vw_small

Hardened fork of Vaultwarden (https://github.com/dani-garcia/vaultwarden) with fewer features.
git clone https://git.philomathiclife.com/repos/vw_small
Log | Files | Refs | README

commit 94810c106a96adab678434a93c9defe125fc8809
parent 2fde4e693363266a93d450f26ad0b5cc9cebb53a
Author: Daniel García <dani-garcia@users.noreply.github.com>
Date:   Fri,  7 Dec 2018 02:05:45 +0100

Migrate to rust 2018 edition

Diffstat:
MCargo.toml | 1+
Msrc/api/core/accounts.rs | 12++++++------
Msrc/api/core/ciphers.rs | 12++++++------
Msrc/api/core/folders.rs | 8++++----
Msrc/api/core/mod.rs | 10+++++-----
Msrc/api/core/organizations.rs | 10+++++-----
Msrc/api/core/two_factor.rs | 12++++++------
Msrc/api/icons.rs | 2+-
Msrc/api/identity.rs | 16++++++++--------
Msrc/api/mod.rs | 2+-
Msrc/api/notifications.rs | 14+++++++-------
Msrc/api/web.rs | 4++--
Msrc/auth.rs | 20++++++++++----------
Msrc/db/mod.rs | 2+-
Msrc/db/models/attachment.rs | 10+++++-----
Msrc/db/models/cipher.rs | 6+++---
Msrc/db/models/collection.rs | 4++--
Msrc/db/models/device.rs | 10+++++-----
Msrc/db/models/folder.rs | 6+++---
Msrc/db/models/organization.rs | 4++--
Msrc/db/models/two_factor.rs | 4++--
Msrc/db/models/user.rs | 8++++----
Msrc/mail.rs | 2+-
Msrc/main.rs | 58+++++++++++++---------------------------------------------
Msrc/util.rs | 4++--
25 files changed, 105 insertions(+), 136 deletions(-)

diff --git a/Cargo.toml b/Cargo.toml @@ -2,6 +2,7 @@ name = "bitwarden_rs" version = "1.0.0" authors = ["Daniel García <dani-garcia@users.noreply.github.com>"] +edition = "2018" [features] enable_syslog = ["syslog", "fern/syslog-4"] diff --git a/src/api/core/accounts.rs b/src/api/core/accounts.rs @@ -1,13 +1,13 @@ use rocket_contrib::json::Json; -use db::models::*; -use db::DbConn; +use crate::db::models::*; +use crate::db::DbConn; -use api::{EmptyResult, JsonResult, JsonUpcase, NumberOrString, PasswordData, UpdateType, WebSocketUsers}; -use auth::Headers; -use mail; +use crate::api::{EmptyResult, JsonResult, JsonUpcase, NumberOrString, PasswordData, UpdateType, WebSocketUsers}; +use crate::auth::Headers; +use crate::mail; -use CONFIG; +use crate::CONFIG; use rocket::{Route, State}; diff --git a/src/api/core/ciphers.rs b/src/api/core/ciphers.rs @@ -12,15 +12,15 @@ use multipart::server::{Multipart, SaveResult}; use data_encoding::HEXLOWER; -use db::models::*; -use db::DbConn; +use crate::db::models::*; +use crate::db::DbConn; -use crypto; +use crate::crypto; -use api::{self, EmptyResult, JsonResult, JsonUpcase, PasswordData, UpdateType, WebSocketUsers}; -use auth::Headers; +use crate::api::{self, EmptyResult, JsonResult, JsonUpcase, PasswordData, UpdateType, WebSocketUsers}; +use crate::auth::Headers; -use CONFIG; +use crate::CONFIG; pub fn routes() -> Vec<Route> { routes![ diff --git a/src/api/core/folders.rs b/src/api/core/folders.rs @@ -2,11 +2,11 @@ use rocket::State; use rocket_contrib::json::Json; use serde_json::Value; -use db::DbConn; -use db::models::*; +use crate::db::DbConn; +use crate::db::models::*; -use api::{JsonResult, EmptyResult, JsonUpcase, WebSocketUsers, UpdateType}; -use auth::Headers; +use crate::api::{JsonResult, EmptyResult, JsonUpcase, WebSocketUsers, UpdateType}; +use