Matrix-Mirrors/forked-synapse
1
0
Fork 0
mirror of https://mau.dev/maunium/synapse.git synced 2024-10-01 01:36:05 -04:00
Code Issues Packages Projects Releases Wiki Activity
10,886 Commits 5 Branches 723 Tags 124 MiB
46345187cc
Commit Graph

477 Commits

Author SHA1 Message Date
Richard van der Hoff
08bfc48abf custom error code for not leaving server notices room 2018-05-22 17:27:27 +01:00
Richard van der Hoff
a5e2941aad Reject attempts to send event before privacy consent is given 
Returns an M_CONSENT_NOT_GIVEN error (cf
https://github.com/matrix-org/matrix-doc/issues/1252) if consent is not yet
given.
 2018-05-22 12:00:47 +01:00
Richard van der Hoff
33f469ba19 Apply some limits to depth to counter abuse 
* When creating a new event, cap its depth to 2^63 - 1
* When receiving events, reject any without a sensible depth

As per https://docs.google.com/document/d/1I3fi2S-XnpO45qrpCsowZv8P8dHcNZ4fsBsbOW7KABI
 2018-05-01 17:54:19 +01:00
Adrian Tschira
36c59ce669 Use six.itervalues in some places 
There's more where that came from

Signed-off-by: Adrian Tschira <nota@notafile.com>
 2018-04-15 20:39:43 +02:00
Adrian Tschira
6168351877 Add b prefixes to some strings that are bytes in py3 
This has no effect on python2

Signed-off-by: Adrian Tschira <nota@notafile.com>
 2018-04-04 13:48:51 +02:00
Richard van der Hoff
fcfe7f6ad3 Use simplejson throughout 
Let's use simplejson rather than json, for consistency.
 2018-03-29 22:45:52 +01:00
Erik Johnston
fa72803490 Merge branch 'master' of github.com:matrix-org/synapse into develop 2018-03-19 11:41:01 +00:00
Erik Johnston
926ba76e23 Replace ujson with simplejson 2018-03-15 23:43:31 +00:00
Matthew Hodgson
ab9f844aaf
Add federation_domain_whitelist option (#2820) 
Add federation_domain_whitelist

gives a way to restrict which domains your HS is allowed to federate with.
useful mainly for gracefully preventing a private but internet-connected HS from trying to federate to the wider public Matrix network
 2018-01-22 19:11:18 +01:00
Matthew Hodgson
28a6ccb49c add registrations_require_3pid 
lets homeservers specify a whitelist for 3PIDs that users are allowed to associate with.
Typically useful for stopping people from registering with non-work emails
 2018-01-19 00:19:58 +00:00
Richard van der Hoff
d5f9fb06b0 Refactor UI auth implementation 
Instead of returning False when auth is incomplete, throw an exception which
can be caught with a wrapper.
 2017-12-05 09:40:05 +00:00
Richard van der Hoff
da562bd6a1 Improve comments on get_user_by_access_token 
because I have to reverse-engineer this every time.
 2017-11-29 15:52:41 +00:00
Richard van der Hoff
aa620d09a0 Add a config option to block all room invites (#2457) 
- allows sysadmins the ability to lock down their servers so that people can't
send their users room invites.
 2017-09-19 16:08:14 +01:00
Erik Johnston
ed9a7f5436 Merge pull request #2309 from matrix-org/erikj/user_ip_repl 
Fix up user_ip replication commands
 2017-07-06 14:33:14 +01:00
Erik Johnston
2c365f4723 Cache macaroon parse and validation 
Turns out this can be quite expensive for requests, and is easily
cachable. We don't cache the lookup to the DB so invalidation still
works.
 2017-06-29 14:50:18 +01:00
Erik Johnston
8c23221666 Fix up 2017-06-27 15:53:45 +01:00
Erik Johnston
ed3d0170d9 Batch upsert user ips 2017-06-27 13:37:04 +01:00
Erik Johnston
0185b75381 Change is_host_joined to use current_state table 
This bypasses a bug where using the state groups to figure out if a host
is in a room sometimes errors if the servers isn't in the room. (For
example when the server rejected an invite to a remote room)
 2017-06-09 10:52:26 +01:00
David Baker
1a9255c12e Use CodeMessageException subclass instead 
Parse json errors from get_json client methods and throw special
errors.
 2017-04-25 19:30:55 +01:00
pik
566641a0b5 use jsonschema.FormatChecker for RoomID and UserID strings 
* use a valid filter in rest/client/v2_alpha test

Signed-off-by: pik <alexander.maznev@gmail.com>
 2017-03-23 11:42:41 -03:00
pik
acafcf1c5b Add valid filter tests, flake8, fix typo 
Signed-off-by: pik <alexander.maznev@gmail.com>
 2017-03-23 11:42:10 -03:00
pik
e56c79c114 check_valid_filter using JSONSchema 
* add invalid filter tests

