Commit Graph

597 Commits

Author SHA1 Message Date
Aetf
f9097c84e9 FdoSecrets: use EntrySearcher's internal search API 2019-11-08 17:37:50 -05:00
Aetf
b96c1e92a3 Expose EntrySearcher's SearchTerm for internal code usage 2019-11-08 17:37:50 -05:00
louib
f4d6b4d13a CLI: do not display protected fields by default. 2019-11-01 22:53:54 -04:00
asapelkin
98badfb4a2 some cppcheck and clang-tidy fixies 2019-11-01 22:53:28 -04:00
Jonathan White
178bea6bbc Fix building without features
* Fix #3684 - Include YubiKey headers in CLI tests 

* Skip building testguibrowser if browser integration is disabled

* Cleanup test CMakeLists
2019-10-29 23:03:39 -04:00
Jonathan White
1e694271a3 Improve Database and CLI tests 2019-10-20 18:56:41 -04:00
Jonathan White
744b4abce8 Move FileWatcher into Database class
* Fix #3506
* Fix #2389
* Fix #2536
* Fix #2230

Every database that has been opened now watch's it's own file. This allows the database class to manage file changes and detect fail conditions during saving. Additionally, all stakeholders of the database can listen for the database file changed notification and respond accordingly.

Performed significant cleanup of the autoreload code within DatabaseWidget. Fixed several issues with handling changes due to merging, not merging, and other scenarios while reloading.

Prevent database saves to the same file if there are changes on disk that have not been merged with the open database.
2019-10-20 18:56:41 -04:00
Mark Hakansson
a876b3b72f Prompt to delete recycle bin when disabling it
Fixes #3365

Add prompt to delete the recycle bin when disabling it. If the user chooses not to delete it, the recycle bin will be suffixed with "(old)" and the icon changed to the default group icon.

Also moved recycle bin creation within the database class where it belongs.
2019-10-20 17:58:15 -04:00
Jonathan White
99a2d66086 Correct issues with TOTP Setup
* Fix #3142 - Warn user when entering invalid TOTP secret key.
* Fix #773 - The TOTP dialog now listens for the copy shortcut without having to press the Copy button.

* Add ability to choose hash algorithm from the TOTP setup dialog
* Add upgrade to "otp" attribute when custom attributes are chosen to prevent data loss

Ran make format
2019-10-20 17:57:51 -04:00
varjolintu
f726d7501f Add support for multiple URLs in an entry
* Fixes #398

The new Browser Integration entry settings page has a list view with any additional URL's. These URL's are added to the entry attributes with KP2A_URL_<counter>, which means those are directly compatible with Keepass2Android.
2019-10-16 22:20:57 -04:00
Jacob Sachs
dbe15d32e5 CLI: Add Import XML command (#3572)
The CLI now contains an "import" command that creates a new database from the specified XML export. The new database is in kdbx 4 format, and does not currently accept a keyfile in database creation.

This change is required to create new databases from XML backups.

Fixes #2458
2019-10-15 22:10:45 -04:00
libklein
058b4da954 Fix entry clone modification time update (#3602)
* Add test for (unwanted) history timeinfo update when cloning entries.
* Add timeInfo test for clone with rename.
* Fixed modification time update when cloning an entry with renaming.
2019-10-05 13:58:00 -04:00
James Ring
b1eda37cca CLI: Add interactive session mode command open
This change adds a GNU Readline-based interactive mode to keepassxc-cli. If GNU Readline is not available, commands are just read from stdin with no editing or auto-complete support.

DatabaseCommand is modified to add the path to the current database to the arguments passed to executeWithDatabase. In this way, instances of DatabaseCommand do not have to prompt to re-open the database after each invocation, and existing command implementations do not have to be changed to support interactive mode.

This change also introduces a new way of handling commands between interactive and batch modes.

* Fixes #3224.
* Ran make format
2019-09-28 11:24:42 -04:00
louib
19f87ca057 CLI: Add group commands 2019-09-22 21:13:50 -04:00
louib
964478e78f CLI: Add Yubikey unlock support 2019-09-22 18:11:40 -04:00
louib
77fcde875e CLI: Export database as CSV
* Changed `Extract` to `Export` to support additional formats
* Allow database expot as CSV.  Added a `--format` option to the `Export` command for that, which defaults to xml, so the current behavior is unchanged.
*The `CsvExporter` had to be refactored a bit, but nothing major. It can
now print to a file or return a string.
2019-09-22 12:42:53 -04:00
James Ring
547c246e88 Additional database file checks in cli/Utils.unlockDatabase
Avoids prompting the user for a password if unlocking is likely to fail
due to some problem with the database file (i.e. not found, not a file,
not readable).

