diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 90763d1b..47080daf 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -30,7 +30,10 @@ jobs: matrix: channel: - "rust-toolchain" # The version defined in rust-toolchain - - "1.60.0" # The supported MSRV + - "msrv" # The supported MSRV + include: + - channel: "msrv" + version: "1.60.0" name: Build and Test ${{ matrix.channel }} @@ -63,7 +66,7 @@ jobs: with: profile: minimal override: true - toolchain: ${{ matrix.channel }} + toolchain: ${{ matrix.version }} # End Install the MSRV channel to be used @@ -193,5 +196,5 @@ jobs: if: ${{ matrix.channel == 'rust-toolchain' }} with: name: vaultwarden - path: target/${{ matrix.target-triple }}/release/vaultwarden + path: target/release/vaultwarden # End Upload artifact to Github Actions diff --git a/.github/workflows/hadolint.yml b/.github/workflows/hadolint.yml index 5865bf63..738c3167 100644 --- a/.github/workflows/hadolint.yml +++ b/.github/workflows/hadolint.yml @@ -1,13 +1,9 @@ name: Hadolint -on: - push: - paths: - - "docker/**" - - pull_request: - paths: - - "docker/**" +on: [ + push, + pull_request + ] jobs: hadolint: diff --git a/Cargo.lock b/Cargo.lock index 8c9f1122..b6ea2ad0 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -63,15 +63,15 @@ dependencies = [ [[package]] name = "alloc-no-stdlib" -version = "2.0.3" +version = "2.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "35ef4730490ad1c4eae5c4325b2a95f521d023e5c885853ff7aca0a6a1631db3" +checksum = "cc7bb162ec39d46ab1ca8c77bf72e890535becd1751bb45f64c597edb4c8c6b3" [[package]] name = "alloc-stdlib" -version = "0.2.1" +version = "0.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "697ed7edc0f1711de49ce108c541623a0af97c6c60b2f6e2b65229847ac843c2" +checksum = "94fb8275041c72129eb51b7d0322c29b8387a0386127718b096429201a5d6ece" dependencies = [ "alloc-no-stdlib", ] @@ -207,9 +207,9 @@ checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" [[package]] name = "block-buffer" -version = "0.10.2" +version = "0.10.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0bf7fe51849ea569fd452f37822f606a5cabb684dc918707a0193fd4664ff324" +checksum = "69cce20737498f97b993470a6e536b8523f0af7892a4f928cceb1ac5e52ebe7e" dependencies = [ "generic-array", ] @@ -359,7 +359,7 @@ dependencies = [ "base64", "hkdf", "hmac", - "percent-encoding 2.1.0", + "percent-encoding 2.2.0", "rand", "sha2", "subtle", @@ -380,7 +380,23 @@ dependencies = [ "serde", "serde_json", "time 0.3.14", - "url 2.2.2", + "url 2.3.1", +] + +[[package]] +name = "cookie_store" +version = "0.17.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e8b224f141ecbc952e57b58dae7677899c722a1abdb8c60b68b62bf4d4435bd7" +dependencies = [ + "cookie", + "idna 0.2.3", + "log", + "publicsuffix", + "serde", + "serde_json", + "time 0.3.14", + "url 2.3.1", ] [[package]] @@ -523,12 +539,9 @@ checksum = "3ee2393c4a91429dffb4bedf19f4d6abf27d8a732c8ce4980305d782e5426d57" [[package]] name = "data-url" -version = "0.1.1" +version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3a30bfce702bcfa94e906ef82421f2c0e61c076ad76030c16ee5d2e9a32fe193" -dependencies = [ - "matches", -] +checksum = "8d7439c3735f405729d52c3fbbe4de140eaf938a1fe47d227c27f8254d4302a5" [[package]] name = "devise" @@ -603,9 +616,9 @@ dependencies = [ [[package]] name = "digest" -version = "0.10.3" +version = "0.10.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f2fb860ca6fafa5552fb6d0e816a69c8e49f0908bf524e30a90d97c85892d506" +checksum = "adfbc57365a37acbd2ebf2b64d7e69bb766e2fea813521ed536f5d0520dcf86c" dependencies = [ "block-buffer", "crypto-common", @@ -634,9 +647,9 @@ dependencies = [ [[package]] name = "dotenvy" -version = "0.15.1" +version = "0.15.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7e851a83c30366fd01d75b913588e95e74a1705c1ecc5d58b1f8e1a6d556525f" +checksum = "ed9155c8f4dc55c7470ae9da3f63c6785245093b3f6aeb0f5bf2e968efbba314" dependencies = [ "dirs", ] @@ -714,9 +727,9 @@ dependencies = [ [[package]] name = "figment" -version = "0.10.6" +version = "0.10.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "790b4292c72618abbab50f787a477014fe15634f96291de45672ce46afe122df" +checksum = "6e3bd154d9ae2f1bb0ada5b7eebd56529513efa5de7d2fc8c6adf33bc43260cf" dependencies = [ "atomic", "pear", @@ -759,12 +772,11 @@ checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b" [[package]] name = "form_urlencoded" -version = "1.0.1" +version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5fc25a87fa4fd2094bffb06925852034d90a17f0d1e05197d4956d3555752191" +checksum = "a9c384f161156f5260c24a097c56119f9be8c798586aecc13afbcbe7b7e26bf8" dependencies = [ - "matches", - "percent-encoding 2.1.0", + "percent-encoding 2.2.0", ] [[package]] @@ -920,10 +932,11 @@ checksum = "9b919933a397b79c37e33b77bb2aa3dc8eb6e165ad809e58ff75bc7db2e34574" [[package]] name = "governor" -version = "0.4.2" +version = "0.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "19775995ee20209163239355bc3ad2f33f83da35d9ef72dea26e5af753552c87" +checksum = "de1b4626e87b9eb1d603ed23067ba1e29ec1d0b35325a2b96c3fe1cf20871f56" dependencies = [ + "cfg-if", "dashmap", "futures", "futures-timer", @@ -962,9 +975,9 @@ checksum = "eabb4a44450da02c90444cf74558da904edde8fb4e9035a9a6a4e15445af0bd7" [[package]] name = "handlebars" -version = "4.3.3" +version = "4.3.