fa12209c1b
Hopefully all remaining bits for email notifs
...
Add public facing base url to the server so synapse knows what URL to use when converting mxc to http urls for use in emails
2016-04-27 15:09:55 +01:00
52ecbc2843
Make pyjwt dependency optional
2016-04-25 14:30:15 +01:00
2022ae0fb9
Merge pull request #746 from matrix-org/markjh/split_out_pusher
...
Optionally split out the pushers into a separate process
2016-04-22 11:34:08 +01:00
b9675ef6e6
Merge pull request #687 from nikriek/jwt-fix
...
Fix issues with JWT login
2016-04-21 17:42:25 +01:00
a3ac837599
Optionally split out the pushers into a separate process
2016-04-21 17:22:37 +01:00
565c2edb0a
Fix issues with JWT login
2016-04-21 18:10:48 +02:00
2ed0adb075
Generate mails from a template
2016-04-20 18:35:29 +01:00
f63bd4ff47
Send a rather basic email notif
...
Also pep8 fixes
2016-04-20 13:02:01 +01:00
f338bf9257
Give install requirements
2016-04-13 14:33:48 +01:00
bfe586843f
Add back in helpful description for missing url_preview_ip_range_blacklist
2016-04-13 13:52:57 +01:00
d0633e6dbe
Sanitize the optional dependencies for spider API
2016-04-13 13:38:09 +01:00
4bd3d25218
Merge pull request #688 from matrix-org/matthew/preview_urls
...
URL previewing support
2016-04-11 10:40:29 +01:00
af582b66bb
fix typo
2016-04-08 19:08:47 +01:00
dafef5a688
Add url_preview_enabled config option to turn on/off preview_url endpoint. defaults to off.
...
Add url_preview_ip_range_blacklist to let admins specify internal IP ranges that must not be spidered.
Add url_preview_url_blacklist to let admins specify URL patterns that must not be spidered.
Implement a custom SpiderEndpoint and associated support classes to implement url_preview_ip_range_blacklist
Add commentary and generally address PR feedback
2016-04-08 18:37:15 +01:00
92767dd703
add tls property
2016-04-06 18:23:45 +02:00
3d95405e5f
Introduce LDAP authentication
2016-04-06 18:23:45 +02:00
9f7dc2bef7
Merge branch 'develop' into matthew/preview_urls
2016-04-04 00:38:21 +01:00
3f9948a069
Add JWT support
2016-03-29 14:36:36 +02:00
d9d48aad2d
Merge branch 'develop' into matthew/preview_urls
2016-03-27 22:54:42 +01:00
590fbbef03
Add config to create guest account on 3pid invite
...
Currently, when a 3pid invite request is sent to an identity server, it
includes a provisioned guest access token. This allows the link in the,
say, invite email to include the guest access token ensuring that the
same account is used each time the link is clicked.
This flow has a number of flaws, including when using different servers
or servers that have guest access disabled.
For now, we keep this implementation but hide it behind a config option
until a better flow is implemented.
2016-03-14 15:50:40 +00:00
239badea9b
Use syntax that works on both py2.7 and py3
2016-03-07 20:13:10 +00:00
5fc59f009c
config,handlers/_base: added homeserver config for what state is included in a room invite
...
Signed-off-by: Patrik Oldsberg <patrik.oldsberg@ericsson.com>
2016-03-04 10:43:17 +01:00
47c361d2f8
add 800x600 thumbnails to make vector look prettier (and anyone else who likes big thumbnails)
2016-03-02 15:57:54 +00:00
f078ecbc8f
Derive macaroon_secret_key from signing key.
...
Unfortunately, there are people that are running synapse without a
`macaroon_sercret_key` set. Mandating they set one is a good solution,
except that breaking auto upgrades is annoying.
2016-02-08 16:35:44 +00:00
6a9f1209df
Error if macaroon key is missing from config
...
Currently we store all access tokens in the DB, and fall back to that
check if we can't validate the macaroon, so our fallback works here, but
for guests, their macaroons don't get persisted, so we don't get to
find them in the database. Each restart, we generate a new ephemeral
key, so guests lose access after each server restart.
I tried to fix up the config stuff to be less insane, but gave up, so
instead I bolt on yet another piece of custom one-off insanity.
Also, add some basic tests for config generation and loading.
2016-02-05 01:58:23 +00:00
5054806ec1
Rename config field to reflect yaml name
2016-02-03 14:42:01 +00:00
0fcafbece8
Add config option for setting the trusted id servers, disabling checking the ID server in integration tests
2016-01-29 14:12:26 +00:00
7dd0c1730a
initial WIP of a tentative preview_url endpoint - incomplete, untested, experimental, etc. just putting it here for safekeeping for now
2016-01-24 18:47:27 -05:00
5727922106
Merge pull request #473 from matrix-org/erikj/ssh_manhole
...
