hotfix: read soon-to-be deprecated env vars to avoid breakages like #114

chore: use libmcaptcha and libcachebust from crates.io

.github/workflows/coverage.yml

@@ -1,119 +1,119 @@
-name: Coverage
-
-on:
-  pull_request:
-    types: [opened, synchronize, reopened]
-  push:
-    branches:
-      - master
-      - db-abstract
-
-jobs:
-  build_and_test:
-    strategy:
-      fail-fast: false
-      matrix:
-        version:
-          - stable
-            #- 1.51.0
-
-    name: ${{ matrix.version }} - x86_64-unknown-linux-gnu
-    runs-on: ubuntu-latest
-
-    services:
-      postgres:
-        image: postgres
-        env:
-          POSTGRES_PASSWORD: password
-          POSTGRES_USER: postgres
-          POSTGRES_DB: postgres
-        options: >-
-          --health-cmd pg_isready
-          --health-interval 10s
-          --health-timeout 5s
-          --health-retries 5
-        ports:
-          - 5432:5432
-
-      mcaptcha-redis:
-        image: mcaptcha/cache
-        ports:
-          - 6379:6379
-
-      mcaptcha-smtp:
-        image: maildev/maildev
-        env:
-          MAILDEV_WEB_PORT: "1080"
-          MAILDEV_INCOMING_USER: "admin"
-          MAILDEV_INCOMING_PASS: "password"
-        ports:
-          - 1080:1080
-          - 10025:1025
-
-
-      maria:
-        image: mariadb:10
-        env: 
-          MARIADB_USER: "maria"
-          MARIADB_PASSWORD: "password"
-          MARIADB_ROOT_PASSWORD: "password"
-          MARIADB_DATABASE: "maria"
-        options: >-
-          --health-cmd="mysqladmin ping"
-          --health-interval=10s
-          --health-timeout=5s
-          --health-retries=10
-        ports:
-          - 3306:3306
-
-
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: load env
-        run: |
-          source .env_sample \
-            && echo "POSTGRES_DATABASE_URL=$POSTGRES_DATABASE_URL" >> $GITHUB_ENV \
-            && echo "MARIA_DATABASE_URL=$MARIA_DATABASE_URL" >> $GITHUB_ENV
-
-
-      - uses: actions/setup-node@v2
-        with:
-          node-version: "18.0.0"
-
-      - uses: actions-rust-lang/setup-rust-toolchain@v1
-
-      - name: Build frontend
-        run: make frontend
-
-      - name: Run the frontend tests
-        run: make test.frontend
-
-      - name: Run migrations
-        run: make migrate
-        env:
-          POSTGRES_DATABASE_URL: "${{ env.POSTGRES_DATABASE_URL }}"
-          MARIA_DATABASE_URL: "${{ env.MARIA_DATABASE_URL }}"
-
-      - name: build frontend
-        run: make frontend
-
-      - name: Generate coverage file
-        if: github.event_name == 'pull_request'
-        #if: (github.ref == 'refs/heads/master' || github.event_name == 'pull_request')
-        uses: actions-rs/tarpaulin@v0.1
-        with:
-          args: "-t 1200"
-        env:
-          POSTGRES_DATABASE_URL: "${{ env.POSTGRES_DATABASE_URL }}"
-          MARIA_DATABASE_URL: "${{ env.MARIA_DATABASE_URL }}"
-          # GIT_HASH is dummy value. I guess build.rs is skipped in tarpaulin
-          # execution so this value is required for preventing meta tests from
-          # panicking
-          GIT_HASH: 8e77345f1597e40c2e266cb4e6dee74888918a61
-          CACHE_BUSTER_FILE_MAP: '{"map":{"./static/bundle/main.js":"./prod/bundle/main.1417115E59909BE0A01040A45A398ADB09D928DF89CCF038FA44B14850442096.js"},"base_dir":"./prod"}'
-          COMPILED_DATE: "2021-07-21"
-
-      - name: Upload to Codecov
-        if: github.event_name == 'pull_request'
