111e70d75c
Return the proper 403 Forbidden error during errors with JWT logins. ( #7844 )
2020-07-15 07:10:21 -04:00
85223106f3
Allow email subjects to be customised through Synapse's configuration ( #7846 )
2020-07-14 19:10:42 +01:00
491f0dab1b
Add delete room admin endpoint ( #7613 )
...
The Delete Room admin API allows server admins to remove rooms from server
and block these rooms.
`DELETE /_synapse/admin/v1/rooms/<room_id>`
It is a combination and improvement of "[Shutdown room](https://github.com/matrix-org/synapse/blob/develop/docs/admin_api/shutdown_room.md )" and "[Purge room](https://github.com/matrix-org/synapse/blob/develop/docs/admin_api/purge_room.md )" API.
Fixes : #6425
It also fixes a bug in [synapse/storage/data_stores/main/room.py](synapse/storage/data_stores/main/room.py) in ` get_room_with_stats`.
It should return `None` if the room is unknown. But it returns an `IndexError`.
901b1fa561/synapse/storage/data_stores/main/room.py (L99-L105)#5575
- https://github.com/Awesome-Technologies/synapse-admin/issues/17
Signed-off-by: Dirk Klimpel dirk@klimpel.org
2020-07-14 12:36:23 +01:00
77d2c05410
Add the option to validate the `iss` and `aud` claims for JWT logins. ( #7827 )
2020-07-14 07:16:43 -04:00
f299441cc6
Add ability to shard the federation sender ( #7798 )
2020-07-10 18:26:36 +01:00
96bb01d8ec
Change Caddy links (old is deprecated) ( #7789 )
...
* Change Caddy links
Current links points to Caddy v1 which is deprecated.
Signed-off-by: Nicolai Søborg <git@xn--sb-lka.org>
2020-07-08 10:09:16 +01:00
2a266f4511
Add documentation for JWT login type and improve sample config. ( #7776 )
2020-07-06 08:31:51 -04:00
71cccf1593
Additional configuration options for auto-join rooms ( #7763 )
2020-06-30 15:41:36 -04:00
b44bdd7f7b
Support running multiple media repos. ( #7706 )
...
This requires a new config option to specify which media repo should be
responsible for running background jobs to e.g. clear out expired URL
preview caches.
2020-06-17 14:13:30 +01:00
e452973fd2
fix broken link in sample config ( #7712 )
2020-06-16 19:50:16 +01:00
5c5516f80e
Add instructions for authing with Keycloak via OpenID ( #7659 )
2020-06-16 11:28:21 -04:00
b9df7f70bb
Increase the default SAML session expirary time to 15 minutes. ( #7664 )
2020-06-11 07:55:45 -04:00
c746889bb0
fix typo in sample_config.yaml ( #7652 )
...
Just a simple typo fix.
Signed-off-by: wondratsch 28294257+wondratsch@users.noreply.github.com
2020-06-11 11:51:10 +01:00
fcd6961441
Add option to enable encryption by default for new rooms ( #7639 )
...
Fixes https://github.com/matrix-org/synapse/issues/2431
Adds config option `encryption_enabled_by_default_for_room_type`, which determines whether encryption should be enabled with the default encryption algorithm in private or public rooms upon creation. Whether the room is private or public is decided based upon the room creation preset that is used.
Part of this PR is also pulling out all of the individual instances of `m.megolm.v1.aes-sha2` into a constant variable to eliminate typos ala https://github.com/matrix-org/synapse/pull/7637
Based on #7637
2020-06-10 17:44:34 +01:00
09099313e6
Add an option to disable autojoin for guest accounts ( #6637 )
...
Fixes https://github.com/matrix-org/synapse/issues/3177
2020-06-05 18:18:15 +01:00
1bc00fd76d
Clarifications to the admin api documentation ( #7647 )
...
* Clarify how to authenticate
* path params are not the same thing as query params
* Fix documentation for `/_synapse/admin/v2/users/<user_id>`
2020-06-05 17:31:05 +01:00
2970ce8367
Add device management to admin API ( #7481 )
...
- Admin is able to
- change displaynames
- delete devices
- list devices
- get device informations
Fixes #7330
2020-06-05 13:07:22 +01:00
11de843626
Cleanups to the OpenID Connect integration ( #7628 )
...
docs, default configs, comments. Nothing very significant.
2020-06-03 21:13:17 +01:00
1bbc9e2df6
Clean up exception handling in SAML2ResponseResource ( #7614 )
...
* Expose `return_html_error`, and allow it to take a Jinja2 template instead of a raw string
* Clean up exception handling in SAML2ResponseResource
* use the existing code in `return_html_error` instead of re-implementing it
(giving it a jinja2 template rather than inventing a new form of template)
* do the exception-catching in the REST layer rather than in the handler
layer, to make sure we catch all exceptions.
2020-06-03 10:41:12 +01:00
c4a820b32a
allow emails to be passed through SAML ( #7385 )
...
Signed-off-by: Christopher Cooper <cooperc@ocf.berkeley.edu>
2020-05-27 17:40:08 +01:00
4be968d05d
Fix sample config docs error ( #7581 )
...
'client_auth_method' commented out value was erronously 'client_auth_basic',
when code and docstring says it should be 'client_secret_basic'.
Signed-off-by: Jason Robinson <jasonr@matrix.org>
2020-05-27 13:52:18 +01:00
d7d8a2e7ee
Fix up comments
2020-05-27 13:34:46 +01:00
4ba55559ac
Fix specifying cache factors via env vars with * in name. ( #7580 )
...
This mostly applise to `*stateGroupCache*` and co.
Broke in #6391 .
2020-05-27 13:17:01 +01:00
66a564c859
Fix some DETECTED VIOLATIONS in the config file ( #7550 )
...
consistency ftw
2020-05-22 10:11:50 +01:00
d74cdc1a42
Ensure worker config exists in systemd service ( #7528 )
2020-05-21 13:47:23 +01:00
4fa74c7606
Minor clarifications to the TURN docs ( #7533 )
2020-05-20 11:04:34 +01:00
ab3e19d814
Improve API doc readability ( #7527 )
2020-05-19 11:20:23 +01:00
24d9151a08
Formatting for reverse-proxy docs ( #7514 )
...
also a small clarification to nginx
2020-05-15 15:13:39 +01:00
572b444dab
Add Caddy 2 example ( #7463 )
...
The specific headers that are passed using this new configuration format
are Host and X-Forwarded-For, which should be all that's required.
Note that for production another matcher should be added in the first
section to properly handle the base_url lookup:
reverse_proxy /.well-known/matrix/* http://localhost:8008
Signed-off-by: Jeff Peeler <jpeeler@gmail.com>
2020-05-15 14:36:01 +01:00
ec0b72bc4e
Merge branch 'master' into develop
2020-05-14 18:12:00 +01:00
66d03639dc
Notes on using git ( #7496 )
...
* general updates to CONTRIBUTING.md
* notes on updating your PR
* Notes on squash-merging or otherwise
* document git branching model
2020-05-14 18:03:10 +01:00
51fb0fc2e5
Update documentation about SSO mapping providers ( #7458 )
2020-05-12 10:51:07 -04:00
7cb8b4bc67
Allow configuration of Synapse's cache without using synctl or environment variables ( #6391 )
2020-05-11 18:45:23 +01:00
5cf758cdd6
Merge branch 'release-v1.13.0' into develop
...
* release-v1.13.0:
Don't UPGRADE database rows
RST indenting
Put rollback instructions in upgrade notes
Fix changelog typo
Oh yeah, RST
Absolute URL it is then
Fix upgrade notes link
Provide summary of upgrade issues in changelog. Fix )
Move next version notes from changelog to upgrade notes
Changelog fixes
1.13.0rc1
Documentation on setting up redis (#7446 )
Rework UI Auth session validation for registration (#7455 )
Fix errors from malformed log line (#7454 )
Drop support for redis.dbid (#7450 )
2020-05-11 16:46:33 +01:00
85155654c5
Documentation on setting up redis ( #7446 )
2020-05-11 13:21:15 +01:00
67feea8044
Extend spam checker to allow for multiple modules ( #7435 )
2020-05-08 19:25:48 +01:00
616af44137
Implement OpenID Connect-based login ( #7256 )
2020-05-08 08:30:40 -04:00
a4a5ec4096
Add room details admin endpoint ( #7317 )
2020-05-07 15:33:07 -04:00
5bb26b7c4f
Merge branch 'release-v1.13.0' into develop
2020-05-07 17:31:19 +02:00
d7983b63a6
Support any process writing to cache invalidation stream. ( #7436 )
2020-05-07 13:51:08 +01:00
d9b8d27494
Add a configuration setting for the dummy event threshold ( #7422 )
...
