topaLE
/
vaultwarden
mirror of https://github.com/dani-garcia/vaultwarden
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Added password and akey generation

pull/677/head
unknown 6 years ago
parent
0835dd5ab7
commit
b3ca385794
3 changed files with 36 additions and 28 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      Cargo.lock
  2. 7
      Cargo.toml
  3. 56
      src/ldap.rs

1
Cargo.lock
View File

@ -108,6 +108,7 @@ dependencies = [
"num-traits 0.2.8 (registry+https://github.com/rust-lang/crates.io-index)", "num-traits 0.2.8 (registry+https://github.com/rust-lang/crates.io-index)",
"oath 0.10.2 (registry+https://github.com/rust-lang/crates.io-index)", "oath 0.10.2 (registry+https://github.com/rust-lang/crates.io-index)",
"openssl 0.10.25 (registry+https://github.com/rust-lang/crates.io-index)", "openssl 0.10.25 (registry+https://github.com/rust-lang/crates.io-index)",
"openssl-sys 0.9.51 (registry+https://github.com/rust-lang/crates.io-index)",
"percent-encoding 2.1.0 (registry+https://github.com/rust-lang/crates.io-index)", "percent-encoding 2.1.0 (registry+https://github.com/rust-lang/crates.io-index)",
"quoted_printable 0.4.1 (registry+https://github.com/rust-lang/crates.io-index)", "quoted_printable 0.4.1 (registry+https://github.com/rust-lang/crates.io-index)",
"regex 1.3.1 (registry+https://github.com/rust-lang/crates.io-index)", "regex 1.3.1 (registry+https://github.com/rust-lang/crates.io-index)",

7
Cargo.toml
View File

@ -14,7 +14,7 @@ build = "build.rs"
# Empty to keep compatibility, prefer to set USE_SYSLOG=true # Empty to keep compatibility, prefer to set USE_SYSLOG=true
enable_syslog = [] enable_syslog = []
mysql = ["diesel/mysql", "diesel_migrations/mysql"] mysql = ["diesel/mysql", "diesel_migrations/mysql"]
postgresql = ["diesel/postgres", "diesel_migrations/postgres", "openssl"] postgresql = ["diesel/postgres", "diesel_migrations/postgres"]
sqlite = ["diesel/sqlite", "diesel_migrations/sqlite", "libsqlite3-sys"] sqlite = ["diesel/sqlite", "diesel_migrations/sqlite", "libsqlite3-sys"]
[target."cfg(not(windows))".dependencies] [target."cfg(not(windows))".dependencies]
@ -106,14 +106,13 @@ handlebars = "2.0.2"
soup = "0.4.1" soup = "0.4.1"
regex = "1.3.1" regex = "1.3.1"
# Required for SSL support for PostgreSQL
openssl = { version = "0.10.25", optional = true }
# URL encoding library # URL encoding library
percent-encoding = "2.1.0" percent-encoding = "2.1.0"
# LDAP # LDAP
ldap3 = "0.6.1" ldap3 = "0.6.1"
openssl = "0.10.25"
openssl-sys = "*"
[patch.crates-io] [patch.crates-io]
# Add support for Timestamp type # Add support for Timestamp type

56
src/ldap.rs
View File

@ -1,7 +1,9 @@
use crate::db; use crate::db;
use crate::CONFIG; use crate::CONFIG;
use ldap3::{DerefAliases, LdapConn, Scope, SearchEntry, SearchOptions}; use ldap3::{DerefAliases, LdapConn, Scope, SearchEntry, SearchOptions};
use ring::{digest, pbkdf2};
use std::collections::HashSet; use std::collections::HashSet;
use std::convert::TryInto;
use std::error::Error; use std::error::Error;
use std::thread::sleep; use std::thread::sleep;
use std::time::Duration; use std::time::Duration;
@ -22,34 +24,40 @@ pub fn launch_ldap_connector() {
/// Invite all LDAP users to Bitwarden /// Invite all LDAP users to Bitwarden
fn sync_from_ldap(conn: &db::DbConn) -> Result<(), Box<Error>> { fn sync_from_ldap(conn: &db::DbConn) -> Result<(), Box<Error>> {
match get_existing_users(&conn) { let existing_users = get_existing_users(&conn).expect("Error: Failed to get existing users from Bitwarden");
Ok(existing_users) => { let mut num_users = 0;
let mut num_users = 0; for ldap_user in search_entries()? {
for ldap_user in search_entries()? { // Safely get first email from list of emails in field
// Safely get first email from list of emails in field if let Some(user_email) = ldap_user.attrs.get("mail").and_then(|l| (l.first())) {
if let Some(user_email) = ldap_user.attrs.get("mail").and_then(|l| (l.first())) { if !existing_users.contains(user_email) {
if existing_users.contains(user_email) { println!("Try to add user: {}", user_email);
println!("User with email already exists: {}", user_email); // Add user
} else { let mut user = db::models::User::new(user_email.to_string());
println!("Try to add user: {}", user_email); let mut password_bytes = vec![0u8; 16];
// Add user password_bytes = crate::crypto::get_random(password_bytes);
db::models::User::new(user_email.to_string()).save(conn)?; let password = std::str::from_utf8(password_bytes.as_slice()).unwrap();
num_users = num_users + 1; user.set_password(password);
} user.client_kdf_iter = 100000;
} else { let key = &mut [0u8; digest::SHA256_OUTPUT_LEN];
println!("Warning: Email field, mail, not found on user"); pbkdf2::derive(
} &digest::SHA256,
std::num::NonZeroU32::new(user.client_kdf_iter.try_into().unwrap()).unwrap(),
user.email.as_bytes(),
password.as_bytes(),
key,
);
user.akey = String::from_utf8(key.to_vec()).unwrap();
user.save(conn)?;
num_users = num_users + 1;
} }
} else {
// Maybe think about returning this value for some other use println!("Warning: Email field, mail, not found on user");
println!("Added {} user(s).", num_users);
}
Err(e) => {
println!("Error: Failed to get existing users from Bitwarden");
return Err(e);
} }
} }
// Maybe think about returning this value for some other use
println!("Added {} user(s).", num_users);
Ok(()) Ok(())
} }

Write Preview
Loading…
Cancel
Save