mirror of
https://github.com/matrix-org/dendrite.git
synced 2024-11-27 08:41:57 -06:00
Merge branch 'master' into add-nats-support
This commit is contained in:
commit
a478b1682c
41
CHANGES.md
41
CHANGES.md
|
@ -1,5 +1,46 @@
|
||||||
# Changelog
|
# Changelog
|
||||||
|
|
||||||
|
## Dendrite 0.4.0 (2021-07-12)
|
||||||
|
|
||||||
|
### Features
|
||||||
|
|
||||||
|
* All-new state storage in the roomserver, which dramatically reduces disk space utilisation
|
||||||
|
* State snapshots and blocks are now aggressively deduplicated and reused wherever possible, with state blocks being reduced by up to 15x and snapshot references being reduced up to 2x
|
||||||
|
* Dendrite will upgrade to the new state storage automatically on the first run after upgrade, although this may take some time depending on the size of the state storage
|
||||||
|
* Appservice support has been improved significantly, with many bridges now working correctly with Dendrite
|
||||||
|
* Events are now correctly sent to appservices based on room memberships
|
||||||
|
* Aliases and namespaces are now handled correctly, calling the appservice to query for aliases as needed
|
||||||
|
* Appservice user registrations are no longer being subject to incorrect validation checks
|
||||||
|
* Shared secret registration has now been implemented correctly
|
||||||
|
* The roomserver input API implements a new queuing system to reduce backpressure across rooms
|
||||||
|
* Checking if the local server is in a room has been optimised substantially, reducing CPU usage
|
||||||
|
* State resolution v2 has been optimised further by improving the power level checks, reducing CPU usage
|
||||||
|
* The federation API `/send` endpoint now deduplicates missing auth and prev events more aggressively to reduce memory usage
|
||||||
|
* The federation API `/send` endpoint now uses workers to reduce backpressure across rooms
|
||||||
|
* The bcrypt cost for password storage is now configurable with the `user_api.bcrypt_cost` option
|
||||||
|
* The federation API will now use significantly less memory when calling `/get_missing_events`
|
||||||
|
* MSC2946 Spaces endpoints have been updated to stable endpoint naming
|
||||||
|
* The media API can now be configured without a maximum file size
|
||||||
|
* A new `dendrite-upgrade-test` test has been added for verifying database schema upgrades across versions
|
||||||
|
* Added Prometheus metrics for roomserver backpressure, excessive device list updates and federation API event processing summaries
|
||||||
|
* Sentry support has been added for error reporting
|
||||||
|
|
||||||
|
### Fixes
|
||||||
|
|
||||||
|
* Removed the legacy `/v1` register endpoint. Dendrite only implements `/r0` of the CS API, and the legacy `/v1` endpoint had implementation errors which made it possible to bypass shared secret registration (thanks to Jakob Varmose Bentzen for reporting this)
|
||||||
|
* Attempting to register an account that already exists now returns a sensible error code rather than a HTTP 500
|
||||||
|
* Dendrite will no longer attempt to `/make_join` with itself if listed in the request `server_names`
|
||||||
|
* `/sync` will no longer return immediately if there is nothing to sync, which happened particularly with new accounts, causing high CPU usage
|
||||||
|
* Malicious media uploads can no longer exhaust all available memory (contributed by [S7evinK](https://github.com/S7evinK))
|
||||||
|
* Selecting one-time keys from the database has been optimised (contributed by [S7evinK](https://github.com/S7evinK))
|
||||||
|
* The return code when trying to fetch missing account data has been fixed (contributed by [adamgreig](https://github.com/adamgreig))
|
||||||
|
* Dendrite will no longer attempt to use `/make_leave` over federation when rejecting a local invite
|
||||||
|
* A panic has been fixed in `QueryMembershipsForRoom`
|
||||||
|
* A panic on duplicate membership events has been fixed in the federation sender
|
||||||
|
* A panic has been fixed in in `IsInterestedInRoomID` (contributed by [bodqhrohro](https://github.com/bodqhrohro))
|
||||||
|
* A panic in the roomserver has been fixed when handling empty state sets
|
||||||
|
* A panic in the federation API has been fixed when handling cached events
|
||||||
|
|
||||||
## Dendrite 0.3.11 (2021-03-02)
|
## Dendrite 0.3.11 (2021-03-02)
|
||||||
|
|
||||||
### Fixes
|
### Fixes
|
||||||
|
|
|
@ -28,8 +28,8 @@ There are three sample `docker-compose` files:
|
||||||
The `docker-compose` files refer to the `/etc/dendrite` volume as where the
|
The `docker-compose` files refer to the `/etc/dendrite` volume as where the
|
||||||
runtime config should come from. The mounted folder must contain:
|
runtime config should come from. The mounted folder must contain:
|
||||||
|
|
||||||
- `dendrite.yaml` configuration file (based on the sample `dendrite-config.yaml`
|
- `dendrite.yaml` configuration file (based on the [`dendrite-config.yaml`](https://raw.githubusercontent.com/matrix-org/dendrite/master/dendrite-config.yaml)
|
||||||
in the `docker/config` folder in the [Dendrite repository](https://github.com/matrix-org/dendrite)
|
sample in the `build/docker/config` folder of this repository.)
|
||||||
- `matrix_key.pem` server key, as generated using `cmd/generate-keys`
|
- `matrix_key.pem` server key, as generated using `cmd/generate-keys`
|
||||||
- `server.crt` certificate file
|
- `server.crt` certificate file
|
||||||
- `server.key` private key file for the above certificate
|
- `server.key` private key file for the above certificate
|
||||||
|
@ -50,8 +50,7 @@ The key files will now exist in your current working directory, and can be mount
|
||||||
|
|
||||||
## Starting Dendrite as a monolith deployment
|
## Starting Dendrite as a monolith deployment
|
||||||
|
|
||||||
Create your config based on the `dendrite.yaml` configuration file in the `docker/config`
|
Create your config based on the [`dendrite-config.yaml`](https://raw.githubusercontent.com/matrix-org/dendrite/master/dendrite-config.yaml) configuration file in the `build/docker/config` folder of this repository. And rename the config file to `dendrite.yml` (and put it in your `config` directory).
|
||||||
folder in the [Dendrite repository](https://github.com/matrix-org/dendrite).
|
|
||||||
|
|
||||||
Once in place, start the PostgreSQL dependency:
|
Once in place, start the PostgreSQL dependency:
|
||||||
|
|
||||||
|
@ -67,8 +66,7 @@ docker-compose -f docker-compose.monolith.yml up
|
||||||
|
|
||||||
## Starting Dendrite as a polylith deployment
|
## Starting Dendrite as a polylith deployment
|
||||||
|
|
||||||
Create your config based on the `dendrite.yaml` configuration file in the `docker/config`
|
Create your config based on the [`dendrite-config.yaml`](https://raw.githubusercontent.com/matrix-org/dendrite/master/dendrite-config.yaml) configuration file in the `build/docker/config` folder of this repository. And rename the config file to `dendrite.yml` (and put it in your `config` directory).
|
||||||
folder in the [Dendrite repository](https://github.com/matrix-org/dendrite).
|
|
||||||
|
|
||||||
Once in place, start all the dependencies:
|
Once in place, start all the dependencies:
|
||||||
|
|
||||||
|
@ -84,10 +82,10 @@ docker-compose -f docker-compose.polylith.yml up
|
||||||
|
|
||||||
## Building the images
|
## Building the images
|
||||||
|
|
||||||
The `docker/images-build.sh` script will build the base image, followed by
|
The `build/docker/images-build.sh` script will build the base image, followed by
|
||||||
all of the component images.
|
all of the component images.
|
||||||
|
|
||||||
The `docker/images-push.sh` script will push them to Docker Hub (subject
|
The `build/docker/images-push.sh` script will push them to Docker Hub (subject
|
||||||
to permissions).
|
to permissions).
|
||||||
|
|
||||||
If you wish to build and push your own images, rename `matrixdotorg/dendrite` to
|
If you wish to build and push your own images, rename `matrixdotorg/dendrite` to
|
||||||
|
|
|
@ -334,6 +334,7 @@ func (m *DendriteMonolith) Start() {
|
||||||
base.PublicFederationAPIMux,
|
base.PublicFederationAPIMux,
|
||||||
base.PublicKeyAPIMux,
|
base.PublicKeyAPIMux,
|
||||||
base.PublicMediaAPIMux,
|
base.PublicMediaAPIMux,
|
||||||
|
base.SynapseAdminMux,
|
||||||
)
|
)
|
||||||
|
|
||||||
httpRouter := mux.NewRouter().SkipClean(true).UseEncodedPath()
|
httpRouter := mux.NewRouter().SkipClean(true).UseEncodedPath()
|
||||||
|
|
|
@ -173,6 +173,7 @@ func (m *DendriteMonolith) Start() {
|
||||||
base.PublicFederationAPIMux,
|
base.PublicFederationAPIMux,
|
||||||
base.PublicKeyAPIMux,
|
base.PublicKeyAPIMux,
|
||||||
base.PublicMediaAPIMux,
|
base.PublicMediaAPIMux,
|
||||||
|
base.SynapseAdminMux,
|
||||||
)
|
)
|
||||||
|
|
||||||
httpRouter := mux.NewRouter()
|
httpRouter := mux.NewRouter()
|
||||||
|
|
|
@ -35,6 +35,7 @@ import (
|
||||||
// AddPublicRoutes sets up and registers HTTP handlers for the ClientAPI component.
|
// AddPublicRoutes sets up and registers HTTP handlers for the ClientAPI component.
