kaslo/synapse
1
0
Fork 0
Code Wiki Activity
20,528 Commits 1,047 Branches 805 Tags
72efaa2edd2eaccc457dc72ccefd9da5bef69304
Commit Graph

2825 Commits

Author SHA1 Message Date
Brendan Abolivier
72efaa2edd Merge tag 'v1.33.2' into babolivier/dinsic_1.41.0 
Synapse 1.33.2 (2021-05-11)
===========================

Due to the security issue highlighted below, server administrators are encouraged to update Synapse. We are not aware of these vulnerabilities being exploited in the wild.

Security advisory
-----------------

This release fixes a denial of service attack ([CVE-2021-29471](https://github.com/matrix-org/synapse/security/advisories/GHSA-x345-32rc-8h85)) against Synapse's push rules implementation. Server admins are encouraged to upgrade.

Internal Changes
----------------

- Unpin attrs dependency. ([\#9946](https://github.com/matrix-org/synapse/issues/9946))
 2021-08-31 14:53:42 +01:00
Brendan Abolivier
1d4f5c34d8 Merge tag 'v1.33.0' into babolivier/dinsic_1.41.0 
Synapse 1.33.0 (2021-05-05)
===========================

Features
--------

- Build Debian packages for Ubuntu 21.04 (Hirsute Hippo). ([\#9909](https://github.com/matrix-org/synapse/issues/9909))

Synapse 1.33.0rc2 (2021-04-29)
==============================

Bugfixes
--------

- Fix tight loop when handling presence replication when using workers. Introduced in v1.33.0rc1. ([\#9900](https://github.com/matrix-org/synapse/issues/9900))

Synapse 1.33.0rc1 (2021-04-28)
==============================

Features
--------

- Update experimental support for [MSC3083](https://github.com/matrix-org/matrix-doc/pull/3083): restricting room access via group membership. ([\#9800](https://github.com/matrix-org/synapse/issues/9800), [\#9814](https://github.com/matrix-org/synapse/issues/9814))
- Add experimental support for handling presence on a worker. ([\#9819](https://github.com/matrix-org/synapse/issues/9819), [\#9820](https://github.com/matrix-org/synapse/issues/9820), [\#9828](https://github.com/matrix-org/synapse/issues/9828), [\#9850](https://github.com/matrix-org/synapse/issues/9850))
- Return a new template when an user attempts to renew their account multiple times with the same token, stating that their account is set to expire. This replaces the invalid token template that would previously be shown in this case. This change concerns the optional account validity feature. ([\#9832](https://github.com/matrix-org/synapse/issues/9832))

Bugfixes
--------

- Fixes the OIDC SSO flow when using a `public_baseurl` value including a non-root URL path. ([\#9726](https://github.com/matrix-org/synapse/issues/9726))
- Fix thumbnail generation for some sites with non-standard content types. Contributed by @rkfg. ([\#9788](https://github.com/matrix-org/synapse/issues/9788))
- Add some sanity checks to identity server passed to 3PID bind/unbind endpoints. ([\#9802](https://github.com/matrix-org/synapse/issues/9802))
- Limit the size of HTTP responses read over federation. ([\#9833](https://github.com/matrix-org/synapse/issues/9833))
- Fix a bug which could cause Synapse to get stuck in a loop of resyncing device lists. ([\#9867](https://github.com/matrix-org/synapse/issues/9867))
- Fix a long-standing bug where errors from federation did not propagate to the client. ([\#9868](https://github.com/matrix-org/synapse/issues/9868))

Improved Documentation
----------------------

- Add a note to the docker docs mentioning that we mirror upstream's supported Docker platforms. ([\#9801](https://github.com/matrix-org/synapse/issues/9801))

