diff --git a/README.md b/README.md index 9ef0c6b..77f6465 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to ## Overview Open source password management solutions. -**Shipped version:** 1.11.0 +**Shipped version:** 1.12.0 ## Important points to read before installing diff --git a/conf/app.src b/conf/app.src index 0972be2..3828aa0 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://github.com/dani-garcia/bitwarden_rs/archive/1.11.0.tar.gz -SOURCE_SUM=d2d8260e020c373f5d2fd9902af490b43beb840e050065003443057ac833707f +SOURCE_URL=https://github.com/dani-garcia/bitwarden_rs/archive/1.12.0.tar.gz +SOURCE_SUM=3b53e5f5021dc7c65b7925069160474609744c55759f51a5ef0bae56c859971a SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true diff --git a/conf/bitwarden_rs.env b/conf/bitwarden_rs.env index c0057ce..7fd47af 100644 --- a/conf/bitwarden_rs.env +++ b/conf/bitwarden_rs.env @@ -95,6 +95,14 @@ LOG_FILE=/var/log/__APP__/__APP__.log ## Controls if new users can register SIGNUPS_ALLOWED=false +## Controls if new users from a list of comma-separated domains can register +## even if SIGNUPS_ALLOWED is set to false +## +## WARNING: There is currently no validation that prevents anyone from +## signing up with any made-up email address from one of these +## whitelisted domains! +# SIGNUPS_DOMAINS_WHITELIST=example.com,example.net,example.org + ## Token for the admin interface, preferably use a long random string ## One option is to use 'openssl rand -base64 48' ## If not set, the admin panel is disabled @@ -140,6 +148,18 @@ DOMAIN=https://__DOMAIN__ ## After that, you should be able to follow the rest of the guide linked above, ## ignoring the fields that ask for the values that you already configured beforehand. +## Authenticator Settings +## Disable authenticator time drifted codes to be valid. +## TOTP codes of the previous and next 30 seconds will be invalid +## +## According to the RFC6238 (https://tools.ietf.org/html/rfc6238), +## we allow by default the TOTP code which was valid one step back and one in the future. +## This can however allow attackers to be a bit more lucky with there attempts because there are 3 valid codes. +## You can disable this, so that only the current TOTP Code is allowed. +## Keep in mind that when a sever drifts out of time, valid codes could be marked as invalid. +## In any case, if a code has been used it can not be used again, also codes which predates it will be invalid. +# AUTHENTICATOR_DISABLE_TIME_DRIFT = false + ## Rocket specific settings, check Rocket documentation to learn more # ROCKET_ENV=staging ROCKET_ADDRESS=127.0.0.1 # Enable this to test mobile app @@ -157,3 +177,4 @@ SMTP_SSL=false # SMTP_USERNAME=username # SMTP_PASSWORD=password # SMTP_AUTH_MECHANISM="Plain" +# SMTP_TIMEOUT=15 diff --git a/manifest.json b/manifest.json index af8a927..75d0068 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Open source password management solutions.", "fr": "Solutions de gestion de mots de passe open source." }, - "version": "1.11.0~ynh1", + "version": "1.12.0~ynh1", "url": "https://github.com/dani-garcia/bitwarden_rs", "license": "GPL-3.0-or-later", "maintainer": { diff --git a/scripts/_common.sh b/scripts/_common.sh index 48f3d78..aa3c17a 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -5,7 +5,7 @@ #================================================= # dependencies used by the app -pkg_dependencies="curl tar pkg-config libssl-dev" +pkg_dependencies="curl tar pkg-config libssl-dev libc6-dev" #================================================= # PERSONAL HELPERS