Richard van der Hoff
1529c19675
Prevent user tokens being used as guest tokens ( #1675 )
...
Make sure that a user cannot pretend to be a guest by adding 'guest = True'
caveats.
2016-12-06 15:31:37 +00:00
Erik Johnston
9609c91e7d
Merge pull request #653 from matrix-org/erikj/preset_guest_join
...
Enable guest access for private rooms by default
2016-12-05 17:47:14 +00:00
Erik Johnston
338df4f409
Merge pull request #1649 from matrix-org/dbkr/log_ui_auth_args
...
Log the args that we have on UI auth completion
2016-12-05 16:40:58 +00:00
pik
c46e7a9c9b
Bugfix: Console logging handler missing default filter
2016-12-03 20:14:58 -03:00
Johannes Löthberg
32c8b5507c
preview_url_resource: Ellipsis must be in unicode string
...
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2016-12-01 13:12:13 +01:00
Richard van der Hoff
6841d8ff55
Fix doc-string
...
Remove refresh_token reference
2016-12-01 11:42:17 +00:00
Richard van der Hoff
aa09d6b8f0
Rip out more refresh_token code
...
We might as well treat all refresh_tokens as invalid. Just return a 403 from
/tokenrefresh, so that we don't have a load of dead, untestable code hanging
around.
Still TODO: removing the table from the schema.
2016-11-30 17:40:18 +00:00
Richard van der Hoff
dc4b23e1a1
Merge branch 'develop' into rav/no_more_refresh_tokens
2016-11-30 17:10:04 +00:00
Richard van der Hoff
8379a741cc
Merge pull request #1660 from matrix-org/rav/better_content_type_validation
...
More intelligent Content-Type parsing
2016-11-30 16:54:03 +00:00
Richard van der Hoff
321fe5c44c
Merge pull request #1656 from matrix-org/rav/remove_time_caveat
...
Stop putting a time caveat on access tokens
2016-11-30 16:53:20 +00:00
Richard van der Hoff
b5b3a7e867
More intelligent Content-Type parsing
...
Content-Type is allowed to contain options (`; charset=utf-8`, for
instance). We should allow that.
2016-11-30 15:07:32 +00:00
Richard van der Hoff
4febfe47f0
Comments
...
Update comments in verify_macaroon
2016-11-30 07:36:32 +00:00
Richard van der Hoff
77eca2487c
Merge pull request #1653 from matrix-org/rav/guest_e2e
...
Implement E2E for guests
2016-11-29 17:41:35 +00:00
Richard van der Hoff
1c4f05db41
Stop putting a time caveat on access tokens
...
The 'time' caveat on the access tokens was something of a lie, since we weren't
enforcing it; more pertinently its presence stops us ever adding useful time
caveats.
Let's move in the right direction by not lying in our caveats.
2016-11-29 16:49:41 +00:00
Richard van der Hoff
5c4edc83b5
Stop generating refresh tokens
...
Since we're not doing refresh tokens any more, we should start killing off the
dead code paths. /tokenrefresh itself is a bit of a thornier subject, since
there might be apps out there using it, but we can at least not generate
refresh tokens on new logins.
2016-11-28 10:13:01 +00:00
Richard van der Hoff
b6146537d2
Merge pull request #1655 from matrix-org/rav/remove_redundant_macaroon_checks
...
Remove redundant list of known caveat prefixes
2016-11-25 16:57:19 +00:00
Richard van der Hoff
f62b69e32a
Allow guest access to endpoints for E2E
...
Expose /devices, /keys, and /sendToDevice to guest users, so that they can use
E2E.
2016-11-25 15:26:34 +00:00
Richard van der Hoff
7f02e4d008
Give guest users a device_id
...
We need to create devices for guests so that they can use e2e, but we don't
have anywhere to store it, so just use a fixed one.
