1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-12-25 16:59:17 +01:00
Commit Graph

19 Commits

Author SHA1 Message Date
Bernd Schoolmann
e8d8a816dd
[PM-14988] Use peercred / GetNamedPipeClientProcessId to gather info about process connecting to ssh agent (#12065)
* Fix double prompt when unlocking by ssh request

* Add peercred for unix

* Enable apple-app-store feature

* Add generic parameter

* Update

* Add procinfo for windows

* Show connecting app in ui

* Use struct instead of tuple

* Use atomics instead of mutex

* Fix windows build

* Use is_running function

* Cleanup named pipe listener

* Cleanups

* Cargo fmt

* Replace "" with none

* Rebuild index.d.ts

* Fix is running check
2024-12-11 12:53:00 +01:00
Andreas Coroiu
f16bfa4cd2
[PM-9035] desktop build logic to provide credentials to os on sync (#10181)
* feat: scaffold desktop_objc

* feat: rename fido2 to autofill

* feat: scaffold electron autofill

* feat: auto call hello world on init

* feat: scaffold call to basic objc function

* feat: simple log that checks if autofill is enabled

* feat: adding some availability guards

* feat: scaffold services and allow calls from inspector

* feat: create custom type for returning strings across rust/objc boundary

* chore: clean up comments

* feat: enable ARC

* feat: add util function `c_string_to_nsstring`

* chore: refactor and rename to `run_command`

* feat: add try-catch around command execution

* feat: properly implement command calling

Add static typing. Add proper error handling.

* feat: add autoreleasepool to avoid memory leaks

* chore: change objc names to camelCase

* fix: error returning

* feat: extract some helper functions into utils class

* feat: scaffold status command

* feat: implement status command

* feat: implement password credential mapping

* wip: implement sync command

This crashes because we are not properly handling the fact that `saveCredentialIdentities` uses callbacks, resulting in a race condition where we try to access a variable (result) that has already gotten dealloc'd.

* feat: first version of callback

* feat: make run_command async

* feat: functioning callback returns

* chore: refactor to make objc code easier to read and use

* feat: refactor everything to use new callback return method

* feat: re-implement status command with callback

* fix: warning about CommandContext not being FFI-safe

* feat: implement sync command using callbacks

* feat: implement manual password credential sync

* feat: add auto syncing

* docs: add todo

* feat: add support for passkeys

* chore: move desktop autofill service to init service

* feat: auto-add all .m files to builder

* fix: native build on unix and windows

* fix: unused compiler warnings

* fix: napi type exports

* feat: add corresponding dist command

* feat: comment signing profile until we fix signing

* fix: build breaking on non-macOS platforms

* chore: cargo lock update

* chore: revert accidental version change

* feat: put sync behind feature flag

* chore: put files in autofill folder

* fix: obj-c code not recompiling on changes

* feat: add `namespace` to commands

* fix: linting complaining about flag

* feat: add autofill as owner of their objc code

* chore: make autofill owner of run_command in core crate

* fix: re-add napi annotation

* fix: remove dev bypass
2024-12-06 16:31:30 +01:00
Bernd Schoolmann
80a898bd8c
[PM-14252] Switch to oo7 and drop libsecret (#11900)
* Switch to oo7 and drop libsecret

* Fix tests

* Fix windows

* Fix windows

* Fix windows

* Fix windows

* Add migration

* Update apps/desktop/desktop_native/core/src/password/unix.rs

Co-authored-by: Daniel García <dani-garcia@users.noreply.github.com>

* Remove libsecret in ci

* Move allow async to trait level

* Fix comment

* Pin oo7 dependency

---------

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
Co-authored-by: Daniel García <dani-garcia@users.noreply.github.com>
2024-12-04 17:03:34 +01:00
Bernd Schoolmann
864e6759fd
Switch to rustcrypto argon2 on desktop (#11753)
* Switch to rustcrypto argon2 on desktop

* Make argon2 use zeroize

* Remove argon2 native modules from electron-builder config

* Clean rust implementation of argon2

* Update cargo.lock

* Update apps/desktop/desktop_native/napi/src/lib.rs

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Add tests

* Clean up test

* Remove argon2 external from webpack main

* Fix build

* Fix argon2 module causing a startup crash

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
2024-12-04 11:54:55 +00:00
Bernd Schoolmann
050417a92e
[PM-14863] Force unlock when keys are cleared / on first unlock and fix account switching behavior (#11994)
* Force unlock when keys are cleared / on first unlock and fix account switching behavior

* Make comment a doc comment

* Pin russh commit

* Cleanup

* Make list messaging explicit

* Add account switching error handling for ssh agent

* Add account switching error handling for ssh agent

* Cleanup
2024-12-02 11:55:56 +01:00
Bernd Schoolmann
5e6c5c8779
[PM-14993] Add ssh-agent error handling and security fixes (#12048)
* Add error handling and security fixes

* Add is running status, and add more errors on windows
2024-11-20 10:38:21 +01:00
Daniel García
d0f24dc41f
Improve desktop IPC logging (#11864)
* Improve desktop IPC logging

