be309d99cf
Convert search code to async/await. ( #7460 )
2020-05-11 15:12:39 -04:00
5cf758cdd6
Merge branch 'release-v1.13.0' into develop
...
* release-v1.13.0:
Don't UPGRADE database rows
RST indenting
Put rollback instructions in upgrade notes
Fix changelog typo
Oh yeah, RST
Absolute URL it is then
Fix upgrade notes link
Provide summary of upgrade issues in changelog. Fix )
Move next version notes from changelog to upgrade notes
Changelog fixes
1.13.0rc1
Documentation on setting up redis (#7446 )
Rework UI Auth session validation for registration (#7455 )
Fix errors from malformed log line (#7454 )
Drop support for redis.dbid (#7450 )
2020-05-11 16:46:33 +01:00
0ad6d28b0d
Rework UI Auth session validation for registration ( #7455 )
...
Be less strict about validation of UI authentication sessions during
registration to match client expecations.
2020-05-08 16:08:58 -04:00
616af44137
Implement OpenID Connect-based login ( #7256 )
2020-05-08 08:30:40 -04:00
5bb26b7c4f
Merge branch 'release-v1.13.0' into develop
2020-05-07 17:31:19 +02:00
22246919e3
Add more type hints to SAML handler. ( #7445 )
2020-05-07 09:30:45 -04:00
d9b8d27494
Add a configuration setting for the dummy event threshold ( #7422 )
...
Add dummy_events_threshold which allows configuring the number of forward extremities a room needs for Synapse to send forward extremities in it.
2020-05-07 10:35:23 +01:00
62ee862119
Merge branch 'release-v1.13.0' into develop
2020-05-06 15:56:03 +01:00
13dd458b8d
Merge branch 'release-v1.13.0' into erikj/faster_device_lists_fetch
2020-05-05 18:14:00 +01:00
f9073893af
Speed up fetching device lists changes in sync.
...
Currently we copy `users_who_share_room` needlessly about three times,
which is expensive when the set is large (which it can easily be).
2020-05-05 17:40:29 +01:00
eab59d758d
Convert the room handler to async/await. ( #7396 )
2020-05-04 07:43:52 -04:00
6b22921b19
async/await is_server_admin ( #7363 )
2020-05-01 15:15:36 +01:00
627b0f5f27
Persist user interactive authentication sessions ( #7302 )
...
By persisting the user interactive authentication sessions to the database, this fixes
situations where a user hits different works throughout their auth session and also
allows sessions to persist through restarts of Synapse.
2020-04-30 13:47:49 -04:00
9d8ecc9e6c
Apply federation check for /publicRooms with filter list ( #7367 )
2020-04-30 11:38:07 +01:00
33bceb7f70
Convert some of the federation handler methods to async/await. ( #7338 )
2020-04-24 14:36:38 -04:00
71a1abb8a1
Stop the master relaying USER_SYNC for other workers ( #7318 )
...
Long story short: if we're handling presence on the current worker, we shouldn't be sending USER_SYNC commands over replication.
In an attempt to figure out what is going on here, I ended up refactoring some bits of the presencehandler code, so the first 4 commits here are non-functional refactors to move this code slightly closer to sanity. (There's still plenty to do here :/). Suggest reviewing individual commits.
Fixes (I hope) #7257 .
2020-04-22 22:39:04 +01:00
2aa5bf13c8
Merge branch 'release-v1.12.4' into develop
2020-04-22 13:09:23 +01:00
f89ad3b6df
Query missing cross-signing keys on local sig upload ( #7289 )
2020-04-22 12:29:36 +01:00
ff5604e7f1
import urllib.parse when using urllib.parse.quote ( #7319 )
2020-04-22 12:18:51 +01:00
461f01ad43
Merge branch 'release-v1.12.4' into develop
2020-04-20 17:55:39 +01:00
d41c8f6d4d
Revert "Query missing cross-signing keys on local sig upload"
...
This was incorrectly merged to the release branch before it was ready.
