From cebe0f6442c42422ad7d30d04d676dfaee8cb0d8 Mon Sep 17 00:00:00 2001 From: BlackDex Date: Sat, 10 Dec 2022 17:51:05 +0100 Subject: [PATCH 1/5] Remove ctrlc crate and some updates - Removed ctrlc crate and use the tokio provided ctrl_c function. - Updated some crates. --- Cargo.lock | 119 +++++++++++++++++++++------------------------------- Cargo.toml | 15 +++---- src/main.rs | 7 ++-- 3 files changed, 58 insertions(+), 83 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 699df060..5da48e65 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -472,16 +472,6 @@ dependencies = [ "cipher", ] -[[package]] -name = "ctrlc" -version = "3.2.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1d91974fbbe88ec1df0c24a4f00f99583667a7e2e6272b2b92d294d81e462173" -dependencies = [ - "nix", - "winapi", -] - [[package]] name = "cxx" version = "1.0.83" @@ -576,9 +566,9 @@ dependencies = [ [[package]] name = "data-encoding" -version = "2.3.2" +version = "2.3.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3ee2393c4a91429dffb4bedf19f4d6abf27d8a732c8ce4980305d782e5426d57" +checksum = "23d8666cb01533c39dde32bcbab8e227b4ed6679b2c925eba05feabea39508fb" [[package]] name = "data-url" @@ -913,9 +903,9 @@ dependencies = [ [[package]] name = "generator" -version = "0.7.1" +version = "0.7.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cc184cace1cea8335047a471cc1da80f18acf8a76f3bab2028d499e328948ec7" +checksum = "d266041a359dfa931b370ef684cceb84b166beb14f7f0421f4a6a3d0c446d12e" dependencies = [ "cc", "libc", @@ -1255,9 +1245,9 @@ dependencies = [ [[package]] name = "ipnet" -version = "2.5.1" +version = "2.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f88c5561171189e69df9d98bcf18fd5f9558300f7ea7b801eb8a0fd748bd8745" +checksum = "11b0d96e660696543b251e58030cf9787df56da39dab19ad60eae7353040917e" [[package]] name = "itoa" @@ -1273,9 +1263,9 @@ checksum = "47f142fe24a9c9944451e8349de0a56af5f3e7226dc46f3ed4d4ecc0b85af75e" [[package]] name = "job_scheduler_ng" -version = "2.0.2" +version = "2.0.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "854c3036c710866ee61a7e1cd7f39988dd077d0d97ce5dd23b0a1f64f3fffb42" +checksum = "830ebb8320dcba49a2d081c36677d500bbbf9ab7e0500ddddadf88252bca3891" dependencies = [ "chrono", "cron", @@ -1579,18 +1569,6 @@ dependencies = [ "tempfile", ] -[[package]] -name = "nix" -version = "0.25.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f346ff70e7dbfd675fe90590b92d59ef2de15a8779ae305ebcbfd3f0caf59be4" -dependencies = [ - "autocfg", - "bitflags", - "cfg-if", - "libc", -] - [[package]] name = "no-std-compat" version = "0.4.1" @@ -1706,9 +1684,9 @@ checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5" [[package]] name = "openssl" -version = "0.10.43" +version = "0.10.44" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "020433887e44c27ff16365eaa2d380547a94544ad509aff6eb5b6e3e0b27b376" +checksum = "29d971fd5722fec23977260f6e81aa67d2f22cadbdc2aa049f1022d9a3be1566" dependencies = [ "bitflags", "cfg-if", @@ -1747,9 +1725,9 @@ dependencies = [ [[package]] name = "openssl-sys" -version = "0.9.78" +version = "0.9.79" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "07d5c8cb6e57b3a3612064d7b18b117912b4ce70955c2504d4b741c9e244b132" +checksum = "5454462c0eced1e97f2ec09036abc8da362e66802f66fd20f86854d9d8cbcbc4" dependencies = [ "autocfg", "cc", @@ -2494,9 +2472,9 @@ checksum = "e25dfac463d778e353db5be2449d1cce89bd6fd23c9f1ea21310ce6e5a1b29c4" [[package]] name = "serde" -version = "1.0.148" +version = "1.0.150" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e53f64bb4ba0191d6d0676e1b141ca55047d83b74f5607e6d8eb88126c52c2dc" +checksum = "e326c9ec8042f1b5da33252c8a37e9ffbd2c9bef0155215b6e6c80c790e05f91" dependencies = [ "serde_derive", ] @@ -2513,9 +2491,9 @@ dependencies = [ [[package]] name = "serde_derive" -version = "1.0.148" +version = "1.0.150" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a55492425aa53521babf6137309e7d34c20bbfbbfcfe2c7f3a047fd1f6b92c0c" +checksum = "42a3df25b0713732468deadad63ab9da1f1fd75a48a15024b50363f128db627e" dependencies = [ "proc-macro2", "quote", @@ -2812,9 +2790,9 @@ checksum = "cda74da7e1a664f795bb1f8a87ec406fb89a02522cf6e50620d016add6dbbf5c" [[package]] name = "tokio" -version = "1.22.0" +version = "1.23.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d76ce4a75fb488c605c54bf610f221cea8b0dafb53333c1a67e8ee199dcd2ae3" +checksum = "eab6d665857cc6ca78d6e80303a02cea7a7851e85dfbd77cbdc09bd129f1ef46" dependencies = [ "autocfg", "bytes", @@ -2827,7 +2805,7 @@ dependencies = [ "signal-hook-registry", "socket2", "tokio-macros", - "winapi", + "windows-sys 0.42.0", ] [[package]] @@ -3073,9 +3051,9 @@ dependencies = [ [[package]] name = "typenum" -version = "1.15.0" +version = "1.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dcf81ac59edc17cc8697ff311e8f5ef2d99fcbd9817b34cec66f90b6c3dfd987" +checksum = "497961ef93d974e23eb6f433eb5fe1b7930b659f06d12dec6fc44a8f554c0bba" [[package]] name = "ubyte" @@ -3195,7 +3173,6 @@ dependencies = [ "chrono-tz", "cookie", "cookie_store 0.19.0", - "ctrlc", "dashmap", "data-encoding", "data-url", @@ -3432,15 +3409,15 @@ checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" [[package]] name = "windows" -version = "0.32.0" +version = "0.39.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fbedf6db9096bc2364adce0ae0aa636dcd89f3c3f2cd67947062aaf0ca2a10ec" +checksum = "f1c4bd0a50ac6020f65184721f758dba47bb9fbc2133df715ec74a237b26794a" dependencies = [ - "windows_aarch64_msvc 0.32.0", - "windows_i686_gnu 0.32.0", - "windows_i686_msvc 0.32.0", - "windows_x86_64_gnu 0.32.0", - "windows_x86_64_msvc 0.32.0", + "windows_aarch64_msvc 0.39.0", + "windows_i686_gnu 0.39.0", + "windows_i686_msvc 0.39.0", + "windows_x86_64_gnu 0.39.0", + "windows_x86_64_msvc 0.39.0", ] [[package]] @@ -3479,15 +3456,15 @@ checksum = "41d2aa71f6f0cbe00ae5167d90ef3cfe66527d6f613ca78ac8024c3ccab9a19e" [[package]] name = "windows_aarch64_msvc" -version = "0.32.0" +version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d8e92753b1c443191654ec532f14c199742964a061be25d77d7a96f09db20bf5" +checksum = "9bb8c3fd39ade2d67e9874ac4f3db21f0d710bee00fe7cab16949ec184eeaa47" [[package]] name = "windows_aarch64_msvc" -version = "0.36.1" +version = "0.39.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9bb8c3fd39ade2d67e9874ac4f3db21f0d710bee00fe7cab16949ec184eeaa47" +checksum = "ec7711666096bd4096ffa835238905bb33fb87267910e154b18b44eaabb340f2" [[package]] name = "windows_aarch64_msvc" @@ -3497,15 +3474,15 @@ checksum = "dd0f252f5a35cac83d6311b2e795981f5ee6e67eb1f9a7f64eb4500fbc4dcdb4" [[package]] name = "windows_i686_gnu" -version = "0.32.0" +version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6a711c68811799e017b6038e0922cb27a5e2f43a2ddb609fe0b6f3eeda9de615" +checksum = "180e6ccf01daf4c426b846dfc66db1fc518f074baa793aa7d9b9aaeffad6a3b6" [[package]] name = "windows_i686_gnu" -version = "0.36.1" +version = "0.39.