-        uses: codecov/codecov-action@v2
+#name: Coverage
+#
+#on:
+#  pull_request:
+#    types: [opened, synchronize, reopened]
+#  push:
+#    branches:
+#      - master
+#      - db-abstract
+#
+#jobs:
+#  build_and_test:
+#    strategy:
+#      fail-fast: false
+#      matrix:
+#        version:
+#          - stable
+#            #- 1.51.0
+#
+#    name: ${{ matrix.version }} - x86_64-unknown-linux-gnu
+#    runs-on: ubuntu-latest
+#
+#    services:
+#      postgres:
+#        image: postgres
+#        env:
+#          POSTGRES_PASSWORD: password
+#          POSTGRES_USER: postgres
+#          POSTGRES_DB: postgres
+#        options: >-
+#          --health-cmd pg_isready
+#          --health-interval 10s
+#          --health-timeout 5s
+#          --health-retries 5
+#        ports:
+#          - 5432:5432
+#
+#      mcaptcha-redis:
+#        image: mcaptcha/cache
+#        ports:
+#          - 6379:6379
+#
+#      mcaptcha-smtp:
+#        image: maildev/maildev
+#        env:
+#          MAILDEV_WEB_PORT: "1080"
+#          MAILDEV_INCOMING_USER: "admin"
+#          MAILDEV_INCOMING_PASS: "password"
+#        ports:
+#          - 1080:1080
+#          - 10025:1025
+#
+#
+#      maria:
+#        image: mariadb:10
+#        env: 
+#          MARIADB_USER: "maria"
+#          MARIADB_PASSWORD: "password"
+#          MARIADB_ROOT_PASSWORD: "password"
+#          MARIADB_DATABASE: "maria"
+#        options: >-
+#          --health-cmd="mysqladmin ping"
+#          --health-interval=10s
+#          --health-timeout=5s
+#          --health-retries=10
+#        ports:
+#          - 3306:3306
+#
+#
+#    steps:
+#      - uses: actions/checkout@v4
+#
+#      - name: load env
+#        run: |
+#          source .env_sample \
+#            && echo "POSTGRES_DATABASE_URL=$POSTGRES_DATABASE_URL" >> $GITHUB_ENV \
+#            && echo "MARIA_DATABASE_URL=$MARIA_DATABASE_URL" >> $GITHUB_ENV
+#
+#
+#      - uses: actions/setup-node@v2
+#        with:
+#          node-version: "18.0.0"
+#
+#      - uses: actions-rust-lang/setup-rust-toolchain@v1
+#
+#      - name: Build frontend
+#        run: make frontend
+#
+#      - name: Run the frontend tests
+#        run: make test.frontend
+#
+#      - name: Run migrations
+#        run: make migrate
+#        env:
+#          POSTGRES_DATABASE_URL: "${{ env.POSTGRES_DATABASE_URL }}"
+#          MARIA_DATABASE_URL: "${{ env.MARIA_DATABASE_URL }}"
+#
+#      - name: build frontend
+#        run: make frontend
+#
+#      - name: Generate coverage file
+#        if: github.event_name == 'pull_request'
+#        #if: (github.ref == 'refs/heads/master' || github.event_name == 'pull_request')
+#        uses: actions-rs/tarpaulin@v0.1
+#        with:
+#          args: "-t 1200"
+#        env:
+#          POSTGRES_DATABASE_URL: "${{ env.POSTGRES_DATABASE_URL }}"
+#          MARIA_DATABASE_URL: "${{ env.MARIA_DATABASE_URL }}"
+#          # GIT_HASH is dummy value. I guess build.rs is skipped in tarpaulin
+#          # execution so this value is required for preventing meta tests from
+#          # panicking
+#          GIT_HASH: 8e77345f1597e40c2e266cb4e6dee74888918a61
+#          CACHE_BUSTER_FILE_MAP: '{"map":{"./static/bundle/main.js":"./prod/bundle/main.1417115E59909BE0A01040A45A398ADB09D928DF89CCF038FA44B14850442096.js"},"base_dir":"./prod"}'
+#          COMPILED_DATE: "2021-07-21"
+#
+#      - name: Upload to Codecov
+#        if: github.event_name == 'pull_request'
+#        uses: codecov/codecov-action@v2

