Commit Graph

15786 Commits

Author SHA1 Message Date
Erik Johnston
151e4bbc45
Filter out down hosts when retrying fetching device lists (#16298) 2023-09-11 13:11:02 +01:00
David Robertson
edd83f23b7
Improve type hints for attrs classes (#16276) 2023-09-08 19:29:38 +01:00
Patrick Cloke
aa483cb4c9
Update ruff config (#16283)
Enable additional checks & clean-up unneeded configuration.
2023-09-08 11:24:36 -04:00
David Robertson
c1c6c95d72
Log values at DEBUG level with execute_values (#16281) 2023-09-08 14:50:13 +01:00
Erik Johnston
f43d994624
Fix bug with new task scheduler using lots of CPU. (#16278)
Using the new `TaskScheduler` meant that we'ed create lots of new
metrics (due to adding task ID to the desc of background process),
resulting in requests for metrics taking an increasing amount of CPU.
2023-09-08 14:43:01 +01:00
Patrick Cloke
69b74d9330
Avoid temporary storage of sensitive information. (#16272)
During the UI auth process, avoid storing sensitive information
into the database.
2023-09-08 08:57:56 -04:00
Erik Johnston
d23c394669
Reduce CPU overhead of change password endpoint (#16264) 2023-09-08 13:06:00 +01:00
Erik Johnston
1cd410a783
Recheck if remote device is cached before requesting it (#16252)
This fixes a bug where we could get stuck re-requesting the device over
replication again and again.
2023-09-07 12:45:43 +00:00
Erik Johnston
8940d1b28e
Add /notifications endpoint to workers (#16265) 2023-09-07 09:26:07 +00:00
Marcel
13e9cad537
Send the opentracing span information to appservices (#16227) 2023-09-06 15:19:17 -04:00
Aurélien Grimpard
fe69e7f617
Handle "registration_enabled" parameter for CAS (#16262)
Similar to OIDC, CAS providers can now disable registration such
that only existing users are able to login via SSO.
2023-09-06 14:32:24 -04:00
Patrick Cloke
32fb264120 Merge remote-tracking branch 'origin/release-v1.92' into develop 2023-09-06 13:08:22 -04:00
Patrick Cloke
55c20da4a3 Merge remote-tracking branch 'origin/release-v1.91' into release-v1.92 2023-09-06 11:25:28 -04:00
Quentin Gliech
1940d990a3
Revert MSC3861 introspection cache, admin impersonation and account lock (#16258) 2023-09-06 15:19:51 +01:00
reivilibre
e937e2111a
Add the ability to use G (GiB) and T (TiB) suffixes in configuration options that refer to numbers of bytes. (#16219)
* Add more suffixes to `parse_size`

* Newsfile

Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>

---------

Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
2023-09-06 14:01:10 +01:00
reivilibre
698f6fa250
Allow modules to delete rooms. (#15997)
* Allow user_id to be optional for room deletion

* Add module API method to delete a room

* Newsfile

Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>

* Don't worry about the case block=True && requester_user_id is None

---------

Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
2023-09-06 11:50:07 +01:00
Mathieu Velten
4f1840a88a
Delete device messages asynchronously and in staged batches (#16240) 2023-09-06 09:30:53 +02:00
Will Hunt
1e571cd664
Fix appservices being unable to handle to_device messages for multiple users (#16251) 2023-09-05 15:46:57 -04:00
Travis Ralston
b1d71c687a
Add MSC4040 matrix-fed service lookups (#16137) 2023-09-05 15:45:39 -04:00
Erik Johnston
c9cec2daed
Fix bug where we kept re-requesting a remote server's key repeatedly. (#16257)
* Correctly handle multiple rows per server/key

* Newsfile
2023-09-05 20:27:41 +01:00
Patrick Cloke
a2b8814d64
Fix incorrect docstring for Ratelimiter. (#16255) 2023-09-05 12:11:05 -04:00
Patrick Cloke
8b5013dcbc
Time out busy presence status & test multi-device busy (#16174)
Add a (long) timeout to when a "busy" device is considered not online.
This does *not* match MSC3026, but is a reasonable thing for an
implementation to do.