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "180e6ccf01daf4c426b846dfc66db1fc518f074baa793aa7d9b9aaeffad6a3b6" +checksum = "763fc57100a5f7042e3057e7e8d9bdd7860d330070251a73d003563a3bb49e1b" [[package]] name = "windows_i686_gnu" @@ -3515,15 +3492,15 @@ checksum = "fbeae19f6716841636c28d695375df17562ca208b2b7d0dc47635a50ae6c5de7" [[package]] name = "windows_i686_msvc" -version = "0.32.0" +version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "146c11bb1a02615db74680b32a68e2d61f553cc24c4eb5b4ca10311740e44172" +checksum = "e2e7917148b2812d1eeafaeb22a97e4813dfa60a3f8f78ebe204bcc88f12f024" [[package]] name = "windows_i686_msvc" -version = "0.36.1" +version = "0.39.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e2e7917148b2812d1eeafaeb22a97e4813dfa60a3f8f78ebe204bcc88f12f024" +checksum = "7bc7cbfe58828921e10a9f446fcaaf649204dcfe6c1ddd712c5eebae6bda1106" [[package]] name = "windows_i686_msvc" @@ -3533,15 +3510,15 @@ checksum = "84c12f65daa39dd2babe6e442988fc329d6243fdce47d7d2d155b8d874862246" [[package]] name = "windows_x86_64_gnu" -version = "0.32.0" +version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c912b12f7454c6620635bbff3450962753834be2a594819bd5e945af18ec64bc" +checksum = "4dcd171b8776c41b97521e5da127a2d86ad280114807d0b2ab1e462bc764d9e1" [[package]] name = "windows_x86_64_gnu" -version = "0.36.1" +version = "0.39.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4dcd171b8776c41b97521e5da127a2d86ad280114807d0b2ab1e462bc764d9e1" +checksum = "6868c165637d653ae1e8dc4d82c25d4f97dd6605eaa8d784b5c6e0ab2a252b65" [[package]] name = "windows_x86_64_gnu" @@ -3557,15 +3534,15 @@ checksum = "09d525d2ba30eeb3297665bd434a54297e4170c7f1a44cad4ef58095b4cd2028" [[package]] name = "windows_x86_64_msvc" -version = "0.32.0" +version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "504a2476202769977a040c6364301a3f65d0cc9e3fb08600b2bda150a0488316" +checksum = "c811ca4a8c853ef420abd8592ba53ddbbac90410fab6903b3e79972a631f7680" [[package]] name = "windows_x86_64_msvc" -version = "0.36.1" +version = "0.39.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c811ca4a8c853ef420abd8592ba53ddbbac90410fab6903b3e79972a631f7680" +checksum = "5e4d40883ae9cae962787ca76ba76390ffa29214667a111db9e0a1ad8377e809" [[package]] name = "windows_x86_64_msvc" diff --git a/Cargo.toml b/Cargo.toml index c5fc70db..3dcbe689 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -66,10 +66,10 @@ dashmap = "5.4.0" # Async futures futures = "0.3.25" -tokio = { version = "1.22.0", features = ["rt-multi-thread", "fs", "io-util", "parking_lot", "time"] } +tokio = { version = "1.23.0", features = ["rt-multi-thread", "fs", "io-util", "parking_lot", "time", "signal"] } # A generic serialization/deserialization framework -serde = { version = "1.0.148", features = ["derive"] } +serde = { version = "1.0.150", features = ["derive"] } serde_json = "1.0.89" # A safe, extensible ORM and Query builder @@ -93,13 +93,13 @@ chrono-tz = "0.8.1" time = "0.3.17" # Job scheduler -job_scheduler_ng = "2.0.2" +job_scheduler_ng = "2.0.3" # Data encoding library Hex/Base32/Base64 -data-encoding = "2.3.2" +data-encoding = "2.3.3" # JWT library -jsonwebtoken = "8.1.1" +jsonwebtoken = "8.2.0" # TOTP library totp-lite = "2.0.0" @@ -136,7 +136,7 @@ cookie = "0.16.1" cookie_store = "0.19.0" # Used by U2F, JWT and Postgres -openssl = "0.10.43" +openssl = "0.10.44" # CLI argument parsing pico-args = "0.5.0" @@ -145,9 +145,6 @@ pico-args = "0.5.0" paste = "1.0.9" governor = "0.5.1" -# Capture CTRL+C -ctrlc = { version = "3.2.3", features = ["termination"] } - # Check client versions for specific features. semver = "1.0.14" diff --git a/src/main.rs b/src/main.rs index 08e223b7..57b8683a 100644 --- a/src/main.rs +++ b/src/main.rs @@ -454,11 +454,12 @@ async fn launch_rocket(pool: db::DbPool, extra_debug: bool) -> Result<(), Error> .await?; CONFIG.set_rocket_shutdown_handle(instance.shutdown()); - ctrlc::set_handler(move || { + + tokio::spawn(async move { + tokio::signal::ctrl_c().await.expect("Error setting Ctrl-C handler"); info!