1
0
Fork 1
Spiegel von https://github.com/dani-garcia/vaultwarden.git synchronisiert 2024-11-24 05:30:28 +01:00
Dieser Commit ist enthalten in:
Daniel García 2019-12-27 18:37:14 +01:00
Ursprung 4cec502f7b
Commit a0ece3754b
Es konnte kein GPG-Schlüssel zu dieser Signatur gefunden werden
GPG-Schlüssel-ID: FC8A7D14C3CD543A
13 geänderte Dateien mit 29 neuen und 67 gelöschten Zeilen

Datei anzeigen

@ -1 +1,2 @@
version = "Two"
max_width = 120 max_width = 120

Datei anzeigen

@ -110,7 +110,7 @@ struct AdminTemplateData {
users: Vec<Value>, users: Vec<Value>,
config: Value, config: Value,
can_backup: bool, can_backup: bool,
logged_in: bool logged_in: bool,
} }
impl AdminTemplateData { impl AdminTemplateData {
@ -121,7 +121,7 @@ impl AdminTemplateData {
users, users,
config: CONFIG.prepare_json(), config: CONFIG.prepare_json(),
can_backup: *CAN_BACKUP, can_backup: *CAN_BACKUP,
logged_in: true logged_in: true,
} }
} }

Datei anzeigen

@ -149,11 +149,10 @@ fn hibp_breach(username: String) -> JsonResult {
use reqwest::{header::USER_AGENT, Client}; use reqwest::{header::USER_AGENT, Client};
if let Some(api_key) = crate::CONFIG.hibp_api_key() { if let Some(api_key) = crate::CONFIG.hibp_api_key() {
let hibp_client = Client::builder() let hibp_client = Client::builder().use_sys_proxy().build()?;
.use_sys_proxy()
.build()?;
let res = hibp_client.get(&url) let res = hibp_client
.get(&url)
.header(USER_AGENT, user_agent) .header(USER_AGENT, user_agent)
.header("hibp-api-key", api_key) .header("hibp-api-key", api_key)
.send()?; .send()?;

Datei anzeigen

@ -16,11 +16,7 @@ use crate::error::MapResult;
use crate::CONFIG; use crate::CONFIG;
pub fn routes() -> Vec<Route> { pub fn routes() -> Vec<Route> {
routes![ routes![get_duo, activate_duo, activate_duo_put,]
get_duo,
activate_duo,
activate_duo_put,
]
} }
#[derive(Serialize, Deserialize)] #[derive(Serialize, Deserialize)]
@ -171,7 +167,7 @@ fn activate_duo(data: JsonUpcase<EnableDuoData>, headers: Headers, conn: DbConn)
let type_ = TwoFactorType::Duo; let type_ = TwoFactorType::Duo;
let twofactor = TwoFactor::new(user.uuid.clone(), type_, data_str); let twofactor = TwoFactor::new(user.uuid.clone(), type_, data_str);
twofactor.save(&conn)?; twofactor.save(&conn)?;
_generate_recover_code(&mut user, &conn); _generate_recover_code(&mut user, &conn);
Ok(Json(json!({ Ok(Json(json!({

Datei anzeigen

@ -18,12 +18,7 @@ use chrono::{Duration, NaiveDateTime, Utc};
use std::ops::Add; use std::ops::Add;
pub fn routes() -> Vec<Route> { pub fn routes() -> Vec<Route> {
routes![ routes![get_email, send_email_login, send_email, email,]
get_email,
send_email_login,
send_email,
email,
]
} }
#[derive(Deserialize)] #[derive(Deserialize)]

Datei anzeigen

@ -16,11 +16,7 @@ use crate::error::{Error, MapResult};
use crate::CONFIG; use crate::CONFIG;
pub fn routes() -> Vec<Route> { pub fn routes() -> Vec<Route> {
routes![ routes![generate_yubikey, activate_yubikey, activate_yubikey_put,]
generate_yubikey,
activate_yubikey,
activate_yubikey_put,
]
} }
#[derive(Deserialize, Debug)] #[derive(Deserialize, Debug)]

Datei anzeigen

@ -391,7 +391,7 @@ fn download_icon(domain: &str) -> Result<Vec<u8>, Error> {
break; break;
} }
} }
_ => warn!("data uri is invalid") _ => warn!("data uri is invalid"),
}; };
} else { } else {
match get_page_with_cookies(&icon.href, &cookie_str) { match get_page_with_cookies(&icon.href, &cookie_str) {