Add dummy_events_threshold which allows configuring the number of forward extremities a room needs for Synapse to send forward extremities in it.
2020-05-07 10:35:23 +01:00
207b1737ee
Update reverse_proxy.md
...
a couple of cleanups
2020-05-05 11:29:29 +01:00
37f6823f5b
Add instance name to RDATA/POSITION commands ( #7364 )
...
This is primarily for allowing us to send those commands from workers, but for now simply allows us to ignore echoed RDATA/POSITION commands that we sent (we get echoes of sent commands when using redis). Currently we log a WARNING on the master process every time we receive an echoed RDATA.
2020-04-29 16:23:08 +01:00
c58ae367d8
Clean up admin api docs ( #7361 )
2020-04-28 20:06:03 +01:00
04dd7d182d
Return total number of users and profile attributes in admin users endpoint ( #6881 )
...
Signed-off-by: Manuel Stahl <manuel.stahl@awesome-technologies.de>
2020-04-28 18:19:36 +01:00
036fab5d8a
Document monitoring workers ( #7357 )
...
It doesn't seem to be documented anywhere and means that you suddenly start losing metrics without any obvious reason when you go from monolith to workers (e.g. #7312 ).
2020-04-27 21:36:47 +02:00
aa2492907f
Add some explanation to application_services.md ( #7091 )
...
Signed-off-by: Simon Körner <git@lubiland.de>
2020-04-27 15:03:09 +01:00
7bfe0902ce
Add documentation to the sample config about the templates for SSO. ( #7343 )
2020-04-24 15:03:49 -04:00
204664d1ad
Synapse v1.12.4
...
Features:
* Always send users their own device updates. (#7160 )
* Add support for handling GET requests for account_data on a worker. (#7311 )
Bugfixes:
* Fix a bug that prevented cross-signing with users on worker-mode synapses. (#7255 )
* Do not treat display names as globs in push rules. (#7271 )
* Fix a bug with cross-signing devices belonging to remote users who did not share a
room with any user on the local homeserver. (#7289 )
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEF3tZXk38tRDFVnUIM/xY9qcRMEgFAl6hs9EACgkQM/xY9qcR
MEjq2w/9EC6m4Bx/2bDlohUy3GKfe9BUpZnMDGSgQR1v+J+OIA4yZ1s16hmY95fr
rGjNaZlcUbLUFj9GfaLOOZjvuXQ0KslO2ojP1lcSaKCfx9WK1CH0DtCNVB0lAYQv
sfu2C2I91XetkiMHo5GqYBP1d6IK3OTI7YRz72sHOQTVPFcSB1/wCUPuan7P90HE
gBdfxtl7Xl1TU0tfvJoeRLVarktVnE4LiXREfm1eGpRECPclewu7sbx5p1ESN5mg
/RBIh0FP4rOL4cP4Qt5qiCo68woJmBc4CwiV6pvcOyUMtMGqmwO9K/wJxqY+pxnh
JKBNqv90BCSxD55Nywslx9yA52kshuRdcdqHuOVYOHo4Dcwu+ecyySpmzuZ2EJPc
hDEkf3dnpfaVoMn3uesbwGNvHEr69QXxR8yE1XZvlAdKzvy4Po/0qRAZuD+NG9qf
YjN94bDbkASlFQgPn3wF7R+4RA/HdOf/1Ns6YKt2dFRikHb18WCBPWxHcSwscrgE
W8xma8rVTlqfRBuAcZ6y4K3KSHFX6dxLUNxqUngyAhjTInSPuqt2EzlAdqRpnJBS
t+hhj+zOh2ixxbz4ZrGdMx0jPF2XARr38x3F/LIjhHLcgOlHdCl4WWkxi9BSXOTd
cscvQ8GJBH9c0ANy7PGBntXlohQiW3eVVqblWRbV95TpHVoimME=
=Hc/7
-----END PGP SIGNATURE-----
Merge tag 'v1.12.4'
Synapse v1.12.4
Features:
* Always send users their own device updates. (#7160 )
* Add support for handling GET requests for account_data on a worker. (#7311 )
Bugfixes:
* Fix a bug that prevented cross-signing with users on worker-mode synapses. (#7255 )
* Do not treat display names as globs in push rules. (#7271 )
* Fix a bug with cross-signing devices belonging to remote users who did not share a
room with any user on the local homeserver. (#7289 )
2020-04-23 12:03:33 -04:00
2e3b9a0fcb
Revert "Revert "Merge pull request #7315 from matrix-org/babolivier/request_token""
...
This reverts commit 1adf6a5587
2020-04-23 11:23:53 +02:00
fb825759e3
Merge branch 'master' into develop
2020-04-23 11:23:33 +02:00
1adf6a5587
Revert "Merge pull request #7315 from matrix-org/babolivier/request_token"
...
This reverts commit 6f4319368b0d775fcc2d
2020-04-23 11:23:10 +02:00
6f4319368b
Merge pull request #7315 from matrix-org/babolivier/request_token
...
Config option to inhibit 3PID errors on /requestToken
2020-04-23 10:38:57 +02:00
71a1abb8a1
Stop the master relaying USER_SYNC for other workers ( #7318 )
...
Long story short: if we're handling presence on the current worker, we shouldn't be sending USER_SYNC commands over replication.
In an attempt to figure out what is going on here, I ended up refactoring some bits of the presencehandler code, so the first 4 commits here are non-functional refactors to move this code slightly closer to sanity. (There's still plenty to do here :/). Suggest reviewing individual commits.
Fixes (I hope) #7257 .
2020-04-22 22:39:04 +01:00
69ad7cc13b
Config option to inhibit 3PID errors on /requestToken
...
Adds a request_token_inhibit_errors configuration flag (disabled by
default) which, if enabled, change the behaviour of all /requestToken
endpoints so that they return a 200 and a fake sid if the 3PID was/was
not found associated with an account (depending on the endpoint),
instead of an error.
Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
2020-04-22 23:38:42 +02:00
6b6685db9f
Extend room admin api with additional attributes ( #7225 )
2020-04-22 13:38:41 +01:00
2aa5bf13c8
Merge branch 'release-v1.12.4' into develop
2020-04-22 13:09:23 +01:00
974c0d726a
Support GET account_data requests on a worker ( #7311 )
2020-04-21 10:46:30 +01:00
13917232d5
Fix indention in generated config file ( #7300 )
...
Also adjust sample_config.yaml
Signed-off-by: Lars Franke <frcl@mailbox.org>
2020-04-20 16:51:27 +01:00
0d775fcc2d
Improve example TURN configuration in documentation ( #7284 )
2020-04-17 08:04:23 -04:00
c07fca9e2f
Clarify the comments for media_storage_providers options ( #7272 )
2020-04-17 07:09:33 -04:00
a48138784e
Allow specifying the value of Accept-Language header for URL previews ( #7265 )
2020-04-15 13:35:29 +01:00
4a0dadafbe
Add setting to nginx configuration to allow larger file uploads ( #7251 )
2020-04-13 17:23:36 +01:00
a026bdaab7
Add matrix-synapse-shared-secret-auth as an example password provider ( #7248 )
2020-04-09 12:49:05 +01:00
cae4121484
Make systemd-with-workers doc official ( #7234 )
...
Simplify and update this documentation, and make it part of the core dist.
2020-04-08 11:59:26 +01:00
29b7e22b93
Add documentation to password_providers config option ( #7238 )
2020-04-08 00:46:50 +01:00
b0db928c63
Extend web_client_location to handle absolute URLs ( #7006 )
...
Log warning when filesystem path is used.
