mirror/lldap
1
0
Fork 0
mirror of https://github.com/nitnelave/lldap.git synced 2023-04-12 14:25:13 +00:00
Code Issues Projects Releases Wiki Activity

server: update various dependencies

Browse Source
This commit is contained in:
Valentin Tolmer 2023-02-23 16:58:22 +01:00 committed by nitnelave
parent dce73f91ef
commit 28607c4744
7 changed files with 53 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
Cargo.lock generated
View File

@ -1005,9 +1005,9 @@ dependencies = [
[[package]] [[package]]
name = "darling" name = "darling"
version = "0.12.4" version = "0.14.3"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5f2c43f534ea4b0b049015d00269734195e6d3f0f6635cb692251aca6f9f8b3c" checksum = "c0808e1bd8671fb44a113a14e13497557533369847788fa2ae912b6ebfce9fa8"
dependencies = [ dependencies = [
"darling_core", "darling_core",
"darling_macro", "darling_macro",
@ -1015,9 +1015,9 @@ dependencies = [
[[package]] [[package]]
name = "darling_core" name = "darling_core"
version = "0.12.4" version = "0.14.3"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8e91455b86830a1c21799d94524df0845183fa55bafd9aa137b01c7d1065fa36" checksum = "001d80444f28e193f30c2f293455da62dcf9a6b29918a4253152ae2b1de592cb"
dependencies = [ dependencies = [
"fnv", "fnv",
"ident_case", "ident_case",
@ -1029,9 +1029,9 @@ dependencies = [
[[package]] [[package]]
name = "darling_macro" name = "darling_macro"
version = "0.12.4" version = "0.14.3"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "29b5acf0dea37a7f66f7b25d2c5e93fd46f8f6968b1a5d7a3e02e97768afc95a" checksum = "b36230598a2d5de7ec1c6f51f72d8a99a9208daff41de2084d06e3fd3ea56685"
dependencies = [ dependencies = [
"darling_core", "darling_core",
"quote", "quote",
@ -1071,18 +1071,18 @@ dependencies = [
[[package]] [[package]]
name = "derive_builder" name = "derive_builder"
version = "0.10.2" version = "0.12.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d13202debe11181040ae9063d739fa32cfcaaebe2275fe387703460ae2365b30" checksum = "8d67778784b508018359cbc8696edb3db78160bab2c2a28ba7f56ef6932997f8"
dependencies = [ dependencies = [
"derive_builder_macro", "derive_builder_macro",
] ]
[[package]] [[package]]
name = "derive_builder_core" name = "derive_builder_core"
version = "0.10.2" version = "0.12.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "66e616858f6187ed828df7c64a6d71720d83767a7f19740b2d1b6fe6327b36e5" checksum = "c11bdc11a0c47bc7d37d582b5285da6849c96681023680b906673c5707af7b0f"
dependencies = [ dependencies = [
"darling", "darling",
"proc-macro2", "proc-macro2",
@ -1092,9 +1092,9 @@ dependencies = [
[[package]] [[package]]
name = "derive_builder_macro" name = "derive_builder_macro"
version = "0.10.2" version = "0.12.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "58a94ace95092c5acb1e97a7e846b310cfbd499652f72297da7493f618a98d73" checksum = "ebcda35c7a396850a55ffeac740804b40ffec779b98fffbb1738f4033f0ee79e"
dependencies = [ dependencies = [
"derive_builder_core", "derive_builder_core",
"syn", "syn",
@ -1272,6 +1272,12 @@ dependencies = [
"instant", "instant",
] ]
[[package]]
name = "fiat-crypto"
version = "0.1.17"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a214f5bb88731d436478f3ae1f8a277b62124089ba9fb67f4f93fb100ef73c90"
[[package]] [[package]]
name = "figment" name = "figment"
version = "0.10.8" version = "0.10.8"
@ -2274,7 +2280,7 @@ dependencies = [
"actix-web-httpauth", "actix-web-httpauth",
"anyhow", "anyhow",
"async-trait", "async-trait",
"base64 0.13.1", "base64 0.21.0",
"bincode", "bincode",
"chrono", "chrono",
"clap", "clap",
@ -2284,7 +2290,7 @@ dependencies = [
"figment_file_provider_adapter", "figment_file_provider_adapter",
"futures", "futures",
"futures-util", "futures-util",
"hmac 0.10.1", "hmac 0.12.1",
"http", "http",
"image", "image",
"itertools", "itertools",
@ -2307,7 +2313,7 @@ dependencies = [
"serde", "serde",
"serde_bytes", "serde_bytes",
"serde_json", "serde_json",
"sha2 0.9.9", "sha2 0.10.6",
"thiserror", "thiserror",
"time 0.3.19", "time 0.3.19",
"tokio", "tokio",
@ -2704,11 +2710,12 @@ checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf"
[[package]] [[package]]
name = "orion" name = "orion"
version = "0.16.1" version = "0.17.3"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c6624905ddd92e460ff0685567539ed1ac985b2dee4c92c7edcd64fce905b00c" checksum = "f2baf7fd2e326e3895c681176788dd227fcd8369350e53c570592d8563fecbb6"
dependencies = [ dependencies = [
"ct-codecs", "ct-codecs",
"fiat-crypto",
"getrandom 0.2.8", "getrandom 0.2.8",
"subtle", "subtle",
"zeroize", "zeroize",