|
||||||
func AddPublicRoutes(
|
func AddPublicRoutes(
|
||||||
router *mux.Router,
|
router *mux.Router,
|
||||||
|
synapseAdminRouter *mux.Router,
|
||||||
cfg *config.ClientAPI,
|
cfg *config.ClientAPI,
|
||||||
accountsDB accounts.Database,
|
accountsDB accounts.Database,
|
||||||
federation *gomatrixserverlib.FederationClient,
|
federation *gomatrixserverlib.FederationClient,
|
||||||
|
@ -56,7 +57,7 @@ func AddPublicRoutes(
|
||||||
}
|
}
|
||||||
|
|
||||||
routing.Setup(
|
routing.Setup(
|
||||||
router, cfg, eduInputAPI, rsAPI, asAPI,
|
router, synapseAdminRouter, cfg, eduInputAPI, rsAPI, asAPI,
|
||||||
accountsDB, userAPI, federation,
|
accountsDB, userAPI, federation,
|
||||||
syncProducer, transactionsCache, fsAPI, keyAPI, extRoomsProvider, mscCfg,
|
syncProducer, transactionsCache, fsAPI, keyAPI, extRoomsProvider, mscCfg,
|
||||||
)
|
)
|
||||||
|
|
|
@ -17,10 +17,7 @@ package routing
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"crypto/hmac"
|
|
||||||
"crypto/sha1"
|
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"errors"
|
|
||||||
"fmt"
|
"fmt"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
@ -594,7 +591,6 @@ func handleRegistrationFlow(
|
||||||
accessToken string,
|
accessToken string,
|
||||||
accessTokenErr error,
|
accessTokenErr error,
|
||||||
) util.JSONResponse {
|
) util.JSONResponse {
|
||||||
// TODO: Shared secret registration (create new user scripts)
|
|
||||||
// TODO: Enable registration config flag
|
// TODO: Enable registration config flag
|
||||||
// TODO: Guest account upgrading
|
// TODO: Guest account upgrading
|
||||||
|
|
||||||
|
@ -643,20 +639,6 @@ func handleRegistrationFlow(
|
||||||
// Add Recaptcha to the list of completed registration stages
|
// Add Recaptcha to the list of completed registration stages
|
||||||
AddCompletedSessionStage(sessionID, authtypes.LoginTypeRecaptcha)
|
AddCompletedSessionStage(sessionID, authtypes.LoginTypeRecaptcha)
|
||||||
|
|
||||||
case authtypes.LoginTypeSharedSecret:
|
|
||||||
// Check shared secret against config
|
|
||||||
valid, err := isValidMacLogin(cfg, r.Username, r.Password, r.Admin, r.Auth.Mac)
|
|
||||||
|
|
||||||
if err != nil {
|
|
||||||
util.GetLogger(req.Context()).WithError(err).Error("isValidMacLogin failed")
|
|
||||||
return jsonerror.InternalServerError()
|
|
||||||
} else if !valid {
|
|
||||||
return util.MessageResponse(http.StatusForbidden, "HMAC incorrect")
|
|
||||||
}
|
|
||||||
|
|
||||||
// Add SharedSecret to the list of completed registration stages
|
|
||||||
AddCompletedSessionStage(sessionID, authtypes.LoginTypeSharedSecret)
|
|
||||||
|
|
||||||
case authtypes.LoginTypeDummy:
|
case authtypes.LoginTypeDummy:
|
||||||
// there is nothing to do
|
// there is nothing to do
|
||||||
// Add Dummy to the list of completed registration stages
|
// Add Dummy to the list of completed registration stages
|
||||||
|
@ -849,49 +831,6 @@ func completeRegistration(
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Used for shared secret registration.
|
|
||||||
// Checks if the username, password and isAdmin flag matches the given mac.
|
|
||||||
func isValidMacLogin(
|
|
||||||
cfg *config.ClientAPI,
|
|
||||||
username, password string,
|
|
||||||
isAdmin bool,
|
|
||||||
givenMac []byte,
|
|
||||||
) (bool, error) {
|
|
||||||
sharedSecret := cfg.RegistrationSharedSecret
|
|
||||||
|
|
||||||
// Check that shared secret registration isn't disabled.
|
|
||||||
if cfg.RegistrationSharedSecret == "" {
|
|
||||||
return false, errors.New("Shared secret registration is disabled")
|
|
||||||
}
|
|
||||||
|
|
||||||
// Double check that username/password don't contain the HMAC delimiters. We should have
|
|
||||||
// already checked this.
|
|
||||||
if strings.Contains(username, "\x00") {
|
|
||||||
return false, errors.New("Username contains invalid character")
|
|
||||||
}
|
|
||||||
if strings.Contains(password, "\x00") {
|
|
||||||
return false, errors.New("Password contains invalid character")
|
|
||||||
}
|
|
||||||
if sharedSecret == "" {
|
|
||||||
return false, errors.New("Shared secret registration is disabled")
|
|
||||||
}
|
|
||||||
|
|
||||||
adminString := "notadmin"
|
|
||||||
if isAdmin {
|
|
||||||
adminString = "admin"
|
|
||||||
}
|
|
||||||
joined := strings.Join([]string{username, password, adminString}, "\x00")
|
|
||||||
|
|
||||||
mac := hmac.New(sha1.New, []byte(sharedSecret))
|
|
||||||
_, err := mac.Write([]byte(joined))
|
|
||||||
if err != nil {
|
|
||||||
return false, err
|
|
||||||
}
|
|
||||||
expectedMAC := mac.Sum(nil)
|
|
||||||
|
|
||||||
return hmac.Equal(givenMac, expectedMAC), nil
|
|
||||||
}
|
|
||||||
|
|
||||||
// checkFlows checks a single completed flow against another required one. If
|
// checkFlows checks a single completed flow against another required one. If
|
||||||
// one contains at least all of the stages that the other does, checkFlows
|
// one contains at least all of the stages that the other does, checkFlows
|
||||||
// returns true.
|
// returns true.
|
||||||
|
@ -995,3 +934,34 @@ func RegisterAvailable(
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func handleSharedSecretRegistration(userAPI userapi.UserInternalAPI, sr *SharedSecretRegistration, req *http.Request) util.JSONResponse {
|
||||||
|
ssrr, err := NewSharedSecretRegistrationRequest(req.Body)
|
||||||
|
if err != nil {
|
||||||
|
return util.JSONResponse{
|
||||||
|
Code: 400,
|
||||||
|
JSON: jsonerror.BadJSON(fmt.Sprintf("malformed json: %s", err)),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
valid, err := sr.IsValidMacLogin(ssrr.Nonce, ssrr.User, ssrr.Password, ssrr.Admin, ssrr.MacBytes)
|
||||||
|
if err != nil {
|
||||||
|
return util.ErrorResponse(err)
|
||||||
|
}
|
||||||
|
if !valid {
|
||||||
|
return util.JSONResponse{
|
||||||
|
Code: 403,
|
||||||
|
JSON: jsonerror.Forbidden("bad mac"),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
// downcase capitals
|
||||||
|
ssrr.User = strings.ToLower(ssrr.User)
|
||||||
|
|
||||||
|
if resErr := validateUsername(ssrr.User); resErr != nil {
|
||||||
|
return *resErr
|
||||||
|
}
|
||||||
|
if resErr := validatePassword(ssrr.Password); resErr != nil {
|
||||||
|
return *resErr
|
||||||
|
}
|
||||||
|
deviceID := "shared_secret_registration"
|
||||||
|
return completeRegistration(req.Context(), userAPI, ssrr.User, ssrr.Password, "", req.RemoteAddr, req.UserAgent(), false, &ssrr.User, &deviceID)
|
||||||
|
}
|
||||||
|
|
99
clientapi/routing/register_secret.go
Normal file
99
clientapi/routing/register_secret.go
Normal file
|
@ -0,0 +1,99 @@
|
||||||
|
package routing
|
||||||
|
|
||||||
|
import (
|
||||||
|
"context"
|
||||||
|
"crypto/hmac"
|
||||||
|
"crypto/sha1"
|
||||||
|
"encoding/hex"
|
||||||
|
"encoding/json"
|
||||||
|
"errors"
|
||||||
|
"fmt"
|
||||||
|
"io"
|
||||||
|
"strings"
|
||||||
|
"time"
|
||||||
|
|
||||||
|
"github.com/matrix-org/dendrite/internal"
|
||||||
|
"github.com/matrix-org/util"
|
||||||
|
cache "github.com/patrickmn/go-cache"
|
||||||
|
)
|
||||||
|
|
||||||
|
type SharedSecretRegistrationRequest struct {
|
||||||
|
User string `json:"username"`
|
||||||
|
Password string `json:"password"`
|
||||||
|
Nonce string `json:"nonce"`
|
||||||
|
MacBytes []byte
|
||||||
|
MacStr string `json:"mac"`
|
||||||
|
Admin bool `json:"admin"`
|
||||||
|
}
|
||||||
|
|
||||||
|
func NewSharedSecretRegistrationRequest(reader io.ReadCloser) (*SharedSecretRegistrationRequest, error) {
|
||||||
|
defer internal.CloseAndLogIfError(context.Background(), reader, "NewSharedSecretRegistrationRequest: failed to close request body")
|
||||||
|
var ssrr SharedSecretRegistrationRequest
|
||||||
|
err := json.NewDecoder(reader).Decode(&ssrr)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
ssrr.MacBytes, err = hex.DecodeString(ssrr.MacStr)
|
||||||
|
return &ssrr, err
|
||||||
|
}
|
||||||
|
|
||||||
|
type SharedSecretRegistration struct {
|
||||||
|
sharedSecret string
|
||||||
|
nonces *cache.Cache
|
||||||
|
}
|
||||||
|
|
||||||
|
func NewSharedSecretRegistration(sharedSecret string) *SharedSecretRegistration {
|
||||||
|
return &SharedSecretRegistration{
|
||||||
|
sharedSecret: sharedSecret,
|
||||||
|
// nonces live for 5mins, purge every 10mins
|
||||||
|
nonces: cache.New(5*time.Minute, 10*time.Minute),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (r *SharedSecretRegistration) GenerateNonce() string {
|
||||||
|
nonce := util.RandomString(16)
|
||||||
|
r.nonces.Set(nonce, true, cache.DefaultExpiration)
|
||||||
|
return nonce
|
||||||
|
}
|
||||||
|
|
||||||
|
func (r *SharedSecretRegistration) validNonce(nonce string) bool {
|
||||||
|
_, exists := r.nonces.Get(nonce)
|
||||||
|
return exists
|
||||||
|
}
|
||||||
|
|
||||||
|
func (r *SharedSecretRegistration) IsValidMacLogin(
|
||||||
|
nonce, username, password string,
|
||||||
|
isAdmin bool,
|
||||||
|
givenMac []byte,
|
||||||
|
) (bool, error) {
|
||||||
|
// Check that shared secret registration isn't disabled.
|
||||||
|
if r.sharedSecret == "" {
|
||||||
|
return false, errors.New("Shared secret registration is disabled")
|
||||||
|
}
|
||||||
|
if !r.validNonce(nonce) {
|
||||||
|
return false, fmt.Errorf("Incorrect or expired nonce: %s", nonce)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check that username/password don't contain the HMAC delimiters.