Datei anzeigen

@ -7,12 +7,12 @@ use rocket::Route;
use rocket_contrib::json::Json; use rocket_contrib::json::Json;
use serde_json::Value; use serde_json::Value;
use crate::util::Cached;
use crate::error::Error; use crate::error::Error;
use crate::util::Cached;
use crate::CONFIG; use crate::CONFIG;
pub fn routes() -> Vec<Route> { pub fn routes() -> Vec<Route> {
// If addding more routes here, consider also adding them to // If addding more routes here, consider also adding them to
// crate::utils::LOGGED_ROUTES to make sure they appear in the log // crate::utils::LOGGED_ROUTES to make sure they appear in the log
if CONFIG.web_vault_enabled() { if CONFIG.web_vault_enabled() {
routes![web_index, app_id, web_files, attachments, alive, static_files] routes![web_index, app_id, web_files, attachments, alive, static_files]
@ -23,9 +23,7 @@ pub fn routes() -> Vec<Route> {
#[get("/")] #[get("/")]
fn web_index() -> Cached<Option<NamedFile>> { fn web_index() -> Cached<Option<NamedFile>> {
Cached::short(NamedFile::open( Cached::short(NamedFile::open(Path::new(&CONFIG.web_vault_folder()).join("index.html")).ok())
Path::new(&CONFIG.web_vault_folder()).join("index.html"),
).ok())
} }
#[get("/app-id.json")] #[get("/app-id.json")]
@ -79,4 +77,4 @@ fn static_files(filename: String) -> Result<Content<&'static [u8]>, Error> {
"identicon.js" => Ok(Content(ContentType::JavaScript, include_bytes!("../static/scripts/identicon.js"))), "identicon.js" => Ok(Content(ContentType::JavaScript, include_bytes!("../static/scripts/identicon.js"))),
_ => err!("Image not found"), _ => err!("Image not found"),
} }
} }

Datei anzeigen

@ -156,9 +156,7 @@ pub struct DeleteJWTClaims {
pub sub: String, pub sub: String,
} }
pub fn generate_delete_claims( pub fn generate_delete_claims(uuid: String) -> DeleteJWTClaims {
uuid: String,
) -> DeleteJWTClaims {
let time_now = Utc::now().naive_utc(); let time_now = Utc::now().naive_utc();
DeleteJWTClaims { DeleteJWTClaims {
nbf: time_now.timestamp(), nbf: time_now.timestamp(),
@ -180,9 +178,7 @@ pub struct VerifyEmailJWTClaims {
pub sub: String, pub sub: String,
} }
pub fn generate_verify_email_claims( pub fn generate_verify_email_claims(uuid: String) -> DeleteJWTClaims {
uuid: String,
) -> DeleteJWTClaims {
let time_now = Utc::now().naive_utc(); let time_now = Utc::now().naive_utc();
DeleteJWTClaims { DeleteJWTClaims {
nbf: time_now.timestamp(), nbf: time_now.timestamp(),

Datei anzeigen

@ -378,7 +378,6 @@ make_config! {
fn validate_config(cfg: &ConfigItems) -> Result<(), Error> { fn validate_config(cfg: &ConfigItems) -> Result<(), Error> {
let db_url = cfg.database_url.to_lowercase(); let db_url = cfg.database_url.to_lowercase();
if cfg!(feature = "sqlite") && (db_url.starts_with("mysql:") || db_url.starts_with("postgresql:")) { if cfg!(feature = "sqlite") && (db_url.starts_with("mysql:") || db_url.starts_with("postgresql:")) {
err!("`DATABASE_URL` is meant for MySQL or Postgres, while this server is meant for SQLite") err!("`DATABASE_URL` is meant for MySQL or Postgres, while this server is meant for SQLite")
} }
@ -447,12 +446,7 @@ impl Config {
validate_config(&config)?; validate_config(&config)?;
Ok(Config { Ok(Config {
inner: RwLock::new(Inner { inner: RwLock::new(Inner { templates: load_templates(&config.templates_folder), config, _env, _usr }),
templates: load_templates(&config.templates_folder),
config,
_env,
_usr,
}),
}) })
} }
@ -500,9 +494,8 @@ impl Config {
let e: Vec<&str> = email.rsplitn(2, '@').collect(); let e: Vec<&str> = email.rsplitn(2, '@').collect();
if e.len() != 2 || e[0].is_empty() || e[1].is_empty() { if e.len() != 2 || e[0].is_empty() || e[1].is_empty() {
warn!("Failed to parse email address '{}'", email); warn!("Failed to parse email address '{}'", email);
return false return false;
} }
self.signups_domains_whitelist().split(',').any(|d| d == e[0]) self.signups_domains_whitelist().split(',').any(|d| d == e[0])
} }
@ -634,9 +627,7 @@ impl HelperDef for CaseHelper {
rc: &mut RenderContext<'reg>, rc: &mut RenderContext<'reg>,
out: &mut dyn Output, out: &mut dyn Output,
) -> HelperResult { ) -> HelperResult {
let param = h let param = h.param(0).ok_or_else(|| RenderError::new("Param not found for helper \"case\""))?;
.param(0)
.ok_or_else(|| RenderError::new("Param not found for helper \"case\""))?;
let value = param.value().clone(); let value = param.value().clone();
if h.params().iter().skip(1).any(|x| x.value() == &value) { if h.params().iter().skip(1).any(|x| x.value() == &value) {
@ -658,14 +649,10 @@ impl HelperDef for JsEscapeHelper {
_: &mut RenderContext<'reg>, _: &mut RenderContext<'reg>,
out: &mut dyn Output, out: &mut dyn Output,
) -> HelperResult { ) -> HelperResult {
let param = h let param = h.param(0).ok_or_else(|| RenderError::new("Param not found for helper \"js_escape\""))?;
.param(0)
.ok_or_else(|| RenderError::new("Param not found for helper \"js_escape\""))?;
let value = param let value =
.value() param.value().as_str().ok_or_else(|| RenderError::new("Param for helper \"js_escape\" is not a String"))?;
.as_str()
.ok_or_else(|| RenderError::new("Param for helper \"js_escape\" is not a String"))?;
let escaped_value = value.replace('\\', "").replace('\'', "\\x22").replace('\"', "\\x27"); let escaped_value = value.replace('\\', "").replace('\'', "\\x22").replace('\"', "\\x27");
let quoted_value = format!("&quot;{}&quot;", escaped_value); let quoted_value = format!("&quot;{}&quot;", escaped_value);