Add unit tests.
2019-09-22 11:19:57 -04:00
louib
c19703c39f Merge custom data only when necessary (#3475) 2019-09-16 14:01:13 -04:00
varjolintu
77be468670 Fix crash when removing custom data 2019-09-07 07:50:08 -04:00
Akinori MUSHA
41131ae48d Allow abbreviation of search field names
This allows `t:word` instead of `title:word` and `p:word` instead of `password:word`, and so on.  The rule is that an abbreviated name expands to the first field name that starts with it, with exceptions
`u:` expanding to `username:` instead of `url:` and `pw:` expanding to `password:`.
2019-09-04 22:31:15 -04:00
louib
eb1882453f CLI password generation options cleanup (#3275)
Summary of changes:
* Extract function for creating password generator from options into
`Generate` command. This function is now reused in `Add` and `Edit`
commands.
* Updated manpage with missing password generation options.
* Updated manpage with missing longer forms of password generation options.
* Added unit tests for new password generation options in `Add` and
`Edit`.
* Handle case when `-g` and `-p` options are used at the same time.

This PR adds password generation functionalities while reducing
code duplication, but at the cost of 2 small breaking changes:
* The password generation option for `Add` and `Edit` for specifying
password length is now `-L` instead of `-l`, to not clash with the
`-l --lower` option.
* The `-u` shorthand for the `--upper` option has to be removed, to not
clash with the `-u --username` option.
* Add -U variant for uppercase.
2019-08-30 22:50:32 -04:00
Jonathan White
0e0cba653f CLI: add 'analyze' subcommand for offline HIBP breach checks
This new subcommand checks all passwords in the given database against a given list of SHA-1 password hashes. Such lists are available from the "Have I Been Pwned" project at https://haveibeenpwned.com/Passwords.

Note that this support offline checking only. The HIBP project also provides a web API for checking specific hash ranges; this is not currently supported.
2019-06-25 15:37:40 -04:00
Matthias Drexler
f85642741d Autocomplete usernames based on most frequent in database
* Fixes #3126
* Limit autocompletion to the top ten used usernames
- Load common usernames when database is opened
- Transition from QLineEdit to QComboBox for usernames
- Dropdown menu of the combobox lets user choose a common username
- Common usernames are autocompleted via inline completion
- Common usernames are sorted by frequency (first) and name (second)
2019-06-23 22:22:57 -04:00
Matthias Drexler
bb8377ae6a Allow setting group icons to children groups/entries (#3273)
* Add combo menu button to apply an icon to children

- allow more options to apply icons (child groups, child entries)
- extend tests in TestGroup (applying icons for groups/entries only)
- prevent blue folder icon being set for entries (on entry creation only)

* Do not show the combo menu button for entries
2019-06-19 10:02:07 -04:00
louib
84eec03cb7 Add CLI --dry-run option for merge (#3254) 2019-06-18 21:45:24 -04:00
Balazs Gyurak
05c11d1b7c CLI: Add 'flatten' option to the 'ls' command (#3276)
* Fixes #925 
* Add 'flatten' option to CLI ls command
* Add test for Group::hierarchy() and man page for ls --flatten
* Rename group sort test to align with others
2019-06-18 20:42:19 -04:00
Jonathan White
1e915eef89 Run code formatter 2019-06-18 18:51:38 -04:00
Balazs Gyurak
09181fab13 Add group sorting feature
* Enabling sorting of groups and their children in ascending and descending direction
2019-06-18 18:51:38 -04:00
louib
04360ed552 CLI Command cleanup
This PR cleans up the `Command` classes in the CLI, introducing a
`DatabaseCommand` class for the commands operating on a database,
and a `getCommandLineParser` command to centralize the arguments
parsing and validation.

The opening of the database based on the CLI arguments and options
is now centralized in `DatabaseCommand.execute`, making it easy to
add new database opening features (like YubiKey support for the CLI).

