Commit Graph

554 Commits

Author SHA1 Message Date
varjolintu
c0796d8fb1 Add option to use entry only for HTTP Basic Auth 2019-12-21 17:28:27 -05:00
Carlo Teubner
c70ebe6dce Fix memory leaks (mostly) in tests (#3922)
This makes most tests run successfully with asan.

The GUI tests still have a bunch of leaks, some from library code, and
some that look real but which I didn't immediately manage to figure out.

* TestOpVaultReader: use QSharedPointer
2019-12-21 09:25:17 -05:00
varjolintu
c0f29cc790 Show UI warning for invalid URLs 2019-12-21 09:22:16 -05:00
Balazs Gyurak
c0b1c9e106 Run code formatter 2019-11-23 10:07:39 -05:00
varjolintu
e2c95f75f1 Fix subdomain matching 2019-11-23 07:53:09 -05:00
varjolintu
3d0964bce9 Fix URL matching 2019-11-10 08:43:10 -05:00
Jonathan White
f9d2696046 Relax strictness of TOTP Base32 validation
* Fix #3754 - Accept valid TOTP keys that require padding when converted to Base32.
* Allow use of spaces and lower case letters in the TOTP secret key.
2019-11-09 00:53:40 +01:00
Aetf
f9097c84e9 FdoSecrets: use EntrySearcher's internal search API 2019-11-08 17:37:50 -05:00
Aetf
b96c1e92a3 Expose EntrySearcher's SearchTerm for internal code usage 2019-11-08 17:37:50 -05:00
louib
f4d6b4d13a CLI: do not display protected fields by default. 2019-11-01 22:53:54 -04:00
asapelkin
98badfb4a2 some cppcheck and clang-tidy fixies 2019-11-01 22:53:28 -04:00
Jonathan White
178bea6bbc Fix building without features
* Fix #3684 - Include YubiKey headers in CLI tests 

* Skip building testguibrowser if browser integration is disabled

* Cleanup test CMakeLists
2019-10-29 23:03:39 -04:00
Jonathan White
1e694271a3 Improve Database and CLI tests 2019-10-20 18:56:41 -04:00
Jonathan White
744b4abce8 Move FileWatcher into Database class
* Fix #3506
* Fix #2389
* Fix #2536
* Fix #2230

Every database that has been opened now watch's it's own file. This allows the database class to manage file changes and detect fail conditions during saving. Additionally, all stakeholders of the database can listen for the database file changed notification and respond accordingly.

Performed significant cleanup of the autoreload code within DatabaseWidget. Fixed several issues with handling changes due to merging, not merging, and other scenarios while reloading.

Prevent database saves to the same file if there are changes on disk that have not been merged with the open database.
2019-10-20 18:56:41 -04:00
Mark Hakansson
a876b3b72f Prompt to delete recycle bin when disabling it
Fixes #3365

Add prompt to delete the recycle bin when disabling it. If the user chooses not to delete it, the recycle bin will be suffixed with "(old)" and the icon changed to the default group icon.

Also moved recycle bin creation within the database class where it belongs.
2019-10-20 17:58:15 -04:00
Jonathan White
99a2d66086 Correct issues with TOTP Setup
* Fix #3142 - Warn user when entering invalid TOTP secret key.
* Fix #773 - The TOTP dialog now listens for the copy shortcut without having to press the Copy button.

* Add ability to choose hash algorithm from the TOTP setup dialog
* Add upgrade to "otp" attribute when custom attributes are chosen to prevent data loss

Ran make format
2019-10-20 17:57:51 -04:00
varjolintu
f726d7501f Add support for multiple URLs in an entry
* Fixes #398

The new Browser Integration entry settings page has a list view with any additional URL's. These URL's are added to the entry attributes with KP2A_URL_<counter>, which means those are directly compatible with Keepass2Android.
2019-10-16 22:20:57 -04:00
Jacob Sachs
dbe15d32e5 CLI: Add Import XML command (#3572)
The CLI now contains an "import" command that creates a new database from the specified XML export. The new database is in kdbx 4 format, and does not currently accept a keyfile in database creation.

This change is required to create new databases from XML backups.

