Commit Graph

3550 Commits

Author SHA1 Message Date
Balazs Gyurak
024e00cc97 Only show warning about snap browsers on Linux 2019-11-23 08:15:58 -05:00
Aetf
a66f8ec04d FdoSecrets: fix crash when enabling the plugin on a non-exposed database 2019-11-23 07:58:39 -05:00
varjolintu
e2c95f75f1 Fix subdomain matching 2019-11-23 07:53:09 -05:00
Sergey Vilgelm
a590289900 Add a new line after in Analyze command
Adding a new line after the message "Evaluating database entries against HIBP file, this will take a while..." helps
to separate a report and the comment.
2019-11-17 22:42:39 -05:00
Janek Bevendorff
0fd883686c
Release 2.5.1
Added

- Add programmatic use of the EntrySearcher [#3760]
- Explicitly clear database memory upon locking even if the object is not deleted immediately [#3824]
- macOS: Add ability to perform notarization of built package [#3827]

Changed

- Reduce file hash checking to every 30 seconds to correct performance issues [#3724]
- Correct formatting of notes in entry preview widget [#3727]
- Improve performance and UX of database statistics page [#3780]
- Improve interface for key file selection to discourage use of the database file [#3807]
- Hide Auto-Type sequences column when not needed [#3794]
- macOS: Revert back to using Carbon API for hotkey detection [#3794]
- CLI: Do not show protected fields by default [#3710]

Fixed

- Secret Service: Correct issues interfacing with various applications [#3761]
- Fix building without additional features [#3693]
- Fix handling TOTP secret keys that require padding [#3764]
- Fix database unlock dialog password field focus [#3764]
- Correctly label open databases as locked on launch [#3764]
- Prevent infinite recursion when two databases AutoOpen each other [#3764]
- Browser: Fix incorrect matching of invalid URLs [#3759]
- Properly stylize the application name on Linux [#3775]
- Show application icon on Plasma Wayland sessions [#3777]
- macOS: Check for Auto-Type permissions on use instead of at launch [#3794]
2019-11-11 20:53:43 +01:00
Janek Bevendorff
db63a40461
Update translations 2019-11-11 20:53:39 +01:00
Janek Bevendorff
90cf5c08ad
Remove explicit PR links from CHANGELOG 2019-11-11 20:51:20 +01:00
Jonathan White
0454f4ea4c Correct finding snapcraft.yaml in release-tool 2019-11-11 11:44:12 -05:00
Jonathan White
d37e71b793 Bump version and update changelog 2019-11-11 11:37:23 -05:00
varjolintu
3d0964bce9 Fix URL matching 2019-11-10 08:43:10 -05:00
dxdc
4437e6a609 Encode trailing equal signs from base32 TOTP key
Fixes #3255
2019-11-10 08:42:50 -05:00
Janek Bevendorff
7659bbb711
Fix release-tool on macOS and add notarization. (#3827) 2019-11-10 00:08:20 +01:00
Jonathan White
a07bae2530 Correct formatting of preview widget fields (#3727)
* Fix #3701 - replace QLabel with QTextEdit to enable scrolling of notes

* Notes are plain text. They will remain as plain text and hyperlinks will not be enabled in the notes. Until the notes editor is moved to a rich text / html editor this will remain the case.

