The strings in the deprecation map are never modified in the program and
they're known at compile time. An internal resizable buffer is not
needed for these strings so we can allocate them statically.
* Check on startup (toggleable setting) and manually
* Option to check for pre-releases (eg, 2.4.0-beta1)
* Only included if WITH_XC_NETWORKING is enabled
* Fix crash when canceling save of new database
* Standardize use of DatabaseWidget::save() function
* Close new database tabs that are "discarded"
* Fixes#2604. autoSaveOnExit setting
* Re-implement autosave functionality
* Abort the app if a Qt downgrade is detected
The app will now exit immediately if it was compiled with a Qt version
higher than the one present on the machine.
* Add function for checking the Qt version at runtime
* Re-register global D-Bus menu only if DE is Unity
* CLI: fix missing check for correct credentials
Before this fix, most/all CLI commands had incorrect behaviour when bad
credentials were supplied: they would carry on regardless, with
potentially catastrophic results. In particular, the "add" subcommand
seemed to corrupt the database. "ls" would always report an empty
database. Haven't tested any others.
Also fixed a related missing check specific to the "merge" subcommand.
* Toolbar and tool buttons style.
- Add ability to change toolbar state and tool buttons style via
application settings widget.
- Save/restore toolbar state on app start/finish.
- Resolves#2343.
* Implicitly convert enum to QVariant
When using the password generator inside the Edit Entry screen and
clicking the 'Accept' button, a new password would briefly be shown
before the password generator was hidden (even though the original
generated password would be applied to the entry).
This issue was only visible when passwords were shown in plain text.
Note that this is purely a cosmetic issue.
BulkFileWatcher emitted multiple file change signals (like
QFileSystemWatcher) for the watched files. Introduced a delay by waiting
until the end of the event loop to aggregate signals emitted by
QFileSystemWatcher before emitting custom signals.
Changed build options to use only WITH_XC_KEESHARE and
WITH_XC_KEESHARE_SECURE - WITH_XC_KEESHARE_INSECURE remains as internal
variable to highlight differences (may allow to build schemes later)
Message widget in KeeShare settings for groups is not closeable anymore
Fixed serialization for KeeShareSettings::ScopedCertificate
Fixed tests for KeeShareSettings serialization
Fixed tests Cli features - tests translation for recycle bin since the
tests are executed with the system locale
Fixed initialization issue in ShareObserver
Fixed connection to renamed CustomData::customDataModified() signal
Fixed connection to renamed Database::databaseModified() signal
Fixed connection to renamed Group::groupModified() signal
* Fixes including keepassxc-cli when building KeePassXC dmg on Mac.
resolves#1697
* Fix Qt search path and Properties display on macOS
* Simplify packaging POST_BUILD fixups
* Various fixes to get cli to run on macos
* Correct cli tests on macOS
* Several macOS related GUI test fixes
* Add confirmation prompt before moving groups to the recycling bin
Spawn a yes/no QMessage box when "Delete Group" is selected on a group
that is not already in the recycle bin (note: the prompt for deletion
from the recycle bin was already implemented). This follows the same
pattern and language as entry deletion.
Fixes#2125
* Make prompts for destructive operations use action words on buttons
Replace yes/no, yes/cancel (and other such buttons on prompts that cause
data to be destroyed) use language that indicates the action that it is
going to take. This makes destructive/unsafe and/or irreversible operations
more clear to the user.
Address feedback on PR #2376
* Refactor MessageBox class to allow for custom buttons
Replaces arguments and return values of type QMessageBox::StandardButton(s)
with MessageBox::Button(s), which reimplements the entire set of
QMessageBox::StandardButton and allows for custom KeePassXC buttons,
such as "Skip". Modifies all calls to MessageBox functions to use
MessageBox::Button(s).
