Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Give the user a better error when they present bad SSO creds #9091

Merged
merged 3 commits into from
Jan 15, 2021

Conversation

richvdh
Copy link
Member

@richvdh richvdh commented Jan 12, 2021

If a user tries to do UI Auth via SSO, but uses the wrong account on the SSO IdP, try to give them a better error.

Previously, the UIA would claim to be successful, but then the operation in question would simply fail with "auth fail". Instead, serve up an error page which explains the failure.

I've also inlined AuthHandler.complete_sso_ui_auth while I'm in the area. Generally I think that AuthHandler has too much miscellaneous stuff in, and pulling things out of it will make things cleaner.

@richvdh richvdh force-pushed the rav/error_on_bad_sso branch from 573ff48 to b963939 Compare January 13, 2021 11:14
)
respond_with_html(request, 200, html)
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

wasn't quite sure if 200 was the right thing here.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can make it a 400, but it shouldn't really matter since it will just be shown in a browser? I guess it matters how we want it to show up in the logs?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

well right...

@richvdh richvdh force-pushed the rav/error_on_bad_sso branch 2 times, most recently from d87d365 to f4e07ed Compare January 13, 2021 16:11
@richvdh richvdh requested a review from a team January 13, 2021 17:55
If a user tries to do UI Auth via SSO, but uses the wrong account on the SSO
IdP, try to give them a better error.

Previously, the UIA would claim to be successful, but then the operation in
question would simply fail with "auth fail". Instead, serve up an error page
which explains the failure.
since we're hacking on this code anyway, may as well move it out of the
cluttered AuthHandler.
@richvdh richvdh force-pushed the rav/error_on_bad_sso branch from f4e07ed to 26d1033 Compare January 13, 2021 20:22
)
respond_with_html(request, 200, html)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can make it a 400, but it shouldn't really matter since it will just be shown in a browser? I guess it matters how we want it to show up in the logs?

@@ -0,0 +1,18 @@
<html>
<head>
<title>Authentication Failed</title>
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Part of me wonders if this really needs to be a separate template or if we can use the sso_error.html template?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I tried that to start with, but the phrasing of the sso_error.html template is very much geared to server-side or integration problems. This particular failure is really a user error, so the generic error wording didn't seem to fit.

@richvdh richvdh requested a review from a team January 14, 2021 18:03
@richvdh richvdh merged commit 14950a4 into develop Jan 15, 2021
@richvdh richvdh deleted the rav/error_on_bad_sso branch January 15, 2021 00:27
richvdh added a commit that referenced this pull request Jan 15, 2021
0dd2649 (#9112) changed the signature of `auth_via_oidc`. Meanwhile,
26d1033 (#9091) introduced a new test which relied on the old signature of
`auth_via_oidc`. The two branches were never tested together until they landed
in develop.
clokep added a commit that referenced this pull request Jan 20, 2021
Synapse 1.26.0rc1 (2021-01-20)
==============================

This release brings a new schema version for Synapse and rolling back to a previous
verious is not trivial.  Please review [UPGRADE.rst](UPGRADE.rst) for more details
on these changes  and for general upgrade guidance.

Features
--------

- Add support for multiple SSO Identity Providers. ([\#9015](#9015), [\#9017](#9017), [\#9036](#9036), [\#9067](#9067), [\#9081](#9081), [\#9082](#9082), [\#9105](#9105), [\#9107](#9107), [\#9109](#9109), [\#9110](#9110), [\#9127](#9127), [\#9153](#9153), [\#9154](#9154), [\#9177](#9177))
- During user-interactive authentication via single-sign-on, give a better error if the user uses the wrong account on the SSO IdP. ([\#9091](#9091))
- Give the `public_baseurl` a default value, if it is not explicitly set in the configuration file. ([\#9159](#9159))
- Improve performance when calculating ignored users in large rooms. ([\#9024](#9024))
- Implement [MSC2176](matrix-org/matrix-spec-proposals#2176) in an experimental room version. ([\#8984](#8984))
- Add an admin API for protecting local media from quarantine. ([\#9086](#9086))
- Remove a user's avatar URL and display name when deactivated with the Admin API. ([\#8932](#8932))
- Update `/_synapse/admin/v1/users/<user_id>/joined_rooms` to work for both local and remote users. ([\#8948](#8948))
- Add experimental support for handling to-device messages on worker processes. ([\#9042](#9042), [\#9043](#9043), [\#9044](#9044), [\#9130](#9130))
- Add experimental support for handling `/keys/claim` and `/room_keys` APIs on worker processes. ([\#9068](#9068))
- Add experimental support for handling `/devices` API on worker processes. ([\#9092](#9092))
- Add experimental support for moving off receipts and account data persistence off master. ([\#9104](#9104), [\#9166](#9166))

