Merge remote-tracking branch 'origin/release-v1.20.0' into matrix-org-hotfixes
This commit is contained in:
Erik Johnston
commit
7b6f857aa9
59
CHANGES.md
59
CHANGES.md
|
|
@ -1,3 +1,62 @@
|
|||
Synapse 1.20.0rc5 (2020-09-18)
|
||||
==============================
|
||||
|
||||
In addition to the below, Synapse 1.20.0rc5 also includes the bug fix that was included in 1.19.3.
|
||||
|
||||
Features
|
||||
--------
|
||||
|
||||
- Add flags to the `/versions` endpoint for whether new rooms default to using E2EE. ([\#8343](https://github.com/matrix-org/synapse/issues/8343))
|
||||
|
||||
|
||||
Bugfixes
|
||||
--------
|
||||
|
||||
- Fix rate limiting of federation `/send` requests. ([\#8342](https://github.com/matrix-org/synapse/issues/8342))
|
||||
- Fix a longstanding bug where back pagination over federation could get stuck if it failed to handle a received event. ([\#8349](https://github.com/matrix-org/synapse/issues/8349))
|
||||
|
||||
|
||||
Internal Changes
|
||||
----------------
|
||||
|
||||
- Blacklist [MSC2753](https://github.com/matrix-org/matrix-doc/pull/2753) SyTests until it is implemented. ([\#8285](https://github.com/matrix-org/synapse/issues/8285))
|
||||
|
||||
|
||||
Synapse 1.19.3 (2020-09-18)
|
||||
===========================
|
||||
|
||||
Bugfixes
|
||||
--------
|
||||
|
||||
- Partially mitigate bug where newly joined servers couldn't get past events in a room when there is a malformed event. ([\#8350](https://github.com/matrix-org/synapse/issues/8350))
|
||||
|
||||
|
||||
Synapse 1.20.0rc4 (2020-09-16)
|
||||
==============================
|
||||
|
||||
Synapse 1.20.0rc4 is identical to 1.20.0rc3, with the addition of the security fix that was included in 1.19.2.
|
||||
|
||||
|
||||
Synapse 1.19.2 (2020-09-16)
|
||||
===========================
|
||||
|
||||
Due to the issue below server admins are encouraged to upgrade as soon as possible.
|
||||
|
||||
Bugfixes
|
||||
--------
|
||||
|
||||
- Fix joining rooms over federation that include malformed events. ([\#8324](https://github.com/matrix-org/synapse/issues/8324))
|
||||
|
||||
|
||||
Synapse 1.20.0rc3 (2020-09-11)
|
||||
==============================
|
||||
|
||||
Bugfixes
|
||||
--------
|
||||
|
||||
- Fix a bug introduced in v1.20.0rc1 where the wrong exception was raised when invalid JSON data is encountered. ([\#8291](https://github.com/matrix-org/synapse/issues/8291))
|
||||
|
||||
|
||||
Synapse 1.20.0rc2 (2020-09-09)
|
||||
==============================
|
||||
|
||||
|
|
|
|||
|
|
@ -1 +0,0 @@
|
|||
Fix a bug introduced in v1.20.0rc1 that the wrong exception was raised when invalid JSON data is encountered.
|
||||
|
|
@ -1 +0,0 @@
|
|||
Fix fetching events from remote servers that are malformed.
|
||||
14
debian/changelog
vendored
14
debian/changelog
vendored
|
|
@ -1,9 +1,21 @@
|
|||
matrix-synapse-py3 (1.19.0ubuntu1) UNRELEASED; urgency=medium
|
||||
matrix-synapse-py3 (1.20.0ubuntu1) UNRELEASED; urgency=medium
|
||||
|
||||
* Use Type=notify in systemd service
|
||||
|
||||
-- Dexter Chua <dec41@srcf.net> Wed, 26 Aug 2020 12:41:36 +0000
|
||||
|
||||
matrix-synapse-py3 (1.19.3) stable; urgency=medium
|
||||
|
||||
* New synapse release 1.19.3.
|
||||
|
||||
-- Synapse Packaging team <packages@matrix.org> Fri, 18 Sep 2020 14:59:30 +0100
|
||||
|
||||
matrix-synapse-py3 (1.19.2) stable; urgency=medium
|
||||
|
||||
* New synapse release 1.19.2.
|
||||
|
||||
-- Synapse Packaging team <packages@matrix.org> Wed, 16 Sep 2020 12:50:30 +0100
|
||||
|
||||
matrix-synapse-py3 (1.19.1) stable; urgency=medium
|
||||
|
||||
* New synapse release 1.19.1.
