Andrew Morgan
e08ea43463
Use the federation blacklist for requests to untrusted Identity Servers ( #6000 )
...
Uses a SimpleHttpClient instance equipped with the federation_ip_range_blacklist list for requests to identity servers provided by user input. Does not use a blacklist when contacting identity servers specified by account_threepid_delegates. The homeserver trusts the latter and we don't want to prevent homeserver admins from specifying delegates that are on internal IP addresses.
Fixes #5935
2019-09-23 20:23:20 +01:00
Andrew Morgan
2c99c63453
Add POST submit_token endpoint for MSISDN ( #6078 )
...
First part of solving #6076
2019-09-23 17:49:00 +01:00
Andrew Morgan
30af161af2
Implement MSC2290 ( #6043 )
...
Implements MSC2290. This PR adds two new endpoints, /unstable/account/3pid/add and /unstable/account/3pid/bind. Depending on the progress of that MSC the unstable prefix may go away.
This PR also removes the blacklist on some 3PID tests which occurs in #6042 , as the corresponding Sytest PR changes them to use the new endpoints.
Finally, it also modifies the account deactivation code such that it doesn't just try to deactivate 3PIDs that were bound to the user's account, but any 3PIDs that were bound through the homeserver on that user's account.
2019-09-23 16:50:27 +01:00
Andrew Morgan
885a4726b7
Return timeout error to user for identity server calls ( #6073 )
2019-09-23 14:37:23 +01:00
Andrew Morgan
df3401a71d
Allow HS to send emails when adding an email to the HS ( #6042 )
2019-09-20 15:21:30 +01:00
Richard van der Hoff
366dc7d2d4
Merge commit '33757bad1' into rav/saml_mapping_work
2019-09-20 11:21:40 +01:00
Richard van der Hoff
33757bad19
More better logging
2019-09-20 11:20:02 +01:00
Richard van der Hoff
b65327ff66
Merge branch 'develop' into rav/saml_mapping_work
2019-09-19 18:13:31 +01:00
Richard van der Hoff
7423fade92
better logging
2019-09-19 17:16:50 +01:00
Andrew Morgan
6670bd4072
v2 3PID Invites (part of MSC2140) ( #5979 )
...
3PID invites require making a request to an identity server to check that the invited 3PID has an Matrix ID linked, and if so, what it is.
These requests are being made on behalf of a user. The user will supply an identity server and an access token for that identity server. The homeserver will then forward this request with the access token (using an `Authorization` header) and, if the given identity server doesn't support v2 endpoints, will fall back to v1 (which doesn't require any access tokens).
Requires: ~~#5976~~
2019-09-17 18:05:13 +01:00
Erik Johnston
70c52821ce
Fix race condition in room stats. ( #6029 )
...
Broke in #5971
Basically the bug is that if get_current_state_deltas returns no new updates and we then take the max pos, its possible that we miss an update that happens in between the two calls. (e.g. get_current_state_deltas looks up to stream pos 5, then an event persists and so getting the max stream pos returns 6, meaning that next time we check for things with a stream pos bigger than 6)
2019-09-17 12:41:23 +01:00
Richard van der Hoff
a8ac40445c
Record mappings from saml users in an external table
...
We want to assign unique mxids to saml users based on an incrementing
suffix. For that to work, we need to record the allocated mxid in a separate
table.
2019-09-13 16:01:46 +01:00
Andrew Morgan
9fc71dc5ee
Use the v2 Identity Service API for lookups (MSC2134 + MSC2140) ( #5976 )
...
This is a redo of https://github.com/matrix-org/synapse/pull/5897 but with `id_access_token` accepted.
Implements [MSC2134](https://github.com/matrix-org/matrix-doc/pull/2134 ) plus Identity Service v2 authentication ala [MSC2140](https://github.com/matrix-org/matrix-doc/pull/2140 ).
Identity lookup-related functions were also moved from `RoomMemberHandler` to `IdentityHandler`.
2019-09-11 16:02:42 +01:00
Erik Johnston
cbcbfe64a2
Merge pull request #6015 from matrix-org/erikj/ratelimit_admin_redaction
...
Allow use of different ratelimits for admin redactions.
2019-09-11 15:39:38 +01:00
Andrew Morgan
9c555f37e3
Add note about extra arg to send_membership_event, remove arg in remote_reject_invite ( #6009 )
...
