* fix compilation on Qt not having QOperatingSystemVersion::MacOSBigSur
The code uses 'QOperatingSystemVersion::MacOSBigSur' which doesn't exist
in all Qt versions (it has been backported to Qt 5.12.10+ & 5.15.1+ only).
On older macos systems like El Capitan the last supported
version of Qt is 5.11
This will fix compilation issue on such older systems and on systems
running with Qt not supporting QOperatingSystemVersion::MacOSBigSur
Compilation error was:
error: no member named 'MacOSBigSur' in 'QOperatingSystemVersion'
* Fix compilation when osx <= 10.9
* AppKitImpl.mm: button property is new in 10.10. It is used for a feature of
KeePassXC that is only available from 10.17 onwards. So we don't need it when
compiling on <= 10.9
error: property 'button' not found on object of type 'NSStatusItem *'
NSString* appearance = [dummy.button.effectiveAppearance.name lowercaseString];
^
* The code uses @available syntax which is supported by
AppleClang >= 9 or LLVM >= 5.
We check __clang_major__ to allow compilation on older versions
of macOS that don't have a recent clang. For example on El Capitan.
* Fix compilation when osx <= 10.8
* AppKitImpl.mm: AXIsProcessTrustedWithOptions exists from 10.9 onwards
error: use of undeclared identifier 'kAXTrustedCheckOptionPrompt'
error: use of undeclared identifier 'AXIsProcessTrustedWithOptions'
* Fix compilation when osx <= 10.7
* MacUtils.cpp: CoreGraphics exists from 10.8 onwards only, capslock detection
feature would have to be implemented on OSX <= 10.7
* AppKitImpl.mm: CGDisplayStreamRef exists from 10.8 onwards only. It is used for a
feature of KeePassXC that is only available from 10.15 onwards. So we don't need it
when compiling on <= 10.7
error: unknown type name 'CGDisplayStreamRef'
* AppKitImpl.mm: Syntax is not understood by 10.7, update it to be understandable
by <= 10.7
error: expected method to read dictionary element not found on object of type 'NSDictionary *'
NSRunningApplication* app = userInfo[NSWorkspaceApplicationKey];
^
* The code uses @available syntax which is supported by
AppleClang >= 9 or LLVM >= 5.
We check __clang_major__ to allow compilation on older versions
of macOS that don't have a recent clang.
* Fix compilation error on OS X 10.11
src/core/Alloc.cpp:44:10: error: no type named 'free' in namespace 'std'
std::free(ptr);
~~~~~^
This is a regression, since it was fixed in [1]
Per [2], std::free() needs #include <cstdlib>. That file is included
indirectly on newer systems.
[1] 7c6c027d33
[2] https://en.cppreference.com/w/cpp/memory/c/free
* fix compilation when macos SDK <= 10.14
These methods are only available from macOS 10.15
- kSecAccessControlWatch
- LAPolicy.deviceOwnerAuthenticationWithBiometricsOrWatch
The code uses @available syntax which is supported by
AppleClang >= 9 or LLVM >= 5.
We check __clang_major__ to allow compilation on older versions
of macOS that don't have a recent clang.
Shows a warning when trying to open with a newer minor version than what is currently supported.
We always try to save with the lowest KDBX version possible for maximum compatibility.
- Default backupFilePath is '{DB_FILENAME}.old.kdbx' to conform to existing standards
- Implement backupPathPattern tests.
- Show tooltip on how to format database backup location text field.
This commit allows users to put alternative wordlists in a `wordlists` subdirectory below their KeePassXC directory (e.g., under Linux, `~/.config/keepassxc/wordlists`). These wordlists will then appear in the dropdown menu in the *Password Generator* widget.
In order to differentiate between lists shipped with KeePassXC and user-provided lists, the former appears with a (SYSTEM) prefix.
Fixes#6942 and fixes#4443
- Return number of deleted entries
- Fix minor memory leak
- FdoSecrets: make all prompt truly async per spec and update tests
* the waited signal may already be emitted before calling spy.wait(),
causing the test to fail. This commit checks the count before waiting.