Addresses feedback on #2376
* Remove MessageBox::addButton in favor of map lookup
Replaced the switch statement mechanism in MessageBox::addButton with
a map lookup to address CodeFactor Complex Method issue. This has a
side-effect of a small performance/cleanliness increase, as an
extra QPushButton is no longer created/destroyed (to obtain it's label
text) everytime a MessageBox button based on QMessageBox::StandardButton
is created; now the text is obtained once, at application start up.
* Make m_tmpHistoryItem a QScopedPointer
Most of the time, `m_tmpHistoryItem` should be null by the time an
`Entry` is destroyed. However, if a caller ever calls `beginUpdate()`
without later calling `endUpdate()` -- perhaps because an exception was
throw in the meantime -- it may not be null. This change avoids a memory
leak in that case.
Found via https://lgtm.com/projects/g/keepassxreboot/keepassxc/alerts
`close()` is a virtual function. Since we are calling it from a
destructor, make it clear that we are specifically calling the base
class (`QIODevice`) implementation, as opposed to an implementation in
any derived class.
[Found by lgtm.com](https://lgtm.com/projects/g/keepassxreboot/keepassxc/alerts)
Many lines were not conformant with the project's formatting rules.
This patch should fix all formatting and whitespace issues in the code
base.
A clang-format directive was put around the connect() calls containing
SIGNALs and SLOTs whose signatures would be denormalized because of the
formatting rules.
* Move mutex lock to right before challenge call and wait for up to 1 second for unlock
* Fix bug where ALREADY_RUNNING was interpreted as success and causing database corruption
When WITH_XC_NETWORKING is defined, create a QToolButton beside the Edit Entry -> Entry -> URL, which when pressed, acts as though the Edit Entry -> Icon -> Download Favicon button is pressed. This button is disabled (grayed-out) when the URL text is empty, and enabled when the text is present.
Fixes#936
* Add favicon download button
* Remove the progress dialog that appears when
downloading an entry's URL's favicon since (when working correctly) it disappears before it can be read. When downloading icons from the button
located next to the URL text box, display a message panel that confirms the download was a success.
* Do not show successful icon download msg if icon alread exists
This patch removes redundant lock widget members of the DatabaseWidget
and consolidates all unlocking functionality into a single
DatabaseOpenWidget (with the exception of KeePass1OpenWidget).
Distinction between different unlock actions is now done via a dedicated
Intent enum class instead of using individual widgets.
Further, the DatabaseUnlockDialog has been generalized so that it is
usable for unlock intents other than just Auto-Type and is now also
used for merging databases which is less confusing to the user.
The KeePassXC main window is no longer a parent of the
DatabaseUnlockDialog and has the Qt::ForeignWindow flag set, which
should cause fewer issues with Auto-Type trying to type into KeePassXC
after unlock instead of the intended target window.
In addition, its instance has been moved into the DatabaseTabWidget
class so that it is no longer bound to individual DatabaseWidgets,
potentially allowing for database selection during Auto-Type. The actual
selection has not yet been implemented, but Auto-Type has been adjusted
to use the currently selected tab instead of the first one as an
intermediary improvement.
* Fix SSHAgent identity removal on database lock
* Refactor storage and manipulation of SSHAgent keys to streamline process with multiple db's
* Clear password field when widget is hidden, resolves#2502
The Database, DatabaseWidget, and DatabaseTabWidget classes share many responsibilities in inconsistent ways resulting in impenetrable and unmaintainable code and a diverse set of bugs and architecture restrictions. This patch reworks the architecture, responsibilities of, and dependencies between these classes.
