OpenCloud
/
MatrixSynapse
mirror of https://github.com/matrix-org/synapse
1
0
Fork 0
Code Issues Releases Wiki Activity
13,135 Commits
842 Branches
671 Tags
284 MiB
Commit Graph

1200 Commits (c7f2eaf4f40a054468de89325efec985f506fcc9)

Author SHA1 Message Date
Andrew Morgan c7f2eaf4f4 Merge branch 'develop' of github.com:matrix-org/synapse into matrix-org-hotfixes 2019-01-29 10:07:13 +00:00
Richard van der Hoff f2b553d656 Use SimpleResolverComplexifier in tests (#4497) 
two reasons for this. One, it saves a bunch of boilerplate. Two, it squashes
unicode to IDNA-in-a-`str` (even on python 3) in a way that it turns out we
rely on to give consistent behaviour between python 2 and 3.
 2019-01-29 09:38:29 +00:00
Erik Johnston f1a04462eb
Merge pull request #4482 from matrix-org/erikj/event_auth_room_version 
Pass through room version to event auth
 2019-01-28 20:09:38 +00:00
Amber Brown 7072fe3084
Fix UPSERTs on SQLite 3.24+ (#4477) 2019-01-28 15:43:32 +00:00
Richard van der Hoff 0fd5b3b53e Handle IP literals explicitly 
We don't want to be doing .well-known lookups on these guys.
 2019-01-28 10:34:30 +00:00
Richard van der Hoff d840019192
Fix idna and ipv6 literal handling in MatrixFederationAgent (#4487) 
Turns out that the library does a better job of parsing URIs than our
reinvented wheel. Who knew.

There are two things going on here. The first is that, unlike
parse_server_name, URI.fromBytes will strip off square brackets from IPv6
literals, which means that it is valid input to ClientTLSOptionsFactory and
HostnameEndpoint.

The second is that we stay in `bytes` throughout (except for the argument to
ClientTLSOptionsFactory), which avoids the weirdness of (sometimes) ending up
with idna-encoded values being held in `unicode` variables. TBH it probably
would have been ok but it made the tests fragile.
 2019-01-28 09:56:59 +00:00
Erik Johnston ae2a957dba Pass through room version to event auth 2019-01-25 18:31:41 +00:00
Erik Johnston b6dce9b9fd
Merge pull request #4470 from matrix-org/erikj/require_format_version 
Require event format version to parse or create events
 2019-01-25 15:59:36 +00:00
Andrew Morgan 53d25116df Merge branch 'develop' of github.com:matrix-org/synapse into matrix-org-hotfixes 2019-01-25 14:33:14 +00:00
Richard van der Hoff 8520bc3109
Fix Host header sent by MatrixFederationAgent (#4468) 
Move the Host header logic down here so that (a) it is used if we reuse the
agent elsewhere, and (b) we can mess about with it with .well-known.
 2019-01-25 12:38:16 +00:00
Erik Johnston 9770ed91c2 Fix tests 2019-01-25 10:32:26 +00:00
Erik Johnston be6a7e47fa
Revert "Require event format version to parse or create events" 2019-01-25 10:23:51 +00:00
Erik Johnston efb8ed1d45 Merge branch 'develop' of github.com:matrix-org/synapse into erikj/require_format_version 2019-01-24 18:52:34 +00:00
Andrew Morgan 08e25ffa0c Merge branch 'develop' of github.com:matrix-org/synapse into matrix-org-hotfixes 2019-01-24 15:51:59 +00:00
Andrew Morgan acaca1b4e9 Merge branch 'anoa/room_dir_quick_fix' into matrix-org-hotfixes 2019-01-24 14:51:35 +00:00
Richard van der Hoff afd69a0920 Look up the right SRV record 2019-01-24 13:31:43 +00:00
Richard van der Hoff e1c8440e0c lots more tests for MatrixFederationAgent 2019-01-24 13:28:07 +00:00
Neil Johnson 10b89d5c2e
Merge pull request #4435 from matrix-org/neilj/fix_threepid_auth_check 
Neilj/fix threepid auth check
 2019-01-24 13:02:50 +00:00
Amber Brown 58f6c48183
Use native UPSERTs where possible (#4306) 2019-01-24 21:31:54 +11:00
Richard van der Hoff 97fd29c019
Don't send IP addresses as SNI (#4452) 
The problem here is that we have cut-and-pasted an impl from Twisted, and then
failed to maintain it. It was fixed in Twisted in
https://github.com/twisted/twisted/pull/1047/files; let's do the same here.
 2019-01-24 09:34:44 +00:00
Erik Johnston e79ba9eb34 Fix tests 2019-01-24 09:28:16 +00:00
Richard van der Hoff 6b574f3df7 fix python2 test failure 2019-01-23 11:25:36 +00:00
Richard van der Hoff d02c4532c0 Add a test for MatrixFederationAgent 2019-01-22 20:35:12 +00:00
Richard van der Hoff 7021784d46 put resolve_service in an object 
this makes it easier to stub things out for tests.
 2019-01-22 20:35:12 +00:00
Richard van der Hoff 53a327b4d5 Require that service_name be a byte string 
it is only ever a bytes now, so let's enforce that.
 2019-01-22 20:35:12 +00:00
Richard van der Hoff 7871146667 Make MatrixFederationClient use MatrixFederationAgent 
... instead of the matrix_federation_endpoint
 2019-01-22 20:34:35 +00:00
Neil Johnson d619b113ed Fix None guard in config.server.is_threepid_reserved 2019-01-22 16:52:29 +00:00
Richard van der Hoff 33a55289cb
Refactor and bugfix for resove_service (#4427) 2019-01-22 10:59:27 +00:00
Amber Brown 23b0813599
Require ECDH key exchange & remove dh_params (#4429) 
* remove dh_params and set better cipher string
 2019-01-22 21:58:50 +11:00
Richard van der Hoff de6888e7ce Remove redundant WrappedConnection (#4409) 
* Remove redundant WrappedConnection

