|  | Commit message (Collapse) | Author | Age | Files | Lines | 
|---|
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | Before this change:
* `PerspectivesKeyFetcher` and `ServerKeyFetcher` write to `server_keys_json`.
* `PerspectivesKeyFetcher` also writes to `server_signature_keys`.
* `StoreKeyFetcher` reads from `server_signature_keys`.
After this change:
* `PerspectivesKeyFetcher` and `ServerKeyFetcher` write to `server_keys_json`.
* `PerspectivesKeyFetcher` also writes to `server_signature_keys`.
* `StoreKeyFetcher` reads from `server_keys_json`.
This results in `StoreKeyFetcher` now using the results from `ServerKeyFetcher`
in addition to those from `PerspectivesKeyFetcher`, i.e. keys which are directly
fetched from a server will now be pulled from the database instead of refetched.
An additional minor change is included to avoid creating a `PerspectivesKeyFetcher`
(and checking it) if no `trusted_key_servers` are configured.
The overall impact of this should be better usage of cached results:
* If a server has no trusted key servers configured then it should reduce how often keys
  are fetched.
* if a server's trusted key server does not have a requested server's keys cached then it
  should reduce how often keys are directly fetched. | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | * Update mypy and mypy-zope
* Remove unused ignores
These used to suppress
```
synapse/storage/engines/__init__.py:28: error: "__new__" must return a
class instance (got "NoReturn")  [misc]
```
and
```
synapse/http/matrixfederationclient.py:1270: error: "BaseException" has no attribute "reasons"  [attr-defined]
```
(note that we check `hasattr(e, "reasons")` above)
* Avoid empty body warnings, sometimes by marking methods as abstract
E.g.
```
tests/handlers/test_register.py:58: error: Missing return statement  [empty-body]
tests/handlers/test_register.py:108: error: Missing return statement  [empty-body]
```
* Suppress false positive about `JaegerConfig`
Complaint was
```
synapse/logging/opentracing.py:450: error: Function "Type[Config]" could always be true in boolean context  [truthy-function]
```
* Fix not calling `is_state()`
Oops!
```
tests/rest/client/test_third_party_rules.py:428: error: Function "Callable[[], bool]" could always be true in boolean context  [truthy-function]
```
* Suppress false positives from ParamSpecs
````
synapse/logging/opentracing.py:971: error: Argument 2 to "_custom_sync_async_decorator" has incompatible type "Callable[[Arg(Callable[P, R], 'func'), **P], _GeneratorContextManager[None]]"; expected "Callable[[Callable[P, R], **P], _GeneratorContextManager[None]]"  [arg-type]
synapse/logging/opentracing.py:1017: error: Argument 2 to "_custom_sync_async_decorator" has incompatible type "Callable[[Arg(Callable[P, R], 'func'), **P], _GeneratorContextManager[None]]"; expected "Callable[[Callable[P, R], **P], _GeneratorContextManager[None]]"  [arg-type]
````
* Drive-by improvement to `wrapping_logic` annotation
* Workaround false "unreachable" positives
See https://github.com/Shoobx/mypy-zope/issues/91
```
tests/http/test_proxyagent.py:626: error: Statement is unreachable  [unreachable]
tests/http/test_proxyagent.py:762: error: Statement is unreachable  [unreachable]
tests/http/test_proxyagent.py:826: error: Statement is unreachable  [unreachable]
tests/http/test_proxyagent.py:838: error: Statement is unreachable  [unreachable]
tests/http/test_proxyagent.py:845: error: Statement is unreachable  [unreachable]
tests/http/federation/test_matrix_federation_agent.py:151: error: Statement is unreachable  [unreachable]
tests/http/federation/test_matrix_federation_agent.py:452: error: Statement is unreachable  [unreachable]
tests/logging/test_remote_handler.py:60: error: Statement is unreachable  [unreachable]
tests/logging/test_remote_handler.py:93: error: Statement is unreachable  [unreachable]
tests/logging/test_remote_handler.py:127: error: Statement is unreachable  [unreachable]
tests/logging/test_remote_handler.py:152: error: Statement is unreachable  [unreachable]
```
* Changelog
* Tweak DBAPI2 Protocol to be accepted by mypy 1.0
Some extra context in:
- https://github.com/matrix-org/python-canonicaljson/pull/57
- https://github.com/python/mypy/issues/6002
- https://mypy.readthedocs.io/en/latest/common_issues.html#covariant-subtyping-of-mutable-protocol-members-is-rejected
* Pull in updated canonicaljson lib
so the protocol check just works
* Improve comments in opentracing
I tried to workaround the ignores but found it too much trouble.
