Commit Graph

24 Commits

Author SHA1 Message Date
Janek Bevendorff
38524507d5
Merge branch 'master' into develop 2019-06-12 01:10:25 +02:00
Soham Gumaste
d5e544ab32 Add documentation for keyboard shortcuts (#3215)
* Add docs/KEYBINDS.md which lists all keyboard shortcuts.
* Added a reference in README.md to KEYBINDS.md
* Fixes #3175
2019-06-05 23:23:29 -04:00
Aetf
e121f4bc28 Add Freedesktop.org Secret Storage Spec Server Side API (Fix #1403)
This plugin implements the Secret Storage specification version 0.2.
While running KeePassXC, it acts as a Secret Service server, registered
on DBus, so clients like seahorse, python-secretstorage, or other
implementations can connect and access the exposed database in KeePassXC.

Squashed commits:

- Initial code
- Add SessionAdaptor and fix build
- The skeletons for all dbus objects are in place
- Implement collection creation and deletion
- Emit collectionChanged signal
- Implement app-wise settings page
- Implement error message on GUI
- Implement settings
- Fix uuid to dbus path
- Implement app level settings
- Add freedesktop logo
- Implement database settings page
- Change database settings to a treeview
- Move all settings read/write to one place
- Rename SecretServiceOptionsPage to SettingsWidgetFdoSecrets
- Fix selected group can not be saved if the user hasn't click on the item
- Show selected group per database in app settings
- Disable editing of various readonly widgets
- Remove unused warning about non exposed database
- Fix method signature on dbus adaptors
- Fix type derived from DBusObject not recognized as QDBusContext
- Resolve a few TODOs around error handling
- Remove const when passing DBus exposed objects
- Move dismiss to PromptBase
- Implement per collection locking/unlocking
- Fix const correctness on Item::setSecret
- Implement SecretService::getSecrets
- Rework the signal connections around collections.
- Remove generateId from DBusObject
- Per spec, use encoded label as DBus object path for collections
- Fix some corner cases around collection name changes
- Implement alias
- Fix wrong alias dbus path
- Implement encryption per spec
- Cleanup SessionCipher
- Implement searchItems for SecretService
- Use Tools::uuidToHex
- Implement Item attributes and delete
- Implement createItem
- Always check if the database is unlocked before perform any operation
- Add missing ReadAlias/SetAlias on service
- Reorganize and fix OpenSession always returning empty output
- Overhaul error handling
- Make sure default alias is always present
- Remove collection aliases early in doDelete
- Handles all content types, fix setProperties not working
- Fix sometimes there is an extraneous leading zero when converting from MPI
- Fix session encryption negotiation
- Do not expose recycle bin
- Protect against the methods not called from DBus
- Also emit collectionChanged signal when lock state changes
- Show notification when entry secret is requested
- Add a README file
- Actually close session when client disconnects
- Gracefully return alternative label when collection is locked
- Reorganize, rename secretservice to fdosecrets
- Fix issues reported by clazy
- Unify UI strings and fix icon
- Implement a setting to skip confirmation when deleting entries from DBus
- Remove some unused debugging log
- Simply ignore errors when DBus context is not available. QtDBus won't set QDBusContext when deliver property get/set, and there is no way to get a QDBusMessage in property getter/setter.
- Simplify GcryptMPI using std::unique_ptr and add unit test
- Format code in fdosecrets
- Move DBusReturnImpl to details namespace
- Fix crash when locking a database: don't modify exposedGroup setting in customData when database is deleted
- Make sure Collection::searchItems works, whether it's locked or not
- Fix FdoSecrets::Collection becomes empty after a database reload
- Fix crash when looping while modifying the list
2019-05-12 12:35:42 -04:00
Jonathan White
bc891761b6
Merge branch 'release/2.4.2' into develop 2019-05-07 13:00:27 -04:00
Jonathan White
247b85fe69
Update INSTALL.md and cleanup CMakeLists.txt (#3074)
INSTALL.md
* Better organization of CMake options

CMakeLists.txt
* If WITH_XC_NETWORKING is disabled, also disable WITH_XC_UPDATECHECK
* Move KeeShare logic into KeeShare CMakeLists.txt
* Remove WITH_XC_KEESHARE_SECURE build option
* Attempt to find quazip, if found enable WITH_XC_KEESHARE_SECURE and build with secure container support
2019-05-07 12:56:55 -04:00
Jack Thomasson
1cbd395d71 multiple database with --pw-stdin (#2916)
* Updated utilities to unlock KDBX with OS password manager on macOS and Linux
* Use a static stream on stdin for --pw-stdin otherwise buffer loss eliminates subsequent passwords
* Update INSTALL requirements
2019-04-25 10:37:13 -04:00
Janek Bevendorff
13eb1c0bbd Improve resilience against memory attacks
To reduce residual fragments of secret data in memory after
deallocation, this patch replaces the global delete operator with a
version that zeros out previously allocated memory. It makes use of
the new C++14 sized deallocation, but provides an unsized fallback
with platform-specific size deductions.