crate::auth::Headers; use rocket::Route; diff --git a/src/api/core/mod.rs b/src/api/core/mod.rs @@ -34,11 +34,11 @@ use rocket::Route; use rocket_contrib::json::Json; use serde_json::Value; -use db::DbConn; -use db::models::*; +use crate::db::DbConn; +use crate::db::models::*; -use api::{JsonResult, EmptyResult, JsonUpcase}; -use auth::Headers; +use crate::api::{JsonResult, EmptyResult, JsonUpcase}; +use crate::auth::Headers; #[put("/devices/identifier/<uuid>/clear-token")] fn clear_device_token(uuid: String, headers: Headers, conn: DbConn) -> EmptyResult { @@ -72,7 +72,7 @@ fn put_device_token(uuid: String, data: JsonUpcase<Value>, headers: Headers, con // This should save the push token, but we don't have push functionality - use util::format_date; + use crate::util::format_date; Ok(Json(json!({ "Id": device.uuid, diff --git a/src/api/core/organizations.rs b/src/api/core/organizations.rs @@ -3,12 +3,12 @@ use rocket::request::Form; use rocket_contrib::json::Json; use serde_json::Value; -use CONFIG; -use db::DbConn; -use db::models::*; +use crate::CONFIG; +use crate::db::DbConn; +use crate::db::models::*; -use api::{PasswordData, JsonResult, EmptyResult, NumberOrString, JsonUpcase, WebSocketUsers, UpdateType}; -use auth::{Headers, AdminHeaders, OwnerHeaders}; +use crate::api::{PasswordData, JsonResult, EmptyResult, NumberOrString, JsonUpcase, WebSocketUsers, UpdateType}; +use crate::auth::{Headers, AdminHeaders, OwnerHeaders}; use serde::{Deserialize, Deserializer}; diff --git a/src/api/core/two_factor.rs b/src/api/core/two_factor.rs @@ -4,15 +4,15 @@ use serde_json; use serde_json::Value; -use db::{ +use crate::db::{ models::{TwoFactor, TwoFactorType, User}, DbConn, }; -use crypto; +use crate::crypto; -use api::{ApiResult, JsonResult, JsonUpcase, NumberOrString, PasswordData}; -use auth::Headers; +use crate::api::{ApiResult, JsonResult, JsonUpcase, NumberOrString, PasswordData}; +use crate::auth::Headers; use rocket::Route; @@ -74,7 +74,7 @@ struct RecoverTwoFactor { fn recover(data: JsonUpcase<RecoverTwoFactor>, conn: DbConn) -> JsonResult { let data: RecoverTwoFactor = data.into_inner().data; - use db::models::User; + use crate::db::models::User; // Get the user let mut user = match User::find_by_mail(&data.Email, &conn) { @@ -252,7 +252,7 @@ use u2f::messages::{RegisterResponse, SignResponse, U2fSignRequest}; use u2f::protocol::{Challenge, U2f}; use u2f::register::Registration; -use CONFIG; +use crate::CONFIG; const U2F_VERSION: &str = "U2F_V2"; diff --git a/src/api/icons.rs b/src/api/icons.rs @@ -7,7 +7,7 @@ use rocket::http::ContentType; use reqwest; -use CONFIG; +use crate::CONFIG; pub fn routes() -> Vec<Route> { routes![icon] diff --git a/src/api/identity.rs b/src/api/identity.rs @@ -8,14 +8,14 @@ use serde_json::Value; use num_traits::FromPrimitive; -use db::models::*; -use db::DbConn; +use crate::db::models::*; +use crate::db::DbConn; -use util::{self, JsonMap}; +use crate::util::{self, JsonMap}; -use api::{ApiResult, EmptyResult, JsonResult}; +use crate::api::{ApiResult, EmptyResult, JsonResult}; -use CONFIG; +use crate::CONFIG; pub fn routes() -> Vec<Route> { routes![login] @@ -194,13 +194,13 @@ fn twofactor_auth( } Some(TwoFactorType::U2f) => { - use