mirrored/vaultwarden
1
0
Fork 1
Spiegel von https://github.com/dani-garcia/vaultwarden.git synchronisiert 2024-11-16 04:12:53 +01:00
Code Issues Releases Aktivität

Merge branch 'master' into admin-interface

Quellcode durchsuchen
Dieser Commit ist enthalten in:
Mathijs van Veluw 2021-02-03 22:22:33 +01:00 committet von GitHub
Commit 9e5fd2d576
Es konnte kein GPG-Schlüssel zu dieser Signatur gefunden werden
GPG-Schlüssel-ID: 4AEE18F83AFDEB23
12 geänderte Dateien mit 566 neuen und 283 gelöschten Zeilen
Statistiken anzeigen Patch-Datei herunterladen Diff-Datei herunterladen Alle Dateien ausklappen Alle Dateien einklappen

751
Cargo.lock generiert
Datei anzeigen

Datei-Diff unterdrückt, da er zu groß ist Diff laden

29
Cargo.toml
Datei anzeigen

@ -32,10 +32,10 @@ rocket = { version = "0.5.0-dev", features = ["tls"], default-features = false }
rocket_contrib = "0.5.0-dev" rocket_contrib = "0.5.0-dev"
# HTTP client # HTTP client
reqwest = { version = "0.10.10", features = ["blocking", "json"] } reqwest = { version = "0.11.0", features = ["blocking", "json"] }
# multipart/form-data support # multipart/form-data support
multipart = { version = "0.17.0", features = ["server"], default-features = false } multipart = { version = "0.17.1", features = ["server"], default-features = false }
# WebSockets library # WebSockets library
ws = { version = "0.10.0", package = "parity-ws" } ws = { version = "0.10.0", package = "parity-ws" }
@ -47,12 +47,11 @@ rmpv = "0.4.6"
chashmap = "2.2.2" chashmap = "2.2.2"
# A generic serialization/deserialization framework # A generic serialization/deserialization framework
serde = "1.0.118" serde = { version = "1.0.123", features = ["derive"] }
serde_derive = "1.0.118" serde_json = "1.0.61"
serde_json = "1.0.60"
# Logging # Logging
log = "0.4.11" log = "0.4.14"
fern = { version = "0.6.0", features = ["syslog-4"] } fern = { version = "0.6.0", features = ["syslog-4"] }
# A safe, extensible ORM and Query builder # A safe, extensible ORM and Query builder
@ -63,22 +62,22 @@ diesel_migrations = "1.4.0"
libsqlite3-sys = { version = "0.18.0", features = ["bundled"], optional = true } libsqlite3-sys = { version = "0.18.0", features = ["bundled"], optional = true }
# Crypto-related libraries # Crypto-related libraries
rand = "0.7.3" rand = "0.8.3"
ring = "0.16.19" ring = "0.16.19"
# UUID generation # UUID generation
uuid = { version = "0.8.1", features = ["v4"] } uuid = { version = "0.8.2", features = ["v4"] }
# Date and time libraries # Date and time libraries
chrono = "0.4.19" chrono = "0.4.19"
chrono-tz = "0.5.3" chrono-tz = "0.5.3"
time = "0.2.23" time = "0.2.25"
# TOTP library # TOTP library
oath = "0.10.2" oath = "0.10.2"
# Data encoding library # Data encoding library
data-encoding = "2.3.1" data-encoding = "2.3.2"
# JWT library # JWT library
jsonwebtoken = "7.2.0" jsonwebtoken = "7.2.0"
@ -100,19 +99,19 @@ num-traits = "0.2.14"
num-derive = "0.3.3" num-derive = "0.3.3"
# Email libraries # Email libraries
lettre = { version = "0.10.0-alpha.4", features = ["smtp-transport", "builder", "serde", "native-tls", "hostname", "tracing"], default-features = false } lettre = { version = "0.10.0-alpha.5", features = ["smtp-transport", "builder", "serde", "native-tls", "hostname", "tracing"], default-features = false }
newline-converter = "0.1.0" newline-converter = "0.1.0"
# Template library # Template library
handlebars = { version = "3.5.1", features = ["dir_source"] } handlebars = { version = "3.5.2", features = ["dir_source"] }
# For favicon extraction from main website # For favicon extraction from main website
soup = "0.5.0" soup = "0.5.0"
regex = "1.4.2" regex = { version = "1.4.3", features = ["std", "perf"], default-features = false }
data-url = "0.1.0" data-url = "0.1.0"
# Used by U2F, JWT and Postgres # Used by U2F, JWT and Postgres
openssl = "0.10.31" openssl = "0.10.32"
# URL encoding library # URL encoding library
percent-encoding = "2.1.0" percent-encoding = "2.1.0"
@ -123,7 +122,7 @@ idna = "0.2.0"
structopt = "0.3.21" structopt = "0.3.21"
# Logging panics to logfile instead stderr only # Logging panics to logfile instead stderr only
backtrace = "0.3.55" backtrace = "0.3.56"
# Macro ident concatenation # Macro ident concatenation
paste = "1.0.4" paste = "1.0.4"

