From ea477d7d66b6ffc61dd92bdee57ecff12247009f Mon Sep 17 00:00:00 2001 From: Kegan Dougal Date: Mon, 12 Jul 2021 16:11:26 +0100 Subject: [PATCH 1/8] Update blacklist --- sytest-blacklist | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/sytest-blacklist b/sytest-blacklist index 4d9587d00..a0aba69c7 100644 --- a/sytest-blacklist +++ b/sytest-blacklist @@ -72,4 +72,8 @@ Can re-join room if re-invited Local device key changes get to remote servers with correct prev_id # Flakey -Local device key changes appear in /keys/changes \ No newline at end of file +Local device key changes appear in /keys/changes + +# we don't support groups +Remove group category +Remove group role From b130fab583ac1ae7e3fe117f1360539c9f66b577 Mon Sep 17 00:00:00 2001 From: kegsay Date: Mon, 12 Jul 2021 16:27:13 +0100 Subject: [PATCH 2/8] Update are we synapse groupings (#1913) --- are-we-synapse-yet.list | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/are-we-synapse-yet.list b/are-we-synapse-yet.list index 990919892..e03c4037c 100644 --- a/are-we-synapse-yet.list +++ b/are-we-synapse-yet.list @@ -17,6 +17,13 @@ reg POST /register rejects registration of usernames with '£' reg POST /register rejects registration of usernames with 'é' reg POST /register rejects registration of usernames with '\n' reg POST /register rejects registration of usernames with ''' +reg POST /register allows registration of usernames with 'q' +reg POST /register allows registration of usernames with '3' +reg POST /register allows registration of usernames with '.' +reg POST /register allows registration of usernames with '_' +reg POST /register allows registration of usernames with '=' +reg POST /register allows registration of usernames with '-' +reg POST /register allows registration of usernames with '/' reg POST /r0/admin/register with shared secret reg POST /r0/admin/register admin with shared secret reg POST /r0/admin/register with shared secret downcases capitals @@ -95,6 +102,7 @@ typ Typing notifications don't leak (3 subtests) rst GET /rooms/:room_id/state/m.room.power_levels can fetch levels rst PUT /rooms/:room_id/state/m.room.power_levels can set levels rst PUT power_levels should not explode if the old power levels were empty +rst Users cannot set notifications powerlevel higher than their own (2 subtests) rst Both GET and PUT work rct POST /rooms/:room_id/receipt can create receipts red POST /rooms/:room_id/read_markers can create read marker @@ -353,6 +361,7 @@ syn Syncing a new room with a large timeline limit isn't limited syn A full_state incremental update returns only recent timeline syn A prev_batch token can be used in the v1 messages API syn A next_batch token can be used in the v1 messages API +syn A prev_batch token from incremental sync can be used in the v1 messages API syn User sees their own presence in a sync syn User is offline if they set_presence=offline in their sync syn User sees updates to presence from other users in the incremental sync. @@ -574,6 +583,7 @@ fqu Outbound federation can query profile data fqu Inbound federation can query profile data fqu Outbound federation can query room alias directory fqu Inbound federation can query room alias directory +fsj Membership event with an invalid displayname in the send_join response should not cause room join to fail fsj Outbound federation can query v1 /send_join fsj Outbound federation can query v2 /send_join fmj Outbound federation passes make_join failures through to the client @@ -743,6 +753,10 @@ nsp Set group joinable and join it nsp Group is not joinable by default nsp Group is