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "360d9740069b2f6cbb63ce2dbaa71a20d3185350cbb990d7bebeb9318415eb17" +checksum = "56b224eaa4987c03c30b251de7ef0c15a6a59f34222905850dbc3026dfb24d5f" dependencies = [ "log", "pest", @@ -1107,14 +1120,13 @@ dependencies = [ [[package]] name = "iana-time-zone" -version = "0.1.47" +version = "0.1.50" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c495f162af0bf17656d0014a0eded5f3cd2f365fdd204548c2869db89359dc7" +checksum = "fd911b35d940d2bd0bea0f9100068e5b97b51a1cbe13d13382f132e0365257a0" dependencies = [ "android_system_properties", "core-foundation-sys", "js-sys", - "once_cell", "wasm-bindgen", "winapi", ] @@ -1147,6 +1159,16 @@ dependencies = [ "unicode-normalization", ] +[[package]] +name = "idna" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e14ddfc70884202db2244c223200c204c2bda1bc6e0998d11b5e024d657209e6" +dependencies = [ + "unicode-bidi", + "unicode-normalization", +] + [[package]] name = "indexmap" version = "1.9.1" @@ -1216,9 +1238,9 @@ dependencies = [ [[package]] name = "js-sys" -version = "0.3.59" +version = "0.3.60" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "258451ab10b34f8af53416d1fdab72c22e805f0c92a1136d59470ec0b11138b2" +checksum = "49409df3e3bf0856b916e2ceaca09ee28e6871cf7d9ce97a692cacfdb2a25a47" dependencies = [ "wasm-bindgen", ] @@ -1273,9 +1295,9 @@ dependencies = [ [[package]] name = "libc" -version = "0.2.132" +version = "0.2.133" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8371e4e5341c3a96db127eb2465ac681ced4c433e01dd0e938adbef26ba93ba5" +checksum = "c0f80d65747a3e43d1596c7c5492d95d5edddaabd45a7fcdb02b95f644164966" [[package]] name = "libmimalloc-sys" @@ -1305,9 +1327,9 @@ checksum = "0717cef1bc8b636c6e1c1bbdefc09e6322da8a9321966e8928ef80d20f7f770f" [[package]] name = "lock_api" -version = "0.4.8" +version = "0.4.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9f80bf5aacaf25cbfc8210d1cfb718f2bf3b11c4c54e5afe36c236853a8ec390" +checksum = "435011366fe56583b16cf956f9df0095b405b82d76425bc8981c0e22e60ec4df" dependencies = [ "autocfg", "scopeguard", @@ -1447,8 +1469,8 @@ dependencies = [ [[package]] name = "multer" -version = "2.0.3" -source = "git+https://github.com/BlackDex/multer-rs?rev=73e83fa5eb183646cc56606e5d902acb30a45b3d#73e83fa5eb183646cc56606e5d902acb30a45b3d" +version = "2.0.4" +source = "git+https://github.com/BlackDex/multer-rs?rev=477d16b7fa0f361b5c2a5ba18a5b28bec6d26a8a#477d16b7fa0f361b5c2a5ba18a5b28bec6d26a8a" dependencies = [ "bytes", "encoding_rs", @@ -1597,9 +1619,9 @@ dependencies = [ [[package]] name = "once_cell" -version = "1.14.0" +version = "1.15.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2f7254b99e31cad77da24b08ebf628882739a608578bb1bcdfc1f9c21260d7c0" +checksum = "e82dad04139b71a90c080c8463fe0dc7902db5192d939bd0950f074d014339e1" [[package]] name = "opaque-debug" @@ -1740,15 +1762,15 @@ checksum = "31010dd2e1ac33d5b46a5b413495239882813e0369f8ed8a5e266f173602f831" [[package]] name = "percent-encoding" -version = "2.1.0" +version = "2.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d4fd5641d01c8f18a23da7b6fe29298ff4b55afcccdf78973b24cf3175fee32e" +checksum = "478c572c3d73181ff3c2539045f6eb99e5491218eae919370993b890cdbdd98e" [[package]] name = "pest" -version = "2.3.0" +version = "2.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4b0560d531d1febc25a3c9398a62a71256c0178f2e3443baedd9ad4bb8c9deb4" +checksum = "cb779fcf4bb850fbbb0edc96ff6cf34fd90c4b1a112ce042653280d9a7364048" dependencies = [ "thiserror", "ucd-trie", @@ -1756,9 +1778,9 @@ dependencies = [ [[package]] name = "pest_derive" -version = "2.3.0" +version = "2.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "905708f7f674518498c1f8d644481440f476d39ca6ecae83319bba7c6c12da91" +checksum = "502b62a6d0245378b04ffe0a7fb4f4419a4815fce813bd8a0ec89a56e07d67b1" dependencies = [ "pest", "pest_generator", @@ -1766,9 +1788,9 @@ dependencies = [ [[package]] name = "pest_generator" -version = "2.3.0" +version = "2.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5803d8284a629cc999094ecd630f55e91b561a1d1ba75e233b00ae13b91a69ad" +checksum = "451e629bf49b750254da26132f1a5a9d11fd8a95a3df51d15c4abd1ba154cb6c" dependencies = [ "pest", "pest_meta", @@ -1779,13 +1801,13 @@ dependencies = [ [[package]] name = "pest_meta" -version = "2.3.0" +version = "2.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1538eb784f07615c6d9a8ab061089c6c54a344c5b4301db51990ca1c241e8c04" +checksum = "bcec162c71c45e269dfc3fc2916eaeb97feab22993a21bcce4721d08cd7801a6" dependencies = [ "once_cell", "pest", - "sha-1", + "sha1", ] [[package]] @@ -1886,9 +1908,9 @@ checksum = "dbf0c48bc1d91375ae5c3cd81e3722dff1abcf81a30960240640d223f59fe0e5" [[package]] name = "proc-macro2" -version = "1.0.43" +version = "1.0.44" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0a2ca2c61bc9f3d74d2886294ab7b9853abd9c1ad903a3ac7815c58989bb7bab" +checksum = "7bd7356a8122b6c4a24a82b278680c73357984ca2fc79a0f9fa6dea7dced7c58" dependencies = [ "unicode-ident", ] @@ -1993,18 +2015,18 @@ dependencies = [ [[package]] name = "rand_core" -version = "0.6.3" +version = "0.6.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d34f1408f55294453790c48b2f1ebbb1c5b4b7563eb1f418bcfcfdbb06ebb4e7" +checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" dependencies = [ "getrandom", ] [[package]] name = "raw-cpuid" -version = "10.5.0" +version = "10.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6aa2540135b6a94f74c7bc90ad4b794f822026a894f3d7bcd185c100d13d4ad6" +checksum = "a6823ea29436221176fe662da99998ad3b4db2c7f31e7b6f5fe43adccd6320bb" dependencies = [ "bitflags", ] @@ -2086,15 +2108,15 @@ dependencies = [ [[package]] name = "reqwest" -version = "0.11.11" +version = "0.11.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b75aa69a3f06bbcc66ede33af2af253c6f7a86b1ca0033f60c580a27074fbf92" +checksum = "431949c384f4e2ae07605ccaa56d1d9d2ecdb5cadd4f9577ccfab29f2e5149fc" dependencies = [ "async-compression", "base64", "bytes", "cookie", - "cookie_store", + "cookie_store 0.16.1", "encoding_rs", "futures-core", "futures-util", @@ -2105,11 +2127,11 @@ dependencies = [ "hyper-tls", "ipnet", "js-sys", - "lazy_static", "log", "mime", "native-tls", - "percent-encoding 2.1.0", + "once_cell", + "percent-encoding 2.2.0", "pin-project-lite", "proc-macro-hack", "serde", @@ -2121,7 +2143,7 @@ dependencies = [ "tokio-util", "tower-service", "trust-dns-resolver", - "url 2.2.2", + "url 2.3.1", "wasm-bindgen", "wasm-bindgen-futures", "web-sys", @@ -2244,7 +2266,7 @@ dependencies = [ "log", "memchr", "pear", - "percent-encoding 2.1.0", + "percent-encoding 2.2.0", "pin-project-lite", "ref-cast", "rustls", @@ -2373,9 +2395,9 @@ dependencies = [ [[package]] name = "serde" -version = "1.0.144" +version = "1.0.145" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0f747710de3dcd43b88c9168773254e809d8ddbdf9653b84e2554ab219f17860" +checksum = "728eb6351430bccb993660dfffc5a72f91ccc1295abaa8ce19b27ebe4f75568b" dependencies = [ "serde_derive", ] @@ -2392,9 +2414,9 @@ dependencies = [ [[package]] name = "serde_derive" -version = "1.0.144" +version = "1.0.145" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "94ed3a816fb1d101812f83e789f888322c34e291f894f19590dc310963e87a00" +checksum = "81fa1584d3d1bcacd84c277a0dfe21f5b0f6accf4a23d04d4c6d61f1af522b4c" dependencies = [ "proc-macro2", "quote", @@ -2437,9 +2459,9 @@ dependencies = [ [[package]] name = "sha1" -version = "0.10.4" +version = "0.10.