Merge branch 'develop' into matrix-org-hotfixes
This commit is contained in:
commit
649e48a799
|
@ -5,8 +5,6 @@ Message history can be paginated
|
|||
|
||||
Can re-join room if re-invited
|
||||
|
||||
/upgrade creates a new room
|
||||
|
||||
The only membership state included in an initial sync is for all the senders in the timeline
|
||||
|
||||
Local device key changes get to remote servers
|
||||
|
|
54
CHANGES.md
54
CHANGES.md
|
@ -1,3 +1,40 @@
|
|||
Next version
|
||||
============
|
||||
|
||||
* New templates (`sso_auth_confirm.html`, `sso_auth_success.html`, and
|
||||
`sso_account_deactivated.html`) were added to Synapse. If your Synapse is
|
||||
configured to use SSO and a custom `sso_redirect_confirm_template_dir`
|
||||
configuration then these templates will need to be duplicated into that
|
||||
directory.
|
||||
|
||||
* Plugins using the `complete_sso_login` method of `synapse.module_api.ModuleApi`
|
||||
should update to using the async/await version `complete_sso_login_async` which
|
||||
includes additional checks. The non-async version is considered deprecated.
|
||||
|
||||
|
||||
Synapse 1.12.4 (2020-04-23)
|
||||
===========================
|
||||
|
||||
No significant changes.
|
||||
|
||||
|
||||
Synapse 1.12.4rc1 (2020-04-22)
|
||||
==============================
|
||||
|
||||
Features
|
||||
--------
|
||||
|
||||
- Always send users their own device updates. ([\#7160](https://github.com/matrix-org/synapse/issues/7160))
|
||||
- Add support for handling GET requests for `account_data` on a worker. ([\#7311](https://github.com/matrix-org/synapse/issues/7311))
|
||||
|
||||
|
||||
Bugfixes
|
||||
--------
|
||||
|
||||
- Fix a bug that prevented cross-signing with users on worker-mode synapses. ([\#7255](https://github.com/matrix-org/synapse/issues/7255))
|
||||
- Do not treat display names as globs in push rules. ([\#7271](https://github.com/matrix-org/synapse/issues/7271))
|
||||
- Fix a bug with cross-signing devices belonging to remote users who did not share a room with any user on the local homeserver. ([\#7289](https://github.com/matrix-org/synapse/issues/7289))
|
||||
|
||||
Synapse 1.12.3 (2020-04-03)
|
||||
===========================
|
||||
|
||||
|
@ -7,13 +44,10 @@ correctly fix the issue with building the Debian packages. ([\#7212](https://git
|
|||
Synapse 1.12.2 (2020-04-02)
|
||||
===========================
|
||||
|
||||
This release works around [an
|
||||
issue](https://github.com/matrix-org/synapse/issues/7208) with building the
|
||||
debian packages.
|
||||
This release works around [an issue](https://github.com/matrix-org/synapse/issues/7208) with building the debian packages.
|
||||
|
||||
No other significant changes since 1.12.1.
|
||||
|
||||
|
||||
Synapse 1.12.1 (2020-04-02)
|
||||
===========================
|
||||
|
||||
|
@ -30,16 +64,22 @@ Bugfixes
|
|||
- Avoid importing `sqlite3` when using the postgres backend. Contributed by David Vo. ([\#7155](https://github.com/matrix-org/synapse/issues/7155)). Introduced in v1.12.0rc1.
|
||||
- Fix a bug which could cause outbound federation traffic to stop working if a client uploaded an incorrect e2e device signature. ([\#7177](https://github.com/matrix-org/synapse/issues/7177)). Introduced in v1.11.0.
|
||||
|
||||
|
||||
Synapse 1.12.0 (2020-03-23)
|
||||
===========================
|
||||
|
||||
No significant changes since 1.12.0rc1.
|
||||
|
||||
Debian packages and Docker images are rebuilt using the latest versions of
|
||||
dependency libraries, including Twisted 20.3.0. **Please see security advisory
|
||||
below**.
|
||||
|
||||
Potential slow database update during upgrade
|
||||
---------------------------------------------
|
||||
|
||||
Synapse 1.12.0 includes a database update which is run as part of the upgrade,
|
||||
and which may take some time (several hours in the case of a large
|
||||
server). Synapse will not respond to HTTP requests while this update is taking
|
||||
place. For imformation on seeing if you are affected, and workaround if you
|
||||
are, see the [upgrade notes](UPGRADE.rst#upgrading-to-v1120).
