diff --git a/.env.template b/.env.template index 66a04343..60b5b73b 100644 --- a/.env.template +++ b/.env.template @@ -245,6 +245,10 @@ ## Name shown in the invitation emails that don't come from a specific organization # INVITATION_ORG_NAME=Vaultwarden +## The number of hours after which an organization invite token, emergency access invite token, +## email verification token and deletion request token will expire (must be at least 1) +# INVITATION_EXPIRATION_HOURS=120 + ## Per-organization attachment storage limit (KB) ## Max kilobytes of attachment storage allowed per organization. ## When this limit is reached, organization members will not be allowed to upload further attachments for ciphers owned by that organization. diff --git a/Cargo.lock b/Cargo.lock index b6ea2ad0..4dbbaf15 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -19,30 +19,30 @@ checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe" [[package]] name = "aead" -version = "0.4.3" +version = "0.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0b613b8e1e3cf911a086f53f03bf286f52fd7a7258e4fa606f0ef220d39d8877" +checksum = "5c192eb8f11fc081b0fe4259ba5af04217d4e0faddd02417310a927911abd7c8" dependencies = [ + "crypto-common", "generic-array", ] [[package]] name = "aes" -version = "0.7.5" +version = "0.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9e8b47f52ea9bae42228d07ec09eb676433d7c4ed1ebdf0f1d1c29ed446f1ab8" +checksum = "bfe0133578c0986e1fe3dfcd4af1cc5b2dd6c3dbf534d69916ce16a2701d40ba" dependencies = [ "cfg-if", "cipher", "cpufeatures", - "opaque-debug", ] [[package]] name = "aes-gcm" -version = "0.9.4" +version = "0.10.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "df5f85a83a7d8b0442b6aa7b504b8212c1733da07b98aae43d4bc21b2cb3cdf6" +checksum = "82e1366e0c69c9f927b1fa5ce2c7bf9eafc8f9268c0b9800729e8b267612447c" dependencies = [ "aead", "aes", @@ -85,20 +85,11 @@ dependencies = [ "libc", ] -[[package]] -name = "ansi_term" -version = "0.12.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d52a9bb7ec0cf484c551830a7ce27bd20d67eac647e1befb56b0be4ee39a55d2" -dependencies = [ - "winapi", -] - [[package]] name = "async-compression" -version = "0.3.14" +version = "0.3.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "345fd392ab01f746c717b1357165b76f0b67a60192007b234058c9045fdcf695" +checksum = "942c7cd7ae39e91bde4820d74132e9862e62c2f386c3aa90ccf55949f5bad63a" dependencies = [ "brotli", "flate2", @@ -342,18 +333,29 @@ dependencies = [ [[package]] name = "cipher" -version = "0.3.0" +version = "0.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7ee52072ec15386f770805afd189a01c8841be8696bed250fa2f13c4c0d6dfb7" +checksum = "d1873270f8f7942c191139cb8a40fd228da6c3fd2fc376d7e92d47aa14aeb59e" dependencies = [ - "generic-array", + "crypto-common", + "inout", +] + +[[package]] +name = "codespan-reporting" +version = "0.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3538270d33cc669650c4b093848450d380def10c331d38c768e34cac80576e6e" +dependencies = [ + "termcolor", + "unicode-width", ] [[package]] name = "cookie" -version = "0.16.0" +version = "0.16.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "94d4706de1b0fa5b132270cddffa8585166037822e260a944fe161acd137ca05" +checksum = "344adc371239ef32293cb1c4fe519592fcf21206c79c02854320afcdf3ab4917" dependencies = [ "aes-gcm", "base64", @@ -363,7 +365,7 @@ dependencies = [ "rand", "sha2", "subtle", - "time 0.3.14", + "time 0.3.15", "version_check", ] @@ -379,7 +381,7 @@ dependencies = [ "publicsuffix", "serde", "serde_json", - "time 0.3.14", + "time 0.3.15", "url 2.3.1", ] @@ -395,7 +397,7 @@ dependencies = [ "publicsuffix", "serde", "serde_json", - "time 0.3.14", + "time 0.3.15", "url 2.3.1", ] @@ -435,9 +437,9 @@ dependencies = [ [[package]] name = "cron" -version = "0.11.0" +version = "0.12.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d76219e9243e100d5a37676005f08379297f8addfebc247613299600625c734d" +checksum = "1ff76b51e4c068c52bfd2866e1567bee7c567ae8f24ada09fd4307019e25eab7" dependencies = [ "chrono", "nom", @@ -446,12 +448,11 @@ dependencies = [ [[package]] name = "crossbeam-utils" -version = "0.8.11" +version = "0.8.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "51887d4adc7b564537b15adcfb307936f8075dfcd5f00dde9a9f1d29383682bc" +checksum = "edbafec5fa1f196ca66527c1b12c2ec4745ca14b50f1ad8f9f6f720b55d11fac" dependencies = [ "cfg-if", - "once_cell", ] [[package]] @@ -461,14 +462,15 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" dependencies = [ "generic-array", + "rand_core", "typenum", ] [[package]] name = "ctr" -version = "0.8.0" +version = "0.9.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "049bb91fb4aaf0e3c7efa6cd5ef877dbbbd15b39dad06d9948de4ec8a75761ea" +checksum = "0369ee1ad671834580515889b80f2ea915f23b8be8d0daa4bbaf2ac5c7590835" dependencies = [ "cipher", ] @@ -483,6 +485,50 @@ dependencies = [ "winapi", ] +[[package]] +name = "cxx" +version = "1.0.78" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "19f39818dcfc97d45b03953c1292efc4e80954e1583c4aa770bac1383e2310a4" +dependencies = [ + "cc", + "cxxbridge-flags", + "cxxbridge-macro", + "link-cplusplus", +] + +[[package]] +name = "cxx-build" +version = "1.0.78" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3e580d70777c116df50c390d1211993f62d40302881e54d4b79727acb83d0199" +dependencies = [ + "cc", + "codespan-reporting", + "once_cell", + "proc-macro2", + "quote", + "scratch", + "syn", +] + +[[package]] +name = "cxxbridge-flags" +version = "1.0.78" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "56a46460b88d1cec95112c8c363f0e2c39afdb237f60583b0b36343bf627ea9c" + +[[package]] +name = "cxxbridge-macro" +version = "1.0.78" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "747b608fecf06b0d72d440f27acc99288207324b793be2c17991839f3d4995ea" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + [[package]] name = "darling" version = "0.13.4" @@ -727,9 +773,9 @@ dependencies = [ [[package]] name = "figment" -version = "0.10.7" +version = "0.10.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6e3bd154d9ae2f1bb0ada5b7eebd56529513efa5de7d2fc8c6adf33bc43260cf" +checksum = "4e56602b469b2201400dec66a66aec5a9b8761ee97cd1b8c96ab2483fcc16cc9" dependencies = [ "atomic", "pear", @@ -910,9 +956,9 @@ dependencies = [ [[package]] name = "ghash" -version = "0.4.4" +version = "0.