Signed-off-by: Martin Milata <martin@martinmilata.cz>
2020-04-03 11:57:34 -04:00
0122ef1037
Revert "Merge pull request #7153 from matrix-org/babolivier/sso_whitelist_login_fallback"
...
This was incorrectly merged to master.
This reverts commit 319c41f573229eb81498
2020-04-03 11:17:39 +01:00
250f87d0de
Update postgres.md ( #7119 )
2020-04-01 12:44:51 +01:00
2e826cd80c
Improve TURN documentation. ( #7167 )
2020-03-31 15:50:48 +01:00
d9f29f8dae
Fix a small typo in the `metrics_flags` config option. ( #7171 )
2020-03-30 17:38:21 +01:00
4f21c33be3
Remove usage of "conn_id" for presence. ( #7128 )
...
* Remove `conn_id` usage for UserSyncCommand.
Each tcp replication connection is assigned a "conn_id", which is used
to give an ID to a remotely connected worker. In a redis world, there
will no longer be a one to one mapping between connection and instance,
so instead we need to replace such usages with an ID generated by the
remote instances and included in the replicaiton commands.
This really only effects UserSyncCommand.
* Add CLEAR_USER_SYNCS command that is sent on shutdown.
This should help with the case where a synchrotron gets restarted
gracefully, rather than rely on 5 minute timeout.
2020-03-30 16:37:24 +01:00
c5f89fba55
Add developer documentation for running a local CAS server ( #7147 )
2020-03-30 07:28:42 -04:00
b7da598a61
Always whitelist the login fallback for SSO ( #7153 )
...
That fallback sets the redirect URL to itself (so it can process the login
token then return gracefully to the client). This would make it pointless to
ask the user for confirmation, since the URL the confirmation page would be
showing wouldn't be the client's.
2020-03-27 20:24:52 +00:00
fb69690761
Admin API to join users to a room. ( #7051 )
2020-03-27 19:16:43 +00:00
8327eb9280
Add options to prevent users from changing their profile. ( #7096 )
2020-03-27 19:15:23 +00:00
319c41f573
Merge pull request #7153 from matrix-org/babolivier/sso_whitelist_login_fallback
...
Always whitelist the login fallback for SSO
2020-03-27 15:34:41 +01:00
63aea691a7
Update the wording of the config comment
2020-03-27 15:09:12 +01:00
7083147961
Regenerate sample config
2020-03-26 19:01:54 +01:00
e8e2ddb60a
Allow server admins to define and enforce a password policy (MSC2000). ( #7118 )
2020-03-26 16:51:13 +00:00
6ca5e56fd1
Remove unused captcha_bypass_secret option ( #7137 )
...
Signed-off-by: Aaron Raimist <aaron@raim.ist>
2020-03-25 17:49:34 +00:00
4cff617df1
Move catchup of replication streams to worker. ( #7024 )
...
This changes the replication protocol so that the server does not send down `RDATA` for rows that happened before the client connected. Instead, the server will send a `POSITION` and clients then query the database (or master out of band) to get up to date.
2020-03-25 14:54:01 +00:00
39230d2171
Clean up some LoggingContext stuff ( #7120 )
...
* Pull Sentinel out of LoggingContext
... and drop a few unnecessary references to it
* Factor out LoggingContext.current_context
move `current_context` and `set_context` out to top-level functions.
Mostly this means that I can more easily trace what's actually referring to
LoggingContext, but I think it's generally neater.
* move copy-to-parent into `stop`
this really just makes `start` and `stop` more symetric. It also means that it
behaves correctly if you manually `set_log_context` rather than using the
context manager.
* Replace `LoggingContext.alive` with `finished`
Turn `alive` into `finished` and make it a bit better defined.
2020-03-24 14:45:33 +00:00
5126cb1253
Merge branch 'master' into develop
2020-03-23 13:54:29 +00:00
229eb81498
Synapse 1.12.0 (2020-03-23)
...
===========================
No significant changes since 1.12.0rc1.
Debian packages and Docker images are rebuilt using the latest versions of
dependency libraries, including Twisted 20.3.0. **Please see security advisory
below**.
Security advisory
-----------------
Synapse may be vulnerable to request-smuggling attacks when it is used with a
reverse-proxy. The vulnerabilties are fixed in Twisted 20.3.0, and are
described in
[CVE-2020-10108](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10108 )
and
[CVE-2020-10109](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10109 ).
For a good introduction to this class of request-smuggling attacks, see
https://portswigger.net/research/http-desync-attacks-request-smuggling-reborn .
We are not aware of these vulnerabilities being exploited in the wild, and
do not believe that they are exploitable with current versions of any reverse
proxies. Nevertheless, we recommend that all Synapse administrators ensure that
they have the latest versions of the Twisted library to ensure that their
installation remains secure.
* Administrators using the [`matrix.org` Docker
image](https://hub.docker.com/r/matrixdotorg/synapse/ ) or the [Debian/Ubuntu
packages from
`matrix.org`](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#matrixorg-packages )
should ensure that they have version 1.12.0 installed: these images include
Twisted 20.3.0.
* Administrators who have [installed Synapse from
source](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#installing-from-source )
should upgrade Twisted within their virtualenv by running:
```sh
<path_to_virtualenv>/bin/pip install 'Twisted>=20.3.0'
```
* Administrators who have installed Synapse from distribution packages should
consult the information from their distributions.
The `matrix.org` Synapse instance was not vulnerable to these vulnerabilities.
Advance notice of change to the default `git` branch for Synapse
----------------------------------------------------------------
Currently, the default `git` branch for Synapse is `master`, which tracks the
latest release.
After the release of Synapse 1.13.0, we intend to change this default to
`develop`, which is the development tip. This is more consistent with common
practice and modern `git` usage.
Although we try to keep `develop` in a stable state, there may be occasions
where regressions creep in. Developers and distributors who have scripts which
run builds using the default branch of `Synapse` should therefore consider
pinning their scripts to `master`.
