From 36b3b75b21ce9702434830795400ef58873a0492 Mon Sep 17 00:00:00 2001 From: Erik Johnston Date: Thu, 28 May 2015 11:01:34 +0100 Subject: [PATCH 1/8] Registration should be disabled by default --- synapse/config/registration.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/synapse/config/registration.py b/synapse/config/registration.py index b39989a87f..67e780864e 100644 --- a/synapse/config/registration.py +++ b/synapse/config/registration.py @@ -39,7 +39,7 @@ class RegistrationConfig(Config): ## Registration ## # Enable registration for new users. - enable_registration: True + enable_registration: False # If set, allows registration by anyone who also has the shared # secret, even if registration is otherwise disabled. From 31ade3b3e957986bc13d4dfe8780ef1abb1a10cc Mon Sep 17 00:00:00 2001 From: Erik Johnston Date: Thu, 28 May 2015 13:45:23 +0100 Subject: [PATCH 2/8] Remove a deep copy --- synapse/util/jsonobject.py | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/synapse/util/jsonobject.py b/synapse/util/jsonobject.py index 0765f7d217..186ff2335b 100644 --- a/synapse/util/jsonobject.py +++ b/synapse/util/jsonobject.py @@ -76,15 +76,7 @@ class JsonEncodedObject(object): if k in self.valid_keys and k not in self.internal_keys } d.update(self.unrecognized_keys) - return copy.deepcopy(d) - - def get_full_dict(self): - d = { - k: _encode(v) for (k, v) in self.__dict__.items() - if k in self.valid_keys or k in self.internal_keys - } - d.update(self.unrecognized_keys) - return copy.deepcopy(d) + return d def __str__(self): return "(%s, %s)" % (self.__class__.__name__, repr(self.__dict__)) From 291e942332e06cf1aa14f2e608dee0e50deed8ff Mon Sep 17 00:00:00 2001 From: Erik Johnston Date: Thu, 28 May 2015 15:34:00 +0100 Subject: [PATCH 3/8] Use connection pool for federation connections --- synapse/http/matrixfederationclient.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/synapse/http/matrixfederationclient.py b/synapse/http/matrixfederationclient.py index 6f976d5ce8..9b6ba2d548 100644 --- a/synapse/http/matrixfederationclient.py +++ b/synapse/http/matrixfederationclient.py @@ -16,7 +16,7 @@ from twisted.internet import defer, reactor, protocol from twisted.internet.error import DNSLookupError -from twisted.web.client import readBody, _AgentBase, _URI +from twisted.web.client import readBody, _AgentBase, _URI, HTTPConnectionPool from twisted.web.http_headers import Headers from twisted.web._newclient import ResponseDone @@ -103,7 +103,8 @@ class MatrixFederationHttpClient(object): self.hs = hs self.signing_key = hs.config.signing_key[0] self.server_name = hs.hostname - self.agent = MatrixFederationHttpAgent(reactor) + pool = HTTPConnectionPool(reactor) + self.agent = MatrixFederationHttpAgent(reactor, pool) self.clock = hs.get_clock() self.version_string = hs.version_string From 086df807905178c0a9de8de61e50c31354c46bc3 Mon Sep 17 00:00:00 2001 From: Erik Johnston Date: Thu, 28 May 2015 15:41:50 +0100 Subject: [PATCH 4/8] Add connection pooling to SimpleHttpClient --- synapse/http/client.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/synapse/http/client.py b/synapse/http/client.py index 5b3cefb2dc..9c7fa29369 100644 --- a/synapse/http/client.py +++ b/synapse/http/client.py @@ -20,7 +20,8 @@ import synapse.metrics from twisted.internet import defer, reactor from twisted.web.client import ( - Agent, readBody, FileBodyProducer, PartialDownloadError + Agent, readBody, FileBodyProducer, PartialDownloadError, + HTTPConnectionPool, ) from twisted.web.http_headers import Headers @@ -55,7 +56,8 @@ class SimpleHttpClient(object): # The default context factory in Twisted 14.0.0 (which we require) is # BrowserLikePolicyForHTTPS which will do regular cert validation # 'like a browser' - self.agent = Agent(reactor) + pool = HTTPConnectionPool(reactor) + self.agent = Agent(reactor, pool) self.version_string = hs.version_string def request(self, method, *args, **kwargs): From 11f51e6deda8962a7b027dff8b631f0af26a74d9 Mon Sep 17 00:00:00 2001 From: Erik Johnston Date: Thu, 28 May 2015 15:45:46 +0100 