18
server/Cargo.toml
View File

@ -15,37 +15,37 @@ actix-web = "4.3"
actix-web-httpauth = "0.8" actix-web-httpauth = "0.8"
anyhow = "*" anyhow = "*"
async-trait = "0.1" async-trait = "0.1"
base64 = "0.13" base64 = "*"
bincode = "1.3" bincode = "1.3"
cron = "*" cron = "*"
derive_builder = "0.10.2" derive_builder = "0.12"
figment_file_provider_adapter = "0.1" figment_file_provider_adapter = "0.1"
futures = "*" futures = "*"
futures-util = "*" futures-util = "*"
hmac = "0.10" hmac = "0.12"
http = "*" http = "*"
itertools = "0.10.1" itertools = "0.10"
juniper = "0.15" juniper = "0.15"
jwt = "0.16" jwt = "0.16"
lber = "0.4.1" lber = "0.4.1"
ldap3_proto = ">=0.3.1" ldap3_proto = ">=0.3.1"
log = "*" log = "*"
orion = "0.16" orion = "0.17"
rustls = "0.20" rustls = "0.20"
serde = "*" serde = "*"
serde_json = "1" serde_json = "1"
sha2 = "0.9" sha2 = "0.10"
thiserror = "*" thiserror = "*"
time = "0.3" time = "0.3"
tokio-rustls = "0.23" tokio-rustls = "0.23"
tokio-stream = "*" tokio-stream = "*"
tokio-util = "0.7.3" tokio-util = "0.7"
tracing = "*" tracing = "*"
tracing-actix-web = "0.7" tracing-actix-web = "0.7"
tracing-attributes = "^0.1.21" tracing-attributes = "^0.1.21"
tracing-log = "*" tracing-log = "*"
rustls-pemfile = "1.0.0" rustls-pemfile = "1"
serde_bytes = "0.11.7" serde_bytes = "0.11"
webpki-roots = "*" webpki-roots = "*"
[dependencies.chrono] [dependencies.chrono]

