vw_small

Hardened fork of Vaultwarden (https://github.com/dani-garcia/vaultwarden) with fewer features.
git clone https://git.philomathiclife.com/repos/vw_small
Log | Files | Refs | README

commit 7d9c7017c9f2340ca9886cb47d3a2b544cac89f3
parent d6b9b8bf0c98d32d7ccc363e1f5ad620df0c3d64
Author: Daniel GarcĂ­a <dani-garcia@users.noreply.github.com>
Date:   Mon, 16 Mar 2020 18:17:17 +0100

Merge pull request #911 from BlackDex/upgrade-rocket

Upgrade rocket
Diffstat:
MCargo.lock | 816+++++++++++++++++++++++--------------------------------------------------------
MCargo.toml | 14+++++++-------
Msrc/api/admin.rs | 2+-
Msrc/auth.rs | 6+++---
Msrc/crypto.rs | 4++--
Msrc/db/mod.rs | 3++-
6 files changed, 246 insertions(+), 599 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock @@ -1,12 +1,6 @@ # This file is automatically @generated by Cargo. # It is not intended for manual editing. [[package]] -name = "adler32" -version = "1.0.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5d2e7343e7fc9de883d1b0341e0b13970f764c14101234857d2ddafa1cb1cac2" - -[[package]] name = "aho-corasick" version = "0.7.10" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -76,15 +70,21 @@ dependencies = [ [[package]] name = "backtrace-sys" -version = "0.1.33" +version = "0.1.34" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e17b52e737c40a7d75abca20b29a19a0eb7ba9fc72c5a72dd282a0a3c2c0dc35" +checksum = "ca797db0057bae1a7aa2eef3283a874695455cecf08a43bfb8507ee0ebc1ed69" dependencies = [ "cc", "libc", ] [[package]] +name = "base-x" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1b20b618342cf9891c292c4f5ac2cde7287cc5c87e87e9c769d617793607dec1" + +[[package]] name = "base64" version = "0.9.3" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -110,6 +110,12 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b41b7ea54a0c9d92199de89e20e58d49f02f8e699814ef3fdf266f6f748d15c7" [[package]] +name = "binascii" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "383d29d513d8764dcdc42ea295d979eb99c3c9f00607b3692cf68a431f7dca72" + +[[package]] name = "bitflags" version = "1.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -145,7 +151,7 @@ dependencies = [ "percent-encoding 2.1.0", "quoted_printable", "regex", - "reqwest 0.10.4", + "reqwest", "ring", "rmpv", "rocket", @@ -156,8 +162,9 @@ dependencies = [ "soup", "structopt", "syslog", + "time 0.2.9", "u2f", - "uuid 0.8.1", + "uuid", "ws", "yubico", ] @@ -230,7 +237,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "206fdffcfa2df7cbe15601ef46c813fce0965eb3286db6b56c583b814b51c81c" dependencies = [ "byteorder", - "either", "iovec", ] @@ -241,15 +247,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "130aac562c0dd69c56b3b1cc8ffd2e17be31d0b6c25b61c96b76231aa23e39e1" [[package]] -name = "c2-chacha" -version = "0.2.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "214238caa1bf3a496ec3392968969cab8549f96ff30652c9e56885329315f6bb" -dependencies = [ - "ppv-lite86", -] - -[[package]] name = "cc" version = "1.0.50" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -314,30 +311,12 @@ checksum = "245097e9a4535ee1e3e3931fcfcd55a796a44c643e8596ff6566d68f09b87bbc" [[package]] name = "cookie" -version = "0.12.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "888604f00b3db336d2af898ec3c1d5d0ddf5e6d462220f2ededc33a87ac4bbd5" -dependencies = [ - "time 0.1.42", - "url 1.7.2", -] - -[[package]] -name = "cookie_store" -version = "0.7.0" +version = "0.13.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "46750b3f362965f197996c4448e4a0935e791bf7d6631bfce9ee0af3d24c919c" +checksum = "0c60ef6d0bbf56ad2674249b6bb74f2c6aeb98b98dd57b5d3e37cace33011d69" dependencies = [ - "cookie", - "failure", - "idna 0.1.5", - "log 0.4.8", - "publicsuffix", - "serde", - "serde_json", - "time 0.1.42", - "try_from", - "url 1.7.2", + "percent-encoding 2.1.0", + "time 0.2.9", ] [[package]] @@ -357,62 +336,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b3a71ab494c0b5b860bdc8407ae08978052417070c2ced38573a9157ad75b8ac" [[package]] -name = "crc32fast" -version = "1.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ba125de2af0df55319f41944744ad91c71113bf74a4646efff39afe1f6842db1" -dependencies = [ - "cfg-if", -] - -[[package]] -name = "crossbeam-deque" -version = "0.7.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9f02af974daeee82218205558e51ec8768b48cf524bd01d550abe5573a608285" -dependencies = [ - "crossbeam-epoch", - "crossbeam-utils", - "maybe-uninit", -] - -[[package]] -name = "crossbeam-epoch" -version = "0.8.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "058ed274caafc1f60c4997b5fc07bf7dc7cca454af7c6e81edffe5f33f70dace" -dependencies = [ - "autocfg 1.0.0", - "cfg-if", - "crossbeam-utils", - "lazy_static", - "maybe-uninit", - "memoffset", - "scopeguard", -] - -[[package]] -name = "crossbeam-queue" -version = "0.