The core changes are:
* Move loading and saving logic from widgets into the Database class
* Get rid of the DatabaseManagerStruct and move all the information contained in it into the Database
* Let database objects keep track of modifications and dirty/clean state instead of handing this to external widgets
* Move GUI interactions for loading and saving from the DatabaseTabWidget into the DatabaseWidget (resolves#2494 as a side-effect)
* Heavily clean up DatabaseTabWidget and degrade it to a slightly glorified QTabWidget
* Use QSharedPointers for all Database objects
* Remove the modifiedImmediate signal and replace it with a markAsModified() method
* Implement proper tabName() method instead of reading back titles from GUI widgets (resolves#1389 and its duplicates #2146#855)
* Fix unwanted AES-KDF downgrade if database uses Argon2 and has CustomData
* Improve code
This patch is also the first major step towards solving issues #476 and #2322.
* Support ! modifier (same as '-')
* Create reusable PopupHelpWidget as self-contained popup that can
be positioned around a parent widget and will follow the movement
and sizing of the window
* Eliminated KEEPASSXC_MAIN_WINDOW macro and replaced with
getMainWindow() function
* Add tests to cover search help show/hide
* Search clears if the search box does not have focus for 5 minutes (fixes#2178)
* Goto group from search results after double clicking the group name (fixes#2043)
* Cleanup entry change notification with entryview focus in/out
* Change Open URL shortcut to CTRL+SHIFT+U to conform with an "action"
including SHIFT
* Change Copy URL shortcut to CTRL+U to conform with "copy" without SHIFT
* Entry specific toolbar and menu items are disabled unless the entry
row has focus (prevents unintended actions)
* Reword security setting for password visibility in entry edit view
* Add shortcut to hide/unhide usernames (CTRL+SHIFT+B)
* Organize entry menu
* Fix#1588 - show keyboard shortcuts in context menu
* Fix#2403 - Change auto-type shortcut to CTRL + SHIFT + V
* Fix#2096 - Add (CTRL+F) to search bar background
* Fix#2031 & Fix#2266 - add shortcut to hide/unhide passwords (CTRL+SHIFT+C)
* Fix#2166 - Add reveal password button to entry preview
* Add CLI commands show --totp and totp-clip for handling TOTPs, resolves#2429.
* Adding tests for new CLI TOTP commands
* Update keepassxc-cli man page.
Use nullptr instead of 0 or NULL to initialize a null pointer. In some
cases, readability was enhanced by replacing 0 with more meaningful
values according to the type of the pointer being initialized.
The sole purpose of a few objects was calling a static member of the
class they belonged to. This is not needed, as you can access a static
member with the <class_name>::<member_name> notation.
This patch aims at reducing the number of copies for obejcts that could
be referenced rather than copied, because they're not modified during
the computation.
The arg() function of the QString class has a variable length argument
which allows to reduce the number of chained calls to the same function.
With proper formatting, readability is not affected.
AutoTypeAction class had no out-of-line definitions and because of this
the compiler would place its vtable everywhere the class is used.
By simply defining the virtual destructor in the .cpp file, the issue
goes away.
Also, a few classes derived from AutoTypeAction had missing 'override'
qualifiers, which have now been added.
Headers are not to be placed amongst the source files in the CMake
script. The preprocessor and the linker will take care of glue all the
files together. Also, the "include_directories()" statement at the top
of the file already tells CMake where to look for all the needed
header files.
QTextStream uses the system default locale, but this breaks in
various situations: (1) It does not work on the native Windows shell
(cmd.exe, Powershell), since the default Windows locale is Windows-1252,
but the shell uses Windows-850. (2) It also breaks on *nix systems where
the locale is Latin1 or C, which is the case for most CI systems or
build servers.
We allow overriding the detected codec by setting the ENCODING_OVERRIDE
environment variable, but otherwise prefer Windows-850 on Windows and
UTF-8 on any other system, even if LANG is set to something else.
This resolves#2413
Performing a dev build against the latest version of Qt failed
because of some deprecated members. They have been replaced
according to the Qt documentation.
Further, Q_OS_MACOS is now the only macro available to identify a
machine running macOS, the others are now deprecated.
See https://doc.qt.io/qt-5/qtglobal.html#Q_OS_OSX and
https://doc.qt.io/qt-5/qtglobal.html#Q_OS_MAC.