* Convert username and password fields in preview pane to QLineEdit's to allow for full copying and viewing if larger than the field width.
2019-11-09 18:16:05 +01:00
Janek Bevendorff
29ca08f9ff Fix DatabaseUnlockDialog window sizing.
Fixes the default shrink-wrap and wonky upscaling
behaviour of the DatabaseUnlockDialog window.
2019-11-09 10:00:34 -05:00
Jonathan White
d3978980d2 Perform file hash checks asynchronously (#3815) 2019-11-09 14:02:34 +01:00
Jonathan White
7ba9fcc0e5 macOS: Check for Auto-Type permissions on use instead of at launch
* Fix #3689 - link the use of Auto-Type with the permissions required to use it
2019-11-09 13:53:44 +01:00
Jonathan White
440331d319 Revert "Remove Carbon from Mac Auto-Type (#3347)"
This reverts commit ce1f19cacc.
2019-11-09 13:53:44 +01:00
Jonathan White
035823e414 Hide Auto-Type sequences column when unnecessary
* Fix #3688 - hide the sequences column if all of the entry matches return the same sequence. This cleans up redundent data in the Auto-Type selection dialog introduced in 2.5.0.
2019-11-09 13:53:44 +01:00
Janek Bevendorff
5996ba51c9 Use PasswordKey for storing transformed secrets.
The transformed secrets were stored in normal QByteArrays,
which are at risk of being swapped out. We now use secure
PasswordKey objects instead. There are still a few areas
where QByteArrays are used for storing secrets, but since
they are all temporary, they are less critical. It may be
worth hunting those down as well, though.
2019-11-09 11:33:32 +01:00
Janek Bevendorff
22af66e3b5 Ensure database contents are released right away.
When we lock a database, we reset the database pointer to
free its resources. Since various other widgets besides the
DatabaseWidget hold references to the shared pointer object,
however, it cannot be guaranteed that the actual database
object will be freed right away. This patch adds a releaseData()
method which is called upon database lock to ensure all
residual data is cleared without having to rely on the actual
database object being cleaned up.
2019-11-09 11:33:32 +01:00
Jonathan White
87ca7c7f7b Improve UX of database statistics page
* Fix #3766 - move database statistics processing into async task and only perform the calculation when the statistics tab is activated.
2019-11-08 22:24:30 -05:00
Jonathan White
f9d2696046 Relax strictness of TOTP Base32 validation
* Fix #3754 - Accept valid TOTP keys that require padding when converted to Base32.
* Allow use of spaces and lower case letters in the TOTP secret key.
2019-11-09 00:53:40 +01:00
Jonathan White
4edb623745 Prevent recursive loads using AutoOpen
* Fix #3334 - AutoOpen is now processed after the database widget is put into view mode to prevent infinite recursion of unlock attempts if two databases  auto open each other.
2019-11-09 00:53:40 +01:00
Jonathan White
cb9929712c Start Database Widget in view mode
* Fix #3713 - DatabaseWidget starts in locked mode instead of view mode fixing tab names on launch.
2019-11-09 00:53:40 +01:00
Jonathan White
837df4f4cb Fix issues with database unlock
* Fix #3735 - Don't focus on OpenDatabaseWidget fields that are not visible; ensures password field is focused after database lock.

* Fix #3487 - Password input is selected after failed unlock.

* Fix #1938 - Password input is focused after toggling visibility using the keyboard
2019-11-09 00:53:40 +01:00
guihkx
6339d61419 Properly stylize the application name (#3775)
This is just a cosmetic change. On KDE Plasma, the title of the tray icon is set by either the name of the binary, or by calling `setApplicationName()`. So having it properly stylized looks better.
2019-11-08 23:54:56 +01:00
Aetf
f9097c84e9 FdoSecrets: use EntrySearcher's internal search API 2019-11-08 17:37:50 -05:00
Aetf
b96c1e92a3 Expose EntrySearcher's SearchTerm for internal code usage 2019-11-08 17:37:50 -05:00
Aetf
329701a34e Secret Service Integration Fixes (#3761)
* FdoSecrets: create prompt object only when necessary

* FdoSecrets: negotiationOutput should always return a valid QVariant otherwise QDBus will fail to create a reply, causing timeout in client.

* FdoSecrets: include in debug info
2019-11-07 21:28:49 -05:00
Janek Bevendorff
5d2766e016 Make the purpose of the key file field clearer.
The new unlock dialogue seems to confuse users
as to what the purpose of the key file is. This
patch changes the generic "Select file..." affordance
to the more explicit "Select key file..." and adds
a help button to the label just like the one we
already have for the hardware key. Furthermore,
it prevents the user from using the KDBX file as its
own key file (since that would never work anyway).

The change breaks existing translations on purpose
(instead of simply adjusting the en_US locale)
in order to force translators to update this string
for their languages.

Resolves #3678
2019-11-07 21:26:56 -05:00
Elvis Angelaccio
1722397040 Show application icon in Plasma Wayland sessions (#3777)
This is required to show the keepassxc icon on Wayland windows in a
Plasma Wayland session.

kwin_wayland fetches application icons from .desktop files and it
expects the desktop filename to be set on the QGuiApplication instance.

