nexy7574
54acd07555
fix: Drop fake room v2 support
2025-08-16 16:22:24 +01:00
Tom Foster
583cb924f1
refactor: address code review feedback for auth and pagination improvements
...
- Extract duplicated thread/message pagination functions to shared utils module
- Refactor pagination token parsing to use Option combinators instead of defaults
- Split access token generation from assignment for clearer error handling
- Add appservice token collision detection at startup and registration
- Allow appservice re-registration with same token (for config updates)
- Simplify thread relation chunk building using iterator chaining
- Fix saturating_inc edge case in relation queries with explicit filtering
- Add concise comments explaining non-obvious behaviour choices
2025-08-12 05:29:41 +01:00
Tom Foster
9286838d23
fix(relations): improve thread pagination and include root event
...
Replace unreliable PduCount pagination tokens with ShortEventId throughout
the relations and messages endpoints. ShortEventId provides stable, unique
identifiers that persist across server restarts and database operations.
Key improvements:
- Add token parsing helpers that try ShortEventId first, fall back to
PduCount for backwards compatibility
- Include thread root event when paginating backwards to thread start
- Fix off-by-one error in get_relations that was returning the starting
event in results
- Only return next_batch/prev_batch tokens when more events are available,
preventing clients from making unnecessary requests at thread boundaries
- Ensure consistent token format between /relations, /messages, and /sync
endpoints for interoperability
This fixes duplicate events when scrolling at thread boundaries and ensures
the thread root message is visible when viewing a thread, matching expected
client behaviour.
2025-08-10 19:12:56 +01:00
Tom Foster
d1ebcfaf0b
fix(auth): prevent token collisions and optimise lookups
...
Ensures access tokens are unique across both user and appservice tables to
prevent authentication ambiguity and potential security issues.
Changes:
- On startup, automatically logout any user devices using tokens that
conflict with appservice tokens (resolves in favour of appservices)
and log a warning with affected user/device details
- When creating new user tokens, check for conflicts with appservice tokens
and generate a new token if a collision would occur
- When registering new appservices, reject registration if the token is
already in use by a user device
- Use futures::select_ok to race token lookups concurrently for better
performance (adapted from tuwunel commit 066097a8)
This fix-forward approach resolves existing token collisions on startup
whilst preventing new ones from being created, without breaking existing
valid authentications.
The find_token optimisation is adapted from tuwunel (matrix-construct/tuwunel)
commit 066097a8: "Optimize user and appservice token queries" by Jason Volk.
2025-08-10 17:10:06 +01:00
Tom Foster
e820551f62
fix(appservice): create sender_localpart user during appservice startup
...
Fixes #813 : Application services were unable to work because their sender_localpart
user was never created in the database, preventing authentication.
This fix ensures the appservice user account is created when:
- The server starts up and loads existing appservices from the database
- A new appservice is registered via the admin command
Additionally, if an appservice user has been accidentally deactivated, it will be
automatically reactivated when the appservice starts.
The solution centralises all appservice startup logic into a single `start_appservice`
helper method, eliminating code duplication between the registration and startup paths.
2025-08-10 17:10:06 +01:00
nexy7574
e4a43b1a5b
fix(policy-server): Call the PS later in the PDU creation process
...
This avoids accidentally sending partially built PDUs to the policy server,
which may cause issues with some implementations
2025-08-02 00:19:33 +01:00
Jade Ellis
66181c61af
chore: Update rocksdb, feature flag changes
...
Checks / Prefligit / prefligit (push) Failing after 5s
Release Docker Image / define-variables (push) Failing after 4s
Release Docker Image / build-image (linux/amd64, release, linux-amd64, base) (push) Has been skipped
Release Docker Image / build-image (linux/arm64, release, linux-arm64, base) (push) Has been skipped
Release Docker Image / merge (push) Has been skipped
Checks / Rust / Format (push) Failing after 5s
Checks / Rust / Clippy (push) Failing after 12s
Checks / Rust / Cargo Test (push) Failing after 10s
Most of the way to static musl builds, just zlib I think
2025-07-24 21:51:52 +01:00
Jade Ellis
b7a0442298
feat: Musl images in docker
...