The {group,entry}CloseButton QToolButton, had the "checkable" property set.
This caused it to act like a toggle flip flop instead of a momentary push
button. After removing that property, the signal it was changed to use
was clicked() instead of toggled(bool). Trigger upon click is
consistent with the rest of the UI's momentary buttons.
This enables coordinate system scaling for high-DPI
displays, which enforces correct proportions even
on small 4k displays. The icons are scaled up without
interpolation, which makes them crisp, but a bit
pixelated. A new scalable icon set will solve this
problem, but is not scope of this patch.
Resolves#548, #1381, #1710, #1888
In addition, this patch enforces the KeePassXC icon
theme for the KMessageBox close icon, since using
the system theme produces very ugly icons on some
Linux systems.
* Fix MainWindow startup when minimize to tray was enabled
* Reduce duplicate code in DatabaseWidget.cpp
* Fix snapcraft build dependencies
* Add support for CTRL+TAB, CTRL+PGUP, CTRL+SHIFT+TAB, CTRL+PGDN to control database tabs from any focus location
* Add CTRL+SHIFT+M shortcut to minimize to tray
* Allow minimize instead of app exit without tray icon
The CLI module was lacking unit test coverage and showed some severe
coding style violations, which this patch addresses.
In addition, all uses of qCritical() with untranslatble raw char*
sequences were removed in favor of proper locale strings. These are
written to STDERR through QTextStreams and support output
redirection for testing purposes. With this change, error messages don't
depend on the global Qt logging settings and targets anymore and go
directly to the terminal or into a file if needed.
This patch also fixes a bug discovered during unit test development,
where the extract command would just dump the raw XML contents without
decrypting embedded Salsa20-protected values first, making the XML
export mostly useless, since passwords are scrambled.
Lastly, all CLI commands received a dedicated -h/--help option.
Generation of unit test coverage reports used to be quite complicated
and required a lot of different settings, including a custom CMake
build type. This patch updates the coverage CMake module to only
require -DWITH_COVERAGE=ON to be set on a normal Debug build in order
to create a coverage target.
This patch also moves away from lcov in favor of gcovr, since lcov appears
to be broken in GCC 8. However, the routines for generating lcov reports
still exist, so provided lcov receives updates and there is sufficient
reason to switch back, it is easy to do so.
* Resolves#764
* Add libqrencode and qtsvg dependencies
* Ensure QR code remains square
* Auto-close QR code dialog when database is locked
* Add databaseLocked() Signal to databaseWidget
* Correct otpauth URI output in Totp::writeSettings(...)
Rename UI elements involved with the bottom preview panel to use the
terminology "entry preview panel" instead of "details view" or "preview
panel". Change all associated variables, widgets, and classes to
reference EntryPreviewPanel. Create Config::upgrade() function and
deprecation mapping to help rename/remove previous config settings in a
clean manner.
Fixes#2327
* Add source folder keeshare for sharing with corresponding define WITH_XC_KEESHARE
* Move common crypto parts to src/crypto/ssh
* Extended OpenSSHKey
* Move filewatching to own file (currently in two related classes DelayedFileWatcher and BulkFileWatcher)
* Small improvements for style and code in several classes
* Sharing is secured using RSA-Keys which are generated on demand
* Publisher signs the container using their private key
* Client can verify the signed container and choose to decline an import,
import only once or trust the publisher and automatically import all
data of this source henceforth
* Integration of settings into Group-Settings, Database-Settings and Application-Settings
* Introduced dependency QuaZip as dependency to allow combined export of
key container and the (custom format) certificate
* Create history-based merging that keeps older data in history instead of discarding or deleting it
* Extract merge logic into the Merger class
* Allows special merge behavior
* Improve handling of deletion and changes on groups
* Enable basic change tracking while merging
* Prevent unintended timestamp changes while merging
* Handle differences in timestamp precision
* Introduce comparison operators to allow for more sophisticated comparisons (ignore special properties, ...)
