mirror of
https://github.com/ViViDboarder/bitwarden_rs_ldap.git
synced 2024-12-22 00:57:33 +00:00
add security features on OpenBSD
Signed-off-by: Aisha Tammy <floss@bsd.ac>
This commit is contained in:
parent
dd92cc509a
commit
97a64c7247
20
Cargo.lock
generated
20
Cargo.lock
generated
@ -594,6 +594,15 @@ version = "0.3.23"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "d1a3ea4f0dd7f1f3e512cf97bf100819aa547f36a6eccac8dbaae839eb92363e"
|
||||
|
||||
[[package]]
|
||||
name = "pledge"
|
||||
version = "0.4.2"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "252599417b7d9a43b7fdc63dd790b0848666a8910b2ebe1a25118309c3c981e5"
|
||||
dependencies = [
|
||||
"libc",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "ppv-lite86"
|
||||
version = "0.2.15"
|
||||
@ -995,6 +1004,15 @@ version = "0.2.2"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "8ccb82d61f80a663efe1f787a51b16b5a51e3314d6ac365b08639f52387b33f3"
|
||||
|
||||
[[package]]
|
||||
name = "unveil"
|
||||
version = "0.3.2"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "5e7fa867d559102001ec694165ed17d5f82e95213060a65f9c8b6280084bbfec"
|
||||
dependencies = [
|
||||
"libc",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "url"
|
||||
version = "2.2.2"
|
||||
@ -1014,11 +1032,13 @@ dependencies = [
|
||||
"anyhow",
|
||||
"envy",
|
||||
"ldap3",
|
||||
"pledge",
|
||||
"reqwest",
|
||||
"serde",
|
||||
"serde_json",
|
||||
"thiserror",
|
||||
"toml",
|
||||
"unveil",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
|
@ -13,3 +13,5 @@ serde_json = "1.0"
|
||||
thiserror = "1.0"
|
||||
anyhow = "1.0"
|
||||
envy = "0.4.1"
|
||||
pledge = "0.4.2"
|
||||
unveil = "0.3.2"
|
||||
|
14
src/main.rs
14
src/main.rs
@ -1,5 +1,7 @@
|
||||
extern crate anyhow;
|
||||
extern crate ldap3;
|
||||
extern crate pledge;
|
||||
extern crate unveil;
|
||||
|
||||
use std::collections::HashSet;
|
||||
use std::thread::sleep;
|
||||
@ -9,6 +11,8 @@ use anyhow::Context as _;
|
||||
use anyhow::Error as AnyError;
|
||||
use anyhow::Result;
|
||||
use ldap3::{DerefAliases, LdapConn, LdapConnSettings, Scope, SearchEntry, SearchOptions};
|
||||
use pledge::pledge;
|
||||
use unveil::unveil;
|
||||
|
||||
mod config;
|
||||
mod vw_admin;
|
||||
@ -21,6 +25,16 @@ fn main() {
|
||||
config.get_vaultwarden_root_cert_file(),
|
||||
);
|
||||
|
||||
unveil(config::get_config_path(), "r")
|
||||
.or_else(unveil::Error::ignore_platform)
|
||||
.expect("Could not unveil config file");
|
||||
unveil("", "")
|
||||
.or_else(unveil::Error::ignore_platform)
|
||||
.expect("Could not disable further unveils");
|
||||
pledge("dns flock inet rpath stdio tty", "")
|
||||
.or_else(pledge::Error::ignore_platform)
|
||||
.expect("Could not pledge permissions");
|
||||
|
||||
invite_users(&config, &mut client, config.get_ldap_sync_loop())
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user