Commit graph

14218 commits

Author SHA1 Message Date
Andrew Morgan
79bc66883f Update templates and make password reset option work 2019-06-05 16:53:28 +01:00
Andrew Morgan
70b161decc Move templates. New option to disable password resets 2019-06-05 16:36:02 +01:00
Andrew Morgan
4c406f5afc Revert "Modify check for smtp settings to be kinder to CI"
This reverts commit 6d2d3c9fd3.
2019-06-05 15:13:23 +01:00
Andrew Morgan
c9573ca069 Change template_dir to originate from synapse root dir 2019-06-05 15:13:03 +01:00
Andrew Morgan
91eac880a1 one more time 2019-06-05 14:56:46 +01:00
Andrew Morgan
fe0af298ff Correct html5lib dep version number 2019-06-05 14:33:13 +01:00
Andrew Morgan
639471582c silly linting rules 2019-06-05 14:11:25 +01:00
Andrew Morgan
6d2d3c9fd3 Modify check for smtp settings to be kinder to CI 2019-06-05 13:56:42 +01:00
Andrew Morgan
177f02459a Add html5lib as a required dep 2019-06-05 13:46:21 +01:00
Andrew Morgan
752dbeea70 Merge branch 'anoa/feature_hs_password_resets' into anoa/hs_password_reset_sending_email 2019-06-05 13:37:56 +01:00
Andrew Morgan
a862f2adc4 gen sample config 2019-06-05 13:36:56 +01:00
Andrew Morgan
a0e2a103a6 Update unit test template dir 2019-06-05 13:33:37 +01:00
Andrew Morgan
24f31dfb59
Send password reset from HS: database stuff (#5308)
Database component of new behaviour of sending password reset emails from Synapse instead of Sydent.

Allows one to store threepid validation sessions along with password reset token attempts and retrieve them again.
2019-06-05 13:29:39 +01:00
Andrew Morgan
62e1ec098c Add email settings to default unit test config 2019-06-05 13:17:20 +01:00
Andrew Morgan
354d749ae1 mark jinja2 and bleach as required dependencies 2019-06-05 13:02:46 +01:00
Andrew Morgan
309943f2ef Update db 2019-06-05 12:55:51 +01:00
Andrew Morgan
899219c48c Update manifest to include txt/html template files 2019-06-05 09:47:56 +01:00
Andrew Morgan
094c351f1d Add changelog 2019-06-04 20:10:45 +01:00
Andrew Morgan
ed35302cd1 Fix validation token lifetime email_ prefix 2019-06-04 19:09:59 +01:00
Andrew Morgan
9567c60ffa Merge branch 'develop' into anoa/hs_password_reset_sending_email 2019-06-04 19:07:41 +01:00
Andrew Morgan
dbdebc2c6f Ability to send password reset emails
This changes the default behaviour of Synapse to send password reset
emails itself rather than through an identity server. The reasoning
behind the change is to prevent a malicious identity server from
being able to initiate a password reset attempt and then answering
it, successfully resetting their password, all without the user's
knowledge. This also aides in decentralisation by putting less
trust on the identity server itself, which traditionally is quite
centralised.

If users wish to continue with the old behaviour of proxying
password reset requests through the user's configured identity
server, they can do so by setting
email.enable_password_reset_from_is to True in Synapse's config.

Users should be able that with that option disabled (the default),
password resets will now no longer work unless email sending has
been enabled and set up correctly.
2019-06-04 18:49:54 +01:00
Brendan Abolivier
f6dd12d1e2
Merge pull request #5341 from matrix-org/babolivier/email_config
Make account validity renewal emails work when email notifs are disabled
2019-06-04 14:49:06 +01:00
Brendan Abolivier
2f62e1f6ff
Only parse from email if provided 2019-06-04 14:24:36 +01:00
Erik Johnston
d1d38081a7
Merge pull request #5324 from matrix-org/erikj/ignore_null
Ignore room state with null bytes in for room stats
2019-06-04 14:20:08 +01:00
Brendan Abolivier
1cc5fc1f6c
Lint 2019-06-04 13:51:23 +01:00
Brendan Abolivier
ac3cc32367
Make account validity renewal emails work when email notifs are disabled 2019-06-04 13:47:44 +01:00
Richard van der Hoff
df9c100542
Avoid rapidly backing-off a server if we ignore the retry interval (#5335) 2019-06-04 11:53:29 +01:00
Richard van der Hoff
4d08b8f30c
Don't do long retries when calling the key notary server. (#5334)
It takes at least 20 minutes to work through the long_retries schedule (11
attempts, each with a 60 second timeout, and 60 seconds between each request),
so if the notary server isn't returning within the timeout, we'll just end up
blocking whatever request is happening for 20 minutes.

Ain't nobody got time for that.
2019-06-04 11:53:07 +01:00
Richard van der Hoff
cb683d3e3c
Merge pull request #5333 from matrix-org/rav/server_keys/09_improve_notary_server
Fixes for the key-notary server
2019-06-04 11:48:18 +01:00
Richard van der Hoff
5bdb189f86
Improve docstrings on MatrixFederationClient. (#5332) 2019-06-04 11:14:16 +01:00
Amber Brown
b2b90b7d34
Hawkowl/fix missing auth (#5328) 2019-06-04 15:54:27 +10:00
Richard van der Hoff
a3f2d000e0 changelog 2019-06-04 00:16:56 +01:00
Richard van der Hoff
c5d60eadd5 Notary server: make requests to origins in parallel
... else we're guaranteed to time out.
2019-06-04 00:16:56 +01:00
Richard van der Hoff
def5ea4062 Don't bomb out on direct key fetches as soon as one fails 2019-06-04 00:16:56 +01:00
Richard van der Hoff
dce6e9e0c1 Avoid rapidly backing-off a server if we ignore the retry interval 2019-06-03 23:58:42 +01:00
Richard van der Hoff
06a1f3e207 Reduce timeout for outbound /key/v2/server requests. 2019-06-03 23:17:38 +01:00
Richard van der Hoff
fec2dcb1a5
Enforce validity period on server_keys for fed requests. (#5321)
When handling incoming federation requests, make sure that we have an
up-to-date copy of the signing key.

We do not yet enforce the validity period for event signatures.
2019-06-03 22:59:51 +01:00
Erik Johnston
0a56966f7d Fix 2019-06-03 17:42:52 +01:00
Erik Johnston
0d67a8cd9d Newsfile 2019-06-03 17:17:57 +01:00
Erik Johnston
fe2294ec8d Revert "Newsfile"
This reverts commit 4bd67db100.
2019-06-03 17:17:35 +01:00
Erik Johnston
4bd67db100 Newsfile 2019-06-03 17:08:33 +01:00
Erik Johnston
fa4b54aca5 Ignore room state with null bytes in for room stats 2019-06-03 17:06:54 +01:00
Richard van der Hoff
862b2f9ad5
Merge pull request #5307 from matrix-org/rav/server_keys/07-fix-notary-cache-poison
Stop overwriting server keys with other keys
2019-06-03 13:19:20 +01:00
Amber Brown
2889b05554
Unify v1 and v2 REST client APIs (#5226) 2019-06-03 21:28:59 +10:00
Richard van der Hoff
d828d1dc57
Merge pull request #5309 from matrix-org/rav/limit_displayname_length
Limit displaynames and avatar URLs
2019-06-01 11:34:50 +01:00
Richard van der Hoff
93003aa172 add some tests 2019-06-01 11:14:37 +01:00
Richard van der Hoff
d16c6375fe Limit displaynames and avatar URLs
These end up in join events everywhere, so let's limit them.

Fixes #5079
2019-06-01 10:44:36 +01:00
Richard van der Hoff
37b165620d
Merge pull request #5299 from matrix-org/rav/server_keys/05-rewrite-gsvk-again
Rewrite get_server_verify_keys, again.
2019-05-31 17:07:31 +01:00
Richard van der Hoff
3600f5568b Stop overwriting server keys with other keys
Fix a bug where we would discard a key result which the origin server is no
longer returning. Fixes #5305.
2019-05-31 15:58:35 +01:00
Erik Johnston
58cce39f3a
Merge pull request #5276 from matrix-org/babolivier/account_validity_job_delta
Allow configuring a range for the account validity startup job
2019-05-31 12:11:56 +01:00