Commit Graph

2455 Commits

Author SHA1 Message Date
BlackDex 1ca0d6e245
Validate all needed fields for client API login
During the client API login we need to have a `device_identifier`, `device_name` and `device_type`.
When these were not provided Vaultwarden would panic.

This PR add checks for these fields and makes sure it returns a better error message instead of causing a panic.
2023-02-19 18:16:06 +01:00
Misterbabou 7f69eebeb1 Fix Collection Read Only access for groups
I messed up with identation sorry it's my first PR

Fix Collection Read Only access for groups

Fix Collection Read Only access for groups

With indentation modification
2023-02-17 14:17:18 +01:00
BlackDex 32bd9b83a3
Fix Organization delete when groups are configured
With existing groups configured within an org, deleting that org would
fail because of Foreign Key issues.

This PR fixes this by making sure the groups get deleted before the org does.

Fixes #3247
2023-02-16 17:29:12 +01:00
r3drun3 477d60de49
docs: add build status badge in readme 2023-02-15 10:15:42 +01:00
Mathijs van Veluw 1ba8275dcb
Merge pull request #3234 from BlackDex/update-rust-and-crates
Updated Rust and crates
2023-02-13 12:39:26 +01:00
BlackDex a0a4994250
Updated Rust and crates
- Updated Rust to v1.67.0
- Updated all crates except for `cookies` and `webauthn`
2023-02-13 08:32:01 +01:00
Daniel García 32dfa41970
Merge pull request #3147 from soruh/main
add support for system mta though sendmail
2023-02-12 19:40:33 +01:00
Daniel García f92efda0f0
Merge branch 'main' into main 2023-02-12 19:40:04 +01:00
Daniel García 3b0f643e9d
Merge pull request #3210 from tessus/feature/kdf-options
add argon2 kdf fields
2023-02-12 19:23:22 +01:00
Daniel García 5bcee24f88
Merge branch 'main' into feature/kdf-options 2023-02-12 19:23:14 +01:00
soruh 9e3d7ea44c add EXE_SUFFIX to sendmail executable when not specified 2023-02-12 18:55:15 +01:00
soruh 8cc6dac893 check if SENDMAIL_COMMAND is valid using 'which' crate 2023-02-12 18:55:15 +01:00
soruh b7c4316c77 Add support for sendmail as a mail transport 2023-02-12 18:54:59 +01:00
Daniel García 0c295d5e6e
Merge pull request #3167 from BlackDex/issue-3166
Fix Javascript issue on non sqlite databases
2023-02-12 18:48:03 +01:00
Daniel García bc49d1f90d
Merge branch 'main' into issue-3166 2023-02-12 18:47:55 +01:00
Daniel García 6f6d9dee83
Merge pull request #3108 from farodin91/allow-editing/unhiding-by-group
allow editing/unhiding by group
2023-02-12 18:47:02 +01:00
Daniel García cef5dd4a46
Merge branch 'main' into allow-editing/unhiding-by-group 2023-02-12 18:46:53 +01:00
Daniel García 79061c0eb5
Merge pull request #3231 from kpfleming/icon-blacklist-improvements
Generate distinct log messages for regex vs. IP blacklisting.
2023-02-12 18:43:26 +01:00
Daniel García 6e2c3fc1cc
Merge branch 'main' into icon-blacklist-improvements 2023-02-12 18:43:19 +01:00
Daniel García e301fe137f
Merge pull request #3228 from BlockListed/fix-domain-description
Fix trailing slash not getting removed from domain
2023-02-12 18:42:55 +01:00
Daniel García af69c83db2
Merge branch 'main' into fix-domain-description 2023-02-12 18:42:49 +01:00
Daniel García 53fa8da5b1
Merge pull request #3215 from stefan0xC/fix-post-emergency-access
don't nullify key when editing emergency access
2023-02-12 18:42:30 +01:00
Daniel García c58aac585b
Merge branch 'main' into fix-post-emergency-access 2023-02-12 18:42:21 +01:00
Daniel García 8c1117fcbf
Merge pull request #3170 from jjlin/cap_net_bind_service
Allow listening on privileged ports (below 1024) as non-root
2023-02-12 18:42:00 +01:00
Daniel García a6dd4f1206
Merge branch 'main' into cap_net_bind_service 2023-02-12 18:41:45 +01:00
Daniel García 5af1799991
Merge pull request #3145 from dlehammer/spell-jack_mitigation
"Spell-Jacking" mitigation ~ prevent sensitive data leak …
2023-02-12 18:39:54 +01:00
Daniel García a20a641de3
Merge branch 'main' into spell-jack_mitigation 2023-02-12 18:39:27 +01:00
Daniel García 8abd38573b
Merge pull request #3116 from sirux88/admin-password-reset
Admin password reset
2023-02-12 18:38:50 +01:00
Daniel García 78abdf0e9d
Merge branch 'main' into admin-password-reset 2023-02-12 18:38:36 +01:00
Daniel García dc031d8d86
Merge pull request #2561 from BlackDex/re-license
Re-License Vaultwarden to AGPLv3
2023-02-12 18:35:35 +01:00
Daniel García de6330b09d
Merge branch 'main' into re-license 2023-02-12 18:35:09 +01:00
Helmut K. C. Tessarek 68bcc7a4b8
add argon2 kdf fields 2023-02-07 13:52:52 -05:00
BlockListed c04a1352cb
remove warn when sanitizing domain 2023-02-07 18:49:26 +01:00
BlockListed 5d1c11ceba
fix trailing slash in configuration builder 2023-02-07 18:42:36 +01:00
BlockListed a2aa7c9bc2
Revert "fix trailing slash not being removed from domain"
This reverts commit 679bc7a59b.
2023-02-07 18:41:24 +01:00
Jan Jansen b3a351ccb2 allow editing/unhiding by group
Fixes #2989

Signed-off-by: Jan Jansen <jan.jansen@gdata.de>
2023-02-07 16:20:36 +01:00
BlockListed 679bc7a59b
fix trailing slash not being removed from domain 2023-02-07 13:03:28 +01:00
BlockListed a72d0b518f
remove documentation of bug since I'm fixing it 2023-02-07 12:48:48 +01:00
Kevin P. Fleming 6741b25907 Ensure that all results from check_domain_blacklist_reason are cached. 2023-02-07 05:54:06 -05:00
Kevin P. Fleming 24b5784f02 Generate distinct log messages for regex vs. IP blacklisting.
When an icon will not be downloaded due to matching a configured
blacklist, ensure that the log message indicates the type of blacklist
that was matched.
2023-02-07 05:24:23 -05:00
BlockListed eb9b481eba
improve wording of domain description 2023-02-07 08:49:05 +01:00
BlockListed 64edc49392
change description of domain configuration
Vaultwarden send won't work if the domain includes a trailing slash.
This should be documented, as it may lead to confusion amoung users.
2023-02-06 23:19:08 +01:00
sirux88 0d1753ac74 completly hide reset password policy
on email disabled instances
2023-02-05 16:47:23 +01:00
sirux88 a6558f5548 rust lang specific improvements 2023-02-05 16:34:48 +01:00
sirux88 62dfeb80f2 improved security, disabling policy usage on
email-disabled clients and some refactoring
2023-02-04 13:29:57 +01:00
sirux88 26cd5d9643 Replaced wrong mysql column type 2023-02-04 09:23:13 +01:00
Stefan Melmuk e65fbbfc21
don't nullify key when editing emergency access
the client does not send the key on every update of an emergency access
contact so the field would be emptied on a change of the wait days or access level.
2023-02-01 23:10:09 +01:00
Jeremy Lin a2162f4d69
Allow listening on privileged ports (below 1024) as non-root
This is done by running `setcap cap_net_bind_service=+ep` on the executable
in the build stage (doing it in the runtime stage creates an extra copy of
the executable that bloats the image). This only works when using the
BuildKit-based builder, since the `COPY` instruction doesn't copy
capabilities on the legacy builder.
2023-02-01 00:35:33 -08:00
BlackDex c9ed9aa733
Fix Javascript issue on non sqlite databases
When a non sqlite database is used, loading the admin interface fails
because the backup button is not generated.
This PR is solves it by checking if the elements are valid.

Also made some other changes and fixed some eslint errors.
Showing `_post` errors is better now.

Update jquery to latest version.

Fixes #3166
2023-01-26 20:34:25 +01:00
Daniel Hammer 9b20decdc1 "Spell-Jacking" mitigation ~ prevent sensitive data leak from spell checker.
@see https://www.otto-js.com/news/article/chrome-and-edge-enhanced-spellcheck-features-expose-pii-even-your-passwords
2023-01-25 22:35:18 +01:00