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c695eeca1e7173472a32221542ae469b3e9aac3a4fc81f7696bcad82029493db" -dependencies = [ - "cfg-if", - "crossbeam-utils", -] - -[[package]] -name = "crossbeam-utils" -version = "0.7.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c3c7c73a2d1e9fc0886a08b93e98eb643461230d5f1925e4036204d5f2e261a8" -dependencies = [ - "autocfg 1.0.0", - "cfg-if", - "lazy_static", -] - -[[package]] name = "crypto-mac" version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -553,6 +476,12 @@ dependencies = [ ] [[package]] +name = "discard" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "212d0f5754cb6769937f4501cc0e67f4f4483c8d2c3e1e922ee9edbe4ab4c7c0" + +[[package]] name = "dotenv" version = "0.15.0" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -565,12 +494,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4358a9e11b9a09cf52383b451b49a169e8d797b68aa02301ff586d70d9661ea3" [[package]] -name = "either" -version = "1.5.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bb1f6b1ce1c140482ea30ddd3335fc0024ac7ee112895426e0a629a6c20adfe3" - -[[package]] name = "email" version = "0.0.20" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -668,37 +591,6 @@ dependencies = [ ] [[package]] -name = "error-chain" -version = "0.12.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d371106cc88ffdfb1eabd7111e432da544f16f3e2d7bf1dfe8bf575f1df045cd" -dependencies = [ - "version_check 0.9.1", -] - -[[package]] -name = "failure" -version = "0.1.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b8529c2421efa3066a5cbd8063d2244603824daccb6936b079010bb2aa89464b" -dependencies = [ - "backtrace", - "failure_derive", -] - -[[package]] -name = "failure_derive" -version = "0.1.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "030a733c8287d6213886dd487564ff5c8f6aae10278b3588ed177f9d18f8d231" -dependencies = [ - "proc-macro2 1.0.9", - "quote 1.0.3", - "syn 1.0.16", - "synstructure", -] - -[[package]] name = "fake-simd" version = "0.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -736,18 +628,6 @@ dependencies = [ ] [[package]] -name = "flate2" -version = "1.0.13" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6bd6d6f4752952feb71363cffc9ebac9411b75b87c6ab6058c40c8900cf43c0f" -dependencies = [ - "cfg-if", - "crc32fast", - "libc", - "miniz_oxide", -] - -[[package]] name = "fnv" version = "1.0.6" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -821,9 +701,18 @@ dependencies = [ [[package]] name = "futures" -version = "0.1.29" +version = "0.3.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1b980f2816d6ee8673b6517b52cb0e808a180efc92e5c19d02cdda79066703ef" +checksum = "5c329ae8753502fb44ae4fc2b622fa2a94652c41e795143765ba0927f92ab780" +dependencies = [ + "futures-channel", + "futures-core", + "futures-executor", + "futures-io", + "futures-sink", + "futures-task", + "futures-util", +] [[package]] name = "futures-channel" @@ -832,6 +721,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f0c77d04ce8edd9cb903932b608268b3fffec4163dc053b3b402bf47eac1f1a8" dependencies = [ "futures-core", + "futures-sink", ] [[package]] @@ -841,13 +731,14 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f25592f769825e89b92358db00d26f965761e094951ac44d3663ef25b7ac464a" [[package]] -name = "futures-cpupool" -version = "0.1.8" +name = "futures-executor" +version = "0.3.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ab90cde24b3319636588d0c35fe03b1333857621051837ed769faefb4c2162e4" +checksum = "f674f3e1bcb15b37284a90cedf55afdba482ab061c407a9c0ebbd0f3109741ba" dependencies = [ - "futures", - "num_cpus", + "futures-core", + "futures-task", + "futures-util", ] [[package]] @@ -857,6 +748,18 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a638959aa96152c7a4cddf50fcb1e3fede0583b27157c26e67d6f99904090dc6" [[package]] +name = "futures-macro" +version = "0.3.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9a5081aa3de1f7542a794a397cde100ed903b0630152d0973479018fd85423a7" +dependencies = [ + "proc-macro-hack", + "proc-macro2 1.0.9", + "quote 1.0.3", + "syn 1.0.16", +] + +[[package]] name = "futures-sink" version = "0.3.4" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -874,11 +777,16 @@ version = "0.3.