|
||||
|
|
|
|||
|
|
@ -48,7 +48,7 @@ try:
|
|||
except ImportError:
|
||||
pass
|
||||
|
||||
__version__ = "1.20.0rc2"
|
||||
__version__ = "1.20.0rc5"
|
||||
|
||||
if bool(os.environ.get("SYNAPSE_TEST_PATCH_LOG_CONTEXTS", False)):
|
||||
# We import here so that we don't have to install a bunch of deps when
|
||||
|
|
|
|||
|
|
@ -97,10 +97,16 @@ class FederationServer(FederationBase):
|
|||
self.state = hs.get_state_handler()
|
||||
|
||||
self.device_handler = hs.get_device_handler()
|
||||
self._federation_ratelimiter = hs.get_federation_ratelimiter()
|
||||
|
||||
self._server_linearizer = Linearizer("fed_server")
|
||||
self._transaction_linearizer = Linearizer("fed_txn_handler")
|
||||
|
||||
# We cache results for transaction with the same ID
|
||||
self._transaction_resp_cache = ResponseCache(
|
||||
hs, "fed_txn_handler", timeout_ms=30000
|
||||
)
|
||||
|
||||
self.transaction_actions = TransactionActions(self.store)
|
||||
|
||||
self.registry = hs.get_federation_registry()
|
||||
|
|
@ -135,22 +141,44 @@ class FederationServer(FederationBase):
|
|||
request_time = self._clock.time_msec()
|
||||
|
||||
transaction = Transaction(**transaction_data)
|
||||
transaction_id = transaction.transaction_id # type: ignore
|
||||
|
||||
if not transaction.transaction_id: # type: ignore
|
||||
if not transaction_id:
|
||||
raise Exception("Transaction missing transaction_id")
|
||||
|
||||
logger.debug("[%s] Got transaction", transaction.transaction_id) # type: ignore
|
||||
logger.debug("[%s] Got transaction", transaction_id)
|
||||
|
||||
# use a linearizer to ensure that we don't process the same transaction
|
||||
# multiple times in parallel.
|
||||
with (
|
||||
await self._transaction_linearizer.queue(
|
||||
(origin, transaction.transaction_id) # type: ignore
|
||||
)
|
||||
):
|
||||
result = await self._handle_incoming_transaction(
|
||||
origin, transaction, request_time
|
||||
)
|
||||
# We wrap in a ResponseCache so that we de-duplicate retried
|
||||
# transactions.
|
||||
return await self._transaction_resp_cache.wrap(
|
||||
(origin, transaction_id),
|
||||
self._on_incoming_transaction_inner,
|
||||
origin,
|
||||
transaction,
|
||||
request_time,
|
||||
)
|
||||
|
||||
async def _on_incoming_transaction_inner(
|
||||
self, origin: str, transaction: Transaction, request_time: int
|
||||
) -> Tuple[int, Dict[str, Any]]:
|
||||
# Use a linearizer to ensure that transactions from a remote are
|
||||
# processed in order.
|
||||
with await self._transaction_linearizer.queue(origin):
|
||||
# We rate limit here *after* we've queued up the incoming requests,
|
||||
# so that we don't fill up the ratelimiter with blocked requests.
|
||||
#
|
||||
# This is important as the ratelimiter allows N concurrent requests
|
||||
# at a time, and only starts ratelimiting if there are more requests
|
||||
# than that being processed at a time. If we queued up requests in
|
||||
# the linearizer/response cache *after* the ratelimiting then those
|
||||
# queued up requests would count as part of the allowed limit of N
|
||||
# concurrent requests.
|
||||
with self._federation_ratelimiter.ratelimit(origin) as d:
|
||||
await d
|
||||
|
||||
result = await self._handle_incoming_transaction(
|
||||
origin, transaction, request_time
|
||||
)
|
||||
|
||||
return result
|
||||
|
||||
|
|
|
|||
|
|
@ -45,7 +45,6 @@ from synapse.logging.opentracing import (
|
|||
)
|
||||
from synapse.server import HomeServer
|
||||
from synapse.types import ThirdPartyInstanceID, get_domain_from_id
|
||||
from synapse.util.ratelimitutils import FederationRateLimiter
|
||||
from synapse.util.versionstring import get_version_string
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
|
@ -72,9 +71,7 @@ class TransportLayerServer(JsonResource):
|
|||
super(TransportLayerServer, self).__init__(hs, canonical_json=False)
|
||||
|
||||
self.authenticator = Authenticator(hs)
|
||||
self.ratelimiter = FederationRateLimiter(
|
||||
self.clock, config=hs.config.rc_federation
|
||||
)
|
||||
self.ratelimiter = hs.get_federation_ratelimiter()
|
||||
|
||||
self.register_servlets()
|
||||
|
||||
|
|
@ -272,6 +269,8 @@ class BaseFederationServlet:
|
|||
|
||||
PREFIX = FEDERATION_V1_PREFIX # Allows specifying the API version
|
||||
|
||||
RATELIMIT = True # Whether to rate limit requests or not
|
||||
|
||||
def __init__(self, handler, authenticator, ratelimiter, server_name):
|
||||
self.handler = handler
|
||||
self.authenticator = authenticator
|
||||
|
|
@ -335,7 +334,7 @@ class BaseFederationServlet:
|
|||
)
|
||||
|
||||
with scope:
|
||||
if origin:
|
||||
if origin and self.RATELIMIT:
|
||||
with ratelimiter.ratelimit(origin) as d:
|
||||
await d
|
||||
if request._disconnected:
|
||||
|
|
@ -372,6 +371,10 @@ class BaseFederationServlet:
|
|||
class FederationSendServlet(BaseFederationServlet):
|
||||
PATH = "/send/(?P<transaction_id>[^/]*)/?"
