MirrorHub/synapse
0
0
Fork 1
mirror of https://mau.dev/maunium/synapse.git synced 2024-10-15 04:48:58 +02:00
Code Issues Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/develop' into rav/event_auth/4

Browse source
This commit is contained in:
Richard van der Hoff 2019-11-18 12:05:36 +00:00
commit 870c00e278
30 changed files with 85 additions and 47 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
changelog.d/6220.feature Normal file
View file

@ -0,0 +1 @@
Increase default room version from 4 to 5, thereby enforcing server key validity period checks.

1
changelog.d/6317.misc Normal file
View file

@ -0,0 +1 @@
Add optional python dependencies and dependant binary libraries to snapcraft packaging.

1
changelog.d/6357.misc Normal file
View file

@ -0,0 +1 @@
Correct spacing/case of various instances of the word "homeserver".

1
changelog.d/6359.bugfix Normal file
View file

@ -0,0 +1 @@
Fix bug where upgrading a guest account to a full user would fail when account validity is enabled.

1
changelog.d/6361.misc Normal file
View file

@ -0,0 +1 @@
Temporarily blacklist the failing unit test PurgeRoomTestCase.test_purge_room.

1
changelog.d/6363.bugfix Normal file
View file

@ -0,0 +1 @@
Fix `to_device` stream ID getting reset every time Synapse restarts, which had the potential to cause unable to decrypt errors.

10
docs/sample_config.yaml
View file

@ -72,7 +72,7 @@ pid_file: DATADIR/homeserver.pid
# For example, for room version 1, default_room_version should be set # For example, for room version 1, default_room_version should be set
# to "1". # to "1".
# #
#default_room_version: "4" #default_room_version: "5"
# The GC threshold parameters to pass to `gc.set_threshold`, if defined # The GC threshold parameters to pass to `gc.set_threshold`, if defined
# #
@ -287,7 +287,7 @@ listeners:
# Used by phonehome stats to group together related servers. # Used by phonehome stats to group together related servers.
#server_context: context #server_context: context
# Resource-constrained Homeserver Settings # Resource-constrained homeserver Settings
# #
# If limit_remote_rooms.enabled is True, the room complexity will be # If limit_remote_rooms.enabled is True, the room complexity will be
# checked before a user joins a new remote room. If it is above # checked before a user joins a new remote room. If it is above
@ -743,11 +743,11 @@ uploads_path: "DATADIR/uploads"
## Captcha ## ## Captcha ##
# See docs/CAPTCHA_SETUP for full details of configuring this. # See docs/CAPTCHA_SETUP for full details of configuring this.
# This Home Server's ReCAPTCHA public key. # This homeserver's ReCAPTCHA public key.
# #
#recaptcha_public_key: "YOUR_PUBLIC_KEY" #recaptcha_public_key: "YOUR_PUBLIC_KEY"
# This Home Server's ReCAPTCHA private key. # This homeserver's ReCAPTCHA private key.
# #
#recaptcha_private_key: "YOUR_PRIVATE_KEY" #recaptcha_private_key: "YOUR_PRIVATE_KEY"
@ -1270,7 +1270,7 @@ password_config:
# smtp_user: "exampleusername" # smtp_user: "exampleusername"
# smtp_pass: "examplepassword" # smtp_pass: "examplepassword"
# require_transport_security: false # require_transport_security: false
# notif_from: "Your Friendly %(app)s Home Server <noreply@example.com>" # notif_from: "Your Friendly %(app)s homeserver <noreply@example.com>"
# app_name: Matrix # app_name: Matrix
# #
# # Enable email notifications by default # # Enable email notifications by default

20
snap/snapcraft.yaml
View file

@ -20,3 +20,23 @@ parts:
source: . source: .
plugin: python plugin: python
python-version: python3 python-version: python3
python-packages:
- '.[all]'
build-packages:
- libffi-dev
- libturbojpeg0-dev
- libssl-dev
- libxslt1-dev
- libpq-dev
- zlib1g-dev
stage-packages:
- libasn1-8-heimdal
- libgssapi3-heimdal
- libhcrypto4-heimdal
- libheimbase1-heimdal
- libheimntlm0-heimdal
- libhx509-5-heimdal
- libkrb5-26-heimdal
- libldap-2.4-2
- libpq5
- libsasl2-2

4
synapse/config/captcha.py
View file

@ -35,11 +35,11 @@ class CaptchaConfig(Config):
## Captcha ## ## Captcha ##
# See docs/CAPTCHA_SETUP for full details of configuring this. # See docs/CAPTCHA_SETUP for full details of configuring this.
# This Home Server's ReCAPTCHA public key. # This homeserver's ReCAPTCHA public key.
# #
#recaptcha_public_key: "YOUR_PUBLIC_KEY" #recaptcha_public_key: "YOUR_PUBLIC_KEY"
# This Home Server's ReCAPTCHA private key. # This homeserver's ReCAPTCHA private key.
# #
#recaptcha_private_key: "YOUR_PRIVATE_KEY" #recaptcha_private_key: "YOUR_PRIVATE_KEY"