Some small fixes to `room_member.py` found while doing other PRs.
1. Add requester to the base `_remote_reject_invite` method.
2. `send_membership_event`'s docstring was out of date and took in a `remote_room_hosts` arg that was not used and no calling function provided.
2019-09-11 14:23:24 +01:00
Erik Johnston
57dd41a45b
Fix comments
...
Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
2019-09-11 13:54:50 +01:00
Andrew Morgan
3505ffcda7
Fix existing v2 identity server calls (MSC2140) ( #6013 )
...
Two things I missed while implementing [MSC2140](https://github.com/matrix-org/matrix-doc/pull/2140/files#diff-c03a26de5ac40fb532de19cb7fc2aaf7R80 ).
1. Access tokens should be provided to the identity server as `access_token`, not `id_access_token`, even though the homeserver may accept the tokens as `id_access_token`.
2. Access tokens must be sent to the identity server in a query parameter, the JSON body is not allowed.
We now send the access token as part of an `Authorization: ...` header, which fixes both things.
The breaking code was added in https://github.com/matrix-org/synapse/pull/5892
Sytest PR: https://github.com/matrix-org/sytest/pull/697
2019-09-11 11:59:45 +01:00
Erik Johnston
c64c3bb4c5
Fix how we check for self redaction
2019-09-11 11:18:04 +01:00
Erik Johnston
54ce81c86d
Allow use of different ratelimits for admin redactions.
...
This is useful to allow room admins to quickly deal with a large number
of abusive messages.
2019-09-11 10:46:38 +01:00
Andrew Morgan
cd17a2085e
Remove origin parameter from add_display_name_to_third_party_invite and add params to docstring ( #6010 )
...
Another small fixup noticed during work on a larger PR. The `origin` field of `add_display_name_to_third_party_invite` is not used and likely was just carried over from the `on_PUT` method of `FederationThirdPartyInviteExchangeServlet` which, like all other servlets, provides an `origin` argument.
Since it's not used anywhere in the handler function though, we should remove it from the function arguments.
2019-09-11 10:37:17 +01:00
Erik Johnston
5e9b05d7da
Merge pull request #6011 from matrix-org/anoa/fix_3pid_validation
...
Use account_threepid_delegate for 3pid validation
2019-09-10 18:15:07 +01:00
Andrew Morgan
b5833a2abf
Add changelog
2019-09-10 17:56:10 +01:00
Andrew Morgan
60d3c57bd0
Use account_threepid_delegate for 3pid validation
2019-09-10 17:56:10 +01:00
Jason Robinson
be618e0551
Only count real users when checking for auto-creation of auto-join room
...
Previously if the first registered user was a "support" or "bot" user,
when the first real user registers, the auto-join rooms were not
created.
Fix to exclude non-real (ie users with a special user type) users
when counting how many users there are to determine whether we should
auto-create a room.
Signed-off-by: Jason Robinson <jasonr@matrix.org>
2019-09-09 14:48:08 +03:00
Hubert Chathi
d3f2fbcfe5
add function docs
2019-09-07 14:13:18 -04:00
Hubert Chathi
8e86f5b65c
Merge branch 'develop' into uhoreg/e2e_cross-signing_merged
2019-09-07 13:20:34 -04:00
Hubert Chathi
0d61d1d735
Merge branch 'develop' into cross-signing_sig_upload
2019-09-07 13:14:45 -04:00
Hubert Chathi
415d0a00e0
run black
2019-09-06 16:46:45 -04:00
Hubert Chathi
561cbba057
split out signature processing into separate functions
2019-09-06 16:44:24 -04:00
Andrew Morgan
78801e7f9e
Ensure a sid parameter is passed to bind_threepid ( #5995 )
...
`sid` is required to be part of `three_pid_creds`. We were 500'ing if it wasn't provided instead of returning `M_MISSING_PARAM`.
2019-09-06 15:36:50 +01:00
Erik Johnston
142c9325c2
Correctly handle non-bool m.federate flag
2019-09-06 14:21:06 +01:00
Andrew Morgan
0c0b82b6d1
Allow Synapse to send registration emails + choose Synapse or an external server to handle 3pid validation ( #5987 )
...