This reverts commit 72fe2affb6
2020-04-20 17:54:35 +01:00
a46ff43319
Merge branch 'release-v1.12.4' into develop
2020-04-20 17:42:27 +01:00
40f79f58bf
Always send the user updates to their own device list ( #7160 )
2020-04-20 17:20:38 +01:00
f5ea8b48bd
Reject unknown UI auth sessions (instead of silently generating a new one) ( #7268 )
2020-04-20 08:54:42 -04:00
054c231e58
Use a template for the SSO success page to allow for customization. ( #7279 )
2020-04-17 13:34:55 -04:00
72fe2affb6
Query missing cross-signing keys on local sig upload
...
Add changelog
Save retrieved keys to the db
lint
Fix and de-brittle remote result dict processing
Use query_user_devices instead, assume only master, self_signing key types
Make changelog more useful
Remove very specific exception handling
Wrap get_verify_key_from_cross_signing_key in a try/except
Note that _get_e2e_cross_signing_verify_key can raise a SynapseError
lint
Add comment explaining why this is useful
Only fetch master and self_signing key types
Fix log statements, docstrings
Remove extraneous items from remote query try/except
lint
Factor key retrieval out into a separate function
Send device updates, modeled after SigningKeyEduUpdater._handle_signing_key_updates
Update method docstring
2020-04-17 15:47:49 +01:00
eed7c5b89e
Convert auth handler to async/await ( #7261 )
2020-04-15 12:40:18 -04:00
ac6a84818f
Only register devices edu handler on the master process ( #7255 )
2020-04-14 11:36:24 +01:00
fef82f4e22
Only register devices edu handler on the master process ( #7255 )
2020-04-14 10:09:58 +01:00
f41b742161
Check on room creation if the user is allowed to publish the room to the room directory. ( #7260 )
2020-04-13 07:42:32 -04:00
118b58f0c9
typos
2020-04-11 20:55:18 +01:00
ac978ab3da
Default PL100 to enable encryption in a room ( #7230 )
2020-04-09 18:45:38 +01:00
b85d7652ff
Do not allow a deactivated user to login via SSO. ( #7240 )
2020-04-09 13:28:13 -04:00
b21000a44f
Improve error responses when a remote server doesn't allow you to access its public rooms list ( #6899 )
2020-04-06 12:35:30 +01:00
694d8bed0e
Support CAS in UI Auth flows. ( #7186 )
2020-04-03 15:35:05 -04:00
b9930d24a0
Support SAML in the user interactive authentication workflow. ( #7102 )
2020-04-01 08:48:00 -04:00
468dcc767b
Allow admins to create aliases when they are not in the room ( #7191 )
2020-04-01 08:27:05 -04:00
7966a1cde9
Rewrite prune_old_outbound_device_pokes for efficiency ( #7159 )
...
make sure we clear out all but one update for the user
2020-03-30 19:06:52 +01:00
7042840b32
Transfer alias mappings when joining an upgraded room ( #6946 )
2020-03-30 17:53:25 +01:00
07569f25d1
Merge pull request #7160 from matrix-org/dbkr/always_send_own_device_list_updates
...
Always send the user updates to their own device list
2020-03-30 14:34:28 +01:00
104844c1e1
Add explanatory comment
2020-03-30 14:00:11 +01:00
7406477525
black
2020-03-30 10:18:33 +01:00
9fc588e6dc
Just add own user ID to the list we track device changes for
2020-03-30 10:11:26 +01:00
8327eb9280
Add options to prevent users from changing their profile. ( #7096 )
2020-03-27 19:15:23 +00:00
16ee97988a
Fix undefined variable & remove debug logging
2020-03-27 12:39:54 +00:00
a07e03ce90
black
2020-03-27 12:35:32 +00:00
09cc058a4c
Always send the user updates to their own device list
...
This will allow clients to notify users about new devices even if
the user isn't in any rooms (yet).
2020-03-27 12:26:47 +00:00
7496d3d2f6
Merge pull request #7151 from matrix-org/jaywink/saml-redirect-fix
...
Allow RedirectResponse in SAML response handler
2020-03-26 22:10:31 +02:00
fa4f12102d
Refactor the CAS code (move the logic out of the REST layer to a handler) ( #7136 )
2020-03-26 15:05:26 -04:00
060e7dce09
Allow RedirectResponse in SAML response handler
...
