forked-synapse

Matrix-Mirrors/forked-synapse

Fork 0

mirror of https://mau.dev/maunium/synapse.git synced 2024-07-07 19:52:23 +00:00

Commit Graph

Author	SHA1	Message	Date
Patrick Cloke	30fba62108	Apply an IP range blacklist to push and key revocation requests. (#8821 ) Replaces the `federation_ip_range_blacklist` configuration setting with an `ip_range_blacklist` setting with wider scope. It now applies to: * Federation * Identity servers * Push notifications * Checking key validitity for third-party invite events The old `federation_ip_range_blacklist` setting is still honored if present, but with reduced scope (it only applies to federation and identity servers).	2020-12-02 11:09:24 -05:00
Erik Johnston	f21e24ffc2	Add ability for access tokens to belong to one user but grant access to another user. (#8616 ) We do it this way round so that only the "owner" can delete the access token (i.e. `/logout/all` by the "owner" also deletes that token, but `/logout/all` by the "target user" doesn't). A future PR will add an API for creating such a token. When the target user and authenticated entity are different the `Processed request` log line will be logged with a: `{@admin:server as @bob:server} ...`. I'm not convinced by that format (especially since it adds spaces in there, making it harder to use `cut -d ' '` to chop off the start of log lines). Suggestions welcome.	2020-10-29 15:58:44 +00:00
Erik Johnston	649a7ead5c	Add ability to run multiple pusher instances (#7855 ) This reuses the same scheme as federation sender sharding	2020-07-16 14:06:28 +01:00

Author

SHA1

Message

Date

Patrick Cloke

30fba62108

Apply an IP range blacklist to push and key revocation requests. (#8821 )

Replaces the `federation_ip_range_blacklist` configuration setting with an
`ip_range_blacklist` setting with wider scope. It now applies to:

* Federation
* Identity servers
* Push notifications
* Checking key validitity for third-party invite events

The old `federation_ip_range_blacklist` setting is still honored if present, but
with reduced scope (it only applies to federation and identity servers).

2020-12-02 11:09:24 -05:00

Erik Johnston

f21e24ffc2

Add ability for access tokens to belong to one user but grant access to another user. (#8616 )

We do it this way round so that only the "owner" can delete the access token (i.e. `/logout/all` by the "owner" also deletes that token, but `/logout/all` by the "target user" doesn't).

A future PR will add an API for creating such a token.

When the target user and authenticated entity are different the `Processed request` log line will be logged with a: `{@admin:server as @bob:server} ...`. I'm not convinced by that format (especially since it adds spaces in there, making it harder to use `cut -d ' '` to chop off the start of log lines). Suggestions welcome.

2020-10-29 15:58:44 +00:00

Erik Johnston

649a7ead5c

Add ability to run multiple pusher instances (#7855 )

This reuses the same scheme as federation sender sharding

2020-07-16 14:06:28 +01:00

3 Commits