Richard van der Hoff
c7401a697f
Implement SAML2 authentication ( #4267 )
...
This implements both a SAML2 metadata endpoint (at
`/_matrix/saml2/metadata.xml`), and a SAML2 response receiver (at
`/_matrix/saml2/authn_response`). If the SAML2 response matches what's been
configured, we complete the SSO login flow by redirecting to the client url
(aka `RelayState` in SAML2 jargon) with a login token.
What we don't yet have is anything to build a SAML2 request and redirect the
user to the identity provider. That is left as an exercise for the reader.
2018-12-07 13:11:11 +01:00
Richard van der Hoff
c588b9b9e4
Factor SSO success handling out of CAS login ( #4264 )
...
This is mostly factoring out the post-CAS-login code to somewhere we can reuse
it for other SSO flows, but it also fixes the userid mapping while we're at it.
2018-12-07 13:10:07 +01:00
Richard van der Hoff
b0c24a66ec
Rip out half-implemented m.login.saml2 support ( #4265 )
...
* Rip out half-implemented m.login.saml2 support
This was implemented in an odd way that left most of the work to the client, in
a way that I really didn't understand. It's going to be a pain to maintain, so
let's start by ripping it out.
* drop undocumented dependency on dateutil
It turns out we were relying on dateutil being pulled in transitively by
pysaml2. There's no need for that bloat.
2018-12-06 19:44:38 +11:00
Richard van der Hoff
9a3e24a13d
drop undocumented dependency on dateutil ( #4266 )
...
It turns out we were relying on dateutil being pulled in transitively by
pysaml2. There's no need for that bloat.
2018-12-06 04:52:42 +11:00
Richard van der Hoff
e8d98466b0
Implement .well-known handling ( #4262 )
...
Sometimes it's useful for synapse to generate its own .well-known file.
2018-12-05 14:38:58 +01:00
Richard van der Hoff
dece89d280
fix upgrade.rst link again
2018-12-04 14:01:27 +00:00
Richard van der Hoff
fe324cb184
Fix link to upgrade notes
2018-12-04 13:59:45 +00:00
Richard van der Hoff
5f00cfa40d
fix typo in changelog
2018-12-04 13:57:28 +00:00
Richard van der Hoff
e55983defe
Prepare 0.34.0rc1
2018-12-04 13:52:16 +00:00
Richard van der Hoff
a2ed0f287e
Merge pull request #4260 from matrix-org/rav/python3
...
Notes on upgrading to python3, and README updates.
2018-12-04 14:46:31 +01:00
Richard van der Hoff
956061732d
Merge pull request #4261 from matrix-org/rav/docker/remove_log_file
...
Remove obsolete settings from docker homeserver.yaml
2018-12-04 14:46:12 +01:00
Richard van der Hoff
75937e9033
Remove obsolete settings from docker homeserver.yaml
...
These aren't used, because we have a `log_config` setting.
2018-12-04 12:31:00 +00:00
Richard van der Hoff
4acd1a3549
Notes on upgrading to python3, and README updates.
2018-12-04 12:28:24 +00:00
Richard van der Hoff
b164241814
Merge pull request #4005 from matrix-org/michaelkaye/move_to_docker_label
...
Use labels to tag builds with their SHA1 version.
2018-12-04 13:14:35 +01:00
Travis Ralston
1737753a62
Add an option to enable recording IPs for appservice users ( #3831 )
2018-12-04 12:44:41 +01:00
Amber Brown
fd96dd75a3
Fix non-ASCII pushrules ( #4248 )
2018-12-04 12:44:02 +01:00
Richard van der Hoff
dd27e47b5c
Merge pull request #4210 from axelsimon/patch-1
...
Replace mentions of Vector with Riot
2018-12-04 12:08:07 +01:00
Travis Ralston
158ffb92f1
Add an option to disable search for homeservers which may not be interested in it ( #4230 )
...
This is useful for homeservers not intended for users, such as bot-only homeservers or ones that only process IoT data.
2018-12-04 12:01:02 +01:00
Aaron Raimist
512e94d230
Add note to UPGRADE.rst about removing riot.im from list of trusted identity servers ( #4224 )
...
* Add note to UPGRADE.rst about removing riot.im from list of trusted identity servers
Signed-off-by: Aaron Raimist <aaron@raim.ist>
* Add changelog
Signed-off-by: Aaron Raimist <aaron@raim.ist>
2018-12-04 11:59:09 +01:00
Ben Parsons
b5ac0ffa0a
add more detail to logging regarding "More than one row matched" error ( #4234 )
2018-12-04 11:57:39 +01:00
Richard van der Hoff
ecc23188f4
Fix UnicodeDecodeError when postgres is not configured in english ( #4253 )
...
