Merge branch 'develop' into feature/yubikey

This commit is contained in:
Janek Bevendorff 2017-03-03 22:04:55 +01:00
commit 5df7b9aa85
No known key found for this signature in database
GPG Key ID: CFEC2F6850BFFA53
14 changed files with 1606 additions and 641 deletions

View File

@ -1,3 +1,15 @@
2.1.3 (2017-03-03)
=========================
- Fix possible overflow in zxcvbn library [#363]
- Revert HiDPI setting to avoid problems on laptop screens [#332]
- Set file meta properties in Windows executable [#330]
- Suppress error message when auto-reloading a locked database [#345]
- Improve usability of question dialog when database is already locked by a different instance [#346]
- Fix compiler warnings in QHttp library [#351]
- Use unified toolbar on Mac OS X [#361]
- Fix an issue on X11 where the main window would be raised instead of closed on Alt+F4 [#362]
2.1.2 (2017-02-17) 2.1.2 (2017-02-17)
========================= =========================

View File

@ -34,12 +34,12 @@ option(WITH_GUI_TESTS "Enable building of GUI tests" OFF)
option(WITH_DEV_BUILD "Use only for development. Disables/warns about deprecated methods." OFF) option(WITH_DEV_BUILD "Use only for development. Disables/warns about deprecated methods." OFF)
option(WITH_COVERAGE "Use to build with coverage tests. (GCC ONLY)." OFF) option(WITH_COVERAGE "Use to build with coverage tests. (GCC ONLY)." OFF)
option(WITH_XC_AUTOTYPE "Include Auto-Type." OFF) option(WITH_XC_AUTOTYPE "Include Auto-Type." ON)
option(WITH_XC_HTTP "Include KeePassHTTP support." OFF) option(WITH_XC_HTTP "Include KeePassHTTP and Custom Icon Downloads." OFF)
option(WITH_XC_YUBIKEY "Include YubiKey support." OFF) option(WITH_XC_YUBIKEY "Include YubiKey support." OFF)
set(KEEPASSXC_VERSION "2.1.2") set(KEEPASSXC_VERSION "2.1.3")
set(KEEPASSXC_VERSION_NUM "2.1.2") set(KEEPASSXC_VERSION_NUM "2.1.3")
if("${CMAKE_C_COMPILER}" MATCHES "clang$" OR "${CMAKE_C_COMPILER_ID}" STREQUAL "Clang") if("${CMAKE_C_COMPILER}" MATCHES "clang$" OR "${CMAKE_C_COMPILER_ID}" STREQUAL "Clang")
set(CMAKE_COMPILER_IS_CLANG 1) set(CMAKE_COMPILER_IS_CLANG 1)

View File

@ -388,11 +388,6 @@ Discard changes and close anyway?</source>
<source>Unable to open the database.</source> <source>Unable to open the database.</source>
<translation type="unfinished"></translation> <translation type="unfinished"></translation>
</message> </message>
<message>
<source>The database you are trying to open is locked by another instance of KeePassXC.
Do you want to open it anyway? Alternatively the database is opened read-only.</source>
<translation type="unfinished"></translation>
</message>
<message> <message>
<source>Merge database</source> <source>Merge database</source>
<translation type="unfinished"></translation> <translation type="unfinished"></translation>
@ -406,6 +401,20 @@ Do you want to save it anyway?</source>
<source>Passwords</source> <source>Passwords</source>
<translation type="unfinished"></translation> <translation type="unfinished"></translation>
</message> </message>
<message>
<source>Database already opened</source>
<translation type="unfinished"></translation>
</message>
<message>
<source>The database you are trying to open is locked by another instance of KeePassXC.
Do you want to open it anyway?</source>
<translation type="unfinished"></translation>
</message>
<message>
<source>Open read-only</source>
<translation type="unfinished"></translation>
</message>
</context> </context>
<context> <context>
<name>DatabaseWidget</name> <name>DatabaseWidget</name>
@ -516,10 +525,6 @@ Do you want to save it anyway?</source>
<source>Autoreload Failed</source> <source>Autoreload Failed</source>
<translation type="unfinished"></translation> <translation type="unfinished"></translation>
</message> </message>
<message>
<source>Could not parse or unlock the new database file while attempting to autoreload this database.</source>
<translation type="unfinished"></translation>
</message>
<message> <message>
<source>Could not open the new database file while attempting to autoreload this database.</source> <source>Could not open the new database file while attempting to autoreload this database.</source>
<translation type="unfinished"></translation> <translation type="unfinished"></translation>