Allow custom SAML handlers to redirect after processing an auth response.
Fixes #7149
Signed-off-by: Jason Robinson <jasonr@matrix.org>
2020-03-26 19:02:35 +02:00
e8e2ddb60a
Allow server admins to define and enforce a password policy (MSC2000). ( #7118 )
2020-03-26 16:51:13 +00:00
1c1242acba
Validate that the session is not modified during UI-Auth ( #7068 )
2020-03-26 07:39:34 -04:00
39230d2171
Clean up some LoggingContext stuff ( #7120 )
...
* Pull Sentinel out of LoggingContext
... and drop a few unnecessary references to it
* Factor out LoggingContext.current_context
move `current_context` and `set_context` out to top-level functions.
Mostly this means that I can more easily trace what's actually referring to
LoggingContext, but I think it's generally neater.
* move copy-to-parent into `stop`
this really just makes `start` and `stop` more symetric. It also means that it
behaves correctly if you manually `set_log_context` rather than using the
context manager.
* Replace `LoggingContext.alive` with `finished`
Turn `alive` into `finished` and make it a bit better defined.
2020-03-24 14:45:33 +00:00
190ab593b7
Use the proper error code when a canonical alias that does not exist is used. ( #7109 )
2020-03-23 15:21:54 -04:00
fdb1344716
Remove concept of a non-limited stream. ( #7011 )
2020-03-20 14:40:47 +00:00
88b41986db
Add an option to the set password API to choose whether to logout other devices. ( #7085 )
2020-03-18 07:50:00 -04:00
60724c46b7
Remove special casing of `m.room.aliases` events ( #7034 )
2020-03-17 07:37:04 -04:00
6a35046363
Revert "Add options to disable setting profile info for prevent changes. ( #7053 )"
...
This reverts commit 54dd28621b6640460d05
2020-03-17 11:25:01 +00:00
beb19cf61a
Fix buggy condition in account validity handler ( #7074 )
2020-03-16 12:16:30 +00:00
77d0a4507b
Add type annotations and comments to auth handler ( #7063 )
2020-03-12 11:36:27 -04:00
69ce55c510
Don't filter out dummy events when we're checking the visibility of state
2020-03-11 17:52:54 +00:00
54dd28621b
Add options to disable setting profile info for prevent changes. ( #7053 )
2020-03-10 22:23:01 +00:00
6b0efe73e2
SAML2: render a comprehensible error page if something goes wrong
...
If an error happened while processing a SAML AuthN response, or a client
ends up doing a `GET` request to `/authn_response`, then render a
customisable error page rather than a confusing error.
2020-03-10 13:59:22 +00:00
39f6595b4a
lint, fix tests
2020-03-09 22:13:20 +01:00
885134529f
updates after review
2020-03-09 22:09:29 +01:00
ce460dc31c
lint
2020-03-08 15:22:43 +01:00
fb078f921b
changelog
2020-03-08 15:19:07 +01:00
1f5f3ae8b1
Add options to disable setting profile info for prevent changes.
2020-03-08 14:49:33 +01:00
54b78a0e3b
Lint
2020-03-06 15:11:13 +00:00
297aaf4816
Mention the session ID in the error message
2020-03-06 15:07:41 +00:00
45df9d35a9
Lint
2020-03-06 11:10:52 +00:00
80e580ae92
Make sure that is_verified is a boolean when processing room keys
2020-03-06 11:05:00 +00:00
13892776ef
Allow deleting an alias if the user has sufficient power level ( #6986 )
2020-03-04 11:30:46 -05:00
43f874055d
Merge branch 'master' into develop
2020-03-03 15:20:49 +00:00
7dcbc33a1b
Validate the alt_aliases property of canonical alias events ( #6971 )
2020-03-03 07:12:45 -05:00
a0178df104
Fix wrong handler being used in SAML handler
2020-03-03 11:29:07 +00:00
65c73cdfec
Factor out complete_sso_login and expose it to the Module API
2020-03-03 10:54:44 +00:00
3e99528f2b
Store room version on invite ( #6983 )
...
When we get an invite over federation, store the room version in the rooms table.
The general idea here is that, when we pull the invite out again, we'll want to know what room_version it belongs to (so that we can later redact it if need be). So we need to store it somewhere...