|
||||
|
||||
Security advisory
|
||||
-----------------
|
||||
|
||||
|
|
108
INSTALL.md
108
INSTALL.md
|
@ -2,7 +2,6 @@
|
|||
- [Installing Synapse](#installing-synapse)
|
||||
- [Installing from source](#installing-from-source)
|
||||
- [Platform-Specific Instructions](#platform-specific-instructions)
|
||||
- [Troubleshooting Installation](#troubleshooting-installation)
|
||||
- [Prebuilt packages](#prebuilt-packages)
|
||||
- [Setting up Synapse](#setting-up-synapse)
|
||||
- [TLS certificates](#tls-certificates)
|
||||
|
@ -10,6 +9,7 @@
|
|||
- [Registering a user](#registering-a-user)
|
||||
- [Setting up a TURN server](#setting-up-a-turn-server)
|
||||
- [URL previews](#url-previews)
|
||||
- [Troubleshooting Installation](#troubleshooting-installation)
|
||||
|
||||
# Choosing your server name
|
||||
|
||||
|
@ -36,7 +36,7 @@ that your email address is probably `user@example.com` rather than
|
|||
System requirements:
|
||||
|
||||
- POSIX-compliant system (tested on Linux & OS X)
|
||||
- Python 3.5, 3.6, 3.7 or 3.8.
|
||||
- Python 3.5.2 or later, up to Python 3.8.
|
||||
- At least 1GB of free RAM if you want to join large public rooms like #matrix:matrix.org
|
||||
|
||||
Synapse is written in Python but some of the libraries it uses are written in
|
||||
|
@ -70,7 +70,7 @@ pip install -U matrix-synapse
|
|||
```
|
||||
|
||||
Before you can start Synapse, you will need to generate a configuration
|
||||
file. To do this, run (in your virtualenv, as before)::
|
||||
file. To do this, run (in your virtualenv, as before):
|
||||
|
||||
```
|
||||
cd ~/synapse
|
||||
|
@ -84,22 +84,24 @@ python -m synapse.app.homeserver \
|
|||
... substituting an appropriate value for `--server-name`.
|
||||
|
||||
This command will generate you a config file that you can then customise, but it will
|
||||
also generate a set of keys for you. These keys will allow your Home Server to
|
||||
identify itself to other Home Servers, so don't lose or delete them. It would be
|
||||
also generate a set of keys for you. These keys will allow your homeserver to
|
||||
identify itself to other homeserver, so don't lose or delete them. It would be
|
||||
wise to back them up somewhere safe. (If, for whatever reason, you do need to
|
||||
change your Home Server's keys, you may find that other Home Servers have the
|
||||
change your homeserver's keys, you may find that other homeserver have the
|
||||
old key cached. If you update the signing key, you should change the name of the
|
||||
key in the `<server name>.signing.key` file (the second word) to something
|
||||
different. See the
|
||||
[spec](https://matrix.org/docs/spec/server_server/latest.html#retrieving-server-keys)
|
||||
for more information on key management.)
|
||||
for more information on key management).
|
||||
|
||||
To actually run your new homeserver, pick a working directory for Synapse to
|
||||
run (e.g. `~/synapse`), and::
|
||||
run (e.g. `~/synapse`), and:
|
||||
|
||||
cd ~/synapse
|
||||
source env/bin/activate
|
||||
synctl start
|
||||
```
|
||||
cd ~/synapse
|
||||
source env/bin/activate
|
||||
synctl start
|
||||
```
|
||||
|
||||
### Platform-Specific Instructions
|
||||
|
||||
|
@ -110,7 +112,7 @@ Installing prerequisites on Ubuntu or Debian:
|
|||
```
|
||||
sudo apt-get install build-essential python3-dev libffi-dev \
|
||||
python3-pip python3-setuptools sqlite3 \
|
||||
libssl-dev python3-virtualenv libjpeg-dev libxslt1-dev
|
||||
libssl-dev virtualenv libjpeg-dev libxslt1-dev
|
||||
```
|
||||
|
||||
#### ArchLinux
|
||||
|
@ -188,7 +190,7 @@ doas pkg_add python libffi py-pip py-setuptools sqlite3 py-virtualenv \
|
|||
There is currently no port for OpenBSD. Additionally, OpenBSD's security
|
||||
settings require a slightly more difficult installation process.
|
||||
|
||||
XXX: I suspect this is out of date.
|
||||
(XXX: I suspect this is out of date)
|
||||
|
||||
1. Create a new directory in `/usr/local` called `_synapse`. Also, create a
|
||||
new user called `_synapse` and set that directory as the new user's home.
