diff --git a/CMakeLists.txt b/CMakeLists.txt
index 3914049e1..051aba199 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -174,7 +174,9 @@ set_property(DIRECTORY APPEND PROPERTY COMPILE_DEFINITIONS_NONE QT_NO_DEBUG)
find_package(Gcrypt 1.6.0 REQUIRED)
-find_package(LibMicroHTTPD REQUIRED)
+if (WITH_XC_HTTP)
+ find_package(LibMicroHTTPD REQUIRED)
+endif(WITH_XC_HTTP)
find_package(ZLIB REQUIRED)
diff --git a/README.md b/README.md
index 7da76d6f0..e892f1b01 100644
--- a/README.md
+++ b/README.md
@@ -3,57 +3,63 @@
[![Travis Build Status](https://travis-ci.org/keepassxreboot/keepassxc.svg?branch=develop)](https://travis-ci.org/keepassxreboot/keepassxc) [![Coverage Status](https://coveralls.io/repos/github/keepassxreboot/keepassxc/badge.svg)](https://coveralls.io/github/keepassxreboot/keepassxc)
## About
-
-Fork of [KeePassX](https://www.keepassx.org/) that [aims to incorporate stalled Pull Requests, features, and bug fixes that are not being incorporated into the main KeePassX baseline](https://github.com/keepassxreboot/keepassx/issues/43).
+KeePassXC is a fork of [KeePassX](https://www.keepassx.org/) that [aims to incorporate stalled pull requests, features, and bug fixes that have never made it into the main KeePassX repository](https://github.com/keepassxreboot/keepassx/issues/43).
-#### Additional Reboot Features
- - keepasshttp support for use with [PassIFox](https://addons.mozilla.org/en-us/firefox/addon/passifox/) for Mozilla Firefox and [chromeIPass](https://chrome.google.com/webstore/detail/chromeipass/ompiailgknfdndiefoaoiligalphfdae) for Google Chrome.
+## Additional features compared to KeePassX
+- Autotype on all three major platforms (Linux, Windows, OS X)
+- Stand-alone password generator
+- Password strength meter
+- Use website's favicons as entry icons
+- Merging of databases
+- Automatic reload when the database changed on disk
+- KeePassHTTP support for use with [PassIFox](https://addons.mozilla.org/en-us/firefox/addon/passifox/) in Mozilla Firefox and [chromeIPass](https://chrome.google.com/webstore/detail/chromeipass/ompiailgknfdndiefoaoiligalphfdae) in Google Chrome or Chromium.
-KeePassHttp implementation has been forked from jdachtera's repository, which in turn was based on code from code with Francois Ferrand's [keepassx-http](https://gitorious.org/keepassx/keepassx-http/source/master) repository.
-
-This is a rebuild from [denk-mal's keepasshttp](https://github.com/denk-mal/keepassx.git) that brings it forward to Qt5 and KeePassX v2.x.
+For a full list of features and changes, read the [CHANGELOG](CHANGELOG) document.
+### Note about KeePassHTTP
+KeePassHTTP is not a highly secure protocol and has certain flaw which allow an attacker to decrypt your passwords when they manage to intercept communication between a KeePassHTTP server and PassIFox/chromeIPass over a network connection (see [here](https://github.com/pfn/keepasshttp/issues/258) and [here](https://github.com/keepassxreboot/keepassxc/issues/147)). KeePassXC therefore strictly limits communication between itself and the browser plugin to your local computer. As long as your computer is not compromised, your passwords are fairly safe that way, but still use it at your own risk!
### Installation
+Pre-compiled binaries can be found on the [downloads page](https://keepassxc.org/download). Additionally, individual Linux distributions may ship their own versions, so please check out your distribution's package list to see if KeePassXC is available.
-Right now KeePassXC does not have a precompiled executable or an installation package.
-So you must install it from its source code.
+### Building KeePassXC yourself
-**More detailed instructions are available in the INSTALL file or at the [Wiki page](https://github.com/keepassxreboot/keepassx/wiki/Install-Instruction-from-Source).**
+*More detailed instructions are available in the INSTALL file or on the [Wiki page](https://github.com/keepassxreboot/keepassx/wiki/Install-Instruction-from-Source).*
-First you must download the KeePassXC source code as ZIP file or with Git.
+First, you must download the KeePassXC [source tarball](https://keepassxc.org/download#source) or check out the latest version from our [Git repository](https://github.com/keepassxreboot/keepassxc).
-Generally you can build and install KeePassXC with the following commands from a Terminal in the KeePassXC folder
-```
-mkdir build
-cd build
-cmake -DWITH_TESTS=OFF ..
-make
-sudo make install
-```
-
-
-### Clone Repository
-
-Clone the repository to a suitable location where you can extend and build this project.
+To clone the project from Git, `cd` to a suitable location and run
```bash
git clone https://github.com/keepassxreboot/keepassxc.git
```
-**Note:** This will clone the entire contents of the repository at the HEAD revision.
+This will clone the entire contents of the repository and check out the current `develop` branch.
