This was noted as a problem in several issues and it finally occurred to me and I traced it to the fact that a timing issue sometimes allowed the file watcher to trigger a "file changed" alert right when saving starts. I fixed this by moving where the mutex lock is made for saving and preventing database reload during a save operation.
* Fix focus issues with new PasswordWidget
* Fix focus wrapping when DatabaseTabWidget is not showing the tab bar
* Fix focus wrapping in EditWidget views to move between category list and contents. This is not a perfect fix, but Qt has a mind of its own with these complex widgets. This will be fixed in future Ui improvements that move away from the category widget.
* Fix#8099
* Clean up code that connects groups to the entry view. Instead of connecting ALL groups from ALL databases, we only need to connect the groups that entries actually belong to. This solves the bug and also reduces overhead.
* Fix#7139 - when opening database files from the command line, ensure the correct case is fed to the program to prevent case changes during saves.
* Cleanup old code (checking for .json extension) from when KeePassXC app could act as a proxy.
* Fix#8356 - Qt does not enable numeric aware sorting when using locale sort. Extracted both Windows and macOS locale aware sorting code and added the appropriate numeric aware flag.
Note: There is no std library way to do this so Linux is out of luck for now.
* Rename "Database Tags" to "Searches and Tags"
* Separate searching for all entries and resetting the search
* Support selecting multiple tags to search against
* Fix using escaped quotes in search terms
* Make tag searching more precise
* Support `is:expired-#` to search for entries expiring within # days. Exclude recycled entries from expired search.
* Don't list tags from entries that are recycled
* Force hide tag auto-completion menu when tag editing widget is hidden. On rare occasions the focus out signal is not called when the tag view is hidden (entry edit is closed), this resolves that problem.
* Remove spaces from before and after tags to prevent seemingly duplicate tags from being created.
* Also fix some awkward signal/slot dances that were setup over time with the entry view and preview widget.
Allow changing tags for multiple entries through context menu
* Closes#8277 - show context menu with currently available tags in database and checks those that are set on one or more selected entries. When a tag is selected it is either set or unset on all entries depending on its checked state.
* Add ability to save searches and recall them from the "Searches and Tags" view
* Add ability to remove a tag from all entries from the "Searches and Tags" view
* Cleanup tag handling and widgets
* Fix#7977 - wrap key signing request in try/catch block to prevent crashes on some machines.
* Fix#8120 - try 3 times to bring Windows Hello prompt to front. This may be necessary on older machines that are slow to bring up the prompt window.
Also remove defunct code on macOS to prevent window focus issues.
Systems like NixOS install software under unique paths, so persisting
the absolute file path in the generated .desktop file when enabling
autostart will eventually point at an outdated or nonexistent program.
Another possible issue with using Qt's `applicationFilePath()` is that
the final program's basename (`argv[0]`) might not be the same as what
the user initially executed to start KeePassXC.
Use the file name and thus rely on `PATH` lookup just like the static
.desktop file does to lift those issues and defer execution logic
(`PATH` lookup, wrapper scripts, etc.) to the operating system.
* Fix#1090 - delay locking databases after minimize to allow for clipboard use, Auto-Type use, and browser integration use.
* Fix#6757 - prevent setting both minimize on unlock and lock on minimize settings at the same time.
The main window has both `Ctrl+PageUp` / `Ctrl+PageDown` and
`Ctrl+Tab / Ctrl+Shift+Tab` shortcuts to cycle the database tabs. When
in PR #5427 the abbility to select any open database in the unlock
dialog was introduced, only the `Ctrl+PageUp` / `Ctrl+PageDown`
shortcuts were added. This commit adds the `Ctrl+Tab / Ctrl+Shift+Tab`
shortcuts to the unlock diaglog to fix this inconsistent UI behaviour.
Signed-off-by: Daniel Ziegenberg <daniel@ziegenberg.at>
* Fix#7239 - prevent closing the database widget if the open dialog is still unlocking the database. This problem became slightly worse with quick unlock.
With this fix, if the user tries to close the database during unlock we will just ignore that request.
* Fix#7811 - Notes height no longer truncated
* Fix#7949 - Improve copying attribute value to clipboard in entry preview
* Fix#7898 - Prevent copying url when copy password selected after clicking url in preview pane
* Fix#7982 - Double clicking hidden attributes in preview pane copies the value instead of ●●●●●●
This commit implements the following logic:
* If there're already unlocked collections, just use those,
* otherwise, show the unlock dialog until there's an unlocked and exposed collection.