|
||||
|
@ -196,7 +198,7 @@ XXX: I suspect this is out of date.
|
|||
write and execute permissions on the same memory space to be run from
|
||||
`/usr/local`.
|
||||
2. `su` to the new `_synapse` user and change to their home directory.
|
||||
3. Create a new virtualenv: `virtualenv -p python2.7 ~/.synapse`
|
||||
3. Create a new virtualenv: `virtualenv -p python3 ~/.synapse`
|
||||
4. Source the virtualenv configuration located at
|
||||
`/usr/local/_synapse/.synapse/bin/activate`. This is done in `ksh` by
|
||||
using the `.` command, rather than `bash`'s `source`.
|
||||
|
@ -217,45 +219,6 @@ be found at https://docs.microsoft.com/en-us/windows/wsl/install-win10 for
|
|||
Windows 10 and https://docs.microsoft.com/en-us/windows/wsl/install-on-server
|
||||
for Windows Server.
|
||||
|
||||
### Troubleshooting Installation
|
||||
|
||||
XXX a bunch of this is no longer relevant.
|
||||
|
||||
Synapse requires pip 8 or later, so if your OS provides too old a version you
|
||||
may need to manually upgrade it::
|
||||
|
||||
sudo pip install --upgrade pip
|
||||
|
||||
Installing may fail with `Could not find any downloads that satisfy the requirement pymacaroons-pynacl (from matrix-synapse==0.12.0)`.
|
||||
You can fix this by manually upgrading pip and virtualenv::
|
||||
|
||||
sudo pip install --upgrade virtualenv
|
||||
|
||||
You can next rerun `virtualenv -p python3 synapse` to update the virtual env.
|
||||
|
||||
Installing may fail during installing virtualenv with `InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.`
|
||||
You can fix this by manually installing ndg-httpsclient::
|
||||
|
||||
pip install --upgrade ndg-httpsclient
|
||||
|
||||
Installing may fail with `mock requires setuptools>=17.1. Aborting installation`.
|
||||
You can fix this by upgrading setuptools::
|
||||
|
||||
pip install --upgrade setuptools
|
||||
|
||||
If pip crashes mid-installation for reason (e.g. lost terminal), pip may
|
||||
refuse to run until you remove the temporary installation directory it
|
||||
created. To reset the installation::
|
||||
|
||||
rm -rf /tmp/pip_install_matrix
|
||||
|
||||
pip seems to leak *lots* of memory during installation. For instance, a Linux
|
||||
host with 512MB of RAM may run out of memory whilst installing Twisted. If this
|
||||
happens, you will have to individually install the dependencies which are
|
||||
failing, e.g.::
|
||||
|
||||
pip install twisted
|
||||
|
||||
## Prebuilt packages
|
||||
|
||||
As an alternative to installing from source, prebuilt packages are available
|
||||
|
@ -314,7 +277,7 @@ For `buster` and `sid`, Synapse is available in the Debian repositories and
|
|||
it should be possible to install it with simply:
|
||||
|
||||
```
|
||||
sudo apt install matrix-synapse
|
||||
sudo apt install matrix-synapse
|
||||
```
|
||||
|
||||
There is also a version of `matrix-synapse` in `stretch-backports`. Please see
|
||||
|
@ -375,15 +338,17 @@ sudo pip install py-bcrypt
|
|||
|
||||
Synapse can be found in the void repositories as 'synapse':
|
||||
|
||||
xbps-install -Su
|
||||
xbps-install -S synapse
|
||||
```
|
||||
xbps-install -Su
|
||||
xbps-install -S synapse
|
||||
```
|
||||
|
||||
### FreeBSD
|
||||
|
||||
Synapse can be installed via FreeBSD Ports or Packages contributed by Brendan Molloy from:
|
||||
|
||||
- Ports: `cd /usr/ports/net-im/py-matrix-synapse && make install clean`
|
||||
- Packages: `pkg install py27-matrix-synapse`
|
||||
- Packages: `pkg install py37-matrix-synapse`
|
||||
|
||||
|
||||
### NixOS
|
||||
|
@ -420,6 +385,7 @@ so, you will need to edit `homeserver.yaml`, as follows:
|
|||
resources:
|
||||
- names: [client, federation]
|
||||
```
|
||||
|
||||
* You will also need to uncomment the `tls_certificate_path` and
|
||||
`tls_private_key_path` lines under the `TLS` section. You can either
|
||||
point these settings at an existing certificate and key, or you can
|
||||
|
@ -427,15 +393,15 @@ so, you will need to edit `homeserver.yaml`, as follows:
|
|||
for having Synapse automatically provision and renew federation
|
||||
certificates through ACME can be found at [ACME.md](docs/ACME.md).