api::core::two_factor; + use crate::api::core::two_factor; two_factor::validate_u2f_login(user_uuid, &twofactor_code, conn)?; } Some(TwoFactorType::YubiKey) => { - use api::core::two_factor; + use crate::api::core::two_factor; two_factor::validate_yubikey_login(user_uuid, twofactor_code, conn)?; } @@ -217,7 +217,7 @@ fn twofactor_auth( } fn _json_err_twofactor(providers: &[i32], user_uuid: &str, conn: &DbConn) -> ApiResult<Value> { - use api::core::two_factor; + use crate::api::core::two_factor; let mut result = json!({ "error" : "invalid_grant", diff --git a/src/api/mod.rs b/src/api/mod.rs @@ -20,7 +20,7 @@ type ApiResult<T> = Result<T, BadRequest<Json<Value>>>; type JsonResult = ApiResult<Json<Value>>; type EmptyResult = ApiResult<()>; -use util; +use crate::util; type JsonUpcase<T> = Json<util::UpCase<T>>; // Common structs representing JSON data received diff --git a/src/api/notifications.rs b/src/api/notifications.rs @@ -2,11 +2,11 @@ use rocket::Route; use rocket_contrib::json::Json; use serde_json::Value as JsonValue; -use api::JsonResult; -use auth::Headers; -use db::DbConn; +use crate::api::JsonResult; +use crate::auth::Headers; +use crate::db::DbConn; -use CONFIG; +use crate::CONFIG; pub fn routes() -> Vec<Route> { routes![negotiate, websockets_err] @@ -19,7 +19,7 @@ fn websockets_err() -> JsonResult { #[post("/hub/negotiate")] fn negotiate(_headers: Headers, _conn: DbConn) -> JsonResult { - use crypto; + use crate::crypto; use data_encoding::BASE64URL; let conn_id = BASE64URL.encode(&crypto::get_random(vec![0u8; 16])); @@ -52,7 +52,7 @@ use chashmap::CHashMap; use chrono::NaiveDateTime; use serde_json::from_str; -use db::models::{Cipher, Folder, User}; +use crate::db::models::{Cipher, Folder, User}; use rmpv::Value; @@ -139,7 +139,7 @@ impl Handler for WSHandler { let _id = &query_split[1][3..]; // Validate the user - use auth; + use crate::auth; let claims = match auth::decode_jwt(access_token) { Ok(claims) => claims, Err(_) => { diff --git a/src/api/web.rs b/src/api/web.rs @@ -9,7 +9,7 @@ use rocket::Route; use rocket_contrib::json::Json; use serde_json::Value; -use CONFIG; +use crate::CONFIG; pub fn routes() -> Vec<Route> { if CONFIG.web_vault_enabled { @@ -74,7 +74,7 @@ fn attachments(uuid: String, file: PathBuf) -> io::Result<NamedFile> { #[get("/alive")] fn alive() -> Json<String> { - use util::format_date; + use crate::util::format_date; use chrono::Utc; Json(format_date(&Utc::now().naive_utc())) diff --git a/src/auth.rs b/src/auth.rs @@ -2,21 +2,21 @@ /// JWT Handling /// -use util::read_file; +use crate::util::read_file; use chrono::Duration; -use jwt; +use jsonwebtoken::{self, Algorithm, Header}; use serde::ser::Serialize; -use CONFIG; +use crate::CONFIG; -const JWT_ALGORITHM: jwt::Algorithm = jwt::Algorithm::RS256; +const JWT_ALGORITHM: Algorithm = Algorithm::RS256; lazy_static! { pub static ref DEFAULT_VALIDITY: Duration = Duration::hours(2); pub static ref JWT_ISSUER: String = CONFIG.domain.clone(); - static ref JWT_HEADER: jwt::Header = jwt::Header::new(JWT_ALGORITHM); + static ref JWT_HEADER: Header = Header::new(JWT_ALGORITHM); static ref PRIVATE_RSA_KEY: Vec<u8> = match read_file(&CONFIG.private_rsa_key) { Ok(key) => key, @@ -30,14 +30,14 @@ lazy_static! { } pub fn encode_jwt<T: Serialize>(claims: &T) -> String { - match jwt::encode(&JWT_HEADER, claims, &PRIVATE_RSA_KEY) { + match jsonwebtoken::encode(&JWT_HEADER, claims, &PRIVATE_RSA_KEY) { Ok(token) => token, Err(e) => panic!