Commit Graph

162 Commits

Author SHA1 Message Date
Jonathan White
736df7696f FDO Secrets: Fix double free on exit
* Prevent double free due to QObject cleanup happening before/after the ExtraPage  storing the QSharedPointer to FdoSecretsPlugin is deleted.
* Fixes #4877
2020-06-19 21:24:43 -04:00
Jonathan White
fbebf30b98 Fix permissions changing on database save
* Saving a database in unsafe mode retains the existing permissions on the kdbx file
* New databases (save as, save backup, new database) and new key files are saved with 0600 permissions (user read/write), fixes #2575
2020-06-07 16:00:56 -04:00
Jonathan White
9d10792640 Update edit entry widget when backing entry changes
* Fixes #4060
* Also fix not emitting entryModified() when history is truncated. This possibly fixes other crashes with apply button when the history is truncated and then the history page is shown with a deleted entry.
2020-06-04 10:03:40 -04:00
Jonathan White
2073f2ddc3 Fix theming with Qt 5.15
* Fixes #4765
* Fixes #4766
2020-06-04 10:03:40 -04:00
Jonathan White
6f5e13815c Fix resolving resources when running from build directory
* Copy wordlists to build dir share folder
* Change resource path resolution to only test the provided directory, not finding a specific file
2020-06-04 10:03:40 -04:00
Jonathan White
c830f85c09 Various minor bug fixes / enhancements
* Fix issues when Config options were renamed
* Fix compile issues when using clang 10
* Rearrange database menu icons and import database menu icons
* Set minimum size of MainWindow to 800 to prevent search bar from hiding
* Fix not saving password generator options when closing the standalone generator
* Add headers to health check reports
* Don't show hidden content dots when notes are hidden but empty.

* Fix saving new database files in SMB shares on Windows, fixes #4809

* Gracefully handle duplicate attachments :
Instead of bailing out with an error, prepend a random string to the name of duplicate attachment records. This prevents data loss from other programs that mishandled KDBX XML writing. Fixes #2493

* Properly handle blocked import of signed KeeShare database, fixes #4413
2020-06-04 10:03:40 -04:00
Janek Bevendorff
9d2e066aca Clean up various parts of the UI and rearrange settings
- Unify widget layouts and margins
- Fix tab order on a bunch of widgets
- Fix broken entry/group edit form layout and replace with grid layout
- Rearrange some settings for better logical grouping
- Fix some settings checkboxes not being enabled/disabled on load
- Fix "General" settings tab scrolling
- Rename "Root" group to "Passwords"
- Update demo.kdbx accordingly and redownload favicons
- Change entry path display to use slash separators
- Reduce Medium and Large icon sizes slightly
2020-05-30 10:45:00 +02:00
Jonathan White
90d5372813
Replace database icons with SVG's
Original source of icons is the icon8 library (http://icons8.com/c/flat-color-icons) and Paomedia (https://github.com/paomedia/small-n-flat). All icons used are licensed MIT or CC0; annotated in COPYING.

* Closes #4071

* Increase default size of database icons to 24px and entry preview panel to 48px
* Add shell script to assemble the database icons

* Use QIcon to seamlessly support High DPI displays and pixmap caching
* Add badge support for KeeShare groups and expired entries.
* Guard against use of QPixmap::fromImage without a GUI

* Add SVG minify and improve `make icons`

Co-authored-by: Wolfram Rösler <wolfram@roesler-ac.de>
2020-05-29 10:00:32 -04:00
Aetf
44779bc862 FdoSecrets: add unit tests 2020-05-27 22:07:25 -04:00
Andrew Meyer
45848c3f61 Implement 'Save Database Backup' option
Add an option in the 'Database' menu to save a backup of the current database.

Add unit test for saving database copy

* Open a test database, mark it as modified, and save a copy
* Fail if the copy is not a valid database
* Fail if the original database is saved
* Fail if the original database is no longer marked as modified
2020-05-16 11:00:27 -04:00
Jonathan White
689a85a071 Make GUI tests more robust for CI 2020-05-16 00:47:01 +02:00
Jonathan White
49487f9d4a Fix changing focus around the main window using tab
* Override Qt's default [broken] behavior of handling Tab/Shift+Tab to navigate around the MainWindow. Completely fixes trapped focus.

* Improve handling of search results when navigating the UI.

* Fix selecting first entry after ending a search.