This is a combination of a few different PRs, finally all being merged into `develop`:
* #5875
* #5876
* #5868 (This one added the `/versions` flag but the flag itself was actually [backed out](891afb57cb (diff-e591d42d30690ffb79f63bb726200891)
) in #5969 . What's left is just giving /versions access to the config file, which could be useful in the future)
* #5835
* #5969
* #5940
Clients should not actually use the new registration functionality until https://github.com/matrix-org/synapse/pull/5972 is merged.
UPGRADE.rst, changelog entries and config file changes should all be reviewed closely before this PR is merged.
2019-09-06 11:35:28 +01:00
Hubert Chathi
369462da74
avoid modifying input parameter
2019-09-05 17:03:31 -04:00
Erik Johnston
1a6ae33309
Merge pull request #5984 from matrix-org/joriks/opentracing_link_send_to_edu_contexts
...
Link the send loop with the edus contexts
2019-09-05 15:22:24 +01:00
Jorik Schellekens
1d65292e94
Link the send loop with the edus contexts
...
The contexts were being filtered too early so the send loop wasn't
being linked to them unless the destination
was whitelisted.
2019-09-05 14:42:37 +01:00
Andrew Morgan
a0d294c306
Switch to using v2 Identity Service APIs other than lookup (MSC 2140) ( #5892 )
2019-09-05 14:31:22 +01:00
Andrew Morgan
90d17a3d28
Add POST /_matrix/client/r0/account/3pid/unbind (MSC2140) ( #5980 )
...
Implements `POST /_matrix/client/r0/account/3pid/unbind` from [MSC2140](https://github.com/matrix-org/matrix-doc/blob/dbkr/tos_2/proposals/2140-terms-of-service-2.md#post-_matrixclientr0account3pidunbind ).
2019-09-05 14:00:30 +01:00
Hubert Chathi
c8dc740a94
update with newer coding style
2019-09-04 22:30:45 -04:00
Hubert Chathi
7d6c70fc7a
make black happy
2019-09-04 22:04:12 -04:00
Hubert Chathi
ac4746ac4b
allow uploading signatures of master key signed by devices
2019-09-04 22:03:41 -04:00
Hubert Chathi
4bb4544784
implement device signature uploading/fetching
2019-09-04 20:02:56 -04:00
Hubert Chathi
faf72a4c40
Merge branch 'develop' into cross-signing_keys
2019-09-04 19:12:29 -04:00
Andrew Morgan
b736c6cd3a
Remove bind_email and bind_msisdn ( #5964 )
...
Removes the `bind_email` and `bind_msisdn` parameters from the `/register` C/S API endpoint as per [MSC2140: Terms of Service for ISes and IMs](https://github.com/matrix-org/matrix-doc/pull/2140/files#diff-c03a26de5ac40fb532de19cb7fc2aaf7R107 ).
2019-09-04 18:24:23 +01:00
Erik Johnston
6e834e94fc
Fix and refactor room and user stats ( #5971 )
...
Previously the stats were not being correctly populated.
2019-09-04 13:04:27 +01:00
Andrew Morgan
ea128a3e8e
code cleanups
2019-09-03 21:05:06 +01:00
Andrew Morgan
6b6086b8bf
Fix docstring
2019-09-03 20:00:09 +01:00
Andrew Morgan
a98b8583c6
Remove unnecessary variable declaration
2019-09-03 19:58:51 +01:00
Matthew Hodgson
8401bcd206
fix typo
2019-09-03 12:44:14 +01:00
Andrew Morgan
2a44782666
Remove double return statements ( #5962 )
...
Remove all the "double return" statements which were a result of us removing all the instances of
```
defer.returnValue(...)
return
```
statements when we switched to python3 fully.
2019-09-03 11:42:45 +01:00
Jorik Schellekens
a90d16dabc
Opentrace device lists ( #5853 )
...
Trace device list changes.
2019-09-03 10:21:30 +01:00
Andrew Morgan
36f34e6f3d
Remove unused methods from c/s api v1 in register.py ( #5963 )
...
These methods were part of the v1 C/S API. Remove them as they are no longer used by any code paths.
2019-09-02 18:29:21 +01:00
Andrew Morgan
4548d1f87e
Remove unnecessary parentheses around return statements ( #5931 )
...