Bugfixes
--------

- Fix a long-standing issue where an internal server error would occur when requesting a profile over federation that did not include a display name / avatar URL. ([\#9023](#9023))
- Fix a long-standing bug where some caches could grow larger than configured. ([\#9028](#9028))
- Fix error handling during insertion of client IPs into the database. ([\#9051](#9051))
- Fix bug where we didn't correctly record CPU time spent in `on_new_event` block. ([\#9053](#9053))
- Fix a minor bug which could cause confusing error messages from invalid configurations. ([\#9054](#9054))
- Fix incorrect exit code when there is an error at startup. ([\#9059](#9059))
- Fix `JSONDecodeError` spamming the logs when sending transactions to remote servers. ([\#9070](#9070))
- Fix "Failed to send request" errors when a client provides an invalid room alias. ([\#9071](#9071))
- Fix bugs in federation catchup logic that caused outbound federation to be delayed for large servers after start up. Introduced in v1.8.0 and v1.21.0. ([\#9114](#9114), [\#9116](#9116))
- Fix corruption of `pushers` data when a postgres bouncer is used. ([\#9117](#9117))
- Fix minor bugs in handling the `clientRedirectUrl` parameter for SSO login. ([\#9128](#9128))
- Fix "Unhandled error in Deferred: BodyExceededMaxSize" errors when .well-known files that are too large. ([\#9108](#9108))
- Fix "UnboundLocalError: local variable 'length' referenced before assignment" errors when the response body exceeds the expected size. This bug was introduced in v1.25.0. ([\#9145](#9145))
- Fix a long-standing bug "ValueError: invalid literal for int() with base 10" when `/publicRooms` is requested with an invalid `server` parameter. ([\#9161](#9161))

Improved Documentation
----------------------

- Add some extra docs for getting Synapse running on macOS. ([\#8997](#8997))
- Correct a typo in the `systemd-with-workers` documentation. ([\#9035](#9035))
- Correct a typo in `INSTALL.md`. ([\#9040](#9040))
- Add missing `user_mapping_provider` configuration to the Keycloak OIDC example. Contributed by @chris-ruecker. ([\#9057](#9057))
- Quote `pip install` packages when extras are used to avoid shells interpreting bracket characters. ([\#9151](#9151))

Deprecations and Removals
-------------------------

- Remove broken and unmaintained `demo/webserver.py` script. ([\#9039](#9039))

Internal Changes
----------------

- Improve efficiency of large state resolutions. ([\#8868](#8868), [\#9029](#9029), [\#9115](#9115), [\#9118](#9118), [\#9124](#9124))
- Various clean-ups to the structured logging and logging context code. ([\#8939](#8939))
- Ensure rejected events get added to some metadata tables. ([\#9016](#9016))
- Ignore date-rotated homeserver logs saved to disk. ([\#9018](#9018))
- Remove an unused column from `access_tokens` table. ([\#9025](#9025))
- Add a `-noextras` factor to `tox.ini`, to support running the tests with no optional dependencies. ([\#9030](#9030))
- Fix running unit tests when optional dependencies are not installed. ([\#9031](#9031))
- Allow bumping schema version when using split out state database. ([\#9033](#9033))
- Configure the linters to run on a consistent set of files. ([\#9038](#9038))
- Various cleanups to device inbox store. ([\#9041](#9041))
- Drop unused database tables. ([\#9055](#9055))
- Remove unused `SynapseService` class. ([\#9058](#9058))
- Remove unnecessary declarations in the tests for the admin API. ([\#9063](#9063))
- Remove `SynapseRequest.get_user_agent`. ([\#9069](#9069))
- Remove redundant `Homeserver.get_ip_from_request` method. ([\#9080](#9080))
- Add type hints to media repository. ([\#9093](#9093))
- Fix the wrong arguments being passed to `BlacklistingAgentWrapper` from `MatrixFederationAgent`. Contributed by Timothy Leung. ([\#9098](#9098))
- Reduce the scope of caught exceptions in `BlacklistingAgentWrapper`. ([\#9106](#9106))
- Improve `UsernamePickerTestCase`. ([\#9112](#9112))
- Remove dependency on `distutils`. ([\#9125](#9125))
- Enforce that replication HTTP clients are called with keyword arguments only. ([\#9144](#9144))
- Fix the Python 3.5 / old dependencies build in CI. ([\#9146](#9146))
- Replace the old `perspectives` option in the Synapse docker config file template with `trusted_key_servers`. ([\#9157](#9157))
richvdh added a commit that referenced this pull request Jan 27, 2021
Synapse 1.26.0 (2021-01-27)
===========================