.github/workflows/linux.yml

@@ -119,7 +119,7 @@ jobs:
         run: make test.integration
 
       - name: Login to DockerHub
-        if: (github.ref == 'refs/heads/master' || github.event_name == 'push') && github.repository == 'mCaptcha/mCaptcha'
+        if: github.ref == 'refs/heads/master' && github.event_name == 'push' && github.repository == 'mCaptcha/mCaptcha'
         uses: docker/login-action@v1
         with:
           username: mcaptcha

CHANGELOG.md

@@ -2,6 +2,9 @@
 
 ### Changed
 
+-   2023-10-18: Environment variable names have changed, please see
+    [CONFIGURATION.md](docs/CONFIGURATION.md) for the names of environment
+    variables.
 -   ([`7d0e4c6`](https://github.com/mCaptcha/mCaptcha/commit/7d0e4c6be4b0769921cda7681858ebe16ec9a07b)) Add `secret` parameter to token verification request payload(`/api/v1/pow/siteverify`) to mitigate a security issue that @gusted found:
     > ...A malicious user could grab the sitekey
     > and use that sitekey with mcaptcha to use it for their own server.

docker-compose.yml

@@ -11,8 +11,8 @@ services:
       - 7000:7000
     environment:
       DATABASE_URL: postgres://postgres:password@mcaptcha_postgres:5432/postgres # set password at placeholder
-      MCAPTCHA_REDIS_URL: redis://mcaptcha_redis/
-      RUST_LOG: debug
+      MCAPTCHA_redis_URL: "redis://mcaptcha_redis/"
+      RUST_LOG: "debug"
       PORT: 7000
     depends_on:
       - mcaptcha_postgres

docs/openapi/package.json

@@ -11,7 +11,7 @@
     "type": "git",
     "url": "git+https://github.com/mCaptcha/mCaptcha.git"
   },
-  "license": "AGPL3",
+  "license": "AGPL-3.0-or-later",
   "bugs": {
     "url": "https://github.com/mCaptcha/mCaptcha/issues"
   },

src/main.rs

@@ -93,7 +93,9 @@ pub type AppData = actix_web::web::Data<ArcData>;
 async fn main() -> std::io::Result<()> {
     use std::time::Duration;
 
-    env::set_var("RUST_LOG", "info");
+    if env::var("RUST_LOG").is_err() {
+        env::set_var("RUST_LOG", "info");
+    }
 
     pretty_env_logger::init();
     info!(

src/settings.rs

@@ -118,8 +118,8 @@ const ENV_VAR_CONFIG: [(&str, &str); 29] = [
     ("database.pool", "MCAPTCHA_database_POOL"),
 
     /* redis */
-    ("redis.url", "MCPATCHA_redis_URL"),
-    ("redis.pool", "MCPATCHA_redis_POOL"),
+    ("redis.url", "MCAPTCHA_redis_URL"),
+    ("redis.pool", "MCAPTCHA_redis_POOL"),
 
     /* server */
     ("server.port", "PORT"),
@@ -145,17 +145,44 @@ const ENV_VAR_CONFIG: [(&str, &str); 29] = [
 
 
     /* SMTP */
-    ("smtp.from", "MCPATCHA_smtp_FROM"),
-    ("smtp.reply", "MCPATCHA_smtp_REPLY"),
-    ("smtp.url", "MCPATCHA_smtp_URL"),
-    ("smtp.username", "MCPATCHA_smtp_USERNAME"),
-    ("smtp.password", "MCPATCHA_smtp_PASSWORD"),
-    ("smtp.port", "MCPATCHA_smtp_PORT"),
+    ("smtp.from", "MCAPTCHA_smtp_FROM"),
+    ("smtp.reply", "MCAPTCHA_smtp_REPLY"),
+    ("smtp.url", "MCAPTCHA_smtp_URL"),
+    ("smtp.username", "MCAPTCHA_smtp_USERNAME"),
+    ("smtp.password", "MCAPTCHA_smtp_PASSWORD"),
+    ("smtp.port", "MCAPTCHA_smtp_PORT"),
 