This is a bit of a half-assed effort at fixing https://github.com/matrix-org/synapse/issues/4252 . Fundamentally the right answer is to drop support for Python 2.
2018-12-04 11:55:52 +01:00
Richard van der Hoff
f144c0a210
Merge pull request #4244 from aaronraimist/drop-sent-txt
...
Drop sent_transactions
2018-12-04 11:41:28 +01:00
Richard van der Hoff
48972ce9d1
Patch defer.inlineCallbacks to check logcontexts in tests ( #4205 )
2018-12-04 11:30:32 +01:00
Richard van der Hoff
a077e710a3
Merge pull request #4250 from matrix-org/hawkowl/pusher-remove-py3
...
Fix removing pushers on python 3
2018-12-04 11:22:46 +01:00
Richard van der Hoff
a484735bb0
Merge pull request #4257 from aaronraimist/add-editorconfig
...
Add a basic .editorconfig
2018-12-04 11:10:02 +01:00
Richard van der Hoff
52e87fbfbe
Run the AS senders as background processes ( #4189 )
...
This should fix some "Starting db connection from sentinel context" warnings,
and will mean we get metrics for these processes.
2018-12-04 10:53:49 +01:00
Aaron Raimist
3518c28aa8
Add a basic .editorconfig
...
Signed-off-by: Aaron Raimist <aaron@raim.ist>
2018-12-03 22:38:47 -06:00
Amber Brown
998ba41493
changelog
2018-12-03 22:28:12 +11:00
Amber Brown
d3c61ef906
fix type error
2018-12-03 22:27:41 +11:00
Richard van der Hoff
c03324294d
Workaround for non-ascii event ids ( #4241 )
...
It turns out that we accept events with non-ascii IDs, which would later cause
an explosion during state res.
Fixes #4226
2018-12-03 21:47:48 +11:00
Aaron Raimist
44dc4c365b
Add changelog
...
Signed-off-by: Aaron Raimist <aaron@raim.ist>
2018-12-01 23:10:21 -06:00
Aaron Raimist
704c5298f0
Drop sent_transactions
...
Signed-off-by: Aaron Raimist <aaron@raim.ist>
2018-12-01 23:07:35 -06:00
Neil Johnson
7039ece8fb
Neilj/fix autojoin ( #4223 )
...
* Fix auto join failures for servers that require user consent
* Fix auto join failures for servers that require user consent
2018-11-28 22:24:57 +11:00
Amber Brown
8ca53fb53e
Report combined coverage to codecov ( #4225 )
2018-11-28 20:59:31 +11:00
Neil Johnson
f9b136a886
Neilj/fix mau initial reserved users ( #4211 )
...
* fix transaction wrapping bug that caused get_user_id_by_threepid_txn to fail
* towncrier
* white space
2018-11-28 20:33:41 +11:00
Richard van der Hoff
944d524f18
Support m.login.sso ( #4220 )
...
* Clean up the CSS for the fallback login form
I was finding this hard to work with, so simplify a bunch of things. Each
flow is now a form inside a div of class login_flow.
The login_flow class now has a fixed width, as that looks much better than each
flow having a differnt width.
* Support m.login.sso
MSC1721 renames m.login.cas to m.login.sso. This implements the change
(retaining support for m.login.cas for older clients).
* changelog
2018-11-27 18:51:52 +11:00
Richard van der Hoff
a44c0a096f
Check logcontexts before and after each test ( #4190 )
...
* Add better diagnostics to flakey keyring test
* fix interpolation fail
* Check logcontexts before and after each test
* update changelog
* update changelog
2018-11-27 13:47:18 +11:00
Richard van der Hoff
80527b568d
Fix more logcontext leaks in tests ( #4209 )
2018-11-27 13:01:04 +11:00
Richard van der Hoff
de8772a655
Do a GC after each test to fix logcontext leaks ( #4227 )
...
* Some words about garbage collections and logcontexts
* Do a GC after each test to fix logcontext leaks
This feels like an awful hack, but...
* changelog
2018-11-27 13:00:33 +11:00
Amber Brown
e8690dec2e
Merge pull request #4214 from matrix-org/rav/ignore_pycache
...
Ignore __pycache__ directories in schema delta dir
2018-11-20 23:36:30 -06:00
Richard van der Hoff
6c18cc4b50
Ignore __pycache__ directories in schema delta dir
...
