From acb5ab08a85d2c752d47713336ec83848d1a34be Mon Sep 17 00:00:00 2001 From: Stefan Melmuk Date: Sun, 25 Sep 2022 04:02:16 +0200 Subject: [PATCH 1/8] add not_found catcher for 404 errors --- src/api/mod.rs | 1 + src/api/web.rs | 15 ++++++++++++++- src/main.rs | 1 + 3 files changed, 16 insertions(+), 1 deletion(-) diff --git a/src/api/mod.rs b/src/api/mod.rs index 99fb98be..3b27c6c8 100644 --- a/src/api/mod.rs +++ b/src/api/mod.rs @@ -19,6 +19,7 @@ pub use crate::api::{ identity::routes as identity_routes, notifications::routes as notifications_routes, notifications::{start_notification_server, Notify, UpdateType}, + web::catchers as web_catchers, web::routes as web_routes, }; use crate::util; diff --git a/src/api/web.rs b/src/api/web.rs index c01e782a..2ad94db8 100644 --- a/src/api/web.rs +++ b/src/api/web.rs @@ -1,7 +1,7 @@ use std::path::{Path, PathBuf}; use rocket::serde::json::Json; -use rocket::{fs::NamedFile, http::ContentType, Route}; +use rocket::{fs::NamedFile, http::ContentType, Catcher, Route}; use serde_json::Value; use crate::{ @@ -21,6 +21,19 @@ pub fn routes() -> Vec { } } +pub fn catchers() -> Vec { + if CONFIG.web_vault_enabled() { + catchers![not_found] + } else { + catchers![] + } +} + +#[catch(404)] +async fn not_found() -> Cached> { + Cached::short(NamedFile::open(Path::new(&CONFIG.web_vault_folder()).join("404.html")).await.ok(), false) +} + #[get("/")] async fn web_index() -> Cached> { Cached::short(NamedFile::open(Path::new(&CONFIG.web_vault_folder()).join("index.html")).await.ok(), false) diff --git a/src/main.rs b/src/main.rs index ad47f3c5..b33b4fa1 100644 --- a/src/main.rs +++ b/src/main.rs @@ -425,6 +425,7 @@ async fn launch_rocket(pool: db::DbPool, extra_debug: bool) -> Result<(), Error> .mount([basepath, "/identity"].concat(), api::identity_routes()) .mount([basepath, "/icons"].concat(), api::icons_routes()) .mount([basepath, "/notifications"].concat(), api::notifications_routes()) + .register([basepath, "/"].concat(), api::web_catchers()) .manage(pool) .manage(api::start_notification_server()) .attach(util::AppHeaders()) From 102ee3f871152677efafa6688722808f31a95e62 Mon Sep 17 00:00:00 2001 From: Stefan Melmuk Date: Sun, 25 Sep 2022 10:55:55 +0200 Subject: [PATCH 2/8] add api_not_found catcher for 404 errors in /api --- src/api/core/mod.rs | 16 ++++++++++++++++ src/api/mod.rs | 1 + src/main.rs | 1 + 3 files changed, 18 insertions(+) diff --git a/src/api/core/mod.rs b/src/api/core/mod.rs index f296a3c9..8d180767 100644 --- a/src/api/core/mod.rs +++ b/src/api/core/mod.rs @@ -38,6 +38,7 @@ pub fn routes() -> Vec { // Move this somewhere else // use rocket::serde::json::Json; +use rocket::Catcher; use rocket::Route; use serde_json::Value; @@ -221,3 +222,18 @@ fn config() -> Json { }, })) } + +pub fn catchers() -> Vec { + catchers![api_not_found] +} + +#[catch(404)] +fn api_not_found() -> Json { + Json(json!({ + "error": { + "code": 404, + "reason": "Not Found", + "description": "The requested resource could not be found." + } + })) +} diff --git a/src/api/mod.rs b/src/api/mod.rs index 3b27c6c8..b9e9f38c 100644 --- a/src/api/mod.rs +++ b/src/api/mod.rs @@ -10,6 +10,7 @@ use serde_json::Value; pub use crate::api::{ admin::routes as admin_routes, + core::catchers as core_catchers, core::purge_sends, core::purge_trashed_ciphers, core::routes as core_routes, diff --git a/src/main.rs b/src/main.rs index b33b4fa1..c877c01c 100644 --- a/src/main.rs +++ b/src/main.rs @@ -426,6 +426,7 @@ async fn launch_rocket(pool: db::DbPool, extra_debug: bool) -> Result<(), Error> .mount([basepath, "/icons"].concat(), api::icons_routes()) .mount([basepath, "/notifications"].concat(), api::notifications_routes()) .register([basepath, "/"].concat(), api::web_catchers()) + .register([basepath, "/api"].concat(), api::core_catchers()) .manage(pool) .manage(api::start_notification_server()) .attach(util::AppHeaders()) From 186fe24484c4f9ed529bfa7cb9e59d7caeb941c6 Mon Sep 17 00:00:00 2001 From: BlackDex Date: Thu, 15 Sep 2022 16:51:52 +0200 Subject: [PATCH 3/8] Update build workflow Currently the branch protection is set on specific workflows which needs to be run every time a PR is created (or a push). Because it isn't possible to tell the branch protection only to do it's job if specific files are touched or not, we just need to make sure these jobs are always started. Also, because we now check the builds for an MSRV, and the title would change all the time, that would cause the branch protection to be updated everytime the MSRV would change. This is now also addressed by naming that job 'msrv' instead of the version number. --- .github/workflows/build.yml | 9 ++++++--- .github/workflows/hadolint.yml | 12 ++++-------- 2 files changed, 10 insertions(+), 11 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 90763d1b..47080daf 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -30,7 +30,10 @@ jobs: matrix: channel: - "rust-toolchain" # The version defined in rust-toolchain - - "1.60.0" # The supported MSRV + - "msrv" # The supported MSRV + include: + - channel: "msrv" + version: "1.60.0" name: Build and Test ${{ matrix.channel }} @@ -63,7 +66,7 @@ jobs: with: profile: minimal override: true - toolchain: ${{ matrix.channel }} + toolchain: ${{ matrix.version }} # End Install the MSRV channel to be used @@ -193,5 +196,5 @@ jobs: if: ${{ matrix.channel == 'rust-toolchain' }} with: name: vaultwarden - path: target/${{ matrix.target-triple }}/release/vaultwarden + path: target/release/vaultwarden # End Upload artifact to Github Actions diff --git a/.github/workflows/hadolint.yml b/.github/workflows/hadolint.yml index 5865bf63..738c3167 100644 --- a/.github/workflows/hadolint.yml +++ b/.github/workflows/hadolint.yml @@ -1,13 +1,9 @@ name: Hadolint -on: - push: - paths: - - "docker/**" - - pull_request: - paths: - - "docker/**" +on: [ + push, + pull_request + ] jobs: hadolint: From e5e6db26889fb545ab49c427ef150975af9e6138 Mon Sep 17 00:00:00 2001 From: Aaron Date: Thu, 15 Sep 2022 15:36:21 -0700 Subject: [PATCH 4/8] fix: tooltip typo --- src/static/templates/admin/diagnostics.hbs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/static/templates/admin/diagnostics.hbs b/src/static/templates/admin/diagnostics.hbs index 99f27193..482ce631 100644 --- a/src/static/templates/admin/diagnostics.hbs +++ b/src/static/templates/admin/diagnostics.hbs @@ -141,7 +141,7 @@
Date & Time (UTC) Ok - Error + Error
Server: {{page_data.server_time}} @@ -151,7 +151,7 @@
Domain configuration Match No Match - HTTPS + HTTPS No HTTPS
