Erik Johnston
338df4f409
Merge pull request #1649 from matrix-org/dbkr/log_ui_auth_args
...
Log the args that we have on UI auth completion
2016-12-05 16:40:58 +00:00
Richard van der Hoff
aa09d6b8f0
Rip out more refresh_token code
...
We might as well treat all refresh_tokens as invalid. Just return a 403 from
/tokenrefresh, so that we don't have a load of dead, untestable code hanging
around.
Still TODO: removing the table from the schema.
2016-11-30 17:40:18 +00:00
Richard van der Hoff
dc4b23e1a1
Merge branch 'develop' into rav/no_more_refresh_tokens
2016-11-30 17:10:04 +00:00
Richard van der Hoff
1c4f05db41
Stop putting a time caveat on access tokens
...
The 'time' caveat on the access tokens was something of a lie, since we weren't
enforcing it; more pertinently its presence stops us ever adding useful time
caveats.
Let's move in the right direction by not lying in our caveats.
2016-11-29 16:49:41 +00:00
Richard van der Hoff
5c4edc83b5
Stop generating refresh tokens
...
Since we're not doing refresh tokens any more, we should start killing off the
dead code paths. /tokenrefresh itself is a bit of a thornier subject, since
there might be apps out there using it, but we can at least not generate
refresh tokens on new logins.
2016-11-28 10:13:01 +00:00
David Baker
c9d4e7b716
Clarify that creds doesn not contain passwords.
2016-11-24 10:54:59 +00:00
David Baker
f681aab895
Log the args that we have on UI auth completion
...
This will be super helpful for debugging if we have more
registration woes.
2016-11-24 10:11:45 +00:00
Erik Johnston
feec718265
Shuffle receipt handler around so that worker apps don't need to load it
2016-11-23 15:14:24 +00:00
Erik Johnston
b69f76c106
Merge branch 'develop' of github.com:matrix-org/synapse into erikj/split_out_fed_txn
2016-11-23 11:31:53 +00:00
Kegan Dougal
83bcdcee61
Return early on /sync code paths if a '*' filter is used
...
This is currently very conservative in that it only does this if there is no
`since` token. This limits the risk to clients likely to be doing one-off
syncs (like bridges), but does mean that normal human clients won't benefit
from the time savings here. If the savings are large enough, I would consider
generalising this to just check the filter.
2016-11-22 16:38:35 +00:00
Erik Johnston
9687e039e7
Remove explicit calls to send_pdu
2016-11-21 14:48:51 +00:00
Erik Johnston
f8ee66250a
Handle sending events and device messages over federation
2016-11-17 15:48:04 +00:00
Erik Johnston
59ef517e6b
Use new federation_sender DI
2016-11-16 14:47:52 +00:00
Erik Johnston
d56c39cf24
Use external ldap auth pacakge
2016-11-15 13:03:19 +00:00
Erik Johnston
64038b806c
Comments
2016-11-11 10:42:08 +00:00
Erik Johnston
2bd4513a4d
Limit the number of events that can be created on a given room concurretnly
2016-11-10 16:44:35 +00:00
Erik Johnston
a4632783fb
Sample correctly
2016-11-08 11:20:26 +00:00
Erik Johnston
eeda4e618c
Limit the number of prev_events of new events
2016-11-08 11:02:29 +00:00
David Baker
9084720993
Don't error on non-ascii passwords
2016-11-03 10:42:14 +00:00
Erik Johnston
2ef617bc06
Fix infinite typing bug
...
There's a bug somewhere that causes typing notifications to not be timed
out properly. By adding a paranoia timer and using correct inequalities
notifications should stop being stuck, even if it the root cause hasn't
been fixed.
2016-10-24 15:51:22 +01:00
Erik Johnston
d04e2ff3a4
Fix incredubly slow back pagination query
...
If a client didn't specify a from token when paginating backwards
synapse would attempt to query the (global) maximum topological token.
This a) doesn't make much sense since they're room specific and b) there
are no indices that lets postgres do this efficiently.
2016-10-24 13:35:51 +01:00
Luke Barnard
e01a1bc92d
Merge pull request #1175 from matrix-org/luke/feature-configurable-as-rate-limiting
...
Allow Configurable Rate Limiting Per AS
2016-10-20 16:21:10 +01:00
Luke Barnard
f09db236b1
as_user->app_service, less redundant comments, better positioned comments
2016-10-20 12:04:54 +01:00
Luke Barnard
1b17d1a106
Use real AS object by passing it through the requester
...