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "22766cf25d64306bedf0384da004d05c9974ab104fcc4528f1236181c18004c5" dependencies = [ + "futures-channel", "futures-core", "futures-io", + "futures-macro", + "futures-sink", "futures-task", "memchr", "pin-utils", + "proc-macro-hack", + "proc-macro-nested", "slab", ] @@ -913,22 +821,10 @@ dependencies = [ ] [[package]] -name = "h2" -version = "0.1.26" +name = "glob" +version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a5b34c246847f938a410a03c5458c7fee2274436675e76d8b903c08efc29c462" -dependencies = [ - "byteorder", - "bytes 0.4.12", - "fnv", - "futures", - "http 0.1.21", - "indexmap", - "log 0.4.8", - "slab", - "string", - "tokio-io", -] +checksum = "9b919933a397b79c37e33b77bb2aa3dc8eb6e165ad809e58ff75bc7db2e34574" [[package]] name = "h2" @@ -941,11 +837,11 @@ dependencies = [ "futures-core", "futures-sink", "futures-util", - "http 0.2.0", + "http", "indexmap", "log 0.4.8", "slab", - "tokio 0.2.13", + "tokio", "tokio-util", ] @@ -1030,17 +926,6 @@ dependencies = [ [[package]] name = "http" -version = "0.1.21" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d6ccf5ede3a895d8856620237b2f02972c1bbc78d2965ad7fe8838d4a0ed41f0" -dependencies = [ - "bytes 0.4.12", - "fnv", - "itoa", -] - -[[package]] -name = "http" version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b708cc7f06493459026f53b9a61a7a121a5d1ec6238dee58ea4941132b30156b" @@ -1052,24 +937,12 @@ dependencies = [ [[package]] name = "http-body" -version = "0.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6741c859c1b2463a423a1dbce98d418e6c3c3fc720fb0d45528657320920292d" -dependencies = [ - "bytes 0.4.12", - "futures", - "http 0.1.21", - "tokio-buf", -] - -[[package]] -name = "http-body" version = "0.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "13d5ff830006f7646652e057693569bfe0d51760c0085a071769d142a205111b" dependencies = [ "bytes 0.5.4", - "http 0.2.0", + "http", ] [[package]] @@ -1099,36 +972,6 @@ dependencies = [ [[package]] name = "hyper" -version = "0.12.35" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9dbe6ed1438e1f8ad955a4701e9a944938e9519f6888d12d8558b645e247d5f6" -dependencies = [ - "bytes 0.4.12", - "futures", - "futures-cpupool", - "h2 0.1.26", - "http 0.1.21", - "http-body 0.1.0", - "httparse", - "iovec", - "itoa", - "log 0.4.8", - "net2", - "rustc_version", - "time 0.1.42", - "tokio 0.1.22", - "tokio-buf", - "tokio-executor", - "tokio-io", - "tokio-reactor", - "tokio-tcp", - "tokio-threadpool", - "tokio-timer", - "want 0.2.0", -] - -[[package]] -name = "hyper" version = "0.13.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e7b15203263d1faa615f9337d79c1d37959439dc46c2b4faab33286fadc2a1c5" @@ -1137,25 +980,25 @@ dependencies = [ "futures-channel", "futures-core", "futures-util", - "h2 0.2.2", - "http 0.2.0", - "http-body 0.3.1", + "h2", + "http", + "http-body", "httparse", "itoa", "log 0.4.8", "net2", "pin-project", "time 0.1.42", - "tokio 0.2.13", + "tokio", "tower-service", - "want 0.3.0", + "want", ] [[package]] name = "hyper-sync-rustls" -version = "0.3.0-rc.5" +version = "0.3.0-rc.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "856f774cc07081d4557c328d50a74fda6c6e1da3367971d22c2ad4160fc40336" +checksum = "53be239c980459955c0f0af3f13190ead511d7d4bdaeab8127c011b94d8558de" dependencies = [ "hyper 0.10.16", "rustls", @@ -1165,19 +1008,6 @@ dependencies = [ [[package]] name = "hyper-tls" -version = "0.3.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3a800d6aa50af4b5850b2b0f659625ce9504df908e9733b635720483be26174f" -dependencies = [ - "bytes 0.4.12", - "futures", - "hyper 0.12.35", - "native-tls", - "tokio-io", -] - -[[package]] -name = "hyper-tls" version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3adcd308402b9553630734e9c36b77a7e48b3821251ca2493e8cd596763aafaa" @@ -1185,7 +1015,7 @@ dependencies = [ "bytes 0.5.4", "hyper 0.13.3", "native-tls", - "tokio 0.2.13", + "tokio", "tokio-tls", ] @@ -1266,17 +1096,16 @@ dependencies = [ [[package]] name = "jsonwebtoken" -version = "6.0.1" +version = "7.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a81d1812d731546d2614737bee92aa071d37e9afa1409bc374da9e5e70e70b22" +checksum = "d11f9e80a85927748a334df8e4f6782a04033517bb28f3863a563daad882da7f" dependencies = [ - "base64 0.10.1", - "chrono", + "base64 0.11.0", + "pem", "ring", "serde", - "serde_derive", "serde_json", - "untrusted", + "simple_asn1", ] [[package]] @@ -1323,8 +1152,8 @@ dependencies = [ "nom", "serde", "serde_json", - "time 0.2.7", - "uuid 0.8.1", + "time 0.2.9", + "uuid", ] [[package]] @@ -1437,15 +1266,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3728d817d99e5ac407411fa471ff9800a778d88a24685968b36824eaf4bee400" [[package]] -name = "memoffset" -version = "0.5.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "75189eb85871ea5c2e2c15abbdd541185f63b408415e5051f5cac122d8c774b9" -dependencies = [ - "rustc_version", -] - -[[package]] name = "migrations_internals" version = "1.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -1504,15 +1324,6 @@ dependencies = [ ] [[package]] -name = "miniz_oxide" -version = "0.3.