Skip to content

Releases: kamax-matrix/mxisd

v1.4.6

15 Aug 03:21
@maxidorius maxidorius
v1.4.6
6e9601c
Compare
Choose a tag to compare
v1.4.6 Latest
Latest

Notes

This is a enhancement release of the v1.4 branch. See the v1.4.0 release notes for more info about the new features since v1.3.x

Links

Fixes

The following fixes are included

  • Do not include appservices into the global results of a directory request when using Synapse DB as Identity Store (6e9601c)

Packages

Platform Type Command/Link
All Jar Download
Debian Package Download
Docker Image docker pull kamax/mxisd:1.4.6 (Repo)

Checksums

Platform Type SHA-256
All Jar 7eafd2825704d942f49d8969c968c6e6241225c9ae2e334477acf0c56a23682a
Debian Package e39a63ff83ee7c158706096ba6243539b9ee33ad5f1282c339ff6ea07522f364
Assets 2
Loading

v1.4.5

11 Jun 22:26
@maxidorius maxidorius
v1.4.5
a964b07
Compare
Choose a tag to compare
v1.4.5

Notes

This is a enhancement release of the v1.4 branch, following the Identity Service r0.2.0 specification release.
See the v1.4.0 release notes for more info about the new features since v1.3.x

Links

Enhancements

The following enhancements were added:

  • Debian package post-install script will now attempt to (re)start the mxisd service if a config file exists, avoiding the need to start mxisd again after an upgrade. (a964b07)
  • Various minor documentation fixes (d54f1dc, 2960368)

Changes

The following features/behaviour were changed:

  • 3PID unbind behaviour has been aligned with the Matrix spec following the first official specification of the endpoint. (f85345b)
  • 3PID unbind via Homeserver authhorization no longer trigger the fraudulent 3PID remove notification. (f85345b)

Packages

Platform Type Command/Link
All Jar Download
Debian Package Download
Docker Image docker pull kamax/mxisd:1.4.5 (Repo)

Checksums

Platform Type SHA-256
All Jar 63a5d9db307cd4c8cf4fc8e68d22351c0a7d34f9adf1defde4fa5e1dbdd0675f
Debian Package 40b27cd882863292481ba5bd0b425562984061a8c6188757113c8cc621813264
Assets 4
Loading

v1.4.4

30 May 13:04
@maxidorius maxidorius
v1.4.4
92f1034
Compare
Choose a tag to compare
v1.4.4

Notes

This is a maintenance release of the v1.4 branch, fixing issues with previous versions.
See the v1.4.0 release notes for more info about the new features since v1.3.x

Links

Enhancements

The following enhancements were added:

  • New URL-encoded placeholders in Template notification generator (27b2976) - Docs
  • Adapt 3PID builtin templates to account for semi-public servers and the Registration feature (0298f66, #128)

Fixes

The following issues were fixed:

  • Truncated HTML tag in built-in 3PID notification templates (917f87b)
  • Invalid reply to /3pid/bind as per spec (0ddd086) - Needed for synapse compatibility >= 0.99.4

Changes

The following features/behaviour were changed:

Packages

Platform Type Command/Link
All Jar Download
Debian Package Download
Docker Image docker pull kamax/mxisd:1.4.4 (Repo)

Checksums

Platform Type SHA-256
All Jar 68c78a0bbf50f4bf432b3e1127ffd1227fd6eaf53b6e872318bfb99939657ad2
Debian Package 87e4133c76577cdfab8e6ca921cd2dc0a05070a5b173bf0f3a94971e2df9ff6d
Assets 4
Loading

v1.4.3

13 May 23:09
@maxidorius maxidorius
v1.4.3
cd890d1
Compare
Choose a tag to compare
v1.4.3

Notes

This is a maintenance release of the v1.4 branch, fixing issues with previous versions.

See the v1.4.0 release notes for more info about the new features since v1.3.x

Fixes

  • Fix config parsing and error handling for Sendgrid and 3PID notifications (e6272b1, 9cc601d, 0fcc0d9)
  • Fix AS errors when user(s) left rooms (#172 via 8243354)
  • Fix conflict between 3PID expired user and Matrix ID users event (#173 via c3ce0a1)

Changes

  • Add logging statement when an AS request is denied to invalid credentials (25968e0)
  • Switch to Gradle 5 for build (3b01663)
  • Fix indentation in 3PID templates (cosmetic) (c7c009f)
  • Warn about possibly unresolvable 3PID invites (cd890d1)

Packages

Platform Type Command/Link
All Jar Download
Debian Package Download
Docker Image docker pull kamax/mxisd:1.4.3 (Repo)

Checksums

Platform Type SHA-256
All Jar b100799fbb9743c42c10aae732bd3ec945f7efbe11cc11981e07dd69a54a8070
Debian Package a61af528fbb3dd25aee55ac2473344f6909edad2e8a001da6732ee7d2aca006f
Assets 4
Loading

v1.4.2

28 Apr 07:11
@maxidorius maxidorius
v1.4.2
44a8046
Compare
Choose a tag to compare
v1.4.2

Notes

This is a maintenance release of the v1.4 branch, fixing issues with v1.4.0 and v1.4.1.

