From 9ac27cabc5f624938264ddccf5500478d7d38bf3 Mon Sep 17 00:00:00 2001
From: Neil Alexander <neilalexander@users.noreply.github.com>
Date: Thu, 10 Feb 2022 13:50:13 +0000
Subject: [PATCH 1/4] Version 0.6.3 (#2170)

---
 CHANGES.md          | 19 +++++++++++++++++++
 internal/version.go |  2 +-
 2 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/CHANGES.md b/CHANGES.md
index 07e09480a..4df8e869a 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,5 +1,24 @@
 # Changelog
 
+## Dendrite 0.6.3 (2022-02-10)
+
+### Features
+
+* Initial support for `m.login.token`
+* A number of regressions from earlier v0.6.x versions should now be corrected
+
+### Fixes
+
+* Missing state is now correctly retrieved in cases where a gap in the timeline was closed but some of those events were missing state snapshots, which should help to unstick slow or broken rooms
+* Fixed a transaction issue where inserting events into the database could deadlock, which should stop rooms from getting stuck
+* Fixed a problem where rejected events could result in rolled back database transactions
+* Avoided a potential race condition on fetching latest events by using the room updater instead
+* Processing events from `/get_missing_events` will no longer result in potential recursion
+* Federation events are now correctly generated for updated self-signing keys and signed devices
+* Rejected events can now be un-rejected if they are reprocessed and all of the correct conditions are met
+* Fetching missing auth events will no longer error as long as all needed events for auth were satisfied
+* Users can now correctly forget rooms if they were not a member of the room
+
 ## Dendrite 0.6.2 (2022-02-04)
 
 ### Fixes
diff --git a/internal/version.go b/internal/version.go
index de0b7c8c3..a07f01b61 100644
--- a/internal/version.go
+++ b/internal/version.go
@@ -17,7 +17,7 @@ var build string
 const (
 	VersionMajor = 0
 	VersionMinor = 6
-	VersionPatch = 2
+	VersionPatch = 3
 	VersionTag   = "" // example: "rc1"
 )
 

From f800cae6d250e49fed1d96471da82dbaf25c3564 Mon Sep 17 00:00:00 2001
From: kegsay <kegan@matrix.org>
Date: Thu, 10 Feb 2022 18:12:11 +0000
Subject: [PATCH 2/4] Point to /complement/ca not /ca (#2172)

---
 build/scripts/Complement.Dockerfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/build/scripts/Complement.Dockerfile b/build/scripts/Complement.Dockerfile
index a54fab1d4..1d520b4e7 100644
--- a/build/scripts/Complement.Dockerfile
+++ b/build/scripts/Complement.Dockerfile
@@ -25,7 +25,7 @@ EXPOSE 8008 8448
 
 # At runtime, generate TLS cert based on the CA now mounted at /ca
 # At runtime, replace the SERVER_NAME with what we are told
-CMD ./generate-keys --server $SERVER_NAME --tls-cert server.crt --tls-key server.key --tls-authority-cert /ca/ca.crt --tls-authority-key /ca/ca.key && \
+CMD ./generate-keys --server $SERVER_NAME --tls-cert server.crt --tls-key server.key --tls-authority-cert /complement/ca/ca.crt --tls-authority-key /complement/ca/ca.key && \
  ./generate-config -server $SERVER_NAME --ci > dendrite.yaml && \
- cp /ca/ca.crt /usr/local/share/ca-certificates/ && update-ca-certificates && \
+ cp /complement/ca/ca.crt /usr/local/share/ca-certificates/ && update-ca-certificates && \
  ./dendrite-monolith-server --tls-cert server.crt --tls-key server.key --config dendrite.yaml

From 4e75ab9930842e34314b0af89f60149871f6e6f2 Mon Sep 17 00:00:00 2001
From: kegsay <kegan@matrix.org>
Date: Fri, 11 Feb 2022 12:35:47 +0000
Subject: [PATCH 3/4] Add postgres complement support (#2177)

---
 build/scripts/ComplementPostgres.Dockerfile | 53 +++++++++++++++++++++
 1 file changed, 53 insertions(+)
 create mode 100644 build/scripts/ComplementPostgres.Dockerfile

diff --git a/build/scripts/ComplementPostgres.Dockerfile b/build/scripts/ComplementPostgres.Dockerfile
new file mode 100644
index 000000000..6024ae8da
--- /dev/null
+++ b/build/scripts/ComplementPostgres.Dockerfile
@@ -0,0 +1,53 @@
+FROM golang:1.16-stretch as build
+RUN apt-get update && apt-get install -y postgresql
+WORKDIR /build
+
+# No password when connecting over localhost
+RUN sed -i "s%127.0.0.1/32            md5%127.0.0.1/32            trust%g" /etc/postgresql/9.6/main/pg_hba.conf && \
+    # Bump up max conns for moar concurrency
+    sed -i 's/max_connections = 100/max_connections = 2000/g' /etc/postgresql/9.6/main/postgresql.conf
+
+# This entry script starts postgres, waits for it to be up then starts dendrite
+RUN echo '\
+#!/bin/bash -eu \n\
+pg_lsclusters \n\
+pg_ctlcluster 9.6 main start \n\
+ \n\
+until pg_isready \n\
+do \n\
+  echo "Waiting for postgres"; \n\
+  sleep 1; \n\
+done \n\
+' > run_postgres.sh && chmod +x run_postgres.sh
+
+# we will dump the binaries and config file to this location to ensure any local untracked files
+# that come from the COPY . . file don't contaminate the build
+RUN mkdir /dendrite
+
+# Utilise Docker caching when downloading dependencies, this stops us needlessly
+# downloading dependencies every time.
+COPY go.mod .
+COPY go.sum .
+RUN go mod download
+
+COPY . .
+RUN go build -o /dendrite ./cmd/dendrite-monolith-server
+RUN go build -o /dendrite ./cmd/generate-keys
+RUN go build -o /dendrite ./cmd/generate-config
+
+WORKDIR /dendrite
+RUN ./generate-keys --private-key matrix_key.pem
+
+ENV SERVER_NAME=localhost
+EXPOSE 8008 8448
+
+
+# At runtime, generate TLS cert based on the CA now mounted at /ca
+# At runtime, replace the SERVER_NAME with what we are told
+CMD /build/run_postgres.sh && ./generate-keys --server $SERVER_NAME --tls-cert server.crt --tls-key server.key --tls-authority-cert /complement/ca/ca.crt --tls-authority-key /complement/ca/ca.key && \
+ ./generate-config -server $SERVER_NAME --ci > dendrite.yaml && \
+ # Replace the connection string with a single postgres DB, using user/db = 'postgres' and no password, bump max_conns
+ sed -i "s%connection_string:.*$%connection_string: postgresql://postgres@localhost/postgres?sslmode=disable%g" dendrite.yaml && \
+ sed -i 's/max_open_conns:.*$/max_open_conns: 100/g' dendrite.yaml && \
+ cp /complement/ca/ca.crt /usr/local/share/ca-certificates/ && update-ca-certificates && \
+ ./dendrite-monolith-server --tls-cert server.crt --tls-key server.key --config dendrite.yaml
\ No newline at end of file

From 88b45d5cd248794237baebbe4945ef708a7598de Mon Sep 17 00:00:00 2001
From: Neil Alexander <neilalexander@users.noreply.github.com>
Date: Fri, 11 Feb 2022 15:18:14 +0000
Subject: [PATCH 4/4] Drop `m.room.create` events in federation `/send`
 transaction (#2179)

---
 federationapi/routing/send.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/federationapi/routing/send.go b/federationapi/routing/send.go
index dd4fe13a8..745e36de9 100644
--- a/federationapi/routing/send.go
+++ b/federationapi/routing/send.go
@@ -258,6 +258,9 @@ func (t *txnReq) processTransaction(ctx context.Context) (*gomatrixserverlib.Res
 			util.GetLogger(ctx).WithError(err).Debugf("Transaction: Failed to parse event JSON of event %s", string(pdu))
 			continue
 		}
+		if event.Type() == gomatrixserverlib.MRoomCreate && event.StateKeyEquals("") {
+			continue
+		}
 		if api.IsServerBannedFromRoom(ctx, t.rsAPI, event.RoomID(), t.Origin) {
 			results[event.EventID()] = gomatrixserverlib.PDUResult{
 				Error: "Forbidden by server ACLs",