Commit Graph

20940 Commits

Author SHA1 Message Date
Šimon Brandner 1017f09c18
Update MSC3786 implementation: Check the `state_key` (#12939)
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
2022-06-27 20:28:34 +01:00
Robert Long 9b683ea80f
Add Cross-Origin-Resource-Policy header to thumbnail and download media endpoints (#12944) 2022-06-27 14:44:05 +01:00
reivilibre 3c5549e74a
Refactor the Dockerfile-workers configuration script to use Jinja2 templates in Synapse workers' Supervisord blocks. (#13054)
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
2022-06-27 11:43:20 +01:00
Aaron Raimist 3ceaf1462d
Remove docs for Delete Group Admin API (#13112)
This API no longer exists.

Signed-off-by: Aaron Raimist <aaron@raim.ist>
2022-06-27 11:15:25 +01:00
santhoshivan23 d54909956e
validate room alias before interacting with the room directory (#13106) 2022-06-22 15:32:18 +01:00
David Robertson f33356e8f8
Use caret (semver bounds) for matrix.org packages (#13082) 2022-06-17 19:07:04 +01:00
Shay 3d94d07db3
Update opentracing docs to reference the configuration manual rather than the configuation file. (#13076) 2022-06-17 10:47:38 -07:00
Richard van der Hoff d4b1c0d800
Fix inconsistencies in event validation (#13088) 2022-06-17 16:30:59 +01:00
Richard van der Hoff e16ea87d0f
Fix inconsistencies in event validation for `m.room.create` events (#13087)
* Extend the auth rule checks for `m.room.create` events

... and move them up to the top of the function. Since the no auth_events are
allowed for m.room.create events, we may as well get the m.room.create event
checks out of the way first.

* Add a test for create events with prev_events
2022-06-17 13:56:46 +00:00
Patrick Cloke d3d84685ce
Add type hints to event push actions tests. (#13099) 2022-06-17 12:38:13 +00:00
reivilibre b26cbe3d45
Fix type error that made its way onto develop (#13098)
* Fix type error introduced accidentally by #13045

* Newsfile

Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
2022-06-17 13:05:27 +01:00
Richard van der Hoff 5d6f55959e
Update info on downstream debs (#13095) 2022-06-17 12:47:22 +01:00
Quentin Gliech 73af10f419
Simplify the alias deletion logic as an application service. (#13093) 2022-06-17 12:19:22 +01:00
Erik Johnston 5ef05c70c3
Rotate notifications more frequently (#13096) 2022-06-17 10:58:00 +00:00
Erik Johnston 5099b5ecc7
Use new `device_list_changes_in_room` table when getting device list changes (#13045) 2022-06-17 11:42:03 +01:00
Quentin Gliech c6d6176411
Allow MSC3030 'timestamp_to_event' calls from anyone on world-readable rooms. (#13062)
Signed-off-by: Quentin Gliech <quenting@element.io>
2022-06-17 11:39:26 +01:00
Sean Quah 9372f6f842
Fix logging context misuse when we fail to persist a federation event (#13089)
When we fail to persist a federation event, we kick off a task to remove
its push actions in the background, using the current logging context.
Since we don't `await` that task, we may finish our logging context
before the task finishes. There's no reason to not `await` the task, so
let's do that.

Signed-off-by: Sean Quah <seanq@matrix.org>
2022-06-17 10:22:50 +01:00
Erik Johnston 8ceed5e6b5
Add desc to `get_earliest_token_for_stats` (#13085) 2022-06-16 17:50:46 +00:00
reivilibre 90cadcd403
Add a Subject Alternative Name to the certificate generated for Complement tests. (#13071) 2022-06-16 12:43:21 +01:00
Patrick Cloke 0fcc0ae37c
Improve URL previews for sites with only Twitter card information. (#13056)
Pull out `twitter:` meta tags when generating a preview and
use it to augment any `og:` meta tags.

Prefers Open Graph information over Twitter card information.
2022-06-16 07:41:57 -04:00
reivilibre 7552615247
Reduce the duplication of code that invokes the rate limiter. (#13070) 2022-06-16 12:40:29 +01:00
Richard van der Hoff 1e0044e8f9
Complement: use SQLite by default (#13075)
If no database is configured explicitly, use sqlite.

This means that you don't have to pass any variables into the image.
2022-06-16 12:12:26 +01:00
Jacek Kuśnierz 0ef1307619
Add custom well-known (#13035)
Co-authored-by: David Robertson <david.m.robertson1@gmail.com>
2022-06-16 11:48:18 +01:00
reivilibre ffe2464836
Add instructions for running Complement with `gotestfmt`-formatted output locally. (#13073) 2022-06-16 09:31:10 +00:00
Richard van der Hoff 8ecf6be1e1
Move some event auth checks out to a different method (#13065)
* Add auth events to events used in tests

* Move some event auth checks out to a different method

Some of the event auth checks apply to an event's auth_events, rather than the
state at the event - which means they can play no part in state
resolution. Move them out to a separate method.