Without this, kwin sets a generic Wayland icon as fallback.
2019-11-03 12:00:16 +01:00
Rafael Sadowski
38a663163d Check include malloc.h and malloc_usable_size(3)
One some operating systems  malloc(3) is not in malloc.h nor in
malloc_np.h, instead it is in stdlib.h.

In addition, not all systems support malloc_usable_size(3). You could
argue it's not safe.

This patch tries to be portable and it fix the build on OpenBSD.
2019-11-01 22:54:24 -04:00
louib
f4d6b4d13a CLI: do not display protected fields by default. 2019-11-01 22:53:54 -04:00
asapelkin
98badfb4a2 some cppcheck and clang-tidy fixies 2019-11-01 22:53:28 -04:00
Sergei Zyubin
ac7face247 Fix mixed translations for keepassxc-cli (#3732)
Fix mixed translations for keepassxc-cli
2019-10-30 09:53:57 -04:00
Jonathan White
36e14157be Significantly reduce impact of FileWatcher hashing (#3724)
* Fix #3699

Reduce file watch hashing of open database files from every second to every 30 seconds. Additionally, only hash the first 1024 bytes of the database file. This is valid since most of the header and the entire encrypted portion are changed significantly on every save.
2019-10-30 11:40:56 +01:00
Jonathan White
178bea6bbc Fix building without features
* Fix #3684 - Include YubiKey headers in CLI tests 

* Skip building testguibrowser if browser integration is disabled

* Cleanup test CMakeLists
2019-10-29 23:03:39 -04:00
Janek Bevendorff
1ab8a9f42c
Release 2.5.0
Added

- Add 'Paper Backup' aka 'Export to HTML file' to the 'Database' menu [[#3277](https://github.com/keepassxreboot/keepassxc/pull/3277)]
- Add statistics panel with information about the database (number of entries, number of unique passwords, etc.) to the Database Settings dialog [[#2034](https://github.com/keepassxreboot/keepassxc/issues/2034)]
- Add offline user manual accessible via the 'Help' menu [[#3274](https://github.com/keepassxreboot/keepassxc/issues/3274)]
- Add support for importing 1Password OpVault files [[#2292](https://github.com/keepassxreboot/keepassxc/issues/2292)]
- Implement Freedesktop.org secret storage DBus protocol so that KeePassXC can be used as a vault service by libsecret [[#2726](https://github.com/keepassxreboot/keepassxc/issues/2726)]
- Add support for OnlyKey as an alternative to YubiKeys (requires yubikey-personalization >= 1.20.0) [[#3352](https://github.com/keepassxreboot/keepassxc/issues/3352)]
- Add group sorting feature [[#3282](https://github.com/keepassxreboot/keepassxc/issues/3282)]
- Add feature to download favicons for all entries at once [[#3169](https://github.com/keepassxreboot/keepassxc/issues/3169)]
- Add word case option to passphrase generator [[#3172](https://github.com/keepassxreboot/keepassxc/issues/3172)]
- Add support for RFC6238-compliant TOTP hashes [[#2972](https://github.com/keepassxreboot/keepassxc/issues/2972)]
- Add UNIX man page for main program [[#3665](https://github.com/keepassxreboot/keepassxc/issues/3665)]
- Add 'Monospaced font' option to the notes field [[#3321](https://github.com/keepassxreboot/keepassxc/issues/3321)]
- Add support for key files in auto open [[#3504](https://github.com/keepassxreboot/keepassxc/issues/3504)]
- Add search field for filtering entries in Auto-Type dialog [[#2955](https://github.com/keepassxreboot/keepassxc/issues/2955)]
- Complete usernames based on known usernames from other entries [[#3300](https://github.com/keepassxreboot/keepassxc/issues/3300)]
- Parse hyperlinks in the notes field of the entry preview pane [[#3596](https://github.com/keepassxreboot/keepassxc/issues/3596)]
- Allow abbreviation of field names in entry search [[#3440](https://github.com/keepassxreboot/keepassxc/issues/3440)]
- Allow setting group icons recursively [[#3273](https://github.com/keepassxreboot/keepassxc/issues/3273)]
- Add copy context menu for username and password in Auto-Type dialog [[#3038](https://github.com/keepassxreboot/keepassxc/issues/3038)]
- Drop to background after copying a password to the clipboard [[#3253](https://github.com/keepassxreboot/keepassxc/issues/3253)]
- Add 'Lock databases' entry to tray icon menu [[#2896](https://github.com/keepassxreboot/keepassxc/issues/2896)]
- Add option to minimize window after unlocking [[#3439](https://github.com/keepassxreboot/keepassxc/issues/3439)]
- Add option to minimize window after opening a URL [[#3302](https://github.com/keepassxreboot/keepassxc/issues/3302)]
- Request accessibility permissions for Auto-Type on macOS [[#3624](https://github.com/keepassxreboot/keepassxc/issues/3624)]
- Browser: Add initial support for multiple URLs [[#3558](https://github.com/keepassxreboot/keepassxc/issues/3558)]
- Browser: Add entry-specific browser integration settings [[#3444](https://github.com/keepassxreboot/keepassxc/issues/3444)]
- CLI: Add offline HIBP checker (requires a downloaded HIBP dump) [[#2707](https://github.com/keepassxreboot/keepassxc/issues/2707)]
- CLI: Add 'flatten' option to the 'ls' command [[#3276](https://github.com/keepassxreboot/keepassxc/issues/3276)]
- CLI: Add password generation options to `Add` and `Edit` commands [[#3275](https://github.com/keepassxreboot/keepassxc/issues/3275)]
- CLI: Add XML import [[#3572](https://github.com/keepassxreboot/keepassxc/issues/3572)]
- CLI: Add CSV export to the 'export' command [[#3278](https://github.com/keepassxreboot/keepassxc/issues/3278)]
- CLI: Add `-y --yubikey` option for YubiKey [[#3416](https://github.com/keepassxreboot/keepassxc/issues/3416)]
- CLI: Add `--dry-run` option for merging databases [[#3254](https://github.com/keepassxreboot/keepassxc/issues/3254)]
- CLI: Add group commands (mv, mkdir and rmdir) [[#3313](https://github.com/keepassxreboot/keepassxc/issues/3313)].
- CLI: Add interactive shell mode command `open` [[#3224](https://github.com/keepassxreboot/keepassxc/issues/3224)]

