Commit Graph

11571 Commits

Author SHA1 Message Date
Richard van der Hoff 42044c1a5c prepare v0.33.2.1 2018-09-05 17:27:23 +01:00
Richard van der Hoff a5a0bf5cf7 Fix origin handling for pushed transactions
Use the actual origin for push transactions, rather than whatever the remote
server claimed.
2018-09-05 17:06:57 +01:00
Richard van der Hoff 5bf8bc79eb Check that signatures on events are valid
We should check that both the sender's server, and the server which created the
event_id (which may be different from whatever the remote server has told us
the origin is), have signed the event.
2018-09-05 17:05:08 +01:00
Amber Brown 67dbe4c899 0.33.2 changelog 2018-08-09 19:21:07 +10:00
Amber Brown dafe90a6be 0.33.2 2018-08-09 19:20:41 +10:00
Amber Brown 3d6f9fba19 fix the changelog & template 2018-08-09 19:19:30 +10:00
Amber Brown 23cd86554e fix changelog 2018-08-07 21:20:42 +10:00
Amber Brown 848431be1d fix for rc1 2018-08-07 21:13:22 +10:00
Amber Brown cf8ef11f35 changelog 2018-08-07 21:11:24 +10:00
Amber Brown 3b9662339b version 2018-08-07 21:10:52 +10:00
Will Hunt 16d9701892 Return M_NOT_FOUND when a profile could not be found. (#3596) 2018-08-03 19:08:05 +01:00
Michael Kaye df7f9871c1
Merge pull request #3644 from matrix-org/michaelkaye/refactor_docker_locations_v2
Refactor Dockerfile location
2018-08-03 13:44:35 +01:00
Michael Kaye 42960aa047
Update README.md
Link to contrib/docker
2018-08-03 09:16:01 +01:00
Michael Kaye c3f596180f
Update README.md
Link to docker/README.md
2018-08-03 09:15:19 +01:00
Michael Kaye 637b11b9ed
Update README.rst
Link to contrib/docker
2018-08-03 09:13:54 +01:00
Michael Kaye feacd13932
Update README.rst
wrap at 80ish
2018-08-03 09:10:41 +01:00
Amber Brown 8a86d7ea96
Merge pull request #3645 from matrix-org/michaelkaye/mention_newsfragment
Mention the word "newsfragment" in CONTRIBUTING.rst
2018-08-03 04:40:18 +10:00
Michael Kaye 70baa61e95 newsfragment 2018-08-02 18:58:43 +01:00
Michael Kaye 4c4a123bd0 Mention the word "newsfragment" in CONTRIBUTING.rst 2018-08-02 18:53:44 +01:00
Michael Kaye 489949879e Add news entry 2018-08-02 18:49:50 +01:00
Michael Kaye 1758f4e1c7 Address SPAG issues 2018-08-02 18:21:34 +01:00
Michael Kaye 26a37f3d4d Do not include docker files in python build 2018-08-02 18:21:34 +01:00
Michael Kaye 0d25724419 Refactor docker locations and README.
This addresses #3224
2018-08-02 18:21:32 +01:00
Richard van der Hoff 1fa98495d0
Merge pull request #3639 from matrix-org/rav/refactor_error_handling
Clean up handling of errors from outbound requests
2018-08-02 17:38:24 +01:00
Richard van der Hoff bdae8f2e68
Merge pull request #3638 from matrix-org/rav/refactor_federation_client_exception_handling
Factor out exception handling in federation_client
2018-08-02 17:37:46 +01:00
Richard van der Hoff 704c3e6239 Merge branch 'master' into develop 2018-08-02 15:43:30 +01:00
Richard van der Hoff 43ecfe0b10 Synapse 0.33.1 (2018-08-02)
===========================
 
 SECURITY FIXES
 --------------
 
 - Fix a potential issue where servers could request events for rooms they have not joined. (`#3641 <https://github.com/matrix-org/synapse/issues/3641>`_)
 - Fix a potential issue where users could see events in private rooms before they joined. (`#3642 <https://github.com/matrix-org/synapse/issues/3642>`_)
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJbYxcCAAoJEIofk9V1tejVg8YIAJU1xoZ2zSnordJczpvVZbzx
 Rsstk/wvE2dSGJL22gfSLzQNCbQvF4aOul1LAGJfbEQWc46BcNpyuWUxjTd3FaF7
 SfbWdkDh1w3ROSuiPA8j4CnH6EwP0w2itIBhFG7JpVEXjRgCyc1iMUl/oQESv82g
 UQyr6t/G68mE8xHm0eqvNfCjVAMSZDAnOzYZa7vfZJBqlZiGHB6Z1nsvsS3nZqQd
 BQQi/pQTXxsIL2egSvuycykiZtEZcm+QDRFi6hIatv5LRFOsQUqKVTB/D7XOoSbP
 RPOzcaSjv4mZ9a4NBzFMVVzzTRbr2EnipPd2ePrnJoOnl2eNRO4Won8zl4h+OQc=
 =U/ir
 -----END PGP SIGNATURE-----

