Home Explore Help
Register Sign In
Apq
/
vaultwarden
mirror of https://github.com/dani-garcia/vaultwarden.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Merge branch 'master' into fmt

Daniel García 4 years ago
parent
994669fb69 4bb0d7bc05
commit
95d906bdbb
8 changed files with 79 additions and 25 deletions
Split View Show Diff Stats
  1. 39 0
      Cargo.lock
  2. 1 1
      Cargo.toml
  3. 4 6
      src/api/admin.rs
  4. 3 5
      src/api/core/mod.rs
  5. 7 7
      src/api/core/two_factor/duo.rs
  6. 3 3
      src/api/icons.rs
  7. 5 1
      src/static/templates/admin/settings.hbs
  8. 17 2
      src/util.rs

+ 39 - 0
Cargo.lock
View File 

@@ -563,6 +563,12 @@ version = "0.15.0"
 
 source = "registry+https://github.com/rust-lang/crates.io-index"
 
 checksum = "77c90badedccf4105eca100756a0b1289e191f6fcbdadd3cee1d2f614f97da8f"
 
 
+[[package]]
 
+name = "either"
 
+version = "1.6.1"
 
+source = "registry+https://github.com/rust-lang/crates.io-index"
 
+checksum = "e78d4f1cc4ae33bbfc157ed5d5a5ef3bc29227303d595861deb238fcec4e9457"
 
+
 
 [[package]]
 
 name = "encoding_rs"
 
 version = "0.8.28"
 
@@ -2213,6 +2219,7 @@ dependencies = [
 
  "serde_urlencoded",
 
  "tokio",
 
  "tokio-native-tls",
 
+ "tokio-socks",
 
  "tokio-util",
 
  "url 2.2.1",
 
  "wasm-bindgen",
 
@@ -2767,6 +2774,26 @@ dependencies = [
 
  "utf-8",
 
 ]
 
 
+[[package]]
 
+name = "thiserror"
 
+version = "1.0.24"
 
+source = "registry+https://github.com/rust-lang/crates.io-index"
 
+checksum = "e0f4a65597094d4483ddaed134f409b2cb7c1beccf25201a9f73c719254fa98e"
 
+dependencies = [
 
+ "thiserror-impl",
 
+]
 
+
 
+[[package]]
 
+name = "thiserror-impl"
 
+version = "1.0.24"
 
+source = "registry+https://github.com/rust-lang/crates.io-index"
 
+checksum = "7765189610d8241a44529806d6fd1f2e0a08734313a35d5b3a556f92b381f3c0"
 
+dependencies = [
 
+ "proc-macro2 1.0.24",
 
+ "quote 1.0.9",
 
+ "syn 1.0.65",
 
+]
 
+
 
 [[package]]
 
 name = "threadpool"
 
 version = "1.8.1"
 
@@ -2865,6 +2892,18 @@ dependencies = [
 
  "tokio",
 
 ]
 
 
+[[package]]
 
+name = "tokio-socks"
 
+version = "0.5.1"
 
+source = "registry+https://github.com/rust-lang/crates.io-index"
 
+checksum = "51165dfa029d2a65969413a6cc96f354b86b464498702f174a4efa13608fd8c0"
 
+dependencies = [
 
+ "either",
 
+ "futures-util",
 
+ "thiserror",
 
+ "tokio",
 
+]
 
+
 
 [[package]]
 
 name = "tokio-util"
 
 version = "0.6.5"

+ 1 - 1
Cargo.toml
View File 

@@ -32,7 +32,7 @@ rocket = { version = "0.5.0-dev", features = ["tls"], default-features = false }
 
 rocket_contrib = "0.5.0-dev"
 
 
 # HTTP client
 
-reqwest = { version = "0.11.2", features = ["blocking", "json", "gzip", "brotli"] }
 
+reqwest = { version = "0.11.2", features = ["blocking", "json", "gzip", "brotli", "socks"] }
 
 
 # multipart/form-data support
 
 multipart = { version = "0.17.1", features = ["server"], default-features = false }

+ 4 - 6
src/api/admin.rs
View File 

@@ -3,7 +3,7 @@ use serde::de::DeserializeOwned;
 
 use serde_json::Value;
 
 use std::{env, time::Duration};
 
