From 359a4a088a6ddd9577bd695295d91e5abaec66df Mon Sep 17 00:00:00 2001
From: Stefan Melmuk <509385+stefan0xC@users.noreply.github.com>
Date: Wed, 19 Feb 2025 10:40:59 +0100
Subject: [PATCH] allow CLI to upload files with truncated filenames (#5618)

due to a bug in the CLI the filename in the form-data is not complete if
the encrypted filename happens to contain a /
---
 src/api/core/sends.rs   | 6 +++++-
 src/db/models/device.rs | 4 ++++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/api/core/sends.rs b/src/api/core/sends.rs
index e181d6ab..bf7a5ec8 100644
--- a/src/api/core/sends.rs
+++ b/src/api/core/sends.rs
@@ -378,7 +378,11 @@ async fn post_send_file_v2_data(
     };
 
     match data.data.raw_name() {
-        Some(raw_file_name) if raw_file_name.dangerous_unsafe_unsanitized_raw() == send_data.fileName => (),
+        Some(raw_file_name)
+            if raw_file_name.dangerous_unsafe_unsanitized_raw() == send_data.fileName
+            // be less strict only if using CLI, cf. https://github.com/dani-garcia/vaultwarden/issues/5614
+            || (headers.device.is_cli() && send_data.fileName.ends_with(raw_file_name.dangerous_unsafe_unsanitized_raw().as_str())
+            ) => {}
         Some(raw_file_name) => err!(
             "Send file name does not match.",
             format!(
diff --git a/src/db/models/device.rs b/src/db/models/device.rs
index 74ef46d2..b12bf70c 100644
--- a/src/db/models/device.rs
+++ b/src/db/models/device.rs
@@ -135,6 +135,10 @@ impl Device {
     pub fn is_registered(&self) -> bool {
         self.push_uuid.is_some()
     }
+
+    pub fn is_cli(&self) -> bool {
+        matches!(DeviceType::from_i32(self.atype), DeviceType::WindowsCLI | DeviceType::MacOsCLI | DeviceType::LinuxCLI)
+    }
 }
 
 pub struct DeviceWithAuthRequest {