Not working at the moment, need to upgrade the rust-rocksdb and possibly
zstd to stop them force-enabling dynamic libclang
2025-07-24 19:00:41 +01:00
Jade Ellis
68b0140c42
docs: Add vias to matrix.to links
2025-07-24 13:31:58 +01:00
nexy7574
f32f60d056
fix(policy-server): Return the correct result when an event is marked as spam
Documentation / Build and Deploy Documentation (push) Has been skipped
Checks / Prefligit / prefligit (push) Failing after 1s
Release Docker Image / define-variables (push) Failing after 1s
Release Docker Image / build-image (linux/amd64, release, linux-amd64, base) (push) Has been skipped
Release Docker Image / build-image (linux/arm64, release, linux-arm64, base) (push) Has been skipped
Release Docker Image / merge (push) Has been skipped
Checks / Rust / Format (push) Failing after 3s
Checks / Rust / Clippy (push) Failing after 28s
Checks / Rust / Cargo Test (push) Failing after 27s
2025-07-23 18:01:46 +01:00
nexy7574
fe06d78c8e
fix(policy-server): Update ask_policy_server docstring
2025-07-23 17:58:33 +01:00
nexy7574
99ebe022ed
fix(policy-server): Correctly default to 10 second timeout
2025-07-23 17:56:45 +01:00
nexy7574
f335f45017
feat(policy-server): Add configurable timeout
2025-07-23 17:49:08 +01:00
nexy7574
1726633c0f
fix(policy-server): Fixup refactor
2025-07-23 17:49:08 +01:00
nexy7574
dfda27fadc
feat(policy-server): Don't fail-closed & refactor references
2025-07-23 17:49:08 +01:00
Jade Ellis
9465c5df1f
style: Improve logging and comments
2025-07-23 17:49:07 +01:00
nexy7574
2d475b1220
style(policy-server): Run clippy
2025-07-23 17:49:07 +01:00
nexy7574
d7fa624fd2
feat(policy-server): Optimise policy server lookups
2025-07-23 17:49:07 +01:00
nexy7574
cc9202b0c4
feat(policy-server): Limit policy server request timeout to 10 seconds
2025-07-23 17:49:07 +01:00
nexy7574
a3d62ed0d9
feat(policy-server): Prevent local events that fail the policy check
2025-07-23 17:49:07 +01:00
nexy7574
78b7175677
feat(policy-server): Soft-fail redactions for failed events
2025-07-23 17:49:07 +01:00
nexy7574
74d60f256b
style(policy-server): Restructure logging
2025-07-23 17:49:07 +01:00
nexy7574
732c69f5ca
fix(policy-server): Avoid unnecessary database lookup
2025-07-23 17:49:07 +01:00
nexy7574
8e7801f323
chore: Update ruwuma & fix lints
2025-07-23 17:49:06 +01:00
nexy7574
9017efe45b
feat(policy-server): Policy server following
2025-07-23 17:49:06 +01:00
Jade Ellis
1c985c59f5
refactor: Allow with_lock to return data and take an async closure
2025-07-20 16:34:48 +01:00
Jade Ellis
b635e825d2
refactor: Implement with_lock for lock_api
2025-07-20 16:34:36 +01:00
Jade Ellis
6d29098d1a
refactor: Replace remaining std RwLocks
2025-07-20 16:33:36 +01:00
Jade Ellis
374fb2745c
refactor: Replace remaining std Mutexes
2025-07-20 16:32:48 +01:00
Jade Ellis
a1d616e3e3
refactor: Replace std RwLock with parking_lot
2025-07-20 16:31:55 +01:00
Jade Ellis
30a8c06fd9
refactor: Replace std Mutex with parking_lot
2025-07-20 16:31:02 +01:00
rooot
0631094350
docs(config): warn about federation key query timeout caveat
...
Signed-off-by: rooot <hey@rooot.gay>
2025-07-20 16:24:56 +01:00
rooot
9051ce63f7
feat(config): introduce federation connection timeout setting
...