Also a couple of bugs fixed:
  * `Create` was still using `stdout` for some error messages.
  * `Diceware` and `Generate` were not validating that the word count was an integer.
  * `Diceware` was also using `stdout` for some error messages.
2019-06-14 18:15:38 -04:00
Jonathan White
63aab99b9c
Merge branch 'release/2.4.2' into develop 2019-05-30 17:22:09 -04:00
varjolintu
5341a8215c Browser Integration tests 2019-05-29 09:24:22 -04:00
shaneknysh
7ead8e7290 Add word case option to passphrase generator (#3172)
* Closes #1933
* Adds word case options for lower, UPPER, and Title Case to passphrase generation
2019-05-24 18:23:19 -04:00
Jonathan White
2ee97ed191 Code formatting 2019-05-19 18:21:34 -04:00
Jonathan White
125a81f2ed Implement 1Password Vault Import
* Support importing 1Password vaults (.opvault folders) into KDBX database
* Entry attributes are filled based on section and field name
* Expiration dates are set for entries
* Entry URL's are set from a wider array of fields
2019-05-19 18:21:34 -04:00
Jonathan White
63855346bf Fix global Auto-Type when database locked
* Store the currently active window right when the global keyboard shortcut is triggered
* Eliminate unnecessary window raise/lower and delays on macOS
* Remove duplicate addition of macutils symbols from mac Auto-Type plugin
* Fix tests to fake trigger a global autotype sequence
2019-05-12 12:37:50 -04:00
Aetf
e121f4bc28 Add Freedesktop.org Secret Storage Spec Server Side API (Fix #1403)
This plugin implements the Secret Storage specification version 0.2.
While running KeePassXC, it acts as a Secret Service server, registered
on DBus, so clients like seahorse, python-secretstorage, or other
implementations can connect and access the exposed database in KeePassXC.

Squashed commits:

- Initial code
- Add SessionAdaptor and fix build
- The skeletons for all dbus objects are in place
- Implement collection creation and deletion
- Emit collectionChanged signal
- Implement app-wise settings page
- Implement error message on GUI
- Implement settings
- Fix uuid to dbus path
- Implement app level settings
- Add freedesktop logo
- Implement database settings page
- Change database settings to a treeview
- Move all settings read/write to one place
- Rename SecretServiceOptionsPage to SettingsWidgetFdoSecrets
- Fix selected group can not be saved if the user hasn't click on the item
- Show selected group per database in app settings
- Disable editing of various readonly widgets
- Remove unused warning about non exposed database
- Fix method signature on dbus adaptors
- Fix type derived from DBusObject not recognized as QDBusContext
- Resolve a few TODOs around error handling
- Remove const when passing DBus exposed objects
- Move dismiss to PromptBase
- Implement per collection locking/unlocking
- Fix const correctness on Item::setSecret
- Implement SecretService::getSecrets
- Rework the signal connections around collections.
- Remove generateId from DBusObject
- Per spec, use encoded label as DBus object path for collections
- Fix some corner cases around collection name changes
- Implement alias
- Fix wrong alias dbus path
- Implement encryption per spec
- Cleanup SessionCipher
- Implement searchItems for SecretService
- Use Tools::uuidToHex
- Implement Item attributes and delete
- Implement createItem
- Always check if the database is unlocked before perform any operation
- Add missing ReadAlias/SetAlias on service
- Reorganize and fix OpenSession always returning empty output
- Overhaul error handling
- Make sure default alias is always present
- Remove collection aliases early in doDelete
- Handles all content types, fix setProperties not working
- Fix sometimes there is an extraneous leading zero when converting from MPI
- Fix session encryption negotiation
- Do not expose recycle bin
- Protect against the methods not called from DBus
- Also emit collectionChanged signal when lock state changes
- Show notification when entry secret is requested
- Add a README file
- Actually close session when client disconnects
- Gracefully return alternative label when collection is locked
- Reorganize, rename secretservice to fdosecrets
- Fix issues reported by clazy
- Unify UI strings and fix icon
- Implement a setting to skip confirmation when deleting entries from DBus
- Remove some unused debugging log
- Simply ignore errors when DBus context is not available. QtDBus won't set QDBusContext when deliver property get/set, and there is no way to get a QDBusMessage in property getter/setter.
- Simplify GcryptMPI using std::unique_ptr and add unit test
- Format code in fdosecrets
- Move DBusReturnImpl to details namespace
- Fix crash when locking a database: don't modify exposedGroup setting in customData when database is deleted
- Make sure Collection::searchItems works, whether it's locked or not
- Fix FdoSecrets::Collection becomes empty after a database reload
- Fix crash when looping while modifying the list
2019-05-12 12:35:42 -04:00
Aetf
d93f33f514 Improve existing code prior to implementing FDO Secrets
* DatabaseTabWidget::newDatabase returns the created DatabaseWidget
* Emit DatabaseTabWidget::databaseOpened signal before a new tab is added
* EntrySearcher can now search attribute values including custom ones
* Add Group::applyGroupIconTo to set the group icon on the supplied entry
* Implement desktop notifications through the system tray icon
* Add DatabaseWidget::deleteEntries to delete a list of entries
* Add Aes128 in SymmetricCipher::algorithmIvSize
* Add DatabaseWidget::databaseReplaced signal
* Add a helper class to override the message box's parent (prevent bugs)
2019-05-12 12:35:42 -04:00
Jonathan White
bc891761b6
Merge branch 'release/2.4.2' into develop 2019-05-07 13:00:27 -04:00
Jonathan White
faf7a2bbb3 Robust processing of tray icon triggers
* Support double click on tray icon to always toggle window to/from tray
* Single click on tray icon will bring window to front if in background, otherwise window is toggled
* Fixes #2956
2019-05-04 16:45:03 -04:00
Sami Vänttinen
e4eee897f9 Support Database Custom Data Merging (#3002)
* Introduce _LAST_MODIFIED custom data entry that stores the last modified datetime of the database's custom data entries
* Merge custom data from source database to target
* Modify tests to be aware of _LAST_MODIFIED entry
2019-05-01 18:35:08 -04:00
Bryan Jacobs
04983ce4cd Support for RFC-compliant TOTP hashes #873 #1566
This implements support for SHA-256 and SHA-512 hash algorithms when
generating TOTP codes. These algorithms are specified by RFC6238. The
implementation is compatible with Google's OTP URL format, as well as
with the KeeOTP plugin for KeePass.