6
server/src/domain/handler.rs
View File

@ -211,6 +211,8 @@ mockall::mock! {
#[cfg(test)] #[cfg(test)]
mod tests { mod tests {
use base64::Engine;
use super::*; use super::*;
#[test] #[test]
fn test_uuid_time() { fn test_uuid_time() {
@ -233,7 +235,9 @@ mod tests {
#[test] #[test]
fn test_jpeg_try_from_bytes() { fn test_jpeg_try_from_bytes() {
let base64_raw = "/9j/4AAQSkZJRgABAQEASABIAAD/2wBDAP//////////////////////////////////////////////////////////////////////////////////////2wBDAf//////////////////////////////////////////////////////////////////////////////////////wAARCADqATkDASIAAhEBAxEB/8QAFwABAQEBAAAAAAAAAAAAAAAAAAECA//EACQQAQEBAAIBBAMBAQEBAAAAAAABESExQQISUXFhgZGxocHw/8QAFQEBAQAAAAAAAAAAAAAAAAAAAAH/xAAWEQEBAQAAAAAAAAAAAAAAAAAAEQH/2gAMAwEAAhEDEQA/AMriLyCKgg1gQwCgs4FTMOdutepjQak+FzMSVqgxZdRdPPIIvH5WzzGdBriphtTeAXg2ZjKA1pqKDUGZca3foBek8gFv8Ie3fKdA1qb8s7hoL6eLVt51FsAnql3Ut1M7AWbflLMDkEMX/F6/YjK/pADFQAUNA6alYagKk72m/j9p4Bq2fDDSYKLNXPNLoHE/NT6RYC31cJxZ3yWVM+aBYi/S2ZgiAsnYJx5D21vPmqrm3PTfpQQwyAC8JZvSKDni41ZrMuUVVl+Uz9w9v/1QWrZsZ5nFPHYH+JZyureQSF5M+fJ0CAfwRAVRBQA1DAWVUayoJUWoDpsxntPsueBV4+VxhdyAtv8AjOLGpIDMLbeGvbF4iozJfr/WukAVABAXAQXEAAASzVAZdO2WNordm+emFl7XcQSNZiFtv0C9w90nhJf4mA1u+GcJFwIyAqL/AOovwgGNfSRqdIrNa29M0gKCAojU9PAMjWXpckEJFNFEAAXEUBABYz6rZ0ureQc9vyt9XxDF2QAXtABcQAs0AZywkvluJbyipifas52DcyxjlZweAO0xri/hc+wZOEKIu6nSyeToVZyWXwvCg53gW81QQ7aTNAn5dGZJPs1UXURQAUEMCXQLZE93PRZ5hPTgNMrbIzKCm52LZwCs+2M8w2g3sjPuZAXb4IsMAUACzVUGM4/K+md6vEXUUyM5PDR0IxYe6ramih0VNBrS4xoqN8Q1BFQk3yqyAsioioAAKgDSJL4/jQIn5igLrPqtOuf6oOaxbMoAltUAhhIoJiiggrPu+AaOIxtAX3JbaAIaLwi4t9X4T3fg2AFtqcrUUarP20zUDAmqoE0WRBZPNVUVEAAAAVAC8kvih2DSKxOdBqs7Z0l0gI0mKAC4AuHE7ZtBriM+744QAAAAABAFsveIttBICyaikvy1+r/Cen5rWQHIBQa4rIDRqSl5qDWqziqgAAAATA7BpGdqXb2C2+J/UgAtRQBSQtkBWb6vhLbQAAAAAEBRAAAAAUbm+GZNdPxAP+ql2Tjwx7/wIgZ8iKvBk+CJoCXii9gaqZ/qqihAAAEVABGkBFUwBftNkZ3QW34QAAABFAQAVAAAAAARVkl8gs/43sk1jL45LvHArepk+E9XTG35oLqsmIKmLAEygKg0y1AFQBUXwgAAAoBC34S3UAAABAVAAAAAABAUQAVABdRQa1PcYyit2z58M8C4ouM2NXpOEGeWtNZUatiAIoAKIoCoAoG4C9MW6dgIoAIAAAAAAACKWAgL0CAAAALiANCKioNLgM1CrLihmTafkt1EF3SZ5ZVUW4mnIKvAi5fhEURVDWVQBRAAAAAAAAQFRVyAyulgAqCKlF8IqLsEgC9mGoC+IusqCrv5ZEUVOk1RuJfwSLOOkGFi4XPCoYYrNiKauosBGi9ICstM1UAAAAAAFQ0VcTBAXUGgIqGoKhKAzRRUQUAwxoSrGRpkQA/qiosOL9oJptMRRVZa0VUqSiChE6BqMgCwqKqIogAIAqKCKgKoogg0lBFuIKgAAAKNRlf2gqsftsEtZWoAAqAACKoMqAAeSoqp39kL2AqLOlE8rEBFQARYALhigrNC9gGmooLp4TweEQFFBFAECgIoAu0ifIAqAAA//9k="; let