File diff suppressed because it is too large Load Diff

View File

@ -13,16 +13,16 @@
<source>About KeePassXC</source> <source>About KeePassXC</source>
<translation>Apie KeePassXC</translation> <translation>Apie KeePassXC</translation>
</message> </message>
<message>
<source>KeePassXC is distributed under the term of the GNU General Public License (GPL) version 2 or (at your option) version 3.</source>
<translation>KeePassXC yra platinama GNU Bendrosios Viešosios Licencijos (GPL) versijos 2 arba (jūsų pasirinkimu) versijos 3 sąlygomis.</translation>
</message>
<message> <message>
<source>Extensions: <source>Extensions:
</source> </source>
<translation>Plėtiniai: <translation>Plėtiniai:
</translation> </translation>
</message> </message>
<message>
<source>KeePassXC is distributed under the terms of the GNU General Public License (GPL) version 2 or (at your option) version 3.</source>
<translation>KeePassXC yra platinama GNU Bendrosios Viešosios Licencijos (GPL) versijos 2 arba (jūsų pasirinkimu) versijos 3 sąlygomis.</translation>
</message>
</context> </context>
<context> <context>
<name>AccessControlDialog</name> <name>AccessControlDialog</name>
@ -100,10 +100,6 @@ Pasirinkite, ar norite leisti prieigą.</translation>
<source>Repeat password:</source> <source>Repeat password:</source>
<translation>Pakartokite slaptažodį:</translation> <translation>Pakartokite slaptažodį:</translation>
</message> </message>
<message>
<source>Key file</source>
<translation>Rakto failas</translation>
</message>
<message> <message>
<source>Browse</source> <source>Browse</source>
<translation>Naršyti</translation> <translation>Naršyti</translation>
@ -158,6 +154,10 @@ Pasirinkite, ar norite leisti prieigą.</translation>
<translation>Nepavyko nustatyti %1 kaip rakto failą: <translation>Nepavyko nustatyti %1 kaip rakto failą:
%2</translation> %2</translation>
</message> </message>
<message>
<source>&amp;Key file</source>
<translation>&amp;Rakto failas</translation>
</message>
</context> </context>
<context> <context>
<name>DatabaseOpenWidget</name> <name>DatabaseOpenWidget</name>
@ -257,10 +257,6 @@ Dabar galite ją įrašyti.</translation>
<source>Default username:</source> <source>Default username:</source>
<translation>Numatytasis naudotojo vardas:</translation> <translation>Numatytasis naudotojo vardas:</translation>
</message> </message>
<message>
<source>Use recycle bin:</source>
<translation>Naudoti šiukšlinę:</translation>
</message>
<message> <message>
<source> MiB</source> <source> MiB</source>
<translation> MiB</translation> <translation> MiB</translation>
@ -277,6 +273,10 @@ Dabar galite ją įrašyti.</translation>
<source>Max. history size:</source> <source>Max. history size:</source>
<translation>Didžiausias istorijos dydis:</translation> <translation>Didžiausias istorijos dydis:</translation>
</message> </message>
<message>
<source>Use recycle bin</source>
<translation>Naudoti šiukšlinę</translation>
</message>
</context> </context>
<context> <context>
<name>DatabaseTabWidget</name> <name>DatabaseTabWidget</name>
@ -396,12 +396,6 @@ Vis tiek atmesti pakeitimus ir užverti?</translation>
<source>Unable to open the database.</source> <source>Unable to open the database.</source>
<translation>Nepavyko atverti duomenų bazės.</translation> <translation>Nepavyko atverti duomenų bazės.</translation>
</message> </message>
<message>
<source>The database you are trying to open is locked by another instance of KeePassXC.
Do you want to open it anyway? Alternatively the database is opened read-only.</source>
<translation>Duomenų bazė, kurią bandote atverti, yra užrakinta kito KeePassXC egzemplioriaus.
Ar vis tiek norite atverti? Tokiu atveju duomenų bazė bus atverta tik skaitymui.</translation>
</message>
<message> <message>
<source>Merge database</source> <source>Merge database</source>
<translation>Sulieti duomenų bazę</translation> <translation>Sulieti duomenų bazę</translation>
@ -412,6 +406,25 @@ Do you want to save it anyway?</source>