* Introduce Clock class to handle datetime across the app
Merge Strategies:
* Default (use inherited/fallback method)
* Duplicate (duplicate conflicting nodes, apply all deletions)
* KeepLocal (use local values, but apply all deletions)
* KeepRemote (use remote values, but apply all deletions)
* KeepNewer (merge history only)
* Synchronize (merge history, newest value stays on top, apply all deletions)
AppImage recipes are the legacy method for building AppImages, whereas
linuxdeploy is meant to replace them. It takes care of finding and
deploying all needed libraries and Qt plugins automagically, but it's
still under heavy development, so some manual work using appimagetool
and a few fixes are required to make it work for KeePassXC.
This patch moves building of AppImages directly into the release-tool,
both as a separate module (release-tool appimage) as well as a flag
(--appimage) for the build module. The release and CI Dockerfiles were
updated accordingly to support the new build process. The release
Dockerfile also received a Qt update to version 5.10.1.
In theory, it is now possible to use release-tool appsign for embedding
PGP signatures into AppImages, but it fails in practice due to ELF
header size limitations.
Add optional length parameter to PasswordGeneratorWidget::reset()
(default=0), which when >0 sets the legth SpinBox's value to the value
passed in. The EditEntryWidget already called reset() when the password
was known, so the current length was just added to this call (accounts
for empty passwords)
If entry edit is cancelled, return the password generator length to the
application default or last committed length if available. This is done
by calling reseting the password generator in EditEntryWidget::cancel()
when the edit page is being closed
Fixes#2180
This patch implements a new database wizard to guide users through the process
of setting up a new database and choosing sane encryption settings.
It also reimplements the master key settings to be more
user-friendly. Users can now add, change, or remove individual composite
key components instead of having to set all components at once. This
avoids confusion about a password being reset if the user only wants to
add a key file.
With these changes comes a major refactor of how database composite keys and key
components are handled. Copying of keys is prohibited and each key
exists only once in memory and is referenced via shared pointers. GUI
components for changing individual keys are encapsulated into separate
classes to be more reusable. The password edit and generator widgets
have also been refactored to be more reusable.
KeepassXC tries to load the theme icon first and then falls back to the internal icon unless the check is explicitely disabled. Remove the check from most icons
Fixes#756
* Replace Google with DuckDuckGo for optional fallback favicon fetch URL
Modify the work initially done in #36, and most recently modified in #1786,
to use DuckDuckGo's https://icons.duckduckgo.com/ip3/www.example.com.ico
favicon endpoint.
Fixes#2258
* Close failed favicon fetch progress bars
Name the UrlFetchProgressDialog() with the corresponding URL in order to
be identified by name by its parent when the failed request is handeled
in EditWidgetIcons::fetchFinished(). fetchFinished() retrieves the
relevant UrlFetchProgressDialog() and calls close() on it.
Fixes: #2265
* Group::findGroupByPath now limited to search from root (matching current usage)
* Factors out Group::findGroupByPathRecursion (on prenormalized strings).
* Eliminate TOTP logic from GUI elements
* Consolidate TOTP functionality under the Totp namespace
* Eliminate guessing about state and encoders
* Increased test cases
* Add entry view column for TOTP [#2132]
* General code cleanup, reduction of unnecessary steps, separation of concerns
* Rename SetupTotpDialog to TotpSetupDialog for consistency
* Usage of "enumerate()" with start parameter
* Use the with keyword when dealing with file objects
According to: https://docs.python.org/3.6/tutorial/inputoutput.html
* String format using ".format()"
* Chained comparisons are faster than using the "and" operator
* Added Patreon contributors
* Added real names to project maintainers
* Cleaned up layout
* Added settings button to main toolbar
* Added actions for "Donate" and "Report a Bug" to help menu
The previous default was to expect passphrases to be ASCII or
rather Latin-1. It would be reasonable to expect modern keys to
use UTF-8 instead.