The matrix federation client uses an HTTP connection pool, which times out its
idle HTTP connections, so there is no need for any of this business.
 2019-01-18 23:07:38 +11:00
Richard van der Hoff 676cf2ee26
Fix incorrect logcontexts after a Deferred was cancelled (#4407) 2019-01-17 14:00:23 +00:00
Richard van der Hoff 892f6c98ec Synapse 0.34.1.1 (2019-01-11) 
=============================
 
 This release fixes CVE-2019-5885 and is recommended for all users of Synapse 0.34.1.
 
 This release is compatible with Python 2.7 and 3.5+. Python 3.7 is fully supported.
 
 Bugfixes
 --------
 
 - Fix spontaneous logout on upgrade
   ([\#4374](https://github.com/matrix-org/synapse/issues/4374))
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEEIQBQJ4l+yK4dlKkFIwi0edOSShEFAlw3XecACgkQIwi0edOS
 ShGS5gf+OQ7JajiAKnNP7EcWgl2yXislV8ho5366sIgpfcmsMduOQm7VF6qUrHvz
 vge/uip4Xghk0Qs5MPW38RqWw+dC4UziaEyJ99jVitPQNrvJziWvpayIvzfmr8XQ
 SUD+vpp6iZeHhFoVontVSOCCldD1Sn/KRK3anBARH4Lw1ajOVUT566nQBoJFMgGq
 PdSg5MgwsvqS4mPp/YutEvWHiB3OZdfOzmUwrq9TZXUK93zHbR1zyq4EEcTT2HoE
 2Lv4YP7lbINqa47KwTo8x3lsPY1PGP5KRMGF+DcNG1i8FCD5HpVXnx83mFH6bQx9
 Znm6pR6215R+Q8IHQgNA5MJ35UxtdQ==
 =N5tR
 -----END PGP SIGNATURE-----

Merge tag 'v0.34.1.1' into matrix-org-hotfixes

Synapse 0.34.1.1 (2019-01-11)
=============================

This release fixes CVE-2019-5885 and is recommended for all users of Synapse 0.34.1.

This release is compatible with Python 2.7 and 3.5+. Python 3.7 is fully supported.

