From b498de323ca8fbffa4a59116f8b2a218dc9b6deb Mon Sep 17 00:00:00 2001 From: DMRobertson Date: Tue, 12 Jul 2022 18:19:38 +0000 Subject: deploy: fa71bb18b527d1a3e2629b48640ea67fff2f8c59 --- develop/print.html | 38 ++++++++++++++++++++++---------------- 1 file changed, 22 insertions(+), 16 deletions(-) (limited to 'develop/print.html') diff --git a/develop/print.html b/develop/print.html index 55f5db572e..dc3ab5ef8f 100644 --- a/develop/print.html +++ b/develop/print.html @@ -1642,6 +1642,16 @@ dpkg -i matrix-synapse-py3_1.3.0+stretch1_amd64.deb +

Upgrading to v1.64.0

+

Delegation of email validation no longer supported

+

As of this version, Synapse no longer allows the tasks of verifying email address +ownership, and password reset confirmation, to be delegated to an identity server.

+

To continue to allow users to add email addresses to their homeserver accounts, +and perform password resets, make sure that Synapse is configured with a +working email server in the email configuration section (including, at a +minimum, a notif_from setting.)

+

Specifying an email setting under account_threepid_delegates will now cause +an error at startup.

Upgrading to v1.62.0

New signatures for spam checker callbacks

As a followup to changes in v1.60.0, the following spam-checker callbacks have changed signature:

@@ -4925,24 +4935,20 @@ This setting is ignored unless public_baseurl is also explicitly se

account_threepid_delegates

-

Handle threepid (email/phone etc) registration and password resets through a set of -trusted identity servers. Note that this allows the configured identity server to -reset passwords for accounts!

-

Be aware that if email is not set, and SMTP options have not been -configured in the email config block, registration and user password resets via -email will be globally disabled.

-

Additionally, if msisdn is not set, registration and password resets via msisdn -will be disabled regardless, and users will not be able to associate an msisdn -identifier to their account. This is due to Synapse currently not supporting -any method of sending SMS messages on its own.

-

To enable using an identity server for operations regarding a particular third-party -identifier type, set the value to the URL of that identity server as shown in the -examples below.

-

Servers handling the these requests must answer the /requestToken endpoints defined -by the Matrix Identity Service API specification.

+

Delegate verification of phone numbers to an identity server.

+

When a user wishes to add a phone number to their account, we need to verify that they +actually own that phone number, which requires sending them a text message (SMS). +Currently Synapse does not support sending those texts itself and instead delegates the +task to an identity server. The base URI for the identity server to be used is +specified by the account_threepid_delegates.msisdn option.

+

If this is left unspecified, Synapse will not allow users to add phone numbers to +their account.

+

(Servers handling the these requests must answer the /requestToken endpoints defined +by the Matrix Identity Service API +specification.)

+

Updated in Synapse 1.64.0: No longer accepts an email option.

Example configuration:

account_threepid_delegates:
-    email: https://example.com     # Delegate email sending to example.com
     msisdn: http://localhost:8090  # Delegate SMS sending to this local process
-- cgit 1.5.1