- Remove duplicate code to load a key (EditEntryWidget & SSHAgent)
- Refactor all key loading and saving to KeeAgentSettings
- Depend only on Entry to allow future CLI expansion
* Fix#4079 - proxy host would get stuck trying to read characters from stdin. Switch to "readsome" which does not block if there are not enough characters to read. Added a longer delay to slow the checking loop down.
* Prefer clearing clipboard by explicitly setting the clipboard to an empty string. Qt's QClipboard::clear() method is unreliable under X11 environment.
* Fixes#4126
* Fix#4093 - The first entry in the list is selected after deleting an entry
* Prevents crashes due to dangling pointers held by the Entry Preview Widget when entries were deleted.
* Improve GUI tests to ensure this new behavior occurs.
It's used extremely rarely, having it in such a prominent position
in the tool bar isn't justified. Also, with the Material Design
icons, its tool bar icon can easily be confused with "create new
entry".
Fixes#475
Use the following to run KeePassXC with the icons from the
source code, ignoring the operating system's Qt icon theme:
```
KEEPASSXC_IGNORE_ICON_THEME=1 keepassxc
```
The patch further adds a script `makeicons.sh` that re-creates KeePassXC
icons from the Material Design icon set and can be used for easily
updating icons in the future. Instructions are in the script.
Fixes#475
The challenge-response key buffer is explicitly cleared
before the key transformation if no such key is configured
to ensure one is never injected into the hash even if the
database had a challenge-response key previously.
This patch also adds extensive tests for verifying that a
key change will not add any expired key material to the hash.
Fixes#4146
* Remove deprecation warnings when not doing a DEV_BUILD. Qt 5.14 introduced several deprecation flags on basic function calls in QList and QSet that would require several #pragma ignores. Assuming this was in preparation to Qt 6.0.
* Remove unnecessary assert in PasswordEditWidget that was hit in macOS debug builds.
- Use proper model for database and session in settings page
- Fix button text (unlock/lock) not changed according to the database locking status
- Fix button icons not present on icon themes other than Breeze
- Fix the disconnect button may got clipped when new session opens
Rename 'k' to 'f' because 'k' is already used to specify the key for the target database of the merge
* Remove short -f option from keepassxc-cli.1
* Remove -f option from keepassxc-cli merge
* Add test cases covering cli options for merge
* Add functional test for merge with keys
This commit reverts #3357.
The previous PR is for the new symbol NSEventMaskKeyDown, which is
introduced in #3347. In #3794, #3347 is reverted, so the workaround
in #3357 is no longer needed. Furthermore, it causes build failures
on 10.11 (#3932) as the header file for type NSEventMask is removed
in #3794, too.
Note that this is not a complete fix. A complete patch can be found
at [1]. In MacPorts, the OS version for building a package is the same
as the OS that installs it, so #ifdef can be used to replace @available.
The latter language feature is not available until Xcode 9.
With the patch mentioned in the previous paragraph, KeePassXC 2.5.1
can be built on Mac OS X 10.9 or newer.
Ref: #2899
[1] de1bb703ad/security/KeePassXC/files/patch-old-mac.diff
This makes most tests run successfully with asan.
The GUI tests still have a bunch of leaks, some from library code, and
some that look real but which I didn't immediately manage to figure out.
* TestOpVaultReader: use QSharedPointer
* Fix#3933 and fix#3857. Interaction with entries and groups is disabled while the database is being reloaded or saved to prevent changes from occurring. Prevent the database from being reloading if an entry or group is currently being edited.
* Fix#3941 - Only notify components when the database file actually changes (determined by checksum). This prevents spurious merge requests when the file is merely touched by another service (e.g., DropBox).
* Fix code format of ElidedLabel.cpp
* Mark the database as clean after fully completing the file save operation INSTEAD of when merely writing the database to a file.
* Stop the modified timer when marking the database as clean, this prevents latent erroneous modified signals from being emitted.
* Do not restart the modified timer after a new change is detected while it is still running.
