diff --git a/test/end-to-end-tests/pick-synapse-log-file.js b/test/end-to-end-tests/pick-synapse-log-file.js new file mode 100644 index 00000000000..aaefd0dfd2d --- /dev/null +++ b/test/end-to-end-tests/pick-synapse-log-file.js @@ -0,0 +1,26 @@ +/* +Copyright 2022 The Matrix.org Foundation C.I.C. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +const path = require('path'); + +// used from run.sh as getopts doesn't support long parameters +const idx = process.argv.indexOf("--log-directory"); +if (idx !== -1) { + const value = process.argv[idx + 1]; + process.stdout.write(path.join(path.resolve(value), 'homeserver.log')); +} else { + process.stdout.write(path.join(process.cwd(), 'homeserver.log')); +} diff --git a/test/end-to-end-tests/run.sh b/test/end-to-end-tests/run.sh index b65ce2a9567..f60a2cb30d7 100755 --- a/test/end-to-end-tests/run.sh +++ b/test/end-to-end-tests/run.sh @@ -10,6 +10,8 @@ echo "Please first run $BASE_DIR/install.sh" fi has_custom_app=$(node has-custom-app.js $@) +synapse_log_file=$(node pick-synapse-log-file.js $@) +touch $synapse_log_file if [ ! -d "element/element-web" ] && [ $has_custom_app -ne "1" ]; then echo "Please provide an instance of Element to test against by passing --app-url or running $BASE_DIR/element/install.sh" @@ -25,13 +27,14 @@ stop_servers() { handle_error() { EXIT_CODE=$? + echo "Tests fell over with a non-zero exit code: stopping servers" stop_servers exit $EXIT_CODE } trap 'handle_error' ERR -./synapse/start.sh +LOGFILE=$synapse_log_file ./synapse/start.sh reg_secret=`./synapse/getcfg.sh registration_shared_secret` if [ $has_custom_app -ne "1" ]; then ./element/start.sh diff --git a/test/end-to-end-tests/synapse/config-templates/consent/homeserver.yaml b/test/end-to-end-tests/synapse/config-templates/consent/homeserver.yaml index 13aea8d18dc..9aa67b22209 100644 --- a/test/end-to-end-tests/synapse/config-templates/consent/homeserver.yaml +++ b/test/end-to-end-tests/synapse/config-templates/consent/homeserver.yaml @@ -633,6 +633,12 @@ uploads_path: "{{SYNAPSE_ROOT}}uploads" # enable_registration: true +# Enable registration without email or captcha verification. Note: this option is *not* recommended, +# as registration without verification is a known vector for spam and abuse. Defaults to false. Has no effect +# unless `enable_registration` is also enabled. +# +enable_registration_without_verification: true + # The user must provide all of the below types of 3PID when registering. # #registrations_require_3pid: @@ -792,13 +798,50 @@ signing_key_path: "{{SYNAPSE_ROOT}}localhost.signing.key" # The trusted servers to download signing keys from. # -#perspectives: -# servers: -# "matrix.org": -# verify_keys: -# "ed25519:auto": -# key: "Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw" +# When we need to fetch a signing key, each server is tried in parallel. +# +# Normally, the connection to the key server is validated via TLS certificates. +# Additional security can be provided by configuring a `verify key`, which +# will make synapse check that the response is signed by that key. +# +# This setting supercedes an older setting named `perspectives`. The old format +# is still supported for backwards-compatibility, but it is deprecated. +# +# 'trusted_key_servers' defaults to matrix.org, but using it will generate a +# warning on start-up. To suppress this warning, set +# 'suppress_key_server_warning' to true. +# +# Options for each entry in the list include: +# +# server_name: the name of the server. required. +# +# verify_keys: an optional map from key id to base64-encoded public key. +# If specified, we will check that the response is signed by at least +# one of the given keys. +# +# accept_keys_insecurely: a boolean. Normally, if `verify_keys` is unset, +# and federation_verify_certificates is not `true`, synapse will refuse +# to start, because this would allow anyone who can spoof DNS responses +# to masquerade as the trusted key server. If you know what you are doing +# and are sure that your network environment provides a secure connection +# to the key server, you can set this to `true` to override this +# behaviour. +# +# An example configuration might look like: +# +#trusted_key_servers: +# - server_name: "my_trusted_server.example.com" +# verify_keys: +# "ed25519:auto": "abcdefghijklmnopqrstuvwxyzabcdefghijklmopqr" +# - server_name: "my_other_trusted_server.example.com" +# +trusted_key_servers: + - server_name: "matrix.org" +# Uncomment the following to disable the warning that is emitted when the +# trusted_key_servers include 'matrix.org'. See above. +# +suppress_key_server_warning: true # Enable SAML2 for registration and login. Uses pysaml2. # diff --git a/test/end-to-end-tests/synapse/start.sh b/test/end-to-end-tests/synapse/start.sh index 2ff6ae69d00..f17047afd08 100755 --- a/test/end-to-end-tests/synapse/start.sh +++ b/test/end-to-end-tests/synapse/start.sh @@ -5,11 +5,5 @@ BASE_DIR=$(cd $(dirname $0) && pwd) cd $BASE_DIR cd installations/consent/env/bin/ source activate -LOGFILE=$(mktemp) echo "Synapse log file at $LOGFILE" ./synctl start 2> $LOGFILE -EXIT_CODE=$? -if [ $EXIT_CODE -ne 0 ]; then - cat $LOGFILE -fi -exit $EXIT_CODE