Expands tests for the (unstable) busy presence with multiple devices.
2023-09-05 10:39:38 -04:00
Patrick Cloke
ea75346f6a
Track presence state per-device and combine to a user state. (#16066)
Tracks presence on an individual per-device basis and combine
the per-device state into a per-user state. This should help in
situations where a user has multiple devices with conflicting status
(e.g. one is syncing with unavailable and one is syncing with online).

The tie-breaking is done by priority:

    BUSY > ONLINE > UNAVAILABLE > OFFLINE
2023-09-05 09:58:51 -04:00
dependabot[bot]
757010905e
Bump twisted from 22.10.0 to 23.8.0 (#16235)
* Bump twisted from 22.10.0 to 23.8.0

Bumps [twisted](https://github.com/twisted/twisted) from 22.10.0 to 23.8.0.
- [Release notes](https://github.com/twisted/twisted/releases)
- [Changelog](https://github.com/twisted/twisted/blob/trunk/NEWS.rst)
- [Commits](https://github.com/twisted/twisted/compare/twisted-22.10.0...twisted-23.8.0)

---
updated-dependencies:
- dependency-name: twisted
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Fix types

* Fix lint

* Newsfile

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Erik Johnston <erik@matrix.org>
2023-09-05 11:14:14 +00:00
Erik Johnston
d35bed8369
Don't wake up destination transaction queue if they're not due for retry. (#16223) 2023-09-04 17:14:09 +01:00
Mathieu Velten
dcb2778341
Add last_seen_ts to the admin users API (#16218) 2023-09-04 18:13:28 +02:00
Erik Johnston
f84baecb6f
Don't reset retry timers on "valid" error codes (#16221) 2023-09-04 14:04:43 +01:00
David Robertson
e9eb26e3af
Cache device resync requests over replication (#16241) 2023-09-04 11:57:59 +01:00
Erik Johnston
b85c3485b1
Fix typo where we ended up with multiple WorkerLocksHandler (#16220)
I don't think has caused any actual issues.

Introduced in #15891
2023-09-01 16:03:31 +01:00
Erik Johnston
93f2fdd8d1
Fix typo where we ended up with multiple WorkerLocksHandler (#16220)
I don't think has caused any actual issues.

Introduced in #15891
2023-09-01 12:52:57 +00:00
David Robertson
6525fd65ee
Log the details of background update failures (#16212) 2023-09-01 12:41:56 +01:00
Erik Johnston
3de82bb2af
Gracefully handle failing to thumbnail images (#16211) 2023-08-30 15:18:34 +01:00
Erik Johnston
a2e0d4cd60
Fix rare bug that broke looping calls (#16210)
* Fix rare bug that broke looping calls

We can't interact with the reactor from the main thread via looping
call.

Introduced in v1.90.0 / #15791.

* Newsfile
2023-08-30 14:18:42 +01:00
Patrick Cloke
ebd8374fb5
Stop writing to the event_txn_id table (#16175) 2023-08-30 11:10:56 +01:00
David Robertson
62a1a9be52
Describe which rate limiter was hit in logs (#16135) 2023-08-30 00:39:39 +01:00
Patrick Cloke
e9235d92f2
Track currently syncing users by device for presence (#16172)
Refactoring to use both the user ID & the device ID when tracking
the currently syncing users in the presence handler.

This is done both locally and over replication. Note that the device
ID is discarded but will be used in a future change.
2023-08-29 11:44:07 -04:00
Patrick Cloke
9ec3da06da
Bump mypy-zope & mypy. (#16188) 2023-08-29 10:38:56 -04:00
dependabot[bot]
001fc7bd19
Bump ruff from 0.0.277 to 0.0.286 (#16198)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-29 09:41:43 -04:00
Evilham
63b51ef3fb
Support IPv6-only SMTP servers (#16155)
Use Twisted HostnameEndpoint to connect to SMTP servers (instead
of connectTCP/connectSSL) which properly supports IPv6-only servers.
2023-08-29 09:33:58 -04:00
Chen Zhang
692ee2af19
Fix inaccurate error message while trying to ban or unban a user with the same or higher PL (#16205) 2023-08-29 10:37:09 +01:00
Patrick Cloke
40901af5e0
Pass the device ID around in the presence handler (#16171)
Refactoring to pass the device ID (in addition to the user ID) through
the presence handler (specifically the `user_syncing`, `set_state`,
and `bump_presence_active_time` methods and their replication
versions).
2023-08-28 13:08:49 -04:00
Patrick Cloke
1bf143699c
Combine logic about not overriding BUSY presence. (#16170)
Simplify some of the presence code by reducing duplicated code between
worker & non-worker modes.