Synapse 1.12.0rc1 (2020-03-19)
==============================
Features
--------
- Changes related to room alias management ([MSC2432](https://github.com/matrix-org/matrix-doc/pull/2432 )):
- Publishing/removing a room from the room directory now requires the user to have a power level capable of modifying the canonical alias, instead of the room aliases. ([\#6965](https://github.com/matrix-org/synapse/issues/6965 ))
- Validate the `alt_aliases` property of canonical alias events. ([\#6971](https://github.com/matrix-org/synapse/issues/6971 ))
- Users with a power level sufficient to modify the canonical alias of a room can now delete room aliases. ([\#6986](https://github.com/matrix-org/synapse/issues/6986 ))
- Implement updated authorization rules and redaction rules for aliases events, from [MSC2261](https://github.com/matrix-org/matrix-doc/pull/2261 ) and [MSC2432](https://github.com/matrix-org/matrix-doc/pull/2432 ). ([\#7037](https://github.com/matrix-org/synapse/issues/7037 ))
- Stop sending m.room.aliases events during room creation and upgrade. ([\#6941](https://github.com/matrix-org/synapse/issues/6941 ))
- Synapse no longer uses room alias events to calculate room names for push notifications. ([\#6966](https://github.com/matrix-org/synapse/issues/6966 ))
- The room list endpoint no longer returns a list of aliases. ([\#6970](https://github.com/matrix-org/synapse/issues/6970 ))
- Remove special handling of aliases events from [MSC2260](https://github.com/matrix-org/matrix-doc/pull/2260 ) added in v1.10.0rc1. ([\#7034](https://github.com/matrix-org/synapse/issues/7034 ))
- Expose the `synctl`, `hash_password` and `generate_config` commands in the snapcraft package. Contributed by @devec0. ([\#6315](https://github.com/matrix-org/synapse/issues/6315 ))
- Check that server_name is correctly set before running database updates. ([\#6982](https://github.com/matrix-org/synapse/issues/6982 ))
- Break down monthly active users by `appservice_id` and emit via Prometheus. ([\#7030](https://github.com/matrix-org/synapse/issues/7030 ))
- Render a configurable and comprehensible error page if something goes wrong during the SAML2 authentication process. ([\#7058](https://github.com/matrix-org/synapse/issues/7058 ), [\#7067](https://github.com/matrix-org/synapse/issues/7067 ))
- Add an optional parameter to control whether other sessions are logged out when a user's password is modified. ([\#7085](https://github.com/matrix-org/synapse/issues/7085 ))
- Add prometheus metrics for the number of active pushers. ([\#7103](https://github.com/matrix-org/synapse/issues/7103 ), [\#7106](https://github.com/matrix-org/synapse/issues/7106 ))
- Improve performance when making HTTPS requests to sygnal, sydent, etc, by sharing the SSL context object between connections. ([\#7094](https://github.com/matrix-org/synapse/issues/7094 ))
Bugfixes
--------
- When a user's profile is updated via the admin API, also generate a displayname/avatar update for that user in each room. ([\#6572](https://github.com/matrix-org/synapse/issues/6572 ))
- Fix a couple of bugs in email configuration handling. ([\#6962](https://github.com/matrix-org/synapse/issues/6962 ))
- Fix an issue affecting worker-based deployments where replication would stop working, necessitating a full restart, after joining a large room. ([\#6967](https://github.com/matrix-org/synapse/issues/6967 ))
- Fix `duplicate key` error which was logged when rejoining a room over federation. ([\#6968](https://github.com/matrix-org/synapse/issues/6968 ))
- Prevent user from setting 'deactivated' to anything other than a bool on the v2 PUT /users Admin API. ([\#6990](https://github.com/matrix-org/synapse/issues/6990 ))
- Fix py35-old CI by using native tox package. ([\#7018](https://github.com/matrix-org/synapse/issues/7018 ))
- Fix a bug causing `org.matrix.dummy_event` to be included in responses from `/sync`. ([\#7035](https://github.com/matrix-org/synapse/issues/7035 ))
- Fix a bug that renders UTF-8 text files incorrectly when loaded from media. Contributed by @TheStranjer. ([\#7044](https://github.com/matrix-org/synapse/issues/7044 ))
- Fix a bug that would cause Synapse to respond with an error about event visibility if a client tried to request the state of a room at a given token. ([\#7066](https://github.com/matrix-org/synapse/issues/7066 ))
- Repair a data-corruption issue which was introduced in Synapse 1.10, and fixed in Synapse 1.11, and which could cause `/sync` to return with 404 errors about missing events and unknown rooms. ([\#7070](https://github.com/matrix-org/synapse/issues/7070 ))
- Fix a bug causing account validity renewal emails to be sent even if the feature is turned off in some cases. ([\#7074](https://github.com/matrix-org/synapse/issues/7074 ))
Improved Documentation
----------------------
- Updated CentOS8 install instructions. Contributed by Richard Kellner. ([\#6925](https://github.com/matrix-org/synapse/issues/6925 ))
- Fix `POSTGRES_INITDB_ARGS` in the `contrib/docker/docker-compose.yml` example docker-compose configuration. ([\#6984](https://github.com/matrix-org/synapse/issues/6984 ))
- Change date in [INSTALL.md](./INSTALL.md#tls-certificates) for last date of getting TLS certificates to November 2019. ([\#7015](https://github.com/matrix-org/synapse/issues/7015 ))
- Document that the fallback auth endpoints must be routed to the same worker node as the register endpoints. ([\#7048](https://github.com/matrix-org/synapse/issues/7048 ))
Deprecations and Removals
-------------------------
- Remove the unused query_auth federation endpoint per [MSC2451](https://github.com/matrix-org/matrix-doc/pull/2451 ). ([\#7026](https://github.com/matrix-org/synapse/issues/7026 ))
Internal Changes
----------------
- Add type hints to `logging/context.py`. ([\#6309](https://github.com/matrix-org/synapse/issues/6309 ))
- Add some clarifications to `README.md` in the database schema directory. ([\#6615](https://github.com/matrix-org/synapse/issues/6615 ))
- Refactoring work in preparation for changing the event redaction algorithm. ([\#6874](https://github.com/matrix-org/synapse/issues/6874 ), [\#6875](https://github.com/matrix-org/synapse/issues/6875 ), [\#6983](https://github.com/matrix-org/synapse/issues/6983 ), [\#7003](https://github.com/matrix-org/synapse/issues/7003 ))
- Improve performance of v2 state resolution for large rooms. ([\#6952](https://github.com/matrix-org/synapse/issues/6952 ), [\#7095](https://github.com/matrix-org/synapse/issues/7095 ))
- Reduce time spent doing GC, by freezing objects on startup. ([\#6953](https://github.com/matrix-org/synapse/issues/6953 ))
- Minor perfermance fixes to `get_auth_chain_ids`. ([\#6954](https://github.com/matrix-org/synapse/issues/6954 ))
- Don't record remote cross-signing keys in the `devices` table. ([\#6956](https://github.com/matrix-org/synapse/issues/6956 ))
- Use flake8-comprehensions to enforce good hygiene of list/set/dict comprehensions. ([\#6957](https://github.com/matrix-org/synapse/issues/6957 ))
- Merge worker apps together. ([\#6964](https://github.com/matrix-org/synapse/issues/6964 ), [\#7002](https://github.com/matrix-org/synapse/issues/7002 ), [\#7055](https://github.com/matrix-org/synapse/issues/7055 ), [\#7104](https://github.com/matrix-org/synapse/issues/7104 ))
- Remove redundant `store_room` call from `FederationHandler._process_received_pdu`. ([\#6979](https://github.com/matrix-org/synapse/issues/6979 ))
- Update warning for incorrect database collation/ctype to include link to documentation. ([\#6985](https://github.com/matrix-org/synapse/issues/6985 ))
- Add some type annotations to the database storage classes. ([\#6987](https://github.com/matrix-org/synapse/issues/6987 ))
- Port `synapse.handlers.presence` to async/await. ([\#6991](https://github.com/matrix-org/synapse/issues/6991 ), [\#7019](https://github.com/matrix-org/synapse/issues/7019 ))
- Add some type annotations to the federation base & client classes. ([\#6995](https://github.com/matrix-org/synapse/issues/6995 ))
- Port `synapse.rest.keys` to async/await. ([\#7020](https://github.com/matrix-org/synapse/issues/7020 ))
- Add a type check to `is_verified` when processing room keys. ([\#7045](https://github.com/matrix-org/synapse/issues/7045 ))
- Add type annotations and comments to the auth handler. ([\#7063](https://github.com/matrix-org/synapse/issues/7063 ))
-----BEGIN PGP SIGNATURE-----
iQEzBAABCAAdFiEEv27Axt/F4vrTL/8QOSor00I9eP8FAl54vN0ACgkQOSor00I9
eP/LOgf/U22VypPu2Cl4vofxigeeUL+ph0gEQDCsF7i3EPi9ObeTi4aUggC95dBs
MY4JQENmVrk1NhVWQpC08mjehsr4xUzJuwnPPIeGQ6X5U/2BS4YUasxOt9A+iLUz
8IxTzUgx4T+CTfibZvn6xdE/tZK/b2N3BoOikesutD2aQGC5Fm6w2HReoY4Qrdgw
AwHlsIV22PYgEn0RL5y6DJ2NUU9SdeSmPjKNe+R1rHDlTpvH7LSyINhOFkYDgRPY
xmlH+Ek5+7vLi3AlWg6pA001mMWGADlC4T84URcf1fQv6hXT1iM+A9CqC57jGlfT
nHDphCtz0Uk9kmgT4To+hclLDWecYw==
=iSEk
-----END PGP SIGNATURE-----
Merge tag 'v1.12.0'
Synapse 1.12.0 (2020-03-23)
===========================
No significant changes since 1.12.0rc1.
Debian packages and Docker images are rebuilt using the latest versions of
dependency libraries, including Twisted 20.3.0. **Please see security advisory
below**.
Security advisory
-----------------
Synapse may be vulnerable to request-smuggling attacks when it is used with a
reverse-proxy. The vulnerabilties are fixed in Twisted 20.3.0, and are
described in
[CVE-2020-10108](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10108 )
and
[CVE-2020-10109](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10109 ).
For a good introduction to this class of request-smuggling attacks, see
https://portswigger.net/research/http-desync-attacks-request-smuggling-reborn .