Adding a new line after the message "Evaluating database entries against HIBP file, this will take a while..." helps
to separate a report and the comment.
Adding a new line after the message "Evaluating database entries against HIBP file, this will take a while..." helps
to separate a report and the comment.
* Fix#3701 - replace QLabel with QTextEdit to enable scrolling of notes
* Notes are plain text. They will remain as plain text and hyperlinks will not be enabled in the notes. Until the notes editor is moved to a rich text / html editor this will remain the case.
* Convert username and password fields in preview pane to QLineEdit's to allow for full copying and viewing if larger than the field width.
* Fix#3688 - hide the sequences column if all of the entry matches return the same sequence. This cleans up redundent data in the Auto-Type selection dialog introduced in 2.5.0.
The transformed secrets were stored in normal QByteArrays,
which are at risk of being swapped out. We now use secure
PasswordKey objects instead. There are still a few areas
where QByteArrays are used for storing secrets, but since
they are all temporary, they are less critical. It may be
worth hunting those down as well, though.
When we lock a database, we reset the database pointer to
free its resources. Since various other widgets besides the
DatabaseWidget hold references to the shared pointer object,
however, it cannot be guaranteed that the actual database
object will be freed right away. This patch adds a releaseData()
method which is called upon database lock to ensure all
residual data is cleared without having to rely on the actual
database object being cleaned up.
* Fix#3754 - Accept valid TOTP keys that require padding when converted to Base32.
* Allow use of spaces and lower case letters in the TOTP secret key.
* Fix#3334 - AutoOpen is now processed after the database widget is put into view mode to prevent infinite recursion of unlock attempts if two databases auto open each other.
* Fix#3735 - Don't focus on OpenDatabaseWidget fields that are not visible; ensures password field is focused after database lock.
* Fix#3487 - Password input is selected after failed unlock.
* Fix#1938 - Password input is focused after toggling visibility using the keyboard
This is just a cosmetic change. On KDE Plasma, the title of the tray icon is set by either the name of the binary, or by calling `setApplicationName()`. So having it properly stylized looks better.
* FdoSecrets: create prompt object only when necessary
* FdoSecrets: negotiationOutput should always return a valid QVariant otherwise QDBus will fail to create a reply, causing timeout in client.
* FdoSecrets: include in debug info
The new unlock dialogue seems to confuse users
as to what the purpose of the key file is. This
patch changes the generic "Select file..." affordance
to the more explicit "Select key file..." and adds
a help button to the label just like the one we
already have for the hardware key. Furthermore,
it prevents the user from using the KDBX file as its
own key file (since that would never work anyway).
The change breaks existing translations on purpose
(instead of simply adjusting the en_US locale)
in order to force translators to update this string
for their languages.
Resolves#3678
This is required to show the keepassxc icon on Wayland windows in a
Plasma Wayland session.
kwin_wayland fetches application icons from .desktop files and it
expects the desktop filename to be set on the QGuiApplication instance.
Without this, kwin sets a generic Wayland icon as fallback.
One some operating systems malloc(3) is not in malloc.h nor in
malloc_np.h, instead it is in stdlib.h.
In addition, not all systems support malloc_usable_size(3). You could
argue it's not safe.
This patch tries to be portable and it fix the build on OpenBSD.
* Fix#3699
Reduce file watch hashing of open database files from every second to every 30 seconds. Additionally, only hash the first 1024 bytes of the database file. This is valid since most of the header and the entire encrypted portion are changed significantly on every save.
* Fix#3550
* Default memory reduced to 64 MiB (from 128 MiB) and parallelism reduced to 2 threads. This allows for desktop and mobile device compatibility.
Resolves#3410.
Additionally, "fix" main window toggling behaviour when
clicking the tray icon while the window is visible, but
not in focus (e.g. hidden by other windows). On platforms
other than Windows, the window is now brought to the front
if it does not already have focus or is toggled otherwise.
Remove obsolete Windows session end handling code.