The main change is to push some of the logic from `user_syncing` into
`set_state`. This is done by passing whether the user is setting the presence
via a `/sync` with a new `is_sync` flag to `set_state`. If this is `true` some
additional logic is performed:

* Don't override `busy` presence.
* Update the `last_user_sync_ts`.
* Never update the status message.
2023-08-28 11:03:23 -04:00
Mathieu Velten
501da8ecd8
Task scheduler: add replication notify for new task to launch ASAP (#16184) 2023-08-28 14:03:51 +00:00
V02460
84f441f88f
Prepare unit tests for Python 3.12 (#16099) 2023-08-25 15:05:10 -04:00
Patrick Cloke
82699428e3
Validate input to POST /key/v2/query endpoint. (#16183)
To avoid 500 internal server errors with garbage input.
2023-08-25 14:10:31 -04:00
Patrick Cloke
fcf7a5759e
Send proper JSON POST data to /publicRooms (#16185)
The include_all_networks was previously sent in the JSON body as
string "true" and "false" instead of boolean true and false.
2023-08-25 12:11:40 -04:00
Aurélien Grimpard
aeeca2a62e
Add configuration setting for CAS protocol version (#15816) 2023-08-24 16:11:23 -04:00
David Robertson
e691243e19
Fix typechecking with twisted trunk (#16121) 2023-08-24 14:53:07 +00:00
Will Hunt
0538e3e2db
Add Retry-After to M_LIMIT_EXCEEDED error responses (#16136)
Implements MSC4041 behind an experimental configuration flag.
2023-08-24 10:40:26 -04:00
Patrick Cloke
33fa82a34c
Stabilize support for MSC3958 (suppress notifications from edits). (#16113) 2023-08-23 13:22:34 -04:00
Erik Johnston
18279631e9
Fix rare deadlock when using read/write locks (#16169) 2023-08-23 16:24:30 +01:00
Neil Johnson
ec662bbe41
Filter out unwanted user_agents from udv. (#16124) 2023-08-23 14:00:34 +01:00
Erik Johnston
4adaba9acf
Fix rare deadlock when using read/write locks (#16133) 2023-08-23 13:45:25 +01:00
Erik Johnston
7cd79ce051
Reduce DB contention on worker locks (#16160) 2023-08-23 13:45:19 +01:00
Erik Johnston
86ecd341ec
Always update retry_last_ts (#16164) 2023-08-23 13:04:46 +01:00
Mathieu Velten
873971a8b9
Task scheduler: mark task as active if we are scheduling ASAP (#16165) 2023-08-23 13:37:51 +02:00
DeepBlueV7.X
19a1cda084
Properly update retry_last_ts when hitting the maximum retry interval (#16156)
* Properly update retry_last_ts when hitting the maximum retry interval

This was broken in 1.87 when the maximum retry interval got changed from
almost infinite to a week (and made configurable).