base64_raw = "/9j/4AAQSkZJRgABAQEASABIAAD/2wBDAP//////////////////////////////////////////////////////////////////////////////////////2wBDAf//////////////////////////////////////////////////////////////////////////////////////wAARCADqATkDASIAAhEBAxEB/8QAFwABAQEBAAAAAAAAAAAAAAAAAAECA//EACQQAQEBAAIBBAMBAQEBAAAAAAABESExQQISUXFhgZGxocHw/8QAFQEBAQAAAAAAAAAAAAAAAAAAAAH/xAAWEQEBAQAAAAAAAAAAAAAAAAAAEQH/2gAMAwEAAhEDEQA/AMriLyCKgg1gQwCgs4FTMOdutepjQak+FzMSVqgxZdRdPPIIvH5WzzGdBriphtTeAXg2ZjKA1pqKDUGZca3foBek8gFv8Ie3fKdA1qb8s7hoL6eLVt51FsAnql3Ut1M7AWbflLMDkEMX/F6/YjK/pADFQAUNA6alYagKk72m/j9p4Bq2fDDSYKLNXPNLoHE/NT6RYC31cJxZ3yWVM+aBYi/S2ZgiAsnYJx5D21vPmqrm3PTfpQQwyAC8JZvSKDni41ZrMuUVVl+Uz9w9v/1QWrZsZ5nFPHYH+JZyureQSF5M+fJ0CAfwRAVRBQA1DAWVUayoJUWoDpsxntPsueBV4+VxhdyAtv8AjOLGpIDMLbeGvbF4iozJfr/WukAVABAXAQXEAAASzVAZdO2WNordm+emFl7XcQSNZiFtv0C9w90nhJf4mA1u+GcJFwIyAqL/AOovwgGNfSRqdIrNa29M0gKCAojU9PAMjWXpckEJFNFEAAXEUBABYz6rZ0ureQc9vyt9XxDF2QAXtABcQAs0AZywkvluJbyipifas52DcyxjlZweAO0xri/hc+wZOEKIu6nSyeToVZyWXwvCg53gW81QQ7aTNAn5dGZJPs1UXURQAUEMCXQLZE93PRZ5hPTgNMrbIzKCm52LZwCs+2M8w2g3sjPuZAXb4IsMAUACzVUGM4/K+md6vEXUUyM5PDR0IxYe6ramih0VNBrS4xoqN8Q1BFQk3yqyAsioioAAKgDSJL4/jQIn5igLrPqtOuf6oOaxbMoAltUAhhIoJiiggrPu+AaOIxtAX3JbaAIaLwi4t9X4T3fg2AFtqcrUUarP20zUDAmqoE0WRBZPNVUVEAAAAVAC8kvih2DSKxOdBqs7Z0l0gI0mKAC4AuHE7ZtBriM+744QAAAAABAFsveIttBICyaikvy1+r/Cen5rWQHIBQa4rIDRqSl5qDWqziqgAAAATA7BpGdqXb2C2+J/UgAtRQBSQtkBWb6vhLbQAAAAAEBRAAAAAUbm+GZNdPxAP+ql2Tjwx7/wIgZ8iKvBk+CJoCXii9gaqZ/qqihAAAEVABGkBFUwBftNkZ3QW34QAAABFAQAVAAAAAARVkl8gs/43sk1jL45LvHArepk+E9XTG35oLqsmIKmLAEygKg0y1AFQBUXwgAAAoBC34S3UAAABAVAAAAAABAUQAVABdRQa1PcYyit2z58M8C4ouM2NXpOEGeWtNZUatiAIoAKIoCoAoG4C9MW6dgIoAIAAAAAAACKWAgL0CAAAALiANCKioNLgM1CrLihmTafkt1EF3SZ5ZVUW4mnIKvAi5fhEURVDWVQBRAAAAAAAAQFRVyAyulgAqCKlF8IqLsEgC9mGoC+IusqCrv5ZEUVOk1RuJfwSLOOkGFi4XPCoYYrNiKauosBGi9ICstM1UAAAAAAFQ0VcTBAXUGgIqGoKhKAzRRUQUAwxoSrGRpkQA/qiosOL9oJptMRRVZa0VUqSiChE6BqMgCwqKqIogAIAqKCKgKoogg0lBFuIKgAAAKNRlf2gqsftsEtZWoAAqAACKoMqAAeSoqp39kL2AqLOlE8rEBFQARYALhigrNC9gGmooLp4TweEQFFBFAECgIoAu0ifIAqAAA//9k=";
let base64_jpeg = base64::decode(base64_raw).unwrap(); let base64_jpeg = base64::engine::general_purpose::STANDARD
.decode(base64_raw)
.unwrap();
JpegPhoto::try_from(base64_jpeg).unwrap(); JpegPhoto::try_from(base64_jpeg).unwrap();
} }
} }