|
||||
Note that, as pointed out in that document, this feature will not
|
||||
work with installs set up after November 2019.
|
||||
|
||||
work with installs set up after November 2019.
|
||||
|
||||
If you are using your own certificate, be sure to use a `.pem` file that
|
||||
includes the full certificate chain including any intermediate certificates
|
||||
(for instance, if using certbot, use `fullchain.pem` as your certificate, not
|
||||
`cert.pem`).
|
||||
|
||||
For a more detailed guide to configuring your server for federation, see
|
||||
[federate.md](docs/federate.md)
|
||||
[federate.md](docs/federate.md).
|
||||
|
||||
|
||||
## Email
|
||||
|
@ -482,7 +448,7 @@ on your server even if `enable_registration` is `false`.
|
|||
## Setting up a TURN server
|
||||
|
||||
For reliable VoIP calls to be routed via this homeserver, you MUST configure
|
||||
a TURN server. See [docs/turn-howto.md](docs/turn-howto.md) for details.
|
||||
a TURN server. See [docs/turn-howto.md](docs/turn-howto.md) for details.
|
||||
|
||||
## URL previews
|
||||
|
||||
|
@ -491,10 +457,24 @@ turn it on you must enable the `url_preview_enabled: True` config parameter
|
|||
and explicitly specify the IP ranges that Synapse is not allowed to spider for
|
||||
previewing in the `url_preview_ip_range_blacklist` configuration parameter.
|
||||
This is critical from a security perspective to stop arbitrary Matrix users
|
||||
spidering 'internal' URLs on your network. At the very least we recommend that
|
||||
spidering 'internal' URLs on your network. At the very least we recommend that
|
||||
your loopback and RFC1918 IP addresses are blacklisted.
|
||||
|
||||
This also requires the optional lxml and netaddr python dependencies to be
|
||||
installed. This in turn requires the libxml2 library to be available - on
|
||||
This also requires the optional `lxml` and `netaddr` python dependencies to be
|
||||
installed. This in turn requires the `libxml2` library to be available - on
|
||||
Debian/Ubuntu this means `apt-get install libxml2-dev`, or equivalent for
|
||||
your OS.
|
||||
|
||||
# Troubleshooting Installation
|
||||
|
||||
`pip` seems to leak *lots* of memory during installation. For instance, a Linux
|
||||
host with 512MB of RAM may run out of memory whilst installing Twisted. If this
|
||||
happens, you will have to individually install the dependencies which are
|
||||
failing, e.g.:
|
||||
|
||||
```
|
||||
pip install twisted
|
||||
```
|
||||
|
||||
If you have any other problems, feel free to ask in
|
||||
[#synapse:matrix.org](https://matrix.to/#/#synapse:matrix.org).
|
||||
|
|
65
UPGRADE.rst
65
UPGRADE.rst
|
@ -75,6 +75,71 @@ for example:
|
|||
wget https://packages.matrix.org/debian/pool/main/m/matrix-synapse-py3/matrix-synapse-py3_1.3.0+stretch1_amd64.deb
|
||||
dpkg -i matrix-synapse-py3_1.3.0+stretch1_amd64.deb
|
||||
|
||||
Upgrading to v1.12.0
|
||||
====================
|
||||
|
||||
This version includes a database update which is run as part of the upgrade,
|
||||
and which may take some time (several hours in the case of a large
|
||||
server). Synapse will not respond to HTTP requests while this update is taking
|
||||
place.
|
||||
|
||||
This is only likely to be a problem in the case of a server which is
|
||||
participating in many rooms.
|
||||
|
||||
0. As with all upgrades, it is recommended that you have a recent backup of
|
||||
your database which can be used for recovery in the event of any problems.
|
||||
|
||||
1. As an initial check to see if you will be affected, you can try running the
|
||||
following query from the `psql` or `sqlite3` console. It is safe to run it
|
||||
while Synapse is still running.
|
||||
|
||||
.. code:: sql
|
||||
|
||||
SELECT MAX(q.v) FROM (
|
||||
SELECT (
|
||||
SELECT ej.json AS v
|
||||
FROM state_events se INNER JOIN event_json ej USING (event_id)
|
||||
WHERE se.room_id=rooms.room_id AND se.type='m.room.create' AND se.state_key=''
|
||||
LIMIT 1
|
||||
) FROM rooms WHERE rooms.room_version IS NULL
|
||||
) q;
|
||||
|
||||
This query will take about the same amount of time as the upgrade process: ie,
|
||||
if it takes 5 minutes, then it is likely that Synapse will be unresponsive for
|
||||
5 minutes during the upgrade.
