Merge branch 'release-v1.141' into develop

2025-10-28 12:44:07 +00:00 · 2025-10-28 12:44:07 +00:00 · 086b887f29
commit 086b887f29
parent e23e7ae48f 7106f67470
7 changed files with 36 additions and 8 deletions
--- a/CHANGES.md
+++ b/CHANGES.md
@ -1,4 +1,4 @@
-# Synapse 1.141.0rc1 (2025-10-21)
+# Synapse 1.141.0rc2 (2025-10-28)

 ## Deprecation of MacOS Python wheels

@ -12,6 +12,16 @@ do make use of these wheels downstream, please reach out to us in
 [#synapse-dev:matrix.org](https://matrix.to/#/#synapse-dev:matrix.org). We'd
 love to hear from you!

+
+## Bugfixes
+
+- Fix users being unable to log in if their password, or the server's configured pepper, was too long. ([\#19101](https://github.com/element-hq/synapse/issues/19101))
+
+
+
+
+# Synapse 1.141.0rc1 (2025-10-21)
+
 ## Features

 - Allow using [MSC4190](https://github.com/matrix-org/matrix-spec-proposals/pull/4190) behavior without the opt-in registration flag. Contributed by @tulir @ Beeper. ([\#19031](https://github.com/element-hq/synapse/issues/19031))
--- a/debian/changelog
+++ b/debian/changelog
@ -1,3 +1,9 @@
+matrix-synapse-py3 (1.141.0~rc2) stable; urgency=medium
+
+  * New Synapse release 1.141.0rc2.
+
+ -- Synapse Packaging team <packages@matrix.org>  Tue, 28 Oct 2025 10:20:26 +0000
+
 matrix-synapse-py3 (1.141.0~rc1) stable; urgency=medium

  * New Synapse release 1.141.0rc1.
--- a/docs/usage/configuration/config_documentation.md
+++ b/docs/usage/configuration/config_documentation.md
@ -3815,7 +3815,7 @@ This setting has the following sub-options:

 * `localdb_enabled` (boolean): Set to false to disable authentication against the local password database. This is ignored if `enabled` is false, and is only useful if you have other `password_providers`. Defaults to `true`.

-* `pepper` (string|null): Set the value here to a secret random string for extra security. DO NOT CHANGE THIS AFTER INITIAL SETUP! Defaults to `null`.
+* `pepper` (string|null): A secret random string that will be appended to user's passwords before they are hashed. This improves the security of short passwords. DO NOT CHANGE THIS AFTER INITIAL SETUP! Defaults to `null`.

 * `policy` (object): Define and enforce a password policy, such as minimum lengths for passwords, etc. This is an implementation of MSC2000.

--- a/pyproject.toml
+++ b/pyproject.toml
@ -107,7 +107,7 @@ module-name = "synapse.synapse_rust"

 [tool.poetry]
 name = "matrix-synapse"
-version = "1.141.0rc1"
+version = "1.141.0rc2"
 description = "Homeserver for the Matrix decentralised comms protocol"
 authors = ["Matrix.org Team and Contributors <packages@matrix.org>"]
 license = "AGPL-3.0-or-later OR LicenseRef-Element-Commercial"
--- a/schema/synapse-config.schema.yaml
+++ b/schema/synapse-config.schema.yaml
@ -4695,8 +4695,9 @@ properties:
      pepper:
        type: ["string", "null"]
        description: >-
-          Set the value here to a secret random string for extra security. DO
-          NOT CHANGE THIS AFTER INITIAL SETUP!
+          A secret random string that will be appended to user's passwords
+          before they are hashed. This improves the security of short passwords.
+          DO NOT CHANGE THIS AFTER INITIAL SETUP!
        default: null
      policy:
        type: object
--- a/synapse/_scripts/hash_password.py
+++ b/synapse/_scripts/hash_password.py
@ -77,7 +77,7 @@ def main() -> None:
    if len(bytes_to_hash) > 72:
        # bcrypt only looks at the first 72 bytes
        print(
-            f"Password is too long ({len(bytes_to_hash)} bytes); truncating to 72 bytes for bcrypt. "
+            f"Password + pepper is too long ({len(bytes_to_hash)} bytes); truncating to 72 bytes for bcrypt. "
            "This is expected behaviour and will not affect a user's ability to log in. 72 bytes is "
            "sufficient entropy for a password."
        )
--- a/synapse/handlers/auth.py
+++ b/synapse/handlers/auth.py
@ -1687,7 +1687,7 @@ class AuthHandler:
                #
                # Note: we explicitly DO NOT log the length of the user's password here.
                logger.debug(
-                    "Password is too long; truncating to 72 bytes for bcrypt. "
+                    "Password + pepper is too long; truncating to 72 bytes for bcrypt. "
                    "This is expected behaviour and will not affect a user's ability to log in. 72 bytes is "
                    "sufficient entropy for a password."
                )
@ -1716,9 +1716,20 @@ class AuthHandler:
        def _do_validate_hash(checked_hash: bytes) -> bool:
            # Normalise the Unicode in the password
            pw = unicodedata.normalize("NFKC", password)
+            password_pepper = self.hs.config.auth.password_pepper
+
+            bytes_to_hash = pw.encode("utf8") + password_pepper.encode("utf8")
+            if len(bytes_to_hash) > 72:
+                # bcrypt only looks at the first 72 bytes
+                logger.debug(
+                    "Password + pepper is too long; truncating to 72 bytes for bcrypt. "
+                    "This is expected behaviour and will not affect a user's ability to log in. 72 bytes is "
+                    "sufficient entropy for a password."
+                )
+                bytes_to_hash = bytes_to_hash[:72]

            return bcrypt.checkpw(
-                pw.encode("utf8") + self.hs.config.auth.password_pepper.encode("utf8"),
+                bytes_to_hash,
                checked_hash,
            )