fixes #16101

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>

* Add changelog

* Change fix + add test

* Add comment

---------

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>
Co-authored-by: Mathieu Velten <mathieuv@matrix.org>
2023-08-23 09:35:23 +01:00
Erik Johnston
dffe095642
Only lock when we're backfilling (#16159) 2023-08-23 09:23:41 +01:00
Erik Johnston
3b3fed7229
Increase perf of read/write locks (#16149)
We do this by marking the tables as `UNLOGGED` in PostgreSQL.
2023-08-23 09:23:22 +01:00
Erik Johnston
803f63df1c
Fix perf of wait_for_stream_positions (#16148) 2023-08-22 15:11:22 +00:00
Mathieu Velten
0ba17777be
Disable m.3pid_changes capability when MSC3861 is enabled. (#16134) 2023-08-22 14:47:59 +00:00
Shay
69048f7b48
Add an admin endpoint to allow authorizing server to signal token revocations (#16125) 2023-08-22 14:15:34 +00:00
Hugh Nimmo-Smith
7dbac123f9
Disallow user_consent where experimental MSC3861 is enabled (#16127) 2023-08-22 07:42:08 -04:00
Maximilian Bosch
d6ae4041a4
Add client_secret_path as alternative for client_secret for OIDC config (#16030) 2023-08-21 19:32:17 +00:00
Mathieu Velten
358896e1b8
Implements a task scheduler for resumable potentially long running tasks (#15891) 2023-08-21 14:17:13 +02:00
Erik Johnston
bd558a6dc3
Speed up state res in rare case we don't have all events (#16116)
If we don't have all the auth events in a room then not all state events will have a chain cover index. Even so, we can still use the chain cover index on the events that do have it, rather than bailing and using the slower functions.

This situation should not arise for newly persisted rooms, as we check we have the full auth chain for each event, but can happen for existing rooms.

c.f. #15245
2023-08-18 15:32:06 +01:00
Mathieu Velten
2d15e39684
MSC3861: allow impersonation by an admin using a query param (#16132) 2023-08-18 15:46:46 +02:00
Alexander Fechler
54317d34b7
Allow filtering for admins in the list accounts admin API (#16114) 2023-08-18 12:26:38 +01:00
Erik Johnston
6130afb862
Add response time metrics for introspection requests (#16131)
See #16119
2023-08-18 12:16:00 +01:00
Erik Johnston
0aba4a4eaa
Add cache to get_server_keys_json_for_remote (#16123) 2023-08-18 11:05:01 +01:00
Shay
54a51ff6c1
Cache token introspection response from OIDC provider (#16117) 2023-08-17 10:53:10 -07:00
Erik Johnston
eb0dbab15b
Fix database performance of read/write worker locks (#16061)
We were seeing serialization errors when taking out multiple read locks.

The transactions were retried, so isn't causing any failures.

Introduced in #15782.
2023-08-17 14:07:57 +01:00
Shay
0377cb4fab
Override global statement timeout when creating indexes in Postgres (#16085) 2023-08-17 10:30:02 +01:00
Matthew Ma
8a4fb7a6ba
Disable caching in /sync corner case (#16080)
Fixes #15502
2023-08-17 10:22:50 +01:00
Mathieu Velten
8c3bcea2da
Rename pagination&purge locks and add comments explaining them (#16112) 2023-08-16 16:19:54 +02:00
David Robertson
47c629bb27
Attempt to fix twisted trunk (#16115) 2023-08-15 16:07:13 +00:00
Patrick Cloke
ad3f43be9a
Run pyupgrade for python 3.7 & 3.8. (#16110) 2023-08-15 08:11:20 -04:00
Gabriel Rodríguez
9ff84bccbb
Allow customizing IdP name and icon for SAML and CAS (#16094) 2023-08-11 20:15:17 +00:00
Nick Mills-Barrett
614efc488b
Add linearizer on user ID to push rule PUT/DELETE requests (#16052)
See: #16053

Signed off by Nick @ Beeper (@Fizzadar)
2023-08-11 11:37:09 +00:00
reivilibre
7f4b413690
Fix the type annotation on run_db_interaction in the Module API. (#16089)
* Fix the method signature of `run_db_interaction` on the module API

* Newsfile

Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>

---------

Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
2023-08-10 18:28:31 +01:00
Patrick Cloke
efd4d06d76
Clean-up presence code (#16092)
Misc. clean-ups to:

* Use keyword arguments.
* Return early (reducing indentation) of some functions.
* Removing duplicated / unused code.
* Use wrap_as_background_process.
2023-08-10 07:39:46 -04:00
Mathieu Velten
dac97642e4
Implements admin API to lock an user (MSC3939) (#15870) 2023-08-10 09:10:55 +00:00
Shay
0328b56468
Support MSC3814: Dehydrated Devices Part 2 (#16010) 2023-08-08 12:04:46 -07:00
reivilibre
a476d5048b
Allow modules to schedule delayed background calls. (#15993)
* Add a module API function to provide `call_later`

* Newsfile

Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>

* Add comments

* Update version number

---------

Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
2023-08-08 11:53:49 +01:00
reivilibre
f3dc6dc19f
Remove old rows from the cache_invalidation_stream_by_instance table automatically. (This table is not used when Synapse is configured to use SQLite.) (#15868)
* Add a cache invalidation clean-up task

* Run the cache invalidation stream clean-up on the background worker

* Tune down

* call_later is in millis!

