mirror of
https://github.com/element-hq/synapse.git
synced 2024-11-26 19:47:05 +03:00
Merge branch 'develop' into key_distribution
Conflicts: synapse/crypto/keyring.py
This commit is contained in:
commit
f8b865264a
5 changed files with 74 additions and 28 deletions
17
README.rst
17
README.rst
|
@ -86,7 +86,7 @@ Homeserver Installation
|
|||
=======================
|
||||
|
||||
System requirements:
|
||||
- POSIX-compliant system (tested on Linux & OSX)
|
||||
- POSIX-compliant system (tested on Linux & OS X)
|
||||
- Python 2.7
|
||||
|
||||
Synapse is written in python but some of the libraries is uses are written in
|
||||
|
@ -128,6 +128,15 @@ To set up your homeserver, run (in your virtualenv, as before)::
|
|||
|
||||
Substituting your host and domain name as appropriate.
|
||||
|
||||
This will generate you a config file that you can then customise, but it will
|
||||
also generate a set of keys for you. These keys will allow your Home Server to
|
||||
identify itself to other Home Servers, so don't lose or delete them. It would be
|
||||
wise to back them up somewhere safe. If, for whatever reason, you do need to
|
||||
change your Home Server's keys, you may find that other Home Servers have the
|
||||
old key cached. If you update the signing key, you should change the name of the
|
||||
key in the <server name>.signing.key file (the second word, which by default is
|
||||
, 'auto') to something different.
|
||||
|
||||
By default, registration of new users is disabled. You can either enable
|
||||
registration in the config by specifying ``enable_registration: true``
|
||||
(it is then recommended to also set up CAPTCHA), or
|
||||
|
@ -367,10 +376,6 @@ SRV record, as that is the name other machines will expect it to have::
|
|||
You may additionally want to pass one or more "-v" options, in order to
|
||||
increase the verbosity of logging output; at least for initial testing.
|
||||
|
||||
For the initial alpha release, the homeserver is not speaking TLS for
|
||||
either client-server or server-server traffic for ease of debugging. We have
|
||||
also not spent any time yet getting the homeserver to run behind loadbalancers.
|
||||
|
||||
Running a Demo Federation of Homeservers
|
||||
----------------------------------------
|
||||
|
||||
|
@ -433,7 +438,7 @@ track 3PID logins and publish end-user public keys.
|
|||
|
||||
It's currently early days for identity servers as Matrix is not yet using 3PIDs
|
||||
as the primary means of identity and E2E encryption is not complete. As such,
|
||||
we are running a single identity server (http://matrix.org:8090) at the current
|
||||
we are running a single identity server (https://matrix.org) at the current
|
||||
time.
|
||||
|
||||
|
||||
|
|
|
@ -26,6 +26,8 @@ from synapse.api.errors import SynapseError, Codes
|
|||
|
||||
from synapse.util.retryutils import get_retry_limiter
|
||||
|
||||
from synapse.util.async import create_observer
|
||||
|
||||
from OpenSSL import crypto
|
||||
|
||||
import urllib
|
||||
|
@ -45,6 +47,8 @@ class Keyring(object):
|
|||
self.perspective_servers = self.config.perspectives
|
||||
self.hs = hs
|
||||
|
||||
self.key_downloads = {}
|
||||
|
||||
@defer.inlineCallbacks
|
||||
def verify_json_for_server(self, server_name, json_object):
|
||||
logger.debug("Verifying for %s", server_name)
|
||||
|
@ -103,6 +107,22 @@ class Keyring(object):
|
|||
defer.returnValue(cached[0])
|
||||
return
|
||||
|
||||
download = self.key_downloads.get(server_name)
|
||||
|
||||