2020-02-26 16:58:33 +00:00
1f773eec91
Port PresenceHandler to async/await ( #6991 )
2020-02-26 15:33:26 +00:00
691659568f
Remove redundant store_room call ( #6979 )
...
`_process_received_pdu` is only called by `on_receive_pdu`, which ignores any
events for unknown rooms, so this is redundant.
2020-02-24 17:20:44 +00:00
a301934f46
Upsert room version when we join over federation ( #6968 )
...
This is intended as a precursor to storing room versions when we receive an
invite over federation, but has the happy side-effect of fixing #3374 at last.
In short: change the store_room with try/except to a proper upsert which
updates the right columns.
2020-02-24 15:46:41 +00:00
7b0e2d961c
Change displayname of user as admin in rooms ( #6876 )
2020-02-21 17:44:03 +00:00
fcf4599488
Stop returning aliases as part of the room list. ( #6970 )
2020-02-21 12:40:23 -05:00
509e381afa
Clarify list/set/dict/tuple comprehensions and enforce via flake8 ( #6957 )
...
Ensure good comprehension hygiene using flake8-comprehensions.
2020-02-21 07:15:07 -05:00
4f7e4fc2fb
Merge branch 'master' into develop
2020-02-21 09:37:03 +00:00
8f6d9c4cf0
Small grammar fixes to the ACME v1 deprecation notice ( #6944 )
...
Some small fixes to the copy in #6907 .
2020-02-21 08:53:01 +00:00
99eed85a77
Do not send alias events when creating / upgrading a room ( #6941 )
...
Stop emitting room alias update events during room creation/upgrade.
2020-02-20 16:24:04 -05:00
2fb7794e60
Merge pull request #6949 from matrix-org/rav/list_room_aliases_peekable
...
Make room alias lists peekable
2020-02-19 11:19:11 +00:00
5e4a438556
Merge pull request #6945 from matrix-org/babolivier/fix-retention-debug-log
...
Fix log in message retention purge jobs
2020-02-19 10:12:55 +00:00
709e81f518
Make room alias lists peekable
...
As per
https://github.com/matrix-org/matrix-doc/pull/2432#pullrequestreview-360566830 ,
make room alias lists accessible to users outside world_readable rooms.
2020-02-19 08:53:32 +00:00
a0a1fd0bec
Add `allow_departed_users` param to `check_in_room_or_world_readable`
...
... and set it everywhere it's called.
while we're here, rename it for consistency with `check_user_in_room` (and to
help check that I haven't missed any instances)
2020-02-19 08:52:51 +00:00
b58d17e44f
Refactor the membership check methods in Auth
...
these were getting a bit unwieldy, so let's combine `check_joined_room` and
`check_user_was_in_room` into a single `check_user_in_room`.
2020-02-18 23:21:44 +00:00
f31a94a6dd
Fix log in message retention purge jobs
2020-02-18 17:29:57 +00:00
adfaea8c69
Implement GET /_matrix/client/r0/rooms/{roomId}/aliases ( #6939 )
...
per matrix-org/matrix-doc#2432
2020-02-18 16:23:25 +00:00
d484126bf7
Merge pull request #6907 from matrix-org/babolivier/acme-config
...
Add mention and warning about ACME v1 deprecation to the TLS config
2020-02-18 16:11:31 +00:00
9801a042f3
Make the log more noticeable
2020-02-18 15:15:43 +00:00
bfbe2f5b08
Print the error as an error log and raise the same exception we got
2020-02-18 15:10:41 +00:00
fe3941f6e3
Stop sending events when creating or deleting aliases ( #6904 )
...
Stop sending events when creating or deleting associations (room aliases). Send an updated canonical alias event if one of the alt_aliases is deleted.
2020-02-18 07:29:44 -05:00
3404ad289b
Raise the default power levels for invites, tombstones and server acls ( #6834 )
2020-02-17 13:23:37 +00:00
49f877d32e
Filter the results of user directory searching via the spam checker ( #6888 )
...
Add a method to the spam checker to filter the user directory results.
2020-02-14 07:17:54 -05:00
Patrick Cloke