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "aa679ff6578b1cddee93d7e82e263b94a575e0bfced07284eb0c037c1d2416a5" -dependencies = [ - "adler32", -] - -[[package]] name = "mio" version = "0.6.21" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -1654,6 +1465,17 @@ dependencies = [ ] [[package]] +name = "num-bigint" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "090c7f9998ee0ff65aa5b723e4009f7b217707f1fb5ea551329cc4d6231fb304" +dependencies = [ + "autocfg 1.0.0", + "num-integer", + "num-traits", +] + +[[package]] name = "num-derive" version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -1772,17 +1594,6 @@ dependencies = [ [[package]] name = "parking_lot" -version = "0.9.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f842b1982eb6c2fe34036a4fbfb06dd185a3f5c8edfaacdf7d1ea10b07de6252" -dependencies = [ - "lock_api", - "parking_lot_core 0.6.2", - "rustc_version", -] - -[[package]] -name = "parking_lot" version = "0.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "92e98c49ab0b7ce5b222f2cc9193fc4efe11c6d0bd4f648e374684a6857b1cfc" @@ -1805,21 +1616,6 @@ dependencies = [ [[package]] name = "parking_lot_core" -version = "0.6.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b876b1b9e7ac6e1a74a6da34d25c42e17e8862aa409cbbbdcfc8d86c6f3bc62b" -dependencies = [ - "cfg-if", - "cloudabi", - "libc", - "redox_syscall", - "rustc_version", - "smallvec 0.6.13", - "winapi 0.3.8", -] - -[[package]] -name = "parking_lot_core" version = "0.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7582838484df45743c8434fbff785e8edf260c28748353d44bc0da32e0ceabf1" @@ -1855,6 +1651,17 @@ dependencies = [ ] [[package]] +name = "pem" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a1581760c757a756a41f0ee3ff01256227bdf64cb752839779b95ffb01c59793" +dependencies = [ + "base64 0.11.0", + "lazy_static", + "regex", +] + +[[package]] name = "percent-encoding" version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -1887,9 +1694,9 @@ dependencies = [ [[package]] name = "pest_generator" -version = "2.1.2" +version = "2.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "27e5277315f6b4f27e0e6744feb5d5ba1891e7164871033d3c8344c6783b349a" +checksum = "99b8db626e31e5b81787b9783425769681b347011cc59471e33ea46d2ea0cf55" dependencies = [ "pest", "pest_meta", @@ -2045,6 +1852,12 @@ dependencies = [ ] [[package]] +name = "proc-macro-nested" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "369a6ed065f249a159e06c45752c780bda2fb53c995718f9e484d08daa9eb42e" + +[[package]] name = "proc-macro2" version = "0.4.30" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -2063,19 +1876,6 @@ dependencies = [ ] [[package]] -name = "publicsuffix" -version = "1.5.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3bbaa49075179162b49acac1c6aa45fb4dafb5f13cf6794276d77bc7fd95757b" -dependencies = [ - "error-chain 0.12.2", - "idna 0.2.0", - "lazy_static", - "regex", - "url 2.1.1", -] - -[[package]] name = "quick-error" version = "1.2.3" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -2156,7 +1956,7 @@ checksum = "6a6b1679d49b24bbfe0c803429aa1874472f50d9b363131f0e89fc356b544d03" dependencies = [ "getrandom", "libc", - "rand_chacha 0.2.1", + "rand_chacha 0.2.2", "rand_core 0.5.1", "rand_hc 0.2.0", ] @@ -2173,11 +1973,11 @@ dependencies = [ [[package]] name = "rand_chacha" -version = "0.2.1" +version = "0.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "03a2a90da8c7523f554344f921aa97283eadf6ac484a6d2a7d0212fa7f8d6853" +checksum = "f4c8ed856279c9737206bf725bf36935d8666ead7aa69b52be55af369d193402" dependencies = [ - "c2-chacha", + "ppv-lite86", "rand_core 0.5.1", ] @@ -2293,9 +2093,9 @@ checksum = "2439c63f3f6139d1b57529d16bc3b8bb855230c8efcc5d3a896c8bea7c3b1e84" [[package]] name = "regex" -version = "1.3.4" +version = "1.3.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "322cf97724bea3ee221b78fe25ac9c46114ebb51747ad5babd51a2fc6a8235a8" +checksum = "8900ebc1363efa7ea1c399ccc32daed870b4002651e0bed86e72d501ebbe0048" dependencies = [ "aho-corasick", "memchr", @@ -2305,9 +2105,9 @@ dependencies = [ [[package]] name = "regex-syntax" -version = "0.6.16" +version = "0.6.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1132f845907680735a84409c3bebc64d1364a5683ffbce899550cd09d5eaefc1" +checksum = "7fe5bd57d1d7414c6b5ed48563a2c855d995ff777729dcd91c369ec7fea395ae" [[package]] name = "remove_dir_all" @@ -2320,40 +2120,6 @@ dependencies = [ [[package]] name = "reqwest" -version = "0.9.24" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f88643aea3c1343c804950d7bf983bd2067f5ab59db6d613a08e05572f2714ab" -dependencies = [ - "base64 0.10.1", - "bytes 0.4.12", - "cookie", - "cookie_store", - "encoding_rs", - "flate2", - "futures", - "http 0.1.21", - "hyper 0.12.35", - "hyper-tls 0.3.2", - "log 0.4.8", - "mime 0.3.16", - "mime_guess 2.0.3", - "native-tls", - "serde", - "serde_json", - "serde_urlencoded 0.5.5", - "time 0.1.42", - "tokio 0.1.22", - "tokio-executor", - "tokio-io", - "tokio-threadpool", - "tokio-timer", - "url 1.7.2", - "uuid 0.7.4", - "winreg", -] - -[[package]] -name = "reqwest" version = "0.10.