Startseite Erkunden Hilfe
Registrieren Anmelden
Apq
/
vaultwarden
Mirror von https://github.com/dani-garcia/vaultwarden.git
1
0
Fork 0
Dateien Issues 0 Wiki
Quellcode durchsuchen

Updated dependencies and small mail fixes

- Updated rust nightly
- Updated depenencies
- Removed unicode support for regex (less dependencies)
- Fixed dependency and nightly changes/deprications
- Some mail changes for less spam point triggering
BlackDex vor 4 Jahren
Ursprung
4628e4519d
Commit
5860679624
10 geänderte Dateien mit 347 neuen und 177 gelöschten Zeilen
Geteilte Ansicht Diff-Statistik anzeigen
  1. 305 139
      Cargo.lock
  2. 14 15
      Cargo.toml
  3. 1 1
      docker/Dockerfile.j2
  4. 1 1
      docker/amd64/Dockerfile.alpine
  5. 1 1
      rust-toolchain
  6. 5 6
      src/api/notifications.rs
  7. 4 0
      src/config.rs
  8. 1 1
      src/crypto.rs
  9. 14 12
      src/mail.rs
  10. 1 1
      src/main.rs

Datei-Diff unterdrückt, da er zu groß ist
+ 305 - 139
Cargo.lock


+ 14 - 15
Cargo.toml
Datei anzeigen 

@@ -32,10 +32,10 @@ rocket = { version = "0.5.0-dev", features = ["tls"], default-features = false }
 
 rocket_contrib = "0.5.0-dev"
 
 
 # HTTP client
 
-reqwest = { version = "0.10.10", features = ["blocking", "json"] }
 
+reqwest = { version = "0.11.0", features = ["blocking", "json"] }
 
 
 # multipart/form-data support
 
-multipart = { version = "0.17.0", features = ["server"], default-features = false }
 
+multipart = { version = "0.17.1", features = ["server"], default-features = false }
 
 
 # WebSockets library
 
 ws = { version = "0.10.0", package = "parity-ws" }
 
@@ -47,12 +47,11 @@ rmpv = "0.4.6"
 
 chashmap = "2.2.2"
 
 
 # A generic serialization/deserialization framework
 
-serde = "1.0.118"
 
-serde_derive = "1.0.118"
 
-serde_json = "1.0.60"
 
+serde = { version = "1.0.123", features = ["derive"] }
 
+serde_json = "1.0.61"
 
 
 # Logging
 
-log = "0.4.11"
 
+log = "0.4.14"
 
 fern = { version = "0.6.0", features = ["syslog-4"] }
 
 
 # A safe, extensible ORM and Query builder
 
@@ -63,22 +62,22 @@ diesel_migrations = "1.4.0"
 
 libsqlite3-sys = { version = "0.18.0", features = ["bundled"], optional = true }
 
 
 # Crypto-related libraries
 
-rand = "0.7.3"
 
+rand = "0.8.3"
 
 ring = "0.16.19"
 
 
 # UUID generation
 
-uuid = { version = "0.8.1", features = ["v4"] }
 
+uuid = { version = "0.8.2", features = ["v4"] }
 
 
 # Date and time libraries
 
 chrono = "0.4.19"
 
 chrono-tz = "0.5.3"
 
-time = "0.2.23"
 
+time = "0.2.25"
 
 
 # TOTP library
 
 oath = "0.10.2"
 
 
 # Data encoding library
 
-data-encoding = "2.3.1"
 
+data-encoding = "2.3.2"
 
 
 # JWT library
 
 jsonwebtoken = "7.2.0"
 
@@ -100,19 +99,19 @@ num-traits = "0.2.14"
 
 num-derive = "0.3.3"
 
 
 # Email libraries
 
-lettre = { version = "0.10.0-alpha.4", features = ["smtp-transport", "builder", "serde", "native-tls", "hostname", "tracing"], default-features = false }
 
