mirror of
https://github.com/nitnelave/lldap.git
synced 2023-04-12 14:25:13 +00:00
dependencies: update opaque_ke to v2
This is a breaking change: it changes the way the password data is serialized in the DB, so any saved password is no longer readable (all passwords have to get reset).
This commit is contained in:
parent
ffc59af345
commit
5cb07b9780
@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|||||||
|
|
||||||
## [Unreleased]
|
## [Unreleased]
|
||||||
|
|
||||||
|
### Breaking
|
||||||
|
|
||||||
|
- The password storage mechanism has changed, the passwords cannot be ported over from the old version. All passwords have to be reset.
|
||||||
|
|
||||||
## [0.4.1] - 2022-10-10
|
## [0.4.1] - 2022-10-10
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
462
Cargo.lock
generated
462
Cargo.lock
generated
@ -102,7 +102,7 @@ dependencies = [
|
|||||||
"rand 0.8.5",
|
"rand 0.8.5",
|
||||||
"regex",
|
"regex",
|
||||||
"serde",
|
"serde",
|
||||||
"sha-1",
|
"sha-1 0.9.8",
|
||||||
"smallvec",
|
"smallvec",
|
||||||
"time 0.2.27",
|
"time 0.2.27",
|
||||||
"tokio",
|
"tokio",
|
||||||
@ -364,10 +364,15 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
|
|||||||
checksum = "33954243bd79057c2de7338850b85983a44588021f8a5fee574a8888c6de4344"
|
checksum = "33954243bd79057c2de7338850b85983a44588021f8a5fee574a8888c6de4344"
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "arrayref"
|
name = "argon2"
|
||||||
version = "0.3.6"
|
version = "0.4.1"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "a4c527152e37cf757a3f78aae5a06fbeefdb07ccc535c980a3208ee3060dd544"
|
checksum = "db4ce4441f99dbd377ca8a8f57b698c44d0d6e712d8329b5040da5a64aa1ce73"
|
||||||
|
dependencies = [
|
||||||
|
"base64ct",
|
||||||
|
"blake2",
|
||||||
|
"password-hash",
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "arrayvec"
|
name = "arrayvec"
|
||||||
@ -395,7 +400,7 @@ checksum = "30ff05a702273012438132f449575dbc804e27b2f3cbe3069aa237d26c98fa33"
|
|||||||
dependencies = [
|
dependencies = [
|
||||||
"asn1-rs-derive",
|
"asn1-rs-derive",
|
||||||
"asn1-rs-impl",
|
"asn1-rs-impl",
|
||||||
"displaydoc 0.2.3",
|
"displaydoc",
|
||||||
"nom 7.1.1",
|
"nom 7.1.1",
|
||||||
"num-traits",
|
"num-traits",
|
||||||
"rusticata-macros",
|
"rusticata-macros",
|
||||||
@ -452,7 +457,7 @@ version = "0.5.1"
|
|||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "b88d82667eca772c4aa12f0f1348b3ae643424c8876448f3f7bd5787032e234c"
|
checksum = "b88d82667eca772c4aa12f0f1348b3ae643424c8876448f3f7bd5787032e234c"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"autocfg 1.1.0",
|
"autocfg",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
@ -466,15 +471,6 @@ dependencies = [
|
|||||||
"winapi",
|
"winapi",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
|
||||||
name = "autocfg"
|
|
||||||
version = "0.1.8"
|
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
||||||
checksum = "0dde43e75fd43e8a1bf86103336bc699aa8d17ad1be60c76c0bdfd4828e19b78"
|
|
||||||
dependencies = [
|
|
||||||
"autocfg 1.1.0",
|
|
||||||
]
|
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "autocfg"
|
name = "autocfg"
|
||||||
version = "1.1.0"
|
version = "1.1.0"
|
||||||
@ -502,6 +498,12 @@ version = "0.2.11"
|
|||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "4cbbc9d0964165b47557570cce6c952866c2678457aca742aafc9fb771d30270"
|
checksum = "4cbbc9d0964165b47557570cce6c952866c2678457aca742aafc9fb771d30270"
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "base16ct"
|
||||||
|
version = "0.1.1"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "349a06037c7bf932dd7e7d1f653678b2038b9ad46a74102f1fc7bd7872678cce"
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "base64"
|
name = "base64"
|
||||||
version = "0.13.0"
|
version = "0.13.0"
|
||||||
@ -530,14 +532,12 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
|
|||||||
checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a"
|
checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a"
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "blake2b_simd"
|
name = "blake2"
|
||||||
version = "0.5.11"
|
version = "0.10.5"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "afa748e348ad3be8263be728124b24a24f268266f6f5d58af9d75f6a40b5c587"
|
checksum = "b12e5fd123190ce1c2e559308a94c9bacad77907d4c6005d9e58fe1a0689e55e"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"arrayref",
|
"digest 0.10.6",
|
||||||
"arrayvec",
|
|
||||||
"constant_time_eq",
|
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
@ -549,6 +549,15 @@ dependencies = [
|
|||||||
"generic-array",
|
"generic-array",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "block-buffer"
|
||||||
|
version = "0.10.3"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "69cce20737498f97b993470a6e536b8523f0af7892a4f928cceb1ac5e52ebe7e"
|
||||||
|
dependencies = [
|
||||||
|
"generic-array",
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "boolinator"
|
name = "boolinator"
|
||||||
version = "2.4.0"
|
version = "2.4.0"
|
||||||
@ -732,9 +741,15 @@ dependencies = [
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "const-oid"
|
name = "const-oid"
|
||||||
version = "0.6.2"
|
version = "0.7.1"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "9d6f2aa4d0537bcc1c74df8755072bd31c1ef1a3a1b85a68e8404a8c353b7b8b"
|
checksum = "e4c78c047431fee22c1a7bb92e00ad095a02a983affe4d8a72e2a2c62c1b94f3"
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "const-oid"
|
||||||
|
version = "0.9.1"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "cec318a675afcb6a1ea1d4340e2d377e56e47c266f28043ceccbf4412ddfdd3b"
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "const_fn"
|
name = "const_fn"
|
||||||
@ -742,12 +757,6 @@ version = "0.4.9"
|
|||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "fbdcdcb6d86f71c5e97409ad45898af11cbc995b4ee8112d59095a28d376c935"
|
checksum = "fbdcdcb6d86f71c5e97409ad45898af11cbc995b4ee8112d59095a28d376c935"
|
||||||
|
|
||||||
[[package]]
|
|
||||||
name = "constant_time_eq"
|
|
||||||
version = "0.1.5"
|
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
||||||
checksum = "245097e9a4535ee1e3e3931fcfcd55a796a44c643e8596ff6566d68f09b87bbc"
|
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "convert_case"
|
name = "convert_case"
|
||||||
version = "0.4.0"
|
version = "0.4.0"
|
||||||
@ -882,13 +891,34 @@ dependencies = [
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "crypto-bigint"
|
name = "crypto-bigint"
|
||||||
version = "0.2.11"
|
version = "0.3.2"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "f83bd3bb4314701c568e340cd8cf78c975aa0ca79e03d3f6d1677d5b0c9c0c03"
|
checksum = "03c6a1d5fa1de37e071642dfa44ec552ca5b299adb128fab16138e24b548fd21"
|
||||||
|
dependencies = [
|
||||||
|
"generic-array",
|
||||||
|
"subtle",
|
||||||
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "crypto-bigint"
|
||||||
|
version = "0.4.9"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "ef2b4b23cddf68b89b8f8069890e8c270d54e2d5fe1b143820234805e4cb17ef"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"generic-array",
|
"generic-array",
|
||||||
"rand_core 0.6.3",
|
"rand_core 0.6.3",
|
||||||
"subtle",
|
"subtle",
|
||||||
|
"zeroize",
|
||||||
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "crypto-common"
|
||||||
|
version = "0.1.6"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3"
|
||||||
|
dependencies = [
|
||||||
|
"generic-array",
|
||||||
|
"typenum",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
@ -901,16 +931,6 @@ dependencies = [
|
|||||||
"subtle",
|
"subtle",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
|
||||||
name = "crypto-mac"
|
|
||||||
version = "0.11.1"
|
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
||||||
checksum = "b1d1a86f49236c215f271d40892d5fc950490551400b02ef360692c29815c714"
|
|
||||||
dependencies = [
|
|
||||||
"generic-array",
|
|
||||||
"subtle",
|
|
||||||
]
|
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "ct-codecs"
|
name = "ct-codecs"
|
||||||
version = "1.1.1"
|
version = "1.1.1"
|
||||||
@ -919,14 +939,26 @@ checksum = "f3b7eb4404b8195a9abb6356f4ac07d8ba267045c8d6d220ac4dc992e6cc75df"
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "curve25519-dalek"
|
name = "curve25519-dalek"
|
||||||
version = "3.2.1"
|
version = "3.2.0"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "90f9d052967f590a76e62eb387bd0bbb1b000182c3cefe5364db6b7211651bc0"
|
checksum = "0b9fdf9972b2bd6af2d913799d9ebc165ea4d2e65878e329d9c6b372c4491b61"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"byteorder",
|
"byteorder",
|
||||||
"digest",
|
"digest 0.9.0",
|
||||||
"rand_core 0.5.1",
|
"rand_core 0.5.1",
|
||||||
"serde",
|
"subtle",
|
||||||
|
"zeroize",
|
||||||
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "curve25519-dalek"
|
||||||
|
version = "4.0.0-pre.1"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "4033478fbf70d6acf2655ac70da91ee65852d69daf7a67bf7a2f518fb47aafcf"
|
||||||
|
dependencies = [
|
||||||
|
"byteorder",
|
||||||
|
"digest 0.9.0",
|
||||||
|
"rand_core 0.6.3",
|
||||||
"subtle",
|
"subtle",
|
||||||
"zeroize",
|
"zeroize",
|
||||||
]
|
]
|
||||||
@ -974,12 +1006,22 @@ checksum = "3ee2393c4a91429dffb4bedf19f4d6abf27d8a732c8ce4980305d782e5426d57"
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "der"
|
name = "der"
|
||||||
version = "0.4.5"
|
version = "0.5.1"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "79b71cca7d95d7681a4b3b9cdf63c8dbc3730d0584c2c74e31416d64a90493f4"
|
checksum = "6919815d73839e7ad218de758883aae3a257ba6759ce7a9992501efbb53d705c"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"const-oid",
|
"const-oid 0.7.1",
|
||||||
"crypto-bigint",
|
"crypto-bigint 0.3.2",
|
||||||
|
"pem-rfc7468",
|
||||||
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "der"
|
||||||
|
version = "0.6.0"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "13dd2ae565c0a381dde7fade45fce95984c568bdcb4700a4fdbe3175e0380b2f"
|
||||||
|
dependencies = [
|
||||||
|
"const-oid 0.9.1",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
@ -989,13 +1031,24 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
|
|||||||
checksum = "fe398ac75057914d7d07307bf67dc7f3f574a26783b4fc7805a20ffa9f506e82"
|
checksum = "fe398ac75057914d7d07307bf67dc7f3f574a26783b4fc7805a20ffa9f506e82"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"asn1-rs",
|
"asn1-rs",
|
||||||
"displaydoc 0.2.3",
|
"displaydoc",
|
||||||
"nom 7.1.1",
|
"nom 7.1.1",
|
||||||
"num-bigint 0.4.3",
|
"num-bigint 0.4.3",
|
||||||
"num-traits",
|
"num-traits",
|
||||||
"rusticata-macros",
|
"rusticata-macros",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "derive-where"
|