if download is None:
|
||||
download = self._get_server_verify_key_impl(server_name, key_ids)
|
||||
self.key_downloads[server_name] = download
|
||||
|
||||
@download.addBoth
|
||||
def callback(ret):
|
||||
del self.key_downloads[server_name]
|
||||
return ret
|
||||
|
||||
r = yield create_observer(download)
|
||||
defer.returnValue(r)
|
||||
|
||||
@defer.inlineCallbacks
|
||||
def _get_server_verify_key_impl(self, server_name, key_ids):
|
||||
keys = None
|
||||
for perspective_name, perspective_keys in self.perspective_servers.items():
|
||||
try:
|
||||
|
|
|
@ -126,7 +126,25 @@ def make_base_prepend_override_rules():
|
|||
def make_base_append_override_rules():
|
||||
return [
|
||||
{
|
||||
'rule_id': 'global/override/.m.rule.call',
|
||||
'rule_id': 'global/override/.m.rule.suppress_notices',
|
||||
'conditions': [
|
||||
{
|
||||
'kind': 'event_match',
|
||||
'key': 'content.msgtype',
|
||||
'pattern': 'm.notice',
|
||||
}
|
||||
],
|
||||
'actions': [
|
||||
'dont_notify',
|
||||
]
|
||||
}
|
||||
]
|
||||
|
||||
|
||||
def make_base_append_underride_rules(user):
|
||||
return [
|
||||
{
|
||||
'rule_id': 'global/underride/.m.rule.call',
|
||||
'conditions': [
|
||||
{
|
||||
'kind': 'event_match',
|
||||
|
@ -145,19 +163,6 @@ def make_base_append_override_rules():
|
|||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
'rule_id': 'global/override/.m.rule.suppress_notices',
|
||||
'conditions': [
|
||||
{
|
||||
'kind': 'event_match',
|
||||
'key': 'content.msgtype',
|
||||
'pattern': 'm.notice',
|
||||
}
|
||||
],
|
||||
'actions': [
|
||||
'dont_notify',
|
||||
]
|
||||
},
|
||||
{
|
||||
'rule_id': 'global/override/.m.rule.contains_display_name',
|
||||
'conditions': [
|
||||
|
@ -176,7 +181,7 @@ def make_base_append_override_rules():
|
|||
]
|
||||
},
|
||||
{
|
||||
'rule_id': 'global/override/.m.rule.room_one_to_one',
|
||||
'rule_id': 'global/underride/.m.rule.room_one_to_one',
|
||||
'conditions': [
|
||||
{
|
||||
'kind': 'room_member_count',
|
||||
|
@ -193,12 +198,7 @@ def make_base_append_override_rules():
|
|||
'value': False
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
|
||||
|
||||
def make_base_append_underride_rules(user):
|
||||
return [
|
||||
},
|
||||
{
|
||||
'rule_id': 'global/underride/.m.rule.invite_for_me',
|
||||
'conditions': [
|
||||
|
|
|
@ -25,6 +25,8 @@ from twisted.internet import defer
|
|||
from twisted.web.resource import Resource
|
||||
from twisted.protocols.basic import FileSender
|
||||
|
||||
from synapse.util.async import create_observer
|
||||
|
||||
import os
|
||||
|
||||
import logging
|
||||
|
@ -87,7 +89,7 @@ class BaseMediaResource(Resource):
|
|||
def callback(media_info):
|
||||
del self.downloads[key]
|
||||
return media_info
|
||||
return download
|
||||
return create_observer(download)
|
||||
|
||||
@defer.inlineCallbacks
|
||||
def _get_remote_media_impl(self, server_name, media_id):
|
||||
|
|
|
@ -32,3 +32,22 @@ def run_on_reactor():
|
|||
iteration of the main loop
|
||||
"""
|
||||
return sleep(0)
|
||||
|
||||
|
||||
def create_observer(deferred):
|
||||
"""Creates a deferred that observes the result or failure of the given
|
||||
deferred *without* affecting the given deferred.
|
||||
"""
|
||||
d = defer.Deferred()
|
||||
|
||||
def callback(r):
|
||||
d.callback(r)
|
||||
return r
|
||||
|
||||
def errback(f):
|
||||
d.errback(f)
|
||||
return f
|
||||
|
||||
deferred.addCallbacks(callback, errback)
|
||||
|
||||
return d
|
||||
|
|
Loading…
Reference in a new issue