mirror of
https://git.anonymousland.org/anonymousland/synapse-product.git
synced 2024-10-01 08:25:44 -04:00
Merge branch 'develop' into uhoreg/e2e_cross-signing_merged
This commit is contained in:
commit
cfc28325a6
24
.github/ISSUE_TEMPLATE/BUG_REPORT.md
vendored
24
.github/ISSUE_TEMPLATE/BUG_REPORT.md
vendored
@ -7,7 +7,7 @@ about: Create a report to help us improve
|
|||||||
<!--
|
<!--
|
||||||
|
|
||||||
**IF YOU HAVE SUPPORT QUESTIONS ABOUT RUNNING OR CONFIGURING YOUR OWN HOME SERVER**:
|
**IF YOU HAVE SUPPORT QUESTIONS ABOUT RUNNING OR CONFIGURING YOUR OWN HOME SERVER**:
|
||||||
You will likely get better support more quickly if you ask in ** #matrix:matrix.org ** ;)
|
You will likely get better support more quickly if you ask in ** #synapse:matrix.org ** ;)
|
||||||
|
|
||||||
|
|
||||||
This is a bug report template. By following the instructions below and
|
This is a bug report template. By following the instructions below and
|
||||||
@ -44,22 +44,26 @@ those (please be careful to remove any personal or private data). Please surroun
|
|||||||
<!-- IMPORTANT: please answer the following questions, to help us narrow down the problem -->
|
<!-- IMPORTANT: please answer the following questions, to help us narrow down the problem -->
|
||||||
|
|
||||||
<!-- Was this issue identified on matrix.org or another homeserver? -->
|
<!-- Was this issue identified on matrix.org or another homeserver? -->
|
||||||
- **Homeserver**:
|
- **Homeserver**:
|
||||||
|
|
||||||
If not matrix.org:
|
If not matrix.org:
|
||||||
|
|
||||||
<!--
|
<!--
|
||||||
What version of Synapse is running?
|
What version of Synapse is running?
|
||||||
You can find the Synapse version by inspecting the server headers (replace matrix.org with
|
|
||||||
your own homeserver domain):
|
|
||||||
$ curl -v https://matrix.org/_matrix/client/versions 2>&1 | grep "Server:"
|
|
||||||
-->
|
|
||||||
- **Version**:
|
|
||||||
|
|
||||||
- **Install method**:
|
You can find the Synapse version with this command:
|
||||||
|
|
||||||
|
$ curl http://localhost:8008/_synapse/admin/v1/server_version
|
||||||
|
|
||||||
|
(You may need to replace `localhost:8008` if Synapse is not configured to
|
||||||
|
listen on that port.)
|
||||||
|
-->
|
||||||
|
- **Version**:
|
||||||
|
|
||||||
|
- **Install method**:
|
||||||
<!-- examples: package manager/git clone/pip -->
|
<!-- examples: package manager/git clone/pip -->
|
||||||
|
|
||||||
- **Platform**:
|
- **Platform**:
|
||||||
<!--
|
<!--
|
||||||
Tell us about the environment in which your homeserver is operating
|
Tell us about the environment in which your homeserver is operating
|
||||||
distro, hardware, if it's running in a vm/container, etc.
|
distro, hardware, if it's running in a vm/container, etc.
|
||||||
|
2
.gitignore
vendored
2
.gitignore
vendored
@ -7,9 +7,11 @@
|
|||||||
*.egg-info
|
*.egg-info
|
||||||
*.lock
|
*.lock
|
||||||
*.pyc
|
*.pyc
|
||||||
|
*.snap
|
||||||
*.tac
|
*.tac
|
||||||
_trial_temp/
|
_trial_temp/
|
||||||
_trial_temp*/
|
_trial_temp*/
|
||||||
|
/out
|
||||||
|
|
||||||
# stuff that is likely to exist when you run a server locally
|
# stuff that is likely to exist when you run a server locally
|
||||||
/*.db
|
/*.db
|
||||||
|
196
CHANGES.md
196
CHANGES.md
@ -1,3 +1,199 @@
|
|||||||
|
Synapse 1.4.1 (2019-10-18)
|
||||||
|
==========================
|
||||||
|
|
||||||
|
No changes since 1.4.1rc1.
|
||||||
|
|
||||||
|
|
||||||
|
Synapse 1.4.1rc1 (2019-10-17)
|
||||||
|
=============================
|
||||||
|
|
||||||
|
Bugfixes
|
||||||
|
--------
|
||||||
|
|
||||||
|
- Fix bug where redacted events were sometimes incorrectly censored in the database, breaking APIs that attempted to fetch such events. ([\#6185](https://github.com/matrix-org/synapse/issues/6185), [5b0e9948](https://github.com/matrix-org/synapse/commit/5b0e9948eaae801643e594b5abc8ee4b10bd194e))
|
||||||
|
|
||||||
|
Synapse 1.4.0 (2019-10-03)
|
||||||
|
==========================
|
||||||
|
|
||||||
|
Bugfixes
|
||||||
|
--------
|
||||||
|
|
||||||
|
- Redact `client_secret` in server logs. ([\#6158](https://github.com/matrix-org/synapse/issues/6158))
|
||||||
|
|
||||||
|
|
||||||
|
Synapse 1.4.0rc2 (2019-10-02)
|
||||||
|
=============================
|
||||||
|
|
||||||
|
Bugfixes
|
||||||
|
--------
|
||||||
|
|
||||||
|
- Fix bug in background update that adds last seen information to the `devices` table, and improve its performance on Postgres. ([\#6135](https://github.com/matrix-org/synapse/issues/6135))
|
||||||
|
- Fix bad performance of censoring redactions background task. ([\#6141](https://github.com/matrix-org/synapse/issues/6141))
|
||||||
|
- Fix fetching censored redactions from DB, which caused APIs like initial sync to fail if it tried to include the censored redaction. ([\#6145](https://github.com/matrix-org/synapse/issues/6145))
|
||||||
|
- Fix exceptions when storing large retry intervals for down remote servers. ([\#6146](https://github.com/matrix-org/synapse/issues/6146))
|
||||||
|
|
||||||
|
|
||||||
|
Internal Changes
|
||||||
|
----------------
|
||||||
|
|
||||||
|
- Fix up sample config entry for `redaction_retention_period` option. ([\#6117](https://github.com/matrix-org/synapse/issues/6117))
|
||||||
|
|
||||||
|
|
||||||
|
Synapse 1.4.0rc1 (2019-09-26)
|
||||||
|
=============================
|
||||||
|
|
||||||
|
Note that this release includes significant changes around 3pid
|
||||||
|
verification. Administrators are reminded to review the [upgrade notes](UPGRADE.rst#upgrading-to-v140).