I think the corresponding issue is
https://github.com/python/mypy/issues/12909. The mypy repo has a PR
claiming to fix this (https://github.com/python/mypy/pull/14677) which
might mean this gets resolved soon?
* Better annotation for INTERACTIVE_AUTH_CHECKERS
* Drive-by AUTH_TYPE annotation, to remove an ignore | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | state groups (#14675)
* add class UnpersistedEventContext
* modify create new client event to create unpersistedeventcontexts
* persist event contexts after creation
* fix tests to persist unpersisted event contexts
* cleanup
* misc lints + cleanup
* changelog + fix comments
* lints
* fix batch insertion?
* reduce redundant calculation
* add unpersisted event classes
* rework compute_event_context, split into function that returns unpersisted event context and then persists it
* use calculate_context_info to create unpersisted event contexts
* update typing
* $%#^&*
* black
* fix comments and consolidate classes, use attr.s for class
* requested changes
* lint
* requested changes
* requested changes
* refactor to be stupidly explicit
* clearer renaming and flow
* make partial state non-optional
* update docstrings
---------
Co-authored-by: Erik Johnston <erik@matrix.org> | 
| | 
| 
| 
| | Use the newer foo_instances configuration instead of the
deprecated flags to enable specific features (e.g. start_pushers). | 
| | 
| 
| | Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> | 
| | 
| 
| 
| | This reverts commit 6d543d6d9f56e39199b7e460d0081b02d61f12be. | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | * Update mypy and mypy-zope
* Unignore assigning to LogRecord attributes
Presumably https://github.com/python/typeshed/pull/8064 makes this ok
Cherry-picked from #13521
* Remove unused ignores due to mypy ParamSpec fixes
https://github.com/python/mypy/pull/12668
Cherry-picked from #13521
* Remove additional unused ignores
* Fix new mypy complaints related to `assertGreater`
Presumably due to https://github.com/python/typeshed/pull/8077
* Changelog
* Reword changelog
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> | 
| | 
| 
| | Removes the ability to configure legacy direct TCP replication. Workers now require Redis to run. | 
| | 
| 
| 
| 
| 
| 
| 
| | This reverts commit f383b9b3eceaa082d5ae690550fe41460b711779. Other PRs
were seeing mypy failures that looked to be related to mypy-zope.
Confusingly, we didn't see this on #13521.
Revert this for now and investigate later. | 
| | |  | 
| | |  | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | * Cast to postgres types when handling postgres db
* Remove unused method
* Easy annotations
* Annotate create_room
* Use `ParamSpec` to annotate looping_call
* Annotate `default_config`
* Track `now` as a float
`time_ms` returns an int like the proper Synapse `Clock`
* Introduce a `Timer` dataclass
* Introduce a Looper type
* Suppress checking of a mock
* tests.utils is typed
* Changelog
* Whoops, import ParamSpec from typing_extensions
* ditch the psycopg2 casts | 
| | |  | 
| | |  | 
| | |  | 
| | 
| 
| 
| | Postgres. (#12376) | 
| | 
| 
| 
| | The `MockHttpResource` and `MockKey` objects were unused
since #9396 (74af356baf79de5d719fad6c32b981eedbdd950d). | 
| | 
| 
| 
| 
| 
| 
| | The presence of this method was confusing, and mostly present for backwards
compatibility. Let's get rid of it.