Signed-off-by: pik <alexander.maznev@gmail.com>
 2017-03-23 11:42:07 -03:00
Richard van der Hoff
19b9366d73 Fix a couple of logcontext leaks 
Use preserve_fn to correctly manage the logcontexts around things we don't want
to yield on.
 2017-03-23 00:17:46 +00:00
Erik Johnston
a8f96c63aa Comment 2017-03-15 16:01:01 +00:00
Erik Johnston
e892457a03 Comment 2017-03-15 15:01:39 +00:00
Erik Johnston
6c82de5100 Format presence events on the edges instead of reformatting them multiple times 2017-03-15 14:27:34 +00:00
Erik Johnston
7827251daf Merge pull request #1994 from matrix-org/dbkr/msisdn_signin_2 
Phone number registration / login support v2
 2017-03-15 09:59:54 +00:00
Richard van der Hoff
1d09586599 Address review comments 
- don't blindly proxy all HTTPRequestExceptions
- log unexpected exceptions at error
- avoid `isinstance`
- improve docs on `from_http_response_exception`
 2017-03-14 14:15:37 +00:00
Richard van der Hoff
7f237800e9 re-refactor exception heirarchy 
Give CodeMessageException back its `msg` attribute, and use that to hold the
HTTP status message for HttpResponseException.
 2017-03-14 14:15:37 +00:00
David Baker
73a5f06652 Support registration / login with phone number 
Changes from https://github.com/matrix-org/synapse/pull/1971
 2017-03-13 17:27:51 +00:00
Richard van der Hoff
170ccc9de5 Fix routing loop when fetching remote media 
When we proxy a media request to a remote server, add a query-param, which will
tell the remote server to 404 if it doesn't recognise the server_name.

This should fix a routing loop where the server keeps forwarding back to
itself.

Also improves the error handling on remote media fetches, so that we don't
always return a rather obscure 502.
 2017-03-13 16:30:36 +00:00
Erik Johnston
7eae6eaa2f Revert "Support registration & login with phone number" 2017-03-13 09:59:33 +00:00
David Baker
ce3e583d94 WIP support for msisdn 3pid proxy methods 2017-02-14 15:05:55 +00:00
David Baker
063a1251a9 Remove a few aspirational but unused constants 
from the Kegan era
 2017-02-08 11:36:08 +00:00
Erik Johnston
5f027d1fc5 Change resolve_state_groups call site logging to DEBUG 2017-01-17 17:07:15 +00:00
Erik Johnston
e178feca3f Remove unused function 2017-01-13 15:16:45 +00:00
Erik Johnston
8b2fa38256 Split event auth code into seperate module 2017-01-13 15:07:32 +00:00
Erik Johnston
7e6c2937c3 Split out static auth methods from Auth object 2017-01-10 18:16:54 +00:00
Mark Haines
c18f7fc410 Fix flake8 and update changelog 2017-01-05 13:50:22 +00:00
Matthew Hodgson
d79d165761 add logging for all the places we call resolve_state_groups. my kingdom for a backtrace that actually works. 2017-01-05 13:40:39 +00:00
Richard van der Hoff
1529c19675 Prevent user tokens being used as guest tokens (#1675) 
Make sure that a user cannot pretend to be a guest by adding 'guest = True'
caveats.
 2016-12-06 15:31:37 +00:00
Richard van der Hoff
aa09d6b8f0 Rip out more refresh_token code 
We might as well treat all refresh_tokens as invalid. Just return a 403 from
/tokenrefresh, so that we don't have a load of dead, untestable code hanging
around.

Still TODO: removing the table from the schema.
 2016-11-30 17:40:18 +00:00
Richard van der Hoff
321fe5c44c Merge pull request #1656 from matrix-org/rav/remove_time_caveat 
Stop putting a time caveat on access tokens
 2016-11-30 16:53:20 +00:00
Richard van der Hoff
4febfe47f0 Comments 
Update comments in verify_macaroon
 2016-11-30 07:36:32 +00:00
Richard van der Hoff
77eca2487c Merge pull request #1653 from matrix-org/rav/guest_e2e 
Implement E2E for guests
 2016-11-29 17:41:35 +00:00
Richard van der Hoff
1c4f05db41 Stop putting a time caveat on access tokens 
The 'time' caveat on the access tokens was something of a lie, since we weren't
enforcing it; more pertinently its presence stops us ever adding useful time
caveats.

Let's move in the right direction by not lying in our caveats.
 2016-11-29 16:49:41 +00:00
Richard van der Hoff
b6146537d2 Merge pull request #1655 from matrix-org/rav/remove_redundant_macaroon_checks 
Remove redundant list of known caveat prefixes
 2016-11-25 16:57:19 +00:00
Richard van der Hoff
7f02e4d008 Give guest users a device_id 
We need to create devices for guests so that they can use e2e, but we don't
have anywhere to store it, so just use a fixed one.
 2016-11-25 15:25:30 +00:00
Richard van der Hoff
e1d7c96814 Remove redundant list of known caveat prefixes 
Also add some comments.
 2016-11-24 12:38:17 +00:00
Kegan Dougal
83bcdcee61 Return early on /sync code paths if a '*' filter is used 
This is currently very conservative in that it only does this if there is no
`since` token. This limits the risk to clients likely to be doing one-off
syncs (like bridges), but does mean that normal human clients won't benefit
from the time savings here. If the savings are large enough, I would consider
generalising this to just check the filter.
 2016-11-22 16:38:35 +00:00