nickslowinski/vaultwarden-test
1
0
Fork 0
geforkt von mirrored/vaultwarden
Code Pull-Requests Aktivität
1574 Commits 1 Branch 49 Tags 23 MiB
Commit-Graph

1574 Commits

Dieser Branch
Dieser Branch
Alle Branches
Autor SHA1 Nachricht Datum
BlackDex 0c5532d8b5 Adding a SECURITY.md 2021-06-26 11:49:00 +02:00
Daniel García 46e0f3c43a
Load RSA keys as pem format directly, and using openssl crate, backported from async branch 2021-06-25 20:53:26 +02:00
Daniel García 2cd17fe7af
Add token with short expiration time to send url 2021-06-25 20:53:26 +02:00
Daniel García f44b2611e6
Update rust toolchain and dependencies 2021-06-25 20:53:26 +02:00
Mathijs van Veluw 82fee0ede3
Merge pull request #1779 from jjlin/last-known-rev-warning 
Avoid `Error parsing LastKnownRevisionDate` warning for mobile clients
 2021-06-20 18:07:18 +02:00
Jeremy Lin 49579e4ce7 Avoid Error parsing LastKnownRevisionDate warning for mobile clients 
When creating a new cipher, the mobile clients seem to set this field to an
invalid value, which causes a warning to be logged:

    Error parsing LastKnownRevisionDate '0001-01-01T00:00:00': premature end of input

Avoid this by dropping the `LastKnownRevisionDate` field on cipher creation.
 2021-06-19 21:32:11 -07:00
Daniel García 9254cf9d9c
Fix clippy lints 2021-06-19 22:02:03 +02:00
Daniel García ff0fee3690
Merge branch 'BlackDex-admin-changes' into main 2021-06-19 21:38:58 +02:00
Daniel García 0778bd4bd5
Merge branch 'admin-changes' of https://github.com/BlackDex/vaultwarden into BlackDex-admin-changes 2021-06-19 21:27:25 +02:00
Daniel García 0cd065d354
Update webauthn-rs crate to upstream version 2021-06-19 21:25:55 +02:00
BlackDex 8615736e84 Multiple Admin Interface fixes and some others. 
Misc:
- Fixed hadolint workflow, new git cli needs some extra arguments.
- Add ignore paths to all specific on triggers.
- Updated hadolint version.
- Made SMTP_DEBUG read-only, since it can't be changed at runtime.

Admin:
- Migrated from Bootstrap v4 to v5
- Updated jquery to v3.6.0
- Updated Datatables
- Made Javascript strict
- Added a way to show which ENV Vars are overridden.
- Changed the way to provide data for handlebars.
- Fixed date/time check.
- Made support string use details and summary feature of markdown/github.
 2021-06-19 19:22:19 +02:00
Daniel García 5772836be5
Fix admin page with handlebars 4 2021-06-16 22:57:28 +02:00
Daniel García c380d9c379
Support for webauthn and u2f->webauthn migrations 2021-06-16 19:06:40 +02:00
Daniel García cea7a30d82
Merge pull request #1761 from jjlin/deps 
Update dependencies
 2021-06-10 21:03:05 +02:00
Jeremy Lin 06cde29419 Update dependencies 
Notably, update `diesel` to 1.4.7 and `libsqlite3-sys` to 0.22.2 to pick up
the fix for CVE-2021-20227 added in SQLite 3.34.1.
 2021-06-09 01:44:29 -07:00
Daniel García 20f5988174
Merge pull request #1736 from jjlin/rocket-env-docs 
Clarify Rocket env var defaults
 2021-06-04 20:03:17 +02:00
Jeremy Lin b491cfe0b0 Clarify Rocket env var defaults 
Mention `ROCKET_WORKERS`, but remove `ROCKET_ENV` since most users
probably wouldn't use it.
 2021-05-31 13:13:02 -07:00
Daniel García fc513413ea
Merge pull request #1730 from jjlin/attachment-upload-v2 
Add support for v2 attachment upload APIs
 2021-05-30 22:27:52 +02:00
Jeremy Lin 3f7e4712cd Fix attachment size limit calculation for v2 uploads 2021-05-25 23:17:22 -07:00
Jeremy Lin c2ef331df9 Rework file ID generation 2021-05-25 23:15:24 -07:00
Jeremy Lin 5fef7983f4 Clean up attachment error handling 2021-05-25 22:13:04 -07:00
Jeremy Lin 29ed82a359 Add support for v2 attachment upload APIs 
Upstream PR: https://github.com/bitwarden/server/pull/1229
 2021-05-25 04:14:51 -07:00
Daniel García 7d5186e40a
Merge pull request #1706 from jjlin/trash-auto-delete-env 
Add `TRASH_AUTO_DELETE_DAYS` to .env.template
 2021-05-17 17:21:34 +02:00
Daniel García 99270612ba
Merge pull request #1704 from jjlin/global-domains 
Sync global_domains.json
 2021-05-17 17:21:09 +02:00
Jeremy Lin c7b5b6ee07 Add TRASH_AUTO_DELETE_DAYS to .env.template 2021-05-16 17:51:54 -07:00
Jeremy Lin 848d17ffb9 Sync global_domains.json to bitwarden/server@7857053 (Amazon) 2021-05-16 15:16:41 -07:00
Daniel García 47e8aa29e1
Merge pull request #1702 from BlackDex/icon-updates-plus 
Updated icon fetching and crates.
 2021-05-16 23:35:37 +02:00
BlackDex f270f2ed65 Updated icon fetching and crates. 
- Updated some crates
- Updated icon fetching code:
  + Use a cookie jar and set Max-Age to 2 minutes for all cookies
  + Locate the base href tag to fix some locations
  + Changed User-Agent (Helps on some sites to get HTML instead of JS)
  + Reduced HTML code limit from 512KB to 384KB
  + Allow some large icons higer-up in the sort
  + Allow GIF images
  + Ignore cookie_store and hyper::client debug messages
 2021-05-16 15:29:13 +02:00
Daniel García aba5b234af
Merge pull request #1700 from jjlin/fix-attachment-downloads 
Fix attachment downloads
 2021-05-16 14:11:21 +02:00
Jeremy Lin 9133e2927d Fix attachment downloads 
Upstream switched to new upload/download APIs. Uploads fall back to the
legacy APIs for now, but not downloads apparently.
 2021-05-15 22:46:57 -07:00
Jeremy Lin 38104ba7cf cargo fmt changes 
The PR build seems to fail without this...
 2021-05-15 22:46:37 -07:00
Daniel García c42bcae224
Merge pull request #1696 from umireon/patch-1 
Remove unneeded spaces in .env.template
 2021-05-14 17:40:05 +02:00
Kaito Udagawa 764e51bbe9
Remove unneeded spaces in .env.template 2021-05-14 22:36:42 +09:00
Daniel García 8e6c6a1dc4
Merge pull request #1689 from jjlin/hide-email 
Add support for hiding the sender's email address in Bitwarden Sends
 2021-05-12 23:05:53 +02:00
Daniel García 7a9cfc45da
Merge pull request #1688 from jjlin/config-sends-allowed 
Add `sends_allowed` config setting
 2021-05-12 23:05:41 +02:00
Daniel García 9e24b9065c
Merge pull request #1682 from dongcarl/2021-05-admin-granular-http-codes 
admin: More granular HTTP return codes for user-related endpoints
 2021-05-12 23:05:30 +02:00
Daniel García 1c2b376ca2
Merge pull request #1663 from dongcarl/2021-05-invite_user-return 
admin: Return newly-created user in invite_user
 2021-05-12 23:05:20 +02:00
Daniel García 746ce2afb4
Merge pull request #1653 from jjlin/password-reprompt 
Add support for password reprompt
 2021-05-12 23:05:01 +02:00
Jeremy Lin 029008bad5 Add support for the Send Options policy 
Upstream refs:

* https://github.com/bitwarden/server/pull/1234
* https://bitwarden.com/help/article/policies/#send-options
 2021-05-12 01:22:12 -07:00
Jeremy Lin d3449bfa00 Add support for hiding the sender's email address in Bitwarden Sends 
Note: The original Vaultwarden implementation of Bitwarden Send would always
hide the email address, while the upstream implementation would always show it.

Upstream PR: https://github.com/bitwarden/server/pull/1234
 2021-05-11 22:51:12 -07:00
Jeremy Lin a9a5706764 Add support for password reprompt 
Upstream PR: https://github.com/bitwarden/server/pull/1269
 2021-05-11 20:09:57 -07:00
Jeremy Lin 3ff8014add Add sends_allowed config setting 
This provides global control over whether users can create Bitwarden Sends.
 2021-05-11 20:07:32 -07:00
Carl Dong e60bdc7efe admin: Make invite_user error codes more specific 
- Return 409 Conflict for when a user with that email already exists
- Return 500 InternalServerError for everything else
 2021-05-10 11:47:41 -04:00
Carl Dong cccd8262fa admin: Add /users/<uuid> route 
Individual user information can now be looked up by UUID.
 2021-05-10 11:47:41 -04:00
Carl Dong 68e5d95d25 admin: Specifically return 404 for user not found 
- Modify err_code to accept an expr for err_code
- Add get_user_or_404, properly returning 404 instead of a generic 400
  for cases where user is not found
- Use get_user_or_404 where appropriate.
 2021-05-10 11:47:41 -04:00
Carl Dong 5f458b288a admin: Return newly-created user in invite_user 
Instead of having the caller dig through /admin/users for the right one,
just return the user upon creation.
 2021-05-10 11:47:41 -04:00
Daniel García e9ee8ac2fa
Fix sponsors 2021-05-08 19:01:51 +02:00
Daniel García 8a4dfc3bbe
Merge pull request #1670 from BlackDex/branding-and-email 
Updated branding, email and crates
 2021-05-08 18:40:57 +02:00
Daniel García 4f86517501
Merge pull request #1679 from BlackDex/gh-workflows 
Updated Pipelines and fixed new Hadolints
 2021-05-08 18:40:41 +02:00
BlackDex 7cb19ef767 Updated branding, email and crates 
- Updated branding for admin and emails
- Updated crates and some deprications
- Removed newline-converter because this is built-in into lettre
- Updated email templates to use a shared header and footer template
- Also trigger SMTP SSL When TLS is selected without SSL
  Resolves #1641
 2021-05-08 17:46:31 +02:00