Tags: dani-garcia/vaultwarden
Tags
Some fixes for emergency access (#4715) - Add missing `Headers` parameter for some functions This allowed any request from allowing these endpoints by not validating the user correctly. - Changed the functions to retreive the emergency access record by using the user uuid which calls the endpoint, instead of validating afterwards. This is more secure and prevents the need of an if check.
Fix healthcheck when using .env file (#4299) It seems Debian based images see the `.env` file in the `pwd` path, but sourcing it via `. .env` breaks. It does work if you provide the full path `/.env`. Changed the default to `/.env`. Alpine does not have an issue with both ways.
Update env template file (#4276) * update env template to fit the config.rs * Categorize env template settings * Fix a wrong setting * Fix wrong icon redirect code * Fix ICON_DOWNLOAD_TIMEOUT default value Co-authored-by: Daniel <[email protected]> * Move related settings together. Merge Yubikey, Duo, Email 2FA sections into one. Other minor fixes. * Minor fix of some settings position * Add some comment * Minor fix. --------- Co-authored-by: Daniel <[email protected]>
Update crates (#4074) * Remove another header for websocket connections * Fix small bake issue * Update crates Updated crates and adjusted code where needed. One major update is Rocket rc4, no need anymore (again) for crates.io patching. The only item still pending is openssl/openssl-sys for which we need to wait if sfackler/rust-openssl#2094 will be merged. If, then we can remove the pinned versions for the openssl crate.
PreviousNext