Merge remote-tracking branch 'origin/develop' into rav/event_auth/4

2019-11-18 12:05:36 +00:00 · 2019-11-18 12:05:36 +00:00 · 870c00e278
parent 20d687516f 657d614f6a
commit 870c00e278
30 changed files with 85 additions and 47 deletions
--- a/changelog.d/6220.feature
+++ b/changelog.d/6220.feature
@ -0,0 +1 @@
+Increase default room version from 4 to 5, thereby enforcing server key validity period checks.
--- a/changelog.d/6317.misc
+++ b/changelog.d/6317.misc
@ -0,0 +1 @@
+Add optional python dependencies and dependant binary libraries to snapcraft packaging.
--- a/changelog.d/6357.misc
+++ b/changelog.d/6357.misc
@ -0,0 +1 @@
+Correct spacing/case of various instances of the word "homeserver".
--- a/changelog.d/6359.bugfix
+++ b/changelog.d/6359.bugfix
@ -0,0 +1 @@
+Fix bug where upgrading a guest account to a full user would fail when account validity is enabled.
--- a/changelog.d/6361.misc
+++ b/changelog.d/6361.misc
@ -0,0 +1 @@
+Temporarily blacklist the failing unit test PurgeRoomTestCase.test_purge_room.
--- a/changelog.d/6363.bugfix
+++ b/changelog.d/6363.bugfix
@ -0,0 +1 @@
+Fix `to_device` stream ID getting reset every time Synapse restarts, which had the potential to cause unable to decrypt errors.
--- a/docs/sample_config.yaml
+++ b/docs/sample_config.yaml
@ -72,7 +72,7 @@ pid_file: DATADIR/homeserver.pid
 # For example, for room version 1, default_room_version should be set
 # to "1".
 #
-#default_room_version: "4"
+#default_room_version: "5"

 # The GC threshold parameters to pass to `gc.set_threshold`, if defined
 #
@ -287,7 +287,7 @@ listeners:
 # Used by phonehome stats to group together related servers.
 #server_context: context

-# Resource-constrained Homeserver Settings
+# Resource-constrained homeserver Settings
 #
 # If limit_remote_rooms.enabled is True, the room complexity will be
 # checked before a user joins a new remote room. If it is above
@ -743,11 +743,11 @@ uploads_path: "DATADIR/uploads"
 ## Captcha ##
 # See docs/CAPTCHA_SETUP for full details of configuring this.

-# This Home Server's ReCAPTCHA public key.
+# This homeserver's ReCAPTCHA public key.
 #
 #recaptcha_public_key: "YOUR_PUBLIC_KEY"

-# This Home Server's ReCAPTCHA private key.
+# This homeserver's ReCAPTCHA private key.
 #
 #recaptcha_private_key: "YOUR_PRIVATE_KEY"

@ -1270,7 +1270,7 @@ password_config:
 #   smtp_user: "exampleusername"
 #   smtp_pass: "examplepassword"
 #   require_transport_security: false
-#   notif_from: "Your Friendly %(app)s Home Server <noreply@example.com>"
+#   notif_from: "Your Friendly %(app)s homeserver <noreply@example.com>"
 #   app_name: Matrix
 #
 #   # Enable email notifications by default
--- a/snap/snapcraft.yaml
+++ b/snap/snapcraft.yaml
@ -20,3 +20,23 @@ parts:
    source: .
    plugin: python
    python-version: python3
+    python-packages:
+      - '.[all]'
+    build-packages:
+      - libffi-dev
+      - libturbojpeg0-dev
+      - libssl-dev
+      - libxslt1-dev
+      - libpq-dev
+      - zlib1g-dev
+    stage-packages:
+      - libasn1-8-heimdal
+      - libgssapi3-heimdal
+      - libhcrypto4-heimdal
+      - libheimbase1-heimdal
+      - libheimntlm0-heimdal
+      - libhx509-5-heimdal
+      - libkrb5-26-heimdal
+      - libldap-2.4-2
+      - libpq5
+      - libsasl2-2
--- a/synapse/config/captcha.py
+++ b/synapse/config/captcha.py
@ -35,11 +35,11 @@ class CaptchaConfig(Config):
        ## Captcha ##
        # See docs/CAPTCHA_SETUP for full details of configuring this.