|
||||
|
||||
If you consider an outage of this duration to be acceptable, no further
|
||||
action is necessary and you can simply start Synapse 1.12.0.
|
||||
|
||||
If you would prefer to reduce the downtime, continue with the steps below.
|
||||
|
||||
2. The easiest workaround for this issue is to manually
|
||||
create a new index before upgrading. On PostgreSQL, his can be done as follows:
|
||||
|
||||
.. code:: sql
|
||||
|
||||
CREATE INDEX CONCURRENTLY tmp_upgrade_1_12_0_index
|
||||
ON state_events(room_id) WHERE type = 'm.room.create';
|
||||
|
||||
The above query may take some time, but is also safe to run while Synapse is
|
||||
running.
|
||||
|
||||
We assume that no SQLite users have databases large enough to be
|
||||
affected. If you *are* affected, you can run a similar query, omitting the
|
||||
``CONCURRENTLY`` keyword. Note however that this operation may in itself cause
|
||||
Synapse to stop running for some time. Synapse admins are reminded that
|
||||
`SQLite is not recommended for use outside a test
|
||||
environment <https://github.com/matrix-org/synapse/blob/master/README.rst#using-postgresql>`_.
|
||||
|
||||
3. Once the index has been created, the ``SELECT`` query in step 1 above should
|
||||
complete quickly. It is therefore safe to upgrade to Synapse 1.12.0.
|
||||
|
||||
4. Once Synapse 1.12.0 has successfully started and is responding to HTTP
|
||||
requests, the temporary index can be removed:
|
||||
|
||||
.. code:: sql
|
||||
|
||||
DROP INDEX tmp_upgrade_1_12_0_index;
|
||||
|
||||
Upgrading to v1.10.0
|
||||
====================
|
||||
|
|
1
changelog.d/6446.misc
Normal file
1
changelog.d/6446.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Add benchmarks for LruCache.
|
1
changelog.d/6573.bugfix
Normal file
1
changelog.d/6573.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Don't attempt to use an invalid sqlite config if no database configuration is provided. Contributed by @nekatak.
|
1
changelog.d/6634.bugfix
Normal file
1
changelog.d/6634.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Fix single-sign on with CAS systems: pass the same service URL when requesting the CAS ticket and when calling the `proxyValidate` URL. Contributed by @Naugrimm.
|
1
changelog.d/6639.bugfix
Normal file
1
changelog.d/6639.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Fix missing field `default` when fetching user-defined push rules.
|
1
changelog.d/6892.doc
Normal file
1
changelog.d/6892.doc
Normal file
|
@ -0,0 +1 @@
|
|||
Update Debian installation instructions to recommend installing the `virtualenv` package instead of `python3-virtualenv`.
|
1
changelog.d/6899.bugfix
Normal file
1
changelog.d/6899.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Improve error responses when accessing remote public room lists.
|
1
changelog.d/6946.bugfix
Normal file
1
changelog.d/6946.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Transfer alias mappings on room upgrade.
|
1
changelog.d/6988.doc
Normal file
1
changelog.d/6988.doc
Normal file
|
@ -0,0 +1 @@
|
|||
Improve the documentation for database configuration.
|
1
changelog.d/7006.feature
Normal file
1
changelog.d/7006.feature
Normal file
|
@ -0,0 +1 @@
|
|||
Extend the `web_client_location` option to accept an absolute URL to use as a redirect. Adds a warning when running the web client on the same hostname as homeserver. Contributed by Martin Milata.
|
1
changelog.d/7009.feature
Normal file
1
changelog.d/7009.feature
Normal file
|
@ -0,0 +1 @@
|
|||
Set `Referrer-Policy` header to `no-referrer` on media downloads.
|
1
changelog.d/7010.misc
Normal file
1
changelog.d/7010.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Change device list streams to have one row per ID.
|
1
changelog.d/7011.misc
Normal file
1
changelog.d/7011.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Remove concept of a non-limited stream.
|
1
changelog.d/7024.misc
Normal file
1
changelog.d/7024.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Move catchup of replication streams logic to worker.
|
1
changelog.d/7040.feature
Normal file
1
changelog.d/7040.feature
Normal file
|
@ -0,0 +1 @@
|
|||
Add support for running replication over Redis when using workers.