* Add a missing include in src/core/Alloc.cpp
On Mac OS X 10.11 with Xcode 8.2.1, building fails with
/opt/local/var/macports/build/_opt_bblocal_var_buildworker_ports_build_ports_security_KeePassXC/KeePassXC-devel/work/keepassxc-f726d7501ff7e8a66ae974719042f23010716595/src/core/Alloc.cpp:44:10: error: no type named 'free' in namespace 'std'
std::free(ptr);
~~~~~^
Per [1], std::free() needs #include <cstdlib>. That file is included
indirectly on newer systems.
* Avoid const Signature object in src/keeshare/ShareExport.cpp
After the above issue is resolved, building fails at
/opt/local/var/macports/build/_opt_bblocal_var_buildworker_ports_build_ports_security_KeePassXC/KeePassXC-devel/work/keepassxc-f726d7501ff7e8a66ae974719042f23010716595/src/keeshare/ShareExport.cpp:152:29: error: default initialization of an object of const type 'const Signature' without a user-provided default constructor
const Signature signer;
^
Apparently this is related to C++ defect 253 [2]. From the code,
creating a Signature is not needed as all methods in Signature are
static, so just call the method.
[1] https://en.cppreference.com/w/cpp/memory/c/free
[2] https://stackoverflow.com/a/47368753
if KeePassXC is compiled with WITH_XC_KEESHARE=OFF, the "Share" tab of
the EntryPreviewWidget for groups is removed from the GUI completely.
closes#3619.
this is a fix for an obvious regression. there was some refactoring
going on around here since the 2.4.3 release, and the return value of
ShareExport::intoContainer has since been neglected. with this change
the info banner showing errors/warnings/info/success after exporting a
database tree with KeeShare is shown again.
* Fix#3651
* Correct data loss when the database reloads due to a file change while creating a new entry. The issue occurred due to the "new parent group" pointer being invalid after the database is reloaded following merge.
* Also fix re-selecting entries following database file reload. If the entry was moved out of the current group it would result in an assert hit. This fix prevents recursively looking for the entry.
* Fixes#2813
Added special context menu for entries to move the most-used actions to the top.
Re-ordered actions in the entry menu to be more user friendly.
* Fixes#2118
Enables select entry actions when editing an entry. This allows users to copy the password of the entry, for example.
Note: unsaved changes to the entry will not be copied to the clipboard.
* Fix#3506
* Fix#2389
* Fix#2536
* Fix#2230
Every database that has been opened now watch's it's own file. This allows the database class to manage file changes and detect fail conditions during saving. Additionally, all stakeholders of the database can listen for the database file changed notification and respond accordingly.
Performed significant cleanup of the autoreload code within DatabaseWidget. Fixed several issues with handling changes due to merging, not merging, and other scenarios while reloading.
Prevent database saves to the same file if there are changes on disk that have not been merged with the open database.
Fixes#3365
Add prompt to delete the recycle bin when disabling it. If the user chooses not to delete it, the recycle bin will be suffixed with "(old)" and the icon changed to the default group icon.
Also moved recycle bin creation within the database class where it belongs.
* Fix#3142 - Warn user when entering invalid TOTP secret key.
* Fix#773 - The TOTP dialog now listens for the copy shortcut without having to press the Copy button.
* Add ability to choose hash algorithm from the TOTP setup dialog
* Add upgrade to "otp" attribute when custom attributes are chosen to prevent data loss
Ran make format
* Fix#3351
On macOS, entry specific Auto-Type (Cmd+Shift+V) now raises the last active window before lowering the KeePassXC window. This improves accuracy of the window that is actually typed into.
* Fixes#398
The new Browser Integration entry settings page has a list view with any additional URL's. These URL's are added to the entry attributes with KP2A_URL_<counter>, which means those are directly compatible with Keepass2Android.
* Fix#3609 - Request screen reader permission by faking a 1px screenshot. Thanks to MacPass for this idea.