-To update the project from within the project's folder you can run the following command:
+To update the project from within the project's folder, you can run the following command:
```bash
git pull
```
+Once you have downloaded the source code, you can `cd` into the source code directory and build and install KeePassXC with
+
+```
+mkdir build
+cd build
+cmake -DWITH_TESTS=OFF ..
+make -j8
+sudo make install
+```
+
+To enable autotype, add `-DWITH_XC_AUTOTYPE=ON` to the `cmake` command. KeePassHTTP support is compiled in by adding `-DWITH_XC_HTTP=ON`. If these options are not specified, KeePassXC will be built without these plugins.
+
### Contributing
-We're always looking for suggestions to improve our application. If you have a suggestion for improving an existing feature,
-or would like to suggest a completely new feature for KeePassX Reboot, please use the [Issues](https://github.com/keepassxreboot/keepassxc/issues) section or our [Google Groups](https://groups.google.com/forum/#!forum/keepassx-reboot) forum.
+We are always looking for suggestions how to improve our application. If you find any bugs or have an idea for a new feature, please let us know by opening a report in our [issue tracker](https://github.com/keepassxreboot/keepassxc/issues) on GitHub or write to our [Google Groups](https://groups.google.com/forum/#!forum/keepassx-reboot) forum.
-Please review the [CONTRIBUTING](.github/CONTRIBUTING.md) document for further information.
+You can of course also directly contribute your own code. We are happy to accept your pull requests.
+
+Please read the [CONTRIBUTING](.github/CONTRIBUTING.md) document for further information.
diff --git a/src/http/HttpSettings.cpp b/src/http/HttpSettings.cpp
index 0d6b6f1f1..e51f87cfb 100644
--- a/src/http/HttpSettings.cpp
+++ b/src/http/HttpSettings.cpp
@@ -18,7 +18,7 @@ PasswordGenerator HttpSettings::m_generator;
bool HttpSettings::isEnabled()
{
- return config()->get("Http/Enabled", true).toBool();
+ return config()->get("Http/Enabled", false).toBool();
}
void HttpSettings::setEnabled(bool enabled)
@@ -126,18 +126,6 @@ void HttpSettings::setSupportKphFields(bool supportKphFields)
config()->set("Http/SupportKphFields", supportKphFields);
}
-QString HttpSettings::httpHost()
-{
- static const QString host = "localhost";
-
- return config()->get("Http/Host", host).toString().toUtf8();
-}
-
-void HttpSettings::setHttpHost(QString host)
-{
- config()->set("Http/Host", host);
-}
-
int HttpSettings::httpPort()
{
static const int PORT = 19455;
diff --git a/src/http/HttpSettings.h b/src/http/HttpSettings.h
index c1987f7ea..bea5648c9 100644
--- a/src/http/HttpSettings.h
+++ b/src/http/HttpSettings.h
@@ -42,8 +42,6 @@ public:
static void setSearchInAllDatabases(bool searchInAllDatabases);
static bool supportKphFields();
static void setSupportKphFields(bool supportKphFields);
- static QString httpHost();
- static void setHttpHost(QString host);
static int httpPort();
static void setHttpPort(int port);
diff --git a/src/http/OptionDialog.cpp b/src/http/OptionDialog.cpp
index e92c6e1a5..5245d333b 100644
--- a/src/http/OptionDialog.cpp
+++ b/src/http/OptionDialog.cpp
@@ -15,6 +15,8 @@
#include "ui_OptionDialog.h"
#include "HttpSettings.h"
+#include
+
OptionDialog::OptionDialog(QWidget *parent) :
QWidget(parent),
ui(new Ui::OptionDialog())
@@ -41,7 +43,6 @@ void OptionDialog::loadSettings()
ui->sortByUsername->setChecked(true);
else
ui->sortByTitle->setChecked(true);
- ui->httpHost->setText(settings.httpHost());
ui->httpPort->setText(QString::number(settings.httpPort()));
/*
@@ -70,8 +71,14 @@ void OptionDialog::saveSettings()
settings.setUnlockDatabase(ui->unlockDatabase->isChecked());
settings.setMatchUrlScheme(ui->matchUrlScheme->isChecked());
settings.setSortByUsername(ui->sortByUsername->isChecked());
- settings.setHttpHost(ui->httpHost->text());
- settings.setHttpPort(ui->httpPort->text().toInt());
+
+ int port = ui->httpPort->text().toInt();
+ if (port < 1024) {
+ QMessageBox::warning(this, tr("Cannot bind to privileged ports"),
+ tr("Cannot bind to privileged ports below 1024!\nUsing default port 19455."));