<translation>Duomenų bazė, kurią bandote įrašyti yra užrakinta kito KeePassXC programos egzemplioriaus. <translation>Duomenų bazė, kurią bandote įrašyti yra užrakinta kito KeePassXC programos egzemplioriaus.
Ar vis tiek norite įrašyti?</translation> Ar vis tiek norite įrašyti?</translation>
</message> </message>
<message>
<source>Passwords</source>
<translation>Slaptažodžiai</translation>
</message>
<message>
<source>Database already opened</source>
<translation>Duomenų bazė jau atverta</translation>
</message>
<message>
<source>The database you are trying to open is locked by another instance of KeePassXC.
Do you want to open it anyway?</source>
<translation>Duomenų bazė, kurią bandote atverti yra užrakinta kito KeePassXC programos egzemplioriaus.
Ar vis tiek norite atverti?</translation>
</message>
<message>
<source>Open read-only</source>
<translation>Atverti tik skaitymui</translation>
</message>
</context> </context>
<context> <context>
<name>DatabaseWidget</name> <name>DatabaseWidget</name>
@ -519,10 +532,6 @@ Ar vis tiek norite ją įrašyti?</translation>
<source>Autoreload Failed</source> <source>Autoreload Failed</source>
<translation>Automatinis įkėlimas naujo nepavyko</translation> <translation>Automatinis įkėlimas naujo nepavyko</translation>
</message> </message>
<message>
<source>Could not parse or unlock the new database file while attempting to autoreload this database.</source>
<translation>Nepavyko išanalizuoti ar atrakinti naujos duomenų bazės failo, bandant automatiškai naujo įkelti š duomenų bazę.</translation>
</message>
<message> <message>
<source>Could not open the new database file while attempting to autoreload this database.</source> <source>Could not open the new database file while attempting to autoreload this database.</source>
<translation>Nepavyko atverti naujos duomenų bazės failo, bandant automatiškai naujo įkelti š duomenų bazę.</translation> <translation>Nepavyko atverti naujos duomenų bazės failo, bandant automatiškai naujo įkelti š duomenų bazę.</translation>
@ -650,14 +659,6 @@ Ar vis tiek norite ją įrašyti?</translation>
<source>Enable Auto-Type for this entry</source> <source>Enable Auto-Type for this entry</source>
<translation>Įjungti šiam įrašui automatinį rinkimą</translation> <translation>Įjungti šiam įrašui automatinį rinkimą</translation>
</message> </message>
<message>
<source>Inherit default Auto-Type sequence from the group</source>
<translation>Paveldėti numatytąją automatinio rinkimo seką grupės</translation>
</message>
<message>
<source>Use custom Auto-Type sequence:</source>
<translation>Naudoti tinkintą automatinio rinkimo seka:</translation>
</message>
<message> <message>
<source>+</source> <source>+</source>
<translation>+</translation> <translation>+</translation>
@ -671,12 +672,20 @@ Ar vis tiek norite ją įrašyti?</translation>
<translation>Lango antraštė:</translation> <translation>Lango antraštė:</translation>
</message> </message>
<message> <message>
<source>Use default sequence</source> <source>Inherit default Auto-Type sequence from the &amp;group</source>
<translation>Naudoti numatytąją seką</translation> <translation>Paveldėti numatytąją automatinio rinkimo seką &amp;grupės</translation>
</message> </message>
<message> <message>
<source>Set custom sequence:</source> <source>&amp;Use custom Auto-Type sequence:</source>
<translation>Nustatyti tinkintą seką:</translation> <translation>Na&amp;udoti tinkintą automatinio rinkimo seka:</translation>
</message>
<message>
<source>Use default se&amp;quence</source>
<translation>Naudoti numatytąją se&amp;</translation>
</message>
<message>
<source>Set custo&amp;m sequence:</source>
<translation>Nustatyti tinkintą s&amp;eką:</translation>
</message> </message>
</context> </context>
<context> <context>
@ -801,14 +810,6 @@ Ar vis tiek norite ją įrašyti?</translation>
</context> </context>
<context> <context>
<name>EditWidgetIcons</name> <name>EditWidgetIcons</name>
<message>
<source>Use default icon</source>
<translation>Naudoti numatytąją piktogramą</translation>
</message>
<message>
<source>Use custom icon</source>
<translation>Naudoti tinkintą piktogramą</translation>
</message>
<message> <message>