* Newsfile

Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>

* fixup! Add a cache invalidation clean-up task

* Update synapse/storage/databases/main/cache.py

Co-authored-by: Eric Eastwood <erice@element.io>

* Update synapse/storage/databases/main/cache.py

Co-authored-by: Eric Eastwood <erice@element.io>

* MILLISEC -> MS

* Expand on comment

* Move and tweak comment about Postgres

* Use `wrap_as_background_process`

---------

Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
Co-authored-by: Eric Eastwood <erice@element.io>
2023-08-08 11:10:07 +01:00
Shay
8af3f33d84
Fix endpoint improperly declaring support for MSC3814 (#16068) 2023-08-07 10:52:15 -07:00
Shay
81a6f8c9ae
Drop backwards compat hack for event serialization (#16069) 2023-08-07 10:37:08 -07:00
Shay
84ae2e3f6f
Fix deletion for Dehydrated Devices (#16046) 2023-08-04 10:49:54 -07:00
Patrick Cloke
d98a43d922
Stabilize support for MSC3970: updated transaction semantics (scope to device_id) (#15629)
For now this maintains compatible with old Synapses by falling back
to using transaction semantics on a per-access token. A future version
of Synapse will drop support for this.
2023-08-04 07:47:18 -04:00
Shay
0a5f4f7665
Move support for application service query parameter authorization behind a configuration option (#16017) 2023-08-03 11:43:51 -07:00
Mathieu Velten
f0a860908b
Allow config of the backoff algorithm for the federation client. (#15754)
Adds three new configuration variables:

* destination_min_retry_interval is identical to before (10mn).
* destination_retry_multiplier is now 2 instead of 5, the maximum value will
  be reached slower.
* destination_max_retry_interval is one day instead of (essentially) infinity.

Capping this will cause destinations to continue to be retried sometimes instead
of being lost forever. The previous value was 2 ^ 62 milliseconds.
2023-08-03 14:36:55 -04:00
reivilibre
9c462f18a4
Allow modules to check whether the current worker is configured to run background tasks. (#15991) 2023-08-03 08:42:19 -04:00
Patrick Cloke
4f5bccbbba
Add forward-compatibility for the redacts property (MSC2174). (#16013)
The location of the redacts field changes in room version 11. Ensure
it is copied to the *new* location for *old* room versions for
forwards-compatibility with clients.

