Andrew Morgan
23ea572125
Add User-Interactive Auth to /account/3pid/add ( #6119 )
2019-11-29 13:51:14 +00:00
Erik Johnston
69d8fb83c6
MSC2367 Allow reason field on all member events
2019-11-28 11:02:04 +00:00
Hubert Chathi
0d27aba900
add etag and count to key backup endpoints ( #5858 )
2019-11-27 16:14:44 -05:00
Richard van der Hoff
ef1a85e773
Fix startup error when http proxy is defined. ( #6421 )
...
Guess I only tested this on python 2 :/
Fixes #6419 .
2019-11-26 18:10:50 +00:00
Andrew Morgan
3916e1b97a
Clean up newline quote marks around the codebase ( #6362 )
2019-11-21 12:00:14 +00:00
Manuel Stahl
4f5ca455bf
Move admin endpoints into separate files ( #6308 )
2019-11-20 11:49:11 +00:00
Brendan Abolivier
83446a18fb
Merge pull request #6335 from matrix-org/erikj/rc_login_cleanups
...
Only do `rc_login` ratelimiting on succesful login.
2019-11-20 09:52:38 +00:00
Brendan Abolivier
271c322d08
Lint
2019-11-20 09:29:48 +00:00
Erik Johnston
c7376cdfe3
Apply suggestions from code review
...
Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
Co-Authored-By: Brendan Abolivier <babolivier@matrix.org>
2019-11-18 17:10:16 +00:00
Erik Johnston
541f1b92d9
Only do rc_login
ratelimiting on succesful login.
...
We were doing this in a number of places which meant that some login
code paths incremented the counter multiple times.
It was also applying ratelimiting to UIA endpoints, which was probably
not intentional.
In particular, some custom auth modules were calling
`check_user_exists`, which incremented the counters, meaning that people
would fail to login sometimes.
2019-11-06 11:08:58 +00:00
Richard van der Hoff
5570d1c93f
Merge pull request #6334 from matrix-org/rav/url_preview_limit_title_2
...
Fix exception when OpenGraph tag values are ints
2019-11-05 17:28:11 +00:00
Richard van der Hoff
81d49cbb07
Fix exception when OpenGraph tag values are ints
2019-11-05 17:22:58 +00:00
Richard van der Hoff
55a7da247a
Merge branch 'develop' into rav/url_preview_limit_title
2019-11-05 17:08:07 +00:00
Richard van der Hoff
e78167c94b
Apply suggestions from code review
...
Co-Authored-By: Brendan Abolivier <babolivier@matrix.org>
Co-Authored-By: Erik Johnston <erik@matrix.org>
2019-11-05 16:46:39 +00:00
Richard van der Hoff
e9bfe719ba
Strip overlong OpenGraph data from url preview
...
... to stop people causing DoSes with malicious web pages
2019-11-05 15:51:18 +00:00
Brendan Abolivier
f496d25877
Merge pull request #6301 from matrix-org/babolivier/msc2326
...
Implement MSC2326 (label based filtering)
2019-11-01 17:04:45 +00:00
Richard van der Hoff
1cb84c6486
Support for routing outbound HTTP requests via a proxy ( #6239 )
...
The `http_proxy` and `HTTPS_PROXY` env vars can be set to a `host[:port]` value which should point to a proxy.
The address of the proxy should be excluded from IP blacklists such as the `url_preview_ip_range_blacklist`.
The proxy will then be used for
* push
* url previews
* phone-home stats
* recaptcha validation
* CAS auth validation
It will *not* be used for:
* Application Services
* Identity servers
* Outbound federation
* In worker configurations, connections from workers to masters
Fixes #4198 .
2019-11-01 14:07:44 +00:00
Brendan Abolivier
e3689ac6f7
Add unstable feature flag
2019-11-01 10:41:23 +00:00
Amber Brown
020add5099
Update black to 19.10b0 ( #6304 )
...
* update version of black and also fix the mypy config being overridden
2019-11-01 02:43:24 +11:00
Andrew Morgan
54fef094b3
Remove usage of deprecated logger.warn method from codebase ( #6271 )
...
Replace every instance of `logger.warn` with `logger.warning` as the former is deprecated.
2019-10-31 10:23:24 +00:00
Erik Johnston
770d1ef673
Merge pull request #6280 from matrix-org/erikj/receipts_async_await
...
Port receipt and read markers to async/wait
2019-10-30 11:44:18 +01:00
Erik Johnston
2c35ffead2
Port receipt and read markers to async/wait
2019-10-29 15:08:22 +00:00
Erik Johnston
9be41bc121
Port room rest handlers to async/await
2019-10-29 13:09:29 +00:00
Michael Kaye
e4d98188da
Address codestyle concerns
2019-10-24 18:43:13 +01:00
Michael Kaye
8f4a808d9d
Delay printf until logging is required.
...
Using % will cause the string to be generated even if debugging
is off.
