Commit Graph

2761 Commits

Author SHA1 Message Date
BlackDex b60a4a68c7
Fix a panic during Yubikey register/login
The yubico crate uses blocking reqwest, and we called the `verify` from
a async thread. To prevent issues we need to wrap it within a
`spawn_blocking`.
2022-12-18 17:57:35 +01:00
BlackDex 8b6dfe48b7
Disable groups by default and Some optimizations
- Put groups support behind a feature flag, and disabled by default.
  The reason is that it has some known issues, but we want to keep
  optimizing this feature. Putting it behind a feature flag could help
  some users, and the developers into optimizing this feature without to
  much trouble.

Further:

- Updates Rust to v1.66.0
- Updated GHA workflows
- Updated Alpine to 3.17
- Updated jquery to v3.6.2
- Moved jdenticon.js to load at the bottom, fixes an issue on chromium
- Added autocomplete attribute to admin login password field
- Added some extra CSP options (Tested this on Safari, Firefox, Chrome, Bitwarden Desktop)
- Moved uppercase convertion from runtime to compile-time using `paste`
  for building the environment variables, lowers heap allocations.
2022-12-16 14:52:42 +01:00
BlackDex 6154e03c05
Fix recover-2fa not working.
When audit logging was introduced there entered a small bug preventing
the recover-2fa from working.

This PR fixes that by add a new headers check to extract the device-type
when possible and use that for the logging.

Fixes #2985
2022-12-15 15:57:30 +01:00
Daniel García d0b53a6a3d
Update web vault to v2022.11.2 2022-12-12 23:11:46 +01:00
Daniel García 317aa679cf
Merge branch 'BlackDex-issue-2975' 2022-12-12 22:56:32 +01:00
BlackDex 8d1bc2e539
Fix org export (again)
It looks like Bitwarden, in-the-end, didn't changed the export feature
on v2022.11.0, and now have put in on v2023.1.0.

This patch now changes that to the same version.
Before those new clients are being released, we should see if they
changed that again, and adjust where needed.
2022-12-12 22:56:14 +01:00
BlackDex 50c46f6e9a
Remove ctrlc crate and some updates
- Removed ctrlc crate and use the tokio provided ctrl_c function.
- Updated some crates.
2022-12-12 22:56:10 +01:00
Helmut K. C. Tessarek 4f1928778a
use 32x32 favicon for consistency 2022-12-12 22:56:09 +01:00
Helmut K. C. Tessarek 5fcba3d7f5
use black favicon for /admin 2022-12-12 22:56:09 +01:00
Helmut K. C. Tessarek 4db42b07c4
Improve comments
- The first one was not a proper sentence.
- The second one mixed passive and active form in the secon d part of the sentence.
2022-12-12 22:56:09 +01:00
BlackDex cd3e2d7a5a
Increase privacy of masked config
This changes the masking function to hide a bit more information from
the generated support string. It will still keep showing the `://` for
example, and `,`, but other characters will be hidden.

Also did some small changes on some key's which all showed up as
`Internal` on the Settings page.

Fixes #2929
2022-12-12 22:56:09 +01:00
Daniel García d139e22042
Merge branch 'BlackDex-fix-org-export' 2022-12-12 22:55:56 +01:00
BlackDex 892296e6d5
Remove ctrlc crate and some updates
- Removed ctrlc crate and use the tokio provided ctrl_c function.
- Updated some crates.
2022-12-12 22:55:17 +01:00
Helmut K. C. Tessarek 992ef399ed
use 32x32 favicon for consistency 2022-12-12 22:55:17 +01:00
Helmut K. C. Tessarek 5afba46743
use black favicon for /admin 2022-12-12 22:55:16 +01:00
Helmut K. C. Tessarek df0aa7949e
Improve comments
- The first one was not a proper sentence.
- The second one mixed passive and active form in the secon d part of the sentence.
2022-12-12 22:55:16 +01:00
BlackDex 353d2e6e01
Increase privacy of masked config
This changes the masking function to hide a bit more information from
the generated support string. It will still keep showing the `://` for
example, and `,`, but other characters will be hidden.

Also did some small changes on some key's which all showed up as
`Internal` on the Settings page.

Fixes #2929
2022-12-12 22:55:16 +01:00
Daniel García f9375bb215
Merge branch 'BlackDex-replace-ctrlc-crate' 2022-12-12 22:55:06 +01:00
Helmut K. C. Tessarek 8d04ff66e7
use 32x32 favicon for consistency 2022-12-12 22:55:02 +01:00
Helmut K. C. Tessarek e649b11511
use black favicon for /admin 2022-12-12 22:55:02 +01:00
Helmut K. C. Tessarek bda19bdddf
Improve comments
- The first one was not a proper sentence.
- The second one mixed passive and active form in the secon d part of the sentence.
2022-12-12 22:55:01 +01:00
BlackDex 99fd92df21
Increase privacy of masked config
This changes the masking function to hide a bit more information from
the generated support string. It will still keep showing the `://` for
example, and `,`, but other characters will be hidden.

Also did some small changes on some key's which all showed up as
`Internal` on the Settings page.

Fixes #2929
2022-12-12 22:55:01 +01:00
Daniel García 1210310063
Merge branch 'tessus-fix/admin-icon' 2022-12-12 22:54:49 +01:00
Helmut K. C. Tessarek b093384385
Improve comments
- The first one was not a proper sentence.
- The second one mixed passive and active form in the secon d part of the sentence.
2022-12-12 22:54:45 +01:00
BlackDex cec45ae9bd
Increase privacy of masked config
This changes the masking function to hide a bit more information from
the generated support string. It will still keep showing the `://` for
example, and `,`, but other characters will be hidden.

Also did some small changes on some key's which all showed up as
`Internal` on the Settings page.

Fixes #2929
2022-12-12 22:54:45 +01:00
Daniel García e6dd584dd6
Merge branch 'tessus-fix/env-template' 2022-12-12 22:54:34 +01:00
BlackDex 7cc74dabaf
Increase privacy of masked config
This changes the masking function to hide a bit more information from
the generated support string. It will still keep showing the `://` for
example, and `,`, but other characters will be hidden.

Also did some small changes on some key's which all showed up as
`Internal` on the Settings page.

Fixes #2929
2022-12-12 22:54:30 +01:00
Daniel García 2336f102f9
Merge branch 'BlackDex-issue-2929' 2022-12-12 22:53:48 +01:00
BlackDex cebe0f6442
Remove ctrlc crate and some updates
- Removed ctrlc crate and use the tokio provided ctrl_c function.
- Updated some crates.
2022-12-12 12:58:48 +01:00
BlackDex d9c0c23819
Revert collection queries back to `left_join`
Using the `inner_join` seems to cause issues, even though i have tested
it. Strangely it does cause issues. Reverting it back to `left_join`
seems to solve the issue for me.

Fixes #2975
2022-12-12 12:21:48 +01:00
BlackDex aa355a96f9
Fix org export (again)
It looks like Bitwarden, in-the-end, didn't changed the export feature
on v2022.11.0, and now have put in on v2023.1.0.

This patch now changes that to the same version.
Before those new clients are being released, we should see if they
changed that again, and adjust where needed.
2022-12-12 11:17:34 +01:00
BlackDex 4a85dd2480
Increase privacy of masked config
This changes the masking function to hide a bit more information from
the generated support string. It will still keep showing the `://` for
example, and `,`, but other characters will be hidden.

Also did some small changes on some key's which all showed up as
`Internal` on the Settings page.

Fixes #2929
2022-12-10 17:55:59 +01:00
Helmut K. C. Tessarek 213909baa5
use 32x32 favicon for consistency 2022-12-09 19:09:35 -05:00
Helmut K. C. Tessarek 6915a60332
use black favicon for /admin 2022-12-09 17:32:59 -05:00
Helmut K. C. Tessarek 52a50e9ade
Improve comments
- The first one was not a proper sentence.
- The second one mixed passive and active form in the secon d part of the sentence.
2022-12-09 16:31:40 -05:00
Daniel García b7c9a346c1
Merge branch 'stefan0xC-use-custom-404-page' 2022-12-08 20:43:38 +01:00
BlackDex 2d90c6ac24
Fix managers and groups link
This PR should fix the managers and group link.
Although i think there might be a cleaner sollution, there are a lot of
other items to fix here which we should do in time.

But for now, with theh group support already merged, this fix should at
least help solving issue #2932.

Fixes #2932
2022-12-08 20:43:34 +01:00
Daniel García 7f7b5447fd
Merge branch 'BlackDex-issue-2932-take2' 2022-12-08 20:43:15 +01:00
BlackDex 142f7bb50d
Fix managers and groups link
This PR should fix the managers and group link.
Although i think there might be a cleaner sollution, there are a lot of
other items to fix here which we should do in time.

But for now, with theh group support already merged, this fix should at
least help solving issue #2932.

Fixes #2932
2022-12-08 12:37:21 +01:00
Stefan Melmuk d209df9e10
use a custom 404 page
to customize the 404 page you can copy the handlebar template
`src/static/templates/404.hbs` to the TEMPLATES_FOLDER (defaults to
`data/templates/`)
2022-12-05 00:08:46 +01:00
Daniel García 1b56f4266b
Merge branch 'BlackDex-sql-debugging' 2022-12-04 23:17:52 +01:00
BlackDex d6dc6070f3
Fix admin repost warning.
Currently when you login into the admin, and then directly hit the save
button, it will come with a re-post/re-submit warning.
This has to do with the `window.location.reload()` function, which
triggers the admin login POST again.

By changing the way to reload the page, we prevent this repost.
2022-12-04 23:17:49 +01:00
BlackDex d66323b742
Limit Cipher Note encrypted string size
As discussed in #2937, this will limit the amount of encrypted
characters to 10.000 characters, same as Bitwarden.
This will not break current ciphers which exceed this limit, but it will prevent those
ciphers from being updated.

Fixes #2937
2022-12-04 23:17:48 +01:00
BlackDex 7b09d74b1f
Update dependencies for Rust and Admin interface.
- Updated Rust deps and one small change regarding chrono
- Updated bootstrap 5 css
- Updated datatables
- Replaced identicon.js with jdenticon.
  identicon.js is unmaintained ( https://github.com/stewartlord/identicon.js/issues/52 )
  The icon's are very different, but nice. It also doesn't need custom
  code to find and update the icons our selfs.
2022-12-04 23:17:48 +01:00
BlackDex c0e3c2c5e1
Cleanups and Fixes for Emergency Access
- Several cleanups and code optimizations for Emergency Access
- Fixed a race-condition regarding jobs for Emergency Access
- Some other small changes like `allow(clippy::)` removals

Fixes #2925
2022-12-04 23:17:48 +01:00
Daniel García 06189a58fe
Merge branch 'BlackDex-fix-admin-repost' 2022-12-04 23:16:54 +01:00
BlackDex f402dd81bb
Limit Cipher Note encrypted string size
As discussed in #2937, this will limit the amount of encrypted
characters to 10.000 characters, same as Bitwarden.
This will not break current ciphers which exceed this limit, but it will prevent those
ciphers from being updated.

Fixes #2937
2022-12-04 23:16:50 +01:00
BlackDex c885bbc947
Update dependencies for Rust and Admin interface.
- Updated Rust deps and one small change regarding chrono
- Updated bootstrap 5 css
- Updated datatables
- Replaced identicon.js with jdenticon.
  identicon.js is unmaintained ( https://github.com/stewartlord/identicon.js/issues/52 )
  The icon's are very different, but nice. It also doesn't need custom
  code to find and update the icons our selfs.
2022-12-04 23:16:50 +01:00
BlackDex 63fb0e5a57
Cleanups and Fixes for Emergency Access
- Several cleanups and code optimizations for Emergency Access
- Fixed a race-condition regarding jobs for Emergency Access
- Some other small changes like `allow(clippy::)` removals

Fixes #2925
2022-12-04 23:16:49 +01:00
Daniel García 37d0792a7d
Merge branch 'BlackDex-issue-2937' 2022-12-04 23:15:08 +01:00