|
1
changelog.d/7051.feature
Normal file
1
changelog.d/7051.feature
Normal file
|
@ -0,0 +1 @@
|
|||
Admin API `POST /_synapse/admin/v1/join/<roomIdOrAlias>` to join users to a room like `auto_join_rooms` for creation of users.
|
1
changelog.d/7068.bugfix
Normal file
1
changelog.d/7068.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Ensure that a user inteactive authentication session is tied to a single request.
|
1
changelog.d/7089.bugfix
Normal file
1
changelog.d/7089.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Fix a bug in the federation API which could cause occasional "Failed to get PDU" errors.
|
1
changelog.d/7096.feature
Normal file
1
changelog.d/7096.feature
Normal file
|
@ -0,0 +1 @@
|
|||
Add options to prevent users from changing their profile or associated 3PIDs.
|
1
changelog.d/7102.feature
Normal file
1
changelog.d/7102.feature
Normal file
|
@ -0,0 +1 @@
|
|||
Support SSO in the user interactive authentication workflow.
|
1
changelog.d/7107.doc
Normal file
1
changelog.d/7107.doc
Normal file
|
@ -0,0 +1 @@
|
|||
Update pre-built package name for FreeBSD.
|
1
changelog.d/7109.bugfix
Normal file
1
changelog.d/7109.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Return the proper error (M_BAD_ALIAS) when a non-existant canonical alias is provided.
|
1
changelog.d/7110.misc
Normal file
1
changelog.d/7110.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Convert some of synapse.rest.media to async/await.
|
1
changelog.d/7115.misc
Normal file
1
changelog.d/7115.misc
Normal file
|
@ -0,0 +1 @@
|
|||
De-duplicate / remove unused REST code for login and auth.
|
1
changelog.d/7116.misc
Normal file
1
changelog.d/7116.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Convert `*StreamRow` classes to inner classes.
|
1
changelog.d/7117.bugfix
Normal file
1
changelog.d/7117.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Fix a bug which meant that groups updates were not correctly replicated between workers.
|
1
changelog.d/7118.feature
Normal file
1
changelog.d/7118.feature
Normal file
|
@ -0,0 +1 @@
|
|||
Allow server admins to define and enforce a password policy (MSC2000).
|
1
changelog.d/7119.doc
Normal file
1
changelog.d/7119.doc
Normal file
|
@ -0,0 +1 @@
|
|||
Update postgres docs with login troubleshooting information.
|
1
changelog.d/7120.misc
Normal file
1
changelog.d/7120.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Clean up some LoggingContext code.
|
1
changelog.d/7128.misc
Normal file
1
changelog.d/7128.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Add explicit `instance_id` for USER_SYNC commands and remove implicit `conn_id` usage.
|
1
changelog.d/7133.bugfix
Normal file
1
changelog.d/7133.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Fix starting workers when federation sending not split out.
|
1
changelog.d/7136.misc
Normal file
1
changelog.d/7136.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Refactored the CAS authentication logic to a separate class.
|
1
changelog.d/7137.removal
Normal file
1
changelog.d/7137.removal
Normal file
|
@ -0,0 +1 @@
|
|||
Remove nonfunctional `captcha_bypass_secret` option from `homeserver.yaml`.
|
1
changelog.d/7141.doc
Normal file
1
changelog.d/7141.doc
Normal file
|
@ -0,0 +1 @@
|
|||
Clean up INSTALL.md a bit.
|
1
changelog.d/7147.doc
Normal file
1
changelog.d/7147.doc
Normal file
|
@ -0,0 +1 @@
|
|||
Add documentation for running a local CAS server for testing.
|
1
changelog.d/7150.bugfix
Normal file
1
changelog.d/7150.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Ensure `is_verified` is a boolean in responses to `GET /_matrix/client/r0/room_keys/keys`. Also warn the user if they forgot the `version` query param.
|
1
changelog.d/7151.bugfix
Normal file
1
changelog.d/7151.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Fix error page being shown when a custom SAML handler attempted to redirect when processing an auth response.
|
1
changelog.d/7152.feature
Normal file
1
changelog.d/7152.feature
Normal file
|
@ -0,0 +1 @@
|
|||
Improve the support for SSO authentication on the login fallback page.
|
1
changelog.d/7153.feature
Normal file
1
changelog.d/7153.feature
Normal file
|
@ -0,0 +1 @@
|
|||
Always whitelist the login fallback in the SSO configuration if `public_baseurl` is set.
|
1
changelog.d/7155.bugfix
Normal file
1
changelog.d/7155.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Avoid importing `sqlite3` when using the postgres backend. Contributed by David Vo.
|
1
changelog.d/7157.misc
Normal file
1
changelog.d/7157.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Add tests for outbound device pokes.