fixes #906
Signed-off-by: rooot <hey@rooot.gay>
2025-07-20 16:24:26 +01:00
nexy7574
c639228f4d
style(space-upgrades): Remove unused import left over from 6691b7672b
Documentation / Build and Deploy Documentation (push) Has been skipped
Checks / Prefligit / prefligit (push) Failing after 4s
Release Docker Image / define-variables (push) Failing after 2s
Release Docker Image / build-image (linux/amd64, release, linux-amd64, base) (push) Has been skipped
Release Docker Image / build-image (linux/arm64, release, linux-arm64, base) (push) Has been skipped
Release Docker Image / merge (push) Has been skipped
Checks / Rust / Format (push) Failing after 1s
Checks / Rust / Clippy (push) Failing after 22s
Checks / Rust / Cargo Test (push) Failing after 21s
2025-07-19 18:37:45 +01:00
nexy7574
331832616f
feat(space-upgrades): MSC4168: Override space child vias
2025-07-19 18:37:45 +01:00
nexy7574
b2b18002ea
fix(space-upgrades): Remove unused helper function
2025-07-19 18:37:45 +01:00
nexy7574
57868a008c
feat(space-upgrades): Skip empty state events in room upgrade
2025-07-19 18:37:45 +01:00
nexy7574
f063814d94
fix(space-upgrades): Incorrectly updated parent children events
2025-07-19 18:37:38 +01:00
nexy7574
3b5335630d
feat(space-upgrades): Transfer all state keys during upgrade
...
Before this change, only state events with an
empty state key would be cloned.
This allows m.space.child to be cloned appropriately.
2025-07-19 18:35:59 +01:00
nexy7574
b2883c3d6e
feat(space-upgrades): Update parent spaces in upgrade
...
This relies on the room being upgraded referencing
the space itself, but there isn't an easy way to
do it otherwise.
2025-07-19 18:35:58 +01:00
nexy7574
62bdfe1ce8
feat(space-upgrades): Copy over space child & parent states
2025-07-19 18:35:56 +01:00
Jade Ellis
6a4905271e
refactor: Add with_lock traits
2025-07-16 23:27:13 +01:00
Nyx
5bf20db8e7
Add /_continuwuity/ paths
2025-07-14 17:49:06 +00:00
nexy7574
1abe8f7835
fix: Creation bug
Documentation / Build and Deploy Documentation (push) Has been skipped
Checks / Prefligit / prefligit (push) Failing after 13s
Release Docker Image / define-variables (push) Failing after 5s
Release Docker Image / build-image (linux/amd64, release, linux-amd64, base) (push) Has been skipped
Release Docker Image / build-image (linux/arm64, release, linux-arm64, base) (push) Has been skipped
Release Docker Image / merge (push) Has been skipped
Checks / Rust / Format (push) Failing after 6s
Checks / Rust / Clippy (push) Failing after 16s
Checks / Rust / Cargo Test (push) Failing after 11s
2025-07-12 22:37:49 +01:00
nexy7574
ce84c46459
style(902): Fix clippy complaining about cast
Documentation / Build and Deploy Documentation (push) Has been skipped
Checks / Prefligit / prefligit (push) Failing after 1s
Release Docker Image / define-variables (push) Failing after 1s
Release Docker Image / build-image (linux/amd64, release, linux-amd64, base) (push) Has been skipped
Release Docker Image / build-image (linux/arm64, release, linux-arm64, base) (push) Has been skipped
Release Docker Image / merge (push) Has been skipped
Checks / Rust / Format (push) Failing after 3s
Checks / Rust / Clippy (push) Failing after 8s
Checks / Rust / Cargo Test (push) Failing after 11s
2025-07-09 15:28:31 +01:00
nexy7574
7b60f5368d
feat(902): Upload files for admin commands that are too long
2025-07-09 15:11:09 +01:00
nexy7574
e61a593932
fix: Implement MSC4307
Documentation / Build and Deploy Documentation (push) Has been skipped
Checks / Prefligit / prefligit (push) Failing after 3s
Release Docker Image / define-variables (push) Failing after 4s
Release Docker Image / build-image (linux/amd64, release, linux-amd64, base) (push) Has been skipped
Release Docker Image / build-image (linux/arm64, release, linux-arm64, base) (push) Has been skipped
Release Docker Image / merge (push) Has been skipped
Checks / Rust / Format (push) Failing after 2s
Checks / Rust / Clippy (push) Failing after 15s
Checks / Rust / Cargo Test (push) Failing after 15s
2025-07-08 22:40:44 +00:00
nexy7574
c362499cef
docs(recaptcha): Clarify registration when token & captcha are configured
2025-07-08 19:34:47 +01:00
nexy7574
14774fa153
feat(recaptcha): Don't allow pubkey without associated privkey
2025-07-08 19:32:23 +01:00
nexy7574
ff805d8ae1
feat(recaptcha): Fix linting issues after the linter fix lied to me
2025-07-08 19:27:51 +01:00