<source>Add custom icon</source> <source>Add custom icon</source>
<translation>Pridėti tinkintą piktogramą</translation> <translation>Pridėti tinkintą piktogramą</translation>
@ -853,6 +854,14 @@ Ar vis tiek norite ją įrašyti?</translation>
<source>Can&apos;t delete icon. Still used by %1 items.</source> <source>Can&apos;t delete icon. Still used by %1 items.</source>
<translation>Nepavyksta ištrinti piktogramos. Vis dar naudojama %1 elementų.</translation> <translation>Nepavyksta ištrinti piktogramos. Vis dar naudojama %1 elementų.</translation>
</message> </message>
<message>
<source>&amp;Use default icon</source>
<translation>Na&amp;udoti numatytąją piktogramą</translation>
</message>
<message>
<source>Use custo&amp;m icon</source>
<translation>Naudoti tinkintą piktogra&amp;</translation>
</message>
</context> </context>
<context> <context>
<name>EditWidgetProperties</name> <name>EditWidgetProperties</name>
@ -1298,12 +1307,6 @@ Tai yra vienakryptis perkėlimas. Jūs negalėsite atverti importuotos duomenų
<source>Sh&amp;ow a notification when credentials are requested</source> <source>Sh&amp;ow a notification when credentials are requested</source>
<translation>R&amp;odyti pranešimą, kai reikalaujama prisijungimo duomenų</translation> <translation>R&amp;odyti pranešimą, kai reikalaujama prisijungimo duomenų</translation>
</message> </message>
<message>
<source>&amp;Return only best matching entries for an URL instead
of all entries for the whole domain</source>
<translation>&amp;Vietoj visų įrašų, skirtų visai sričiai,
grąžinti tik geriausiai atitinkančius įrašus, skirtus URL</translation>
</message>
<message> <message>
<source>&amp;Match URL schemes <source>&amp;Match URL schemes
Only entries with the same scheme (http://, https://, ftp://, ...) are returned</source> Only entries with the same scheme (http://, https://, ftp://, ...) are returned</source>
@ -1314,10 +1317,6 @@ Bus grąžinami įrašai tik su ta pačia schema (http://, https://, ftp://, ...
<source>Sort matching entries by &amp;username</source> <source>Sort matching entries by &amp;username</source>
<translation>Rikiuoti atitinkančius įrašus pagal na&amp;udotojo vardą</translation> <translation>Rikiuoti atitinkančius įrašus pagal na&amp;udotojo vardą</translation>
</message> </message>
<message>
<source>R&amp;emove all shared encryption-keys from active database</source>
<translation>Ša&amp;linti aktyvios duomenų bazės visus bendrinamus šifravimo raktus</translation>
</message>
<message> <message>
<source>Re&amp;move all stored permissions from entries in active database</source> <source>Re&amp;move all stored permissions from entries in active database</source>
<translation>Šal&amp;inti įrašų aktyvioje duomenų bazėje visus saugomus leidimus</translation> <translation>Šal&amp;inti įrašų aktyvioje duomenų bazėje visus saugomus leidimus</translation>
@ -1330,10 +1329,6 @@ Bus grąžinami įrašai tik su ta pačia schema (http://, https://, ftp://, ...
<source>Advanced</source> <source>Advanced</source>
<translation>Išplėstiniai</translation> <translation>Išplėstiniai</translation>
</message> </message>
<message>
<source>Activate the following only, if you know what you are doing!</source>
<translation>Aktyvuokite tai tik tuo atveju, jeigu žinote darote!</translation>
</message>
<message> <message>
<source>Always allow &amp;access to entries</source> <source>Always allow &amp;access to entries</source>
<translation>Visada leisti &amp;prieigą prie įrašų</translation> <translation>Visada leisti &amp;prieigą prie įrašų</translation>
@ -1350,14 +1345,6 @@ Bus grąžinami įrašai tik su ta pačia schema (http://, https://, ftp://, ...
<source>Only the selected database has to be connected with a client!</source> <source>Only the selected database has to be connected with a client!</source>
<translation>Su klientu turi būti sujungta tik pasirinkta duomenų bazė!</translation> <translation>Su klientu turi būti sujungta tik pasirinkta duomenų bazė!</translation>
</message> </message>
<message>
<source>&amp;Return also advanced string fields which start with &quot;KPH: &quot;</source>