|
||||||
|
if strings.Contains(username, "\x00") {
|
||||||
|
return false, errors.New("Username contains invalid character")
|
||||||
|
}
|
||||||
|
if strings.Contains(password, "\x00") {
|
||||||
|
return false, errors.New("Password contains invalid character")
|
||||||
|
}
|
||||||
|
|
||||||
|
adminString := "notadmin"
|
||||||
|
if isAdmin {
|
||||||
|
adminString = "admin"
|
||||||
|
}
|
||||||
|
joined := strings.Join([]string{nonce, username, password, adminString}, "\x00")
|
||||||
|
|
||||||
|
mac := hmac.New(sha1.New, []byte(r.sharedSecret))
|
||||||
|
_, err := mac.Write([]byte(joined))
|
||||||
|
if err != nil {
|
||||||
|
return false, err
|
||||||
|
}
|
||||||
|
expectedMAC := mac.Sum(nil)
|
||||||
|
|
||||||
|
return hmac.Equal(givenMac, expectedMAC), nil
|
||||||
|
}
|
43
clientapi/routing/register_secret_test.go
Normal file
43
clientapi/routing/register_secret_test.go
Normal file
|
@ -0,0 +1,43 @@
|
||||||
|
package routing
|
||||||
|
|
||||||
|
import (
|
||||||
|
"bytes"
|
||||||
|
"io/ioutil"
|
||||||
|
"testing"
|
||||||
|
|
||||||
|
"github.com/patrickmn/go-cache"
|
||||||
|
)
|
||||||
|
|
||||||
|
func TestSharedSecretRegister(t *testing.T) {
|
||||||
|
// these values have come from a local synapse instance to ensure compatibility
|
||||||
|
jsonStr := []byte(`{"admin":false,"mac":"f1ba8d37123866fd659b40de4bad9b0f8965c565","nonce":"759f047f312b99ff428b21d581256f8592b8976e58bc1b543972dc6147e529a79657605b52d7becd160ff5137f3de11975684319187e06901955f79e5a6c5a79","password":"wonderland","username":"alice"}`)
|
||||||
|
sharedSecret := "dendritetest"
|
||||||
|
|
||||||
|
req, err := NewSharedSecretRegistrationRequest(ioutil.NopCloser(bytes.NewBuffer(jsonStr)))
|
||||||
|
if err != nil {
|
||||||
|
t.Fatalf("failed to read request: %s", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
r := NewSharedSecretRegistration(sharedSecret)
|
||||||
|
|
||||||
|
// force the nonce to be known
|
||||||
|
r.nonces.Set(req.Nonce, true, cache.DefaultExpiration)
|
||||||
|
|
||||||
|
valid, err := r.IsValidMacLogin(req.Nonce, req.User, req.Password, req.Admin, req.MacBytes)
|
||||||
|
if err != nil {
|
||||||
|
t.Fatalf("failed to check for valid mac: %s", err)
|
||||||
|
}
|
||||||
|
if !valid {
|
||||||
|
t.Errorf("mac login failed, wanted success")
|
||||||
|
}
|
||||||
|
|
||||||
|
// modify the mac so it fails
|
||||||
|
req.MacBytes[0] = 0xff
|
||||||
|
valid, err = r.IsValidMacLogin(req.Nonce, req.User, req.Password, req.Admin, req.MacBytes)
|
||||||
|
if err != nil {
|
||||||
|
t.Fatalf("failed to check for valid mac: %s", err)
|
||||||
|
}
|
||||||
|
if valid {
|
||||||
|
t.Errorf("mac login succeeded, wanted failure")
|
||||||
|
}
|
||||||
|
}
|
|
@ -37,6 +37,7 @@ import (
|
||||||
"github.com/matrix-org/dendrite/userapi/storage/accounts"
|
"github.com/matrix-org/dendrite/userapi/storage/accounts"
|
||||||
"github.com/matrix-org/gomatrixserverlib"
|
"github.com/matrix-org/gomatrixserverlib"
|
||||||
"github.com/matrix-org/util"
|
"github.com/matrix-org/util"
|
||||||
|
"github.com/sirupsen/logrus"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Setup registers HTTP handlers with the given ServeMux. It also supplies the given http.Client
|
// Setup registers HTTP handlers with the given ServeMux. It also supplies the given http.Client
|
||||||
|
@ -46,7 +47,7 @@ import (
|
||||||
// applied:
|
// applied:
|
||||||
// nolint: gocyclo
|
// nolint: gocyclo
|
||||||
func Setup(
|
func Setup(
|
||||||
publicAPIMux *mux.Router, cfg *config.ClientAPI,
|
publicAPIMux, synapseAdminRouter *mux.Router, cfg *config.ClientAPI,
|
||||||
eduAPI eduServerAPI.EDUServerInputAPI,
|
eduAPI eduServerAPI.EDUServerInputAPI,
|
||||||
rsAPI roomserverAPI.RoomserverInternalAPI,
|
rsAPI roomserverAPI.RoomserverInternalAPI,
|
||||||
asAPI appserviceAPI.AppServiceQueryAPI,
|
asAPI appserviceAPI.AppServiceQueryAPI,
|
||||||
|
@ -88,6 +89,32 @@ func Setup(
|
||||||
}),
|
}),
|
||||||
).Methods(http.MethodGet, http.MethodOptions)
|
).Methods(http.MethodGet, http.MethodOptions)
|
||||||
|
|
||||||
|
if cfg.RegistrationSharedSecret != "" {
|
||||||
|
logrus.Info("Enabling shared secret registration at /_synapse/admin/v1/register")
|
||||||
|
sr := NewSharedSecretRegistration(cfg.RegistrationSharedSecret)
|
||||||
|
synapseAdminRouter.Handle("/admin/v1/register",
|
||||||
|
httputil.MakeExternalAPI("shared_secret_registration", func(req *http.Request) util.JSONResponse {
|
||||||
|
if req.Method == http.MethodGet {
|
||||||
|
return util.JSONResponse{
|
||||||
|
Code: 200,
|
||||||
|
JSON: struct {
|
||||||
|
Nonce string `json:"nonce"`
|
||||||
|
}{
|
||||||
|
Nonce: sr.GenerateNonce(),
|
||||||
|
},
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if req.Method == http.MethodPost {
|
||||||
|
return handleSharedSecretRegistration(userAPI, sr, req)
|
||||||
|
}
|
||||||
|
return util.JSONResponse{
|
||||||
|
Code: http.StatusMethodNotAllowed,
|
||||||
|
JSON: jsonerror.NotFound("unknown method"),
|
||||||
|
}
|
||||||
|
}),
|
||||||
|
).Methods(http.MethodGet, http.MethodPost, http.MethodOptions)
|
||||||
|
}
|
||||||
|
|
||||||
r0mux := publicAPIMux.PathPrefix("/r0").Subrouter()
|
r0mux := publicAPIMux.PathPrefix("/r0").Subrouter()
|
||||||
unstableMux := publicAPIMux.PathPrefix("/unstable").Subrouter()
|
unstableMux := publicAPIMux.PathPrefix("/unstable").Subrouter()
|
||||||
|
|
||||||
|
|
|
@ -197,6 +197,7 @@ func main() {
|
||||||
base.Base.PublicFederationAPIMux,
|
base.Base.PublicFederationAPIMux,
|
||||||
base.Base.PublicKeyAPIMux,
|
base.Base.PublicKeyAPIMux,
|
||||||
base.Base.PublicMediaAPIMux,
|
base.Base.PublicMediaAPIMux,
|
||||||
|
base.Base.SynapseAdminMux,
|
||||||
)
|
)
|
||||||
if err := mscs.Enable(&base.Base, &monolith); err != nil {
|
if err := mscs.Enable(&base.Base, &monolith); err != nil {
|
||||||
logrus.WithError(err).Fatalf("Failed to enable MSCs")
|
logrus.WithError(err).Fatalf("Failed to enable MSCs")
|
||||||
|
|
|
@ -210,6 +210,7 @@ func main() {
|
||||||
base.PublicFederationAPIMux,
|
base.PublicFederationAPIMux,
|
||||||
base.PublicKeyAPIMux,
|
base.PublicKeyAPIMux,
|
||||||
base.PublicMediaAPIMux,
|
base.PublicMediaAPIMux,
|
||||||
|
base.SynapseAdminMux,
|
||||||
)
|
)
|
||||||
|
|
||||||
wsUpgrader := websocket.Upgrader{
|
wsUpgrader := websocket.Upgrader{
|
||||||
|
|
|
@ -154,6 +154,7 @@ func main() {
|
||||||
base.PublicFederationAPIMux,
|
base.PublicFederationAPIMux,
|
||||||
base.PublicKeyAPIMux,
|
base.PublicKeyAPIMux,
|
||||||
base.PublicMediaAPIMux,
|
base.PublicMediaAPIMux,
|
||||||
|
base.SynapseAdminMux,
|
||||||
)
|
)
|
||||||
if err := mscs.Enable(base, &monolith); err != nil {
|
if err := mscs.Enable(base, &monolith); err != nil {
|
||||||
logrus.WithError(err).Fatalf("Failed to enable MSCs")
|
logrus.WithError(err).Fatalf("Failed to enable MSCs")
|
||||||
|
|
|
@ -149,6 +149,7 @@ func main() {
|
||||||
base.PublicFederationAPIMux,
|
base.PublicFederationAPIMux,
|
||||||
base.PublicKeyAPIMux,
|
base.PublicKeyAPIMux,
|
||||||
base.PublicMediaAPIMux,
|
base.PublicMediaAPIMux,
|
||||||
|
base.SynapseAdminMux,
|
||||||
)
|
)
|
||||||
|
|
||||||
if len(base.Cfg.MSCs.MSCs) > 0 {
|
if len(base.Cfg.MSCs.MSCs) > 0 {
|
||||||
|
|
|
@ -33,7 +33,7 @@ func ClientAPI(base *setup.BaseDendrite, cfg *config.Dendrite) {
|
||||||
keyAPI := base.KeyServerHTTPClient()
|
keyAPI := base.KeyServerHTTPClient()
|
||||||
|
|
||||||
clientapi.AddPublicRoutes(
|
clientapi.AddPublicRoutes(
|
||||||
base.PublicClientAPIMux, &base.Cfg.ClientAPI, accountDB, federation,
|
base.PublicClientAPIMux, base.SynapseAdminMux, &base.Cfg.ClientAPI, accountDB, federation,
|
||||||
rsAPI, eduInputAPI, asQuery, transactions.New(), fsAPI, userAPI, keyAPI, nil,
|
rsAPI, eduInputAPI, asQuery, transactions.New(), fsAPI, userAPI, keyAPI, nil,
|
||||||
&cfg.MSCs,
|
&cfg.MSCs,
|
||||||
)
|
)
|
||||||
|
|
|
@ -35,9 +35,13 @@ var (
|
||||||
flagFrom = flag.String("from", "HEAD-1", "The version to start from e.g '0.3.1'. If 'HEAD-N' then starts N versions behind HEAD.")