We are not aware of these vulnerabilities being exploited in the wild, and
do not believe that they are exploitable with current versions of any reverse
proxies. Nevertheless, we recommend that all Synapse administrators ensure that
they have the latest versions of the Twisted library to ensure that their
installation remains secure.
* Administrators using the [`matrix.org` Docker
image](https://hub.docker.com/r/matrixdotorg/synapse/ ) or the [Debian/Ubuntu
packages from
`matrix.org`](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#matrixorg-packages )
should ensure that they have version 1.12.0 installed: these images include
Twisted 20.3.0.
* Administrators who have [installed Synapse from
source](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#installing-from-source )
should upgrade Twisted within their virtualenv by running:
```sh
<path_to_virtualenv>/bin/pip install 'Twisted>=20.3.0'
```
* Administrators who have installed Synapse from distribution packages should
consult the information from their distributions.
The `matrix.org` Synapse instance was not vulnerable to these vulnerabilities.
Advance notice of change to the default `git` branch for Synapse
----------------------------------------------------------------
Currently, the default `git` branch for Synapse is `master`, which tracks the
latest release.
After the release of Synapse 1.13.0, we intend to change this default to
`develop`, which is the development tip. This is more consistent with common
practice and modern `git` usage.
Although we try to keep `develop` in a stable state, there may be occasions
where regressions creep in. Developers and distributors who have scripts which
run builds using the default branch of `Synapse` should therefore consider
pinning their scripts to `master`.
Synapse 1.12.0rc1 (2020-03-19)
==============================
Features
--------
- Changes related to room alias management ([MSC2432](https://github.com/matrix-org/matrix-doc/pull/2432 )):
- Publishing/removing a room from the room directory now requires the user to have a power level capable of modifying the canonical alias, instead of the room aliases. ([\#6965](https://github.com/matrix-org/synapse/issues/6965 ))
- Validate the `alt_aliases` property of canonical alias events. ([\#6971](https://github.com/matrix-org/synapse/issues/6971 ))
- Users with a power level sufficient to modify the canonical alias of a room can now delete room aliases. ([\#6986](https://github.com/matrix-org/synapse/issues/6986 ))
- Implement updated authorization rules and redaction rules for aliases events, from [MSC2261](https://github.com/matrix-org/matrix-doc/pull/2261 ) and [MSC2432](https://github.com/matrix-org/matrix-doc/pull/2432 ). ([\#7037](https://github.com/matrix-org/synapse/issues/7037 ))
- Stop sending m.room.aliases events during room creation and upgrade. ([\#6941](https://github.com/matrix-org/synapse/issues/6941 ))
- Synapse no longer uses room alias events to calculate room names for push notifications. ([\#6966](https://github.com/matrix-org/synapse/issues/6966 ))
- The room list endpoint no longer returns a list of aliases. ([\#6970](https://github.com/matrix-org/synapse/issues/6970 ))
- Remove special handling of aliases events from [MSC2260](https://github.com/matrix-org/matrix-doc/pull/2260 ) added in v1.10.0rc1. ([\#7034](https://github.com/matrix-org/synapse/issues/7034 ))
- Expose the `synctl`, `hash_password` and `generate_config` commands in the snapcraft package. Contributed by @devec0. ([\#6315](https://github.com/matrix-org/synapse/issues/6315 ))
- Check that server_name is correctly set before running database updates. ([\#6982](https://github.com/matrix-org/synapse/issues/6982 ))
- Break down monthly active users by `appservice_id` and emit via Prometheus. ([\#7030](https://github.com/matrix-org/synapse/issues/7030 ))
- Render a configurable and comprehensible error page if something goes wrong during the SAML2 authentication process. ([\#7058](https://github.com/matrix-org/synapse/issues/7058 ), [\#7067](https://github.com/matrix-org/synapse/issues/7067 ))
- Add an optional parameter to control whether other sessions are logged out when a user's password is modified. ([\#7085](https://github.com/matrix-org/synapse/issues/7085 ))
- Add prometheus metrics for the number of active pushers. ([\#7103](https://github.com/matrix-org/synapse/issues/7103 ), [\#7106](https://github.com/matrix-org/synapse/issues/7106 ))
- Improve performance when making HTTPS requests to sygnal, sydent, etc, by sharing the SSL context object between connections. ([\#7094](https://github.com/matrix-org/synapse/issues/7094 ))
Bugfixes
--------
- When a user's profile is updated via the admin API, also generate a displayname/avatar update for that user in each room. ([\#6572](https://github.com/matrix-org/synapse/issues/6572 ))
- Fix a couple of bugs in email configuration handling. ([\#6962](https://github.com/matrix-org/synapse/issues/6962 ))
- Fix an issue affecting worker-based deployments where replication would stop working, necessitating a full restart, after joining a large room. ([\#6967](https://github.com/matrix-org/synapse/issues/6967 ))
- Fix `duplicate key` error which was logged when rejoining a room over federation. ([\#6968](https://github.com/matrix-org/synapse/issues/6968 ))
- Prevent user from setting 'deactivated' to anything other than a bool on the v2 PUT /users Admin API. ([\#6990](https://github.com/matrix-org/synapse/issues/6990 ))
- Fix py35-old CI by using native tox package. ([\#7018](https://github.com/matrix-org/synapse/issues/7018 ))
- Fix a bug causing `org.matrix.dummy_event` to be included in responses from `/sync`. ([\#7035](https://github.com/matrix-org/synapse/issues/7035 ))
- Fix a bug that renders UTF-8 text files incorrectly when loaded from media. Contributed by @TheStranjer. ([\#7044](https://github.com/matrix-org/synapse/issues/7044 ))
- Fix a bug that would cause Synapse to respond with an error about event visibility if a client tried to request the state of a room at a given token. ([\#7066](https://github.com/matrix-org/synapse/issues/7066 ))
- Repair a data-corruption issue which was introduced in Synapse 1.10, and fixed in Synapse 1.11, and which could cause `/sync` to return with 404 errors about missing events and unknown rooms. ([\#7070](https://github.com/matrix-org/synapse/issues/7070 ))
- Fix a bug causing account validity renewal emails to be sent even if the feature is turned off in some cases. ([\#7074](https://github.com/matrix-org/synapse/issues/7074 ))
Improved Documentation
----------------------
- Updated CentOS8 install instructions. Contributed by Richard Kellner. ([\#6925](https://github.com/matrix-org/synapse/issues/6925 ))
- Fix `POSTGRES_INITDB_ARGS` in the `contrib/docker/docker-compose.yml` example docker-compose configuration. ([\#6984](https://github.com/matrix-org/synapse/issues/6984 ))
- Change date in [INSTALL.md](./INSTALL.md#tls-certificates) for last date of getting TLS certificates to November 2019. ([\#7015](https://github.com/matrix-org/synapse/issues/7015 ))
- Document that the fallback auth endpoints must be routed to the same worker node as the register endpoints. ([\#7048](https://github.com/matrix-org/synapse/issues/7048 ))
Deprecations and Removals
-------------------------
- Remove the unused query_auth federation endpoint per [MSC2451](https://github.com/matrix-org/matrix-doc/pull/2451 ). ([\#7026](https://github.com/matrix-org/synapse/issues/7026 ))
Internal Changes
----------------
- Add type hints to `logging/context.py`. ([\#6309](https://github.com/matrix-org/synapse/issues/6309 ))
- Add some clarifications to `README.md` in the database schema directory. ([\#6615](https://github.com/matrix-org/synapse/issues/6615 ))
- Refactoring work in preparation for changing the event redaction algorithm. ([\#6874](https://github.com/matrix-org/synapse/issues/6874 ), [\#6875](https://github.com/matrix-org/synapse/issues/6875 ), [\#6983](https://github.com/matrix-org/synapse/issues/6983 ), [\#7003](https://github.com/matrix-org/synapse/issues/7003 ))
- Improve performance of v2 state resolution for large rooms. ([\#6952](https://github.com/matrix-org/synapse/issues/6952 ), [\#7095](https://github.com/matrix-org/synapse/issues/7095 ))
- Reduce time spent doing GC, by freezing objects on startup. ([\#6953](https://github.com/matrix-org/synapse/issues/6953 ))
- Minor perfermance fixes to `get_auth_chain_ids`. ([\#6954](https://github.com/matrix-org/synapse/issues/6954 ))
- Don't record remote cross-signing keys in the `devices` table. ([\#6956](https://github.com/matrix-org/synapse/issues/6956 ))
- Use flake8-comprehensions to enforce good hygiene of list/set/dict comprehensions. ([\#6957](https://github.com/matrix-org/synapse/issues/6957 ))
- Merge worker apps together. ([\#6964](https://github.com/matrix-org/synapse/issues/6964 ), [\#7002](https://github.com/matrix-org/synapse/issues/7002 ), [\#7055](https://github.com/matrix-org/synapse/issues/7055 ), [\#7104](https://github.com/matrix-org/synapse/issues/7104 ))
- Remove redundant `store_room` call from `FederationHandler._process_received_pdu`. ([\#6979](https://github.com/matrix-org/synapse/issues/6979 ))
- Update warning for incorrect database collation/ctype to include link to documentation. ([\#6985](https://github.com/matrix-org/synapse/issues/6985 ))
- Add some type annotations to the database storage classes. ([\#6987](https://github.com/matrix-org/synapse/issues/6987 ))
- Port `synapse.handlers.presence` to async/await. ([\#6991](https://github.com/matrix-org/synapse/issues/6991 ), [\#7019](https://github.com/matrix-org/synapse/issues/7019 ))
- Add some type annotations to the federation base & client classes. ([\#6995](https://github.com/matrix-org/synapse/issues/6995 ))
- Port `synapse.rest.keys` to async/await. ([\#7020](https://github.com/matrix-org/synapse/issues/7020 ))
- Add a type check to `is_verified` when processing room keys. ([\#7045](https://github.com/matrix-org/synapse/issues/7045 ))
- Add type annotations and comments to the auth handler. ([\#7063](https://github.com/matrix-org/synapse/issues/7063 ))
2020-03-23 13:54:17 +00:00
c165c1233b
Improve database configuration docs ( #6988 )
...
