs but that wasn't my first instinct. It's just more obvious if we just print the full thing which gives context of the error type and the traceback to the relevant area of code. #### Before ``` $ poetry run python -m synapse.app.homeserver -c homeserver.yaml ********************************************************************************** Error during initialisation: connection to server at "localhost" (::1), port 5432 failed: Connection refused Is the server running on that host and accepting TCP/IP connections? connection to server at "localhost" (127.0.0.1), port 5432 failed: Connection refused Is the server running on that host and accepting TCP/IP connections? There may be more information in the logs. ********************************************************************************** ``` #### After ```sh $ poetry run python -m synapse.app.homeserver -c homeserver.yaml ********************************************************************************** Error during initialisation: Traceback (most recent call last): File "/home/eric/Documents/github/element/synapse/synapse/app/homeserver.py", line 352, in setup hs.setup() File "/home/eric/Documents/github/element/synapse/synapse/server.py", line 337, in setup self.datastores = Databases(self.DATASTORE_CLASS, self) File "/home/eric/Documents/github/element/synapse/synapse/storage/databases/__init__.py", line 65, in __init__ with make_conn(database_config, engine, "startup") as db_conn: File "/home/eric/Documents/github/element/synapse/synapse/storage/database.py", line 161, in make_conn native_db_conn = engine.module.connect(**db_params) File "/home/eric/.cache/pypoetry/virtualenvs/matrix-synapse-xCtC9ulO-py3.10/lib/python3.10/site-packages/psycopg2/__init__.py", line 122, in connect conn = _connect(dsn, connection_factory=connection_factory, **kwasync) psycopg2.OperationalError: connection to server at "localhost" (::1), port 5432 failed: Connection refused Is the server running on that host and accepting TCP/IP connections? connection to server at "localhost" (127.0.0.1), port 5432 failed: Connection refused Is the server running on that host and accepting TCP/IP connections? There may be more information in the logs. ********************************************************************************** ```
* Add redis SSL configuration options (#15312)Roel ter Maat2023-05-114-14/+82
| | | | | | | | | | | | | | | | | * Add SSL options to redis config * fix lint issues * Add documentation and changelog file * add missing . at the end of the changelog * Move client context factory to new file * Rename ssl to tls and fix typo * fix lint issues * Added when redis attributes were added
* Remove `worker_replication_*` settings (#15491)Jason Little2023-05-112-28/+66
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add master to the instance_map as part of Complement, have ReplicationEndpoint look at instance_map for master. * Fix typo in drive by. * Remove unnecessary worker_replication_* bits from unit tests and add master to instance_map(hopefully in the right place) * Several updates: 1. Switch from master to main for naming the main process in the instance_map. Add useful constants for easier adjustment of names in the future. 2. Add backwards compatibility for worker_replication_* to allow time to transition to new style. Make sure to prioritize declaring main directly on the instance_map. 3. Clean up old comments/commented out code. 4. Adjust unit tests to match with new code. 5. Adjust Complement setup infrastructure to only add main to the instance_map if workers are used and remove now unused options from the worker.yaml template. * Initial Docs upload * Changelog * Missed some commented out code that can go now * Remove TODO comment that no longer holds true. * Fix links in docs * More docs * Remove debug logging * Apply suggestions from code review Co-authored-by: reivilibre <olivier@librepush.net> * Apply suggestions from code review Co-authored-by: reivilibre <olivier@librepush.net> * Update version to latest, include completeish before/after examples in upgrade notes. * Fix up and docs too --------- Co-authored-by: reivilibre <olivier@librepush.net>
* Add an unstable feature flag for MSC3391 to the /versions endpoint (#15562)Andrew Morgan2023-05-111-0/+2
|
* Stabilize MSC2659 support for AS ping endpoint. (#15528)Tulir Asokan2023-05-095-15/+10
|
* HTTP Replication Client (#15470)Jason Little2023-05-094-3/+295
| | | | | | Separate out a HTTP client for replication in preparation for also supporting using UNIX sockets. The major difference from the base class is that this does not use treq to handle HTTP requests.
* Add config option to prevent media downloads from listed domains. (#15197)Travis Ralston2023-05-093-0/+22
| | | | | | | This stops media (and thumbnails) from being accessed from the listed domains. It does not delete any already locally cached media, but will prevent accessing it. Note that admin APIs are unaffected by this change.
* Error if attempting to set m.push_rules account data, per MSC4010. (#15555)Patrick Cloke2023-05-096-34/+93
| | | | | m.push_rules, like m.fully_read, is a special account data type that cannot be set using the normal /account_data endpoint. Return an error instead of allowing data that will not be used to be stored.
* Use account data constants in more places. (#15554)Patrick Cloke2023-05-094-9/+12
|
* Check appservices for devices during a /user/devices query. (#15539)Patrick Cloke2023-05-051-0/+28
| | | | | | | | MSC3984 proxies /keys/query requests to appservices, but servers will can also requests devices / keys from the /user/devices endpoint. The formats are close enough that we can "proxy" that /user/devices to appservices (by calling /keys/query) and then change the format of the returned data before returning it over federation.
* Implement MSC4009 to widen the allowed Matrix ID grammar (#15536)Patrick Cloke2023-05-054-17/+40
| | | | | Behind a configuration flag this adds + to the list of allowed characters in Matrix IDs. The main feature this enables is using full E.164 phone numbers as Matrix IDs.
* Handle `DNSNotImplementedError` in SRV resolver (#15523)Zdziszek2023-05-051-1/+4
| | | Signed-off-by: Zdzichu <zdzichu.rks@protonmail.com>
* Clean up and clarify "Create or modify Account" Admin API documentation (#15544)Andrew Morgan2023-05-054-4/+24
|
* Factor out an `is_mine_server_name` method (#15542)Sean Quah2023-05-0521-34/+49
| | | | | | | | | | | | Add an `is_mine_server_name` method, similar to `is_mine_id`. Ideally we would use this consistently, instead of sometimes comparing against `hs.hostname` and other times reaching into `hs.config.server.server_name`. Also fix a bug in the tests where `hs.hostname` would sometimes differ from `hs.config.server.server_name`. Signed-off-by: Sean Quah <seanq@matrix.org>
* Move ThirdPartyEventRules into module_api/callbacks (#15535)Andrew Morgan2023-05-0416-46/+53
|
* Update the base rules to remove the dont_notify action. (MSC3987) (#15534)Patrick Cloke2023-05-041-0/+2
| | | | | A dont_notify action is a no-op (and coalesce is undefined). These are both considered no-ops by the spec, per MSC3987 and the predefined push rules were updated to remove dont_notify from the list of actions.
* Use oEmbed for YouTube Shorts (#15025)Sandro2023-05-031-0/+13
| | | | | | | | | | | | It seems that YouTube Short previews do not work in some regions, but the oEmbed information for those areas is still valid. This causes YouTube Shorts to always use (only) the oEmbed endpoint which is a minor regression for regions where the URL preview was already working -- some of the additional video metadata is lost. It is not likely that clients are using this today and it is more beneficial to have a limited preview working everywhere than unused metadata in the Open Graph response.
* Merge branch 'release-v1.83' into developSean Quah2023-05-033-26/+12
|\