Changed

- Redesign database unlock dialog [ [#3287](https://github.com/keepassxreboot/keepassxc/issues/3287)]
- Rework the entry preview panel [ [#3306](https://github.com/keepassxreboot/keepassxc/issues/3306)]
- Move notes to General tab on Group Preview Panel [[#3336](https://github.com/keepassxreboot/keepassxc/issues/3336)]
- Enable entry actions when editing an entry and cleanup entry context menu  [[#3641](https://github.com/keepassxreboot/keepassxc/issues/3641)]
- Improve detection of external database changes  [[#2389](https://github.com/keepassxreboot/keepassxc/issues/2389)]
- Warn if user is trying to use a KDBX file as a key file [[#3625](https://github.com/keepassxreboot/keepassxc/issues/3625)]
- Add option to disable KeePassHTTP settings migrations prompt [[#3349](https://github.com/keepassxreboot/keepassxc/issues/3349), [#3344](https://github.com/keepassxreboot/keepassxc/issues/3344)]
- Re-enabled Wayland support (no Auto-Type yet) [[#3520](https://github.com/keepassxreboot/keepassxc/issues/3520), [#3341](https://github.com/keepassxreboot/keepassxc/issues/3341)]
- Add icon to 'Toggle Window' action in tray icon menu [[3244](https://github.com/keepassxreboot/keepassxc/issues/3244)]
- Merge custom data between databases only when necessary [[#3475](https://github.com/keepassxreboot/keepassxc/issues/3475)]
- Improve various file-handling related issues when picking files using the system's file dialog [[#3473](https://github.com/keepassxreboot/keepassxc/issues/3473)]
- Add 'New Entry' context menu when no entries are selected [[#3671](https://github.com/keepassxreboot/keepassxc/issues/3671)]
- Reduce default Argon2 settings from 128 MiB and one thread per CPU core to 64 MiB and two threads to account for lower-spec mobile hardware [ [#3672](https://github.com/keepassxreboot/keepassxc/issues/3672)]
- Browser: Remove unused 'Remember' checkbox for HTTP Basic Auth [[#3371](https://github.com/keepassxreboot/keepassxc/issues/3371)]
- Browser: Show database name when pairing with a new browser [[#3638](https://github.com/keepassxreboot/keepassxc/issues/3638)]
- Browser: Show URL in allow access dialog [[#3639](https://github.com/keepassxreboot/keepassxc/issues/3639)]
- CLI: The password length option `-l` for the CLI commands `Add` and `Edit` is now `-L` [[#3275](https://github.com/keepassxreboot/keepassxc/issues/3275)]
- CLI: The `-u` shorthand for the `--upper` password generation option has been renamed to `-U` [[#3275](https://github.com/keepassxreboot/keepassxc/issues/3275)]
- CLI: Rename command `extract` to `export`. [[#3277](https://github.com/keepassxreboot/keepassxc/issues/3277)]

