From f571df7367991d804603630e04a36d5d96feac11 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Garc=C3=ADa?= Date: Sat, 12 Jan 2019 15:28:41 +0100 Subject: [PATCH] Revert yubikey feature, not needed anymore --- Cargo.toml | 4 +--- Dockerfile.aarch64 | 3 +-- src/api/core/two_factor.rs | 35 +++++++---------------------------- 3 files changed, 9 insertions(+), 33 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index bcf3416a..bf59085c 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -11,9 +11,7 @@ publish = false build = "build.rs" [features] -default = ["enable_yubikey"] enable_syslog = ["syslog", "fern/syslog-4"] -enable_yubikey = ["yubico"] [dependencies] # Web framework for nightly with a focus on ease-of-use, expressibility, and speed. @@ -74,7 +72,7 @@ jsonwebtoken = "5.0.1" u2f = "0.1.4" # Yubico Library -yubico = { version = "0.5.0", features = ["online"], default-features = false, optional = true } +yubico = { version = "0.5.0", features = ["online"], default-features = false } # A `dotenv` implementation for Rust dotenv = { version = "0.13.0", default-features = false } diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64 index 19b86766..5beb2daa 100644 --- a/Dockerfile.aarch64 +++ b/Dockerfile.aarch64 @@ -55,8 +55,7 @@ COPY . . # Build RUN rustup target add aarch64-unknown-linux-gnu -# TODO: Enable yubico when #262 is fixed -RUN cargo build --release --target=aarch64-unknown-linux-gnu -v --no-default-features +RUN cargo build --release --target=aarch64-unknown-linux-gnu -v ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image diff --git a/src/api/core/two_factor.rs b/src/api/core/two_factor.rs index 56968254..5aeb1b16 100644 --- a/src/api/core/two_factor.rs +++ b/src/api/core/two_factor.rs @@ -15,18 +15,8 @@ use crate::auth::Headers; use rocket::Route; -#[cfg(feature = "enable_yubikey")] -fn yubi_routes() -> Vec { - routes![generate_yubikey, activate_yubikey, activate_yubikey_put] -} - -#[cfg(not(feature = "enable_yubikey"))] -fn yubi_routes() -> Vec { - Vec::new() -} - pub fn routes() -> Vec { - let mut routes = routes![ + routes![ get_twofactor, get_recover, recover, @@ -39,11 +29,10 @@ pub fn routes() -> Vec { generate_u2f_challenge, activate_u2f, activate_u2f_put, - ]; - - routes.append(&mut yubi_routes()); - - routes + generate_yubikey, + activate_yubikey, + activate_yubikey_put, + ] } #[get("/two-factor")] @@ -496,8 +485,8 @@ pub struct YubikeyMetadata { pub Nfc: bool, } -#[cfg(feature = "enable_yubikey")] -use yubico::{config::Config, Yubico}; +use yubico::config::Config; +use yubico::Yubico; fn parse_yubikeys(data: &EnableYubikeyData) -> Vec { let mut yubikeys: Vec = Vec::new(); @@ -535,7 +524,6 @@ fn jsonify_yubikeys(yubikeys: Vec) -> serde_json::Value { result } -#[cfg(feature = "enable_yubikey")] fn verify_yubikey_otp(otp: String) -> JsonResult { if !CONFIG.yubico_cred_set { err!("`YUBICO_CLIENT_ID` or `YUBICO_SECRET_KEY` environment variable is not set. Yubikey OTP Disabled") @@ -557,7 +545,6 @@ fn verify_yubikey_otp(otp: String) -> JsonResult { } } -#[cfg(feature = "enable_yubikey")] #[post("/two-factor/get-yubikey", data = "")] fn generate_yubikey(data: JsonUpcase, headers: Headers, conn: DbConn) -> JsonResult { if !CONFIG.yubico_cred_set { @@ -593,7 +580,6 @@ fn generate_yubikey(data: JsonUpcase, headers: Headers, conn: DbCo } } -#[cfg(feature = "enable_yubikey")] #[post("/two-factor/yubikey", data = "")] fn activate_yubikey(data: JsonUpcase, headers: Headers, conn: DbConn) -> JsonResult { let data: EnableYubikeyData = data.into_inner().data; @@ -655,18 +641,11 @@ fn activate_yubikey(data: JsonUpcase, headers: Headers, conn: Ok(Json(result)) } -#[cfg(feature = "enable_yubikey")] #[put("/two-factor/yubikey", data = "")] fn activate_yubikey_put(data: JsonUpcase, headers: Headers, conn: DbConn) -> JsonResult { activate_yubikey(data, headers, conn) } -#[cfg(not(feature = "enable_yubikey"))] -pub fn validate_yubikey_login(_: &str, _: &str, _: &DbConn) -> EmptyResult { - err!("Yubikey functionality is disabled. If you are using AArch64, check #262") -} - -#[cfg(feature = "enable_yubikey")] pub fn validate_yubikey_login(user_uuid: &str, response: &str, conn: &DbConn) -> EmptyResult { if response.len() != 44 { err!("Invalid Yubikey OTP length");