Part of #11733 | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | * Optionally use an on-disk sqlite db in tests
When debugging a test it is sometimes useful to inspect the state of the
DB. This is not easy when the db is in-memory: one cannot attach the
sqlite CLI to another process's DB.
With this change, if SYNAPSE_TEST_PERSIST_SQLITE_DB is set, we use
 `_trial_temp/test.db` as our sqlite database. One can then use 
`sqlite3 _trial_temp/test.db` and query to your heart's content.
The DB is destroyed and recreated between different test cases.
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> | 
| | 
| 
| 
| | `tests.server.setup_test_homeserver`. (#11503) | 
| | |  | 
| | 
| 
| 
| 
| 
| 
| | It had no users.
We have just taken the identity of a previous function but don't provide the same
behaviour, so we need to fix this in the next commit... | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | 'trust_identity_servers_for_password_resets' (#11395)
* remove background update code related to deprecated config flag
* changelog entry
* update changelog
* Delete 11394.removal
Duplicate, wrong number
* add no-op background update and change newfragment so it will be consolidated with associated work
* remove unused code
* Remove code associated with deprecated flag from legacy docker dynamic config file
Co-authored-by: reivilibre <oliverw@matrix.org> | 
| | |  | 
| | 
| 
| 
| 
| 
| 
| | Setting the value will help PostgreSQL free up memory by recycling
the connections in the connection pool.
Signed-off-by: Toni Spets <toni.spets@iki.fi> | 
| | |  | 
| | |  | 
| | 
| 
| 
| 
| 
| 
| | Part of #9744
Removes all redundant `# -*- coding: utf-8 -*-` lines from files, as python 3 automatically reads source code as utf-8 now.
`Signed-off-by: Jonathan de Jong <jonathan@automatia.nl>` | 
| | 
| 
| | Signed-off-by: Dan Callahan <danc@element.io> | 
| | |  | 
| | 
| 
| 
| 
| 
| 
| | `room_invite_state_types` was inconvenient as a configuration setting, because
anyone that ever set it would not receive any new types that were added to the
defaults. Here, we deprecate the old setting, and replace it with a couple of
new settings under `room_prejoin_state`. | 
| | 
| 
| 
| | `uploads_path` was a thing that was never used; most of it was removed in #6628
but a few vestiges remained. | 
| | 
| 
| 
| 
| 
| 
| | - Update black version to the latest
 - Run black auto formatting over the codebase
    - Run autoformatting according to [`docs/code_style.md
`](https://github.com/matrix-org/synapse/blob/80d6dc9783aa80886a133756028984dbf8920168/docs/code_style.md)
 - Update `code_style.md` docs around installing black to use the correct version | 
| | 
| 
| 
| | This breaks some people's configurations (if their Client-Server API
is not accessed via port 443). | 
| | |  | 
| | 
| 
| | Fixes #8928. | 
| | |  | 
| | |  | 
| | 
| 
| 
| | This is now only used in `test_typing`, so move it there. | 
| | 
| 
| 
| 
| | (#8565)
Changes `@cache_in_self` to use underscore-prefixed attributes. | 
| | 
| 
| 
| 
| 
| | This implements a more standard API for instantiating a homeserver and
moves some of the dependency injection into the test suite.
More concretely this stops using `setattr` on all `kwargs` passed to `HomeServer`. | 
| | |  | 
| | 
| 
| 
| 
| | This is so we can tell what is going on when things are taking a while to start up.
The main change here is to ensure that transactions that are created during startup get correctly logged like normal transactions. | 
| | |  | 
| | |  | 
| |\  
| | 
| | 
| | | erikj/add_rate_limiting_to_joins | 
| | | |  | 
| |/ |  | 
| | |  | 
| | |  | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| | This ended up being a bit more invasive than I'd hoped for (not helped by
generic_worker duplicating some of the code from homeserver), but hopefully
it's an improvement.
