Failed handle request via 'RoomMembershipRestServlet'

[pexus]

I installed an instance of mxisd on my server. It also runs the matrix synapse. I was able to connect fine via Riot app using my home server and identity server URL. When trying to invite a user to my room via e-mail address. I get the following error trace. (Sensitive data masked out in the following log entries) Appreciate any pointers:

Mar  6 20:53:08 myserver python[21685]: 2019-03-06 20:53:08,921 - synapse.http.server - 112 - ERROR - POST-333- Failed handle request via 'RoomMembershipRestServlet': <XForwardedForRequest at 0x7f2a603b40b8 method='POST' uri='/_matrix/client/r0/rooms/!XXXXXXXXXXXXXXXXXXXXXXXXXX/invite' clientproto='HTTP/1.1' site=8008>
Mar  6 20:53:08 myserver python[21685]: Traceback (most recent call last):
Mar  6 20:53:08 myserver python[21685]:   File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/synapse/http/server.py", line 81, in wrapped_request_handler
Mar  6 20:53:08 myserver python[21685]:     yield h(self, request)
Mar  6 20:53:08 myserver python[21685]:   File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/twisted/internet/defer.py", line 1416, in _inlineCallbacks
Mar  6 20:53:08 myserver python[21685]:     result = result.throwExceptionIntoGenerator(g)
Mar  6 20:53:08 myserver python[21685]:   File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/twisted/python/failure.py", line 491, in throwExceptionIntoGenerator
Mar  6 20:53:08 myserver python[21685]:     return g.throw(self.type, self.value, self.tb)
Mar  6 20:53:08 myserver python[21685]:   File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/synapse/http/server.py", line 316, in _async_render
Mar  6 20:53:08 myserver python[21685]:     callback_return = yield callback(request, **kwargs)
Mar  6 20:53:08 myserver python[21685]:   File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/twisted/internet/defer.py", line 1416, in _inlineCallbacks
Mar  6 20:53:08 myserver python[21685]:     result = result.throwExceptionIntoGenerator(g)
Mar  6 20:53:08 myserver python[21685]:   File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/twisted/python/failure.py", line 491, in throwExceptionIntoGenerator
Mar  6 20:53:08 myserver python[21685]:     return g.throw(self.type, self.value, self.tb)
Mar  6 20:53:08 myserver python[21685]:   File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/synapse/rest/client/v1/room.py", line 669, in on_POST
Mar  6 20:53:08 myserver python[21685]:     txn_id
Mar  6 20:53:08 myserver python[21685]:   File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/twisted/internet/defer.py", line 1416, in _inlineCallbacks
Mar  6 20:53:08 myserver python[21685]:     result = result.throwExceptionIntoGenerator(g)
Mar  6 20:53:08 myserver python[21685]:   File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/twisted/python/failure.py", line 491, in throwExceptionIntoGenerator
Mar  6 20:53:08 myserver python[21685]:     return g.throw(self.type, self.value, self.tb)
Mar  6 20:53:08 myserver python[21685]:   File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/synapse/handlers/room_member.py", line 687, in do_3pid_invite
Mar  6 20:53:08 myserver python[21685]:     id_server, medium, address
Mar  6 20:53:08 myserver python[21685]:   File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/twisted/internet/defer.py", line 1416, in _inlineCallbacks
Mar  6 20:53:08 myserver python[21685]:     result = result.throwExceptionIntoGenerator(g)
Mar  6 20:53:08 myserver python[21685]:   File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/twisted/python/failure.py", line 491, in throwExceptionIntoGenerator
Mar  6 20:53:08 myserver python[21685]:     return g.throw(self.type, self.value, self.tb)
Mar  6 20:53:08 myserver python[21685]:   File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/synapse/handlers/room_member.py", line 727, in _lookup_3pid
Mar  6 20:53:08 myserver python[21685]:     "address": address,
Mar  6 20:53:08 myserver python[21685]:   File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/twisted/internet/defer.py", line 1416, in _inlineCallbacks
Mar  6 20:53:08 myserver python[21685]:     result = result.throwExceptionIntoGenerator(g)
Mar  6 20:53:08 myserver python[21685]:   File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/twisted/python/failure.py", line 491, in throwExceptionIntoGenerator
Mar  6 20:53:08 myserver python[21685]:     return g.throw(self.type, self.value, self.tb)
Mar  6 20:53:08 myserver python[21685]:   File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/synapse/http/client.py", line 412, in get_json
Mar  6 20:53:08 myserver python[21685]:     body = yield self.get_raw(uri, args, headers=headers)
Mar  6 20:53:08 myserver python[21685]:   File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/twisted/internet/defer.py", line 1418, in _inlineCallbacks
Mar  6 20:53:08 myserver python[21685]:     result = g.send(result)
Mar  6 20:53:08 myserver python[21685]:   File "/opt/venvs/matrix-synapse/lib/python3.5/site-packages/synapse/http/client.py", line 493, in get_raw
Mar  6 20:53:08 myserver python[21685]:     raise HttpResponseException(response.code, response.phrase, body)
Mar  6 20:53:08 myserver python[21685]: synapse.api.errors.HttpResponseException: 404: b'Not Found'

