Commit Graph

1365 Commits (de66e56b6c951192bcb47987b34ac21e2bcea43a)

Author SHA1 Message Date
Daniel García c58aac585b
Merge branch 'main' into fix-post-emergency-access
2 years ago
Daniel García a20a641de3
Merge branch 'main' into spell-jack_mitigation
2 years ago
Helmut K. C. Tessarek 68bcc7a4b8
add argon2 kdf fields
2 years ago
BlockListed c04a1352cb
remove warn when sanitizing domain
2 years ago
BlockListed 5d1c11ceba
fix trailing slash in configuration builder
2 years ago
BlockListed a2aa7c9bc2
Revert "fix trailing slash not being removed from domain"
2 years ago
Jan Jansen b3a351ccb2 allow editing/unhiding by group
2 years ago
BlockListed 679bc7a59b
fix trailing slash not being removed from domain
2 years ago
BlockListed a72d0b518f
remove documentation of bug since I'm fixing it
2 years ago
Kevin P. Fleming 6741b25907 Ensure that all results from check_domain_blacklist_reason are cached.
2 years ago
Kevin P. Fleming 24b5784f02 Generate distinct log messages for regex vs. IP blacklisting.
2 years ago
BlockListed eb9b481eba
improve wording of domain description
2 years ago
BlockListed 64edc49392
change description of domain configuration
2 years ago
sirux88 0d1753ac74 completly hide reset password policy
2 years ago
sirux88 a6558f5548 rust lang specific improvements
2 years ago
sirux88 62dfeb80f2 improved security, disabling policy usage on
2 years ago
Stefan Melmuk e65fbbfc21
don't nullify key when editing emergency access
2 years ago
BlackDex c9ed9aa733
Fix Javascript issue on non sqlite databases
2 years ago
Daniel Hammer 9b20decdc1 "Spell-Jacking" mitigation ~ prevent sensitive data leak from spell checker.
2 years ago
sirux88 adaefc8628 fixes for current upstream main
2 years ago
sirux88 c6c45c4c49 working implementation
2 years ago
sirux88 95494083f2 added database migration
2 years ago
BlackDex e38e1a5d5f
Validate note sizes on key-rotation.
2 years ago
sirux88 cc91ac6cc0
include key into user.set_password
2 years ago
BlackDex 2d8c8e18f7
Update KDF Configuration and processing
2 years ago
BlackDex acc1474394
Add avatar color support
2 years ago
BlackDex aaffb2e007
Add MFA icon to org member overview
2 years ago
GeekCorner e0e95e95e4
fix (2fa.directory): Allow api.2fa.directory, and remove 2fa.directory
2 years ago
BlackDex fa70b440d0
Fix remaning inline format
2 years ago
Rychart Redwerkz 42acb2ebb6
Use more modern meta tag for charset encoding
2 years ago
BlackDex 3181e4e96e
Optimize CipherSyncData for very large vaults
2 years ago
BlackDex 7390f34355
Resolve uninlined_format_args clippy warnings
2 years ago
Daniel García c47d9f6593
Fix some lints: explicit Arc::clone, and unnecessary return after unreachable!
2 years ago
pjsier 7dd1959eba
Log message to stderr if LOG_FILE is not writable
2 years ago
pjsier e266b39254
Log message to stderr if LOG_FILE is not writable
2 years ago
BlackDex e935989fee
Resolve uninlined_format_args clippy warnings
2 years ago
Rychart Redwerkz 25c401f64d
Remove `shrink-to-fit=no`
2 years ago
Jeremy Lin 18b72da657
Change `text/plain` API responses to `application/json`
2 years ago
BlackDex 6be26f0a38
Fix failing large note imports
2 years ago
BlackDex e945d16fcf
Optimize config loading messages
2 years ago
BlackDex f1c0aa4f83
Update WebSocket Notifications
2 years ago
pjsier 68362d06b3
Log message to stderr if LOG_FILE is not writable
2 years ago
BlackDex f65c0e2ac8
Validate YUBICO_SERVER string (#3003)
2 years ago
BlackDex 0f588ced03
Removed unsafe-inline JS from CSP and other fixes
2 years ago
Alex Martel b0f03bb49c
Remove patched multer-rs
2 years ago
Andrés Maldonado 2897c24e83 Percent-encode org_name in links
2 years ago
BlackDex 67a584c1d4
Disable groups by default and Some optimizations
2 years ago
BlackDex 8e5f03972e
Fix recover-2fa not working.