|
1
changelog.d/7158.misc
Normal file
1
changelog.d/7158.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Fix device list update stream ids going backward.
|
1
changelog.d/7159.bugfix
Normal file
1
changelog.d/7159.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Fix excessive CPU usage by `prune_old_outbound_device_pokes` job.
|
|
@ -1 +0,0 @@
|
|||
Always send users their own device updates.
|
1
changelog.d/7167.doc
Normal file
1
changelog.d/7167.doc
Normal file
|
@ -0,0 +1 @@
|
|||
Improve README.md by being explicit about public IP recommendation for TURN relaying.
|
1
changelog.d/7171.doc
Normal file
1
changelog.d/7171.doc
Normal file
|
@ -0,0 +1 @@
|
|||
Fix a small typo in the `metrics_flags` config option.
|
1
changelog.d/7177.bugfix
Normal file
1
changelog.d/7177.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Fix a bug which could cause outbound federation traffic to stop working if a client uploaded an incorrect e2e device signature.
|
1
changelog.d/7178.bugfix
Normal file
1
changelog.d/7178.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Fix a bug which could cause incorrect 'cyclic dependency' error.
|
1
changelog.d/7181.misc
Normal file
1
changelog.d/7181.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Clean up some LoggingContext code.
|
1
changelog.d/7183.misc
Normal file
1
changelog.d/7183.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Clean up some LoggingContext code.
|
1
changelog.d/7184.misc
Normal file
1
changelog.d/7184.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Convert some of synapse.rest.media to async/await.
|
1
changelog.d/7185.misc
Normal file
1
changelog.d/7185.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Move client command handling out of TCP protocol.
|
1
changelog.d/7186.feature
Normal file
1
changelog.d/7186.feature
Normal file
|
@ -0,0 +1 @@
|
|||
Support SSO in the user interactive authentication workflow.
|
1
changelog.d/7187.misc
Normal file
1
changelog.d/7187.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Move server command handling out of TCP protocol.
|
1
changelog.d/7188.misc
Normal file
1
changelog.d/7188.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Fix consistency of HTTP status codes reported in log lines.
|
1
changelog.d/7190.misc
Normal file
1
changelog.d/7190.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Only run one background database update at a time.
|
1
changelog.d/7191.feature
Normal file
1
changelog.d/7191.feature
Normal file
|
@ -0,0 +1 @@
|
|||
Admin users are no longer required to be in a room to create an alias for it.
|
1
changelog.d/7192.misc
Normal file
1
changelog.d/7192.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Remove sent outbound device list pokes from the database.
|
1
changelog.d/7193.misc
Normal file
1
changelog.d/7193.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Add a background database update job to clear out duplicate `device_lists_outbound_pokes`.
|
1
changelog.d/7195.misc
Normal file
1
changelog.d/7195.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Move catchup of replication streams logic to worker.
|
1
changelog.d/7199.bugfix
Normal file
1
changelog.d/7199.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Fix a bug that could cause a user to be invited to a server notices (aka System Alerts) room without any notice being sent.
|
1
changelog.d/7203.bugfix
Normal file
1
changelog.d/7203.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Fix some worker-mode replication handling not being correctly recorded in CPU usage stats.
|
1
changelog.d/7207.misc
Normal file
1
changelog.d/7207.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Remove some extraneous debugging log lines.
|
1
changelog.d/7213.misc
Normal file
1
changelog.d/7213.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Add explicit Python build tooling as dependencies for the snapcraft build.
|
1
changelog.d/7219.misc
Normal file
1
changelog.d/7219.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Add typing information to federation server code.
|
1
changelog.d/7225.misc
Normal file
1
changelog.d/7225.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Extend room admin api (`GET /_synapse/admin/v1/rooms`) with additional attributes.
|
1
changelog.d/7226.misc
Normal file
1
changelog.d/7226.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Move catchup of replication streams logic to worker.
|
1
changelog.d/7228.misc
Normal file
1
changelog.d/7228.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Unblacklist '/upgrade creates a new room' sytest for workers.
|
1
changelog.d/7230.feature
Normal file
1
changelog.d/7230.feature
Normal file
|
@ -0,0 +1 @@
|
|||
Require admin privileges to enable room encryption by default. This does not affect existing rooms.
|
1
changelog.d/7233.misc
Normal file
1
changelog.d/7233.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Remove redundant checks on `daemonize` from synctl.
|
1
changelog.d/7234.doc
Normal file
1
changelog.d/7234.doc
Normal file
|
@ -0,0 +1 @@
|
|||
Update the contributed documentation on managing synapse workers with systemd, and bring it into the core distribution.
