MirrorHub
/
bitwarden_rs
mirror of https://github.com/dani-garcia/vaultwarden
0
0
Fork 0
Code Issues Releases Wiki Activity

Updated dependencies and small mail fixes 

- Updated rust nightly
- Updated depenencies
- Removed unicode support for regex (less dependencies)
- Fixed dependency and nightly changes/deprications
- Some mail changes for less spam point triggering
This commit is contained in:
BlackDex 2021-01-31 20:07:42 +01:00
parent 4628e4519d
commit 5860679624
10 changed files with 552 additions and 279 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

751
Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

29
Cargo.toml
View File

@ -32,10 +32,10 @@ rocket = { version = "0.5.0-dev", features = ["tls"], default-features = false }
rocket_contrib = "0.5.0-dev"
# HTTP client
reqwest = { version = "0.10.10", features = ["blocking", "json"] }
reqwest = { version = "0.11.0", features = ["blocking", "json"] }
# multipart/form-data support
multipart = { version = "0.17.0", features = ["server"], default-features = false }
multipart = { version = "0.17.1", features = ["server"], default-features = false }
# WebSockets library
ws = { version = "0.10.0", package = "parity-ws" }
@ -47,12 +47,11 @@ rmpv = "0.4.6"
chashmap = "2.2.2"
# A generic serialization/deserialization framework
serde = "1.0.118"
serde_derive = "1.0.118"
serde_json = "1.0.60"
serde = { version = "1.0.123", features = ["derive"] }
serde_json = "1.0.61"
# Logging
log = "0.4.11"
log = "0.4.14"
fern = { version = "0.6.0", features = ["syslog-4"] }
# A safe, extensible ORM and Query builder
@ -63,22 +62,22 @@ diesel_migrations = "1.4.0"
libsqlite3-sys = { version = "0.18.0", features = ["bundled"], optional = true }
# Crypto-related libraries
rand = "0.7.3"
rand = "0.8.3"
ring = "0.16.19"
# UUID generation
uuid = { version = "0.8.1", features = ["v4"] }
uuid = { version = "0.8.2", features = ["v4"] }
# Date and time libraries
chrono = "0.4.19"
chrono-tz = "0.5.3"
time = "0.2.23"
time = "0.2.25"
# TOTP library
oath = "0.10.2"
# Data encoding library
data-encoding = "2.3.1"
data-encoding = "2.3.2"
# JWT library
jsonwebtoken = "7.2.0"
@ -100,19 +99,19 @@ num-traits = "0.2.14"
num-derive = "0.3.3"
# Email libraries
lettre = { version = "0.10.0-alpha.4", features = ["smtp-transport", "builder", "serde", "native-tls", "hostname", "tracing"], default-features = false }
lettre = { version = "0.10.0-alpha.5", features = ["smtp-transport", "builder", "serde", "native-tls", "hostname", "tracing"], default-features = false }
newline-converter = "0.1.0"
# Template library
handlebars = { version = "3.5.1", features = ["dir_source"] }
handlebars = { version = "3.5.2", features = ["dir_source"] }
# For favicon extraction from main website
soup = "0.5.0"
regex = "1.4.2"
regex = { version = "1.4.3", features = ["std", "perf"], default-features = false }
data-url = "0.1.0"
# Used by U2F, JWT and Postgres
openssl = "0.10.31"
openssl = "0.10.32"
# URL encoding library
percent-encoding = "2.1.0"
@ -123,7 +122,7 @@ idna = "0.2.0"
structopt = "0.3.21"
# Logging panics to logfile instead stderr only
backtrace = "0.3.55"
backtrace = "0.3.56"
# Macro ident concatenation
paste = "1.0.4"

2
docker/Dockerfile.j2
View File

@ -4,7 +4,7 @@
{% set build_stage_base_image = "rust:1.48" %}
{% if "alpine" in target_file %}
{% if "amd64" in target_file %}
{% set build_stage_base_image = "clux/muslrust:nightly-2020-11-22" %}
{% set build_stage_base_image = "clux/muslrust:nightly-2021-01-25" %}
{% set runtime_stage_base_image = "alpine:3.12" %}
{% set package_arch_target = "x86_64-unknown-linux-musl" %}
{% elif "armv7" in target_file %}

2
docker/amd64/Dockerfile.alpine
View File

@ -25,7 +25,7 @@
FROM bitwardenrs/web-vault@sha256:57af3fd71706bf6a594488d809ec73f04f77f3f5e97f72fab74c681c4f5a5272 as vault
########################## BUILD IMAGE ##########################
FROM clux/muslrust:nightly-2020-11-22 as build
FROM clux/muslrust:nightly-2021-01-25 as build
# Alpine-based AMD64 (musl) does not support mysql/mariadb during compile time.
ARG DB=sqlite,postgresql