* Fixes#7574
Limit the use of zxcvbn based password entropy estimation to 256 bytes. After this threshold, the average per-byte entropy from the zxcvbn calculation is added for each additional byte. In practice, this produces a slightly higher entropy calculation for purely randomized passwords than zxcvbn would normally calculate. However, the time to calculate is capped leading to a much better user experience and removing unnecessary calculations.
Fixes#7712
In the password generator widget, the checkable push button for the math
symbols is missing the GREATER-THAN SIGN (U+003E), even though it is
among the possible characters during password generation when the button
is checked. Add the missing character to the text displayed to users.
While at it, also fix a wrong comment containing the possible
characters.
* Replace rarely hit asserts with defined nullptr checks when replacing references without a group
* Fix#7603
* Replace TOTP history comparison with checking the actual TOTP output instead of a compiled string
* Split calls to finding hardware keys into sync and async methods. This has the side effect of simplifying the code.
* Check for keys before performing challenge/response if no keys have been found previously.
* Correct timeout of user interaction message to interact with the hardware key.
* Correct error in TestCli::testYubiKeyOption
* Fix#7672 - notes preview spans the entire length of the preview pane again
* Fix#4242 - Allow selecting entry title text in preview
* Improve multi-line tag preview
* Fixup alignment and spacing of fields
* Fix#7602 - Allow spaces in tag names
* Fix#7528 - Allow pasting text into the tags field. Text is split by comma creating tags for each section of text. If there are no commas then the pasted text becomes a tag.
* Fix tags editing not causing the entry to be marked as modified.
* On Windows, offer explicit methods to use the virtual keyboard style of typing. This partially reverts 1150b69836 by going back to the standard unicode method by default. However, uses can either add {MODE=VIRTUAL} to their sequence or choose "Use Virtual Keyboard" / CTRL+4 from the selection dialog.
* Took this opportunity to clean up the signature of AutoType::performAutoType and AutoType::performAutoTypeWithSequence by removing the "hideWindow" attribute.
* Show keyboard shortcuts on the selection dialog context menu
* Fix selection dialog help icon color when in dark theme
That prevents mismatches between the adaptor class and the D-Bus
definition file.
Note that this is a backward-incompatible change. For example, the
command to lock all databases is changed from
> dbus-send --session --print-reply --dest=org.keepassxc.KeePassXC.MainWindow --type=method_call /keepassxc org.keepassxc.MainWindow.lockAllDatabases
to
> dbus-send --session --print-reply --dest=org.keepassxc.KeePassXC.MainWindow --type=method_call /keepassxc org.keepassxc.KeePassXC.MainWindow.lockAllDatabases
Fixes: https://github.com/keepassxreboot/keepassxc/issues/5355
* The hardware key missing error message is properly shown and the user can try to Quick Unlock again after plugging in or tapping the hardware key in time.
* Fix#7487 - Botan does not use threads when calculating Argon2 KDF leading to very poor performance for a parallelism value > 1.
* Include port file for vcpkg backed builds
* Special thanks to @HexF and @smlu for their contributions towards this feature.
* Add MVP support for Windows Hello as a Quick Unlock solution using the WinRT API. This works by signing a random challenge vector with the Windows Hello protected key store (typically from TPM). The signed challenge is hashed using SHA-256 and then used as the encryption key to encrypt the database credentials. Credentials are encrypted using AES-256/GCM. This ensures the database password can only be decrypted following a successful authentication with Windows Hello in the future.
* Unify Touch ID and Windows Hello behavior under the Quick Unlock branding. Remove all timeout features of Touch ID as they are unnecessary and complicate the feature for no security gain.
* Quick Unlock is automatically reset only when the database key is changed vice whenever database settings are modified.
* Don't set database unlock dialog as always on top. This allows Touch ID and Windows Hello prompts to appear above the dialog properly.
* Prevent quick unlock when using AutoOpen or opening from the command line.
If relock after performing Auto-Type is enabled it will wait until
specified timeout before doing so.
Retype time is now configurable and is decreased from the old
hardcoded 30 seconds down to 15 seconds to keep the default a bit
more secure while still allowing the user to set it higher for
their liking.
To restore old behavior the user can set retype time to 0 which
will make the database relock instantly.
Auto-Type relock setting relocated to Auto-Type tab to group it
better with the other Auto-Type settings.
* Fix error in regex that prevented use of modifier keys in general.
* Added '#' modifier to press the "Meta" button. This correlates to the Windows key on Windows and Command key on macOS.
* Fix#6695 - send proper modifier keys based on documentation
Previously empty associations matched any window but since you can
use a wildcard (*) if you specifically want that this change makes
it possible to define multiple sequences for the global search
if you need to.
Additionally show empty associations in the list as "(empty)" to
better differentiate between rows if no title is set.
