Regression: register_new_matrix_user fails on v1.140.0 #19063
Description
Description
Starting from Synapse v1.140.0, attemps to create users using register_new_matrix_user script fails with 500 status code, the error message from the logs:
ValueError: password cannot be longer than 72 bytes, truncate manually if necessary (e.g. my_password[:72])
The actual value is not relevant - the error is the same for passwords with length of 8 symbols, 32 symbols, and 64 symbols
Steps to reproduce
- call
register_new_matrix_userscript with a valid username and password
Homeserver
not matrix.org
Synapse Version
v1.140.0
Installation Method
Other (please mention below)
Database
postgresql v17; single; not ported from sqlite; not restored from backup
Workers
Single process
Platform
Ubuntu 24.04 LTS
Docker container
Configuration
No response
Relevant log output
2025-10-14 22:05:44,709 - synapse.http.server - 151 - ERROR - POST-107 - Failed handle request via 'RegisterRestServlet': <XForwardedForRequest at>
Traceback (most recent call last):
File "/usr/local/lib/python3.12/site-packages/synapse/rest/client/register.py", line 591, in on_POST
auth_result, params, session_id = await self.auth_handler.check_ui_auth(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.12/site-packages/synapse/handlers/auth.py", line 577, in check_ui_auth
raise InteractiveAuthIncompleteError(
synapse.api.errors.InteractiveAuthIncompleteError: Interactive auth not yet complete
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/lib/python3.12/site-packages/synapse/http/server.py", line 339, in _async_render_wrapper
callback_return = await self._async_render(request)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.12/site-packages/synapse/http/server.py", line 582, in _async_render
callback_return = await raw_callback_return
^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.12/site-packages/synapse/rest/client/_base.py", line 109, in wrapped
return await orig(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.12/site-packages/synapse/rest/client/register.py", line 608, in on_POST
password_hash = await self.auth_handler.hash(password)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.12/site-packages/synapse/handlers/auth.py", line 1691, in hash
return await defer_to_thread(self.hs.get_reactor(), _do_hash)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.12/site-packages/twisted/internet/defer.py", line 1187, in __iter__
yield self
File "/usr/local/lib/python3.12/site-packages/twisted/python/threadpool.py", line 269, in inContext
result = inContext.theWork() # type: ignore[attr-defined]
^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.12/site-packages/twisted/python/threadpool.py", line 285, in <lambda>
inContext.theWork = lambda: context.call( # type: ignore[attr-defined]
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.12/site-packages/twisted/python/context.py", line 117, in callWithContext
return self.currentContext().callWithContext(ctx, func, *args, **kw)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.12/site-packages/twisted/python/context.py", line 82, in callWithContext
return func(*args, **kw)
^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.12/site-packages/synapse/logging/context.py", line 1169, in g
return f(*args, **kwargs)
^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.12/site-packages/synapse/handlers/auth.py", line 1686, in _do_hash
return bcrypt.hashpw(
^^^^^^^^^^^^^^
ValueError: password cannot be longer than 72 bytes, truncate manually if necessary (e.g. my_password[:72])Anything else that would be useful to know?
No response