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "02b81e49ddec5109a9dcfc5f2a317ff53377c915e9ae9d4f2fb50914b85614e2" @@ -2363,10 +2129,10 @@ dependencies = [ "encoding_rs", "futures-core", "futures-util", - "http 0.2.0", - "http-body 0.3.1", + "http", + "http-body", "hyper 0.13.3", - "hyper-tls 0.4.1", + "hyper-tls", "js-sys", "lazy_static", "log 0.4.8", @@ -2377,9 +2143,9 @@ dependencies = [ "pin-project-lite", "serde", "serde_json", - "serde_urlencoded 0.6.1", + "serde_urlencoded", "time 0.1.42", - "tokio 0.2.13", + "tokio", "tokio-tls", "url 2.1.1", "wasm-bindgen", @@ -2390,15 +2156,16 @@ dependencies = [ [[package]] name = "ring" -version = "0.14.6" +version = "0.16.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "426bc186e3e95cac1e4a4be125a4aca7e84c2d616ffc02244eef36e2a60a093c" +checksum = "741ba1704ae21999c00942f9f5944f801e977f54302af346b596287599ad1862" dependencies = [ "cc", "lazy_static", "libc", "spin", "untrusted", + "web-sys", "winapi 0.3.8", ] @@ -2425,10 +2192,10 @@ dependencies = [ [[package]] name = "rocket" version = "0.5.0-dev" -source = "git+https://github.com/SergioBenitez/Rocket?rev=b95b6765e1cc8be7c1e7eaef8a9d9ad940b0ac13#b95b6765e1cc8be7c1e7eaef8a9d9ad940b0ac13" +source = "git+https://github.com/SergioBenitez/Rocket?rev=dfc9e9aab01d349da32c52db393e35b7fffea63c#dfc9e9aab01d349da32c52db393e35b7fffea63c" dependencies = [ "atty", - "base64 0.10.1", + "binascii", "log 0.4.8", "memchr", "num_cpus", @@ -2436,7 +2203,7 @@ dependencies = [ "rocket_codegen", "rocket_http", "state", - "time 0.1.42", + "time 0.2.9", "toml", "version_check 0.9.1", "yansi 0.5.0", @@ -2445,9 +2212,10 @@ dependencies = [ [[package]] name = "rocket_codegen" version = "0.5.0-dev" -source = "git+https://github.com/SergioBenitez/Rocket?rev=b95b6765e1cc8be7c1e7eaef8a9d9ad940b0ac13#b95b6765e1cc8be7c1e7eaef8a9d9ad940b0ac13" +source = "git+https://github.com/SergioBenitez/Rocket?rev=dfc9e9aab01d349da32c52db393e35b7fffea63c#dfc9e9aab01d349da32c52db393e35b7fffea63c" dependencies = [ "devise", + "glob", "indexmap", "quote 1.0.3", "rocket_http", @@ -2458,7 +2226,7 @@ dependencies = [ [[package]] name = "rocket_contrib" version = "0.5.0-dev" -source = "git+https://github.com/SergioBenitez/Rocket?rev=b95b6765e1cc8be7c1e7eaef8a9d9ad940b0ac13#b95b6765e1cc8be7c1e7eaef8a9d9ad940b0ac13" +source = "git+https://github.com/SergioBenitez/Rocket?rev=dfc9e9aab01d349da32c52db393e35b7fffea63c#dfc9e9aab01d349da32c52db393e35b7fffea63c" dependencies = [ "log 0.4.8", "notify", @@ -2470,7 +2238,7 @@ dependencies = [ [[package]] name = "rocket_http" version = "0.5.0-dev" -source = "git+https://github.com/SergioBenitez/Rocket?rev=b95b6765e1cc8be7c1e7eaef8a9d9ad940b0ac13#b95b6765e1cc8be7c1e7eaef8a9d9ad940b0ac13" +source = "git+https://github.com/SergioBenitez/Rocket?rev=dfc9e9aab01d349da32c52db393e35b7fffea63c#dfc9e9aab01d349da32c52db393e35b7fffea63c" dependencies = [ "cookie", "hyper 0.10.16", @@ -2479,10 +2247,10 @@ dependencies = [ "pear", "percent-encoding 1.0.1", "rustls", - "smallvec 0.6.13", + "smallvec 1.2.0", "state", - "time 0.1.42", - "unicode-xid 0.1.0", + "time 0.2.9", + "unicode-xid 0.2.0", ] [[package]] @@ -2508,15 +2276,14 @@ dependencies = [ [[package]] name = "rustls" -version = "0.15.2" +version = "0.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f271e3552cd835fa28c541c34a7e8fdd8cdff09d77fe4eb8f6c42e87a11b096e" +checksum = "b25a18b1bf7387f0145e7f8324e700805aade3842dd3db2e74e4cdeb4677c09e" dependencies = [ "base64 0.10.1", "log 0.4.8", "ring", "sct", - "untrusted", "webpki", ] @@ -2533,9 +2300,9 @@ dependencies = [ [[package]] name = "ryu" -version = "1.0.2" +version = "1.0.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bfa8506c1de11c9c4e4c38863ccbe02a305c8188e85a05a784c9e11e1c3910c8" +checksum = "535622e6be132bccd223f4bb2b8ac8d53cda3c7a6394944d3b2b33fb974f9d76" [[package]] name = "safemem" @@ -2579,9 +2346,9 @@ checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" [[package]] name = "sct" -version = "0.5.0" +version = "0.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2f5adf8fbd58e1b1b52699dc8bed2630faecb6d8c7bee77d009d6bbe4af569b9" +checksum = "e3042af939fca8c3453b7af0f1c66e533a15a86169e39de2657310ade8f98d3c" dependencies = [ "ring", "untrusted", @@ -2657,18 +2424,6 @@ dependencies = [ [[package]] name = "serde_urlencoded" -version = "0.5.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "642dd69105886af2efd227f75a520ec9b44a820d65bc133a9131f7d229fd165a" -dependencies = [ - "dtoa", - "itoa", - "serde", - "url 1.7.2", -] - -[[package]] -name = "serde_urlencoded" version = "0.6.