* Fix#3578 - Remove duplicate sandbox entitlement
* Fix#3270 - Use executable path reference for libquazip
The CLI now contains an "import" command that creates a new database from the specified XML export. The new database is in kdbx 4 format, and does not currently accept a keyfile in database creation.
This change is required to create new databases from XML backups.
Fixes#2458
Added new page "Statistics" to the Database Settings dialog that shows information like number of groups and entries, number of unique and re-used passwords, average password length, etc.
Show warnings for problematic values with explainations for the user in tooltips.
Fixes#2034
Database statistics icon:
Downloaded from: https://www.flaticon.com/authors/freepik
Original source: https://www.flaticon.com/free-icon/bars-chart_265733
* Add test for (unwanted) history timeinfo update when cloning entries.
* Add timeInfo test for clone with rename.
* Fixed modification time update when cloning an entry with renaming.
This change adds support for hyperlinks in the notes field of the EntryPreviewWidget. This is done by enabling the `openExternalLinks` property of `QLabel`, and modifying the value of the content of this field so that links are wrapped
with `<a>` tags.
Links are assumed to use the format: `protocol://path`, since assumptions cannot/shoudn't be made about the specific format of a link. The text of the label uses the modified notes value.
This change adds a GNU Readline-based interactive mode to keepassxc-cli. If GNU Readline is not available, commands are just read from stdin with no editing or auto-complete support.
DatabaseCommand is modified to add the path to the current database to the arguments passed to executeWithDatabase. In this way, instances of DatabaseCommand do not have to prompt to re-open the database after each invocation, and existing command implementations do not have to be changed to support interactive mode.
This change also introduces a new way of handling commands between interactive and batch modes.
* Fixes#3224.
* Ran make format
* Changed `Extract` to `Export` to support additional formats
* Allow database expot as CSV. Added a `--format` option to the `Export` command for that, which defaults to xml, so the current behavior is unchanged.
*The `CsvExporter` had to be refactored a bit, but nothing major. It can
now print to a file or return a string.
Avoids prompting the user for a password if unlocking is likely to fail
due to some problem with the database file (i.e. not found, not a file,
not readable).
Add unit tests.
This allows `t:word` instead of `title:word` and `p:word` instead of `password:word`, and so on. The rule is that an abbreviated name expands to the first field name that starts with it, with exceptions
`u:` expanding to `username:` instead of `url:` and `pw:` expanding to `password:`.
* Fix#3376. Set font for password preview to Font::fixedFont()
* Add a menu entry opening the shortcuts documentation in the browser
* Fixed duplicate item in CLI documentation
Summary of changes:
* Extract function for creating password generator from options into
`Generate` command. This function is now reused in `Add` and `Edit`
commands.
* Updated manpage with missing password generation options.
* Updated manpage with missing longer forms of password generation options.
* Added unit tests for new password generation options in `Add` and
`Edit`.
* Handle case when `-g` and `-p` options are used at the same time.
This PR adds password generation functionalities while reducing
code duplication, but at the cost of 2 small breaking changes:
* The password generation option for `Add` and `Edit` for specifying
password length is now `-L` instead of `-l`, to not clash with the
`-l --lower` option.
* The `-u` shorthand for the `--upper` option has to be removed, to not
clash with the `-u --username` option.
* Add -U variant for uppercase.
* QFileDialog returns UNIX paths, even on Windows. This patch converts what QFileDialog returns to the native path format.
* Improve const correctness
* Avoid imposing file extension on Linux
* This patch improves things like unneeded passes by values, missing const qualifiers, ugly copies because of variable reuse and consistency in variable names.
* Fix#3407
* Read-only files now disable auto-save and show as modified correctly. This allows the GUI to prompt to "save-as" instead of silently discarding changes when the read-only database is locked or closed.