|
flagFrom = flag.String("from", "HEAD-1", "The version to start from e.g '0.3.1'. If 'HEAD-N' then starts N versions behind HEAD.")
|
||||||
flagTo = flag.String("to", "HEAD", "The version to end on e.g '0.3.3'.")
|
flagTo = flag.String("to", "HEAD", "The version to end on e.g '0.3.3'.")
|
||||||
flagBuildConcurrency = flag.Int("build-concurrency", runtime.NumCPU(), "The amount of build concurrency when building images")
|
flagBuildConcurrency = flag.Int("build-concurrency", runtime.NumCPU(), "The amount of build concurrency when building images")
|
||||||
|
flagHead = flag.String("head", "", "Location to a dendrite repository to treat as HEAD instead of Github")
|
||||||
|
flagDockerHost = flag.String("docker-host", "localhost", "The hostname of the docker client. 'localhost' if running locally, 'host.docker.internal' if running in Docker.")
|
||||||
alphaNumerics = regexp.MustCompile("[^a-zA-Z0-9]+")
|
alphaNumerics = regexp.MustCompile("[^a-zA-Z0-9]+")
|
||||||
)
|
)
|
||||||
|
|
||||||
|
const HEAD = "HEAD"
|
||||||
|
|
||||||
// Embed the Dockerfile to use when building dendrite versions.
|
// Embed the Dockerfile to use when building dendrite versions.
|
||||||
// We cannot use the dockerfile associated with the repo with each version sadly due to changes in
|
// We cannot use the dockerfile associated with the repo with each version sadly due to changes in
|
||||||
// Docker versions. Specifically, earlier Dendrite versions are incompatible with newer Docker clients
|
// Docker versions. Specifically, earlier Dendrite versions are incompatible with newer Docker clients
|
||||||
|
@ -104,6 +108,7 @@ func downloadArchive(cli *http.Client, tmpDir, archiveURL string, dockerfile []b
|
||||||
if resp.StatusCode != 200 {
|
if resp.StatusCode != 200 {
|
||||||
return nil, fmt.Errorf("got HTTP %d", resp.StatusCode)
|
return nil, fmt.Errorf("got HTTP %d", resp.StatusCode)
|
||||||
}
|
}
|
||||||
|
_ = os.RemoveAll(tmpDir)
|
||||||
if err = os.Mkdir(tmpDir, os.ModePerm); err != nil {
|
if err = os.Mkdir(tmpDir, os.ModePerm); err != nil {
|
||||||
return nil, fmt.Errorf("failed to make temporary directory: %s", err)
|
return nil, fmt.Errorf("failed to make temporary directory: %s", err)
|
||||||
}
|
}
|
||||||
|
@ -134,15 +139,36 @@ func downloadArchive(cli *http.Client, tmpDir, archiveURL string, dockerfile []b
|
||||||
|
|
||||||
// buildDendrite builds Dendrite on the branchOrTagName given. Returns the image ID or an error
|
// buildDendrite builds Dendrite on the branchOrTagName given. Returns the image ID or an error
|
||||||
func buildDendrite(httpClient *http.Client, dockerClient *client.Client, tmpDir, branchOrTagName string) (string, error) {
|
func buildDendrite(httpClient *http.Client, dockerClient *client.Client, tmpDir, branchOrTagName string) (string, error) {
|
||||||
|
var tarball *bytes.Buffer
|
||||||
|
var err error
|
||||||
|
// If a custom HEAD location is given, use that, else pull from github. Mostly useful for CI
|
||||||
|
// where we want to use the working directory.
|
||||||
|
if branchOrTagName == HEAD && *flagHead != "" {
|
||||||
|
log.Printf("%s: Using %s as HEAD", branchOrTagName, *flagHead)
|
||||||
|
// add top level Dockerfile
|
||||||
|
err = ioutil.WriteFile(path.Join(*flagHead, "Dockerfile"), []byte(Dockerfile), os.ModePerm)
|
||||||
|
if err != nil {
|
||||||
|
return "", fmt.Errorf("Custom HEAD: failed to inject /Dockerfile: %w", err)
|
||||||
|
}
|
||||||
|
// now tarball it
|
||||||
|
var buffer bytes.Buffer
|
||||||
|
err = compress(*flagHead, &buffer)
|
||||||
|
if err != nil {
|
||||||
|
return "", fmt.Errorf("failed to tarball custom HEAD %s : %s", *flagHead, err)
|
||||||
|
}
|
||||||
|
tarball = &buffer
|
||||||
|
} else {
|
||||||
log.Printf("%s: Downloading version %s to %s\n", branchOrTagName, branchOrTagName, tmpDir)
|
log.Printf("%s: Downloading version %s to %s\n", branchOrTagName, branchOrTagName, tmpDir)
|
||||||
// pull an archive, this contains a top-level directory which screws with the build context
|
// pull an archive, this contains a top-level directory which screws with the build context
|
||||||
// which we need to fix up post download
|
// which we need to fix up post download
|
||||||
u := fmt.Sprintf("https://github.com/matrix-org/dendrite/archive/%s.tar.gz", branchOrTagName)
|
u := fmt.Sprintf("https://github.com/matrix-org/dendrite/archive/%s.tar.gz", branchOrTagName)
|
||||||
tarball, err := downloadArchive(httpClient, tmpDir, u, []byte(Dockerfile))
|
tarball, err = downloadArchive(httpClient, tmpDir, u, []byte(Dockerfile))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", fmt.Errorf("failed to download archive %s: %w", u, err)
|
return "", fmt.Errorf("failed to download archive %s: %w", u, err)
|
||||||
}
|
}
|
||||||
log.Printf("%s: %s => %d bytes\n", branchOrTagName, u, tarball.Len())
|
log.Printf("%s: %s => %d bytes\n", branchOrTagName, u, tarball.Len())
|
||||||
|
}
|
||||||
|
|
||||||
log.Printf("%s: Building version %s\n", branchOrTagName, branchOrTagName)
|
log.Printf("%s: Building version %s\n", branchOrTagName, branchOrTagName)
|
||||||
res, err := dockerClient.ImageBuild(context.Background(), tarball, types.ImageBuildOptions{
|
res, err := dockerClient.ImageBuild(context.Background(), tarball, types.ImageBuildOptions{
|
||||||
Tags: []string{"dendrite-upgrade"},
|
Tags: []string{"dendrite-upgrade"},
|
||||||
|
@ -234,7 +260,7 @@ func calculateVersions(cli *http.Client, from, to string) []string {
|
||||||
semvers = semvers[i:]
|
semvers = semvers[i:]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if to != "" && to != "HEAD" {
|
if to != "" && to != HEAD {
|
||||||
toVer, err := semver.NewVersion(to)
|
toVer, err := semver.NewVersion(to)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Fatalf("invalid --to: %s", err)
|
log.Fatalf("invalid --to: %s", err)
|
||||||
|
@ -252,8 +278,8 @@ func calculateVersions(cli *http.Client, from, to string) []string {
|
||||||
for _, sv := range semvers {
|
for _, sv := range semvers {
|
||||||
versions = append(versions, sv.Original())
|
versions = append(versions, sv.Original())
|
||||||
}
|
}
|
||||||
if to == "HEAD" {
|
if to == HEAD {
|
||||||
versions = append(versions, "HEAD")
|
versions = append(versions, HEAD)
|
||||||
}
|
}
|
||||||
return versions
|
return versions
|
||||||
}
|
}
|
||||||
|
@ -327,7 +353,7 @@ func runImage(dockerClient *client.Client, volumeName, version, imageID string)
|
||||||
if !ok {
|
if !ok {
|
||||||
return "", "", fmt.Errorf("port 8008 not exposed - exposed ports: %v", inspect.NetworkSettings.Ports)
|
return "", "", fmt.Errorf("port 8008 not exposed - exposed ports: %v", inspect.NetworkSettings.Ports)
|
||||||
}
|
}
|
||||||
baseURL := fmt.Sprintf("http://localhost:%s", csapiPortInfo[0].HostPort)
|
baseURL := fmt.Sprintf("http://%s:%s", *flagDockerHost, csapiPortInfo[0].HostPort)
|
||||||
versionsURL := fmt.Sprintf("%s/_matrix/client/versions", baseURL)
|
versionsURL := fmt.Sprintf("%s/_matrix/client/versions", baseURL)
|
||||||
// hit /versions to check it is up
|
// hit /versions to check it is up
|
||||||
var lastErr error
|
var lastErr error
|
||||||
|
|
|
@ -17,7 +17,7 @@ func compress(src string, buf io.Writer) error {
|
||||||
tw := tar.NewWriter(zr)
|
tw := tar.NewWriter(zr)
|
||||||
|
|
||||||
// walk through every file in the folder
|
// walk through every file in the folder
|
||||||
_ = filepath.Walk(src, func(file string, fi os.FileInfo, e error) error {
|
err := filepath.Walk(src, func(file string, fi os.FileInfo, e error) error {
|
||||||
// generate tar header
|
// generate tar header
|
||||||
header, err := tar.FileInfoHeader(fi, file)
|
header, err := tar.FileInfoHeader(fi, file)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -37,12 +37,18 @@ func compress(src string, buf io.Writer) error {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
if _, err := io.Copy(tw, data); err != nil {
|
if _, err = io.Copy(tw, data); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if err = data.Close(); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
})
|
})
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
// produce tar
|
// produce tar
|
||||||
if err := tw.Close(); err != nil {
|
if err := tw.Close(); err != nil {
|
||||||
|
|
|
@ -215,6 +215,7 @@ func main() {
|
||||||
base.PublicFederationAPIMux,
|
base.PublicFederationAPIMux,
|
||||||
base.PublicKeyAPIMux,
|
base.PublicKeyAPIMux,
|
||||||
base.PublicMediaAPIMux,
|
base.PublicMediaAPIMux,
|
||||||
|
base.SynapseAdminMux,
|
||||||
)
|
)
|
||||||
|
|
||||||
httpRouter := mux.NewRouter().SkipClean(true).UseEncodedPath()
|
httpRouter := mux.NewRouter().SkipClean(true).UseEncodedPath()
|
||||||
|
|
|
@ -236,6 +236,7 @@ func main() {
|
||||||
base.PublicFederationAPIMux,
|
base.PublicFederationAPIMux,
|
||||||
base.PublicKeyAPIMux,
|
base.PublicKeyAPIMux,
|
||||||
base.PublicMediaAPIMux,
|
base.PublicMediaAPIMux,
|
||||||
|
base.SynapseAdminMux,
|
||||||
)
|
)
|
||||||
|
|
||||||
httpRouter := mux.NewRouter().SkipClean(true).UseEncodedPath()
|
httpRouter := mux.NewRouter().SkipClean(true).UseEncodedPath()
|
||||||
|
|
|
@ -573,6 +573,23 @@ func (t *txnReq) processEvent(ctx context.Context, e *gomatrixserverlib.Event) e
|
||||||
logger := util.GetLogger(ctx).WithField("event_id", e.EventID()).WithField("room_id", e.RoomID())
|
logger := util.GetLogger(ctx).WithField("event_id", e.EventID()).WithField("room_id", e.RoomID())
|
||||||
t.work = "" // reset from previous event
|
t.work = "" // reset from previous event
|
||||||
|
|
||||||
|
// Ask the roomserver if we know about the room and/or if we're joined
|
||||||
|
// to it. If we aren't then we won't bother processing the event.