See the v1.4.0 release notes for more info about the new features since v1.3.x

Fixes

  • Produce signatures for 3PID lookups in a consistent way to always be valid (44a8046)

Packages

Platform Type Command/Link
All Jar Download
Debian Package Download
Docker Image docker pull kamax/mxisd:1.4.2 (Repo)

Checksums

Platform Type SHA-256
All Jar 2d1c689fd365bfe41c397b2e229a6232dcc1d895f8e7cf741347a440ce0895d7
Debian Package b1b585a4cd3477eda2bf15afd377698ac3276d6aadff59b9a402a6c52469d75d
Assets 4
Loading

v1.4.1

27 Apr 19:10
@maxidorius maxidorius
v1.4.1
85d9f9e
Compare
Choose a tag to compare
v1.4.1

Notes

This is a maintenance release of the v1.4 branch, fixing issues with v1.4.0.

See the v1.4.0 release notes for more info about the new features since v1.3.x

Fixes

  • Properly handle DNS SRV records when discovering the Homeserver endpoint for 3PID invite resolution

Packages

Platform Type Command/Link
All Jar Download
Debian Package Download
Docker Image docker pull kamax/mxisd:1.4.1 (Repo)

Checksums

Platform Type SHA-256
All Jar 29506796b62ccdd919c32c3a3647935f72746d03731555a89259ad2959f6a736
Debian Package 90d06327ab7f6da00e88e9f782516dbb75a342a197b41fe62bf796e535552156
Assets 4
Loading

v1.4.0

27 Apr 16:08
@maxidorius maxidorius
v1.4.0
6278301
Compare
Choose a tag to compare
v1.4.0

Notes

This new release focuses in new areas:

  • Administration commands/interfaces
  • Ability to expire and clean-up pending 3PID invites
  • Official support for semi-open server setups (best effort until now)
  • Provide control over the remaining Client API endpoints where 3PIDs are involved

Semi-open servers are defined as servers that:

  • Allow registration but only with some approval process
  • Only allows a specific set of people to create 3PID invites, which can be used to register a new account
  • Needs the ability to list and manage pending 3PID invites

IMPORTANT: This release changes the format of the data since previous releases. While this is an automatic upgrade, it also means it is not possible to downgrade to any previous version.
BE SURE TO BACKUP YOUR MXISD INSTALLATION! See the Operations document for details.

Special thanks to @miriamino for the extensive contributions/feedback in design, testing and troubleshooting of the new features in this release.

Features

The following new features were added:

Administration

It is now possible to administer your mxisd instance directly within your Matrix client, thanks to the Application Service feature of mxisd.

See the Documentation to get started.

3PID invite expiration

One of the main limitation in terms of 3PIDs in the Matrix protocol is the inability to cancel or otherwise in any way control pending 3PID invites. If those are not accepted/resolved, they remain in a room forever.
mxisd can now be leveraged to cancel any 3PID invites made through it, either automatically after a configurable period of time, or manually via the admin interface.

See the Documentation to get started.

3PID invite policies

It is now possible to restrict the creation of 3PID invites to a certain set of users on your servers (e.g. Admins or VIPs) using roles returned by the Profile feature of Identity Stores. This would typically be used together with the new Registration feature.

See the Documentation to get started.

Registration

mxisd now offer the possibility to partially control registrations to ensure that provided 3PIDs, if made mandatory at the Homeserver level, are allowed given specific patterns or if matching pending 3PID invite.

See the Documentation to get started.

Identity Service r0.1.0 compliance

mxisd now implements all flows and features of the r0.1.0 spec. Ephemeral keys and ephemeral signing was the last remaining element not supported until now. mxisd is therefore the first 3rd party Identity server to be compliant with the current Matrix specification.