* Rename check_auth_rules_for_event

Now it only checks the state-dependent auth rules, it needs a better name.
2022-06-15 19:48:22 +01:00
Shay cba1c5cbc2
Add headers to individual options in config documentation to allow for linking. (#13055) 2022-06-15 11:31:46 -07:00
Sean Quah 99d3931974
Add more tests for room upgrades (#13074)
Signed-off-by: Sean Quah <seanq@element.io>
2022-06-15 18:58:23 +01:00
Erik Johnston c95b04bb0e
Change default `sync_response_cache_duration` (#13042) 2022-06-15 16:55:20 +00:00
Hannes Lerchl 7d99414edf
Replace pyjwt with authlib in `org.matrix.login.jwt` (#13011) 2022-06-15 16:45:16 +00:00
reivilibre e12ff697a4
Sort failing jobs in Complement CI to the top of the logs to make them easier to read. (#13057) 2022-06-15 16:13:36 +00:00
Erik Johnston de334ac183
Add a CI job to check that schema deltas are in the correct folder. (#13063) 2022-06-15 16:27:18 +01:00
David Robertson 97e9fbe1b2
Type annotations in `synapse.databases.main.devices` (#13025)
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
2022-06-15 15:20:04 +00:00
Erik Johnston 0d1d3e0708
Speed up `get_unread_event_push_actions_by_room` (#13005)
Fixes #11887 hopefully.

The core change here is that `event_push_summary` now holds a summary of counts up until a much more recent point, meaning that the range of rows we need to count in `event_push_actions` is much smaller.

This needs two major changes:
1. When we get a receipt we need to recalculate `event_push_summary` rather than just delete it
2. The logic for deleting `event_push_actions` is now divorced from calculating `event_push_summary`.

In future it would be good to calculate `event_push_summary` while we persist a new event (it should just be a case of adding one to the relevant rows in `event_push_summary`), as that will further simplify the get counts logic and remove the need for us to periodically update `event_push_summary` in a background job.
2022-06-15 15:17:14 +00:00
Erik Johnston 9ad2197fa7
Rename complement-developonly (#13046) 2022-06-15 15:11:42 +00:00
reivilibre 212be2edc1
Use updated `update_user_directory_from_worker` options in Complement tests. (#13069) 2022-06-15 15:54:32 +01:00
reivilibre 538044ac01
Collapse Docker build commands in Complement CI runs to make the logs easier to read. (#13058) 2022-06-15 14:42:27 +00:00
David Robertson 941dc3db13
Track a histogram of state res durations (#13036) 2022-06-15 15:19:49 +01:00
reivilibre 0dbdc39940
Fix a long-standing bug which meant that rate limiting was not restrictive enough in some cases. (#13018) 2022-06-15 14:11:55 +00:00
Brendan Abolivier 417f4cf40b
Don't use keyword arguments when initialising modules (#13060) 2022-06-15 15:36:16 +02:00
Richard van der Hoff 75fb10ee45
Clean up schema for `event_edges` (#12893)
* Remove redundant references to `event_edges.room_id`

We don't need to care about the room_id here, because we are already checking
the event id.

* Clean up the event_edges table

We make a number of changes to `event_edges`:

 * We give the `room_id` and `is_state` columns defaults (null and false
   respectively) so that we can stop populating them.
 * We drop any rows that have `is_state` set true - they should no longer
   exist.
 * We drop any rows that do not exist in `events` - these should not exist
   either.
 * We drop the old unique constraint on all the colums, which wasn't much use.
 * We create a new unique index on `(event_id, prev_event_id)`.
 * We add a foreign key constraint to `events`.

These happen rather differently depending on whether we are on Postgres or
SQLite. For SQLite, we just rebuild the whole table, copying only the rows we
want to keep. For Postgres, we try to do things in the background as much as
possible.

* Stop populating `event_edges.room_id` and `is_state`

We can just rely on the defaults.
2022-06-15 12:29:42 +01:00
David Robertson a4ae1406d1
Fix typechecks against twisted trunk (#13061) 2022-06-15 11:49:58 +01:00
Patrick Cloke bd03332a1d Merge branch 'master' into develop 2022-06-14 14:27:53 -04:00
Patrick Cloke 21e6c0ed64 Fix incorrect link in changelog. 2022-06-14 14:27:17 -04:00
reivilibre 5b645ae2ad
Refactor entry points so that they all have a `main` function. (#13052) 2022-06-14 17:41:06 +00:00
David Robertson c99b511db9
Fix `destination_is` errors seen in sentry. (#13041)
* Rename test_fedclient to match its source file
* Require at least one destination to be truthy
* Explicitly validate user ID in profile endpoint GETs
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
2022-06-14 18:28:26 +01:00
Erik Johnston aef398457f
Up complement time outs (#13048) 2022-06-14 17:59:06 +01:00
Brendan Abolivier bdb6628dcf
Fix version number in spam checker callbacks doc (#13047) 2022-06-14 17:24:25 +02:00
Shay 493c2fc44a
Remove code generating comments in configuration file (#12941) 2022-06-14 07:53:42 -07:00
Patrick Cloke 5f4ecf759d
Rename delta to apply in the proper schema version. (#13050) 2022-06-14 14:34:04 +00:00
Quentin Gliech fe1daad672
Move the "email unsubscribe" resource, refactor the macaroon generator & simplify the access token verification logic. (#12986)
This simplifies the access token verification logic by removing the `rights`
parameter which was only ever used for the unsubscribe link in email
notifications. The latter has been moved under the `/_synapse` namespace,
since it is not a standard API.

This also makes the email verification link more secure, by embedding the
app_id and pushkey in the macaroon and verifying it. This prevents the user
from tampering the query parameters of that unsubscribe link.

Macaroon generation is refactored:

- Centralised all macaroon generation and verification logic to the
  `MacaroonGenerator`
- Moved to `synapse.utils`
- Changed the constructor to require only a `Clock`, hostname, and a secret key
  (instead of a full `Homeserver`).
- Added tests for all methods.
2022-06-14 09:12:08 -04:00