Fixed

- Improve accessibility for assistive technologies [[#3409](https://github.com/keepassxreboot/keepassxc/issues/3409)]
- Correctly unlock all databases if `--pw-stdin` is provided [[#2916](https://github.com/keepassxreboot/keepassxc/issues/2916)]
- Fix password generator issues with special characters [[#3303](https://github.com/keepassxreboot/keepassxc/issues/3303)]
- Fix KeePassXC interrupting shutdown procedure [[#3666](https://github.com/keepassxreboot/keepassxc/issues/3666)]
- Fix password visibility toggle button state on unlock dialog [[#3312](https://github.com/keepassxreboot/keepassxc/issues/3312)]
- Fix potential data loss if database is reloaded while user is editing an entry [[#3656](https://github.com/keepassxreboot/keepassxc/issues/3656)]
- Fix hard-coded background color in search help popup [[#3001](https://github.com/keepassxreboot/keepassxc/issues/3001)]
- Fix font choice for password preview [[#3425](https://github.com/keepassxreboot/keepassxc/issues/3425)]
- Fix handling of read-only files when autosave is enabled [[#3408](https://github.com/keepassxreboot/keepassxc/issues/3408)]
- Handle symlinks correctly when atomic saves are disabled [[#3463](https://github.com/keepassxreboot/keepassxc/issues/3463)]
- Enable HighDPI icon scaling on Linux [[#3332](https://github.com/keepassxreboot/keepassxc/issues/3332)]
- Make Auto-Type on macOS more robust and remove old Carbon API calls [[#3634](https://github.com/keepassxreboot/keepassxc/issues/3634), [[#3347](https://github.com/keepassxreboot/keepassxc/issues/3347))]
- Hide Share tab if KeePassXC is compiled without KeeShare support and other minor KeeShare improvements [[#3654](https://github.com/keepassxreboot/keepassxc/issues/3654), [[#3291](https://github.com/keepassxreboot/keepassxc/issues/3291), [#3029](https://github.com/keepassxreboot/keepassxc/issues/3029), [#3031](https://github.com/keepassxreboot/keepassxc/issues/3031), [#3236](https://github.com/keepassxreboot/keepassxc/issues/3236)]
- Correctly bring window to the front when clicking tray icon on macOS [[#3576](https://github.com/keepassxreboot/keepassxc/issues/3576)]
- Correct application shortcut created by MSI Installer on Windows [[#3296](https://github.com/keepassxreboot/keepassxc/issues/3296)]
- Fix crash when removing custom data [[#3508](https://github.com/keepassxreboot/keepassxc/issues/3508)]
- Fix placeholder resolution in URLs [[#3281](https://github.com/keepassxreboot/keepassxc/issues/3281)]
- Fix various inconsistencies and platform-dependent compilation bugs [[#3664](https://github.com/keepassxreboot/keepassxc/issues/3664), [#3662](https://github.com/keepassxreboot/keepassxc/issues/3662), [#3660](https://github.com/keepassxreboot/keepassxc/issues/3660), [#3655](https://github.com/keepassxreboot/keepassxc/issues/3655), [#3649](https://github.com/keepassxreboot/keepassxc/issues/3649), [#3417](https://github.com/keepassxreboot/keepassxc/issues/3417), [#3357](https://github.com/keepassxreboot/keepassxc/issues/3357), [#3319](https://github.com/keepassxreboot/keepassxc/issues/3319), [#3318](https://github.com/keepassxreboot/keepassxc/issues/3318), [#3304](https://github.com/keepassxreboot/keepassxc/issues/3304)]
- Browser: Fix potential leaking of entries through the browser integration API if multiple databases are opened [[#3480](https://github.com/keepassxreboot/keepassxc/issues/3480)]
- Browser: Fix password entropy calculation [[#3107](https://github.com/keepassxreboot/keepassxc/issues/3107)]
- Browser: Fix Windows registry settings for portable installation [[#3603](https://github.com/keepassxreboot/keepassxc/issues/3603)]
2019-10-26 21:34:32 +02:00
Janek Bevendorff
b3d834acb0
Update translations 2019-10-26 21:34:28 +02:00
Janek Bevendorff
0a273ba1e2
Last changelog updates and update to appdata.xml file 2019-10-26 21:15:17 +02:00
Janek Bevendorff
74202a86b2
Finish changelog for 2.5.0 2019-10-26 20:58:30 +02:00
Jonathan White
744354c550 Reduce default Argon2 memory and thread settings (#3672)
* Fix #3550
* Default memory reduced to 64 MiB (from 128 MiB) and parallelism reduced to 2 threads. This allows for desktop and mobile device compatibility.
2019-10-26 20:55:26 +02:00
Jonathan White
57a7720274 Additional fixes for entry context menu (#3671)
Obtain context focus lock when showing new context menus