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1583cc1656d7839fd3732b80cf4f38850336cdb9b8ded1cd399ca62958de3c99" +checksum = "d930750de5717d2dd0b8c0d42c076c0e884c81a73e6cab859bbd2339c71e3e40" dependencies = [ "opaque-debug", "polyval", @@ -975,9 +1021,9 @@ checksum = "eabb4a44450da02c90444cf74558da904edde8fb4e9035a9a6a4e15445af0bd7" [[package]] name = "handlebars" -version = "4.3.4" +version = "4.3.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "56b224eaa4987c03c30b251de7ef0c15a6a59f34222905850dbc3026dfb24d5f" +checksum = "433e4ab33f1213cdc25b5fa45c76881240cfe79284cf2b395e8b9e312a30a2fd" dependencies = [ "log", "pest", @@ -1120,17 +1166,28 @@ dependencies = [ [[package]] name = "iana-time-zone" -version = "0.1.50" +version = "0.1.51" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fd911b35d940d2bd0bea0f9100068e5b97b51a1cbe13d13382f132e0365257a0" +checksum = "f5a6ef98976b22b3b7f2f3a806f858cb862044cfa66805aa3ad84cb3d3b785ed" dependencies = [ "android_system_properties", "core-foundation-sys", + "iana-time-zone-haiku", "js-sys", "wasm-bindgen", "winapi", ] +[[package]] +name = "iana-time-zone-haiku" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fde6edd6cef363e9359ed3c98ba64590ba9eecba2293eb5a723ab32aee8926aa" +dependencies = [ + "cxx", + "cxx-build", +] + [[package]] name = "ident_case" version = "1.0.1" @@ -1186,6 +1243,15 @@ version = "0.1.15" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c8fae54786f62fb2918dcfae3d568594e50eb9b5c25bf04371af6fe7516452fb" +[[package]] +name = "inout" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a0c10553d664a4d0bcff9f4215d0aac67a639cc68ef660840afe309b807bc9f5" +dependencies = [ + "generic-array", +] + [[package]] name = "instant" version = "0.1.12" @@ -1215,9 +1281,9 @@ checksum = "879d54834c8c76457ef4293a689b2a8c59b076067ad77b15efafbb05f92a592b" [[package]] name = "itoa" -version = "1.0.3" +version = "1.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6c8af84674fe1f223a982c933a0ee1086ac4d4052aa0fb8060c12c6ad838e754" +checksum = "4217ad341ebadf8d8e724e264f13e593e0648f5b3e94b3896a5df283be015ecc" [[package]] name = "jetscii" @@ -1227,9 +1293,9 @@ checksum = "47f142fe24a9c9944451e8349de0a56af5f3e7226dc46f3ed4d4ecc0b85af75e" [[package]] name = "job_scheduler_ng" -version = "2.0.1" +version = "2.0.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6e488bbc07c44295a7a07bfedfa36c9c77509c2e02599c1b5aef977779afca4d" +checksum = "854c3036c710866ee61a7e1cd7f39988dd077d0d97ce5dd23b0a1f64f3fffb42" dependencies = [ "chrono", "cron", @@ -1295,9 +1361,9 @@ dependencies = [ [[package]] name = "libc" -version = "0.2.133" +version = "0.2.134" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c0f80d65747a3e43d1596c7c5492d95d5edddaabd45a7fcdb02b95f644164966" +checksum = "329c933548736bc49fd575ee68c89e8be4d260064184389a5b77517cddd99ffb" [[package]] name = "libmimalloc-sys" @@ -1319,6 +1385,15 @@ dependencies = [ "vcpkg", ] +[[package]] +name = "link-cplusplus" +version = "1.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9272ab7b96c9046fbc5bc56c06c117cb639fe2d509df0c421cad82d2915cf369" +dependencies = [ + "cc", +] + [[package]] name = "linked-hash-map" version = "0.5.6" @@ -1548,6 +1623,16 @@ version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "38bf9645c8b145698bb0b18a4637dcacbc421ea49bef2317e4fd8065a387cf21" +[[package]] +name = "nu-ansi-term" +version = "0.46.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "77a8165726e8236064dbb45459242600304b42a5ea24ee2948e18e023bf7ba84" +dependencies = [ + "overload", + "winapi", +] + [[package]] name = "num-bigint" version = "0.4.3" @@ -1631,9 +1716,9 @@ checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5" [[package]] name = "openssl" -version = "0.10.41" +version = "0.10.42" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "618febf65336490dfcf20b73f885f5651a0c89c64c2d4a8c3662585a70bf5bd0" +checksum = "12fc0523e3bd51a692c8850d075d74dc062ccf251c0110668cbd921917118a13" dependencies = [ "bitflags", "cfg-if", @@ -1672,9 +1757,9 @@ dependencies = [ [[package]] name = "openssl-sys" -version = "0.9.75" +version = "0.9.76" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e5f9bd0c2710541a3cda73d6f9ac4f1b240de4ae261065d309dbe73d9dceb42f" +checksum = "5230151e44c0f05157effb743e8d517472843121cf9243e8b81393edb5acd9ce" dependencies = [ "autocfg", "cc", @@ -1684,6 +1769,12 @@ dependencies = [ "vcpkg", ] +[[package]] +name = "overload" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b15813163c1d831bf4a13c3610c05c0d03b39feb07f7e09fa234dac9b15aaf39" + [[package]] name = "parking_lot" version = "0.12.1" @@ -1768,9 +1859,9 @@ checksum = "478c572c3d73181ff3c2539045f6eb99e5491218eae919370993b890cdbdd98e" [[package]] name = "pest" -version = "2.3.1" +version = "2.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cb779fcf4bb850fbbb0edc96ff6cf34fd90c4b1a112ce042653280d9a7364048" +checksum = "dbc7bc69c062e492337d74d59b120c274fd3d261b6bf6d3207d499b4b379c41a" dependencies = [ "thiserror", "ucd-trie", @@ -1778,9 +1869,9 @@ dependencies = [ [[package]] name = "pest_derive" -version = "2.3.1" +version = "2.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "502b62a6d0245378b04ffe0a7fb4f4419a4815fce813bd8a0ec89a56e07d67b1" +checksum = "60b75706b9642ebcb34dab3bc7750f811609a0eb1dd8b88c2d15bf628c1c65b2" dependencies = [ "pest", "pest_generator", @@ -1788,9 +1879,9 @@ dependencies = [ [[package]] name = "pest_generator" -version = "2.3.1" +version = "2.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "451e629bf49b750254da26132f1a5a9d11fd8a95a3df51d15c4abd1ba154cb6c" +checksum = "f4f9272122f5979a6511a749af9db9bfc810393f63119970d7085fed1c4ea0db" dependencies = [ "pest", "pest_meta", @@ -1801,9 +1892,9 @@ dependencies = [ [[package]] name = "pest_meta" -version = "2.3.1" +version = "2.