|
||||||
|
|
||||||
|
Features
|
||||||
|
--------
|
||||||
|
|
||||||
|
- Changes to 3pid verification:
|
||||||
|
- Add the ability to send registration emails from the homeserver rather than delegating to an identity server. ([\#5835](https://github.com/matrix-org/synapse/issues/5835), [\#5940](https://github.com/matrix-org/synapse/issues/5940), [\#5993](https://github.com/matrix-org/synapse/issues/5993), [\#5994](https://github.com/matrix-org/synapse/issues/5994), [\#5868](https://github.com/matrix-org/synapse/issues/5868))
|
||||||
|
- Replace `trust_identity_server_for_password_resets` config option with `account_threepid_delegates`, and make the `id_server` parameteter optional on `*/requestToken` endpoints, as per [MSC2263](https://github.com/matrix-org/matrix-doc/pull/2263). ([\#5876](https://github.com/matrix-org/synapse/issues/5876), [\#5969](https://github.com/matrix-org/synapse/issues/5969), [\#6028](https://github.com/matrix-org/synapse/issues/6028))
|
||||||
|
- Switch to using the v2 Identity Service `/lookup` API where available, with fallback to v1. (Implements [MSC2134](https://github.com/matrix-org/matrix-doc/pull/2134) plus `id_access_token authentication` for v2 Identity Service APIs from [MSC2140](https://github.com/matrix-org/matrix-doc/pull/2140)). ([\#5897](https://github.com/matrix-org/synapse/issues/5897))
|
||||||
|
- Remove `bind_email` and `bind_msisdn` parameters from `/register` ala [MSC2140](https://github.com/matrix-org/matrix-doc/pull/2140). ([\#5964](https://github.com/matrix-org/synapse/issues/5964))
|
||||||
|
- Add `m.id_access_token` to `unstable_features` in `/versions` as per [MSC2264](https://github.com/matrix-org/matrix-doc/pull/2264). ([\#5974](https://github.com/matrix-org/synapse/issues/5974))
|
||||||
|
- Use the v2 Identity Service API for 3PID invites. ([\#5979](https://github.com/matrix-org/synapse/issues/5979))
|
||||||
|
- Add `POST /_matrix/client/unstable/account/3pid/unbind` endpoint from [MSC2140](https://github.com/matrix-org/matrix-doc/pull/2140) for unbinding a 3PID from an identity server without removing it from the homeserver user account. ([\#5980](https://github.com/matrix-org/synapse/issues/5980), [\#6062](https://github.com/matrix-org/synapse/issues/6062))
|
||||||
|
- Use `account_threepid_delegate.email` and `account_threepid_delegate.msisdn` for validating threepid sessions. ([\#6011](https://github.com/matrix-org/synapse/issues/6011))
|
||||||
|
- Allow homeserver to handle or delegate email validation when adding an email to a user's account. ([\#6042](https://github.com/matrix-org/synapse/issues/6042))
|
||||||
|
- Implement new Client Server API endpoints `/account/3pid/add` and `/account/3pid/bind` as per [MSC2290](https://github.com/matrix-org/matrix-doc/pull/2290). ([\#6043](https://github.com/matrix-org/synapse/issues/6043))
|
||||||
|
- Add an unstable feature flag for separate add/bind 3pid APIs. ([\#6044](https://github.com/matrix-org/synapse/issues/6044))
|
||||||
|
- Remove `bind` parameter from Client Server POST `/account` endpoint as per [MSC2290](https://github.com/matrix-org/matrix-doc/pull/2290/). ([\#6067](https://github.com/matrix-org/synapse/issues/6067))
|
||||||
|
- Add `POST /add_threepid/msisdn/submit_token` endpoint for proxying submitToken on an `account_threepid_handler`. ([\#6078](https://github.com/matrix-org/synapse/issues/6078))
|
||||||
|
- Add `submit_url` response parameter to `*/msisdn/requestToken` endpoints. ([\#6079](https://github.com/matrix-org/synapse/issues/6079))
|
||||||
|
- Add `m.require_identity_server` flag to /version's unstable_features. ([\#5972](https://github.com/matrix-org/synapse/issues/5972))
|
||||||
|
- Enhancements to OpenTracing support:
|
||||||
|
- Make OpenTracing work in worker mode. ([\#5771](https://github.com/matrix-org/synapse/issues/5771))
|
||||||
|
- Pass OpenTracing contexts between servers when transmitting EDUs. ([\#5852](https://github.com/matrix-org/synapse/issues/5852))
|
||||||
|
- OpenTracing for device list updates. ([\#5853](https://github.com/matrix-org/synapse/issues/5853))
|
||||||
|
- Add a tag recording a request's authenticated entity and corresponding servlet in OpenTracing. ([\#5856](https://github.com/matrix-org/synapse/issues/5856))
|
||||||
|
- Add minimum OpenTracing for client servlets. ([\#5983](https://github.com/matrix-org/synapse/issues/5983))
|
||||||
|
- Check at setup that OpenTracing is installed if it's enabled in the config. ([\#5985](https://github.com/matrix-org/synapse/issues/5985))
|
||||||
|
- Trace replication send times. ([\#5986](https://github.com/matrix-org/synapse/issues/5986))
|
||||||
|
- Include missing OpenTracing contexts in outbout replication requests. ([\#5982](https://github.com/matrix-org/synapse/issues/5982))
|
||||||
|
- Fix sending of EDUs when OpenTracing is enabled with an empty whitelist. ([\#5984](https://github.com/matrix-org/synapse/issues/5984))
|
||||||
|
- Fix invalid references to None while OpenTracing if the log context slips. ([\#5988](https://github.com/matrix-org/synapse/issues/5988), [\#5991](https://github.com/matrix-org/synapse/issues/5991))
|
||||||
|
- OpenTracing for room and e2e keys. ([\#5855](https://github.com/matrix-org/synapse/issues/5855))
|
||||||
|
- Add OpenTracing span over HTTP push processing. ([\#6003](https://github.com/matrix-org/synapse/issues/6003))
|
||||||
|
- Add an admin API to purge old rooms from the database. ([\#5845](https://github.com/matrix-org/synapse/issues/5845))
|
||||||
|
- Retry well-known lookups if we have recently seen a valid well-known record for the server. ([\#5850](https://github.com/matrix-org/synapse/issues/5850))
|
||||||
|
- Add support for filtered room-directory search requests over federation ([MSC2197](https://github.com/matrix-org/matrix-doc/pull/2197), in order to allow upcoming room directory query performance improvements. ([\#5859](https://github.com/matrix-org/synapse/issues/5859))
|
||||||
|
- Correctly retry all hosts returned from SRV when we fail to connect. ([\#5864](https://github.com/matrix-org/synapse/issues/5864))
|
||||||
|
- Add admin API endpoint for setting whether or not a user is a server administrator. ([\#5878](https://github.com/matrix-org/synapse/issues/5878))
|
||||||
|
- Enable cleaning up extremities with dummy events by default to prevent undue build up of forward extremities. ([\#5884](https://github.com/matrix-org/synapse/issues/5884))
|
||||||
|
- Add config option to sign remote key query responses with a separate key. ([\#5895](https://github.com/matrix-org/synapse/issues/5895))
|
||||||
|
- Add support for config templating. ([\#5900](https://github.com/matrix-org/synapse/issues/5900))
|
||||||
|
- Users with the type of "support" or "bot" are no longer required to consent. ([\#5902](https://github.com/matrix-org/synapse/issues/5902))
|
||||||
|
- Let synctl accept a directory of config files. ([\#5904](https://github.com/matrix-org/synapse/issues/5904))
|
||||||
|
- Increase max display name size to 256. ([\#5906](https://github.com/matrix-org/synapse/issues/5906))
|
||||||
|
- Add admin API endpoint for getting whether or not a user is a server administrator. ([\#5914](https://github.com/matrix-org/synapse/issues/5914))
|
||||||
|
- Redact events in the database that have been redacted for a week. ([\#5934](https://github.com/matrix-org/synapse/issues/5934))
|
||||||
|
- New prometheus metrics:
|
||||||
|
- `synapse_federation_known_servers`: represents the total number of servers your server knows about (i.e. is in rooms with), including itself. Enable by setting `metrics_flags.known_servers` to True in the configuration.([\#5981](https://github.com/matrix-org/synapse/issues/5981))
|
||||||
|
- `synapse_build_info`: exposes the Python version, OS version, and Synapse version of the running server. ([\#6005](https://github.com/matrix-org/synapse/issues/6005))
|
||||||
|
- Give appropriate exit codes when synctl fails. ([\#5992](https://github.com/matrix-org/synapse/issues/5992))
|
||||||
|
- Apply the federation blacklist to requests to identity servers. ([\#6000](https://github.com/matrix-org/synapse/issues/6000))