2 years ago
BlackDex b60a4a68c7
Fix a panic during Yubikey register/login
2 years ago
BlackDex 8d1bc2e539
Fix org export (again)
2 years ago
BlackDex 50c46f6e9a
Remove ctrlc crate and some updates
2 years ago
Helmut K. C. Tessarek 4f1928778a
use 32x32 favicon for consistency
2 years ago
Helmut K. C. Tessarek 5fcba3d7f5
use black favicon for /admin
2 years ago
BlackDex cd3e2d7a5a
Increase privacy of masked config
2 years ago
BlackDex d9c0c23819
Revert collection queries back to `left_join`
2 years ago
BlackDex 2d90c6ac24
Fix managers and groups link
2 years ago
Stefan Melmuk d209df9e10
use a custom 404 page
2 years ago
BlackDex d6dc6070f3
Fix admin repost warning.
2 years ago
BlackDex d66323b742
Limit Cipher Note encrypted string size
2 years ago
BlackDex 7b09d74b1f
Update dependencies for Rust and Admin interface.
2 years ago
BlackDex c0e3c2c5e1
Cleanups and Fixes for Emergency Access
2 years ago
BlackDex 1b64b9e164
Add dev-only query logging support
2 years ago
Stefan Melmuk d5e54cb576
only check sqlite parent if there could be one
2 years ago
Stefan Melmuk 8837660ba7
check if sqlite folder exists
2 years ago
BlackDex 464a489b44
Update Vaultwarden Logo's
2 years ago
BlackDex 7035700c8d
Add Organizational event logging feature
2 years ago
Stefan Melmuk 0aa33a2cb4
don't use param for passing the redirect info
2 years ago
Stefan Melmuk fa7dbedd5d
redirect to admin login page when forward fails
2 years ago
Daniel García f3beaea9e9
Merge pull request #2933 from stefan0xC/fix-manager-issue
2 years ago
Daniel García 39ae2f1f76
Merge pull request #2928 from karbobc/settings-description
2 years ago
Daniel García 366b1050ec
Merge pull request #2921 from BlackDex/issue-2909
2 years ago
Daniel García b3aab7a6ad
Merge pull request #2920 from BlackDex/issue-2889
2 years ago
Daniel García aa8d050d6b
Merge pull request #2919 from BlackDex/issue-2828
2 years ago
Daniel García 5200f0e98d
Merge pull request #2918 from BlackDex/issue-2761
2 years ago
Stefan Melmuk e27a5be47a
allow managers to set groups of a collection
2 years ago
Karbob 56786a18f1 Update settings description
2 years ago
BlackDex 0d2399d485
Prevent DNS leak when icon regex is configured
2 years ago
BlackDex 5bfc7cfde3
Added missing `register` endpoint to `identity`
2 years ago
BlackDex 723f0cbc1e
Fully remove DuckDuckGo email service.
2 years ago
BlackDex b141f789f6
Set "Bypass admin page security" as read-only
2 years ago
Samuel Tardieu 7445ee40f8 Remove get_random_64()
2 years ago
Samuel Tardieu d0baa23f9a Use constant size generic parameter for random bytes generation
2 years ago
GeekCorner 05d4788d1d
fix: removed a double space
2 years ago
BlackDex 6f0dea1b56
Add `/devices/knowndevice` endpoint
2 years ago
BlackDex 439ef44973
Update Rust version, deps and workflow
2 years ago
BlackDex c9ec389b24
Support Org Export for v2022.11 clients
2 years ago
Jeremy Lin b59809af46
Sync global_domains.json to bitwarden/server@7c783c9 (Atlassian)
2 years ago
Stefan Melmuk ed24d51d3e
validate cron expressions on startup
2 years ago
Stefan Melmuk 870f0d0932
validate billing_email on save
2 years ago
Daniel García 8409b31d6b
Update to diesel2
2 years ago
MFijak 21bc3bfd53 group support
2 years ago
Stefan Melmuk 64ae5d4f81
verify email on registration via invite link
2 years ago
Jeremy Lin 0c267d073f
Sync global_domains.json to bitwarden/server@ea300b2 (Amazon)
2 years ago
Stefan Melmuk 23f1f8a576
allow registration without invite link
2 years ago
Stefan Melmuk 0e6f6e612a
use static_files() for email attachments
2 years ago
Stefan Melmuk 4d1b860dad
attach images to email
2 years ago
Stefan Melmuk 6576914e55
fix invitations of new users when mail is disabled
2 years ago
BlackDex f41ba2a60f
Fix master password hint update not working.