|
1
changelog.d/7235.feature
Normal file
1
changelog.d/7235.feature
Normal file
|
@ -0,0 +1 @@
|
|||
Improve the support for SSO authentication on the login fallback page.
|
1
changelog.d/7236.misc
Normal file
1
changelog.d/7236.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Upgrade jQuery to v3.4.1 on fallback login/registration pages.
|
1
changelog.d/7237.misc
Normal file
1
changelog.d/7237.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Change log line that told user to implement onLogin/onRegister fallback js functions to a warning, instead of an info, so it's more visible.
|
1
changelog.d/7238.doc
Normal file
1
changelog.d/7238.doc
Normal file
|
@ -0,0 +1 @@
|
|||
Add documentation to the `password_providers` config option. Add known password provider implementations to docs.
|
1
changelog.d/7239.misc
Normal file
1
changelog.d/7239.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Move catchup of replication streams logic to worker.
|
1
changelog.d/7240.bugfix
Normal file
1
changelog.d/7240.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Do not allow a deactivated user to login via SSO.
|
1
changelog.d/7241.misc
Normal file
1
changelog.d/7241.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Convert some of synapse.rest.media to async/await.
|
1
changelog.d/7243.misc
Normal file
1
changelog.d/7243.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Correct the parameters of a test fixture. Contributed by Isaiah Singletary.
|
1
changelog.d/7248.doc
Normal file
1
changelog.d/7248.doc
Normal file
|
@ -0,0 +1 @@
|
|||
Add documentation to the `password_providers` config option. Add known password provider implementations to docs.
|
1
changelog.d/7249.bugfix
Normal file
1
changelog.d/7249.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Fix --help command-line argument.
|
1
changelog.d/7251.doc
Normal file
1
changelog.d/7251.doc
Normal file
|
@ -0,0 +1 @@
|
|||
Modify suggested nginx reverse proxy configuration to match Synapse's default file upload size. Contributed by @ProCycleDev.
|
|
@ -1 +0,0 @@
|
|||
Fix a bug that prevented cross-signing with users on worker-mode synapses.
|
1
changelog.d/7259.bugfix
Normal file
1
changelog.d/7259.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Do not allow a deactivated user to login via SSO.
|
1
changelog.d/7260.bugfix
Normal file
1
changelog.d/7260.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Fix room publish permissions not being checked on room creation.
|
1
changelog.d/7261.misc
Normal file
1
changelog.d/7261.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Convert auth handler to async/await.
|
1
changelog.d/7265.feature
Normal file
1
changelog.d/7265.feature
Normal file
|
@ -0,0 +1 @@
|
|||
Add a config option for specifying the value of the Accept-Language HTTP header when generating URL previews.
|
1
changelog.d/7268.bugfix
Normal file
1
changelog.d/7268.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Reject unknown session IDs during user interactive authentication instead of silently creating a new session.
|
|
@ -1 +0,0 @@
|
|||
Do not treat display names as globs in push rules.
|
1
changelog.d/7272.doc
Normal file
1
changelog.d/7272.doc
Normal file
|
@ -0,0 +1 @@
|
|||
Documentation of media_storage_providers options updated to avoid misunderstandings. Contributed by Tristan Lins.
|
1
changelog.d/7274.bugfix
Normal file
1
changelog.d/7274.bugfix
Normal file
|
@ -0,0 +1 @@
|
|||
Fix a sql query introduced in Synapse 1.12.0 which could cause large amounts of logging to the postgres slow-query log.
|
1
changelog.d/7279.feature
Normal file
1
changelog.d/7279.feature
Normal file
|
@ -0,0 +1 @@
|
|||
Support SSO in the user interactive authentication workflow.
|
1
changelog.d/7286.misc
Normal file
1
changelog.d/7286.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Move catchup of replication streams logic to worker.
|
|
@ -1 +0,0 @@
|
|||
Fix a bug with cross-signing devices belonging to remote users who did not share a room with any user on the local homeserver.
|
1
changelog.d/7290.misc
Normal file
1
changelog.d/7290.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Move catchup of replication streams logic to worker.
|
1
changelog.d/7291.misc
Normal file
1
changelog.d/7291.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Improve typing annotations in `synapse.replication.tcp.streams.Stream`.
|
1
changelog.d/7295.misc
Normal file
1
changelog.d/7295.misc
Normal file
|
@ -0,0 +1 @@
|
|||
Reduce log verbosity of url cache cleanup tasks.
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue