From 8bd8f596f5c9c9745fe722c69e97ed0c25ac880e4b2abf7f9965469940a15a28 Mon Sep 17 00:00:00 2001 From: Aleksa Sarai Date: Thu, 3 Oct 2019 22:23:50 +0000 Subject: [PATCH] osc copypac from project:home:cyphar:matrix package:matrix-synapse revision:2 OBS-URL: https://build.opensuse.org/package/show/network:messaging:matrix/matrix-synapse?expand=0&rev=83 --- _service | 14 +- matrix-synapse-0.19.2.tar.gz | 3 - matrix-synapse-1.4.0.obscpio | 3 + matrix-synapse-test.changes | 0 matrix-synapse-test.spec | 71 ++ matrix-synapse.changes | 1193 ++++++++++++++++++++++++++++++++++ matrix-synapse.obsinfo | 5 + matrix-synapse.service | 22 + matrix-synapse.spec | 253 ++++--- 9 files changed, 1460 insertions(+), 104 deletions(-) delete mode 100644 matrix-synapse-0.19.2.tar.gz create mode 100644 matrix-synapse-1.4.0.obscpio create mode 100644 matrix-synapse-test.changes create mode 100644 matrix-synapse-test.spec create mode 100644 matrix-synapse.obsinfo create mode 100644 matrix-synapse.service diff --git a/_service b/_service index fc3aa77..0f94064 100644 --- a/_service +++ b/_service @@ -1,16 +1,16 @@ - + matrix-synapse - @PARENT_TAG@+@TAG_OFFSET@.%h + @PARENT_TAG@ git://github.com/matrix-org/synapse.git git - master - enable - okurz@suse.com + v(.*) + v1.4.0 - + + + xz *.tar - diff --git a/matrix-synapse-0.19.2.tar.gz b/matrix-synapse-0.19.2.tar.gz deleted file mode 100644 index f02e77e..0000000 --- a/matrix-synapse-0.19.2.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:9b051a545d3f76d9307711f9e7051f99ae8352d71c19421f612f403f13cbba4b -size 760090 diff --git a/matrix-synapse-1.4.0.obscpio b/matrix-synapse-1.4.0.obscpio new file mode 100644 index 0000000..22656c0 --- /dev/null +++ b/matrix-synapse-1.4.0.obscpio @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:55f7e21115fec2fe46b2f6bb12c5fb422a5b1f0966c6675ec60680d8027528f5 +size 7017997 diff --git a/matrix-synapse-test.changes b/matrix-synapse-test.changes new file mode 100644 index 0000000..473a0f4 diff --git a/matrix-synapse-test.spec b/matrix-synapse-test.spec new file mode 100644 index 0000000..ecde373 --- /dev/null +++ b/matrix-synapse-test.spec @@ -0,0 +1,71 @@ +# +# spec file for package matrix-synapse-test +# +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +# synapse only supports python >= 3.5, which is not available on pre-15 Leap. +# However, future versions of matrix-synapse will no longer support python2 and +# continued use of python2 is not recommended, so on newer distributions we +# only use python3. As a result, at no point do we have two versions of the +# matrix-synapse package. +%if 0%{?suse_version} < 1500 +%define skip_python3 1 +%else +%define skip_python2 1 +%endif + +# Disable debug packages since we're not installing anything. +%define debug_package %{nil} + +%define pkgname matrix-synapse +Name: %{pkgname}-test +Version: 1.4.0 +Release: 0 +Summary: Test package for %{pkgname} +License: Apache-2.0 +BuildRequires: %{pkgname} == %{version} +BuildRequires: python-rpm-macros + +%description +. + +%prep +touch %{_sourcedir}/%{pkgname} + +%build +%install + +%check + +# Generate a sample config. +%{python_flavor} -m synapse.app.homeserver \ + --generate-config \ + --server localhost \ + --config-path dummy-homeserver.yaml \ + --report-stats no + +# Start synapse and try to register a user (basic smoke-test). +# register_new_matrix_user doesn't seem to work inside check so we have to +# manually run the module. +synctl start dummy-homeserver.yaml +sleep 2s +%{python_flavor} -m synapse._scripts.register_new_matrix_user \ + http://localhost:8008 \ + --config dummy-homeserver.yaml \ + --admin --user opensuse --password opensuse +synctl stop dummy-homeserver.yaml + +%changelog diff --git a/matrix-synapse.changes b/matrix-synapse.changes index e8f3632..3dd4990 100644 --- a/matrix-synapse.changes +++ b/matrix-synapse.changes @@ -1,3 +1,1196 @@ +------------------------------------------------------------------- +Thu Oct 3 22:16:13 UTC 2019 - Aleksa Sarai + +- Do not include ACME support by default (txacme is broken in openSUSE). +- Update to 1.4.0. + + * Significant improvements to data privacy. + * Expansion of OpenTracing support. + * Enable "forward extremities" mitigation by default. + + The full changelog is included in + /usr/share/doc/packages/matrix-synapse/CHANGES.md. + +------------------------------------------------------------------- +Thu Jul 25 16:18:56 UTC 2019 - Aleksa Sarai + +- Update to 1.2.0. + + * Add support for OpenTracing. + * Add default push rule to ignore reactions. + * Enable aggregations (reactions and edits) support by default. + + The full changelog is included in + /usr/share/doc/packages/matrix-synapse/CHANGES.md. +- Remove unneeded patches: + - 0001-requirements-prometheus_client.patch + +------------------------------------------------------------------- +Fri Jul 5 15:29:57 UTC 2019 - Aleksa Sarai + +- Update to 1.1.0. + + As of v1.1.0, Synapse no longer supports Python 2, nor Postgres version 9.4. + Thus, we no longer package a Python 2 version of this package. Some other key + changes include: + + * Add monthly active users to phonehome stats. + * Allow server admins to define implementations of extra rules for allowing + or denying incoming events. + * Add --data-dir and --open-private-ports options. + * The minimum TLS version used for outgoing federation requests can now be + set with federation_client_minimum_tls_version. + * Optimise devices changed query to not pull unnecessary rows from the + database, reducing database load. + + The full changelog is included in + /usr/share/doc/packages/matrix-synapse/CHANGES.md. +- Rebase patches: + * 0001-requirements-prometheus_client.patch + +------------------------------------------------------------------- +Fri Jun 28 08:16:05 UTC 2019 - Aleksa Sarai + +- Obsolete the old split-Python packages, so that upgrading works smoothly. + +------------------------------------------------------------------- +Tue Jun 25 10:48:03 UTC 2019 - Aleksa Sarai + +- Un-Requires prometheus_client<0.4.0. The Requires made it impossible to use + matrix-synapse on openSUSE for very little good reason (prometheus metrics + will still work on post-0.4.0 prometheus_client, but with changed names). + Debian and many other distributions do the same here. + + 0001-requirements-prometheus_client.patch + +------------------------------------------------------------------- +Wed Jun 12 02:26:48 UTC 2019 - Aleksa Sarai + +- Update to 1.0.0. + + This is the first stable release of synapse. It includes a large number of + changes but the highlights are: + + * Ability to configured default room version (with the default now being v4, + which has improved state resolution algorithms and event IDs). + * The complete removal of "perspectives" support, with all homeservers now + being required to use valid TLS certificates (there has been a transition + period for several months from the release of 0.99). + * Experimental support for "relations" (reactions and edits). + + The full changelog is included in + /usr/share/doc/packages/matrix-synapse/CHANGES.md. + +------------------------------------------------------------------- +Fri May 31 00:04:50 UTC 2019 - Aleksa Sarai + +- Update to 0.99.5.2. + + Fix bug where we leaked extremities when we soft failed events, leading to + performance degradation. + + The full changelog is included in + /usr/share/doc/packages/matrix-synapse/CHANGES.md. + +------------------------------------------------------------------- +Tue May 28 01:18:34 UTC 2019 - Aleksa Sarai + +- Rework testing to use a separate specfile for testing matrix-synapse. + +------------------------------------------------------------------- +Thu May 23 00:13:47 UTC 2019 - Aleksa Sarai + +- Update to 0.99.5.1. + + The full changelog is included in + /usr/share/doc/packages/matrix-synapse/CHANGES.md. + +------------------------------------------------------------------- +Wed May 15 13:19:23 UTC 2019 - Aleksa Sarai + +- Update to 0.99.4. + + The full changelog is included in + /usr/share/doc/packages/matrix-synapse/CHANGES.md. + +------------------------------------------------------------------- +Wed May 8 00:47:56 UTC 2019 - Aleksa Sarai + +- Update to 0.99.3.2. + + This includes two security fixes: + * Switch to using a cryptographically-secure random number generator for + token strings, ensuring they cannot be predicted by an attacker. + * Blacklist 0.0.0.0 and :: by default for URL previews. + + The full changelog is included in + /usr/share/doc/packages/matrix-synapse/CHANGES.md. + +------------------------------------------------------------------- +Sun Apr 14 18:35:48 UTC 2019 - Aleksa Sarai + +- Update to 0.99.3. + + The primary changes to previous versions are that self-signed certificates + will no longer be generated, and instead LetsEncrypt certificates will be + requested instead. Users are strongly recommended to update to this version, + because pre-0.99 servers (using self-signed certificates and the perspectives + system) will no longer be able to federate with post-1.0 servers. + + The full changelog is included in + /usr/share/doc/packages/matrix-synapse/CHANGES.md. + +------------------------------------------------------------------- +Wed Feb 20 11:42:00 UTC 2019 - Oliver Kurz + +- Fix build on python3 based repos + +------------------------------------------------------------------- +Sat Feb 2 15:32:06 UTC 2019 - fcrozat@suse.com + +- Fix systemd service to follow paths used by package and ensure + proper version version is used. +- Add explicit requires on python-lxml, required when using + url preview. + +------------------------------------------------------------------- +Mon Jan 14 07:44:26 UTC 2019 - ecsos@opensuse.org + +- For test purpose a matrix server will be start. But never been + stopped. Fix that server will be stoped after test. + +------------------------------------------------------------------- +Sun Jan 13 18:22:20 UTC 2019 - Oliver Kurz + +- Update to 0.34.1.1 + This release fixes CVE-2019-5885 and is recommended for all users of Synapse + 0.34.1. This release is compatible with Python 2.7 and 3.5+. Python 3.7 is + fully supported. + * Bugfixes + - Fix spontaneous logout on upgrade (#4374) + * Internal Changes + - Add better logging for unexpected errors while sending transactions + (#4361, #4362) + - Getting URL previews of IP addresses no longer fails on Python 3. + (#4215) + - drop undocumented dependency on dateutil (#4266) + - Update the example systemd config to use a virtualenv (#4273) + - Update link to kernel DCO guide (#4274) + - Make isort tox check print diff when it fails (#4283) + - Log room_id in Unknown room errors (#4297) + - Documentation improvements for coturn setup. Contributed by Krithin + Sitaram. (#4333) + - Update pull request template to use absolute links (#4341) + - Update README to not lie about required restart when updating TLS + certificates (#4343) + - Update debian packaging for compatibility with transitional package + (#4349) + - Fix command hint to generate a config file when trying to start without + a config file (#4353) + - Add better logging for unexpected errors while sending transactions + (#4358) + * Features + - Special-case a support user for use in verifying behaviour of a given + server. The support user does not appear in user directory or monthly + active user counts. (#4141, #4344) + - Support for serving .well-known files (#4262) + - Rework SAML2 authentication (#4265, #4267) + - SAML2 authentication: Initialise user display name from SAML2 data + (#4272) + - Synapse can now have its conditional/extra dependencies installed by + pip. This functionality can be used by using `pip install + matrix-synapse[feature]`, where feature is a comma separated list with + the possible values `email.enable_notifs`, `matrix-synapse-ldap3`, + `postgres`, `resources.consent`, `saml2`, `url_preview`, and `test`. If + you want to install all optional dependencies, you can use "all" + instead. (#4298, #4325, #4327) + - Add routes for reading account data. (#4303) + - Add opt-in support for v2 rooms (#4307) + - Add a script to generate a clean config file (#4315) + - Return server data in /login response (#4319) + * Bugfixes + - Fix contains_url check to be consistent with other instances in + code-base and check that value is an instance of string. (#3405) + - Fix CAS login when username is not valid in an MXID (#4264) + - Send CORS headers for /media/config (#4279) + - Add 'sandbox' to CSP for media reprository (#4284) + - Make the new landing page prettier. (#4294) + - Fix deleting E2E room keys when using old SQLite versions. (#4295) + - The metric synapse_admin_mau:current previously did not update when + config.mau_stats_only was set to True (#4305) + - Fixed per-room account data filters (#4309) + - Fix indentation in default config (#4313) + - Fix synapse:latest docker upload (#4316) + - Fix test_metric.py compatibility with prometheus_client 0.5. Contributed + by Maarten de Vries . (#4317) + - Avoid packaging _trial_temp directory in -py3 debian packages (#4326) + - Check jinja version for consent resource (#4327) + - fix NPE in /messages by checking if all events were filtered out (#4330) + - Fix `python -m synapse.config` on Python 3. (#4356) + * Deprecations and Removals + - Remove the deprecated v1/register API on Python 2. It was never ported + to Python 3. (#4334) + +------------------------------------------------------------------- +Sat Dec 29 10:11:21 UTC 2018 - Oliver Kurz + +- Switch to python3 by default on newer product versions as suggested by upstream + +------------------------------------------------------------------- +Sun Dec 23 10:00:29 UTC 2018 - ecsos@opensuse.org + +- Update to 0.34.0 + Synapse 0.34.0 is the first release to fully support Python 3. + Synapse will now run on Python versions 3.5 or 3.6 + (as well as 2.7). Support for Python 3.7 remains experimental. + + * Features + - Add 'sandbox' to CSP for media reprository (#4284) + - Make the new landing page prettier. (#4294) + - Fix deleting E2E room keys when using old SQLite versions. (#4295) + - Add a welcome page for the client API port. Credit to @krombel! (#4289) + - Remove Matrix console from the default distribution (#4290) + - Add option to track MAU stats (but not limit people) (#3830) + - Add an option to enable recording IPs for appservice users (#3831) + - Rename login type m.login.cas to m.login.sso (#4220) + - Add an option to disable search for homeservers that may not be interested in it. (#4230) + * Bugfixes + - Pushrules can now again be made with non-ASCII rule IDs. (#4165) + - The media repository now no longer fails to decode UTF-8 filenames when downloading remote media. (#4176) + - URL previews now correctly decode non-UTF-8 text if the header contains a synapse (#3897) + - Increase the timeout when filling missing events in federation requests (#3903) + - Improve the logging when handling a federation transaction (#3904, #3966) + - Improve logging of outbound federation requests (#3906, #3909) + - Fix the docker image building on python 3 (#3911) + - Add a regression test for logging failed HTTP requests on Python 3. (#3912) + - Comments and interface cleanup for on_receive_pdu (#3924) + - Fix spurious exceptions when remote http client closes conncetion (#3925) + - Log exceptions thrown by background tasks (#3927) + - Add a cache to get_destination_retry_timings (#3933, #3991) + - Automate pushes to docker hub (#3946) + - Require attrs 16.0.0 or later (#3947) + - Fix incompatibility with python3 on alpine (#3948) + - Run the test suite on the oldest supported versions of our dependencies in CI. (#3952) + - CircleCI now only runs merged jobs on PRs, and commit jobs on develop, master, and release branches. (#3957) + - Fix docstrings and add tests for state store methods (#3958) + - fix docstring for FederationClient.get_state_for_room (#3963) + - Run notify_app_services as a bg process (#3965) + - Clarifications in FederationHandler (#3967) + - Further reduce the docker image size (#3972) + - Build py3 docker images for docker hub too (#3976) + - Updated the installation instructions to point to the matrix-synapse package on PyPI. (#3985) + - Disable USE_FROZEN_DICTS for unittests by default. (#3987) + - Remove unused Jenkins and development related files from the repo. (#3988) + - Improve stacktraces in certain exceptions in the logs (#3989) + - Pin to prometheus_client<0.4 to avoid renaming all of our metrics (#4002) + +- Changes from 0.33.5.1 + * Internal Changes + - Fix incompatibility with older Twisted version in