-        # This Home Server's ReCAPTCHA public key.
+        # This homeserver's ReCAPTCHA public key.
        #
        #recaptcha_public_key: "YOUR_PUBLIC_KEY"

-        # This Home Server's ReCAPTCHA private key.
+        # This homeserver's ReCAPTCHA private key.
        #
        #recaptcha_private_key: "YOUR_PRIVATE_KEY"

--- a/synapse/config/emailconfig.py
+++ b/synapse/config/emailconfig.py
@ -305,7 +305,7 @@ class EmailConfig(Config):
        #   smtp_user: "exampleusername"
        #   smtp_pass: "examplepassword"
        #   require_transport_security: false
-        #   notif_from: "Your Friendly %(app)s Home Server <noreply@example.com>"
+        #   notif_from: "Your Friendly %(app)s homeserver <noreply@example.com>"
        #   app_name: Matrix
        #
        #   # Enable email notifications by default
--- a/synapse/config/server.py
+++ b/synapse/config/server.py
@ -41,7 +41,7 @@ logger = logging.Logger(__name__)
 # in the list.
 DEFAULT_BIND_ADDRESSES = ["::", "0.0.0.0"]

-DEFAULT_ROOM_VERSION = "4"
+DEFAULT_ROOM_VERSION = "5"

 ROOM_COMPLEXITY_TOO_GREAT = (
    "Your homeserver is unable to join rooms this large or complex. "
@ -721,7 +721,7 @@ class ServerConfig(Config):
        # Used by phonehome stats to group together related servers.
        #server_context: context

-        # Resource-constrained Homeserver Settings
+        # Resource-constrained homeserver Settings
        #
        # If limit_remote_rooms.enabled is True, the room complexity will be
        # checked before a user joins a new remote room. If it is above
--- a/synapse/handlers/auth.py
+++ b/synapse/handlers/auth.py
@ -810,7 +810,7 @@ class AuthHandler(BaseHandler):
    @defer.inlineCallbacks
    def add_threepid(self, user_id, medium, address, validated_at):
        # 'Canonicalise' email addresses down to lower case.
-        # We've now moving towards the Home Server being the entity that
+        # We've now moving towards the homeserver being the entity that
        # is responsible for validating threepids used for resetting passwords
        # on accounts, so in future Synapse will gain knowledge of specific
        # types (mediums) of threepid. For now, we still use the existing
--- a/synapse/handlers/directory.py
+++ b/synapse/handlers/directory.py
@ -283,7 +283,7 @@ class DirectoryHandler(BaseHandler):
    def on_directory_query(self, args):
        room_alias = RoomAlias.from_string(args["room_alias"])
        if not self.hs.is_mine(room_alias):
-            raise SynapseError(400, "Room Alias is not hosted on this Home Server")
+            raise SynapseError(400, "Room Alias is not hosted on this homeserver")

        result = yield self.get_association_from_room_alias(room_alias)

--- a/synapse/handlers/profile.py
+++ b/synapse/handlers/profile.py
@ -152,7 +152,7 @@ class BaseProfileHandler(BaseHandler):
            by_admin (bool): Whether this change was made by an administrator.
        """
        if not self.hs.is_mine(target_user):
-            raise SynapseError(400, "User is not hosted on this Home Server")
+            raise SynapseError(400, "User is not hosted on this homeserver")

        if not by_admin and target_user != requester.user:
            raise AuthError(400, "Cannot set another user's displayname")
@ -207,7 +207,7 @@ class BaseProfileHandler(BaseHandler):
        """target_user is the user whose avatar_url is to be changed;
        auth_user is the user attempting to make this change."""
        if not self.hs.is_mine(target_user):
-            raise SynapseError(400, "User is not hosted on this Home Server")
+            raise SynapseError(400, "User is not hosted on this homeserver")

        if not by_admin and target_user != requester.user:
            raise AuthError(400, "Cannot set another user's avatar_url")
@ -231,7 +231,7 @@ class BaseProfileHandler(BaseHandler):
    def on_profile_query(self, args):
        user = UserID.from_string(args["user_id"])
        if not self.hs.is_mine(user):
-            raise SynapseError(400, "User is not hosted on this Home Server")
+            raise SynapseError(400, "User is not hosted on this homeserver")

        just_field = args.get("field", None)