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9ec5d77e2d4c73717816afac02670d5c4f534ea95ed430442cad02e7a6e32c97" @@ -2705,6 +2460,12 @@ dependencies = [ ] [[package]] +name = "sha1" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2579985fda508104f7587689507983eadd6a6e84dd35d6d115361f530916fa0d" + +[[package]] name = "sha2" version = "0.5.3" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -2718,6 +2479,17 @@ dependencies = [ ] [[package]] +name = "simple_asn1" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2b25ecba7165254f0c97d6c22a64b1122a03634b18d20a34daf21e18f892e618" +dependencies = [ + "chrono", + "num-bigint", + "num-traits", +] + +[[package]] name = "siphasher" version = "0.2.3" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -2767,6 +2539,12 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "dba1a27d3efae4351c8051072d619e3ade2820635c3958d826bfea39d59b54c8" [[package]] +name = "standback" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4edf667ea8f60afc06d6aeec079d20d5800351109addec1faea678a8663da4e1" + +[[package]] name = "state" version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -2779,15 +2557,55 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7f3eb36b47e512f8f1c9e3d10c2c1965bc992bd9cdb024fa581e2194501c83d3" [[package]] -name = "string" -version = "0.2.1" +name = "stdweb" +version = "0.4.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d24114bfcceb867ca7f71a0d3fe45d45619ec47a6fbfa98cb14e14250bfa5d6d" +checksum = "d022496b16281348b52d0e30ae99e01a73d737b2f45d38fed4edf79f9325a1d5" dependencies = [ - "bytes 0.4.12", + "discard", + "rustc_version", + "stdweb-derive", + "stdweb-internal-macros", + "stdweb-internal-runtime", + "wasm-bindgen", +] + +[[package]] +name = "stdweb-derive" +version = "0.5.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c87a60a40fccc84bef0652345bbbbbe20a605bf5d0ce81719fc476f5c03b50ef" +dependencies = [ + "proc-macro2 1.0.9", + "quote 1.0.3", + "serde", + "serde_derive", + "syn 1.0.16", ] [[package]] +name = "stdweb-internal-macros" +version = "0.2.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "58fa5ff6ad0d98d1ffa8cb115892b6e69d67799f6763e162a1c9db421dc22e11" +dependencies = [ + "base-x", + "proc-macro2 1.0.9", + "quote 1.0.3", + "serde", + "serde_derive", + "serde_json", + "sha1", + "syn 1.0.16", +] + +[[package]] +name = "stdweb-internal-runtime" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "213701ba3370744dcd1a12960caa4843b3d68b4d1c0a5d575e0d65b2ee9d16c0" + +[[package]] name = "string_cache" version = "0.7.5" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -2897,24 +2715,12 @@ dependencies = [ ] [[package]] -name = "synstructure" -version = "0.12.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "67656ea1dc1b41b1451851562ea232ec2e5a80242139f7e679ceccfb5d61f545" -dependencies = [ - "proc-macro2 1.0.9", - "quote 1.0.3", - "syn 1.0.16", - "unicode-xid 0.2.0", -] - -[[package]] name = "syslog" version = "4.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a0641142b4081d3d44beffa4eefd7346a228cdf91ed70186db2ca2cef762d327" dependencies = [ - "error-chain 0.11.0", + "error-chain", "libc", "log 0.4.8", "time 0.1.42", @@ -2985,12 +2791,15 @@ dependencies = [ [[package]] name = "time" -version = "0.2.7" +version = "0.2.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3043ac959c44dccc548a57417876c8fe241502aed69d880efc91166c02717a93" +checksum = "6329a7835505d46f5f3a9a2c237f8d6bf5ca6f0015decb3698ba57fcdbb609ba" dependencies = [ + "cfg-if", "libc", "rustversion", + "standback", + "stdweb", "time-macros", "winapi 0.3.8", ] @@ -3019,25 +2828,6 @@ dependencies = [ [[package]] name = "tokio" -version = "0.1.22" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5a09c0b5bb588872ab2f09afa13ee6e9dac11e10a0ec9e8e3ba39a5a5d530af6" -dependencies = [ - "bytes 0.4.12", - "futures", - "mio", - "num_cpus", - "tokio-current-thread", - "tokio-executor", - "tokio-io", - "tokio-reactor", - "tokio-tcp", - "tokio-threadpool", - "tokio-timer", -] - -[[package]] -name = "tokio" version = "0.2.13" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0fa5e81d6bc4e67fe889d5783bd2a128ab2e0cfa487e0be16b6a8d177b101616" @@ -3054,127 +2844,13 @@ dependencies = [ ] [[package]] -name = "tokio-buf" -version = "0.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8fb220f46c53859a4b7ec083e41dec9778ff0b1851c0942b211edb89e0ccdc46" -dependencies = [ - "bytes 0.4.12", - "either", - "futures", -] - -[[package]] -name = "tokio-current-thread" -version = "0.1.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b1de0e32a83f131e002238d7ccde18211c0a5397f60cbfffcb112868c2e0e20e" -dependencies = [ - "futures", - "tokio-executor", -] - -[[package]] -name = "tokio-executor" -version = "0.1.10" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fb2d1b8f4548dbf5e1f7818512e9c406860678f29c300cdf0ebac72d1a3a1671" -dependencies = [ - "crossbeam-utils", - "futures", -] - -[[package]] -name = "tokio-io" -version = "0.1.13" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "57fc868aae093479e3131e3d165c93b1c7474109d13c90ec0dda2a1bbfff0674" -dependencies = [ - "bytes 0.4.12", - "futures", - "log 0.4.8", -] - -[[package]] -name = "tokio-reactor" -version = "0.1.12" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "09bc590ec4ba8ba87652da2068d150dcada2cfa2e07faae270a5e0409aa51351" -dependencies = [ - "crossbeam-utils", - "futures", - "lazy_static", - "log 0.4.8", - "mio", - "num_cpus", - "parking_lot 0.9.0", - "slab", - "tokio-executor", - "tokio-io", - "tokio-sync", -] - -[[package]] -name = "tokio-sync" -version = "0.1.