1. 12 Dec, 2021 1 commit
  2. 07 Dec, 2021 1 commit
  3. 01 Dec, 2021 1 commit
    • BlackDex's avatar
      Enabled trust-dns and some updates. · e327583a
      BlackDex authored
      - Enabled trust-dns feature which seems to help a bit when DNS is
      causing long timeouts. Though in the blocking version it is less visible
      then on the async branch.
      - Updated crates
      - Removed some redundant code
      - Updated javascript/css libraries
      
      Resolves #2118
      Resolves #2119
      e327583a
  4. 06 Nov, 2021 2 commits
    • Daniel García's avatar
      Merge pull request #2084 from BlackDex/minimize-macro-recursion · ead2f02c
      Daniel García authored
      Macro recursion decrease and other optimizations
      ead2f02c
    • BlackDex's avatar
      Macro recursion decrease and other optimizations · c453528d
      BlackDex authored
      - Decreased `recursion_limit` from 512 to 87
        Mainly done by optimizing the config macro's.
        This fixes an issue with the rust-analyzer which doesn't go beyond 128
      - Removed Regex for masking sensitive values and replaced it with a map()
        This is much faster then using a Regex.
      - Refactored the get_support_json macro's
      - All items above also lowered the binary size and possibly compile-time
      - Removed `_conn: DbConn` from several functions, these caused unnecessary database connections for functions who didn't used that at all
      - Decreased json response for `/plans`
      - Updated libraries and where needed some code changes
        This also fixes some rare issues with SMTP https://github.com/lettre/lettre/issues/678
      - Using Rust 2021 instead of 2018
      - Updated rust nightly
      c453528d
  5. 01 Nov, 2021 4 commits
  6. 31 Oct, 2021 1 commit
    • Jeremy Lin's avatar
      Fix missing encrypted key after emergency access reject · 14408396
      Jeremy Lin authored
      Rejecting an emergency access request should transition the grantor/grantee
      relationship back into the `Confirmed` state, and the grantor's encrypted key
      should remain in escrow rather than being cleared, or else future emergency
      access requsts from that grantee will fail.
      14408396
  7. 29 Oct, 2021 1 commit
    • Jeremy Lin's avatar
      Fix conflict resolution logic for `read_only` and `hide_passwords` flags · 6cbb7240
      Jeremy Lin authored
      For one of these flags to be in effect for a cipher, upstream requires all of
      (rather than any of) the collections the cipher is in to have that flag set.
      
      Also, some of the logic for loading access restrictions was wrong. I think
      that only malicious clients that also had knowledge of the UUIDs of ciphers
      they didn't have access to would have been able to take advantage of that.
      6cbb7240
  8. 28 Oct, 2021 2 commits
    • Daniel García's avatar
      Merge pull request #2067 from jjlin/incomplete-2fa · a2316ca0
      Daniel García authored
      Add email notifications for incomplete 2FA logins
      a2316ca0
    • Jeremy Lin's avatar
      Add email notifications for incomplete 2FA logins · c476e197
      Jeremy Lin authored
      An incomplete 2FA login is one where the correct master password was provided,
      but the 2FA token or action required to complete the login was not provided
      within the configured time limit. This potentially indicates that the user's
      master password has been compromised, but the login was blocked by 2FA.
      
      Be aware that the 2FA step can usually still be completed after the email
      notification has already been sent out, which could be confusing. Therefore,
      the incomplete 2FA time limit should be long enough that this situation would
      be unlikely. This feature can also be disabled entirely if desired.
      c476e197
  9. 27 Oct, 2021 2 commits
  10. 24 Oct, 2021 2 commits
  11. 23 Oct, 2021 1 commit
  12. 19 Oct, 2021 2 commits
  13. 18 Oct, 2021 5 commits
  14. 09 Oct, 2021 3 commits
    • Adam Jones's avatar
      cargo fmt · 4cebe1ff
      Adam Jones authored
      4cebe1ff
    • Adam Jones's avatar
    • BlackDex's avatar
      Added DbConn to /alive healthcheck · 881524bd
      BlackDex authored
      During a small discusson on Matrix it seems logical to have the /alive
      endpoint also check if the database connection still works.
      
      The reason for this was regarding a certificate which failed/expired
      while vaultwarden and the database were still up-and-running, but
      suddenly vaultwarden couldn't connect anymore.
      
      With this `DbConn` added to `/alive`, it will be more accurate, because
      of vaultwarden can't reach the database, it isn't alive.
      881524bd
  15. 08 Oct, 2021 6 commits
  16. 07 Oct, 2021 1 commit
    • BlackDex's avatar
      Fix error reporting in admin and some small fixes · 33875655
      BlackDex authored
      - Fixed a bug in JavaScript which caused no messages to be shown to the
      user in-case of an error send by the server.
      - Changed mail error handling for better error messages
      - Changed user/org actions from a to buttons, this should prevent
      strange issues in-case of javascript issues and the page does re-load.
      - Added Alpine and Debian info for the running docker image
      
      During the mail error testing i encountered a bug which caused lettre to
      panic. This panic only happens on debug builds and not release builds,
      so no need to update anything on that part. This bug is also already
      fixed. See https://github.com/lettre/lettre/issues/678 and https://github.com/lettre/lettre/pull/679
      
      Resolves #2021
      Could also fix the issue reported here #2022, or at least no hash `#` in
      the url.
      33875655
  17. 02 Oct, 2021 1 commit
  18. 27 Sep, 2021 2 commits
  19. 26 Sep, 2021 2 commits