2019-10-24 18:31:53 +01:00
Hubert Chathi
36adfaedab
Merge branch 'develop' into cross-signing_sig_upload
2019-10-18 18:34:42 +01:00
Hubert Chathi
cfc28325a6
Merge branch 'develop' into uhoreg/e2e_cross-signing_merged
2019-10-18 11:39:40 +01:00
Erik Johnston
d98029ea89
Merge pull request #6196 from matrix-org/erikj/await
...
Move rest/admin to use async/await.
2019-10-18 11:53:02 +02:00
Erik Johnston
2e97a4c197
Port synapse/rest/client/_base.py to async/await
2019-10-11 15:29:26 +01:00
Erik Johnston
3c2d6c708c
Add maybe_awaitable and fix __init__ bugs
2019-10-11 15:26:09 +01:00
Hubert Chathi
691dd67fcd
Merge pull request #6189 from matrix-org/uhoreg/e2e_backup_optional_version
...
make version optional in body of e2e backup version update
2019-10-11 10:11:59 -04:00
Valérian Rousset
be9b55e0d2
cas: support setting display name ( #6114 )
...
Now, the CAS server can return an attribute stating what's the desired displayname, instead of using the username directly.
2019-10-11 12:33:12 +01:00
Erik Johnston
dfbb62c28d
Port synaps/rest/client/users.py to async/await
2019-10-11 12:21:40 +01:00
Erik Johnston
f95325e22a
Port synaps/rest/client/server_notice_servlet.py to async/await
2019-10-11 12:21:40 +01:00
Erik Johnston
281f887090
Port synaps/rest/client/media.py to async/await
2019-10-11 12:21:40 +01:00
Erik Johnston
fca3a541e7
Port rest/admin/__init__.py to async/await
2019-10-11 12:17:52 +01:00
Erik Johnston
ca3e01e50d
Fix store_url_cache using bytes
2019-10-10 14:52:29 +01:00
krombel
2efd050c9d
send 404 as http-status when filter-id is unknown to the server ( #2380 )
...
This fixed the weirdness of 400 vs 404 as http status code in the case
the filter id is not known by the server.
As e.g. matrix-js-sdk expects 404 to catch this situation this leads
to unwanted behaviour.
2019-10-10 12:59:55 +01:00
Hubert Chathi
4535a07f4a
make version optional in body of e2e backup version update
...
to agree with latest version of the MSC
2019-10-09 17:54:03 -04:00
Anshul Angaria
474abf1eb6
add M_TOO_LARGE error code for uploading a too large file ( #6151 )
...
Fixes #6109
2019-10-08 13:55:16 +01:00
Michael Kaye
dc795ba709
Log responder we are using. ( #6139 )
...
This prevents us logging "Responding to media request with responder %s".
2019-10-07 15:41:25 +01:00
Robert Swain
39b40d6d99
media/thumbnailer: Better quality for 1-bit / 8-bit color palette images ( #2142 )
...
Pillow will use nearest neighbour as the resampling algorithm if the
source image is either 1-bit or a color palette using 8 bits. If we
convert to RGB before scaling, we'll probably get a better result.
2019-10-04 09:34:52 +01:00
Erik Johnston
a5166e4d5f
Land improved room list based on room stats ( #6019 )
...
Use room_stats and room_state for room directory search
2019-10-02 14:08:35 +01:00
Erik Johnston
67ee18daea
Merge pull request #6108 from matrix-org/erikj/remove_get_user_by_req-span
...
Add some helpful opentracing tags and remove get_user_by_req span
2019-09-27 10:02:57 +01:00
Richard van der Hoff
54569c787b
Kill off half-implemented password-reset via sms ( #6101 )
...
Doing a password reset via SMS has never worked, and in any case is a silly
idea because msisdn recycling is a thing.
See also matrix-org/matrix-doc#2303 .
2019-09-26 15:38:25 +01:00
Richard van der Hoff
990928abde
Stop advertising unsupported flows for registration ( #6107 )
...
If email or msisdn verification aren't supported, let's stop advertising them
for registration.
Fixes #6100 .
2019-09-25 12:10:26 +01:00
Erik Johnston
dc2c97e1a3
isort
2019-09-25 11:59:05 +01:00
Erik Johnston
5d99713854
Add tags for event_id and txn_id in event sending
...
This will make it easier to search for sending event requests.
2019-09-25 11:39:15 +01:00
Richard van der Hoff
8004d6ca2f
Refactor code for calculating registration flows ( #6106 )
...
because, frankly, it looked like it was written by an axe-murderer.
This should be a non-functional change, except that where `m.login.dummy` was
previously advertised *before* `m.login.terms`, it will now be advertised
afterwards. AFAICT that should have no effect, and will be more consistent with
the flows that involve passing a 3pid.
2019-09-25 11:32:05 +01:00
Richard van der Hoff
ed8b92f0d2
Merge remote-tracking branch 'origin/develop' into rav/saml_mapping_work
2019-09-24 12:57:32 +01:00