("Error encoding jwt {}", e) } } pub fn decode_jwt(token: &str) -> Result<JWTClaims, String> { - let validation = jwt::Validation { + let validation = jsonwebtoken::Validation { leeway: 30, // 30 seconds validate_exp: true, validate_iat: false, // IssuedAt is the same as NotBefore @@ -48,7 +48,7 @@ pub fn decode_jwt(token: &str) -> Result<JWTClaims, String> { algorithms: vec![JWT_ALGORITHM], }; - match jwt::decode(token, &PUBLIC_RSA_KEY, &validation) { + match jsonwebtoken::decode(token, &PUBLIC_RSA_KEY, &validation) { Ok(decoded) => Ok(decoded.claims), Err(msg) => { error!("Error validating jwt - {:#?}", msg); @@ -94,8 +94,8 @@ pub struct JWTClaims { use rocket::Outcome; use rocket::request::{self, Request, FromRequest}; -use db::DbConn; -use db::models::{User, Organization, UserOrganization, UserOrgType, UserOrgStatus, Device}; +use crate::db::DbConn; +use crate::db::models::{User, Organization, UserOrganization, UserOrgType, UserOrgStatus, Device}; pub struct Headers { pub host: String, diff --git a/src/db/mod.rs b/src/db/mod.rs @@ -9,7 +9,7 @@ use rocket::http::Status; use rocket::request::{self, FromRequest}; use rocket::{Outcome, Request, State}; -use CONFIG; +use crate::CONFIG; /// An alias to the database connection used type Connection = SqliteConnection; diff --git a/src/db/models/attachment.rs b/src/db/models/attachment.rs @@ -1,7 +1,7 @@ use serde_json::Value; use super::Cipher; -use CONFIG; +use crate::CONFIG; #[derive(Debug, Identifiable, Queryable, Insertable, Associations)] #[table_name = "attachments"] @@ -32,7 +32,7 @@ impl Attachment { } pub fn to_json(&self, host: &str) -> Value { - use util::get_display_size; + use crate::util::get_display_size; let web_path = format!("{}/attachments/{}/{}", host, self.cipher_uuid, self.id); let display_size = get_display_size(self.file_size); @@ -51,8 +51,8 @@ impl Attachment { use diesel; use diesel::prelude::*; -use db::DbConn; -use db::schema::attachments; +use crate::db::DbConn; +use crate::db::schema::attachments; /// Database methods impl Attachment { @@ -64,7 +64,7 @@ impl Attachment { } pub fn delete(self, conn: &DbConn) -> QueryResult<()> { - use util; + use crate::util; use std::{thread, time}; let mut retries = 10; diff --git a/src/db/models/cipher.rs b/src/db/models/cipher.rs @@ -63,14 +63,14 @@ impl Cipher { use diesel; use diesel::prelude::*; -use db::DbConn; -use db::schema::*; +use crate::db::DbConn; +use crate::db::schema::*; /// Database methods impl Cipher { pub fn to_json(&self, host: &str, user_uuid: &str, conn: &DbConn) -> Value { use serde_json; - use util::format_date; + use crate::util::format_date; use super::Attachment; let attachments = Attachment::find_by_cipher(&self.uuid, conn); diff --git a/src/db/models/collection.rs b/src/db/models/collection.rs @@ -37,8 +37,8 @@ impl Collection { use diesel; use diesel::prelude::*; -use db::DbConn; -use db::schema::*; +use crate::db::DbConn; +use