2 years ago
Jeremy Lin 46ec11de12
Update CSP for DuckDuckGo email forwarding
2 years ago
Jeremy Lin 4283a49e0b
Reformat CSP header for readability
2 years ago
Jeremy Lin 1e32db8c41
Add `CreationDate` to cipher response JSON
2 years ago
Stefan Melmuk 2dd5086916
more verbose permission denied error
2 years ago
Stefan Melmuk 7532072d50
add check if data folder is a directory
2 years ago
Stefan Melmuk ef4072e4ff
improve spelling of minimum expiration hours check
2 years ago
Stefan Melmuk c78d383ed1
make invitation expiration time configurable
2 years ago
Stefan Melmuk 5b96270874
return "Object" for consistency
2 years ago
Stefan Melmuk 2c0742387b
return CaptchaBypassToken and register object
2 years ago
Stefan Melmuk 1704d14f29
v2022.9.2 expects a json response when registering
2 years ago
Stefan Melmuk 2d7ffbf378
allow the removal of non-confirmed owners
2 years ago
Stefan Melmuk 475c7b8f16
return more descriptive JWT validation messages
2 years ago
Daniel García 6fa6eb18e8
Remove unused value in config endpoint
2 years ago
BlackDex da9fd6b7d0
Fix organization vault export
2 years ago
BlackDex 9eabcd5cae
Add support for send v2 API endpoints
2 years ago
Aaron d6e0d4cbbd
fix: update warning and success case verbiage
2 years ago
Aaron e5e6db2688
fix: tooltip typo
2 years ago
Stefan Melmuk 102ee3f871
add api_not_found catcher for 404 errors in /api
2 years ago
Stefan Melmuk acb5ab08a8
add not_found catcher for 404 errors
2 years ago
Daniel García 9c891baad1
Merge pull request #2739 from BlackDex/fix-restore-revoke
2 years ago
BlackDex e47a2fd0f3
Rename/Fix revoke/restore endpoints
2 years ago
BlackDex 42b9cc73ac
Fix issue 2737, unable to create org
2 years ago
Daniel García edca4248aa
Use optional env as this variable isn't defined during CI
2 years ago
Daniel García 818b254cef
Implement config endpoint
2 years ago
Daniel García 8b5c945bad
Merge branch 'web-vault-v2022.9-support' of https://github.com/BlackDex/vaultwarden into BlackDex-web-vault-v2022.9-support
2 years ago
BlackDex 94be67eac1
Added support for web-vault v2022.9
2 years ago
BlackDex 5a05139efe
Change the handling of login errors.
2 years ago
Daniel García 7598997deb
Merge branch 'org-user-revoke-access' of https://github.com/BlackDex/vaultwarden into BlackDex-org-user-revoke-access
2 years ago
BlackDex 1722742ab3
Add Org user revoke feature
2 years ago
Hagen Tasche d9c0eb3cfc
Update two external Links to prevent tabnabbing
2 years ago
Hagen Tasche 0d990e1dc0
Open Externallink in new Tab
2 years ago
BlackDex abfa868423
Mitigate attachment/send upload issues
2 years ago
BlackDex 9a787dd105
Fix persistent folder check within containers
2 years ago
BlackDex 0f95bdc9bb
Fix issue with CSP and icon redirects
2 years ago
Daniel García c9376e3126
Remove read_file and read_file_string and replace them with the std alternatives
2 years ago
Daniel García e167798449
Merge branch 'more-clippy-checks' of https://github.com/BlackDex/vaultwarden into BlackDex-more-clippy-checks
2 years ago
Daniel García fc5928772b
Move around comments
2 years ago
BlackDex 55d7c48b1d
Add more clippy checks for better code/readability
2 years ago
Yip Rui Fung bf623eed7f Use if let instead of a match with empty block.