The implementation is not wired into the GUI, as the main project
developer expressed strong negative sentiment about adding more
options there. It is possible to configure codes by putting the
appropriate string into the entry's otp property, or using another
program with a less opinionated UI and a compatible on-disk format.
2019-04-15 14:23:26 -04:00
Christian Kieschnick
05bee40f0a Fix duplicate icon add in export
SharedObserver did not check for already added icons add during export
leading to duplicate icons in the target db.
2019-04-12 16:14:23 -04:00
Jonathan White
2ffefc95ae Enhance update checker
* Reduce initial update check notification to 500 ms to prevent inappropriately stealing focus from user
* Add build flag WITH_XC_UPDATECHECK which defaults to ON
* Update checks are resolved every 7 days instead of every time the application is started
* Better checks for beta builds; ignore snapshots
* Increase test cases
2019-04-11 08:52:51 -04:00
Jonathan White
4b1258f585 Correct issues with apply button
* Don't show apply button when creating new entries or groups (Fix #2191)
* Don't mark entry/group as dirty when first creating a new one (prevents unnecessary discard dialog on cancel)
* Properly enable/disable apply button when changes are made to entries and groups
* Don't show discard change warning when locking database unless their are actual changes made

NOTE: Extra pages in the group edit widget are not watched for changes yet. Requires a major refactor.
2019-04-07 19:12:45 -04:00
Jonathan White
71e375aff0 Allow copying passwords directly from searching
* Reverts removal of previously implemented feature
* Fix #2630
* Make gui search tests more robust
2019-04-07 19:12:45 -04:00
Jonathan White
0201fcd400 Improved error messages when opening database
* Reduced wording and confusion
* Streamlined delivery format
* Fix #813
2019-04-07 19:12:45 -04:00
Jonathan White
d6324feafd Fix base64 check missing '/' as valid character
* Issue introduced in 558cb3d
* Corrects loading of legacy KeePass Key Files that included a '/' in their data section. Fix #2863 and Fix #2834
2019-03-25 13:06:03 -04:00
Jonathan White
13a9ac8f57 Adding --no-password option to CLI
I also added tests for the --key-file option, which was
untested.
2019-03-24 09:23:26 -04:00
Jonathan White
fb5faf0ff5
Ran make format 2019-03-19 18:56:17 -04:00
Jonathan White
d0d1b25e5c Updates to EntrySearcher
* Only search custom named attributes
* Search attribute values in addition to keys
* Optimize search process
2019-02-25 18:09:54 -05:00
louib
fa3c959212 Fix quiet option for Merge (CLI) (#2695) 2019-02-15 08:56:29 -05:00
Aetf
e60f4278f7 Fix group signals (#2670)
* Fix group not emitting signals when modified through copyDataFrom
* Fix Group::GroupData equals wrongly compares timeInfo
2019-02-01 17:03:28 -05:00
Sami Vänttinen
891f67a1cd Select group when adding credentials from browser extension (#2637) 2019-01-30 09:48:22 -05:00
Weslly
779b529da2 Update checking feature (#2648)
* Check on startup (toggleable setting) and manually
* Option to check for pre-releases (eg, 2.4.0-beta1)
* Only included if WITH_XC_NETWORKING is enabled
2019-01-30 09:11:50 -05:00
Jonathan White
7e1b16250c Performed project-wide code formatting
* Updated format CMake command to properly
ignore new directories and files
* Added output when command is run
* Resolves #2623
2019-01-28 22:38:59 -05:00
Jonathan White
c74664097b
Fix crash when canceling save of new database (#2601)
* Fix crash when canceling save of new database
* Standardize use of DatabaseWidget::save() function
* Close new database tabs that are "discarded"
* Fixes #2604. autoSaveOnExit setting
* Re-implement autosave functionality
2019-01-25 07:20:39 -05:00
Sami Vänttinen
0da9efdbd4 Fix updating reference passwords from KeePassXC-Browser (#2218)
* Allow updating reference passwords