--- a/synapse/handlers/typing.py
+++ b/synapse/handlers/typing.py
@ -120,7 +120,7 @@ class TypingHandler(object):
        auth_user_id = auth_user.to_string()

        if not self.is_mine_id(target_user_id):
-            raise SynapseError(400, "User is not hosted on this Home Server")
+            raise SynapseError(400, "User is not hosted on this homeserver")

        if target_user_id != auth_user_id:
            raise AuthError(400, "Cannot set another user's typing state")
@ -150,7 +150,7 @@ class TypingHandler(object):
        auth_user_id = auth_user.to_string()

        if not self.is_mine_id(target_user_id):
-            raise SynapseError(400, "User is not hosted on this Home Server")
+            raise SynapseError(400, "User is not hosted on this homeserver")

        if target_user_id != auth_user_id:
            raise AuthError(400, "Cannot set another user's typing state")
--- a/synapse/logging/_terse_json.py
+++ b/synapse/logging/_terse_json.py
@ -153,7 +153,7 @@ class TerseJSONToTCPLogObserver(object):
    An IObserver that writes JSON logs to a TCP target.

    Args:
-        hs (HomeServer): The Homeserver that is being logged for.
+        hs (HomeServer): The homeserver that is being logged for.
        host: The host of the logging target.
        port: The logging target's port.
        metadata: Metadata to be added to each log entry.
--- a/synapse/storage/_base.py
+++ b/synapse/storage/_base.py
@ -361,14 +361,11 @@ class SQLBaseStore(object):
                expiration_ts,
            )

-        self._simple_insert_txn(
+        self._simple_upsert_txn(
            txn,
            "account_validity",
-            values={
-                "user_id": user_id,
-                "expiration_ts_ms": expiration_ts,
-                "email_sent": False,
-            },
+            keyvalues={"user_id": user_id},
+            values={"expiration_ts_ms": expiration_ts, "email_sent": False},
        )

    def start_profiling(self):
--- a/synapse/storage/data_stores/main/deviceinbox.py
+++ b/synapse/storage/data_stores/main/deviceinbox.py
@ -358,8 +358,21 @@ class DeviceInboxStore(DeviceInboxWorkerStore, DeviceInboxBackgroundUpdateStore)
    def _add_messages_to_local_device_inbox_txn(
        self, txn, stream_id, messages_by_user_then_device
    ):
-        sql = "UPDATE device_max_stream_id" " SET stream_id = ?" " WHERE stream_id < ?"
-        txn.execute(sql, (stream_id, stream_id))
+        # Compatible method of performing an upsert
+        sql = "SELECT stream_id FROM device_max_stream_id"
+
+        txn.execute(sql)
+        rows = txn.fetchone()
+        if rows:
+            db_stream_id = rows[0]
+            if db_stream_id < stream_id:
+                # Insert the new stream_id
+                sql = "UPDATE device_max_stream_id SET stream_id = ?"
+        else:
+            # No rows, perform an insert
+            sql = "INSERT INTO device_max_stream_id (stream_id) VALUES (?)"
+
+        txn.execute(sql, (stream_id,))

        local_by_user_then_device = {}
        for user_id, messages_by_device in messages_by_user_then_device.items():
--- a/synapse/util/httpresourcetree.py
+++ b/synapse/util/httpresourcetree.py
@ -20,7 +20,7 @@ logger = logging.getLogger(__name__)


 def create_resource_tree(desired_tree, root_resource):
-    """Create the resource tree for this Home Server.
+    """Create the resource tree for this homeserver.

    This in unduly complicated because Twisted does not support putting
    child resources more than 1 level deep at a time.
--- a/tests/rest/admin/test_admin.py
+++ b/tests/rest/admin/test_admin.py
@ -641,3 +641,5 @@ class PurgeRoomTestCase(unittest.HomeserverTestCase):
            )

            self.assertEqual(count, 0, msg="Rows not purged in {}".format(table))
+
+    test_purge_room.skip = "Disabled because it's currently broken"
				`@ -0,0 +1 @@`
				`Increase default room version from 4 to 5, thereby enforcing server key validity period checks.`
				`@ -0,0 +1 @@`
				`Add optional python dependencies and dependant binary libraries to snapcraft packaging.`
				`@ -0,0 +1 @@`
				`Correct spacing/case of various instances of the word "homeserver".`
				`@ -0,0 +1 @@`
				`Fix bug where upgrading a guest account to a full user would fail when account validity is enabled.`
				`@ -0,0 +1 @@`
				`Temporarily blacklist the failing unit test PurgeRoomTestCase.test_purge_room.`
				`@ -0,0 +1 @@`
				Fix `to_device` stream ID getting reset every time Synapse restarts, which had the potential to cause unable to decrypt errors.