Skip to content

Commit

Permalink
privacy by default for room dir (matrix-org#6355)
Browse files Browse the repository at this point in the history
Ensure that the the default settings for the room directory are that the it is hidden from public view by default.
  • Loading branch information
neilisfragile authored Dec 4, 2019
1 parent 0120875 commit cb0aeb1
Show file tree
Hide file tree
Showing 5 changed files with 91 additions and 18 deletions.
17 changes: 17 additions & 0 deletions UPGRADE.rst
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,23 @@ for example:
wget https://packages.matrix.org/debian/pool/main/m/matrix-synapse-py3/matrix-synapse-py3_1.3.0+stretch1_amd64.deb
dpkg -i matrix-synapse-py3_1.3.0+stretch1_amd64.deb
Upgrading to v1.7.0
===================

In an attempt to configure Synapse in a privacy preserving way, the default
behaviours of ``allow_public_rooms_without_auth`` and
``allow_public_rooms_over_federation`` have been inverted. This means that by
default, only authenticated users querying the Client/Server API will be able
to query the room directory, and relatedly that the server will not share
room directory information with other servers over federation.

If your installation does not explicitly set these settings one way or the other
and you want either setting to be ``true`` then it will necessary to update
your homeserver configuration file accordingly.

For more details on the surrounding context see our `explainer
<https://matrix.org/blog/2019/11/09/avoiding-unwelcome-visitors-on-private-matrix-servers>`_.


Upgrading to v1.5.0
===================
Expand Down
1 change: 1 addition & 0 deletions changelog.d/6354.feature
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Configure privacy preserving settings by default for the room directory.
13 changes: 7 additions & 6 deletions docs/sample_config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -54,15 +54,16 @@ pid_file: DATADIR/homeserver.pid
#
#require_auth_for_profile_requests: true

# If set to 'false', requires authentication to access the server's public rooms
# directory through the client API. Defaults to 'true'.
# If set to 'true', removes the need for authentication to access the server's
# public rooms directory through the client API, meaning that anyone can
# query the room directory. Defaults to 'false'.
#
#allow_public_rooms_without_auth: false
#allow_public_rooms_without_auth: true

# If set to 'false', forbids any other homeserver to fetch the server's public
# rooms directory via federation. Defaults to 'true'.
# If set to 'true', allows any other homeserver to fetch the server's public
# rooms directory via federation. Defaults to 'false'.
#
#allow_public_rooms_over_federation: false
#allow_public_rooms_over_federation: true

# The default room version for newly created rooms.
#
Expand Down
26 changes: 14 additions & 12 deletions synapse/config/server.py
Original file line number Diff line number Diff line change
Expand Up @@ -118,15 +118,16 @@ def read_config(self, config, **kwargs):
self.allow_public_rooms_without_auth = False
self.allow_public_rooms_over_federation = False
else:
# If set to 'False', requires authentication to access the server's public
# rooms directory through the client API. Defaults to 'True'.
# If set to 'true', removes the need for authentication to access the server's
# public rooms directory through the client API, meaning that anyone can
# query the room directory. Defaults to 'false'.
self.allow_public_rooms_without_auth = config.get(
"allow_public_rooms_without_auth", True
"allow_public_rooms_without_auth", False
)
# If set to 'False', forbids any other homeserver to fetch the server's public
# rooms directory via federation. Defaults to 'True'.
# If set to 'true', allows any other homeserver to fetch the server's public
# rooms directory via federation. Defaults to 'false'.
self.allow_public_rooms_over_federation = config.get(
"allow_public_rooms_over_federation", True
"allow_public_rooms_over_federation", False
)

default_room_version = config.get("default_room_version", DEFAULT_ROOM_VERSION)
Expand Down Expand Up @@ -620,15 +621,16 @@ def generate_config_section(
#
#require_auth_for_profile_requests: true
# If set to 'false', requires authentication to access the server's public rooms
# directory through the client API. Defaults to 'true'.
# If set to 'true', removes the need for authentication to access the server's
# public rooms directory through the client API, meaning that anyone can
# query the room directory. Defaults to 'false'.
#
#allow_public_rooms_without_auth: false
#allow_public_rooms_without_auth: true
# If set to 'false', forbids any other homeserver to fetch the server's public
# rooms directory via federation. Defaults to 'true'.
# If set to 'true', allows any other homeserver to fetch the server's public
# rooms directory via federation. Defaults to 'false'.
#
#allow_public_rooms_over_federation: false
#allow_public_rooms_over_federation: true
# The default room version for newly created rooms.
#
Expand Down
52 changes: 52 additions & 0 deletions tests/federation/transport/test_server.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
# -*- coding: utf-8 -*-
# Copyright 2019 The Matrix.org Foundation C.I.C.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.


from twisted.internet import defer

from synapse.config.ratelimiting import FederationRateLimitConfig
from synapse.federation.transport import server
from synapse.util.ratelimitutils import FederationRateLimiter

from tests import unittest
from tests.unittest import override_config


class RoomDirectoryFederationTests(unittest.HomeserverTestCase):
def prepare(self, reactor, clock, homeserver):
class Authenticator(object):
def authenticate_request(self, request, content):
return defer.succeed("otherserver.nottld")

ratelimiter = FederationRateLimiter(clock, FederationRateLimitConfig())
server.register_servlets(
homeserver, self.resource, Authenticator(), ratelimiter
)

@override_config({"allow_public_rooms_over_federation": False})
def test_blocked_public_room_list_over_federation(self):
request, channel = self.make_request(
"GET", "/_matrix/federation/v1/publicRooms"
)
self.render(request)
self.assertEquals(403, channel.code)

@override_config({"allow_public_rooms_over_federation": True})
def test_open_public_room_list_over_federation(self):
request, channel = self.make_request(
"GET", "/_matrix/federation/v1/publicRooms"
)
self.render(request)
self.assertEquals(200, channel.code)

0 comments on commit cb0aeb1

Please sign in to comment.