This means synapse does not have to check if the AS is interested, but instead it effectively re-uses what it already knew about the requesting user
2016-10-20 11:43:05 +01:00
Erik Johnston
3aa8925091
Merge pull request #1176 from matrix-org/erikj/eager_ratelimit_check
...
Check whether to ratelimit sooner to avoid work
2016-10-19 14:25:52 +01:00
Erik Johnston
f2f74ffce6
Comment
2016-10-19 14:21:28 +01:00
David Baker
df2a616c7b
Convert emails to lowercase when storing
...
And db migration sql to convert existing addresses.
2016-10-19 11:13:55 +01:00
Erik Johnston
550308c7a1
Check whether to ratelimit sooner to avoid work
2016-10-19 10:45:24 +01:00
Luke Barnard
5b54d51d1e
Allow Configurable Rate Limiting Per AS
...
This adds a flag loaded from the registration file of an AS that will determine whether or not its users are rate limited (by ratelimit in _base.py). Needed for IRC bridge reasons - see https://github.com/matrix-org/matrix-appservice-irc/issues/240 .
2016-10-18 17:04:09 +01:00
Erik Johnston
35e2cc8b52
Merge pull request #1155 from matrix-org/erikj/pluggable_pwd_auth
...
Implement pluggable password auth
2016-10-12 11:41:20 +01:00
Richard van der Hoff
0061e8744f
Merge pull request #1166 from matrix-org/rav/grandfather_broken_riot_signup
...
Work around email-spamming Riot bug
2016-10-11 11:58:58 +01:00
Richard van der Hoff
fa74fcf512
Work around email-spamming Riot bug
...
5d9546f9
introduced a change to synapse behaviour, in that failures in the
interactive-auth process would return the flows and params data as well as an
error code (as specced in https://github.com/matrix-org/matrix-doc/pull/397 ).
That change exposed a bug in Riot which would make it request a new validation
token (and send a new email) each time it got a 401 with a `flows` parameter
(see https://github.com/vector-im/vector-web/issues/2447 and the fix at
https://github.com/matrix-org/matrix-react-sdk/pull/510 ).
To preserve compatibility with broken versions of Riot, grandfather in the old
behaviour for the email validation stage.
2016-10-11 11:34:40 +01:00
Erik Johnston
a2f2516199
Merge pull request #1157 from Rugvip/nolimit
...
Remove rate limiting from app service senders and fix get_or_create_user requester
2016-10-11 11:20:54 +01:00
Richard van der Hoff
8681aff4f1
Merge pull request #1160 from matrix-org/rav/401_on_password_fail
...
Interactive Auth: Return 401 from for incorrect password
2016-10-07 10:57:43 +01:00
Richard van der Hoff
5d9546f9f4
Interactive Auth: Return 401 from for incorrect password
...
This requires a bit of fettling, because I want to return a helpful error
message too but we don't want to distinguish between unknown user and invalid
password. To avoid hardcoding the error message into 15 places in the code,
I've had to refactor a few methods to return None instead of throwing.
Fixes https://matrix.org/jira/browse/SYN-744
2016-10-07 00:00:00 +01:00
Patrik Oldsberg
7b5546d077
rest/client/v1/register: use the correct requester in createUser
...
Signed-off-by: Patrik Oldsberg <patrik.oldsberg@ericsson.com>
2016-10-06 22:12:32 +02:00
Patrik Oldsberg
3de7c8a4d0
handlers/profile: added admin override for set_displayname and set_avatar_url
...
Signed-off-by: Patrik Oldsberg <patrik.oldsberg@ericsson.com>
2016-10-06 15:24:59 +02:00
Patrik Oldsberg
2ff2d36b80
handers: do not ratelimit app service senders
...
Signed-off-by: Patrik Oldsberg <patrik.oldsberg@ericsson.com>
2016-10-06 15:24:59 +02:00
Patrik Oldsberg
9bfc617791
storage/appservice: make appservice methods only relying on the cache synchronous
2016-10-06 15:24:59 +02:00
Erik Johnston
850b103b36
Implement pluggable password auth
...
Allows delegating the password auth to an external module. This also
moves the LDAP auth to using this system, allowing it to be removed from
the synapse tree entirely in the future.
2016-10-03 10:36:40 +01:00
Martin Weinelt
3027ea22b0
Restructure ldap authentication
...
