Commit Graph

1879 Commits

Author SHA1 Message Date
Daniel García af50eae604
Merge pull request #2586 from jjlin/password-hint-config
Add `password_hints_allowed` config option
2022-07-01 16:31:56 +02:00
Jeremy Lin cb4f6aa7f6 Pin a specific version of Rust
The latest version (1.62.0) that was just released includes Clippy changes
(https://github.com/rust-lang/rust-clippy/issues/9014) that break the build.
2022-06-30 23:56:33 -07:00
Jeremy Lin 5e13b1a7cb Add `password_hints_allowed` config option
Disabling password hints is mainly useful for admins who are concerned that
their users might provide password hints that are too revealing.
2022-06-30 20:46:17 -07:00
Daniel García 60b339f450
Update included web vault to v2022.5.2 2022-06-26 22:04:45 +02:00
Daniel García f71c779860
Merge branch 'BlackDex-log-level-adjustment' into main 2022-06-26 21:54:54 +02:00
Daniel García 221a11de9b
Merge branch 'log-level-adjustment' of https://github.com/BlackDex/vaultwarden into BlackDex-log-level-adjustment 2022-06-26 21:54:48 +02:00
Daniel García 794483c10d
Merge branch 'BlackDex-fix-issue-2570' into main 2022-06-26 21:54:27 +02:00
Daniel García c9934ccdb7
Merge branch 'fix-issue-2570' of https://github.com/BlackDex/vaultwarden into BlackDex-fix-issue-2570 2022-06-26 21:54:22 +02:00
Daniel García 54729f3c1e
Merge branch 'BlackDex-optimize-icon-html-parsing' into main 2022-06-26 21:54:10 +02:00
Daniel García f1a86acb98
Merge branch 'optimize-icon-html-parsing' of https://github.com/BlackDex/vaultwarden into BlackDex-optimize-icon-html-parsing 2022-06-26 21:54:03 +02:00
Daniel García 6b6ea3c8bf
Merge branch 'BlackDex-fix-issue-2566' into main 2022-06-26 21:53:06 +02:00
Daniel García bf403fee7d
Merge branch 'fix-issue-2566' of https://github.com/BlackDex/vaultwarden into BlackDex-fix-issue-2566 2022-06-26 21:52:59 +02:00
Daniel García 5cd920cf6f
Merge branch 'BlackDex-allow-firefox-relay' into main 2022-06-26 21:51:50 +02:00
BlackDex 45d3b479bc
Small change in log-level for better debugging
Regarding some recent issues with sending attachments, but previously
also some changes to the API for example which could cause a `400` error
it just returned that there is something wrong, but not to much details
on what exactly.

To help with getting a bit more detailed information, we should set the
log-level for `_` to at least `Warn`.
2022-06-26 14:49:26 +02:00
BlackDex c7a752b01d
Update dep's and small improvements on favicons
- Updated dependencies (html5gum for favicon downloading)
  * Also openssl, time, jsonwebtoken and r2d2
- Small optimizations on downloading favicons.
  It now only emits tokens/tags which needs to be parsed, all others are
  being skipped. This prevents unneeded items within the for-loop being
  parsed.
2022-06-25 11:29:08 +02:00
BlackDex 099d359628
Fix identicons not always working
Fixes #2570
Reverted the `defer` option for these scripts, seems to cause some
issues in some situations.
2022-06-22 16:38:16 +02:00
BlackDex 006a2aacbb
Allow FireFox relay in CSP.
This PR is needed for https://github.com/dani-garcia/bw_web_builds/pull/71
Without this the web-vault will refuse to make calls to the FireFox Relay API.

Also fixed a small issue with the pre-commit config.
2022-06-22 16:30:31 +02:00
BlackDex b71d9dd53e
Fix for issue #2566
This PR fixes #2566
If Organizational syncs returned a FolderId it would cause the web-vault
to hide the cipher because there is a FolderId set. Upstream seems to
not return FolderId and Favorite. When set to null/false it will behave
the same.