+lettre = { version = "0.10.0-alpha.5", features = ["smtp-transport", "builder", "serde", "native-tls", "hostname", "tracing"], default-features = false }
 
 newline-converter = "0.1.0"
 
 
 # Template library
 
-handlebars = { version = "3.5.1", features = ["dir_source"] }
 
+handlebars = { version = "3.5.2", features = ["dir_source"] }
 
 
 # For favicon extraction from main website
 
 soup = "0.5.0"
 
-regex = "1.4.2"
 
+regex = { version = "1.4.3", features = ["std", "perf"], default-features = false }
 
 data-url = "0.1.0"
 
 
 # Used by U2F, JWT and Postgres
 
-openssl = "0.10.31"
 
+openssl = "0.10.32"
 
 
 # URL encoding library
 
 percent-encoding = "2.1.0"
 
@@ -123,7 +122,7 @@ idna = "0.2.0"
 
 structopt = "0.3.21"
 
 
 # Logging panics to logfile instead stderr only
 
-backtrace = "0.3.55"
 
+backtrace = "0.3.56"
 
 
 # Macro ident concatenation
 
 paste = "1.0.4"

+ 1 - 1
docker/Dockerfile.j2
Datei anzeigen 

@@ -4,7 +4,7 @@
 
 {% set build_stage_base_image = "rust:1.48" %}
 
 {% if "alpine" in target_file %}
 
 {%   if "amd64" in target_file %}
 
-{%     set build_stage_base_image = "clux/muslrust:nightly-2020-11-22" %}
 
+{%     set build_stage_base_image = "clux/muslrust:nightly-2021-01-25" %}
 
 {%     set runtime_stage_base_image = "alpine:3.12" %}
 
 {%     set package_arch_target = "x86_64-unknown-linux-musl" %}
 
 {%   elif "armv7" in target_file %}

+ 1 - 1
docker/amd64/Dockerfile.alpine
Datei anzeigen 

@@ -25,7 +25,7 @@
 
 FROM bitwardenrs/web-vault@sha256:57af3fd71706bf6a594488d809ec73f04f77f3f5e97f72fab74c681c4f5a5272 as vault
 
 
 ########################## BUILD IMAGE  ##########################
 
-FROM clux/muslrust:nightly-2020-11-22 as build
 
+FROM clux/muslrust:nightly-2021-01-25 as build
 
 
 # Alpine-based AMD64 (musl) does not support mysql/mariadb during compile time.
 
 ARG DB=sqlite,postgresql

+ 1 - 1
rust-toolchain
Datei anzeigen 

@@ -1 +1 @@
 
-nightly-2020-11-22
 
+nightly-2021-01-25

+ 5 - 6
src/api/notifications.rs
Datei anzeigen 

@@ -19,13 +19,12 @@ static SHOW_WEBSOCKETS_MSG: AtomicBool = AtomicBool::new(true);
 
 
 #[get("/hub")]
 
 fn websockets_err() -> EmptyResult {
 
-    if CONFIG.websocket_enabled() && SHOW_WEBSOCKETS_MSG.compare_and_swap(true, false, Ordering::Relaxed) {
 
-        err!(
 
-    "###########################################################
 
+    if CONFIG.websocket_enabled() && SHOW_WEBSOCKETS_MSG.compare_exchange(true, false, Ordering::Relaxed, Ordering::Relaxed).is_ok() {
 
+        err!("
 
+    ###########################################################
 
     '/notifications/hub' should be proxied to the websocket server or notifications won't work.
 
     Go to the Wiki for more info, or disable WebSockets setting WEBSOCKET_ENABLED=false.
 
-    ###########################################################################################"
 
-        )
 
+    ###########################################################################################\n")
 
     } else {
 
         Err(Error::empty())
 
     }
 
@@ -161,7 +160,7 @@ impl WSHandler {
 
                 }
 
             }
 
         };
 
-        
+
 
         // Otherwise verify the query parameter value
 
         let path = hs.request.resource();
 
         if let Some(params) = path.split('?').nth(1) {

+ 4 - 0
src/config.rs
Datei anzeigen 

@@ -557,6 +557,10 @@ fn validate_config(cfg: &ConfigItems) -> Result<(), Error> {
 
             err!("Both `SMTP_HOST` and `SMTP_FROM` need to be set for email support")
 
         }
 
 
+        if !cfg.smtp_from.contains('@') {
 
+            err!("SMTP_FROM does not contain a mandatory @ sign")
 
+        }
 
+
 
         if cfg.smtp_username.is_some() != cfg.smtp_password.is_some() {
 
             err!("Both `SMTP_USERNAME` and `SMTP_PASSWORD` need to be set to enable email authentication")
 
         }

+ 1 - 1
src/crypto.rs
Datei anzeigen 

@@ -67,7 +67,7 @@ pub fn generate_token(token_size: u32) -> Result<String, Error> {
 
     // token of fixed width, left-padding with 0 as needed.
 
     use rand::{thread_rng, Rng};
 
     let mut rng = thread_rng();
 
-    let number: u64 = rng.gen_range(low, high);
 
+    let number: u64 = rng.gen_range(low..high);
 
     let token = format!("{:0size$}", number, size = token_size as usize);
 
 
     Ok(token)

+ 14 - 12
src/mail.rs
Datei anzeigen 

@@ -302,30 +302,32 @@ fn send_email(address: &str, subject: &str, body_html: &str, body_text: &str) ->
 
 
     let address = format!("{}@{}", address_split[1], domain_puny);
 
 
-    let html = SinglePart::base64()
 
+    let html = SinglePart::builder()
 
+        // We force Base64 encoding because in the past we had issues with different encodings.
 
+        .header(header::ContentTransferEncoding::Base64)
 
         .header(header::ContentType("text/html; charset=utf-8".parse()?))
 
-        .body(body_html);
 
+        .body(String::from(body_html));
 
 
-    let text = SinglePart::base64()
 
+    let text = SinglePart::builder()
 
+        // We force Base64 encoding because in the past we had issues with different encodings.
 
+        .header(header::ContentTransferEncoding::Base64)
 
         .header(header::ContentType("text/plain; charset=utf-8".parse()?))
 
-        .body(body_text);
 
+        .body(String::from(body_text));
 
 
-    // The boundary generated by Lettre it self is mostly too large based on the RFC822, so we generate one our selfs.
 
-    use uuid::Uuid;
 
-    let unique_id = Uuid::new_v4().to_simple();
 
-    let boundary = format!("_Part_{}_", unique_id);
 
-    let alternative = MultiPart::alternative().boundary(boundary).singlepart(text).singlepart(html);
 
     let smtp_from = &CONFIG.smtp_from();
 
-
 
     let email = Message::builder()
 
-        .message_id(Some(format!("<{}.{}>", unique_id, smtp_from)))
 
+        .message_id(Some(format!("<{}@{}>", crate::util::get_uuid(), smtp_from.split('@').collect::<Vec<&str>>()[1] )))
 
         .to(Mailbox::new(None, Address::from_str(&address)?))
 
         .from(Mailbox::new(
 
             Some(CONFIG.smtp_from_name()),
 
             Address::from_str(smtp_from)?,
 
         ))
 
         .subject(subject)
 
-        .multipart(alternative)?;
 
+        .multipart(
 
+            MultiPart::alternative()
 
+                .singlepart(text)
 
+                .singlepart(html)
 
+        )?;
 
 
     match mailer().send(&email) {
 
         Ok(_) => Ok(()),

+ 1 - 1
src/main.rs
Datei anzeigen 

@@ -6,7 +6,7 @@ extern crate openssl;
 
 #[macro_use]
 
 extern crate rocket;
 
 #[macro_use]
 
-extern crate serde_derive;
 
+extern crate serde;
 
 #[macro_use]
 
 extern crate serde_json;
 
 #[macro_use]

Einige Dateien werden nicht angezeigt, da zu viele Dateien in diesem Diff geändert wurden.