topaLE
/
vaultwarden
mirror of https://github.com/dani-garcia/vaultwarden
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Validate YUBICO_SERVER string (#3003) 

If the `YUBICO_SERVER` is defined to an empty string, the whole yubikey
implementation doesn't work anymore.

This PR adds a check for this variable that it at least starts with `https://`.

Resolves #3003
pull/3059/head
BlackDex 3 years ago
parent
10dadfca06
commit
ca417d3257
No known key found for this signature in database GPG Key ID: 58C80A2AA6C765E1
1 changed files with 11 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 13
      src/config.rs

13
src/config.rs
View File

@ -698,8 +698,17 @@ fn validate_config(cfg: &ConfigItems) -> Result<(), Error> {
err!("All Duo options need to be set for global Duo support") err!("All Duo options need to be set for global Duo support")
} }
if cfg._enable_yubico && cfg.yubico_client_id.is_some() != cfg.yubico_secret_key.is_some() { if cfg._enable_yubico {
err!("Both `YUBICO_CLIENT_ID` and `YUBICO_SECRET_KEY` need to be set for Yubikey OTP support") if cfg.yubico_client_id.is_some() != cfg.yubico_secret_key.is_some() {
err!("Both `YUBICO_CLIENT_ID` and `YUBICO_SECRET_KEY` must be set for Yubikey OTP support")
}
if let Some(yubico_server) = &cfg.yubico_server {
let yubico_server = yubico_server.to_lowercase();
if !yubico_server.starts_with("https://") {
err!("`YUBICO_SERVER` must be a valid URL and start with 'https://'. Either unset this variable or provide a valid URL.")
}
}
} }
if cfg._enable_smtp { if cfg._enable_smtp {

Write Preview
Loading…
Cancel
Save