2 years ago
Yip Rui Fung 84bcac0112 Apply rustfmt.
2 years ago
Yip Rui Fung 31595888ea Use match to avoid ownership issues on the TempFile / file_path variables in closures.
2 years ago
Yip Rui Fung 5c38b2c4eb Remove option and use unwrap_or_else to fall back to copy behavior.
2 years ago
Yip Rui Fung ebe9162af9 Add option to make file uploads use move_copy_to instead of persist_to
2 years ago
Daniel García b64cf27038
Upgrade dependencies and swap lettre to async transport
2 years ago
Jeremy Lin 5e13b1a7cb Add `password_hints_allowed` config option
2 years ago
Daniel García 221a11de9b
Merge branch 'log-level-adjustment' of https://github.com/BlackDex/vaultwarden into BlackDex-log-level-adjustment
2 years ago
Daniel García c9934ccdb7
Merge branch 'fix-issue-2570' of https://github.com/BlackDex/vaultwarden into BlackDex-fix-issue-2570
2 years ago
Daniel García f1a86acb98
Merge branch 'optimize-icon-html-parsing' of https://github.com/BlackDex/vaultwarden into BlackDex-optimize-icon-html-parsing
2 years ago
Daniel García bf403fee7d
Merge branch 'fix-issue-2566' of https://github.com/BlackDex/vaultwarden into BlackDex-fix-issue-2566
2 years ago
BlackDex 45d3b479bc
Small change in log-level for better debugging
2 years ago
BlackDex c7a752b01d
Update dep's and small improvements on favicons
2 years ago
BlackDex 099d359628
Fix identicons not always working
2 years ago
BlackDex 006a2aacbb
Allow FireFox relay in CSP.
2 years ago
BlackDex b71d9dd53e
Fix for issue #2566
2 years ago
Daniel García 887e320e7f
Merge pull request #2555 from jjlin/global-domains
3 years ago
BlackDex 5d05ec58be
Updated deps and misc fixes and updates
3 years ago
Jeremy Lin dec03b3dc0 Sync global_domains.json to bitwarden/server@194b76c (HealthCare.gov)
3 years ago
Jeremy Lin 85950bdc0b Sync global_domains.json to bitwarden/server@496c9a5 (Proton)
3 years ago
BlackDex e33b8fab34
Re-Base, Update crates and small change.
3 years ago
Daniel García b00fbf153e
Fix clippy lint and remove unused log
3 years ago
Daniel García 0de5919a16
Fix incorrect pings sent, and respond to pings from the client
3 years ago
Daniel García 699777be9e
use dashmap in icons blacklist regex
3 years ago
Daniel García 16ff49d712
Move to job_scheduler_ng
3 years ago
Daniel García 54c78cf06d
Migrate old ws crate to tungstenite, which is async and also removes over 20 old dependencies
3 years ago
Daniel García 6b6f5b8d04
Merge branch 'lettre-improvements' of https://github.com/paolobarbolini/vaultwarden into paolobarbolini-lettre-improvements
3 years ago
Paolo Barbolini 12612da75e Remove manual IDN handling
3 years ago
Paolo Barbolini 68ec5f2a18 Use MultiPart::alternative_plain_html instead of manual impl
3 years ago
Lyonel Martinez dbd95e08e9 Adding "UserEnabled" and "CreatedAt" member to the json output of a User in the admin/users and admin/users/<ID> web routes.
3 years ago
BlackDex 40ed505581
Add a persistent volume check.