||||||
|
version = "1.0.0-rc.3"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "d322f2907b2abad3117790c1a54d8f2d64574ba0fbea54cb6c6e66a0e50d99a4"
|
||||||
|
dependencies = [
|
||||||
|
"proc-macro2",
|
||||||
|
"quote",
|
||||||
|
"syn",
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "derive_builder"
|
name = "derive_builder"
|
||||||
version = "0.10.2"
|
version = "0.10.2"
|
||||||
@ -1066,6 +1119,17 @@ dependencies = [
|
|||||||
"generic-array",
|
"generic-array",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "digest"
|
||||||
|
version = "0.10.6"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "8168378f4e5023e7218c89c891c0fd8ecdb5e5e4f18cb78f38cf245dd021e76f"
|
||||||
|
dependencies = [
|
||||||
|
"block-buffer 0.10.3",
|
||||||
|
"crypto-common",
|
||||||
|
"subtle",
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "dirs"
|
name = "dirs"
|
||||||
version = "4.0.0"
|
version = "4.0.0"
|
||||||
@ -1092,17 +1156,6 @@ version = "1.0.4"
|
|||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "212d0f5754cb6769937f4501cc0e67f4f4483c8d2c3e1e922ee9edbe4ab4c7c0"
|
checksum = "212d0f5754cb6769937f4501cc0e67f4f4483c8d2c3e1e922ee9edbe4ab4c7c0"
|
||||||
|
|
||||||
[[package]]
|
|
||||||
name = "displaydoc"
|
|
||||||
version = "0.1.7"
|
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
||||||
checksum = "adc2ab4d5a16117f9029e9a6b5e4e79f4c67f6519bc134210d4d4a04ba31f41b"
|
|
||||||
dependencies = [
|
|
||||||
"proc-macro2",
|
|
||||||
"quote",
|
|
||||||
"syn",
|
|
||||||
]
|
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "displaydoc"
|
name = "displaydoc"
|
||||||
version = "0.2.3"
|
version = "0.2.3"
|
||||||
@ -1132,6 +1185,25 @@ version = "1.7.0"
|
|||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "3f107b87b6afc2a64fd13cac55fe06d6c8859f12d4b14cbcdd2c67d0976781be"
|
checksum = "3f107b87b6afc2a64fd13cac55fe06d6c8859f12d4b14cbcdd2c67d0976781be"
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "elliptic-curve"
|
||||||
|
version = "0.12.3"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "e7bb888ab5300a19b8e5bceef25ac745ad065f3c9f7efc6de1b91958110891d3"
|
||||||
|
dependencies = [
|
||||||
|
"base16ct",
|
||||||
|
"crypto-bigint 0.4.9",
|
||||||
|
"der 0.6.0",
|
||||||
|
"digest 0.10.6",
|
||||||
|
"ff",
|
||||||
|
"generic-array",
|
||||||
|
"group",
|
||||||
|
"rand_core 0.6.3",
|
||||||
|
"sec1",
|
||||||
|
"subtle",
|
||||||
|
"zeroize",
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "email-encoding"
|
name = "email-encoding"
|
||||||
version = "0.1.3"
|
version = "0.1.3"
|
||||||
@ -1157,6 +1229,12 @@ dependencies = [
|
|||||||
"cfg-if",
|
"cfg-if",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "event-listener"
|
||||||
|
version = "2.5.3"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "0206175f82b8d6bf6652ff7d71a1e27fd2e4efde587fd368662814d6ec1d9ce0"
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "failure"
|
name = "failure"
|
||||||
version = "0.1.8"
|
version = "0.1.8"
|
||||||
@ -1188,6 +1266,16 @@ dependencies = [
|
|||||||
"instant",
|
"instant",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "ff"
|
||||||
|
version = "0.12.1"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "d013fc25338cc558c5c2cfbad646908fb23591e2404481826742b651c9af7160"
|
||||||
|
dependencies = [
|
||||||
|
"rand_core 0.6.3",
|
||||||
|
"subtle",
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "figment"
|
name = "figment"
|
||||||
version = "0.10.6"
|
version = "0.10.6"
|
||||||
@ -1392,15 +1480,6 @@ dependencies = [
|
|||||||
"version_check",
|
"version_check",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
|
||||||
name = "generic-bytes"
|
|
||||||
version = "0.1.0"
|
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
||||||
checksum = "d6638d839bbd1cea640d8c5348dd82e0d545dbd364f3c2a251646eaf2ef0773b"
|
|
||||||
dependencies = [
|
|
||||||
"generic-array",
|
|
||||||
]
|
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "getrandom"
|
name = "getrandom"
|
||||||
version = "0.1.16"
|
version = "0.1.16"
|
||||||
@ -1602,6 +1681,17 @@ dependencies = [
|
|||||||
"syn",
|
"syn",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "group"
|
||||||
|
version = "0.12.1"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "5dfbfb3a6cfbd390d5c9564ab283a0349b9b9fcd46a706c1eb10e0db70bfbac7"
|
||||||
|
dependencies = [
|
||||||
|
"ff",
|
||||||
|
"rand_core 0.6.3",
|
||||||
|
"subtle",
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "h2"
|
name = "h2"
|
||||||
version = "0.3.13"
|
version = "0.3.13"
|
||||||
@ -1677,12 +1767,11 @@ checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70"
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "hkdf"
|
name = "hkdf"
|
||||||
version = "0.11.0"
|
version = "0.12.3"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "01706d578d5c281058480e673ae4086a9f4710d8df1ad80a5b03e39ece5f886b"
|
checksum = "791a029f6b9fc27657f6f188ec6e5e43f6911f6f878e0dc5501396e09809d437"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"digest",
|
"hmac 0.12.1",
|
||||||
"hmac 0.11.0",
|
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
@ -1691,18 +1780,17 @@ version = "0.10.1"
|
|||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "c1441c6b1e930e2817404b5046f1f989899143a12bf92de603b69f4e0aee1e15"
|
checksum = "c1441c6b1e930e2817404b5046f1f989899143a12bf92de603b69f4e0aee1e15"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"crypto-mac 0.10.1",
|
"crypto-mac",
|
||||||
"digest",
|
"digest 0.9.0",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "hmac"
|
name = "hmac"
|
||||||
version = "0.11.0"
|
version = "0.12.1"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "2a2a2320eb7ec0ebe8da8f744d7812d9fc4cb4d09344ac01898dbcb6a20ae69b"
|
checksum = "6c49c37c09c17a53d937dfbb742eb3a961d65a994e6bcdcf37e7399d0cc8ab5e"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"crypto-mac 0.11.1",
|
"digest 0.10.6",
|
||||||
"digest",
|
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
@ -1825,7 +1913,7 @@ version = "1.6.2"
|
|||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "824845a0bf897a9042383849b02c1bc219c2383772efcd5c6f9766fa4b81aef3"
|
checksum = "824845a0bf897a9042383849b02c1bc219c2383772efcd5c6f9766fa4b81aef3"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"autocfg 1.1.0",
|
"autocfg",
|
||||||
"hashbrown 0.9.1",
|
"hashbrown 0.9.1",
|
||||||
"serde",
|
"serde",
|
||||||
]
|
]
|
||||||
@ -1956,12 +2044,12 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
|
|||||||
checksum = "86e46349d67dc03bdbdb28da0337a355a53ca1d5156452722c36fe21d0e6389b"
|
checksum = "86e46349d67dc03bdbdb28da0337a355a53ca1d5156452722c36fe21d0e6389b"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"base64",
|
"base64",
|
||||||
"crypto-mac 0.10.1",
|
"crypto-mac",
|
||||||
"digest",
|
"digest 0.9.0",
|
||||||
"hmac 0.10.1",
|
"hmac 0.10.1",
|
||||||
"serde",
|
"serde",
|
||||||
"serde_json",
|
"serde_json",
|
||||||
"sha2",
|
"sha2 0.9.9",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
@ -2083,9 +2171,9 @@ checksum = "33a33a362ce288760ec6a508b94caaec573ae7d3bbbd91b87aa0bad4456839db"
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "libsqlite3-sys"
|
name = "libsqlite3-sys"
|
||||||
version = "0.23.2"
|
version = "0.24.2"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "d2cafc7c74096c336d9d27145f7ebd4f4b6f95ba16aa5a282387267e6925cb58"
|
checksum = "898745e570c7d0453cc1fbc4a701eb6c662ed54e8fec8b7d14be137ebeeb9d14"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"cc",
|
"cc",
|
||||||
"pkg-config",
|
"pkg-config",
|
||||||
@ -2147,7 +2235,7 @@ dependencies = [
|
|||||||
"serde",
|
"serde",
|
||||||
"serde_bytes",
|
"serde_bytes",
|
||||||
"serde_json",
|
"serde_json",
|
||||||
"sha2",
|
"sha2 0.9.9",
|
||||||
"sqlx",
|
"sqlx",
|
||||||
"sqlx-core",
|
"sqlx-core",
|
||||||
"thiserror",
|
"thiserror",
|
||||||
@ -2198,16 +2286,16 @@ dependencies = [
|
|||||||
name = "lldap_auth"
|
name = "lldap_auth"
|
||||||
version = "0.3.0-alpha.1"
|
version = "0.3.0-alpha.1"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
|
"argon2",
|
||||||
"chrono",
|
"chrono",
|
||||||
"curve25519-dalek",
|
"curve25519-dalek 3.2.0",
|
||||||
"digest",
|
"digest 0.9.0",
|
||||||
"generic-array",
|
"generic-array",
|
||||||
"getrandom 0.2.7",
|
"getrandom 0.2.7",
|
||||||
"opaque-ke",
|
"opaque-ke",
|
||||||
"rand 0.8.5",
|
"rand 0.8.5",
|
||||||
"rust-argon2",
|
|
||||||
"serde",
|
"serde",
|
||||||
"sha2",
|
"sha2 0.9.9",
|
||||||
"thiserror",
|
"thiserror",
|
||||||
]
|
]
|
||||||
|
|
||||||
@ -2235,7 +2323,7 @@ version = "0.4.7"
|
|||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "327fa5b6a6940e4699ec49a9beae1ea4845c6bab9314e4f84ac68742139d8c53"
|
checksum = "327fa5b6a6940e4699ec49a9beae1ea4845c6bab9314e4f84ac68742139d8c53"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"autocfg 1.1.0",
|
"autocfg",
|
||||||
"scopeguard",
|
"scopeguard",
|
||||||
]
|
]
|
||||||
|
|
||||||
@ -2265,13 +2353,11 @@ checksum = "a3e378b66a060d48947b590737b30a1be76706c8dd7b8ba0f2fe3989c68a853f"
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "md-5"
|
name = "md-5"
|
||||||
version = "0.9.1"
|
version = "0.10.5"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "7b5a279bb9607f9f53c22d496eade00d138d1bdcccd07d74650387cf94942a15"
|
checksum = "6365506850d44bff6e2fbcb5176cf63650e48bd45ef2fe2665ae1570e0f4b9ca"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"block-buffer",
|
"digest 0.10.6",
|
||||||
"digest",
|
|
||||||
"opaque-debug",
|
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
@ -2443,7 +2529,7 @@ version = "0.3.3"
|
|||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "5f6f7833f2cbf2360a6cfd58cd41a53aa7a90bd4c202f5b1c7dd2ed73c57b2c3"
|
checksum = "5f6f7833f2cbf2360a6cfd58cd41a53aa7a90bd4c202f5b1c7dd2ed73c57b2c3"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"autocfg 1.1.0",
|
"autocfg",
|
||||||
"num-integer",
|
"num-integer",
|
||||||
"num-traits",
|
"num-traits",
|
||||||
]
|
]
|
||||||
@ -2454,18 +2540,17 @@ version = "0.4.3"
|
|||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "f93ab6289c7b344a8a9f60f88d80aa20032336fe78da341afc91c8a2341fc75f"
|
checksum = "f93ab6289c7b344a8a9f60f88d80aa20032336fe78da341afc91c8a2341fc75f"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"autocfg 1.1.0",
|
"autocfg",
|
||||||
"num-integer",
|
"num-integer",
|
||||||
"num-traits",
|
"num-traits",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "num-bigint-dig"
|
name = "num-bigint-dig"
|
||||||
version = "0.7.0"
|
version = "0.8.2"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "4547ee5541c18742396ae2c895d0717d0f886d8823b8399cdaf7b07d63ad0480"
|