* Fix function change after refactor
2019-01-21 14:24:57 -05:00
Christian Kieschnick
2bfe66e840 Another attempt to make GCC happy 2019-01-04 12:38:34 +01:00
Christian Kieschnick
51d63f0e83 Fixed GCC issues for const initialization
Fixed issues reported by GCC for initialization of const variables
2019-01-04 12:28:36 +01:00
Christian Kieschnick
b204451d06 More ci issues (missing initialize for const)
Fixed issues detected in TestSharing
2019-01-04 12:11:20 +01:00
Christian Kieschnick
6e25da6a19 Fixed issues detected by test suite and ci
Fixed serialization for KeeShareSettings::ScopedCertificate
Fixed tests for KeeShareSettings serialization
Fixed tests Cli features - tests translation for recycle bin since the
tests are executed with the system locale
Fixed initialization issue in ShareObserver
2019-01-04 12:04:46 +01:00
Christian Kieschnick
3d02013513 Changed KeeShareSettings to explicitly ask
KeeShareSettings now allow to trust, untrust or ask on next import from
a specific publisher with a specific container
2019-01-03 18:22:41 +01:00
Christian Kieschnick
2e18388825 Fixed bug in FileWatcher, improved unsafe sharing
BulkFileWatcher didn't recognize added files in observed directory

Improved UI for unsecured sharing only (hide certificate ui, added
warnings and adjusted indicators)
2019-01-03 17:50:36 +01:00
Christian Kieschnick
d4c391deb2 Splitted KeeShare into secure and insecure parts
KeeShare is now supported in a secure and insecure flavor (set
CMake-Flags accordingly to allow or disallow the corresponding import
and exports)
2019-01-03 10:05:08 +01:00
Jonathan White
21de6f6163
Merge branch 'develop'
Conflicts:
	src/core/Tools.cpp
	src/sshagent/SSHAgent.cpp
2018-12-30 16:32:57 -05:00
JTL
dd5665c656 Multiple macOS fixes and include keepassxc-cli in DMG (#2165)
* Fixes including keepassxc-cli when building KeePassXC dmg on Mac.
resolves #1697
* Fix Qt search path and Properties display on macOS
* Simplify packaging POST_BUILD fixups
* Various fixes to get cli to run on macos
* Correct cli tests on macOS
* Several macOS related GUI test fixes
2018-12-28 18:32:25 -05:00
Jonathan White
b96b86bfa7 Cleanup and replumb back to functional state 2018-12-28 17:54:52 -05:00
Kyle Kneitinger
4d4c839afa Customize buttons on MessageBox and confirm before recycling (#2376)
* Add confirmation prompt before moving groups to the recycling bin

Spawn a yes/no QMessage box when "Delete Group" is selected on a group
that is not already in the recycle bin (note: the prompt for deletion
from the recycle bin was already implemented).  This follows the same
pattern and language as entry deletion.

Fixes #2125

* Make prompts for destructive operations use action words on buttons

Replace yes/no, yes/cancel (and other such buttons on prompts that cause
data to be destroyed) use language that indicates the action that it is
going to take. This makes destructive/unsafe and/or irreversible operations
more clear to the user.

Address feedback on PR #2376

* Refactor MessageBox class to allow for custom buttons

Replaces arguments and return values of type QMessageBox::StandardButton(s)
with MessageBox::Button(s), which reimplements the entire set of
QMessageBox::StandardButton and allows for custom KeePassXC buttons,
such as "Skip". Modifies all calls to MessageBox functions to use
MessageBox::Button(s).