Change manhole to use ssh
2016-01-07 14:36:16 +00:00
5dc5e29b9c
s/telnet/ssh/
2016-01-07 14:02:57 +00:00
6c28ac260c
copyrights
2016-01-07 04:26:29 +00:00
4106477e7f
Config Comment mixup in captcha public/private key
2016-01-06 23:19:33 +01:00
6863466653
Added a single line to explain what the server_name is used for
2015-12-02 00:37:55 +01:00
06f74068f4
Comment
2015-11-19 13:05:51 +00:00
037ce4c68f
Split out text for missing config options.
...
This allows packages to more easily override the default messages to
include package specific options.
2015-11-18 18:37:05 +00:00
f5e25c5f35
Merge branch 'develop' into sh-cas-auth-via-homeserver
2015-11-17 10:55:41 +00:00
6a9c4cfd0b
Fix race creating directories
2015-11-12 11:58:48 +00:00
414a4a71b4
Allow hs to do CAS login completely and issue the client with a login token that can be redeemed for the usual successful login response
2015-11-05 14:06:48 +00:00
45f1827fb7
Add service URL to CAS config
2015-11-04 23:32:30 +00:00
f522f50a08
Allow guests to register and call /events?room_id=
...
This follows the same flows-based flow as regular registration, but as
the only implemented flow has no requirements, it auto-succeeds. In the
future, other flows (e.g. captcha) may be required, so clients should
treat this like the regular registration flow choices.
2015-11-04 17:29:07 +00:00
259d10f0e4
Merge branch 'release-v0.10.1' of github.com:matrix-org/synapse into develop
2015-10-23 11:11:56 +01:00
5025ba959f
Add config option to disable password login
2015-10-22 10:37:04 +01:00
f2f031fd57
Add config for how many bcrypt rounds to use for password hashes
...
By default we leave it at the default value of 12. But now we can reduce
it for preparing users for loadtests or running integration tests.
2015-10-16 14:52:08 +01:00
9020860479
Only turn on the twisted deferred debugging if full_twisted_stacktraces is set in the config
2015-10-13 17:50:44 +01:00
ab7f9bb861
Default cas_required_attributes to empty dictionary
2015-10-12 14:58:59 +01:00
01a5f1991c
Support multiple required attributes in CAS response, and in a nicer config format too
2015-10-12 14:43:17 +01:00
76421c496d
Allow optional config params for a required attribute and it's value, if specified any CAS user must have the given attribute and the value must equal
2015-10-12 11:11:49 +01:00
c33f5c1a24
Provide ability to login using CAS
2015-10-10 10:49:42 +01:00
b28c7da0a4
Preserve version string in user agent
2015-10-05 20:49:39 -05:00
8fc52bc56a
Allow synapse's useragent to be customized
...
This will allow me to write tests which verify which server made HTTP
requests in a federation context.
2015-10-02 17:13:51 -05:00
6d7f291b93
Front-load spaces
2015-09-22 13:13:07 +01:00
7213588083
Implement configurable stats reporting
...
SYN-287
This requires that HS owners either opt in or out of stats reporting.
When --generate-config is passed, --report-stats must be specified
If an already-generated config is used, and doesn't have the
report_stats key, it is requested to be set.
2015-09-22 12:57:40 +01:00
2c8f16257a
Merge pull request #272 from matrix-org/daniel/insecureclient
...
Allow configuration to ignore invalid SSL certs
2015-09-15 16:52:38 +01:00
d4af08a167
Use shorter config key name
2015-09-15 15:50:13 +01:00
9cd5b9a802
Hacky attempt at catching SIGHUP and rotating the logfile around
2015-09-14 19:03:53 +01:00
2c746382e0
Merge branch 'daniel/insecureclient' into develop
2015-09-09 14:27:30 +01:00
ddfe30ba83
Better document the intent of the insecure SSL setting
2015-09-09 13:26:23 +01:00
81a93ddcc8
Allow configuration to ignore invalid SSL certs
...
This will be useful for sytest, and sytest only, hence the aggressive
config key name.
2015-09-09 12:02:07 +01:00
73e4ad4b8b
Merge branch 'master' into develop
...
Conflicts:
setup.py
2015-09-07 15:06:46 +01:00
fd0a919af3
Lists use 'append'
2015-09-02 17:27:59 +01:00
b62c1395d6
Merge branch 'release-v0.10.0' of github.com:matrix-org/synapse into develop
2015-09-01 13:11:55 +01:00
a7122692d9
Merge branch 'release-v0.10.0' into develop
...
Conflicts:
synapse/handlers/auth.py
synapse/python_dependencies.py
synapse/rest/client/v1/login.py
2015-08-28 11:15:27 +01:00
b442217d91
Actually add config path
2015-08-28 10:37:17 +01:00
0de2aad061
Merge pull request #250 from matrix-org/erikj/generated_directory
...