Note that copying it to the *old* location for the *new* room version
was previously handled.
2023-08-02 15:35:54 +00:00
Patrick Cloke
90ad836ed8
Properly setup the additional sequences in the portdb script. (#16043)
The un_partial_stated_event_stream_sequence and
application_services_txn_id_seq were never properly configured
in the portdb script, resulting in an error on start-up.
2023-08-01 10:36:33 -04:00
Mohit Rathee
5eb3fd785b
Trim whitespace when setting display names (#16031) 2023-08-01 09:14:02 -04:00
Jason Little
7cbb2a00d1
Add metrics tracking for eviction to ResponseCache (#16028)
Track whether the ResponseCache is evicting due to invalidation
or due to time.
2023-08-01 08:10:49 -04:00
Patrick Cloke
b7695ac388
Combine duplicated code for calculating an event ID from a txn ID (#16023)
Refactoring related to stabilization of MSC3970, refactor to combine
code which has the same logic.
2023-07-31 08:44:45 -04:00
Erik Johnston
ae55cc1e6b
Add ability to wait for locks and add locks to purge history / room deletion (#15791)
c.f. #13476
2023-07-31 10:58:03 +01:00
Shay
68b2611783
Clarify comment on key uploads over replication (#16016) 2023-07-27 15:08:46 -07:00
Mathieu Velten
a719b703d9
Fix 404 on /profile when the display name is empty but not the avatar (#16012) 2023-07-27 15:45:05 +02:00
Shay
f98f4f2e16
Remove support for legacy application service paths (#15964) 2023-07-26 12:59:47 -07:00
Anshul Madnawat
58f8305114
Inline SQL queries using boolean parameters (#15525)
SQLite now supports TRUE and FALSE constants, simplify some
queries by inlining those instead of passing them as arguments.
2023-07-26 18:45:47 +00:00
Mathieu Velten
8ebfd577e2
Bump DB version to 79 since synapse v1.88 was already there (#15998) 2023-07-26 14:51:44 +02:00
Shay
641ff9ef7e
Support MSC3814: Dehydrated Devices (#15929)
Signed-off-by: Nicolas Werner <n.werner@famedly.com>
Co-authored-by: Nicolas Werner <n.werner@famedly.com>
Co-authored-by: Nicolas Werner <89468146+nico-famedly@users.noreply.github.com>
Co-authored-by: Hubert Chathi <hubert@uhoreg.ca>
2023-07-24 08:23:19 -07:00
Erik Johnston
654902a758
Resync stale devices in background (#15975)
This is so we don't block responding to federation transaction while we
try and fetch the device lists.
2023-07-24 13:43:43 +01:00
Shay
5c7364fea5
Properly handle redactions of creation events (#15973) 2023-07-23 16:32:01 -07:00
Shay
f08d05dd2c
Actually stop reading from column user_id of tables profiles (#15955) 2023-07-23 16:30:54 -07:00
Erik Johnston
fc1e534e41
Speed up updating state in large rooms (#15971)
This should speed up updating state in rooms with lots of state.
2023-07-20 15:51:28 +01:00
Erik Johnston
fd44053b84
Don't log exceptions for every non-200 response (#15969)
Introduced in #15913
2023-07-20 11:07:58 +01:00
Erik Johnston
ad52db3b5c
Reduce the amount of state we pull out (#15968) 2023-07-20 10:46:37 +01:00
Erik Johnston
67f9e5293e
Ensure a long state res does not starve CPU (#15960)
We do this by yielding the reactor in hot loops.
2023-07-19 17:00:33 +00:00
Erik Johnston
19796e20aa
Fix bad merge of #15933 (#15958)
This was because we reverted the bump of the schema version, so we were not applying the new deltas.
2023-07-19 12:17:08 +00:00
Erik Johnston
40a3583ba1
Fix race in triggers for read/write locks. (#15933) 2023-07-19 12:06:38 +01:00
Shay
cb6e2c6cc7
Fix background schema updates failing over a large upgrade gap (#15887) 2023-07-18 16:59:27 -07:00
Olivier Wilkinson (reivilibre)
8e8431bc6e Merge branch 'master' into develop 2023-07-18 16:45:39 +01:00
Patrick Cloke
6d81aec09f
Support room version 11 (#15912)
And fix a bug in the implementation of the updated redaction
format (MSC2174) where the top-level redacts field was not
properly added for backwards-compatibility.
2023-07-18 08:44:59 -04:00
Shay
e625c3dca0
Revert "Stop writing to column user_id of tables profiles and user_filters. (#15953)
* Revert "Stop writing to column `user_id` of tables `profiles` and `user_filters` (#15787)"

This reverts commit f25b0f8808.

* newsfragement
2023-07-18 11:44:09 +01:00
Jason Little
199c270947
Add a locality to a few presence metrics (#15952) 2023-07-18 10:36:40 +01:00
Eric Eastwood
1c802de626
Re-introduce the outbound federation proxy (#15913)
Allow configuring the set of workers to proxy outbound federation traffic through (`outbound_federation_restricted_to`).