|
||||||
|
- Add `report_stats_endpoint` option to configure where stats are reported to, if enabled. Contributed by @Sorunome. ([\#6012](https://github.com/matrix-org/synapse/issues/6012))
|
||||||
|
- Add config option to increase ratelimits for room admins redacting messages. ([\#6015](https://github.com/matrix-org/synapse/issues/6015))
|
||||||
|
- Stop sending federation transactions to servers which have been down for a long time. ([\#6026](https://github.com/matrix-org/synapse/issues/6026))
|
||||||
|
- Make the process for mapping SAML2 users to matrix IDs more flexible. ([\#6037](https://github.com/matrix-org/synapse/issues/6037))
|
||||||
|
- Return a clearer error message when a timeout occurs when attempting to contact an identity server. ([\#6073](https://github.com/matrix-org/synapse/issues/6073))
|
||||||
|
- Prevent password reset's submit_token endpoint from accepting trailing slashes. ([\#6074](https://github.com/matrix-org/synapse/issues/6074))
|
||||||
|
- Return 403 on `/register/available` if registration has been disabled. ([\#6082](https://github.com/matrix-org/synapse/issues/6082))
|
||||||
|
- Explicitly log when a homeserver does not have the `trusted_key_servers` config field configured. ([\#6090](https://github.com/matrix-org/synapse/issues/6090))
|
||||||
|
- Add support for pruning old rows in `user_ips` table. ([\#6098](https://github.com/matrix-org/synapse/issues/6098))
|
||||||
|
|
||||||
|
Bugfixes
|
||||||
|
--------
|
||||||
|
|
||||||
|
- Don't create broken room when `power_level_content_override.users` does not contain `creator_id`. ([\#5633](https://github.com/matrix-org/synapse/issues/5633))
|
||||||
|
- Fix database index so that different backup versions can have the same sessions. ([\#5857](https://github.com/matrix-org/synapse/issues/5857))
|
||||||
|
- Fix Synapse looking for config options `password_reset_failure_template` and `password_reset_success_template`, when they are actually `password_reset_template_failure_html`, `password_reset_template_success_html`. ([\#5863](https://github.com/matrix-org/synapse/issues/5863))
|
||||||
|
- Fix stack overflow when recovering an appservice which had an outage. ([\#5885](https://github.com/matrix-org/synapse/issues/5885))
|
||||||
|
- Fix error message which referred to `public_base_url` instead of `public_baseurl`. Thanks to @aaronraimist for the fix! ([\#5909](https://github.com/matrix-org/synapse/issues/5909))
|
||||||
|
- Fix 404 for thumbnail download when `dynamic_thumbnails` is `false` and the thumbnail was dynamically generated. Fix reported by rkfg. ([\#5915](https://github.com/matrix-org/synapse/issues/5915))
|
||||||
|
- Fix a cache-invalidation bug for worker-based deployments. ([\#5920](https://github.com/matrix-org/synapse/issues/5920))
|
||||||
|
- Fix admin API for listing media in a room not being available with an external media repo. ([\#5966](https://github.com/matrix-org/synapse/issues/5966))
|
||||||
|
- Fix list media admin API always returning an error. ([\#5967](https://github.com/matrix-org/synapse/issues/5967))
|
||||||
|
- Fix room and user stats tracking. ([\#5971](https://github.com/matrix-org/synapse/issues/5971), [\#5998](https://github.com/matrix-org/synapse/issues/5998), [\#6029](https://github.com/matrix-org/synapse/issues/6029))
|
||||||
|
- Return a `M_MISSING_PARAM` if `sid` is not provided to `/account/3pid`. ([\#5995](https://github.com/matrix-org/synapse/issues/5995))
|
||||||
|
- `federation_certificate_verification_whitelist` now will not cause `TypeErrors` to be raised (a regression in 1.3). Additionally, it now supports internationalised domain names in their non-canonical representation. ([\#5996](https://github.com/matrix-org/synapse/issues/5996))
|
||||||
|
- Only count real users when checking for auto-creation of auto-join room. ([\#6004](https://github.com/matrix-org/synapse/issues/6004))
|
||||||
|
- Ensure support users can be registered even if MAU limit is reached. ([\#6020](https://github.com/matrix-org/synapse/issues/6020))
|
||||||
|
- Fix bug where login error was shown incorrectly on SSO fallback login. ([\#6024](https://github.com/matrix-org/synapse/issues/6024))
|
||||||
|
- Fix bug in calculating the federation retry backoff period. ([\#6025](https://github.com/matrix-org/synapse/issues/6025))
|
||||||
|
- Prevent exceptions being logged when extremity-cleanup events fail due to lack of user consent to the terms of service. ([\#6053](https://github.com/matrix-org/synapse/issues/6053))
|
||||||
|
- Remove POST method from password-reset `submit_token` endpoint until we implement `submit_url` functionality. ([\#6056](https://github.com/matrix-org/synapse/issues/6056))
|
||||||
|
- Fix logcontext spam on non-Linux platforms. ([\#6059](https://github.com/matrix-org/synapse/issues/6059))
|
||||||
|
- Ensure query parameters in email validation links are URL-encoded. ([\#6063](https://github.com/matrix-org/synapse/issues/6063))
|
||||||
|
- Fix a bug which caused SAML attribute maps to be overridden by defaults. ([\#6069](https://github.com/matrix-org/synapse/issues/6069))
|
||||||
|
- Fix the logged number of updated items for the `users_set_deactivated_flag` background update. ([\#6092](https://github.com/matrix-org/synapse/issues/6092))
|
||||||
|
- Add `sid` to `next_link` for email validation. ([\#6097](https://github.com/matrix-org/synapse/issues/6097))
|
||||||
|
- Threepid validity checks on msisdns should not be dependent on `threepid_behaviour_email`. ([\#6104](https://github.com/matrix-org/synapse/issues/6104))
|
||||||
|
- Ensure that servers which are not configured to support email address verification do not offer it in the registration flows. ([\#6107](https://github.com/matrix-org/synapse/issues/6107))
|
||||||
|
|
||||||
|
|
||||||
|
Updates to the Docker image
|
||||||
|
---------------------------
|
||||||
|
|
||||||
|
- Avoid changing `UID/GID` if they are already correct. ([\#5970](https://github.com/matrix-org/synapse/issues/5970))
|
||||||
|
- Provide `SYNAPSE_WORKER` envvar to specify python module. ([\#6058](https://github.com/matrix-org/synapse/issues/6058))
|
||||||
|
|
||||||
|
|
||||||
|
Improved Documentation
|
||||||
|
----------------------
|
||||||
|
|
||||||
|
- Convert documentation to markdown (from rst) ([\#5849](https://github.com/matrix-org/synapse/issues/5849))
|
||||||
|
- Update `INSTALL.md` to say that Python 2 is no longer supported. ([\#5953](https://github.com/matrix-org/synapse/issues/5953))
|
||||||
|
- Add developer documentation for using SAML2. ([\#6032](https://github.com/matrix-org/synapse/issues/6032))
|
||||||
|
- Add some notes on rolling back to v1.3.1. ([\#6049](https://github.com/matrix-org/synapse/issues/6049))
|
||||||
|
- Update the upgrade notes. ([\#6050](https://github.com/matrix-org/synapse/issues/6050))
|
||||||
|
|
||||||
|
|
||||||
|
Deprecations and Removals
|
||||||
|
-------------------------
|
||||||
|
|
||||||
|
- Remove shared-secret registration from `/_matrix/client/r0/register` endpoint. Contributed by Awesome Technologies Innovationslabor GmbH. ([\#5877](https://github.com/matrix-org/synapse/issues/5877))
|
||||||
|
- Deprecate the `trusted_third_party_id_servers` option. ([\#5875](https://github.com/matrix-org/synapse/issues/5875))
|
||||||
|
|
||||||
|
|
||||||
|
Internal Changes
|
||||||
|
----------------
|
||||||
|
|
||||||
|
- Lay the groundwork for structured logging output. ([\#5680](https://github.com/matrix-org/synapse/issues/5680))
|
||||||
|
- Retry well-known lookup before the cache expires, giving a grace period where the remote well-known can be down but we still use the old result. ([\#5844](https://github.com/matrix-org/synapse/issues/5844))
|
||||||
|
- Remove log line for debugging issue #5407. ([\#5860](https://github.com/matrix-org/synapse/issues/5860))
|
||||||
|
- Refactor the Appservice scheduler code. ([\#5886](https://github.com/matrix-org/synapse/issues/5886))
|
||||||
|
- Compatibility with v2 Identity Service APIs other than /lookup. ([\#5892](https://github.com/matrix-org/synapse/issues/5892), [\#6013](https://github.com/matrix-org/synapse/issues/6013))