Now that we use py3, compiled python ends up in __pycache__ rather than *.pyc.
2018-11-20 22:52:34 +00:00
axel simon
455df4dda0
Replace mentions of Vector with Riot
...
https://github.com/vector-im/vector-web/issues/1977 --> https://github.com/vector-im/riot-web/issues/1977
And mention of Vector as a client replaced with Riot.
2018-11-20 16:57:54 +01:00
Neil Johnson
78ba0e7ab8
Remove riot.im from the list of trusted Identity Servers in the default configuration ( #4207 )
2018-11-20 12:29:25 +01:00
Richard van der Hoff
416c671474
Merge pull request #4204 from matrix-org/rav/logcontext_leak_fixes
...
Fix some logcontext leaks
2018-11-20 12:19:19 +01:00
Amber Brown
31425d82a3
Merge remote-tracking branch 'origin/master' into develop
2018-11-19 12:55:25 -06:00
Amber Brown
678ad155a2
Features
...
--------
- Include flags to optionally add `m.login.terms` to the registration flow when consent tracking is enabled.
([\#4004](https://github.com/matrix-org/synapse/issues/4004 ), [\#4133](https://github.com/matrix-org/synapse/issues/4133 ),
[\#4142](https://github.com/matrix-org/synapse/issues/4142 ), [\#4184](https://github.com/matrix-org/synapse/issues/4184 ))
- Support for replacing rooms with new ones ([\#4091](https://github.com/matrix-org/synapse/issues/4091 ), [\#4099](https://github.com/matrix-org/synapse/issues/4099 ),
[\#4100](https://github.com/matrix-org/synapse/issues/4100 ), [\#4101](https://github.com/matrix-org/synapse/issues/4101 ))
Bugfixes
--------
- Fix exceptions when using the email mailer on Python 3. ([\#4095](https://github.com/matrix-org/synapse/issues/4095 ))
- Fix e2e key backup with more than 9 backup versions ([\#4113](https://github.com/matrix-org/synapse/issues/4113 ))
- Searches that request profile info now no longer fail with a 500. ([\#4122](https://github.com/matrix-org/synapse/issues/4122 ))
- fix return code of empty key backups ([\#4123](https://github.com/matrix-org/synapse/issues/4123 ))
- If the typing stream ID goes backwards (as on a worker when the master restarts), the worker's typing handler will no longer erroneously report rooms containing new
typing events. ([\#4127](https://github.com/matrix-org/synapse/issues/4127 ))
- Fix table lock of device_lists_remote_cache which could freeze the application ([\#4132](https://github.com/matrix-org/synapse/issues/4132 ))
- Fix exception when using state res v2 algorithm ([\#4135](https://github.com/matrix-org/synapse/issues/4135 ))
- Generating the user consent URI no longer fails on Python 3. ([\#4140](https://github.com/matrix-org/synapse/issues/4140 ),
[\#4163](https://github.com/matrix-org/synapse/issues/4163 ))
- Loading URL previews from the DB cache on Postgres will no longer cause Unicode type errors when responding to the request, and URL previews will no longer fail if
the remote server returns a Content-Type header with the chartype in quotes. ([\#4157](https://github.com/matrix-org/synapse/issues/4157 ))
- The hash_password script now works on Python 3. ([\#4161](https://github.com/matrix-org/synapse/issues/4161 ))
- Fix noop checks when updating device keys, reducing spurious device list update notifications. ([\#4164](https://github.com/matrix-org/synapse/issues/4164 ))
Deprecations and Removals
-------------------------
- The disused and un-specced identicon generator has been removed. ([\#4106](https://github.com/matrix-org/synapse/issues/4106 ))
- The obsolete and non-functional /pull federation endpoint has been removed. ([\#4118](https://github.com/matrix-org/synapse/issues/4118 ))
- The deprecated v1 key exchange endpoints have been removed. ([\#4119](https://github.com/matrix-org/synapse/issues/4119 ))
- Synapse will no longer fetch keys using the fallback deprecated v1 key exchange method and will now always use v2.