checksum = "2399c9463abc5f909349d8aa9ba080e0b88b3ce2885389b60b993f39b1a56905"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"autocfg 0.1.8",
|
|
||||||
"byteorder",
|
"byteorder",
|
||||||
"lazy_static",
|
"lazy_static",
|
||||||
"libm",
|
"libm",
|
||||||
@ -2483,7 +2568,7 @@ version = "0.1.45"
|
|||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "225d3389fb3509a24c93f5c29eb6bde2586b98d9f016636dff58d7c6f7569cd9"
|
checksum = "225d3389fb3509a24c93f5c29eb6bde2586b98d9f016636dff58d7c6f7569cd9"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"autocfg 1.1.0",
|
"autocfg",
|
||||||
"num-traits",
|
"num-traits",
|
||||||
]
|
]
|
||||||
|
|
||||||
@ -2493,7 +2578,7 @@ version = "0.1.43"
|
|||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "7d03e6c028c5dc5cac6e2dec0efda81fc887605bb3d884578bb6d6bf7514e252"
|
checksum = "7d03e6c028c5dc5cac6e2dec0efda81fc887605bb3d884578bb6d6bf7514e252"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"autocfg 1.1.0",
|
"autocfg",
|
||||||
"num-integer",
|
"num-integer",
|
||||||
"num-traits",
|
"num-traits",
|
||||||
]
|
]
|
||||||
@ -2504,7 +2589,7 @@ version = "0.4.1"
|
|||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "0638a1c9d0a3c0914158145bc76cff373a75a627e6ecbfb71cbe6f453a5a19b0"
|
checksum = "0638a1c9d0a3c0914158145bc76cff373a75a627e6ecbfb71cbe6f453a5a19b0"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"autocfg 1.1.0",
|
"autocfg",
|
||||||
"num-integer",
|
"num-integer",
|
||||||
"num-traits",
|
"num-traits",
|
||||||
]
|
]
|
||||||
@ -2515,7 +2600,7 @@ version = "0.2.15"
|
|||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "578ede34cf02f8924ab9447f50c28075b4d3e5b269972345e7e0372b38c6cdcd"
|
checksum = "578ede34cf02f8924ab9447f50c28075b4d3e5b269972345e7e0372b38c6cdcd"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"autocfg 1.1.0",
|
"autocfg",
|
||||||
"libm",
|
"libm",
|
||||||
]
|
]
|
||||||
|
|
||||||
@ -2570,22 +2655,23 @@ checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5"
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "opaque-ke"
|
name = "opaque-ke"
|
||||||
version = "0.6.1"
|
version = "2.0.0"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "507fdf0b89eabfde58445f88807f57f253f72236e44960ebf690d897803cd18d"
|
checksum = "76d410412d23781909d90c3900c5783e830586765f2277bccc78167da8af81a5"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"base64",
|
"curve25519-dalek 4.0.0-pre.1",
|
||||||
"curve25519-dalek",
|
"derive-where",
|
||||||
"digest",
|
"digest 0.10.6",
|
||||||
"displaydoc 0.1.7",
|
"displaydoc",
|
||||||
|
"elliptic-curve",
|
||||||
"generic-array",
|
"generic-array",
|
||||||
"generic-bytes",
|
"getrandom 0.2.7",
|
||||||
"hkdf",
|
"hkdf",
|
||||||
"hmac 0.11.0",
|
"hmac 0.12.1",
|
||||||
"rand 0.8.5",
|
"rand 0.8.5",
|
||||||
"serde",
|
"serde",
|
||||||
"subtle",
|
"subtle",
|
||||||
"thiserror",
|
"voprf",
|
||||||
"zeroize",
|
"zeroize",
|
||||||
]
|
]
|
||||||
|
|
||||||
@ -2661,6 +2747,17 @@ dependencies = [
|
|||||||
"windows-sys",
|
"windows-sys",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "password-hash"
|
||||||
|
version = "0.4.2"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "7676374caaee8a325c9e7a2ae557f216c5563a171d6997b0ef8a65af35147700"
|
||||||
|
dependencies = [
|
||||||
|
"base64ct",
|
||||||
|
"rand_core 0.6.3",
|
||||||
|
"subtle",
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "paste"
|
name = "paste"
|
||||||
version = "1.0.7"
|
version = "1.0.7"
|
||||||
@ -2692,9 +2789,9 @@ dependencies = [
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "pem-rfc7468"
|
name = "pem-rfc7468"
|
||||||
version = "0.2.4"
|
version = "0.3.1"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "84e93a3b1cc0510b03020f33f21e62acdde3dcaef432edc95bea377fbd4c2cd4"
|
checksum = "01de5d978f34aa4b2296576379fcc416034702fd94117c56ffd8a1a767cefb30"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"base64ct",
|
"base64ct",
|
||||||
]
|
]
|
||||||
@ -2739,24 +2836,22 @@ checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184"
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "pkcs1"
|
name = "pkcs1"
|
||||||
version = "0.2.4"
|
version = "0.3.3"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "116bee8279d783c0cf370efa1a94632f2108e5ef0bb32df31f051647810a4e2c"
|
checksum = "a78f66c04ccc83dd4486fd46c33896f4e17b24a7a3a6400dedc48ed0ddd72320"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"der",
|
"der 0.5.1",
|
||||||
"pem-rfc7468",
|
"pkcs8",
|
||||||
"zeroize",
|
"zeroize",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "pkcs8"
|
name = "pkcs8"
|
||||||
version = "0.7.6"
|
version = "0.8.0"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "ee3ef9b64d26bad0536099c816c6734379e45bbd5f14798def6809e5cc350447"
|
checksum = "7cabda3fb821068a9a4fab19a683eac3af12edf0f34b94a8be53c4972b8149d0"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"der",
|
"der 0.5.1",
|
||||||
"pem-rfc7468",
|
|
||||||
"pkcs1",
|
|
||||||
"spki",
|
"spki",
|
||||||
"zeroize",
|
"zeroize",
|
||||||
]
|
]
|
||||||
@ -3075,36 +3170,24 @@ dependencies = [
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "rsa"
|
name = "rsa"
|
||||||
version = "0.5.0"
|
version = "0.6.1"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "e05c2603e2823634ab331437001b411b9ed11660fbc4066f3908c84a9439260d"
|
checksum = "4cf22754c49613d2b3b119f0e5d46e34a2c628a937e3024b8762de4e7d8c710b"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"byteorder",
|
"byteorder",
|
||||||
"digest",
|
"digest 0.10.6",
|
||||||
"lazy_static",
|
|
||||||
"num-bigint-dig",
|
"num-bigint-dig",
|
||||||
"num-integer",
|
"num-integer",
|
||||||
"num-iter",
|
"num-iter",
|
||||||
"num-traits",
|
"num-traits",
|
||||||
"pkcs1",
|
"pkcs1",
|
||||||
"pkcs8",
|
"pkcs8",
|
||||||
"rand 0.8.5",
|
"rand_core 0.6.3",
|
||||||
|
"smallvec",
|
||||||
"subtle",
|
"subtle",
|
||||||
"zeroize",
|
"zeroize",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
|
||||||
name = "rust-argon2"
|
|
||||||
version = "0.8.3"
|
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
||||||
checksum = "4b18820d944b33caa75a71378964ac46f58517c92b6ae5f762636247c09e78fb"
|
|
||||||
dependencies = [
|
|
||||||
"base64",
|
|
||||||
"blake2b_simd",
|
|
||||||
"constant_time_eq",
|
|
||||||
"crossbeam-utils",
|
|
||||||
]
|
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "rustc-demangle"
|
name = "rustc-demangle"
|
||||||
version = "0.1.21"
|
version = "0.1.21"
|
||||||
@ -3271,6 +3354,19 @@ dependencies = [
|
|||||||
"syn",
|
"syn",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "sec1"
|
||||||
|
version = "0.3.0"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "3be24c1842290c45df0a7bf069e0c268a747ad05a192f2fd7dcfdbc1cba40928"
|
||||||
|
dependencies = [
|
||||||
|
"base16ct",
|
||||||
|
"der 0.6.0",
|
||||||
|
"generic-array",
|
||||||
|
"subtle",
|
||||||
|
"zeroize",
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "secstr"
|
name = "secstr"
|
||||||
version = "0.5.0"
|
version = "0.5.0"
|
||||||
@ -3384,13 +3480,24 @@ version = "0.9.8"
|
|||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "99cd6713db3cf16b6c84e06321e049a9b9f699826e16096d23bbcc44d15d51a6"
|
checksum = "99cd6713db3cf16b6c84e06321e049a9b9f699826e16096d23bbcc44d15d51a6"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"block-buffer",
|
"block-buffer 0.9.0",
|
||||||
"cfg-if",
|
"cfg-if",
|
||||||
"cpufeatures",
|
"cpufeatures",
|
||||||
"digest",
|
"digest 0.9.0",
|
||||||
"opaque-debug",
|
"opaque-debug",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "sha-1"
|
||||||
|
version = "0.10.0"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "028f48d513f9678cda28f6e4064755b3fbb2af6acd672f2c209b62323f7aea0f"
|
||||||
|
dependencies = [
|
||||||
|
"cfg-if",
|
||||||
|
"cpufeatures",
|
||||||
|
"digest 0.10.6",
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "sha1"
|
name = "sha1"
|
||||||
version = "0.6.1"
|
version = "0.6.1"
|
||||||
@ -3412,13 +3519,24 @@ version = "0.9.9"
|
|||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "4d58a1e1bf39749807d89cf2d98ac2dfa0ff1cb3faa38fbb64dd88ac8013d800"
|
checksum = "4d58a1e1bf39749807d89cf2d98ac2dfa0ff1cb3faa38fbb64dd88ac8013d800"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"block-buffer",
|
"block-buffer 0.9.0",
|
||||||
"cfg-if",
|
"cfg-if",
|
||||||
"cpufeatures",
|
"cpufeatures",
|
||||||
"digest",
|
"digest 0.9.0",
|
||||||
"opaque-debug",
|
"opaque-debug",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "sha2"
|
||||||
|
version = "0.10.6"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "82e6b795fe2e3b1e845bafcb27aa35405c4d47cdfc92af5fc8d3002f76cebdc0"
|
||||||
|
dependencies = [
|
||||||
|
"cfg-if",
|
||||||
|
"cpufeatures",
|
||||||
|
"digest 0.10.6",
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "sharded-slab"
|
name = "sharded-slab"
|
||||||
version = "0.1.4"
|
version = "0.1.4"
|
||||||
@ -3466,9 +3584,9 @@ checksum = "eb703cfe953bccee95685111adeedb76fabe4e97549a58d16f03ea7b9367bb32"
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "smallvec"
|
name = "smallvec"
|
||||||
version = "1.9.0"
|
version = "1.10.0"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "2fd0db749597d91ff862fd1d55ea87f7855a744a8425a64695b6fca237d1dad1"
|
checksum = "a507befe795404456341dfab10cef66ead4c041f62b8b11bbb92bffe5d0953e0"
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "smartstring"
|
name = "smartstring"
|
||||||
@ -3512,11 +3630,12 @@ dependencies = [
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "spki"
|
name = "spki"
|
||||||
version = "0.4.1"
|
version = "0.5.4"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "5c01a0c15da1b0b0e1494112e7af814a678fec9bd157881b49beac661e9b6f32"
|
checksum = "44d01ac02a6ccf3e07db148d2be087da624fea0221a16152ed01f0496a6b0a27"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"der",
|
"base64ct",
|
||||||
|
"der 0.5.1",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
@ -3542,9 +3661,9 @@ dependencies = [
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "sqlx-core"
|
name = "sqlx-core"
|
||||||
version = "0.5.11"
|
version = "0.5.13"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "195183bf6ff8328bb82c0511a83faf60aacf75840103388851db61d7a9854ae3"
|
checksum = "e48c61941ccf5ddcada342cd59e3e5173b007c509e1e8e990dafc830294d9dc5"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"ahash",
|
"ahash",
|
||||||
"atoi",
|
"atoi",
|
||||||
@ -3555,9 +3674,10 @@ dependencies = [
|
|||||||
"chrono",
|
"chrono",
|
||||||
"crc",
|
"crc",
|
||||||
"crossbeam-queue",
|
"crossbeam-queue",
|
||||||
"digest",
|
"digest 0.10.6",
|
||||||
"dirs",
|
"dirs",
|
||||||
"either",
|
"either",
|
||||||
|
"event-listener",
