Patrick Cloke
56db0b1365
Hash passwords earlier in the registration process ( #7523 )
2020-05-18 09:46:18 -04:00
Patrick Cloke
5d64fefd6c
Do not validate that the client dict is stable during UI Auth. ( #7483 )
...
This backs out some of the validation for the client dictionary and logs if
this changes during a user interactive authentication session instead.
2020-05-13 14:26:44 -04:00
Patrick Cloke
0ad6d28b0d
Rework UI Auth session validation for registration ( #7455 )
...
Be less strict about validation of UI authentication sessions during
registration to match client expecations.
2020-05-08 16:08:58 -04:00
Brendan Abolivier
d9b8d27494
Add a configuration setting for the dummy event threshold ( #7422 )
...
Add dummy_events_threshold which allows configuring the number of forward extremities a room needs for Synapse to send forward extremities in it.
2020-05-07 10:35:23 +01:00
Richard van der Hoff
13dd458b8d
Merge branch 'release-v1.13.0' into erikj/faster_device_lists_fetch
2020-05-05 18:14:00 +01:00
Erik Johnston
f9073893af
Speed up fetching device lists changes in sync.
...
Currently we copy `users_who_share_room` needlessly about three times,
which is expensive when the set is large (which it can easily be).
2020-05-05 17:40:29 +01:00
Andrew Morgan
6b22921b19
async/await is_server_admin ( #7363 )
2020-05-01 15:15:36 +01:00
Patrick Cloke
627b0f5f27
Persist user interactive authentication sessions ( #7302 )
...
By persisting the user interactive authentication sessions to the database, this fixes
situations where a user hits different works throughout their auth session and also
allows sessions to persist through restarts of Synapse.
2020-04-30 13:47:49 -04:00
Andrew Morgan
9d8ecc9e6c
Apply federation check for /publicRooms with filter list ( #7367 )
2020-04-30 11:38:07 +01:00
Patrick Cloke
33bceb7f70
Convert some of the federation handler methods to async/await. ( #7338 )
2020-04-24 14:36:38 -04:00
Richard van der Hoff
71a1abb8a1
Stop the master relaying USER_SYNC for other workers ( #7318 )
...
Long story short: if we're handling presence on the current worker, we shouldn't be sending USER_SYNC commands over replication.
In an attempt to figure out what is going on here, I ended up refactoring some bits of the presencehandler code, so the first 4 commits here are non-functional refactors to move this code slightly closer to sanity. (There's still plenty to do here :/). Suggest reviewing individual commits.
Fixes (I hope) #7257 .
2020-04-22 22:39:04 +01:00
Richard van der Hoff
2aa5bf13c8
Merge branch 'release-v1.12.4' into develop
2020-04-22 13:09:23 +01:00
Andrew Morgan
f89ad3b6df
Query missing cross-signing keys on local sig upload ( #7289 )
2020-04-22 12:29:36 +01:00
Andrew Morgan
ff5604e7f1
import urllib.parse when using urllib.parse.quote ( #7319 )
2020-04-22 12:18:51 +01:00
Richard van der Hoff
461f01ad43
Merge branch 'release-v1.12.4' into develop
2020-04-20 17:55:39 +01:00
Richard van der Hoff
d41c8f6d4d
Revert "Query missing cross-signing keys on local sig upload"
...
This was incorrectly merged to the release branch before it was ready.
This reverts commit 72fe2affb6
.
2020-04-20 17:54:35 +01:00
Richard van der Hoff
a46ff43319
Merge branch 'release-v1.12.4' into develop
2020-04-20 17:42:27 +01:00
David Baker
40f79f58bf
Always send the user updates to their own device list ( #7160 )
2020-04-20 17:20:38 +01:00
Patrick Cloke
f5ea8b48bd
Reject unknown UI auth sessions (instead of silently generating a new one) ( #7268 )
2020-04-20 08:54:42 -04:00
Patrick Cloke
054c231e58
Use a template for the SSO success page to allow for customization. ( #7279 )
2020-04-17 13:34:55 -04:00
Andrew Morgan
72fe2affb6
Query missing cross-signing keys on local sig upload
...