Addresses feedback on #2376

* Remove MessageBox::addButton in favor of map lookup

Replaced the switch statement mechanism in MessageBox::addButton with
a map lookup to address CodeFactor Complex Method issue. This has a
side-effect of a small performance/cleanliness increase, as an
extra QPushButton is no longer created/destroyed (to obtain it's label
text) everytime a MessageBox button based on QMessageBox::StandardButton
is created; now the text is obtained once, at application start up.
2018-12-19 23:14:11 -05:00
louib
8ac9d0a131 Add create command to keepassxc-cli (#2540)
* Add tests for CLI::Create
2018-12-19 23:10:46 -05:00
Jonathan White
9e2be34897
Merge branch 'develop'
Conflicts:
	CMakeLists.txt
	cmake/CLangFormat.cmake
	snapcraft.yaml
	src/CMakeLists.txt
	src/core/Database.cpp
	src/core/Database.h
	src/core/Tools.cpp
	src/crypto/CryptoHash.h
	src/crypto/ssh/ASN1Key.h
	src/crypto/ssh/OpenSSHKey.cpp
	src/format/Kdbx4Reader.cpp
	src/gui/DatabaseTabWidget.cpp
	src/gui/DatabaseTabWidget.h
	src/gui/DatabaseWidget.cpp
	src/gui/DatabaseWidget.h
	src/gui/DetailsWidget.cpp
	src/gui/DetailsWidget.ui
	src/gui/EditWidgetProperties.cpp
	src/gui/EntryPreviewWidget.cpp
	src/gui/EntryPreviewWidget.ui
	src/gui/FileDialog.cpp
	src/gui/dbsettings/DatabaseSettingsDialog.cpp
	src/gui/dbsettings/DatabaseSettingsDialog.h
	src/gui/group/EditGroupWidget.cpp
	src/gui/group/EditGroupWidget.h
	src/sshagent/ASN1Key.h
	src/sshagent/OpenSSHKey.cpp
	src/sshagent/SSHAgent.cpp
	tests/CMakeLists.txt
2018-12-18 22:28:56 -05:00
louib
cb3c4893dc Move unlockDatabase to CLI/Utils (#2539)
Move unlockDatabase from Database to to cli/Utils
2018-12-11 16:49:51 +01:00
Gianluca Recchia
e81841550b
Correct checks for containers' emptiness 2018-11-28 18:29:15 -05:00
Gianluca Recchia
fc930bae69
Restore correct formatting
Many lines were not conformant with the project's formatting rules.
This patch should fix all formatting and whitespace issues in the code
base.
A clang-format directive was put around the connect() calls containing
SIGNALs and SLOTs whose signatures would be denormalized because of the
formatting rules.
2018-11-28 18:29:15 -05:00
Jonathan White
d84ba23c81
Correct refactor issues with entry selection and search (#2518)
* Align entryview selection change signals with groupview
* Eliminate redundent and confusing signals/slots
* Correct group selection canceling search
2018-11-28 16:13:56 -05:00
louib
fff0f11b33 Adding --quiet option to the CLI. (#2507) 2018-11-28 11:24:12 -05:00
Janek Bevendorff
3c362ac822 Refactor DatabaseOpenWidget/Dialog and Auto-Type Database unlocking.
This patch removes redundant lock widget members of the DatabaseWidget
and consolidates all unlocking functionality into a single
DatabaseOpenWidget (with the exception of KeePass1OpenWidget).
Distinction between different unlock actions is now done via a dedicated
Intent enum class instead of using individual widgets.

Further, the DatabaseUnlockDialog has been generalized so that it is
usable for unlock intents other than just Auto-Type and is now also
used for merging databases which is less confusing to the user.

The KeePassXC main window is no longer a parent of the
DatabaseUnlockDialog and has the Qt::ForeignWindow flag set, which
should cause fewer issues with Auto-Type trying to type into KeePassXC
after unlock instead of the intended target window.

In addition, its instance has been moved into the DatabaseTabWidget
class so that it is no longer bound to individual DatabaseWidgets,
potentially allowing for database selection during Auto-Type. The actual
selection has not yet been implemented, but Auto-Type has been adjusted
to use the currently selected tab instead of the first one as an
intermediary improvement.
2018-11-24 15:51:05 +01:00
Janek Bevendorff
d612cad09a
Refactor Database and Database widgets (#2491)
The Database, DatabaseWidget, and DatabaseTabWidget classes share many responsibilities in inconsistent ways resulting in impenetrable and unmaintainable code and a diverse set of bugs and architecture restrictions. This patch reworks the architecture, responsibilities of, and dependencies between these classes.

