07229bbdae
Add appservice worker
2016-08-18 14:59:55 +01:00
434bbf2cb5
Filter 3PU lookups by only ASes that declare knowledge of that protocol
2016-08-18 14:56:02 +01:00
8d9a884cee
Update password config comment
...
Signed-off-by: Kent Shikama <kent@kentshikama.com>
2016-07-06 12:18:19 +09:00
252ee2d979
Remove default password pepper string
2016-07-05 19:15:51 +09:00
14362bf359
Fix password config
2016-07-05 19:12:53 +09:00
1ee2584307
Fix pep8
2016-07-05 19:01:00 +09:00
507b8bb091
Add comment to prompt changing of pepper
2016-07-05 18:42:35 +09:00
8bdaf5f7af
Add pepper to password hashing
...
Signed-off-by: Kent Shikama <kent@kentshikama.com>
2016-07-05 02:13:52 +09:00
63bb8f0df9
remove vector.im from default secondary DS list
2016-06-27 13:13:33 +04:00
05f1a4596a
Merge branch 'master' into develop
2016-06-23 11:17:48 +01:00
0a32208e5d
Rework ldap integration with ldap3
...
Use the pure-python ldap3 library, which eliminates the need for a
system dependency.
Offer both a `search` and `simple_bind` mode, for more sophisticated
ldap scenarios.
- `search` tries to find a matching DN within the `user_base` while
employing the `user_filter`, then tries the bind when a single
matching DN was found.
- `simple_bind` tries the bind against a specific DN by combining the
localpart and `user_base`
Offer support for STARTTLS on a plain connection.
The configuration was changed to reflect these new possibilities.
Signed-off-by: Martin Weinelt <hexa@darmstadt.ccc.de>
2016-06-22 17:51:59 +02:00
13e334506c
Remove the legacy v0 content upload API.
...
The existing content can still be downloaded. The last upload to the
matrix.org server was in January 2015, so it is probably safe to remove
the upload API.
2016-06-21 11:47:39 +01:00
bc72d381b2
Merge branch 'release-v0.16.1' of github.com:matrix-org/synapse
2016-06-20 14:18:04 +01:00
3e41de05cc
Turn use_frozen_events off by default
2016-06-17 15:11:22 +01:00
a352b68acf
Use worker_ prefixes for worker config, use existing support for multiple config files
2016-06-16 17:29:50 +01:00
364d616792
Access the event_cache_size directly from the server object.
...
This means that the workers can override the event_cache_size
directly without clobbering the value in the main synapse config.
2016-06-16 12:53:15 +01:00
bde13833cb
Access replication_url from the worker config directly
2016-06-16 12:44:40 +01:00
80a1bc7db5
Comment on what's going on in clobber_with_worker_config
2016-06-16 11:29:45 +01:00
dbb5a39b64
Add worker config module
2016-06-16 11:09:15 +01:00
885ee861f7
Inline the synchrotron and pusher configs into the main config
2016-06-16 11:06:12 +01:00
33546b58aa
point to the CAPTCHA docs
2016-06-12 23:11:29 +01:00
7dbb473339
Add function to load config without generating it
...
Renames ``load_config`` to ``load_or_generate_config``
Adds a method called ``load_config`` that just loads the
config.
The main synapse.app.homeserver will continue to use
``load_or_generate_config`` to retain backwards compat.
However new worker processes can use ``load_config`` to
load the config avoiding some of the cruft needed to generate
the config.
As the new ``load_config`` method is expected to be used by new
configs it removes support for the legacy commandline overrides
that ``load_or_generate_config`` supports
2016-06-09 18:50:38 +01:00
dded389ac1
Allow setting of gc.set_thresholds
2016-06-07 15:45:56 +01:00
79d1f072f4
brand the email from header
2016-06-02 21:34:40 +01:00
6ca4d3ae9a
Add vector.im to default secondary_directory_servers and add comment explaining it's not a permanent solution
2016-05-31 17:24:50 +01:00
e1625d62a8
Add federation room list servlet
2016-05-31 11:55:57 +01:00
6a30a0bfd3
Move the functions for parsing app service config
2016-05-17 11:28:58 +01:00
eb79110beb
Clean up the blacklist/whitelist handling.
...
Always set the config key with an empty list, even if a list isn't specified.
This means that the codepaths are the same for both the empty list and
for a missing key. Since the behaviour is the same for both cases this
makes the code somewhat easier to reason about.
2016-05-16 13:03:59 +01:00
dd95eb4cb5
Merge branch 'develop' into matthew/preview_url_ip_whitelist
2016-05-16 12:59:41 +01:00
40aa6e8349
Create user with expiry
...