Attempts to clarify the sample config for databases, and add some stuff about
tcp keepalives to `postgres.md`.
2020-03-20 15:24:22 +00:00
88b41986db
Add an option to the set password API to choose whether to logout other devices. ( #7085 )
2020-03-18 07:50:00 -04:00
4ce50519cd
Update postgres.md
...
fix broken link
2020-03-17 18:08:43 +00:00
6a35046363
Revert "Add options to disable setting profile info for prevent changes. ( #7053 )"
...
This reverts commit 54dd28621b6640460d05
2020-03-17 11:25:01 +00:00
f9e98176bf
Put the file in the templates directory
2020-03-11 20:31:42 +00:00
900bca9707
Update wording and config
2020-03-11 19:40:30 +00:00
54dd28621b
Add options to disable setting profile info for prevent changes. ( #7053 )
2020-03-10 22:23:01 +00:00
751d51dd12
Update sample_config.yaml
2020-03-10 21:41:25 +01:00
51c094c4ac
Update sample config
2020-03-10 14:00:29 +00:00
885134529f
updates after review
2020-03-09 22:09:29 +01:00
66315d862f
Update routing of fallback auth in the worker docs. ( #7048 )
2020-03-09 07:19:24 -04:00
99bbe177b6
add disable_3pid_changes
2020-03-08 21:58:12 +01:00
20545a2199
lint2
2020-03-08 15:28:00 +01:00
fb078f921b
changelog
2020-03-08 15:19:07 +01:00
43f874055d
Merge branch 'master' into develop
2020-03-03 15:20:49 +00:00
b68041df3d
Add a whitelist for the SSO confirmation step.
2020-03-02 17:05:09 +00:00
b2bd54a2e3
Add a confirmation step to the SSO login flow
2020-03-02 16:36:32 +00:00
4c2ed3f20e
Fix minor issues with email config ( #6962 )
...
* Give `notif_template_html`, `notif_template_text` default values (fixes #6960 )
* Don't complain if `smtp_host` and `smtp_port` are unset, since they have sensible defaults (fixes #6961 )
* Set the example for `enable_notifs` to `True`, for consistency and because it's more useful
* Raise errors as ConfigError rather than RuntimeError for nicer formatting
2020-02-24 15:18:38 +00:00
509e381afa
Clarify list/set/dict/tuple comprehensions and enforce via flake8 ( #6957 )
...
Ensure good comprehension hygiene using flake8-comprehensions.
2020-02-21 07:15:07 -05:00
bbe39f808c
Merge pull request #6940 from matrix-org/babolivier/federate.md
...
Clean up and update federation docs
2020-02-19 10:58:59 +00:00
71d65407e7
Incorporate review
2020-02-19 10:03:19 +00:00
61b457e3ec
Incorporate review
2020-02-18 17:20:03 +00:00
a0d2f9d089
Phrasing
2020-02-18 16:16:49 +00:00
d484126bf7
Merge pull request #6907 from matrix-org/babolivier/acme-config
...
Add mention and warning about ACME v1 deprecation to the TLS config
2020-02-18 16:11:31 +00:00
818def8248
Fix worker docs to point `/publicised_groups` API correctly. ( #6938 )
2020-02-18 15:27:45 +00:00
d009535639
Add mention of SRV records as an advanced topic
2020-02-18 14:07:41 +00:00
ba7a523854
Argh trailing spaces
2020-02-18 13:57:15 +00:00
e837be5b5c
Fix links in the reverse proxy doc
2020-02-18 13:53:58 +00:00
3c67eee6dc
Make federate.md more of a sumary of the steps to follow to set up replication
2020-02-18 13:51:03 +00:00
8ee0d74516
Split the delegating documentation out of federate.md and trim it down
2020-02-18 12:05:45 +00:00
97a42bbc3a
Add a warning about indentation to generated config ( #6920 )
...
Fixes #6916 .
2020-02-14 16:22:30 +00:00
49f877d32e
Filter the results of user directory searching via the spam checker ( #6888 )
...
Add a method to the spam checker to filter the user directory results.
2020-02-14 07:17:54 -05:00
5820ed905f
Add mention and warning about ACME v1 deprecation to the Synapse config
2020-02-13 14:20:08 +00:00
361de49c90
Add documentation for the spam checker module ( #6906 )
...
Add documentation for the spam checker.
2020-02-13 07:40:57 -05:00
862669d6cc
Update docs/ACME.md
2020-02-13 11:29:08 +00:00
459d089af7
Mention that using Synapse to serve certificates requires restarts
2020-02-12 21:05:30 +00:00
e45a7c0939
Remove duplicated info about certbot et al
2020-02-12 20:14:59 +00:00
f092029d2d
Update ACME.md to mention ACME v1 deprecation
2020-02-12 20:14:16 +00:00
6cd34da8b1
Merge pull request #6891 from matrix-org/babolivier/retention-doc-amend
...
Spell out that the last event sent to a room won't be deleted by a purge
2020-02-12 20:12:20 +00:00
08e050c3fd
Rephrase
2020-02-12 15:39:40 +00:00
47acbc519f
Merge branch 'master' into develop
2020-02-12 13:24:09 +00:00
d9239b5257
Synapse 1.10.0 (2020-02-12)
...
===========================
**WARNING to client developers**: As of this release Synapse validates `client_secret` parameters in the Client-Server API as per the spec. See [\#6766](https://github.com/matrix-org/synapse/issues/6766 ) for details.
Updates to the Docker image
---------------------------
- Update the docker images to Alpine Linux 3.11. ([\#6897](https://github.com/matrix-org/synapse/issues/6897 ))
Synapse 1.10.0rc5 (2020-02-11)
==============================
Bugfixes
--------
- Fix the filtering introduced in 1.10.0rc3 to also apply to the state blocks returned by `/sync`. ([\#6884](https://github.com/matrix-org/synapse/issues/6884 ))
Synapse 1.10.0rc4 (2020-02-11)
==============================
This release candidate was built incorrectly and is superceded by 1.10.0rc5.