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "006769ba83e921b3085caa8334186b00cf92b4cb1a6cf4632fbccc8eff5c7549" +checksum = "f04293dc80c3993519f2d7f6f511707ee7094fe0c6d3406feb330cdb3540eba3" dependencies = [ "cfg-if", "cpufeatures", @@ -2448,9 +2470,9 @@ dependencies = [ [[package]] name = "sha2" -version = "0.10.5" +version = "0.10.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cf9db03534dff993187064c4e0c05a5708d2a9728ace9a8959b77bedf415dac5" +checksum = "82e6b795fe2e3b1e845bafcb27aa35405c4d47cdfc92af5fc8d3002f76cebdc0" dependencies = [ "cfg-if", "cpufeatures", @@ -2562,9 +2584,9 @@ checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601" [[package]] name = "syn" -version = "1.0.99" +version = "1.0.100" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "58dbef6ec655055e20b86b15a8cc6d439cca19b667537ac6a1369572d151ab13" +checksum = "52205623b1b0f064a4e71182c3b18ae902267282930c6d5462c91b859668426e" dependencies = [ "proc-macro2", "quote", @@ -2600,18 +2622,18 @@ dependencies = [ [[package]] name = "thiserror" -version = "1.0.34" +version = "1.0.36" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8c1b05ca9d106ba7d2e31a9dab4a64e7be2cce415321966ea3132c49a656e252" +checksum = "0a99cb8c4b9a8ef0e7907cd3b617cc8dc04d571c4e73c8ae403d80ac160bb122" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.34" +version = "1.0.36" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e8f2591983642de85c921015f3f070c665a197ed69e417af436115e3a1407487" +checksum = "3a891860d3c8d66fec8e73ddb3765f90082374dbaaa833407b904a94f1a7eb43" dependencies = [ "proc-macro2", "quote", @@ -2681,9 +2703,9 @@ checksum = "cda74da7e1a664f795bb1f8a87ec406fb89a02522cf6e50620d016add6dbbf5c" [[package]] name = "tokio" -version = "1.21.0" +version = "1.21.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "89797afd69d206ccd11fb0ea560a44bbb87731d020670e79416d442919257d42" +checksum = "0020c875007ad96677dcc890298f4b942882c5d4eb7cc8f439fc3bf813dc9c95" dependencies = [ "autocfg", "bytes", @@ -2746,9 +2768,9 @@ dependencies = [ [[package]] name = "tokio-stream" -version = "0.1.9" +version = "0.1.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "df54d54117d6fdc4e4fea40fe1e4e566b3505700e148a6827e59b34b0d2600d9" +checksum = "f6edf2d6bc038a43d31353570e27270603f4648d18f5ed10c0e179abe43255af" dependencies = [ "futures-core", "pin-project-lite", @@ -2769,9 +2791,9 @@ dependencies = [ [[package]] name = "tokio-util" -version = "0.7.3" +version = "0.7.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cc463cd8deddc3770d20f9852143d50bf6094e640b485cb2e189a2099085ff45" +checksum = "0bb2e075f03b3d66d8d8785356224ba688d2906a371015e225beeb65ca92c740" dependencies = [ "bytes", "futures-core", @@ -2893,7 +2915,7 @@ dependencies = [ "thiserror", "tinyvec", "tokio", - "url 2.2.2", + "url 2.3.1", ] [[package]] @@ -2937,7 +2959,7 @@ dependencies = [ "rand", "sha-1", "thiserror", - "url 2.2.2", + "url 2.3.1", "utf-8", ] @@ -2980,24 +3002,24 @@ checksum = "099b7128301d285f79ddd55b9a83d5e6b9e97c92e0ea0daebee7263e932de992" [[package]] name = "unicode-ident" -version = "1.0.3" +version = "1.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c4f5b37a154999a8f3f98cc23a628d850e154479cd94decf3414696e12e31aaf" +checksum = "dcc811dc4066ac62f84f11307873c4850cb653bfa9b1719cee2bd2204a4bc5dd" [[package]] name = "unicode-normalization" -version = "0.1.21" +version = "0.1.22" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "854cbdc4f7bc6ae19c820d44abdc3277ac3e1b2b93db20a636825d9322fb60e6" +checksum = "5c5713f0fc4b5db668a2ac63cdb7bb4469d8c9fed047b1d0292cc7b0ce2ba921" dependencies = [ "tinyvec", ] [[package]] name = "unicode-xid" -version = "0.2.3" +version = "0.2.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "957e51f3646910546462e67d5f7599b9e4fb8acdd304b087a6494730f9eebf04" +checksum = "f962df74c8c05a667b5ee8bcf162993134c104e96440b663c8daa176dc772d8c" [[package]] name = "universal-hash" @@ -3028,14 +3050,13 @@ dependencies = [ [[package]] name = "url" -version = "2.2.2" +version = "2.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a507c383b2d33b5fc35d1861e77e6b383d158b2da5e14fe51b83dfedf6fd578c" +checksum = "0d68c799ae75762b8c3fe375feb6600ef5602c883c5d21eb51c09f22b83c4643" dependencies = [ "form_urlencoded", - "idna 0.2.3", - "matches", - "percent-encoding 2.1.0", + "idna 0.3.0", + "percent-encoding 2.2.0", "serde", ] @@ -3070,7 +3091,7 @@ dependencies = [ "chrono", "chrono-tz", "cookie", - "cookie_store", + "cookie_store 0.17.0", "ctrlc", "dashmap", "data-encoding", @@ -3094,7 +3115,7 @@ dependencies = [ "once_cell", "openssl", "paste", - "percent-encoding 2.1.0", + "percent-encoding 2.2.0", "pico-args", "rand", "regex", @@ -3110,7 +3131,7 @@ dependencies = [ "tokio-tungstenite", "totp-lite", "tracing", - "url 2.2.2", + "url 2.3.1", "uuid", "webauthn-rs", "yubico", @@ -3163,9 +3184,9 @@ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" [[package]] name = "wasm-bindgen" -version = "0.2.82" +version = "0.2.83" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fc7652e3f6c4706c8d9cd54832c4a4ccb9b5336e2c3bd154d5cccfbf1c1f5f7d" +checksum = "eaf9f5aceeec8be17c128b2e93e031fb8a4d469bb9c4ae2d7dc1888b26887268" dependencies = [ "cfg-if", "wasm-bindgen-macro", @@ -3173,9 +3194,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-backend" -version = "0.2.82" +version = "0.2.83" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "662cd44805586bd52971b9586b1df85cdbbd9112e4ef4d8f41559c334dc6ac3f" +checksum = "4c8ffb332579b0557b52d268b91feab8df3615f265d5270fec2a8c95b17c1142" dependencies = [ "bumpalo", "log", @@ -3188,9 +3209,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-futures" -version = "0.4.32" +version = "0.4.33" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fa76fb221a1f8acddf5b54ace85912606980ad661ac7a503b4570ffd3a624dad" +checksum = "23639446165ca5a5de86ae1d8896b737ae80319560fbaa4c2887b7da6e7ebd7d" dependencies = [ "cfg-if", "js-sys", @@ -3200,9 +3221,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro" -version = "0.2.82" +version = "0.2.83" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b260f13d3012071dfb1512849c033b1925038373aea48ced3012c09df952c602" +checksum = "052be0f94026e6cbc75cdefc9bae13fd6052cdcaf532fa6c45e7ae33a1e6c810" dependencies = [ "quote", "wasm-bindgen-macro-support", @@ -3210,9 +3231,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro-support" -version = "0.2.82" +version = "0.2.83" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5be8e654bdd9b79216c2929ab90721aa82faf65c48cdf08bdc4e7f51357b80da" +checksum = "07bc0c051dc5f23e307b13285f9d75df86bfdf816c5721e573dec1f9b8aa193c" dependencies = [ "proc-macro2", "quote", @@ -3223,15 +3244,15 @@ dependencies = [ [[package]] name = "wasm-bindgen-shared" -version = "0.2.82" +version = "0.2.83" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6598dd0bd3c7d51095ff6531a5b23e02acdc81804e30d8f07afb77b7215a140a" +checksum = "1c38c045535d93ec4f0b4defec448e4291638ee608530863b1e2ba115d4fff7f" [[package]] name = "web-sys" -version = "0.3.59" +version = "0.3.60" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ed055ab27f941423197eb86b2035720b1a3ce40504df082cac2ecc6ed73335a1" +checksum = "bcda906d8be16e728fd5adc5b729afad4e444e106ab28cd1c7256e54fa61510f" dependencies = [ "js-sys", "wasm-bindgen", @@ -3253,7 +3274,7 @@ dependencies = [ "serde_json", "thiserror", "tracing", - "url 2.2.2", + "url 2.3.1", ] [[package]] diff --git a/Cargo.toml b/Cargo.toml index 32838c72..583fe710 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -42,10 +42,10 @@ tracing = { version = "0.1.36", features = ["log"] } # Needed to have lettre and backtrace = "0.3.66" # Logging panics to logfile instead stderr only # A `dotenv` implementation for Rust -dotenvy = { version = "=0.15.1", default-features = false } +dotenvy = { version = "0.15.5", default-features = false } # Lazy initialization -once_cell = "1.14.0" +once_cell = "1.15.0" # Numerical libraries num-traits = "0.2.15" @@ -61,10 +61,10 @@ dashmap = "5.4.0" # Async futures futures = "0.3.24" -tokio = { version = "1.21.0", features = ["rt-multi-thread", "fs", "io-util", "parking_lot", "time"] } +tokio = { version = "1.21.1", features = ["rt-multi-thread", "fs", "io-util", "parking_lot", "time"] } # A generic serialization/deserialization framework -serde = { version = "1.0.144", features = ["derive"] } +serde = { version = "1.0.145", features = ["derive"] } serde_json = "1.0.85" # A safe, extensible ORM and Query builder @@ -105,28 +105,28 @@ yubico = { version = "0.11.0", features = ["online-tokio"], default-features = f webauthn-rs = "0.3.2" # Handling of URL's for WebAuthn -url = "2.2.2" +url = "2.3.1" # Email librariese-Base, Update crates and small change. lettre = { version = "0.10.1", features = ["smtp-transport", "builder", "serde", "tokio1-native-tls", "hostname", "tracing", "tokio1"], default-features = false } -percent-encoding = "2.1.0" # URL encoding library used for URL's in the emails +percent-encoding = "2.2.0" # URL encoding library used for URL's in the emails # Template library -handlebars = { version = "4.3.3", features = ["dir_source"] } +handlebars = { version = "4.3.4", features = ["dir_source"] } # HTTP client -reqwest = { version = "0.11.11", features = ["stream", "json", "gzip", "brotli", "socks", "cookies", "trust-dns"] } +reqwest = { version = "0.11.12", features = ["stream", "json", "gzip", "brotli", "socks", "cookies", "trust-dns"] } # For favicon extraction from main website html5gum = "0.5.2" regex = { version = "1.6.0", features = ["std", "perf", "unicode-perl"], default-features = false } -data-url = "0.1.1" +data-url = "0.2.0" bytes = "1.2.1" cached = "0.39.0" # Used for custom short lived cookie jar during favicon extraction cookie = "0.16.0" -cookie_store = "0.16.1" +cookie_store = "0.17.0" # Used by U2F, JWT and Postgres openssl = "0.10.41" @@ -136,7 +136,7 @@ pico-args = "0.5.0" # Macro ident concatenation paste = "1.0.9" -governor = "0.4.2" +governor = "0.5.0" # Capture CTRL+C ctrlc = { version = "3.2.3", features = ["termination"] } @@ -148,8 +148,8 @@ mimalloc = { version = "0.1.29", features = ["secure"], default-features = false [patch.crates-io] # Using a patched version of multer-rs (Used by Rocket) to fix attachment/send file uploads # Issue: https://github.com/dani-garcia/vaultwarden/issues/2644 -# Patch: https://github.com/BlackDex/multer-rs/commit/73e83fa5eb183646cc56606e5d902acb30a45b3d -multer = { git = "https://github.com/BlackDex/multer-rs", rev = "73e83fa5eb183646cc56606e5d902acb30a45b3d" } +# Patch: https://github.com/BlackDex/multer-rs/commit/477d16b7fa0f361b5c2a5ba18a5b28bec6d26a8a +multer = { git = "https://github.com/BlackDex/multer-rs", rev = "477d16b7fa0f361b5c2a5ba18a5b28bec6d26a8a" } # Strip debuginfo from the release builds # Also enable thin LTO for some optimizations diff --git a/docker/Dockerfile.j2 b/docker/Dockerfile.j2 index d9bc1338..cc0cdf17 100644 --- a/docker/Dockerfile.j2 +++ b/docker/Dockerfile.j2 @@ -3,22 +3,22 @@ # This file was generated using a Jinja2 template. # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfiles. -{% set build_stage_base_image = "rust:1.61-bullseye" %} +{% set build_stage_base_image = "rust:1.64-bullseye" %} {% if "alpine" in target_file %} {% if "amd64" in target_file %} -{% set build_stage_base_image = "blackdex/rust-musl:x86_64-musl-stable-1.61.0" %} +{% set build_stage_base_image = "blackdex/rust-musl:x86_64-musl-stable-1.64.0" %} {% set runtime_stage_base_image = "alpine:3.16" %} {% set package_arch_target = "x86_64-unknown-linux-musl" %} {% elif "armv7" in target_file %} -{% set build_stage_base_image = "blackdex/rust-musl:armv7-musleabihf-stable-1.61.0" %} +{% set build_stage_base_image = "blackdex/rust-musl:armv7-musleabihf-stable-1.64.0" %} {% set runtime_stage_base_image = "balenalib/armv7hf-alpine:3.16" %} {% set package_arch_target = "armv7-unknown-linux-musleabihf" %} {% elif "armv6" in target_file %} -{% set build_stage_base_image = "blackdex/rust-musl:arm-musleabi-stable-1.61.0" %} +{% set build_stage_base_image = "blackdex/rust-musl:arm-musleabi-stable-1.64.0" %} {% set runtime_stage_base_image = "balenalib/rpi-alpine:3.16" %} {% set package_arch_target = "arm-unknown-linux-musleabi" %} {% elif "arm64" in target_file %} -{% set build_stage_base_image = "blackdex/rust-musl:aarch64-musl-stable-1.61.0" %} +{% set build_stage_base_image = "blackdex/rust-musl:aarch64-musl-stable-1.64.0" %} {% set runtime_stage_base_image = "balenalib/aarch64-alpine:3.16" %} {% set package_arch_target = "aarch64-unknown-linux-musl" %} {% endif %} diff --git a/docker/amd64/Dockerfile b/docker/amd64/Dockerfile index bc0f8248..af15fc9e 100644 --- a/docker/amd64/Dockerfile +++ b/docker/amd64/Dockerfile @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM rust:1.61-bullseye as build +FROM rust:1.64-bullseye as build diff --git a/docker/amd64/Dockerfile.alpine b/docker/amd64/Dockerfile.alpine index 0c488a02..18f7f75b 100644 --- a/docker/amd64/Dockerfile.alpine +++ b/docker/amd64/Dockerfile.alpine @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:x86_64-musl-stable-1.61.0 as build +FROM blackdex/rust-musl:x86_64-musl-stable-1.64.0 as build diff --git a/docker/amd64/Dockerfile.buildx b/docker/amd64/Dockerfile.buildx index 872a90d9..0797ec39 100644 --- a/docker/amd64/Dockerfile.buildx +++ b/docker/amd64/Dockerfile.buildx @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM rust:1.61-bullseye as build +FROM rust:1.64-bullseye as build diff --git a/docker/amd64/Dockerfile.buildx.alpine b/docker/amd64/Dockerfile.buildx.alpine index 2892705a..db0c1e04 100644 --- a/docker/amd64/Dockerfile.buildx.alpine +++ b/docker/amd64/Dockerfile.buildx.alpine @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:x86_64-musl-stable-1.61.0 as build +FROM blackdex/rust-musl:x86_64-musl-stable-1.64.0 as build diff --git a/docker/arm64/Dockerfile b/docker/arm64/Dockerfile index e0d414a5..feaa27d6 100644 --- a/docker/arm64/Dockerfile +++ b/docker/arm64/Dockerfile @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM rust:1.61-bullseye as build +FROM rust:1.64-bullseye as build diff --git a/docker/arm64/Dockerfile.alpine b/docker/arm64/Dockerfile.alpine index 11d5e80b..b7750fee 100644 --- a/docker/arm64/Dockerfile.alpine +++ b/docker/arm64/Dockerfile.alpine @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:aarch64-musl-stable-1.61.0 as build +FROM blackdex/rust-musl:aarch64-musl-stable-1.64.0 as build diff --git a/docker/arm64/Dockerfile.buildx b/docker/arm64/Dockerfile.buildx index e8c107c3..026545e2 100644 --- a/docker/arm64/Dockerfile.buildx +++ b/docker/arm64/Dockerfile.buildx @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM rust:1.61-bullseye as build +FROM rust:1.64-bullseye as build diff --git a/docker/arm64/Dockerfile.buildx.alpine b/docker/arm64/Dockerfile.buildx.alpine index 54bb60a5..94ffb249 100644 --- a/docker/arm64/Dockerfile.buildx.alpine +++ b/docker/arm64/Dockerfile.buildx.alpine @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:aarch64-musl-stable-1.61.0 as build +FROM blackdex/rust-musl:aarch64-musl-stable-1.64.0 as build diff --git a/docker/armv6/Dockerfile b/docker/armv6/Dockerfile index e04cb1f2..96210168 100644 --- a/docker/armv6/Dockerfile +++ b/docker/armv6/Dockerfile @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM rust:1.61-bullseye as build +FROM rust:1.64-bullseye as build diff --git a/docker/armv6/Dockerfile.alpine b/docker/armv6/Dockerfile.alpine index 6b2fb48b..21b66728 100644 --- a/docker/armv6/Dockerfile.alpine +++ b/docker/armv6/Dockerfile.alpine @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:arm-musleabi-stable-1.61.0 as build +FROM blackdex/rust-musl:arm-musleabi-stable-1.64.0 as build diff --git a/docker/armv6/Dockerfile.buildx b/docker/armv6/Dockerfile.buildx index ae6a2471..9797342a 100644 --- a/docker/armv6/Dockerfile.buildx +++ b/docker/armv6/Dockerfile.buildx @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM rust:1.61-bullseye as build +FROM rust:1.64-bullseye as build diff --git a/docker/armv6/Dockerfile.buildx.alpine b/docker/armv6/Dockerfile.buildx.alpine index 826abd61..82d52a7d 100644 --- a/docker/armv6/Dockerfile.buildx.alpine +++ b/docker/armv6/Dockerfile.buildx.alpine @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:arm-musleabi-stable-1.61.0 as build +FROM blackdex/rust-musl:arm-musleabi-stable-1.64.0 as build diff --git a/docker/armv7/Dockerfile b/docker/armv7/Dockerfile index 26c2cd01..07c3e594 100644 --- a/docker/armv7/Dockerfile +++ b/docker/armv7/Dockerfile @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM rust:1.61-bullseye as build +FROM rust:1.64-bullseye as build diff --git a/docker/armv7/Dockerfile.alpine b/docker/armv7/Dockerfile.alpine index 8e293970..a51fa9b0 100644 --- a/docker/armv7/Dockerfile.alpine +++ b/docker/armv7/Dockerfile.alpine @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:armv7-musleabihf-stable-1.61.0 as build +FROM blackdex/rust-musl:armv7-musleabihf-stable-1.64.0 