|
||||||
|
joinedReq := api.QueryServerJoinedToRoomRequest{
|
||||||
|
RoomID: e.RoomID(),
|
||||||
|
}
|
||||||
|
var joinedRes api.QueryServerJoinedToRoomResponse
|
||||||
|
if err := t.rsAPI.QueryServerJoinedToRoom(ctx, &joinedReq, &joinedRes); err != nil {
|
||||||
|
return fmt.Errorf("t.rsAPI.QueryServerJoinedToRoom: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if !joinedRes.RoomExists || !joinedRes.IsInRoom {
|
||||||
|
// We don't believe we're a member of this room, therefore there's
|
||||||
|
// no point in wasting work trying to figure out what to do with
|
||||||
|
// missing auth or prev events. Drop the event.
|
||||||
|
return roomNotFoundError{e.RoomID()}
|
||||||
|
}
|
||||||
|
|
||||||
// Work out if the roomserver knows everything it needs to know to auth
|
// Work out if the roomserver knows everything it needs to know to auth
|
||||||
// the event. This includes the prev_events and auth_events.
|
// the event. This includes the prev_events and auth_events.
|
||||||
// NOTE! This is going to include prev_events that have an empty state
|
// NOTE! This is going to include prev_events that have an empty state
|
||||||
|
@ -589,16 +606,6 @@ func (t *txnReq) processEvent(ctx context.Context, e *gomatrixserverlib.Event) e
|
||||||
return fmt.Errorf("t.rsAPI.QueryMissingAuthPrevEvents: %w", err)
|
return fmt.Errorf("t.rsAPI.QueryMissingAuthPrevEvents: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
if !stateResp.RoomExists {
|
|
||||||
// TODO: When synapse receives a message for a room it is not in it
|
|
||||||
// asks the remote server for the state of the room so that it can
|
|
||||||
// check if the remote server knows of a join "m.room.member" event
|
|
||||||
// that this server is unaware of.
|
|
||||||
// However generally speaking we should reject events for rooms we
|
|
||||||
// aren't a member of.
|
|
||||||
return roomNotFoundError{e.RoomID()}
|
|
||||||
}
|
|
||||||
|
|
||||||
// Prepare a map of all the events we already had before this point, so
|
// Prepare a map of all the events we already had before this point, so
|
||||||
// that we don't send them to the roomserver again.
|
// that we don't send them to the roomserver again.
|
||||||
for _, eventID := range append(e.AuthEventIDs(), e.PrevEventIDs()...) {
|
for _, eventID := range append(e.AuthEventIDs(), e.PrevEventIDs()...) {
|
||||||
|
|
|
@ -190,7 +190,9 @@ func (t *testRoomserverAPI) QueryServerJoinedToRoom(
|
||||||
request *api.QueryServerJoinedToRoomRequest,
|
request *api.QueryServerJoinedToRoomRequest,
|
||||||
response *api.QueryServerJoinedToRoomResponse,
|
response *api.QueryServerJoinedToRoomResponse,
|
||||||
) error {
|
) error {
|
||||||
return fmt.Errorf("not implemented")
|
response.RoomExists = true
|
||||||
|
response.IsInRoom = true
|
||||||
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// Query whether a server is allowed to see an event
|
// Query whether a server is allowed to see an event
|
||||||
|
|
1
go.mod
1
go.mod
|
@ -42,6 +42,7 @@ require (
|
||||||
github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646
|
github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646
|
||||||
github.com/ngrok/sqlmw v0.0.0-20200129213757-d5c93a81bec6
|
github.com/ngrok/sqlmw v0.0.0-20200129213757-d5c93a81bec6
|
||||||
github.com/opentracing/opentracing-go v1.2.0
|
github.com/opentracing/opentracing-go v1.2.0
|
||||||
|
github.com/patrickmn/go-cache v2.1.0+incompatible
|
||||||
github.com/pierrec/lz4 v2.6.1+incompatible // indirect
|
github.com/pierrec/lz4 v2.6.1+incompatible // indirect
|
||||||
github.com/pkg/errors v0.9.1
|
github.com/pkg/errors v0.9.1
|
||||||
github.com/pressly/goose v2.7.0+incompatible
|
github.com/pressly/goose v2.7.0+incompatible
|
||||||
|
|
2
go.sum
2
go.sum
|
@ -1266,6 +1266,8 @@ github.com/openzipkin/zipkin-go v0.2.1/go.mod h1:NaW6tEwdmWMaCDZzg8sh+IBNOxHMPnh
|
||||||
github.com/openzipkin/zipkin-go v0.2.2/go.mod h1:NaW6tEwdmWMaCDZzg8sh+IBNOxHMPnhQw8ySjnjRyN4=
|
github.com/openzipkin/zipkin-go v0.2.2/go.mod h1:NaW6tEwdmWMaCDZzg8sh+IBNOxHMPnhQw8ySjnjRyN4=
|
||||||
github.com/pact-foundation/pact-go v1.0.4/go.mod h1:uExwJY4kCzNPcHRj+hCR/HBbOOIwwtUjcrb0b5/5kLM=
|
github.com/pact-foundation/pact-go v1.0.4/go.mod h1:uExwJY4kCzNPcHRj+hCR/HBbOOIwwtUjcrb0b5/5kLM=
|
||||||
github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc=
|
github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc=
|
||||||
|
github.com/patrickmn/go-cache v2.1.0+incompatible h1:HRMgzkcYKYpi3C8ajMPV8OFXaaRUnok+kx1WdO15EQc=
|
||||||
|
github.com/patrickmn/go-cache v2.1.0+incompatible/go.mod h1:3Qf8kWWT7OJRJbdiICTKqZju1ZixQ/KpMGzzAfe6+WQ=
|
||||||
github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k=
|
github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k=
|
||||||
github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
|
github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
|
||||||
github.com/pelletier/go-toml v1.8.1/go.mod h1:T2/BmBdy8dvIRq1a/8aqjN41wvWlN4lrapLU/GW4pbc=
|
github.com/pelletier/go-toml v1.8.1/go.mod h1:T2/BmBdy8dvIRq1a/8aqjN41wvWlN4lrapLU/GW4pbc=
|
||||||
|
|
|
@ -73,9 +73,9 @@ func callerPrettyfier(f *runtime.Frame) (string, string) {
|
||||||
// Append a newline + tab to it to move the actual log content to its own line
|
// Append a newline + tab to it to move the actual log content to its own line
|
||||||
funcname += "\n\t"
|
funcname += "\n\t"
|
||||||
|
|
||||||
// Surround the filepath in brackets and append line number so IDEs can quickly
|
// Use a shortened file path which just has the filename to avoid having lots of redundant
|
||||||
// navigate
|
// directories which contribute significantly to overall log sizes!
|
||||||
filename := fmt.Sprintf(" [%s:%d]", f.File, f.Line)
|
filename := fmt.Sprintf(" [%s:%d]", path.Base(f.File), f.Line)
|
||||||
|
|
||||||
return funcname, filename
|
return funcname, filename
|
||||||
}
|
}
|
||||||
|
|
|
@ -16,8 +16,8 @@ var build string
|
||||||
|
|
||||||
const (
|
const (
|
||||||
VersionMajor = 0
|
VersionMajor = 0
|
||||||
VersionMinor = 3
|
VersionMinor = 4
|
||||||
VersionPatch = 11
|
VersionPatch = 0
|
||||||
VersionTag = "" // example: "rc1"
|
VersionTag = "" // example: "rc1"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
|
@ -170,7 +170,8 @@ type QueryMembershipsForRoomResponse struct {
|
||||||
|
|
||||||
// QueryServerJoinedToRoomRequest is a request to QueryServerJoinedToRoom
|
// QueryServerJoinedToRoomRequest is a request to QueryServerJoinedToRoom
|
||||||
type QueryServerJoinedToRoomRequest struct {
|
type QueryServerJoinedToRoomRequest struct {
|
||||||
// Server name of the server to find
|
// Server name of the server to find. If not specified, we will
|
||||||
|
// default to checking if the local server is joined.
|
||||||
ServerName gomatrixserverlib.ServerName `json:"server_name"`
|
ServerName gomatrixserverlib.ServerName `json:"server_name"`
|
||||||
// ID of the room to see if we are still joined to
|
// ID of the room to see if we are still joined to
|
||||||
RoomID string `json:"room_id"`
|
RoomID string `json:"room_id"`
|
||||||
|
@ -182,7 +183,8 @@ type QueryServerJoinedToRoomResponse struct {
|
||||||
RoomExists bool `json:"room_exists"`
|
RoomExists bool `json:"room_exists"`
|
||||||
// True if we still believe that we are participating in the room
|
// True if we still believe that we are participating in the room
|
||||||
IsInRoom bool `json:"is_in_room"`
|
IsInRoom bool `json:"is_in_room"`
|
||||||
// List of servers that are also in the room
|
// List of servers that are also in the room. This will not be populated
|
||||||
|
// if the queried ServerName is the local server name.