|
||||||
|
- Stop populating some unused tables. ([\#5893](https://github.com/matrix-org/synapse/issues/5893), [\#6047](https://github.com/matrix-org/synapse/issues/6047))
|
||||||
|
- Add missing index on `users_in_public_rooms` to improve the performance of directory queries. ([\#5894](https://github.com/matrix-org/synapse/issues/5894))
|
||||||
|
- Improve the logging when we have an error when fetching signing keys. ([\#5896](https://github.com/matrix-org/synapse/issues/5896))
|
||||||
|
- Add support for database engine-specific schema deltas, based on file extension. ([\#5911](https://github.com/matrix-org/synapse/issues/5911))
|
||||||
|
- Update Buildkite pipeline to use plugins instead of buildkite-agent commands. ([\#5922](https://github.com/matrix-org/synapse/issues/5922))
|
||||||
|
- Add link in sample config to the logging config schema. ([\#5926](https://github.com/matrix-org/synapse/issues/5926))
|
||||||
|
- Remove unnecessary parentheses in return statements. ([\#5931](https://github.com/matrix-org/synapse/issues/5931))
|
||||||
|
- Remove unused `jenkins/prepare_sytest.sh` file. ([\#5938](https://github.com/matrix-org/synapse/issues/5938))
|
||||||
|
- Move Buildkite pipeline config to the pipelines repo. ([\#5943](https://github.com/matrix-org/synapse/issues/5943))
|
||||||
|
- Remove unnecessary return statements in the codebase which were the result of a regex run. ([\#5962](https://github.com/matrix-org/synapse/issues/5962))
|
||||||
|
- Remove left-over methods from v1 registration API. ([\#5963](https://github.com/matrix-org/synapse/issues/5963))
|
||||||
|
- Cleanup event auth type initialisation. ([\#5975](https://github.com/matrix-org/synapse/issues/5975))
|
||||||
|
- Clean up dependency checking at setup. ([\#5989](https://github.com/matrix-org/synapse/issues/5989))
|
||||||
|
- Update OpenTracing docs to use the unified `trace` method. ([\#5776](https://github.com/matrix-org/synapse/issues/5776))
|
||||||
|
- Small refactor of function arguments and docstrings in` RoomMemberHandler`. ([\#6009](https://github.com/matrix-org/synapse/issues/6009))
|
||||||
|
- Remove unused `origin` argument on `FederationHandler.add_display_name_to_third_party_invite`. ([\#6010](https://github.com/matrix-org/synapse/issues/6010))
|
||||||
|
- Add a `failure_ts` column to the `destinations` database table. ([\#6016](https://github.com/matrix-org/synapse/issues/6016), [\#6072](https://github.com/matrix-org/synapse/issues/6072))
|
||||||
|
- Clean up some code in the retry logic. ([\#6017](https://github.com/matrix-org/synapse/issues/6017))
|
||||||
|
- Fix the structured logging tests stomping on the global log configuration for subsequent tests. ([\#6023](https://github.com/matrix-org/synapse/issues/6023))
|
||||||
|
- Clean up the sample config for SAML authentication. ([\#6064](https://github.com/matrix-org/synapse/issues/6064))
|
||||||
|
- Change mailer logging to reflect Synapse doesn't just do chat notifications by email now. ([\#6075](https://github.com/matrix-org/synapse/issues/6075))
|
||||||
|
- Move last-seen info into devices table. ([\#6089](https://github.com/matrix-org/synapse/issues/6089))
|
||||||
|
- Remove unused parameter to `get_user_id_by_threepid`. ([\#6099](https://github.com/matrix-org/synapse/issues/6099))
|
||||||
|
- Refactor the user-interactive auth handling. ([\#6105](https://github.com/matrix-org/synapse/issues/6105))
|
||||||
|
- Refactor code for calculating registration flows. ([\#6106](https://github.com/matrix-org/synapse/issues/6106))
|
||||||
|
|
||||||
|
|
||||||
Synapse 1.3.1 (2019-08-17)
|
Synapse 1.3.1 (2019-08-17)
|
||||||
==========================
|
==========================
|
||||||
|
|
||||||
|
@ -56,7 +56,7 @@ Code style
|
|||||||
|
|
||||||
All Matrix projects have a well-defined code-style - and sometimes we've even
|
All Matrix projects have a well-defined code-style - and sometimes we've even
|
||||||
got as far as documenting it... For instance, synapse's code style doc lives
|
got as far as documenting it... For instance, synapse's code style doc lives
|
||||||
at https://github.com/matrix-org/synapse/tree/master/docs/code_style.rst.
|
at https://github.com/matrix-org/synapse/tree/master/docs/code_style.md.
|
||||||
|
|
||||||
Please ensure your changes match the cosmetic style of the existing project,
|
Please ensure your changes match the cosmetic style of the existing project,
|
||||||
and **never** mix cosmetic and functional changes in the same commit, as it
|
and **never** mix cosmetic and functional changes in the same commit, as it
|
||||||
|
11
INSTALL.md
11
INSTALL.md
@ -349,6 +349,13 @@ sudo pip uninstall py-bcrypt
|
|||||||
sudo pip install py-bcrypt
|
sudo pip install py-bcrypt
|
||||||
```
|
```
|
||||||
|
|
||||||
|
### Void Linux
|
||||||
|
|
||||||
|
Synapse can be found in the void repositories as 'synapse':
|
||||||
|
|
||||||
|
xbps-install -Su
|
||||||
|
xbps-install -S synapse
|
||||||
|
|
||||||
### FreeBSD
|
### FreeBSD
|
||||||
|
|
||||||
Synapse can be installed via FreeBSD Ports or Packages contributed by Brendan Molloy from:
|
Synapse can be installed via FreeBSD Ports or Packages contributed by Brendan Molloy from:
|
||||||
@ -373,7 +380,7 @@ is suitable for local testing, but for any practical use, you will either need
|
|||||||
to enable a reverse proxy, or configure Synapse to expose an HTTPS port.
|
to enable a reverse proxy, or configure Synapse to expose an HTTPS port.
|
||||||
|
|
||||||
For information on using a reverse proxy, see
|
For information on using a reverse proxy, see
|
||||||
[docs/reverse_proxy.rst](docs/reverse_proxy.rst).
|
[docs/reverse_proxy.md](docs/reverse_proxy.md).
|
||||||
|
|
||||||
To configure Synapse to expose an HTTPS port, you will need to edit
|
To configure Synapse to expose an HTTPS port, you will need to edit
|
||||||
`homeserver.yaml`, as follows:
|
`homeserver.yaml`, as follows:
|
||||||
@ -446,7 +453,7 @@ on your server even if `enable_registration` is `false`.
|
|||||||
## Setting up a TURN server
|
## Setting up a TURN server
|
||||||
|
|
||||||
For reliable VoIP calls to be routed via this homeserver, you MUST configure
|
For reliable VoIP calls to be routed via this homeserver, you MUST configure
|
||||||
a TURN server. See [docs/turn-howto.rst](docs/turn-howto.rst) for details.
|
a TURN server. See [docs/turn-howto.md](docs/turn-howto.md) for details.
|
||||||
|
|
||||||
## URL previews
|
## URL previews
|
||||||
|
|
||||||
|
16
MANIFEST.in
16
MANIFEST.in
@ -38,14 +38,14 @@ exclude sytest-blacklist
|
|||||||
include pyproject.toml
|
include pyproject.toml
|
||||||
recursive-include changelog.d *
|
recursive-include changelog.d *
|
||||||
|
|
||||||
|
prune .buildkite
|
||||||
|
prune .circleci
|
||||||
|
prune .codecov.yml
|
||||||
|
prune .coveragerc
|
||||||
prune .github
|
prune .github
|
||||||
|
prune debian
|
||||||
prune demo/etc
|
prune demo/etc
|
||||||
prune docker
|
prune docker
|
||||||
prune .circleci
|
prune mypy.ini
|
||||||
prune .coveragerc
|
prune snap
|
||||||
prune debian
|
prune stubs
|
||||||
prune .codecov.yml
|
|
||||||
prune .buildkite
|
|
||||||
|
|
||||||
exclude jenkins*
|
|
||||||
recursive-exclude jenkins *.sh
|
|
||||||
|
19
README.rst
19
README.rst
@ -115,7 +115,7 @@ Registering a new user from a client
|
|||||||
|
|
||||||
By default, registration of new users via Matrix clients is disabled. To enable
|
By default, registration of new users via Matrix clients is disabled. To enable
|
||||||
it, specify ``enable_registration: true`` in ``homeserver.yaml``. (It is then
|
it, specify ``enable_registration: true`` in ``homeserver.yaml``. (It is then
|
||||||
recommended to also set up CAPTCHA - see `<docs/CAPTCHA_SETUP.rst>`_.)
|
recommended to also set up CAPTCHA - see `<docs/CAPTCHA_SETUP.md>`_.)
|
||||||
|
|
||||||
Once ``enable_registration`` is set to ``true``, it is possible to register a
|
Once ``enable_registration`` is set to ``true``, it is possible to register a
|
||||||
user via `riot.im <https://riot.im/app/#/register>`_ or other Matrix clients.
|
user via `riot.im <https://riot.im/app/#/register>`_ or other Matrix clients.