This change is only a minor mitigation and cannot protect against
buffer reallocations by the operating system or non-C++ libraries.
Thus, we still cannot guarantee all memory to be wiped after free.

As a further improvement, this patch uses libgcrypt and libsodium
to write long-lived master key component hashes into a secure
memory area and wipe it afterwards.

The patch also fixes compiler flags not being set properly on macOS.
2019-04-21 09:39:28 -04:00
Weslly
779b529da2 Update checking feature (#2648)
* Check on startup (toggleable setting) and manually
* Option to check for pre-releases (eg, 2.4.0-beta1)
* Only included if WITH_XC_NETWORKING is enabled
2019-01-30 09:11:50 -05:00
Jonathan White
a8e266129a
Corrected formatting and cleanup 2019-01-16 22:53:29 -05:00
Jonathan White
66a36b3af1
Add WITH_APP_BUNDLE to INSTALL.md 2018-10-03 10:12:19 -04:00
Christian Kieschnick
28e7540096
Update ci files
* Removed libquazip-headers from trusty ci images
Trusty does not provide libquazip-headers (they are part of
libquazip-dev most likely)
* Bump rebuild counter
2018-10-01 10:51:13 -04:00
Christian Kieschnick
eca9c658f4
Add sharing of groups between databases
* Add source folder keeshare for sharing with corresponding define WITH_XC_KEESHARE
* Move common crypto parts to src/crypto/ssh
* Extended OpenSSHKey
* Move filewatching to own file (currently in two related classes DelayedFileWatcher and BulkFileWatcher)
* Small improvements for style and code in several classes
* Sharing is secured using RSA-Keys which are generated on demand
* Publisher signs the container using their private key
* Client can verify the signed container and choose to decline an import,
import only once or trust the publisher and automatically import all
data of this source henceforth
* Integration of settings into Group-Settings, Database-Settings and Application-Settings
* Introduced dependency QuaZip as dependency to allow combined export of
key container and the (custom format) certificate
2018-10-01 10:39:37 -04:00
mosin
1a9511da29 Update INSTALL.md (#2299)
* add build option for SSH Agent
2018-09-18 22:45:44 -04:00
Jonathan White
ca27fb06d5
Merge branch 'master'
Conflicts:
	INSTALL.md
	release-tool
	src/browser/BrowserOptionDialog.cpp
	src/browser/BrowserService.cpp
	src/browser/BrowserService.h
	src/browser/NativeMessagingBase.h
	src/browser/NativeMessagingHost.h
	src/core/Uuid.cpp
	src/gui/DatabaseTabWidget.cpp
	src/gui/DatabaseWidget.cpp
	src/gui/EditWidget.cpp
	src/gui/MainWindow.cpp
	src/gui/MainWindow.ui
	src/proxy/NativeMessagingHost.h
	src/sshagent/ASN1Key.cpp
2018-08-24 09:42:38 -04:00
Jonathan White
d6cae74176
Release 2.3.4 version bump
* Corrects INSTALL.md build instructions for Windows (#2126)
* Rephrase Qt 5.5.x warning to include on-screen keyboard combo
2018-08-22 11:23:18 -04:00
Jonathan White
410d88bf99
Remove KeePassHttp plugin and qhttp (#1752)
Remove KeePassHttp plugin and qhttp
2018-03-31 11:36:18 -04:00
dinony
7e75d04055 Docs (#1749)
Update build instructions
2018-03-18 01:10:00 +01:00
varjolintu
8ac909b0eb
Multiple browser related fixes 2018-01-20 00:47:26 +01:00
Jonathan White
542ee42313
Add Argon2Kdf and enable parameters in db settings
Note: This implementation is not yet connected to the
database itself and will corrupt existing kdbx3 db's.

* Implemented memory and parallelism parameters for Argon2Kdf
* Using libargon2; libsodium does not support Argon2d algorithm
* Moved basic rounds parameter into Kdf class
* Reimplemented benchmark algorithm; previous was utterly broken
2018-01-13 14:23:30 -05:00
varjolintu
06518c5736 keepassxc-browser 2018-01-04 21:42:20 +01:00
Rich Brown
54d500737a Create docs directory and QUICKSTART.md instructions; editorial pass … (#1227)
Create docs directory and QUICKSTART.md instructions; editorial pass on README and INSTALL
2017-11-26 22:36:46 +01:00
David Sapienza
6608de6cfe Typo fix
"document a the following link" -> "document at the following link"
2017-09-05 10:39:20 +02:00
Avik Sengupta
e4c78f92d4 Fix url to build environment instructions
and format better.
2017-07-10 20:35:07 +01:00
louib
ff6d78244b Updated INSTALL documentation. (#140)
* KeePassCR -> KeePassXC in INSTALL
* Added .md extension to INSTALL.
2017-01-04 18:47:29 -05:00