2
docker/Dockerfile.j2
Datei anzeigen

@ -4,7 +4,7 @@
{% set build_stage_base_image = "rust:1.48" %} {% set build_stage_base_image = "rust:1.48" %}
{% if "alpine" in target_file %} {% if "alpine" in target_file %}
{% if "amd64" in target_file %} {% if "amd64" in target_file %}
{% set build_stage_base_image = "clux/muslrust:nightly-2020-11-22" %} {% set build_stage_base_image = "clux/muslrust:nightly-2021-01-25" %}
{% set runtime_stage_base_image = "alpine:3.12" %} {% set runtime_stage_base_image = "alpine:3.12" %}
{% set package_arch_target = "x86_64-unknown-linux-musl" %} {% set package_arch_target = "x86_64-unknown-linux-musl" %}
{% elif "armv7" in target_file %} {% elif "armv7" in target_file %}

2
docker/amd64/Dockerfile.alpine
Datei anzeigen

@ -25,7 +25,7 @@
FROM bitwardenrs/web-vault@sha256:57af3fd71706bf6a594488d809ec73f04f77f3f5e97f72fab74c681c4f5a5272 as vault FROM bitwardenrs/web-vault@sha256:57af3fd71706bf6a594488d809ec73f04f77f3f5e97f72fab74c681c4f5a5272 as vault
########################## BUILD IMAGE ########################## ########################## BUILD IMAGE ##########################
FROM clux/muslrust:nightly-2020-11-22 as build FROM clux/muslrust:nightly-2021-01-25 as build
# Alpine-based AMD64 (musl) does not support mysql/mariadb during compile time. # Alpine-based AMD64 (musl) does not support mysql/mariadb during compile time.
ARG DB=sqlite,postgresql ARG DB=sqlite,postgresql

2
rust-toolchain
Datei anzeigen

@ -1 +1 @@
nightly-2020-11-22 nightly-2021-01-25

9
src/api/notifications.rs
Datei anzeigen

@ -19,13 +19,12 @@ static SHOW_WEBSOCKETS_MSG: AtomicBool = AtomicBool::new(true);
#[get("/hub")] #[get("/hub")]
fn websockets_err() -> EmptyResult { fn websockets_err() -> EmptyResult {
if CONFIG.websocket_enabled() && SHOW_WEBSOCKETS_MSG.compare_and_swap(true, false, Ordering::Relaxed) { if CONFIG.websocket_enabled() && SHOW_WEBSOCKETS_MSG.compare_exchange(true, false, Ordering::Relaxed, Ordering::Relaxed).is_ok() {
err!( err!("
"########################################################### ###########################################################
'/notifications/hub' should be proxied to the websocket server or notifications won't work. '/notifications/hub' should be proxied to the websocket server or notifications won't work.
Go to the Wiki for more info, or disable WebSockets setting WEBSOCKET_ENABLED=false. Go to the Wiki for more info, or disable WebSockets setting WEBSOCKET_ENABLED=false.
###########################################################################################" ###########################################################################################\n")
)
} else { } else {
Err(Error::empty()) Err(Error::empty())
} }

4
src/config.rs
Datei anzeigen

@ -557,6 +557,10 @@ fn validate_config(cfg: &ConfigItems) -> Result<(), Error> {
err!("Both `SMTP_HOST` and `SMTP_FROM` need to be set for email support") err!("Both `SMTP_HOST` and `SMTP_FROM` need to be set for email support")
} }
if !cfg.smtp_from.contains('@') {
err!("SMTP_FROM does not contain a mandatory @ sign")
}
if cfg.smtp_username.is_some() != cfg.smtp_password.is_some() { if cfg.smtp_username.is_some() != cfg.smtp_password.is_some() {
err!("Both `SMTP_USERNAME` and `SMTP_PASSWORD` need to be set to enable email authentication") err!("Both `SMTP_USERNAME` and `SMTP_PASSWORD` need to be set to enable email authentication")
} }

2
src/crypto.rs
Datei anzeigen

@ -67,7 +67,7 @@ pub fn generate_token(token_size: u32) -> Result<String, Error> {
// token of fixed width, left-padding with 0 as needed. // token of fixed width, left-padding with 0 as needed.
use rand::{thread_rng, Rng}; use rand::{thread_rng, Rng};
let mut rng = thread_rng(); let mut rng = thread_rng();
let number: u64 = rng.gen_range(low, high); let number: u64 = rng.gen_range(low..high);
let token = format!("{:0size$}", number, size = token_size as usize); let token = format!("{:0size$}", number, size = token_size as usize);
Ok(token) Ok(token)