("Exiting vaultwarden!"); CONFIG.shutdown(); - }) - .expect("Error setting Ctrl-C handler"); + }); let _ = instance.launch().await?; From 99fd92df21c23b5ba87e1871f31f7fe82c1f22ea Mon Sep 17 00:00:00 2001 From: BlackDex Date: Thu, 8 Dec 2022 13:35:53 +0100 Subject: [PATCH 2/5] Increase privacy of masked config This changes the masking function to hide a bit more information from the generated support string. It will still keep showing the `://` for example, and `,`, but other characters will be hidden. Also did some small changes on some key's which all showed up as `Internal` on the Settings page. Fixes #2929 --- src/config.rs | 31 ++++++++++++++++++++----------- 1 file changed, 20 insertions(+), 11 deletions(-) diff --git a/src/config.rs b/src/config.rs index eb776bb9..edf5bbfe 100644 --- a/src/config.rs +++ b/src/config.rs @@ -232,14 +232,23 @@ macro_rules! make_config { /// We map over the string and remove all alphanumeric, _ and - characters. /// This is the fastest way (within micro-seconds) instead of using a regex (which takes mili-seconds) fn _privacy_mask(value: &str) -> String { - value.chars().map(|c| - match c { - c if c.is_alphanumeric() => '*', - '_' => '*', - '-' => '*', - _ => c - } - ).collect::() + let mut n: u16 = 0; + let mut colon_match = false; + value + .chars() + .map(|c| { + n += 1; + match c { + ':' if n <= 11 => { + colon_match = true; + c + } + '/' if n <= 13 && colon_match => c, + ',' => c, + _ => '*', + } + }) + .collect::() } serde_json::Value::Object({ @@ -475,9 +484,9 @@ make_config! { /// service is set, an icon request to Vaultwarden will return an HTTP redirect to the /// corresponding icon at the external service. icon_service: String, false, def, "internal".to_string(); - /// Internal + /// _icon_service_url _icon_service_url: String, false, gen, |c| generate_icon_service_url(&c.icon_service); - /// Internal + /// _icon_service_csp _icon_service_csp: String, false, gen, |c| generate_icon_service_csp(&c.icon_service, &c._icon_service_url); /// Icon redirect code |> The HTTP status code to use for redirects to an external icon service. /// The supported codes are 301 (legacy permanent), 302 (legacy temporary), 307 (temporary), and 308 (permanent). @@ -613,7 +622,7 @@ make_config! { helo_name: String, true, option; /// Embed images as email attachments. smtp_embed_images: bool, true, def, true; - /// Internal + /// _smtp_img_src _smtp_img_src: String, false, gen, |c| generate_smtp_img_src(c.smtp_embed_images, &c.domain); /// Enable SMTP debugging (Know the risks!) |> DANGEROUS: Enabling this will output very detailed SMTP messages. This could contain sensitive information like passwords and usernames! Only enable this during troubleshooting! smtp_debug: bool, false, def, false; From bda19bdddffdbad57eb43d6cd2b98aadfe4a548f Mon Sep 17 00:00:00 2001 From: "Helmut K. C. Tessarek" Date: Fri, 9 Dec 2022 16:31:40 -0500 Subject: [PATCH 3/5] Improve comments - The first one was not a proper sentence. - The second one mixed passive and active form in the secon d part of the sentence. --- .env.template | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.env.template b/.env.template index 22877f15..7ccdacd3 100644 --- a/.env.template +++ b/.env.template @@ -83,11 +83,11 @@ ## Controls whether event logging is enabled for organizations ## This setting applies to organizations. -## Default this is disabled. Also check the EVENT_CLEANUP_SCHEDULE and EVENTS_DAYS_RETAIN settings. +## Disabled by default. Also check the EVENT_CLEANUP_SCHEDULE and EVENTS_DAYS_RETAIN settings. # ORG_EVENTS_ENABLED=false ## Number of days to retain events stored in the database. -## If unset (the default), events are kept indefently and also disables the scheduled job! +## If unset (the default), events are kept indefinitely and the scheduled job is disabled! # EVENTS_DAYS_RETAIN= ## Job scheduler settings From e649b1151197ec2b296180d93a8cddd1e31c3d23 Mon Sep 17 00:00:00 2001 From: "Helmut K. C. Tessarek" Date: Fri, 9 Dec 2022 17:32:59 -0500 Subject: [PATCH 4/5] use black favicon for /admin --- src/api/web.rs | 1 + src/static/images/vaultwarden-favicon.png | Bin 0 -> 1615 bytes src/static/templates/404.hbs | 2 +- src/static/templates/admin/base.hbs | 2 +- 4 files changed, 3 insertions(+), 2 deletions(-) create mode 100644 src/static/images/vaultwarden-favicon.png diff --git a/src/api/web.rs b/src/api/web.rs index a7640cd9..72bb66d0 100644 --- a/src/api/web.rs +++ b/src/api/web.rs @@ -101,6 +101,7 @@ pub fn static_files(filename: String) -> Result<(ContentType, &'static [u8]), Er "error-x.svg" => Ok((ContentType::SVG, include_bytes!("../static/images/error-x.svg"))), "hibp.png" => Ok((ContentType::PNG, include_bytes!("../static/images/hibp.png"))), "vaultwarden-icon.png" => Ok((ContentType::PNG, include_bytes!("../static/images/vaultwarden-icon.png"))), + "vaultwarden-favicon.png" => Ok((ContentType::PNG, include_bytes!("../static/images/vaultwarden-favicon.png"))), "bootstrap.css" => Ok((ContentType::CSS, include_bytes!("../static/scripts/bootstrap.css"))), "bootstrap-native.js" => Ok((ContentType::JavaScript, include_bytes!("../static/scripts/bootstrap-native.js"))), "jdenticon.js" => Ok((ContentType::JavaScript, include_bytes!("../static/scripts/jdenticon.js"))), diff --git a/src/static/images/vaultwarden-favicon.png b/src/static/images/vaultwarden-favicon.png new file mode 100644 index 0000000000000000000000000000000000000000..bb0e169a1e008dc0e41548c87a8b83c7fbdb6488 GIT binary patch literal 1615 zcmV-V2C(^wP)uwr$(CZQHhO+qQl4W^LQ4`d-rAwb{B_J&dQm^vNmw zt4<+{`SITrP+BDXQi~)IJlptQXa~VFpN*HATzO^v$N0~JrUe(!qGd4qPm{0VYniq` zgZ-uj63|-9#C_fpc??b;v;*ug=nQyF>PkETBcnLoDych;;76c+sk^C?k(O zcBCjDhRF`m2r+kg9%{7wg##t;;R4|Dt~4B2KR%@r7T*(PI|$}~$74_5B(O-1(?lC4 z%pVt%2O!2KrysjxRkS6bq#YnmHbsPv-5DX;USQ*(3lUOT;sEWUYzH;DoTZawAq9B6 zBG!B>c^41Am?gP1mrKodAR<-D6uInRdO$CZ)M7h0jW+1PA(v64Ow}HPI)6WWa0xAG zR#wm9LL|!|(epk(g6*Y&Mu|F#-q6b4bF3~LNiXVOM=2Qvbjz*4Tb2X4nO2V7m^(#Y z!vpgCt7$>YAm5kAt0H%@@v*dWlW1!Y`@@?udK-qz2ojy3!UIhKB~Rf(rvxKpINOYo zH=)0^kOn`tHB1({v0>qC9O%K;Gn>OWXD?d8;p~Qi8$~9=){hM~0!lsuN<1+8w{55%uk|>fhq;S<3o|7S?{;m4^RR=6XgqN8Gis3;;adK3=o-ECJH5PYYN;?1)`KE ziVWBj)+A1a{p-X9UC=V^3^KUv@o7!8mTM?Lk~OCWeb6#m5in=4ejfXMIvo;A+u< zz%7&@#ro6zhB@*oUWy&QmbqQH5|X&QW!~{_$`GY8F~E7sswAMy-KPE)E=hdHO#!^7 zz;6@*kB=J-O1{Jeiu~3T@B#s=3ob93VV}JlE#Po|;NS}K(86xB&7{1D+w6iF#C)0i zLIEXD;zE6E9Mc%~2@YMs<%zlF`zYrb6b_=9#&jPp5N$1ezf-EQuq?o}oKGJ!jm?E* zEne*-ndPKL^&A`@L{pQQThqfVq~=nN(|ixrm?-Gb!Z4B1L^}l_s!(7cS>k3X8<@5t z?()*y*NpO!^mtL^4Ll#jQKFk;824eaan5Hr$N;PZBr_bUXoDV@P)hKs2SFDUstQ`Qw(>hQk?VphF}*-gzG{1ksdE$D!?yTiQNAH!6G` zrkD`PR*pWFbO>T-;A<*$Yi_F6w%(Hsr-{-^DT8DJ5(dQjhgLFeLwZ`4#P&%nk6!THUMa2fXJ++)>R_=v#g0Ye;cxRZv4aW zk%$~i79h*9BJwdjJpNfs$okuu_x>gTF*xA4QO{8VDDm9r=MVH7VUzbw%=`PGxzaKo z9UNdCA^;KA2AmFf%dBLA=7L0BFGB|a=s?~D - + Page not found!