* Add keyboard shortcuts to directly focus on search (F1), Group List (F2), and Entry List (F3)

* Fixes #2878, #4636, and #4221
2020-05-14 20:21:32 -04:00
Jonathan White
a145bf9119 Complete refactor of Browser Integration classes
* Removed option to attach KeePassXC to the browser extension. Users must use the proxy application to communicate with KeePassXC.
* Significantly streamlined proxy code. Used same implementation of stdin/stdout interface across all platforms.
* Moved browser service entry point to BrowserService class instead of NativeMessagingHost. BrowserService now coordinates the communication to/from clients.
* Moved settings page definition out of MainWindow
* Decoupled BrowserService from DatabaseTabWidget
* Reduced complexity of various functions and cleaned the ABI (public vs private).
* Eliminated BrowserClients class, moved functionality into the BrowserService
* Renamed HostInstaller to NativeMessageInstaller and renamed NativeMessageHost to BrowserHost.
* Recognize XDG_CONFIG_HOME when installing native message file on Linux. Fix #4121 and fix #4123.
2020-05-14 17:14:17 -04:00
Wolfram Rösler
3c19fdd193 Reports: Add "Known Bad" flag for entries
* Fixes #4168

* Introduce a custom data element stored with an entry to indicate that it is a "Known Bad" entry. This flag causes database reports to skip these entries.
* The current number of known bad entries is displayed in the statistics report.
* Add context menu to reports to easily exclude entries.
2020-05-08 20:51:11 -04:00
Janek Bevendorff
596d2cf425 Refactor Config.
Replaces all string configuration options with enum types
that can be checked by the compiler. This prevents spelling
errors, in-place configuration definitions, and inconsistent
default values. The default value config getter signature was
removed in favour of consistently and centrally default-initialised
configuration values.

Individual default values were adjusted for better security,
such as the default password length, which was increased from
16 characters to 32.

The already existing config option deprecation map was extended
by a general migration procedure using configuration versioning.

Settings were split into Roaming and Local settings, which
go to their respective AppData locations on Windows.

Fixes #2574
Fixes #2193
2020-05-02 22:30:27 +02:00
Jonathan White
fb5173cebd Remove inline password generator when editing entries
* Always use a pop-up generator to avoid cluttering the user interface and making it clear that a password is being created
2020-03-09 18:03:20 -04:00
Jonathan White
fe1189ea79 Enhance Password Editing Fields
* Remove repeat password on entry edit
* Move show/hide password and password generator buttons into the field as actions.
* Register keyboard shortcut Ctrl+H to toggle password visibility
* Register keyboard shortcut Ctrl+G to open the password generator
* Cleanup code and improve interactions between elements
* Simplify Password Generator button layout; convert advanced mode button to toggle button
* Update GUI tests

* Fixes #4120
2020-03-09 18:03:20 -04:00
Jonathan White
1d7ef5d4eb Move theme detection into Application
* Add function to Application to quickly determine if in light or dark theme
* Add kpxcApp symbol
* Explicitly define main function for GUI tests to improve performance and use custom Application.
2020-03-09 18:03:20 -04:00
Jonathan White
b0ad4a50d9
Fix GUI test failures 2020-01-27 21:02:50 -05:00
louib
c8ab3b5f4f Removing QColor (from Qt::Widgets) from core modules. (#4247) 2020-01-26 21:38:43 -05:00
Jonathan White
0d3eb047c7 Prevent crash when all entries are deleted from a group
* Fix #4093 - The first entry in the list is selected after deleting an entry
* Prevents crashes due to dangling pointers held by the Entry Preview Widget when entries were deleted.
* Improve GUI tests to ensure this new behavior occurs.
2020-01-16 10:53:41 -05:00
Jonathan White
7ad330eccb Improve GUI test reliability
* Explicitly resize the window to improve testing on High DPI displays
* Add additional bootstrap calls to mimic the actual application
2020-01-03 18:08:24 -05:00
Jonathan White
f9d2696046 Relax strictness of TOTP Base32 validation
* Fix #3754 - Accept valid TOTP keys that require padding when converted to Base32.
* Allow use of spaces and lower case letters in the TOTP secret key.
2019-11-09 00:53:40 +01:00
Jonathan White
178bea6bbc Fix building without features
* Fix #3684 - Include YubiKey headers in CLI tests 

* Skip building testguibrowser if browser integration is disabled

* Cleanup test CMakeLists
2019-10-29 23:03:39 -04:00
Jonathan White
1e694271a3 Improve Database and CLI tests 2019-10-20 18:56:41 -04:00
varjolintu
f726d7501f Add support for multiple URLs in an entry
* Fixes #398

The new Browser Integration entry settings page has a list view with any additional URL's. These URL's are added to the entry attributes with KP2A_URL_<counter>, which means those are directly compatible with Keepass2Android.
2019-10-16 22:20:57 -04:00
James Ring
b1eda37cca CLI: Add interactive session mode command open
This change adds a GNU Readline-based interactive mode to keepassxc-cli. If GNU Readline is not available, commands are just read from stdin with no editing or auto-complete support.

DatabaseCommand is modified to add the path to the current database to the arguments passed to executeWithDatabase. In this way, instances of DatabaseCommand do not have to prompt to re-open the database after each invocation, and existing command implementations do not have to be changed to support interactive mode.

This change also introduces a new way of handling commands between interactive and batch modes.

* Fixes #3224.
* Ran make format
2019-09-28 11:24:42 -04:00
varjolintu
77be468670 Fix crash when removing custom data 2019-09-07 07:50:08 -04:00
Matthias Drexler
f85642741d Autocomplete usernames based on most frequent in database
* Fixes #3126
* Limit autocompletion to the top ten used usernames
- Load common usernames when database is opened
- Transition from QLineEdit to QComboBox for usernames
- Dropdown menu of the combobox lets user choose a common username
- Common usernames are autocompleted via inline completion
- Common usernames are sorted by frequency (first) and name (second)
2019-06-23 22:22:57 -04:00
Balazs Gyurak
09181fab13 Add group sorting feature
* Enabling sorting of groups and their children in ascending and descending direction
2019-06-18 18:51:38 -04:00
Jonathan White
faf7a2bbb3 Robust processing of tray icon triggers
* Support double click on tray icon to always toggle window to/from tray
* Single click on tray icon will bring window to front if in background, otherwise window is toggled
* Fixes #2956
2019-05-04 16:45:03 -04:00
Jonathan White
4b1258f585 Correct issues with apply button
* Don't show apply button when creating new entries or groups (Fix #2191)
* Don't mark entry/group as dirty when first creating a new one (prevents unnecessary discard dialog on cancel)
* Properly enable/disable apply button when changes are made to entries and groups
* Don't show discard change warning when locking database unless their are actual changes made

NOTE: Extra pages in the group edit widget are not watched for changes yet. Requires a major refactor.
2019-04-07 19:12:45 -04:00
Jonathan White
71e375aff0 Allow copying passwords directly from searching
* Reverts removal of previously implemented feature
* Fix #2630
* Make gui search tests more robust
2019-04-07 19:12:45 -04:00
Weslly
779b529da2 Update checking feature (#2648)
* Check on startup (toggleable setting) and manually
* Option to check for pre-releases (eg, 2.4.0-beta1)
* Only included if WITH_XC_NETWORKING is enabled
2019-01-30 09:11:50 -05:00
Jonathan White
c74664097b
Fix crash when canceling save of new database (#2601)
* Fix crash when canceling save of new database
* Standardize use of DatabaseWidget::save() function
* Close new database tabs that are "discarded"
* Fixes #2604. autoSaveOnExit setting
* Re-implement autosave functionality
2019-01-25 07:20:39 -05:00
JTL
dd5665c656 Multiple macOS fixes and include keepassxc-cli in DMG (#2165)
* Fixes including keepassxc-cli when building KeePassXC dmg on Mac.
resolves #1697
* Fix Qt search path and Properties display on macOS
* Simplify packaging POST_BUILD fixups
* Various fixes to get cli to run on macos
* Correct cli tests on macOS
* Several macOS related GUI test fixes
2018-12-28 18:32:25 -05:00
Kyle Kneitinger
4d4c839afa Customize buttons on MessageBox and confirm before recycling (#2376)
* Add confirmation prompt before moving groups to the recycling bin

Spawn a yes/no QMessage box when "Delete Group" is selected on a group
that is not already in the recycle bin (note: the prompt for deletion
from the recycle bin was already implemented).  This follows the same
pattern and language as entry deletion.

Fixes #2125

* Make prompts for destructive operations use action words on buttons

Replace yes/no, yes/cancel (and other such buttons on prompts that cause
data to be destroyed) use language that indicates the action that it is
going to take. This makes destructive/unsafe and/or irreversible operations
more clear to the user.