- properly parse return values of ldap bind() calls
- externalize authentication methods
- change control flow to be more error-resilient
- unbind ldap connections in many places
- improve log messages and loglevels
2016-09-29 15:30:08 +01:00
Erik Johnston
655891d179
Move FEDERATION_PING_INTERVAL timer. Update log line
2016-09-23 15:43:34 +01:00
Erik Johnston
22578545a0
Time out typing over federation
2016-09-23 14:00:52 +01:00
Erik Johnston
667fcd54e8
Merge pull request #1136 from matrix-org/erikj/fix_signed_3pid
...
Allow invites via 3pid to bypass sender sig check
2016-09-22 13:41:49 +01:00
Erik Johnston
81964aeb90
Merge pull request #1132 from matrix-org/erikj/initial_sync_split
...
Support /initialSync in synchrotron worker
2016-09-22 12:45:02 +01:00
Erik Johnston
2e9ee30969
Add comments
2016-09-22 11:59:46 +01:00
Erik Johnston
1168cbd54d
Allow invites via 3pid to bypass sender sig check
...
When a server sends a third party invite another server may be the one
that the inviting user registers with. In this case it is that remote
server that will issue an actual invitation, and wants to do it "in the
name of" the original invitee. However, the new proper invite will not
be signed by the original server, and thus other servers would reject
the invite if it was seen as coming from the original user.
To fix this, a special case has been added to the auth rules whereby
another server can send an invite "in the name of" another server's
user, so long as that user had previously issued a third party invite
that is now being accepted.
2016-09-22 10:56:53 +01:00
Erik Johnston
90c070c850
Add total_room_count_estimate to /publicRooms
2016-09-21 13:30:05 +01:00
Erik Johnston
87528f0756
Support /initialSync in synchrotron worker
2016-09-21 11:46:28 +01:00
Erik Johnston
39af634dd2
Merge pull request #1130 from matrix-org/erikj/fix_pubroom_pag
...
Handle fact that _generate_room_entry may not return a room entry
2016-09-19 10:13:59 +01:00
Erik Johnston
4d49e0bdfd
PEP8
2016-09-17 18:09:22 +01:00
Erik Johnston
81570abfb2
Handle fact that _generate_room_entry may not return a room entry
2016-09-17 18:01:54 +01:00
Erik Johnston
eb24aecf8c
Merge pull request #1129 from matrix-org/erikj/fix_pubroom_pag
...
Fix and clean up publicRooms pagination
2016-09-17 15:30:34 +01:00
Erik Johnston
a298331de4
Spelling
2016-09-17 14:59:40 +01:00
Erik Johnston
71edaae981
Fix and clean up publicRooms pagination
2016-09-17 14:46:19 +01:00
David Baker
5336acd46f
Make public room search case insensitive
2016-09-16 19:02:42 +01:00
Erik Johnston
b7b62bf9ea
Comment
2016-09-16 11:00:29 +01:00
Erik Johnston
d84319ae10
Add remote reoom cache
2016-09-16 10:31:59 +01:00
Erik Johnston
23b6701a28
Support filtering remote room lists
2016-09-16 10:24:15 +01:00
Erik Johnston
e58a9d781c
Filter remote rooms lists locally
2016-09-16 10:19:32 +01:00
Erik Johnston
74d4cdee25
Don't cache searched in /publicRooms
2016-09-16 09:05:11 +01:00
Erik Johnston
098db4aa52
Add very basic filter API to /publicRooms
2016-09-15 17:50:16 +01:00
Erik Johnston
c33b25fd8d
Change the way we calculate new_limit in /publicRooms and add POST API
2016-09-15 17:35:20 +01:00
Erik Johnston
e457034e99
Merge pull request #1121 from matrix-org/erikj/public_room_paginate
...
Add pagination support to publicRooms
2016-09-15 13:27:09 +01:00
Erik Johnston
4fb65a1091
Base public room list off of public_rooms stream
2016-09-15 11:27:04 +01:00
Erik Johnston
5810cffd33
Pass since/from parameters over federation
2016-09-15 10:36:19 +01:00
Erik Johnston
f3eead0660
Allow paginating both forwards and backwards
2016-09-15 10:15:37 +01:00
Erik Johnston
4131381123
Remove support for aggregate room lists
2016-09-15 09:28:15 +01:00
Erik Johnston
4f181f361d
Accept optional token to public room list
2016-09-15 09:08:57 +01:00
Erik Johnston
c566f0ee17
Calculate the public room list from a stream_ordering
2016-09-14 17:42:47 +01:00
Erik Johnston
772c6067a3
Refactor public rooms to not pull out the full state for each room
2016-09-14 17:29:25 +01:00
Erik Johnston
264a48aedf
Merge pull request #1117 from matrix-org/erikj/fix_state
...
