Skip to content

v1.4.0
Compare
Choose a tag to compare
@maxidorius maxidorius released this 27 Apr 16:08
· 31 commits to master since this release
v1.4.0
6278301

Notes

This new release focuses in new areas:

  • Administration commands/interfaces
  • Ability to expire and clean-up pending 3PID invites
  • Official support for semi-open server setups (best effort until now)
  • Provide control over the remaining Client API endpoints where 3PIDs are involved

Semi-open servers are defined as servers that:

  • Allow registration but only with some approval process
  • Only allows a specific set of people to create 3PID invites, which can be used to register a new account
  • Needs the ability to list and manage pending 3PID invites

IMPORTANT: This release changes the format of the data since previous releases. While this is an automatic upgrade, it also means it is not possible to downgrade to any previous version.
BE SURE TO BACKUP YOUR MXISD INSTALLATION! See the Operations document for details.

Special thanks to @miriamino for the extensive contributions/feedback in design, testing and troubleshooting of the new features in this release.

Features

The following new features were added:

Administration

It is now possible to administer your mxisd instance directly within your Matrix client, thanks to the Application Service feature of mxisd.

See the Documentation to get started.

3PID invite expiration

One of the main limitation in terms of 3PIDs in the Matrix protocol is the inability to cancel or otherwise in any way control pending 3PID invites. If those are not accepted/resolved, they remain in a room forever.
mxisd can now be leveraged to cancel any 3PID invites made through it, either automatically after a configurable period of time, or manually via the admin interface.

See the Documentation to get started.

3PID invite policies

It is now possible to restrict the creation of 3PID invites to a certain set of users on your servers (e.g. Admins or VIPs) using roles returned by the Profile feature of Identity Stores. This would typically be used together with the new Registration feature.

See the Documentation to get started.

Registration

mxisd now offer the possibility to partially control registrations to ensure that provided 3PIDs, if made mandatory at the Homeserver level, are allowed given specific patterns or if matching pending 3PID invite.

See the Documentation to get started.

Identity Service r0.1.0 compliance

mxisd now implements all flows and features of the r0.1.0 spec. Ephemeral keys and ephemeral signing was the last remaining element not supported until now. mxisd is therefore the first 3rd party Identity server to be compliant with the current Matrix specification.

Version check

mxisd now provides two ways to check for its version:

  • At command line, with --version
  • With the API, at /version (not under the public /_matrix to keep the info private)

Others

The following items were also added:

  • Documentation for Hardening steps of the mxisd installation (8035207)
  • Documentation for Day-to-day operations (8035207)
  • TLS/SSL mode (port 465) can now be set for the Email SMTP connector (#125) - Docs
  • Some 3PID notification template placeholder can now be set to a static value, like the Registration URL in an 3PID invite notification (#133) - Docs
  • Well-known discovery for federation is now supported and used when posting 3PID invite resolutions to the Homeserver (#127)

Changes

  • The Application Services feature configuration was changed to support the new features of this release. If you used it prior to v1.4.0, adapt your mxisd.yaml as needed. Application Services integration itself is still considered experimental.
  • The mxisd.yaml sample file now talks about server.name (37ddd0e)
  • Block a non-public but still under v1 namespace custom endpoint from New Vector (95ee328)
  • Various doc improvements (93bd735, c5cea93, 838d79a, 9abdcc1)
  • Debian package now has status and priority - Thanks @joshuaboniface (1587103)

Fixes

  • Document the correct configuration key for the msisdn Twilio connector (9d4680f)
  • Properly handle 3PID session token submition (#167 - v1.3.x regression)
  • Better documentation for the SQL Identity store (#107)
  • Properly encode headers in Email notifications using the SMTP connector (#137)
  • Fix dead link to default attributes into the LDAP documentation (#136)

Packages

Platform Type Command/Link
All Jar Download
Debian Package Download
Docker Image docker pull kamax/mxisd:1.4.0 (Repo)

Checksums

Platform Type SHA-256
All Jar 391490b7c77044817248af426bfc956ba2d22c5ba78f7a9321e604d86d3fccab
Debian Package e7326375f509f0d617489a0925a1dee7d17e8a1b70bf1df00394c39a3ce0c6c2
Assets 4
Loading