From d6e0d4cbbd0cb7e9457e53c280a0d8eb03dfbe3d Mon Sep 17 00:00:00 2001 From: Aaron Date: Fri, 16 Sep 2022 10:32:36 -0700 Subject: [PATCH 5/8] fix: update warning and success case verbiage --- src/static/templates/admin/diagnostics.hbs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/static/templates/admin/diagnostics.hbs b/src/static/templates/admin/diagnostics.hbs index 482ce631..20d6f371 100644 --- a/src/static/templates/admin/diagnostics.hbs +++ b/src/static/templates/admin/diagnostics.hbs @@ -140,8 +140,8 @@ Server: {{page_data.server_time_local}}
Date & Time (UTC) - Ok - Error + Ok + Error
Server: {{page_data.server_time}} From 9eabcd5cae379946d7066cfda298d04ca25fc543 Mon Sep 17 00:00:00 2001 From: BlackDex Date: Thu, 22 Sep 2022 19:40:04 +0200 Subject: [PATCH 6/8] Add support for send v2 API endpoints This PR adds support for the Send v2 API. It should prevent 404 errors which could cause some issues with some configurations on some reverse proxies. In the long run, we can probably remove the old file upload API, but for now lets leave it there, since Bitwarden also still has this endpoint in the code. Might fixes #2753 --- src/api/core/ciphers.rs | 10 ++-- src/api/core/sends.rs | 130 +++++++++++++++++++++++++++++++++++++--- 2 files changed, 127 insertions(+), 13 deletions(-) diff --git a/src/api/core/ciphers.rs b/src/api/core/ciphers.rs index 5256c28a..1870d12b 100644 --- a/src/api/core/ciphers.rs +++ b/src/api/core/ciphers.rs @@ -947,10 +947,12 @@ async fn save_attachment( let mut data = data.into_inner(); - // There seems to be a bug somewhere regarding uploading attachments using the Android Client (Maybe iOS too?) - // See: https://github.com/dani-garcia/vaultwarden/issues/2644 - // Since all other clients seem to match TempFile::File and not TempFile::Buffered lets catch this and return an error for now. - // We need to figure out how to solve this, but for now it's better to not accept these attachments since they will be broken. + // There is a bug regarding uploading attachments/sends using the Mobile clients + // See: https://github.com/dani-garcia/vaultwarden/issues/2644 && https://github.com/bitwarden/mobile/issues/2018 + // This has been fixed via a PR: https://github.com/bitwarden/mobile/pull/2031, but hasn't landed in a new release yet. + // On the vaultwarden side this is temporarily fixed by using a custom multer library + // See: https://github.com/dani-garcia/vaultwarden/pull/2675 + // In any case we will match TempFile::File and not TempFile::Buffered, since Buffered will alter the contents. if let TempFile::Buffered { content: _, } = &data.data diff --git a/src/api/core/sends.rs b/src/api/core/sends.rs index 3d150b31..e9d374f3 100644 --- a/src/api/core/sends.rs +++ b/src/api/core/sends.rs @@ -17,6 +17,9 @@ use crate::{ const SEND_INACCESSIBLE_MSG: &str = "Send does not exist or is no longer available"; +// The max file size allowed by Bitwarden clients and add an extra 5% to avoid issues +const SIZE_525_MB: u64 = 550_502_400; + pub fn routes() -> Vec { routes![ get_sends, @@ -28,7 +31,9 @@ pub fn routes() -> Vec { put_send, delete_send, put_remove_password, - download_send + download_send, + post_send_file_v2, + post_send_file_v2_data ] } @@ -58,6 +63,7 @@ struct SendData { Notes: Option, Text: Option, File: Option, + FileLength: Option, } /// Enforces the `Disable Send` policy. A non-owner/admin user belonging to @@ -185,6 +191,14 @@ struct UploadData<'f> { data: TempFile<'f>, } +#[derive(FromForm)] +struct UploadDataV2<'f> { + data: TempFile<'f>, +} + +// @deprecated Mar 25 2021: This method has been deprecated in favor of direct uploads (v2). +// This method still exists to support older clients, probably need to remove it sometime. +// Upstream: https://github.com/bitwarden/server/blob/d0c793c95181dfb1b447eb450f85ba0bfd7ef643/src/Api/Controllers/SendsController.cs#L164-L167 #[post("/sends/file", format = "multipart/form-data", data = "")] async fn post_send_file(data: Form>, headers: Headers, conn: DbConn, nt: Notify<'_>) -> JsonResult { enforce_disable_send_policy(&headers, &conn).await?; @@ -197,9 +211,6 @@ async fn post_send_file(data: Form>, headers: Headers, conn: DbCo enforce_disable_hide_email_policy(&model, &headers, &conn).await?; - // Get the file length and add an extra 5% to avoid issues - const SIZE_525_MB: u64 = 550_502_400; - let size_limit = match CONFIG.user_attachment_limit() { Some(0) => err!("File uploads are disabled"), Some(limit_kb) => { @@ -217,10 +228,12 @@ async fn post_send_file(data: Form>, headers: Headers, conn: DbCo err!("Send content is not a file"); } - // There seems to be a bug somewhere regarding uploading attachments using the Android Client (Maybe iOS too?) - // See: https://github.com/dani-garcia/vaultwarden/issues/2644 - // Since all other clients seem to match TempFile::File and not TempFile::Buffered lets catch this and return an error for now. - // We need to figure out how to solve this, but for now it's better to not accept these attachments since they will be broken. + // There is a bug regarding uploading attachments/sends using the Mobile clients + // See: https://github.com/dani-garcia/vaultwarden/issues/2644 && https://github.com/bitwarden/mobile/issues/2018 + // This has been fixed via a PR: https://github.com/bitwarden/mobile/pull/2031, but hasn't landed in a new release yet. + // On the vaultwarden side this is temporarily fixed by using a custom multer library + // See: https://github.com/dani-garcia/vaultwarden/pull/2675 + // In any case we will match TempFile::File and not TempFile::Buffered, since Buffered will alter the contents. if let TempFile::Buffered { content: _, } = &data @@ -252,11 +265,110 @@ async fn post_send_file(data: Form>, headers: Headers, conn: DbCo // Save the changes in the database send.save(&conn).await?; - nt.send_send_update(UpdateType::SyncSendUpdate, &send, &send.update_users_revision(&conn).await).await; + nt.send_send_update(UpdateType::SyncSendCreate, &send, &send.update_users_revision(&conn).await).await; Ok(Json(send.to_json())) } +// Upstream: https://github.com/bitwarden/server/blob/d0c793c95181dfb1b447eb450f85ba0bfd7ef643/src/Api/Controllers/SendsController.cs#L190 +#[post("/sends/file/v2", data = "")] +async fn post_send_file_v2(data: JsonUpcase, headers: Headers, conn: DbConn) -> JsonResult { + enforce_disable_send_policy(&headers, &conn).await?; + + let data = data.into_inner().data; + + if data.Type != SendType::File as i32 { + err!("Send content is not a file"); + } + + enforce_disable_hide_email_policy(&data, &headers, &conn).await?; + + let file_length = match &data.FileLength { + Some(m) => Some(m.into_i32()?), + _ => None, + }; + + let size_limit = match CONFIG.user_attachment_limit() { + Some(0) => err!