This release brings a new schema version for Synapse and rolling back to a previous
version is not trivial. Please review [UPGRADE.rst](UPGRADE.rst) for more details
on these changes and for general upgrade guidance.

No significant changes since 1.26.0rc2.

Synapse 1.26.0rc2 (2021-01-25)
==============================

Bugfixes
--------

- Fix receipts and account data not being sent down sync. Introduced in v1.26.0rc1. ([\#9193](#9193), [\#9195](#9195))
- Fix chain cover update to handle events with duplicate auth events. Introduced in v1.26.0rc1. ([\#9210](#9210))

Internal Changes
----------------

- Add an `oidc-` prefix to any `idp_id`s which are given in the `oidc_providers` configuration. ([\#9189](#9189))
- Bump minimum `psycopg2` version to v2.8. ([\#9204](#9204))

Synapse 1.26.0rc1 (2021-01-20)
==============================

This release brings a new schema version for Synapse and rolling back to a previous
version is not trivial. Please review [UPGRADE.rst](UPGRADE.rst) for more details
on these changes and for general upgrade guidance.

Features
--------

- Add support for multiple SSO Identity Providers. ([\#9015](#9015), [\#9017](#9017), [\#9036](#9036), [\#9067](#9067), [\#9081](#9081), [\#9082](#9082), [\#9105](#9105), [\#9107](#9107), [\#9109](#9109), [\#9110](#9110), [\#9127](#9127), [\#9153](#9153), [\#9154](#9154), [\#9177](#9177))
- During user-interactive authentication via single-sign-on, give a better error if the user uses the wrong account on the SSO IdP. ([\#9091](#9091))
- Give the `public_baseurl` a default value, if it is not explicitly set in the configuration file. ([\#9159](#9159))
- Improve performance when calculating ignored users in large rooms. ([\#9024](#9024))
- Implement [MSC2176](matrix-org/matrix-spec-proposals#2176) in an experimental room version. ([\#8984](#8984))
- Add an admin API for protecting local media from quarantine. ([\#9086](#9086))
- Remove a user's avatar URL and display name when deactivated with the Admin API. ([\#8932](#8932))
- Update `/_synapse/admin/v1/users/<user_id>/joined_rooms` to work for both local and remote users. ([\#8948](#8948))
- Add experimental support for handling to-device messages on worker processes. ([\#9042](#9042), [\#9043](#9043), [\#9044](#9044), [\#9130](#9130))
- Add experimental support for handling `/keys/claim` and `/room_keys` APIs on worker processes. ([\#9068](#9068))
- Add experimental support for handling `/devices` API on worker processes. ([\#9092](#9092))
- Add experimental support for moving off receipts and account data persistence off master. ([\#9104](#9104), [\#9166](#9166))