Address feedback on PR #2376

* Refactor MessageBox class to allow for custom buttons

Replaces arguments and return values of type QMessageBox::StandardButton(s)
with MessageBox::Button(s), which reimplements the entire set of
QMessageBox::StandardButton and allows for custom KeePassXC buttons,
such as "Skip". Modifies all calls to MessageBox functions to use
MessageBox::Button(s).

Addresses feedback on #2376

* Remove MessageBox::addButton in favor of map lookup

Replaced the switch statement mechanism in MessageBox::addButton with
a map lookup to address CodeFactor Complex Method issue. This has a
side-effect of a small performance/cleanliness increase, as an
extra QPushButton is no longer created/destroyed (to obtain it's label
text) everytime a MessageBox button based on QMessageBox::StandardButton
is created; now the text is obtained once, at application start up.
2018-12-19 23:14:11 -05:00
Gianluca Recchia
fc930bae69
Restore correct formatting
Many lines were not conformant with the project's formatting rules.
This patch should fix all formatting and whitespace issues in the code
base.
A clang-format directive was put around the connect() calls containing
SIGNALs and SLOTs whose signatures would be denormalized because of the
formatting rules.
2018-11-28 18:29:15 -05:00
Jonathan White
d84ba23c81
Correct refactor issues with entry selection and search (#2518)
* Align entryview selection change signals with groupview
* Eliminate redundent and confusing signals/slots
* Correct group selection canceling search
2018-11-28 16:13:56 -05:00
Janek Bevendorff
3c362ac822 Refactor DatabaseOpenWidget/Dialog and Auto-Type Database unlocking.
This patch removes redundant lock widget members of the DatabaseWidget
and consolidates all unlocking functionality into a single
DatabaseOpenWidget (with the exception of KeePass1OpenWidget).
Distinction between different unlock actions is now done via a dedicated
Intent enum class instead of using individual widgets.

Further, the DatabaseUnlockDialog has been generalized so that it is
usable for unlock intents other than just Auto-Type and is now also
used for merging databases which is less confusing to the user.

The KeePassXC main window is no longer a parent of the
DatabaseUnlockDialog and has the Qt::ForeignWindow flag set, which
should cause fewer issues with Auto-Type trying to type into KeePassXC
after unlock instead of the intended target window.

In addition, its instance has been moved into the DatabaseTabWidget
class so that it is no longer bound to individual DatabaseWidgets,
potentially allowing for database selection during Auto-Type. The actual
selection has not yet been implemented, but Auto-Type has been adjusted
to use the currently selected tab instead of the first one as an
intermediary improvement.
2018-11-24 15:51:05 +01:00
Janek Bevendorff
d612cad09a
Refactor Database and Database widgets (#2491)
The Database, DatabaseWidget, and DatabaseTabWidget classes share many responsibilities in inconsistent ways resulting in impenetrable and unmaintainable code and a diverse set of bugs and architecture restrictions. This patch reworks the architecture, responsibilities of, and dependencies between these classes.

The core changes are:

* Move loading and saving logic from widgets into the Database class
* Get rid of the DatabaseManagerStruct and move all the information contained in it into the Database
* Let database objects keep track of modifications and dirty/clean state instead of handing this to external widgets
* Move GUI interactions for loading and saving from the DatabaseTabWidget into the DatabaseWidget (resolves #2494 as a side-effect)
* Heavily clean up DatabaseTabWidget and degrade it to a slightly glorified QTabWidget
* Use QSharedPointers for all Database objects
* Remove the modifiedImmediate signal and replace it with a markAsModified() method
* Implement proper tabName() method instead of reading back titles from GUI widgets (resolves #1389 and its duplicates #2146 #855)
* Fix unwanted AES-KDF downgrade if database uses Argon2 and has CustomData
* Improve code

