From 9b046cbc0411c49f4973ec00f1fd3cc0d2e5e55c Mon Sep 17 00:00:00 2001 From: "Paul \"LeoNerd\" Evans" Date: Mon, 8 Jun 2015 18:21:11 +0100 Subject: [PATCH 001/408] Tiny fix to embedded YAML fragment --- specification/25_application_service_api.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/specification/25_application_service_api.rst b/specification/25_application_service_api.rst index 871849504..8236b2dea 100644 --- a/specification/25_application_service_api.rst +++ b/specification/25_application_service_api.rst @@ -72,7 +72,7 @@ An example HS configuration required to pass traffic to the AS is: users: - exclusive: true - - regex: @irc.freenode.net/.* + regex: @irc.freenode.net/.* Home Server -> Application Service API From fc1e01f373eb07a016fd3940bff810f8d74d9508 Mon Sep 17 00:00:00 2001 From: "Paul \"LeoNerd\" Evans" Date: Thu, 9 Jul 2015 19:52:34 +0100 Subject: [PATCH 002/408] Add a small note about the meaning of the 'target' field --- specification/30_server_server_api.rst | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/specification/30_server_server_api.rst b/specification/30_server_server_api.rst index 484340754..2eb80f92a 100644 --- a/specification/30_server_server_api.rst +++ b/specification/30_server_server_api.rst @@ -553,6 +553,11 @@ them in a JSON object and signing it using the JSON signing algorithm. The resulting signatures are added as an Authorization header with an auth scheme of X-Matrix. +Note that the target field should include the full path starting with +``/_matrix/...``, including the ``?`` and any query parameters if present, but +should not include the leading ``https:``, nor the destination server's +hostname. + Step 1 sign JSON: .. code:: From 5f391b5617b022b6ae32f84f384973b446859d6c Mon Sep 17 00:00:00 2001 From: "Paul \"LeoNerd\" Evans" Date: Thu, 9 Jul 2015 20:28:48 +0100 Subject: [PATCH 003/408] Also document the directory server federation API --- specification/30_server_server_api.rst | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/specification/30_server_server_api.rst b/specification/30_server_server_api.rst index 2eb80f92a..f0aab39a7 100644 --- a/specification/30_server_server_api.rst +++ b/specification/30_server_server_api.rst @@ -747,3 +747,22 @@ result field. If such is present, then the result should contain only a field of that name, with no others present. If not, the result should contain as much of the user's profile as the home server has available and can make public. +Directory +--------- + +The server API for directory queries is also based on Federation Queries. + +Querying directory information:: + + Query type: directory + + Arguments: + room_alias: the room alias to query + + Returns: JSON object containing the following keys: + room_id: string giving the underlying room ID the alias maps to + servers: list of strings giving the join candidates + +The list of join candidates is a list of server names that are likely to hold +the given room; these are servers that the requesting server may wish to try +joining with. This list may or may not include the server answering the query. From f08588bf7e2f95f44428fd6bc4216a147fc12cee Mon Sep 17 00:00:00 2001 From: Matthew Hodgson Date: Thu, 9 Jul 2015 23:17:28 +0100 Subject: [PATCH 004/408] typo --- specification/10_client_server_api.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/specification/10_client_server_api.rst b/specification/10_client_server_api.rst index df1bb9a60..83c8b7a89 100644 --- a/specification/10_client_server_api.rst +++ b/specification/10_client_server_api.rst @@ -59,7 +59,7 @@ authentication. A request to an endpoint that uses User-Interactive Authentication never succeeds without auth. Home Servers may allow requests that don't require auth by offering a stage with only the ``m.login.dummy`` auth type. The home server returns a response with HTTP status 401 and a JSON object -as folows:: +as follows:: { "flows": [ From c6f2f711de9b33d2e4b9660584d59eaf676b9f3d Mon Sep 17 00:00:00 2001 From: "Paul \"LeoNerd\" Evans" Date: Fri, 31 Jul 2015 18:05:33 +0100 Subject: [PATCH 005/408] Mention AAAA as well as A records; remark on default port 8448 for no-SRV fallback --- specification/30_server_server_api.rst | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/specification/30_server_server_api.rst b/specification/30_server_server_api.rst index 484340754..f3490eeb3 100644 --- a/specification/30_server_server_api.rst +++ b/specification/30_server_server_api.rst @@ -59,10 +59,13 @@ and an optional TLS port. .. ** -If the port is present then the server is discovered by looking up an A record -for the DNS name and connecting to the specified TLS port. If the port is -absent then the server is discovered by looking up a ``_matrix._tcp`` -SRV record for the DNS name. +If the port is present then the server is discovered by looking up an AAAA or +A record for the DNS name and connecting to the specified TLS port. + +If the port is absent then the server is discovered by looking up a +``_matrix._tcp`` SRV record for the DNS name. If this record does not exist +then the server is discovered by looking up an AAAA or A record on the DNS +name and taking the default fallback port number of 8448. Home servers may use SRV records to load balance requests between multiple TLS endpoints or to failover to another endpoint if an endpoint fails. From 49c52a96a793b01422722852c14f37acd10cbc07 Mon Sep 17 00:00:00 2001 From: "Paul \"LeoNerd\" Evans" Date: Wed, 5 Aug 2015 11:35:48 +0100 Subject: [PATCH 006/408] Rename 'perspective server' to 'notary server' as that's what the Perspectives Project calls them too --- specification/30_server_server_api.rst | 30 +++++++++++++------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/specification/30_server_server_api.rst b/specification/30_server_server_api.rst index 580e7bb06..1c7bf3ede 100644 --- a/specification/30_server_server_api.rst +++ b/specification/30_server_server_api.rst @@ -78,17 +78,17 @@ Version 2 Each home server publishes its public keys under ``/_matrix/key/v2/server/``. Home servers query for keys by either getting ``/_matrix/key/v2/server/`` -directly or by querying an intermediate perspective server using a -``/_matrix/key/v2/query`` API. Intermediate perspective servers query the +directly or by querying an intermediate notary server using a +``/_matrix/key/v2/query`` API. Intermediate notary servers query the ``/_matrix/key/v2/server/`` API on behalf of another server and sign the -response with their own key. A server may query multiple perspective servers -to ensure that they all report the same public keys. +response with their own key. A server may query multiple notary servers to +ensure that they all report the same public keys. This approach is borrowed from the Perspectives Project (http://perspectives-project.org/), but modified to include the NACL keys and to use JSON instead of XML. It has the advantage of avoiding a single trust-root -since each server is free to pick which perspective servers they trust and can -corroborate the keys returned by a given perspective server by querying other +since each server is free to pick which notary servers they trust and can +corroborate the keys returned by a given notary server by querying other servers. Publishing Keys @@ -122,15 +122,15 @@ The ``old_verify_keys`` can be used to sign events with an ``origin_server_ts`` before the ``expired_ts``. The ``expired_ts`` is a millisecond POSIX timestamp of when the originating server stopped using that key. -Intermediate perspective servers should cache a response for half of its -remaining life time to avoid serving a stale response. Originating servers should -avoid returning responses that expire in less than an hour to avoid repeated -requests for an about to expire certificate. Requesting servers should limit how +Intermediate notary servers should cache a response for half of its remaining +life time to avoid serving a stale response. Originating servers should avoid +returning responses that expire in less than an hour to avoid repeated requests +for an about to expire certificate. Requesting servers should limit how frequently they query for certificates to avoid flooding a server with requests. -If a server goes offline intermediate perspective servers should continue to -return the last response they received from that server so that the signatures -of old events sent by that server can still be checked. +If a server goes offline intermediate notary servers should continue to return +the last response they received from that server so that the signatures of old +events sent by that server can still be checked. ==================== =================== ====================================== Key Type Description @@ -191,8 +191,8 @@ The ``minimum_valid_until_ts`` is a millisecond POSIX timestamp indicating when the returned certificate will need to be valid until to be useful to the requesting server. This can be set using the maximum ``origin_server_ts`` of an batch of events that a requesting server is trying to validate. This allows -an intermediate