|
||||||
@ -186,7 +186,7 @@ Almost all installations should opt to use PostreSQL. Advantages include:
|
|||||||
synapse itself.
|
synapse itself.
|
||||||
|
|
||||||
For information on how to install and use PostgreSQL, please see
|
For information on how to install and use PostgreSQL, please see
|
||||||
`docs/postgres.rst <docs/postgres.rst>`_.
|
`docs/postgres.md <docs/postgres.md>`_.
|
||||||
|
|
||||||
.. _reverse-proxy:
|
.. _reverse-proxy:
|
||||||
|
|
||||||
@ -201,7 +201,7 @@ It is recommended to put a reverse proxy such as
|
|||||||
doing so is that it means that you can expose the default https port (443) to
|
doing so is that it means that you can expose the default https port (443) to
|
||||||
Matrix clients without needing to run Synapse with root privileges.
|
Matrix clients without needing to run Synapse with root privileges.
|
||||||
|
|
||||||
For information on configuring one, see `<docs/reverse_proxy.rst>`_.
|
For information on configuring one, see `<docs/reverse_proxy.md>`_.
|
||||||
|
|
||||||
Identity Servers
|
Identity Servers
|
||||||
================
|
================
|
||||||
@ -381,3 +381,16 @@ indicate that your server is also issuing far more outgoing federation
|
|||||||
requests than can be accounted for by your users' activity, this is a
|
requests than can be accounted for by your users' activity, this is a
|
||||||
likely cause. The misbehavior can be worked around by setting
|
likely cause. The misbehavior can be worked around by setting
|
||||||
``use_presence: false`` in the Synapse config file.
|
``use_presence: false`` in the Synapse config file.
|
||||||
|
|
||||||
|
People can't accept room invitations from me
|
||||||
|
--------------------------------------------
|
||||||
|
|
||||||
|
The typical failure mode here is that you send an invitation to someone
|
||||||
|
to join a room or direct chat, but when they go to accept it, they get an
|
||||||
|
error (typically along the lines of "Invalid signature"). They might see
|
||||||
|
something like the following in their logs::
|
||||||
|
|
||||||
|
2019-09-11 19:32:04,271 - synapse.federation.transport.server - 288 - WARNING - GET-11752 - authenticate_request failed: 401: Invalid signature for server <server> with key ed25519:a_EqML: Unable to verify signature for <server>
|
||||||
|
|
||||||
|
This is normally caused by a misconfiguration in your reverse-proxy. See
|
||||||
|
`<docs/reverse_proxy.rst>`_ and double-check that your settings are correct.
|
||||||
|
302
UPGRADE.rst
302
UPGRADE.rst
@ -2,108 +2,268 @@ Upgrading Synapse
|
|||||||
=================
|
=================
|
||||||
|
|
||||||
Before upgrading check if any special steps are required to upgrade from the
|
Before upgrading check if any special steps are required to upgrade from the
|
||||||
what you currently have installed to current version of synapse. The extra
|
what you currently have installed to current version of Synapse. The extra
|
||||||
instructions that may be required are listed later in this document.
|
instructions that may be required are listed later in this document.
|
||||||
|
|
||||||
1. If synapse was installed in a virtualenv then activate that virtualenv before
|
* If Synapse was installed using `prebuilt packages
|
||||||
upgrading. If synapse is installed in a virtualenv in ``~/synapse/env`` then
|
<INSTALL.md#prebuilt-packages>`_, you will need to follow the normal process
|
||||||
run:
|
for upgrading those packages.
|
||||||
|
|
||||||
.. code:: bash
|
* If Synapse was installed from source, then:
|
||||||
|
|
||||||
|
1. Activate the virtualenv before upgrading. For example, if Synapse is
|
||||||
|
installed in a virtualenv in ``~/synapse/env`` then run:
|
||||||
|
|
||||||
|
.. code:: bash
|
||||||
|
|
||||||
source ~/synapse/env/bin/activate
|
source ~/synapse/env/bin/activate
|
||||||
|
|
||||||
2. If synapse was installed using pip then upgrade to the latest version by
|
2. If Synapse was installed using pip then upgrade to the latest version by
|
||||||
running:
|
running:
|
||||||
|
|
||||||
.. code:: bash
|
.. code:: bash
|
||||||
|
|
||||||
pip install --upgrade matrix-synapse[all]
|
pip install --upgrade matrix-synapse
|
||||||
|
|
||||||
# restart synapse
|
If Synapse was installed using git then upgrade to the latest version by
|
||||||
synctl restart
|
running:
|
||||||
|
|
||||||
|
.. code:: bash
|
||||||
If synapse was installed using git then upgrade to the latest version by
|
|
||||||
running:
|
|
||||||
|
|
||||||
.. code:: bash
|
|
||||||
|
|
||||||
# Pull the latest version of the master branch.
|
|
||||||
git pull
|
git pull
|
||||||
|
pip install --upgrade .
|
||||||
|
|
||||||
# Update synapse and its python dependencies.
|
3. Restart Synapse:
|
||||||
pip install --upgrade .[all]
|
|
||||||
|
.. code:: bash
|
||||||
|
|
||||||
# restart synapse
|
|
||||||
./synctl restart
|
./synctl restart
|
||||||
|
|
||||||
|
To check whether your update was successful, you can check the running server
|
||||||
To check whether your update was successful, you can check the Server header
|
version with:
|
||||||
returned by the Client-Server API:
|
|
||||||
|
|
||||||
.. code:: bash
|
.. code:: bash
|
||||||
|
|
||||||
# replace <host.name> with the hostname of your synapse homeserver.
|
# you may need to replace 'localhost:8008' if synapse is not configured
|
||||||
# You may need to specify a port (eg, :8448) if your server is not
|
# to listen on port 8008.
|
||||||
# configured on port 443.
|
|
||||||
curl -kv https://<host.name>/_matrix/client/versions 2>&1 | grep "Server:"
|
curl http://localhost:8008/_synapse/admin/v1/server_version
|
||||||
|
|
||||||
|
Rolling back to older versions
|
||||||
|
------------------------------
|
||||||
|
|
||||||
|
Rolling back to previous releases can be difficult, due to database schema
|
||||||
|
changes between releases. Where we have been able to test the rollback process,
|
||||||
|
this will be noted below.
|
||||||
|
|
||||||
|
In general, you will need to undo any changes made during the upgrade process,
|
||||||
|
for example:
|
||||||
|
|
||||||
|
* pip:
|
||||||
|
|
||||||
|
.. code:: bash
|
||||||
|
|
||||||
|
source env/bin/activate
|
||||||
|
# replace `1.3.0` accordingly:
|
||||||
|
pip install matrix-synapse==1.3.0
|
||||||
|
|
||||||
|
* Debian:
|
||||||
|
|
||||||
|
.. code:: bash
|
||||||
|
|
||||||
|
# replace `1.3.0` and `stretch` accordingly:
|
||||||
|
wget https://packages.matrix.org/debian/pool/main/m/matrix-synapse-py3/matrix-synapse-py3_1.3.0+stretch1_amd64.deb
|
||||||
|
dpkg -i matrix-synapse-py3_1.3.0+stretch1_amd64.deb
|
||||||
|
|
||||||
Upgrading to v1.4.0
|
Upgrading to v1.4.0
|
||||||
===================
|
===================
|
||||||
|
|
||||||
Config options
|
New custom templates
|
||||||
--------------
|
--------------------
|
||||||
|
|
||||||
**Note: Registration by email address or phone number will not work in this release unless
|
If you have configured a custom template directory with the
|
||||||
some config options are changed from their defaults.**
|
``email.template_dir`` option, be aware that there are new templates regarding
|
||||||
|
registration and threepid management (see below) that must be included.
|
||||||
|
|
||||||
This is due to Synapse v1.4.0 now defaulting to sending registration and password reset tokens
|
* ``registration.html`` and ``registration.txt``
|
||||||
itself. This is for security reasons as well as putting less reliance on identity servers.
|
* ``registration_success.html`` and ``registration_failure.html``
|
||||||
However, currently Synapse only supports sending emails, and does not have support for
|
* ``add_threepid.html`` and ``add_threepid.txt``
|
||||||
phone-based password reset or account registration. If Synapse is configured to handle these on
|
* ``add_threepid_failure.html`` and ``add_threepid_success.html``
|
||||||
its own, phone-based password resets and registration will be disabled. For Synapse to send
|
|
||||||
emails, the ``email`` block of the config must be filled out. If not, then password resets and
|
|
||||||
registration via email will be disabled entirely.