("File uploads are disabled"), + Some(limit_kb) => { + let left = (limit_kb * 1024) - Attachment::size_by_user(&headers.user.uuid, &conn).await; + if left <= 0 { + err!("Attachment storage limit reached! Delete some attachments to free up space") + } + std::cmp::Ord::max(left as u64, SIZE_525_MB) + } + None => SIZE_525_MB, + }; + + if file_length.is_some() && file_length.unwrap() as u64 > size_limit { + err!("Attachment storage limit exceeded with this file"); + } + + let mut send = create_send(data, headers.user.uuid)?; + + let file_id = crate::crypto::generate_send_id(); + + let mut data_value: Value = serde_json::from_str(&send.data)?; + if let Some(o) = data_value.as_object_mut() { + o.insert(String::from("Id"), Value::String(file_id.clone())); + o.insert(String::from("Size"), Value::Number(file_length.unwrap().into())); + o.insert(String::from("SizeName"), Value::String(crate::util::get_display_size(file_length.unwrap()))); + } + send.data = serde_json::to_string(&data_value)?; + send.save(&conn).await?; + + Ok(Json(json!({ + "fileUploadType": 0, // 0 == Direct | 1 == Azure + "object": "send-fileUpload", + "url": format!("/sends/{}/file/{}", send.uuid, file_id), + "sendResponse": send.to_json() + }))) +} + +// https://github.com/bitwarden/server/blob/d0c793c95181dfb1b447eb450f85ba0bfd7ef643/src/Api/Controllers/SendsController.cs#L243 +#[post("/sends//file/", format = "multipart/form-data", data = "")] +async fn post_send_file_v2_data( + send_uuid: String, + file_id: String, + data: Form>, + headers: Headers, + conn: DbConn, + nt: Notify<'_>, +) -> EmptyResult { + enforce_disable_send_policy(&headers, &conn).await?; + + let mut data = data.into_inner(); + + // There is a bug regarding uploading attachments/sends using the Mobile clients + // See: https://github.com/dani-garcia/vaultwarden/issues/2644 && https://github.com/bitwarden/mobile/issues/2018 + // This has been fixed via a PR: https://github.com/bitwarden/mobile/pull/2031, but hasn't landed in a new release yet. + // On the vaultwarden side this is temporarily fixed by using a custom multer library + // See: https://github.com/dani-garcia/vaultwarden/pull/2675 + // In any case we will match TempFile::File and not TempFile::Buffered, since Buffered will alter the contents. + if let TempFile::Buffered { + content: _, + } = &data.data + { + err!("Error reading attachment data. Please try an other client."); + } + + if let Some(send) = Send::find_by_uuid(&send_uuid, &conn).await { + let folder_path = tokio::fs::canonicalize(&CONFIG.sends_folder()).await?.join(&send_uuid); + let file_path = folder_path.join(&file_id); + tokio::fs::create_dir_all(&folder_path).await?; + + if let Err(_err) = data.data.persist_to(&file_path).await { + data.data.move_copy_to(file_path).await? + } + + nt.send_send_update(UpdateType::SyncSendCreate, &send, &send.update_users_revision(&conn).await).await; + } else { + err!("Send not found. Unable to save the file."); + } + + Ok(()) +} + #[derive(Deserialize)] #[allow(non_snake_case)] pub struct SendAccessData { From 5b8067ef7783f3866f752a37abe36813dc859836 Mon Sep 17 00:00:00 2001 From: BlackDex Date: Thu, 22 Sep 2022 21:30:34 +0200 Subject: [PATCH 7/8] Update libraries and Rust version - Updated to Rust v1.64.0 - Updated all libararies - Updated multer-rs to be based upon the latest version - Updated Dockerfiles to match the Rust version --- Cargo.lock | 251 ++++++++++++++------------ Cargo.toml | 26 +-- docker/Dockerfile.j2 | 10 +- docker/amd64/Dockerfile | 2 +- docker/amd64/Dockerfile.alpine | 2 +- docker/amd64/Dockerfile.buildx | 2 +- docker/amd64/Dockerfile.buildx.alpine | 2 +- docker/arm64/Dockerfile | 2 +- docker/arm64/Dockerfile.alpine | 2 +- docker/arm64/Dockerfile.buildx | 2 +- docker/arm64/Dockerfile.buildx.alpine | 2 +- docker/armv6/Dockerfile | 2 +- docker/armv6/Dockerfile.alpine | 2 +- docker/armv6/Dockerfile.buildx | 2 +- docker/armv6/Dockerfile.buildx.alpine | 2 +- docker/armv7/Dockerfile | 2 +- docker/armv7/Dockerfile.alpine | 2 +- docker/armv7/Dockerfile.buildx | 2 +- docker/armv7/Dockerfile.buildx.alpine | 2 +- rust-toolchain | 2 +- 20 files changed, 171 insertions(+), 150 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 8c9f1122..b6ea2ad0 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -63,15 +63,15 @@ dependencies = [ [[package]] name = "alloc-no-stdlib" -version = "2.0.3" +version = "2.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "35ef4730490ad1c4eae5c4325b2a95f521d023e5c885853ff7aca0a6a1631db3" +checksum = "cc7bb162ec39d46ab1ca8c77bf72e890535becd1751bb45f64c597edb4c8c6b3" [[package]] name = "alloc-stdlib" -version = "0.2.1" +version = "0.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "697ed7edc0f1711de49ce108c541623a0af97c6c60b2f6e2b65229847ac843c2" +checksum = "94fb8275041c72129eb51b7d0322c29b8387a0386127718b096429201a5d6ece" dependencies = [ "alloc-no-stdlib", ] @@ -207,9 +207,9 @@ checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" [[package]] name = "block-buffer" -version = "0.10.2" +version = "0.10.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0bf7fe51849ea569fd452f37822f606a5cabb684dc918707a0193fd4664ff324" +checksum = "69cce20737498f97b993470a6e536b8523f0af7892a4f928cceb1ac5e52ebe7e" dependencies = [ "generic-array", ] @@ -359,7 +359,7 @@ dependencies = [ "base64", "hkdf", "hmac", - "percent-encoding 2.1.0", + "percent-encoding 2.2.0", "rand", "sha2", "subtle", @@ -380,7 +380,23 @@ dependencies = [ "serde", "serde_json", "time 0.3.14", - "url 2.2.2", + "url 2.3.1", +] + +[[package]] +name = "cookie_store" +version = "0.17.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e8b224f141ecbc952e57b58dae7677899c722a1abdb8c60b68b62bf4d4435bd7" +dependencies = [ + "cookie", + "idna 0.2.3", + "log", + "publicsuffix", + "serde", + "serde_json", + "time 0.3.14", + "url 2.3.1", ] [[package]] @@ -523,12 +539,9 @@ checksum = "3ee2393c4a91429dffb4bedf19f4d6abf27d8a732c8ce4980305d782e5426d57" [[package]] name = "data-url" -version = "0.1.1" +version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3a30bfce702bcfa94e906ef82421f2c0e61c076ad76030c16ee5d2e9a32fe193" -dependencies = [ - "matches", -] +checksum = "8d7439c3735f405729d52c3fbbe4de140eaf938a1fe47d227c27f8254d4302a5" [[package]] name = "devise" @@ -603,9 +616,9 @@ dependencies = [ [[package]] name = "digest" -version = "0.10.3" +version = "0.10.