Subject: [PATCH 5/8] Up maxPersistentPerHost count --- synapse/http/client.py | 1 + synapse/http/matrixfederationclient.py | 1 + 2 files changed, 2 insertions(+) diff --git a/synapse/http/client.py b/synapse/http/client.py index 9c7fa29369..8d6e89d6e7 100644 --- a/synapse/http/client.py +++ b/synapse/http/client.py @@ -57,6 +57,7 @@ class SimpleHttpClient(object): # BrowserLikePolicyForHTTPS which will do regular cert validation # 'like a browser' pool = HTTPConnectionPool(reactor) + pool.maxPersistentPerHost = 10 self.agent = Agent(reactor, pool) self.version_string = hs.version_string diff --git a/synapse/http/matrixfederationclient.py b/synapse/http/matrixfederationclient.py index 9b6ba2d548..44f0b00333 100644 --- a/synapse/http/matrixfederationclient.py +++ b/synapse/http/matrixfederationclient.py @@ -104,6 +104,7 @@ class MatrixFederationHttpClient(object): self.signing_key = hs.config.signing_key[0] self.server_name = hs.hostname pool = HTTPConnectionPool(reactor) + pool.maxPersistentPerHost = 10 self.agent = MatrixFederationHttpAgent(reactor, pool) self.clock = hs.get_clock() self.version_string = hs.version_string From dd74436ffd227fb525fd1d784dfd9d09f0f9f5dc Mon Sep 17 00:00:00 2001 From: Erik Johnston Date: Thu, 28 May 2015 15:47:20 +0100 Subject: [PATCH 6/8] Unused import --- synapse/util/jsonobject.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/synapse/util/jsonobject.py b/synapse/util/jsonobject.py index 186ff2335b..00f86ed220 100644 --- a/synapse/util/jsonobject.py +++ b/synapse/util/jsonobject.py @@ -13,8 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -import copy - class JsonEncodedObject(object): """ A common base class for defining protocol units that are represented From 79e37a7ecbb566f63393ee47728e5cddfdc2810e Mon Sep 17 00:00:00 2001 From: Erik Johnston Date: Thu, 28 May 2015 16:48:53 +0100 Subject: [PATCH 7/8] Correctly pass connection pool parameter --- synapse/http/client.py | 2 +- synapse/http/matrixfederationclient.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/synapse/http/client.py b/synapse/http/client.py index 8d6e89d6e7..e746f2416e 100644 --- a/synapse/http/client.py +++ b/synapse/http/client.py @@ -58,7 +58,7 @@ class SimpleHttpClient(object): # 'like a browser' pool = HTTPConnectionPool(reactor) pool.maxPersistentPerHost = 10 - self.agent = Agent(reactor, pool) + self.agent = Agent(reactor, pool=pool) self.version_string = hs.version_string def request(self, method, *args, **kwargs): diff --git a/synapse/http/matrixfederationclient.py b/synapse/http/matrixfederationclient.py index 44f0b00333..7f3d8fc884 100644 --- a/synapse/http/matrixfederationclient.py +++ b/synapse/http/matrixfederationclient.py @@ -105,7 +105,7 @@ class MatrixFederationHttpClient(object): self.server_name = hs.hostname pool = HTTPConnectionPool(reactor) pool.maxPersistentPerHost = 10 - self.agent = MatrixFederationHttpAgent(reactor, pool) + self.agent = MatrixFederationHttpAgent(reactor, pool=pool) self.clock = hs.get_clock() self.version_string = hs.version_string From afbd3b2fc4834a0f03236b550892e0f1d96b54c3 Mon Sep 17 00:00:00 2001 From: Erik Johnston Date: Thu, 28 May 2015 18:05:00 +0100 Subject: [PATCH 8/8] SYN-395: Fix CAPTCHA, don't double decode json --- synapse/handlers/auth.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py index 4e2e50345e..0cc28248a9 100644 --- a/synapse/handlers/auth.py +++ b/synapse/handlers/auth.py @@ -187,7 +187,7 @@ class AuthHandler(BaseHandler): # each request try: client = SimpleHttpClient(self.hs) - data = yield client.post_urlencoded_get_json( + resp_body = yield client.post_urlencoded_get_json( "https://www.google.com/recaptcha/api/siteverify", args={ 'secret': self.hs.config.recaptcha_private_key, @@ -198,7 +198,8 @@ class AuthHandler(BaseHandler): except PartialDownloadError as pde: # Twisted is silly data = pde.response - resp_body = simplejson.loads(data) + resp_body = simplejson.loads(data) + if 'success' in resp_body and resp_body['success']: defer.returnValue(True) raise LoginError(401, "", errcode=Codes.UNAUTHORIZED)