3 years ago
BlackDex 1c266031d7
Fix upload limits and disable color logs
3 years ago
Daniel García 2a9ca88c2a
Dependency updates
3 years ago
Daniel García 451ad47327
Merge branch 'db-conn-init' of https://github.com/jjlin/vaultwarden into jjlin-db-conn-init
3 years ago
BlackDex 3ca85028ea
Improve sync speed and updated dep. versions
3 years ago
Jeremy Lin 542a73cc6e Switch to a single config option for database connection init
3 years ago
Jeremy Lin 78d07e2fda Add default connection-scoped pragmas for SQLite
3 years ago
Jeremy Lin b617ffd2af Add support for database connection init statements
3 years ago
Jeremy Lin df8aeb10e8 Add `/api/{alive,now,version}` endpoints
3 years ago
Jeremy Lin 28c5e63bf5 Sync global_domains.json to bitwarden/server@3521ccb (Just Eat Takeaway.com)
3 years ago
BlackDex fb0c23b71f
Remove u2f implementation
3 years ago
Daniel García 81f0c2b0e8
Merge branch 'x-xss-protection' of https://github.com/Wonderfall/vaultwarden into Wonderfall-x-xss-protection
3 years ago
Wonderfall 27d4b713f6 disable legacy X-XSS-Protection feature
3 years ago
BlackDex b0faaf2527
Several updates and fixes
3 years ago
BlackDex c4d565b15b
Update login API code
3 years ago
Daniel García 843f205f6f
Merge branch 'async-updates' of https://github.com/BlackDex/vaultwarden into BlackDex-async-updates
3 years ago
Daniel García 2ff51ae77e
formatting
3 years ago
Daniel García 2b75d81a8b
Ignore unused field
3 years ago
Daniel García cad0dcbed1
await the mutex in db_run and use block_in_place for it's contents
3 years ago
BlackDex 19b8388950
Upd Dockerfiles, crates. Fixed rust 2018 idioms
3 years ago
BlackDex 87e08b9e50
Async/Awaited all db methods
3 years ago
Daniel García 0b7d6bf6df
Update to rocket 0.5 and made code async, missing updating all db calls, that are currently blocking
3 years ago
Daniel García d73d74e78f
Merge branch 'main' of https://github.com/taylorwmj/vaultwarden into taylorwmj-main
3 years ago
Daniel García 94201ca133
Merge branch 'custom-env-path' of https://github.com/TinfoilSubmarine/vaultwarden into TinfoilSubmarine-custom-env-path
3 years ago
BlackDex 42136a7097
Favicon, SMTP and misc updates
3 years ago
taylorwmj 9bb4c38bf9
Added autofocus to pw field on admin login page
3 years ago
BlackDex 5f01db69ff
Update async to prepare for main merge
3 years ago
Joel Beckmeyer 8295688bed Add support for custom .env file path
3 years ago
Tomek Mańko 9713a3a555 Add IP address to missing/invalid password message for Sends
3 years ago
Daniel García d781981bbd
formatting
3 years ago
Daniel García 5125fdb882
Ignore unused field
3 years ago
Daniel García fd9693b961
await the mutex in db_run and use block_in_place for it's contents
3 years ago
BlackDex f38926d666
Upd Dockerfiles, crates. Fixed rust 2018 idioms
3 years ago
BlackDex 775d07e9a0
Async/Awaited all db methods
3 years ago
Daniel García 2d5f172e77
Update to rocket 0.5 and made code async, missing updating all db calls, that are currently blocking
3 years ago
Jeremy Lin 7d552dbdc8 Increase length limit for email token generation
3 years ago
Daniel García bf6330374c
Merge branch 'api-key' of https://github.com/jjlin/vaultwarden into jjlin-api-key
3 years ago
Daniel García 4a88e7ec78
Merge branch 'iamdoubz-feature-to-permissions-policy-patch' of https://github.com/iamdoubz/vaultwarden into iamdoubz-iamdoubz-feature-to-permissions-policy-patch
3 years ago
Daniel García ba9ad14fbb
Merge branch 'icons' of https://github.com/jjlin/vaultwarden into jjlin-icons
3 years ago
Daniel García 14e3dcad8e
Merge branch 'fix-emergency-invite-register' of https://github.com/BlackDex/vaultwarden into BlackDex-fix-emergency-invite-register
3 years ago
Daniel García f4a9645b54
Remove references to "bwrs" #2195
3 years ago
Jeremy Lin 8f7900759f Fix `scope` and `refresh_token` for API key logins
3 years ago
Jeremy Lin 69ee4a70b4 Add support for API keys
3 years ago
iamdoubz e4e16ed50f Upgrade Feature-Policy to Permissions-Policy
3 years ago
Jeremy Lin a16c656770 Add support for legacy HTTP 301/302 redirects for external icons
3 years ago
BlackDex 76b7de15de
Fix emergency access invites for new users
3 years ago
Daniel García 8ba6e61fd5
Merge pull request #2197 from BlackDex/issue-2196
3 years ago
Daniel García a30a1c9703
Merge pull request #2194 from BlackDex/issue-2154
3 years ago
BlackDex bf5aefd129
Fix issue with Bitwarden CLI.