|
||||
|
||||
# We ratelimit manually in the handler as we queue up the requests and we
|
||||
# don't want to fill up the ratelimiter with blocked requests.
|
||||
RATELIMIT = False
|
||||
|
||||
def __init__(self, handler, server_name, **kwargs):
|
||||
super(FederationSendServlet, self).__init__(
|
||||
handler, server_name=server_name, **kwargs
|
||||
|
|
|
|||
|
|
@ -19,6 +19,7 @@
|
|||
import logging
|
||||
import re
|
||||
|
||||
from synapse.api.constants import RoomCreationPreset
|
||||
from synapse.http.servlet import RestServlet
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
|
@ -31,6 +32,20 @@ class VersionsRestServlet(RestServlet):
|
|||
super(VersionsRestServlet, self).__init__()
|
||||
self.config = hs.config
|
||||
|
||||
# Calculate these once since they shouldn't change after start-up.
|
||||
self.e2ee_forced_public = (
|
||||
RoomCreationPreset.PUBLIC_CHAT
|
||||
in self.config.encryption_enabled_by_default_for_room_presets
|
||||
)
|
||||
self.e2ee_forced_private = (
|
||||
RoomCreationPreset.PRIVATE_CHAT
|
||||
in self.config.encryption_enabled_by_default_for_room_presets
|
||||
)
|
||||
self.e2ee_forced_trusted_private = (
|
||||
RoomCreationPreset.TRUSTED_PRIVATE_CHAT
|
||||
in self.config.encryption_enabled_by_default_for_room_presets
|
||||
)
|
||||
|
||||
def on_GET(self, request):
|
||||
return (
|
||||
200,
|
||||
|
|
@ -62,6 +77,10 @@ class VersionsRestServlet(RestServlet):
|
|||
"org.matrix.msc2432": True,
|
||||
# Implements additional endpoints as described in MSC2666
|
||||
"uk.half-shot.msc2666": True,
|
||||
# Whether new rooms will be set to encrypted or not (based on presets).
|
||||
"io.element.e2ee_forced.public": self.e2ee_forced_public,
|
||||
"io.element.e2ee_forced.private": self.e2ee_forced_private,
|
||||
"io.element.e2ee_forced.trusted_private": self.e2ee_forced_trusted_private,
|
||||
},
|
||||
},
|
||||
)
|
||||
|
|
|
|||
|
|
@ -114,6 +114,7 @@ from synapse.streams.events import EventSources
|
|||
from synapse.types import DomainSpecificString
|
||||
from synapse.util import Clock
|
||||
from synapse.util.distributor import Distributor
|
||||
from synapse.util.ratelimitutils import FederationRateLimiter
|
||||
from synapse.util.stringutils import random_string
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
|
@ -642,6 +643,10 @@ class HomeServer(metaclass=abc.ABCMeta):
|
|||
def get_replication_streams(self) -> Dict[str, Stream]:
|
||||
return {stream.NAME: stream(self) for stream in STREAMS_MAP.values()}
|
||||
|
||||
@cache_in_self
|
||||
def get_federation_ratelimiter(self) -> FederationRateLimiter:
|
||||
return FederationRateLimiter(self.clock, config=self.config.rc_federation)
|
||||
|
||||
async def remove_pusher(self, app_id: str, push_key: str, user_id: str):
|
||||
return await self.get_pusherpool().remove_pusher(app_id, push_key, user_id)
|
||||
|
||||
|
|
|
|||
|
|
@ -36,3 +36,11 @@ Inbound federation of state requires event_id as a mandatory paramater
|
|||
|
||||
# Blacklisted until https://github.com/matrix-org/synapse/pull/6486 lands
|
||||
Can upload self-signing keys
|
||||
|
||||
# Blacklisted until MSC2753 is implemented
|
||||
Local users can peek into world_readable rooms by room ID
|
||||
We can't peek into rooms with shared history_visibility
|
||||
We can't peek into rooms with invited history_visibility
|
||||
We can't peek into rooms with joined history_visibility
|
||||
Local users can peek by room alias
|
||||
Peeked rooms only turn up in the sync for the device who peeked them
|
||||
|
|
|
|||
Loading…
Reference in a new issue