|
||||||
ServerNames []gomatrixserverlib.ServerName `json:"server_names"`
|
ServerNames []gomatrixserverlib.ServerName `json:"server_names"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -59,6 +59,7 @@ func NewRoomserverAPI(
|
||||||
Queryer: &query.Queryer{
|
Queryer: &query.Queryer{
|
||||||
DB: roomserverDB,
|
DB: roomserverDB,
|
||||||
Cache: caches,
|
Cache: caches,
|
||||||
|
ServerName: cfg.Matrix.ServerName,
|
||||||
ServerACLs: serverACLs,
|
ServerACLs: serverACLs,
|
||||||
},
|
},
|
||||||
Inputer: &input.Inputer{
|
Inputer: &input.Inputer{
|
||||||
|
@ -92,6 +93,7 @@ func (r *RoomserverInternalAPI) SetFederationSenderAPI(fsAPI fsAPI.FederationSen
|
||||||
FSAPI: r.fsAPI,
|
FSAPI: r.fsAPI,
|
||||||
RSAPI: r,
|
RSAPI: r,
|
||||||
Inputer: r.Inputer,
|
Inputer: r.Inputer,
|
||||||
|
Queryer: r.Queryer,
|
||||||
}
|
}
|
||||||
r.Peeker = &perform.Peeker{
|
r.Peeker = &perform.Peeker{
|
||||||
ServerName: r.Cfg.Matrix.ServerName,
|
ServerName: r.Cfg.Matrix.ServerName,
|
||||||
|
|
|
@ -50,6 +50,10 @@ func UpdateToInviteMembership(
|
||||||
return updates, nil
|
return updates, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// IsServerCurrentlyInRoom checks if a server is in a given room, based on the room
|
||||||
|
// memberships. If the servername is not supplied then the local server will be
|
||||||
|
// checked instead using a faster code path.
|
||||||
|
// TODO: This should probably be replaced by an API call.
|
||||||
func IsServerCurrentlyInRoom(ctx context.Context, db storage.Database, serverName gomatrixserverlib.ServerName, roomID string) (bool, error) {
|
func IsServerCurrentlyInRoom(ctx context.Context, db storage.Database, serverName gomatrixserverlib.ServerName, roomID string) (bool, error) {
|
||||||
info, err := db.RoomInfo(ctx, roomID)
|
info, err := db.RoomInfo(ctx, roomID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -59,6 +63,10 @@ func IsServerCurrentlyInRoom(ctx context.Context, db storage.Database, serverNam
|
||||||
return false, fmt.Errorf("unknown room %s", roomID)
|
return false, fmt.Errorf("unknown room %s", roomID)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if serverName == "" {
|
||||||
|
return db.GetLocalServerInRoom(ctx, info.RoomNID)
|
||||||
|
}
|
||||||
|
|
||||||
eventNIDs, err := db.GetMembershipEventNIDsForRoom(ctx, info.RoomNID, true, false)
|
eventNIDs, err := db.GetMembershipEventNIDsForRoom(ctx, info.RoomNID, true, false)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return false, err
|
return false, err
|
||||||
|
|
|
@ -28,6 +28,7 @@ import (
|
||||||
rsAPI "github.com/matrix-org/dendrite/roomserver/api"
|
rsAPI "github.com/matrix-org/dendrite/roomserver/api"
|
||||||
"github.com/matrix-org/dendrite/roomserver/internal/helpers"
|
"github.com/matrix-org/dendrite/roomserver/internal/helpers"
|
||||||
"github.com/matrix-org/dendrite/roomserver/internal/input"
|
"github.com/matrix-org/dendrite/roomserver/internal/input"
|
||||||
|
"github.com/matrix-org/dendrite/roomserver/internal/query"
|
||||||
"github.com/matrix-org/dendrite/roomserver/storage"
|
"github.com/matrix-org/dendrite/roomserver/storage"
|
||||||
"github.com/matrix-org/dendrite/setup/config"
|
"github.com/matrix-org/dendrite/setup/config"
|
||||||
"github.com/matrix-org/gomatrixserverlib"
|
"github.com/matrix-org/gomatrixserverlib"
|
||||||
|
@ -42,6 +43,7 @@ type Joiner struct {
|
||||||
DB storage.Database
|
DB storage.Database
|
||||||
|
|
||||||
Inputer *input.Inputer
|
Inputer *input.Inputer
|
||||||
|
Queryer *query.Queryer
|
||||||
}
|
}
|
||||||
|
|
||||||
// PerformJoin handles joining matrix rooms, including over federation by talking to the federationsender.
|
// PerformJoin handles joining matrix rooms, including over federation by talking to the federationsender.
|
||||||
|
@ -205,7 +207,14 @@ func (r *Joiner) performJoinRoomByID(
|
||||||
|
|
||||||
// Force a federated join if we aren't in the room and we've been
|
// Force a federated join if we aren't in the room and we've been
|
||||||
// given some server names to try joining by.
|
// given some server names to try joining by.
|
||||||
serverInRoom, _ := helpers.IsServerCurrentlyInRoom(ctx, r.DB, r.ServerName, req.RoomIDOrAlias)
|
inRoomReq := &api.QueryServerJoinedToRoomRequest{
|
||||||
|
RoomID: req.RoomIDOrAlias,
|
||||||
|
}
|
||||||
|
inRoomRes := &api.QueryServerJoinedToRoomResponse{}
|
||||||
|
if err = r.Queryer.QueryServerJoinedToRoom(ctx, inRoomReq, inRoomRes); err != nil {
|
||||||
|
return "", "", fmt.Errorf("r.Queryer.QueryServerJoinedToRoom: %w", err)
|
||||||
|
}
|
||||||
|
serverInRoom := inRoomRes.IsInRoom
|
||||||
forceFederatedJoin := len(req.ServerNames) > 0 && !serverInRoom
|
forceFederatedJoin := len(req.ServerNames) > 0 && !serverInRoom
|
||||||
|
|
||||||
// Force a federated join if we're dealing with a pending invite
|
// Force a federated join if we're dealing with a pending invite
|
||||||
|
|
|
@ -64,7 +64,14 @@ func (r *Leaver) performLeaveRoomByID(
|
||||||
// that.
|
// that.
|
||||||
isInvitePending, senderUser, eventID, err := helpers.IsInvitePending(ctx, r.DB, req.RoomID, req.UserID)
|
isInvitePending, senderUser, eventID, err := helpers.IsInvitePending(ctx, r.DB, req.RoomID, req.UserID)
|
||||||
if err == nil && isInvitePending {
|
if err == nil && isInvitePending {
|
||||||
return r.performRejectInvite(ctx, req, res, senderUser, eventID)
|
var host gomatrixserverlib.ServerName
|
||||||
|
_, host, err = gomatrixserverlib.SplitID('@', senderUser)
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("Sender %q is invalid", senderUser)
|
||||||
|
}
|
||||||
|
if host != r.Cfg.Matrix.ServerName {
|
||||||
|
return r.performFederatedRejectInvite(ctx, req, res, senderUser, eventID)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// There's no invite pending, so first of all we want to find out
|
// There's no invite pending, so first of all we want to find out
|
||||||
|
@ -94,9 +101,7 @@ func (r *Leaver) performLeaveRoomByID(
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("Error getting membership: %w", err)
|
return nil, fmt.Errorf("Error getting membership: %w", err)
|
||||||
}
|
}
|
||||||
if membership != gomatrixserverlib.Join {
|
if membership != gomatrixserverlib.Join && membership != gomatrixserverlib.Invite {
|
||||||
// TODO: should be able to handle "invite" in this case too, if
|
|
||||||
// it's a case of kicking or banning or such
|
|
||||||
return nil, fmt.Errorf("User %q is not joined to the room (membership is %q)", req.UserID, membership)
|
return nil, fmt.Errorf("User %q is not joined to the room (membership is %q)", req.UserID, membership)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -147,7 +152,7 @@ func (r *Leaver) performLeaveRoomByID(
|
||||||
return nil, nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (r *Leaver) performRejectInvite(
|
func (r *Leaver) performFederatedRejectInvite(
|
||||||
ctx context.Context,
|
ctx context.Context,
|
||||||
req *api.PerformLeaveRequest,
|
req *api.PerformLeaveRequest,
|
||||||
res *api.PerformLeaveResponse, // nolint:unparam
|
res *api.PerformLeaveResponse, // nolint:unparam
|
||||||
|
|
|
@ -36,6 +36,7 @@ import (
|
||||||
type Queryer struct {
|
type Queryer struct {
|
||||||
DB storage.Database
|
DB storage.Database
|
||||||
Cache caching.RoomServerCaches
|
Cache caching.RoomServerCaches
|
||||||
|
ServerName gomatrixserverlib.ServerName
|
||||||
ServerACLs *acls.ServerACLs
|
ServerACLs *acls.ServerACLs
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -328,6 +329,16 @@ func (r *Queryer) QueryServerJoinedToRoom(
|
||||||
}
|
}
|
||||||
response.RoomExists = true
|
response.RoomExists = true
|
||||||
|
|
||||||
|
if request.ServerName == r.ServerName || request.ServerName == "" {
|
||||||
|
var joined bool
|
||||||
|
joined, err = r.DB.GetLocalServerInRoom(ctx, info.RoomNID)
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("r.DB.GetLocalServerInRoom: %w", err)
|
||||||
|
}
|
||||||
|
response.IsInRoom = joined
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
eventNIDs, err := r.DB.GetMembershipEventNIDsForRoom(ctx, info.RoomNID, true, false)
|
eventNIDs, err := r.DB.GetMembershipEventNIDsForRoom(ctx, info.RoomNID, true, false)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("r.DB.GetMembershipEventNIDsForRoom: %w", err)
|
return fmt.Errorf("r.DB.GetMembershipEventNIDsForRoom: %w", err)
|
||||||
|
@ -377,10 +388,16 @@ func (r *Queryer) QueryServerAllowedToSeeEvent(
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
roomID := events[0].RoomID()
|
roomID := events[0].RoomID()
|
||||||
isServerInRoom, err := helpers.IsServerCurrentlyInRoom(ctx, r.DB, request.ServerName, roomID)
|
|
||||||
if err != nil {
|
inRoomReq := &api.QueryServerJoinedToRoomRequest{
|
||||||
return
|
RoomID: roomID,
|
||||||
|
ServerName: request.ServerName,
|
||||||
}
|
}
|
||||||
|
inRoomRes := &api.QueryServerJoinedToRoomResponse{}
|
||||||
|
if err = r.QueryServerJoinedToRoom(ctx, inRoomReq, inRoomRes); err != nil {
|
||||||
|
return fmt.Errorf("r.Queryer.QueryServerJoinedToRoom: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
info, err := r.DB.RoomInfo(ctx, roomID)
|
info, err := r.DB.RoomInfo(ctx, roomID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
|
@ -389,7 +406,7 @@ func (r *Queryer) QueryServerAllowedToSeeEvent(
|
||||||
return fmt.Errorf("QueryServerAllowedToSeeEvent: no room info for room %s", roomID)
|
return fmt.Errorf("QueryServerAllowedToSeeEvent: no room info for room %s", roomID)
|
||||||
}
|
}
|
||||||
response.AllowedToSeeEvent, err = helpers.CheckServerAllowedToSeeEvent(
|
response.AllowedToSeeEvent, err = helpers.CheckServerAllowedToSeeEvent(
|
||||||
ctx, r.DB, *info, request.EventID, request.ServerName, isServerInRoom,
|
ctx, r.DB, *info, request.EventID, request.ServerName, inRoomRes.IsInRoom,
|
||||||
)
|
)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
|
@ -154,6 +154,8 @@ type Database interface {
|
||||||
GetBulkStateContent(ctx context.Context, roomIDs []string, tuples []gomatrixserverlib.StateKeyTuple, allowWildcards bool) ([]tables.StrippedEvent, error)
|
GetBulkStateContent(ctx context.Context, roomIDs []string, tuples []gomatrixserverlib.StateKeyTuple, allowWildcards bool) ([]tables.StrippedEvent, error)
|
||||||
// JoinedUsersSetInRooms returns all joined users in the rooms given, along with the count of how many times they appear.