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f2fb860ca6fafa5552fb6d0e816a69c8e49f0908bf524e30a90d97c85892d506" +checksum = "adfbc57365a37acbd2ebf2b64d7e69bb766e2fea813521ed536f5d0520dcf86c" dependencies = [ "block-buffer", "crypto-common", @@ -634,9 +647,9 @@ dependencies = [ [[package]] name = "dotenvy" -version = "0.15.1" +version = "0.15.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7e851a83c30366fd01d75b913588e95e74a1705c1ecc5d58b1f8e1a6d556525f" +checksum = "ed9155c8f4dc55c7470ae9da3f63c6785245093b3f6aeb0f5bf2e968efbba314" dependencies = [ "dirs", ] @@ -714,9 +727,9 @@ dependencies = [ [[package]] name = "figment" -version = "0.10.6" +version = "0.10.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "790b4292c72618abbab50f787a477014fe15634f96291de45672ce46afe122df" +checksum = "6e3bd154d9ae2f1bb0ada5b7eebd56529513efa5de7d2fc8c6adf33bc43260cf" dependencies = [ "atomic", "pear", @@ -759,12 +772,11 @@ checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b" [[package]] name = "form_urlencoded" -version = "1.0.1" +version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5fc25a87fa4fd2094bffb06925852034d90a17f0d1e05197d4956d3555752191" +checksum = "a9c384f161156f5260c24a097c56119f9be8c798586aecc13afbcbe7b7e26bf8" dependencies = [ - "matches", - "percent-encoding 2.1.0", + "percent-encoding 2.2.0", ] [[package]] @@ -920,10 +932,11 @@ checksum = "9b919933a397b79c37e33b77bb2aa3dc8eb6e165ad809e58ff75bc7db2e34574" [[package]] name = "governor" -version = "0.4.2" +version = "0.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "19775995ee20209163239355bc3ad2f33f83da35d9ef72dea26e5af753552c87" +checksum = "de1b4626e87b9eb1d603ed23067ba1e29ec1d0b35325a2b96c3fe1cf20871f56" dependencies = [ + "cfg-if", "dashmap", "futures", "futures-timer", @@ -962,9 +975,9 @@ checksum = "eabb4a44450da02c90444cf74558da904edde8fb4e9035a9a6a4e15445af0bd7" [[package]] name = "handlebars" -version = "4.3.3" +version = "4.3.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "360d9740069b2f6cbb63ce2dbaa71a20d3185350cbb990d7bebeb9318415eb17" +checksum = "56b224eaa4987c03c30b251de7ef0c15a6a59f34222905850dbc3026dfb24d5f" dependencies = [ "log", "pest", @@ -1107,14 +1120,13 @@ dependencies = [ [[package]] name = "iana-time-zone" -version = "0.1.47" +version = "0.1.50" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c495f162af0bf17656d0014a0eded5f3cd2f365fdd204548c2869db89359dc7" +checksum = "fd911b35d940d2bd0bea0f9100068e5b97b51a1cbe13d13382f132e0365257a0" dependencies = [ "android_system_properties", "core-foundation-sys", "js-sys", - "once_cell", "wasm-bindgen", "winapi", ] @@ -1147,6 +1159,16 @@ dependencies = [ "unicode-normalization", ] +[[package]] +name = "idna" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e14ddfc70884202db2244c223200c204c2bda1bc6e0998d11b5e024d657209e6" +dependencies = [ + "unicode-bidi", + "unicode-normalization", +] + [[package]] name = "indexmap" version = "1.9.1" @@ -1216,9 +1238,9 @@ dependencies = [ [[package]] name = "js-sys" -version = "0.3.59" +version = "0.3.60" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "258451ab10b34f8af53416d1fdab72c22e805f0c92a1136d59470ec0b11138b2" +checksum = "49409df3e3bf0856b916e2ceaca09ee28e6871cf7d9ce97a692cacfdb2a25a47" dependencies = [ "wasm-bindgen", ] @@ -1273,9 +1295,9 @@ dependencies = [ [[package]] name = "libc" -version = "0.2.132" +version = "0.2.133" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8371e4e5341c3a96db127eb2465ac681ced4c433e01dd0e938adbef26ba93ba5" +checksum = "c0f80d65747a3e43d1596c7c5492d95d5edddaabd45a7fcdb02b95f644164966" [[package]] name = "libmimalloc-sys" @@ -1305,9 +1327,9 @@ checksum = "0717cef1bc8b636c6e1c1bbdefc09e6322da8a9321966e8928ef80d20f7f770f" [[package]] name = "lock_api" -version = "0.4.8" +version = "0.4.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9f80bf5aacaf25cbfc8210d1cfb718f2bf3b11c4c54e5afe36c236853a8ec390" +checksum = "435011366fe56583b16cf956f9df0095b405b82d76425bc8981c0e22e60ec4df" dependencies = [ "autocfg", "scopeguard", @@ -1447,8 +1469,8 @@ dependencies = [ [[package]] name = "multer" -version = "2.0.3" -source = "git+https://github.com/BlackDex/multer-rs?rev=73e83fa5eb183646cc56606e5d902acb30a45b3d#73e83fa5eb183646cc56606e5d902acb30a45b3d" +version = "2.0.4" +source = "git+https://github.com/BlackDex/multer-rs?rev=477d16b7fa0f361b5c2a5ba18a5b28bec6d26a8a#477d16b7fa0f361b5c2a5ba18a5b28bec6d26a8a" dependencies = [ "bytes", "encoding_rs", @@ -1597,9 +1619,9 @@ dependencies = [ [[package]] name = "once_cell" -version = "1.14.0" +version = "1.15.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2f7254b99e31cad77da24b08ebf628882739a608578bb1bcdfc1f9c21260d7c0" +checksum = "e82dad04139b71a90c080c8463fe0dc7902db5192d939bd0950f074d014339e1" [[package]] name = "opaque-debug" @@ -1740,15 +1762,15 @@ checksum = "31010dd2e1ac33d5b46a5b413495239882813e0369f8ed8a5e266f173602f831" [[package]] name = "percent-encoding" -version = "2.1.0" +version = "2.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d4fd5641d01c8f18a23da7b6fe29298ff4b55afcccdf78973b24cf3175fee32e" +checksum = "478c572c3d73181ff3c2539045f6eb99e5491218eae919370993b890cdbdd98e" [[package]] name = "pest" -version = "2.3.0" +version = "2.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4b0560d531d1febc25a3c9398a62a71256c0178f2e3443baedd9ad4bb8c9deb4" +checksum = "cb779fcf4bb850fbbb0edc96ff6cf34fd90c4b1a112ce042653280d9a7364048" dependencies = [ "thiserror", "ucd-trie", @@ -1756,9 +1778,9 @@ dependencies = [ [[package]] name = "pest_derive" -version = "2.3.0" +version = "2.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "905708f7f674518498c1f8d644481440f476d39ca6ecae83319bba7c6c12da91" +checksum = "502b62a6d0245378b04ffe0a7fb4f4419a4815fce813bd8a0ec89a56e07d67b1" dependencies = [ "pest", "pest_generator", @@ -1766,9 +1788,9 @@ dependencies = [ [[package]] name = "pest_generator" -version = "2.3.0" +version = "2.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5803d8284a629cc999094ecd630f55e91b561a1d1ba75e233b00ae13b91a69ad" +checksum = "451e629bf49b750254da26132f1a5a9d11fd8a95a3df51d15c4abd1ba154cb6c" dependencies = [ "pest", "pest_meta", @@ -1779,13 +1801,13 @@ dependencies = [ [[package]] name = "pest_meta" -version = "2.3.0" +version = "2.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1538eb784f07615c6d9a8ab061089c6c54a344c5b4301db51990ca1c241e8c04" +checksum = "bcec162c71c45e269dfc3fc2916eaeb97feab22993a21bcce4721d08cd7801a6" dependencies = [ "once_cell", "pest", - "sha-1", + "sha1", ] [[package]] @@ -1886,9 +1908,9 @@ checksum = "dbf0c48bc1d91375ae5c3cd81e3722dff1abcf81a30960240640d223f59fe0e5" [[package]] name = "proc-macro2" -version = "1.0.43" +version = "1.0.44" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0a2ca2c61bc9f3d74d2886294ab7b9853abd9c1ad903a3ac7815c58989bb7bab" +checksum = "7bd7356a8122b6c4a24a82b278680c73357984ca2fc79a0f9fa6dea7dced7c58" dependencies = [ "unicode-ident", ] @@ -1993,18 +2015,18 @@ dependencies = [ [[package]] name = "rand_core" -version = "0.6.3" +version = "0.6.