<translation>&amp;Taip pat grąžinti ir išplėstines eilutes, kurios prasideda &quot;KPH: &quot;</translation>
</message>
<message>
<source>Automatic creates or updates are not supported for string fields!</source>
<translation>Šiems eilutės laukams automatiniai kūrimai ir atnaujinimai neprieinami!</translation>
</message>
<message> <message>
<source>HTTP Port:</source> <source>HTTP Port:</source>
<translation>HTTP prievadas:</translation> <translation>HTTP prievadas:</translation>
@ -1394,6 +1381,28 @@ Using default port 19455.</source>
<translation>Nepavyksta susieti su privilegijuotais prievadais žemiau 1024! <translation>Nepavyksta susieti su privilegijuotais prievadais žemiau 1024!
Naudojamas numatytasis prievadas 19455.</translation> Naudojamas numatytasis prievadas 19455.</translation>
</message> </message>
<message>
<source>&amp;Return only best matching entries for a URL instead
of all entries for the whole domain</source>
<translation>&amp;Vietoj visų įrašų, skirtų visai sričiai,
grąžinti tik geriausiai atitinkančius įrašus, skirtus URL</translation>
</message>
<message>
<source>R&amp;emove all shared encryption keys from active database</source>
<translation>Ša&amp;linti aktyvios duomenų bazės visus bendrinamus šifravimo raktus</translation>
</message>
<message>
<source>The following options can be dangerous. Change them only if you know what you are doing.</source>
<translation>Šios parinktys gali būti pavojingos. Keiskite jas tik tuo atveju, jeigu žinote darote!</translation>
</message>
<message>
<source>&amp;Return advanced string fields which start with &quot;KPH: &quot;</source>
<translation>&amp;Grąžinti išplėstines eilutes, kurios prasideda &quot;KPH: &quot;</translation>
</message>
<message>
<source>Automatically creating or updating string fields is not supported.</source>
<translation>Automatinis eilutės laukų kūrimas ar atnaujinimas nėra palaikomas.</translation>
</message>
</context> </context>
<context> <context>
<name>PasswordGeneratorWidget</name> <name>PasswordGeneratorWidget</name>
@ -1463,7 +1472,7 @@ Naudojamas numatytasis prievadas 19455.</translation>
</message> </message>
<message> <message>
<source>Entropy: %1 bit</source> <source>Entropy: %1 bit</source>
<translation>Entropija: %1 bit</translation> <translation>Entropija: %1 bitų</translation>
</message> </message>
<message> <message>
<source>Password Quality: %1</source> <source>Password Quality: %1</source>
@ -1535,7 +1544,7 @@ Naudojamas numatytasis prievadas 19455.</translation>
</message> </message>
<message> <message>
<source>Search</source> <source>Search</source>
<translation>Ieškoti</translation> <translation>Paieška</translation>
</message> </message>
<message> <message>
<source>Find</source> <source>Find</source>
@ -1771,10 +1780,6 @@ ir priimtumėte jį.</translation>
<source>key file of the database</source> <source>key file of the database</source>
<translation>duomenų bazės rakto failas</translation> <translation>duomenų bazės rakto failas</translation>
</message> </message>
<message>
<source>filename(s) of the password database(s) to open (*.kdbx)</source>
<translation>norimos atverti slaptažodžių duomenų bazės(-) failo pavadinimas(-ai) (*.kdbx)</translation>
</message>
<message> <message>
<source>KeePassXC - cross-platform password manager</source> <source>KeePassXC - cross-platform password manager</source>
<translation>KeePassXC - daugiaplatformė slaptažodžių tvarkytuvė</translation> <translation>KeePassXC - daugiaplatformė slaptažodžių tvarkytuvė</translation>
@ -1783,5 +1788,9 @@ ir priimtumėte jį.</translation>
<source>read password of the database from stdin</source> <source>read password of the database from stdin</source>
<translation>nuskaityti duomenų bazės slaptažodį stdin</translation> <translation>nuskaityti duomenų bazės slaptažodį stdin</translation>
</message> </message>
<message>
<source>filenames of the password databases to open (*.kdbx)</source>
<translation>norimų atverti slaptažodžių duomenų bazių failų pavadinimai (*.kdbx)</translation>
</message>
</context> </context>
</TS> </TS>