([\#4120](https://github.com/matrix-org/synapse/issues/4120 ))
Internal Changes
----------------
- Fix build of Docker image with docker-compose ([\#3778](https://github.com/matrix-org/synapse/issues/3778 ))
- Delete unreferenced state groups during history purge ([\#4006](https://github.com/matrix-org/synapse/issues/4006 ))
- The "Received rdata" log messages on workers is now logged at DEBUG, not INFO. ([\#4108](https://github.com/matrix-org/synapse/issues/4108 ))
- Reduce replication traffic for device lists ([\#4109](https://github.com/matrix-org/synapse/issues/4109 ))
- Fix `synapse_replication_tcp_protocol_*_commands` metric label to be full command name, rather than just the first character
([\#4110](https://github.com/matrix-org/synapse/issues/4110 ))
- Log some bits about room creation ([\#4121](https://github.com/matrix-org/synapse/issues/4121 ))
- Fix `tox` failure on old systems ([\#4124](https://github.com/matrix-org/synapse/issues/4124 ))
- Add STATE_V2_TEST room version ([\#4128](https://github.com/matrix-org/synapse/issues/4128 ))
- Clean up event accesses and tests ([\#4137](https://github.com/matrix-org/synapse/issues/4137 ))
- The default logging config will now set an explicit log file encoding of UTF-8. ([\#4138](https://github.com/matrix-org/synapse/issues/4138 ))
- Add helpers functions for getting prev and auth events of an event ([\#4139](https://github.com/matrix-org/synapse/issues/4139 ))
- Add some tests for the HTTP pusher. ([\#4149](https://github.com/matrix-org/synapse/issues/4149 ))
- add purge_history.sh and purge_remote_media.sh scripts to contrib/ ([\#4155](https://github.com/matrix-org/synapse/issues/4155 ))
- HTTP tests have been refactored to contain less boilerplate. ([\#4156](https://github.com/matrix-org/synapse/issues/4156 ))
- Drop incoming events from federation for unknown rooms ([\#4165](https://github.com/matrix-org/synapse/issues/4165 ))
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEELYHpJ0E46Qa70sEIINaFRWrb6wFAlvzBkIACgkQIINaFRWr
b6x8Nw/+OPgR2kCHwEsIe83Ec9aCXtiuZZmmVmA4Xq37uy7XTADtsIi6cPJHHMG6
fR5Cn7eZXGwvrrRFeLX3IlZBf8CegfA21AkADvpDUp1A5cblH3iV27tdYmpft2E0
DskVCDgESXDn/SOeLMyZg6bOk01ZHAEU5Z466wr7tKlb7GBv+amt6BUWKw+eEilX
SneYFjUpsCiYTJyx/MmoTKba5znbSx7snzMbKi5kZaRr6xI/vvOI+EN293dpgJ8K
ZDkwnjWYJ8RCw/7jctO41qu5zmlrFYA83YKNIguX8hCHp+0Sr8Z4a5SnNekwlUE9
f3jKVs836R4sT0MWLZtFpCUlWOXTjNhHGQNu7QbylPBO0Py8GLrzR5jB4lORwVDD
39X9Ue0N9sEKzCOWqZ8W3VoxCHyjeo5xkA3JxqHgrU5oiRJu5Jypp4zSzlJM7ndu
XqQQhOxZArWNq74mWMutNetGck606dVJ5xR0rSQ9s1FVP36zzWNkrTssATjESmTd
nvpmbHxUG8T6balbXncRxs9xO7A8nBssV+2lLI91ImbdeBIo+8pCkumKMPQe+sjh
4pHnUpqQk9o4BTm5ETk47JzYJxX5N9MO3zRtrlhWOI2/iVmEA+VJuFWt1jEO7iic
OG25upMOD3FVX/+pGZfcNnjMG5ojB8v7M9kfAvxTFCyZrUAnHOU=
=iMv/
-----END PGP SIGNATURE-----
Merge tag 'v0.33.9'
Features
--------
- Include flags to optionally add `m.login.terms` to the registration flow when consent tracking is enabled.