|
||||||
"flume",
|
"flume",
|
||||||
"futures-channel",
|
"futures-channel",
|
||||||
"futures-core",
|
"futures-core",
|
||||||
@ -3567,7 +3687,8 @@ dependencies = [
|
|||||||
"generic-array",
|
"generic-array",
|
||||||
"hashlink",
|
"hashlink",
|
||||||
"hex",
|
"hex",
|
||||||
"hmac 0.11.0",
|
"hkdf",
|
||||||
|
"hmac 0.12.1",
|
||||||
"indexmap",
|
"indexmap",
|
||||||
"itoa 1.0.2",
|
"itoa 1.0.2",
|
||||||
"libc",
|
"libc",
|
||||||
@ -3584,8 +3705,8 @@ dependencies = [
|
|||||||
"rustls 0.19.1",
|
"rustls 0.19.1",
|
||||||
"serde",
|
"serde",
|
||||||
"serde_json",
|
"serde_json",
|
||||||
"sha-1",
|
"sha-1 0.10.0",
|
||||||
"sha2",
|
"sha2 0.10.6",
|
||||||
"smallvec",
|
"smallvec",
|
||||||
"sqlformat",
|
"sqlformat",
|
||||||
"sqlx-rt",
|
"sqlx-rt",
|
||||||
@ -3610,7 +3731,7 @@ dependencies = [
|
|||||||
"once_cell",
|
"once_cell",
|
||||||
"proc-macro2",
|
"proc-macro2",
|
||||||
"quote",
|
"quote",
|
||||||
"sha2",
|
"sha2 0.9.9",
|
||||||
"sqlx-core",
|
"sqlx-core",
|
||||||
"sqlx-rt",
|
"sqlx-rt",
|
||||||
"syn",
|
"syn",
|
||||||
@ -4291,6 +4412,25 @@ version = "1.0.2"
|
|||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "6a02e4885ed3bc0f2de90ea6dd45ebcbb66dacffe03547fadbb0eeae2770887d"
|
checksum = "6a02e4885ed3bc0f2de90ea6dd45ebcbb66dacffe03547fadbb0eeae2770887d"
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "voprf"
|
||||||
|
version = "0.4.0-pre.3"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "081acbe8fcf05d5e8e2aad8ef3d40e02eddeaec07c75a9770d862a0fc0874322"
|
||||||
|
dependencies = [
|
||||||
|
"curve25519-dalek 4.0.0-pre.1",
|
||||||
|
"derive-where",
|
||||||
|
"digest 0.10.6",
|
||||||
|
"displaydoc",
|
||||||
|
"elliptic-curve",
|
||||||
|
"generic-array",
|
||||||
|
"rand_core 0.6.3",
|
||||||
|
"serde",
|
||||||
|
"sha2 0.10.6",
|
||||||
|
"subtle",
|
||||||
|
"zeroize",
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "want"
|
name = "want"
|
||||||
version = "0.3.0"
|
version = "0.3.0"
|
||||||
@ -4671,9 +4811,9 @@ dependencies = [
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "zeroize"
|
name = "zeroize"
|
||||||
version = "1.1.1"
|
version = "1.5.7"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "05f33972566adbd2d3588b0491eb94b98b43695c4ef897903470ede4f3f5a28a"
|
checksum = "c394b5bd0c6f669e7275d9c20aa90ae064cb22e75a1cad54e1b34088034b149f"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"zeroize_derive",
|
"zeroize_derive",
|
||||||
]
|
]
|
||||||
|
@ -73,9 +73,12 @@ pub struct Props {
|
|||||||
pub enum Msg {
|
pub enum Msg {
|
||||||
FormUpdate,
|
FormUpdate,
|
||||||
Submit,
|
Submit,
|
||||||
AuthenticationStartResponse(Result<Box<login::ServerLoginStartResponse>>),
|
AuthenticationStartResponse(String, Result<Box<login::ServerLoginStartResponse>>),
|
||||||
SubmitNewPassword,
|
SubmitNewPassword,
|
||||||
RegistrationStartResponse(Result<Box<registration::ServerRegistrationStartResponse>>),
|
RegistrationStartResponse(
|
||||||
|
String,
|
||||||
|
Result<Box<registration::ServerRegistrationStartResponse>>,
|
||||||
|
),
|
||||||
RegistrationFinishResponse(Result<()>),
|
RegistrationFinishResponse(Result<()>),
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -103,29 +106,28 @@ impl CommonComponent<ChangePasswordForm> for ChangePasswordForm {
|
|||||||
username: self.common.username.clone(),
|
username: self.common.username.clone(),
|
||||||
login_start_request: login_start_request.message,
|
login_start_request: login_start_request.message,
|
||||||
};
|
};
|
||||||
self.common.call_backend(
|
self.common
|
||||||
HostService::login_start,
|
.call_backend(HostService::login_start, req, |r| {
|
||||||
req,
|
Msg::AuthenticationStartResponse(old_password, r)
|
||||||
Msg::AuthenticationStartResponse,
|
})?;
|
||||||
)?;
|
|
||||||
Ok(true)
|
Ok(true)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
Msg::AuthenticationStartResponse(res) => {
|
Msg::AuthenticationStartResponse(old_password, res) => {
|
||||||
let res = res.context("Could not initiate login")?;
|
let res = res.context("Could not initiate login")?;
|
||||||
match self.opaque_data.take() {
|
match self.opaque_data.take() {
|
||||||
OpaqueData::Login(l) => {
|
OpaqueData::Login(l) => {
|
||||||
opaque::client::login::finish_login(l, res.credential_response).map_err(
|
opaque::client::login::finish_login(
|
||||||
|e| {
|
&old_password,
|
||||||
// Common error, we want to print a full error to the console but only a
|
l,
|
||||||
// simple one to the user.
|
res.credential_response,
|
||||||
ConsoleService::error(&format!(
|
)
|
||||||
"Invalid username or password: {}",
|
.map_err(|e| {
|
||||||
e
|
// Common error, we want to print a full error to the console but only a
|
||||||
));
|
// simple one to the user.
|
||||||
anyhow!("Invalid username or password")
|
ConsoleService::error(&format!("Invalid username or password: {}", e));
|
||||||
},
|
anyhow!("Invalid username or password")
|
||||||
)?;
|
})?;
|
||||||
}
|
}
|
||||||
_ => panic!("Unexpected data in opaque_data field"),
|
_ => panic!("Unexpected data in opaque_data field"),
|
||||||
};
|
};
|
||||||
@ -142,20 +144,20 @@ impl CommonComponent<ChangePasswordForm> for ChangePasswordForm {
|
|||||||
registration_start_request: registration_start_request.message,
|
registration_start_request: registration_start_request.message,
|
||||||
};
|
};
|
||||||
self.opaque_data = OpaqueData::Registration(registration_start_request.state);
|
self.opaque_data = OpaqueData::Registration(registration_start_request.state);
|
||||||
self.common.call_backend(
|
self.common
|
||||||
HostService::register_start,
|
.call_backend(HostService::register_start, req, |r| {
|
||||||
req,
|
Msg::RegistrationStartResponse(new_password, r)
|
||||||
Msg::RegistrationStartResponse,
|
})?;
|
||||||
)?;
|
|
||||||
Ok(true)
|
Ok(true)
|
||||||
}
|
}
|
||||||
Msg::RegistrationStartResponse(res) => {
|
Msg::RegistrationStartResponse(new_password, res) => {
|
||||||
let res = res.context("Could not initiate password change")?;
|
let res = res.context("Could not initiate password change")?;
|
||||||
match self.opaque_data.take() {
|
match self.opaque_data.take() {
|
||||||
OpaqueData::Registration(registration) => {
|
OpaqueData::Registration(registration) => {
|
||||||
let mut rng = rand::rngs::OsRng;
|
let mut rng = rand::rngs::OsRng;
|
||||||
let registration_finish =
|
let registration_finish =
|
||||||
opaque::client::registration::finish_registration(
|
opaque::client::registration::finish_registration(
|
||||||
|
&new_password,
|
||||||
registration,
|
registration,
|
||||||
res.registration_response,
|
res.registration_response,
|
||||||
&mut rng,
|
&mut rng,
|
||||||
|
@ -65,10 +65,9 @@ pub enum Msg {
|
|||||||
CreateUserResponse(Result<create_user::ResponseData>),
|
CreateUserResponse(Result<create_user::ResponseData>),
|
||||||
SuccessfulCreation,
|
SuccessfulCreation,
|
||||||
RegistrationStartResponse(
|
RegistrationStartResponse(
|
||||||
(
|
String,
|
||||||
opaque::client::registration::ClientRegistration,
|
opaque::client::registration::ClientRegistration,
|
||||||
Result<Box<registration::ServerRegistrationStartResponse>>,
|
Result<Box<registration::ServerRegistrationStartResponse>>,
|
||||||
),
|
|
||||||
),
|
),
|
||||||
RegistrationFinishResponse(Result<()>),
|
RegistrationFinishResponse(Result<()>),
|
||||||
}
|
}
|
||||||
@ -124,7 +123,7 @@ impl CommonComponent<CreateUserForm> for CreateUserForm {
|
|||||||
};
|
};
|
||||||
self.common
|
self.common
|
||||||
.call_backend(HostService::register_start, req, move |r| {
|
.call_backend(HostService::register_start, req, move |r| {
|
||||||
Msg::RegistrationStartResponse((state, r))
|
Msg::RegistrationStartResponse(password, state, r)
|
||||||
})
|
})
|
||||||
.context("Error trying to create user")?;
|
.context("Error trying to create user")?;
|
||||||
} else {
|
} else {
|
||||||
@ -132,10 +131,11 @@ impl CommonComponent<CreateUserForm> for CreateUserForm {
|
|||||||
}
|
}
|
||||||
Ok(false)
|
Ok(false)
|
||||||
}
|
}
|
||||||
Msg::RegistrationStartResponse((registration_start, response)) => {
|
Msg::RegistrationStartResponse(password, registration_start, response) => {
|
||||||
let response = response?;
|
let response = response?;
|
||||||
let mut rng = rand::rngs::OsRng;
|
let mut rng = rand::rngs::OsRng;
|
||||||
let registration_upload = opaque::client::registration::finish_registration(
|
let registration_upload = opaque::client::registration::finish_registration(
|
||||||
|
&password,
|
||||||
registration_start,
|
registration_start,
|
||||||
response.registration_response,
|
response.registration_response,
|
||||||
&mut rng,
|
&mut rng,
|
||||||
|
@ -32,15 +32,15 @@ pub struct Props {
|
|||||||
pub on_logged_in: Callback<(String, bool)>,
|
pub on_logged_in: Callback<(String, bool)>,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[allow(clippy::large_enum_variant)]
|
||||||
pub enum Msg {
|
pub enum Msg {
|
||||||
Update,
|
Update,
|
||||||
Submit,
|
Submit,
|
||||||
AuthenticationRefreshResponse(Result<(String, bool)>),
|
AuthenticationRefreshResponse(Result<(String, bool)>),
|
||||||
AuthenticationStartResponse(
|
AuthenticationStartResponse(
|
||||||
(
|
opaque::client::login::ClientLogin,
|
||||||
opaque::client::login::ClientLogin,
|
String,
|
||||||
Result<Box<login::ServerLoginStartResponse>>,
|
Result<Box<login::ServerLoginStartResponse>>,
|
||||||
),
|
|
||||||
),
|
),
|
||||||
AuthenticationFinishResponse(Result<(String, bool)>),
|
AuthenticationFinishResponse(Result<(String, bool)>),
|
||||||
}
|
}
|
||||||
@ -64,25 +64,27 @@ impl CommonComponent<LoginForm> for LoginForm {
|
|||||||
};
|
};
|
||||||
self.common
|
self.common
|
||||||
.call_backend(HostService::login_start, req, move |r| {
|
.call_backend(HostService::login_start, req, move |r| {
|
||||||
Msg::AuthenticationStartResponse((state, r))
|
Msg::AuthenticationStartResponse(state, password, r)
|
||||||
})?;
|
})?;
|
||||||
Ok(true)
|
Ok(true)
|
||||||
}
|
}
|
||||||
Msg::AuthenticationStartResponse((login_start, res)) => {
|
Msg::AuthenticationStartResponse(login_start, password, res) => {
|
||||||
let res = res.context("Could not log in (invalid response to login start)")?;
|
let res = res.context("Could not log in (invalid response to login start)")?;
|
||||||
let login_finish =
|
let login_finish = match opaque::client::login::finish_login(
|
||||||
match opaque::client::login::finish_login(login_start, res.credential_response)
|
&password,
|
||||||
{
|
login_start,
|
||||||
Err(e) => {
|
res.credential_response,
|
||||||
// Common error, we want to print a full error to the console but only a
|
) {
|
||||||
// simple one to the user.