Fix #3670
2019-10-26 20:54:52 +02:00
Jonathan White
8c300b4fcb Update About Dialog contributors and translators (#3669) 2019-10-26 20:53:18 +02:00
Janek Bevendorff
6a25c8dc84
Force app exit if session manager signals a shutdown. (#3666)
Resolves #3410.

Additionally, "fix" main window toggling behaviour when
clicking the tray icon while the window is visible, but
not in focus (e.g. hidden by other windows). On platforms
other than Windows, the window is now brought to the front
if it does not already have focus or is toggled otherwise.

Remove obsolete Windows session end handling code.
2019-10-26 16:14:28 +02:00
Janek Bevendorff
ebc006c4b9
Add keepassxc man page and move cli man page to share folder (#3665) 2019-10-25 20:45:38 +02:00
Bernhard Kirchen
8c8c181f73 Hide YubiKey labels on unlock screen when compiled without XC_YUBIKEY (#3664) 2019-10-25 19:35:16 +02:00
Chih-Hsuan Yen
7c6c027d33 Fix building on Mac OS X 10.11 or older
* Add a missing include in src/core/Alloc.cpp

On Mac OS X 10.11 with Xcode 8.2.1, building fails with

/opt/local/var/macports/build/_opt_bblocal_var_buildworker_ports_build_ports_security_KeePassXC/KeePassXC-devel/work/keepassxc-f726d7501ff7e8a66ae974719042f23010716595/src/core/Alloc.cpp:44:10: error: no type named 'free' in namespace 'std'
    std::free(ptr);
    ~~~~~^

Per [1], std::free() needs #include <cstdlib>. That file is included
indirectly on newer systems.

* Avoid const Signature object in src/keeshare/ShareExport.cpp

After the above issue is resolved, building fails at

/opt/local/var/macports/build/_opt_bblocal_var_buildworker_ports_build_ports_security_KeePassXC/KeePassXC-devel/work/keepassxc-f726d7501ff7e8a66ae974719042f23010716595/src/keeshare/ShareExport.cpp:152:29: error: default initialization of an object of const type 'const Signature' without a user-provided default constructor
            const Signature signer;
                            ^

Apparently this is related to C++ defect 253 [2]. From the code,
creating a Signature is not needed as all methods in Signature are
static, so just call the method.

[1] https://en.cppreference.com/w/cpp/memory/c/free
[2] https://stackoverflow.com/a/47368753
2019-10-24 18:56:33 -04:00
Janek Bevendorff
99aafe657d Fix zxcvbn include for out-of-tree compilation, resolves #3658 2019-10-24 18:56:00 -04:00
schlimmchen
c2b16c663f no "Share" tab without WITH_XC_KEESHARE
if KeePassXC is compiled with WITH_XC_KEESHARE=OFF, the "Share" tab of
the EntryPreviewWidget for groups is removed from the GUI completely.

closes #3619.
2019-10-23 22:49:16 -04:00