2
synapse/config/emailconfig.py
View file

@ -305,7 +305,7 @@ class EmailConfig(Config):
# smtp_user: "exampleusername" # smtp_user: "exampleusername"
# smtp_pass: "examplepassword" # smtp_pass: "examplepassword"
# require_transport_security: false # require_transport_security: false
# notif_from: "Your Friendly %(app)s Home Server <noreply@example.com>" # notif_from: "Your Friendly %(app)s homeserver <noreply@example.com>"
# app_name: Matrix # app_name: Matrix
# #
# # Enable email notifications by default # # Enable email notifications by default

4
synapse/config/server.py
View file

@ -41,7 +41,7 @@ logger = logging.Logger(__name__)
# in the list. # in the list.
DEFAULT_BIND_ADDRESSES = ["::", "0.0.0.0"] DEFAULT_BIND_ADDRESSES = ["::", "0.0.0.0"]
DEFAULT_ROOM_VERSION = "4" DEFAULT_ROOM_VERSION = "5"
ROOM_COMPLEXITY_TOO_GREAT = ( ROOM_COMPLEXITY_TOO_GREAT = (
"Your homeserver is unable to join rooms this large or complex. " "Your homeserver is unable to join rooms this large or complex. "
@ -721,7 +721,7 @@ class ServerConfig(Config):
# Used by phonehome stats to group together related servers. # Used by phonehome stats to group together related servers.
#server_context: context #server_context: context
# Resource-constrained Homeserver Settings # Resource-constrained homeserver Settings
# #
# If limit_remote_rooms.enabled is True, the room complexity will be # If limit_remote_rooms.enabled is True, the room complexity will be
# checked before a user joins a new remote room. If it is above # checked before a user joins a new remote room. If it is above

2
synapse/handlers/auth.py
View file

@ -810,7 +810,7 @@ class AuthHandler(BaseHandler):
@defer.inlineCallbacks @defer.inlineCallbacks
def add_threepid(self, user_id, medium, address, validated_at): def add_threepid(self, user_id, medium, address, validated_at):
# 'Canonicalise' email addresses down to lower case. # 'Canonicalise' email addresses down to lower case.
# We've now moving towards the Home Server being the entity that # We've now moving towards the homeserver being the entity that
# is responsible for validating threepids used for resetting passwords # is responsible for validating threepids used for resetting passwords
# on accounts, so in future Synapse will gain knowledge of specific # on accounts, so in future Synapse will gain knowledge of specific
# types (mediums) of threepid. For now, we still use the existing # types (mediums) of threepid. For now, we still use the existing

2
synapse/handlers/directory.py
View file

@ -283,7 +283,7 @@ class DirectoryHandler(BaseHandler):
def on_directory_query(self, args): def on_directory_query(self, args):
room_alias = RoomAlias.from_string(args["room_alias"]) room_alias = RoomAlias.from_string(args["room_alias"])
if not self.hs.is_mine(room_alias): if not self.hs.is_mine(room_alias):
raise SynapseError(400, "Room Alias is not hosted on this Home Server") raise SynapseError(400, "Room Alias is not hosted on this homeserver")
result = yield self.get_association_from_room_alias(room_alias) result = yield self.get_association_from_room_alias(room_alias)

6
synapse/handlers/profile.py
View file

@ -152,7 +152,7 @@ class BaseProfileHandler(BaseHandler):
by_admin (bool): Whether this change was made by an administrator. by_admin (bool): Whether this change was made by an administrator.
""" """
if not self.hs.is_mine(target_user): if not self.hs.is_mine(target_user):
raise SynapseError(400, "User is not hosted on this Home Server") raise SynapseError(400, "User is not hosted on this homeserver")
if not by_admin and target_user != requester.user: if not by_admin and target_user != requester.user:
raise AuthError(400, "Cannot set another user's displayname") raise AuthError(400, "Cannot set another user's displayname")
@ -207,7 +207,7 @@ class BaseProfileHandler(BaseHandler):
"""target_user is the user whose avatar_url is to be changed; """target_user is the user whose avatar_url is to be changed;
auth_user is the user attempting to make this change.""" auth_user is the user attempting to make this change."""
if not self.hs.is_mine(target_user): if not self.hs.is_mine(target_user):
raise SynapseError(400, "User is not hosted on this Home Server") raise SynapseError(400, "User is not hosted on this homeserver")
if not by_admin and target_user != requester.user: if not by_admin and target_user != requester.user:
raise AuthError(400, "Cannot set another user's avatar_url") raise AuthError(400, "Cannot set another user's avatar_url")
@ -231,7 +231,7 @@ class BaseProfileHandler(BaseHandler):
def on_profile_query(self, args): def on_profile_query(self, args):
user = UserID.from_string(args["user_id"]) user = UserID.from_string(args["user_id"])
if not self.hs.is_mine(user): if not self.hs.is_mine(user):
raise SynapseError(400, "User is not hosted on this Home Server") raise SynapseError(400, "User is not hosted on this homeserver")
just_field = args.get("field", None) just_field = args.get("field", None)