Version check

mxisd now provides two ways to check for its version:

  • At command line, with --version
  • With the API, at /version (not under the public /_matrix to keep the info private)

Others

The following items were also added:

  • Documentation for Hardening steps of the mxisd installation (8035207)
  • Documentation for Day-to-day operations (8035207)
  • TLS/SSL mode (port 465) can now be set for the Email SMTP connector (#125) - Docs
  • Some 3PID notification template placeholder can now be set to a static value, like the Registration URL in an 3PID invite notification (#133) - Docs
  • Well-known discovery for federation is now supported and used when posting 3PID invite resolutions to the Homeserver (#127)

Changes

  • The Application Services feature configuration was changed to support the new features of this release. If you used it prior to v1.4.0, adapt your mxisd.yaml as needed. Application Services integration itself is still considered experimental.
  • The mxisd.yaml sample file now talks about server.name (37ddd0e)
  • Block a non-public but still under v1 namespace custom endpoint from New Vector (95ee328)
  • Various doc improvements (93bd735, c5cea93, 838d79a, 9abdcc1)
  • Debian package now has status and priority - Thanks @joshuaboniface (1587103)

Fixes

  • Document the correct configuration key for the msisdn Twilio connector (9d4680f)
  • Properly handle 3PID session token submition (#167 - v1.3.x regression)
  • Better documentation for the SQL Identity store (#107)
  • Properly encode headers in Email notifications using the SMTP connector (#137)
  • Fix dead link to default attributes into the LDAP documentation (#136)

Packages

Platform Type Command/Link
All Jar Download
Debian Package Download
Docker Image docker pull kamax/mxisd:1.4.0 (Repo)

Checksums

Platform Type SHA-256
All Jar 391490b7c77044817248af426bfc956ba2d22c5ba78f7a9321e604d86d3fccab
Debian Package e7326375f509f0d617489a0925a1dee7d17e8a1b70bf1df00394c39a3ce0c6c2
Assets 4
Loading

v1.4.0-alpha.1

09 Apr 14:11
@maxidorius maxidorius
v1.4.0-alpha.1
ee21f05
Compare
Choose a tag to compare
v1.4.0-alpha.1 Pre-release
Pre-release

Notes

This new pre-release paves the way towards v1.4.0 with a big focus in new areas:

  • Administration commands/interfaces
  • Ability to expire and clean-up pending 3PID invites
  • Official support for semi-open server setups vs best effort until now
  • Provide control over the remaining Client API endpoints where 3PIDs are involved

Semi-open servers are defined as servers that:

  • Allow registration but only with some approval process
  • Only allows a specific set of people to create 3PID invites, which can be used to register a new account
  • Needs the ability to list and manage pending 3PID invites

IMPORTANT: This release changes the format of the data since previous releases. While this is an automatic upgrade, it also means it is not possible to downgrade to any previous version.
BE SURE TO BACKUP YOUR mxisd DATA FOLDER if you use pre-releases!

Features

The following new features were added:

Administration

It is now possible to administer your mxisd instance directly within your Matrix client, thanks to the Application Service feature of mxisd.

See the Documentation to get started.

3PID invite expiration

One of the main limitation in terms of 3PIDs in Matrix is the inability to cancel or otherwise control in any way pending 3PID invites. If those are not accepted/resolved, they remain in a room forever.
mxisd can now be leveraged to cancel any 3PID invites made through it, either automatically after a configurable period of time, or manually via the admin interface.

See the Documentation to get started.

3PID invite policies

It is now possible to restrict the creation of 3PID invites to a certain set of users on your servers (e.g. Admins or VIPs) using roles returned by the Profile feature of Identity Stores. This would typically be used together with the new Registration feature.

See the Documentation to get started.

Registration

mxisd now offer the possibility to partially control registrations to ensure that provided 3PIDs, if made mandatory at the Homeserver level, are allowed given specific patterns or if matching pending 3PID invite.

See the Documentation to get started.

Identity Service r0.1.0 compliance

mxisd now implements all flows and features of the r0.1.0 spec. Ephemeral keys and ephemeral signing was the last remaining element not supported until now. mxisd is therefore the first 3rd party Identity server to be compliant with the stable Matrix specification.