Bugfixes
--------

- Fix spontaneous logout on upgrade
  ([\#4374](https://github.com/matrix-org/synapse/issues/4374))
 2019-01-11 10:21:18 +00:00
Amber Brown 522dada206 Merge remote-tracking branch 'origin/master' into develop 2019-01-11 02:22:48 +11:00
Richard van der Hoff e0910d0145 Merge branch rav/macaroon_key_fix_0.34 into rav/macaroon_key_fix_0.34.1 
Fixes #4371
 2019-01-10 14:12:50 +00:00
Richard van der Hoff aa70d24125 Merge branch 'rav/macaroon_key_fix' into rav/macaroon_key_fix_0.34 2019-01-10 12:58:33 +00:00
Richard van der Hoff 566947ff34 Skip macaroon check for access tokens in the db 2019-01-10 12:57:21 +00:00
Amber Brown 7960c26fda
Fix adding new rows instead of updating them if one of the key values is a NULL in upserts. (#4369) 2019-01-09 22:26:25 +11:00
Richard van der Hoff 1d63046542 Synapse 0.34.1rc1 (2019-01-08) 
==============================
 
 Features
 --------
 
 - Special-case a support user for use in verifying behaviour of a given server. The support user does not appear in user directory or monthly active user counts. ([\#4141](https://github.com/matrix-org/synapse/issues/4141), [\#4344](https://github.com/matrix-org/synapse/issues/4344))
 - Support for serving .well-known files ([\#4262](https://github.com/matrix-org/synapse/issues/4262))
 - Rework SAML2 authentication ([\#4265](https://github.com/matrix-org/synapse/issues/4265), [\#4267](https://github.com/matrix-org/synapse/issues/4267))
 - SAML2 authentication: Initialise user display name from SAML2 data ([\#4272](https://github.com/matrix-org/synapse/issues/4272))
 - Synapse can now have its conditional/extra dependencies installed by pip. This functionality can be used by using `pip install matrix-synapse[feature]`, where feature is a comma separated list with the possible values `email.enable_notifs`, `matrix-synapse-ldap3`, `postgres`, `resources.consent`, `saml2`, `url_preview`, and `test`. If you want to install all optional dependencies, you can use "all" instead. ([\#4298](https://github.com/matrix-org/synapse/issues/4298), [\#4325](https://github.com/matrix-org/synapse/issues/4325), [\#4327](https://github.com/matrix-org/synapse/issues/4327))
 - Add routes for reading account data. ([\#4303](https://github.com/matrix-org/synapse/issues/4303))
 - Add opt-in support for v2 rooms ([\#4307](https://github.com/matrix-org/synapse/issues/4307))
 - Add a script to generate a clean config file ([\#4315](https://github.com/matrix-org/synapse/issues/4315))
 - Return server data in /login response ([\#4319](https://github.com/matrix-org/synapse/issues/4319))
 
 Bugfixes
 --------
 
 - Fix contains_url check to be consistent with other instances in code-base and check that value is an instance of string. ([\#3405](https://github.com/matrix-org/synapse/issues/3405))
 - Fix CAS login when username is not valid in an MXID ([\#4264](https://github.com/matrix-org/synapse/issues/4264))
 - Send CORS headers for /media/config ([\#4279](https://github.com/matrix-org/synapse/issues/4279))
 - Add 'sandbox' to CSP for media reprository ([\#4284](https://github.com/matrix-org/synapse/issues/4284))
 - Make the new landing page prettier. ([\#4294](https://github.com/matrix-org/synapse/issues/4294))
 - Fix deleting E2E room keys when using old SQLite versions. ([\#4295](https://github.com/matrix-org/synapse/issues/4295))
 - The metric synapse_admin_mau:current previously did not update when config.mau_stats_only was set to True ([\#4305](https://github.com/matrix-org/synapse/issues/4305))
 - Fixed per-room account data filters ([\#4309](https://github.com/matrix-org/synapse/issues/4309))
 - Fix indentation in default config ([\#4313](https://github.com/matrix-org/synapse/issues/4313))
 - Fix synapse:latest docker upload ([\#4316](https://github.com/matrix-org/synapse/issues/4316))
 - Fix test_metric.py compatibility with prometheus_client 0.5. Contributed by Maarten de Vries <maarten@de-vri.es>. ([\#4317](https://github.com/matrix-org/synapse/issues/4317))
 - Avoid packaging _trial_temp directory in -py3 debian packages ([\#4326](https://github.com/matrix-org/synapse/issues/4326))
 - Check jinja version for consent resource ([\#4327](https://github.com/matrix-org/synapse/issues/4327))
 - fix NPE in /messages by checking if all events were filtered out ([\#4330](https://github.com/matrix-org/synapse/issues/4330))
 - Fix `python -m synapse.config` on Python 3. ([\#4356](https://github.com/matrix-org/synapse/issues/4356))
 
 Deprecations and Removals
 -------------------------
 
 - Remove the deprecated v1/register API on Python 2. It was never ported to Python 3. ([\#4334](https://github.com/matrix-org/synapse/issues/4334))
 
 Internal Changes
 ----------------
 
 - Getting URL previews of IP addresses no longer fails on Python 3. ([\#4215](https://github.com/matrix-org/synapse/issues/4215))
 - drop undocumented dependency on dateutil ([\#4266](https://github.com/matrix-org/synapse/issues/4266))
 - Update the example systemd config to use a virtualenv ([\#4273](https://github.com/matrix-org/synapse/issues/4273))
 - Update link to kernel DCO guide ([\#4274](https://github.com/matrix-org/synapse/issues/4274))
 - Make isort tox check print diff when it fails ([\#4283](https://github.com/matrix-org/synapse/issues/4283))
 - Log room_id in Unknown room errors ([\#4297](https://github.com/matrix-org/synapse/issues/4297))
 - Documentation improvements for coturn setup. Contributed by Krithin Sitaram. ([\#4333](https://github.com/matrix-org/synapse/issues/4333))
 - Update pull request template to use absolute links ([\#4341](https://github.com/matrix-org/synapse/issues/4341))
 - Update README to not lie about required restart when updating TLS certificates ([\#4343](https://github.com/matrix-org/synapse/issues/4343))
 - Update debian packaging for compatibility with transitional package ([\#4349](https://github.com/matrix-org/synapse/issues/4349))
 - Fix command hint to generate a config file when trying to start without a config file ([\#4353](https://github.com/matrix-org/synapse/issues/4353))
 - Add better logging for unexpected errors while sending transactions ([\#4358](https://github.com/matrix-org/synapse/issues/4358))
 -----BEGIN PGP SIGNATURE-----
 
 iQFHBAABCgAxFiEEQlNDQm4FMsm53u1sih+T1XW16NUFAlw0iaYTHHJpY2hhcmRA
 bWF0cml4Lm9yZwAKCRCKH5PVdbXo1V1HB/0b/AB8QQ/9oIcwMpKI+SDY9RL9Ltzk
 IUv/5RoyNZtHlTWYXRlMQoev95tM4ej2l5EkHUpfCdUMbRif9M6Q4EgAJQDvxKYf
 eSqqv9Uk2FMHgv/zwsQO59b0cPfVUMdsUFZNrIjgnszuGVtjmUe2w3Bka+DYtA2O
 vYRx88bjcqTra6UnII6yVt66Dgk/kxeP6TmboMJGuVWxkvjQdRCvcdEbLAVHW47j
 Dc050mL/5oTpUBNa+yks28QcNbXLZV+4UDoBMja78izXZnaLH8nbJT7cF8mwt0oT
 6q5DisF8MLc2fEAUtjFeLkyDkfjzSlSSH6hfoqp51KKN8wn78/Zl662Z
 =5ID1
 -----END PGP SIGNATURE-----

Merge tag 'v0.34.1rc1' into matrix-org-hotfixes

Synapse 0.34.1rc1 (2019-01-08)
==============================

Features
--------

- Special-case a support user for use in verifying behaviour of a given server. The support user does not appear in user directory or monthly active user counts. ([\#4141](https://github.com/matrix-org/synapse/issues/4141), [\#4344](https://github.com/matrix-org/synapse/issues/4344))
- Support for serving .well-known files ([\#4262](https://github.com/matrix-org/synapse/issues/4262))
- Rework SAML2 authentication ([\#4265](https://github.com/matrix-org/synapse/issues/4265), [\#4267](https://github.com/matrix-org/synapse/issues/4267))
- SAML2 authentication: Initialise user display name from SAML2 data ([\#4272](https://github.com/matrix-org/synapse/issues/4272))
- Synapse can now have its conditional/extra dependencies installed by pip. This functionality can be used by using `pip install matrix-synapse[feature]`, where feature is a comma separated list with the possible values `email.enable_notifs`, `matrix-synapse-ldap3`, `postgres`, `resources.consent`, `saml2`, `url_preview`, and `test`. If you want to install all optional dependencies, you can use "all" instead. ([\#4298](https://github.com/matrix-org/synapse/issues/4298), [\#4325](https://github.com/matrix-org/synapse/issues/4325), [\#4327](https://github.com/matrix-org/synapse/issues/4327))
- Add routes for reading account data. ([\#4303](https://github.com/matrix-org/synapse/issues/4303))
- Add opt-in support for v2 rooms ([\#4307](https://github.com/matrix-org/synapse/issues/4307))
- Add a script to generate a clean config file ([\#4315](https://github.com/matrix-org/synapse/issues/4315))
- Return server data in /login response ([\#4319](https://github.com/matrix-org/synapse/issues/4319))

Bugfixes
--------

- Fix contains_url check to be consistent with other instances in code-base and check that value is an instance of string. ([\#3405](https://github.com/matrix-org/synapse/issues/3405))
- Fix CAS login when username is not valid in an MXID ([\#4264](https://github.com/matrix-org/synapse/issues/4264))
- Send CORS headers for /media/config ([\#4279](https://github.com/matrix-org/synapse/issues/4279))
- Add 'sandbox' to CSP for media reprository ([\#4284](https://github.com/matrix-org/synapse/issues/4284))
- Make the new landing page prettier. ([\#4294](https://github.com/matrix-org/synapse/issues/4294))
- Fix deleting E2E room keys when using old SQLite versions. ([\#4295](https://github.com/matrix-org/synapse/issues/4295))
- The metric synapse_admin_mau:current previously did not update when config.mau_stats_only was set to True ([\#4305](https://github.com/matrix-org/synapse/issues/4305))
- Fixed per-room account data filters ([\#4309](https://github.com/matrix-org/synapse/issues/4309))
- Fix indentation in default config ([\#4313](https://github.com/matrix-org/synapse/issues/4313))
- Fix synapse:latest docker upload ([\#4316](https://github.com/matrix-org/synapse/issues/4316))
- Fix test_metric.py compatibility with prometheus_client 0.5. Contributed by Maarten de Vries <maarten@de-vri.es>. ([\#4317](https://github.com/matrix-org/synapse/issues/4317))
- Avoid packaging _trial_temp directory in -py3 debian packages ([\#4326](https://github.com/matrix-org/synapse/issues/4326))
- Check jinja version for consent resource ([\#4327](https://github.com/matrix-org/synapse/issues/4327))
- fix NPE in /messages by checking if all events were filtered out ([\#4330](https://github.com/matrix-org/synapse/issues/4330))
- Fix `python -m synapse.config` on Python 3. ([\#4356](https://github.com/matrix-org/synapse/issues/4356))

Deprecations and Removals
-------------------------

- Remove the deprecated v1/register API on Python 2. It was never ported to Python 3. ([\#4334](https://github.com/matrix-org/synapse/issues/4334))

Internal Changes
----------------

- Getting URL previews of IP addresses no longer fails on Python 3. ([\#4215](https://github.com/matrix-org/synapse/issues/4215))
- drop undocumented dependency on dateutil ([\#4266](https://github.com/matrix-org/synapse/issues/4266))
- Update the example systemd config to use a virtualenv ([\#4273](https://github.com/matrix-org/synapse/issues/4273))
- Update link to kernel DCO guide ([\#4274](https://github.com/matrix-org/synapse/issues/4274))
- Make isort tox check print diff when it fails ([\#4283](https://github.com/matrix-org/synapse/issues/4283))
- Log room_id in Unknown room errors ([\#4297](https://github.com/matrix-org/synapse/issues/4297))
- Documentation improvements for coturn setup. Contributed by Krithin Sitaram. ([\#4333](https://github.com/matrix-org/synapse/issues/4333))
- Update pull request template to use absolute links ([\#4341](https://github.com/matrix-org/synapse/issues/4341))
- Update README to not lie about required restart when updating TLS certificates ([\#4343](https://github.com/matrix-org/synapse/issues/4343))
- Update debian packaging for compatibility with transitional package ([\#4349](https://github.com/matrix-org/synapse/issues/4349))
- Fix command hint to generate a config file when trying to start without a config file ([\#4353](https://github.com/matrix-org/synapse/issues/4353))
- Add better logging for unexpected errors while sending transactions ([\#4358](https://github.com/matrix-org/synapse/issues/4358))
 2019-01-08 11:37:25 +00:00
Erik Johnston b970cb0e96 Refactor request sending to have better excpetions (#4358) 
* Correctly retry and back off if we get a HTTPerror response

* Refactor request sending to have better excpetions

MatrixFederationHttpClient blindly reraised exceptions to the caller
without differentiating "expected" failures (e.g. connection timeouts
etc) versus more severe problems (e.g. programming errors).

This commit adds a RequestSendFailed exception that is raised when
"expected" failures happen, allowing the TransactionQueue to log them as
warnings while allowing us to log other exceptions as actual exceptions.
 2019-01-08 11:04:28 +00:00
Amber Brown d7843f47b6
Remove v1 only REST APIs now we don't ship matrix console (#4334) 2018-12-29 23:12:30 +11:00
Richard van der Hoff f85676cc93
Return well_known in /login response (#4319) 
... as per MSC1730.
 2018-12-24 10:44:33 +01:00
Richard van der Hoff 3355c1a9ec
Merge pull request #4317 from de-vri-es/test-metric-prometheus-0.5 
Fix test_metrics.py compatibility prometheus_client 0.5
 2018-12-23 00:14:47 +01:00
Amber Brown ea6abf6724
Fix IP URL previews on Python 3 (#4215) 2018-12-22 01:56:13 +11:00
Maarten de Vries 48b7ff7a35 Fix test_metrics.py compatibility prometheus_client 0.5 
prometheus_client 0.5 has a named-tuple Sample type with more member
than the old plain tuple had. This commit makes sure the unit test
detects this and changes the way it reads the sample.

Signed-off-by: Maarten de Vries <maarten@de-vri.es>
 2018-12-21 01:53:57 +01:00
Neil Johnson d2f7c4e6b1
create support user (#4141) 
Allow for the creation of a support user.

A support user can access the server, join rooms, interact with other users, but does not appear in the user directory nor does it contribute to monthly active user limits.
 2018-12-14 18:20:59 +00:00
Richard van der Hoff 30da50a5b8
Initialise user displayname from SAML2 data (#4272) 
When we register a new user from SAML2 data, initialise their displayname
correctly.
 2018-12-07 14:44:46 +01:00
Richard van der Hoff c7401a697f
Implement SAML2 authentication (#4267) 
This implements both a SAML2 metadata endpoint (at
`/_matrix/saml2/metadata.xml`), and a SAML2 response receiver (at
`/_matrix/saml2/authn_response`). If the SAML2 response matches what's been
configured, we complete the SSO login flow by redirecting to the client url
(aka `RelayState` in SAML2 jargon) with a login token.

What we don't yet have is anything to build a SAML2 request and redirect the
user to the identity provider. That is left as an exercise for the reader.
 2018-12-07 13:11:11 +01:00
Richard van der Hoff c588b9b9e4
Factor SSO success handling out of CAS login (#4264) 
This is mostly factoring out the post-CAS-login code to somewhere we can reuse
it for other SSO flows, but it also fixes the userid mapping while we're at it.
 2018-12-07 13:10:07 +01:00
Richard van der Hoff b0c24a66ec Rip out half-implemented m.login.saml2 support (#4265) 
* Rip out half-implemented m.login.saml2 support

This was implemented in an odd way that left most of the work to the client, in
a way that I really didn't understand. It's going to be a pain to maintain, so
let's start by ripping it out.

* drop undocumented dependency on dateutil

It turns out we were relying on dateutil being pulled in transitively by
pysaml2. There's no need for that bloat.
 2018-12-06 19:44:38 +11:00
Richard van der Hoff e8d98466b0
Implement .well-known handling (#4262) 
Sometimes it's useful for synapse to generate its own .well-known file.
 2018-12-05 14:38:58 +01:00