Bugfixes
--------

- Fix a long-standing issue where an internal server error would occur when requesting a profile over federation that did not include a display name / avatar URL. ([\#9023](#9023))
- Fix a long-standing bug where some caches could grow larger than configured. ([\#9028](#9028))
- Fix error handling during insertion of client IPs into the database. ([\#9051](#9051))
- Fix bug where we didn't correctly record CPU time spent in `on_new_event` block. ([\#9053](#9053))
- Fix a minor bug which could cause confusing error messages from invalid configurations. ([\#9054](#9054))
- Fix incorrect exit code when there is an error at startup. ([\#9059](#9059))
- Fix `JSONDecodeError` spamming the logs when sending transactions to remote servers. ([\#9070](#9070))
- Fix "Failed to send request" errors when a client provides an invalid room alias. ([\#9071](#9071))
- Fix bugs in federation catchup logic that caused outbound federation to be delayed for large servers after start up. Introduced in v1.8.0 and v1.21.0. ([\#9114](#9114), [\#9116](#9116))
- Fix corruption of `pushers` data when a postgres bouncer is used. ([\#9117](#9117))
- Fix minor bugs in handling the `clientRedirectUrl` parameter for SSO login. ([\#9128](#9128))
- Fix "Unhandled error in Deferred: BodyExceededMaxSize" errors when .well-known files that are too large. ([\#9108](#9108))
- Fix "UnboundLocalError: local variable 'length' referenced before assignment" errors when the response body exceeds the expected size. This bug was introduced in v1.25.0. ([\#9145](#9145))
- Fix a long-standing bug "ValueError: invalid literal for int() with base 10" when `/publicRooms` is requested with an invalid `server` parameter. ([\#9161](#9161))

Improved Documentation
----------------------

- Add some extra docs for getting Synapse running on macOS. ([\#8997](#8997))
- Correct a typo in the `systemd-with-workers` documentation. ([\#9035](#9035))
- Correct a typo in `INSTALL.md`. ([\#9040](#9040))
- Add missing `user_mapping_provider` configuration to the Keycloak OIDC example. Contributed by @chris-ruecker. ([\#9057](#9057))
- Quote `pip install` packages when extras are used to avoid shells interpreting bracket characters. ([\#9151](#9151))

Deprecations and Removals
-------------------------

- Remove broken and unmaintained `demo/webserver.py` script. ([\#9039](#9039))

Internal Changes
----------------

- Improve efficiency of large state resolutions. ([\#8868](#8868), [\#9029](#9029), [\#9115](#9115), [\#9118](#9118), [\#9124](#9124))
- Various clean-ups to the structured logging and logging context code. ([\#8939](#8939))
- Ensure rejected events get added to some metadata tables. ([\#9016](#9016))
- Ignore date-rotated homeserver logs saved to disk. ([\#9018](#9018))
- Remove an unused column from `access_tokens` table. ([\#9025](#9025))
- Add a `-noextras` factor to `tox.ini`, to support running the tests with no optional dependencies. ([\#9030](#9030))
- Fix running unit tests when optional dependencies are not installed. ([\#9031](#9031))
- Allow bumping schema version when using split out state database. ([\#9033](#9033))
- Configure the linters to run on a consistent set of files. ([\#9038](#9038))
- Various cleanups to device inbox store. ([\#9041](#9041))
- Drop unused database tables. ([\#9055](#9055))
- Remove unused `SynapseService` class. ([\#9058](#9058))
- Remove unnecessary declarations in the tests for the admin API. ([\#9063](#9063))
- Remove `SynapseRequest.get_user_agent`. ([\#9069](#9069))
- Remove redundant `Homeserver.get_ip_from_request` method. ([\#9080](#9080))
- Add type hints to media repository. ([\#9093](#9093))
- Fix the wrong arguments being passed to `BlacklistingAgentWrapper` from `MatrixFederationAgent`. Contributed by Timothy Leung. ([\#9098](#9098))
- Reduce the scope of caught exceptions in `BlacklistingAgentWrapper`. ([\#9106](#9106))
- Improve `UsernamePickerTestCase`. ([\#9112](#9112))
- Remove dependency on `distutils`. ([\#9125](#9125))
- Enforce that replication HTTP clients are called with keyword arguments only. ([\#9144](#9144))
- Fix the Python 3.5 / old dependencies build in CI. ([\#9146](#9146))
- Replace the old `perspectives` option in the Synapse docker config file template with `trusted_key_servers`. ([\#9157](#9157))
netbsd-srcmastr pushed a commit to NetBSD/pkgsrc that referenced this pull request Jan 31, 2021
Synapse 1.26.0 (2021-01-27)
===========================

This release brings a new schema version for Synapse and rolling back to a previous
version is not trivial. Please review [UPGRADE.rst](UPGRADE.rst) for more details
on these changes and for general upgrade guidance.

No significant changes since 1.26.0rc2.


