c936a52a9e 
								
									
								
							
								 
							
						 
						
							
							
								
								Consistently use six's iteritems and wrap lazy keys/values in list() if they're not meant to be lazy ( #3307 )  
							
							
							
						 
						
							2018-05-31 19:03:47 +10:00  
				
					
						
							
							
								 
						
							
							
								754826a830 
								
							
								 
							
						 
						
							
							
								
								Merge remote-tracking branch 'origin/develop' into 3218-official-prom  
							
							
							
						 
						
							2018-05-28 18:57:23 +10:00  
				
					
						
							
							
								 
						
							
							
								08bfc48abf 
								
							
								 
							
						 
						
							
							
								
								custom error code for not leaving server notices room  
							
							
							
						 
						
							2018-05-22 17:27:27 +01:00  
				
					
						
							
							
								 
						
							
							
								a8990fa2ec 
								
							
								 
							
						 
						
							
							
								
								Merge remote-tracking branch 'origin/develop' into 3218-official-prom  
							
							
							
						 
						
							2018-05-22 10:50:26 -05:00  
				
					
						
							
							
								 
						
							
							
								a5e2941aad 
								
							
								 
							
						 
						
							
							
								
								Reject attempts to send event before privacy consent is given  
							
							... 
							
							
							
							Returns an M_CONSENT_NOT_GIVEN error (cf
https://github.com/matrix-org/matrix-doc/issues/1252 ) if consent is not yet
given. 
							
						 
						
							2018-05-22 12:00:47 +01:00  
				
					
						
							
							
								 
						
							
							
								df9f72d9e5 
								
							
								 
							
						 
						
							
							
								
								replacing portions  
							
							
							
						 
						
							2018-05-21 19:47:37 -05:00  
				
					
						
							
							
								 
						
							
							
								33f469ba19 
								
							
								 
							
						 
						
							
							
								
								Apply some limits to depth to counter abuse  
							
							... 
							
							
							
							* When creating a new event, cap its depth to 2^63 - 1
* When receiving events, reject any without a sensible depth
As per https://docs.google.com/document/d/1I3fi2S-XnpO45qrpCsowZv8P8dHcNZ4fsBsbOW7KABI  
							
						 
						
							2018-05-01 17:54:19 +01:00  
				
					
						
							
							
								 
						
							
							
								36c59ce669 
								
							
								 
							
						 
						
							
							
								
								Use six.itervalues in some places  
							
							... 
							
							
							
							There's more where that came from
Signed-off-by: Adrian Tschira <nota@notafile.com> 
							
						 
						
							2018-04-15 20:39:43 +02:00  
				
					
						
							
							
								 
						
							
							
								6168351877 
								
							
								 
							
						 
						
							
							
								
								Add b prefixes to some strings that are bytes in py3  
							
							... 
							
							
							
							This has no effect on python2
Signed-off-by: Adrian Tschira <nota@notafile.com> 
							
						 
						
							2018-04-04 13:48:51 +02:00  
				
					
						
							
							
								 
						
							
							
								fcfe7f6ad3 
								
							
								 
							
						 
						
							
							
								
								Use simplejson throughout  
							
							... 
							
							
							
							Let's use simplejson rather than json, for consistency. 
							
						 
						
							2018-03-29 22:45:52 +01:00  
				
					
						
							
							
								 
						
							
							
								fa72803490 
								
							
								 
							
						 
						
							
							
								
								Merge branch 'master' of github.com:matrix-org/synapse into develop  
							
							
							
						 
						
							2018-03-19 11:41:01 +00:00  
				
					
						
							
							
								 
						
							
							
								926ba76e23 
								
							
								 
							
						 
						
							
							
								
								Replace ujson with simplejson  
							
							
							
						 
						
							2018-03-15 23:43:31 +00:00  
				
					
						
							
							
								 
						
							
							
								ab9f844aaf 
								
									
								
							
								 
							
						 
						
							
							
								
								Add federation_domain_whitelist option ( #2820 )  
							
							... 
							