joinable over federation nsp Room is transitioned on local and remote groups upon room upgrade +nsp POST /_synapse/admin/v1/register with shared secret +nsp POST /_synapse/admin/v1/register admin with shared secret +nsp POST /_synapse/admin/v1/register with shared secret downcases capitals +nsp POST /_synapse/admin/v1/register with shared secret disallows symbols 3pd Can bind 3PID via home server 3pd Can bind and unbind 3PID via homeserver 3pd Can unbind 3PID via homeserver when bound out of band @@ -863,4 +877,4 @@ psh Messages that org.matrix.msc2625.mark_unread from another user increment org dvk Can claim one time key using POST (2 subtests) fdk Can query remote device keys using POST (1 subtests) fdk Can claim remote one time key using POST (2 subtests) -fmj Inbound /make_join rejects attempts to join rooms where all users have left \ No newline at end of file +fmj Inbound /make_join rejects attempts to join rooms where all users have left From 93cf1e7590235fa312e0e4c078a1b3a77349ba38 Mon Sep 17 00:00:00 2001 From: Kegan Dougal Date: Mon, 12 Jul 2021 18:58:25 +0100 Subject: [PATCH 3/8] Actually bump GMSL --- go.mod | 14 ++++++++------ go.sum | 33 +++++++++++++++++++-------------- 2 files changed, 27 insertions(+), 20 deletions(-) diff --git a/go.mod b/go.mod index eeb4a7842..7866170e1 100644 --- a/go.mod +++ b/go.mod @@ -29,8 +29,8 @@ require ( github.com/matrix-org/dugong v0.0.0-20180820122854-51a565b5666b github.com/matrix-org/go-http-js-libp2p v0.0.0-20200518170932-783164aeeda4 github.com/matrix-org/go-sqlite3-js v0.0.0-20210625141222-bd2b7124cee8 - github.com/matrix-org/gomatrix v0.0.0-20200827122206-7dd5e2a05bcd - github.com/matrix-org/gomatrixserverlib v0.0.0-20210702152949-0cac5159e7d6 + github.com/matrix-org/gomatrix v0.0.0-20210324163249-be2af5ef2e16 + github.com/matrix-org/gomatrixserverlib v0.0.0-20210712160706-d37cd465be8f github.com/matrix-org/naffka v0.0.0-20210623111924-14ff508b58e0 github.com/matrix-org/pinecone v0.0.0-20210623102758-74f885644c1b github.com/matrix-org/util v0.0.0-20200807132607-55161520e1d4 @@ -43,16 +43,18 @@ require ( github.com/pkg/errors v0.9.1 github.com/pressly/goose v2.7.0+incompatible github.com/prometheus/client_golang v1.9.0 - github.com/sirupsen/logrus v1.8.0 - github.com/tidwall/gjson v1.6.8 - github.com/tidwall/sjson v1.1.5 + github.com/sirupsen/logrus v1.8.1 + github.com/tidwall/gjson v1.8.1 + github.com/tidwall/pretty v1.2.0 // indirect + github.com/tidwall/sjson v1.1.7 github.com/uber/jaeger-client-go v2.25.0+incompatible github.com/uber/jaeger-lib v2.4.0+incompatible github.com/yggdrasil-network/yggdrasil-go v0.3.15-0.20210218094457-e77ca8019daa go.uber.org/atomic v1.7.0 - golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2 + golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97 golang.org/x/mobile v0.0.0-20210220033013-bdb1ca9a1e08 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110 + golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c // indirect golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 gopkg.in/h2non/bimg.v1 v1.1.5 gopkg.in/yaml.v2 v2.4.0 diff --git a/go.sum b/go.sum index 767826e7a..5ba55ea35 100644 --- a/go.sum +++ b/go.sum @@ -1001,8 +1001,6 @@ github.com/lunixbochs/vtclean v1.0.0/go.mod h1:pHhQNgMf3btfWnGBVipUOjRYhoOsdGqdm github.com/lxn/walk v0.0.0-20210112085537-c389da54e794/go.mod h1:E23UucZGqpuUANJooIbHWCufXvOcT6E7Stq81gU+CSQ= github.com/lxn/win v0.0.0-20201111105847-2a20daff6a55/go.mod h1:KxxjdtRkfNoYDCUP5ryK7XJJNTnpC8atvtmTheChOtk= github.com/lyft/protoc-gen-validate v0.0.13/go.mod h1:XbGvPuh87YZc5TdIa2/I4pLk0QoUACkjt2znoq26NVQ= -github.com/magefile/mage