Version check

mxisd now provides two ways to check for its version:

  • At command line, with --version
  • With the API, at /version (not under the public /_matrix to keep the info private)

Changes

  • The Application Services feature configuration was changed to support the new features of this release. If you used it prior to v1.4.0, adapt your mxisd.yaml as needed. Application Services integration itself is still considered experimental.
  • The mxisd.yaml sample file now talks about server.name (37ddd0e)
  • Block a non-public but still under v1 namespace custom endpoint from New Vector (95ee328)
  • Various doc improvements (93bd735, c5cea93, 838d79a, 9abdcc1)
  • Debian package now has status and priority - Thanks @joshuaboniface (1587103)

Packages

Platform Type Command/Link
All Jar Download
Debian Package Download
Docker Image docker pull kamax/mxisd:1.4.0-alpha.1 (Repo)

Checksums

Platform Type SHA-256
All Jar 9e5d43900e448eb630c6167d58805928358c74d7dc3698738f2e65beb9b0ba87
Debian Package d150a65fbbe1a9f93de78d1210ab64f0d8771ea721c4a502b886ef606782b213
Assets 4
Loading

v1.3.1

17 Feb 01:25
@maxidorius maxidorius
v1.3.1
249cc0e
Compare
Choose a tag to compare
v1.3.1

Links

Notes

This release is fixing a set of regressions introduced in v1.3.0 following the many changes and the replacement of Spring Boot with Undertow (HTTP) + SnakeYAML (config).

Features/Improvements

  • Try to report clearer and useful error messages in case of invalid config file following the new format (8afdb3e)
  • Add basic troubleshooting info and clarify generic error message reporting (249cc0e)
  • Improve various docs (99697d7)

Changes

  • Fix oversights in printing SQL credentials to log at INFO level (8f0654c)

Bug fixes

Packages

Platform Type Command/Link
All Jar Download
Debian Package Download
Docker Image docker pull kamax/mxisd:1.3.1 (Repo)

Checksums

Platform Type SHA-256
All Jar a13182252bee9980cf0966daca1c9cb8ba56899b0b5f4f2029af2013de78fc82
Debian Package 1fa9c599f913fdaae98d9c3c0b1ed9fb21601c2c03ddcfe5b8f3a38bd823a4e4
Assets 4
Loading

v1.3.0

10 Feb 20:15
@maxidorius maxidorius
v1.3.0
6d1c6ed
Compare
Choose a tag to compare
v1.3.0

Notes

This release is breaking configuration backward compatibility from any previous version to improve performance, reduce resource usage and prepare for new exciting features! Previous versions were very lax in terms of valid YAML for the configuration file. Given the changes for performance, this can no longer be accepted and is why you can no longer use several variants of the format.

Upgrade notes with detailed instructions are available here: Link

Thanks to this port, we see some (very) good improvements:

  • ~16 MB size reduction in the binaries, and distribution files
  • a 50 to 75% RAM usage reduction
  • a 75% reduction in start time using systemd
  • a 10 to 25% reduction in request time on average across endpoints

Features/Improvements

Identity

  • Bulk lookup requests are now tagged so two same requests made in a short intervals do not produce two computation, but instead wait for the same computation.

Authentication

  • It is now possible to rewrite usernames before attempting login on the homeserver, allowing things like numerical logins on synapse if such type of usernames are used in your Identity Store(s)! (#103) - Docs (Out of Beta)

Application Service Integration

  • Proper handling of request de-duplication (#97)

Identity stores

LDAP

  • Several Base DNs can now be given in configuration! (#104) (Out of Beta)

REST

  • REST Identity store now supports the Profile feature! (#91) (Out of Beta)

Changes

  • Refactoring of the HTTP stack and modules loading stack (for the results given above in Notes)
  • Full revamp of 3PID sessions, bindings, notifications and related web pages. No more "remote" sessions or usage of the central servers. More details at #93 and Upgrade notes.
  • Actively block potential fraudulent attempts of 3PID removals with 3PID owner notification (4237eeb, 635f6fd, 3e240fe)
    • Why this introduced is explained here
    • If you would like to disable notifications, see this doc

Bug fixes

  • Be compliant with IS r0 for session status code (a0e91e7)
  • Properly handle trailing (or not) slashes on the /v1 endpoint, seeing various behaviors depending on reverse proxies, mxisd versions, etc. (a4c18de, 3a6b759)
  • Fix invalid default URL paths for the REST Identity store (#110)
  • Fix regression where email notifications failed due to SMTP auth settings (#106)

Packages

Platform Type Command/Link
All Jar Download
Debian Package Download
Docker Image docker pull kamax/mxisd:1.3.0 (Repo)

Checksums

Platform Type Sha256
All Jar d85d29b74615f39b61449a634a8fb2acddb6f9136bbe5c3679b18cf3c29d73a9
Debian Package 5a9d3f1320eb9811ddb84151e77added4ab751f6281ffac088f1890e8fc65455
Assets 4
Loading