							
							
							Add federation_domain_whitelist
gives a way to restrict which domains your HS is allowed to federate with.
useful mainly for gracefully preventing a private but internet-connected HS from trying to federate to the wider public Matrix network 
							
						 
						
							2018-01-22 19:11:18 +01:00  
				
					
						
							
							
								 
						
							
							
								28a6ccb49c 
								
							
								 
							
						 
						
							
							
								
								add registrations_require_3pid  
							
							... 
							
							
							
							lets homeservers specify a whitelist for 3PIDs that users are allowed to associate with.
Typically useful for stopping people from registering with non-work emails 
							
						 
						
							2018-01-19 00:19:58 +00:00  
				
					
						
							
							
								 
						
							
							
								d5f9fb06b0 
								
							
								 
							
						 
						
							
							
								
								Refactor UI auth implementation  
							
							... 
							
							
							
							Instead of returning False when auth is incomplete, throw an exception which
can be caught with a wrapper. 
							
						 
						
							2017-12-05 09:40:05 +00:00  
				
					
						
							
							
								 
						
							
							
								da562bd6a1 
								
							
								 
							
						 
						
							
							
								
								Improve comments on get_user_by_access_token  
							
							... 
							
							
							
							because I have to reverse-engineer this every time. 
							
						 
						
							2017-11-29 15:52:41 +00:00  
				
					
						
							
							
								 
						
							
							
								aa620d09a0 
								
							
								 
							
						 
						
							
							
								
								Add a config option to block all room invites ( #2457 )  
							
							... 
							
							
							
							- allows sysadmins the ability to lock down their servers so that people can't
send their users room invites. 
							
						 
						
							2017-09-19 16:08:14 +01:00  
				
					
						
							
							
								 
						
							
							
								ed9a7f5436 
								
							
								 
							
						 
						
							
							
								
								Merge pull request  #2309  from matrix-org/erikj/user_ip_repl  
							
							... 
							
							
							
							Fix up user_ip replication commands 
							
						 
						
							2017-07-06 14:33:14 +01:00  
				
					
						
							
							
								 
						
							
							
								2c365f4723 
								
							
								 
							
						 
						
							
							
								
								Cache macaroon parse and validation  
							
							... 
							
							
							
							Turns out this can be quite expensive for requests, and is easily
cachable. We don't cache the lookup to the DB so invalidation still
works. 
							
						 
						
							2017-06-29 14:50:18 +01:00  
				
					
						
							
							
								 
						
							
							
								8c23221666 
								
							
								 
							
						 
						
							
							
								
								Fix up  
							
							
							
						 
						
							2017-06-27 15:53:45 +01:00  
				
					
						
							
							
								 
						
							
							
								ed3d0170d9 
								
							
								 
							
						 
						
							
							
								
								Batch upsert user ips  
							
							
							
						 
						
							2017-06-27 13:37:04 +01:00  
				
					
						
							
							
								 
						
							
							
								0185b75381 
								
							
								 
							
						 
						
							
							
								
								Change is_host_joined to use current_state table  
							
							... 
							
							
							
							This bypasses a bug where using the state groups to figure out if a host
is in a room sometimes errors if the servers isn't in the room. (For
example when the server rejected an invite to a remote room) 
							
						 
						
							2017-06-09 10:52:26 +01:00  
				
					
						
							
							
								 
						
							
							
								1a9255c12e 
								
							
								 
							
						 
						
							
							
								
								Use CodeMessageException subclass instead  
							
							... 
							
							
							
							Parse json errors from get_json client methods and throw special
errors. 
							
						 
						
							2017-04-25 19:30:55 +01:00  
				
					
						
							
							
								 
						
							
							
								566641a0b5 
								
							
								 
							
						 
						
							
							
								
								use jsonschema.FormatChecker for RoomID and UserID strings  
							
							... 
							
							
							
							* use a valid filter in rest/client/v2_alpha test
Signed-off-by: pik <alexander.maznev@gmail.com> 
							
						 
						
							2017-03-23 11:42:41 -03:00  
				
					
						
							
							
								 
						
							
							
								acafcf1c5b 
								
							
								 
							
						 
						
							
							
								
								Add valid filter tests, flake8, fix typo  
							
							... 
							