Synapse 1.26.0rc2 (2021-01-25)
==============================

Bugfixes
--------

- Fix receipts and account data not being sent down sync. Introduced in v1.26.0rc1. ([\#9193](matrix-org/synapse#9193), [\#9195](matrix-org/synapse#9195))
- Fix chain cover update to handle events with duplicate auth events. Introduced in v1.26.0rc1. ([\#9210](matrix-org/synapse#9210))


Internal Changes
----------------

- Add an `oidc-` prefix to any `idp_id`s which are given in the `oidc_providers` configuration. ([\#9189](matrix-org/synapse#9189))
- Bump minimum `psycopg2` version to v2.8. ([\#9204](matrix-org/synapse#9204))


Synapse 1.26.0rc1 (2021-01-20)
==============================

This release brings a new schema version for Synapse and rolling back to a previous
version is not trivial. Please review [UPGRADE.rst](UPGRADE.rst) for more details
on these changes and for general upgrade guidance.

Features
--------

- Add support for multiple SSO Identity Providers. ([\#9015](matrix-org/synapse#9015), [\#9017](matrix-org/synapse#9017), [\#9036](matrix-org/synapse#9036), [\#9067](matrix-org/synapse#9067), [\#9081](matrix-org/synapse#9081), [\#9082](matrix-org/synapse#9082), [\#9105](matrix-org/synapse#9105), [\#9107](matrix-org/synapse#9107), [\#9109](matrix-org/synapse#9109), [\#9110](matrix-org/synapse#9110), [\#9127](matrix-org/synapse#9127), [\#9153](matrix-org/synapse#9153), [\#9154](matrix-org/synapse#9154), [\#9177](matrix-org/synapse#9177))
- During user-interactive authentication via single-sign-on, give a better error if the user uses the wrong account on the SSO IdP. ([\#9091](matrix-org/synapse#9091))
- Give the `public_baseurl` a default value, if it is not explicitly set in the configuration file. ([\#9159](matrix-org/synapse#9159))
- Improve performance when calculating ignored users in large rooms. ([\#9024](matrix-org/synapse#9024))
- Implement [MSC2176](matrix-org/matrix-spec-proposals#2176) in an experimental room version. ([\#8984](matrix-org/synapse#8984))
- Add an admin API for protecting local media from quarantine. ([\#9086](matrix-org/synapse#9086))
- Remove a user's avatar URL and display name when deactivated with the Admin API. ([\#8932](matrix-org/synapse#8932))
- Update `/_synapse/admin/v1/users/<user_id>/joined_rooms` to work for both local and remote users. ([\#8948](matrix-org/synapse#8948))
- Add experimental support for handling to-device messages on worker processes. ([\#9042](matrix-org/synapse#9042), [\#9043](matrix-org/synapse#9043), [\#9044](matrix-org/synapse#9044), [\#9130](matrix-org/synapse#9130))
- Add experimental support for handling `/keys/claim` and `/room_keys` APIs on worker processes. ([\#9068](matrix-org/synapse#9068))
- Add experimental support for handling `/devices` API on worker processes. ([\#9092](matrix-org/synapse#9092))
- Add experimental support for moving off receipts and account data persistence off master. ([\#9104](matrix-org/synapse#9104), [\#9166](matrix-org/synapse#9166))


Bugfixes
--------

- Fix a long-standing issue where an internal server error would occur when requesting a profile over federation that did not include a display name / avatar URL. ([\#9023](matrix-org/synapse#9023))
- Fix a long-standing bug where some caches could grow larger than configured. ([\#9028](matrix-org/synapse#9028))
- Fix error handling during insertion of client IPs into the database. ([\#9051](matrix-org/synapse#9051))
- Fix bug where we didn't correctly record CPU time spent in `on_new_event` block. ([\#9053](matrix-org/synapse#9053))
- Fix a minor bug which could cause confusing error messages from invalid configurations. ([\#9054](matrix-org/synapse#9054))
- Fix incorrect exit code when there is an error at startup. ([\#9059](matrix-org/synapse#9059))
- Fix `JSONDecodeError` spamming the logs when sending transactions to remote servers. ([\#9070](matrix-org/synapse#9070))
- Fix "Failed to send request" errors when a client provides an invalid room alias. ([\#9071](matrix-org/synapse#9071))
- Fix bugs in federation catchup logic that caused outbound federation to be delayed for large servers after start up. Introduced in v1.8.0 and v1.21.0. ([\#9114](matrix-org/synapse#9114), [\#9116](matrix-org/synapse#9116))
- Fix corruption of `pushers` data when a postgres bouncer is used. ([\#9117](matrix-org/synapse#9117))
- Fix minor bugs in handling the `clientRedirectUrl` parameter for SSO login. ([\#9128](matrix-org/synapse#9128))
- Fix "Unhandled error in Deferred: BodyExceededMaxSize" errors when .well-known files that are too large. ([\#9108](matrix-org/synapse#9108))
- Fix "UnboundLocalError: local variable 'length' referenced before assignment" errors when the response body exceeds the expected size. This bug was introduced in v1.25.0. ([\#9145](matrix-org/synapse#9145))
- Fix a long-standing bug "ValueError: invalid literal for int() with base 10" when `/publicRooms` is requested with an invalid `server` parameter. ([\#9161](matrix-org/synapse#9161))


