Merge branch 'develop' into key_distribution

Conflicts:
	synapse/crypto/keyring.py
This commit is contained in:
Mark Haines 2015-04-27 18:29:32 +01:00
commit f8b865264a
5 changed files with 74 additions and 28 deletions

View File

@ -86,7 +86,7 @@ Homeserver Installation
======================= =======================
System requirements: System requirements:
- POSIX-compliant system (tested on Linux & OSX) - POSIX-compliant system (tested on Linux & OS X)
- Python 2.7 - Python 2.7
Synapse is written in python but some of the libraries is uses are written in Synapse is written in python but some of the libraries is uses are written in
@ -128,6 +128,15 @@ To set up your homeserver, run (in your virtualenv, as before)::
Substituting your host and domain name as appropriate. Substituting your host and domain name as appropriate.
This will generate you a config file that you can then customise, but it will
also generate a set of keys for you. These keys will allow your Home Server to
identify itself to other Home Servers, so don't lose or delete them. It would be
wise to back them up somewhere safe. If, for whatever reason, you do need to
change your Home Server's keys, you may find that other Home Servers have the
old key cached. If you update the signing key, you should change the name of the
key in the <server name>.signing.key file (the second word, which by default is
, 'auto') to something different.
By default, registration of new users is disabled. You can either enable By default, registration of new users is disabled. You can either enable
registration in the config by specifying ``enable_registration: true`` registration in the config by specifying ``enable_registration: true``
(it is then recommended to also set up CAPTCHA), or (it is then recommended to also set up CAPTCHA), or
@ -367,10 +376,6 @@ SRV record, as that is the name other machines will expect it to have::
You may additionally want to pass one or more "-v" options, in order to You may additionally want to pass one or more "-v" options, in order to
increase the verbosity of logging output; at least for initial testing. increase the verbosity of logging output; at least for initial testing.
For the initial alpha release, the homeserver is not speaking TLS for
either client-server or server-server traffic for ease of debugging. We have
also not spent any time yet getting the homeserver to run behind loadbalancers.
Running a Demo Federation of Homeservers Running a Demo Federation of Homeservers
---------------------------------------- ----------------------------------------
@ -433,7 +438,7 @@ track 3PID logins and publish end-user public keys.
It's currently early days for identity servers as Matrix is not yet using 3PIDs It's currently early days for identity servers as Matrix is not yet using 3PIDs
as the primary means of identity and E2E encryption is not complete. As such, as the primary means of identity and E2E encryption is not complete. As such,
we are running a single identity server (http://matrix.org:8090) at the current we are running a single identity server (https://matrix.org) at the current
time. time.

View File

@ -26,6 +26,8 @@ from synapse.api.errors import SynapseError, Codes
from synapse.util.retryutils import get_retry_limiter from synapse.util.retryutils import get_retry_limiter
from synapse.util.async import create_observer
from OpenSSL import crypto from OpenSSL import crypto
import urllib import urllib
@ -45,6 +47,8 @@ class Keyring(object):
self.perspective_servers = self.config.perspectives self.perspective_servers = self.config.perspectives
self.hs = hs self.hs = hs
self.key_downloads = {}
@defer.inlineCallbacks @defer.inlineCallbacks
def verify_json_for_server(self, server_name, json_object): def verify_json_for_server(self, server_name, json_object):
logger.debug("Verifying for %s", server_name) logger.debug("Verifying for %s", server_name)
@ -103,6 +107,22 @@ class Keyring(object):
defer.returnValue(cached[0]) defer.returnValue(cached[0])
return return
download = self.key_downloads.get(server_name)
if download is None:
download = self._get_server_verify_key_impl(server_name, key_ids)
self.key_downloads[server_name] = download
@download.addBoth
def callback(ret):
del self.key_downloads[server_name]
return ret
r = yield create_observer(download)
defer.returnValue(r)
@defer.inlineCallbacks
def _get_server_verify_key_impl(self, server_name, key_ids):
keys = None keys = None
for perspective_name, perspective_keys in self.perspective_servers.items(): for perspective_name, perspective_keys in self.perspective_servers.items():
try: try:

View File

@ -126,7 +126,25 @@ def make_base_prepend_override_rules():
def make_base_append_override_rules(): def make_base_append_override_rules():
return [ return [
{ {
'rule_id': 'global/override/.m.rule.call', 'rule_id': 'global/override/.m.rule.suppress_notices',
'conditions': [
{
'kind': 'event_match',
'key': 'content.msgtype',
'pattern': 'm.notice',
}
],
'actions': [
'dont_notify',
]
}
]
def make_base_append_underride_rules(user):
return [
{
'rule_id': 'global/underride/.m.rule.call',
'conditions': [ 'conditions': [
{ {
'kind': 'event_match', 'kind': 'event_match',
@ -145,19 +163,6 @@ def make_base_append_override_rules():
} }
] ]
}, },
{
'rule_id': 'global/override/.m.rule.suppress_notices',
'conditions': [
{
'kind': 'event_match',
'key': 'content.msgtype',
'pattern': 'm.notice',
}
],
'actions': [
'dont_notify',
]
},
{ {
'rule_id': 'global/override/.m.rule.contains_display_name', 'rule_id': 'global/override/.m.rule.contains_display_name',
'conditions': [ 'conditions': [
@ -176,7 +181,7 @@ def make_base_append_override_rules():
] ]
}, },
{ {
'rule_id': 'global/override/.m.rule.room_one_to_one', 'rule_id': 'global/underride/.m.rule.room_one_to_one',
'conditions': [ 'conditions': [
{ {
'kind': 'room_member_count', 'kind': 'room_member_count',
@ -193,12 +198,7 @@ def make_base_append_override_rules():
'value': False 'value': False
} }
] ]
} },
]
def make_base_append_underride_rules(user):
return [
{ {
'rule_id': 'global/underride/.m.rule.invite_for_me', 'rule_id': 'global/underride/.m.rule.invite_for_me',
'conditions': [ 'conditions': [

View File

@ -25,6 +25,8 @@ from twisted.internet import defer
from twisted.web.resource import Resource from twisted.web.resource import Resource
from twisted.protocols.basic import FileSender from twisted.protocols.basic import FileSender
from synapse.util.async import create_observer
import os import os
import logging import logging
@ -87,7 +89,7 @@ class BaseMediaResource(Resource):
def callback(media_info): def callback(media_info):
del self.downloads[key] del self.downloads[key]
return media_info return media_info
return download return create_observer(download)
@defer.inlineCallbacks @defer.inlineCallbacks
def _get_remote_media_impl(self, server_name, media_id): def _get_remote_media_impl(self, server_name, media_id):

View File

@ -32,3 +32,22 @@ def run_on_reactor():
iteration of the main loop iteration of the main loop
""" """
return sleep(0) return sleep(0)
def create_observer(deferred):
"""Creates a deferred that observes the result or failure of the given
deferred *without* affecting the given deferred.
"""
d = defer.Deferred()
def callback(r):
d.callback(r)
return r
def errback(f):
d.errback(f)
return f
deferred.addCallbacks(callback, errback)
return d