* Add application settings reset button
- Corrects accessibility findings GP.2
* Use icons in addition to color to indicate password mismatch
- Corrects accessibility finding CN.2
* Announce begin/end of list navigation
- Corrects accessibility finding KF.4
* Fixes for keyboard navigation
- Add Ctrl+F10 keyboard shortcut to show group/entry context menus. Fixes#3140
- Improve movement between form fields
* Fix loading system-defined language in translator
- Fixes#3202
- Bypass built-in Qt loading of QLocale for translations. The order of loading languages doesn't consider all file names prior to moving to the next language in the list. This resulted in English being chosen no matter what language is the top priority.
* Improve message box defaults and fix documentation links
* Better support for screen readers
* Add accessible names on form fields
* Prevent changing values during settings widget scrolling
- Add an event filter to combo boxes and spin boxes on the settings page to prevent the mouse wheel from changing the values without having focus
- Add horizontal stretch to the security settings to make the spin boxes more manageable.
* Empty destructors are replaced with default destructors
* A few loop variables made into const references to avoid copies
* Add missing `override` spec for some `Command::execute` methods
* Selecting one or more entries to download icons always forces the download (ie, if a new URL exists the new icon will be downloaded and set)
* Instead of downloading for each entry, the web url's are scraped from the provided entries and only those urls are downloaded. The icon is set for all entries that share a URL. This is useful if a group contains many entries that point to the same url, only 1 download call will occur.
* The icon download dialog displays whether you are doing one entry, many entries, or an entire group. It is also modal so you have to dismiss it to use KeePassXC again.
* Moved DuckDuckGo fallback notice into the download dialog.
This adds support for OnlyKey and requires yubikey-personalization library 1.20.0 or newer. The function yk_open_key_vid_pid was added to yubikey-personalization in version 1.20.0.
This new subcommand checks all passwords in the given database against a given list of SHA-1 password hashes. Such lists are available from the "Have I Been Pwned" project at https://haveibeenpwned.com/Passwords.
Note that this support offline checking only. The HIBP project also provides a web API for checking specific hash ranges; this is not currently supported.
Updating mingw-w64-x86_64-qt5 to version 5.12.4-2 caused EditEntryWidget to fail
building. Fixed that with proper includes. Also ran `make format` which revealed
one file in need of formatting.
* Fixes#3126
* Limit autocompletion to the top ten used usernames
- Load common usernames when database is opened
- Transition from QLineEdit to QComboBox for usernames
- Dropdown menu of the combobox lets user choose a common username
- Common usernames are autocompleted via inline completion
- Common usernames are sorted by frequency (first) and name (second)
* Add notes to General tab
* Combine Attributes and Attachments tabs into Advanced
* Remove extra viewTotpWidget
* Shrink minimum size of preview panel
With this change we get rid of the confusing key component checkboxes.
Now a component is either there or not (if left empty). There is
no redundant distinction between "unset" and "emtpy" anymore.
For compatibility with older databases that have "empty" passwords,
KeePassXC will ask if the user wants to retry with an empty password
if unlocking failed and the password field was left blank.
Besides these functional changes, the widget's layout has been
rearranged to be more compact, less stretched out (e.g. input fields
do not fill the full window width anymore), and more user-friendly
by providing a help tooltip for the hardware key field and accessible
descriptions for screen readers.
* Moved KeeShare Quiet Success message setting to the KeeShare portion of the application settings
* Removed an assert that caused the application to crash in debugging when a share file could not be found
* Corrected database settings security icon
* Unbreak build on FreeBSD
```
In file included from src/core/Alloc.cpp:24:
/usr/include/malloc.h:3:2: error: "<malloc.h> has been replaced by <stdlib.h>"
^
src/core/Alloc.cpp:65:28: error: use of undeclared identifier 'malloc_usable_size'
::operator delete(ptr, malloc_usable_size(ptr));
^
2 errors generated.
```
Non-standard APIs like `malloc_usable_size()` [1] are defined in
`malloc_np.h` on FreeBSD, so use it instead of `malloc.h` there.
[1] https://man.freebsd.org/jemalloc(3)
* Allow Browser HostInstaller to work on FreeBSD and other OS's
* Drop custom GNUInstallDirs cmake module and use cmake's own module
It seems to be an outdated version and cmake generally provides it
itself, so there should be no need for keepassxc to provide its own
custom version.