Internal Changes
----------------

- Add a dockerfile for running Synapse in worker-mode under Complement. ([\#9162](https://github.com/matrix-org/synapse/issues/9162))
- Apply `pyupgrade` across the codebase. ([\#9786](https://github.com/matrix-org/synapse/issues/9786))
- Move some replication processing out of `generic_worker`. ([\#9796](https://github.com/matrix-org/synapse/issues/9796))
- Replace `HomeServer.get_config()` with inline references. ([\#9815](https://github.com/matrix-org/synapse/issues/9815))
- Rename some handlers and config modules to not duplicate the top-level module. ([\#9816](https://github.com/matrix-org/synapse/issues/9816))
- Fix a long-standing bug which caused `max_upload_size` to not be correctly enforced. ([\#9817](https://github.com/matrix-org/synapse/issues/9817))
- Reduce CPU usage of the user directory by reusing existing calculated room membership. ([\#9821](https://github.com/matrix-org/synapse/issues/9821))
- Small speed up for joining large remote rooms. ([\#9825](https://github.com/matrix-org/synapse/issues/9825))
- Introduce flake8-bugbear to the test suite and fix some of its lint violations. ([\#9838](https://github.com/matrix-org/synapse/issues/9838))
- Only store the raw data in the in-memory caches, rather than objects that include references to e.g. the data stores. ([\#9845](https://github.com/matrix-org/synapse/issues/9845))
- Limit length of accepted email addresses. ([\#9855](https://github.com/matrix-org/synapse/issues/9855))
- Remove redundant `synapse.types.Collection` type definition. ([\#9856](https://github.com/matrix-org/synapse/issues/9856))
- Handle recently added rate limits correctly when using `--no-rate-limit` with the demo scripts. ([\#9858](https://github.com/matrix-org/synapse/issues/9858))
- Disable invite rate-limiting by default when running the unit tests. ([\#9871](https://github.com/matrix-org/synapse/issues/9871))
- Pass a reactor into `SynapseSite` to make testing easier. ([\#9874](https://github.com/matrix-org/synapse/issues/9874))
- Make `DomainSpecificString` an `attrs` class. ([\#9875](https://github.com/matrix-org/synapse/issues/9875))
- Add type hints to `synapse.api.auth` and `synapse.api.auth_blocking` modules. ([\#9876](https://github.com/matrix-org/synapse/issues/9876))
- Remove redundant `_PushHTTPChannel` test class. ([\#9878](https://github.com/matrix-org/synapse/issues/9878))
- Remove backwards-compatibility code for Python versions < 3.6. ([\#9879](https://github.com/matrix-org/synapse/issues/9879))
- Small performance improvement around handling new local presence updates. ([\#9887](https://github.com/matrix-org/synapse/issues/9887))
 2021-08-31 14:53:31 +01:00
Brendan Abolivier
9de3991b9e Merge tag 'v1.32.0' into babolivier/dinsic_1.41.0 
Synapse 1.32.0 (2021-04-20)
===========================

**Note:** This release requires Python 3.6+ and Postgres 9.6+ or SQLite 3.22+.

This release removes the deprecated `GET /_synapse/admin/v1/users/<user_id>` admin API. Please use the [v2 API](https://github.com/matrix-org/synapse/blob/develop/docs/admin_api/user_admin_api.rst#query-user-account) instead, which has improved capabilities.

This release requires Application Services to use type `m.login.application_service` when registering users via the `/_matrix/client/r0/register` endpoint to comply with the spec. Please ensure your Application Services are up to date.

Bugfixes
--------

- Fix the log lines of nested logging contexts. Broke in 1.32.0rc1. ([\#9829](https://github.com/matrix-org/synapse/issues/9829))

Synapse 1.32.0rc1 (2021-04-13)
==============================

Features
--------

- Add a Synapse module for routing presence updates between users. ([\#9491](https://github.com/matrix-org/synapse/issues/9491))
- Add an admin API to manage ratelimit for a specific user. ([\#9648](https://github.com/matrix-org/synapse/issues/9648))
- Include request information in structured logging output. ([\#9654](https://github.com/matrix-org/synapse/issues/9654))
- Add `order_by` to the admin API `GET /_synapse/admin/v2/users`. Contributed by @dklimpel. ([\#9691](https://github.com/matrix-org/synapse/issues/9691))
- Replace the `room_invite_state_types` configuration setting with `room_prejoin_state`. ([\#9700](https://github.com/matrix-org/synapse/issues/9700))
- Add experimental support for [MSC3083](https://github.com/matrix-org/matrix-doc/pull/3083): restricting room access via group membership. ([\#9717](https://github.com/matrix-org/synapse/issues/9717), [\#9735](https://github.com/matrix-org/synapse/issues/9735))
- Update experimental support for Spaces: include `m.room.create` in the room state sent with room-invites. ([\#9710](https://github.com/matrix-org/synapse/issues/9710))
- Synapse now requires Python 3.6 or later. It also requires Postgres 9.6 or later or SQLite 3.22 or later. ([\#9766](https://github.com/matrix-org/synapse/issues/9766))