The idea is that, rather than storing unstructured `dict`s in the config for
the listener configurations, we instead parse it into a structured
`ListenerConfig` object. | 
| | 
| 
| 
| | variables (#6391) | 
| | 
| 
| 
| 
| | By persisting the user interactive authentication sessions to the database, this fixes
situations where a user hits different works throughout their auth session and also
allows sessions to persist through restarts of Synapse. | 
| | 
| 
| 
| | When running the UTs against a postgres deatbase, we need to set the collation
correctly. | 
| | |  | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | * Pull Sentinel out of LoggingContext
... and drop a few unnecessary references to it
* Factor out LoggingContext.current_context
move `current_context` and `set_context` out to top-level functions.
Mostly this means that I can more easily trace what's actually referring to
LoggingContext, but I think it's generally neater.
* move copy-to-parent into `stop`
this really just makes `start` and `stop` more symetric. It also means that it
behaves correctly if you manually `set_log_context` rather than using the
context manager.
* Replace `LoggingContext.alive` with `finished`
Turn `alive` into `finished` and make it a bit better defined. | 
| | 
| 
| | This is so that we don't have to rely on pulling it out from `current_state_events` table. | 
| | |  | 
| | 
| 
| 
| 
| | This encapsulates config for a given database and is the way to get new
connections. | 
| | |  | 
| | |  | 
| | |  | 
| |\  
| | 
| | 
| | | erikj/split_out_persistence_store | 
| | | 
| | 
| | 
| | | The expected use case is to suppress MAU limiting on small instances | 
| |/ |  | 
| | |  | 
| | 
| 
| 
| 
| | Python will return a tuple whether there are parentheses around the returned values or not.
I'm just sick of my editor complaining about this all over the place :) | 
| | 
| 
| 
| 
| 
| 
| 
| | The `expire_access_token` didn't do what it sounded like it should do. What it
actually did was make Synapse enforce the 'time' caveat on macaroons used as
access tokens, but since our access token macaroons never contained such a
caveat, it was always a no-op.
(The code to add 'time' caveats was removed back in v0.18.5, in #1656) | 
| |\  
| | 
| | 
| | 
| | 
| | 
| | | Bugfixes
--------
- Fix a regression introduced in v1.2.0rc1 which led to incorrect labels on some prometheus metrics. ([\#5734](https://github.com/matrix-org/synapse/issues/5734)) | 
| | | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | | * Fix servlet metric names
Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Remove redundant check
* Cover all return paths | 
| |/ |  | 
| | 
| 
| 
| 
| 
| 
| | - Put the default window_size back to 1000ms (broken by #5181)
- Make the `rc_federation` config actually do something
- fix an off-by-one error in the 'concurrent' limit
- Avoid creating an unused `_PerHostRatelimiter` object for every single
  incoming request | 
| | |  | 
| | 
| 
| 
| 
| 
| | * Pull config_dir_path and data_dir_path calculation out of read_config_files
* Pass config_dir_path and data_dir_path into read_config | 
| | |  | 
| | 
| 
| 
| | Set default room version to v4. | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | identity server (#5377)
Sends password reset emails from the homeserver instead of proxying to the identity server. This is now the default behaviour for security reasons. If you wish to continue proxying password reset requests to the identity server you must now enable the email.trust_identity_server_for_password_resets option.
This PR is a culmination of 3 smaller PRs which have each been separately reviewed:
* #5308
* #5345
* #5368 | 
| | |  | 
| | |  | 
| | 
| 
| 
| | items off HomeserverConfig (#5171) | 
| | |  | 
| | 
| 
| 
| | Collect all the things that make room-versions different to one another into
one place, so that it's easier to define new room versions. | 
| | 
| 
| 
| 
| 
| | I don't have a database with the same name as my user, so leaving the database
name unset fails.