v1.10.0 h1:3HiXzCUY12kh9bIuyXShaVe529fJfyqoVM42o/uom2g= -github.com/magefile/mage v1.10.0/go.mod h1:z5UZb/iS3GoOSn0JgWuiw7dxlurVYTu+/jHXqQg881A= github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/mailru/easyjson v0.0.0-20180823135443-60711f1a8329/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20180823135443-60711f1a8329/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= @@ -1027,10 +1025,10 @@ github.com/matrix-org/go-http-js-libp2p v0.0.0-20200518170932-783164aeeda4/go.mo github.com/matrix-org/go-sqlite3-js v0.0.0-20210625141222-bd2b7124cee8 h1:/FKUeUlCATr1gXxYqlaJgH8FW/sw0Jz8t7s8BIlECfg= github.com/matrix-org/go-sqlite3-js v0.0.0-20210625141222-bd2b7124cee8/go.mod h1:e+cg2q7C7yE5QnAXgzo512tgFh1RbQLC0+jozuegKgo= github.com/matrix-org/gomatrix v0.0.0-20190528120928-7df988a63f26/go.mod h1:3fxX6gUjWyI/2Bt7J1OLhpCzOfO/bB3AiX0cJtEKud0= -github.com/matrix-org/gomatrix v0.0.0-20200827122206-7dd5e2a05bcd h1:xVrqJK3xHREMNjwjljkAUaadalWc0rRbmVuQatzmgwg= -github.com/matrix-org/gomatrix v0.0.0-20200827122206-7dd5e2a05bcd/go.mod h1:/gBX06Kw0exX1HrwmoBibFA98yBk/jxKpGVeyQbff+s= -github.com/matrix-org/gomatrixserverlib v0.0.0-20210702152949-0cac5159e7d6 h1:Rm5saCQeFfS15T0uD6qanSpx2kj/PfPBogbj5kFfQ+4= -github.com/matrix-org/gomatrixserverlib v0.0.0-20210702152949-0cac5159e7d6/go.mod h1:JsAzE1Ll3+gDWS9JSUHPJiiyAksvOOnGWF2nXdg4ZzU= +github.com/matrix-org/gomatrix v0.0.0-20210324163249-be2af5ef2e16 h1:ZtO5uywdd5dLDCud4r0r55eP4j9FuUNpl60Gmntcop4= +github.com/matrix-org/gomatrix v0.0.0-20210324163249-be2af5ef2e16/go.mod h1:/gBX06Kw0exX1HrwmoBibFA98yBk/jxKpGVeyQbff+s= +github.com/matrix-org/gomatrixserverlib v0.0.0-20210712160706-d37cd465be8f h1:k6guD5GpbnFcy2JonolQ3LhlgtwyqBBmd3nQPTwliO0= +github.com/matrix-org/gomatrixserverlib v0.0.0-20210712160706-d37cd465be8f/go.mod h1:JsAzE1Ll3+gDWS9JSUHPJiiyAksvOOnGWF2nXdg4ZzU= github.com/matrix-org/naffka v0.0.0-20210623111924-14ff508b58e0 h1:HZCzy4oVzz55e+cOMiX/JtSF2UOY1evBl2raaE7ACcU= github.com/matrix-org/naffka v0.0.0-20210623111924-14ff508b58e0/go.mod h1:sjyPyRxKM5uw1nD2cJ6O2OxI6GOqyVBfNXqKjBZTBZE= github.com/matrix-org/pinecone v0.0.0-20210623102758-74f885644c1b h1:5X5vdWQ13xrNkJVqaJHPsrt7rKkMJH5iac0EtfOuxSg= @@ -1377,8 +1375,8 @@ github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMB github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= -github.com/sirupsen/logrus v1.8.0 h1:nfhvjKcUMhBMVqbKHJlk5RPrrfYr/NMo3692g0dwfWU= -github.com/sirupsen/logrus v1.8.0/go.mod h1:4GuYW9TZmE769R5STWrRakJc4UqQ3+QQ95fyz7ENv1A= +github.com/sirupsen/logrus v1.8.1 h1:dJKuHgqk1NNQlqoA6BTlM1Wf9DOH3NBjQyu0h9+AZZE= +github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= github.com/smartystreets/goconvey v0.0.0-20181108003508-044398e4856c/go.mod h1:XDJAKZRPZ1CvBcN2aX5YOUTYGHki24fSF0Iv48Ibg0s= github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= @@ -1436,18 +1434,20 @@ github.com/syndtr/goleveldb v1.0.0/go.mod h1:ZVVdQEZoIme9iO1Ch2Jdy24qqXrMMOU6lpP github.com/tarm/serial v0.0.0-20180830185346-98f6abe2eb07/go.mod h1:kDXzergiv9cbyO7IOYJZWg1U88JhDg3PB6klq9Hg2pA= github.com/tchap/go-patricia v2.2.6+incompatible/go.mod h1:bmLyhP68RS6kStMGxByiQ23RP/odRBOTVjwp2cDyi6I= github.com/tidwall/gjson v1.6.0/go.mod h1:P256ACg0Mn+j1RXIDXoss50DeIABTYK1PULOJHhxOls= -github.com/tidwall/gjson v1.6.8 h1:CTmXMClGYPAmln7652e69B7OLXfTi5ABcPPwjIWUv7w= -github.com/tidwall/gjson v1.6.8/go.mod h1:zeFuBCIqD4sN/gmqBzZ4j7Jd6UcA2Fc56x7QFsv+8fI= +github.com/tidwall/gjson v1.8.0/go.mod h1:5/xDoumyyDNerp2U36lyolv46b3uF/9Bu6OfyQ9GImk= +github.com/tidwall/gjson v1.8.1 