Synapse 1.10.0rc3 (2020-02-10)
==============================
Features
--------
- Filter out `m.room.aliases` from the CS API to mitigate abuse while a better solution is specced. ([\#6878](https://github.com/matrix-org/synapse/issues/6878 ))
Internal Changes
----------------
- Fix continuous integration failures with old versions of `pip`, which were introduced by a release of the `zipp` library. ([\#6880](https://github.com/matrix-org/synapse/issues/6880 ))
Synapse 1.10.0rc2 (2020-02-06)
==============================
Bugfixes
--------
- Fix an issue with cross-signing where device signatures were not sent to remote servers. ([\#6844](https://github.com/matrix-org/synapse/issues/6844 ))
- Fix to the unknown remote device detection which was introduced in 1.10.rc1. ([\#6848](https://github.com/matrix-org/synapse/issues/6848 ))
Internal Changes
----------------
- Detect unexpected sender keys on remote encrypted events and resync device lists. ([\#6850](https://github.com/matrix-org/synapse/issues/6850 ))
Synapse 1.10.0rc1 (2020-01-31)
==============================
Features
--------
- Add experimental support for updated authorization rules for aliases events, from [MSC2260](https://github.com/matrix-org/matrix-doc/pull/2260 ). ([\#6787](https://github.com/matrix-org/synapse/issues/6787 ), [\#6790](https://github.com/matrix-org/synapse/issues/6790 ), [\#6794](https://github.com/matrix-org/synapse/issues/6794 ))
Bugfixes
--------
- Warn if postgres database has a non-C locale, as that can cause issues when upgrading locales (e.g. due to upgrading OS). ([\#6734](https://github.com/matrix-org/synapse/issues/6734 ))
- Minor fixes to `PUT /_synapse/admin/v2/users` admin api. ([\#6761](https://github.com/matrix-org/synapse/issues/6761 ))
- Validate `client_secret` parameter using the regex provided by the Client-Server API, temporarily allowing `:` characters for older clients. The `:` character will be removed in a future release. ([\#6767](https://github.com/matrix-org/synapse/issues/6767 ))
- Fix persisting redaction events that have been redacted (or otherwise don't have a redacts key). ([\#6771](https://github.com/matrix-org/synapse/issues/6771 ))
- Fix outbound federation request metrics. ([\#6795](https://github.com/matrix-org/synapse/issues/6795 ))
- Fix bug where querying a remote user's device keys that weren't cached resulted in only returning a single device. ([\#6796](https://github.com/matrix-org/synapse/issues/6796 ))
- Fix race in federation sender worker that delayed sending of device updates. ([\#6799](https://github.com/matrix-org/synapse/issues/6799 ), [\#6800](https://github.com/matrix-org/synapse/issues/6800 ))
- Fix bug where Synapse didn't invalidate cache of remote users' devices when Synapse left a room. ([\#6801](https://github.com/matrix-org/synapse/issues/6801 ))
- Fix waking up other workers when remote server is detected to have come back online. ([\#6811](https://github.com/matrix-org/synapse/issues/6811 ))
Improved Documentation
----------------------
- Clarify documentation related to `user_dir` and `federation_reader` workers. ([\#6775](https://github.com/matrix-org/synapse/issues/6775 ))
Internal Changes
----------------
- Record room versions in the `rooms` table. ([\#6729](https://github.com/matrix-org/synapse/issues/6729 ), [\#6788](https://github.com/matrix-org/synapse/issues/6788 ), [\#6810](https://github.com/matrix-org/synapse/issues/6810 ))
- Propagate cache invalidates from workers to other workers. ([\#6748](https://github.com/matrix-org/synapse/issues/6748 ))
- Remove some unnecessary admin handler abstraction methods. ([\#6751](https://github.com/matrix-org/synapse/issues/6751 ))
- Add some debugging for media storage providers. ([\#6757](https://github.com/matrix-org/synapse/issues/6757 ))
- Detect unknown remote devices and mark cache as stale. ([\#6776](https://github.com/matrix-org/synapse/issues/6776 ), [\#6819](https://github.com/matrix-org/synapse/issues/6819 ))
- Attempt to resync remote users' devices when detected as stale. ([\#6786](https://github.com/matrix-org/synapse/issues/6786 ))
- Delete current state from the database when server leaves a room. ([\#6792](https://github.com/matrix-org/synapse/issues/6792 ))
- When a client asks for a remote user's device keys check if the local cache for that user has been marked as potentially stale. ([\#6797](https://github.com/matrix-org/synapse/issues/6797 ))
- Add background update to clean out left rooms from current state. ([\#6802](https://github.com/matrix-org/synapse/issues/6802 ), [\#6816](https://github.com/matrix-org/synapse/issues/6816 ))
- Refactoring work in preparation for changing the event redaction algorithm. ([\#6803](https://github.com/matrix-org/synapse/issues/6803 ), [\#6805](https://github.com/matrix-org/synapse/issues/6805 ), [\#6806](https://github.com/matrix-org/synapse/issues/6806 ), [\#6807](https://github.com/matrix-org/synapse/issues/6807 ), [\#6820](https://github.com/matrix-org/synapse/issues/6820 ))
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEdVkXOgzrGzds0jtrHgFcFF8ZFs0FAl5D780ACgkQHgFcFF8Z
Fs32MxAApvBbTGMhC5E2SLt8Yh4DSfDmg8yCPLMRVTdJuUQyUVgKYFSl9LqzqCGe
oLpzwbXXDpN1FYGuO3daFBSN3RaU1XCQPMayekTaF6Wvq9N9rNW1tAi6cQTjUf20
bTAxZljXAIkfXOMbahlFIqAtL+ItTbECKPW4zbndIbC4TiWw/bJPFHeSuoQbHbsI
TOgPjM4q2aydHFeTDL2Wqqm99pobPvnEji5sBzHOK+IyIaN0HZI7BZAsm38SDSEA
HQTW342RNl7Vm0t2KPdhBq/43r4ENKSUbZjCctFZA+iqbV2mmE96zd2pLOIh9OLP
7KoCDKlplQjInJjN3MQvPzn/cxHnZOmt3AwhQjfhOMcJWcwz00ouWp38oszgZi1c
8y1htf1/Tr26veYxF7umlPHT0h8LNj4Wi7ceQjoIDPu4X70X6vXOk5sJmeJ+KqI5
PJ4yUgw0erWX0I7jybavIvruyA9ZqCwk5FIIyG54IBIZLfughi/fcce49gfvJTa6
Rdjvp0g28qxynkRKq9hVOBSX/TRXTedHe8tHBvSzoDRScvI2aDWQYjJkmGzzLF6L
+eWiZ2ICJ2fs7XYIxPhEr/vSpmc/1R+k6vZIPeBTAs0muH8WoK2en6KZPmJ7C25L
2FHdA+1S1Ybqsvyue5S5Sl6yGcvpzGzc1R4mHoB0jZki2v3Cwcs=
=j25Z
-----END PGP SIGNATURE-----
Merge tag 'v1.10.0'
Synapse 1.10.0 (2020-02-12)
===========================
**WARNING to client developers**: As of this release Synapse validates `client_secret` parameters in the Client-Server API as per the spec. See [\#6766](https://github.com/matrix-org/synapse/issues/6766 ) for details.
Updates to the Docker image
---------------------------
- Update the docker images to Alpine Linux 3.11. ([\#6897](https://github.com/matrix-org/synapse/issues/6897 ))
Synapse 1.10.0rc5 (2020-02-11)
==============================
Bugfixes
--------
- Fix the filtering introduced in 1.10.0rc3 to also apply to the state blocks returned by `/sync`. ([\#6884](https://github.com/matrix-org/synapse/issues/6884 ))
Synapse 1.10.0rc4 (2020-02-11)
==============================
This release candidate was built incorrectly and is superceded by 1.10.0rc5.