File diff suppressed because it is too large Load Diff

View File

@ -158,7 +158,7 @@ add_feature_info(YubiKey WITH_XC_YUBIKEY "YubiKey HMAC-SHA1 challenge-response")
add_subdirectory(http) add_subdirectory(http)
if(WITH_XC_HTTP) if(WITH_XC_HTTP)
set(keepasshttp_LIB keepasshttp) set(keepasshttp_LIB keepasshttp qhttp Qt5::Network)
endif() endif()
add_subdirectory(autotype) add_subdirectory(autotype)
@ -205,11 +205,9 @@ target_link_libraries(keepassx_core
${keepasshttp_LIB} ${keepasshttp_LIB}
${autotype_LIB} ${autotype_LIB}
zxcvbn zxcvbn
qhttp
Qt5::Core Qt5::Core
Qt5::Concurrent Qt5::Concurrent
Qt5::Widgets Qt5::Widgets
Qt5::Network
${GCRYPT_LIBRARIES} ${GCRYPT_LIBRARIES}
${GPGERROR_LIBRARIES} ${GPGERROR_LIBRARIES}
${ZLIB_LIBRARIES} ${ZLIB_LIBRARIES}

View File

@ -1,5 +1,6 @@
/* /*
* Copyright (C) 2012 Felix Geyer <debfx@fobos.de> * Copyright (C) 2012 Felix Geyer <debfx@fobos.de>
* Copyright (C) 2017 Lennart Glauer <mail@lennart-glauer.de>
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
@ -26,7 +27,8 @@
#include <QElapsedTimer> #include <QElapsedTimer>
#ifdef Q_OS_WIN #ifdef Q_OS_WIN
#include <windows.h> // for Sleep(), SetDllDirectoryA() and SetSearchPathMode() #include <windows.h> // for Sleep(), SetDllDirectoryA(), SetSearchPathMode(), ...
#include <aclapi.h> // for SetSecurityInfo()
#endif #endif
#ifdef Q_OS_UNIX #ifdef Q_OS_UNIX
@ -226,6 +228,10 @@ void disableCoreDumps()
success = success && (ptrace(PT_DENY_ATTACH, 0, 0, 0) == 0); success = success && (ptrace(PT_DENY_ATTACH, 0, 0, 0) == 0);
#endif #endif
#ifdef Q_OS_WIN
success = success && createWindowsDACL();
#endif
if (!success) { if (!success) {
qWarning("Unable to disable core dumps."); qWarning("Unable to disable core dumps.");
} }
@ -240,4 +246,114 @@ void setupSearchPaths()
#endif #endif
} }
//
// This function grants the user associated with the process token minimal access rights and
// denies everything else on Windows. This includes PROCESS_QUERY_INFORMATION and
// PROCESS_VM_READ access rights that are required for MiniDumpWriteDump() or ReadProcessMemory().
// We do this using a discretionary access control list (DACL). Effectively this prevents
// crash dumps and disallows other processes from accessing our memory. This works as long
// as you do not have admin privileges, since then you are able to grant yourself the
// SeDebugPrivilege or SeTakeOwnershipPrivilege and circumvent the DACL.
//
bool createWindowsDACL()
{
bool bSuccess = false;
#ifdef Q_OS_WIN
// Process token and user
HANDLE hToken = nullptr;
PTOKEN_USER pTokenUser = nullptr;
DWORD cbBufferSize = 0;
// Access control list
PACL pACL = nullptr;
DWORD cbACL = 0;
// Open the access token associated with the calling process
if (!OpenProcessToken(
GetCurrentProcess(),
TOKEN_QUERY,
&hToken
)) {
goto Cleanup;
}
// Retrieve the token information in a TOKEN_USER structure
GetTokenInformation(
hToken,
TokenUser,
nullptr,
0,
&cbBufferSize
);
pTokenUser = static_cast<PTOKEN_USER>(HeapAlloc(GetProcessHeap(), 0, cbBufferSize));
if (pTokenUser == nullptr) {
goto Cleanup;
}
if (!GetTokenInformation(
hToken,
TokenUser,
pTokenUser,
cbBufferSize,
&cbBufferSize
)) {
goto Cleanup;
}
if (!IsValidSid(pTokenUser->User.Sid)) {
goto Cleanup;
}
// Calculate the amount of memory that must be allocated for the DACL
cbACL = sizeof(ACL)
+ sizeof(ACCESS_ALLOWED_ACE) + GetLengthSid(pTokenUser->User.Sid);
// Create and initialize an ACL
pACL = static_cast<PACL>(HeapAlloc(GetProcessHeap(), 0, cbACL));
if (pACL == nullptr) {
goto Cleanup;
}
if (!InitializeAcl(pACL, cbACL, ACL_REVISION)) {
goto Cleanup;
}
// Add allowed access control entries, everything else is denied
if (!AddAccessAllowedAce(
pACL,
ACL_REVISION,
SYNCHRONIZE | PROCESS_QUERY_LIMITED_INFORMATION | PROCESS_TERMINATE, // same as protected process
pTokenUser->User.Sid // pointer to the trustee's SID
)) {
goto Cleanup;
}
// Set discretionary access control list
bSuccess = ERROR_SUCCESS == SetSecurityInfo(
GetCurrentProcess(), // object handle
SE_KERNEL_OBJECT, // type of object
DACL_SECURITY_INFORMATION, // change only the objects DACL
nullptr, nullptr, // do not change owner or group
pACL, // DACL specified
nullptr // do not change SACL
);
Cleanup:
if (pACL != nullptr) {
HeapFree(GetProcessHeap(), 0, pACL);
}
if (pTokenUser != nullptr) {
HeapFree(GetProcessHeap(), 0, pTokenUser);
}
if (hToken != nullptr) {
CloseHandle(hToken);
}
#endif
return bSuccess;
}
} // namespace Tools } // namespace Tools

View File

@ -41,6 +41,7 @@ void sleep(int ms);
void wait(int ms); void wait(int ms);
void disableCoreDumps(); void disableCoreDumps();
void setupSearchPaths(); void setupSearchPaths();
bool createWindowsDACL();
template <typename RandomAccessIterator, typename T> template <typename RandomAccessIterator, typename T>
RandomAccessIterator binaryFind(RandomAccessIterator begin, RandomAccessIterator end, const T& value) RandomAccessIterator binaryFind(RandomAccessIterator begin, RandomAccessIterator end, const T& value)