9
server/src/domain/sql_opaque_handler.rs
View File

@ -7,6 +7,7 @@ use super::{
types::UserId, types::UserId,
}; };
use async_trait::async_trait; use async_trait::async_trait;
use base64::Engine;
use lldap_auth::opaque; use lldap_auth::opaque;
use sea_orm::{ActiveModelTrait, ActiveValue, EntityTrait, QuerySelect}; use sea_orm::{ActiveModelTrait, ActiveValue, EntityTrait, QuerySelect};
use secstr::SecUtf8; use secstr::SecUtf8;
@ -129,7 +130,7 @@ impl OpaqueHandler for SqlOpaqueHandler {
let encrypted_state = orion::aead::seal(&secret_key, &bincode::serialize(&server_data)?)?; let encrypted_state = orion::aead::seal(&secret_key, &bincode::serialize(&server_data)?)?;
Ok(login::ServerLoginStartResponse { Ok(login::ServerLoginStartResponse {
server_data: base64::encode(encrypted_state), server_data: base64::engine::general_purpose::STANDARD.encode(encrypted_state),
credential_response: start_response.message, credential_response: start_response.message,
}) })
} }
@ -142,7 +143,7 @@ impl OpaqueHandler for SqlOpaqueHandler {
server_login, server_login,
} = bincode::deserialize(&orion::aead::open( } = bincode::deserialize(&orion::aead::open(
&secret_key, &secret_key,
&base64::decode(&request.server_data)?, &base64::engine::general_purpose::STANDARD.decode(&request.server_data)?,
)?)?; )?)?;
// Finish the login: this makes sure the client data is correct, and gives a session key we // Finish the login: this makes sure the client data is correct, and gives a session key we
// don't need. // don't need.
@ -170,7 +171,7 @@ impl OpaqueHandler for SqlOpaqueHandler {
}; };
let encrypted_state = orion::aead::seal(&secret_key, &bincode::serialize(&server_data)?)?; let encrypted_state = orion::aead::seal(&secret_key, &bincode::serialize(&server_data)?)?;
Ok(registration::ServerRegistrationStartResponse { Ok(registration::ServerRegistrationStartResponse {
server_data: base64::encode(encrypted_state), server_data: base64::engine::general_purpose::STANDARD.encode(encrypted_state),
registration_response: start_response.message, registration_response: start_response.message,
}) })
} }
@ -183,7 +184,7 @@ impl OpaqueHandler for SqlOpaqueHandler {
let secret_key = self.get_orion_secret_key()?; let secret_key = self.get_orion_secret_key()?;
let registration::ServerData { username } = bincode::deserialize(&orion::aead::open( let registration::ServerData { username } = bincode::deserialize(&orion::aead::open(
&secret_key, &secret_key,
&base64::decode(&request.server_data)?, &base64::engine::general_purpose::STANDARD.decode(&request.server_data)?,
)?)?; )?)?;
let password_file = let password_file =