- Add unittests for client, api and handler
Signed-off-by: Negar Fazeli <negar.fazeli@ericsson.com>
2016-05-13 15:34:15 +02:00
c00b484eff
More consistent config naming
2016-05-10 14:39:16 +02:00
94040b0798
Add config option to not send email notifs for new users
2016-05-10 14:34:53 +02:00
81c2176cba
fix layout; handle app naming in synapse, not jinja
2016-05-05 15:54:29 +01:00
17cbf773b9
fix assorted typos in default config
2016-05-04 11:38:01 +01:00
792def4928
add a url_preview_ip_range_whitelist config param so we can whitelist the matrix.org IP space
2016-05-01 12:44:24 +01:00
83618d719a
Try imports in config
2016-04-29 19:13:52 +01:00
765f2b8446
Default enable email notifs to False
2016-04-29 14:46:18 +01:00
4b0c3a3270
Correct public_baseurl default
2016-04-29 14:30:15 +01:00
5048455965
Nicer get() shorthand
2016-04-29 14:27:40 +01:00
6c8957be7f
Remove redundant docstring
2016-04-29 14:25:28 +01:00
18ce88bd2d
Correct default template and add text template
2016-04-29 14:24:25 +01:00
40d40e470d
Send mail notifs with a plaintext part too
2016-04-29 13:56:21 +01:00
acded821c4
Merge remote-tracking branch 'origin/develop' into dbkr/email_notifs
2016-04-29 10:05:20 +01:00
60f86fc876
pep8
2016-04-28 15:16:30 +01:00
fa12209c1b
Hopefully all remaining bits for email notifs
...
Add public facing base url to the server so synapse knows what URL to use when converting mxc to http urls for use in emails
2016-04-27 15:09:55 +01:00
52ecbc2843
Make pyjwt dependency optional
2016-04-25 14:30:15 +01:00
2022ae0fb9
Merge pull request #746 from matrix-org/markjh/split_out_pusher
...
Optionally split out the pushers into a separate process
2016-04-22 11:34:08 +01:00
b9675ef6e6
Merge pull request #687 from nikriek/jwt-fix
...
Fix issues with JWT login
2016-04-21 17:42:25 +01:00
a3ac837599
Optionally split out the pushers into a separate process
2016-04-21 17:22:37 +01:00
565c2edb0a
Fix issues with JWT login
2016-04-21 18:10:48 +02:00
2ed0adb075
Generate mails from a template
2016-04-20 18:35:29 +01:00
f63bd4ff47
Send a rather basic email notif
...
Also pep8 fixes
2016-04-20 13:02:01 +01:00
f338bf9257
Give install requirements
2016-04-13 14:33:48 +01:00
bfe586843f
Add back in helpful description for missing url_preview_ip_range_blacklist
2016-04-13 13:52:57 +01:00
d0633e6dbe
Sanitize the optional dependencies for spider API
2016-04-13 13:38:09 +01:00
4bd3d25218
Merge pull request #688 from matrix-org/matthew/preview_urls
...
URL previewing support
2016-04-11 10:40:29 +01:00
af582b66bb
fix typo
2016-04-08 19:08:47 +01:00
dafef5a688
Add url_preview_enabled config option to turn on/off preview_url endpoint. defaults to off.
...
Add url_preview_ip_range_blacklist to let admins specify internal IP ranges that must not be spidered.
Add url_preview_url_blacklist to let admins specify URL patterns that must not be spidered.
Implement a custom SpiderEndpoint and associated support classes to implement url_preview_ip_range_blacklist
Add commentary and generally address PR feedback
2016-04-08 18:37:15 +01:00
92767dd703
add tls property
2016-04-06 18:23:45 +02:00
3d95405e5f
Introduce LDAP authentication
2016-04-06 18:23:45 +02:00
9f7dc2bef7
Merge branch 'develop' into matthew/preview_urls
2016-04-04 00:38:21 +01:00
3f9948a069
Add JWT support
2016-03-29 14:36:36 +02:00
d9d48aad2d
Merge branch 'develop' into matthew/preview_urls
2016-03-27 22:54:42 +01:00
590fbbef03
Add config to create guest account on 3pid invite
...
Currently, when a 3pid invite request is sent to an identity server, it
includes a provisioned guest access token. This allows the link in the,
say, invite email to include the guest access token ensuring that the
same account is used each time the link is clicked.
This flow has a number of flaws, including when using different servers
or servers that have guest access disabled.
For now, we keep this implementation but hide it behind a config option
until a better flow is implemented.
2016-03-14 15:50:40 +00:00
239badea9b
Use syntax that works on both py2.7 and py3
2016-03-07 20:13:10 +00:00
5fc59f009c
config,handlers/_base: added homeserver config for what state is included in a room invite
...
Signed-off-by: Patrik Oldsberg <patrik.oldsberg@ericsson.com>
2016-03-04 10:43:17 +01:00
47c361d2f8
add 800x600 thumbnails to make vector look prettier (and anyone else who likes big thumbnails)
2016-03-02 15:57:54 +00:00
f078ecbc8f
Derive macaroon_secret_key from signing key.
...
Unfortunately, there are people that are running synapse without a
`macaroon_sercret_key` set. Mandating they set one is a good solution,
except that breaking auto upgrades is annoying.