On FreeBSD this fixes the issue that man pages were installed into
the wrong directory, i.e., `/usr/local/share/man` vs `/usr/local/man`
as per FreeBSD's current packaging policy.
Signed-off-by: Tobias Kortkamp <tobik@FreeBSD.org>
* Replace placeholders in URLs copied from popup menu on the entry preview widget.
* Replace placeholders in URLs opened by double-clicking URL field in the entry table.
* Pass correct entropy amount to keepassxc-browser instead of amount of bits for both password and passphrase.
* Rename json key from "login" to "entropy" (keeping "login" key for backwards compatibility).
* Also make some changes to entropy calculation methods:
- Rename PassphraseGenerator::calculateEntropy to estimateEntropy
- Rename PasswordGenerator::calculateEntropy to estimateEntropy
This change adds a right-click context menu to the
AutoType dialog, which allows the user to copy
either the username or password. The dialog then
automatically closes.
* Add combo menu button to apply an icon to children
- allow more options to apply icons (child groups, child entries)
- extend tests in TestGroup (applying icons for groups/entries only)
- prevent blue folder icon being set for entries (on entry creation only)
* Do not show the combo menu button for entries
* Fixes#925
* Add 'flatten' option to CLI ls command
* Add test for Group::hierarchy() and man page for ls --flatten
* Rename group sort test to align with others
This PR cleans up the `Command` classes in the CLI, introducing a
`DatabaseCommand` class for the commands operating on a database,
and a `getCommandLineParser` command to centralize the arguments
parsing and validation.
The opening of the database based on the CLI arguments and options
is now centralized in `DatabaseCommand.execute`, making it easy to
add new database opening features (like YubiKey support for the CLI).
Also a couple of bugs fixed:
* `Create` was still using `stdout` for some error messages.
* `Diceware` and `Generate` were not validating that the word count was an integer.
* `Diceware` was also using `stdout` for some error messages.
KDE does not take focus from the current active window when the tray
icon is clicked. This prevented toggling the window (always called bringToFront).
Checking if the window is active corrects this issue.
Fixes#3256, fixes#3214.
* Fix remaining issues with menu keyboard navigation
* Entry menu now locks focus on entry when used from menubar
* When using keyboard navigation to select menubar menus,
do not lose focus on selected entry (fixes#3246)
* Enable all entry keyboard shortcuts while in search (fixes#3034)
* When the search text edit has focus, retain selected entry keyboard
shortcuts and button pressing capability
* Fixes#3145
The system tray menu used to have three items (toggle window,
lock database, quit) of which only two had an icon, which
looked strange and unintended. This commit adds an icon for
the "Toggle window" menu item.
* Use a padlock icon for the "Lock DB" tray menu item
Originally, icon `document-encryt.png` was used, however theming seems
to be getting in the way by sometimes displaying a plain "document"
icon instead. Copied the icon files to `database-lock.png` and used
that one for the "lock database" tray menu item instead.
* In Database Settings, use the "security-high" icon for "Security"
Previously, the "document-encrypt" icon was used, which should be
something like a padlock but which, due to theming, somethings
fell back to a generic document icon (page of paper).
The "document-encrypt" icon is no longer used and was removed.
* Fixes#3141
* Clearing the entry edit widget prior to emitting the editFinished signal caused the widget to be marked modified and prevent new entries from being created. Use an explicit boolean to notify commit success.
* Don't clear password generator on canceling a cancel
* Don't discard changes if saving from a cancel produces an error
* Fixes#2692
* KeePassXC was ignoring OS close messages on shutdown or logoff when minimize to tray on close was enabled. This change causes a second close message (when KeePassXC is hidden to the tray) to actually exit the application.
* Fixes#2838
* When navigating the entry context menu with up/down arrow the options would disable due to losing focus on the EntryView. This change preserves the "focus" during this event.