* Log error

* Force file to only log info, like the desktop app does

* use ?
2024-11-14 17:45:19 +01:00
Bernd Schoolmann
081fe83d83
PM-10393 SSH keys (#10825)
* [PM-10395] Add new item type ssh key (#10360)

* Implement ssh-key cipher type

* Fix linting

* Fix edit and view components for ssh-keys on desktop

* Fix tests

* Remove ssh key type references

* Remove add ssh key option

* Fix typo

* Add tests

* [PM-10399] Add ssh key import export for bitwarden json (#10529)

* Add ssh key import export for bitwarden json

* Remove key type from ssh key export

* [PM-10406] Add privatekey publickey and fingerprint to both add-edit and view co… (#11046)

* Add privatekey publickey and fingerprint to both add-edit and view components

* Remove wrong a11y title

* Fix testid

* [PM-10098] SSH Agent & SSH Key creation for Bitwarden Desktop (#10293)

* Add ssh agent, generator & import

* Move ssh agent code to bitwarden-russh crate

* Remove generator component

* Cleanup

* Cleanup

* Remove left over sshGenerator reference

* Cleanup

* Add documentation to sshkeyimportstatus

* Fix outdated variable name

* Update apps/desktop/src/platform/preload.ts

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>

* Rename renderersshagent

* Rename MainSshAgentService

* Improve clarity of 'id' variables being used

* Improve clarity of 'id' variables being used

* Update apps/desktop/src/vault/app/vault/add-edit.component.html

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>

* Fix outdated cipher/messageid names

* Rename SSH to Ssh

* Make agent syncing more reactive

* Move constants to top of class

* Make sshkey cipher filtering clearer

* Add stricter equality check on ssh key unlock

* Fix build and messages

* Fix incorrect featureflag name

* Replace anonymous async function with switchmap pipe

* Fix build

* Update apps/desktop/desktop_native/napi/src/lib.rs

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>

* Revert incorrectly renamed 'Ssh' usages to SSH

* Run cargo fmt

* Clean up ssh agent sock path logic

* Cleanup and split to platform specific files

* Small cleanup

* Pull out generator and importer into core

* Rename renderersshagentservice to sshagentservice

* Rename cipheruuid to cipher_id

* Drop ssh dependencies from napi crate

* Clean up windows build

* Small cleanup

* Small cleanup

* Cleanup

* Add rxjs pipeline for agent services

* [PM-12555] Pkcs8 sshkey import & general ssh key import tests (#11048)

* Add pkcs8 import and tests

* Add key type unsupported error

* Remove unsupported formats

* Remove code for unsupported formats

* Fix encrypted pkcs8 import

* Add ed25519 pkcs8 unencrypted test file

* SSH agent rxjs tweaks (#11148)

* feat: rewrite sshagent.signrequest as purely observable

* feat: fail the request when unlock times out

* chore: clean up, add some clarifying comments

* chore: remove unused dependency

* fix: result `undefined` crashing in NAPI -> Rust

* Allow concurrent SSH requests in rust

* Remove unwraps

* Cleanup and add init service init call

* Fix windows

* Fix timeout behavior on locked vault

---------

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>

* Fix libc dependency being duplicated

* fix SSH casing (#11840)

* Move ssh agent behind feature flag (#11841)

* Move ssh agent behind feature flag

* Add separate flag for ssh agent

* [PM-14215] fix unsupported key type error message (#11788)

* Fix error message for import of unsupported ssh keys

* Use triple equals in add-edit component for ssh keys

---------

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>
Co-authored-by: aj-bw <81774843+aj-bw@users.noreply.github.com>
2024-11-08 11:01:31 +01:00
Daniel García
2e6ed4a4fc
[PM-14270] Use rust to access windows registry (#11413) 2024-11-04 14:50:05 +01:00
Justin Baur
346329c23c
Run npm run electron (#11514) 2024-10-11 14:10:20 -04:00
renovate[bot]
4b200acc3e
[deps]: Update @napi-rs/cli to v2.18.4 (#10584)
* [deps]: Update @napi-rs/cli to v2.18.4

* fix: update desktop/src/package-lock.json to reflect sub-package dependencies

* feat: apply changes after running napi-rs/cli

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com>
2024-10-03 13:13:42 +02:00
Daniel García
9aeb412404
[PM-7646][PM-5506] Rust IPC changes: Episode 2 (#11122)
* Revert "[PM-7646][PM-5506] Revert IPC changes (#10946)"

This reverts commit ed4d481e4d.

* Ensure tmp dir gets created on MacOS

* Remove client reconnections

* Improve client error handling and process exiting
2024-10-01 16:28:56 +02:00
Todd Martin
ed4d481e4d
[PM-7646][PM-5506] Revert IPC changes (#10946)
* Revert "Remove unnecessary plist keys in desktop_proxy (#10933)"

This reverts commit 4dbb036df1.

* Revert "Fix TestFlight errors caused by desktop_proxy (#10928)"

This reverts commit 40cb4b5353.