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bcec162c71c45e269dfc3fc2916eaeb97feab22993a21bcce4721d08cd7801a6" +checksum = "4c8717927f9b79515e565a64fe46c38b8cd0427e64c40680b14a7365ab09ac8d" dependencies = [ "once_cell", "pest", @@ -1875,9 +1966,9 @@ checksum = "1df8c4ec4b0627e53bdf214615ad287367e482558cf84b109250b37464dc03ae" [[package]] name = "polyval" -version = "0.5.3" +version = "0.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8419d2b623c7c0896ff2d5d96e2cb4ede590fed28fcc34934f4c33c036e620a1" +checksum = "7ef234e08c11dfcb2e56f79fd70f6f2eb7f025c0ce2333e82f4f0518ecad30c6" dependencies = [ "cfg-if", "cpufeatures", @@ -1908,9 +1999,9 @@ checksum = "dbf0c48bc1d91375ae5c3cd81e3722dff1abcf81a30960240640d223f59fe0e5" [[package]] name = "proc-macro2" -version = "1.0.44" +version = "1.0.46" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7bd7356a8122b6c4a24a82b278680c73357984ca2fc79a0f9fa6dea7dced7c58" +checksum = "94e2ef8dbfc347b10c094890f778ee2e36ca9bb4262e86dc99cd217e35f3470b" dependencies = [ "unicode-ident", ] @@ -1936,11 +2027,11 @@ checksum = "33cb294fe86a74cbcf50d4445b37da762029549ebeea341421c7c70370f86cac" [[package]] name = "publicsuffix" -version = "2.2.2" +version = "2.2.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "aeeedb0b429dc462f30ad27ef3de97058b060016f47790c066757be38ef792b4" +checksum = "96a8c1bda5ae1af7f99a2962e49df150414a43d62404644d98dd5c3a93d07457" dependencies = [ - "idna 0.2.3", + "idna 0.3.0", "psl-types", ] @@ -2226,7 +2317,7 @@ dependencies = [ "serde_json", "state", "tempfile", - "time 0.3.14", + "time 0.3.15", "tokio", "tokio-stream", "tokio-util", @@ -2275,7 +2366,7 @@ dependencies = [ "smallvec", "stable-pattern", "state", - "time 0.3.14", + "time 0.3.15", "tokio", "tokio-rustls", "uncased", @@ -2360,6 +2451,12 @@ version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" +[[package]] +name = "scratch" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c8132065adcfd6e02db789d9285a0deb2f3fcb04002865ab67d5fb103533898" + [[package]] name = "sct" version = "0.7.0" @@ -2506,7 +2603,7 @@ dependencies = [ "num-bigint", "num-traits", "thiserror", - "time 0.3.14", + "time 0.3.15", ] [[package]] @@ -2526,9 +2623,9 @@ dependencies = [ [[package]] name = "smallvec" -version = "1.9.0" +version = "1.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2fd0db749597d91ff862fd1d55ea87f7855a744a8425a64695b6fca237d1dad1" +checksum = "a507befe795404456341dfab10cef66ead4c041f62b8b11bbb92bffe5d0953e0" [[package]] name = "socket2" @@ -2584,9 +2681,9 @@ checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601" [[package]] name = "syn" -version = "1.0.100" +version = "1.0.102" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "52205623b1b0f064a4e71182c3b18ae902267282930c6d5462c91b859668426e" +checksum = "3fcd952facd492f9be3ef0d0b7032a6e442ee9b361d4acc2b1d0c4aaa5f613a1" dependencies = [ "proc-macro2", "quote", @@ -2603,7 +2700,7 @@ dependencies = [ "hostname", "libc", "log", - "time 0.3.14", + "time 0.3.15", ] [[package]] @@ -2620,20 +2717,29 @@ dependencies = [ "winapi", ] +[[package]] +name = "termcolor" +version = "1.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bab24d30b911b2376f3a13cc2cd443142f0c81dda04c118693e35b3835757755" +dependencies = [ + "winapi-util", +] + [[package]] name = "thiserror" -version = "1.0.36" +version = "1.0.37" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0a99cb8c4b9a8ef0e7907cd3b617cc8dc04d571c4e73c8ae403d80ac160bb122" +checksum = "10deb33631e3c9018b9baf9dcbbc4f737320d2b576bac10f6aefa048fa407e3e" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.36" +version = "1.0.37" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3a891860d3c8d66fec8e73ddb3765f90082374dbaaa833407b904a94f1a7eb43" +checksum = "982d17546b47146b28f7c22e3d08465f6b8903d0ea13c1660d9d84a6e7adcdbb" dependencies = [ "proc-macro2", "quote", @@ -2670,9 +2776,9 @@ dependencies = [ [[package]] name = "time" -version = "0.3.14" +version = "0.3.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3c3f9a28b618c3a6b9251b6908e9c99e04b9e5c02e6581ccbb67d59c34ef7f9b" +checksum = "d634a985c4d4238ec39cacaed2e7ae552fbd3c476b552c1deac3021b7d7eaf0c" dependencies = [ "itoa", "libc", @@ -2703,9 +2809,9 @@ checksum = "cda74da7e1a664f795bb1f8a87ec406fb89a02522cf6e50620d016add6dbbf5c" [[package]] name = "tokio" -version = "1.21.1" +version = "1.21.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0020c875007ad96677dcc890298f4b942882c5d4eb7cc8f439fc3bf813dc9c95" +checksum = "a9e03c497dc955702ba729190dc4aac6f2a0ce97f913e5b1b5912fc5039d9099" dependencies = [ "autocfg", "bytes", @@ -2713,7 +2819,6 @@ dependencies = [ "memchr", "mio", "num_cpus", - "once_cell", "parking_lot", "pin-project-lite", "signal-hook-registry", @@ -2832,9 +2937,9 @@ checksum = "b6bc1c9ce2b5135ac7f93c72918fc37feb872bdc6a5533a8b85eb4b86bfdae52" [[package]] name = "tracing" -version = "0.1.36" +version = "0.1.37" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2fce9567bd60a67d08a16488756721ba392f24f29006402881e43b19aac64307" +checksum = "8ce8c33a8d48bd45d624a6e523445fd21ec13d3653cd51f681abf67418f54eb8" dependencies = [ "cfg-if", "log", @@ -2845,9 +2950,9 @@ dependencies = [ [[package]] name = "tracing-attributes" -version = "0.1.22" +version = "0.1.23" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "11c75893af559bc8e10716548bdef5cb2b983f8e637db9d0e15126b61b484ee2" +checksum = "4017f8f45139870ca7e672686113917c71c7a6e02d4924eda67186083c03081a" dependencies = [ "proc-macro2", "quote", @@ -2856,9 +2961,9 @@ dependencies = [ [[package]] name = "tracing-core" -version = "0.1.29" +version = "0.1.30" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5aeea4303076558a00714b823f9ad67d58a3bbda1df83d8827d21193156e22f7" +checksum = "24eb03ba0eab1fd845050058ce5e616558e8f8d8fca633e6b163fe25c797213a" dependencies = [ "once_cell", "valuable", @@ -2877,12 +2982,12 @@ dependencies = [ [[package]] name = "tracing-subscriber" -version = "0.3.15" +version = "0.3.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "60db860322da191b40952ad9affe65ea23e7dd6a5c442c2c42865810c6ab8e6b" +checksum = "a6176eae26dd70d0c919749377897b54a9276bd7061339665dd68777926b5a70" dependencies = [ - "ansi_term", "matchers", + "nu-ansi-term", "once_cell", "regex", "sharded-slab", @@ -3002,9 +3107,9 @@ checksum = "099b7128301d285f79ddd55b9a83d5e6b9e97c92e0ea0daebee7263e932de992" [[package]] name = "unicode-ident" -version = "1.0.4" +version = "1.0.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dcc811dc4066ac62f84f11307873c4850cb653bfa9b1719cee2bd2204a4bc5dd" +checksum = "6ceab39d59e4c9499d4e5a8ee0e2735b891bb7308ac83dfb4e80cad195c9f6f3" [[package]] name = "unicode-normalization" @@ -3015,6 +3120,12 @@ dependencies = [ "tinyvec", ] +[[package]] +name = "unicode-width" +version = "0.1.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c0edd1e5b14653f783770bce4a4dabb4a5108a5370a5f5d8cfe8710c361f6c8b" + [[package]] name = "unicode-xid" version = "0.2.4" @@ -3023,11 +3134,11 @@ checksum = "f962df74c8c05a667b5ee8bcf162993134c104e96440b663c8daa176dc772d8c" [[package]] name = "universal-hash" -version = "0.4.1" +version = "0.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9f214e8f697e925001e66ec2c6e37a4ef93f0f78c2eed7814394e10c62025b05" +checksum = "7d3160b73c9a19f7e2939a2fdad446c57c1bbbbf4d919d3213ff1267a580d8b5" dependencies = [ - "generic-array", + "crypto-common", "subtle", ] @@ -3068,9 +3179,9 @@ checksum = "09cc8ee72d2a9becf2f2febe0205bbed8fc6615b7cb429ad062dc7b7ddd036a9" [[package]] name = "uuid" -version = "1.1.2" +version = "1.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dd6469f4314d5f1ffec476e05f17cc9a78bc7a27a6a857842170bdf8d6f98d2f" +checksum = "feb41e78f93363bb2df8b0e86a2ca30eed7806ea16ea0c790d757cf93f79be83" dependencies = [ "getrandom", ] @@ -3126,7 +3237,7 @@ dependencies = [ "serde", "serde_json", "syslog", - "time 0.3.14", + "time 0.3.15", "tokio", "tokio-tungstenite", "totp-lite", diff --git a/Cargo.toml b/Cargo.toml index 583fe710..f9958821 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -37,7 +37,7 @@ syslog = "6.0.1" # Needs to be v4 until fern is updated # Logging log = "0.4.17" fern = { version = "0.6.1", features = ["syslog-6"] } -tracing = { version = "0.1.36", features = ["log"] } # Needed to have lettre and webauthn-rs trace logging to work +tracing = { version = "0.1.37", features = ["log"] } # Needed to have lettre and webauthn-rs trace logging to work backtrace = "0.3.66" # Logging panics to logfile instead stderr only @@ -61,7 +61,7 @@ dashmap = "5.4.0" # Async futures futures = "0.3.24" -tokio = { version = "1.21.1", features = ["rt-multi-thread", "fs", "io-util", "parking_lot", "time"] } +tokio = { version = "1.21.2", features = ["rt-multi-thread", "fs", "io-util", "parking_lot", "time"] } # A generic serialization/deserialization framework serde = { version = "1.0.145", features = ["derive"] } @@ -79,15 +79,15 @@ rand = { version = "0.8.5", features = ["small_rng"] } ring = "0.16.20" # UUID generation -uuid = { version = "1.1.2", features = ["v4"] } +uuid = { version = "1.2.1", features = ["v4"] } # Date and time libraries chrono = { version = "0.4.22", features = ["clock", "serde"], default-features = false } chrono-tz = "0.6.3" -time = "0.3.14" +time = "0.3.15" # Job scheduler -job_scheduler_ng = "2.0.1" +job_scheduler_ng = "2.0.2" # Data encoding library Hex/Base32/Base64 data-encoding = "2.3.2" @@ -112,7 +112,7 @@ lettre = { version = "0.10.1", features = ["smtp-transport", "builder", "serde", percent-encoding = "2.2.0" # URL encoding library used for URL's in the emails # Template library -handlebars = { version = "4.3.4", features = ["dir_source"] } +handlebars = { version = "4.3.5", features = ["dir_source"] } # HTTP client reqwest = { version = "0.11.12", features = ["stream", "json", "gzip", "brotli", "socks", "cookies", "trust-dns"] } @@ -125,11 +125,11 @@ bytes = "1.2.1" cached = "0.39.0" # Used for custom short lived cookie jar during favicon extraction -cookie = "0.16.0" +cookie = "0.16.1" cookie_store = "0.17.0" # Used by U2F, JWT and Postgres -openssl = "0.10.41" +openssl = "0.10.42" # CLI argument parsing pico-args = "0.5.0" diff --git a/README.md b/README.md index 9af01480..3e25e158 100644 --- a/README.md +++ b/README.md @@ -12,7 +12,7 @@ Image is based on [Rust implementation of Bitwarden API](https://github.com/dani-garcia/vaultwarden). -**This project is not associated with the [Bitwarden](https://bitwarden.com/) project nor 8bit Solutions LLC.** +**This project is not associated with the [Bitwarden](https://bitwarden.com/) project nor Bitwarden, Inc.** #### ⚠️**IMPORTANT**⚠️: When using this server, please report any bugs or suggestions to us directly (look at the bottom of this page for ways to get in touch), regardless of whatever clients you are using (mobile, desktop, browser...). DO NOT use the official support channels. diff --git a/docker/Dockerfile.j2 b/docker/Dockerfile.j2 index cc0cdf17..e4cd9b7d 100644 --- a/docker/Dockerfile.j2 +++ b/docker/Dockerfile.j2 @@ -59,8 +59,8 @@ # https://docs.docker.com/develop/develop-images/multistage-build/ # https://whitfin.io/speeding-up-rust-docker-builds/ ####################### VAULT BUILD IMAGE ####################### -{% set vault_version = "v2022.9.0" %} -{% set vault_image_digest = "sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc" %} +{% set vault_version = "v2022.9.2" %} +{% set vault_image_digest = "sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e" %} # The web-vault digest specifies a particular web-vault build on Docker Hub. # Using the digest instead of the tag name provides better security, # as the digest of an image is immutable, whereas a tag name can later diff --git a/docker/amd64/Dockerfile b/docker/amd64/Dockerfile index af15fc9e..0fda2954 100644 --- a/docker/amd64/Dockerfile +++ b/docker/amd64/Dockerfile @@ -16,15 +16,15 @@ # - From https://hub.docker.com/r/vaultwarden/web-vault/tags, # click the tag name to view the digest of the image it currently points to. # - From the command line: -# $ docker pull vaultwarden/web-vault:v2022.9.0 -# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.0 -# [vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc] +# $ docker pull vaultwarden/web-vault:v2022.9.2 +# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.2 +# [vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e] # # - Conversely, to get the tag name from the digest: -# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc -# [vaultwarden/web-vault:v2022.9.0] +# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e +# [vaultwarden/web-vault:v2022.9.2] # -FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault +FROM vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e as vault ########################## BUILD IMAGE ########################## FROM rust:1.64-bullseye as build diff --git a/docker/amd64/Dockerfile.alpine b/docker/amd64/Dockerfile.alpine index 18f7f75b..8585e7cb 100644 --- a/docker/amd64/Dockerfile.alpine +++ b/docker/amd64/Dockerfile.alpine @@ -16,15 +16,15 @@ # - From https://hub.docker.com/r/vaultwarden/web-vault/tags, # click the tag name to view the digest of the image it currently points to. # - From the command line: -# $ docker pull vaultwarden/web-vault:v2022.9.0 -# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.0 -# [vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc] +# $ docker pull vaultwarden/web-vault:v2022.9.2 +# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.2 +# [vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e] # # - Conversely, to get the tag name from the digest: -# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc -# [vaultwarden/web-vault:v2022.9.0] +# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e +# [vaultwarden/web-vault:v2022.9.2] # -FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault +FROM vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e as vault ########################## BUILD IMAGE ########################## FROM blackdex/rust-musl:x86_64-musl-stable-1.64.0 as build diff --git a/docker/amd64/Dockerfile.buildx b/docker/amd64/Dockerfile.buildx index 0797ec39..ce4116f2 100644 --- a/docker/amd64/Dockerfile.buildx +++ b/docker/amd64/Dockerfile.buildx @@ -16,15 +16,15 @@ # - From https://hub.docker.com/r/vaultwarden/web-vault/tags, # click the tag name to view the digest of the image it currently points to. # - From the command line: -# $ docker pull vaultwarden/web-vault:v2022.9.0 -# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.0 -# [vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc] +# $ docker pull vaultwarden/web-vault:v2022.9.2 +# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.2 +# [vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e] # # - Conversely, to get the tag name from the digest: -# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc -# [vaultwarden/web-vault:v2022.9.0] +# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e +# [vaultwarden/web-vault:v2022.9.2] # -FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault +FROM vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e as vault ########################## BUILD IMAGE ########################## FROM rust:1.64-bullseye as build diff --git a/docker/amd64/Dockerfile.buildx.alpine b/docker/amd64/Dockerfile.buildx.alpine index db0c1e04..d497d8e6 100644 --- a/docker/amd64/Dockerfile.buildx.alpine +++ b/docker/amd64/Dockerfile.buildx.alpine @@ -16,15 +16,15 @@ # - From https://hub.docker.com/r/vaultwarden/web-vault/tags, # click the tag name to view the digest of the image it currently points to. # - From the command line: -# $ docker pull vaultwarden/web-vault:v2022.9.0 -# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.0 -# [vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc] +# $ docker pull vaultwarden/web-vault:v2022.9.2 +# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.2 +# [vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e] # # - Conversely, to get the tag name from the digest: -# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc -# [vaultwarden/web-vault:v2022.9.0] +# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e +# [vaultwarden/web-vault:v2022.9.2] # -FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault +FROM vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e as vault ########################## BUILD IMAGE ########################## FROM blackdex/rust-musl:x86_64-musl-stable-1.64.0 as build diff --git a/docker/arm64/Dockerfile b/docker/arm64/Dockerfile index feaa27d6..cb804ebe 100644 --- a/docker/arm64/Dockerfile +++ b/docker/arm64/Dockerfile @@ -16,15 +16,15 @@ # - From https://hub.docker.com/r/vaultwarden/web-vault/tags, # click the tag name to view the digest of the image it currently points to. # - From the command line: -# $ docker pull vaultwarden/web-vault:v2022.9.0 -# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.0 -# [vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc] +# $ docker pull vaultwarden/web-vault:v2022.9.2 +# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.2 +# [vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e] # # - Conversely, to get the tag name from the digest: -# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc -# [vaultwarden/web-vault:v2022.9.0] +# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e +# [vaultwarden/web-vault:v2022.9.2] # -FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault +FROM vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e as vault ########################## BUILD IMAGE ########################## FROM rust:1.64-bullseye as build diff --git a/docker/arm64/Dockerfile.alpine b/docker/arm64/Dockerfile.alpine index b7750fee..203bfb2f 100644 --- a/docker/arm64/Dockerfile.alpine +++ b/docker/arm64/Dockerfile.alpine @@ -16,15 +16,15 @@ # - From https://hub.docker.com/r/vaultwarden/web-vault/tags, # click the tag name to view the digest of the image it currently points to. # - From the command line: -# $ docker pull vaultwarden/web-vault:v2022.9.0 -# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.0 -# [vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc] +# $ docker pull vaultwarden/web-vault:v2022.9.2 +# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.2 +# [vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e] # # - Conversely, to get the tag name from the digest: -# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc -# [vaultwarden/web-vault:v2022.9.0] +# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e +# [vaultwarden/web-vault:v2022.9.2] # -FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault +FROM vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e as vault ########################## BUILD IMAGE ########################## FROM blackdex/rust-musl:aarch64-musl-stable-1.64.0 as build diff --git a/docker/arm64/Dockerfile.buildx b/docker/arm64/Dockerfile.buildx index 026545e2..0b2b3ad6 100644 --- a/docker/arm64/Dockerfile.buildx +++ b/docker/arm64/Dockerfile.buildx @@ -16,15 +16,15 @@ # - From https://hub.docker.com/r/vaultwarden/web-vault/tags, # click the tag name to view the digest of the image it currently points to. # - From the command line: -# $ docker pull vaultwarden/web-vault:v2022.9.0 -# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.0 -# [vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc] +# $ docker pull vaultwarden/web-vault:v2022.9.2 +# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.2 +# [vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e] # # - Conversely, to get the tag name from the digest: -# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc -# [vaultwarden/web-vault:v2022.9.0] +# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e +# [vaultwarden/web-vault:v2022.9.2] # -FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault +FROM vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e as vault ########################## BUILD IMAGE ########################## FROM rust:1.64-bullseye as build diff --git a/docker/arm64/Dockerfile.buildx.alpine b/docker/arm64/Dockerfile.buildx.alpine index 94ffb249..32c3d12b 100644 --- a/docker/arm64/Dockerfile.buildx.alpine +++ b/docker/arm64/Dockerfile.buildx.alpine @@ -16,15 +16,15 @@ # - From https://hub.docker.com/r/vaultwarden/web-vault/tags, # click the tag name to view the digest of the image it currently points to. # - From the command line: -# $ docker pull vaultwarden/web-vault:v2022.9.0 -# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.0 -# [vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc] +# $ docker pull vaultwarden/web-vault:v2022.9.2 +# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.2 +# [vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e] # # - Conversely, to get the tag name from the digest: -# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc -# [vaultwarden/web-vault:v2022.9.0] +# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e +# [vaultwarden/web-vault:v2022.9.2] # -FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault +FROM vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e as vault ########################## BUILD IMAGE ########################## FROM blackdex/rust-musl:aarch64-musl-stable-1.64.0 as build diff --git a/docker/armv6/Dockerfile b/docker/armv6/Dockerfile index 96210168..b329b925 100644 --- a/docker/armv6/Dockerfile +++ b/docker/armv6/Dockerfile @@ -16,15 +16,15 @@ # - From https://hub.docker.com/r/vaultwarden/web-vault/tags, # click the tag name to view the digest of the image it currently points to. # - From the command line: -# $ docker pull vaultwarden/web-vault:v2022.9.0 -# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.0 -# [vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc] +# $ docker pull vaultwarden/web-vault:v2022.9.2 +# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.2 +# [vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e] # # - Conversely, to get the tag name from the digest: -# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc -# [vaultwarden/web-vault:v2022.9.0] +# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e +# [vaultwarden/web-vault:v2022.9.2] # -FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault +FROM vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e as vault ########################## BUILD IMAGE ########################## FROM rust:1.64-bullseye as build diff --git a/docker/armv6/Dockerfile.alpine b/docker/armv6/Dockerfile.alpine index 21b66728..1df53edb 100644 --- a/docker/armv6/Dockerfile.alpine +++ b/docker/armv6/Dockerfile.alpine @@ -16,15 +16,15 @@ # - From https://hub.docker.com/r/vaultwarden/web-vault/tags, # click the tag name to view the digest of the image it currently points to. # - From the command line: -# $ docker pull vaultwarden/web-vault:v2022.9.0 -# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.0 -# [vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc] +# $ docker pull vaultwarden/web-vault:v2022.9.2 +# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.2 +# [vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e] # # - Conversely, to get the tag name from the digest: -# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc -# [vaultwarden/web-vault:v2022.9.0] +# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e +# [vaultwarden/web-vault:v2022.9.2] # -FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault +FROM vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e as vault ########################## BUILD IMAGE ########################## FROM blackdex/rust-musl:arm-musleabi-stable-1.64.0 as build diff --git a/docker/armv6/Dockerfile.buildx b/docker/armv6/Dockerfile.buildx index 9797342a..41fa992f 100644 --- a/docker/armv6/Dockerfile.buildx +++ b/docker/armv6/Dockerfile.buildx @@ -16,15 +16,15 @@ # - From https://hub.docker.com/r/vaultwarden/web-vault/tags, # click the tag name to view the digest of the image it currently points to. # - From the command line: -# $ docker pull vaultwarden/web-vault:v2022.9.0 -# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.0 -# [vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc] +# $ docker pull vaultwarden/web-vault:v2022.9.2 +# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.2 +# [vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e] # # - Conversely, to get the tag name from the digest: -# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc -# [vaultwarden/web-vault:v2022.9.0] +# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e +# [vaultwarden/web-vault:v2022.9.2] # -FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault +FROM vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e as vault ########################## BUILD IMAGE ########################## FROM rust:1.64-bullseye as build diff --git a/docker/armv6/Dockerfile.buildx.alpine b/docker/armv6/Dockerfile.buildx.alpine index 82d52a7d..6cc1efc4 100644 --- a/docker/armv6/Dockerfile.buildx.alpine +++ b/docker/armv6/Dockerfile.buildx.alpine @@ -16,15 +16,15 @@ # - From https://hub.docker.com/r/vaultwarden/web-vault/tags, # click the tag name to view the digest of the image it currently points to. # - From the command line: -# $ docker pull vaultwarden/web-vault:v2022.9.0 -# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.0 -# [vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc] +# $ docker pull vaultwarden/web-vault:v2022.9.2 +# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.2 +# [vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e] # # - Conversely, to get the tag name from the digest: -# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc -# [vaultwarden/web-vault:v2022.9.0] +# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e +# [vaultwarden/web-vault:v2022.9.2] # -FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault +FROM vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e as vault ########################## BUILD IMAGE ########################## FROM blackdex/rust-musl:arm-musleabi-stable-1.64.0 as build diff --git a/docker/armv7/Dockerfile b/docker/armv7/Dockerfile index 07c3e594..69d2161a 100644 --- a/docker/armv7/Dockerfile +++ b/docker/armv7/Dockerfile @@ -16,15 +16,15 @@ # - From https://hub.docker.com/r/vaultwarden/web-vault/tags, # click the tag name to view the digest of the image it currently points to. # - From the command line: -# $ docker pull vaultwarden/web-vault:v2022.9.0 -# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.0 -# [vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc] +# $ docker pull vaultwarden/web-vault:v2022.9.2 +# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.2 +# [vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e] # # - Conversely, to get the tag name from the digest: -# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc -# [vaultwarden/web-vault:v2022.9.0] +# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e +# [vaultwarden/web-vault:v2022.9.2] # -FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault +FROM vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e as vault ########################## BUILD IMAGE ########################## FROM rust:1.64-bullseye as build diff --git a/docker/armv7/Dockerfile.alpine b/docker/armv7/Dockerfile.alpine index a51fa9b0..260ca7c9 100644 --- a/docker/armv7/Dockerfile.alpine +++ b/docker/armv7/Dockerfile.alpine @@ -16,15 +16,15 @@ # - From https://hub.docker.com/r/vaultwarden/web-vault/tags, # click the tag name to view the digest of the image it currently points to. # - From the command line: -# $ docker pull vaultwarden/web-vault:v2022.9.0 -# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.0 -# [vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc] +# $ docker pull vaultwarden/web-vault:v2022.9.2 +# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.2 +# [vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e] # # - Conversely, to get the tag name from the digest: -# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc -# [vaultwarden/web-vault:v2022.9.0] +# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e +# [vaultwarden/web-vault:v2022.9.2] # -FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault +FROM vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e as vault ########################## BUILD IMAGE ########################## FROM blackdex/rust-musl:armv7-musleabihf-stable-1.64.0 as build diff --git a/docker/armv7/Dockerfile.buildx b/docker/armv7/Dockerfile.buildx index 34e26006..05956095 100644 --- a/docker/armv7/Dockerfile.buildx +++ b/docker/armv7/Dockerfile.buildx @@ -16,15 +16,15 @@ # - From https://hub.docker.com/r/vaultwarden/web-vault/tags, # click the tag name to view the digest of the image it currently points to. # - From the command line: -# $ docker pull vaultwarden/web-vault:v2022.9.0 -# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.0 -# [vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc] +# $ docker pull vaultwarden/web-vault:v2022.9.2 +# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.2 +# [vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e] # # - Conversely, to get the tag name from the digest: -# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc -# [vaultwarden/web-vault:v2022.9.0] +# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e +# [vaultwarden/web-vault:v2022.9.2] # -FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault +FROM vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e as vault ########################## BUILD IMAGE ########################## FROM rust:1.64-bullseye as build diff --git a/docker/armv7/Dockerfile.buildx.alpine b/docker/armv7/Dockerfile.buildx.alpine index ffe20bf1..24270bbf 100644 --- a/docker/armv7/Dockerfile.buildx.alpine +++ b/docker/armv7/Dockerfile.buildx.alpine @@ -16,15 +16,15 @@ # - From https://hub.docker.com/r/vaultwarden/web-vault/tags, # click the tag name to view the digest of the image it currently points to. # - From the command line: -# $ docker pull vaultwarden/web-vault:v2022.9.0 -# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.0 -# [vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc] +# $ docker pull vaultwarden/web-vault:v2022.9.2 +# $ docker image inspect --format "{{.RepoDigests}}" vaultwarden/web-vault:v2022.9.2 +# [vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e] # # - Conversely, to get the tag name from the digest: -# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc -# [vaultwarden/web-vault:v2022.9.0] +# $ docker image inspect --format "{{.RepoTags}}" vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e +# [vaultwarden/web-vault:v2022.9.2] # -FROM vaultwarden/web-vault@sha256:99d21235a64084c9115f4aa3da1298881b8bbf146c0d48d6530b4d685a6a6fbc as vault +FROM vaultwarden/web-vault@sha256:87b34b7525eba133b7f16b9975917362a3ab9f6466d5264c850816a8fc5e629e as vault ########################## BUILD IMAGE ########################## FROM blackdex/rust-musl:armv7-musleabihf-stable-1.64.0 as build diff --git a/src/api/core/accounts.rs b/src/api/core/accounts.rs index 35202698..a980271b 100644 --- a/src/api/core/accounts.rs +++ b/src/api/core/accounts.rs @@ -81,7 +81,7 @@ fn enforce_password_hint_setting(password_hint: &Option) -> EmptyResult } #[post("/accounts/register", data = "")] -async fn register(data: JsonUpcase, conn: DbConn) -> EmptyResult { +async fn register(data: JsonUpcase, conn: DbConn) -> JsonResult { let data: RegisterData = data.into_inner().data; let email = data.Email.to_lowercase(); @@ -178,7 +178,11 @@ async fn register(data: JsonUpcase, conn: DbConn) -> EmptyResult { } } - user.save(&conn).await + user.save(&conn).await?; + Ok(Json(json!