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "edfe50152bc8164fcc456dab7891fa9bf8beaf01c5ee7e1dd43a397c3cf87dee" -dependencies = [ - "fnv", - "futures", -] - -[[package]] -name = "tokio-tcp" -version = "0.1.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "98df18ed66e3b72e742f185882a9e201892407957e45fbff8da17ae7a7c51f72" -dependencies = [ - "bytes 0.4.12", - "futures", - "iovec", - "mio", - "tokio-io", - "tokio-reactor", -] - -[[package]] -name = "tokio-threadpool" -version = "0.1.18" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "df720b6581784c118f0eb4310796b12b1d242a7eb95f716a8367855325c25f89" -dependencies = [ - "crossbeam-deque", - "crossbeam-queue", - "crossbeam-utils", - "futures", - "lazy_static", - "log 0.4.8", - "num_cpus", - "slab", - "tokio-executor", -] - -[[package]] -name = "tokio-timer" -version = "0.2.13" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "93044f2d313c95ff1cb7809ce9a7a05735b012288a888b62d4434fd58c94f296" -dependencies = [ - "crossbeam-utils", - "futures", - "slab", - "tokio-executor", -] - -[[package]] name = "tokio-tls" version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7bde02a3a5291395f59b06ec6945a3077602fac2b07eeeaf0dee2122f3619828" dependencies = [ "native-tls", - "tokio 0.2.13", + "tokio", ] [[package]] @@ -3188,7 +2864,7 @@ dependencies = [ "futures-sink", "log 0.4.8", "pin-project-lite", - "tokio 0.2.13", + "tokio", ] [[package]] @@ -3219,15 +2895,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e604eb7b43c06650e854be16a2a03155743d3752dd1c943f6829e26b7a36e382" [[package]] -name = "try_from" -version = "0.3.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "283d3b89e1368717881a9d51dad843cc435380d8109c9e47d38780a324698d8b" -dependencies = [ - "cfg-if", -] - -[[package]] name = "twoway" version = "0.1.8" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -3267,9 +2934,9 @@ dependencies = [ [[package]] name = "ucd-trie" -version = "0.1.2" +version = "0.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8f00ed7be0c1ff1e24f46c3d2af4859f7e863672ba3a6e92e7cff702bf9f06c2" +checksum = "56dee185309b50d1f11bfedef0fe6d036842e3fb77413abef29f8f8d1c5d4c1c" [[package]] name = "unicase" @@ -3333,9 +3000,9 @@ checksum = "826e7639553986605ec5979c7dd957c7895e93eabed50ab2ffa7f6128a75097c" [[package]] name = "untrusted" -version = "0.6.2" +version = "0.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "55cd1f4b4e96b46aeb8d4855db4a7a9bd96eeeb5c6a1ab54593328761642ce2f" +checksum = "60369ef7a31de49bcb3f6ca728d4ba7300d9a1658f94c727d4cab8c8d9f4aece" [[package]] name = "url" @@ -3367,15 +3034,6 @@ checksum = "05e42f7c18b8f902290b009cde6d651262f956c98bc51bca4cd1d511c9cd85c7" [[package]] name = "uuid" -version = "0.7.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "90dbc611eb48397705a6b0f6e917da23ae517e4d127123d2cf7674206627d32a" -dependencies = [ - "rand 0.6.5", -] - -[[package]] -name = "uuid" version = "0.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9fde2f6a4bea1d6e007c4ad38c6839fa71cbb63b6dbf5b595aa38dc9b1093c11" @@ -3420,17 +3078,6 @@ dependencies = [ [[package]] name = "want" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b6395efa4784b027708f7451087e647ec73cc74f5d9bc2e418404248d679a230" -dependencies = [ - "futures", - "log 0.4.8", - "try-lock", -] - -[[package]] -name = "want" version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1ce8a968cb1cd110d136ff8b819a556d6fb6d919363c61534f6860c7eb172ba0" @@ -3525,9 +3172,9 @@ dependencies = [ [[package]] name = "webpki" -version = "0.19.1" +version = "0.21.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4f7e1cd7900a3a6b65a3e8780c51a3e6b59c0e2c55c6dc69578c288d69f7d082" +checksum = "f1f50e1972865d6b1adb54167d1c8ed48606004c2c9d0ea5f1eeb34d95e863ef" dependencies = [ "ring", "untrusted", @@ -3535,11 +3182,10 @@ dependencies = [ [[package]] name = "webpki-roots" -version = "0.16.0" +version = "0.18.