crate::db::schema::*; /// Database methods impl Collection { diff --git a/src/db/models/device.rs b/src/db/models/device.rs @@ -45,7 +45,7 @@ impl Device { pub fn refresh_twofactor_remember(&mut self) -> String { use data_encoding::BASE64; - use crypto; + use crate::crypto; let twofactor_remember = BASE64.encode(&crypto::get_random(vec![0u8; 180])); self.twofactor_remember = Some(twofactor_remember.clone()); @@ -62,7 +62,7 @@ impl Device { // If there is no refresh token, we create one if self.refresh_token.is_empty() { use data_encoding::BASE64URL; - use crypto; + use crate::crypto; self.refresh_token = BASE64URL.encode(&crypto::get_random_64()); } @@ -77,7 +77,7 @@ impl Device { // Create the JWT claims struct, to send to the client - use auth::{encode_jwt, JWTClaims, DEFAULT_VALIDITY, JWT_ISSUER}; + use crate::auth::{encode_jwt, JWTClaims, DEFAULT_VALIDITY, JWT_ISSUER}; let claims = JWTClaims { nbf: time_now.timestamp(), exp: (time_now + *DEFAULT_VALIDITY).timestamp(), @@ -106,8 +106,8 @@ impl Device { use diesel; use diesel::prelude::*; -use db::DbConn; -use db::schema::devices; +use crate::db::DbConn; +use crate::db::schema::devices; /// Database methods impl Device { diff --git a/src/db/models/folder.rs b/src/db/models/folder.rs @@ -43,7 +43,7 @@ impl Folder { } pub fn to_json(&self) -> Value { - use util::format_date; + use crate::util::format_date; json!({ "Id": self.uuid, @@ -65,8 +65,8 @@ impl FolderCipher { use diesel; use diesel::prelude::*; -use db::DbConn; -use db::schema::{folders, folders_ciphers}; +use crate::db::DbConn; +use crate::db::schema::{folders, folders_ciphers}; /// Database methods impl Folder { diff --git a/src/db/models/organization.rs b/src/db/models/organization.rs @@ -236,8 +236,8 @@ impl UserOrganization { use diesel; use diesel::prelude::*; -use db::DbConn; -use db::schema::{organizations, users_organizations, users_collections, ciphers_collections}; +use crate::db::DbConn; +use crate::db::schema::{organizations, users_organizations, users_collections, ciphers_collections}; /// Database methods impl Organization { diff --git a/src/db/models/two_factor.rs b/src/db/models/two_factor.rs @@ -78,8 +78,8 @@ impl TwoFactor { use diesel; use diesel::prelude::*; -use db::DbConn; -use db::schema::twofactor; +use crate::db::DbConn; +use crate::db::schema::twofactor; /// Database methods impl TwoFactor { diff --git a/src/db/models/user.rs b/src/db/models/user.rs @@ -3,8 +3,8 @@ use serde_json::Value; use uuid::Uuid; -use crypto; -use CONFIG; +use crate::crypto; +use crate::CONFIG; #[derive(Debug, Identifiable, Queryable, Insertable)] @@ -113,8 +113,8 @@ impl User { use diesel; use diesel::prelude::*; -use db::DbConn; -use db::schema::{users, invitations}; +use crate::db::DbConn; +use crate::db::schema::{users, invitations}; use super::{Cipher, Folder, Device, UserOrganization, UserOrgType}; /// Database methods diff --git a/src/mail.rs b/src/mail.rs @@ -4,7 +4,7 @@ use lettre::smtp::ConnectionReuseParameters; use lettre::smtp::authentication::Credentials; use lettre_email::EmailBuilder; -use MailConfig; +use crate::MailConfig; fn mailer(config: &MailConfig) -> SmtpTransport { let client_security = if config.smtp_ssl { diff --git