-
-
Notifications
You must be signed in to change notification settings - Fork 2.1k
Cross-signing [2/4] - upload/download keys #5769
Cross-signing [2/4] - upload/download keys #5769
Conversation
This is a prerequisite for cross-signing, as it allows us to create other things that live within the device namespace, so they can be used for signatures.
(by going back to not using SQL directly)
There seems to be a race condition in the unit test, but I'm not sure how to fix it. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
generally looking sane, a few nits
@@ -145,3 +147,66 @@ def test_claim_one_time_key(self): | |||
"one_time_keys": {local_user: {device_id: {"alg1:k1": "key1"}}}, | |||
}, | |||
) | |||
|
|||
@defer.inlineCallbacks | |||
def test_replace_master_key(self): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
as a general note for future reference, we're moving away from this style of test towards ones which (a) inherit from HomeserverTestCase
to instantiate a Homeserver with a mock reactor and (b) exercise the REST API rather than the mid-layer of the handlers.
Yeah, odd. Can you reproduce it locally? If so, and if you turn the verbosity right up ( |
OK, I think I know what's up with the unit test. When I fetch the cross-signing key, I order by timestamp and pick the first one. But the timestamp only has 1-second resolution, and the unit tests run too fast, so the two keys get stored with the timestamp. So when it fetches the keys, it basically picks one at random. (I guess the fact that it's never happened on my laptop means that my laptop is slow enough that the keys don't have the same timestamp. Or it's just extremely lucky.) So, what's the best way of ensuring that the key that was last stored is the one that gets selected? Normally, I would use an |
Codecov Report
@@ Coverage Diff @@
## uhoreg/e2e_cross-signing_merged #5769 +/- ##
==================================================================
Coverage ? 63.45%
==================================================================
Files ? 331
Lines ? 36668
Branches ? 6068
==================================================================
Hits ? 23267
Misses ? 11729
Partials ? 1672 |
Switching to using stream ID generator seems to have fixed the tests. The sytest failure I think is not-my-fault, since it's only failing in the worker sytest, and the sytest that's running against it isn't even calling any cross-signing functionality, but it's hard to tell because it doesn't seem to be copying the sytest artifacts properly. |
Adds a flag to `/versions`' `unstable_features` section indicating that this Synapse understands what an `id_access_token` is, as per #5927 (comment) Fixes #5927
Python will return a tuple whether there are parentheses around the returned values or not. I'm just sick of my editor complaining about this all over the place :)
Signed-off-by: Aaron Raimist <aaron@raim.ist>
* fix thumbnail storage location Signed-off-by: Lorenz Steinert <lorenz@steinerts.de> * Add changelog file. Signed-off-by: Lorenz Steinert <lorenz@steinerts.de> * Update Changelog Signed-off-by: Lorenz Steinert <lorenz@steinerts.de>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm now, modulo the build failure. Apparently @hawkowl has updated the build scripts to fix the artifact uploads, so could you merge latest develop in?
Sounds like you've fixed it, either way, but:
1 millisecond, surely? |
These methods were part of the v1 C/S API. Remove them as they are no longer used by any code paths.
Trace device list changes.
Remove all the "double return" statements which were a result of us removing all the instances of ``` defer.returnValue(...) return ``` statements when we switched to python3 fully.
* Ensure an auth instance is available to ListMediaInRoom Fixes #5737 * Changelog
…D/GID (#5970) Adjust su-exec to only be used if needed. If UID == getuid() and GID == getgid() then we do not need to su-exec, and chmod will not work.
* Ensure the list media admin API is always available This API is required for some external media repo implementations to operate (mostly for doing quarantine operations on a room). * changelog
Previously the stats were not being correctly populated.
Very small code cleanup.
Removes the `bind_email` and `bind_msisdn` parameters from the `/register` C/S API endpoint as per [MSC2140: Terms of Service for ISes and IMs](https://github.com/matrix-org/matrix-doc/pull/2140/files#diff-c03a26de5ac40fb532de19cb7fc2aaf7R107).
This is just #4970, with #5759 split off.
Created a new PR so that the review comments don't disappear, since this would be a force-push.