26
src/mail.rs
Datei anzeigen

@ -302,30 +302,32 @@ fn send_email(address: &str, subject: &str, body_html: &str, body_text: &str) ->
let address = format!("{}@{}", address_split[1], domain_puny); let address = format!("{}@{}", address_split[1], domain_puny);
let html = SinglePart::base64() let html = SinglePart::builder()
// We force Base64 encoding because in the past we had issues with different encodings.
.header(header::ContentTransferEncoding::Base64)
.header(header::ContentType("text/html; charset=utf-8".parse()?)) .header(header::ContentType("text/html; charset=utf-8".parse()?))
.body(body_html); .body(String::from(body_html));
let text = SinglePart::base64() let text = SinglePart::builder()
// We force Base64 encoding because in the past we had issues with different encodings.
.header(header::ContentTransferEncoding::Base64)
.header(header::ContentType("text/plain; charset=utf-8".parse()?)) .header(header::ContentType("text/plain; charset=utf-8".parse()?))
.body(body_text); .body(String::from(body_text));
// The boundary generated by Lettre it self is mostly too large based on the RFC822, so we generate one our selfs.
use uuid::Uuid;
let unique_id = Uuid::new_v4().to_simple();
let boundary = format!("_Part_{}_", unique_id);
let alternative = MultiPart::alternative().boundary(boundary).singlepart(text).singlepart(html);
let smtp_from = &CONFIG.smtp_from(); let smtp_from = &CONFIG.smtp_from();
let email = Message::builder() let email = Message::builder()
.message_id(Some(format!("<{}.{}>", unique_id, smtp_from))) .message_id(Some(format!("<{}@{}>", crate::util::get_uuid(), smtp_from.split('@').collect::<Vec<&str>>()[1] )))
.to(Mailbox::new(None, Address::from_str(&address)?)) .to(Mailbox::new(None, Address::from_str(&address)?))
.from(Mailbox::new( .from(Mailbox::new(
Some(CONFIG.smtp_from_name()), Some(CONFIG.smtp_from_name()),
Address::from_str(smtp_from)?, Address::from_str(smtp_from)?,
)) ))
.subject(subject) .subject(subject)
.multipart(alternative)?; .multipart(
MultiPart::alternative()
.singlepart(text)
.singlepart(html)
)?;
match mailer().send(&email) { match mailer().send(&email) {
Ok(_) => Ok(()), Ok(_) => Ok(()),

2
src/main.rs
Datei anzeigen

@ -6,7 +6,7 @@ extern crate openssl;
#[macro_use] #[macro_use]
extern crate rocket; extern crate rocket;
#[macro_use] #[macro_use]
extern crate serde_derive; extern crate serde;
#[macro_use] #[macro_use]
extern crate serde_json; extern crate serde_json;
#[macro_use] #[macro_use]

11
src/static/global_domains.json
Datei anzeigen

@ -508,7 +508,8 @@
"disneymoviesanywhere.com", "disneymoviesanywhere.com",
"go.com", "go.com",
"disney.com", "disney.com",
"dadt.com" "dadt.com",
"disneyplus.com"
], ],
"Excluded": false "Excluded": false
}, },
@ -885,5 +886,13 @@
"yandex.uz" "yandex.uz"
], ],
"Excluded": false "Excluded": false
},
{
"Type": 84,
"Domains": [
"sonyentertainmentnetwork.com",
"sony.com"
],
"Excluded": false
} }
] ]

7
tools/global_domains.py
Datei anzeigen

@ -10,16 +10,17 @@ import urllib.request
from collections import OrderedDict from collections import OrderedDict
if len(sys.argv) != 2: if not (2 <= len(sys.argv) <= 3):
print("usage: %s <OUTPUT-FILE>" % sys.argv[0]) print("usage: %s <OUTPUT-FILE> [GIT-REF]" % sys.argv[0])
print() print()
print("This script generates a global equivalent domains JSON file from") print("This script generates a global equivalent domains JSON file from")
print("the upstream Bitwarden source repo.") print("the upstream Bitwarden source repo.")
sys.exit(1) sys.exit(1)
OUTPUT_FILE = sys.argv[1] OUTPUT_FILE = sys.argv[1]
GIT_REF = 'master' if len(sys.argv) == 2 else sys.argv[2]
BASE_URL = 'https://github.com/bitwarden/server/raw/master' BASE_URL = 'https://github.com/bitwarden/server/raw/%s' % GIT_REF
ENUMS_URL = '%s/src/Core/Enums/GlobalEquivalentDomainsType.cs' % BASE_URL ENUMS_URL = '%s/src/Core/Enums/GlobalEquivalentDomainsType.cs' % BASE_URL
DOMAIN_LISTS_URL = '%s/src/Core/Utilities/StaticStore.cs' % BASE_URL DOMAIN_LISTS_URL = '%s/src/Core/Utilities/StaticStore.cs' % BASE_URL