This is a non-breaking change if passphrases only use characters
that fall within ASCII.
Fixes#2102
Qt 5.11 cleanes up the internal headers and so consumers could fail by
missing includes.
See: https://bugs.gentoo.org/655844
Signed-off-by: Markus Rathgeb <maggu2810@gmail.com>
* Eliminate dependency on libcurl in favor of Qt5Network code
* Supports older Qt versions without QNetworkRequest::FollowRedirectsAttribute
* Show a progress dialog when downloading the favicon. The main utility
of this is giving the user the option to cancel a download attempt
(e.g. if it's taking too long). Canceling will try the next fallback URL in the list.
* Try three different ways to obtain the favicon, in this order:
1) Direct to fully-qualified domain (e.g. https://foo.bar.example.com/favicon.ico)
2) Direct to 2nd-level domain (e.g. https://example.com/favicon.ico)
3) Google lookup for 2nd-level domain name (if enabled in settings)
I changed the Google lookup, because a match is more likely to be found
for the 2nd level domain than for the fully-qualified name.
Google's error behavior is strange. If it doesn't find a match, it
doesn't return an error. Instead, it returns a generic default icon,
which is not really the desired result. This also means that unless we
have some way to detect that we've received the generic icon, we can't
fall back to any alternatives.
Signed-off-by: Steven Noonan <steven@uplinklabs.net>
AES-256 uses a 32-byte (256-bit) key size. This un-breaks the loader and
tests added for AES-256-CBC and AES-256-CTR PEM keys.
* OpenSSHKey: correctly parse encrypted PEM AES-256-CBC/AES-256-CTR keys
* OpenSSHKey: use correct key derivation for AES-256
Resolves#1313
What this commit does:
* Whenever the Apply button is pressed, and if the save was successful, then the Apply button is disabled.
* Each subwidget used by EditEntryWidget has now a signal called `widgetUpdated` that is emitted when the widgets' internal content changes. The EditEntryWidget subscribes to that signal to know when to enable the Apply button (by calling `entryUpdated()`).
* There are some views that are not isolated in their own widgets (`m_advancedUi`, for example) so in those cases I invoked `entryUpdated()` directly whenever I detected an update:
* some updates occur directly in a Qt widget like when editing the text of a QLineItem, so in that case I connected the widget's signals directly to the `entryUpdated()` slot.
* some updates occur in EditEntryWidget, so in those cases the invocation to `entryUpdated()` is made as soon as the change is detected (for example when the user has confirmed an action in a dialog).
A known problem: there are some situations when the Apply button will get enabled even if there are no changes, this is because the app changes the value of a field by itself so it's considered an update (for example, clicking on the "Reveal" button changes the text shown in a text field).
The solution to this can be a bit complicated: disabling temporarily the `entryUpdated()` whenever the app is going to do an action with such side-effects.
So I preferred to let the Apply button get enabled in those cases.
Ignoring closeEvent signals that the application doesn't want the widget
to be closed. This may cause unwanted shutdown interruption. There's no
difference between close() and hide() unless WA_DeleteOnClose is set, so
it's better to just accept the event if we're hiding the window
afterwards anyway.
Resolves#856
Fix/work around KeePassXC flickering and not restoring from tray on some Linux systems, which happens if the window is hidden and minimized by code at the same time (see issue #1595).
The 'text' property of the QAction gets mangled by KDE when it adds its
own accelerator shortcuts. But the data property is ours. Use that for
keying instead.
Signed-off-by: Steven Noonan <steven@uplinklabs.net>
Similar to KeePass2 most elements are checked for a
Protected="True"
attribute. Previously, files KDBX 3.1 files with protected Binary
entries, as seen in the wild, could not be read (mangled passwords and
file attachments).