perspectives server to give a prompt cached response even if -the originating server is offline. +an intermediate notary server to give a prompt cached response even if the +originating server is offline. This API can return keys for servers that are offline be using cached responses taken from when the server was online. Keys can be queried from multiple From b24582aead73c81eff57da6325564b63e8a7a18f Mon Sep 17 00:00:00 2001 From: Oddvar Lovaas Date: Fri, 14 Aug 2015 11:03:15 +0100 Subject: [PATCH 007/408] Introducing jekyll (jekyllrb.com) for docs --- .gitignore | 1 + supporting-docs/_config.yml | 15 + supporting-docs/_includes/footer.html | 1 + supporting-docs/_includes/head.html | 14 + supporting-docs/_includes/nav.html | 22 + supporting-docs/_layouts/default.html | 19 + supporting-docs/_layouts/page.html | 14 + supporting-docs/_layouts/post.html | 6 + .../_plugins/jekyll-rst-master/.gitignore | 1 + .../_plugins/jekyll-rst-master/LICENSE.txt | 20 + .../_plugins/jekyll-rst-master/README.rst | 97 +++ .../_plugins/jekyll-rst-master/converter.rb | 30 + .../_plugins/jekyll-rst-master/directives.py | 97 +++ .../_plugins/jekyll-rst-master/rst2html.py | 39 ++ .../_plugins/jekyll-rst-master/transform.py | 42 ++ .../_plugins/project_version_tag.rb | 51 ++ .../_posts/2015-08-10-client-server.rst | 652 ++++++++++++++++++ .../_posts/2015-08-14-getting_involved.md | 120 ++++ supporting-docs/_posts/index.html | 19 + supporting-docs/_sass/_base.scss | 204 ++++++ supporting-docs/_sass/_layout.scss | 236 +++++++ .../_sass/_syntax-highlighting.scss | 67 ++ supporting-docs/about.md | 11 + supporting-docs/css/basic.css | 512 ++++++++++++++ supporting-docs/css/main.scss | 52 ++ supporting-docs/css/nature.css | 285 ++++++++ supporting-docs/css/site.css | 102 +++ supporting-docs/feed.xml | 30 + supporting-docs/index.html | 23 + 29 files changed, 2782 insertions(+) create mode 100644 supporting-docs/_config.yml create mode 100644 supporting-docs/_includes/footer.html create mode 100644 supporting-docs/_includes/head.html create mode 100644 supporting-docs/_includes/nav.html create mode 100644 supporting-docs/_layouts/default.html create mode 100644 supporting-docs/_layouts/page.html create mode 100644 supporting-docs/_layouts/post.html create mode 100644 supporting-docs/_plugins/jekyll-rst-master/.gitignore create mode 100644 supporting-docs/_plugins/jekyll-rst-master/LICENSE.txt create mode 100644 supporting-docs/_plugins/jekyll-rst-master/README.rst create mode 100644 supporting-docs/_plugins/jekyll-rst-master/converter.rb create mode 100644 supporting-docs/_plugins/jekyll-rst-master/directives.py create mode 100644 supporting-docs/_plugins/jekyll-rst-master/rst2html.py create mode 100644 supporting-docs/_plugins/jekyll-rst-master/transform.py create mode 100644 supporting-docs/_plugins/project_version_tag.rb create mode 100644 supporting-docs/_posts/2015-08-10-client-server.rst create mode 100644 supporting-docs/_posts/2015-08-14-getting_involved.md create mode 100644 supporting-docs/_posts/index.html create mode 100644 supporting-docs/_sass/_base.scss create mode 100644 supporting-docs/_sass/_layout.scss create mode 100644 supporting-docs/_sass/_syntax-highlighting.scss create mode 100644 supporting-docs/about.md create mode 100644 supporting-docs/css/basic.css create mode 100755 supporting-docs/css/main.scss create mode 100644 supporting-docs/css/nature.css create mode 100644 supporting-docs/css/site.css create mode 100644 supporting-docs/feed.xml create mode 100644 supporting-docs/index.html diff --git a/.gitignore b/.gitignore index df0135f5e..188b74a47 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ scripts/gen templating/out *.pyc +supporting-docs/_site diff --git a/supporting-docs/_config.yml b/supporting-docs/_config.yml new file mode 100644 index 000000000..3da7faed9 --- /dev/null +++ b/supporting-docs/_config.yml @@ -0,0 +1,15 @@ +# Site settings +title: Matrix +email: webmaster@matrix.org +description: > # this means to ignore newlines until "baseurl:" +Matrix.org documentation +baseurl: "/docs/guides" # the subpath of your site, e.g. /blog/ +url: "http://matrix.org" # the base hostname & protocol for your site +twitter_username: matrixdotorg +github_username: matrix-org + +# Build settings +markdown: kramdown + +#defaults: +permalink: /:categories/:title.html diff --git a/supporting-docs/_includes/footer.html b/supporting-docs/_includes/footer.html new file mode 100644 index 000000000..14e9c2a5d --- /dev/null +++ b/supporting-docs/_includes/footer.html @@ -0,0 +1 @@ +