[maxidorius]

I've edited your issue to add the code markup - please use it anytime you post logs in a github issue, it makes it much easier to read.

I can't really comment on a synapse stacktrace, especially that this one is very cryptic, but I would venture a guess that the URL you set in the client return 404 if you try to access any Identity endpoints from the synapse host.

A quick test would be to see the output of the following when ran from the host/container running synapse, replacing https://example.org by what you've put for the Identity server URL in the client:

curl -vk https://example.org/_matrix/identity/api/v1

[pexus]

Thanks for the response and adding the appropriate label.

What should be the response? I get the following when I run the curl command from the container hosting synapse and mxisd

curl -vk https://myserver.example.org/_matrix/identity/api/v1

*   Trying XX.XX.XX.XX
* TCP_NODELAY set
* Connected to myserver.example.org (XX.XX.XX.XX) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server accepted to use http/1.1
* Server certificate:
*  subject: CN=myserver.example.org
*  start date: Feb 24 16:46:47 2019 GMT
*  expire date: May 25 16:46:47 2019 GMT
*  issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3
*  SSL certificate verify ok.
> GET /_matrix/identity/api/v1 HTTP/1.1
> Host: myserver.example.org
> User-Agent: curl/7.52.1
> Accept: */*
>
< HTTP/1.1 404 Not Found
< Date: Thu, 07 Mar 2019 19:53:58 GMT
< Server: Synapse/0.99.2
< Content-Length: 153
< Content-Type: text/html; charset=utf-8
< Via: 1.1 myserver.example.org
< X-Content-Type-Options: nosniff
< X-Frame-Options: sameorigin
< X-XSS-Protection: 1; mode=block
<

<html>
  <head><title>404 - No Such Resource</title></head>
  <body>
    <h1>No Such Resource</h1>
    <p>No such child resource.</p>
  </body>
</html>
* Curl_http_done: called premature == 0
* Connection #0 to host myserver.example.org left intact

[maxidorius]

I've edited your issue to add the code markup - please use it anytime you post logs in a github issue, it makes it much easier to read.

---

The problem is that /_matrix/identity/ is not forwarded to mxisd. Double check your reverse proxy configuration please.

[pexus]

My matrix conf is as follows, may be I need to review this. I thought this should work.

#matrix configuration
<Location /_matrix/identity>
        ProxyPass  http://[::1]:8090/
        ProxyPassReverse http://[::1]:8090/
        ProxyPreserveHost On
</Location>
<Location /_matrix>
        ProxyPass  http://[::1]:8008
        ProxyPassReverse http://[::1]:8008
        ProxyPreserveHost On
</Location>

[maxidorius]

I don't think Location behaves the same way as several ProxyPass entries. You'll need to check the Apache doc.

[pexus]

This issue is now resolved. I have to use the following conf settigs:

ProxyPreserveHost on
ProxyPass /_matrix/identity http://localhost:8090/_matrix/identity
ProxyPass /_matrix http://localhost:8008/_matrix

[maxidorius]

Thank you for following up!

[longfan3]

@maxidorius when i use mxisd i got the error Failed handle request via 'RoomMembershipRestServlet' too ,and [<twisted.python.failure.Failure OpenSSL.SSL.Error: [('SSL routines', 'CONNECT_CR_CERT', 'certificate verify failed')]>] in synapse. because i use a self signed certificate in the mixsd reverse proxy, when synapse call mxise use https , certificate verify failed, is there some related solutions?

[maxidorius]

@longfan3 self-signed certificates on the reverse proxy is not a setup we support. As for synapse's config so it works, that's a question for the synapse repo.

[longfan3]

@maxidorius Thanks,I have modified the synapse code to support it.