While we're at it, clear out some unused stuff in the test setup. | 
| | |  | 
| | 
| 
| 
| 
| 
| 
| | Rather than using a Mock for the homeserver config, use a genuine
HomeServerConfig object. This makes for a more realistic test, and means that
we don't have to keep remembering to add things to the mock config every time
we add a new config setting. | 
| | |  | 
| | 
| 
| | Add two ratelimiters on login (per-IP address and per-userID). | 
| | |  | 
| | |  | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | * Rate-limiting for registration
* Add unit test for registration rate limiting
* Add config parameters for rate limiting on auth endpoints
* Doc
* Fix doc of rate limiting function
Co-Authored-By: babolivier <contact@brendanabolivier.com>
* Incorporate review
* Fix config parsing
* Fix linting errors
* Set default config for auth rate limiting
* Fix tests
* Add changelog
* Advance reactor instead of mocked clock
* Move parameters to registration specific config and give them more sensible default values
* Remove unused config options
* Don't mock the rate limiter un MAU tests
* Rename _register_with_store into register_with_store
* Make CI happy
* Remove unused import
* Update sample config
* Fix ratelimiting test for py2
* Add non-guest test | 
| | |  | 
| | |  | 
| | |  | 
| | |  | 
| | |  | 
| |\  
| | 
| | 
| | | erikj/require_format_version | 
| | | |  | 
| |/ |  | 
| | 
| 
| 
| | ... as per MSC1730. | 
| | 
| 
| 
| 
| 
| | Allow for the creation of a support user.
A support user can access the server, join rooms, interact with other users, but does not appear in the user directory nor does it contribute to monthly active user limits. | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | This implements both a SAML2 metadata endpoint (at
`/_matrix/saml2/metadata.xml`), and a SAML2 response receiver (at
`/_matrix/saml2/authn_response`). If the SAML2 response matches what's been
configured, we complete the SSO login flow by redirecting to the client url
(aka `RelayState` in SAML2 jargon) with a login token.
What we don't yet have is anything to build a SAML2 request and redirect the
user to the identity provider. That is left as an exercise for the reader. | 
| | |  | 
| | 
| 
| 
| | So people can still collect consent the old way if they want to. | 
| |\ |  | 
| | | |  | 
| | | |  | 
| |/ |  | 
| | |  | 
| | |  | 
| |\  
| | 
| | | guest users should not be part of mau total | 
| | | |  | 
| |\ \  
| |/  
|/| |  | 
| | | 
| | 
| | 
| | 
| | | Use the actual origin for push transactions, rather than whatever the remote
server claimed. | 
| | | |  | 
| | | |  | 
| | | |  | 
| | | |  | 
| | | |  | 
| |\| 
| | 
| | 
| | | erikj/refactor_state_handler | 
| | | |  | 
| | | |  | 
| | | |  | 
| | | 
| | 
| | 
| | | AuthError in all cases | 
| | | 
| | 
| | 
| | 
| | 
| | | return AuthError in all cases"
This reverts commit 0d43f991a19840a224d3dac78d79f13d78212ee6. | 
| | | 
| | 
| | 
| | | AuthError in all cases | 
| | | |  | 
| | | |  | 
| | |\  
| | | 
| | | | send SNI for federation requests | 
| | | |\ |  | 
| | | |\ \  
| | | | | 
| | | | | 
| | | | | 
| | | | | 
| | | | | 
| | | | | | send_sni_for_federation_requests
# Conflicts:
#	synapse/crypto/context_factory.py | 
| | | | | | |  | 
| |/ / / / |  | 
| |\ \ \ \  
| | | | | 
| | | | | | Flag to disable HS without disabling federation | 
| | |\ \ \ \ |  | 
| | |\ \ \ \ \ |  | 
| | | | | | | | |  | 
| | |_|/ / / /  
|/| | | | | |  | 
| |\ \ \ \ \ \  
| |_|/ / / /  
|/| | | | | | Support for room versioning | 
| | | | | | | 
| | | | | | 
| | | | | | 
| | | | | | 
| | | | | | 
| | | | | | 
| | | | | | 