 
 
 ];
 
+
+const DEPRECATED_ENV_VARS: [(&str, &str); 23] = [
+    ("debug","MCAPTCHA_DEBUG"),
+    ("commercial","MCAPTCHA_COMMERCIAL"),
+    ("source_code", "MCAPTCHA_SOURCE_CODE"),
+    ("allow_registration", "MCAPTCHA_ALLOW_REGISTRATION"),
+    ("allow_demo", "MCAPTCHA_ALLOW_DEMO"),
+    ("redis.pool", "MCAPTCHA_REDIS_POOL"),
+    ("redis.url", "MCAPTCHA_REDIS_URL"),
+    ("server.port", "MCAPTCHA_SERVER_PORT"),
+    ("server.ip", "MCAPTCHA_SERVER_IP"),
+    ("server.domain", "MCAPTCHA_SERVER_DOMAIN"),
+    ("server.cookie_secret", "MCAPTCHA_SERVER_COOKIE_SECRET"),
+    ("server.proxy_has_tls", "MCAPTCHA_SERVER_PROXY_HAS_TLS"),
+    ("captcha.salt", "MCAPTCHA_CAPTCHA_SALT"),
+    ("captcha.gc", "MCAPTCHA_CAPTCHA_GC"),
+    ("captcha.default_difficulty_strategy.avg_traffic_difficulty", "MCAPTCHA_CAPTCHA_AVG_TRAFFIC_DIFFICULTY"),
+    ("captcha.default_difficulty_strategy.peak_sustainable_traffic_difficulty", "MCAPTCHA_CAPTCHA_PEAK_TRAFFIC_DIFFICULTY"),
+    ("captcha.default_difficulty_strategy.broke_my_site_traffic_difficulty", "MCAPTCHA_CAPTCHA_BROKE_MY_SITE_TRAFFIC"),
+    ("smtp.from", "MCAPTCHA_SMTP_FROM"),
+    ("smtp.reply", "MCAPTCHA_SMTP_REPLY_TO"),
+    ("smtp.url", "MCAPTCHA_SMTP_URL"),
+    ("smtp.username", "MCAPTCHA_SMTP_USERNAME"),
+    ("smtp.password", "MCAPTCHA_SMTP_PASSWORD"),
+    ("smtp.port", "MCAPTCHA_SMTP_PORT"),
+];
+
 #[cfg(not(tarpaulin_include))]
 impl Settings {
     pub fn new() -> Result<Self, ConfigError> {
@@ -210,6 +237,17 @@ impl Settings {
     }
 
     fn env_override(mut s: ConfigBuilder<DefaultState>) -> ConfigBuilder<DefaultState> {
+
+        for (parameter, env_var_name) in DEPRECATED_ENV_VARS.iter() {
+            if let Ok(val) = env::var(env_var_name) {
+                log::warn!(
+                    "Found {env_var_name}. {env_var_name} will be deprecated soon. Please see https://github.com/mCaptcha/mCaptcha/blob/master/docs/CONFIGURATION.md for latest environment variable names"
+                );
+                s = s.set_override(parameter, val).unwrap();
+            }
+        }
+
+
         for (parameter, env_var_name) in ENV_VAR_CONFIG.iter() {
             if let Ok(val) = env::var(env_var_name) {
                 log::debug!(
@@ -239,8 +277,10 @@ mod tests {
 
     use super::*;
 
+
+
     #[test]
-    fn env_override_works() {
+    fn deprecated_env_override_works() {
         use crate::tests::get_settings;
         let init_settings = get_settings();
         // so that it can be tested outside the macro (helper) too
@@ -249,6 +289,126 @@ mod tests {
         macro_rules! helper {
 