							
							
							Signed-off-by: pik <alexander.maznev@gmail.com> 
							
						 
						
							2017-03-23 11:42:10 -03:00  
				
					
						
							
							
								 
						
							
							
								e56c79c114 
								
							
								 
							
						 
						
							
							
								
								check_valid_filter using JSONSchema  
							
							... 
							
							
							
							* add invalid filter tests
Signed-off-by: pik <alexander.maznev@gmail.com> 
							
						 
						
							2017-03-23 11:42:07 -03:00  
				
					
						
							
							
								 
						
							
							
								19b9366d73 
								
							
								 
							
						 
						
							
							
								
								Fix a couple of logcontext leaks  
							
							... 
							
							
							
							Use preserve_fn to correctly manage the logcontexts around things we don't want
to yield on. 
							
						 
						
							2017-03-23 00:17:46 +00:00  
				
					
						
							
							
								 
						
							
							
								a8f96c63aa 
								
							
								 
							
						 
						
							
							
								
								Comment  
							
							
							
						 
						
							2017-03-15 16:01:01 +00:00  
				
					
						
							
							
								 
						
							
							
								e892457a03 
								
							
								 
							
						 
						
							
							
								
								Comment  
							
							
							
						 
						
							2017-03-15 15:01:39 +00:00  
				
					
						
							
							
								 
						
							
							
								6c82de5100 
								
							
								 
							
						 
						
							
							
								
								Format presence events on the edges instead of reformatting them multiple times  
							
							
							
						 
						
							2017-03-15 14:27:34 +00:00  
				
					
						
							
							
								 
						
							
							
								7827251daf 
								
							
								 
							
						 
						
							
							
								
								Merge pull request  #1994  from matrix-org/dbkr/msisdn_signin_2  
							
							... 
							
							
							
							Phone number registration / login support v2 
							
						 
						
							2017-03-15 09:59:54 +00:00  
				
					
						
							
							
								 
						
							
							
								1d09586599 
								
							
								 
							
						 
						
							
							
								
								Address review comments  
							
							... 
							
							
							
							- don't blindly proxy all HTTPRequestExceptions
- log unexpected exceptions at error
- avoid `isinstance`
- improve docs on `from_http_response_exception` 
							
						 
						
							2017-03-14 14:15:37 +00:00  
				
					
						
							
							
								 
						
							
							
								7f237800e9 
								
							
								 
							
						 
						
							
							
								
								re-refactor exception heirarchy  
							
							... 
							
							
							
							Give CodeMessageException back its `msg` attribute, and use that to hold the
HTTP status message for HttpResponseException. 
							
						 
						
							2017-03-14 14:15:37 +00:00  
				
					
						
							
							
								 
						
							
							
								73a5f06652 
								
							
								 
							
						 
						
							
							
								
								Support registration / login with phone number  
							
							... 
							
							
							
							Changes from https://github.com/matrix-org/synapse/pull/1971  
							
						 
						
							2017-03-13 17:27:51 +00:00  
				
					
						
							
							
								 
						
							
							
								170ccc9de5 
								
							
								 
							
						 
						
							
							
								
								Fix routing loop when fetching remote media  
							
							... 
							
							
							
							When we proxy a media request to a remote server, add a query-param, which will
tell the remote server to 404 if it doesn't recognise the server_name.
This should fix a routing loop where the server keeps forwarding back to
itself.
Also improves the error handling on remote media fetches, so that we don't
always return a rather obscure 502. 
							
						 
						
							2017-03-13 16:30:36 +00:00  
				
					
						
							
							
								 
						
							
							
								7eae6eaa2f 
								
							
								 
							
						 
						
							
							
								
								Revert "Support registration & login with phone number"  
							
							
							
						 
						
							2017-03-13 09:59:33 +00:00  
				
					
						
							
							
								 
						
							
							
								ce3e583d94 
								
							
								 
							
						 
						
							
							
								
								WIP support for msisdn 3pid proxy methods  
							
							
							
						 
						
							2017-02-14 15:05:55 +00:00  
				
					
						
							
							
								 
						
							
							
								063a1251a9 
								
							
								 
							
						 
						
							
							
								
								Remove a few aspirational but unused constants  
							
							... 
							
							
							
							from the Kegan era 
							
						 
						
							2017-02-08 11:36:08 +00:00  
				
					
						
							
							
								 
						
							
							
								5f027d1fc5 
								
							
								 
							
						 
						
							
							
								
								Change resolve_state_groups call site logging to DEBUG  
							
							
							
						 
						
							2017-01-17 17:07:15 +00:00  
				
					
						
							
							
								 
						
							
							
								e178feca3f 
								
							
								 
							
						 
						
							
							
								
								Remove unused function  
							
							
							
						 
						
							2017-01-13 15:16:45 +00:00  
				
					
						
							
							
								 
						
							
							
								8b2fa38256 
								
							
								 
							
						 
						
							
							
								
								Split event auth code into seperate module  
							
							
							
						 
						
							2017-01-13 15:07:32 +00:00  
				
					
						
							
							
								 
						
							
							
								7e6c2937c3 
								
							
								 
							
						 
						
							
							
								
								Split out static auth methods from Auth object  
							
							
							
						 
						
							2017-01-10 18:16:54 +00:00  
				
					
						
							
							
								 
						
							
							
								c18f7fc410 
								
							
								 
							
						 
						
							
							
								
								Fix flake8 and update changelog  
							
							
							
						 
						
							2017-01-05 13:50:22 +00:00  
				
					
						
							
							
								 
						
							
							
								d79d165761 
								
							
								 
							
						 
						
							
							
								
								add logging for all the places we call resolve_state_groups. my kingdom for a backtrace that actually works.  
							
							
							
						 
						
							2017-01-05 13:40:39 +00:00  
				
					
						
							
							
								 
						
							
							
								1529c19675 
								
							
								 
							
						 
						
							
							
								
								Prevent user tokens being used as guest tokens ( #1675 )  
							
							... 
							
							
							
							Make sure that a user cannot pretend to be a guest by adding 'guest = True'
caveats. 
							
						 
						
							2016-12-06 15:31:37 +00:00  
				
					
						
							
							
								 
						
							
							
								aa09d6b8f0 
								
							
								 
							
						 
						
							
							
								
								Rip out more refresh_token code  
							
							... 
							
							
							
							We might as well treat all refresh_tokens as invalid. Just return a 403 from
/tokenrefresh, so that we don't have a load of dead, untestable code hanging
around.
Still TODO: removing the table from the schema. 
							
						 
						
							2016-11-30 17:40:18 +00:00  
				
					
						
							
							
								 
						
							
							
								321fe5c44c 
								
							
								 
							
						 
						
							
							
								
								Merge pull request  #1656  from matrix-org/rav/remove_time_caveat  
							
							... 
							
							
							
							Stop putting a time caveat on access tokens 
							
						 
						
							2016-11-30 16:53:20 +00:00  
				
					
						
							
							
								 
						
							
							
								4febfe47f0 
								
							
								 
							
						 
						
							
							
								
								Comments  
							
							... 
							
							
							
							Update comments in verify_macaroon 
							
						 
						
							2016-11-30 07:36:32 +00:00  
				
					
						
							
							
								 
						
							
							
								77eca2487c 
								
							
								 
							
						 
						
							
							
								
								Merge pull request  #1653  from matrix-org/rav/guest_e2e  
							
							... 
							
							
							
							Implement E2E for guests 
							
						 
						
							2016-11-29 17:41:35 +00:00  
				
					
						
							
							
								 
						
							
							
								1c4f05db41 
								
							
								 
							
						 
						
							
							
								
								Stop putting a time caveat on access tokens  
							
							... 
							
							
							
							The 'time' caveat on the access tokens was something of a lie, since we weren't
enforcing it; more pertinently its presence stops us ever adding useful time
caveats.
Let's move in the right direction by not lying in our caveats. 
							
						 
						
							2016-11-29 16:49:41 +00:00