2
rust-toolchain
View File

@ -1 +1 @@
nightly-2020-11-22
nightly-2021-01-25

11
src/api/notifications.rs
View File

@ -19,13 +19,12 @@ static SHOW_WEBSOCKETS_MSG: AtomicBool = AtomicBool::new(true);
#[get("/hub")]
fn websockets_err() -> EmptyResult {
if CONFIG.websocket_enabled() && SHOW_WEBSOCKETS_MSG.compare_and_swap(true, false, Ordering::Relaxed) {
err!(
"###########################################################
if CONFIG.websocket_enabled() && SHOW_WEBSOCKETS_MSG.compare_exchange(true, false, Ordering::Relaxed, Ordering::Relaxed).is_ok() {
err!("
###########################################################
'/notifications/hub' should be proxied to the websocket server or notifications won't work.
Go to the Wiki for more info, or disable WebSockets setting WEBSOCKET_ENABLED=false.
###########################################################################################"
)
###########################################################################################\n")
} else {
Err(Error::empty())
}
@ -161,7 +160,7 @@ impl WSHandler {
}
}
};
// Otherwise verify the query parameter value
let path = hs.request.resource();
if let Some(params) = path.split('?').nth(1) {

4
src/config.rs
View File

@ -557,6 +557,10 @@ fn validate_config(cfg: &ConfigItems) -> Result<(), Error> {
err!("Both `SMTP_HOST` and `SMTP_FROM` need to be set for email support")
}
if !cfg.smtp_from.contains('@') {
err!("SMTP_FROM does not contain a mandatory @ sign")
}
if cfg.smtp_username.is_some() != cfg.smtp_password.is_some() {
err!("Both `SMTP_USERNAME` and `SMTP_PASSWORD` need to be set to enable email authentication")
}

2
src/crypto.rs
View File

@ -67,7 +67,7 @@ pub fn generate_token(token_size: u32) -> Result<String, Error> {
// token of fixed width, left-padding with 0 as needed.
use rand::{thread_rng, Rng};
let mut rng = thread_rng();
let number: u64 = rng.gen_range(low, high);
let number: u64 = rng.gen_range(low..high);
let token = format!("{:0size$}", number, size = token_size as usize);
Ok(token)

26
src/mail.rs
View File

@ -302,30 +302,32 @@ fn send_email(address: &str, subject: &str, body_html: &str, body_text: &str) ->
let address = format!("{}@{}", address_split[1], domain_puny);
let html = SinglePart::base64()
let html = SinglePart::builder()
// We force Base64 encoding because in the past we had issues with different encodings.
.header(header::ContentTransferEncoding::Base64)
.header(header::ContentType("text/html; charset=utf-8".parse()?))
.body(body_html);
.body(String::from(body_html));
let text = SinglePart::base64()
let text = SinglePart::builder()
// We force Base64 encoding because in the past we had issues with different encodings.
.header(header::ContentTransferEncoding::Base64)
.header(header::ContentType("text/plain; charset=utf-8".parse()?))
.body(body_text);
.body(String::from(body_text));
// The boundary generated by Lettre it self is mostly too large based on the RFC822, so we generate one our selfs.
use uuid::Uuid;
let unique_id = Uuid::new_v4().to_simple();
let boundary = format!("_Part_{}_", unique_id);
let alternative = MultiPart::alternative().boundary(boundary).singlepart(text).singlepart(html);
let smtp_from = &CONFIG.smtp_from();
let email = Message::builder()
.message_id(Some(format!("<{}.{}>", unique_id, smtp_from)))
.message_id(Some(format!("<{}@{}>", crate::util::get_uuid(), smtp_from.split('@').collect::<Vec<&str>>()[1] )))
.to(Mailbox::new(None, Address::from_str(&address)?))
.from(Mailbox::new(
Some(CONFIG.smtp_from_name()),
Address::from_str(smtp_from)?,
))
.subject(subject)
.multipart(alternative)?;
.multipart(
MultiPart::alternative()
.singlepart(text)
.singlepart(html)
)?;
match mailer().send(&email) {
Ok(_) => Ok(()),

2
src/main.rs
View File

@ -6,7 +6,7 @@ extern crate openssl;
#[macro_use]
extern crate rocket;
#[macro_use]
extern crate serde_derive;
extern crate serde;
#[macro_use]
extern crate serde_json;
#[macro_use]