3 years ago
BlackDex 1fa178d1d3
Fixed issue #2154
3 years ago
Jeremy Lin b7eedbcddc Add config option to set the HTTP redirect code for external icons
3 years ago
Jake Howard 6ddbe84bde
Remove unnecessary return
3 years ago
Jake Howard 690d0ed1bb
Add our own HTTP date formatter
3 years ago
Jake Howard 248e7dabc2
Collapse field name definition
3 years ago
Jake Howard 4584cfe3c1
Additionally set expires header when caching responses
3 years ago
Daniel García e501dc6d0e
Merge branch 'multi-db-dockers' of https://github.com/BlackDex/vaultwarden into BlackDex-multi-db-dockers
3 years ago
Daniel García 85ac9783f0
Merge branch 'ratelimit' into main
3 years ago
BlackDex 5b430f22bc
Support all DB's for Alpine and Debian
3 years ago
Daniel García d4eb21c2d9
Better document the new rate limiting
3 years ago
Jeremy Lin 605419ae1b Sync global_domains.json to bitwarden/server@5a8f334 (TransferWise)
3 years ago
Daniel García b89ffb2731
Merge pull request #2170 from BlackDex/issue-2136
3 years ago
BlackDex 2c94ea075c
Small changes to icon log messages.
3 years ago
BlackDex 4bd8eae07e
Fixed #2151
3 years ago
Daniel García 5529264c3f
Basic ratelimit for user login (including 2FA) and admin login
3 years ago
Jeremy Lin 2f9ac61a4e Add support for external icon services
3 years ago
Jeremy Lin d8869adf52 Sync global_domains.json to bitwarden/server@224bfb6 (Wells Fargo)
3 years ago
Jeremy Lin a631fc0077 Sync global_domains.json to bitwarden/server@2f518fb (Ubisoft)
3 years ago
BlackDex e327583aa5
Enabled trust-dns and some updates.
3 years ago
BlackDex c453528dc1
Macro recursion decrease and other optimizations
3 years ago
Daniel García 88643fd9d5
Merge pull request #2078 from jjlin/fix-ea-reject
3 years ago
Jeremy Lin 14408396bb Fix missing encrypted key after emergency access reject
3 years ago
Jeremy Lin 6cbb724069 Fix conflict resolution logic for `read_only` and `hide_passwords` flags
3 years ago
Jeremy Lin c476e19796 Add email notifications for incomplete 2FA logins
3 years ago
Daniel García 9f393cfd9d
Formatting
3 years ago
Daniel García 75e62abed0
Move database_max_conns
3 years ago
Daniel García 97f9eb1320
Update dependencies
3 years ago
Daniel García 53cc8a65af
Add doc comments to the functions in Config, and remove some unneeded pubs
3 years ago
Jeremy Lin cee3fd5ba2 Emergency Access cleanup
3 years ago
Daniel García 4af81ec50e
Merge branch 'domdomegg/2fa-check-accepted' of https://github.com/domdomegg/vaultwarden into domdomegg-domdomegg/2fa-check-accepted
3 years ago
Adam Jones 4cebe1fff4
cargo fmt
3 years ago
Adam Jones a984dbbdf3
2FA org policy: do not enforce on invited (not accepted) users
3 years ago
BlackDex 881524bd54
Added DbConn to /alive healthcheck
3 years ago
Daniel García a1c1b9ab3b
Merge branch 'mail-errors' of https://github.com/BlackDex/vaultwarden into BlackDex-mail-errors
3 years ago
BlackDex 338756550a
Fix error reporting in admin and some small fixes
3 years ago