|
Err(e) => {
|
||||||
ConsoleService::error(&format!("Invalid username or password: {}", e));
|
// Common error, we want to print a full error to the console but only a
|
||||||
self.common.error = Some(anyhow!("Invalid username or password"));
|
// simple one to the user.
|
||||||
self.common.cancel_task();
|
ConsoleService::error(&format!("Invalid username or password: {}", e));
|
||||||
return Ok(true);
|
self.common.error = Some(anyhow!("Invalid username or password"));
|
||||||
}
|
self.common.cancel_task();
|
||||||
Ok(l) => l,
|
return Ok(true);
|
||||||
};
|
}
|
||||||
|
Ok(l) => l,
|
||||||
|
};
|
||||||
let req = login::ClientLoginFinishRequest {
|
let req = login::ClientLoginFinishRequest {
|
||||||
server_data: res.server_data,
|
server_data: res.server_data,
|
||||||
credential_finalization: login_finish.message,
|
credential_finalization: login_finish.message,
|
||||||
|
@ -45,7 +45,10 @@ pub enum Msg {
|
|||||||
ValidateTokenResponse(Result<ServerPasswordResetResponse>),
|
ValidateTokenResponse(Result<ServerPasswordResetResponse>),
|
||||||
FormUpdate,
|
FormUpdate,
|
||||||
Submit,
|
Submit,
|
||||||
RegistrationStartResponse(Result<Box<registration::ServerRegistrationStartResponse>>),
|
RegistrationStartResponse(
|
||||||
|
String,
|
||||||
|
Result<Box<registration::ServerRegistrationStartResponse>>,
|
||||||
|
),
|
||||||
RegistrationFinishResponse(Result<()>),
|
RegistrationFinishResponse(Result<()>),
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -72,18 +75,18 @@ impl CommonComponent<ResetPasswordStep2Form> for ResetPasswordStep2Form {
|
|||||||
registration_start_request: registration_start_request.message,
|
registration_start_request: registration_start_request.message,
|
||||||
};
|
};
|
||||||
self.opaque_data = Some(registration_start_request.state);
|
self.opaque_data = Some(registration_start_request.state);
|
||||||
self.common.call_backend(
|
self.common
|
||||||
HostService::register_start,
|
.call_backend(HostService::register_start, req, |r| {
|
||||||
req,
|
Msg::RegistrationStartResponse(new_password, r)
|
||||||
Msg::RegistrationStartResponse,
|
})?;
|
||||||
)?;
|
|
||||||
Ok(true)
|
Ok(true)
|
||||||
}
|
}
|
||||||
Msg::RegistrationStartResponse(res) => {
|
Msg::RegistrationStartResponse(new_password, res) => {
|
||||||
let res = res.context("Could not initiate password change")?;
|
let res = res.context("Could not initiate password change")?;
|
||||||
let registration = self.opaque_data.take().expect("Missing registration data");
|
let registration = self.opaque_data.take().expect("Missing registration data");
|
||||||
let mut rng = rand::rngs::OsRng;
|
let mut rng = rand::rngs::OsRng;
|
||||||
let registration_finish = opaque_registration::finish_registration(
|
let registration_finish = opaque_registration::finish_registration(
|
||||||
|
&new_password,
|
||||||
registration,
|
registration,
|
||||||
res.registration_response,
|
res.registration_response,
|
||||||
&mut rng,
|
&mut rng,
|
||||||
|
@ -11,7 +11,7 @@ opaque_client = []
|
|||||||
js = []
|
js = []
|
||||||
|
|
||||||
[dependencies]
|
[dependencies]
|
||||||
rust-argon2 = "0.8"
|
argon2 = "*"
|
||||||
curve25519-dalek = "3"
|
curve25519-dalek = "3"
|
||||||
digest = "0.9"
|
digest = "0.9"
|
||||||
generic-array = "*"
|
generic-array = "*"
|
||||||
@ -21,7 +21,8 @@ sha2 = "0.9"
|
|||||||
thiserror = "*"
|
thiserror = "*"
|
||||||
|
|
||||||
[dependencies.opaque-ke]
|
[dependencies.opaque-ke]
|
||||||
version = "0.6"
|
version = "2"
|
||||||
|
features = ["std"]
|
||||||
|
|
||||||
[dependencies.chrono]
|
[dependencies.chrono]
|
||||||
version = "*"
|
version = "*"
|
||||||
|
@ -10,40 +10,46 @@ pub enum AuthenticationError {
|
|||||||
pub type AuthenticationResult<T> = std::result::Result<T, AuthenticationError>;
|
pub type AuthenticationResult<T> = std::result::Result<T, AuthenticationError>;
|
||||||
|
|
||||||
pub use opaque_ke::keypair::{PrivateKey, PublicKey};
|
pub use opaque_ke::keypair::{PrivateKey, PublicKey};
|
||||||
pub type KeyPair = opaque_ke::keypair::KeyPair<<DefaultSuite as CipherSuite>::Group>;
|
pub type KeyPair = opaque_ke::keypair::KeyPair<<DefaultSuite as CipherSuite>::KeGroup>;
|
||||||
|
|
||||||
/// A wrapper around argon2 to provide the [`opaque_ke::slow_hash::SlowHash`] trait.
|
/// A wrapper around argon2 to provide the [`opaque_ke::slow_hash::SlowHash`] trait.
|
||||||
pub struct ArgonHasher;
|
pub struct ArgonHasher {
|
||||||
|
hasher: argon2::Argon2<'static>,
|
||||||
|
}
|
||||||
|
|
||||||
/// The Argon hasher used for bruteforce protection.
|
/// The Argon hasher used for bruteforce protection.
|
||||||
///
|
///
|
||||||
/// Note that it isn't used to "hash the passwords", so it doesn't need a variable salt. Instead,
|
/// Note that it isn't used to "hash the passwords", so it doesn't need a variable salt. Instead,
|
||||||
/// it's used as part of the OPAQUE protocol to add a slow hashing method, making bruteforce
|
/// it's used as part of the OPAQUE protocol to add a slow hashing method, making bruteforce
|
||||||
/// attacks prohibitively more expensive.
|
/// attacks prohibitively more expensive.
|
||||||
impl ArgonHasher {
|
impl Default for ArgonHasher {
|
||||||
/// Fixed salt, doesn't affect the security. It is only used to make attacks more
|
fn default() -> Self {
|
||||||
/// computationally intensive, it doesn't serve any security purpose.
|
ArgonHasher {
|
||||||
const SALT: &'static [u8] = b"lldap_opaque_salt";
|
hasher: argon2::Argon2::new(
|
||||||
/// Config for the argon hasher. Security enthusiasts may want to tweak this for their system.
|
argon2::Algorithm::Argon2id,
|
||||||
const CONFIG: &'static argon2::Config<'static> = &argon2::Config {
|
argon2::Version::default(),
|
||||||
ad: &[],
|
argon2::Params::new(
|
||||||
hash_length: 128,
|
50 * 1024, // 50 MB, in KB
|
||||||
lanes: 1,
|
1,
|
||||||
mem_cost: 50 * 1024, // 50 MB, in KB
|
1,
|
||||||
secret: &[],
|
Some(64),
|
||||||
thread_mode: argon2::ThreadMode::Sequential,
|
)
|
||||||
time_cost: 1,
|
.unwrap(),
|
||||||
variant: argon2::Variant::Argon2id,
|
),
|
||||||
version: argon2::Version::Version13,
|
}
|
||||||
};
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
impl<D: opaque_ke::hash::Hash> opaque_ke::slow_hash::SlowHash<D> for ArgonHasher {
|
impl opaque_ke::ksf::Ksf for ArgonHasher {
|
||||||
fn hash(
|
fn hash<L: generic_array::ArrayLength<u8>>(
|
||||||
input: generic_array::GenericArray<u8, <D as digest::Digest>::OutputSize>,
|
&self,
|
||||||
) -> Result<Vec<u8>, opaque_ke::errors::InternalPakeError> {
|
input: generic_array::GenericArray<u8, L>,
|
||||||
argon2::hash_raw(&input, Self::SALT, Self::CONFIG)
|
) -> Result<generic_array::GenericArray<u8, L>, opaque_ke::errors::InternalError> {
|
||||||
.map_err(|_| opaque_ke::errors::InternalPakeError::HashingFailure)
|
let mut output = generic_array::GenericArray::<u8, L>::default();
|
||||||
|
self.hasher
|
||||||
|
.hash_password_into(&input, &[0; 16], &mut output)
|
||||||
|
.map_err(|_| opaque_ke::errors::InternalError::KsfError)?;
|
||||||
|
Ok(output)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -52,11 +58,11 @@ impl<D: opaque_ke::hash::Hash> opaque_ke::slow_hash::SlowHash<D> for ArgonHasher
|
|||||||
#[allow(dead_code)]
|
#[allow(dead_code)]
|
||||||
pub struct DefaultSuite;
|
pub struct DefaultSuite;
|
||||||
impl CipherSuite for DefaultSuite {
|
impl CipherSuite for DefaultSuite {
|
||||||
type Group = curve25519_dalek::ristretto::RistrettoPoint;
|
type OprfCs = opaque_ke::Ristretto255;
|
||||||
type KeyExchange = opaque_ke::key_exchange::tripledh::TripleDH;
|
type KeGroup = opaque_ke::Ristretto255;
|
||||||
type Hash = sha2::Sha512;
|
type KeyExchange = opaque_ke::key_exchange::tripledh::TripleDh;
|
||||||
/// Use argon2 as the slow hashing algorithm for our CipherSuite.
|
|
||||||
type SlowHash = ArgonHasher;
|
type Ksf = ArgonHasher;
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Client-side code for OPAQUE protocol handling, to register a new user and login. All methods'
|
/// Client-side code for OPAQUE protocol handling, to register a new user and login. All methods'
|
||||||
@ -85,12 +91,14 @@ pub mod client {
|
|||||||
|
|
||||||
/// Finalize the registration negotiation.
|
/// Finalize the registration negotiation.
|
||||||
pub fn finish_registration<R: RngCore + CryptoRng>(
|
pub fn finish_registration<R: RngCore + CryptoRng>(
|
||||||
|
password: &str,
|
||||||
registration_start: ClientRegistration,
|
registration_start: ClientRegistration,
|
||||||
registration_response: RegistrationResponse,
|
registration_response: RegistrationResponse,
|
||||||
rng: &mut R,
|
rng: &mut R,
|
||||||
) -> AuthenticationResult<ClientRegistrationFinishResult> {
|
) -> AuthenticationResult<ClientRegistrationFinishResult> {
|
||||||
Ok(registration_start.finish(
|
Ok(registration_start.finish(
|
||||||
rng,
|
rng,
|
||||||
|
password.as_bytes(),
|
||||||
registration_response,
|
registration_response,
|
||||||
ClientRegistrationFinishParameters::default(),
|
ClientRegistrationFinishParameters::default(),
|
||||||
)?)
|
)?)
|
||||||
@ -117,10 +125,15 @@ pub mod client {
|
|||||||
|
|
||||||
/// Finalize the client login negotiation.
|
/// Finalize the client login negotiation.
|
||||||
pub fn finish_login(
|
pub fn finish_login(
|
||||||
|
password: &str,
|
||||||
login_start: ClientLogin,
|
login_start: ClientLogin,
|
||||||
login_response: CredentialResponse,
|
login_response: CredentialResponse,
|
||||||
) -> AuthenticationResult<ClientLoginFinishResult> {
|
) -> AuthenticationResult<ClientLoginFinishResult> {
|
||||||
Ok(login_start.finish(login_response, ClientLoginFinishParameters::default())?)
|
Ok(login_start.finish(
|
||||||
|
password.as_bytes(),
|
||||||
|
login_response,
|
||||||
|
ClientLoginFinishParameters::default(),
|
||||||
|
)?)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -151,7 +151,7 @@ fn try_login(
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
let login_start_response = response.json::<lldap_auth::login::ServerLoginStartResponse>()?;
|
let login_start_response = response.json::<lldap_auth::login::ServerLoginStartResponse>()?;
|
||||||
let login_finish = finish_login(state, login_start_response.credential_response)?;
|
let login_finish = finish_login(password, state, login_start_response.credential_response)?;
|
||||||
let req = ClientLoginFinishRequest {
|
let req = ClientLoginFinishRequest {
|
||||||
server_data: login_start_response.server_data,
|
server_data: login_start_response.server_data,
|
||||||
credential_finalization: login_finish.message,
|
credential_finalization: login_finish.message,
|
||||||
|
@ -94,7 +94,8 @@ version = "0.1"
|
|||||||
features = ["with-chrono", "sqlx-sqlite", "sqlx-any"]
|
features = ["with-chrono", "sqlx-sqlite", "sqlx-any"]
|
||||||
|
|
||||||
[dependencies.opaque-ke]
|
[dependencies.opaque-ke]
|
||||||
version = "0.6"
|
version = "2"
|
||||||
|
features = ["std"]
|
||||||
|
|
||||||
[dependencies.rand]
|
[dependencies.rand]
|
||||||
features = ["small_rng", "getrandom"]
|
features = ["small_rng", "getrandom"]
|
||||||
|
@ -261,6 +261,7 @@ pub struct UpdateGroupRequest {
|
|||||||
#[async_trait]
|
#[async_trait]
|
||||||
pub trait LoginHandler: Clone + Send {
|
pub trait LoginHandler: Clone + Send {
|
||||||
async fn bind(&self, request: BindRequest) -> Result<()>;
|
async fn bind(&self, request: BindRequest) -> Result<()>;
|
||||||
|
async fn set_password(&self, request: BindRequest) -> Result<()>;
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Debug, Copy, Clone, PartialEq, Eq, Hash, Serialize, Deserialize, sqlx::Type)]
|
#[derive(Debug, Copy, Clone, PartialEq, Eq, Hash, Serialize, Deserialize, sqlx::Type)]
|
||||||
@ -339,6 +340,7 @@ mockall::mock! {
|
|||||||
#[async_trait]
|
#[async_trait]
|
||||||
impl LoginHandler for TestBackendHandler {
|
impl LoginHandler for TestBackendHandler {
|
||||||
async fn bind(&self, request: BindRequest) -> Result<()>;
|
async fn bind(&self, request: BindRequest) -> Result<()>;
|
||||||
|
async fn set_password(&self, request: BindRequest) -> Result<()>;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -34,7 +34,7 @@ pub mod tests {
|
|||||||
|
|
||||||
pub async fn get_initialized_db() -> Pool {
|
pub async fn get_initialized_db() -> Pool {
|
||||||
let sql_pool = get_in_memory_db().await;
|
let sql_pool = get_in_memory_db().await;
|
||||||
init_table(&sql_pool).await.unwrap();
|
init_table(&sql_pool, &get_default_config()).await.unwrap();
|
||||||
sql_pool
|
sql_pool
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -52,6 +52,7 @@ pub mod tests {
|
|||||||
.await
|
.await
|
||||||
.unwrap();
|
.unwrap();
|
||||||
let registration_upload = opaque::client::registration::finish_registration(
|
let registration_upload = opaque::client::registration::finish_registration(
|
||||||
|
pass,
|
||||||
client_registration_start.state,
|
client_registration_start.state,
|
||||||
response.registration_response,
|
response.registration_response,
|
||||||
&mut rng,
|
&mut rng,
|
||||||
|
@ -1,5 +1,8 @@
|
|||||||
|
use crate::infra::configuration::Configuration;
|
||||||
|
|
||||||
use super::{
|
use super::{
|
||||||
handler::{GroupId, UserId, Uuid},
|
handler::{GroupId, LoginHandler, UserId, Uuid},
|
||||||
|
sql_backend_handler::SqlBackendHandler,
|
||||||
sql_tables::{
|
sql_tables::{
|
||||||
DbQueryBuilder, DbRow, Groups, Memberships, Metadata, Pool, SchemaVersion, Users,
|
DbQueryBuilder, DbRow, Groups, Memberships, Metadata, Pool, SchemaVersion, Users,
|
||||||
},
|
},
|
||||||
@ -7,7 +10,7 @@ use super::{
|
|||||||
use sea_query::*;
|
use sea_query::*;
|
||||||
use sea_query_binder::SqlxBinder;
|
use sea_query_binder::SqlxBinder;
|
||||||
use sqlx::Row;
|
use sqlx::Row;
|
||||||
use tracing::{debug, warn};
|
use tracing::{debug, info, warn};
|
||||||
|
|
||||||
pub async fn create_group(group_name: &str, pool: &Pool) -> sqlx::Result<()> {
|
pub async fn create_group(group_name: &str, pool: &Pool) -> sqlx::Result<()> {
|
||||||
let now = chrono::Utc::now();
|
let now = chrono::Utc::now();
|
||||||
@ -45,6 +48,7 @@ pub async fn get_schema_version(pool: &Pool) -> Option<SchemaVersion> {
|
|||||||
}
|
}
|
||||||
|
|
||||||
pub async fn upgrade_to_v1(pool: &Pool) -> sqlx::Result<()> {
|
pub async fn upgrade_to_v1(pool: &Pool) -> sqlx::Result<()> {
|
||||||
|
info!("Upgrading DB schema from version 0->1");
|
||||||
// SQLite needs this pragma to be turned on. Other DB might not understand this, so ignore the
|
// SQLite needs this pragma to be turned on. Other DB might not understand this, so ignore the
|
||||||
// error.
|
// error.
|
||||||
let _ = sqlx::query("PRAGMA foreign_keys = ON").execute(pool).await;
|
let _ = sqlx::query("PRAGMA foreign_keys = ON").execute(pool).await;
|
||||||
@ -296,8 +300,39 @@ pub async fn upgrade_to_v1(pool: &Pool) -> sqlx::Result<()> {
|
|||||||
Ok(())
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn migrate_from_version(_pool: &Pool, version: SchemaVersion) -> anyhow::Result<()> {
|
pub async fn migrate_from_version(
|
||||||
if version.0 > 1 {
|
pool: &Pool,
|
||||||
|
version: SchemaVersion,
|
||||||
|
config: &Configuration,
|
||||||
|
) -> anyhow::Result<()> {
|
||||||
|
if version.0 < 2 {
|
||||||
|
info!("Upgrading DB schema from version 1->2");
|
||||||
|
sqlx::query(
|
||||||
|
&Table::alter()
|
||||||
|
.table(Users::Table)
|
||||||
|
.add_column(ColumnDef::new(Users::PasswordHashV2).binary())
|
||||||
|
.to_string(DbQueryBuilder {}),
|
||||||
|
)
|
||||||
|
.execute(pool)
|
||||||
|
.await?;
|
||||||
|
let backend_handler = SqlBackendHandler::new(config.clone(), pool.clone());
|
||||||
|
backend_handler
|
||||||
|
.set_password(super::handler::BindRequest {
|
||||||
|
name: config.ldap_user_dn.clone(),
|
||||||
|
password: config.ldap_user_pass.unsecure().to_owned(),
|
||||||
|
})
|
||||||
|
.await?;
|
||||||
|
}
|
||||||
|
sqlx::query(
|
||||||
|
&Query::update()
|
||||||
|
.table(Metadata::Table)
|
||||||
|
.values(vec![(Metadata::Version, SchemaVersion(2).into())])
|
||||||
|
.to_string(DbQueryBuilder {}),
|
||||||
|
)
|
||||||
|
.execute(pool)
|
||||||
|
.await?;
|
||||||
|
info!("Successfully upgraded DB to schema version 2");
|
||||||
|
if version.0 > 2 {
|
||||||
anyhow::bail!("DB version downgrading is not supported");
|
anyhow::bail!("DB version downgrading is not supported");
|
||||||
}
|
}
|
||||||
Ok(())
|
Ok(())
|
||||||
|
@ -36,6 +36,7 @@ fn passwords_match(
|
|||||||
username.as_str(),
|
username.as_str(),
|
||||||
)?;
|
)?;
|
||||||
client::login::finish_login(
|
client::login::finish_login(
|
||||||
|
clear_password,
|
||||||
client_login_start_result.state,
|
client_login_start_result.state,
|
||||||
server_login_start_result.message,
|
server_login_start_result.message,
|
||||||
)?;
|
)?;
|
||||||
@ -44,8 +45,13 @@ fn passwords_match(
|
|||||||
|
|
||||||
impl SqlBackendHandler {
|
impl SqlBackendHandler {
|
||||||
fn get_orion_secret_key(&self) -> Result<orion::aead::SecretKey> {
|
fn get_orion_secret_key(&self) -> Result<orion::aead::SecretKey> {
|
||||||
|
use opaque_ke::keypair::SecretKey;
|
||||||
Ok(orion::aead::SecretKey::from_slice(
|
Ok(orion::aead::SecretKey::from_slice(
|
||||||
self.config.get_server_keys().private(),
|
self.config
|
||||||
|
.get_server_keys()
|
||||||
|
.private()
|
||||||
|
.serialize()
|
||||||
|
.as_slice(),
|
||||||
)?)
|
)?)