* Show banner message about expired entries
* Add config option and expiration offset
* Only show expiry warning on first DB unlock
* Default to on with 3-day offset from expiration
* show the tags in the entry preview
* allow searching by tag
* add a sidebar listing the tags in the database
* filter entries by tag on click
* Introduce a new TagsEdit widget that provides pill aesthetics, fast removal functionality and autocompletion
* add tests for the tags feature
* introduce the "is" tag for searching. Support for weak passwords and expired added.
* fix compilation on Qt not having QOperatingSystemVersion::MacOSBigSur
The code uses 'QOperatingSystemVersion::MacOSBigSur' which doesn't exist
in all Qt versions (it has been backported to Qt 5.12.10+ & 5.15.1+ only).
On older macos systems like El Capitan the last supported
version of Qt is 5.11
This will fix compilation issue on such older systems and on systems
running with Qt not supporting QOperatingSystemVersion::MacOSBigSur
Compilation error was:
error: no member named 'MacOSBigSur' in 'QOperatingSystemVersion'
* Fix compilation when osx <= 10.9
* AppKitImpl.mm: button property is new in 10.10. It is used for a feature of
KeePassXC that is only available from 10.17 onwards. So we don't need it when
compiling on <= 10.9
error: property 'button' not found on object of type 'NSStatusItem *'
NSString* appearance = [dummy.button.effectiveAppearance.name lowercaseString];
^
* The code uses @available syntax which is supported by
AppleClang >= 9 or LLVM >= 5.
We check __clang_major__ to allow compilation on older versions
of macOS that don't have a recent clang. For example on El Capitan.
* Fix compilation when osx <= 10.8
* AppKitImpl.mm: AXIsProcessTrustedWithOptions exists from 10.9 onwards
error: use of undeclared identifier 'kAXTrustedCheckOptionPrompt'
error: use of undeclared identifier 'AXIsProcessTrustedWithOptions'
* Fix compilation when osx <= 10.7
* MacUtils.cpp: CoreGraphics exists from 10.8 onwards only, capslock detection
feature would have to be implemented on OSX <= 10.7
* AppKitImpl.mm: CGDisplayStreamRef exists from 10.8 onwards only. It is used for a
feature of KeePassXC that is only available from 10.15 onwards. So we don't need it
when compiling on <= 10.7
error: unknown type name 'CGDisplayStreamRef'
* AppKitImpl.mm: Syntax is not understood by 10.7, update it to be understandable
by <= 10.7
error: expected method to read dictionary element not found on object of type 'NSDictionary *'
NSRunningApplication* app = userInfo[NSWorkspaceApplicationKey];
^
* The code uses @available syntax which is supported by
AppleClang >= 9 or LLVM >= 5.
We check __clang_major__ to allow compilation on older versions
of macOS that don't have a recent clang.
* Fix compilation error on OS X 10.11
src/core/Alloc.cpp:44:10: error: no type named 'free' in namespace 'std'
std::free(ptr);
~~~~~^
This is a regression, since it was fixed in [1]
Per [2], std::free() needs #include <cstdlib>. That file is included
indirectly on newer systems.
[1] 7c6c027d33
[2] https://en.cppreference.com/w/cpp/memory/c/free
* fix compilation when macos SDK <= 10.14
These methods are only available from macOS 10.15
- kSecAccessControlWatch
- LAPolicy.deviceOwnerAuthenticationWithBiometricsOrWatch
The code uses @available syntax which is supported by
AppleClang >= 9 or LLVM >= 5.
We check __clang_major__ to allow compilation on older versions
of macOS that don't have a recent clang.
Shows a warning when trying to open with a newer minor version than what is currently supported.
We always try to save with the lowest KDBX version possible for maximum compatibility.
- Default backupFilePath is '{DB_FILENAME}.old.kdbx' to conform to existing standards
- Implement backupPathPattern tests.
- Show tooltip on how to format database backup location text field.
This commit allows users to put alternative wordlists in a `wordlists` subdirectory below their KeePassXC directory (e.g., under Linux, `~/.config/keepassxc/wordlists`). These wordlists will then appear in the dropdown menu in the *Password Generator* widget.
In order to differentiate between lists shipped with KeePassXC and user-provided lists, the former appears with a (SYSTEM) prefix.
Fixes#6942 and fixes#4443
- Return number of deleted entries
- Fix minor memory leak
- FdoSecrets: make all prompt truly async per spec and update tests
* the waited signal may already be emitted before calling spy.wait(),
causing the test to fail. This commit checks the count before waiting.