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d34f1408f55294453790c48b2f1ebbb1c5b4b7563eb1f418bcfcfdbb06ebb4e7" +checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" dependencies = [ "getrandom", ] [[package]] name = "raw-cpuid" -version = "10.5.0" +version = "10.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6aa2540135b6a94f74c7bc90ad4b794f822026a894f3d7bcd185c100d13d4ad6" +checksum = "a6823ea29436221176fe662da99998ad3b4db2c7f31e7b6f5fe43adccd6320bb" dependencies = [ "bitflags", ] @@ -2086,15 +2108,15 @@ dependencies = [ [[package]] name = "reqwest" -version = "0.11.11" +version = "0.11.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b75aa69a3f06bbcc66ede33af2af253c6f7a86b1ca0033f60c580a27074fbf92" +checksum = "431949c384f4e2ae07605ccaa56d1d9d2ecdb5cadd4f9577ccfab29f2e5149fc" dependencies = [ "async-compression", "base64", "bytes", "cookie", - "cookie_store", + "cookie_store 0.16.1", "encoding_rs", "futures-core", "futures-util", @@ -2105,11 +2127,11 @@ dependencies = [ "hyper-tls", "ipnet", "js-sys", - "lazy_static", "log", "mime", "native-tls", - "percent-encoding 2.1.0", + "once_cell", + "percent-encoding 2.2.0", "pin-project-lite", "proc-macro-hack", "serde", @@ -2121,7 +2143,7 @@ dependencies = [ "tokio-util", "tower-service", "trust-dns-resolver", - "url 2.2.2", + "url 2.3.1", "wasm-bindgen", "wasm-bindgen-futures", "web-sys", @@ -2244,7 +2266,7 @@ dependencies = [ "log", "memchr", "pear", - "percent-encoding 2.1.0", + "percent-encoding 2.2.0", "pin-project-lite", "ref-cast", "rustls", @@ -2373,9 +2395,9 @@ dependencies = [ [[package]] name = "serde" -version = "1.0.144" +version = "1.0.145" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0f747710de3dcd43b88c9168773254e809d8ddbdf9653b84e2554ab219f17860" +checksum = "728eb6351430bccb993660dfffc5a72f91ccc1295abaa8ce19b27ebe4f75568b" dependencies = [ "serde_derive", ] @@ -2392,9 +2414,9 @@ dependencies = [ [[package]] name = "serde_derive" -version = "1.0.144" +version = "1.0.145" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "94ed3a816fb1d101812f83e789f888322c34e291f894f19590dc310963e87a00" +checksum = "81fa1584d3d1bcacd84c277a0dfe21f5b0f6accf4a23d04d4c6d61f1af522b4c" dependencies = [ "proc-macro2", "quote", @@ -2437,9 +2459,9 @@ dependencies = [ [[package]] name = "sha1" -version = "0.10.4" +version = "0.10.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "006769ba83e921b3085caa8334186b00cf92b4cb1a6cf4632fbccc8eff5c7549" +checksum = "f04293dc80c3993519f2d7f6f511707ee7094fe0c6d3406feb330cdb3540eba3" dependencies = [ "cfg-if", "cpufeatures", @@ -2448,9 +2470,9 @@ dependencies = [ [[package]] name = "sha2" -version = "0.10.5" +version = "0.10.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cf9db03534dff993187064c4e0c05a5708d2a9728ace9a8959b77bedf415dac5" +checksum = "82e6b795fe2e3b1e845bafcb27aa35405c4d47cdfc92af5fc8d3002f76cebdc0" dependencies = [ "cfg-if", "cpufeatures", @@ -2562,9 +2584,9 @@ checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601" [[package]] name = "syn" -version = "1.0.99" +version = "1.0.100" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "58dbef6ec655055e20b86b15a8cc6d439cca19b667537ac6a1369572d151ab13" +checksum = "52205623b1b0f064a4e71182c3b18ae902267282930c6d5462c91b859668426e" dependencies = [ "proc-macro2", "quote", @@ -2600,18 +2622,18 @@ dependencies = [ [[package]] name = "thiserror" -version = "1.0.34" +version = "1.0.36" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8c1b05ca9d106ba7d2e31a9dab4a64e7be2cce415321966ea3132c49a656e252" +checksum = "0a99cb8c4b9a8ef0e7907cd3b617cc8dc04d571c4e73c8ae403d80ac160bb122" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.34" +version = "1.0.36" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e8f2591983642de85c921015f3f070c665a197ed69e417af436115e3a1407487" +checksum = "3a891860d3c8d66fec8e73ddb3765f90082374dbaaa833407b904a94f1a7eb43" dependencies = [ "proc-macro2", "quote", @@ -2681,9 +2703,9 @@ checksum = "cda74da7e1a664f795bb1f8a87ec406fb89a02522cf6e50620d016add6dbbf5c" [[package]] name = "tokio" -version = "1.21.0" +version = "1.21.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "89797afd69d206ccd11fb0ea560a44bbb87731d020670e79416d442919257d42" +checksum = "0020c875007ad96677dcc890298f4b942882c5d4eb7cc8f439fc3bf813dc9c95" dependencies = [ "autocfg", "bytes", @@ -2746,9 +2768,9 @@ dependencies = [ [[package]] name = "tokio-stream" -version = "0.1.9" +version = "0.1.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "df54d54117d6fdc4e4fea40fe1e4e566b3505700e148a6827e59b34b0d2600d9" +checksum = "f6edf2d6bc038a43d31353570e27270603f4648d18f5ed10c0e179abe43255af" dependencies = [ "futures-core", "pin-project-lite", @@ -2769,9 +2791,9 @@ dependencies = [ [[package]] name = "tokio-util" -version = "0.7.3" +version = "0.7.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cc463cd8deddc3770d20f9852143d50bf6094e640b485cb2e189a2099085ff45" +checksum = "0bb2e075f03b3d66d8d8785356224ba688d2906a371015e225beeb65ca92c740" dependencies = [ "bytes", "futures-core", @@ -2893,7 +2915,7 @@ dependencies = [ "thiserror", "tinyvec", "tokio", - "url 2.2.2", + "url 2.3.1", ] [[package]] @@ -2937,7 +2959,7 @@ dependencies = [ "rand", "sha-1", "thiserror", - "url 2.2.2", + "url 2.3.1", "utf-8", ] @@ -2980,24 +3002,24 @@ checksum = "099b7128301d285f79ddd55b9a83d5e6b9e97c92e0ea0daebee7263e932de992" [[package]] name = "unicode-ident" -version = "1.0.3" +version = "1.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c4f5b37a154999a8f3f98cc23a628d850e154479cd94decf3414696e12e31aaf" +checksum = "dcc811dc4066ac62f84f11307873c4850cb653bfa9b1719cee2bd2204a4bc5dd" [[package]] name = "unicode-normalization" -version = "0.1.21" +version = "0.1.22" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "854cbdc4f7bc6ae19c820d44abdc3277ac3e1b2b93db20a636825d9322fb60e6" +checksum = "5c5713f0fc4b5db668a2ac63cdb7bb4469d8c9fed047b1d0292cc7b0ce2ba921" dependencies = [ "tinyvec", ] [[package]] name = "unicode-xid" -version = "0.2.3" +version = "0.2.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "957e51f3646910546462e67d5f7599b9e4fb8acdd304b087a6494730f9eebf04" +checksum = "f962df74c8c05a667b5ee8bcf162993134c104e96440b663c8daa176dc772d8c" [[package]] name = "universal-hash" @@ -3028,14 +3050,13 @@ dependencies = [ [[package]] name = "url" -version = "2.2.2" +version = "2.