In this PR I have added a new CipherSyncType enum to select which type
of sync to execute, and return an empty list for both Folders and Favorites if this is for Orgs.
This also reduces the database load a bit since it will not execute those queries.
2022-06-21 17:36:07 +02:00
Daniel García 887e320e7f
Merge pull request #2555 from jjlin/global-domains
Sync global_domains.json
2022-06-15 20:44:35 +02:00
Daniel García d7c18fd86e
Merge pull request #2556 from binlab/patch-1
A little depreciation change
2022-06-15 20:44:14 +02:00
Daniel García 7566f3db3e
Merge pull request #2543 from BlackDex/update-and-fixes
Updated deps and misc fixes and updates
2022-06-15 20:43:26 +02:00
BlackDex 5d05ec58be
Updated deps and misc fixes and updates
- Updated some Rust dependencies
- Fixed an issue with CSP header, this was not configured correctly
- Prevent sending CSP and Frame headers for the MFA connector.html files.
  Else some clients will fail to handle these protocols.
- Add `unsafe-inline` for `script-src` only to the CSP for the Admin Interface
- Updated JavaScript and CSS files for the Admin interface
- Changed the layout for showing overridden settings, better visible now.
- Made the version check cachable to prevent hitting the Github API rate limits
- Hide the `database_url` as if it is a password in the Admin Interface
  Else for MariaDB/MySQL or PostgreSQL this was plain text.
- Fixed an issue that pressing enter on the SMTP Test would save the config.
  resolves #2542
- Prevent user names larger then 50 characters
  resolves #2419
2022-06-14 14:51:51 +02:00
Mark d9a452f558
A little depreciation change 2022-06-13 13:56:41 +03:00
Jeremy Lin dec03b3dc0 Sync global_domains.json to bitwarden/server@194b76c (HealthCare.gov) 2022-06-12 20:15:20 -07:00
Jeremy Lin 85950bdc0b Sync global_domains.json to bitwarden/server@496c9a5 (Proton) 2022-06-12 20:14:30 -07:00
Daniel García f95bd3bb04
Update pico-args 2022-06-04 19:16:36 +02:00
BlackDex e33b8fab34
Re-Base, Update crates and small change. 2022-06-04 19:14:14 +02:00
Daniel García b00fbf153e
Fix clippy lint and remove unused log 2022-06-04 19:13:58 +02:00
Daniel García 0de5919a16
Fix incorrect pings sent, and respond to pings from the client 2022-06-04 19:13:58 +02:00
Daniel García 699777be9e
use dashmap in icons blacklist regex 2022-06-04 19:13:58 +02:00
Daniel García 16ff49d712
Move to job_scheduler_ng 2022-06-04 19:13:57 +02:00
Daniel García 54c78cf06d
Migrate old ws crate to tungstenite, which is async and also removes over 20 old dependencies 2022-06-04 19:13:39 +02:00
Daniel García 303eaabeea
Merge branch 'paolobarbolini-lettre-improvements' into main 2022-06-04 19:13:12 +02:00
Daniel García 6b6f5b8d04
Merge branch 'lettre-improvements' of https://github.com/paolobarbolini/vaultwarden into paolobarbolini-lettre-improvements 2022-06-04 19:10:51 +02:00
Daniel García 0c18a7e306
Merge branch 'paolobarbolini-lettre-rc7' into main 2022-06-04 19:09:11 +02:00
Daniel García a23a38080b
Merge branch 'lettre-rc7' of https://github.com/paolobarbolini/vaultwarden into paolobarbolini-lettre-rc7 2022-06-04 19:09:03 +02:00
Daniel García 316ca66a4b
Merge branch 'Lowaiz-add_disabled_member_to_json_user' into main 2022-06-04 19:08:23 +02:00
Daniel García 2f71a01877
Merge branch 'add_disabled_member_to_json_user' of https://github.com/Lowaiz/vaultwarden into Lowaiz-add_disabled_member_to_json_user 2022-06-04 19:08:15 +02:00
Daniel García d5cfbfc71d
Update web vault to v2022.05.0 2022-06-04 19:07:15 +02:00
Paolo Barbolini 12612da75e Remove manual IDN handling 2022-06-04 19:02:51 +02:00
Paolo Barbolini 68ec5f2a18 Use MultiPart::alternative_plain_html instead of manual impl 2022-06-04 14:53:27 +02:00
Paolo Barbolini 00670450df Bump lettre to 0.10.0-rc.7 2022-06-04 14:47:26 +02:00
Lyonel Martinez dbd95e08e9 Adding "UserEnabled" and "CreatedAt" member to the json output of a User in the admin/users and admin/users/<ID> web routes. 2022-06-02 15:13:58 +02:00
Daniel García 3713f2d134
Merge pull request #2507 from BlackDex/fix-persisten-volume-check
Fix persistent volume check
2022-05-28 14:56:47 +02:00
BlackDex a85a250dfd
Fix persistent volume check
It seemed there were some issues building the cross-platform images.
This PR fixes #2501 so building the containers will work again.
2022-05-28 09:31:09 +02:00
Daniel García 5845ed2c92
Merge pull request #2501 from BlackDex/add-persistent-volume-check-docker
Add a persistent volume check.
2022-05-27 19:41:42 +02:00
BlackDex 40ed505581
Add a persistent volume check.
This will add a persistent volume check to make sure when running
containers someone is using a volume for persistent storage.

This check can be bypassed if someone configures
`I_REALLY_WANT_VOLATILE_STORAGE=true` as an environment variable.

This should prevent issues like #2493 .
2022-05-26 09:39:56 +02:00
Daniel García bf0b8d9968
Merge pull request #2491 from BlackDex/issue-2490
Fix armv6 issue with bullseye images
2022-05-24 15:46:34 +02:00
Daniel García d0a7437dbd
Merge pull request #2489 from fox34/update-env-template
Add TMP_FOLDER to .env.template
2022-05-24 15:33:22 +02:00
BlackDex 21b433c5d7
Fix armv6 issue with bullseye images
It looks like the armv6 bullseye images are missing a symlink to the
dynamic linker. The previous buster images had this symlink there,
bullseye does not.

This PR fixes adds that symlink again for only the Debian armv6 build.

Resolves #2490
2022-05-24 15:25:51 +02:00