View File

@ -28,10 +28,12 @@
#include "gui/IconModels.h" #include "gui/IconModels.h"
#include "gui/MessageBox.h" #include "gui/MessageBox.h"
#ifdef WITH_XC_HTTP
#include "http/qhttp/qhttpclient.hpp" #include "http/qhttp/qhttpclient.hpp"
#include "http/qhttp/qhttpclientresponse.hpp" #include "http/qhttp/qhttpclientresponse.hpp"
using namespace qhttp::client; using namespace qhttp::client;
#endif
IconStruct::IconStruct() IconStruct::IconStruct()
: uuid(Uuid()) : uuid(Uuid())
@ -45,7 +47,11 @@ EditWidgetIcons::EditWidgetIcons(QWidget* parent)
, m_database(nullptr) , m_database(nullptr)
, m_defaultIconModel(new DefaultIconModel(this)) , m_defaultIconModel(new DefaultIconModel(this))
, m_customIconModel(new CustomIconModel(this)) , m_customIconModel(new CustomIconModel(this))
#ifdef WITH_XC_HTTP
, m_httpClient(nullptr) , m_httpClient(nullptr)
, m_fallbackToGoogle(true)
, m_redirectCount(0)
#endif
{ {
m_ui->setupUi(this); m_ui->setupUi(this);
@ -138,18 +144,25 @@ void EditWidgetIcons::load(const Uuid& currentUuid, Database* database, const Ic
void EditWidgetIcons::setUrl(const QString& url) void EditWidgetIcons::setUrl(const QString& url)
{ {
#ifdef WITH_XC_HTTP
m_url = url; m_url = url;
m_ui->faviconButton->setVisible(!url.isEmpty()); m_ui->faviconButton->setVisible(!url.isEmpty());
resetFaviconDownload(); resetFaviconDownload();
#else
m_ui->faviconButton->setVisible(false);
#endif
} }
void EditWidgetIcons::downloadFavicon() void EditWidgetIcons::downloadFavicon()
{ {
#ifdef WITH_XC_HTTP
QUrl url = QUrl(m_url); QUrl url = QUrl(m_url);
url.setPath("/favicon.ico"); url.setPath("/favicon.ico");
fetchFavicon(url); fetchFavicon(url);
#endif
} }
#ifdef WITH_XC_HTTP
void EditWidgetIcons::fetchFavicon(const QUrl& url) void EditWidgetIcons::fetchFavicon(const QUrl& url)
{ {
if (nullptr == m_httpClient) { if (nullptr == m_httpClient) {
@ -241,6 +254,7 @@ void EditWidgetIcons::resetFaviconDownload(bool clearRedirect)
m_fallbackToGoogle = true; m_fallbackToGoogle = true;
m_ui->faviconButton->setDisabled(false); m_ui->faviconButton->setDisabled(false);
} }
#endif
void EditWidgetIcons::addCustomIcon() void EditWidgetIcons::addCustomIcon()
{ {

View File

@ -22,6 +22,7 @@
#include <QSet> #include <QSet>
#include <QUrl> #include <QUrl>
#include "config-keepassx.h"
#include "core/Global.h" #include "core/Global.h"
#include "core/Uuid.h" #include "core/Uuid.h"
#include "gui/MessageWidget.h" #include "gui/MessageWidget.h"
@ -30,11 +31,14 @@ class Database;
class DefaultIconModel; class DefaultIconModel;
class CustomIconModel; class CustomIconModel;
#ifdef WITH_XC_HTTP
namespace qhttp { namespace qhttp {
namespace client { namespace client {
class QHttpClient; class QHttpClient;
} }
} }
#endif
namespace Ui { namespace Ui {
class EditWidgetIcons; class EditWidgetIcons;
} }
@ -68,9 +72,11 @@ Q_SIGNALS:
private Q_SLOTS: private Q_SLOTS:
void downloadFavicon(); void downloadFavicon();
#ifdef WITH_XC_HTTP
void fetchFavicon(const QUrl& url); void fetchFavicon(const QUrl& url);
void fetchFaviconFromGoogle(const QString& domain); void fetchFaviconFromGoogle(const QString& domain);
void resetFaviconDownload(bool clearRedirect = true); void resetFaviconDownload(bool clearRedirect = true);
#endif
void addCustomIcon(); void addCustomIcon();
void removeCustomIcon(); void removeCustomIcon();
void updateWidgetsDefaultIcons(bool checked); void updateWidgetsDefaultIcons(bool checked);
@ -83,12 +89,14 @@ private:
Database* m_database; Database* m_database;
Uuid m_currentUuid; Uuid m_currentUuid;
QString m_url; QString m_url;
QUrl m_redirectUrl;
bool m_fallbackToGoogle = true;
unsigned short m_redirectCount = 0;
DefaultIconModel* const m_defaultIconModel; DefaultIconModel* const m_defaultIconModel;
CustomIconModel* const m_customIconModel; CustomIconModel* const m_customIconModel;
#ifdef WITH_XC_HTTP
QUrl m_redirectUrl;
bool m_fallbackToGoogle;
unsigned short m_redirectCount;
qhttp::client::QHttpClient* m_httpClient; qhttp::client::QHttpClient* m_httpClient;
#endif
Q_DISABLE_COPY(EditWidgetIcons) Q_DISABLE_COPY(EditWidgetIcons)
}; };