Synapse 1.10.0rc3 (2020-02-10)
==============================
Features
--------
- Filter out `m.room.aliases` from the CS API to mitigate abuse while a better solution is specced. ([\#6878](https://github.com/matrix-org/synapse/issues/6878 ))
Internal Changes
----------------
- Fix continuous integration failures with old versions of `pip`, which were introduced by a release of the `zipp` library. ([\#6880](https://github.com/matrix-org/synapse/issues/6880 ))
Synapse 1.10.0rc2 (2020-02-06)
==============================
Bugfixes
--------
- Fix an issue with cross-signing where device signatures were not sent to remote servers. ([\#6844](https://github.com/matrix-org/synapse/issues/6844 ))
- Fix to the unknown remote device detection which was introduced in 1.10.rc1. ([\#6848](https://github.com/matrix-org/synapse/issues/6848 ))
Internal Changes
----------------
- Detect unexpected sender keys on remote encrypted events and resync device lists. ([\#6850](https://github.com/matrix-org/synapse/issues/6850 ))
Synapse 1.10.0rc1 (2020-01-31)
==============================
Features
--------
- Add experimental support for updated authorization rules for aliases events, from [MSC2260](https://github.com/matrix-org/matrix-doc/pull/2260 ). ([\#6787](https://github.com/matrix-org/synapse/issues/6787 ), [\#6790](https://github.com/matrix-org/synapse/issues/6790 ), [\#6794](https://github.com/matrix-org/synapse/issues/6794 ))
Bugfixes
--------
- Warn if postgres database has a non-C locale, as that can cause issues when upgrading locales (e.g. due to upgrading OS). ([\#6734](https://github.com/matrix-org/synapse/issues/6734 ))
- Minor fixes to `PUT /_synapse/admin/v2/users` admin api. ([\#6761](https://github.com/matrix-org/synapse/issues/6761 ))
- Validate `client_secret` parameter using the regex provided by the Client-Server API, temporarily allowing `:` characters for older clients. The `:` character will be removed in a future release. ([\#6767](https://github.com/matrix-org/synapse/issues/6767 ))
- Fix persisting redaction events that have been redacted (or otherwise don't have a redacts key). ([\#6771](https://github.com/matrix-org/synapse/issues/6771 ))
- Fix outbound federation request metrics. ([\#6795](https://github.com/matrix-org/synapse/issues/6795 ))
- Fix bug where querying a remote user's device keys that weren't cached resulted in only returning a single device. ([\#6796](https://github.com/matrix-org/synapse/issues/6796 ))
- Fix race in federation sender worker that delayed sending of device updates. ([\#6799](https://github.com/matrix-org/synapse/issues/6799 ), [\#6800](https://github.com/matrix-org/synapse/issues/6800 ))
- Fix bug where Synapse didn't invalidate cache of remote users' devices when Synapse left a room. ([\#6801](https://github.com/matrix-org/synapse/issues/6801 ))
- Fix waking up other workers when remote server is detected to have come back online. ([\#6811](https://github.com/matrix-org/synapse/issues/6811 ))
Improved Documentation
----------------------
- Clarify documentation related to `user_dir` and `federation_reader` workers. ([\#6775](https://github.com/matrix-org/synapse/issues/6775 ))
Internal Changes
----------------
- Record room versions in the `rooms` table. ([\#6729](https://github.com/matrix-org/synapse/issues/6729 ), [\#6788](https://github.com/matrix-org/synapse/issues/6788 ), [\#6810](https://github.com/matrix-org/synapse/issues/6810 ))
- Propagate cache invalidates from workers to other workers. ([\#6748](https://github.com/matrix-org/synapse/issues/6748 ))
- Remove some unnecessary admin handler abstraction methods. ([\#6751](https://github.com/matrix-org/synapse/issues/6751 ))
- Add some debugging for media storage providers. ([\#6757](https://github.com/matrix-org/synapse/issues/6757 ))
- Detect unknown remote devices and mark cache as stale. ([\#6776](https://github.com/matrix-org/synapse/issues/6776 ), [\#6819](https://github.com/matrix-org/synapse/issues/6819 ))
- Attempt to resync remote users' devices when detected as stale. ([\#6786](https://github.com/matrix-org/synapse/issues/6786 ))
- Delete current state from the database when server leaves a room. ([\#6792](https://github.com/matrix-org/synapse/issues/6792 ))
- When a client asks for a remote user's device keys check if the local cache for that user has been marked as potentially stale. ([\#6797](https://github.com/matrix-org/synapse/issues/6797 ))
- Add background update to clean out left rooms from current state. ([\#6802](https://github.com/matrix-org/synapse/issues/6802 ), [\#6816](https://github.com/matrix-org/synapse/issues/6816 ))
- Refactoring work in preparation for changing the event redaction algorithm. ([\#6803](https://github.com/matrix-org/synapse/issues/6803 ), [\#6805](https://github.com/matrix-org/synapse/issues/6805 ), [\#6806](https://github.com/matrix-org/synapse/issues/6806 ), [\#6807](https://github.com/matrix-org/synapse/issues/6807 ), [\#6820](https://github.com/matrix-org/synapse/issues/6820 ))
2020-02-12 13:23:22 +00:00
6b21986e4e
Also spell it out in the purge history API doc
2020-02-11 17:56:04 +00:00
a443d2a25d
Spell out that Synapse never purges the last event sent in a room
2020-02-11 17:37:09 +00:00
21db35f77e
Add support for putting fed user query API on workers ( #6873 )
2020-02-07 15:45:39 +00:00
de2d267375
Allow moving group read APIs to workers ( #6866 )
2020-02-07 11:14:19 +00:00
56ca93ef59
Admin api to add an email address ( #6789 )
2020-02-07 10:29:36 +00:00
f0561fcffd
Update documentation ( #6859 )
...
Update documentation to reflect the correct format of user_id (fully qualified).
2020-02-05 21:27:38 +00:00
02b44db922
Warn if postgres database has non-C locale. ( #6734 )
...
As using non-C locale can cause issues on upgrading OS.
2020-01-28 13:44:21 +00:00
1fe5001369
Fix federation_reader listeners doc as per PR review
...
Signed-off-by: Jason Robinson <jasonr@matrix.org>
2020-01-27 10:21:25 +02:00
aa6ad288f1
Clarifications to the workers documentation
...
* Add note that user_dir requires disabling user dir
updates from the main synapse process.
* Add note that federation_reader should have
the federation listener resource.
Signed-off-by: Jason Robinson <jasonr@matrix.org>
2020-01-24 11:08:50 +02:00
d31f5f4d89
Update admin room docs with correct endpoints ( #6770 )
2020-01-23 11:37:26 +00:00
90a28fb475
Admin API to list, filter and sort rooms ( #6720 )
2020-01-22 13:36:43 +00:00
5d7a6ad223
Allow streaming cache invalidate all to workers. ( #6749 )
2020-01-22 10:37:00 +00:00
a8a50f5b57
Wake up transaction queue when remote server comes back online ( #6706 )
...
This will be used to retry outbound transactions to a remote server if
we think it might have come back up.
2020-01-17 10:27:19 +00:00
5ce0b17e38
Clarify the `account_validity` and `email` sections of the sample configuration. ( #6685 )
...
Generally try to make this more comprehensible, and make it match the
conventions.
I've removed the documentation for all the settings which allow you to change
the names of the template files, because I can't really see why they are
useful.
2020-01-17 10:04:15 +00:00
1177d3f3a3
Quarantine media by ID or user ID ( #6681 )
2020-01-13 18:10:43 +00:00
47f4f493f0
Document more supported endpoints for workers ( #6698 )
2020-01-13 15:32:02 +00:00
d2906fe666
Allow admin users to create or modify users without a shared secret ( #6495 )
...
Signed-off-by: Manuel Stahl <manuel.stahl@awesome-technologies.de>
2020-01-09 13:31:00 +00:00
3889fcd9d7
Fix typo in message retention policies doc
2020-01-08 13:27:29 +00:00
cff1cb8685
Merge pull request #6624 from matrix-org/babolivier/retention_doc
...
Add complete documentation of the message retention policies support
2020-01-08 11:24:47 +00:00
2b6b7f482a
Merge pull request #6621 from matrix-org/babolivier/purge_job_config_typo
...
Fix a typo in the purge jobs configuration example
2020-01-07 16:17:40 +01:00
3675fb9bc6
Fix reference
2020-01-07 15:15:16 +00:00
7ba98a2874
Incorporate review
2020-01-07 15:14:33 +00:00
4be582d7c8
Merge branch 'develop' into babolivier/retention_doc
2020-01-07 15:07:19 +00:00
Patrick Cloke