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -57,7 +63,7 @@ impl SqlBackendHandler {
|
|||||||
// Fetch the previously registered password file from the DB.
|
// Fetch the previously registered password file from the DB.
|
||||||
let password_file_bytes = {
|
let password_file_bytes = {
|
||||||
let (query, values) = Query::select()
|
let (query, values) = Query::select()
|
||||||
.column(Users::PasswordHash)
|
.column(Users::PasswordHashV2)
|
||||||
.from(Users::Table)
|
.from(Users::Table)
|
||||||
.cond_where(Expr::col(Users::UserId).eq(username))
|
.cond_where(Expr::col(Users::UserId).eq(username))
|
||||||
.build_sqlx(DbQueryBuilder {});
|
.build_sqlx(DbQueryBuilder {});
|
||||||
@ -66,7 +72,7 @@ impl SqlBackendHandler {
|
|||||||
.await?
|
.await?
|
||||||
{
|
{
|
||||||
if let Some(bytes) =
|
if let Some(bytes) =
|
||||||
row.get::<Option<Vec<u8>>, _>(&*Users::PasswordHash.to_string())
|
row.get::<Option<Vec<u8>>, _>(&*Users::PasswordHashV2.to_string())
|
||||||
{
|
{
|
||||||
bytes
|
bytes
|
||||||
} else {
|
} else {
|
||||||
@ -91,7 +97,7 @@ impl LoginHandler for SqlBackendHandler {
|
|||||||
#[instrument(skip_all, level = "debug", err)]
|
#[instrument(skip_all, level = "debug", err)]
|
||||||
async fn bind(&self, request: BindRequest) -> Result<()> {
|
async fn bind(&self, request: BindRequest) -> Result<()> {
|
||||||
let (query, values) = Query::select()
|
let (query, values) = Query::select()
|
||||||
.column(Users::PasswordHash)
|
.column(Users::PasswordHashV2)
|
||||||
.from(Users::Table)
|
.from(Users::Table)
|
||||||
.cond_where(Expr::col(Users::UserId).eq(&request.name))
|
.cond_where(Expr::col(Users::UserId).eq(&request.name))
|
||||||
.build_sqlx(DbQueryBuilder {});
|
.build_sqlx(DbQueryBuilder {});
|
||||||
@ -100,7 +106,7 @@ impl LoginHandler for SqlBackendHandler {
|
|||||||
.await
|
.await
|
||||||
{
|
{
|
||||||
if let Some(password_hash) =
|
if let Some(password_hash) =
|
||||||
row.get::<Option<Vec<u8>>, _>(&*Users::PasswordHash.to_string())
|
row.get::<Option<Vec<u8>>, _>(&*Users::PasswordHashV2.to_string())
|
||||||
{
|
{
|
||||||
if let Err(e) = passwords_match(
|
if let Err(e) = passwords_match(
|
||||||
&password_hash,
|
&password_hash,
|
||||||
@ -123,6 +129,31 @@ impl LoginHandler for SqlBackendHandler {
|
|||||||
request.name
|
request.name
|
||||||
)))
|
)))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[instrument(skip_all, level = "debug", err)]
|
||||||
|
async fn set_password(&self, request: BindRequest) -> Result<()> {
|
||||||
|
use lldap_auth::*;
|
||||||
|
let mut rng = rand::rngs::OsRng;
|
||||||
|
let registration_start_request =
|
||||||
|
opaque::client::registration::start_registration(&request.password, &mut rng)?;
|
||||||
|
let req = registration::ClientRegistrationStartRequest {
|
||||||
|
username: request.name.to_string(),
|
||||||
|
registration_start_request: registration_start_request.message,
|
||||||
|
};
|
||||||
|
let registration_start_response = self.registration_start(req).await?;
|
||||||
|
let registration_finish = opaque::client::registration::finish_registration(
|
||||||
|
&request.password,
|
||||||
|
registration_start_request.state,
|
||||||
|
registration_start_response.registration_response,
|
||||||
|
&mut rng,
|
||||||
|
)?;
|
||||||
|
let req = registration::ClientRegistrationFinishRequest {
|
||||||
|
server_data: registration_start_response.server_data,
|
||||||
|
registration_upload: registration_finish.message,
|
||||||
|
};
|
||||||
|
self.registration_finish(req).await?;
|
||||||
|
Ok(())
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#[async_trait]
|
#[async_trait]
|
||||||
@ -214,7 +245,10 @@ impl OpaqueHandler for SqlOpaqueHandler {
|
|||||||
// Set the user password to the new password.
|
// Set the user password to the new password.
|
||||||
let (update_query, values) = Query::update()
|
let (update_query, values) = Query::update()
|
||||||
.table(Users::Table)
|
.table(Users::Table)
|
||||||
.value(Users::PasswordHash, password_file.serialize().into())
|
.value(
|
||||||
|
Users::PasswordHashV2,
|
||||||
|
password_file.serialize().as_slice().into(),
|
||||||
|
)
|
||||||
.cond_where(Expr::col(Users::UserId).eq(username))
|
.cond_where(Expr::col(Users::UserId).eq(username))
|
||||||
.build_sqlx(DbQueryBuilder {});
|
.build_sqlx(DbQueryBuilder {});
|
||||||
sqlx::query_with(update_query.as_str(), values)
|
sqlx::query_with(update_query.as_str(), values)
|
||||||
@ -243,6 +277,7 @@ pub(crate) async fn register_password(
|
|||||||
})
|
})
|
||||||
.await?;
|
.await?;
|
||||||
let registration_finish = opaque::client::registration::finish_registration(
|
let registration_finish = opaque::client::registration::finish_registration(
|
||||||
|
password.unsecure(),
|
||||||
registration_start.state,
|
registration_start.state,
|
||||||
start_response.registration_response,
|
start_response.registration_response,
|
||||||
&mut rng,
|
&mut rng,
|
||||||
@ -275,6 +310,7 @@ mod tests {
|
|||||||
})
|
})
|
||||||
.await?;
|
.await?;
|
||||||
let login_finish = opaque::client::login::finish_login(
|
let login_finish = opaque::client::login::finish_login(
|
||||||
|
password,
|
||||||
login_start.state,
|
login_start.state,
|
||||||
start_response.credential_response,
|
start_response.credential_response,
|
||||||
)?;
|
)?;
|
||||||
|
@ -1,3 +1,5 @@
|
|||||||
|
use crate::infra::configuration::Configuration;
|
||||||
|
|
||||||
use super::{
|
use super::{
|
||||||
handler::{GroupId, UserId, Uuid},
|
handler::{GroupId, UserId, Uuid},
|
||||||
sql_migrations::{get_schema_version, migrate_from_version, upgrade_to_v1},
|
sql_migrations::{get_schema_version, migrate_from_version, upgrade_to_v1},
|
||||||
@ -62,7 +64,9 @@ pub enum Users {
|
|||||||
LastName,
|
LastName,
|
||||||
Avatar,
|
Avatar,
|
||||||
CreationDate,
|
CreationDate,
|
||||||
|
// Deprecated
|
||||||
PasswordHash,
|
PasswordHash,
|
||||||
|
PasswordHashV2,
|
||||||
TotpSecret,
|
TotpSecret,
|
||||||
MfaType,
|
MfaType,
|
||||||
Uuid,
|
Uuid,
|
||||||
@ -96,7 +100,7 @@ pub enum Metadata {
|
|||||||
Version,
|
Version,
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn init_table(pool: &Pool) -> anyhow::Result<()> {
|
pub async fn init_table(pool: &Pool, config: &Configuration) -> anyhow::Result<()> {
|
||||||
let version = {
|
let version = {
|
||||||
if let Some(version) = get_schema_version(pool).await {
|
if let Some(version) = get_schema_version(pool).await {
|
||||||
version
|
version
|
||||||
@ -105,20 +109,27 @@ pub async fn init_table(pool: &Pool) -> anyhow::Result<()> {
|
|||||||
SchemaVersion(1)
|
SchemaVersion(1)
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
migrate_from_version(pool, version).await?;
|
migrate_from_version(pool, version, config).await?;
|
||||||
Ok(())
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
||||||
#[cfg(test)]
|
#[cfg(test)]
|
||||||
mod tests {
|
mod tests {
|
||||||
use super::*;
|
use super::*;
|
||||||
|
use crate::infra::configuration::ConfigurationBuilder;
|
||||||
use chrono::prelude::*;
|
use chrono::prelude::*;
|
||||||
use sqlx::{Column, Row};
|
use sqlx::{Column, Row};
|
||||||
|
|
||||||
|
async fn init_tables_for_test(pool: &Pool) {
|
||||||
|
init_table(&pool, &ConfigurationBuilder::for_tests())
|
||||||
|
.await
|
||||||
|
.unwrap();
|
||||||
|
}
|
||||||
|
|
||||||
#[tokio::test]
|
#[tokio::test]
|
||||||
async fn test_init_table() {
|
async fn test_init_table() {
|
||||||
let sql_pool = PoolOptions::new().connect("sqlite::memory:").await.unwrap();
|
let sql_pool = PoolOptions::new().connect("sqlite::memory:").await.unwrap();
|
||||||
init_table(&sql_pool).await.unwrap();
|
init_tables_for_test(&sql_pool).await;
|
||||||
sqlx::query(r#"INSERT INTO users
|
sqlx::query(r#"INSERT INTO users
|
||||||
(user_id, email, display_name, first_name, last_name, creation_date, password_hash, uuid)
|
(user_id, email, display_name, first_name, last_name, creation_date, password_hash, uuid)
|
||||||
VALUES ("bôb", "böb@bob.bob", "Bob Bobbersön", "Bob", "Bobberson", "1970-01-01 00:00:00", "bob00", "abc")"#).execute(&sql_pool).await.unwrap();
|
VALUES ("bôb", "böb@bob.bob", "Bob Bobbersön", "Bob", "Bobberson", "1970-01-01 00:00:00", "bob00", "abc")"#).execute(&sql_pool).await.unwrap();
|
||||||
@ -138,8 +149,8 @@ mod tests {
|
|||||||
#[tokio::test]
|
#[tokio::test]
|
||||||
async fn test_already_init_table() {
|
async fn test_already_init_table() {
|
||||||
let sql_pool = PoolOptions::new().connect("sqlite::memory:").await.unwrap();
|
let sql_pool = PoolOptions::new().connect("sqlite::memory:").await.unwrap();
|
||||||
init_table(&sql_pool).await.unwrap();
|
init_tables_for_test(&sql_pool).await;
|
||||||
init_table(&sql_pool).await.unwrap();
|
init_tables_for_test(&sql_pool).await;
|
||||||
}
|
}
|
||||||
|
|
||||||
#[tokio::test]
|
#[tokio::test]
|
||||||
@ -168,7 +179,7 @@ mod tests {
|
|||||||
.execute(&sql_pool)
|
.execute(&sql_pool)
|
||||||
.await
|
.await
|
||||||
.unwrap();
|
.unwrap();
|
||||||
init_table(&sql_pool).await.unwrap();
|
init_tables_for_test(&sql_pool).await;