4
synapse/handlers/typing.py
View file

@ -120,7 +120,7 @@ class TypingHandler(object):
auth_user_id = auth_user.to_string() auth_user_id = auth_user.to_string()
if not self.is_mine_id(target_user_id): if not self.is_mine_id(target_user_id):
raise SynapseError(400, "User is not hosted on this Home Server") raise SynapseError(400, "User is not hosted on this homeserver")
if target_user_id != auth_user_id: if target_user_id != auth_user_id:
raise AuthError(400, "Cannot set another user's typing state") raise AuthError(400, "Cannot set another user's typing state")
@ -150,7 +150,7 @@ class TypingHandler(object):
auth_user_id = auth_user.to_string() auth_user_id = auth_user.to_string()
if not self.is_mine_id(target_user_id): if not self.is_mine_id(target_user_id):
raise SynapseError(400, "User is not hosted on this Home Server") raise SynapseError(400, "User is not hosted on this homeserver")
if target_user_id != auth_user_id: if target_user_id != auth_user_id:
raise AuthError(400, "Cannot set another user's typing state") raise AuthError(400, "Cannot set another user's typing state")

2
synapse/logging/_terse_json.py
View file

@ -153,7 +153,7 @@ class TerseJSONToTCPLogObserver(object):
An IObserver that writes JSON logs to a TCP target. An IObserver that writes JSON logs to a TCP target.
Args: Args:
hs (HomeServer): The Homeserver that is being logged for. hs (HomeServer): The homeserver that is being logged for.
host: The host of the logging target. host: The host of the logging target.
port: The logging target's port. port: The logging target's port.
metadata: Metadata to be added to each log entry. metadata: Metadata to be added to each log entry.

9
synapse/storage/_base.py
View file

@ -361,14 +361,11 @@ class SQLBaseStore(object):
expiration_ts, expiration_ts,
) )
self._simple_insert_txn( self._simple_upsert_txn(
txn, txn,
"account_validity", "account_validity",
values={ keyvalues={"user_id": user_id},
"user_id": user_id, values={"expiration_ts_ms": expiration_ts, "email_sent": False},
"expiration_ts_ms": expiration_ts,
"email_sent": False,
},
) )
def start_profiling(self): def start_profiling(self):

17
synapse/storage/data_stores/main/deviceinbox.py
View file

@ -358,8 +358,21 @@ class DeviceInboxStore(DeviceInboxWorkerStore, DeviceInboxBackgroundUpdateStore)
def _add_messages_to_local_device_inbox_txn( def _add_messages_to_local_device_inbox_txn(
self, txn, stream_id, messages_by_user_then_device self, txn, stream_id, messages_by_user_then_device
): ):
sql = "UPDATE device_max_stream_id" " SET stream_id = ?" " WHERE stream_id < ?" # Compatible method of performing an upsert
txn.execute(sql, (stream_id, stream_id)) sql = "SELECT stream_id FROM device_max_stream_id"
txn.execute(sql)
rows = txn.fetchone()
if rows:
db_stream_id = rows[0]
if db_stream_id < stream_id:
# Insert the new stream_id
sql = "UPDATE device_max_stream_id SET stream_id = ?"
else:
# No rows, perform an insert
sql = "INSERT INTO device_max_stream_id (stream_id) VALUES (?)"
txn.execute(sql, (stream_id,))
local_by_user_then_device = {} local_by_user_then_device = {}
for user_id, messages_by_device in messages_by_user_then_device.items(): for user_id, messages_by_device in messages_by_user_then_device.items():

2
synapse/util/httpresourcetree.py
View file

@ -20,7 +20,7 @@ logger = logging.getLogger(__name__)
def create_resource_tree(desired_tree, root_resource): def create_resource_tree(desired_tree, root_resource):
"""Create the resource tree for this Home Server. """Create the resource tree for this homeserver.
This in unduly complicated because Twisted does not support putting This in unduly complicated because Twisted does not support putting
child resources more than 1 level deep at a time. child resources more than 1 level deep at a time.

2
tests/rest/admin/test_admin.py
View file

@ -641,3 +641,5 @@ class PurgeRoomTestCase(unittest.HomeserverTestCase):
) )
self.assertEqual(count, 0, msg="Rows not purged in {}".format(table)) self.assertEqual(count, 0, msg="Rows not purged in {}".format(table))
test_purge_room.skip = "Disabled because it's currently broken"