({ + "Object": "register", + "CaptchaBypassToken": "", + }))) } #[get("/accounts/profile")] diff --git a/src/api/core/organizations.rs b/src/api/core/organizations.rs index cf8b8797..59e3a744 100644 --- a/src/api/core/organizations.rs +++ b/src/api/core/organizations.rs @@ -1048,8 +1048,11 @@ async fn edit_user( err!("Only Owners can edit Owner users") } - if user_to_edit.atype == UserOrgType::Owner && new_type != UserOrgType::Owner { - // Removing owner permmission, check that there is at least one other confirmed owner + if user_to_edit.atype == UserOrgType::Owner + && new_type != UserOrgType::Owner + && user_to_edit.status == UserOrgStatus::Confirmed as i32 + { + // Removing owner permission, check that there is at least one other confirmed owner if UserOrganization::count_confirmed_by_org_and_type(&org_id, UserOrgType::Owner, &conn).await <= 1 { err!("Can't delete the last owner") } @@ -1146,7 +1149,7 @@ async fn _delete_user(org_id: &str, org_user_id: &str, headers: &AdminHeaders, c err!("Only Owners can delete Admins or Owners") } - if user_to_delete.atype == UserOrgType::Owner { + if user_to_delete.atype == UserOrgType::Owner && user_to_delete.status == UserOrgStatus::Confirmed as i32 { // Removing owner, check that there is at least one other confirmed owner if UserOrganization::count_confirmed_by_org_and_type(org_id, UserOrgType::Owner, conn).await <= 1 { err!("Can't delete the last owner") diff --git a/src/auth.rs b/src/auth.rs index f99fbd39..252766db 100644 --- a/src/auth.rs +++ b/src/auth.rs @@ -1,18 +1,14 @@ -// // JWT Handling // use chrono::{Duration, Utc}; use num_traits::FromPrimitive; use once_cell::sync::Lazy; -use jsonwebtoken::{self, Algorithm, DecodingKey, EncodingKey, Header}; +use jsonwebtoken::{self, errors::ErrorKind, Algorithm, DecodingKey, EncodingKey, Header}; use serde::de::DeserializeOwned; use serde::ser::Serialize; -use crate::{ - error::{Error, MapResult}, - CONFIG, -}; +use crate::{error::Error, CONFIG}; const JWT_ALGORITHM: Algorithm = Algorithm::RS256; @@ -61,7 +57,15 @@ fn decode_jwt(token: &str, issuer: String) -> Result Ok(d.claims), + Err(err) => match *err.kind() { + ErrorKind::InvalidToken => err!("Token is invalid"), + ErrorKind::InvalidIssuer => err!("Issuer is invalid"), + ErrorKind::ExpiredSignature => err!("Token has expired"), + _ => err!("Error decoding JWT"), + }, + } } pub fn decode_login(token: &str) -> Result { @@ -148,9 +152,10 @@ pub fn generate_invite_claims( invited_by_email: Option, ) -> InviteJwtClaims { let time_now = Utc::now().naive_utc(); + let expire_hours = i64::from(CONFIG.invitation_expiration_hours()); InviteJwtClaims { nbf: time_now.timestamp(), - exp: (time_now + Duration::days(5)).timestamp(), + exp: (time_now + Duration::hours(expire_hours)).timestamp(), iss: JWT_INVITE_ISSUER.to_string(), sub: uuid, email, @@ -185,9 +190,10 @@ pub fn generate_emergency_access_invite_claims( grantor_email: Option, ) -> EmergencyAccessInviteJwtClaims { let time_now = Utc::now().naive_utc(); + let expire_hours = i64::from(CONFIG.invitation_expiration_hours()); EmergencyAccessInviteJwtClaims { nbf: time_now.timestamp(), - exp: (time_now + Duration::days(5)).timestamp(), + exp: (time_now + Duration::hours(expire_hours)).timestamp(), iss: JWT_EMERGENCY_ACCESS_INVITE_ISSUER.to_string(), sub: uuid, email, @@ -211,9 +217,10 @@ pub struct BasicJwtClaims { pub fn generate_delete_claims(uuid: String) -> BasicJwtClaims { let time_now = Utc::now().naive_utc(); + let expire_hours = i64::from(CONFIG.invitation_expiration_hours()); BasicJwtClaims { nbf: time_now.timestamp(), - exp: (time_now + Duration::days(5)).timestamp(), + exp: (time_now + Duration::hours(expire_hours)).timestamp(), iss: JWT_DELETE_ISSUER.to_string(), sub: uuid, } @@ -221,9 +228,10 @@ pub fn generate_delete_claims(uuid: String) -> BasicJwtClaims { pub fn generate_verify_email_claims(uuid: String) -> BasicJwtClaims { let time_now = Utc::now().naive_utc(); + let expire_hours = i64::from(CONFIG.invitation_expiration_hours()); BasicJwtClaims { nbf: time_now.timestamp(), - exp: (time_now + Duration::days(5)).timestamp(), + exp: (time_now + Duration::hours(expire_hours)).timestamp(), iss: JWT_VERIFYEMAIL_ISSUER.to_string(), sub: uuid, } diff --git a/src/config.rs b/src/config.rs index b8f3246b..3a2cf958 100644 --- a/src/config.rs +++ b/src/config.rs @@ -430,6 +430,9 @@ make_config! { org_creation_users: String, true, def, "".to_string(); /// Allow invitations |> Controls whether users can be invited by organization admins, even when signups are otherwise disabled invitations_allowed: bool, true, def, true; + /// Invitation token expiration time (in hours) |> The number of hours after which an organization invite token, emergency access invite token, + /// email verification token and deletion request token will expire (must be at least 1) + invitation_expiration_hours: u32, false, def, 120; /// Allow emergency access |> Controls whether users can enable emergency access to their accounts. This setting applies globally to all users. emergency_access_allowed: bool, true, def, true; /// Password iterations |> Number of server-side passwords hashing iterations. @@ -726,6 +729,10 @@ fn validate_config(cfg: &ConfigItems) -> Result<(), Error> { _ => err!("Only HTTP 301/302 and 307/308 redirects are supported"), } + if cfg.invitation_expiration_hours < 1 { + err!("`INVITATION_EXPIRATION_HOURS` has a minimum duration of 1 hour") + } + Ok(()) }