 
+            ($env:expr, $val:expr, $val_typed:expr, $($param:ident).+) => {
+                println!("Setting env var {} to {} for test", $env, $val);
+                env::set_var($env, $val);
+                new_settings = get_settings();
+                assert_eq!(new_settings.$($param).+, $val_typed);
+                assert_ne!(new_settings.$($param).+, init_settings.$($param).+);
+                env::remove_var($env);
+            };
+
+
+            ($env:expr, $val:expr, $($param:ident).+) => {
+                helper!($env, $val.to_string(), $val, $($param).+);
+            };
+        }
+
+        /* top level */
+        helper!("MCAPTCHA_DEBUG", !init_settings.debug, debug);
+        helper!("MCAPTCHA_COMMERCIAL", !init_settings.commercial, commercial);
+        helper!("MCAPTCHA_ALLOW_REGISTRATION", !init_settings.allow_registration, allow_registration);
+        helper!("MCAPTCHA_ALLOW_DEMO", !init_settings.allow_demo, allow_demo);
+
+        /* database_type */
+
+        /* redis.url */
+        let env = "MCAPTCHA_REDIS_URL";
+        let val = "redis://redis.example.org";
+        println!("Setting env var {} to {} for test", env, val);
+        env::set_var(env, val);
+        new_settings = get_settings();
+        assert_eq!(new_settings.redis.as_ref().unwrap().url, val);
+        assert_ne!(
+            new_settings.redis.as_ref().unwrap().url,
+            init_settings.redis.as_ref().unwrap().url
+        );
+        env::remove_var(env);
+
+        /* redis.pool */
+        let env = "MCAPTCHA_REDIS_POOL";
+        let val = 999;
+        println!("Setting env var {} to {} for test", env, val);
+        env::set_var(env, val.to_string());
+        new_settings = get_settings();
+        assert_eq!(new_settings.redis.as_ref().unwrap().pool, val);
+        assert_ne!(
+            new_settings.redis.as_ref().unwrap().pool,
+            init_settings.redis.as_ref().unwrap().pool
+        );
+        env::remove_var(env);
+
+        helper!("PORT", 0, server.port);
+        helper!("MCAPTCHA_SERVER_DOMAIN", "example.org", server.domain);
+        helper!(
+            "MCAPTCHA_SERVER_COOKIE_SECRET",
+            "dafasdfsdf",
+            server.cookie_secret
+        );
+        helper!("MCAPTCHA_SERVER_IP", "9.9.9.9", server.ip);
+        helper!("MCAPTCHA_SERVER_PROXY_HAS_TLS", true, server.proxy_has_tls);
+
+        /* captcha */
+
+        helper!("MCAPTCHA_CAPTCHA_SALT", "foobarasdfasdf", captcha.salt);
+        helper!("MCAPTCHA_CAPTCHA_GC", 500, captcha.gc);
+        helper!(
+            "MCAPTCHA_captcha_RUNNERS",
+            "500",
+            Some(500),
+            captcha.runners
+        );
+
+        helper!(
+            "MCAPTCHA_CAPTCHA_AVG_TRAFFIC_DIFFICULTY",
+            999,
+            captcha.default_difficulty_strategy.avg_traffic_difficulty
+        );
+        helper!("MCAPTCHA_CAPTCHA_PEAK_TRAFFIC_DIFFICULTY", 999 , captcha.default_difficulty_strategy.peak_sustainable_traffic_difficulty);
+        helper!("MCAPTCHA_CAPTCHA_BROKE_MY_SITE_TRAFFIC", 999 , captcha.default_difficulty_strategy.broke_my_site_traffic_difficulty);
+
+        /* SMTP */
+
+        let vals = [
+            "MCAPTCHA_SMTP_FROM",
+            "MCAPTCHA_SMTP_REPLY_TO",
+            "MCAPTCHA_SMTP_URL",
+            "MCAPTCHA_SMTP_USERNAME",
+            "MCAPTCHA_SMTP_PASSWORD",
+            "MCAPTCHA_SMTP_PORT",
+        ];
+        for env in vals.iter() {
+            println!("Setting env var {} to {} for test", env, env);
+            env::set_var(env, env);
+        }
+
+        let port = 9999;
+        env::set_var("MCAPTCHA_SMTP_PORT", port.to_string());
+
+        new_settings = get_settings();
+        let smtp_new = new_settings.smtp.as_ref().unwrap();
+        let smtp_old = init_settings.smtp.as_ref().unwrap();
+        assert_eq!(smtp_new.from, "MCAPTCHA_SMTP_FROM");
+        assert_eq!(smtp_new.reply, "MCAPTCHA_SMTP_REPLY_TO");
+        assert_eq!(smtp_new.username, "MCAPTCHA_SMTP_USERNAME");
+        assert_eq!(smtp_new.password, "MCAPTCHA_SMTP_PASSWORD");
+        assert_eq!(smtp_new.port, port);
+        assert_ne!(smtp_new, smtp_old);
+
+        for env in vals.iter() {
+            env::remove_var(env);
+        }
+    }
+
+
+    #[test]
+    fn env_override_works() {
+        use crate::tests::get_settings;
+        let init_settings = get_settings();
+        // so that it can be tested outside the macro (helper) too
+        let mut new_settings;
+
+        macro_rules! helper {
 