View File

@ -301,7 +301,7 @@ MainWindow::MainWindow()
connect(m_ui->welcomeWidget, SIGNAL(importKeePass1Database()), SLOT(switchToKeePass1Database())); connect(m_ui->welcomeWidget, SIGNAL(importKeePass1Database()), SLOT(switchToKeePass1Database()));
connect(m_ui->actionAbout, SIGNAL(triggered()), SLOT(showAboutDialog())); connect(m_ui->actionAbout, SIGNAL(triggered()), SLOT(showAboutDialog()));
#ifdef Q_OS_MAC #ifdef Q_OS_MAC
setUnifiedTitleAndToolBarOnMac(true); setUnifiedTitleAndToolBarOnMac(true);
#endif #endif
@ -612,7 +612,7 @@ void MainWindow::closeEvent(QCloseEvent* event)
if (minimizeOnClose && !appExitCalled) if (minimizeOnClose && !appExitCalled)
{ {
event->ignore(); event->ignore();
toggleWindow(); hideWindow();
if (config()->get("security/lockdatabaseminimize").toBool()) { if (config()->get("security/lockdatabaseminimize").toBool()) {
m_ui->tabWidget->lockDatabases(); m_ui->tabWidget->lockDatabases();
@ -777,22 +777,27 @@ void MainWindow::trayIconTriggered(QSystemTrayIcon::ActivationReason reason)
} }
} }
void MainWindow::hideWindow()
{
setWindowState(windowState() | Qt::WindowMinimized);
QTimer::singleShot(0, this, SLOT(hide()));
if (config()->get("security/lockdatabaseminimize").toBool()) {
m_ui->tabWidget->lockDatabases();
}
}
void MainWindow::toggleWindow() void MainWindow::toggleWindow()
{ {
if ((QApplication::activeWindow() == this) && isVisible() && !isMinimized()) { if ((QApplication::activeWindow() == this) && isVisible() && !isMinimized()) {
setWindowState(windowState() | Qt::WindowMinimized); hideWindow();
QTimer::singleShot(0, this, SLOT(hide()));
if (config()->get("security/lockdatabaseminimize").toBool()) {
m_ui->tabWidget->lockDatabases();
}
} else { } else {
ensurePolished(); ensurePolished();
setWindowState(windowState() & ~Qt::WindowMinimized); setWindowState(windowState() & ~Qt::WindowMinimized);
show(); show();
raise(); raise();
activateWindow(); activateWindow();
#if defined(Q_OS_LINUX) && ! defined(QT_NO_DBUS) #if defined(Q_OS_LINUX) && ! defined(QT_NO_DBUS)
// re-register global D-Bus menu (needed on Ubuntu with Unity) // re-register global D-Bus menu (needed on Ubuntu with Unity)
// see https://github.com/keepassxreboot/keepassxc/issues/271 // see https://github.com/keepassxreboot/keepassxc/issues/271
@ -832,7 +837,7 @@ void MainWindow::repairDatabase()
if (fileName.isEmpty()) { if (fileName.isEmpty()) {
return; return;
} }
QScopedPointer<QDialog> dialog(new QDialog(this)); QScopedPointer<QDialog> dialog(new QDialog(this));
DatabaseRepairWidget* dbRepairWidget = new DatabaseRepairWidget(dialog.data()); DatabaseRepairWidget* dbRepairWidget = new DatabaseRepairWidget(dialog.data());
connect(dbRepairWidget, SIGNAL(success()), dialog.data(), SLOT(accept())); connect(dbRepairWidget, SIGNAL(success()), dialog.data(), SLOT(accept()));

View File

@ -78,6 +78,7 @@ private Q_SLOTS:
void rememberOpenDatabases(const QString& filePath); void rememberOpenDatabases(const QString& filePath);
void applySettingsChanges(); void applySettingsChanges();
void trayIconTriggered(QSystemTrayIcon::ActivationReason reason); void trayIconTriggered(QSystemTrayIcon::ActivationReason reason);
void hideWindow();
void toggleWindow(); void toggleWindow();
void lockDatabasesAfterInactivity(); void lockDatabasesAfterInactivity();
void repairDatabase(); void repairDatabase();

View File

@ -496,7 +496,7 @@ typedef struct
uint8_t LeetCnv[sizeof L33TCnv / LEET_NORM_MAP_SIZE + 1]; uint8_t LeetCnv[sizeof L33TCnv / LEET_NORM_MAP_SIZE + 1];
/* uint8_t LeetChr[3]; */ /* uint8_t LeetChr[3]; */
uint8_t First; uint8_t First;
uint8_t PossChars[48]; uint8_t PossChars[49];
} DictWork_t; } DictWork_t;
/********************************************************************************** /**********************************************************************************