* Fixes#3048
* Certain programs that read/write KDBX4 files do not consolidate duplicate attachments into a single binary. This is against the KDBX4 specification. This change ensures KeePassXC will at least read the database in its entirety and not lose information. Upon saving the database in KeePassXC, the duplicate attachment binaries will be reduced to single binaries per the specification.
* Support importing 1Password vaults (.opvault folders) into KDBX database
* Entry attributes are filled based on section and field name
* Expiration dates are set for entries
* Entry URL's are set from a wider array of fields
* Fix#2427
* Changed the openUrl() function to use a QUrl object, which has the appropriate scheme set.
* Preview widget now passes url handling back to DatabaseWidget
* Store the currently active window right when the global keyboard shortcut is triggered
* Eliminate unnecessary window raise/lower and delays on macOS
* Remove duplicate addition of macutils symbols from mac Auto-Type plugin
* Fix tests to fake trigger a global autotype sequence
This plugin implements the Secret Storage specification version 0.2.
While running KeePassXC, it acts as a Secret Service server, registered
on DBus, so clients like seahorse, python-secretstorage, or other
implementations can connect and access the exposed database in KeePassXC.
Squashed commits:
- Initial code
- Add SessionAdaptor and fix build
- The skeletons for all dbus objects are in place
- Implement collection creation and deletion
- Emit collectionChanged signal
- Implement app-wise settings page
- Implement error message on GUI
- Implement settings
- Fix uuid to dbus path
- Implement app level settings
- Add freedesktop logo
- Implement database settings page
- Change database settings to a treeview
- Move all settings read/write to one place
- Rename SecretServiceOptionsPage to SettingsWidgetFdoSecrets
- Fix selected group can not be saved if the user hasn't click on the item
- Show selected group per database in app settings
- Disable editing of various readonly widgets
- Remove unused warning about non exposed database
- Fix method signature on dbus adaptors
- Fix type derived from DBusObject not recognized as QDBusContext
- Resolve a few TODOs around error handling
- Remove const when passing DBus exposed objects
- Move dismiss to PromptBase
- Implement per collection locking/unlocking
- Fix const correctness on Item::setSecret
- Implement SecretService::getSecrets
- Rework the signal connections around collections.
- Remove generateId from DBusObject
- Per spec, use encoded label as DBus object path for collections
- Fix some corner cases around collection name changes
- Implement alias
- Fix wrong alias dbus path
- Implement encryption per spec
- Cleanup SessionCipher
- Implement searchItems for SecretService
- Use Tools::uuidToHex
- Implement Item attributes and delete
- Implement createItem
- Always check if the database is unlocked before perform any operation
- Add missing ReadAlias/SetAlias on service
- Reorganize and fix OpenSession always returning empty output
- Overhaul error handling
- Make sure default alias is always present
- Remove collection aliases early in doDelete
- Handles all content types, fix setProperties not working
- Fix sometimes there is an extraneous leading zero when converting from MPI
- Fix session encryption negotiation
- Do not expose recycle bin
- Protect against the methods not called from DBus
- Also emit collectionChanged signal when lock state changes
- Show notification when entry secret is requested
- Add a README file
- Actually close session when client disconnects
- Gracefully return alternative label when collection is locked
- Reorganize, rename secretservice to fdosecrets
- Fix issues reported by clazy
- Unify UI strings and fix icon
- Implement a setting to skip confirmation when deleting entries from DBus
- Remove some unused debugging log
- Simply ignore errors when DBus context is not available. QtDBus won't set QDBusContext when deliver property get/set, and there is no way to get a QDBusMessage in property getter/setter.
