summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMathijs van Veluw <[email protected]>2024-09-20 20:38:42 +0200
committerGitHub <[email protected]>2024-09-20 20:38:42 +0200
commit7d6dec64138550643ee57c5a5341fa5c758c7f6f (patch)
treed3c70f9cda47ad084d0c6273eff8f7f47f4da1d3
parentde01111082cea605ad1788e9596b0078ef4fcc73 (diff)
downloadvaultwarden-7d6dec64138550643ee57c5a5341fa5c758c7f6f.tar.gz
vaultwarden-7d6dec64138550643ee57c5a5341fa5c758c7f6f.zip
Fix encrypted lastUsedDate (#4972)
It appears that some password histories have an encrypted value on the `lastUsedDate` Instead of only checking if it is a string, also check if it is a valid RFC Date/Time String. If not, set it also to epoch 0. Signed-off-by: BlackDex <[email protected]>
-rw-r--r--src/db/models/cipher.rs8
1 files changed, 4 insertions, 4 deletions
diff --git a/src/db/models/cipher.rs b/src/db/models/cipher.rs
index d0a95d3c..a445e5c5 100644
--- a/src/db/models/cipher.rs
+++ b/src/db/models/cipher.rs
@@ -1,6 +1,6 @@
use crate::util::LowerCase;
use crate::CONFIG;
-use chrono::{NaiveDateTime, TimeDelta, Utc};
+use chrono::{DateTime, NaiveDateTime, TimeDelta, Utc};
use serde_json::Value;
use super::{
@@ -190,14 +190,14 @@ impl Cipher {
.map(|d| {
// Check every password history item if they are valid and return it.
// If a password field has the type `null` skip it, it breaks newer Bitwarden clients
- // A second check is done to verify the lastUsedDate exists and is a string, if not the epoch start time will be used
+ // A second check is done to verify the lastUsedDate exists and is a valid DateTime string, if not the epoch start time will be used
d.into_iter()
.filter_map(|d| match d.data.get("password") {
Some(p) if p.is_string() => Some(d.data),
_ => None,
})
- .map(|d| match d.get("lastUsedDate") {
- Some(l) if l.is_string() => d,
+ .map(|d| match d.get("lastUsedDate").and_then(|l| l.as_str()) {
+ Some(l) if DateTime::parse_from_rfc3339(l).is_ok() => d,
_ => {
let mut d = d;
d["lastUsedDate"] = json!("1970-01-01T00:00:00.000Z");