as build diff --git a/docker/armv7/Dockerfile.buildx b/docker/armv7/Dockerfile.buildx index 711b8d2a..34e26006 100644 --- a/docker/armv7/Dockerfile.buildx +++ b/docker/armv7/Dockerfile.buildx @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM rust:1.61-bullseye as build +FROM rust:1.64-bullseye as build diff --git a/docker/armv7/Dockerfile.buildx.alpine b/docker/armv7/Dockerfile.buildx.alpine index c1eaad2a..ffe20bf1 100644 --- a/docker/armv7/Dockerfile.buildx.alpine +++ b/docker/armv7/Dockerfile.buildx.alpine @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:armv7-musleabihf-stable-1.61.0 as build +FROM blackdex/rust-musl:armv7-musleabihf-stable-1.64.0 as build diff --git a/rust-toolchain b/rust-toolchain index 91951fd8..94057304 100644 --- a/rust-toolchain +++ b/rust-toolchain @@ -1 +1 @@ -1.61.0 +1.64.0 diff --git a/src/api/core/ciphers.rs b/src/api/core/ciphers.rs index 6bb8ac70..051d9476 100644 --- a/src/api/core/ciphers.rs +++ b/src/api/core/ciphers.rs @@ -947,10 +947,12 @@ async fn save_attachment( let mut data = data.into_inner(); - // There seems to be a bug somewhere regarding uploading attachments using the Android Client (Maybe iOS too?) - // See: https://github.com/dani-garcia/vaultwarden/issues/2644 - // Since all other clients seem to match TempFile::File and not TempFile::Buffered lets catch this and return an error for now. - // We need to figure out how to solve this, but for now it's better to not accept these attachments since they will be broken. + // There is a bug regarding uploading attachments/sends using the Mobile clients + // See: https://github.com/dani-garcia/vaultwarden/issues/2644 && https://github.com/bitwarden/mobile/issues/2018 + // This has been fixed via a PR: https://github.com/bitwarden/mobile/pull/2031, but hasn't landed in a new release yet. + // On the vaultwarden side this is temporarily fixed by using a custom multer library + // See: https://github.com/dani-garcia/vaultwarden/pull/2675 + // In any case we will match TempFile::File and not TempFile::Buffered, since Buffered will alter the contents. if let TempFile::Buffered { content: _, } = &data.data diff --git a/src/api/core/mod.rs b/src/api/core/mod.rs index f296a3c9..3f5da0eb 100644 --- a/src/api/core/mod.rs +++ b/src/api/core/mod.rs @@ -38,6 +38,7 @@ pub fn routes() -> Vec { // Move this somewhere else // use rocket::serde::json::Json; +use rocket::Catcher; use rocket::Route; use serde_json::Value; @@ -215,9 +216,23 @@ fn config() -> Json { "vault": domain, "api": format!("{domain}/api"), "identity": format!("{domain}/identity"), - "admin": format!("{domain}/admin"), "notifications": format!("{domain}/notifications"), "sso": "", }, })) } + +pub fn catchers() -> Vec { + catchers![api_not_found] +} + +#[catch(404)] +fn api_not_found() -> Json { + Json(json!({ + "error": { + "code": 404, + "reason": "Not Found", + "description": "The requested resource could not be found." + } + })) +} diff --git a/src/api/core/organizations.rs b/src/api/core/organizations.rs index e91ddf7a..cf8b8797 100644 --- a/src/api/core/organizations.rs +++ b/src/api/core/organizations.rs @@ -11,7 +11,9 @@ use crate::{ }, auth::{decode_invite, AdminHeaders, Headers, ManagerHeaders, ManagerHeadersLoose, OwnerHeaders}, db::{models::*, DbConn}, - mail, CONFIG, + mail, + util::convert_json_key_lcase_first, + CONFIG, }; use futures::{stream, stream::StreamExt}; @@ -84,7 +86,8 @@ pub fn routes() -> Vec { post_user_groups, put_user_groups, delete_group_user, - post_delete_group_user + post_delete_group_user, + get_org_export ] } @@ -271,15 +274,19 @@ async fn get_user_collections(headers: Headers, conn: DbConn) -> Json { #[get("/organizations//collections")] async fn get_org_collections(org_id: String, _headers: ManagerHeadersLoose, conn: DbConn) -> Json { - Json(json!({ + Json(_get_org_collections(&org_id, &conn).await) +} + +async fn _get_org_collections(org_id: &str, conn: &DbConn) -> Value { + json!({ "Data": - Collection::find_by_organization(&org_id, &conn).await + Collection::find_by_organization(org_id, conn).await .iter() .map(Collection::to_json) .collect::(), "Object": "list", "ContinuationToken": null, - })) + }) } #[post("/organizations//collections", data = "")] @@ -540,22 +547,26 @@ struct OrgIdData { #[get("/ciphers/organization-details?")] async fn get_org_details(data: OrgIdData, headers: Headers, conn: DbConn) -> Json { - let ciphers = Cipher::find_by_org(&data.organization_id, &conn).await; - let cipher_sync_data = CipherSyncData::new(&headers.user.uuid, &ciphers, CipherSyncType::Organization, &conn).await; + Json(_get_org_details(&data.organization_id, &headers.host, &headers.user.uuid, &conn).await) +} + +async fn _get_org_details(org_id: &str, host: &str, user_uuid: &str, conn: &DbConn) -> Value { + let ciphers = Cipher::find_by_org(org_id, conn).await; + let cipher_sync_data = CipherSyncData::new(user_uuid, &ciphers, CipherSyncType::Organization, conn).await; let ciphers_json = stream::iter(ciphers) .then(|c| async { let c = c; // Move out this single variable - c.to_json(&headers.host, &headers.user.uuid, Some(&cipher_sync_data), &conn).await + c.to_json(host, user_uuid, Some(&cipher_sync_data), conn).await }) .collect::>() .await; - Json(json!({ + json!({ "Data": ciphers_json, "Object": "list", "ContinuationToken": null, - })) + }) } #[get("/organizations//users")] @@ -2057,3 +2068,19 @@ async fn delete_group_user( GroupUser::delete_by_group_id_and_user_id(&group_id, &user_id, &conn).await } + +// This is a new function active since the v2022.9.x clients. +// It combines the previous two calls done before. +// We call those two functions here and combine them our selfs. +// +// NOTE: It seems clients can't handle uppercase-first keys!! +// We need to convert all keys so they have the first character to be a lowercase. +// Else the export will be just an empty JSON file. +#[get("/organizations//export")] +async fn get_org_export(org_id: String, headers: AdminHeaders, conn: DbConn) -> Json { + // Also both main keys here need to be lowercase, else the export will fail. + Json(json!