7
server/src/domain/types.rs
View File

@ -1,3 +1,4 @@
use base64::Engine;
use chrono::{NaiveDateTime, TimeZone}; use chrono::{NaiveDateTime, TimeZone};
use sea_orm::{ use sea_orm::{
entity::IntoActiveValue, entity::IntoActiveValue,
@ -224,13 +225,15 @@ impl TryFrom<String> for JpegPhoto {
type Error = anyhow::Error; type Error = anyhow::Error;
fn try_from(string: String) -> anyhow::Result<Self> { fn try_from(string: String) -> anyhow::Result<Self> {
// The String format is in base64. // The String format is in base64.
<Self as TryFrom<_>>::try_from(base64::decode(string.as_str())?) <Self as TryFrom<_>>::try_from(
base64::engine::general_purpose::STANDARD.decode(string.as_str())?,
)
} }
} }
impl From<&JpegPhoto> for String { impl From<&JpegPhoto> for String {
fn from(val: &JpegPhoto) -> Self { fn from(val: &JpegPhoto) -> Self {
base64::encode(&val.0) base64::engine::general_purpose::STANDARD.encode(&val.0)
} }
} }

5
server/src/infra/graphql/mutation.rs
View File

@ -12,6 +12,7 @@ use crate::{
}, },
}; };
use anyhow::Context as AnyhowContext; use anyhow::Context as AnyhowContext;
use base64::Engine;
use juniper::{graphql_object, FieldResult, GraphQLInputObject, GraphQLObject}; use juniper::{graphql_object, FieldResult, GraphQLInputObject, GraphQLObject};
use tracing::{debug, debug_span, Instrument}; use tracing::{debug, debug_span, Instrument};
@ -89,7 +90,7 @@ impl<Handler: BackendHandler> Mutation<Handler> {
let user_id = UserId::new(&user.id); let user_id = UserId::new(&user.id);
let avatar = user let avatar = user
.avatar .avatar
.map(base64::decode) .map(|bytes| base64::engine::general_purpose::STANDARD.decode(bytes))
.transpose() .transpose()
.context("Invalid base64 image")? .context("Invalid base64 image")?
.map(JpegPhoto::try_from) .map(JpegPhoto::try_from)
@ -146,7 +147,7 @@ impl<Handler: BackendHandler> Mutation<Handler> {
.ok_or_else(field_error_callback(&span, "Unauthorized user update"))?; .ok_or_else(field_error_callback(&span, "Unauthorized user update"))?;
let avatar = user let avatar = user
.avatar .avatar
.map(base64::decode) .map(|bytes| base64::engine::general_purpose::STANDARD.decode(bytes))
.transpose() .transpose()
.context("Invalid base64 image")? .context("Invalid base64 image")?
.map(JpegPhoto::try_from) .map(JpegPhoto::try_from)

4
server/src/infra/tcp_server.rs
View File

@ -18,7 +18,7 @@ use actix_server::ServerBuilder;
use actix_service::map_config; use actix_service::map_config;
use actix_web::{dev::AppConfig, web, App, HttpResponse}; use actix_web::{dev::AppConfig, web, App, HttpResponse};
use anyhow::{Context, Result}; use anyhow::{Context, Result};
use hmac::{Hmac, NewMac}; use hmac::Hmac;
use sha2::Sha512; use sha2::Sha512;
use std::collections::HashSet; use std::collections::HashSet;
use std::path::PathBuf; use std::path::PathBuf;
@ -80,7 +80,7 @@ fn http_config<Backend>(
let enable_password_reset = mail_options.enable_password_reset; let enable_password_reset = mail_options.enable_password_reset;
cfg.app_data(web::Data::new(AppState::<Backend> { cfg.app_data(web::Data::new(AppState::<Backend> {
backend_handler: AccessControlledBackendHandler::new(backend_handler), backend_handler: AccessControlledBackendHandler::new(backend_handler),
jwt_key: Hmac::new_varkey(jwt_secret.unsecure().as_bytes()).unwrap(), jwt_key: hmac::Mac::new_from_slice(jwt_secret.unsecure().as_bytes()).unwrap(),
jwt_blacklist: RwLock::new(jwt_blacklist), jwt_blacklist: RwLock::new(jwt_blacklist),
server_url, server_url,
mail_options, mail_options,