h1:8j5EE9Hrh3l9Od1OIEDAb7IpezNA20UdRngNAj5N0WU= +github.com/tidwall/gjson v1.8.1/go.mod h1:5/xDoumyyDNerp2U36lyolv46b3uF/9Bu6OfyQ9GImk= github.com/tidwall/match v1.0.1/go.mod h1:LujAq0jyVjBy028G1WhWfIzbpQfMO8bBZ6Tyb0+pL9E= github.com/tidwall/match v1.0.3 h1:FQUVvBImDutD8wJLN6c5eMzWtjgONK9MwIBCOrUJKeE= github.com/tidwall/match v1.0.3/go.mod h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JTxsfmM= github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= github.com/tidwall/pretty v1.0.1/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= -github.com/tidwall/pretty v1.0.2 h1:Z7S3cePv9Jwm1KwS0513MRaoUe3S01WPbLNV40pwWZU= -github.com/tidwall/pretty v1.0.2/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= +github.com/tidwall/pretty v1.1.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= +github.com/tidwall/pretty v1.2.0 h1:RWIZEg2iJ8/g6fDDYzMpobmaoGh5OLl4AXtGUGPcqCs= +github.com/tidwall/pretty v1.2.0/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU= github.com/tidwall/sjson v1.0.3/go.mod h1:bURseu1nuBkFpIES5cz6zBtjmYeOQmEESshn7VpF15Y= -github.com/tidwall/sjson v1.1.5 h1:wsUceI/XDyZk3J1FUvuuYlK62zJv2HO2Pzb8A5EWdUE= -github.com/tidwall/sjson v1.1.5/go.mod h1:VuJzsZnTowhSxWdOgsAnb886i4AjEyTkk7tNtsL7EYE= +github.com/tidwall/sjson v1.1.7 h1:sgVPwu/yygHJ2m1pJDLgGM/h+1F5odx5Q9ljG3imRm8= +github.com/tidwall/sjson v1.1.7/go.mod h1:w/yG+ezBeTdUxiKs5NcPicO9diP38nk96QBAbIIGeFs= github.com/tinylib/msgp v1.0.2/go.mod h1:+d+yLhGm8mzTaHzB+wgMYrodPfmZrzkirds8fDWklFE= github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= @@ -1587,6 +1587,8 @@ golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83 h1:/ZScEX8SfEmUGRHs0gxpqt golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2 h1:It14KIkyBFYkHkwZ7k45minvA9aorojkyjGk9KJ5B/w= golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= +golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97 h1:/UOmuWzQfxxo9UtlXMwuQU8CMgg1eZXqTRwkSQJWKOI= +golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -1780,6 +1782,9 @@ golang.org/x/sys v0.0.0-20210309040221-94ec62e08169 h1:fpeMGRM6A+XFcw4RPCO8s8hH7 golang.org/x/sys v0.0.0-20210309040221-94ec62e08169/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210324051608-47abb6519492 h1:Paq34FxTluEPvVyayQqMPgHm+vTOrIifmcYxFBx9TLg= golang.org/x/sys v0.0.0-20210324051608-47abb6519492/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c h1:F1jZWGFhYfh0Ci55sIpILtKKK8p3i2/krTr0H1rg74I= +golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= From f6981420734b56280749f2c273bc0f11e49b7ce6 Mon Sep 17 00:00:00 2001 From: kegsay Date: Mon, 12 Jul 2021 19:42:05 +0100 Subject: [PATCH 4/8] update whitelist (#1914) * update whitelist * newline --- sytest-whitelist | 3 +++ 1 file changed, 3 insertions(+) diff --git a/sytest-whitelist b/sytest-whitelist index 55922f943..f6210357d 100644 --- a/sytest-whitelist +++ b/sytest-whitelist @@ -524,3 +524,6 @@ POST /_synapse/admin/v1/register with shared secret POST /_synapse/admin/v1/register admin with shared secret POST /_synapse/admin/v1/register with shared secret downcases capitals POST /_synapse/admin/v1/register with shared secret disallows symbols +Membership event with an invalid displayname in the send_join response should not cause room join to fail +Inbound federation rejects incorrectly-signed invite rejections +Inbound federation can receive invite rejections From f8ae391a5b7b506bb2f64547b9415fc9bf068913 Mon Sep 17 00:00:00 2001 From: kegsay Date: Tue, 13 Jul 2021 11:19:21 +0100 Subject: [PATCH 5/8] Expose more data when outputting output room events (#1916) * Add more logging for content fields * Fix fields --- roomserver/internal/input/input.go | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/roomserver/internal/input/input.go b/roomserver/internal/input/input.go index 6bc43c9cd..de40e133d 100644 --- a/roomserver/internal/input/input.go +++ b/roomserver/internal/input/input.go @@ -30,9 +30,16 @@ import ( "github.com/matrix-org/gomatrixserverlib" "github.com/prometheus/client_golang/prometheus" log "github.com/sirupsen/logrus" + "github.com/tidwall/gjson" "go.uber.org/atomic" ) +var keyContentFields = map[string]string{ + "m.room.join_rules": "join_rule", + "m.room.history_visibility": "history_visibility", + "m.room.member": "membership", +} + type Inputer struct { DB storage.Database Producer sarama.SyncProducer @@ -95,15 +102,27 @@ func (r *Inputer) WriteOutputEvents(roomID string, updates []api.OutputEvent) er "type": updates[i].Type, }) if updates[i].NewRoomEvent != nil { + eventType := updates[i].NewRoomEvent.Event.Type() logger = logger.WithFields(log.Fields{ - "event_type": updates[i].NewRoomEvent.Event.Type(), + "event_type": eventType, "event_id": updates[i].NewRoomEvent.Event.EventID(), "adds_state": len(updates[i].NewRoomEvent.AddsStateEventIDs), "removes_state": len(updates[i].NewRoomEvent.RemovesStateEventIDs), "send_as_server": updates[i].NewRoomEvent.SendAsServer, "sender": updates[i].NewRoomEvent.Event.Sender(), }) - if updates[i].NewRoomEvent.Event.Type() == "m.room.server_acl" && updates[i].NewRoomEvent.Event.StateKeyEquals("") { + if updates[i].NewRoomEvent.Event.StateKey() != nil { + logger = logger.WithField("state_key", *updates[i].NewRoomEvent.Event.StateKey()) + } + contentKey := keyContentFields[eventType] + if contentKey != "" { + value := gjson.GetBytes(updates[i].NewRoomEvent.Event.Content(), contentKey) + if value.Exists() { + logger = logger.WithField("content_value", value.String()) + } + } + + if eventType == "m.room.server_acl" && updates[i].NewRoomEvent.Event.StateKeyEquals("") { ev := updates[i].NewRoomEvent.Event.Unwrap() defer r.ACLs.OnServerACLUpdate(ev) } From 7df3e691f218c7af7337ca2729d1cbaf3586726f Mon Sep 17 00:00:00 2001 From: kegsay Date: Tue, 13 Jul 2021 12:22:27 +0100 Subject: [PATCH 6/8] Fix failing complement test (#1917) Specifically `TestBannedUserCannotSendJoin` --- federationapi/routing/join.go | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/federationapi/routing/join.go b/federationapi/routing/join.go index e94140331..a8f850fb0 100644 --- a/federationapi/routing/join.go +++ b/federationapi/routing/join.go @@ -271,17 +271,27 @@ func SendJoin( // Check if the user is already in the room. If they're already in then // there isn't much point in sending another join event into the room. + // Also check to see if they are banned: if they are then we reject them. alreadyJoined := false + isBanned := false for _, se := range stateAndAuthChainResponse.StateEvents { if !se.StateKeyEquals(*event.StateKey()) { continue } if membership, merr := se.Membership(); merr == nil { alreadyJoined = (membership == gomatrixserverlib.Join) + isBanned = (membership == gomatrixserverlib.Ban) break } } + if isBanned { + return util.JSONResponse{ + Code: http.StatusForbidden, + JSON: jsonerror.Forbidden("user is banned"), + } + } + // Send the events to the room server. // We are responsible for notifying other servers that the user has joined // the room, so set SendAsServer to cfg.Matrix.ServerName From e80098e18630df4ff148c16f741dd72f33e2b1c8 Mon Sep 17 00:00:00 2001 From: kegsay Date: Wed, 14 Jul 2021 10:39:17 +0100 Subject: [PATCH 7/8] bugfix: retire invites even when we cannot talk to the remote server to