2016-11-25 15:25:30 +00:00
Erik Johnston
11bfe438a2
Use correct var
2016-11-24 15:26:53 +00:00
Erik Johnston
aaecffba3a
Correctly handle 500's and 429 on federation
2016-11-24 15:04:49 +00:00
Richard van der Hoff
e1d7c96814
Remove redundant list of known caveat prefixes
...
Also add some comments.
2016-11-24 12:38:17 +00:00
Erik Johnston
7e03f9a484
Bump version and changelog
2016-11-24 12:29:58 +00:00
Erik Johnston
46ca345b06
Don't send old events as federation
2016-11-24 12:29:02 +00:00
Erik Johnston
f36ea03741
Bump changelog and version
2016-11-24 11:08:01 +00:00
David Baker
c9d4e7b716
Clarify that creds doesn not contain passwords.
2016-11-24 10:54:59 +00:00
David Baker
f681aab895
Log the args that we have on UI auth completion
...
This will be super helpful for debugging if we have more
registration woes.
2016-11-24 10:11:45 +00:00
Erik Johnston
1985860c6e
Comment
2016-11-23 15:59:59 +00:00
Erik Johnston
2ac516850b
More efficient notif count queries
2016-11-23 15:57:04 +00:00
Erik Johnston
302fbd218d
Merge pull request #1635 from matrix-org/erikj/split_out_fed_txn
...
Split out federation transaction sending to a worker
2016-11-23 15:39:12 +00:00
Erik Johnston
b2d6e63b79
Merge pull request #1641 from matrix-org/erikj/as_pushers
...
Ignore AS users when fetching push rules
2016-11-23 15:21:52 +00:00
Erik Johnston
feec718265
Shuffle receipt handler around so that worker apps don't need to load it
2016-11-23 15:14:24 +00:00
Erik Johnston
26072df6af
Ensure only main or federation_sender process can send federation traffic
2016-11-23 14:09:47 +00:00
Erik Johnston
b69f76c106
Merge branch 'develop' of github.com:matrix-org/synapse into erikj/split_out_fed_txn
2016-11-23 11:31:53 +00:00
Erik Johnston
4d9b5c60f9
Comment
2016-11-23 11:11:41 +00:00
Erik Johnston
0163466d72
Ignore AS users when fetching push rules
...
By ignoring AS users early on when fetching push rules for a room we can
avoid needlessly hitting the DB and filling up the caches.
2016-11-23 11:01:01 +00:00
Erik Johnston
4c79a63fd7
Explicit federation ack
2016-11-23 10:40:44 +00:00
Erik Johnston
54fed21c04
Fix tests and flake8
2016-11-22 18:18:31 +00:00
Erik Johnston
90565d015e
Invalidate retry cache in both directions
2016-11-22 17:45:44 +00:00
Kegan Dougal
83bcdcee61
Return early on /sync code paths if a '*' filter is used
...
This is currently very conservative in that it only does this if there is no
`since` token. This limits the risk to clients likely to be doing one-off
syncs (like bridges), but does mean that normal human clients won't benefit
from the time savings here. If the savings are large enough, I would consider
generalising this to just check the filter.
2016-11-22 16:38:35 +00:00
Kegsay
d4a459f7cb
Merge pull request #1638 from matrix-org/kegan/sync-event-fields
...
Implement "event_fields" in filters
2016-11-22 14:02:38 +00:00
Kegan Dougal
c3d963ac24
Review comments
2016-11-22 13:42:11 +00:00
Kegan Dougal
6d4e6d4cba
Also check for dict since sometimes they aren't frozen
2016-11-22 10:39:41 +00:00
Erik Johnston
baf9e74a73
Merge branch 'master' of github.com:matrix-org/synapse into develop
2016-11-22 10:31:48 +00:00
Kegan Dougal
cea4e4e7b2
Glue only_event_fields into the sync rest servlet
2016-11-22 10:14:05 +00:00
Kegan Dougal
0a8b0eeca1
More tests
2016-11-22 09:59:27 +00:00
Erik Johnston
51e89709aa
Comments
2016-11-21 17:59:39 +00:00
Kegan Dougal
70a2157b64
Start adding some tests
2016-11-21 17:52:45 +00:00
Kegan Dougal
f97511a1f3
Move event_fields filtering to serialize_event
...
Also make it an inclusive not exclusive filter, as the spec demands.
2016-11-21 17:42:16 +00:00
Erik Johnston
88d85ebae1
Add some metrics
2016-11-21 17:36:05 +00:00
Erik Johnston
50934ce460
Comments
2016-11-21 16:55:23 +00:00
Kegan Dougal
e90fcd9edd
Add filter_event_fields and filter_field to FilterCollection
2016-11-21 15:18:18 +00:00
Erik Johnston
9687e039e7
Remove explicit calls to send_pdu
2016-11-21 14:48:51 +00:00
Kegan Dougal
a2a6c1c22f
Fail with a coherent error message if /sync?filter=
is invalid
2016-11-21 13:15:25 +00:00
Erik Johnston
524d61bf7e
Fix tests
2016-11-21 11:53:02 +00:00
Erik Johnston
7c9cdb2245
Store federation stream positions in the database
2016-11-21 11:33:08 +00:00
Mark Haines
a289150943
Fix flake8
2016-11-18 17:15:02 +00:00
David Baker
544722bad2
Work around client replacing reg params
...
Works around https://github.com/vector-im/vector-android/issues/715
and equivalent for iOS
2016-11-18 17:07:35 +00:00
Erik Johnston
f8ee66250a
Handle sending events and device messages over federation
2016-11-17 15:48:04 +00:00
Erik Johnston
ed787cf09e
Hook up the send queue and create a federation sender worker
2016-11-16 17:34:44 +00:00
Erik Johnston
1587b5a033
Add initial cut of federation send queue
2016-11-16 14:47:52 +00:00
Erik Johnston
59ef517e6b
Use new federation_sender DI
2016-11-16 14:47:52 +00:00
Erik Johnston
847d5db1d1
Add transaction queue and transport layer to DI
2016-11-16 14:47:52 +00:00
Erik Johnston
daec6fc355
Move logic into transaction_queue
2016-11-16 14:47:52 +00:00
Erik Johnston
0e830d3770
Rename transaction queue functions to send_*
2016-11-16 14:47:52 +00:00
Erik Johnston
dc6cede78e
Merge pull request #1628 from matrix-org/erikj/ldap_split_out
...
Use external ldap auth pacakge
2016-11-15 16:53:34 +00:00
Erik Johnston
c7546b3cdb
Merge pull request #1617 from matrix-org/erikj/intern_state_dict
...
Correctly intern keys in state cache
2016-11-15 16:45:55 +00:00
Erik Johnston
d56c39cf24
Use external ldap auth pacakge
2016-11-15 13:03:19 +00:00
Erik Johnston
f9d156d270
New Flake8 fixes
2016-11-15 11:22:29 +00:00
Erik Johnston
9d58ccc547
Bump changelog and version
2016-11-14 15:05:04 +00:00
Kegsay
9355a5c42b
Merge pull request #1624 from matrix-org/kegan/idempotent-requests
...
Store Promise<Response> instead of Response for HTTP API transactions
2016-11-14 12:45:30 +00:00
Kegan Dougal
3991b4cbdb
Clean transactions based on time. Add HttpTransactionCache tests.
2016-11-14 11:19:24 +00:00
Kegan Dougal
af4a1bac50
Move .observe() up to the cache to make things neater
2016-11-14 09:52:41 +00:00
Erik Johnston
0964005d84
Merge pull request #1625 from DanielDent/patch-1
...
Add support for durations in minutes
2016-11-12 11:20:46 +00:00
Daniel Dent
1c93cd9f9f
Add support for durations in minutes
2016-11-12 00:10:23 -08:00
Kegan Dougal
8ecaff51a1
Review comments
2016-11-11 17:47:03 +00:00
Kegan Dougal
f6c48802f5
More flake8
2016-11-11 15:08:24 +00:00
Kegan Dougal
a88bc67f88
Flake8 and fix whoopsie
2016-11-11 15:02:29 +00:00
Kegan Dougal
42c43cfafd
Use ObservableDeferreds instead of Deferreds as they behave as intended
2016-11-11 14:54:10 +00:00
Kegan Dougal
c7daf3136c
Use observable deferreds because they are sane
2016-11-11 14:13:32 +00:00
Erik Johnston
64038b806c
Comments
2016-11-11 10:42:08 +00:00
Erik Johnston
2bd4513a4d
Limit the number of events that can be created on a given room concurretnly
2016-11-10 16:44:35 +00:00
Erik Johnston
d073cb7ead
Add Limiter: limit concurrent access to resource
2016-11-10 16:29:51 +00:00
Kegan Dougal
8a8ad46f48
Flake8
2016-11-10 15:22:11 +00:00
Kegan Dougal
2771447c29
Store Promise<Response> instead of Response for HTTP API transactions
...
This fixes a race whereby:
- User hits an endpoint.
- No cached transaction so executes main code.
- User hits same endpoint.
- No cache transaction so executes main code.
- Main code finishes executing and caches response and returns.
- Main code finishes executing and caches response and returns.
This race is common in the wild when Synapse is struggling under load.
This commit fixes the race by:
- User hits an endpoint.
- Caches the promise to execute the main code and executes main code.
- User hits same endpoint.
- Yields on the same promise as the first request.
- Main code finishes executing and returns, unblocking both requests.
2016-11-10 14:49:26 +00:00
Erik Johnston
ac507e7ab8
Don't assume providers raise ConfigError's
2016-11-08 17:23:28 +00:00
Erik Johnston
e6651e8046
Merge branch 'master' of github.com:matrix-org/synapse into develop
2016-11-08 14:43:49 +00:00
Erik Johnston
3c09818d91
Bump version and changelog
2016-11-08 14:39:55 +00:00
Erik Johnston
27d3f2e7ab
Explicitly set authentication mode in ldap3
...
This only makes a difference for versions of ldap3 before 1.0, but a)
its best to be explicit and b) there are distributions that package
ancient versions for ldap3 (e.g. debian).
2016-11-08 14:35:25 +00:00
Erik Johnston
17e0a58020
Merge pull request #1615 from matrix-org/erikj/limit_prev_events
...
Limit the number of prev_events of new events
2016-11-08 12:06:15 +00:00
Erik Johnston
587d8ac60f
Correctly intern keys in state cache
2016-11-08 11:53:25 +00:00
Erik Johnston
a4632783fb
Sample correctly
2016-11-08 11:20:26 +00:00
Erik Johnston
24772ba56e
Respect use_frozen_dicts option in workers
2016-11-08 11:07:18 +00:00
Erik Johnston
eeda4e618c
Limit the number of prev_events of new events
2016-11-08 11:02:29 +00:00
Erik Johnston
d24197bead
Merge pull request #1198 from euank/more-ip-blacklist
...
default config: blacklist more internal ips
2016-11-07 09:41:34 +00:00
Euan Kemp
c6bbad109b
default config: blacklist more internal ips
2016-11-06 17:02:25 -08:00
Erik Johnston
63772443e6
Comment
2016-11-04 10:53:42 +00:00
Erik Johnston
a3f6576084
Remove unused but buggy function
2016-11-04 10:48:20 +00:00
Paul "LeoNerd" Evans
2938a00825
Rename the python-specific metrics now the docs claim that we have done
2016-11-03 17:03:52 +00:00
Paul "LeoNerd" Evans
5219f7e060
Since we don't export per-filetype fd counts any more, delete all the code related to that too
2016-11-03 16:41:32 +00:00
Paul "LeoNerd" Evans
93ebeb2aa8
Remove now-unused 'resource' import
2016-11-03 16:37:09 +00:00