Add config option to specify where generated files should be dumped
2015-08-25 17:40:19 +01:00
3f6f74686a
Update config doc
2015-08-25 17:37:21 +01:00
82145912c3
s/--generated-directory/--keys-directory/
2015-08-25 17:31:22 +01:00
3e1029fe80
Warn if we encounter unexpected files in config directories
2015-08-25 17:08:23 +01:00
af7c1397d1
Add config option to specify where generated files should be dumped
2015-08-25 16:58:01 +01:00
bfb66773a4
Allow specifying directories as config files
2015-08-25 16:25:54 +01:00
747535f20f
Merge pull request #245 from matrix-org/erikj/configurable_client_location
...
Allow specifying a directory to host a web client from
2015-08-25 15:50:25 +01:00
1d1c303b9b
Fix typo when using sys.stderr.write
2015-08-25 15:39:16 +01:00
f63208a1c0
Add utility to parse config and print out a key
...
Usage:
```
$ python -m synapse.config read server_name -c homeserver.yaml
localhost
```
2015-08-25 15:16:31 +01:00
86cef6a91b
Allow specifying a directory to host a web client from
2015-08-25 12:01:23 +01:00
cf8c04948f
Fix typo in module imports and package dependencies
2015-08-25 10:42:59 +01:00
78323ccdb3
Remove syutil dependency in favour of smaller single-purpose libraries
2015-08-24 16:17:38 +01:00
ce2a7ed6e4
Merge branch 'develop' into auth
2015-08-20 16:28:36 +01:00
2d3462714e
Issue macaroons as opaque auth tokens
...
This just replaces random bytes with macaroons. The macaroons are not
inspected by the client or server.
In particular, they claim to have an expiry time, but nothing verifies
that they have not expired.
Follow-up commits will actually enforce the expiration, and allow for
token refresh.
See https://bit.ly/matrix-auth for more information
2015-08-18 14:22:02 +01:00
95b0f5449d
Fix flake8 warning
2015-08-13 17:34:22 +01:00
b16cd18a86
Merge remote-tracking branch 'origin/develop' into erikj/generate_presice_thumbnails
2015-08-13 17:23:39 +01:00
de3b7b55d6
Doc-string for config ultility function
2015-08-12 14:29:17 +01:00
7bbaab9432
Fix the --generate-keys option. Make it do the same thing as --generate-config does when the config file exists, but without printing a warning
2015-08-12 11:57:37 +01:00
fdb724cb70
Add config option for setting the list of thumbnail sizes to precalculate
2015-08-12 10:55:27 +01:00
7e3d1c7d92
Make a config option for whether to generate new thumbnail sizes dynamically
2015-08-12 10:54:38 +01:00
e3c8e2c13c
Add a --generate-keys option
2015-08-07 16:42:27 +01:00
efe60d5e8c
Only print the pidfile path on startup if requested by a commandline flag
2015-08-07 16:36:42 +01:00
90dbd71c13
Merge branch 'master' of github.com:matrix-org/synapse into develop
2015-07-21 09:25:30 +01:00
62b4b72fe4
Close, but no cigar.
2015-07-14 10:33:25 +01:00
f3049d0b81
Small tweaks to SAML2 configuration.
...
- Add saml2 config docs to default config.
- Use existence of saml2 config to indicate if saml2 should be enabled.
2015-07-10 10:50:14 +01:00
9158ad1abb
Merge pull request #201 from EricssonResearch/msba/saml2-develop
...
Integrate SAML2 basic authentication - uses pysaml2
2015-07-10 10:25:56 +01:00
294dbd712f
We don't want semicolons.
2015-07-09 11:47:24 +01:00
8cd34dfe95
Make SAML2 optional and add some references/comments
2015-07-09 13:34:47 +05:30
fb8d2862c1
remove the tls_certificate_chain_path param and simply support tls_certificate_path pointing to a file containing a chain of certificates
2015-07-09 00:45:41 +01:00
8ad2d2d1cb
document tls_certificate_chain_path more clearly
2015-07-09 00:06:01 +01:00
f26a3df1bf
oops, context.tls_certificate_chain_file() expects a file, not a certificate.
2015-07-08 21:33:02 +01:00
465acb0c6a
*cough*
2015-07-08 18:30:59 +01:00
64afbe6ccd
add new optional config for tls_certificate_chain_path for folks with intermediary SSL certs
2015-07-08 18:20:02 +01:00
04192ee05b
typo
2015-07-08 17:49:15 +01:00
f53bae0c19
code beautify
2015-07-08 16:05:46 +05:30
81682d0f82
Integrate SAML2 basic authentication - uses pysaml2
2015-07-08 15:36:54 +05:30
9e5a353663
Make upload dir a configurable path.
...
Fixes SYN-425.
Signed-off-by: Eric Myhre <hash@exultant.us>
2015-06-18 23:38:20 -05:00
David Baker