Python will return a tuple whether there are parentheses around the returned values or not.
I'm just sick of my editor complaining about this all over the place :)
2019-08-30 16:28:26 +01:00
Andrew Morgan
3057095a5d
Revert "Use the v2 lookup API for 3PID invites ( #5897 )" ( #5937 )
...
This reverts commit 71fc04069a
.
This broke 3PID invites as #5892 was required for it to work correctly.
2019-08-30 12:00:20 +01:00
Hubert Chathi
e3d3fbf63f
Merge branch 'uhoreg/e2e_cross-signing_merged' into cross-signing_keys
2019-08-28 17:36:46 -07:00
Hubert Chathi
96bda56370
black
2019-08-28 17:18:40 -07:00
Hubert Chathi
3b0b22cb05
use stream ID generator instead of timestamp
2019-08-28 17:17:21 -07:00
Will Hunt
c8fa620d7a
Merge pull request #5902 from matrix-org/hs/exempt-support-users-from-consent
...
Exempt support users from consent
2019-08-28 16:31:40 +01:00
Andrew Morgan
71fc04069a
Use the v2 lookup API for 3PID invites ( #5897 )
...
Fixes https://github.com/matrix-org/synapse/issues/5861
Adds support for the v2 lookup API as defined in [MSC2134](https://github.com/matrix-org/matrix-doc/pull/2134 ). Currently this is only used for 3PID invites.
Sytest PR: https://github.com/matrix-org/sytest/pull/679
2019-08-28 14:59:26 +02:00
Amber Brown
7dc398586c
Implement a structured logging output system. ( #5680 )
2019-08-28 21:18:53 +10:00
reivilibre
a3f0635686
Merge pull request #5914 from matrix-org/rei/admin_getadmin
...
Add GET method to admin API /users/@user:dom/admin
2019-08-28 09:44:22 +01:00
reivilibre
7ccc251415
Merge pull request #5859 from matrix-org/rei/msc2197
...
MSC2197 Search Filters over Federation
2019-08-28 09:00:21 +01:00
Olivier Wilkinson (reivilibre)
c88a119259
Add GET method to admin API /users/@user:dom/admin
...
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
2019-08-27 13:12:27 +01:00
Richard van der Hoff
ccb15a5bbe
Merge pull request #5906 from matrix-org/neilj/increase_display_name_limit
...
Increase profile display name limit
2019-08-27 11:52:59 +01:00
reivilibre
1a7e6eb633
Add Admin API capability to set adminship of a user ( #5878 )
...
Admin API: Set adminship of a user
2019-08-27 10:14:00 +01:00
Neil Johnson
27d3fc421a
Increase max display name limit
2019-08-24 22:33:43 +01:00
Will Hunt
c998f25006
Apply suggestions from code review
...
Co-Authored-By: Erik Johnston <erik@matrix.org>
2019-08-23 10:28:54 +01:00
Half-Shot
9ba32f6573
Exempt bot users
2019-08-23 09:56:31 +01:00
Half-Shot
886eceba3e
Return user_type in get_user_by_id
2019-08-23 09:14:52 +01:00
Jorik Schellekens
8767b63a82
Propagate opentracing contexts through EDUs ( #5852 )
...
Propagate opentracing contexts through EDUs
Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
2019-08-22 18:21:10 +01:00
Brendan Abolivier
1c5b8c6222
Revert "Add "require_consent" parameter for registration"
...
This reverts commit 3320aaab3a
.
2019-08-22 14:47:34 +01:00
Half-Shot
3320aaab3a
Add "require_consent" parameter for registration
2019-08-22 14:21:54 +01:00
Jorik Schellekens
9a6f2be572
Opentrace e2e keys ( #5855 )
...
Add opentracing tags and logs for e2e keys
2019-08-22 11:28:12 +01:00
Richard van der Hoff
119aa31b10
Servlet to purge old rooms ( #5845 )
2019-08-22 10:42:59 +01:00
Hubert Chathi
814f253f1b
make isort happy
2019-08-21 13:22:15 -07:00
Hubert Chathi
7c3abc6572
apply PR review suggestions
2019-08-21 13:19:35 -07:00
Erik Johnston
d514dac0b2
Merge pull request #5860 from matrix-org/erikj/update_5704_comments
...