2016-02-08 16:35:44 +00:00
6a9f1209df
Error if macaroon key is missing from config
...
Currently we store all access tokens in the DB, and fall back to that
check if we can't validate the macaroon, so our fallback works here, but
for guests, their macaroons don't get persisted, so we don't get to
find them in the database. Each restart, we generate a new ephemeral
key, so guests lose access after each server restart.
I tried to fix up the config stuff to be less insane, but gave up, so
instead I bolt on yet another piece of custom one-off insanity.
Also, add some basic tests for config generation and loading.
2016-02-05 01:58:23 +00:00
5054806ec1
Rename config field to reflect yaml name
2016-02-03 14:42:01 +00:00
0fcafbece8
Add config option for setting the trusted id servers, disabling checking the ID server in integration tests
2016-01-29 14:12:26 +00:00
7dd0c1730a
initial WIP of a tentative preview_url endpoint - incomplete, untested, experimental, etc. just putting it here for safekeeping for now
2016-01-24 18:47:27 -05:00
5727922106
Merge pull request #473 from matrix-org/erikj/ssh_manhole
...
Change manhole to use ssh
2016-01-07 14:36:16 +00:00
5dc5e29b9c
s/telnet/ssh/
2016-01-07 14:02:57 +00:00
6c28ac260c
copyrights
2016-01-07 04:26:29 +00:00
4106477e7f
Config Comment mixup in captcha public/private key
2016-01-06 23:19:33 +01:00
6863466653
Added a single line to explain what the server_name is used for
2015-12-02 00:37:55 +01:00
06f74068f4
Comment
2015-11-19 13:05:51 +00:00
037ce4c68f
Split out text for missing config options.
...
This allows packages to more easily override the default messages to
include package specific options.
2015-11-18 18:37:05 +00:00
f5e25c5f35
Merge branch 'develop' into sh-cas-auth-via-homeserver
2015-11-17 10:55:41 +00:00
6a9c4cfd0b
Fix race creating directories
2015-11-12 11:58:48 +00:00
414a4a71b4
Allow hs to do CAS login completely and issue the client with a login token that can be redeemed for the usual successful login response
2015-11-05 14:06:48 +00:00
45f1827fb7
Add service URL to CAS config
2015-11-04 23:32:30 +00:00
f522f50a08
Allow guests to register and call /events?room_id=
...
This follows the same flows-based flow as regular registration, but as
the only implemented flow has no requirements, it auto-succeeds. In the
future, other flows (e.g. captcha) may be required, so clients should
treat this like the regular registration flow choices.
2015-11-04 17:29:07 +00:00
259d10f0e4
Merge branch 'release-v0.10.1' of github.com:matrix-org/synapse into develop
2015-10-23 11:11:56 +01:00
5025ba959f
Add config option to disable password login
2015-10-22 10:37:04 +01:00
f2f031fd57
Add config for how many bcrypt rounds to use for password hashes
...
By default we leave it at the default value of 12. But now we can reduce
it for preparing users for loadtests or running integration tests.
2015-10-16 14:52:08 +01:00
9020860479
Only turn on the twisted deferred debugging if full_twisted_stacktraces is set in the config
2015-10-13 17:50:44 +01:00
ab7f9bb861
Default cas_required_attributes to empty dictionary
2015-10-12 14:58:59 +01:00
01a5f1991c
Support multiple required attributes in CAS response, and in a nicer config format too
2015-10-12 14:43:17 +01:00
76421c496d
Allow optional config params for a required attribute and it's value, if specified any CAS user must have the given attribute and the value must equal
2015-10-12 11:11:49 +01:00
c33f5c1a24
Provide ability to login using CAS
2015-10-10 10:49:42 +01:00
b28c7da0a4
Preserve version string in user agent
2015-10-05 20:49:39 -05:00
8fc52bc56a
Allow synapse's useragent to be customized
...
This will allow me to write tests which verify which server made HTTP
requests in a federation context.
2015-10-02 17:13:51 -05:00
6d7f291b93
Front-load spaces
2015-09-22 13:13:07 +01:00
7213588083
Implement configurable stats reporting
...
SYN-287
This requires that HS owners either opt in or out of stats reporting.
When --generate-config is passed, --report-stats must be specified
If an already-generated config is used, and doesn't have the
report_stats key, it is requested to be set.
2015-09-22 12:57:40 +01:00
2c8f16257a
Merge pull request #272 from matrix-org/daniel/insecureclient
...
Allow configuration to ignore invalid SSL certs
2015-09-15 16:52:38 +01:00
d4af08a167
Use shorter config key name
2015-09-15 15:50:13 +01:00
9cd5b9a802
Hacky attempt at catching SIGHUP and rotating the logfile around
2015-09-14 19:03:53 +01:00
2c746382e0
Merge branch 'daniel/insecureclient' into develop
2015-09-09 14:27:30 +01:00
Erik Johnston