|
|
||||||
|
|
||||||
This release also deprecates the ``email.trust_identity_server_for_password_resets`` option and
|
Synapse will expect these files to exist inside the configured template
|
||||||
replaces it with the ``account_threepid_delegates`` dictionary. This option defines whether the
|
directory, and **will fail to start** if they are absent.
|
||||||
homeserver should delegate an external server (typically an `identity server
|
To view the default templates, see `synapse/res/templates
|
||||||
<https://matrix.org/docs/spec/identity_service/r0.2.1>`_) to handle sending password reset or
|
|
||||||
registration messages via email and SMS.
|
|
||||||
|
|
||||||
If ``email.trust_identity_server_for_password_resets`` is set to ``true``, and
|
|
||||||
``account_threepid_delegates.email`` is not set, then the first entry in
|
|
||||||
``trusted_third_party_id_servers`` will be used as the account threepid delegate for email.
|
|
||||||
This is to ensure compatibility with existing Synapse installs that set up external server
|
|
||||||
handling for these tasks before v1.4.0. If ``email.trust_identity_server_for_password_resets``
|
|
||||||
is ``true`` and no trusted identity server domains are configured, Synapse will throw an error.
|
|
||||||
|
|
||||||
If ``email.trust_identity_server_for_password_resets`` is ``false`` or absent and a threepid
|
|
||||||
type in ``account_threepid_delegates`` is not set to a domain, then Synapse will attempt to
|
|
||||||
send password reset and registration messages for that type.
|
|
||||||
|
|
||||||
Email templates
|
|
||||||
---------------
|
|
||||||
|
|
||||||
If you have configured a custom template directory with the ``email.template_dir`` option, be
|
|
||||||
aware that there are new templates regarding registration. ``registration.html`` and
|
|
||||||
``registration.txt`` have been added and contain the content that is sent to a client upon
|
|
||||||
registering via an email address.
|
|
||||||
|
|
||||||
``registration_success.html`` and ``registration_failure.html`` are also new HTML templates
|
|
||||||
that will be shown to the user when they click the link in their registration emai , either
|
|
||||||
showing them a success or failure page (assuming a redirect URL is not configured).
|
|
||||||
|
|
||||||
Synapse will expect these files to exist inside the configured template directory. To view the
|
|
||||||
default templates, see `synapse/res/templates
|
|
||||||
<https://github.com/matrix-org/synapse/tree/master/synapse/res/templates>`_.
|
<https://github.com/matrix-org/synapse/tree/master/synapse/res/templates>`_.
|
||||||
|
|
||||||
|
3pid verification changes
|
||||||
|
-------------------------
|
||||||
|
|
||||||
|
**Note: As of this release, users will be unable to add phone numbers or email
|
||||||
|
addresses to their accounts, without changes to the Synapse configuration. This
|
||||||
|
includes adding an email address during registration.**
|
||||||
|
|
||||||
|
It is possible for a user to associate an email address or phone number
|
||||||
|
with their account, for a number of reasons:
|
||||||
|
|
||||||
|
* for use when logging in, as an alternative to the user id.
|
||||||
|
* in the case of email, as an alternative contact to help with account recovery.
|
||||||
|
* in the case of email, to receive notifications of missed messages.
|
||||||
|
|
||||||
|
Before an email address or phone number can be added to a user's account,
|
||||||
|
or before such an address is used to carry out a password-reset, Synapse must
|
||||||
|
confirm the operation with the owner of the email address or phone number.
|
||||||
|
It does this by sending an email or text giving the user a link or token to confirm
|
||||||
|
receipt. This process is known as '3pid verification'. ('3pid', or 'threepid',
|
||||||
|
stands for third-party identifier, and we use it to refer to external
|
||||||
|
identifiers such as email addresses and phone numbers.)
|
||||||
|
|
||||||
|
Previous versions of Synapse delegated the task of 3pid verification to an
|
||||||
|
identity server by default. In most cases this server is ``vector.im`` or
|
||||||
|
``matrix.org``.
|
||||||
|
|
||||||
|
In Synapse 1.4.0, for security and privacy reasons, the homeserver will no
|
||||||
|
longer delegate this task to an identity server by default. Instead,
|
||||||
|
the server administrator will need to explicitly decide how they would like the
|
||||||
|
verification messages to be sent.
|
||||||
|
|
||||||
|
In the medium term, the ``vector.im`` and ``matrix.org`` identity servers will
|
||||||
|
disable support for delegated 3pid verification entirely. However, in order to
|
||||||
|
ease the transition, they will retain the capability for a limited
|
||||||
|
period. Delegated email verification will be disabled on Monday 2nd December
|
||||||
|
2019 (giving roughly 2 months notice). Disabling delegated SMS verification
|
||||||
|
will follow some time after that once SMS verification support lands in
|
||||||
|
Synapse.
|
||||||
|
|
||||||
|
Once delegated 3pid verification support has been disabled in the ``vector.im`` and
|
||||||
|
``matrix.org`` identity servers, all Synapse versions that depend on those
|
||||||
|
instances will be unable to verify email and phone numbers through them. There
|
||||||
|
are no imminent plans to remove delegated 3pid verification from Sydent
|
||||||
|
generally. (Sydent is the identity server project that backs the ``vector.im`` and
|
||||||
|
``matrix.org`` instances).
|
||||||
|
|
||||||
|
Email
|
||||||
|
~~~~~
|
||||||
|
Following upgrade, to continue verifying email (e.g. as part of the
|
||||||
|
registration process), admins can either:-
|
||||||
|
|
||||||
|
* Configure Synapse to use an email server.
|
||||||
|
* Run or choose an identity server which allows delegated email verification
|
||||||
|
and delegate to it.
|
||||||
|
|
||||||
|
Configure SMTP in Synapse
|
||||||
|
+++++++++++++++++++++++++
|
||||||
|
|
||||||
|
To configure an SMTP server for Synapse, modify the configuration section
|
||||||
|
headed ``email``, and be sure to have at least the ``smtp_host, smtp_port``
|
||||||
|
and ``notif_from`` fields filled out.
|
||||||
|
|
||||||
|
You may also need to set ``smtp_user``, ``smtp_pass``, and
|
||||||
|
``require_transport_security``.
|
||||||
|
|
||||||
|
See the `sample configuration file <docs/sample_config.yaml>`_ for more details
|
||||||
|
on these settings.
|
||||||
|
|
||||||
|
Delegate email to an identity server
|
||||||
|
++++++++++++++++++++++++++++++++++++
|
||||||
|
|
||||||
|
Some admins will wish to continue using email verification as part of the
|
||||||
|
registration process, but will not immediately have an appropriate SMTP server
|
||||||
|
at hand.
|
||||||
|
|
||||||
|
To this end, we will continue to support email verification delegation via the
|
||||||
|
``vector.im`` and ``matrix.org`` identity servers for two months. Support for
|
||||||
|
delegated email verification will be disabled on Monday 2nd December.
|
||||||
|
|
||||||
|
The ``account_threepid_delegates`` dictionary defines whether the homeserver
|
||||||
|
should delegate an external server (typically an `identity server
|
||||||
|
<https://matrix.org/docs/spec/identity_service/r0.2.1>`_) to handle sending
|
||||||
|
confirmation messages via email and SMS.
|
||||||
|
|
||||||
|
So to delegate email verification, in ``homeserver.yaml``, set
|
||||||
|
``account_threepid_delegates.email`` to the base URL of an identity server. For
|
||||||
|
example:
|
||||||
|
|
||||||
|
.. code:: yaml
|
||||||
|
|
||||||
|
account_threepid_delegates:
|
||||||
|
email: https://example.com # Delegate email sending to example.com
|
||||||
|
|
||||||
|
Note that ``account_threepid_delegates.email`` replaces the deprecated
|
||||||
|
``email.trust_identity_server_for_password_resets``: if
|
||||||
|
``email.trust_identity_server_for_password_resets`` is set to ``true``, and
|
||||||
|
``account_threepid_delegates.email`` is not set, then the first entry in
|
||||||
|
``trusted_third_party_id_servers`` will be used as the
|
||||||
|
``account_threepid_delegate`` for email. This is to ensure compatibility with
|
||||||
|
existing Synapse installs that set up external server handling for these tasks
|
||||||
|
before v1.4.0. If ``email.trust_identity_server_for_password_resets`` is
|
||||||
|
``true`` and no trusted identity server domains are configured, Synapse will
|
||||||
|
report an error and refuse to start.