The core changes are:

* Move loading and saving logic from widgets into the Database class
* Get rid of the DatabaseManagerStruct and move all the information contained in it into the Database
* Let database objects keep track of modifications and dirty/clean state instead of handing this to external widgets
* Move GUI interactions for loading and saving from the DatabaseTabWidget into the DatabaseWidget (resolves #2494 as a side-effect)
* Heavily clean up DatabaseTabWidget and degrade it to a slightly glorified QTabWidget
* Use QSharedPointers for all Database objects
* Remove the modifiedImmediate signal and replace it with a markAsModified() method
* Implement proper tabName() method instead of reading back titles from GUI widgets (resolves #1389 and its duplicates #2146 #855)
* Fix unwanted AES-KDF downgrade if database uses Argon2 and has CustomData
* Improve code

This patch is also the first major step towards solving issues #476 and #2322.
2018-11-22 11:47:31 +01:00
Jonathan White
340076974e
Correct logic error in EntrySearcher and add more tests 2018-11-17 09:55:57 -05:00
Jonathan White
880c3aeb34
Add search help pop-up
* Support ! modifier (same as '-')
* Create reusable PopupHelpWidget as self-contained popup that can
be positioned around a parent widget and will follow the movement
and sizing of the window
* Eliminated KEEPASSXC_MAIN_WINDOW macro and replaced with
getMainWindow() function
* Add tests to cover search help show/hide
2018-11-17 09:04:15 -05:00
Jonathan White
4b983251cb
Add advanced search term parser
* Support quoted strings & per-field searching
* Support regex and exact matching
* Simplify search sequence
* Make search widget larger
* Add regex converter to Tools namespace
2018-11-17 08:49:50 -05:00
Jonathan White
4b57fcb563
Clean up Entry Model/View code 2018-11-17 08:49:47 -05:00
Jonathan White
d8d758f0e1
Streamlined searcher code
* Remove searching of group title and notes
* End search when selecting a new group
* Correct entry searcher tests to align with new code
2018-11-17 08:49:02 -05:00
Jonathan White
ee9c71e11e
Fix multiple issues with entries and keyboard shortcuts (#2431)
* Cleanup entry change notification with entryview focus in/out
* Change Open URL shortcut to CTRL+SHIFT+U to conform with an "action" 
including SHIFT
* Change Copy URL shortcut to CTRL+U to conform with "copy" without SHIFT
* Entry specific toolbar and menu items are disabled unless the entry
row has focus (prevents unintended actions)
* Reword security setting for password visibility in entry edit view
* Add shortcut to hide/unhide usernames (CTRL+SHIFT+B)
* Organize entry menu

* Fix #1588 - show keyboard shortcuts in context menu
* Fix #2403 - Change auto-type shortcut to CTRL + SHIFT + V
* Fix #2096 - Add (CTRL+F) to search bar background
* Fix #2031 & Fix #2266 - add shortcut to hide/unhide passwords (CTRL+SHIFT+C)
* Fix #2166 - Add reveal password button to entry preview
2018-11-16 10:00:59 -05:00
louib
f06742cf41 CLI Merge: Only save database file when modified. (#2466)
* Merge: detect if database was changed.
* Adding unit test.
* Only saving on change.
2018-11-09 21:59:16 -05:00
Felix Fontein
a7dd9f19f4 CLI: add commands to show and copy TOTP to clipboard (#2454)
* Add CLI commands show --totp and totp-clip for handling TOTPs, resolves #2429.
* Adding tests for new CLI TOTP commands
* Update keepassxc-cli man page.
2018-11-09 21:58:42 -05:00
louis
b1d481893e Adding tests for modified signal on merge. 2018-11-09 19:15:15 -05:00
Jonathan White
fa687f246e
Fix issues with group functions (#2410) 2018-10-30 08:42:35 -04:00
Janek Bevendorff
7263dcddfe
Fix stdin/stdout encoding on Windows. (#2425)
QTextStream uses the system default locale, but this breaks in
various situations: (1) It does not work on the native Windows shell
(cmd.exe, Powershell), since the default Windows locale is Windows-1252,
but the shell uses Windows-850. (2) It also breaks on *nix systems where
the locale is Latin1 or C, which is the case for most CI systems or
build servers.

We allow overriding the detected codec by setting the ENCODING_OVERRIDE
environment variable, but otherwise prefer Windows-850 on Windows and
UTF-8 on any other system, even if LANG is set to something else.

This resolves #2413
2018-10-28 19:55:00 +01:00
Janek Bevendorff
77adbef401 Reformat CMakeLists.txt files 2018-10-19 22:16:44 +02:00
Janek Bevendorff
0ca7fd369a Implement review feedback 2018-10-19 22:16:44 +02:00
Janek Bevendorff
bea31f9bcc Rename TestClock to MockClock and move it to the mock directory 2018-10-19 21:49:55 +02:00
Janek Bevendorff
108e4efc8a Fix tests on Windows 2018-10-19 21:49:55 +02:00
Janek Bevendorff
113c8eb702 Add CLI tests and improve coding style and i18n
The CLI module was lacking unit test coverage and showed some severe
coding style violations, which this patch addresses.