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c10fa4212003ba19a564f25cd8ab572c6791f99a03cc219c13ed35ccab00de0e" +checksum = "91cd5736df7f12a964a5067a12c62fa38e1bd8080aff1f80bc29be7c80d19ab4" dependencies = [ - "untrusted", "webpki", ] @@ -3637,16 +3283,16 @@ checksum = "9fc79f4a1e39857fc00c3f662cbf2651c771f00e9c15fe2abc341806bd46bd71" [[package]] name = "yubico" -version = "0.7.1" +version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7eb02a0c4ce0c4e0c90719a59c405bf8f83e11d860e942c4593318863e9e5aa8" +checksum = "885c02fa029c304d374a6bbfb9c9ce0972ff6e2f2fc7ecdcab857d06eac18ba7" dependencies = [ "base64 0.10.1", "crypto-mac 0.7.0", "futures", "hmac 0.7.1", "rand 0.6.5", - "reqwest 0.9.24", + "reqwest", "sha-1 0.8.2", "subtle 2.2.2", "threadpool", diff --git a/Cargo.toml b/Cargo.toml @@ -26,7 +26,6 @@ rocket = { version = "0.5.0-dev", features = ["tls"], default-features = false } rocket_contrib = "0.5.0-dev" # HTTP client -# reqwest = "0.9.24" reqwest = { version = "0.10.4", features = ["blocking", "json"] } # multipart/form-data support @@ -58,13 +57,14 @@ diesel_migrations = "1.4.0" libsqlite3-sys = { version = "0.16.0", features = ["bundled"], optional = true } # Crypto library -ring = "0.14.6" +ring = "0.16.11" # UUID generation uuid = { version = "0.8.1", features = ["v4"] } -# Date and time library for Rust +# Date and time librar for Rust chrono = "0.4.11" +time = "0.2.9" # TOTP library oath = "0.10.2" @@ -73,13 +73,13 @@ oath = "0.10.2" data-encoding = "2.2.0" # JWT library -jsonwebtoken = "6.0.1" +jsonwebtoken = "7.1.0" # U2F library u2f = "0.2.0" # Yubico Library -yubico = { version = "0.7.1", features = ["online-tokio"], default-features = false } +yubico = { version = "0.9.0", features = ["online-tokio"], default-features = false } # A `dotenv` implementation for Rust dotenv = { version = "0.15.0", default-features = false } @@ -123,8 +123,8 @@ backtrace = "0.3.45" [patch.crates-io] # Use newest ring -rocket = { git = 'https://github.com/SergioBenitez/Rocket', rev = 'b95b6765e1cc8be7c1e7eaef8a9d9ad940b0ac13' } -rocket_contrib = { git = 'https://github.com/SergioBenitez/Rocket', rev = 'b95b6765e1cc8be7c1e7eaef8a9d9ad940b0ac13' } +rocket = { git = 'https://github.com/SergioBenitez/Rocket', rev = 'dfc9e9aab01d349da32c52db393e35b7fffea63c' } +rocket_contrib = { git = 'https://github.com/SergioBenitez/Rocket', rev = 'dfc9e9aab01d349da32c52db393e35b7fffea63c' } # Use git version for timeout fix #706 lettre = { git = 'https://github.com/lettre/lettre', rev = '245c600c82ee18b766e8729f005ff453a55dce34' } diff --git a/src/api/admin.rs b/src/api/admin.rs @@ -91,7 +91,7 @@ fn post_admin_login(data: Form<LoginForm>, mut cookies: Cookies, ip: ClientIp) - let cookie = Cookie::build(COOKIE_NAME, jwt) .path(admin_path()) - .max_age(chrono::Duration::minutes(20)) + .max_age(time::Duration::minutes(20)) .same_site(SameSite::Strict) .http_only(true) .finish(); diff --git a/src/auth.rs b/src/auth.rs @@ -6,7 +6,7 @@ use chrono::{Duration, Utc}; use once_cell::sync::Lazy; use num_traits::FromPrimitive; -use jsonwebtoken::{self, Algorithm, Header}; +use jsonwebtoken::{self, Algorithm, Header, EncodingKey, DecodingKey}; use serde::de::DeserializeOwned; use serde::ser::Serialize; @@ -32,7 +32,7 @@ static PUBLIC_RSA_KEY: Lazy<Vec<u8>> = Lazy::new(|| match read_file(&CONFIG.publ }); pub fn encode_jwt<T: Serialize>(claims: &T) -> String { - match jsonwebtoken::encode(&JWT_HEADER, claims, &PRIVATE_RSA_KEY) { + match jsonwebtoken::encode(&JWT_HEADER, claims, &EncodingKey::from_rsa_der(&PRIVATE_RSA_KEY)) { Ok(token) => token, Err(e) => panic!("Error encoding jwt {}", e), } @@ -51,7 +51,7 @@ fn decode_jwt<T: DeserializeOwned>(token: &str, issuer: String) -> Result<T, Err let token = token.replace(char::is_whitespace, ""); - jsonwebtoken::decode(&token, &PUBLIC_RSA_KEY, &validation) + jsonwebtoken::decode(&token, &DecodingKey::from_rsa_der(&PUBLIC_RSA_KEY), &validation) .map(|d| d.claims) .map_res("Error decoding JWT") } diff --git a/src/crypto.rs b/src/crypto.rs @@ -6,7 +6,7 @@ use crate::error::Error; use ring::{digest, hmac, pbkdf2}; use std::num::NonZeroU32; -static DIGEST_ALG: &digest::Algorithm = &digest::SHA256; +static DIGEST_ALG: pbkdf2::Algorithm = pbkdf2::PBKDF2_HMAC_SHA256; const OUTPUT_LEN: usize = digest::SHA256_OUTPUT_LEN; pub fn hash_password(secret: &[u8], salt: &[u8], iterations: u32) -> Vec<u8> { @@ -29,7 +29,7 @@ pub fn verify_password_hash(secret: &[u8], salt: &[u8], previous: &[u8], iterati pub fn hmac_sign(key: &str, data: &str) -> String { use data_encoding::HEXLOWER; - let key = hmac::SigningKey::new(&digest::SHA1, key.as_bytes()); + let key = hmac::Key::new(hmac::HMAC_SHA1_FOR_LEGACY_USE_ONLY, key.as_bytes()); let signature = hmac::sign(&key, data.as_bytes()); HEXLOWER.encode(signature.as_ref()) diff --git a/src/db/mod.rs b/src/db/mod.rs @@ -76,7 +76,8 @@ impl<'a, 'r> FromRequest<'a, 'r> for DbConn { type Error = (); fn from_request(request: &'a Request<'r>) -> request::Outcome<DbConn, ()> { - let pool = request.guard::<State<Pool>>()?; + // https://github.com/SergioBenitez/Rocket/commit/e3c1a4ad3ab9b840482ec6de4200d30df43e357c + let pool = try_outcome!(request.guard::<State<Pool>>()); match pool.get() { Ok(conn) => Outcome::Success(DbConn(conn)), Err(_) => Outcome::Failure((Status::ServiceUnavailable, ())),