Ensure we don't mutate state cache entries
2016-09-14 16:50:37 +01:00
Erik Johnston
a70a43bc51
Move RoomListHandler into a separate file
2016-09-14 14:07:37 +01:00
Erik Johnston
d5ae1f1291
Ensure we don't mutate state cache entries
2016-09-14 10:03:48 +01:00
Matthew Hodgson
1b01488d27
Merge pull request #1111 from matrix-org/matthew/device-ids
...
make device IDs more useful for human disambiguation
2016-09-14 01:18:02 +01:00
Paul Evans
0f73f0e70e
Merge pull request #1116 from matrix-org/paul/tiny-fixes
...
Fix typo "persiting"
2016-09-13 13:27:42 +01:00
Paul "LeoNerd" Evans
ca35e54d6b
Fix typo "persiting"
2016-09-13 13:26:33 +01:00
Mark Haines
ad816b0add
Limit how often we ask for keys from dead servers
2016-09-13 11:53:50 +01:00
Mark Haines
18ab019a4a
Move the E2E key handling into the e2e handler
2016-09-13 11:35:35 +01:00
Mark Haines
76b09c29b0
Merge pull request #1110 from matrix-org/markjh/e2e_timeout
...
Add a timeout parameter for end2end key queries.
2016-09-13 10:50:45 +01:00
Matthew Hodgson
edbcb4152b
make device IDs more useful for human disambiguation
2016-09-13 00:02:39 +01:00
Mark Haines
949c2c5435
Add a timeout parameter for end2end key queries.
...
Add a timeout parameter for controlling how long synapse will wait
for responses from remote servers. For servers that fail include how
they failed to make it easier to debug.
Fetch keys from different servers in parallel rather than in series.
Set the default timeout to 10s.
2016-09-12 18:17:09 +01:00
Erik Johnston
48a5a7552d
Add is_direct param to /createRoom
2016-09-12 16:34:20 +01:00
Erik Johnston
3265def8c7
Merge branch 'develop' of github.com:matrix-org/synapse into erikj/batch_edus
2016-09-09 18:06:01 +01:00
Erik Johnston
52b2318777
Clobber EDUs in send queue
2016-09-09 15:59:08 +01:00
Paul Evans
56f38d1776
Merge pull request #1091 from matrix-org/paul/third-party-lookup
...
Improvements to 3PE lookup API
2016-09-09 15:43:11 +01:00
Paul "LeoNerd" Evans
ed44c475d8
Reject malformed 3PE query metadata results earlier in AS API handling code
2016-09-09 15:07:04 +01:00
Paul "LeoNerd" Evans
f25d74f69c
Minor fixes from PR comments
2016-09-09 14:54:16 +01:00
Erik Johnston
6c4d582144
Deduplicate presence in _update_states
2016-09-09 14:28:22 +01:00
Paul "LeoNerd" Evans
25eb769b26
Efficiency fix for lookups of a single protocol
2016-09-09 13:25:02 +01:00
Paul "LeoNerd" Evans
033d43e419
Don't corrupt shared cache on subsequent protocol requests
2016-09-09 13:10:36 +01:00
Paul "LeoNerd" Evans
2f267ee160
Collect up all the "instances" lists of individual AS protocol results into one combined answer to the client
2016-09-08 17:43:53 +01:00
Erik Johnston
257025ac89
Merge pull request #1082 from matrix-org/erikj/remote_public_rooms
...
Add server param to /publicRooms
2016-09-08 16:04:22 +01:00
Erik Johnston
8b93af662d
Check the user_id for presence/typing matches origin
2016-09-08 15:07:38 +01:00
Mark Haines
fa9d36e050
Merge branch 'develop' into markjh/direct_to_device_federation
2016-09-08 13:43:43 +01:00
Erik Johnston
791658b576
Add server param to /publicRooms
2016-09-08 11:53:05 +01:00
Mark Haines
43954d000e
Add a new method to enqueue the device messages rather than sending a dummy EDU
2016-09-07 16:10:51 +01:00
Mark Haines
d4a35ada28
Send device messages over federation
2016-09-06 18:16:20 +01:00
Erik Johnston
3c4208a057
Record counts of state changes
2016-09-06 11:31:01 +01:00
Erik Johnston
438ef47637
Short circuit if presence is the same
2016-09-06 10:28:35 +01:00