Merge tag 'v0.33.1'

Synapse 0.33.1 (2018-08-02)
===========================

SECURITY FIXES
--------------

- Fix a potential issue where servers could request events for rooms they have not joined. (`#3641 <https://github.com/matrix-org/synapse/issues/3641>`_)
- Fix a potential issue where users could see events in private rooms before they joined. (`#3642 <https://github.com/matrix-org/synapse/issues/3642>`_)
2018-08-02 15:40:44 +01:00
Richard van der Hoff c2a83349f0 changelog: this is a security release 2018-08-02 15:35:42 +01:00
Richard van der Hoff db1f33fb36 fix changelog typos 2018-08-02 15:33:53 +01:00
Richard van der Hoff 14a4e7d5a4 Prepare 0.33.1 2018-08-02 15:31:04 +01:00
Richard van der Hoff 50d9d97408
Merge pull request #3642 from matrix-org/rav/another_room_id_check
Check room visibility for /event/ requests
2018-08-02 15:21:59 +01:00
Richard van der Hoff 8cefc690c9 changelogs 2018-08-02 15:11:19 +01:00
Richard van der Hoff 0bf5ec0db7 Check room visibility for /event/ requests
Make sure that the user has permission to view the requeseted event for
/event/{eventId} and /room/{roomId}/event/{eventId} requests.

Also check that the event is in the given room for
/room/{roomId}/event/{eventId}, for sanity.
2018-08-02 15:03:27 +01:00
Richard van der Hoff a937497cf5
Merge pull request #3641 from matrix-org/rav/room_id_check
Validation for events/rooms in fed requests
2018-08-02 14:22:05 +01:00
Richard van der Hoff a013404292 changelog 2018-08-02 14:00:29 +01:00
Richard van der Hoff 14fa9d4d92 Avoid extra db lookups
Since we're about to look up the events themselves anyway, we can skip the
extra db queries here.
2018-08-02 13:55:51 +01:00
Richard van der Hoff 0a65450d04 Validation for events/rooms in fed requests
When we get a federation request which refers to an event id, make sure that
said event is in the room the caller claims it is in.

(patch supplied by @turt2live)
2018-08-02 13:48:40 +01:00
Erik Johnston 40c1c59cf4
Merge pull request #3621 from matrix-org/erikj/split_fed_store
Split out DB writes in federation handler
2018-08-02 10:41:42 +01:00
Neil Johnson 085435e13a
Merge pull request #3630 from matrix-org/neilj/mau_sign_in_log_in_limits
Initial impl of capping MAU
2018-08-01 15:58:45 +00:00
Richard van der Hoff b8d7d3996b
Merge pull request #3620 from fuzzmz/return-404-room-not-found
return 404 if room not found
2018-08-01 16:34:32 +01:00
Richard van der Hoff 908be65e64 changelog 2018-08-01 16:23:31 +01:00
Neil Johnson b7f203a566 count_monthly_users is now async 2018-08-01 16:17:42 +01:00
Neil Johnson 7ff44d9215 improve clarity 2018-08-01 16:17:00 +01:00
Richard van der Hoff 38b98e5a98 changelog 2018-08-01 16:07:49 +01:00
Richard van der Hoff 01e93f48ed Kill off MatrixCodeMessageException
This code brings the SimpleHttpClient into line with the
MatrixFederationHttpClient by having it raise HttpResponseExceptions when a
request fails (rather than trying to parse for matrix errors and maybe raising
MatrixCodeMessageException).

Then, whenever we were checking for MatrixCodeMessageException and turning them
into SynapseErrors, we now need to check for HttpResponseExceptions and call
to_synapse_error.
2018-08-01 16:02:46 +01:00
Richard van der Hoff 018d75a148 Refactor code for turning HttpResponseException into SynapseError
This commit replaces SynapseError.from_http_response_exception with
HttpResponseException.to_synapse_error.

The new method actually returns a ProxiedRequestError, which allows us to pass
through additional metadata from the API call.
2018-08-01 16:02:46 +01:00
Richard van der Hoff fa7dc889f1 Be more careful which errors we send back over the C-S API
We really shouldn't be sending all CodeMessageExceptions back over the C-S API;
it will include things like 401s which we shouldn't proxy.

That means that we need to explicitly turn a few HttpResponseExceptions into
SynapseErrors in the federation layer.

The effect of the latter is that the matrix errcode will get passed through
correctly to calling clients, which might help with some of the random
M_UNKNOWN errors when trying to join rooms.
2018-08-01 16:02:38 +01:00
Richard van der Hoff c82ccd3027 Factor out exception handling in federation_client
Factor out the error handling from make_membership_event, send_join, and
send_leave, so that it can be shared.
2018-08-01 16:01:04 +01:00
Amber Brown da7785147d
Python 3: Convert some unicode/bytes uses (#3569) 2018-08-02 00:54:06 +10:00
Neil Johnson c480c4c962 fix isort 2018-08-01 14:25:58 +01:00