- May 08, 2019
-
-
Brendan Abolivier authored -
Matthew Hodgson authored
This commit adds two config options: * `restrict_public_rooms_to_local_users` Requires auth to fetch the public rooms directory through the CS API and disables fetching it through the federation API. * `require_auth_for_profile_requests` When set to `true`, requires that requests to `/profile` over the CS API are authenticated, and only returns the user's profile if the requester shares a room with the profile's owner, as per MSC1301. MSC1301 also specifies a behaviour for federation (only returning the profile if the server asking for it shares a room with the profile's owner), but that's currently really non-trivial to do in a not too expensive way. Next step is writing down a MSC that allows a HS to specify which user sent the profile query. In this implementation, Synapse won't send a profile query over federation if it doesn't believe it already shares a room with the profile's owner, though. Groups have been intentionally omitted from this commit.
-
Erik Johnston authored
Limit in flight DNS requests
-
Brendan Abolivier authored
Follow-up to #5124 Also added a bunch of checks to make sure everything (both the stuff added on #5124 and this PR) works as intended.
-
- May 07, 2019
-
-
Erik Johnston authored
Ratelimit 3pid invites
-
Richard van der Hoff authored
This endpoint isn't much use for its intended purpose if you first need to get yourself an admin's auth token. I've restricted it to the `/_synapse/admin` path to make it a bit easier to lock down for those concerned about exposing this information. I don't imagine anyone is using it in anger currently.
-
- May 06, 2019
-
-
Travis Ralston authored
-
Richard van der Hoff authored
... after it got broken in 1565ebec.
-
- May 03, 2019
-
-
Richard van der Hoff authored
-
Richard van der Hoff authored
Synapse 0.99.3.2 (2019-05-03) ============================= Internal Changes ---------------- - Ensure that we have `urllib3` <1.25, to resolve incompatibility with `requests`. ([\#5135](https://github.com/matrix-org/synapse/issues/5135))
-
-
Richard van der Hoff authored
-
Richard van der Hoff authored
Build fixes
-
Richard van der Hoff authored
-
Richard van der Hoff authored
psycopg 2.8 is now out, which means that the C library gets built from source, so we now need libpq-dev when building. Turns out the need for this package is already documented in docs/postgres.rst.
-
Richard van der Hoff authored
-
-
Richard van der Hoff authored
-
Richard van der Hoff authored
Blacklist 0.0.0.0 and :: by default for URL previews
-
Richard van der Hoff authored
-
Richard van der Hoff authored
Use SystemRandom for token generation.
-
Richard van der Hoff authored
-
Neil Johnson authored
-
Richard van der Hoff authored
-
- May 02, 2019
-
-
Erik Johnston authored
-
Richard van der Hoff authored
-
Brendan Abolivier authored
Add some limitations to alias creation
-
Brendan Abolivier authored
-
Richard van der Hoff authored
Rather than copying-and-pasting the same four lines hundreds of times
-
Richard van der Hoff authored
Move the admin API to `/_synapse/admin/v1`
-
- May 01, 2019
-
-
Richard van der Hoff authored
-
Richard van der Hoff authored
-
Richard van der Hoff authored
-
Richard van der Hoff authored
It doesn't really belong under rest/client/v1 any more.
-
Richard van der Hoff authored
-
Richard van der Hoff authored
-
Brendan Abolivier authored
Fix path in account validity admin route's doc
-
Brendan Abolivier authored
-
Brendan Abolivier authored
-
Brendan Abolivier authored
-