* check unlock result after waiting for signal
- FdoSecrets: implement unlockBeforeSearch option
- FdoSecrets: make search always work regardless of entry group searching settings, fixes#6942
- FdoSecrets: cleanup gracefully even if some test failed
- FdoSecrets: make it safe to call prompts concurrently
- FdoSecrets: make sure in unit test we click on the correct dialog
Note on the unit tests: objects are not deleted (due to deleteLater event not handled).
So there may be multiple AccessControlDialog. But only one of
it is visible and is the correctly one to click on.
Before this change, a random one may be clicked on, causing the
completed signal never be sent.
* Closes#6335
* Modify application settings presentation to allow for alternative saving strategies
* Transition Database::save calls to using flags to control saving behavior. Reduces boolean flags on function call.
* Made direct write save option a local setting to prevent unintentional carry over between platforms.
* Support NFC readers for hardware tokens using PC/SC
This requires a new library dependency: PCSC.
The PCSC library provides methods to access smartcards. On Linux, the third-party pcsc-lite package is used. On Windows, the native Windows API (Winscard.dll) is used. On Mac OSX, the native OSX API (framework-PCSC) is used.
* Split hardware key access into multiple classes to handle different methods of communicating with the keys.
* Since the Yubikey can now be a wireless token as well, the verb "plug in" was replaced with a more
generic "interface with". This shall indicate that the user has to present their token to the reader, or plug it in via USB.
* Add PC/SC interface for YubiKey challenge-response
This new interface uses the PC/SC protocol and API
instead of the USB protocol via ykpers. Many YubiKeys expose their functionality as a CCID device, which can be interfaced with using PC/SC. This is especially useful for NFC-only or NFC-capable Yubikeys, when they are used together with a PC/SC compliant NFC reader device.
Although many (not all) Yubikeys expose their CCID functionality over their own USB connection as well, the HMAC-SHA1 functionality is often locked in this mode, as it requires eg. a touch on the gold button. When accessing the CCID functionality wirelessly via NFC (like this code can do using a reader), then the user interaction is to present the key to the reader.
This implementation has been tested on Linux using pcsc-lite, Windows using the native Winscard.dll library, and Mac OSX using the native PCSC-framework library.
* Remove PC/SC ATR whitelist, instead scan for AIDs
Before, a whitelist of ATR codes (answer to reset, hardware-specific)
was used to scan for compatible (Yubi)Keys.
Now, every connected smartcard is scanned for AIDs (applet identifier),
which are known to implement the HMAC-SHA1 protocol.
This enables the support of currently unknown or unreleased hardware.
Co-authored-by: Jonathan White <support@dmapps.us>
The HEX button automatically unselects `selectBoxLower` therefore there is no need to also add `ghijklmnopqrstuvwxyz` in the excluded characters text field.
* Closes#2322
* Show locked databases in tabbed interface in unlock dialog for browser and auto-type workflows.
* Make the DatabaseOpenDialog window Application-Modal so that it blocks input to the main UI when the dialog is open. This reduces corner cases by avoiding the possibility of databases getting closed or unlocked
behind the open dialog.
Externally opened attachments are now lifecycle-managed properly.
The temporary files are created with stricter permissions and entirely
random names (except for the file extension) to prevent meta data leakage.
When the database is closed, the files are overwritten with random
data and are also more reliably deleted than before.
Changes to the temporary files are monitored and the user is asked
if they want to save the changes back to the database (fixes#3130).
KeePassXC does not keep a lock on any of the temporary files, resolving
long-standing issues with applications such as Adobe Acrobat on Windows
(fixes#5950, fixes#5839).
Internally, attachments are copied less. The EntryAttachmentsWidget
now only references EntryAttachments instead of owning a separate copy
(which used to not be cleared properly under certain circumstances).
* Use hash based storage for last used directories instead of a key/value for each type
* Explicitly declare certain operations as sensitive and follow the "Remember Last Database" setting for those.
* Introduce database backup directory location (close#6619)
* Closes#4986 - Allow deleting entries from the reports view
* Closes#4533 - Exclude & delete multiple entries in a report
* Also allow deleting selected entries using the delete key
* Introduce GuiTools namespace to collect shared GUI prompts and actions
* Add functionality to HIBP report to mirror health check report
Co-authored-by: Jonathan White <support@dmapps.us>
The MinimizeAfterUnlock setting added in #3439 closes the main window
after unlock. However, when the unlock is triggered through
KeePassXC-Browser, a password dialog is shown on top of the main window
and the main window remains open after the unlock. This is fixed
in this commit.
* Fix#505 - always show the search bar when the search keyboard shortcut is pressed. If the toolbar is in overflow, the toolbar will be expanded automatically and search focused. If the toolbar is hidden it will be shown and expanded if necessary. When searching is canceled or the down arrow is pressed (to select the first entry) the toolbar will be set back to it's previous configuration.