Fixes #2458
2019-10-15 22:10:45 -04:00
libklein
058b4da954 Fix entry clone modification time update (#3602)
* Add test for (unwanted) history timeinfo update when cloning entries.
* Add timeInfo test for clone with rename.
* Fixed modification time update when cloning an entry with renaming.
2019-10-05 13:58:00 -04:00
James Ring
b1eda37cca CLI: Add interactive session mode command open
This change adds a GNU Readline-based interactive mode to keepassxc-cli. If GNU Readline is not available, commands are just read from stdin with no editing or auto-complete support.

DatabaseCommand is modified to add the path to the current database to the arguments passed to executeWithDatabase. In this way, instances of DatabaseCommand do not have to prompt to re-open the database after each invocation, and existing command implementations do not have to be changed to support interactive mode.

This change also introduces a new way of handling commands between interactive and batch modes.

* Fixes #3224.
* Ran make format
2019-09-28 11:24:42 -04:00
louib
19f87ca057 CLI: Add group commands 2019-09-22 21:13:50 -04:00
louib
964478e78f CLI: Add Yubikey unlock support 2019-09-22 18:11:40 -04:00
louib
77fcde875e CLI: Export database as CSV
* Changed `Extract` to `Export` to support additional formats
* Allow database expot as CSV.  Added a `--format` option to the `Export` command for that, which defaults to xml, so the current behavior is unchanged.
*The `CsvExporter` had to be refactored a bit, but nothing major. It can
now print to a file or return a string.
2019-09-22 12:42:53 -04:00
James Ring
547c246e88 Additional database file checks in cli/Utils.unlockDatabase
Avoids prompting the user for a password if unlocking is likely to fail
due to some problem with the database file (i.e. not found, not a file,
not readable).

Add unit tests.
2019-09-22 11:19:57 -04:00
louib
c19703c39f Merge custom data only when necessary (#3475) 2019-09-16 14:01:13 -04:00
varjolintu
77be468670 Fix crash when removing custom data 2019-09-07 07:50:08 -04:00
Akinori MUSHA
41131ae48d Allow abbreviation of search field names
This allows `t:word` instead of `title:word` and `p:word` instead of `password:word`, and so on.  The rule is that an abbreviated name expands to the first field name that starts with it, with exceptions
`u:` expanding to `username:` instead of `url:` and `pw:` expanding to `password:`.
2019-09-04 22:31:15 -04:00
louib
eb1882453f CLI password generation options cleanup (#3275)
Summary of changes:
* Extract function for creating password generator from options into
`Generate` command. This function is now reused in `Add` and `Edit`
commands.
* Updated manpage with missing password generation options.
* Updated manpage with missing longer forms of password generation options.
* Added unit tests for new password generation options in `Add` and
`Edit`.
* Handle case when `-g` and `-p` options are used at the same time.

This PR adds password generation functionalities while reducing
code duplication, but at the cost of 2 small breaking changes:
* The password generation option for `Add` and `Edit` for specifying
password length is now `-L` instead of `-l`, to not clash with the
`-l --lower` option.
* The `-u` shorthand for the `--upper` option has to be removed, to not
clash with the `-u --username` option.
* Add -U variant for uppercase.
2019-08-30 22:50:32 -04:00
Jonathan White
0e0cba653f CLI: add 'analyze' subcommand for offline HIBP breach checks
This new subcommand checks all passwords in the given database against a given list of SHA-1 password hashes. Such lists are available from the "Have I Been Pwned" project at https://haveibeenpwned.com/Passwords.

Note that this support offline checking only. The HIBP project also provides a web API for checking specific hash ranges; this is not currently supported.
2019-06-25 15:37:40 -04:00
Matthias Drexler
f85642741d Autocomplete usernames based on most frequent in database
* Fixes #3126
* Limit autocompletion to the top ten used usernames
- Load common usernames when database is opened
- Transition from QLineEdit to QComboBox for usernames
- Dropdown menu of the combobox lets user choose a common username
- Common usernames are autocompleted via inline completion
- Common usernames are sorted by frequency (first) and name (second)
2019-06-23 22:22:57 -04:00
Matthias Drexler
bb8377ae6a Allow setting group icons to children groups/entries (#3273)
* Add combo menu button to apply an icon to children

- allow more options to apply icons (child groups, child entries)
- extend tests in TestGroup (applying icons for groups/entries only)
- prevent blue folder icon being set for entries (on entry creation only)