Add changelog
Save retrieved keys to the db
lint
Fix and de-brittle remote result dict processing
Use query_user_devices instead, assume only master, self_signing key types
Make changelog more useful
Remove very specific exception handling
Wrap get_verify_key_from_cross_signing_key in a try/except
Note that _get_e2e_cross_signing_verify_key can raise a SynapseError
lint
Add comment explaining why this is useful
Only fetch master and self_signing key types
Fix log statements, docstrings
Remove extraneous items from remote query try/except
lint
Factor key retrieval out into a separate function
Send device updates, modeled after SigningKeyEduUpdater._handle_signing_key_updates
Update method docstring
2020-04-17 15:47:49 +01:00
Patrick Cloke
eed7c5b89e
Convert auth handler to async/await ( #7261 )
2020-04-15 12:40:18 -04:00
Andrew Morgan
ac6a84818f
Only register devices edu handler on the master process ( #7255 )
2020-04-14 11:36:24 +01:00
Andrew Morgan
fef82f4e22
Only register devices edu handler on the master process ( #7255 )
2020-04-14 10:09:58 +01:00
PeerD
f41b742161
Check on room creation if the user is allowed to publish the room to the room directory. ( #7260 )
2020-04-13 07:42:32 -04:00
Matthew Hodgson
118b58f0c9
typos
2020-04-11 20:55:18 +01:00
Andrew Morgan
ac978ab3da
Default PL100 to enable encryption in a room ( #7230 )
2020-04-09 18:45:38 +01:00
Patrick Cloke
b85d7652ff
Do not allow a deactivated user to login via SSO. ( #7240 )
2020-04-09 13:28:13 -04:00
Andrew Morgan
b21000a44f
Improve error responses when a remote server doesn't allow you to access its public rooms list ( #6899 )
2020-04-06 12:35:30 +01:00
Patrick Cloke
694d8bed0e
Support CAS in UI Auth flows. ( #7186 )
2020-04-03 15:35:05 -04:00
Patrick Cloke
b9930d24a0
Support SAML in the user interactive authentication workflow. ( #7102 )
2020-04-01 08:48:00 -04:00
Patrick Cloke
468dcc767b
Allow admins to create aliases when they are not in the room ( #7191 )
2020-04-01 08:27:05 -04:00
Richard van der Hoff
7966a1cde9
Rewrite prune_old_outbound_device_pokes for efficiency ( #7159 )
...
make sure we clear out all but one update for the user
2020-03-30 19:06:52 +01:00
Andrew Morgan
7042840b32
Transfer alias mappings when joining an upgraded room ( #6946 )
2020-03-30 17:53:25 +01:00
David Baker
07569f25d1
Merge pull request #7160 from matrix-org/dbkr/always_send_own_device_list_updates
...
Always send the user updates to their own device list
2020-03-30 14:34:28 +01:00
Andrew Morgan
104844c1e1
Add explanatory comment
2020-03-30 14:00:11 +01:00
David Baker
7406477525
black
2020-03-30 10:18:33 +01:00
David Baker
9fc588e6dc
Just add own user ID to the list we track device changes for
2020-03-30 10:11:26 +01:00
Dirk Klimpel
8327eb9280
Add options to prevent users from changing their profile. ( #7096 )
2020-03-27 19:15:23 +00:00
David Baker
16ee97988a
Fix undefined variable & remove debug logging
2020-03-27 12:39:54 +00:00
David Baker
a07e03ce90
black
2020-03-27 12:35:32 +00:00
David Baker
09cc058a4c
Always send the user updates to their own device list
...
This will allow clients to notify users about new devices even if
the user isn't in any rooms (yet).
2020-03-27 12:26:47 +00:00
Jason Robinson
7496d3d2f6
Merge pull request #7151 from matrix-org/jaywink/saml-redirect-fix
...
Allow RedirectResponse in SAML response handler
2020-03-26 22:10:31 +02:00
Patrick Cloke
fa4f12102d
Refactor the CAS code (move the logic out of the REST layer to a handler) ( #7136 )
2020-03-26 15:05:26 -04:00
Jason Robinson
060e7dce09
Allow RedirectResponse in SAML response handler
...
Allow custom SAML handlers to redirect after processing an auth response.
Fixes #7149
Signed-off-by: Jason Robinson <jasonr@matrix.org>
2020-03-26 19:02:35 +02:00
Dirk Klimpel
e8e2ddb60a
Allow server admins to define and enforce a password policy (MSC2000). ( #7118 )
2020-03-26 16:51:13 +00:00
Patrick Cloke
1c1242acba
Validate that the session is not modified during UI-Auth ( #7068 )
2020-03-26 07:39:34 -04:00
Richard van der Hoff
39230d2171
Clean up some LoggingContext stuff ( #7120 )
...
* Pull Sentinel out of LoggingContext
... and drop a few unnecessary references to it
* Factor out LoggingContext.current_context
move `current_context` and `set_context` out to top-level functions.
Mostly this means that I can more easily trace what's actually referring to
LoggingContext, but I think it's generally neater.
* move copy-to-parent into `stop`
this really just makes `start` and `stop` more symetric. It also means that it
behaves correctly if you manually `set_log_context` rather than using the
context manager.
* Replace `LoggingContext.alive` with `finished`
Turn `alive` into `finished` and make it a bit better defined.
2020-03-24 14:45:33 +00:00
Patrick Cloke
190ab593b7
Use the proper error code when a canonical alias that does not exist is used. ( #7109 )
2020-03-23 15:21:54 -04:00
Erik Johnston
fdb1344716
Remove concept of a non-limited stream. ( #7011 )
2020-03-20 14:40:47 +00:00