This is useful when you have a worker setup with `federation_sender` instances responsible for sending outbound federation requests and want to make sure *all* outbound federation traffic goes through those instances. Before this change, the generic workers would still contact federation themselves for things like profile lookups, backfill, etc. This PR allows you to set more strict access controls/firewall for all workers and only allow the `federation_sender`'s to contact the outside world.
2023-07-18 09:49:21 +01:00
Patrick Cloke
20ae617d14
Stop accepting 'user' parameter for application service registration. (#15928)
This is unspecced, but has existed for a very long time.
2023-07-13 07:23:56 -04:00
Patrick Cloke
204b66c203
Remove unneeded __init__. (#15926)
Remove an __init__ which only calls super() without changing the
input arguments.
2023-07-12 14:30:05 +00:00
Patrick Cloke
5bdf01fccd
Fix running with an empty experimental features section. (#15925) 2023-07-12 12:39:25 +00:00
Erik Johnston
36c6b92bfc
Fix push for invites received over federation (#15820) 2023-07-12 11:02:11 +00:00
Mathieu Velten
8eb7bb975e
Mark get_user_in_directory private since only used in tests (#15884) 2023-07-12 11:09:13 +02:00
Eric Eastwood
ae391db777
Better warning in logs when we fail to fetch an alias (#15922)
**Before:**
```
Error retrieving alias
```

**After:**
```
Error retrieving alias #foo:bar -> 401 Unauthorized
```

*Spawning from creating the [manual testing strategy for the outbound federation proxy](https://github.com/matrix-org/synapse/pull/15773).*
2023-07-11 17:12:41 -05:00
Jason Little
224ef0b669
Unix Sockets for HTTP Replication (#15708)
Unix socket support for `federation` and `client` Listeners has existed now for a little while(since [1.81.0](https://github.com/matrix-org/synapse/pull/15353)), but there was one last hold out before it could be complete: HTTP Replication communication. This should finish it up. The Listeners would have always worked, but would have had no way to be talked to/at.

---------

Co-authored-by: Eric Eastwood <madlittlemods@gmail.com>
Co-authored-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
Co-authored-by: Eric Eastwood <erice@element.io>
2023-07-11 13:08:06 -05:00
Patrick Cloke
a4243183f0
Add + as an allowed character for Matrix IDs (MSC4009) (#15911) 2023-07-11 12:21:00 -04:00
Michael Telatynski
b516d91999
Add Server to Access-Control-Expose-Headers header (#15908) 2023-07-11 09:18:50 +01:00
Eric Eastwood
2328e90fbb
Make the media /upload tracing less ambiguous (#15888)
A lot of the functions have the same name in this space like `store_file`,
and we also do it multiple times for different reasons (main media repo,
other storage providers, thumbnails, etc) so it's good to differentiate
them so your head doesn't explode.

Follow-up to https://github.com/matrix-org/synapse/pull/15850

Tracing instrumentation to media `/upload` code paths to investigate https://github.com/matrix-org/synapse/issues/15841
2023-07-10 17:23:11 -05:00
Eric Eastwood
c9bf644fa0
Revert "Federation outbound proxy" (#15910)
Revert "Federation outbound proxy (#15773)"

This reverts commit b07b14b494.
2023-07-10 11:10:20 -05:00
Erik Johnston
e55a9b3e41
Fix downgrading to previous version of Synapse (#15907)
We do this by marking the constraint as deferrable.
2023-07-10 16:24:42 +01:00
Shay
f25b0f8808
Stop writing to column user_id of tables profiles and user_filters (#15787) 2023-07-07 09:23:27 -07:00
Jason Little
2481b7dfa4
Remove worker_replication_* deprecated settings, with helpful errors on startup (#15860)
Co-authored-by: reivilibre <oliverw@matrix.org>
2023-07-07 07:45:25 +00:00
sarthak shah
f19dd39dfc
Update link to the clients webpage, fix #15825 (#15874) 2023-07-06 17:28:09 +02:00
Eric Eastwood
b07b14b494
Federation outbound proxy (#15773)
Allow configuring the set of workers to proxy outbound federation traffic through (`outbound_federation_restricted_to`).

This is useful when you have a worker setup with `federation_sender` instances responsible for sending outbound federation requests and want to make sure *all* outbound federation traffic goes through those instances. Before this change, the generic workers would still contact federation themselves for things like profile lookups, backfill, etc. This PR allows you to set more strict access controls/firewall for all workers and only allow the `federation_sender`'s to contact the outside world.