- Simplify GcryptMPI using std::unique_ptr and add unit test
- Format code in fdosecrets
- Move DBusReturnImpl to details namespace
- Fix crash when locking a database: don't modify exposedGroup setting in customData when database is deleted
- Make sure Collection::searchItems works, whether it's locked or not
- Fix FdoSecrets::Collection becomes empty after a database reload
- Fix crash when looping while modifying the list
* DatabaseTabWidget::newDatabase returns the created DatabaseWidget
* Emit DatabaseTabWidget::databaseOpened signal before a new tab is added
* EntrySearcher can now search attribute values including custom ones
* Add Group::applyGroupIconTo to set the group icon on the supplied entry
* Implement desktop notifications through the system tray icon
* Add DatabaseWidget::deleteEntries to delete a list of entries
* Add Aes128 in SymmetricCipher::algorithmIvSize
* Add DatabaseWidget::databaseReplaced signal
* Add a helper class to override the message box's parent (prevent bugs)
INSTALL.md
* Better organization of CMake options
CMakeLists.txt
* If WITH_XC_NETWORKING is disabled, also disable WITH_XC_UPDATECHECK
* Move KeeShare logic into KeeShare CMakeLists.txt
* Remove WITH_XC_KEESHARE_SECURE build option
* Attempt to find quazip, if found enable WITH_XC_KEESHARE_SECURE and build with secure container support
* Support double click on tray icon to always toggle window to/from tray
* Single click on tray icon will bring window to front if in background, otherwise window is toggled
* Fixes#2956
* Introduce _LAST_MODIFIED custom data entry that stores the last modified datetime of the database's custom data entries
* Merge custom data from source database to target
* Modify tests to be aware of _LAST_MODIFIED entry
Finding libquazip failed on macOS due to path differences.
This patch also cleans up the find module's code, aligns it
with the coding style of the other CMake files and removes
clutter that is not needed for KeePassXC such as non-Msys
builds on Windows.
* Updated utilities to unlock KDBX with OS password manager on macOS and Linux
* Use a static stream on stdin for --pw-stdin otherwise buffer loss eliminates subsequent passwords
* Update INSTALL requirements
Previously, we enforced code page 850 for all console input and output,
which breaks with non-western scripts. Since more recent Windows shells
are able to display Unicode properly, this patch now enforces UTF-8 and
falls back to code page 850 only if UTF-8 is unsupported.
Non-Windows systems default to UTF-8, but can override the codec
by setting the LANG environment variable to something other than C.
Resolves#3049.
To reduce residual fragments of secret data in memory after
deallocation, this patch replaces the global delete operator with a
version that zeros out previously allocated memory. It makes use of
the new C++14 sized deallocation, but provides an unsized fallback
with platform-specific size deductions.
This change is only a minor mitigation and cannot protect against
buffer reallocations by the operating system or non-C++ libraries.
Thus, we still cannot guarantee all memory to be wiped after free.
As a further improvement, this patch uses libgcrypt and libsodium
to write long-lived master key component hashes into a secure
memory area and wipe it afterwards.
The patch also fixes compiler flags not being set properly on macOS.
* Ensure Qt dlls find plugins in bundled directory
* Reduce complexity of deployment code
* Standardize use of CMAKE_BUILD_TYPE_LOWER for more robust comparisons
Fixes#3023. Fixes part of #1535.
This bug impacted unsafe saves. When auto save after every change was enabled, an
unsafe save to a location that has become unavailable (eg, dismounted veracrypt drive),
the database modified signal would continually activate a save action that failed.
This caused an infinite loop.
When auto-save on exit was enabled, the database tab and the application itself refused to
close if saving failed for whatever reason.
The fixes in this commit prevent both of these scenarios from occurring.
Use built-in facilities of Qt to traverse QLocale::uiLanguages() to find a valid "most preferred"
language, but still respect user's choice in the application settings.
Fixes#3030. Fixes#1924.
When selecting another attribute in the advanced tab, do not mark the entry as modified
(nothing was changed). Also do not mark as modified when the notes checkbox is
checked/unchecked (doesn't change entry). Fixes#3013.
This is useful when keepassxc is minimized/hidden to the tray, and all
the plumbing is already in place from the lock icon button in the main
window UI.
In case of a modified group, pressing cancel in the confirmation dialog
of cancel led to discarding the changes instead of returning to the edit widget.