+ port = 19455;
+ }
+ settings.setHttpPort(port);
/*
settings.setPasswordUseLowercase(ui->checkBoxLower->isChecked());
diff --git a/src/http/OptionDialog.ui b/src/http/OptionDialog.ui
index ee09f9537..963280860 100644
--- a/src/http/OptionDialog.ui
+++ b/src/http/OptionDialog.ui
@@ -7,7 +7,7 @@
0
0
605
- 389
+ 429
@@ -17,7 +17,7 @@
-
- Enable KeepassXC Http protocol
+ Enable KeepassXC HTTP protocol
This is required for accessing your databases from ChromeIPass or PassIFox
@@ -28,7 +28,7 @@ This is required for accessing your databases from ChromeIPass or PassIFoxQTabWidget::Rounded
- 0
+ 2
@@ -201,32 +201,41 @@ Only entries with the same scheme (http://, https://, ftp://, ...) are returned<
-
-
-
-
-
-
-
- 0
- 0
-
-
-
- HTTP Host:
-
-
-
- -
-
-
- Default host: localhost
-
-
-
-
+
+
+ Qt::Vertical
+
+
+ QSizePolicy::Fixed
+
+
+
+ 20
+ 20
+
+
+
-
-
-
-
+
+
-
+
+
+ d0000
+
+
+ Default port: 19455
+
+
+
+ -
+
+
+ KeePassXC will listen to this port on 127.0.0.1
+
+
+
+ -
@@ -237,15 +246,8 @@ Only entries with the same scheme (http://, https://, ftp://, ...) are returned<
HTTP Port:
-
-
- -
-
-
- d0000
-
-
- Default port: 19455
+
+ Qt::AlignLeading|Qt::AlignLeft|Qt::AlignVCenter
diff --git a/src/http/Server.cpp b/src/http/Server.cpp
index 16423d8cf..f09493829 100644
--- a/src/http/Server.cpp
+++ b/src/http/Server.cpp
@@ -331,68 +331,34 @@ void Server::start(void)
if (m_started)
return;
- bool nohost = true;
+ // local loopback hardcoded, since KeePassHTTP handshake
+ // is not safe against interception
+ QHostAddress address("127.0.0.1");
int port = HttpSettings::httpPort();
+
+ void* addrx = NULL;
+ unsigned int flags = MHD_USE_SELECT_INTERNALLY;
- QHostInfo info = QHostInfo::fromName(HttpSettings::httpHost());
- if (!info.addresses().isEmpty()) {
- void* addrx = NULL;
- unsigned int flags = MHD_USE_SELECT_INTERNALLY;
- QHostAddress address = info.addresses().first();
+ struct sockaddr_in *addr = static_cast(calloc(1, sizeof(struct sockaddr_in)));
+ addrx = static_cast(addr);
+ addr->sin_family = AF_INET;
+ addr->sin_port = htons(port);
+ addr->sin_addr.s_addr = htonl(address.toIPv4Address());
- if (address.protocol() == QAbstractSocket::IPv4Protocol) {
- struct sockaddr_in *addr = static_cast(calloc(1, sizeof(struct sockaddr_in)));
- addrx = static_cast(addr);
- addr->sin_family = AF_INET;
- addr->sin_port = htons(HttpSettings::httpPort());
- addr->sin_addr.s_addr = htonl(address.toIPv4Address());
- nohost = false;
- } else {
- struct sockaddr_in6 *addr = static_cast(calloc(1, sizeof(struct sockaddr_in6)));
- addrx = static_cast(addr);
- addr->sin6_family = AF_INET6;
- addr->sin6_port = htons(HttpSettings::httpPort());
- memcpy(&addr->sin6_addr, address.toIPv6Address().c, 16);
- nohost = false;
- flags |= MHD_USE_IPv6;
- }
-
- if (nohost) {
- qWarning("HTTPPlugin: Faled to get configured host!");
- } else {
- if (NULL == (daemon = MHD_start_daemon(flags, port, NULL, NULL,
- &this->request_handler_wrapper, this,
- MHD_OPTION_NOTIFY_COMPLETED,
- this->request_completed, NULL,
- MHD_OPTION_SOCK_ADDR,
- addrx,
- MHD_OPTION_END))) {
- nohost = true;
- qWarning("HTTPPlugin: Failed to bind to configured host!");
- } else {
- nohost = false;
- //qWarning("HTTPPlugin: Binded to configured host.");
- }
-
- }
-
- if (addrx != NULL)
- free(addrx);
+ if (NULL == (daemon = MHD_start_daemon(flags, port, NULL, NULL,
+ &this->request_handler_wrapper, this,
+ MHD_OPTION_NOTIFY_COMPLETED,
+ this->request_completed, NULL,
+ MHD_OPTION_SOCK_ADDR,
+ addrx,
+ MHD_OPTION_END))) {
+ qWarning("HTTPPlugin: Failed to bind to localhost!");
+ } else {
+ m_started = true;
}
- if (nohost) {
- if (NULL == (daemon = MHD_start_daemon(MHD_USE_SELECT_INTERNALLY, port, NULL, NULL,
- &this->request_handler_wrapper, this,
- MHD_OPTION_NOTIFY_COMPLETED,
- this->request_completed, NULL,
- MHD_OPTION_END))) {
- qWarning("HTTPPlugin: Fatal! Failed to bind to both configured and default hosts!");
- } else {
- qWarning("HTTPPlugin: Bound to fallback address 0.0.0.0/:::!");
- }
- }
-
- m_started = true;
+ if (addrx != NULL)
+ free(addrx);
}