Improved Documentation
----------------------

- Add some extra docs for getting Synapse running on macOS. ([\#8997](matrix-org/synapse#8997))
- Correct a typo in the `systemd-with-workers` documentation. ([\#9035](matrix-org/synapse#9035))
- Correct a typo in `INSTALL.md`. ([\#9040](matrix-org/synapse#9040))
- Add missing `user_mapping_provider` configuration to the Keycloak OIDC example. Contributed by @chris-ruecker. ([\#9057](matrix-org/synapse#9057))
- Quote `pip install` packages when extras are used to avoid shells interpreting bracket characters. ([\#9151](matrix-org/synapse#9151))


Deprecations and Removals
-------------------------

- Remove broken and unmaintained `demo/webserver.py` script. ([\#9039](matrix-org/synapse#9039))


Internal Changes
----------------

- Improve efficiency of large state resolutions. ([\#8868](matrix-org/synapse#8868), [\#9029](matrix-org/synapse#9029), [\#9115](matrix-org/synapse#9115), [\#9118](matrix-org/synapse#9118), [\#9124](matrix-org/synapse#9124))
- Various clean-ups to the structured logging and logging context code. ([\#8939](matrix-org/synapse#8939))
- Ensure rejected events get added to some metadata tables. ([\#9016](matrix-org/synapse#9016))
- Ignore date-rotated homeserver logs saved to disk. ([\#9018](matrix-org/synapse#9018))
- Remove an unused column from `access_tokens` table. ([\#9025](matrix-org/synapse#9025))
- Add a `-noextras` factor to `tox.ini`, to support running the tests with no optional dependencies. ([\#9030](matrix-org/synapse#9030))
- Fix running unit tests when optional dependencies are not installed. ([\#9031](matrix-org/synapse#9031))
- Allow bumping schema version when using split out state database. ([\#9033](matrix-org/synapse#9033))
- Configure the linters to run on a consistent set of files. ([\#9038](matrix-org/synapse#9038))
- Various cleanups to device inbox store. ([\#9041](matrix-org/synapse#9041))
- Drop unused database tables. ([\#9055](matrix-org/synapse#9055))
- Remove unused `SynapseService` class. ([\#9058](matrix-org/synapse#9058))
- Remove unnecessary declarations in the tests for the admin API. ([\#9063](matrix-org/synapse#9063))
- Remove `SynapseRequest.get_user_agent`. ([\#9069](matrix-org/synapse#9069))
- Remove redundant `Homeserver.get_ip_from_request` method. ([\#9080](matrix-org/synapse#9080))
- Add type hints to media repository. ([\#9093](matrix-org/synapse#9093))
- Fix the wrong arguments being passed to `BlacklistingAgentWrapper` from `MatrixFederationAgent`. Contributed by Timothy Leung. ([\#9098](matrix-org/synapse#9098))
- Reduce the scope of caught exceptions in `BlacklistingAgentWrapper`. ([\#9106](matrix-org/synapse#9106))
- Improve `UsernamePickerTestCase`. ([\#9112](matrix-org/synapse#9112))
- Remove dependency on `distutils`. ([\#9125](matrix-org/synapse#9125))
- Enforce that replication HTTP clients are called with keyword arguments only. ([\#9144](matrix-org/synapse#9144))
- Fix the Python 3.5 / old dependencies build in CI. ([\#9146](matrix-org/synapse#9146))
- Replace the old `perspectives` option in the Synapse docker config file template with `trusted_key_servers`. ([\#9157](matrix-org/synapse#9157))
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants