Daniel García
0cd065d354
Update webauthn-rs crate to upstream version
2021-06-19 21:25:55 +02:00
Daniel García
c380d9c379
Support for webauthn and u2f->webauthn migrations
2021-06-16 19:06:40 +02:00
Jeremy Lin
06cde29419
Update dependencies
...
Notably, update `diesel` to 1.4.7 and `libsqlite3-sys` to 0.22.2 to pick up
the fix for CVE-2021-20227 added in SQLite 3.34.1.
2021-06-09 01:44:29 -07:00
BlackDex
f270f2ed65
Updated icon fetching and crates.
...
- Updated some crates
- Updated icon fetching code:
+ Use a cookie jar and set Max-Age to 2 minutes for all cookies
+ Locate the base href tag to fix some locations
+ Changed User-Agent (Helps on some sites to get HTML instead of JS)
+ Reduced HTML code limit from 512KB to 384KB
+ Allow some large icons higer-up in the sort
+ Allow GIF images
+ Ignore cookie_store and hyper::client debug messages
2021-05-16 15:29:13 +02:00
BlackDex
7cb19ef767
Updated branding, email and crates
...
- Updated branding for admin and emails
- Updated crates and some deprications
- Removed newline-converter because this is built-in into lettre
- Updated email templates to use a shared header and footer template
- Also trigger SMTP SSL When TLS is selected without SSL
Resolves #1641
2021-05-08 17:46:31 +02:00
Daniel García
f76b8a32ca
Update dependencies
2021-05-02 17:48:06 +02:00
rkowalewski
48482fece0
Merge branch 'main' into fix-libressl-332
2021-04-29 08:34:10 +02:00
Roger Kowalewski
1dc1d4df72
update openssl crate to support LibreSSL 3.3.2
2021-04-29 10:04:08 +02:00
Daniel García
34ea10475d
Project renaming
2021-04-27 23:18:32 +02:00
Daniel García
ced7f1771a
Update dependencies
2021-04-15 18:38:00 +02:00
Jake Howard
f7056bcaa5
Enable socks feature for reqwest
...
This allowed HTTP_PROXY be set with a socks5 proxy
2021-04-07 19:25:02 +01:00
Jeremy Lin
73ff8d79f7
Add a generic job scheduler
...
Also rewrite deletion of old sends using the job scheduler.
2021-04-05 23:07:15 -07:00
BlackDex
3a3390963c
Icon and SMTP Debug fixes.
...
- We need to add some feature to enable smtp debugging again. See: https://github.com/lettre/lettre/pull/584
- Upstream added the fallback icon again, probably because of caching ;). See: https://github.com/bitwarden/server/pull/1149
- Enabled gzip and brotli compression support with reqwest. Some sites seem to force this, or assume that because of the User-Agent string it is supported. This caused some failed icons.
Fixes #1540
2021-03-29 10:27:58 +02:00
Daniel García
3e4ff47a38
Update dependencies, particularly openssl to 1.1.1k
2021-03-25 20:05:20 +01:00
Daniel García
f9ebb780f9
Update dependencies
2021-03-22 20:00:57 +01:00
Daniel García
431462d839
Update dependencies and enable serde integration for chrono
2021-03-13 22:02:11 +01:00
Daniel García
dad1b1bee9
Updated dependencies
2021-03-06 22:04:01 +01:00
Daniel García
9117095764
Update dependencies and web vault
2021-02-24 20:30:19 +01:00
Daniel García
c836f88ff2
Remove soup and use a newer html5ever directly
2021-02-07 22:28:02 +01:00
Daniel García
8b660ae090
Swap structopt for a simpler alternative
2021-02-07 20:10:40 +01:00
Daniel García
0680638933
Update dependencies
2021-02-06 16:49:28 +01:00
BlackDex
5860679624
Updated dependencies and small mail fixes
...
- Updated rust nightly
- Updated depenencies
- Removed unicode support for regex (less dependencies)
- Fixed dependency and nightly changes/deprications
- Some mail changes for less spam point triggering
2021-01-31 20:07:42 +01:00
Daniel García
46df3ee7cd
Updated insecure ws dependency and general dep updates
2020-12-15 22:23:12 +01:00
BlackDex
d46a6ac687
Updated dependencies and Dockerfiles
...
- Updated crates
- Updated rust-toolchain
- Updated Dockerfile to use latest rust 1.48 version
- Updated AMD64 Alpine to use same version as rust-toolchain and support
PostgreSQL.
- Updated Rocket to the commit right before they updated hyper.
Until that update there were some crates updated and some small fixes.
After that build fails and we probably need to make some changes
(which is probably something already done in the async branch)
2020-12-04 13:38:42 +01:00
BlackDex
6faaeaae66
Updated email processing.
...
- Added an option to enable smtp debugging via SMTP_DEBUG. This will
trigger a trace of the smtp commands sent/received to/from the mail
server. Useful when troubleshooting.
- Added two options to ignore invalid certificates which either do not
match at all, or only doesn't match the hostname.
- Updated lettre to the latest alpha.4 version.
2020-11-18 12:07:08 +01:00
Daniel García
63acc8619b
Update dependencies
2020-11-07 23:01:04 +01:00
Daniel García
c577ade90e
Updated dependencies
2020-10-15 23:44:35 +02:00
Daniel García
ab4355cfed
Updated web vault, dependencies and base docker images
2020-10-03 20:50:13 +02:00
Eduardo Sánchez Muñoz
2f7fbde789
Add `vendored_openssl` feature.
...
This feature enables the `vendored` feature from the `openssl` crate and build a statically linked version of openssl.
2020-09-25 23:25:53 +02:00
Daniel García
dbc082dc75
Update web vault to 2.16.0 and dependencies
2020-09-19 22:01:14 +02:00
BlackDex
844cf70345
Updated lettre (and other crates) and workflow.
...
General:
- Updated several dependancies
Lettre:
- Updateded lettere and the workflow
- Changed encoding to base64
- Convert unix newlines to dos newlines for e-mails.
- Created custom e-mail boundary (auto generated could cause errors)
Tested the e-mails sent using several clients (Linux, Windows, MacOS, Web).
Run msglint (https://tools.ietf.org/tools/msglint/ ) on the generated e-mails until all errors were gone.
Lettre has changed quite some stuff compared between alpha.1 and alpha.2, i haven't noticed any issues sending e-mails during my tests.
2020-09-11 23:52:20 +02:00
Daniel García
0822c0c128
Update admin page dependencies
2020-08-31 16:40:21 +02:00
Daniel García
062f5e4712
Update dependencies
2020-08-28 22:11:55 +02:00
Daniel García
0365b7c6a4
Add support for multiple simultaneous database features by using macros.
...
Diesel requires the following changes:
- Separate connection and pool types per connection, the generate_connections! macro generates an enum with a variant per db type
- Separate migrations and schemas, these were always imported as one type depending on db feature, now they are all imported under different module names
- Separate model objects per connection, the db_object! macro generates one object for each connection with the diesel macros, a generic object, and methods to convert between the connection-specific and the generic ones
- Separate connection queries, the db_run! macro allows writing only one that gets compiled for all databases or multiple ones
2020-08-24 20:11:17 +02:00
Jeremy Lin
d9684bef6b
Generate tokens more simply and uniformly
2020-08-22 16:07:53 -07:00
Daniel García
171b174ce9
Update dependencies
2020-08-12 18:46:28 +02:00
Daniel García
32cfaab5ee
Updated dependencies and changed rocket request imports
2020-07-23 21:07:04 +02:00
Daniel García
fb6f96f5c3
Updated dependencies
2020-07-14 16:08:11 +02:00
Jeremy Lin
a28ebcb401
Use local time in email notifications for new device logins
...
In this implementation, the `TZ` environment variable must be set
in order for the formatted output to use a more user-friendly
time zone abbreviation (e.g., `UTC`). Otherwise, the output uses
the time zone's UTC offset (e.g., `+00:00`).
2020-07-07 21:30:18 -07:00
Daniel García
596c9b8691
Add option to set name during HELO in email settings
2020-07-05 01:59:15 +02:00
Daniel García
d4357eb55a
Updated dependencies ans web vault version
2020-07-05 01:38:16 +02:00
Daniel García
b34d548246
Update dependencies
2020-06-22 17:15:20 +02:00
Daniel García
a2411eef56
Updated dependencies
2020-06-15 23:04:52 +02:00
Daniel García
5e802f8aa3
Update lettre to alpha release instead of git commit, and update the rest of dependencies while we are at it
2020-05-31 17:58:06 +02:00
Daniel García
80d4061d14
Update dependencies
2020-05-14 00:18:18 +02:00
Daniel García
6c5e35ce5c
Change the mails content types to more closely match what we sent before
2020-05-07 00:51:46 +02:00
Daniel García
63cbd9ef9c
Update lettre to latest master
2020-05-03 17:41:53 +02:00
Daniel García
9cca64003a
Remove unused dependency and simple feature, update dependencies and fix some clippy lints
2020-05-03 17:24:51 +02:00
Daniel García
4be8dae626
Make web vault show a more informative error when browsers block WebCrypto in insecure contexts and update dependencies
2020-04-09 22:54:31 +02:00
Daniel García
ccf6ee79d0
Update dependencies, mainly diesel and sqlite
2020-03-24 20:36:19 +01:00
Daniel García
7d9c7017c9
Merge pull request #911 from BlackDex/upgrade-rocket
...
Upgrade rocket
2020-03-16 18:17:17 +01:00
BlackDex
bd09fe1a3d
Updated code so backtraces are logged also.
2020-03-16 17:53:22 +01:00
BlackDex
3ce0c3d1a5
Update dependencies
...
Primarily updating rocket, which needed some dependencies
Latest versions of:
- ring
- time
- jsonwebtoken
- yubico
- rocket (git)
2020-03-16 16:32:33 +01:00
BlackDex
1b4b40c95d
Updated reqwest to the latest version.
...
- Use the blocking client (no async).
- Disabled gzip.
- use_sys_proxy is now default.
2020-03-14 23:12:45 +01:00
Daniel García
70f3ab8ec3
Migrate lazy_static to once_cell, less macro magic and slightly faster
2020-03-09 22:04:03 +01:00
Daniel García
b6612e90ca
Update dependencies
2020-03-09 22:00:59 +01:00
zethra
cc404b4edc
Added command line flags for help and version
...
Signed-off-by: zethra <benaagoldberg@gmail.com>
2020-03-02 15:51:57 -05:00
Daniel García
def174a517
Convert email domains to punycode
2020-01-30 22:11:53 +01:00
Daniel García
ff7b4a3d38
Update handlebars to 3.0 which included performance improvements.
...
Updated lettre to newer git revision, which should give better error messages now.
2020-01-26 15:29:14 +01:00
Daniel García
84ed185579
Update u2f to 0.2, which requires OpenSSL but also might solve the problems we've had with certificates.
...
The rust image doesn't need installing curl or tar, so removed. Also collapsed ENV lines.
2020-01-19 21:34:13 +01:00
Daniel García
9ebca99290
Update dependencies
2020-01-10 18:37:16 +01:00
Daniel García
c058a1d63c
Make sure handlebars is not updated, as the next patch version has breaking changes
2020-01-05 00:12:35 +01:00
Daniel García
95dd1cd7ad
Use rmp upstream version
2019-12-31 02:00:16 +01:00
Daniel García
4cec502f7b
Update docker images to alpine 3.11 and rust 1.40
2019-12-22 21:42:13 +01:00
Daniel García
f09996a21d
Updated dependencies
2019-12-15 15:43:56 +01:00
Daniel García
a5aa4d9b54
Updated dependencies
2019-12-06 22:07:25 +01:00
Daniel García
1e224220a8
Updated deps and fixed some lints
2019-11-28 21:59:05 +01:00
Daniel García
607521c88f
Updated dependencies
2019-11-24 14:50:43 +01:00
BlackDex
b209c1bc4d
Add an option to fetch and parse href="data:image"
...
Some sites are using base64 encoded inline images for favicons.
This will try to match those with some sane checks and return that.
These icons will have lower prio then the icons with a normal URL.
2019-11-22 13:16:12 +01:00
Daniel García
cbadf00941
Update web vault to fix twofactorauth.org integration
...
Update dependencies and toolchain
Update included equivalent domains with upstream changes
2019-11-19 20:30:09 +01:00
BlackDex
cbb92bcbc0
Updated dependencies
...
Updated some dependencies and used a git patch for lettre addressing
timeouts.
2019-11-06 21:37:51 +01:00
BlackDex
3442eb1b9d
Trying to fix issue #687
...
- Using an older commit from rocket repo
2019-11-04 14:30:24 +01:00
Daniel García
72a46fb386
Update dependencies
2019-11-02 17:39:27 +01:00
Daniel García
fccc0a4b05
Update rocket to latest master
...
Downgrade rust version to fix cargo issue
Set rustup profile to minimal
2019-10-25 21:48:10 +02:00
Daniel García
57b1d3f850
Update dependencies and docker base images
2019-10-24 20:37:17 +02:00
Daniel García
83fd44eeef
Update rust version and use minimal profile for CI
2019-10-15 21:21:37 +02:00
Daniel García
d3bd2774dc
Update dependencies to use newer SQLite
2019-10-11 22:49:47 +02:00
Daniel García
662bc27523
Updated dependencies and fixed disable_admin_token description
2019-10-08 19:33:27 +02:00
Daniel García
b73ff886c3
Use upstream rmp
2019-09-17 19:47:51 +02:00
Michael Powers
f5f9861a78
Adds support for PostgreSQL which resolves #87 and is mentioned in #246 .
...
This includes migrations as well as Dockerfile's for amd64.
The biggest change is that replace_into isn't supported by Diesel for the
PostgreSQL backend, instead requiring the use of on_conflict. This
unfortunately requires a branch for save() on all of the models currently
using replace_into.
2019-09-12 16:12:22 -04:00
Daniel García
df8114f8be
Updated client kdf iterations to 100000 and fixed some lints
2019-09-05 21:56:12 +02:00
Daniel García
e3404dd322
Use the local scripts instead of cloudflare, remove jquery and update config so disabling a master toggle doesn't remove the values
2019-08-31 17:47:52 +02:00
Daniel García
469318bcbd
Updated dependencies and web vault version
2019-08-27 21:14:15 +02:00
Daniel García
9101d6e48f
Update dependencies
2019-08-18 19:31:54 +02:00
Daniel García
c9c3f07171
Updated dependencies and fixed panic getting icons
2019-07-30 19:42:05 +02:00
Daniel García
05a1137828
Move backend checks to build.rs to fail fast, and updated dependencies
2019-07-09 17:26:34 +02:00
Nick Fox
2e300da057
Fix #468 - Percent-encode the email address in invite link
2019-07-02 22:55:13 -04:00
Daniel García
76f38621de
Update dependencies and remove unwraps from Cipher::to_json
2019-06-14 22:51:50 +02:00
Daniel García
9add8e19eb
Update dependencies and remove travis unused feature
2019-06-02 00:28:20 +02:00
Emil Madsen
ab95a69dc8
Rework migrations for MySQL
2019-05-20 21:12:41 +02:00
Daniel García
c0b2877da3
Update deps and swap back to official u2f crate again
2019-05-17 15:39:36 +02:00
Daniel García
95f833aacd
Update dependencies to use new ring
2019-05-15 18:10:25 +02:00
Daniel García
4f45cc081f
Update ring to 0.14, jwt to 6.0, and u2f
2019-05-11 23:18:18 +02:00
Daniel García
2a4cd24c60
Updated web vault to hide org plans again and updated dependencies
2019-05-11 22:27:51 +02:00
Daniel García
eadab2e9ca
Updated dependencies
2019-04-26 22:07:00 +02:00
Daniel García
621f607297
Update dependencies and fix some warnings
2019-04-11 15:40:19 +02:00
Daniel García
cfbeb56371
Implement user duo, initial version
...
TODO:
- At the moment each user needs to configure a DUO application and input the API keys, we need to check if multiple users can register with the same keys correctly and if so we could implement a global setting.
- Sometimes the Duo frame doesn't load correctly, but canceling, reloading the page and logging in again seems to fix it for me.
2019-04-05 22:09:53 +02:00
Daniel García
3bb46ce496
Make the syslog crate non-optional when available
2019-04-02 22:35:22 +02:00
Daniel García
c5832f2b30
With the latest fern, syslog can be a config option instead of a build flag
2019-03-29 20:27:20 +01:00
BlackDex
6b686c18f7
Fixed long e-mail message extending 1000 lines.
...
- Added quoted_printable crate to encode the e-mail messages.
- Change the way the e-mail gets build to use custom part headers.
2019-03-25 09:48:19 +01:00
Daniel García
349cb33fbd
Updated dependencies
2019-03-23 19:48:22 +01:00
Daniel García
084bc2aee3
Use final release of lettre and update dependencies
2019-03-17 14:43:22 +01:00
Daniel García
a25bfdd16d
Remove unused features from multipart (integration with other servers)
2019-03-13 15:57:00 +01:00
Daniel García
27872f476e
Update dependencies
2019-03-07 20:22:08 +01:00
Daniel García
04922f6aa0
Some formatting and dependency updates
2019-03-03 16:11:55 +01:00
Daniel García
10756b0920
Update dependencies and fix some lints
2019-02-27 17:21:04 +01:00
Daniel García
5ee04e31e5
Updated dependencies, removed some unnecessary clones and fixed some lints
2019-02-20 17:54:18 +01:00
Daniel García
274ea9a4f2
Use the latest fast_chemail crate directly, with the fix
2019-02-15 14:39:30 +01:00
Daniel García
ff2fbd322e
Update deps and fix email check
2019-02-12 15:01:02 +01:00
Daniel García
3db815b969
Implemented config form and fixed config priority
2019-02-06 17:34:30 +01:00
Daniel García
20d8d800f3
Updated dependencies
2019-02-06 17:34:29 +01:00
BlackDex
9657463717
Added better favicon downloader.
2019-01-27 15:39:19 +01:00
Daniel García
a1dc47b826
Change config to thread-safe system, needed for a future config panel.
...
Improved some two factor methods.
2019-01-25 18:24:57 +01:00
Daniel García
9d027b96d8
Update web-vault to fix U2F NotTrustedAnchor error
2019-01-24 18:43:22 +01:00
Daniel García
ce42b07a80
Update Diesel to 1.4 and other dependencies
2019-01-21 15:29:52 +01:00
Daniel García
e0aec8d373
Use new i64::to_be_bytes and remove byteorder dep
...
(https://doc.rust-lang.org/stable/std/primitive.i64.html#method.to_be_bytes )
2019-01-16 22:14:17 +01:00
Daniel García
979b6305af
Update dependencies
2019-01-15 15:30:12 +01:00
Daniel García
19b6bb0fd6
Initial stab at templates
2019-01-15 15:28:46 +01:00
Daniel García
60f6a350be
Update yubico to fix OpenSSL error
2019-01-13 14:37:17 +01:00
Daniel García
de51bc782e
Updated dependencies, removing need for yubico fork
2019-01-12 15:23:46 +01:00
Daniel García
1d034749f7
Fix AArch64 build by disabling yubico
2019-01-10 23:54:01 +01:00
Daniel García
1b11445bb2
Update dependencies and web vault
2019-01-08 20:28:17 +01:00
Daniel García
5f49ecd7f3
Updated dependencies to use u2f crate directly, and some style changes
2019-01-04 00:25:38 +01:00
Daniel García
adb8052689
Updated Error to implement Display and Debug, instead of using custom methods
2018-12-30 21:43:56 +01:00
Daniel García
f2ab25085d
Updated dependencies, and dockerfiles to use NodeJS 10 LTS
2018-12-11 16:42:52 +01:00
Daniel García
2fde4e6933
Implemented proper logging, with support for file logging, timestamp and syslog (this last one is untested)
2018-12-06 20:35:25 +01:00
Daniel García
259a2f2982
Updated rocket to final release
2018-12-06 20:15:22 +01:00
Daniel García
2129946d14
Updated deps and web vault to 2.6.1
2018-12-03 20:28:13 +01:00
Daniel García
8b5d97790f
Updated rocket to rc2 and rest of dependencies
2018-12-01 14:29:19 +01:00
Daniel García
9ecb29883c
Merge branch 'master' into rocket-0.4
...
# Conflicts:
# Cargo.lock
2018-11-19 20:59:41 +01:00
Daniel García
8b3e87cfe0
Update lockfile to fix yubico error
2018-11-19 20:58:59 +01:00
Daniel García
5edbd0e952
Merge branch 'master' into rocket-0.4
...
# Conflicts:
# Cargo.lock
# Cargo.toml
# src/api/core/mod.rs
2018-11-19 19:52:43 +01:00
Stepan Fedorko-Bartos
5a8d5e426d
Switches to Downstream yubico with Optional libusb
2018-11-16 11:28:20 -07:00
Stepan Fedorko-Bartos
24a4478b5c
Adds yubico-rs library dep
2018-11-15 18:34:17 -07:00
Daniel García
c673370103
Updated bw_rs to Rocket version 0.4-rc1
2018-11-01 19:25:09 +01:00
Daniel García
7112c86471
Updated dependencies, removed valid mail check (now done by lettre), and updated global domains file
2018-10-04 00:01:04 +02:00
Daniel García
c169095128
Update dependencies to point to upstream lettre
2018-09-20 22:45:19 +02:00
Daniel García
3df31e3464
Temp fix for OpenSSL 1.1.1 compatibility
2018-09-19 21:45:50 +02:00
Daniel García
638a0fd3c3
Updated dependencies
2018-09-19 21:43:03 +02:00
Daniel García
928e2424c0
Updated dependencies and fixed errors
2018-09-13 16:05:13 +02:00
Daniel García
d70864ac73
Initial version of websockets notification support.
...
For now only folder notifications are sent (create, rename, delete).
The notifications are only tested between two web-vault sessions in different browsers, mobile apps and browser extensions are untested.
The websocket server is exposed in port 3012, while the rocket server is exposed in another port (8000 by default). To make notifications work, both should be accessible in the same port, which requires a reverse proxy.
My testing is done with Caddy server, and the following config:
```
localhost {
# The negotiation endpoint is also proxied to Rocket
proxy /notifications/hub/negotiate 0.0.0.0:8000 {
transparent
}
# Notifications redirected to the websockets server
proxy /notifications/hub 0.0.0.0:3012 {
websocket
}
# Proxy the Root directory to Rocket
proxy / 0.0.0.0:8000 {
transparent
}
}
```
This exposes the service in port 2015.
2018-08-30 17:58:53 +02:00
Daniel García
39891e86a0
Updated dependencies, added Travis CI integration and some badges
2018-08-24 17:07:11 +02:00
Daniel García
a291dea16f
Updated dependencies and Docker image to new web-vault
2018-07-21 17:27:00 +02:00
Daniel García
03172a6cd7
Bump version to 0.10.0
2018-07-13 16:06:01 +02:00
Daniel García
dae92b9018
Implemented U2F, refactored Two Factor authentication, registering U2F device and authentication should work. Works on Chrome on MacOS with a virtual device.
2018-07-12 22:22:10 +02:00
Daniel García
7d01947173
Updated dependencies and rust version
2018-06-29 23:18:19 +02:00
Daniel García
f72efa899e
Updated dependencies and created 'rust-toolchain', to mark a working nightly to rustup users, and hopefully avoid some nightly breakage.
2018-06-12 17:30:36 +02:00
Daniel García
f1b4a146ae
Updated version
2018-06-01 16:06:25 +02:00
Daniel García
b46e9c936d
Updated dependencies and removed some warnings from jsonwebtoken
2018-06-01 15:34:26 +02:00
Miroslav Prasil
103acd1747
Update rocket to 0.3.12
2018-06-01 13:19:05 +01:00