The original code is from @erikjohnston's branches which I've gotten in-shape to merge.
2023-07-05 18:53:55 -05:00
Eric Eastwood
561d06b481
Remove support for Python 3.7 (#15851)
Fix https://github.com/matrix-org/synapse/issues/15836
2023-07-05 18:45:42 -05:00
Erik Johnston
39d131b016
Add basic read/write lock (#15782) 2023-07-05 17:25:00 +01:00
Eric Eastwood
ce857c05d5
Add tracing to media /upload endpoint (#15850)
Add tracing instrumentation to media `/upload` code paths to investigate https://github.com/matrix-org/synapse/issues/15841
2023-07-05 10:22:21 -05:00
Jason Little
4cf9f92f39
Fix could not serialize access due to concurrent DELETE from presence_stream (#15826)
* Change update_presence to have a isolation level of READ_COMMITTED

* changelog
2023-07-05 11:44:02 +01:00
Erik Johnston
95a96b21eb
Add foreign key constraint to event_forward_extremities. (#15751) 2023-07-05 09:43:19 +00:00
an0nfunc
c303eca8cc
use Image.LANCZOS instead of Image.ANTIALIAS for thumbnail resize (#15876)
Image.ANTIALIAS is not defined in current pillow releases. Since ANTIALIAS was just using LANCZOS anyways, this is just a cosmetic change, but makes synapse work with most recent pillow releases.

Signed-off-by: Giovanni Harting <539@idlegandalf.com>
2023-07-05 10:52:12 +02:00
Michael Weimann
c8e81898b6
Add not_user_type param to the list accounts admin API (#15844)
Signed-off-by: Michael Weimann <michaelw@element.io>
2023-07-04 15:03:20 -07:00
pacien
07d7cbfe69
devices: use combined ANY clause for faster cleanup (#15861)
Old device entries for the same user were being removed in individual
SQL commands, making the batch take way longer than necessary.

This combines the commands into a single one with a IN/ANY clause.

Example of log entry before the change, regularly observed with
"log_min_duration_statement = 10000" in PostgreSQL's config:

    LOG:  duration: 42538.282 ms  statement:
    DELETE FROM device_lists_stream
    WHERE user_id = '@someone' AND device_id = 'someid1'
    AND stream_id < 123456789
    ;
    DELETE FROM device_lists_stream
    WHERE user_id = '@someone' AND device_id = 'someid2'
    AND stream_id < 123456789
    ;
    [repeated for each device ID of that user, potentially a lot...]

With the patch applied on my instance for the past couple of days, I
no longer notice overly long statements of that particular kind.

Signed-off-by: pacien <pacien.trangirard@pacien.net>
2023-07-03 16:39:38 +02:00
reivilibre
53aa26eddc
Add a timeout that aborts any Postgres statement taking more than 1 hour. (#15853)
* Add a timeout to Postgres statements

* Newsfile

Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>

---------

Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
2023-07-03 11:38:57 +01:00
Shay
78cfa55dad
Fix sqlite user_filters upgrade (#15817) 2023-06-27 09:41:42 +01:00
Erik Johnston
25c55a9d22
Add login spam checker API (#15838) 2023-06-26 14:12:20 +00:00
Nicolas Werner
e0c39d6bb5
Fix forgotten rooms missing in initial sync (#15815)
If you leave a room and forget it, then rejoin it, the room would be
missing from the next initial sync.

fixes #13262

Signed-off-by: Nicolas Werner <n.werner@famedly.com>
2023-06-21 14:56:31 +01:00
Erik Johnston
289ce3b8d9
Fix harmless exception in port DB script (#15814)
The port DB script would try and run database background tasks, which
could fail if the data they acted on was in the process of being ported.
These exceptions were non fatal.

Fixes #15789
2023-06-21 13:20:46 +00:00
Mathieu Velten
496f73103d
Allow for the configuration of max request retries and min/max retry delays in the matrix federation client (#15783) 2023-06-21 10:41:11 +02:00
Eric Eastwood
887fa4b66b
Switch from matrix:// to matrix-federation:// scheme for internal Synapse routing of outbound federation traffic (#15806)
`matrix://` is a registered specced scheme nowadays and doesn't make sense for
our internal to Synapse use case anymore. ([discussion]
(https://github.com/matrix-org/synapse/pull/15773#discussion_r1227598679))
2023-06-20 10:05:31 +01:00