|
// JoinedUsersSetInRooms returns all joined users in the rooms given, along with the count of how many times they appear.
|
||||||
JoinedUsersSetInRooms(ctx context.Context, roomIDs []string) (map[string]int, error)
|
JoinedUsersSetInRooms(ctx context.Context, roomIDs []string) (map[string]int, error)
|
||||||
|
// GetLocalServerInRoom returns true if we think we're in a given room or false otherwise.
|
||||||
|
GetLocalServerInRoom(ctx context.Context, roomNID types.RoomNID) (bool, error)
|
||||||
// GetKnownUsers searches all users that userID knows about.
|
// GetKnownUsers searches all users that userID knows about.
|
||||||
GetKnownUsers(ctx context.Context, userID, searchString string, limit int) ([]string, error)
|
GetKnownUsers(ctx context.Context, userID, searchString string, limit int) ([]string, error)
|
||||||
// GetKnownRooms returns a list of all rooms we know about.
|
// GetKnownRooms returns a list of all rooms we know about.
|
||||||
|
|
|
@ -124,6 +124,14 @@ var selectKnownUsersSQL = "" +
|
||||||
" SELECT DISTINCT room_nid FROM roomserver_membership WHERE target_nid=$1 AND membership_nid = " + fmt.Sprintf("%d", tables.MembershipStateJoin) +
|
" SELECT DISTINCT room_nid FROM roomserver_membership WHERE target_nid=$1 AND membership_nid = " + fmt.Sprintf("%d", tables.MembershipStateJoin) +
|
||||||
") AND membership_nid = " + fmt.Sprintf("%d", tables.MembershipStateJoin) + " AND event_state_key LIKE $2 LIMIT $3"
|
") AND membership_nid = " + fmt.Sprintf("%d", tables.MembershipStateJoin) + " AND event_state_key LIKE $2 LIMIT $3"
|
||||||
|
|
||||||
|
// selectLocalServerInRoomSQL is an optimised case for checking if we, the local server,
|
||||||
|
// are in the room by using the target_local column of the membership table. Normally when
|
||||||
|
// we want to know if a server is in a room, we have to unmarshal the entire room state which
|
||||||
|
// is expensive. The presence of a single row from this query suggests we're still in the
|
||||||
|
// room, no rows returned suggests we aren't.
|
||||||
|
const selectLocalServerInRoomSQL = "" +
|
||||||
|
"SELECT room_nid FROM roomserver_membership WHERE target_local = true AND membership_nid = $1 AND room_nid = $2 LIMIT 1"
|
||||||
|
|
||||||
type membershipStatements struct {
|
type membershipStatements struct {
|
||||||
insertMembershipStmt *sql.Stmt
|
insertMembershipStmt *sql.Stmt
|
||||||
selectMembershipForUpdateStmt *sql.Stmt
|
selectMembershipForUpdateStmt *sql.Stmt
|
||||||
|
@ -137,6 +145,7 @@ type membershipStatements struct {
|
||||||
selectJoinedUsersSetForRoomsStmt *sql.Stmt
|
selectJoinedUsersSetForRoomsStmt *sql.Stmt
|
||||||
selectKnownUsersStmt *sql.Stmt
|
selectKnownUsersStmt *sql.Stmt
|
||||||
updateMembershipForgetRoomStmt *sql.Stmt
|
updateMembershipForgetRoomStmt *sql.Stmt
|
||||||
|
selectLocalServerInRoomStmt *sql.Stmt
|
||||||
}
|
}
|
||||||
|
|
||||||
func createMembershipTable(db *sql.DB) error {
|
func createMembershipTable(db *sql.DB) error {
|
||||||
|
@ -160,6 +169,7 @@ func prepareMembershipTable(db *sql.DB) (tables.Membership, error) {
|
||||||
{&s.selectJoinedUsersSetForRoomsStmt, selectJoinedUsersSetForRoomsSQL},
|
{&s.selectJoinedUsersSetForRoomsStmt, selectJoinedUsersSetForRoomsSQL},
|
||||||
{&s.selectKnownUsersStmt, selectKnownUsersSQL},
|
{&s.selectKnownUsersStmt, selectKnownUsersSQL},
|
||||||
{&s.updateMembershipForgetRoomStmt, updateMembershipForgetRoom},
|
{&s.updateMembershipForgetRoomStmt, updateMembershipForgetRoom},
|
||||||
|
{&s.selectLocalServerInRoomStmt, selectLocalServerInRoomSQL},
|
||||||
}.Prepare(db)
|
}.Prepare(db)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -324,3 +334,16 @@ func (s *membershipStatements) UpdateForgetMembership(
|
||||||
)
|
)
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (s *membershipStatements) SelectLocalServerInRoom(ctx context.Context, roomNID types.RoomNID) (bool, error) {
|
||||||
|
var nid types.RoomNID
|
||||||
|
err := s.selectLocalServerInRoomStmt.QueryRowContext(ctx, tables.MembershipStateJoin, roomNID).Scan(&nid)
|
||||||
|
if err != nil {
|
||||||
|
if err == sql.ErrNoRows {
|
||||||
|
return false, nil
|
||||||
|
}
|
||||||
|
return false, err
|
||||||
|
}
|
||||||
|
found := nid > 0
|
||||||
|
return found, nil
|
||||||
|
}
|
||||||
|
|
|
@ -64,7 +64,7 @@ const insertStateDataSQL = "" +
|
||||||
|
|
||||||
const bulkSelectStateBlockEntriesSQL = "" +
|
const bulkSelectStateBlockEntriesSQL = "" +
|
||||||
"SELECT state_block_nid, event_nids" +
|
"SELECT state_block_nid, event_nids" +
|
||||||
" FROM roomserver_state_block WHERE state_block_nid = ANY($1)"
|
" FROM roomserver_state_block WHERE state_block_nid = ANY($1) ORDER BY state_block_nid ASC"
|
||||||
|
|
||||||
type stateBlockStatements struct {
|
type stateBlockStatements struct {
|
||||||
insertStateDataStmt *sql.Stmt
|
insertStateDataStmt *sql.Stmt
|
||||||
|
|
|
@ -1059,6 +1059,11 @@ func (d *Database) JoinedUsersSetInRooms(ctx context.Context, roomIDs []string)
|
||||||
return result, nil
|
return result, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// GetLocalServerInRoom returns true if we think we're in a given room or false otherwise.
|
||||||
|
func (d *Database) GetLocalServerInRoom(ctx context.Context, roomNID types.RoomNID) (bool, error) {
|
||||||
|
return d.MembershipTable.SelectLocalServerInRoom(ctx, roomNID)
|
||||||
|
}
|
||||||
|
|
||||||
// GetKnownUsers searches all users that userID knows about.
|
// GetKnownUsers searches all users that userID knows about.
|
||||||
func (d *Database) GetKnownUsers(ctx context.Context, userID, searchString string, limit int) ([]string, error) {
|
func (d *Database) GetKnownUsers(ctx context.Context, userID, searchString string, limit int) ([]string, error) {
|
||||||
stateKeyNID, err := d.EventStateKeysTable.SelectEventStateKeyNID(ctx, nil, userID)
|
stateKeyNID, err := d.EventStateKeysTable.SelectEventStateKeyNID(ctx, nil, userID)
|
||||||
|
|
|
@ -100,6 +100,14 @@ var selectKnownUsersSQL = "" +
|
||||||
" SELECT DISTINCT room_nid FROM roomserver_membership WHERE target_nid=$1 AND membership_nid = " + fmt.Sprintf("%d", tables.MembershipStateJoin) +
|
" SELECT DISTINCT room_nid FROM roomserver_membership WHERE target_nid=$1 AND membership_nid = " + fmt.Sprintf("%d", tables.MembershipStateJoin) +
|
||||||
") AND membership_nid = " + fmt.Sprintf("%d", tables.MembershipStateJoin) + " AND event_state_key LIKE $2 LIMIT $3"
|
") AND membership_nid = " + fmt.Sprintf("%d", tables.MembershipStateJoin) + " AND event_state_key LIKE $2 LIMIT $3"
|
||||||
|
|
||||||
|
// selectLocalServerInRoomSQL is an optimised case for checking if we, the local server,
|
||||||
|
// are in the room by using the target_local column of the membership table. Normally when
|
||||||
|
// we want to know if a server is in a room, we have to unmarshal the entire room state which
|
||||||
|
// is expensive. The presence of a single row from this query suggests we're still in the
|
||||||
|
// room, no rows returned suggests we aren't.