 
-use reqwest::{blocking::Client, header::USER_AGENT};
 
+
 
 use rocket::{
 
     http::{Cookie, Cookies, SameSite},
 
     request::{self, FlashMessage, Form, FromRequest, Outcome, Request},
 
@@ -19,7 +19,7 @@ use crate::{
 
     db::{backup_database, get_sql_server_version, models::*, DbConn, DbConnType},
 
     error::{Error, MapResult},
 
     mail,
 
-    util::{format_naive_datetime_local, get_display_size, is_running_in_docker},
 
+    util::{format_naive_datetime_local, get_display_size, is_running_in_docker, get_reqwest_client},
 
     CONFIG,
 
 };
 
 
@@ -469,24 +469,22 @@ struct GitCommit {
 
 }
 
 
 fn get_github_api<T: DeserializeOwned>(url: &str) -> Result<T, Error> {
 
-    let github_api = Client::builder().build()?;
 
+    let github_api = get_reqwest_client();
 
 
     Ok(github_api
 
         .get(url)
 
         .timeout(Duration::from_secs(10))
 
-        .header(USER_AGENT, "Bitwarden_RS")
 
         .send()?
 
         .error_for_status()?
 
         .json::<T>()?)
 
 }
 
 
 fn has_http_access() -> bool {
 
-    let http_access = Client::builder().build().unwrap();
 
+    let http_access = get_reqwest_client();
 
 
     match http_access
 
         .head("https://github.com/dani-garcia/bitwarden_rs")
 
         .timeout(Duration::from_secs(10))
 
-        .header(USER_AGENT, "Bitwarden_RS")
 
         .send()
 
     {
 
         Ok(r) => r.status().is_success(),

+ 3 - 5
src/api/core/mod.rs
View File 

@@ -37,6 +37,7 @@ use crate::{
 
     auth::Headers,
 
     db::DbConn,
 
     error::Error,
 
+    util::get_reqwest_client,
 
 };
 
 
 #[put("/devices/identifier/<uuid>/clear-token")]
 
@@ -141,18 +142,15 @@ fn put_eq_domains(data: JsonUpcase<EquivDomainData>, headers: Headers, conn: DbC
 
 
 #[get("/hibp/breach?<username>")]
 
 fn hibp_breach(username: String) -> JsonResult {
 
-    let user_agent = "Bitwarden_RS";
 
     let url = format!(
 
         "https://haveibeenpwned.com/api/v3/breachedaccount/{}?truncateResponse=false&includeUnverified=false",
 
         username
 
     );
 
 
-    use reqwest::{blocking::Client, header::USER_AGENT};
 
-
 
     if let Some(api_key) = crate::CONFIG.hibp_api_key() {
 
-        let hibp_client = Client::builder().build()?;
 
+        let hibp_client = get_reqwest_client();
 
 
-        let res = hibp_client.get(&url).header(USER_AGENT, user_agent).header("hibp-api-key", api_key).send()?;
 
+        let res = hibp_client.get(&url).header("hibp-api-key", api_key).send()?;
 
 
         // If we get a 404, return a 404, it means no breached accounts
 
         if res.status() == 404 {

+ 7 - 7
src/api/core/two_factor/duo.rs
View File 

@@ -12,6 +12,7 @@ use crate::{
 
         DbConn,
 
     },
 
     error::MapResult,
 
+    util::get_reqwest_client,
 
     CONFIG,
 
 };
 
 
@@ -189,9 +190,7 @@ fn activate_duo_put(data: JsonUpcase<EnableDuoData>, headers: Headers, conn: DbC
 
 }
 
 
 fn duo_api_request(method: &str, path: &str, params: &str, data: &DuoData) -> EmptyResult {
 
-    const AGENT: &str = "bitwarden_rs:Duo/1.0 (Rust)";
 
-
 
-    use reqwest::{blocking::Client, header::*, Method};
 
+    use reqwest::{header, Method};
 
     use std::str::FromStr;
 
 
     // https://duo.com/docs/authapi#api-details
 
@@ -203,11 +202,12 @@ fn duo_api_request(method: &str, path: &str, params: &str, data: &DuoData) -> Em
 
 
     let m = Method::from_str(method).unwrap_or_default();
 
 
-    Client::new()
 
-        .request(m, &url)
 
+    let client = get_reqwest_client();
 
+
 
+    client.request(m, &url)
 
         .basic_auth(username, Some(password))
 
-        .header(USER_AGENT, AGENT)
 
-        .header(DATE, date)
 
+        .header(header::USER_AGENT, "bitwarden_rs:Duo/1.0 (Rust)")
 
+        .header(header::DATE, date)
 
         .send()?
 