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a507c383b2d33b5fc35d1861e77e6b383d158b2da5e14fe51b83dfedf6fd578c" +checksum = "0d68c799ae75762b8c3fe375feb6600ef5602c883c5d21eb51c09f22b83c4643" dependencies = [ "form_urlencoded", - "idna 0.2.3", - "matches", - "percent-encoding 2.1.0", + "idna 0.3.0", + "percent-encoding 2.2.0", "serde", ] @@ -3070,7 +3091,7 @@ dependencies = [ "chrono", "chrono-tz", "cookie", - "cookie_store", + "cookie_store 0.17.0", "ctrlc", "dashmap", "data-encoding", @@ -3094,7 +3115,7 @@ dependencies = [ "once_cell", "openssl", "paste", - "percent-encoding 2.1.0", + "percent-encoding 2.2.0", "pico-args", "rand", "regex", @@ -3110,7 +3131,7 @@ dependencies = [ "tokio-tungstenite", "totp-lite", "tracing", - "url 2.2.2", + "url 2.3.1", "uuid", "webauthn-rs", "yubico", @@ -3163,9 +3184,9 @@ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" [[package]] name = "wasm-bindgen" -version = "0.2.82" +version = "0.2.83" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fc7652e3f6c4706c8d9cd54832c4a4ccb9b5336e2c3bd154d5cccfbf1c1f5f7d" +checksum = "eaf9f5aceeec8be17c128b2e93e031fb8a4d469bb9c4ae2d7dc1888b26887268" dependencies = [ "cfg-if", "wasm-bindgen-macro", @@ -3173,9 +3194,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-backend" -version = "0.2.82" +version = "0.2.83" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "662cd44805586bd52971b9586b1df85cdbbd9112e4ef4d8f41559c334dc6ac3f" +checksum = "4c8ffb332579b0557b52d268b91feab8df3615f265d5270fec2a8c95b17c1142" dependencies = [ "bumpalo", "log", @@ -3188,9 +3209,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-futures" -version = "0.4.32" +version = "0.4.33" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fa76fb221a1f8acddf5b54ace85912606980ad661ac7a503b4570ffd3a624dad" +checksum = "23639446165ca5a5de86ae1d8896b737ae80319560fbaa4c2887b7da6e7ebd7d" dependencies = [ "cfg-if", "js-sys", @@ -3200,9 +3221,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro" -version = "0.2.82" +version = "0.2.83" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b260f13d3012071dfb1512849c033b1925038373aea48ced3012c09df952c602" +checksum = "052be0f94026e6cbc75cdefc9bae13fd6052cdcaf532fa6c45e7ae33a1e6c810" dependencies = [ "quote", "wasm-bindgen-macro-support", @@ -3210,9 +3231,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro-support" -version = "0.2.82" +version = "0.2.83" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5be8e654bdd9b79216c2929ab90721aa82faf65c48cdf08bdc4e7f51357b80da" +checksum = "07bc0c051dc5f23e307b13285f9d75df86bfdf816c5721e573dec1f9b8aa193c" dependencies = [ "proc-macro2", "quote", @@ -3223,15 +3244,15 @@ dependencies = [ [[package]] name = "wasm-bindgen-shared" -version = "0.2.82" +version = "0.2.83" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6598dd0bd3c7d51095ff6531a5b23e02acdc81804e30d8f07afb77b7215a140a" +checksum = "1c38c045535d93ec4f0b4defec448e4291638ee608530863b1e2ba115d4fff7f" [[package]] name = "web-sys" -version = "0.3.59" +version = "0.3.60" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ed055ab27f941423197eb86b2035720b1a3ce40504df082cac2ecc6ed73335a1" +checksum = "bcda906d8be16e728fd5adc5b729afad4e444e106ab28cd1c7256e54fa61510f" dependencies = [ "js-sys", "wasm-bindgen", @@ -3253,7 +3274,7 @@ dependencies = [ "serde_json", "thiserror", "tracing", - "url 2.2.2", + "url 2.3.1", ] [[package]] diff --git a/Cargo.toml b/Cargo.toml index 32838c72..583fe710 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -42,10 +42,10 @@ tracing = { version = "0.1.36", features = ["log"] } # Needed to have lettre and backtrace = "0.3.66" # Logging panics to logfile instead stderr only # A `dotenv` implementation for Rust -dotenvy = { version = "=0.15.1", default-features = false } +dotenvy = { version = "0.15.5", default-features = false } # Lazy initialization -once_cell = "1.14.0" +once_cell = "1.15.0" # Numerical libraries num-traits = "0.2.15" @@ -61,10 +61,10 @@ dashmap = "5.4.0" # Async futures futures = "0.3.24" -tokio = { version = "1.21.0", features = ["rt-multi-thread", "fs", "io-util", "parking_lot", "time"] } +tokio = { version = "1.21.1", features = ["rt-multi-thread", "fs", "io-util", "parking_lot", "time"] } # A generic serialization/deserialization framework -serde = { version = "1.0.144", features = ["derive"] } +serde = { version = "1.0.145", features = ["derive"] } serde_json = "1.0.85" # A safe, extensible ORM and Query builder @@ -105,28 +105,28 @@ yubico = { version = "0.11.0", features = ["online-tokio"], default-features = f webauthn-rs = "0.3.2" # Handling of URL's for WebAuthn -url = "2.2.2" +url = "2.3.1" # Email librariese-Base, Update crates and small change. lettre = { version = "0.10.1", features = ["smtp-transport", "builder", "serde", "tokio1-native-tls", "hostname", "tracing", "tokio1"], default-features = false } -percent-encoding = "2.1.0" # URL encoding library used for URL's in the emails +percent-encoding = "2.2.0" # URL encoding library used for URL's in the emails # Template library -handlebars = { version = "4.3.3", features = ["dir_source"] } +handlebars = { version = "4.3.4", features = ["dir_source"] } # HTTP client -reqwest = { version = "0.11.11", features = ["stream", "json", "gzip", "brotli", "socks", "cookies", "trust-dns"] } +reqwest = { version = "0.11.12", features = ["stream", "json", "gzip", "brotli", "socks", "cookies", "trust-dns"] } # For favicon extraction from main website html5gum = "0.5.2" regex = { version = "1.6.0", features = ["std", "perf", "unicode-perl"], default-features = false } -data-url = "0.1.1" +data-url = "0.2.0" bytes = "1.2.1" cached = "0.39.0" # Used for custom short lived cookie jar during favicon extraction cookie = "0.16.0" -cookie_store = "0.16.1" +cookie_store = "0.17.0" # Used by U2F, JWT and Postgres openssl = "0.10.41" @@ -136,7 +136,7 @@ pico-args = "0.5.0" # Macro ident concatenation paste = "1.0.9" -governor = "0.4.2" +governor = "0.5.0" # Capture CTRL+C ctrlc = { version = "3.2.3", features = ["termination"] } @@ -148,8 +148,8 @@ mimalloc = { version = "0.1.29", features = ["secure"], default-features = false [patch.crates-io] # Using a patched version of multer-rs (Used by Rocket) to fix attachment/send file uploads # Issue: https://github.com/dani-garcia/vaultwarden/issues/2644 -# Patch: https://github.com/BlackDex/multer-rs/commit/73e83fa5eb183646cc56606e5d902acb30a45b3d -multer = { git = "https://github.com/BlackDex/multer-rs", rev = "73e83fa5eb183646cc56606e5d902acb30a45b3d" } +# Patch: https://github.com/BlackDex/multer-rs/commit/477d16b7fa0f361b5c2a5ba18a5b28bec6d26a8a +multer = { git = "https://github.com/BlackDex/multer-rs", rev = "477d16b7fa0f361b5c2a5ba18a5b28bec6d26a8a" } # Strip debuginfo from the release builds # Also enable thin LTO for some optimizations diff --git a/docker/Dockerfile.j2 b/docker/Dockerfile.j2 index d9bc1338..cc0cdf17 100644 --- a/docker/Dockerfile.j2 +++ b/docker/Dockerfile.j2 @@ -3,22 +3,22 @@ # This file was generated using a Jinja2 template. # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfiles. -{% set build_stage_base_image = "rust:1.61-bullseye" %} +{% set build_stage_base_image = "rust:1.64-bullseye" %} {% if "alpine" in target_file %} {% if "amd64" in target_file %} -{% set build_stage_base_image = "blackdex/rust-musl:x86_64-musl-stable-1.61.0" %} +{% set build_stage_base_image = "blackdex/rust-musl:x86_64-musl-stable-1.64.0" %} {% set runtime_stage_base_image = "alpine:3.16" %} {% set package_arch_target = "x86_64-unknown-linux-musl" %} {% elif "armv7" in target_file %} -{% set build_stage_base_image = "blackdex/rust-musl:armv7-musleabihf-stable-1.61.0" %} +{% set build_stage_base_image = "blackdex/rust-musl:armv7-musleabihf-stable-1.64.0" %} {% set runtime_stage_base_image = "balenalib/armv7hf-alpine:3.16" %} {% set package_arch_target = "armv7-unknown-linux-musleabihf" %} {% elif "armv6" in target_file %} -{% set build_stage_base_image = "blackdex/rust-musl:arm-musleabi-stable-1.61.0" %} +{% set build_stage_base_image = "blackdex/rust-musl:arm-musleabi-stable-1.64.0" %} {% set runtime_stage_base_image = "balenalib/rpi-alpine:3.16" %} {% set package_arch_target = "arm-unknown-linux-musleabi" %} {% elif "arm64" in target_file %} -{% set build_stage_base_image = "blackdex/rust-musl:aarch64-musl-stable-1.61.0" %} +{% set build_stage_base_image = "blackdex/rust-musl:aarch64-musl-stable-1.64.0" %} {% set runtime_stage_base_image = "balenalib/aarch64-alpine:3.16" %} {% set package_arch_target = "aarch64-unknown-linux-musl" %} {% endif %} diff --git a/docker/amd64/Dockerfile b/docker/amd64/Dockerfile index bc0f8248..af15fc9e 100644 --- a/docker/amd64/Dockerfile +++ b/docker/amd64/Dockerfile @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM rust:1.61-bullseye as build +FROM rust:1.64-bullseye as build diff --git a/docker/amd64/Dockerfile.alpine b/docker/amd64/Dockerfile.alpine index 0c488a02..18f7f75b 100644 --- a/docker/amd64/Dockerfile.alpine +++ b/docker/amd64/Dockerfile.alpine @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:x86_64-musl-stable-1.61.0 as build +FROM blackdex/rust-musl:x86_64-musl-stable-1.64.0 as build diff --git a/docker/amd64/Dockerfile.buildx b/docker/amd64/Dockerfile.buildx index 872a90d9..0797ec39 100644 --- a/docker/amd64/Dockerfile.buildx +++ b/docker/amd64/Dockerfile.buildx @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM rust:1.61-bullseye as build +FROM rust:1.64-bullseye as build diff --git a/docker/amd64/Dockerfile.buildx.alpine b/docker/amd64/Dockerfile.buildx.alpine index 2892705a..db0c1e04 100644 --- a/docker/amd64/Dockerfile.buildx.alpine +++ b/docker/amd64/Dockerfile.buildx.alpine @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:x86_64-musl-stable-1.61.0 as build +FROM blackdex/rust-musl:x86_64-musl-stable-1.64.0 as build diff --git a/docker/arm64/Dockerfile b/docker/arm64/Dockerfile index e0d414a5..feaa27d6 100644 --- a/docker/arm64/Dockerfile +++ b/docker/arm64/Dockerfile @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM rust:1.61-bullseye as build +FROM rust:1.64-bullseye as build diff --git a/docker/arm64/Dockerfile.alpine b/docker/arm64/Dockerfile.alpine index 11d5e80b..b7750fee 100644 --- a/docker/arm64/Dockerfile.alpine +++ b/docker/arm64/Dockerfile.alpine @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:aarch64-musl-stable-1.61.0 as build +FROM blackdex/rust-musl:aarch64-musl-stable-1.64.0 as build diff --git a/docker/arm64/Dockerfile.buildx b/docker/arm64/Dockerfile.buildx index e8c107c3..026545e2 100644 --- a/docker/arm64/Dockerfile.buildx +++ b/docker/arm64/Dockerfile.buildx @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM rust:1.61-bullseye as build +FROM rust:1.64-bullseye as build diff --git a/docker/arm64/Dockerfile.buildx.alpine b/docker/arm64/Dockerfile.buildx.alpine index 54bb60a5..94ffb249 100644 --- a/docker/arm64/Dockerfile.buildx.alpine +++ b/docker/arm64/Dockerfile.buildx.alpine @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:aarch64-musl-stable-1.61.0 as build +FROM blackdex/rust-musl:aarch64-musl-stable-1.64.0 as build diff --git a/docker/armv6/Dockerfile b/docker/armv6/Dockerfile index e04cb1f2..96210168 100644 --- a/docker/armv6/Dockerfile +++ b/docker/armv6/Dockerfile @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM rust:1.61-bullseye as build +FROM rust:1.64-bullseye as build diff --git a/docker/armv6/Dockerfile.alpine b/docker/armv6/Dockerfile.alpine index 6b2fb48b..21b66728 100644 --- a/docker/armv6/Dockerfile.alpine +++ b/docker/armv6/Dockerfile.alpine @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:arm-musleabi-stable-1.61.0 as build +FROM blackdex/rust-musl:arm-musleabi-stable-1.64.0 as build diff --git a/docker/armv6/Dockerfile.buildx b/docker/armv6/Dockerfile.buildx index ae6a2471..9797342a 100644 --- a/docker/armv6/Dockerfile.buildx +++ b/docker/armv6/Dockerfile.buildx @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM rust:1.61-bullseye as build +FROM rust:1.64-bullseye as build diff --git a/docker/armv6/Dockerfile.buildx.alpine b/docker/armv6/Dockerfile.buildx.alpine index 826abd61..82d52a7d 100644 --- a/docker/armv6/Dockerfile.buildx.alpine +++ b/docker/armv6/Dockerfile.buildx.alpine @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:arm-musleabi-stable-1.61.0 as build +FROM blackdex/rust-musl:arm-musleabi-stable-1.64.0 as build diff --git a/docker/armv7/Dockerfile b/docker/armv7/Dockerfile index 26c2cd01..07c3e594 100644 --- a/docker/armv7/Dockerfile +++ b/docker/armv7/Dockerfile @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM rust:1.61-bullseye as build +FROM rust:1.64-bullseye as build diff --git a/docker/armv7/Dockerfile.alpine b/docker/armv7/Dockerfile.alpine index 8e293970..a51fa9b0 100644 --- a/docker/armv7/Dockerfile.alpine +++ b/docker/armv7/Dockerfile.alpine @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:armv7-musleabihf-stable-1.61.0 as build +FROM blackdex/rust-musl:armv7-musleabihf-stable-1.64.0 as build diff --git a/docker/armv7/Dockerfile.buildx b/docker/armv7/Dockerfile.buildx index 711b8d2a..34e26006 100644 --- a/docker/armv7/Dockerfile.buildx +++ b/docker/armv7/Dockerfile.buildx @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM rust:1.61-bullseye as build +FROM rust:1.64-bullseye as build diff --git a/docker/armv7/Dockerfile.buildx.alpine b/docker/armv7/Dockerfile.buildx.alpine index c1eaad2a..ffe20bf1 100644 --- a/docker/armv7/Dockerfile.buildx.alpine +++ b/docker/armv7/Dockerfile.buildx.alpine @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:armv7-musleabihf-stable-1.61.0 as build +FROM blackdex/rust-musl:armv7-musleabihf-stable-1.64.0 as build diff --git a/rust-toolchain b/rust-toolchain index 91951fd8..94057304 100644 --- a/rust-toolchain +++ b/rust-toolchain @@ -1 +1 @@ -1.61.0 +1.64.0 From da9fd6b7d01be85b65b4796be2075fb6d0bbee0e Mon Sep 17 00:00:00 2001 From: BlackDex Date: Sat, 24 Sep 2022 18:27:13 +0200 Subject: [PATCH 8/8] Fix organization vault export Since v2022.9.x it seems they changed the export endpoint and way of working. This PR fixes this by adding the export endpoint. Also, it looks like the clients can't handle uppercase first JSON key's. Because of this there now is a function which converts all the key's to lowercase first. I have an issue reported at Bitwarden if this is expected behavior: https://github.com/bitwarden/clients/issues/3606 Fixes #2760 Fixes #2764 --- src/api/core/organizations.rs | 47 ++++++++++++++++++++++++------- src/util.rs | 53 +++++++++++++++++++++++++++++++++++ 2 files changed, 90 insertions(+), 10 deletions(-) diff --git a/src/api/core/organizations.rs b/src/api/core/organizations.rs index d0e1b5a8..3934de88 100644 --- a/src/api/core/organizations.rs +++ b/src/api/core/organizations.rs @@ -10,7 +10,9 @@ use crate::{ }, auth::{decode_invite, AdminHeaders, Headers, ManagerHeaders, ManagerHeadersLoose, OwnerHeaders}, db::{models::*, DbConn}, - mail, CONFIG, + mail, + util::convert_json_key_lcase_first, + CONFIG, }; use futures::{stream, stream::StreamExt}; @@ -68,7 +70,8 @@ pub fn routes() -> Vec { activate_organization_user, bulk_activate_organization_user, restore_organization_user, - bulk_restore_organization_user + bulk_restore_organization_user, + get_org_export ] } @@ -246,15 +249,19 @@ async fn get_user_collections(headers: Headers, conn: DbConn) -> Json { #[get("/organizations//collections")] async fn get_org_collections(org_id: String, _headers: ManagerHeadersLoose, conn: DbConn) -> Json { - Json(json!({ + Json(_get_org_collections(&org_id, &conn).await) +} + +async fn _get_org_collections(org_id: &str, conn: &DbConn) -> Value { + json!({ "Data": - Collection::find_by_organization(&org_id, &conn).await + Collection::find_by_organization(org_id, conn).await .iter() .map(Collection::to_json) .collect::(), "Object": "list", "ContinuationToken": null, - })) + }) } #[post("/organizations//collections", data = "")] @@ -491,22 +498,26 @@ struct OrgIdData { #[get("/ciphers/organization-details?")] async fn get_org_details(data: OrgIdData, headers: Headers, conn: DbConn) -> Json { - let ciphers = Cipher::find_by_org(&data.organization_id, &conn).await; - let cipher_sync_data = CipherSyncData::new(&headers.user.uuid, &ciphers, CipherSyncType::Organization, &conn).await; + Json(_get_org_details(&data.organization_id, &headers.host, &headers.user.uuid, &conn).await) +} + +async fn _get_org_details(org_id: &str, host: &str, user_uuid: &str, conn: &DbConn) -> Value { + let ciphers = Cipher::find_by_org(org_id, conn).await; + let cipher_sync_data = CipherSyncData::new(user_uuid, &ciphers, CipherSyncType::Organization, conn).await; let ciphers_json = stream::iter(ciphers) .then(|c| async { let c = c; // Move out this single variable - c.to_json(&headers.host, &headers.user.uuid, Some(&cipher_sync_data), &conn).await + c.to_json(host, user_uuid, Some(&cipher_sync_data), conn).await }) .collect::>() .await; - Json(json!({ + json!({ "Data": ciphers_json, "Object": "list", "ContinuationToken": null, - })) + }) } #[get("/organizations//users")] @@ -1690,3 +1701,19 @@ async fn _restore_organization_user( } Ok(()) } + +// This is a new function active since the v2022.9.x clients. +// It combines the previous two calls done before. +// We call those two functions here and combine them our selfs. +// +// NOTE: It seems clients can't handle uppercase-first keys!! +// We need to convert all keys so they have the first character to be a lowercase. +// Else the export will be just an empty JSON file. +#[get("/organizations//export")] +async fn get_org_export(org_id: String, headers: AdminHeaders, conn: DbConn) -> Json { + // Also both main keys here need to be lowercase, else the export will fail. + Json(json!({ + "collections": convert_json_key_lcase_first(_get_org_collections(&org_id, &conn).await), + "ciphers": convert_json_key_lcase_first(_get_org_details(&org_id, &headers.host, &headers.user.uuid, &conn).await), + })) +} diff --git a/src/util.rs b/src/util.rs index f5645d78..bdbb564e 100644 --- a/src/util.rs +++ b/src/util.rs @@ -357,6 +357,7 @@ pub fn get_uuid() -> String { use std::str::FromStr; +#[inline] pub fn upcase_first(s: &str) -> String { let mut c = s.chars(); match c.next() { @@ -365,6 +366,15 @@ pub fn upcase_first(s: &str) -> String { } } +#[inline] +pub fn lcase_first(s: &str) -> String { + let mut c = s.chars(); + match c.next() { + None => String::new(), + Some(f) => f.to_lowercase().collect::() + c.as_str(), + } +} + pub fn try_parse_string(string: Option) -> Option where S: AsRef, @@ -650,3 +660,46 @@ pub fn get_reqwest_client_builder() -> ClientBuilder { headers.insert(header::USER_AGENT, header::HeaderValue::from_static("Vaultwarden")); Client::builder().default_headers(headers).timeout(Duration::from_secs(10)) } + +pub fn convert_json_key_lcase_first(src_json: Value) -> Value { + match src_json { + Value::Array(elm) => { + let mut new_array: Vec = Vec::with_capacity(elm.len()); + + for obj in elm { + new_array.push(convert_json_key_lcase_first(obj)); + } + Value::Array(new_array) + } + + Value::Object(obj) => { + let mut json_map = JsonMap::new(); + for (key, value) in obj.iter() { + match (key, value) { + (key, Value::Object(elm)) => { + let inner_value = convert_json_key_lcase_first(Value::Object(elm.clone())); + json_map.insert(lcase_first(key), inner_value); + } + + (key, Value::Array(elm)) => { + let mut inner_array: Vec = Vec::with_capacity(elm.len()); + + for inner_obj in elm { + inner_array.push(convert_json_key_lcase_first(inner_obj.clone())); + } + + json_map.insert(lcase_first(key), Value::Array(inner_array)); + } + + (key, value) => { + json_map.insert(lcase_first(key), value.clone()); + } + } + } + + Value::Object(json_map) + } + + value => value, + } +}