Remove logging for #5407 and update comments
2019-08-19 10:20:59 +01:00
Erik Johnston
748aa38378
Remove logging for #5407 and update comments
2019-08-15 12:02:18 +01:00
Olivier Wilkinson (reivilibre)
6fadb560fc
Support MSC2197 outbound with unstable prefix
...
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
2019-08-15 10:59:37 +01:00
Michael Telatynski
baee288fb4
Don't create broken room when power_level_content_override.users does not contain creator_id. ( #5633 )
2019-08-15 09:45:57 +01:00
Erik Johnston
6881f21f3e
Handle TimelineBatch being limited and empty.
...
This hopefully addresses #5407 by gracefully handling an empty but
limited TimelineBatch. We also add some logging to figure out how this
is happening.
2019-08-06 12:59:00 +01:00
Hubert Chathi
fac1cdc562
make changes from PR review
2019-08-01 21:51:19 -04:00
Hubert Chathi
336c546d6a
Merge branch 'cross-signing_hidden' into cross-signing_keys
2019-08-01 16:31:40 -04:00
Brendan Abolivier
8ed9e63432
Account validity: allow defining HTML templates to serve the us… ( #5807 )
...
Account validity: allow defining HTML templates to serve the user on account renewal attempt
2019-08-01 16:09:25 +02:00
Erik Johnston
58af30a6c7
Merge pull request #5802 from matrix-org/erikj/deny_redacting_different_room
...
Deny redaction of events in a different room.
2019-08-01 13:14:46 +01:00
Erik Johnston
0f632f3a57
Merge pull request #5790 from matrix-org/erikj/groups_request_errors
...
Handle RequestSendFailed exception correctly in more places.
2019-08-01 13:14:08 +01:00
Brendan Abolivier
a4a9ded4d0
Allow defining HTML templates to serve the user on account renewal
2019-08-01 11:59:27 +02:00
Erik Johnston
cf89266b98
Deny redaction of events in a different room.
...
We already correctly filter out such redactions, but we should also deny
them over the CS API.
2019-07-31 16:12:27 +01:00
Andrew Morgan
58a755cdc3
Remove duplicate return statement
2019-07-31 13:24:51 +01:00
Erik Johnston
b4d5ff0af7
Don't log as exception when failing durig backfill
2019-07-30 13:19:22 +01:00
Erik Johnston
1ec7d656dd
Unwrap error
2019-07-30 13:09:02 +01:00
Erik Johnston
458e51df7a
Fix error handling when fetching remote device keys
2019-07-30 13:07:02 +01:00
Richard van der Hoff
8c97f6414c
Remove non-functional 'expire_access_token' setting ( #5782 )
...
The `expire_access_token` didn't do what it sounded like it should do. What it
actually did was make Synapse enforce the 'time' caveat on macaroons used as
access tokens, but since our access token macaroons never contained such a
caveat, it was always a no-op.
(The code to add 'time' caveats was removed back in v0.18.5, in #1656 )
2019-07-30 08:25:02 +01:00
Amber Brown
865077f1d1
Room Complexity Client Implementation ( #5783 )
2019-07-30 02:47:27 +10:00
Erik Johnston
aecae8f397
Correctly handle errors doing requests to group servers
2019-07-29 17:21:57 +01:00
Amber Brown
97a8b4caf7
Move some timeout checking logs to DEBUG #5785
2019-07-30 02:02:18 +10:00
Jorik Schellekens
85b0bd8fe0
Update the device list cache when keys/query is called ( #5693 )
2019-07-29 16:34:44 +01:00
Richard van der Hoff
1a93daf353
Merge pull request #5744 from matrix-org/erikj/log_leave_origin_mismatch
...
Log when we receive a /make_* request from a different origin
2019-07-26 12:38:37 +01:00
Richard van der Hoff
d1020653fc
Log when we receive a /make_* request from a different origin
2019-07-26 10:08:22 +01:00
Hubert Chathi
c659b9f94f
allow uploading keys for cross-signing
2019-07-25 11:08:24 -04:00
Erik Johnston
2276936bac
Merge pull request #5743 from matrix-org/erikj/log_origin_receipts_mismatch
...
Log when we receive receipt from a different origin
2019-07-24 13:27:57 +01:00