({ + "collections": convert_json_key_lcase_first(_get_org_collections(&org_id, &conn).await), + "ciphers": convert_json_key_lcase_first(_get_org_details(&org_id, &headers.host, &headers.user.uuid, &conn).await), + })) +} diff --git a/src/api/core/sends.rs b/src/api/core/sends.rs index 3d150b31..e9d374f3 100644 --- a/src/api/core/sends.rs +++ b/src/api/core/sends.rs @@ -17,6 +17,9 @@ use crate::{ const SEND_INACCESSIBLE_MSG: &str = "Send does not exist or is no longer available"; +// The max file size allowed by Bitwarden clients and add an extra 5% to avoid issues +const SIZE_525_MB: u64 = 550_502_400; + pub fn routes() -> Vec { routes![ get_sends, @@ -28,7 +31,9 @@ pub fn routes() -> Vec { put_send, delete_send, put_remove_password, - download_send + download_send, + post_send_file_v2, + post_send_file_v2_data ] } @@ -58,6 +63,7 @@ struct SendData { Notes: Option, Text: Option, File: Option, + FileLength: Option, } /// Enforces the `Disable Send` policy. A non-owner/admin user belonging to @@ -185,6 +191,14 @@ struct UploadData<'f> { data: TempFile<'f>, } +#[derive(FromForm)] +struct UploadDataV2<'f> { + data: TempFile<'f>, +} + +// @deprecated Mar 25 2021: This method has been deprecated in favor of direct uploads (v2). +// This method still exists to support older clients, probably need to remove it sometime. +// Upstream: https://github.com/bitwarden/server/blob/d0c793c95181dfb1b447eb450f85ba0bfd7ef643/src/Api/Controllers/SendsController.cs#L164-L167 #[post("/sends/file", format = "multipart/form-data", data = "")] async fn post_send_file(data: Form>, headers: Headers, conn: DbConn, nt: Notify<'_>) -> JsonResult { enforce_disable_send_policy(&headers, &conn).await?; @@ -197,9 +211,6 @@ async fn post_send_file(data: Form>, headers: Headers, conn: DbCo enforce_disable_hide_email_policy(&model, &headers, &conn).await?; - // Get the file length and add an extra 5% to avoid issues - const SIZE_525_MB: u64 = 550_502_400; - let size_limit = match CONFIG.user_attachment_limit() { Some(0) => err!("File uploads are disabled"), Some(limit_kb) => { @@ -217,10 +228,12 @@ async fn post_send_file(data: Form>, headers: Headers, conn: DbCo err!("Send content is not a file"); } - // There seems to be a bug somewhere regarding uploading attachments using the Android Client (Maybe iOS too?) - // See: https://github.com/dani-garcia/vaultwarden/issues/2644 - // Since all other clients seem to match TempFile::File and not TempFile::Buffered lets catch this and return an error for now. - // We need to figure out how to solve this, but for now it's better to not accept these attachments since they will be broken. + // There is a bug regarding uploading attachments/sends using the Mobile clients + // See: https://github.com/dani-garcia/vaultwarden/issues/2644 && https://github.com/bitwarden/mobile/issues/2018 + // This has been fixed via a PR: https://github.com/bitwarden/mobile/pull/2031, but hasn't landed in a new release yet. + // On the vaultwarden side this is temporarily fixed by using a custom multer library + // See: https://github.com/dani-garcia/vaultwarden/pull/2675 + // In any case we will match TempFile::File and not TempFile::Buffered, since Buffered will alter the contents. if let TempFile::Buffered { content: _, } = &data @@ -252,11 +265,110 @@ async fn post_send_file(data: Form>, headers: Headers, conn: DbCo // Save the changes in the database send.save(&conn).await?; - nt.send_send_update(UpdateType::SyncSendUpdate, &send, &send.update_users_revision(&conn).await).await; + nt.send_send_update(UpdateType::SyncSendCreate, &send, &send.update_users_revision(&conn).await).await; Ok(Json(send.to_json())) } +// Upstream: https://github.com/bitwarden/server/blob/d0c793c95181dfb1b447eb450f85ba0bfd7ef643/src/Api/Controllers/SendsController.cs#L190 +#[post("/sends/file/v2", data = "")] +async fn post_send_file_v2(data: JsonUpcase, headers: Headers, conn: DbConn) -> JsonResult { + enforce_disable_send_policy(&headers, &conn).await?; + + let data = data.into_inner().data; + + if data.Type != SendType::File as i32 { + err!("Send content is not a file"); + } + + enforce_disable_hide_email_policy(&data, &headers, &conn).await?; + + let file_length = match &data.FileLength { + Some(m) => Some(m.into_i32()?), + _ => None, + }; + + let size_limit = match CONFIG.user_attachment_limit() { + Some(0) => err!("File uploads are disabled"), + Some(limit_kb) => { + let left = (limit_kb * 1024) - Attachment::size_by_user(&headers.user.uuid, &conn).await; + if left <= 0 { + err!("Attachment storage limit reached! Delete some attachments to free up space") + } + std::cmp::Ord::max(left as u64, SIZE_525_MB) + } + None => SIZE_525_MB, + }; + + if file_length.is_some() && file_length.unwrap() as u64 > size_limit { + err!("Attachment storage limit exceeded with this file"); + } + + let mut send = create_send(data, headers.user.uuid)?; + + let file_id = crate::crypto::generate_send_id(); + + let mut data_value: Value = serde_json::from_str(&send.data)?; + if let Some(o) = data_value.as_object_mut() { + o.insert(String::from("Id"), Value::String(file_id.clone())); + o.insert(String::from("Size"), Value::Number(file_length.unwrap().into())); + o.insert(String::from("SizeName"), Value::String(crate::util::get_display_size(file_length.unwrap()))); + } + send.data = serde_json::to_string(&data_value)?; + send.save(&conn).await?; + + Ok(Json(json!({ + "fileUploadType": 0, // 0 == Direct | 1 == Azure + "object": "send-fileUpload", + "url": format!