This patch is also the first major step towards solving issues #476 and #2322.
2018-11-22 11:47:31 +01:00
Jonathan White
880c3aeb34
Add search help pop-up
* Support ! modifier (same as '-')
* Create reusable PopupHelpWidget as self-contained popup that can
be positioned around a parent widget and will follow the movement
and sizing of the window
* Eliminated KEEPASSXC_MAIN_WINDOW macro and replaced with
getMainWindow() function
* Add tests to cover search help show/hide
2018-11-17 09:04:15 -05:00
Jonathan White
4b983251cb
Add advanced search term parser
* Support quoted strings & per-field searching
* Support regex and exact matching
* Simplify search sequence
* Make search widget larger
* Add regex converter to Tools namespace
2018-11-17 08:49:50 -05:00
Jonathan White
ee9c71e11e
Fix multiple issues with entries and keyboard shortcuts (#2431)
* Cleanup entry change notification with entryview focus in/out
* Change Open URL shortcut to CTRL+SHIFT+U to conform with an "action" 
including SHIFT
* Change Copy URL shortcut to CTRL+U to conform with "copy" without SHIFT
* Entry specific toolbar and menu items are disabled unless the entry
row has focus (prevents unintended actions)
* Reword security setting for password visibility in entry edit view
* Add shortcut to hide/unhide usernames (CTRL+SHIFT+B)
* Organize entry menu

* Fix #1588 - show keyboard shortcuts in context menu
* Fix #2403 - Change auto-type shortcut to CTRL + SHIFT + V
* Fix #2096 - Add (CTRL+F) to search bar background
* Fix #2031 & Fix #2266 - add shortcut to hide/unhide passwords (CTRL+SHIFT+C)
* Fix #2166 - Add reveal password button to entry preview
2018-11-16 10:00:59 -05:00
Felix Fontein
a7dd9f19f4 CLI: add commands to show and copy TOTP to clipboard (#2454)
* Add CLI commands show --totp and totp-clip for handling TOTPs, resolves #2429.
* Adding tests for new CLI TOTP commands
* Update keepassxc-cli man page.
2018-11-09 21:58:42 -05:00
Janek Bevendorff
108e4efc8a Fix tests on Windows 2018-10-19 21:49:55 +02:00
Janek Bevendorff
113c8eb702 Add CLI tests and improve coding style and i18n
The CLI module was lacking unit test coverage and showed some severe
coding style violations, which this patch addresses.

In addition, all uses of qCritical() with untranslatble raw char*
sequences were removed in favor of proper locale strings. These are
written to STDERR through QTextStreams and support output
redirection for testing purposes. With this change, error messages don't
depend on the global Qt logging settings and targets anymore and go
directly to the terminal or into a file if needed.

This patch also fixes a bug discovered during unit test development,
where the extract command would just dump the raw XML contents without
decrypting embedded Salsa20-protected values first, making the XML
export mostly useless, since passwords are scrambled.

Lastly, all CLI commands received a dedicated -h/--help option.
2018-10-19 21:49:54 +02:00
Jonathan White
c1e9f45df9 Introduce synchronize merge method
* Create history-based merging that keeps older data in history instead of discarding or deleting it
* Extract merge logic into the Merger class
* Allows special merge behavior
* Improve handling of deletion and changes on groups
* Enable basic change tracking while merging
* Prevent unintended timestamp changes while merging
* Handle differences in timestamp precision
* Introduce comparison operators to allow for more sophisticated comparisons (ignore special properties, ...)
* Introduce Clock class to handle datetime across the app

Merge Strategies:
* Default (use inherited/fallback method)
* Duplicate (duplicate conflicting nodes, apply all deletions)
* KeepLocal (use local values, but apply all deletions)
* KeepRemote (use remote values, but apply all deletions)
* KeepNewer (merge history only)
* Synchronize (merge history, newest value stays on top, apply all deletions)
2018-09-30 09:36:39 -04:00
Janek Bevendorff
e443cde452 Add a new database settings wizard
This patch implements a new database wizard to guide users through the process
of setting up a new database and choosing sane encryption settings.

It also reimplements the master key settings to be more
user-friendly. Users can now add, change, or remove individual composite
key components instead of having to set all components at once. This
avoids confusion about a password being reset if the user only wants to
add a key file.

With these changes comes a major refactor of how database composite keys and key
components are handled. Copying of keys is prohibited and each key
exists only once in memory and is referenced via shared pointers. GUI
components for changing individual keys are encapsulated into separate
classes to be more reusable. The password edit and generator widgets
have also been refactored to be more reusable.
2018-09-25 21:12:47 +02:00
Jonathan White
1dc9f10c7f
Complete refactor of TOTP integration
* Eliminate TOTP logic from GUI elements
* Consolidate TOTP functionality under the Totp namespace
* Eliminate guessing about state and encoders
* Increased test cases
* Add entry view column for TOTP [#2132]
* General code cleanup, reduction of unnecessary steps, separation of concerns
* Rename SetupTotpDialog to TotpSetupDialog for consistency
2018-09-15 12:10:26 -04:00