|
||||||
|
|
||||||
|
If ``email.trust_identity_server_for_password_resets`` is ``false`` or absent
|
||||||
|
and no ``email`` delegate is configured in ``account_threepid_delegates``,
|
||||||
|
then Synapse will send email verification messages itself, using the configured
|
||||||
|
SMTP server (see above).
|
||||||
|
that type.
|
||||||
|
|
||||||
|
Phone numbers
|
||||||
|
~~~~~~~~~~~~~
|
||||||
|
|
||||||
|
Synapse does not support phone-number verification itself, so the only way to
|
||||||
|
maintain the ability for users to add phone numbers to their accounts will be
|
||||||
|
by continuing to delegate phone number verification to the ``matrix.org`` and
|
||||||
|
``vector.im`` identity servers (or another identity server that supports SMS
|
||||||
|
sending).
|
||||||
|
|
||||||
|
The ``account_threepid_delegates`` dictionary defines whether the homeserver
|
||||||
|
should delegate an external server (typically an `identity server
|
||||||
|
<https://matrix.org/docs/spec/identity_service/r0.2.1>`_) to handle sending
|
||||||
|
confirmation messages via email and SMS.
|
||||||
|
|
||||||
|
So to delegate phone number verification, in ``homeserver.yaml``, set
|
||||||
|
``account_threepid_delegates.msisdn`` to the base URL of an identity
|
||||||
|
server. For example:
|
||||||
|
|
||||||
|
.. code:: yaml
|
||||||
|
|
||||||
|
account_threepid_delegates:
|
||||||
|
msisdn: https://example.com # Delegate sms sending to example.com
|
||||||
|
|
||||||
|
The ``matrix.org`` and ``vector.im`` identity servers will continue to support
|
||||||
|
delegated phone number verification via SMS until such time as it is possible
|
||||||
|
for admins to configure their servers to perform phone number verification
|
||||||
|
directly. More details will follow in a future release.
|
||||||
|
|
||||||
|
Rolling back to v1.3.1
|
||||||
|
----------------------
|
||||||
|
|
||||||
|
If you encounter problems with v1.4.0, it should be possible to roll back to
|
||||||
|
v1.3.1, subject to the following:
|
||||||
|
|
||||||
|
* The 'room statistics' engine was heavily reworked in this release (see
|
||||||
|
`#5971 <https://github.com/matrix-org/synapse/pull/5971>`_), including
|
||||||
|
significant changes to the database schema, which are not easily
|
||||||
|
reverted. This will cause the room statistics engine to stop updating when
|
||||||
|
you downgrade.
|
||||||
|
|
||||||
|
The room statistics are essentially unused in v1.3.1 (in future versions of
|
||||||
|
Synapse, they will be used to populate the room directory), so there should
|
||||||
|
be no loss of functionality. However, the statistics engine will write errors
|
||||||
|
to the logs, which can be avoided by setting the following in
|
||||||
|
`homeserver.yaml`:
|
||||||
|
|
||||||
|
.. code:: yaml
|
||||||
|
|
||||||
|
stats:
|
||||||
|
enabled: false
|
||||||
|
|
||||||
|
Don't forget to re-enable it when you upgrade again, in preparation for its
|
||||||
|
use in the room directory!
|
||||||
|
|
||||||
Upgrading to v1.2.0
|
Upgrading to v1.2.0
|
||||||
===================
|
===================
|
||||||
|
|
||||||
Some counter metrics have been renamed, with the old names deprecated. See
|
Some counter metrics have been renamed, with the old names deprecated. See
|
||||||
`the metrics documentation <docs/metrics-howto.rst#renaming-of-metrics--deprecation-of-old-names-in-12>`_
|
`the metrics documentation <docs/metrics-howto.md#renaming-of-metrics--deprecation-of-old-names-in-12>`_
|
||||||
for details.
|
for details.
|
||||||
|
|
||||||
Upgrading to v1.1.0
|
Upgrading to v1.1.0
|
||||||
|
1
changelog.d/1172.misc
Normal file
1
changelog.d/1172.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Update `user_filters` table to have a unique index, and non-null columns. Thanks to @pik for contributing this.
|
1
changelog.d/2142.feature
Normal file
1
changelog.d/2142.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Improve quality of thumbnails for 1-bit/8-bit color palette images.
|
1
changelog.d/2380.bugfix
Normal file
1
changelog.d/2380.bugfix
Normal file
@ -0,0 +1 @@
|
|||||||
|
Return an HTTP 404 instead of 400 when requesting a filter by ID that is unknown to the server. Thanks to @krombel for contributing this!
|
1
changelog.d/3436.bugfix
Normal file
1
changelog.d/3436.bugfix
Normal file
@ -0,0 +1 @@
|
|||||||
|
Fix a problem where users could be invited twice to the same group.
|
1
changelog.d/4088.bugfix
Normal file
1
changelog.d/4088.bugfix
Normal file
@ -0,0 +1 @@
|
|||||||
|
Added domain validation when including a list of invitees upon room creation.
|
@ -1 +0,0 @@
|
|||||||
Don't create broken room when power_level_content_override.users does not contain creator_id.
|
|
@ -1 +0,0 @@
|
|||||||
Lay the groundwork for structured logging output.
|
|
@ -1 +0,0 @@
|
|||||||
Make Opentracing work in worker mode.
|
|
@ -1 +0,0 @@
|
|||||||
Update opentracing docs to use the unified `trace` method.
|
|
@ -1 +0,0 @@
|
|||||||
Add the ability to send registration emails from the homeserver rather than delegating to an identity server.
|
|
@ -1 +0,0 @@
|
|||||||
Retry well-known lookup before the cache expires, giving a grace period where the remote well-known can be down but we still use the old result.
|
|
@ -1 +0,0 @@
|
|||||||
Add an admin API to purge old rooms from the database.
|
|
@ -1 +0,0 @@
|
|||||||
Add retry to well-known lookups if we have recently seen a valid well-known record for the server.
|
|
@ -1 +0,0 @@
|
|||||||
Pass opentracing contexts between servers when transmitting EDUs.
|
|
@ -1 +0,0 @@
|
|||||||
Opentracing for device list updates.
|
|
@ -1 +0,0 @@
|
|||||||
Opentracing for room and e2e keys.
|
|
@ -1 +0,0 @@
|
|||||||
Add a tag recording a request's authenticated entity and corresponding servlet in opentracing.
|
|
@ -1 +0,0 @@
|
|||||||
Fix database index so that different backup versions can have the same sessions.
|
|
@ -1 +0,0 @@
|
|||||||
Add unstable support for MSC2197 (filtered search requests over federation), in order to allow upcoming room directory query performance improvements.
|
|
@ -1 +0,0 @@
|
|||||||
Remove log line for debugging issue #5407.
|
|
@ -1 +0,0 @@
|
|||||||
Fix Synapse looking for config options `password_reset_failure_template` and `password_reset_success_template`, when they are actually `password_reset_template_failure_html`, `password_reset_template_success_html`.
|
|
@ -1 +0,0 @@
|
|||||||
Correctly retry all hosts returned from SRV when we fail to connect.
|
|
@ -1 +0,0 @@
|
|||||||
Add `m.require_identity_server` key to `/versions`'s `unstable_features` section.
|
|
@ -1 +0,0 @@
|
|||||||
Deprecate the `trusted_third_party_id_servers` option.
|
|
@ -1 +0,0 @@
|
|||||||
Replace `trust_identity_server_for_password_resets` config option with `account_threepid_delegates`.
|
|
@ -1 +0,0 @@
|
|||||||
Remove shared secret registration from client/r0/register endpoint. Contributed by Awesome Technologies Innovationslabor GmbH.
|
|
@ -1 +0,0 @@
|
|||||||
Add admin API endpoint for setting whether or not a user is a server administrator.
|
|
@ -1 +0,0 @@
|
|||||||
Fix stack overflow when recovering an appservice which had an outage.
|
|
@ -1 +0,0 @@
|
|||||||
Refactor the Appservice scheduler code.
|
|
@ -1 +0,0 @@
|
|||||||
Compatibility with v2 Identity Service APIs other than /lookup.