Bugfixes
--------

- Prevent `synapse_forward_extremities` and `synapse_excess_extremity_events` Prometheus metrics from initially reporting zero-values after startup. ([\#8926](https://github.com/matrix-org/synapse/issues/8926))
- Fix recently added ratelimits to correctly honour the application service `rate_limited` flag. ([\#9711](https://github.com/matrix-org/synapse/issues/9711))
- Fix longstanding bug which caused `duplicate key value violates unique constraint "remote_media_cache_thumbnails_media_origin_media_id_thumbna_key"` errors. ([\#9725](https://github.com/matrix-org/synapse/issues/9725))
- Fix bug where sharded federation senders could get stuck repeatedly querying the DB in a loop, using lots of CPU. ([\#9770](https://github.com/matrix-org/synapse/issues/9770))
- Fix duplicate logging of exceptions thrown during federation transaction processing. ([\#9780](https://github.com/matrix-org/synapse/issues/9780))

Updates to the Docker image
---------------------------

- Move opencontainers labels to the final Docker image such that users can inspect them. ([\#9765](https://github.com/matrix-org/synapse/issues/9765))

Improved Documentation
----------------------

- Make the `allowed_local_3pids` regex example in the sample config stricter. ([\#9719](https://github.com/matrix-org/synapse/issues/9719))

Deprecations and Removals
-------------------------

- Remove old admin API `GET /_synapse/admin/v1/users/<user_id>`. ([\#9401](https://github.com/matrix-org/synapse/issues/9401))
- Make `/_matrix/client/r0/register` expect a type of `m.login.application_service` when an Application Service registers a user, to align with [the relevant spec](https://spec.matrix.org/unstable/application-service-api/#server-admin-style-permissions). ([\#9548](https://github.com/matrix-org/synapse/issues/9548))

Internal Changes
----------------

- Replace deprecated `imp` module with successor `importlib`. Contributed by Cristina Muñoz. ([\#9718](https://github.com/matrix-org/synapse/issues/9718))
- Experiment with GitHub Actions for CI. ([\#9661](https://github.com/matrix-org/synapse/issues/9661))
- Introduce flake8-bugbear to the test suite and fix some of its lint violations. ([\#9682](https://github.com/matrix-org/synapse/issues/9682))
- Update `scripts-dev/complement.sh` to use a local checkout of Complement, allow running a subset of tests and have it use Synapse's Complement test blacklist. ([\#9685](https://github.com/matrix-org/synapse/issues/9685))
- Improve Jaeger tracing for `to_device` messages. ([\#9686](https://github.com/matrix-org/synapse/issues/9686))
- Add release helper script for automating part of the Synapse release process. ([\#9713](https://github.com/matrix-org/synapse/issues/9713))
- Add type hints to expiring cache. ([\#9730](https://github.com/matrix-org/synapse/issues/9730))
- Convert various testcases to `HomeserverTestCase`. ([\#9736](https://github.com/matrix-org/synapse/issues/9736))
- Start linting mypy with `no_implicit_optional`. ([\#9742](https://github.com/matrix-org/synapse/issues/9742))
- Add missing type hints to federation handler and server. ([\#9743](https://github.com/matrix-org/synapse/issues/9743))
- Check that a `ConfigError` is raised, rather than simply `Exception`, when appropriate in homeserver config file generation tests. ([\#9753](https://github.com/matrix-org/synapse/issues/9753))
- Fix incompatibility with `tox` 2.5. ([\#9769](https://github.com/matrix-org/synapse/issues/9769))
- Enable Complement tests for [MSC2946](https://github.com/matrix-org/matrix-doc/pull/2946): Spaces Summary API. ([\#9771](https://github.com/matrix-org/synapse/issues/9771))
- Use mock from the standard library instead of a separate package. ([\#9772](https://github.com/matrix-org/synapse/issues/9772))
- Update Black configuration to target Python 3.6. ([\#9781](https://github.com/matrix-org/synapse/issues/9781))
- Add option to skip unit tests when building Debian packages. ([\#9793](https://github.com/matrix-org/synapse/issues/9793))
 2021-08-31 11:40:27 +01:00
Brendan Abolivier
1a1a83abcb Rework room freeze and implement unfreezing the room (#100) 
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
 2021-07-22 17:50:07 +02:00
Richard van der Hoff
03318a766c Merge pull request from GHSA-x345-32rc-8h85 
* tests for push rule pattern matching

* tests for acl pattern matching

* factor out common `re.escape`

* Factor out common re.compile

* Factor out common anchoring code

* add word_boundary support to `glob_to_regex`

* Use `glob_to_regex` in push rule evaluator

NB that this drops support for character classes. I don't think anyone ever
used them.

* Improve efficiency of globs with multiple wildcards

The idea here is that we compress multiple `*` globs into a single `.*`. We
also need to consider `?`, since `*?*` is as hard to implement efficiently as
`**`.

* add assertion on regex pattern

* Fix mypy

* Simplify glob_to_regex

* Inline the glob_to_regex helper function

Signed-off-by: Dan Callahan <danc@element.io>

* Moar comments

Signed-off-by: Dan Callahan <danc@element.io>

Co-authored-by: Dan Callahan <danc@element.io>
 2021-05-11 11:47:23 +02:00
Erik Johnston
e4ab8676b4 Fix tight loop handling presence replication. (#9900) 
Only affects workers. Introduced in #9819.

Fixes #9899.
 2021-04-28 14:42:50 +01:00
Andrew Morgan
fe604a022a Remove various bits of compatibility code for Python <3.6 (#9879) 
I went through and removed a bunch of cruft that was lying around for compatibility with old Python versions. This PR also will now prevent Synapse from starting unless you're running Python 3.6+.
 2021-04-27 13:13:07 +01:00
Richard van der Hoff
3ff2251754 Improved validation for received requests (#9817) 
* Simplify `start_listening` callpath

* Correctly check the size of uploaded files
 2021-04-23 19:20:44 +01:00
Richard van der Hoff
84936e2264 Kill off _PushHTTPChannel. (#9878) 
First of all, a fixup to `FakeChannel` which is needed to make it work with the default HTTP channel implementation.

Secondly, it looks like we no longer need `_PushHTTPChannel`, because as of #8013, the producer that gets attached to the `HTTPChannel` is now an `IPushProducer`. This is good, because it means we can remove a whole load of test-specific boilerplate which causes variation between tests and production.
 2021-04-23 18:40:57 +01:00
Andrew Morgan
69d83ca0f0 Merge commit '78e48f61b' into anoa/dinsic_release_1_31_0 2021-04-23 18:25:38 +01:00
Andrew Morgan
3d08c7e63b Merge commit 'e5801db83' into anoa/dinsic_release_1_31_0 2021-04-23 18:14:38 +01:00
Andrew Morgan
2d95fa1e57 Merge commit '4ecba9bd5' into anoa/dinsic_release_1_31_0 2021-04-23 18:11:23 +01:00
Andrew Morgan
67b2aa8b9f Merge commit '0e3558473' into anoa/dinsic_release_1_31_0 2021-04-23 17:51:52 +01:00
Andrew Morgan
ea35d2cddc Merge commit 'ad721fc55' into anoa/dinsic_release_1_31_0 2021-04-23 17:49:30 +01:00
Andrew Morgan
cac2b54fa0 Merge commit 'd315e9644' into anoa/dinsic_release_1_31_0 2021-04-23 17:49:16 +01:00
Andrew Morgan
b40e586b5b Merge commit '1c8a2541d' into anoa/dinsic_release_1_31_0 2021-04-23 17:28:43 +01:00
Andrew Morgan
8cb8c604e4 Merge commit '55da8df07' into anoa/dinsic_release_1_31_0 2021-04-23 17:28:38 +01:00
Andrew Morgan
e2b996ecf3 Merge commit 'a7a379006' into anoa/dinsic_release_1_31_0 2021-04-23 17:28:34 +01:00
Andrew Morgan
f9b719fcbe Merge commit '918f6ed82' into anoa/dinsic_release_1_31_0 2021-04-23 17:28:25 +01:00
Andrew Morgan
977d3dc589 Merge commit '7fdc6cefb' into anoa/dinsic_release_1_31_0 2021-04-23 17:26:38 +01:00
Andrew Morgan
7fffd3789b Merge commit '22db45bd4' into anoa/dinsic_release_1_31_0 2021-04-23 17:26:31 +01:00
Richard van der Hoff
59d24c5bef pass a reactor into SynapseSite (#9874) 2021-04-23 17:06:47 +01:00
Andrew Morgan
c8e6ac4977 Merge commit '33a02f0f5' into anoa/dinsic_release_1_31_0 2021-04-23 16:24:53 +01:00
Andrew Morgan
5d4591515e Merge commit 'f00c4e7af' into anoa/dinsic_release_1_31_0 2021-04-23 16:18:51 +01:00
Andrew Morgan
7ce8d7877e Merge commit 'e12077a78' into anoa/dinsic_release_1_31_0 2021-04-23 15:44:57 +01:00
Andrew Morgan
6afa265e4e Merge commit '292792194' into anoa/dinsic_release_1_31_0 2021-04-23 14:38:31 +01:00
Andrew Morgan
1996a5f445 Merge commit '1b2d6d55c' into anoa/dinsic_release_1_31_0 2021-04-23 14:38:26 +01:00
Andrew Morgan
d2b3c47ba3 Merge commit 'e22b71810' into anoa/dinsic_release_1_31_0 2021-04-23 14:12:47 +01:00
Andrew Morgan
2036503c9e Merge commit 'd9f1dccba' into anoa/dinsic_release_1_31_0 2021-04-23 13:39:50 +01:00
Andrew Morgan
ceaa76970f Remove room and user invite ratelimits in default unit test config (#9871) 2021-04-23 13:37:48 +01:00
Andrew Morgan
5a514a3e11 Merge commit '1381cd05b' into anoa/dinsic_release_1_31_0 2021-04-23 12:22:55 +01:00
Andrew Morgan
458add9e29 Merge commit '8ec221710' into anoa/dinsic_release_1_31_0 2021-04-23 12:22:35 +01:00
Andrew Morgan
476cc03d7a Merge commit 'd2f0ec12d' into anoa/dinsic_release_1_31_0 2021-04-23 12:22:28 +01:00
Erik Johnston
9d25a0ae65 Split presence out of master (#9820) 2021-04-23 12:21:55 +01:00
Richard van der Hoff
51a20914a8 Limit the size of HTTP responses read over federation. (#9833) 2021-04-23 11:08:41 +01:00
Andrew Morgan
3e6a798ee7 Merge commit 'e40d88cff' into anoa/dinsic_release_1_31_0 2021-04-22 19:11:54 +01:00
Andrew Morgan
d8df16e331 Merge commit '3f58fc848' into anoa/dinsic_release_1_31_0 2021-04-22 19:04:59 +01:00
Andrew Morgan
2eb003c966 Merge commit '5a9cdaa6e' into anoa/dinsic_release_1_31_0 2021-04-22 19:02:24 +01:00
Andrew Morgan
ae9ce80220 Merge commit '7e8083eb4' into anoa/dinsic_release_1_31_0 2021-04-22 19:02:16 +01:00
Andrew Morgan
d06a48b4be Merge commit '2ab6e67ab' into anoa/dinsic_release_1_31_0 2021-04-22 19:02:12 +01:00
Andrew Morgan
92161ae9ed Merge commit 'e288499c6' into anoa/dinsic_release_1_31_0 2021-04-22 19:02:06 +01:00
Andrew Morgan
aa8555e337 Merge commit '261093072' into anoa/dinsic_release_1_31_0 2021-04-22 19:02:04 +01:00
Andrew Morgan
f69315c707 Up invite ratelimiting for tests 2021-04-22 18:57:33 +01:00
Andrew Morgan
9273535ade Merge commit '18ab35284' into anoa/dinsic_release_1_31_0 2021-04-22 18:37:01 +01:00
Andrew Morgan
3518cc79b6 Merge commit '9c715a5f1' into anoa/dinsic_release_1_31_0 2021-04-22 18:33:37 +01:00
Andrew Morgan
27fd9474ae Merge commit 'e19396d62' into anoa/dinsic_release_1_31_0 2021-04-22 18:32:44 +01:00
Andrew Morgan
7bf3a6ee18 Merge commit '2e537a028' into anoa/dinsic_release_1_31_0 2021-04-22 18:31:10 +01:00
Andrew Morgan
cfa0cff6aa Merge commit '1baab2035' into anoa/dinsic_release_1_31_0 2021-04-22 18:30:10 +01:00
Andrew Morgan
159622bd9a Merge commit 'cee4010f9' into anoa/dinsic_release_1_31_0 2021-04-22 18:30:04 +01:00
Andrew Morgan
f22d69bcf3 Merge commit 'fdf834694' into anoa/dinsic_release_1_31_0 2021-04-22 18:29:56 +01:00