| | | | | | | This is the first tranche of support for room versioning. It includes:
 * setting the default room version in the config file
 * new room_version param on the createRoom API
 * storing the version of newly-created rooms in the m.room.create event
 * fishing the version of existing rooms out of the m.room.create event | 
| | | | | | | |  | 
| | |/ / / /  
|/| | | | |  | 
| |/ / / / |  | 
| | |_|/  
|/| | |  | 
| | |/  
|/| |  | 
| | | |  | 
| |/ |  | 
| | |  | 
| | 
| 
| 
| 
| 
| | Returns an M_CONSENT_NOT_GIVEN error (cf
https://github.com/matrix-org/matrix-doc/issues/1252) if consent is not yet
given. | 
| | 
| 
| 
| | turns out we need to reuse this, so it's better in the config class. | 
| | 
| 
| 
| 
| | When a user first syncs, we will send them a server notice asking them to
consent to the privacy policy if they have not already done so. | 
| |\  
| | 
| | | Use six.moves.urlparse | 
| | | 
| | 
| | 
| | 
| | 
| | | The imports were shuffled around a bunch in py3
Signed-off-by: Adrian Tschira <nota@notafile.com> | 
| |/  
|   
|   
|   
|   
|   
| | These worked accidentally before (python2 doesn't complain if you
compare incompatible types) but under py3 this blows up spectacularly
Signed-off-by: Adrian Tschira <nota@notafile.com> | 
| | 
| 
| 
| 
| 
| | This has no effect on python2
Signed-off-by: Adrian Tschira <nota@notafile.com> | 
| | |  | 
| | |  | 
| | 
| 
| 
| 
| 
| 
| 
| | ... instead of creating our own special SQLiteMemoryDbPool, whose purpose was a
bit of a mystery.
For some reason this makes one of the tests run slightly slower, so bump the
sleep(). Sorry. | 
| | 
| 
| 
| 
| | Configure the connectionpool used for unit tests to run the `on_new_connection`
function. | 
| | 
| 
| 
| | This isn't used, and looks thoroughly bitrotted. | 
| | 
| 
| 
| 
| 
| | Add federation_domain_whitelist
gives a way to restrict which domains your HS is allowed to federate with.
useful mainly for gracefully preventing a private but internet-connected HS from trying to federate to the wider public Matrix network | 
| | 
| 
| 
| 
| | Fix flakiness in the UTs caused by the user_directory being updated in the
background | 
| | |  | 
| | 
| 
| 
| | what could possibly go wrong | 
| | 
| 
| 
| 
| | - allows sysadmins the ability to lock down their servers so that people can't
send their users room invites. | 
| | 
| 
| 
| 
| | Instead of every time a new email pusher is created, as loading jinja2
templates is slow. | 
| | |  | 
| | |  | 
| | |  | 
| | |  | 
| |\  
| | 
| | | Allow clients to supply access_tokens as headers | 
| | | |  | 
| |\ \  
| | | 
| | | | Clarify Error codes for GET /filter/ | 
| | | | |  | 
| |/ /  
| |   
| |   
| |   
| |   
| | | Allows delegating the password auth to an external module. This also
moves the LDAP auth to using this system, allowing it to be removed from
the synapse tree entirely in the future. | 
| |/ |  | 
| | 
| 
| 
| 
| | Wrap the `Requester` constructor with a function which provides sensible
defaults, and use it throughout | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | Use the pure-python ldap3 library, which eliminates the need for a
system dependency.
Offer both a `search` and `simple_bind` mode, for more sophisticated
ldap scenarios.
- `search` tries to find a matching DN within the `user_base` while
  employing the `user_filter`, then tries the bind when a single
  matching DN was found.
- `simple_bind` tries the bind against a specific DN by combining the
  localpart and `user_base`
Offer support for STARTTLS on a plain connection.
The configuration was changed to reflect these new possibilities.
