* Fixes#10723 - only display password strength warning when actively editing the password
* Also improve behavior of minimum quality warning
* Improve behavior and handling of password changes with the database settings dialog
* Prevents loss of newly entered password when toggling between elements in the settings page
* On error, switch to tab that prevents saving database settings for easier correction
* Use SHA256 hash of the file path of the database to generate a UUID when using the KDBX3 format. This restores the original behavior of using the file path as the quick unlock lookup key.
A warning is issued from Qt when the path is empty. This happens most often during test runs, but can also occur when closing a database before everything gets cleaned up.
* MainWindow: change Clone Entry shortcut to Ctrl+D from Ctrl+K
* MainWindow: move shortcuts from .cpp to .ui file
The only shortcuts defined in the .cpp file are ones that can't be defined in the .ui file, because they are in some way conditional. This also reduces the number of compiler warnings of the kind:
warning: arithmetic between different enumeration types ‘Qt::Modifier’ and ‘Qt::Key’ is deprecated [-Wdeprecated-enum-enum-conversion] with recent GCC versions.
* Provide remote database sync capability
Allow arbitrary commands to be defined and executed for syncing databases with remote services. This includes sftp, scp, rsync, etc.
Remote commands are stored per-database and sync operations are manually triggered by the user from the Database -> Remote Sync menu.
---------
Co-authored-by: Stefan Forstenlechner <t-h-e@users.noreply.github.com>
Co-authored-by: Jonathan White <support@dmapps.us>
* Fix database view splitters resize behaviour
* Set default ratio sizes for first-run based on the size of the database widget itself
* Fix setting splitter sizes before database widget has had a chance to render for the first time
* Disallow collapsing the entry view (source of several bug reports)
Fixes: #10613
---------
Co-authored-by: Jonathan White <support@dmapps.us>
* Fix passphrase generator test
Previously, the test case was assuming the wrong regex. In particular, the default word list (eff_large.wordlist) contains several words that contain dashes. Adjust the regex used in the test to reflect this. This should fix rare test failures
Remove Unicode character U+FEFF ZERO WIDTH NO-BREAK SPACE from Weslly's
email address in a few places.
Not sure if this was done on purpose (anti-spam measure?), but it's not
consistently done anyway (e.g. wasn't the case in
src/gui/TotpDialog.cpp), so it seems cleanest to remove this.
* Botan: use raw_private_key_bits() if available
Botan 3.x introduces raw_private_key_bits() as an alias for
get_private_key(), and deprecates the latter.
* Botan: use Cipher_Dir::Encryption
Botan 3.x introduces Cipher_Dir::Encryption as an alias for
Cipher_Dir::ENCRYPTION, and deprecates the latter. Likewise for
Decryption/DECRYPTION.
* Fix broken build when using system zxcvbn
Fixup of zxcvbn include statement added in 5513ff5. A zxcvbn/ directory
prefix breaks building with system zxcvbn. Remove this prefix to align
this include statement with ones present in other files. Add zxcvbn
libraries as dependency to CliTest.
* Move src/zxcvbn/ to src/thirdparty/zxcvbn
Each AddAccessAllowedAce invocation should be matched with a corresponding sizeof(ACCESS_ALLOWED_ACE) and the respective GetLengthSid of the SID being used. This ensures that there is enough space in the ACL for each entry.
The issue manifest itself only when WITH_XC_SSHAGENT is defined.
* Fix#10656 - Add a small delay when before auto-polling hardware keys to all them to settle immediately after plugging in. This resolves an issue where the key's serial number could not be resolved due to hardware timeout.
* Also fix use of uninitialized variable if polling serial number fails for whatever reason.
* Fix typo in macOS key registration code
* Prevent registering duplicate listeners on window focus. These were not de-registered because we didn't trigger on unfocus. Show/Hide are sufficient triggers to add and remove listeners.
* Fix#6593 - force close any modal dialogs associated with a database widget that is being locked.
* Partial fix for #721 but doesn't address the problem of needing to save a modified entry or database while locking.
* Also improves import dialog behavior if databases(s) lock while it is visible.
* Fix#10653 - prevent category switching if no category was actually hidden/visible. Also properly select a new category when a change is made instead of just changing the widget page.
* Fix apply button still being enabled after it is pressed and successfully committed
* Fixes#10400
- Support TOTP entries with bare secrets instead of otpauth urls for Bitwarden. Vice-versa for 1PUX.
- Support Bitwarden Argon2id encryption scheme
* Fixes#10380 - Support Bitwarden organization collections
This issue previously caused parent databases to be marked as modified on unlock. This was because of the new protections against byte-by-byte side channel attacks adds a randomized string to the database custom data. We should never be merging database custom data with keeshare or imports since we are merging groups only.
Also prevent overwrite of auto-generated custom data fields, Last Modified and Random Slug.
* Restrict access to changing DACL's after the process is started. This prevents the creator of the keepassxc.exe process from simply adding the permission to read memory back to the DACL list.
* Verified using System Informer.