|
|
@ -1 +0,0 @@
|
|||||||
Drop some unused tables.
|
|
@ -1 +0,0 @@
|
|||||||
Add missing index on users_in_public_rooms to improve the performance of directory queries.
|
|
@ -1 +0,0 @@
|
|||||||
Add config option to sign remote key query responses with a separate key.
|
|
@ -1 +0,0 @@
|
|||||||
Improve the logging when we have an error when fetching signing keys.
|
|
@ -1 +0,0 @@
|
|||||||
Add support for config templating.
|
|
@ -1 +0,0 @@
|
|||||||
Users with the type of "support" or "bot" are no longer required to consent.
|
|
@ -1 +0,0 @@
|
|||||||
Let synctl accept a directory of config files.
|
|
@ -1 +0,0 @@
|
|||||||
Increase max display name size to 256.
|
|
@ -1 +0,0 @@
|
|||||||
Fix error message which referred to public_base_url instead of public_baseurl. Thanks to @aaronraimist for the fix!
|
|
@ -1 +0,0 @@
|
|||||||
Add support for database engine-specific schema deltas, based on file extension.
|
|
@ -1 +0,0 @@
|
|||||||
Add admin API endpoint for getting whether or not a user is a server administrator.
|
|
@ -1 +0,0 @@
|
|||||||
Fix 404 for thumbnail download when `dynamic_thumbnails` is `false` and the thumbnail was dynamically generated. Fix reported by rkfg.
|
|
@ -1 +0,0 @@
|
|||||||
Fix a cache-invalidation bug for worker-based deployments.
|
|
@ -1 +0,0 @@
|
|||||||
Update Buildkite pipeline to use plugins instead of buildkite-agent commands.
|
|
@ -1 +0,0 @@
|
|||||||
Add link in sample config to the logging config schema.
|
|
@ -1 +0,0 @@
|
|||||||
Remove unnecessary parentheses in return statements.
|
|
@ -1 +0,0 @@
|
|||||||
Remove unused jenkins/prepare_sytest.sh file.
|
|
@ -1 +0,0 @@
|
|||||||
Add the ability to send registration emails from the homeserver rather than delegating to an identity server.
|
|
@ -1 +0,0 @@
|
|||||||
Move Buildkite pipeline config to the pipelines repo.
|
|
@ -1 +0,0 @@
|
|||||||
Update INSTALL.md to say that Python 2 is no longer supported.
|
|
@ -1 +0,0 @@
|
|||||||
Remove unnecessary return statements in the codebase which were the result of a regex run.
|
|
@ -1 +0,0 @@
|
|||||||
Remove left-over methods from C/S registration API.
|
|
@ -1 +0,0 @@
|
|||||||
Remove `bind_email` and `bind_msisdn` parameters from /register ala MSC2140.
|
|
@ -1 +0,0 @@
|
|||||||
Fix admin API for listing media in a room not being available with an external media repo.
|
|
@ -1 +0,0 @@
|
|||||||
Fix list media admin API always returning an error.
|
|
@ -1 +0,0 @@
|
|||||||
Replace `trust_identity_server_for_password_resets` config option with `account_threepid_delegates`.
|
|
@ -1 +0,0 @@
|
|||||||
Avoid changing UID/GID if they are already correct.
|
|
@ -1 +0,0 @@
|
|||||||
Fix room and user stats tracking.
|
|
@ -1 +0,0 @@
|
|||||||
Cleanup event auth type initialisation.
|
|
1
changelog.d/5978.misc
Normal file
1
changelog.d/5978.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Move lookup-related functions from RoomMemberHandler to IdentityHandler.
|
@ -1 +0,0 @@
|
|||||||
Add POST /_matrix/client/r0/account/3pid/unbind endpoint from MSC2140 for unbinding a 3PID from an identity server without removing it from the homeserver user account.
|
|
@ -1 +0,0 @@
|
|||||||
Setting metrics_flags.known_servers to True in the configuration will publish the synapse_federation_known_servers metric over Prometheus. This represents the total number of servers your server knows about (i.e. is in rooms with), including itself.
|
|
@ -1 +0,0 @@
|
|||||||
Include missing opentracing contexts in outbout replication requests.
|
|
@ -1 +0,0 @@
|
|||||||
Add minimum opentracing for client servlets.
|
|
@ -1 +0,0 @@
|
|||||||
Fix sending of EDUs when opentracing is enabled with an empty whitelist.
|
|
@ -1 +0,0 @@
|
|||||||
Trace replication send times.
|
|
@ -1 +0,0 @@
|
|||||||
Fix invalid references to None while opentracing if the log context slips.
|
|
@ -1 +0,0 @@
|
|||||||
Fix invalid references to None while opentracing if the log context slips.
|
|
@ -1 +0,0 @@
|
|||||||
Add the ability to send registration emails from the homeserver rather than delegating to an identity server.
|
|
@ -1 +0,0 @@
|
|||||||
Add the ability to send registration emails from the homeserver rather than delegating to an identity server.
|
|
@ -1 +0,0 @@
|
|||||||
Return a M_MISSING_PARAM if `sid` is not provided to `/account/3pid`.
|
|
@ -1 +0,0 @@
|
|||||||
Fix room and user stats tracking.
|
|
1
changelog.d/6019.misc
Normal file
1
changelog.d/6019.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Improve performance of the public room list directory.
|
1
changelog.d/6077.misc
Normal file
1
changelog.d/6077.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Edit header dicts docstrings in SimpleHttpClient to note that `str` or `bytes` can be passed as header keys.
|
1
changelog.d/6084.misc
Normal file
1
changelog.d/6084.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Add snapcraft packaging information. Contributed by @devec0.
|
1
changelog.d/6101.misc
Normal file
1
changelog.d/6101.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Kill off half-implemented password-reset via sms.
|
1
changelog.d/6108.misc
Normal file
1
changelog.d/6108.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Remove `get_user_by_req` opentracing span and add some tags.
|
1
changelog.d/6109.bugfix
Normal file
1
changelog.d/6109.bugfix
Normal file
@ -0,0 +1 @@
|
|||||||
|
Fix bug when uploading a large file: Synapse responds with `M_UNKNOWN` while it should be `M_TOO_LARGE` according to spec. Contributed by Anshul Angaria.
|
1
changelog.d/6114.feature
Normal file
1
changelog.d/6114.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
CAS login now provides a default display name for users if a `displayname_attribute` is set in the configuration file.
|
1
changelog.d/6115.misc
Normal file
1
changelog.d/6115.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Drop some unused database tables.
|
1
changelog.d/6125.feature
Normal file
1
changelog.d/6125.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Reject all pending invites for a user during deactivation.
|
1
changelog.d/6127.misc
Normal file
1
changelog.d/6127.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Add env var to turn on tracking of log context changes.
|
1
changelog.d/6137.misc
Normal file
1
changelog.d/6137.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Refactor configuration loading to allow better typechecking.
|
1
changelog.d/6139.misc
Normal file
1
changelog.d/6139.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Log responder when responding to media request.
|
1
changelog.d/6144.bugfix
Normal file
1
changelog.d/6144.bugfix
Normal file
@ -0,0 +1 @@
|
|||||||
|
Prevent user push rules being deleted from a room when it is upgraded.
|
1
changelog.d/6147.bugfix
Normal file
1
changelog.d/6147.bugfix
Normal file
@ -0,0 +1 @@
|
|||||||
|
Don't 500 when trying to exchange a revoked 3PID invite.
|
1
changelog.d/6148.misc
Normal file
1
changelog.d/6148.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Improve performance of `find_next_generated_user_id` DB query.
|
1
changelog.d/6150.misc
Normal file
1
changelog.d/6150.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Expand type-checking on modules imported by synapse.config.
|
1
changelog.d/6152.misc
Normal file
1
changelog.d/6152.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Improve performance of the public room list directory.
|
1
changelog.d/6153.misc
Normal file
1
changelog.d/6153.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Improve performance of the public room list directory.
|
1
changelog.d/6154.misc
Normal file
1
changelog.d/6154.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Improve performance of the public room list directory.
|
1
changelog.d/6155.bugfix
Normal file
1
changelog.d/6155.bugfix
Normal file
@ -0,0 +1 @@
|
|||||||
|
Fix transferring notifications and tags when joining an upgraded room that is new to your server.
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user