Signed-off-by: Martin Weinelt <hexa@darmstadt.ccc.de> | 
| | |  | 
| | |  | 
| | 
| 
| 
| | Otherwise it tries to start the remote public room list updating looping call which breaks. | 
| | |  | 
| | 
| 
| 
| 
| 
| | - Add unittests for client, api and handler
Signed-off-by: Negar Fazeli <negar.fazeli@ericsson.com> | 
| | |  | 
| | 
| 
| 
| | Signed-off-by: Patrik Oldsberg <patrik.oldsberg@ericsson.com> | 
| | 
| 
| 
| | This will enable more detailed decisions | 
| |\  
| | 
| | | Mark AS users with their AS's ID | 
| | | |  | 
| | | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | | synapse
This is necessary for replicating the data in synapse to be visible to a
separate service because presence and typing notifications aren't stored
in a database so won't be visible to another process.
This API can be used to either get the raw data by requesting the tables
themselves or to just receive notifications for updates by following the
streams meta-stream.
Returns updates for each table requested a JSON array of arrays with a
row for each row in the table.
Each table is prefixed by a header row with the: name of the table,
current stream_id position for the table, number of rows, number of
columns and the names of the columns.
This is followed by the rows that have been added to the server since
the requester last asked.
The API has a timeout and is hooked up to the notifier so that a slave
can long poll for updates. | 
| | | |  | 
| |/ |  | 
| | |  | 
| | |  | 
| | |  | 
| | |  | 
| | |  | 
| | |  | 
| | |  | 
| | |  | 
| | |  | 
| | |  | 
| | 
| 
| 
| | This reduces our ~8 second sequential test time down to ~7 seconds | 
| | |  | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| | Removes device_id and ClientInfo
device_id is never actually written, and the matrix.org DB has no
non-null entries for it. Right now, it's just cluttering up code.
This doesn't remove the columns from the database, because that's
fiddly. | 
| | 
| 
| 
| | We're about to have two kinds of token, access and refresh | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | This just replaces random bytes with macaroons. The macaroons are not
inspected by the client or server.
In particular, they claim to have an expiry time, but nothing verifies
that they have not expired.
Follow-up commits will actually enforce the expiration, and allow for
token refresh.
See https://bit.ly/matrix-auth for more information | 
| | |  | 
| | |  | 
| | |  | 
| | |  | 
| | |  | 
| | |  | 
| | |  | 
| | 
| 
| 
| | setup_test_homeserver function in utils. | 
| | 
| 
| 
| | of SYN-230 | 
| | |  | 
| | |  | 
| | |  | 
| | |  | 
| | |  | 
| | |  | 
| | |  | 
| |\  
| | 
| | 
| | 
| | 
| | | Conflicts:
	synapse/storage/__init__.py
	tests/rest/test_presence.py | 
| | | |  | 
| | | |  | 
| | | |  | 
| |/ |  | 
| | |  | 
| | 
| 
| 
| | hasn't been incorporated in time for launch. | 
| | |  | 
| | |  | 
| | 
| 
| 
| | membership event objects, as per interface contract | 
| | 
| 
| 
| | correct user. Fix presence tests. | 
| | |  | 
| | |  | 
| | |  | 
| |\  
| | 
| | 
| | 
| | 
| | 
| | | Conflicts:
	synapse/api/auth.py
	synapse/handlers/room.py
	synapse/storage/__init__.py | 
| | | |  | 
| |/ |  | 
| |\  
| | 
| | 
| | 
| | 
| | 
| | | Conflicts:
	tests/rest/test_presence.py
	tests/rest/test_rooms.py
	tests/utils.py | 
| | | 
| | 
| | 
| | | on method calls to be made later | 
| | | 
| | 
| | 
| | | resource rather than an entire server | 
| | | |  | 
| |/ |  | 
| | |  | 
| | |  | 
| | 
| 
| 
| | copyrighter.pl whilst we're at it | 
|  |  |