* Revert "[PM-5506] Enable electron fuses (#10073)"

This reverts commit 78c5e9c706.

* Revert "[PM-7846] Implement a rust based native messaging proxy and IPC system (#9894)"

This reverts commit 55874b72bf.
2024-09-09 09:09:17 -04:00
Daniel García
55874b72bf
[PM-7846] Implement a rust based native messaging proxy and IPC system (#9894)
* [PM-7846] Implement a rust based native messaging proxy and IPC system

* Only build desktop_proxy

* Bundle the desktop_proxy file

* Make sys deps optional for the proxy

* Restore accidentally deleted after-sign

* Update native cache to contain dist folder

* Add some test logging

* Native module cache seems very aggressive

* Fix invalid directory

* Fix debug print

* Remove cache force

* Remove cache debug code

* Only log to file in debug builds

* Place the binary in the correct place for mac and make sure it's signed

* Fix platform paths

* Test unsigned appx

* Revert "Test unsigned appx"

This reverts commit e47535440a.

* Fix comment

* Remove logs

* Use debug builds in native code, and test private path on MacOS

* Add connected message

* Update IPC API comments

* Update linux to also use XDG_ dir

* Update main.rs comment

* Improve docs and split some tasks spawned into separate functions

* Update send docs and return number of elements sent

* Mark `listen` as async to ensure it runs in a tokio context, handle errors better

* Add log on client channel closed

* Move binary to MacOS folder, and sign it manually so it gets the correct entitlements

* Fix some review comments

* Run prettier

* Added missing zbus_polkit dep

* Extract magic number and increase it to match spec

* Comment fix

* Use Napi object, combine nativeBinding export, always log to file

* Missed one comment

* Remove unnecessary generics

* Correct comment

* Select only codesigning identities

* Filter certificates

* Also add local dev cert

* Remove log

* Fix package ID

* debug_assert won't run the pop() in release mode

* Better error messages

* Fix review comments

* Remove unnecessary comment

* Update napi generated TS file

* Temporary fix for DDG
2024-09-05 12:54:24 +02:00
Bernd Schoolmann
86f3a679ae
[PM-4530] Fix sso in snap desktop (#10548)
* Add localhost callback service for sso

* Fix redirect behaviour

* Update apps/desktop/src/app/app.component.ts

Co-authored-by: Daniel García <dani-garcia@users.noreply.github.com>

* Fix incorrect http response for sso callback

* Add sso error

* Update error message

---------

Co-authored-by: Daniel García <dani-garcia@users.noreply.github.com>
2024-08-26 15:13:45 +02:00
Bernd Schoolmann
2ce8500391
[PM-990] Unix biometrics unlock via Polkit (#4586)
* Update unix biometrics for desktop biometrics rework

* Implement polkit policy setup

* Enable browser integration on Linux

* Remove polkit policy file

* Undo change to messages.json

* Fix biometrics setup, implement missing functions

* Implement osSupportsBiometrics

* Fix polkit settings message

* Remove unwraps in biometrics unix rust module

* Force password reprompt on start on linux with biometrics

* Merge branch 'main' into feature/unix-biometrics

* Allow browser extension to be unlocked on Linux via Polkit

* Implement availability check

* Cleanup

* Add auto-setup, manual setup, setup detection and change localized prompts

* Implement missing methods

* Add i18n to polkit message

* Implement missing method

* Small cleanup

* Update polkit consent message

* Fix unlock and print errors on failed biometrics

* Add dependencies to core crate

* Fix reference and update polkit policy

* Remove async-trait

* Add tsdoc

* Add comment about auto setup

* Delete unused init

* Update help link

* Remove additional settings for polkit

* Add availability-check to passwords implementation on linux

* Add availability test

* Add availability check to libsecret

* Expose availability check in napi crate

* Update d.ts

* Update osSupportsBiometric check to detect libsecret presence

* Improve secret service detection

* Add client half to Linux biometrics

* Fix windows build

* Remove unencrypted key handling for biometric key

* Move rng to rust, align linux bio implementation with windows

* Consolidate elevated commands into one

* Disable snap support in linux biometrics

---------

Co-authored-by: DigitallyRefined <129616584+DigitallyRefined@users.noreply.github.com>
2024-08-06 11:04:17 -04:00
Bernd Schoolmann
8090a89a32
Add rust module to prevent run-time memory dumping of main (#9393) 2024-08-05 15:51:38 -04:00
Bernd Schoolmann
5cf29a655b
[PM-9149] Enable "Timeout on System Lock" on Linux Desktop (#9645)
* Enable system lock detection on linux

* Fix order of vault timeout options

* Port to new plit core / napi desktop native crates

* Make unimplemented implementation panic for on_lock

* Remove unecessary String::from

* Update cargo lock

* Extract generation of vault timeout options
2024-07-25 17:09:03 +02:00
Daniel García
33c985e00b
[PM-8789] Move desktop_native into subcrate (#9682)
* Move desktop_native into subcrate

* Add publish = false to crates
2024-07-01 15:19:29 +02:00