In addition, all uses of qCritical() with untranslatble raw char*
sequences were removed in favor of proper locale strings. These are
written to STDERR through QTextStreams and support output
redirection for testing purposes. With this change, error messages don't
depend on the global Qt logging settings and targets anymore and go
directly to the terminal or into a file if needed.

This patch also fixes a bug discovered during unit test development,
where the extract command would just dump the raw XML contents without
decrypting embedded Salsa20-protected values first, making the XML
export mostly useless, since passwords are scrambled.

Lastly, all CLI commands received a dedicated -h/--help option.
2018-10-19 21:49:54 +02:00
Christian Kieschnick
eca9c658f4
Add sharing of groups between databases
* Add source folder keeshare for sharing with corresponding define WITH_XC_KEESHARE
* Move common crypto parts to src/crypto/ssh
* Extended OpenSSHKey
* Move filewatching to own file (currently in two related classes DelayedFileWatcher and BulkFileWatcher)
* Small improvements for style and code in several classes
* Sharing is secured using RSA-Keys which are generated on demand
* Publisher signs the container using their private key
* Client can verify the signed container and choose to decline an import,
import only once or trust the publisher and automatically import all
data of this source henceforth
* Integration of settings into Group-Settings, Database-Settings and Application-Settings
* Introduced dependency QuaZip as dependency to allow combined export of
key container and the (custom format) certificate
2018-10-01 10:39:37 -04:00
Jonathan White
c1e9f45df9 Introduce synchronize merge method
* Create history-based merging that keeps older data in history instead of discarding or deleting it
* Extract merge logic into the Merger class
* Allows special merge behavior
* Improve handling of deletion and changes on groups
* Enable basic change tracking while merging
* Prevent unintended timestamp changes while merging
* Handle differences in timestamp precision
* Introduce comparison operators to allow for more sophisticated comparisons (ignore special properties, ...)
* Introduce Clock class to handle datetime across the app

Merge Strategies:
* Default (use inherited/fallback method)
* Duplicate (duplicate conflicting nodes, apply all deletions)
* KeepLocal (use local values, but apply all deletions)
* KeepRemote (use remote values, but apply all deletions)
* KeepNewer (merge history only)
* Synchronize (merge history, newest value stays on top, apply all deletions)
2018-09-30 09:36:39 -04:00
Weslly
44c9469221 Remove obsolete database repair feature 2018-09-25 21:20:47 -04:00
Janek Bevendorff
e443cde452 Add a new database settings wizard
This patch implements a new database wizard to guide users through the process
of setting up a new database and choosing sane encryption settings.

It also reimplements the master key settings to be more
user-friendly. Users can now add, change, or remove individual composite
key components instead of having to set all components at once. This
avoids confusion about a password being reset if the user only wants to
add a key file.

With these changes comes a major refactor of how database composite keys and key
components are handled. Copying of keys is prohibited and each key
exists only once in memory and is referenced via shared pointers. GUI
components for changing individual keys are encapsulated into separate
classes to be more reusable. The password edit and generator widgets
have also been refactored to be more reusable.
2018-09-25 21:12:47 +02:00
Weslly
f8b997bcf4 Add support for opening file:// urls (#2311)
* Add support for opening file:// urls
* Open file urls without file:// scheme
2018-09-20 23:49:56 -04:00
Jonathan White
1dc9f10c7f
Complete refactor of TOTP integration
* Eliminate TOTP logic from GUI elements
* Consolidate TOTP functionality under the Totp namespace
* Eliminate guessing about state and encoders
* Increased test cases
* Add entry view column for TOTP [#2132]
* General code cleanup, reduction of unnecessary steps, separation of concerns
* Rename SetupTotpDialog to TotpSetupDialog for consistency
2018-09-15 12:10:26 -04:00
Jonathan White
ca27fb06d5
Merge branch 'master'
Conflicts:
	INSTALL.md
	release-tool
	src/browser/BrowserOptionDialog.cpp
	src/browser/BrowserService.cpp
	src/browser/BrowserService.h
	src/browser/NativeMessagingBase.h
	src/browser/NativeMessagingHost.h
	src/core/Uuid.cpp
	src/gui/DatabaseTabWidget.cpp
	src/gui/DatabaseWidget.cpp
	src/gui/EditWidget.cpp
	src/gui/MainWindow.cpp
	src/gui/MainWindow.ui
	src/proxy/NativeMessagingHost.h
	src/sshagent/ASN1Key.cpp
2018-08-24 09:42:38 -04:00