|
||||||
sqlx::query(
|
sqlx::query(
|
||||||
r#"INSERT INTO groups (display_name, creation_date, uuid)
|
r#"INSERT INTO groups (display_name, creation_date, uuid)
|
||||||
VALUES ("test", "1970-01-01 00:00:00", "abc")"#,
|
VALUES ("test", "1970-01-01 00:00:00", "abc")"#,
|
||||||
@ -210,7 +221,7 @@ mod tests {
|
|||||||
.fetch_one(&sql_pool)
|
.fetch_one(&sql_pool)
|
||||||
.await
|
.await
|
||||||
.unwrap(),
|
.unwrap(),
|
||||||
SchemaVersion(1)
|
SchemaVersion(2)
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -228,6 +239,8 @@ mod tests {
|
|||||||
.execute(&sql_pool)
|
.execute(&sql_pool)
|
||||||
.await
|
.await
|
||||||
.unwrap();
|
.unwrap();
|
||||||
assert!(init_table(&sql_pool).await.is_err());
|
assert!(init_table(&sql_pool, &ConfigurationBuilder::for_tests())
|
||||||
|
.await
|
||||||
|
.is_err());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -17,7 +17,6 @@ use crate::{
|
|||||||
},
|
},
|
||||||
infra::auth_service::{Permission, ValidationResults},
|
infra::auth_service::{Permission, ValidationResults},
|
||||||
};
|
};
|
||||||
use anyhow::Result;
|
|
||||||
use ldap3_proto::proto::{
|
use ldap3_proto::proto::{
|
||||||
LdapAddRequest, LdapBindCred, LdapBindRequest, LdapBindResponse, LdapExtendedRequest,
|
LdapAddRequest, LdapBindCred, LdapBindRequest, LdapBindResponse, LdapExtendedRequest,
|
||||||
LdapExtendedResponse, LdapFilter, LdapOp, LdapPartialAttribute, LdapPasswordModifyRequest,
|
LdapExtendedResponse, LdapFilter, LdapOp, LdapPartialAttribute, LdapPasswordModifyRequest,
|
||||||
@ -238,29 +237,6 @@ impl<Backend: BackendHandler + LoginHandler + OpaqueHandler> LdapHandler<Backend
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
async fn change_password(&mut self, user: &UserId, password: &str) -> Result<()> {
|
|
||||||
use lldap_auth::*;
|
|
||||||
let mut rng = rand::rngs::OsRng;
|
|
||||||
let registration_start_request =
|
|
||||||
opaque::client::registration::start_registration(password, &mut rng)?;
|
|
||||||
let req = registration::ClientRegistrationStartRequest {
|
|
||||||
username: user.to_string(),
|
|
||||||
registration_start_request: registration_start_request.message,
|
|
||||||
};
|
|
||||||
let registration_start_response = self.backend_handler.registration_start(req).await?;
|
|
||||||
let registration_finish = opaque::client::registration::finish_registration(
|
|
||||||
registration_start_request.state,
|
|
||||||
registration_start_response.registration_response,
|
|
||||||
&mut rng,
|
|
||||||
)?;
|
|
||||||
let req = registration::ClientRegistrationFinishRequest {
|
|
||||||
server_data: registration_start_response.server_data,
|
|
||||||
registration_upload: registration_finish.message,
|
|
||||||
};
|
|
||||||
self.backend_handler.registration_finish(req).await?;
|
|
||||||
Ok(())
|
|
||||||
}
|
|
||||||
|
|
||||||
async fn do_password_modification(
|
async fn do_password_modification(
|
||||||
&mut self,
|
&mut self,
|
||||||
request: &LdapPasswordModifyRequest,
|
request: &LdapPasswordModifyRequest,
|
||||||
@ -298,7 +274,14 @@ impl<Backend: BackendHandler + LoginHandler + OpaqueHandler> LdapHandler<Backend
|
|||||||
&credentials.user, &uid
|
&credentials.user, &uid
|
||||||
),
|
),
|
||||||
})
|
})
|
||||||
} else if let Err(e) = self.change_password(&uid, password).await {
|
} else if let Err(e) = self
|
||||||
|
.backend_handler
|
||||||
|
.set_password(BindRequest {
|
||||||
|
name: uid,
|
||||||
|
password: password.to_owned(),
|
||||||
|
})
|
||||||
|
.await
|
||||||
|
{
|
||||||
Err(LdapError {
|
Err(LdapError {
|
||||||
code: LdapResultCode::Other,
|
code: LdapResultCode::Other,
|
||||||
message: format!("Error while changing the password: {:#?}", e),
|
message: format!("Error while changing the password: {:#?}", e),
|
||||||
@ -587,6 +570,7 @@ mod tests {
|
|||||||
#[async_trait]
|
#[async_trait]
|
||||||
impl LoginHandler for TestBackendHandler {
|
impl LoginHandler for TestBackendHandler {
|
||||||
async fn bind(&self, request: BindRequest) -> Result<()>;
|
async fn bind(&self, request: BindRequest) -> Result<()>;
|
||||||
|
async fn set_password(&self, request: BindRequest) -> Result<()>;
|
||||||
}
|
}
|
||||||
#[async_trait]
|
#[async_trait]
|
||||||
impl GroupBackendHandler for TestBackendHandler {
|
impl GroupBackendHandler for TestBackendHandler {
|
||||||
@ -1815,28 +1799,12 @@ mod tests {
|
|||||||
mock.expect_get_user_groups()
|
mock.expect_get_user_groups()
|
||||||
.with(eq(UserId::new("bob")))
|
.with(eq(UserId::new("bob")))
|
||||||
.returning(|_| Ok(HashSet::new()));
|
.returning(|_| Ok(HashSet::new()));
|
||||||
use lldap_auth::*;
|
mock.expect_set_password()
|
||||||
let mut rng = rand::rngs::OsRng;
|
|
||||||
let registration_start_request =
|
|
||||||
opaque::client::registration::start_registration("password", &mut rng).unwrap();
|
|
||||||
let request = registration::ClientRegistrationStartRequest {
|
|
||||||
username: "bob".to_string(),
|
|
||||||
registration_start_request: registration_start_request.message,
|
|
||||||
};
|
|
||||||
let start_response = opaque::server::registration::start_registration(
|
|
||||||
&opaque::server::ServerSetup::new(&mut rng),
|
|
||||||
request.registration_start_request,
|
|
||||||
&request.username,
|
|
||||||
)
|
|
||||||
.unwrap();
|
|
||||||
mock.expect_registration_start().times(1).return_once(|_| {
|
|
||||||
Ok(registration::ServerRegistrationStartResponse {
|
|
||||||
server_data: "".to_string(),
|
|
||||||
registration_response: start_response.message,
|
|
||||||
})
|
|
||||||
});
|
|
||||||
mock.expect_registration_finish()
|
|
||||||
.times(1)
|
.times(1)
|
||||||
|
.with(eq(BindRequest {
|
||||||
|
name: UserId::new("bob"),
|
||||||
|
password: "password".to_owned(),
|
||||||
|
}))
|
||||||
.return_once(|_| Ok(()));
|
.return_once(|_| Ok(()));
|
||||||
let mut ldap_handler = setup_bound_admin_handler(mock).await;
|
let mut ldap_handler = setup_bound_admin_handler(mock).await;
|
||||||
let request = LdapOp::ExtendedRequest(
|
let request = LdapOp::ExtendedRequest(
|
||||||
@ -1862,28 +1830,12 @@ mod tests {
|
|||||||
mock.expect_get_user_groups()
|
mock.expect_get_user_groups()
|
||||||
.with(eq(UserId::new("bob")))
|
.with(eq(UserId::new("bob")))
|
||||||
.returning(|_| Ok(HashSet::new()));
|
.returning(|_| Ok(HashSet::new()));
|
||||||
use lldap_auth::*;
|
mock.expect_set_password()
|
||||||
let mut rng = rand::rngs::OsRng;
|
|
||||||
let registration_start_request =
|
|
||||||
opaque::client::registration::start_registration("password", &mut rng).unwrap();
|
|
||||||
let request = registration::ClientRegistrationStartRequest {
|
|
||||||
username: "bob".to_string(),
|
|
||||||
registration_start_request: registration_start_request.message,
|
|
||||||
};
|
|
||||||
let start_response = opaque::server::registration::start_registration(
|
|
||||||
&opaque::server::ServerSetup::new(&mut rng),
|
|
||||||
request.registration_start_request,
|
|
||||||
&request.username,
|
|
||||||
)
|
|
||||||
.unwrap();
|
|
||||||
mock.expect_registration_start().times(1).return_once(|_| {
|
|
||||||
Ok(registration::ServerRegistrationStartResponse {
|
|
||||||
server_data: "".to_string(),
|
|
||||||
registration_response: start_response.message,
|
|
||||||
})
|
|
||||||
});
|
|
||||||
mock.expect_registration_finish()
|
|
||||||
.times(1)
|
.times(1)
|
||||||
|
.with(eq(BindRequest {
|
||||||
|
name: UserId::new("bob"),
|
||||||
|
password: "password".to_owned(),
|
||||||
|
}))
|
||||||
.return_once(|_| Ok(()));
|
.return_once(|_| Ok(()));
|
||||||
let mut ldap_handler = setup_bound_password_manager_handler(mock).await;
|
let mut ldap_handler = setup_bound_password_manager_handler(mock).await;
|
||||||
let request = LdapOp::ExtendedRequest(
|
let request = LdapOp::ExtendedRequest(
|
||||||
|
@ -32,6 +32,7 @@ mockall::mock! {
|
|||||||
#[async_trait]
|
#[async_trait]
|
||||||
impl LoginHandler for TestTcpBackendHandler {
|
impl LoginHandler for TestTcpBackendHandler {
|
||||||
async fn bind(&self, request: BindRequest) -> Result<()>;
|
async fn bind(&self, request: BindRequest) -> Result<()>;
|
||||||
|
async fn set_password(&self, request: BindRequest) -> Result<()>;
|
||||||
}
|
}
|
||||||
#[async_trait]
|
#[async_trait]
|
||||||
impl GroupBackendHandler for TestTcpBackendHandler {
|
impl GroupBackendHandler for TestTcpBackendHandler {
|
||||||
|
@ -58,7 +58,7 @@ async fn set_up_server(config: Configuration) -> Result<ServerBuilder> {
|
|||||||
.connect(&config.database_url)
|
.connect(&config.database_url)
|
||||||
.await
|
.await
|
||||||
.context("while connecting to the DB")?;
|
.context("while connecting to the DB")?;
|
||||||
domain::sql_tables::init_table(&sql_pool)
|
domain::sql_tables::init_table(&sql_pool, &config)
|
||||||
.await
|
.await
|
||||||
.context("while creating the tables")?;
|
.context("while creating the tables")?;
|
||||||
let backend_handler = SqlBackendHandler::new(config.clone(), sql_pool.clone());
|
let backend_handler = SqlBackendHandler::new(config.clone(), sql_pool.clone());
|
||||||
|
Loading…
Reference in New Issue
Block a user