|
||||||
|
const selectLocalServerInRoomSQL = "" +
|
||||||
|
"SELECT room_nid FROM roomserver_membership WHERE target_local = 1 AND membership_nid = $1 AND room_nid = $2 LIMIT 1"
|
||||||
|
|
||||||
type membershipStatements struct {
|
type membershipStatements struct {
|
||||||
db *sql.DB
|
db *sql.DB
|
||||||
insertMembershipStmt *sql.Stmt
|
insertMembershipStmt *sql.Stmt
|
||||||
|
@ -113,6 +121,7 @@ type membershipStatements struct {
|
||||||
updateMembershipStmt *sql.Stmt
|
updateMembershipStmt *sql.Stmt
|
||||||
selectKnownUsersStmt *sql.Stmt
|
selectKnownUsersStmt *sql.Stmt
|
||||||
updateMembershipForgetRoomStmt *sql.Stmt
|
updateMembershipForgetRoomStmt *sql.Stmt
|
||||||
|
selectLocalServerInRoomStmt *sql.Stmt
|
||||||
}
|
}
|
||||||
|
|
||||||
func createMembershipTable(db *sql.DB) error {
|
func createMembershipTable(db *sql.DB) error {
|
||||||
|
@ -137,6 +146,7 @@ func prepareMembershipTable(db *sql.DB) (tables.Membership, error) {
|
||||||
{&s.selectRoomsWithMembershipStmt, selectRoomsWithMembershipSQL},
|
{&s.selectRoomsWithMembershipStmt, selectRoomsWithMembershipSQL},
|
||||||
{&s.selectKnownUsersStmt, selectKnownUsersSQL},
|
{&s.selectKnownUsersStmt, selectKnownUsersSQL},
|
||||||
{&s.updateMembershipForgetRoomStmt, updateMembershipForgetRoom},
|
{&s.updateMembershipForgetRoomStmt, updateMembershipForgetRoom},
|
||||||
|
{&s.selectLocalServerInRoomStmt, selectLocalServerInRoomSQL},
|
||||||
}.Prepare(db)
|
}.Prepare(db)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -304,3 +314,16 @@ func (s *membershipStatements) UpdateForgetMembership(
|
||||||
)
|
)
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (s *membershipStatements) SelectLocalServerInRoom(ctx context.Context, roomNID types.RoomNID) (bool, error) {
|
||||||
|
var nid types.RoomNID
|
||||||
|
err := s.selectLocalServerInRoomStmt.QueryRowContext(ctx, tables.MembershipStateJoin, roomNID).Scan(&nid)
|
||||||
|
if err != nil {
|
||||||
|
if err == sql.ErrNoRows {
|
||||||
|
return false, nil
|
||||||
|
}
|
||||||
|
return false, err
|
||||||
|
}
|
||||||
|
found := nid > 0
|
||||||
|
return found, nil
|
||||||
|
}
|
||||||
|
|
|
@ -57,7 +57,7 @@ const insertStateDataSQL = `
|
||||||
|
|
||||||
const bulkSelectStateBlockEntriesSQL = "" +
|
const bulkSelectStateBlockEntriesSQL = "" +
|
||||||
"SELECT state_block_nid, event_nids" +
|
"SELECT state_block_nid, event_nids" +
|
||||||
" FROM roomserver_state_block WHERE state_block_nid IN ($1)"
|
" FROM roomserver_state_block WHERE state_block_nid IN ($1) ORDER BY state_block_nid ASC"
|
||||||
|
|
||||||
type stateBlockStatements struct {
|
type stateBlockStatements struct {
|
||||||
db *sql.DB
|
db *sql.DB
|
||||||
|
|
|
@ -135,6 +135,7 @@ type Membership interface {
|
||||||
SelectJoinedUsersSetForRooms(ctx context.Context, roomNIDs []types.RoomNID) (map[types.EventStateKeyNID]int, error)
|
SelectJoinedUsersSetForRooms(ctx context.Context, roomNIDs []types.RoomNID) (map[types.EventStateKeyNID]int, error)
|
||||||
SelectKnownUsers(ctx context.Context, userID types.EventStateKeyNID, searchString string, limit int) ([]string, error)
|
SelectKnownUsers(ctx context.Context, userID types.EventStateKeyNID, searchString string, limit int) ([]string, error)
|
||||||
UpdateForgetMembership(ctx context.Context, txn *sql.Tx, roomNID types.RoomNID, targetUserNID types.EventStateKeyNID, forget bool) error
|
UpdateForgetMembership(ctx context.Context, txn *sql.Tx, roomNID types.RoomNID, targetUserNID types.EventStateKeyNID, forget bool) error
|
||||||
|
SelectLocalServerInRoom(ctx context.Context, roomNID types.RoomNID) (bool, error)
|
||||||
}
|
}
|
||||||
|
|
||||||
type Published interface {
|
type Published interface {
|
||||||
|
|
|
@ -77,6 +77,7 @@ type BaseDendrite struct {
|
||||||
PublicKeyAPIMux *mux.Router
|
PublicKeyAPIMux *mux.Router
|
||||||
PublicMediaAPIMux *mux.Router
|
PublicMediaAPIMux *mux.Router
|
||||||
InternalAPIMux *mux.Router
|
InternalAPIMux *mux.Router
|
||||||
|
SynapseAdminMux *mux.Router
|
||||||
UseHTTPAPIs bool
|
UseHTTPAPIs bool
|
||||||
apiHttpClient *http.Client
|
apiHttpClient *http.Client
|
||||||
httpClient *http.Client
|
httpClient *http.Client
|
||||||
|
@ -199,6 +200,7 @@ func NewBaseDendrite(cfg *config.Dendrite, componentName string, useHTTPAPIs boo
|
||||||
PublicKeyAPIMux: mux.NewRouter().SkipClean(true).PathPrefix(httputil.PublicKeyPathPrefix).Subrouter().UseEncodedPath(),
|
PublicKeyAPIMux: mux.NewRouter().SkipClean(true).PathPrefix(httputil.PublicKeyPathPrefix).Subrouter().UseEncodedPath(),
|
||||||
PublicMediaAPIMux: mux.NewRouter().SkipClean(true).PathPrefix(httputil.PublicMediaPathPrefix).Subrouter().UseEncodedPath(),
|
PublicMediaAPIMux: mux.NewRouter().SkipClean(true).PathPrefix(httputil.PublicMediaPathPrefix).Subrouter().UseEncodedPath(),
|
||||||
InternalAPIMux: mux.NewRouter().SkipClean(true).PathPrefix(httputil.InternalPathPrefix).Subrouter().UseEncodedPath(),
|
InternalAPIMux: mux.NewRouter().SkipClean(true).PathPrefix(httputil.InternalPathPrefix).Subrouter().UseEncodedPath(),
|
||||||
|
SynapseAdminMux: mux.NewRouter().SkipClean(true).PathPrefix("/_synapse/").Subrouter().UseEncodedPath(),
|
||||||
apiHttpClient: &apiClient,
|
apiHttpClient: &apiClient,
|
||||||
httpClient: &client,
|
httpClient: &client,
|
||||||
}
|
}
|
||||||
|
@ -391,6 +393,7 @@ func (b *BaseDendrite) SetupAndServeHTTP(
|
||||||
externalRouter.PathPrefix(httputil.PublicKeyPathPrefix).Handler(b.PublicKeyAPIMux)
|
externalRouter.PathPrefix(httputil.PublicKeyPathPrefix).Handler(b.PublicKeyAPIMux)
|
||||||
externalRouter.PathPrefix(httputil.PublicFederationPathPrefix).Handler(federationHandler)
|
externalRouter.PathPrefix(httputil.PublicFederationPathPrefix).Handler(federationHandler)
|
||||||
}
|
}
|
||||||
|
externalRouter.PathPrefix("/_synapse/").Handler(b.SynapseAdminMux)
|
||||||
externalRouter.PathPrefix(httputil.PublicMediaPathPrefix).Handler(b.PublicMediaAPIMux)
|
externalRouter.PathPrefix(httputil.PublicMediaPathPrefix).Handler(b.PublicMediaAPIMux)
|
||||||
|
|
||||||
if internalAddr != NoListener && internalAddr != externalAddr {
|
if internalAddr != NoListener && internalAddr != externalAddr {
|
||||||
|
|
|
@ -57,9 +57,9 @@ type Monolith struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
// AddAllPublicRoutes attaches all public paths to the given router
|
// AddAllPublicRoutes attaches all public paths to the given router
|
||||||
func (m *Monolith) AddAllPublicRoutes(process *process.ProcessContext, csMux, ssMux, keyMux, mediaMux *mux.Router) {
|
func (m *Monolith) AddAllPublicRoutes(process *process.ProcessContext, csMux, ssMux, keyMux, mediaMux, synapseMux *mux.Router) {
|
||||||
clientapi.AddPublicRoutes(
|
clientapi.AddPublicRoutes(
|
||||||
csMux, &m.Config.ClientAPI, m.AccountDB,
|
csMux, synapseMux, &m.Config.ClientAPI, m.AccountDB,
|
||||||
m.FedClient, m.RoomserverAPI,
|
m.FedClient, m.RoomserverAPI,
|
||||||
m.EDUInternalAPI, m.AppserviceAPI, transactions.New(),
|
m.EDUInternalAPI, m.AppserviceAPI, transactions.New(),
|
||||||
m.FederationSenderAPI, m.UserAPI, m.KeyAPI, m.ExtPublicRoomsProvider,
|
m.FederationSenderAPI, m.UserAPI, m.KeyAPI, m.ExtPublicRoomsProvider,
|
||||||
|
|
|
@ -520,3 +520,7 @@ Inviting an AS-hosted user asks the AS server
|
||||||
Can generate a openid access_token that can be exchanged for information about a user
|
Can generate a openid access_token that can be exchanged for information about a user
|
||||||
Invalid openid access tokens are rejected
|
Invalid openid access tokens are rejected
|
||||||
Requests to userinfo without access tokens are rejected
|
Requests to userinfo without access tokens are rejected
|
||||||
|
POST /_synapse/admin/v1/register with shared secret
|
||||||
|
POST /_synapse/admin/v1/register admin with shared secret
|
||||||
|
POST /_synapse/admin/v1/register with shared secret downcases capitals
|
||||||
|
POST /_synapse/admin/v1/register with shared secret disallows symbols
|
||||||
|
|
Loading…
Reference in a new issue