* check unlock result after waiting for signal
- FdoSecrets: implement unlockBeforeSearch option
- FdoSecrets: make search always work regardless of entry group searching settings, fixes#6942
- FdoSecrets: cleanup gracefully even if some test failed
- FdoSecrets: make it safe to call prompts concurrently
- FdoSecrets: make sure in unit test we click on the correct dialog
Note on the unit tests: objects are not deleted (due to deleteLater event not handled).
So there may be multiple AccessControlDialog. But only one of
it is visible and is the correctly one to click on.
Before this change, a random one may be clicked on, causing the
completed signal never be sent.
* Closes#6335
* Modify application settings presentation to allow for alternative saving strategies
* Transition Database::save calls to using flags to control saving behavior. Reduces boolean flags on function call.
* Made direct write save option a local setting to prevent unintentional carry over between platforms.
* Support NFC readers for hardware tokens using PC/SC
This requires a new library dependency: PCSC.
The PCSC library provides methods to access smartcards. On Linux, the third-party pcsc-lite package is used. On Windows, the native Windows API (Winscard.dll) is used. On Mac OSX, the native OSX API (framework-PCSC) is used.
* Split hardware key access into multiple classes to handle different methods of communicating with the keys.
* Since the Yubikey can now be a wireless token as well, the verb "plug in" was replaced with a more
generic "interface with". This shall indicate that the user has to present their token to the reader, or plug it in via USB.
* Add PC/SC interface for YubiKey challenge-response
This new interface uses the PC/SC protocol and API
instead of the USB protocol via ykpers. Many YubiKeys expose their functionality as a CCID device, which can be interfaced with using PC/SC. This is especially useful for NFC-only or NFC-capable Yubikeys, when they are used together with a PC/SC compliant NFC reader device.
Although many (not all) Yubikeys expose their CCID functionality over their own USB connection as well, the HMAC-SHA1 functionality is often locked in this mode, as it requires eg. a touch on the gold button. When accessing the CCID functionality wirelessly via NFC (like this code can do using a reader), then the user interaction is to present the key to the reader.
This implementation has been tested on Linux using pcsc-lite, Windows using the native Winscard.dll library, and Mac OSX using the native PCSC-framework library.
* Remove PC/SC ATR whitelist, instead scan for AIDs
Before, a whitelist of ATR codes (answer to reset, hardware-specific)
was used to scan for compatible (Yubi)Keys.
Now, every connected smartcard is scanned for AIDs (applet identifier),
which are known to implement the HMAC-SHA1 protocol.
This enables the support of currently unknown or unreleased hardware.
Co-authored-by: Jonathan White <support@dmapps.us>
The HEX button automatically unselects `selectBoxLower` therefore there is no need to also add `ghijklmnopqrstuvwxyz` in the excluded characters text field.
* Closes#2322
* Show locked databases in tabbed interface in unlock dialog for browser and auto-type workflows.
* Make the DatabaseOpenDialog window Application-Modal so that it blocks input to the main UI when the dialog is open. This reduces corner cases by avoiding the possibility of databases getting closed or unlocked
behind the open dialog.
Externally opened attachments are now lifecycle-managed properly.
The temporary files are created with stricter permissions and entirely
random names (except for the file extension) to prevent meta data leakage.
When the database is closed, the files are overwritten with random
data and are also more reliably deleted than before.
Changes to the temporary files are monitored and the user is asked
if they want to save the changes back to the database (fixes#3130).
KeePassXC does not keep a lock on any of the temporary files, resolving
long-standing issues with applications such as Adobe Acrobat on Windows
(fixes#5950, fixes#5839).
Internally, attachments are copied less. The EntryAttachmentsWidget
now only references EntryAttachments instead of owning a separate copy
(which used to not be cleared properly under certain circumstances).
* Use hash based storage for last used directories instead of a key/value for each type
* Explicitly declare certain operations as sensitive and follow the "Remember Last Database" setting for those.
* Introduce database backup directory location (close#6619)
* Closes#4986 - Allow deleting entries from the reports view
* Closes#4533 - Exclude & delete multiple entries in a report
* Also allow deleting selected entries using the delete key
* Introduce GuiTools namespace to collect shared GUI prompts and actions
* Add functionality to HIBP report to mirror health check report
Co-authored-by: Jonathan White <support@dmapps.us>