         .error_for_status()?;

+ 3 - 3
src/api/icons.rs
View File 

@@ -12,7 +12,7 @@ use regex::Regex;
 
 use reqwest::{blocking::Client, blocking::Response, header, Url};
 
 use rocket::{http::ContentType, http::Cookie, response::Content, Route};
 
 
-use crate::{error::Error, util::Cached, CONFIG};
 
+use crate::{error::Error, util::{Cached, get_reqwest_client_builder}, CONFIG};
 
 
 pub fn routes() -> Vec<Route> {
 
     routes![icon]
 
@@ -33,11 +33,11 @@ static CLIENT: Lazy<Client> = Lazy::new(|| {
 
     );
 
 
     // Reuse the client between requests
 
-    Client::builder()
 
+    get_reqwest_client_builder()
 
         .timeout(Duration::from_secs(CONFIG.icon_download_timeout()))
 
         .default_headers(default_headers)
 
         .build()
 
-        .unwrap()
 
+        .expect("Failed to build icon client")
 
 });
 
 
 // Build Regex only once since this takes a lot of time.

+ 5 - 1
src/static/templates/admin/settings.hbs
View File 

@@ -116,7 +116,11 @@
 
                             data-target="#g_database">Backup Database</button></div>
 
                     <div id="g_database" class="card-body collapse" data-parent="#config-form">
 
                         <div class="small mb-3">
 
-                            NOTE: A local installation of sqlite3 is required for this section to work.
 
+                            WARNING: This function only creates a backup copy of the SQLite database.
 
+                            This does not include any configuration or file attachment data that may
 
+                            also be needed to fully restore a bitwarden_rs instance. For details on
 
+                            how to perform complete backups, refer to the wiki page on
 
+                            <a href="https://github.com/dani-garcia/bitwarden_rs/wiki/Backing-up-your-vault">backups</a>.
 
                         </div>
 
                         <button type="button" class="btn btn-primary" onclick="backupDatabase();">Backup Database</button>
 
                     </div>

+ 17 - 2
src/util.rs
View File 

@@ -478,7 +478,6 @@ pub fn retry<F, T, E>(func: F, max_tries: u32) -> Result<T, E>
 
 where
 
     F: Fn() -> Result<T, E>,
 
 {
 
-    use std::{thread::sleep, time::Duration};
 
     let mut tries = 0;
 
 
     loop {
 
@@ -497,12 +496,13 @@ where
 
     }
 
 }
 
 
+use std::{thread::sleep, time::Duration};
 
+
 
 pub fn retry_db<F, T, E>(func: F, max_tries: u32) -> Result<T, E>
 
 where
 
     F: Fn() -> Result<T, E>,
 
     E: std::error::Error,
 
 {
 
-    use std::{thread::sleep, time::Duration};
 
     let mut tries = 0;
 
 
     loop {
 
@@ -522,3 +522,18 @@ where
 
         }
 
     }
 
 }
 
+
 
+use reqwest::{blocking::{Client, ClientBuilder}, header};
 
+
 
+pub fn get_reqwest_client() -> Client {
 
+    get_reqwest_client_builder().build().expect("Failed to build client")
 
+}
 
+
 
+pub fn get_reqwest_client_builder() -> ClientBuilder {
 
+    let mut headers = header::HeaderMap::new();
 
+    headers.insert(header::USER_AGENT, header::HeaderValue::from_static("Bitwarden_RS"));
 
+    Client::builder()
 
+        .default_headers(headers)
 
+        .timeout(Duration::from_secs(10))
 
+
 
+}