([\#4004](https://github.com/matrix-org/synapse/issues/4004 ), [\#4133](https://github.com/matrix-org/synapse/issues/4133 ),
[\#4142](https://github.com/matrix-org/synapse/issues/4142 ), [\#4184](https://github.com/matrix-org/synapse/issues/4184 ))
- Support for replacing rooms with new ones ([\#4091](https://github.com/matrix-org/synapse/issues/4091 ), [\#4099](https://github.com/matrix-org/synapse/issues/4099 ),
[\#4100](https://github.com/matrix-org/synapse/issues/4100 ), [\#4101](https://github.com/matrix-org/synapse/issues/4101 ))
Bugfixes
--------
- Fix exceptions when using the email mailer on Python 3. ([\#4095](https://github.com/matrix-org/synapse/issues/4095 ))
- Fix e2e key backup with more than 9 backup versions ([\#4113](https://github.com/matrix-org/synapse/issues/4113 ))
- Searches that request profile info now no longer fail with a 500. ([\#4122](https://github.com/matrix-org/synapse/issues/4122 ))
- fix return code of empty key backups ([\#4123](https://github.com/matrix-org/synapse/issues/4123 ))
- If the typing stream ID goes backwards (as on a worker when the master restarts), the worker's typing handler will no longer erroneously report rooms containing new
typing events. ([\#4127](https://github.com/matrix-org/synapse/issues/4127 ))
- Fix table lock of device_lists_remote_cache which could freeze the application ([\#4132](https://github.com/matrix-org/synapse/issues/4132 ))
- Fix exception when using state res v2 algorithm ([\#4135](https://github.com/matrix-org/synapse/issues/4135 ))
- Generating the user consent URI no longer fails on Python 3. ([\#4140](https://github.com/matrix-org/synapse/issues/4140 ),
[\#4163](https://github.com/matrix-org/synapse/issues/4163 ))
- Loading URL previews from the DB cache on Postgres will no longer cause Unicode type errors when responding to the request, and URL previews will no longer fail if
the remote server returns a Content-Type header with the chartype in quotes. ([\#4157](https://github.com/matrix-org/synapse/issues/4157 ))
- The hash_password script now works on Python 3. ([\#4161](https://github.com/matrix-org/synapse/issues/4161 ))
- Fix noop checks when updating device keys, reducing spurious device list update notifications. ([\#4164](https://github.com/matrix-org/synapse/issues/4164 ))
Deprecations and Removals
-------------------------
- The disused and un-specced identicon generator has been removed. ([\#4106](https://github.com/matrix-org/synapse/issues/4106 ))
- The obsolete and non-functional /pull federation endpoint has been removed. ([\#4118](https://github.com/matrix-org/synapse/issues/4118 ))
- The deprecated v1 key exchange endpoints have been removed. ([\#4119](https://github.com/matrix-org/synapse/issues/4119 ))
- Synapse will no longer fetch keys using the fallback deprecated v1 key exchange method and will now always use v2.
([\#4120](https://github.com/matrix-org/synapse/issues/4120 ))
Internal Changes
----------------
- Fix build of Docker image with docker-compose ([\#3778](https://github.com/matrix-org/synapse/issues/3778 ))
- Delete unreferenced state groups during history purge ([\#4006](https://github.com/matrix-org/synapse/issues/4006 ))
- The "Received rdata" log messages on workers is now logged at DEBUG, not INFO. ([\#4108](https://github.com/matrix-org/synapse/issues/4108 ))
- Reduce replication traffic for device lists ([\#4109](https://github.com/matrix-org/synapse/issues/4109 ))
- Fix `synapse_replication_tcp_protocol_*_commands` metric label to be full command name, rather than just the first character
([\#4110](https://github.com/matrix-org/synapse/issues/4110 ))
- Log some bits about room creation ([\#4121](https://github.com/matrix-org/synapse/issues/4121 ))
- Fix `tox` failure on old systems ([\#4124](https://github.com/matrix-org/synapse/issues/4124 ))
- Add STATE_V2_TEST room version ([\#4128](https://github.com/matrix-org/synapse/issues/4128 ))
- Clean up event accesses and tests ([\#4137](https://github.com/matrix-org/synapse/issues/4137 ))
- The default logging config will now set an explicit log file encoding of UTF-8. ([\#4138](https://github.com/matrix-org/synapse/issues/4138 ))
- Add helpers functions for getting prev and auth events of an event ([\#4139](https://github.com/matrix-org/synapse/issues/4139 ))
- Add some tests for the HTTP pusher. ([\#4149](https://github.com/matrix-org/synapse/issues/4149 ))
- add purge_history.sh and purge_remote_media.sh scripts to contrib/ ([\#4155](https://github.com/matrix-org/synapse/issues/4155 ))
- HTTP tests have been refactored to contain less boilerplate. ([\#4156](https://github.com/matrix-org/synapse/issues/4156 ))
- Drop incoming events from federation for unknown rooms ([\#4165](https://github.com/matrix-org/synapse/issues/4165 ))
2018-11-19 12:54:29 -06:00
Amber Brown
47e26f5a4d
towncrier
2018-11-19 12:43:14 -06:00
Amber Brown
d102e19e47
version
2018-11-19 12:42:49 -06:00
Amber Brown
80cac86b2c
Fix fallback auth on Python 3 ( #4197 )
2018-11-19 12:27:33 -06:00
Richard van der Hoff
0c05da2e2e
changelog
2018-11-19 17:07:42 +00:00