* Do not show the combo menu button for entries
2019-06-19 10:02:07 -04:00
louib
84eec03cb7 Add CLI --dry-run option for merge (#3254) 2019-06-18 21:45:24 -04:00
Balazs Gyurak
05c11d1b7c CLI: Add 'flatten' option to the 'ls' command (#3276)
* Fixes #925 
* Add 'flatten' option to CLI ls command
* Add test for Group::hierarchy() and man page for ls --flatten
* Rename group sort test to align with others
2019-06-18 20:42:19 -04:00
Jonathan White
1e915eef89 Run code formatter 2019-06-18 18:51:38 -04:00
Balazs Gyurak
09181fab13 Add group sorting feature
* Enabling sorting of groups and their children in ascending and descending direction
2019-06-18 18:51:38 -04:00
louib
04360ed552 CLI Command cleanup
This PR cleans up the `Command` classes in the CLI, introducing a
`DatabaseCommand` class for the commands operating on a database,
and a `getCommandLineParser` command to centralize the arguments
parsing and validation.

The opening of the database based on the CLI arguments and options
is now centralized in `DatabaseCommand.execute`, making it easy to
add new database opening features (like YubiKey support for the CLI).

Also a couple of bugs fixed:
  * `Create` was still using `stdout` for some error messages.
  * `Diceware` and `Generate` were not validating that the word count was an integer.
  * `Diceware` was also using `stdout` for some error messages.
2019-06-14 18:15:38 -04:00
Jonathan White
63aab99b9c
Merge branch 'release/2.4.2' into develop 2019-05-30 17:22:09 -04:00
varjolintu
5341a8215c Browser Integration tests 2019-05-29 09:24:22 -04:00
shaneknysh
7ead8e7290 Add word case option to passphrase generator (#3172)
* Closes #1933
* Adds word case options for lower, UPPER, and Title Case to passphrase generation
2019-05-24 18:23:19 -04:00
Jonathan White
2ee97ed191 Code formatting 2019-05-19 18:21:34 -04:00
Jonathan White
125a81f2ed Implement 1Password Vault Import
* Support importing 1Password vaults (.opvault folders) into KDBX database
* Entry attributes are filled based on section and field name
* Expiration dates are set for entries
* Entry URL's are set from a wider array of fields
2019-05-19 18:21:34 -04:00
Jonathan White
63855346bf Fix global Auto-Type when database locked
* Store the currently active window right when the global keyboard shortcut is triggered
* Eliminate unnecessary window raise/lower and delays on macOS
* Remove duplicate addition of macutils symbols from mac Auto-Type plugin
* Fix tests to fake trigger a global autotype sequence
2019-05-12 12:37:50 -04:00
Aetf
e121f4bc28 Add Freedesktop.org Secret Storage Spec Server Side API (Fix #1403)
This plugin implements the Secret Storage specification version 0.2.
While running KeePassXC, it acts as a Secret Service server, registered
on DBus, so clients like seahorse, python-secretstorage, or other
implementations can connect and access the exposed database in KeePassXC.

Squashed commits:

- Initial code
- Add SessionAdaptor and fix build
- The skeletons for all dbus objects are in place
- Implement collection creation and deletion
- Emit collectionChanged signal
- Implement app-wise settings page
- Implement error message on GUI
- Implement settings
- Fix uuid to dbus path
- Implement app level settings
- Add freedesktop logo
- Implement database settings page
- Change database settings to a treeview
- Move all settings read/write to one place
- Rename SecretServiceOptionsPage to SettingsWidgetFdoSecrets
- Fix selected group can not be saved if the user hasn't click on the item
- Show selected group per database in app settings
- Disable editing of various readonly widgets
- Remove unused warning about non exposed database
- Fix method signature on dbus adaptors
- Fix type derived from DBusObject not recognized as QDBusContext
- Resolve a few TODOs around error handling
- Remove const when passing DBus exposed objects
- Move dismiss to PromptBase
- Implement per collection locking/unlocking
- Fix const correctness on Item::setSecret
- Implement SecretService::getSecrets
- Rework the signal connections around collections.
- Remove generateId from DBusObject
- Per spec, use encoded label as DBus object path for collections
- Fix some corner cases around collection name changes
- Implement alias
- Fix wrong alias dbus path
- Implement encryption per spec
- Cleanup SessionCipher
- Implement searchItems for SecretService
- Use Tools::uuidToHex
- Implement Item attributes and delete
- Implement createItem
- Always check if the database is unlocked before perform any operation
- Add missing ReadAlias/SetAlias on service
- Reorganize and fix OpenSession always returning empty output
- Overhaul error handling
- Make sure default alias is always present
- Remove collection aliases early in doDelete
- Handles all content types, fix setProperties not working
- Fix sometimes there is an extraneous leading zero when converting from MPI
- Fix session encryption negotiation
- Do not expose recycle bin
- Protect against the methods not called from DBus
- Also emit collectionChanged signal when lock state changes
- Show notification when entry secret is requested
- Add a README file
- Actually close session when client disconnects
- Gracefully return alternative label when collection is locked
- Reorganize, rename secretservice to fdosecrets
- Fix issues reported by clazy
- Unify UI strings and fix icon
- Implement a setting to skip confirmation when deleting entries from DBus
- Remove some unused debugging log
- Simply ignore errors when DBus context is not available. QtDBus won't set QDBusContext when deliver property get/set, and there is no way to get a QDBusMessage in property getter/setter.
- Simplify GcryptMPI using std::unique_ptr and add unit test
- Format code in fdosecrets
- Move DBusReturnImpl to details namespace
- Fix crash when locking a database: don't modify exposedGroup setting in customData when database is deleted
- Make sure Collection::searchItems works, whether it's locked or not
- Fix FdoSecrets::Collection becomes empty after a database reload
- Fix crash when looping while modifying the list
2019-05-12 12:35:42 -04:00
Aetf
d93f33f514 Improve existing code prior to implementing FDO Secrets
* DatabaseTabWidget::newDatabase returns the created DatabaseWidget
* Emit DatabaseTabWidget::databaseOpened signal before a new tab is added
* EntrySearcher can now search attribute values including custom ones
* Add Group::applyGroupIconTo to set the group icon on the supplied entry
* Implement desktop notifications through the system tray icon
* Add DatabaseWidget::deleteEntries to delete a list of entries
* Add Aes128 in SymmetricCipher::algorithmIvSize
* Add DatabaseWidget::databaseReplaced signal
* Add a helper class to override the message box's parent (prevent bugs)
2019-05-12 12:35:42 -04:00
Jonathan White
bc891761b6
Merge branch 'release/2.4.2' into develop 2019-05-07 13:00:27 -04:00
Jonathan White
faf7a2bbb3 Robust processing of tray icon triggers
* Support double click on tray icon to always toggle window to/from tray
* Single click on tray icon will bring window to front if in background, otherwise window is toggled
* Fixes #2956
2019-05-04 16:45:03 -04:00
Sami Vänttinen
e4eee897f9 Support Database Custom Data Merging (#3002)
* Introduce _LAST_MODIFIED custom data entry that stores the last modified datetime of the database's custom data entries
* Merge custom data from source database to target
* Modify tests to be aware of _LAST_MODIFIED entry
2019-05-01 18:35:08 -04:00
Bryan Jacobs
04983ce4cd Support for RFC-compliant TOTP hashes #873 #1566
This implements support for SHA-256 and SHA-512 hash algorithms when
generating TOTP codes. These algorithms are specified by RFC6238. The
implementation is compatible with Google's OTP URL format, as well as
with the KeeOTP plugin for KeePass.

The implementation is not wired into the GUI, as the main project
developer expressed strong negative sentiment about adding more
options there. It is possible to configure codes by putting the
appropriate string into the entry's otp property, or using another
program with a less opinionated UI and a compatible on-disk format.
2019-04-15 14:23:26 -04:00
Christian Kieschnick
05bee40f0a Fix duplicate icon add in export
SharedObserver did not check for already added icons add during export
leading to duplicate icons in the target db.
2019-04-12 16:14:23 -04:00
Jonathan White
2ffefc95ae Enhance update checker
* Reduce initial update check notification to 500 ms to prevent inappropriately stealing focus from user
* Add build flag WITH_XC_UPDATECHECK which defaults to ON
* Update checks are resolved every 7 days instead of every time the application is started
* Better checks for beta builds; ignore snapshots
* Increase test cases
2019-04-11 08:52:51 -04:00