Datei anzeigen

@ -2,9 +2,9 @@
// PBKDF2 derivation // PBKDF2 derivation
// //
use crate::error::Error;
use ring::{digest, hmac, pbkdf2}; use ring::{digest, hmac, pbkdf2};
use std::num::NonZeroU32; use std::num::NonZeroU32;
use crate::error::Error;
static DIGEST_ALG: &digest::Algorithm = &digest::SHA256; static DIGEST_ALG: &digest::Algorithm = &digest::SHA256;
const OUTPUT_LEN: usize = digest::SHA256_OUTPUT_LEN; const OUTPUT_LEN: usize = digest::SHA256_OUTPUT_LEN;

Datei anzeigen

@ -94,7 +94,7 @@ impl std::fmt::Debug for Error {
} else { } else {
write!(f, "{}. {}", self.message, s) write!(f, "{}. {}", self.message, s)
} }
}, }
ErrorKind::JsonError(_) => write!(f, "{}", self.message), ErrorKind::JsonError(_) => write!(f, "{}", self.message),
_ => unreachable!(), _ => unreachable!(),
}, },

Datei anzeigen

@ -8,7 +8,7 @@ use percent_encoding::{percent_encode, NON_ALPHANUMERIC};
use quoted_printable::encode_to_str; use quoted_printable::encode_to_str;
use crate::api::EmptyResult; use crate::api::EmptyResult;
use crate::auth::{encode_jwt, generate_invite_claims, generate_delete_claims, generate_verify_email_claims}; use crate::auth::{encode_jwt, generate_delete_claims, generate_invite_claims, generate_verify_email_claims};
use crate::error::Error; use crate::error::Error;
use crate::CONFIG; use crate::CONFIG;
use chrono::NaiveDateTime; use chrono::NaiveDateTime;
@ -96,9 +96,7 @@ pub fn send_password_hint(address: &str, hint: Option<String>) -> EmptyResult {
} }
pub fn send_delete_account(address: &str, uuid: &str) -> EmptyResult { pub fn send_delete_account(address: &str, uuid: &str) -> EmptyResult {
let claims = generate_delete_claims( let claims = generate_delete_claims(uuid.to_string());
uuid.to_string(),
);
let delete_token = encode_jwt(&claims); let delete_token = encode_jwt(&claims);
let (subject, body_html, body_text) = get_text( let (subject, body_html, body_text) = get_text(
@ -115,9 +113,7 @@ pub fn send_delete_account(address: &str, uuid: &str) -> EmptyResult {
} }
pub fn send_verify_email(address: &str, uuid: &str) -> EmptyResult { pub fn send_verify_email(address: &str, uuid: &str) -> EmptyResult {
let claims = generate_verify_email_claims( let claims = generate_verify_email_claims(uuid.to_string());
uuid.to_string(),
);
let verify_email_token = encode_jwt(&claims); let verify_email_token = encode_jwt(&claims);
let (subject, body_html, body_text) = get_text( let (subject, body_html, body_text) = get_text(
@ -145,9 +141,7 @@ pub fn send_welcome(address: &str) -> EmptyResult {
} }
pub fn send_welcome_must_verify(address: &str, uuid: &str) -> EmptyResult { pub fn send_welcome_must_verify(address: &str, uuid: &str) -> EmptyResult {
let claims = generate_verify_email_claims( let claims = generate_verify_email_claims(uuid.to_string());
uuid.to_string(),
);
let verify_email_token = encode_jwt(&claims); let verify_email_token = encode_jwt(&claims);
let (subject, body_html, body_text) = get_text( let (subject, body_html, body_text) = get_text(