a/src/main.rs b/src/main.rs @@ -1,47 +1,15 @@ -#![feature(proc_macro_hygiene, decl_macro, custom_derive, vec_remove_item, try_trait, nll)] -#![recursion_limit="128"] +#![feature(proc_macro_hygiene, decl_macro, vec_remove_item, try_trait)] +#![recursion_limit = "128"] #![allow(proc_macro_derive_resolution_fallback)] // TODO: Remove this when diesel update fixes warnings -#[macro_use] -extern crate rocket; -extern crate rocket_contrib; -extern crate reqwest; -extern crate multipart; -extern crate ws; -extern crate rmpv; -extern crate chashmap; -extern crate serde; -#[macro_use] -extern crate serde_derive; -#[macro_use] -extern crate serde_json; -#[macro_use] -extern crate log; -extern crate fern; -#[cfg(feature = "enable_syslog")] -extern crate syslog; -#[macro_use] -extern crate diesel; -#[macro_use] -extern crate diesel_migrations; -extern crate ring; -extern crate uuid; -extern crate chrono; -extern crate oath; -extern crate data_encoding; -extern crate jsonwebtoken as jwt; -extern crate u2f; -extern crate yubico; -extern crate dotenv; -#[macro_use] -extern crate lazy_static; -#[macro_use] -extern crate num_derive; -extern crate num_traits; -extern crate lettre; -extern crate lettre_email; -extern crate native_tls; -extern crate byteorder; +#[macro_use] extern crate rocket; +#[macro_use] extern crate serde_derive; +#[macro_use] extern crate serde_json; +#[macro_use] extern crate log; +#[macro_use] extern crate diesel; +#[macro_use] extern crate diesel_migrations; +#[macro_use] extern crate lazy_static; +#[macro_use] extern crate num_derive; use std::{path::Path, process::{exit, Command}}; use rocket::Rocket; @@ -75,7 +43,7 @@ mod migrations { pub fn run_migrations() { // Make sure the database is up to date (create if it doesn't exist, or run the migrations) - let connection = ::db::get_connection().expect("Can't conect to DB"); + let connection = crate::db::get_connection().expect("Can't conect to DB"); use std::io::stdout; embedded_migrations::run_with_output(&connection, &mut stdout()).expect("Can't run migrations"); @@ -234,7 +202,7 @@ pub struct MailConfig { impl MailConfig { fn load() -> Option<Self> { - use util::{get_env, get_env_or}; + use crate::util::{get_env, get_env_or}; // When SMTP_HOST is absent, we assume the user does not want to enable it. let smtp_host = match get_env("SMTP_HOST") { @@ -316,7 +284,7 @@ pub struct Config { impl Config { fn load() -> Self { - use util::{get_env, get_env_or}; + use crate::util::{get_env, get_env_or}; dotenv::dotenv().ok(); let df = get_env_or("DATA_FOLDER", "data".to_string()); diff --git a/src/util.rs b/src/util.rs @@ -23,7 +23,7 @@ macro_rules! err { #[macro_export] macro_rules! err_json { ($expr:expr) => {{ - return Err($crate::rocket::response::status::BadRequest(Some($crate::rocket_contrib::json::Json($expr)))); + return Err(rocket::response::status::BadRequest(Some(rocket_contrib::json::Json($expr)))); }} } @@ -31,7 +31,7 @@ macro_rules! err_json { macro_rules! err_handler { ($expr:expr) => {{ error!("{}", $expr); - return $crate::rocket::Outcome::Failure(($crate::rocket::http::Status::Unauthorized, $expr)); + return rocket::Outcome::Failure((rocket::http::Status::Unauthorized, $expr)); }} }