 
             ($env:expr, $val:expr, $val_typed:expr, $($param:ident).+) => {
@@ -291,7 +451,7 @@ mod tests {
         /* redis */
 
         /* redis.url */
-        let env = "MCPATCHA_redis_URL";
+        let env = "MCAPTCHA_redis_URL";
         let val = "redis://redis.example.org";
         println!("Setting env var {} to {} for test", env, val);
         env::set_var(env, val);
@@ -304,7 +464,7 @@ mod tests {
         env::remove_var(env);
 
         /* redis.pool */
-        let env = "MCPATCHA_redis_POOL";
+        let env = "MCAPTCHA_redis_POOL";
         let val = 999;
         println!("Setting env var {} to {} for test", env, val);
         env::set_var(env, val.to_string());
@@ -355,12 +515,12 @@ mod tests {
         /* SMTP */
 
         let vals = [
-            "MCPATCHA_smtp_FROM",
-            "MCPATCHA_smtp_REPLY",
-            "MCPATCHA_smtp_URL",
-            "MCPATCHA_smtp_USERNAME",
-            "MCPATCHA_smtp_PASSWORD",
-            "MCPATCHA_smtp_PORT",
+            "MCAPTCHA_smtp_FROM",
+            "MCAPTCHA_smtp_REPLY",
+            "MCAPTCHA_smtp_URL",
+            "MCAPTCHA_smtp_USERNAME",
+            "MCAPTCHA_smtp_PASSWORD",
+            "MCAPTCHA_smtp_PORT",
         ];
         for env in vals.iter() {
             println!("Setting env var {} to {} for test", env, env);
@@ -368,15 +528,15 @@ mod tests {
         }
 
         let port = 9999;
-        env::set_var("MCPATCHA_smtp_PORT", port.to_string());
+        env::set_var("MCAPTCHA_smtp_PORT", port.to_string());
 
         new_settings = get_settings();
         let smtp_new = new_settings.smtp.as_ref().unwrap();
         let smtp_old = init_settings.smtp.as_ref().unwrap();
-        assert_eq!(smtp_new.from, "MCPATCHA_smtp_FROM");
-        assert_eq!(smtp_new.reply, "MCPATCHA_smtp_REPLY");
-        assert_eq!(smtp_new.username, "MCPATCHA_smtp_USERNAME");
-        assert_eq!(smtp_new.password, "MCPATCHA_smtp_PASSWORD");
+        assert_eq!(smtp_new.from, "MCAPTCHA_smtp_FROM");
+        assert_eq!(smtp_new.reply, "MCAPTCHA_smtp_REPLY");
+        assert_eq!(smtp_new.username, "MCAPTCHA_smtp_USERNAME");
+        assert_eq!(smtp_new.password, "MCAPTCHA_smtp_PASSWORD");
         assert_eq!(smtp_new.port, port);
         assert_ne!(smtp_new, smtp_old);