("/sends/{}/file/{}", send.uuid, file_id), + "sendResponse": send.to_json() + }))) +} + +// https://github.com/bitwarden/server/blob/d0c793c95181dfb1b447eb450f85ba0bfd7ef643/src/Api/Controllers/SendsController.cs#L243 +#[post("/sends//file/", format = "multipart/form-data", data = "")] +async fn post_send_file_v2_data( + send_uuid: String, + file_id: String, + data: Form>, + headers: Headers, + conn: DbConn, + nt: Notify<'_>, +) -> EmptyResult { + enforce_disable_send_policy(&headers, &conn).await?; + + let mut data = data.into_inner(); + + // There is a bug regarding uploading attachments/sends using the Mobile clients + // See: https://github.com/dani-garcia/vaultwarden/issues/2644 && https://github.com/bitwarden/mobile/issues/2018 + // This has been fixed via a PR: https://github.com/bitwarden/mobile/pull/2031, but hasn't landed in a new release yet. + // On the vaultwarden side this is temporarily fixed by using a custom multer library + // See: https://github.com/dani-garcia/vaultwarden/pull/2675 + // In any case we will match TempFile::File and not TempFile::Buffered, since Buffered will alter the contents. + if let TempFile::Buffered { + content: _, + } = &data.data + { + err!("Error reading attachment data. Please try an other client."); + } + + if let Some(send) = Send::find_by_uuid(&send_uuid, &conn).await { + let folder_path = tokio::fs::canonicalize(&CONFIG.sends_folder()).await?.join(&send_uuid); + let file_path = folder_path.join(&file_id); + tokio::fs::create_dir_all(&folder_path).await?; + + if let Err(_err) = data.data.persist_to(&file_path).await { + data.data.move_copy_to(file_path).await? + } + + nt.send_send_update(UpdateType::SyncSendCreate, &send, &send.update_users_revision(&conn).await).await; + } else { + err!("Send not found. Unable to save the file."); + } + + Ok(()) +} + #[derive(Deserialize)] #[allow(non_snake_case)] pub struct SendAccessData { diff --git a/src/api/mod.rs b/src/api/mod.rs index 3c9fb047..0d905ec7 100644 --- a/src/api/mod.rs +++ b/src/api/mod.rs @@ -10,6 +10,7 @@ use serde_json::Value; pub use crate::api::{ admin::routes as admin_routes, + core::catchers as core_catchers, core::purge_sends, core::purge_trashed_ciphers, core::routes as core_routes, @@ -19,6 +20,7 @@ pub use crate::api::{ identity::routes as identity_routes, notifications::routes as notifications_routes, notifications::{start_notification_server, Notify, UpdateType}, + web::catchers as web_catchers, web::routes as web_routes, }; use crate::util; diff --git a/src/api/web.rs b/src/api/web.rs index c01e782a..2ad94db8 100644 --- a/src/api/web.rs +++ b/src/api/web.rs @@ -1,7 +1,7 @@ use std::path::{Path, PathBuf}; use rocket::serde::json::Json; -use rocket::{fs::NamedFile, http::ContentType, Route}; +use rocket::{fs::NamedFile, http::ContentType, Catcher, Route}; use serde_json::Value; use crate::{ @@ -21,6 +21,19 @@ pub fn routes() -> Vec { } } +pub fn catchers() -> Vec { + if CONFIG.web_vault_enabled() { + catchers![not_found] + } else { + catchers![] + } +} + +#[catch(404)] +async fn not_found() -> Cached> { + Cached::short(NamedFile::open(Path::new(&CONFIG.web_vault_folder()).join("404.html")).await.ok(), false) +} + #[get("/")] async fn web_index() -> Cached> { Cached::short(NamedFile::open(Path::new(&CONFIG.web_vault_folder()).join("index.html")).await.ok(), false) diff --git a/src/main.rs b/src/main.rs index ad47f3c5..c877c01c 100644 --- a/src/main.rs +++ b/src/main.rs @@ -425,6 +425,8 @@ async fn launch_rocket(pool: db::DbPool, extra_debug: bool) -> Result<(), Error> .mount([basepath, "/identity"].concat(), api::identity_routes()) .mount([basepath, "/icons"].concat(), api::icons_routes()) .mount([basepath, "/notifications"].concat(), api::notifications_routes()) + .register([basepath, "/"].concat(), api::web_catchers()) + .register([basepath, "/api"].concat(), api::core_catchers()) .manage(pool) .manage(api::start_notification_server()) .attach(util::AppHeaders()) diff --git a/src/static/templates/admin/diagnostics.hbs b/src/static/templates/admin/diagnostics.hbs index 99f27193..20d6f371 100644 --- a/src/static/templates/admin/diagnostics.hbs +++ b/src/static/templates/admin/diagnostics.hbs @@ -140,8 +140,8 @@ Server: {{page_data.server_time_local}}
Date & Time (UTC) - Ok - Error + Ok + Error
Server: {{page_data.server_time}} @@ -151,7 +151,7 @@
Domain configuration Match No Match - HTTPS + HTTPS No HTTPS
diff --git a/src/util.rs b/src/util.rs index f5645d78..bdbb564e 100644 --- a/src/util.rs +++ b/src/util.rs @@ -357,6 +357,7 @@ pub fn get_uuid() -> String { use std::str::FromStr; +#[inline] pub fn upcase_first(s: &str) -> String { let mut c = s.chars(); match c.next() { @@ -365,6 +366,15 @@ pub fn upcase_first(s: &str) -> String { } } +#[inline] +pub fn lcase_first(s: &str) -> String { + let mut c = s.chars(); + match c.next() { + None => String::new(), + Some(f) => f.to_lowercase().collect::() + c.as_str(), + } +} + pub fn try_parse_string(string: Option) -> Option where S: AsRef, @@ -650,3 +660,46 @@ pub fn get_reqwest_client_builder() -> ClientBuilder { headers.insert(header::USER_AGENT, header::HeaderValue::from_static("Vaultwarden")); Client::builder().default_headers(headers).timeout(Duration::from_secs(10)) } + +pub fn convert_json_key_lcase_first(src_json: Value) -> Value { + match src_json { + Value::Array(elm) => { + let mut new_array: Vec = Vec::with_capacity(elm.len()); + + for obj in elm { + new_array.push(convert_json_key_lcase_first(obj)); + } + Value::Array(new_array) + } + + Value::Object(obj) => { + let mut json_map = JsonMap::new(); + for (key, value) in obj.iter() { + match (key, value) { + (key, Value::Object(elm)) => { + let inner_value = convert_json_key_lcase_first(Value::Object(elm.clone())); + json_map.insert(lcase_first(key), inner_value); + } + + (key, Value::Array(elm)) => { + let mut inner_array: Vec = Vec::with_capacity(elm.len()); + + for inner_obj in elm { + inner_array.push(convert_json_key_lcase_first(inner_obj.clone())); + } + + json_map.insert(lcase_first(key), Value::Array(inner_array)); + } + + (key, value) => { + json_map.insert(lcase_first(key), value.clone()); + } + } + } + + Value::Object(json_map) + } + + value => value, + } +}