tests. Thanks @OlegGirko! (#3940) + +- Changes from 0.33.5 + * Features + - Python 3.5 and 3.6 support is now in beta. (#3576) + - Implement event_format filter param in /sync (#3790) + - Add synapse_admin_mau:registered_reserved_users metric to expose number of real reaserved users (#3846) + * Bugfixes + - Remove connection ID for replication prometheus metrics, as it creates a large number of new series. (#3788) + - guest users should not be part of mau total (#3800) + - Bump dependency on pyopenssl 16.x, to avoid incompatibility with recent Twisted. (#3804) + - Fix existing room tags not coming down sync when joining a room (#3810) + - Fix jwt import check (#3824) + - fix VOIP crashes under Python 3 (#3821) (#3835) + - Fix manhole so that it works with latest openssh clients (#3841) + - Fix outbound requests occasionally wedging, which can result in federation breaking between servers. (#3845) + - Show heroes if room name/canonical alias has been deleted (#3851) + - Fix handling of redacted events from federation (#3859) + - (#3874) + - Mitigate outbound federation randomly becoming wedged (#3875) + * Internal Changes + - CircleCI tests now run on the potential merge of a PR. (#3704) + - http/ is now ported to Python 3. (#3771) + - Improve human readable error messages for threepid registration/account update (#3789) + - Make /sync slightly faster by avoiding needless copies (#3795) + - handlers/ is now ported to Python 3. (#3803) + - Limit the number of PDUs/EDUs per federation transaction (#3805) + - Only start postgres instance for postgres tests on Travis CI (#3806) + - tests/ is now ported to Python 3. (#3808) + - crypto/ is now ported to Python 3. (#3822) + - rest/ is now ported to Python 3. (#3823) + - add some logging for the keyring queue (#3826) + - speed up lazy loading by 2-3x (#3827) + - Improved Dockerfile to remove build requirements after building reducing the image size. (#3834) + - Disable lazy loading for incremental syncs for now (#3840) + - federation/ is now ported to Python 3. (#3847) + - Log when we retry outbound requests (#3853) + - Removed some excess logging messages. (#3855) + - Speed up purge history for rooms that have been previously purged (#3856) + - Refactor some HTTP timeout code. (#3857) + - Fix running merged builds on CircleCI (#3858) + - Fix typo in replication stream exception. (#3860) + - Add in flight real time metrics for Measure blocks (#3871) + - Disable buffering and automatic retrying in treq requests to prevent timeouts. (#3872) + - mention jemalloc in the README (#3877) + - Remove unmaintained "nuke-room-from-db.sh" script (#3888) + +------------------------------------------------------------------- +Tue Sep 11 10:03:08 UTC 2018 - fcrozat@suse.com + +- Update to version 0.33.4: + * Features: + - Support profile API endpoints on workers (#3659) + - Server notices for resource limit blocking (#3680) + - Allow guests to use /rooms/:roomId/event/:eventId (#3724) + - Add mau_trial_days config param, so that users only get counted as MAU after N days. (#3749) + - Require twisted 17.1 or later (fixes #3741). (#3751) + * Bugfixes: + - Fix error collecting prometheus metrics when run on dedicated thread due to threading concurrency issues (#3722) + - Fix bug where we resent “limit exceeded” server notices repeatedly (#3747) + - Fix bug where we broke sync when using limit_usage_by_mau but hadn’t configured server notices (#3753) + - Fix ‘federation_domain_whitelist’ such that an empty list correctly blocks all outbound federation traffic (#3754) + - Fix tagging of server notice rooms (#3755, #3756) + - Fix ‘admin_uri’ config variable and error parameter to be ‘admin_contact’ to match the spec. (#3758) + - Don’t return non-LL-member state in incremental sync state blocks (#3760) + - Fix bug in sending presence over federation (#3768) + - Fix bug where preserved threepid user comes to sign up and server is mau blocked (#3777) + +------------------------------------------------------------------- +Thu Sep 6 12:24:04 UTC 2018 - fcrozat@suse.com + +- Update to version 0.33.3.1: + * SECURITY FIXES: + - Fix an issue where event signatures were not always correctly validated (#3796) + - Fix an issue where server_acls could be circumvented for incoming events (#3796) + +------------------------------------------------------------------- +Mon Aug 27 13:30:05 UTC 2018 - fcrozat@suse.com + +- Update to version 0.33.3: + * Features: + - Add support for the SNI extension to federation TLS connections. Thanks to @vojeroen! (#3439) + - Add /_media/r0/config (#3184) + - speed up /members API and add at and membership params as per MSC1227 (#3568) + - implement summary block in /sync response as per MSC688 (#3574) + - Add lazy-loading support to /messages as per MSC1227 (#3589) + - Add ability to limit number of monthly active users on the server (#3633) + - Support more federation endpoints on workers (#3653) + - Basic support for room versioning (#3654) + - Ability to disable client/server Synapse via conf toggle (#3655) + - Ability to whitelist specific threepids against monthly active user limiting (#3662) + - Add some metrics for the appservice and federation event sending loops (#3664) + - Where server is disabled, block ability for locked out users to read new messages (#3670) + - set admin uri via config, to be used in error messages where the user should contact the administrator (#3687) + - Synapse's presence functionality can now be disabled with the "use_presence" configuration option. (#3694) + - For resource limit blocked users, prevent writing into rooms (#3708) + * Bugfixes: + - Fix occasional glitches in the synapse_event_persisted_position metric (#3658) + - Fix bug on deleting 3pid when using identity servers that don't support unbind API (#3661) + - Make the tests pass on Twisted < 18.7.0 (#3676) + - Don’t ship recaptcha_ajax.js, use it directly from Google (#3677) + - Fixes test_reap_monthly_active_users so it passes under postgres (#3681) + - Fix mau blocking calulation bug on login (#3689) + - Fix missing yield in synapse.storage.monthly_active_users.initialise_reserved_users (#3692) + - Improve HTTP request logging to include all requests (#3700) + - Avoid timing out requests while we are streaming back the response (#3701) + - Support more federation endpoints on workers (#3705, #3713) + - Fix "Starting db txn 'get_all_updated_receipts' from sentinel context" warning (#3710) + - Fix bug where state_cache cache factor ignored environment variables (#3719) + * Deprecations and Removals: + - The Shared-Secret registration method of the legacy v1/register REST endpoint has been removed. For a replacement, please see the admin/register API documentation. (#3703) + +- Changes from version 0.33.2: + * Features: + - add support for the lazy_loaded_members filter as per MSC1227 (#2970) + - add support for the include_redundant_members filter param as per MSC1227 (#3331) + - Add metrics to track resource usage by background processes (#3553, #3556, #3604, #3610) + - Add code label to synapse_http_server_response_time_seconds prometheus metric (#3554) + - Add support for client_reader to handle more APIs (#3555, #3597) + - make the /context API filter & lazy-load aware as per MSC1227 (#3567) + - Add ability to limit number of monthly active users on the server (#3630) + - When we fail to join a room over federation, pass the error code back to the client. (#3639) + - Add a new /admin/register API for non-interactively creating users. (#3415) + * Bugfixes: + - Make /directory/list API return 404 for room not found instead of 400. Thanks to @fuzzmz! (#3620) + - Default inviter_display_name to mxid for email invites (#3391) + - Don't generate TURN credentials if no TURN config options are set (#3514) + - Correctly announce deleted devices over federation (#3520) + - Catch failures saving metrics captured by Measure, and instead log the faulty metrics information for further analysis. (#3548) + - Unicode passwords are now normalised before hashing, preventing the instance where two different devices or browsers might send a different UTF-8 sequence for the password. (#3569) + - Fix potential stack overflow and deadlock under heavy load (#3570) + - Respond with M_NOT_FOUND when profiles are not found locally or over federation. Fixes #3585 (#3585) + - Fix failure to persist events over federation under load (#3601) + - Fix updating of cached remote profiles (#3605) + - Fix 'tuple index out of range' error (#3607) + - Only import secrets when available (fix for py < 3.6) (#3626) + +------------------------------------------------------------------- +Thu Aug 9 07:04:39 UTC 2018 - okurz@suse.com + +- Update to 0.33.1 + * Bug Fixes: + * Fix a potential issue where servers could request events for rooms they + have not joined + * Fix a potential issue where users could see events in private rooms + before they joined + +------------------------------------------------------------------- +Fri Jul 20 19:32:51 UTC 2018 - okurz@suse.com + +- Update to 0.33.0 + * Bug Fixes: + * Use more portable syntax in our use of the attrs package, widening the supported versions (#3498) + * Fix queued federation requests being processed in the wrong order (#3533) + * Ensure that erasure requests are correctly honoured for publicly accessible rooms when accessed over federation. (#3546) + * Disable a noisy warning about logcontexts (#3561) + + * Features: + * Enforce the specified API for report_event (#3316) + * Include CPU time from database threads in request/block metrics. (#3496, #3501) + * Add CPU metrics for _fetch_event_list (#3497) + * optimisation for /sync (#3505, #3521) + * Optimisation to make handling incoming federation requests more efficient. (#3541) + +------------------------------------------------------------------- +Wed Jul 11 04:35:16 UTC 2018 - okurz@suse.com + +- Update to 0.32.2 + * Bug Fixes: + * Strip access_token from outgoing requests (#3327) + * Redact AS tokens in logs (#3349) + * Fix federation backfill from SQLite servers (#3355) + * Fix event-purge-by-ts admin API (#3363) + * Fix event filtering in get_missing_events handler (#3371) + * Synapse is now stricter regarding accepting events which it cannot + retrieve the prev_events for. (#3456) + * Fix bug where synapse would explode when receiving unicode in HTTP + User-Agent header (#3470) + * Invalidate cache on correct thread to avoid race (#3473) + + * Features: + * Add blacklist & whitelist of servers allowed to send events to a + room via ``m.room.server_acl`` event. + * Cache factor override system for specific caches (#3334) + * Add metrics to track appservice transactions (#3344) + * Try to log more helpful info when a sig verification fails (#3372) + * Synapse now uses the best performing JSON encoder/decoder according + to your runtime (simplejson on CPython, stdlib json on PyPy). (#3462) + * Add optional ip_range_whitelist param to AS registration files to + lock AS IP access (#3465) + * Reject invalid server names in federation requests (#3480) + * Reject invalid server names in homeserver.yaml (#3483) + +------------------------------------------------------------------- +Tue Jul 10 13:36:51 UTC 2018 - okurz@suse.com + +- Update to version 0.31.2: + * Bug Fixes: + * SECURITY UPDATE: Prevent unauthorised users from setting state events in + a room when there is no ``m.room.power_levels`` event in force in the + room. (PR #3397) + +- Change to package version format without leading "v" + +------------------------------------------------------------------- +Tue Jul 10 11:07:11 UTC 2018 - okurz@suse.com + +- Replace deprecated tar_scm by obs_scm + +------------------------------------------------------------------- +Sun Jun 10 13:37:54 UTC 2018 - okurz@suse.com + +- Update to version v0.31.1: + * Bug Fixes: + * Fix event filtering in get_missing_events handler (PR #3371) + (boo#1096833, CVE-2018-12291) + * Fix metric documentation tables (PR #3341) + * Fix LaterGauge error handling (694968f) + * Fix replication metrics (b7e7fd2) + * Fix federation backfill bugs (PR #3261) + * federation: fix LaterGauge usage (PR #3328) Thanks to @intelfx! + * Fix logcontext resource usage tracking (PR #3258) + * Fix error in handling receipts (PR #3235) + * Stop the transaction cache caching failures (PR #3255) + + * Features: + * Let users leave the server notice room after joining (PR #3287) + * Add in flight request metrics (PR #3252) + + * Changes: + * Switch to the Python Prometheus library (PR #3256, #3274) + * Cohort analytics (PR #3163, #3241, #3251) + * Add lxml to docker image for web previews (PR #3239) Thanks to @ptman! + * daily user type phone home stats (PR #3264) + * Docs on consent bits (PR #3268) + * Remove users from user directory on deactivate (PR #3277) + * Avoid sending consent notice to guest users (PR #3288) + * disable CPUMetrics if no /proc/self/stat (PR #3299) + * Add private IPv6 addresses to example config for url preview blacklist (PR #3317) Thanks to @thegcat! + * Allow overriding the server_notices user's avatar (PR #3273) + * Support for putting %(consent_uri)s in messages (PR #3271) + * Block attempts to send server notices to remote users (PR #3270) + * Docs on consent bits (PR #3268) + * ConsentResource to gather policy consent from users (PR #3213) + * Infrastructure for a server notices room (PR #3232) + * Send users a server notice about consent (PR #3236) + * Reject attempts to send event before privacy consent is given (PR #3257) + * Don't support limitless pagination (PR #3265) + +------------------------------------------------------------------- +Fri May 18 22:00:00 UTC 2018 - cunix@bitmessage.ch + +- Update to version v0.29.1: + * Potentially breaking change: + * Make Client-Server API return 401 for invalid token (PR #3161). Thanks to @NotAFile. + + * Bug Fixes: + * synapse fails to start under Twisted >= 18.4 (PR #3157) + * Fix a class of logcontext leaks (PR #3170) + * Fix a couple of logcontext leaks in unit tests (PR #3172) + * Fix logcontext leak in media repo (PR #3174) + * Escape label values in prometheus metrics (PR #3175, #3186) + * Fix 'Unhandled Error' logs with Twisted 18.4 (PR #3182) Thanks to @Half-Shot! + * Fix logcontext leaks in rate limiter (PR #3183) + * notifications: Convert next_token to string according to the spec (PR #3190) Thanks to @mujx! + * nuke-room-from-db.sh: fix deletion from search table (PR #3194) Thanks to @rubo77! + * add guard for None on purge_history api (PR #3160) Thanks to @krombel! + + * Features: + * Add a Dockerfile for synapse (PR #2846) Thanks to @kaiyou! + + * Changes: + * Update docker documentation (PR #3222) + + * nuke-room-from-db.sh: added postgresql option and help (PR #2337) Thanks to @rubo77! + * Part user from rooms on account deactivate (PR #3201) + * Make 'unexpected logging context' into warnings (PR #3007) + * Set Server header in SynapseRequest (PR #3208) + * remove duplicates from groups tables (PR #3129) + * Improve exception handling for background processes (PR #3138) + * Add missing consumeErrors to improve exception handling (PR #3139) + * reraise exceptions more carefully (PR #3142) + * Remove redundant call to preserve_fn (PR #3143) + * Trap exceptions thrown within run_in_background (PR #3144) + + * Refactor /context to reuse pagination storage functions (PR #3193) + * Refactor recent events func to use pagination func (PR #3195) + * Refactor pagination DB API to return concrete type (PR #3196) + * Refactor get_recent_events_for_room return type (PR #3198) + * Refactor sync APIs to reuse pagination API (PR #3199) + * Remove unused code path from member change DB func (PR #3200) + * Refactor request handling wrappers (PR #3203) + * transaction_id, destination defined twice (PR #3209) Thanks to @damir-manapov! + * Refactor event storage to prepare for changes in state calculations (PR #3141) + * Set Server header in SynapseRequest (PR #3208) + * Use deferred.addTimeout instead of time_bound_deferred (PR #3127, #3178) + * Use run_in_background in preference to preserve_fn (PR #3140) + + * Construct HMAC as bytes on py3 (PR #3156) Thanks to @NotAFile! + * run config tests on py3 (PR #3159) Thanks to @NotAFile! + * Open certificate files as bytes (PR #3084) Thanks to @NotAFile! + * Open config file in non-bytes mode (PR #3085) Thanks to @NotAFile! + * Make event properties raise AttributeError instead (PR #3102) Thanks to @NotAFile! + * Use six.moves.urlparse (PR #3108) Thanks to @NotAFile! + * Add py3 tests to tox with folders that work (PR #3145) Thanks to @NotAFile! + * Don't yield in list comprehensions (PR #3150) Thanks to @NotAFile! + * Move more xrange to six (PR #3151) Thanks to @NotAFile! + * make imports local (PR #3152) Thanks to @NotAFile! + * move httplib import to six (PR #3153) Thanks to @NotAFile! + * Replace stringIO imports with six (PR #3154, #3168) Thanks to @NotAFile! + * more bytes strings (PR #3155) Thanks to @NotAFile! + +------------------------------------------------------------------- +Mon May 14 20:32:40 UTC 2018 - okurz@suse.com + +- Fixed systemd service file installation +- Fixed rpmlint warnings +- Changed to specific "synapse" user and group + +------------------------------------------------------------------- +Fri May 4 11:18:46 UTC 2018 - okurz@suse.com + +- Update to version v0.28.1: + * SECURITY UPDATE + Clamp the allowed values of event depth received over federation to be + [0, 2^63 - 1]. This mitigates an attack where malicious events + injected with depth = 2^63 - 1 render rooms unusable. Depth is used to + determine the cosmetic ordering of events within a room, and so the ordering + of events in such a room will default to using stream_ordering rather than depth + (topological_ordering). + + This is a temporary solution to mitigate abuse in the wild, whilst a long term solution + is being implemented to improve how the depth parameter is used. + + Full details at + https://docs.google.com/document/d/1I3fi2S-XnpO45qrpCsowZv8P8dHcNZ4fsBsbOW7KABI/edit# + + Pin Twisted to <18.4 until we stop using the private _OpenSSLECCurve API. + + * Bug Fixes: + * Return 401 for invalid access_token on logout (PR #2938) Thanks to @dklug! + * Return a 404 rather than a 500 on rejoining empty rooms (PR #3080) + * fix federation_domain_whitelist (PR #3099) + * Avoid creating events with huge numbers of prev_events (PR #3113) + * Reject events which have lots of prev_events (PR #3118) + * Fix quarantine media admin API and search reindex (PR #3130) + * Fix media admin APIs (PR #3134) + + * Features: + * Add metrics for event processing lag (PR #3090) + * Add metrics for ResponseCache (PR #3092) + + * Changes: + * Synapse on PyPy (PR #2760) Thanks to @Valodim! + * move handling of auto_join_rooms to RegisterHandler (PR #2996) Thanks to @krombel! + * Improve handling of SRV records for federation connections (PR #3016) Thanks to @silkeh! + * Document the behaviour of ResponseCache (PR #3059) + * Preparation for py3 (PR #3061, #3073, #3074, #3075, #3103, #3104, #3106, #3107, #3109, #3110) Thanks to @NotAFile! + * update prometheus dashboard to use new metric names (PR #3069) Thanks to @krombel! + * use python3-compatible prints (PR #3074) Thanks to @NotAFile! + * Send federation events concurrently (PR #3078) + * Limit concurrent event sends for a room (PR #3079) + * Improve R30 stat definition (PR #3086) + * Send events to ASes concurrently (PR #3088) + * Refactor ResponseCache usage (PR #3093) + * Clarify that SRV may not point to a CNAME (PR #3100) Thanks to @silkeh! + * Use str(e) instead of e.message (PR #3103) Thanks to @NotAFile! + * Use six.itervalues in some places (PR #3106) Thanks to @NotAFile! + * Refactor store.have_events (PR #3117) + + +------------------------------------------------------------------- +Fri Apr 27 06:19:26 UTC 2018 - okurz@suse.com + +- Disable web-client for package self-test to get rid of unfulfilled dependency + +------------------------------------------------------------------- +Fri Apr 20 18:32:40 UTC 2018 - okurz@suse.com + +- Introduce package self-test based on _multibuild + +------------------------------------------------------------------- +Mon Apr 16 19:47:23 UTC 2018 - okurz@suse.com + +- Update to version v0.27.4: + * Bug fixes: + * URL quote path segments over federation (#3082) + * Add room_id to the response of rooms/{roomId}/join (PR #2986) Thanks to @jplatte! + * Fix replication after switch to simplejson (PR #3015) + * Fix replication after switch to simplejson (PR #3015) + * 404 correctly on missing paths via NoResource (PR #3022) + * Fix error when claiming e2e keys from offline servers (PR #3034) + * fix tests/storage/test_user_directory.py (PR #3042) + * use PUT instead of POST for federating groups/m.join_policy (PR #3070) Thanks to @krombel! + * postgres port script: fix state_groups_pkey error (PR #3072) + + * Features: + * Add joinability for groups (PR #3045) + * Implement group join API (PR #3046) + * Add counter metrics for calculating state delta (PR #3033) + * R30 stats (PR #3041) + * Measure time it takes to calculate state group ID (PR #3043) + * Add basic performance statistics to phone home (PR #3044) + * Add response size metrics (PR #3071) + * phone home cache size configurations (PR #3063) + + * Changes: + * Update canonicaljson dependency (#3095) + * Add a blurb explaining the main synapse worker (PR #2886) Thanks to @turt2live! + * Replace old style error catching with 'as' keyword (PR #3000) Thanks to @NotAFile! + * Use .iter* to avoid copies in StateHandler (PR #3006) + * Linearize calls to _generate_user_id (PR #3029) + * Remove last usage of ujson (PR #3030) + * Use simplejson throughout (PR #3048) + * Use static JSONEncoders (PR #3049) + * Remove uses of events.content (PR #3060) + * Improve database cache performance (PR #3068) + +------------------------------------------------------------------- +Thu Mar 29 05:51:42 UTC 2018 - okurz@suse.com + +- Update to version v0.27.2: + * Bug fixes: + * Fix bug which broke TCP replication between workers (PR #3015) + * Fix broken ldap_config config option (PR #2683) Thanks to @seckrv! + * Fix error message when user is not allowed to unban (PR #2761) Thanks to + @turt2live! + * Fix publicised groups GET API (singular) over federation (PR #2772) + * Fix user directory when using user_directory_search_all_users config + option (PR #2803, #2831) + * Fix error on /publicRooms when no rooms exist (PR #2827) + * Fix bug in quarantine_media (PR #2837) + * Fix url_previews when no Content-Type is returned from URL (PR #2845) + * Fix rare race in sync API when joining room (PR #2944) + * Fix slow event search, switch back from GIST to GIN indexes (PR #2769, + #2848) + + * Fix bug where an invalid event caused server to stop functioning + correctly, due to parsing and serializing bugs in ujson library. + + * Features: + * Add ability for ASes to override message send time (PR #2754) + * Add support for custom storage providers for media repository (PR #2867, + #2777, #2783, #2789, #2791, #2804, #2812, #2814, #2857, #2868, #2767) + * Add purge API features, see docs/admin_api/purge_history_api.rst for + full details (PR #2858, #2867, #2882, #2946, #2962, #2943) + * Add support for whitelisting 3PIDs that users can register. (PR #2813) + * Add /room/{id}/event/{id} API (PR #2766) + * Add an admin API to get all the media in a room (PR #2818) Thanks to + @turt2live! + * Add federation_domain_whitelist option (PR #2820, #2821) + + * Changes: + * Continue to factor out processing from main process and into worker + processes. See updated docs/workers.rst (PR #2892 - #2904, #2913, #2920 + - #2926, #2947, #2847, #2854, #2872, #2873, #2874, #2928, #2929, #2934, + #2856, #2976 - #2984, #2987 - #2989, #2991 - #2993, #2995, #2784) + * Ensure state cache is used when persisting events (PR #2864, #2871, + #2802, #2835, #2836, #2841, #2842, #2849) + * Change the default config to bind on both IPv4 and IPv6 on all platforms + (PR #2435) Thanks to @silkeh! + * No longer require a specific version of saml2 (PR #2695) Thanks to @okurz! + * Remove verbosity/log_file from generated config (PR #2755) + * Add and improve metrics and logging (PR #2770, #2778, #2785, #2786, + #2787, #2793, #2794, #2795, #2809, #2810, #2833, #2834, #2844, #2965, + #2927, #2975, #2790, #2796, #2838) + * When using synctl with workers, don't start the main synapse + automatically (PR #2774) + * Minor performance improvements (PR #2773, #2792) + * Use a connection pool for non-federation outbound connections (PR #2817) + * Make it possible to run unit tests against postgres (PR #2829) + * Update pynacl dependency to 1.2.1 or higher (PR #2888) Thanks to @bachp! + * Remove ability for AS users to call /events and /sync (PR #2948) + * Use bcrypt.checkpw (PR #2949) Thanks to @krombel! + +- Change spec-file to use service downloaded and recompressed file directly +- Remove patch synapse_python_dependencies_allow_higher_versions_of_pysaml2.patch + now included in upstream changes + +------------------------------------------------------------------- +Sun Jan 7 10:02:56 UTC 2018 - okurz@suse.com + +- Update to version v0.26.0: + * Bug fixes: + * Fix database port script (PR #2673) + * Fix internal server error on login with ldap_auth_provider (PR #2678) Thanks + to @jkolo! + * Fix error on sqlite 3.7 (PR #2697) + * Fix OPTIONS on preview_url (PR #2707) + * Fix error handling on dns lookup (PR #2711) + * Fix wrong avatars when inviting multiple users when creating room (PR #2717) + * Fix 500 when joining matrix-dev (PR #2719) + + * Features: + * Add ability for ASes to publicise groups for their users (PR #2686) + * Add all local users to the user_directory and optionally search them (PR + * #2723) + * Add support for custom login types for validating users (PR #2729) + + * Changes: + * Update example Prometheus config to new format (PR #2648) Thanks to + @krombel! + * Rename redact_content option to include_content in Push API (PR #2650) + * Declare support for r0.3.0 (PR #2677) + * Improve upserts (PR #2684, #2688, #2689, #2713) + * Improve documentation of workers (PR #2700) + * Improve tracebacks on exceptions (PR #2705) + * Allow guest access to group APIs for reading (PR #2715) + * Support for posting content in federation_client script (PR #2716) + * Delete devices and pushers on logouts etc (PR #2722) + + +------------------------------------------------------------------- +Mon Nov 20 14:37:18 UTC 2017 - okurz@suse.com + +- Update to version v0.25.1: + * Bug fixes: + * Fix login with LDAP and other password provider modules (PR #2678). Thanks to @jkolo! + * Fix port script (PR #2673) + * Fix port script (PR #2577) + * Fix error when running synapse with no logfile (PR #2581) + * Fix UI auth when deleting devices (PR #2591) + * Fix typo when checking if user is invited to group (PR #2599) + * Fix the port script to drop NUL values in all tables (PR #2611) + * Fix appservices being backlogged and not receiving new events due to a bug in + notify_interested_services (PR #2631) Thanks to @xyzz! + * Fix updating rooms avatar/display name when modified by admin (PR #2636) + * Thanks to @farialima! + * Fix bug in state group storage (PR #2649) + * Fix 500 on invalid utf-8 in request (PR #2663) + + * Features: + * Add is_public to groups table to allow for private groups (PR #2582) + * Add a route for determining who you are (PR #2668) Thanks to @turt2live! + * Add more features to the password providers (PR #2608, #2610, #2620, + #2622, #2623, #2624, #2626, #2628, #2629) + * Add a hook for custom rest endpoints (PR #2627) + * Add API to update group room visibility (PR #2651) + + * Changes: + * Ignore tags when generating URL preview descriptions (PR #2576) Thanks to + @maximevaillancourt! + * Register some /unstable endpoints in /r0 as well (PR #2579) Thanks to @krombel! + * Support /keys/upload on /r0 as well as /unstable (PR #2585) + * Front-end proxy: pass through auth header (PR #2586) + * Allow ASes to deactivate their own users (PR #2589) + * Remove refresh tokens (PR #2613) + * Automatically set default displayname on register (PR #2617) + * Log login requests (PR #2618) + * Always return is_public in the /groups/:group_id/rooms API (PR #2630) + * Avoid no-op media deletes (PR #2637) Thanks to @spantaleev! + * Fix various embarrassing typos around user_directory and add some doc. (PR #2643) + * Return whether a user is an admin within a group (PR #2647) + * Namespace visibility options for groups (PR #2657) + * Downcase UserIDs on registration (PR #2662) + * Cache failures when fetching URL previews (PR #2669) + + * Add patch synapse_python_dependencies_allow_higher_versions_of_pysaml2.patch + + +------------------------------------------------------------------- +Tue Nov 14 12:57:17 UTC 2017 - okurz@suse.com + +- Update to version v0.24.1: + * Bug fixes: + * Fix updating group profiles over federation (PR #2567) + * Fix handling SERVFAILs when doing AAAA lookups for federation (PR #2477) + * Fix incompatibility with newer versions of ujson (PR #2483) Thanks to + @jeremycline! + * Fix notification keywords that start/end with non-word chars (PR #2500) + * Fix stack overflow and logcontexts from linearizer (PR #2532) + * Fix 500 error when fields missing from power_levels event (PR #2552) + * Fix 500 error when we get an error handling a PDU (PR #2553) + * Fix regression in performance of syncs (PR #2470) + * Fix caching error in the push evaluator (PR #2332) + * Fix bug where pusherpool didn't start and broke some rooms (PR #2342) + * Fix port script for user directory tables (PR #2375) + * Fix device lists notifications when user rejoins a room (PR #2443, #2449) + * Fix sync to always send down current state events in timeline (PR #2451) + * Fix bug where guest users were incorrectly kicked (PR #2453) + * Fix bug talking to IPv6 only servers using SRV records (PR #2462) + * Fix synapse_port_db failure. Thanks to Pneumaticat! (PR #1904) + * Fix caching to not cache error responses (PR #1913) + * Fix APIs to make kick & ban reasons work (PR #1917) + * Fix bugs in the /keys/changes api (PR #1921) + * Fix bug where users couldn't forget rooms they were banned from (PR #1922) + * Fix issue with long language values in pushers API (PR #1925) + * Fix a race in transaction queue (PR #1930) + * Fix dynamic thumbnailing to preserve aspect ratio. Thanks to jkolo! (PR + #1945) + * Fix device list update to not constantly resync (PR #1964) + * Fix potential for huge memory usage when getting device that have + changed (PR #1969) + * Fix bug where pusher pool didn't start and caused issues when + interacting with some rooms (PR #2342) + * Fix bug with storing registration sessions that caused frequent CPU churn + (PR #2319) + * Fix users not getting notifications when AS listened to that user_id (PR + #2216) Thanks to @slipeer! + * Fix users without push set up not getting notifications after joining rooms + (PR #2236) + * Fix preview url API to trim long descriptions (PR #2243) + * Fix bug where we used cached but unpersisted state group as prev group, + resulting in broken state of restart (PR #2263) + * Fix removing of pushers when using workers (PR #2267) + * Fix CORS headers to allow Authorization header (PR #2285) Thanks to @krombel! + * Fix bug in anonymous usage statistic reporting (PR #2281) + * Fix API to allow clients to upload one-time-keys with new sigs (PR #2206) + * Fix bug where users got pushed for rooms they had muted (PR #2200) + * Fix nuke-room script to work with current schema (PR #1927) Thanks + @zuckschwerdt! + * Fix db port script to not assume postgres tables are in the public schema + (PR #2024) Thanks @jerrykan! + * Fix getting latest device IP for user with no devices (PR #2118) + * Fix rejection of invites to unreachable servers (PR #2145) + * Fix code for reporting old verify keys in synapse (PR #2156) + * Fix invite state to always include all events (PR #2163) + * Fix bug where synapse would always fetch state for any missing event (PR #2170) + * Fix a leak with timed out HTTP connections (PR #2180) + * Fix bug where we didn't time out HTTP requests to ASes (PR #2192) + * Fix joining rooms over federation where not all servers in the room saw the + new server had joined (PR #2094) + * Fix bug where current_state_events renamed to current_state_ids (PR #1849) + * Fix routing loop when fetching remote media (PR #1992) + * Fix current_state_events table to not lie (PR #1996) + * Fix CAS login to handle PartialDownloadError (PR #1997) + * Fix assertion to stop transaction queue getting wedged (PR #2010) + * Fix presence to fallback to last_active_ts if it beats the last sync time. + Thanks @Half-Shot! (PR #2014) + * Fix bug when federation received a PDU while a room join is in progress (PR + #2016) + * Fix resetting state on rejected events (PR #2025) + * Fix installation issues in readme. Thanks @ricco386 (PR #2037) + * Fix caching of remote servers' signature keys (PR #2042) + * Fix some leaking log context (PR #2048, #2049, #2057, #2058) + * Fix rejection of invites not reaching sync (PR #2056) + * Fix bug in handling of incoming device list updates over federation. + + * Features: + * Add Group Server (PR #2352, #2363, #2374, #2377, #2378, #2382, #2410, #2426, + #2430, #2454, #2471, #2472, #2544) + * Add support for channel notifications (PR #2501) + * Add basic implementation of backup media store (PR #2538) + * Add config option to auto-join new users to rooms (PR #2545) + * Add a frontend proxy worker (PR #2344) + * Add support for event_id_only push format (PR #2450) + * Add a PoC for filtering spammy events (PR #2456) + * Add a config option to block all room invites (PR #2457) + * Add a user directory API (PR #2252, and many more) + * Add shutdown room API to remove room from local server (PR #2291) + * Add API to quarantine media (PR #2292) + * Add new config option to not send event contents to push servers (PR #2301) + Thanks to @cjdelisle! + * Add per user rate-limiting overrides (PR #2208) + * Add config option to limit maximum number of events requested by ``/sync`` + and ``/messages`` (PR #2221) Thanks to @psaavedra! + * Add username availability checker API (PR #2183) + * Add read marker API (PR #2120) + * Add delete_devices API (PR #1993) + * Add phone number registration/login support (PR #1994, #2055) + * Add some administration functionalities. Thanks to morteza-araby! (PR #1784) + + * Changes: + * Make the spam checker a module (PR #2474) + * Delete expired url cache data (PR #2478) + * Ignore incoming events for rooms that we have left (PR #2490) + * Allow spam checker to reject invites too (PR #2492) + * Add room creation checks to spam checker (PR #2495) + * Spam checking: add the invitee to user_may_invite (PR #2502) + * Process events from federation for different rooms in parallel (PR #2520) + * Allow error strings from spam checker (PR #2531) + * Improve error handling for missing files in config (PR #2551) + * Make 'affinity' package optional, as it is not supported on some platforms + * Use bcrypt module instead of py-bcrypt (PR #2288) Thanks to @kyrias! + * Improve performance of generating push notifications (PR #2343, #2357, #2365, + #2366, #2371) + * Improve DB performance for device list handling in sync (PR #2362) + * Include a sample prometheus config (PR #2416) + * Document known to work postgres version (PR #2433) Thanks to @ptman! + * Improve performance of storing user IPs (PR #2307, #2308) + * Slightly improve performance of verifying access tokens (PR #2320) + * Slightly improve performance of event persistence (PR #2321) + * Increase default cache factor size from 0.1 to 0.5 (PR #2330) + * Various performance fixes (PR #2177, #2233, #2230, #2238, #2248, #2256, + #2274) + * Deduplicate sync filters (PR #2219) Thanks to @krombel! + * Correct a typo in UPGRADE.rst (PR #2231) Thanks to @aaronraimist! + * Add count of one time keys to sync stream (PR #2237) + * Only store event_auth for state events (PR #2247) + * Store URL cache preview downloads separately (PR #2299) + * Various small performance fixes (PR #2201, #2202, #2224, #2226, #2227, #2228, + #2229) + * Update username availability checker API (PR #2209, #2213) + * When purging, don't de-delta state groups we're about to delete (PR #2214) + * Documentation to check synapse version (PR #2215) Thanks to @hamber-dick! + * Add an index to event_search to speed up purge history API (PR #2218) + * Always mark remotes as up if we receive a signed request from them (PR #2190) + * Enable guest access for the 3pl/3pid APIs (PR #1986) + * Add setting to support TURN for guests (PR #2011) + * Various performance improvements (PR #2075, #2076, #2080, #2083, #2108, + #2158, #2176, #2185) + * Make synctl a bit more user friendly (PR #2078, #2127) Thanks @APwhitehat! + * Replace HTTP replication with TCP replication (PR #2082, #2097, #2098, + #2099, #2103, #2014, #2016, #2115, #2116, #2117) + * Support authenticated SMTP (PR #2102) Thanks @DanielDent! + * Add a counter metric for successfully-sent transactions (PR #2121) + * Propagate errors sensibly from proxied IS requests (PR #2147) + * Add more granular event send metrics (PR #2178) + * Use JSONSchema for validation of filters. Thanks @pik! (PR #1783) + * Reread log config on SIGHUP (PR #1982) + * Speed up public room list (PR #1989) + * Add helpful texts to logger config options (PR #1990) + * Minor ``/sync`` performance improvements. (PR #2002, #2013, #2022) + * Add some debug to help diagnose weird federation issue (PR #2035) + * Correctly limit retries for all federation requests (PR #2050, #2061) + * Don't lock table when persisting new one time keys (PR #2053) + * Reduce some CPU work on DB threads (PR #2054) + * Cache hosts in room (PR #2060) + * Batch sending of device list pokes (PR #2063) + * Speed up persist event path in certain edge cases (PR #2070) + * Reduce database table sizes (PR #1873, #1916, #1923, #1963) + * Update contrib/ to not use syutil. Thanks to andrewshadura! (PR #1907) + * Don't fetch current state when sending an event in common case (PR #1955) + + +------------------------------------------------------------------- +Tue Nov 14 12:52:53 UTC 2017 - okurz@suse.com + +- Update to version v0.24.1+4.632baf79: + * Disallow capital letters in userids + * Allow = in mxids and groupids + * Validate group ids when parsing + * Fix a logcontext leak in the media repo + * Correctly wire in update group profile over federation + * replace 'except:' with 'except Exception:' + * fix vars named `l` + * Bump version and changelog + * Add jitter to validity period of attestations + * Revert "Add jitter to validity period of attestations" + ------------------------------------------------------------------- Tue Jul 4 08:39:45 UTC 2017 - jengelh@inai.de diff --git a/matrix-synapse.obsinfo b/matrix-synapse.obsinfo new file mode 100644 index 0000000..2246af7 --- /dev/null +++ b/matrix-synapse.obsinfo @@ -0,0 +1,5 @@ +name: matrix-synapse +version: 1.4.0 +mtime: 1570105364 +commit: ecb69d824a39d420a20a1c0b24a7174cea392560 + diff --git a/matrix-synapse.service b/matrix-synapse.service new file mode 100644 index 0000000..0abfed6 --- /dev/null +++ b/matrix-synapse.service @@ -0,0 +1,22 @@ +[Unit] +Description=Synapse Matrix homeserver + +[Service] +Type=simple +SyslogIdentifier=matrix-synapse +Restart=on-failure +RestartSec=3 + +User=synapse +Group=synapse +WorkingDirectory=/var/lib/matrix-synapse + +ExecStartPre=@PYTHON_FLAVOR@ -m synapse.app.homeserver --config-path=/etc/matrix-synapse/homeserver.yaml --config-path=/etc/matrix-synapse/conf.d/ --generate-keys +ExecStart=@PYTHON_FLAVOR@ -m synapse.app.homeserver --config-path=/etc/matrix-synapse/homeserver.yaml --config-path=/etc/matrix-synapse/conf.d/ + +# Adjust the cache factor if necessary. +#Environment=SYNAPSE_CACHE_FACTOR=2.0 + +[Install] +WantedBy=multi-user.target + diff --git a/matrix-synapse.spec b/matrix-synapse.spec index 56a493e..88510b2 100644 --- a/matrix-synapse.spec +++ b/matrix-synapse.spec @@ -1,7 +1,7 @@ # # spec file for package matrix-synapse # -# Copyright (c) 2017 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,62 +12,117 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # + +# These come from matrix-synapse's CONDITIONAL_REQUIREMENTS. +%bcond_without email_notifs +%bcond_without ldap +%bcond_without postgres +%bcond_without saml +%bcond_without url_preview +%bcond_without jwt +# txacme is broken in openSUSE. +%bcond_with acme +# sentry-sdk isn't packaged on openSUSE. +%bcond_with sentry + +## Package updates +# +# * Update version in _service to the most recent released one +# * Call `osc service dr` +# * Update changelog manually from +# https://github.com/matrix-org/synapse/releases or synapse/CHANGES.md +# * Commit+submit + +# Synapse 1.1.0 and onwards only supports Python >= 3.5. +%define skip_python2 1 + %{?!python_module:%define python_module() python-%{**} python3-%{**}} -%define github_user matrix-org -%define short_name synapse -Name: matrix-%{short_name} -Version: 0.19.2 +%define modname synapse +%define pkgname matrix-synapse +Name: %{pkgname} +Version: 1.4.0 Release: 0 Summary: Matrix protocol reference homeserver License: Apache-2.0 Group: Productivity/Networking/Instant Messenger -Source0: matrix-synapse-0.19.2.tar.gz -Url: https://github.com/matrix-org/synapse -BuildRoot: %{_tmppath}/%{name}-%{version}-build -BuildRequires: unzip +URL: https://github.com/matrix-org/synapse +Source0: %{pkgname}-%{version}.tar.xz +Source50: %{pkgname}.service BuildRequires: %{python_module base} +BuildRequires: %{python_module psutil >= 2.0.0} BuildRequires: %{python_module setuptools} +BuildRequires: %{python_module treq >= 15.1.0} BuildRequires: fdupes BuildRequires: python-rpm-macros +BuildRequires: systemd-rpm-macros +BuildRequires: unzip +%{?systemd_requires} Requires(pre): shadow -%if 0%{?suse_version} >= 1330 -# alternative: create a specific "synapse" group -Requires(pre): group(nogroup) +%ifpython3 +Requires: %{python_flavor} >= 3.5 %endif -Requires: python-Twisted -Requires: python-bcrypt -Requires: python-msgpack-python -Requires: python-frozendict >= 0.4 -Requires: python-unpaddedbase64 >= 1.1.0 -Requires: python-canonicaljson >= 1.0.0 +# NOTE: Keep this is in the same order as synapse/python_dependencie.py. +Requires: python-Pillow >= 4.3.0 +Requires: python-PyNaCl >= 1.2.1 +Requires: python-PyYAML >= 3.11 +Requires: python-Twisted >= 18.9.0 +Requires: python-attrs >= 17.4.0 +Requires: python-bcrypt >= 3.1.0 +Requires: python-canonicaljson >= 1.1.3 +Requires: python-daemonize >= 2.3.1 +Requires: python-frozendict >= 1 +Requires: python-idna >= 2.5 +Requires: python-jsonschema >= 2.5.1 +Requires: python-msgpack >= 0.5.2 +Requires: python-netaddr >= 0.7.18 +Requires: python-phonenumbers >= 8.2.0 +Requires: python-prometheus_client >= 0.4.0 +Requires: python-psutil >= 2.0.0 +Requires: python-pyOpenSSL >= 16.0.0 +Requires: python-pyasn1 >= 0.1.9 +Requires: python-pyasn1-modules >= 0.0.7 +Requires: python-pymacaroons >= 0.13.0 +Requires: python-service_identity >= 18.1.0 Requires: python-signedjson >= 1.0.0 -# original from python_requirements.py -#BuildRequires: python-PyNaCl == 0.3.0 -Requires: python-PyNaCl -Requires: python-service_identity >= 1.0.0 -Requires: python-Twisted >= 16.0.0 -Requires: python-pyOpenSSL >= 0.14 -Requires: python-PyYAML -Requires: python-pyasn1 -Requires: python-daemonize -Requires: python-Pillow -Requires: python-pydenticon -Requires: python-ujson -Requires: python-blist -Requires: python-pysaml2 >= 3.0.0 -# original from python_requirements.py -#BuildRequires: python-pysaml2 < 4.0.0 -Requires: python-pymacaroons-pynacl -Requires: python-msgpack-python >= 0.3.0 -Requires(post): update-alternatives -Requires(postun): update-alternatives -BuildArch: noarch -%ifpython2 -Provides: matrix-synapse = %{version} +Requires: python-six >= 1.10 +Requires: python-sortedcontainers >= 1.4.4 +Requires: python-treq >= 15.1 +Requires: python-unpaddedbase64 >= 1.1.0 +# Specify all CONDITIONAL_REQUIREMENTS (we Require them to avoid no-recommends +# breaking very commonly-used bits of matrix-synapse such as postgresql). +%if %{with email_notifs} +Requires: python-Jinja2 >= 2.9 +Requires: python-bleach >= 1.4.3 %endif +%if %{with ldap} +Requires: python-matrix-synapse-ldap3 >= 0.1 +%endif +%if %{with postgres} +Requires: python-psycopg2 >= 2.7 +%endif +%if %{with acme} +Requires: python-txacme >= 0.9.2 +%endif +%if %{with saml} +Requires: python-pysaml2 >= 4.5.0 +%endif +%if %{with url_preview} +Requires: python-lxml >= 3.5.0 +%endif +%if %{with sentry} +Requires: python-sentry-sdk >= 0.7.2 +%endif +%if %{with jwt} +Requires: python-PyJWT >= 1.6.4 +%endif +BuildArch: noarch +Provides: matrix-synapse = %{version} +# We only provide/obsolete python2 to ensure that users upgrade. +Obsoletes: python2-matrix-synapse < %{version} +Provides: python2-matrix-synapse = %{version} %python_subpackages @@ -76,81 +131,91 @@ Synapse is a Python-based reference "homeserver" implementation of Matrix. Matrix is a system for federated Instant Messaging and VoIP. %prep -%setup -q -n %{short_name}-%{version} -for i in \ - app/client_reader \ - app/federation_sender \ - app/synchrotron \ - app/pusher \ - app/media_repository \ - app/homeserver \ - app/appservice \ - app/federation_reader \ - push/pusherpool \ - util/versionstring -do - sed -i '1d' synapse/$i.py -done -# patch the version requirement as it would be hard to supply exactly this -# version as dependency -sed -i 's/nacl==0.3.0/nacl>=0.3.0/g' synapse/python_dependencies.py +%setup -q + +# Remove all un-needed #!-lines. +find synapse/ -type f -exec sed -i '1{/^#!/d}' {} \; +# Replace all #!/usr/bin/env lines to use #!/usr/bin/$1 directly. +find ./ -type f -exec \ + sed -i '1s|^#!/usr/bin/env |#!/usr/bin/|' {} \; +# Force the usage of python_flavor. +find ./ -type f \ + -exec sed -i '1s|^#!/usr/bin/python$|#!/usr/bin/%{python_flavor}|' {} \; + +# Update the python flavour in the service file. +sed -i 's|@PYTHON_FLAVOR@|%{python_flavor}|g' %{S:50} %build %python_build -chmod +x build/lib/synapse/app/synctl.py %install -%python_install +# We install scripts into /usr/lib to avoid silly conflicts with other pkgs. +install -d -m 0755 %{buildroot}%{_libexecdir}/%{pkgname} +%python_install "--install-scripts=%{_libexecdir}/%{pkgname}/" -mkdir -p "%{buildroot}%{_sysconfdir}/synapse" -install -m 0644 contrib/systemd/log_config.yaml \ - "%{buildroot}%{_sysconfdir}/synapse" +# While we provide a systemd service, link synctl so it's simpler to use. +install -d -m 0755 %{buildroot}%{_bindir} +ln -s %{_libexecdir}/%{pkgname}/synctl %{buildroot}%{_bindir}/synctl + +# Install default matrix-synapse configuration. +# TODO: Switch to the debian default config. +install -d -m 0755 %{buildroot}%{_sysconfdir}/%{pkgname}/conf.d +install -D -m 0644 docs/sample_config.yaml %{buildroot}%{_sysconfdir}/%{pkgname}/homeserver.yaml +install -D -m 0644 contrib/systemd/log_config.yaml %{buildroot}%{_sysconfdir}/%{pkgname}/log.yaml + +# Man pages. +install -D -m 0644 -t %{buildroot}%{_mandir}/man1 debian/*.1 + +# Runtime-dir. +mkdir -p %{buildroot}%{_rundir}/%{pkgname} + +# system configuration. mkdir -p %{buildroot}%{_sbindir} -ln -s /usr/sbin/service %{buildroot}%{_sbindir}/rcsynapse +ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{pkgname} +install -D -m 0644 contrib/systemd/%{pkgname}.service %{buildroot}%{_unitdir}/%{pkgname}.service -mkdir -p "%{buildroot}%{_unitdir}" -install -m 0644 contrib/systemd/synapse.service \ - "%{buildroot}%{_unitdir}" +# User directory. +install -d -m 0755 %{buildroot}%{_rundir}/%{pkgname} +install -d -m 0750 %{buildroot}%{_localstatedir}/lib/%{pkgname} -mkdir -p "%{buildroot}%{_rundir}/synapse" %python_expand %fdupes %{buildroot}%{$python_sitelib} -for p in hash_password register_new_matrix_user synapse_port_db synctl ; do - %python_clone -a %{buildroot}%{_bindir}/$p -done -%python_clone -a %{buildroot}%{_sbindir}/rcsynapse -%python_clone -a %{buildroot}%{_unitdir}/synapse.service -%python_clone -a %{buildroot}%{_sysconfdir}/synapse/log_config.yaml - %pre +getent group synapse >/dev/null || groupadd -r synapse getent passwd synapse >/dev/null || \ - /usr/sbin/useradd -r -g nogroup -s /sbin/nologin -c 'Matrix Synapse' \ + /usr/sbin/useradd -r -g synapse -s /sbin/nologin -c 'Matrix Synapse' \ -d %{_localstatedir}/lib/synapse synapse -%service_add_pre synapse.service +%service_add_pre %{pkgname}.service %post -%{python_install_alternative synctl hash_password register_new_matrix_user synapse_port_db rcsynapse synapse.service log_config.yaml} -%service_add_post synapse.service +%service_add_post %{pkgname}.service %preun -%service_del_preun synapse.service +%service_del_preun %{pkgname}.service %postun -%python_uninstall_alternative synctl -%service_del_postun synapse.service +%service_del_postun %{pkgname}.service +%if 0%{?suse_version} < 1500 +%files -n %{pkgname} +%else %files %{python_files} +%endif %defattr(-,root,root,-) -%doc *.rst -%doc LICENSE -%dir %{_sysconfdir}/synapse +%doc *.rst CHANGES.md +%license LICENSE +%dir %{_sysconfdir}/%{pkgname} +%dir %{_sysconfdir}/%{pkgname}/conf.d +%config(noreplace) %{_sysconfdir}/%{pkgname}/*.yaml +%dir %attr(0750,%{modname},%{modname}) %{_localstatedir}/lib/%{pkgname} %{python_sitelib} -%python_alternative %{_bindir}/hash_password -%python_alternative %{_bindir}/register_new_matrix_user -%python_alternative %{_bindir}/synapse_port_db -%python_alternative %{_bindir}/synctl -%python_alternative %{_sbindir}/rcsynapse -%python_alternative %{_unitdir}/synapse.service -%config %python_alternative %{_sysconfdir}/synapse/log_config.yaml +# Python helper scripts. +%{_bindir}/synctl +%{_libexecdir}/%{pkgname} +# systemd service. +%{_sbindir}/rc%{pkgname} +%{_unitdir}/%{pkgname}.service +# Man pages. +%{_mandir}/man*/* %changelog