make/send_leave (#1918) * bugfix: retire invites even when we cannot talk to the remote server to make/send_leave Also modify the leave response in /sync to include a fake event as this is ultimately what clients (and sytest) will use to determine leave-ness. * hash the event ID * Base64 not hex --- roomserver/internal/perform/perform_leave.go | 5 ++++- syncapi/streams/stream_invite.go | 16 ++++++++++++++++ sytest-whitelist | 3 +++ 3 files changed, 23 insertions(+), 1 deletion(-) diff --git a/roomserver/internal/perform/perform_leave.go b/roomserver/internal/perform/perform_leave.go index 4d10dea67..88eb7e1e5 100644 --- a/roomserver/internal/perform/perform_leave.go +++ b/roomserver/internal/perform/perform_leave.go @@ -26,6 +26,7 @@ import ( "github.com/matrix-org/dendrite/roomserver/storage" "github.com/matrix-org/dendrite/setup/config" "github.com/matrix-org/gomatrixserverlib" + "github.com/matrix-org/util" ) type Leaver struct { @@ -171,7 +172,9 @@ func (r *Leaver) performFederatedRejectInvite( } leaveRes := fsAPI.PerformLeaveResponse{} if err := r.FSAPI.PerformLeave(ctx, &leaveReq, &leaveRes); err != nil { - return nil, err + // failures in PerformLeave should NEVER stop us from telling other components like the + // sync API that the invite was withdrawn. Otherwise we can end up with stuck invites. + util.GetLogger(ctx).WithError(err).Errorf("failed to PerformLeave, still retiring invite event") } // Withdraw the invite, so that the sync API etc are diff --git a/syncapi/streams/stream_invite.go b/syncapi/streams/stream_invite.go index 10a0dda86..70374c6a7 100644 --- a/syncapi/streams/stream_invite.go +++ b/syncapi/streams/stream_invite.go @@ -2,8 +2,13 @@ package streams import ( "context" + "crypto/sha256" + "encoding/base64" + "strconv" + "time" "github.com/matrix-org/dendrite/syncapi/types" + "github.com/matrix-org/gomatrixserverlib" ) type InviteStreamProvider struct { @@ -56,6 +61,17 @@ func (p *InviteStreamProvider) IncrementalSync( for roomID := range retiredInvites { if _, ok := req.Response.Rooms.Join[roomID]; !ok { lr := types.NewLeaveResponse() + h := sha256.Sum256(append([]byte(roomID), []byte(strconv.FormatInt(int64(to), 10))...)) + lr.Timeline.Events = append(lr.Timeline.Events, gomatrixserverlib.ClientEvent{ + // fake event ID which muxes in the to position + EventID: "$" + base64.RawURLEncoding.EncodeToString(h[:]), + OriginServerTS: gomatrixserverlib.AsTimestamp(time.Now()), + RoomID: roomID, + Sender: req.Device.UserID, + StateKey: &req.Device.UserID, + Type: "m.room.member", + Content: gomatrixserverlib.RawJSON(`{"membership":"leave"}`), + }) req.Response.Rooms.Leave[roomID] = *lr } } diff --git a/sytest-whitelist b/sytest-whitelist index f6210357d..f72cf3337 100644 --- a/sytest-whitelist +++ b/sytest-whitelist @@ -527,3 +527,6 @@ POST /_synapse/admin/v1/register with shared secret disallows symbols Membership event with an invalid displayname in the send_join response should not cause room join to fail Inbound federation rejects incorrectly-signed invite rejections Inbound federation can receive invite rejections +Inbound federation can receive invite and reject when remote replies with a 403 +Inbound federation can receive invite and reject when remote replies with a 500 +Inbound federation can receive invite and reject when remote is unreachable From 2713d1935e30508277c626ba7a8f4937e23c1281 Mon Sep 17 00:00:00 2001 From: kegsay Date: Wed, 14 Jul 2021 10:48:34 +0100 Subject: [PATCH 8/8] AWSY: update list and shuffle groups (#1919) So it's more accurate. --- are-we-synapse-yet.list | 14 ++++++++++---- are-we-synapse-yet.py | 4 ++++ 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/are-we-synapse-yet.list b/are-we-synapse-yet.list index e03c4037c..d057e8e33 100644 --- a/are-we-synapse-yet.list +++ b/are-we-synapse-yet.list @@ -83,7 +83,7 @@ rst GET /rooms/:room_id/state/m.room.topic gets topic rst GET /rooms/:room_id/state fetches entire room state crm POST /createRoom with creation content ali PUT /directory/room/:room_alias creates alias -nsp GET /rooms/:room_id/aliases lists aliases +ali GET /rooms/:room_id/aliases lists aliases jon POST /rooms/:room_id/join can join a room jon POST /join/:room_alias can join a room jon POST /join/:room_id can join a room @@ -183,7 +183,7 @@ ali Users with sufficient power-level can delete other's aliases ali Can delete canonical alias ali Alias creators can delete alias with no ops ali Alias creators can delete canonical alias with no ops -ali Only room members can list aliases of a room +msc Only room members can list aliases of a room inv Can invite users to invite-only rooms inv Uninvited users cannot join the room inv Invited user can reject invite @@ -606,7 +606,7 @@ fsj Inbound: send_join rejects invalid JSON for room version 6 fed Outbound federation can send events fed Inbound federation can receive events fed Inbound federation can receive redacted events -fed Ephemeral messages received from servers are correctly expired +msc Ephemeral messages received from servers are correctly expired fed Events whose auth_events are in the wrong room do not mess up the room state fed Inbound federation can return events fed Inbound federation redacts events from erased users @@ -873,8 +873,14 @@ jso Invalid JSON special values inv Can invite users to invite-only rooms (2 subtests) plv setting 'm.room.name' respects room powerlevel (2 subtests) psh Messages that notify from another user increment notification_count -psh Messages that org.matrix.msc2625.mark_unread from another user increment org.matrix.msc2625.unread_count +msc Messages that org.matrix.msc2625.mark_unread from another user increment org.matrix.msc2625.unread_count dvk Can claim one time key using POST (2 subtests) fdk Can query remote device keys using POST (1 subtests) fdk Can claim remote one time key using POST (2 subtests) fmj Inbound /make_join rejects attempts to join rooms where all users have left +msc Local users can peek into world_readable rooms by room ID +msc We can't peek into rooms with shared history_visibility +msc We can't peek into rooms with invited history_visibility +msc We can't peek into rooms with joined history_visibility +msc Local users can peek by room alias +msc Peeked rooms only turn up in the sync for the device who peeked them diff --git a/are-we-synapse-yet.py b/are-we-synapse-yet.py index 3d21fa41c..92c7b82b8 100755 --- a/are-we-synapse-yet.py +++ b/are-we-synapse-yet.py @@ -35,6 +35,7 @@ test_mappings = { "nsp": "Non-Spec API", "unk": "Unknown API (no group specified)", "app": "Application Services API", + "msc": "MSCs", "f": "Federation", # flag to mark test involves federation "federation_apis": { @@ -223,6 +224,7 @@ def main(results_tap_path, verbose): }, "nonspec": { "nsp": {}, + "msc": {}, "unk": {} }, } @@ -237,6 +239,8 @@ def main(results_tap_path, verbose): summary["nonspec"]["unk"][name] = test_result["ok"] if group_id == "nsp": summary["nonspec"]["nsp"][name] = test_result["ok"] + elif group_id == "msc": + summary["nonspec"]["msc"][name] = test_result["ok"] elif group_id == "app": summary["appservice"]["app"][name] = test_result["ok"] elif group_id in test_mappings["federation_apis"]: