Commit Graph

52 Commits

Author SHA1 Message Date
Sami Vänttinen
ad773c567d
Fix crash in Group Edit after enabling Browser Integration (#8778)
Fixes https://github.com/keepassxreboot/keepassxc/issues/8775
2022-12-18 22:56:00 -05:00
louib
db98f114f9
[CLI] Add a db-edit command (#8400) 2022-10-05 07:30:15 -04:00
Wolfram Rösler
b1e7c34b82 Add option to display passwords in color in preview panel
Closes #4099

* Fixed bug in Application that did not set the dark theme flag when the theme was changed from dark to light.
2022-10-03 22:03:36 -04:00
Patrick Klein
54f9b25b52
Add XML Export option to GUI. (#8524)
* Add XML Export option to GUI.

* Update database export screenshot.
2022-10-02 23:04:21 -04:00
Jim Heden
33d8b6db62 Add shortcut to copy password with TOTP appended 2022-09-11 11:37:27 -04:00
Jonathan White
dfee59742f Enhance Tags / Saved Searches
* Rename "Database Tags" to "Searches and Tags"
* Separate searching for all entries and resetting the search
* Support selecting multiple tags to search against
* Fix using escaped quotes in search terms
* Make tag searching more precise
* Support `is:expired-#` to search for entries expiring within # days. Exclude recycled entries from expired search.
* Don't list tags from entries that are recycled
* Force hide tag auto-completion menu when tag editing widget is hidden. On rare occasions the focus out signal is not called when the tag view is hidden (entry edit is closed), this resolves that problem.
* Remove spaces from before and after tags to prevent seemingly duplicate tags from being created.
* Also fix some awkward signal/slot dances that were setup over time with the entry view and preview widget.

Allow changing tags for multiple entries through context menu

* Closes #8277 - show context menu with currently available tags in database and checks those that are set on one or more selected entries. When a tag is selected it is either set or unset on all entries depending on its checked state.

* Add ability to save searches and recall them from the "Searches and Tags" view
* Add ability to remove a tag from all entries from the "Searches and Tags" view
* Cleanup tag handling and widgets
2022-09-08 06:46:48 -04:00
louib
15b9e82f93
[CLI] Add Option to show all attributes (Show command) (#8256)
* Adding --all option to Show
2022-08-20 22:38:58 -04:00
Jonathan White
a6d3f973fa Better handling of "Lock on Minimize" setting
* Fix #1090 - delay locking databases after minimize to allow for clipboard use, Auto-Type use, and browser integration use.

* Fix #6757 - prevent setting both minimize on unlock and lock on minimize settings at the same time.
2022-08-01 18:19:45 -04:00
Jonathan White
dab6d9408e Add setting for number of recent files
* Expose setting to limit the number of recent files. Default is still 5, can be set from 1 to 25.
* Also fix tab order on settings page
2022-07-11 06:55:03 -04:00
varjolintu
6cb6f1f007 Browser: Add a new group setting for omitting WWW subdomain when matching URLs 2022-06-12 16:45:54 -04:00
Jonathan White
20a2a96222 Auto-Type: PICKCHARS can specify attribute and ignore BEEP
* Fix #7726 - Ignore BEEP Auto-Type token when it includes spaces and numbers as well
* Close #8103 - Allow specifying specific attribute to use with PICKCHARS. If none specified, it defaults to Password.
2022-06-09 10:05:03 -04:00
Jonathan White
b1f4e12d34 Improve entry preview panel
* Fix #7811 - Notes height no longer truncated
* Fix #7949 - Improve copying attribute value to clipboard in entry preview
* Fix #7898 - Prevent copying url when copy password selected after clicking url in preview pane
* Fix #7982 - Double clicking hidden attributes in preview pane copies the value instead of ●●●●●●
2022-06-06 07:20:15 -04:00
J.M. Dana
a740fe128c Add password strength indicator to PasswordEditWidget
Fixes #7437 (entry edit view only)
Fixes #5220
2022-05-31 07:34:50 -04:00
Jonathan White
656e6161a0 Add tags to history comparison 2022-04-03 13:28:39 -04:00
Jonathan White
48a3fd8e3c Fix detection of hardware keys in keepassxc-cli
* Split calls to finding hardware keys into sync and async methods. This has the side effect of simplifying the code.
* Check for keys before performing challenge/response if no keys have been found previously.
* Correct timeout of user interaction message to interact with the hardware key.
* Correct error in TestCli::testYubiKeyOption
2022-04-03 13:26:12 -04:00
Toni Spets
2b8d670f17 SSH Agent: Fix Windows agent selection, radio buttons 2022-04-02 08:47:00 -04:00
Bernhard Kirchen
aca197a96f
Add 12 hours expiration preset (#7738)
* Add hours precision to TimeDelta

* Add 12 hours expiration preset

Fixes #7369
2022-03-31 07:02:28 -04:00
Aetf
7d3c3b09fb FdoSecrest: allow remember decision for future entries
Also added a reset decision button in session management tab

Fixes #7464

* Fix distorted button in settings page: the default margin in QToolBar is too large for our use case in a table row.
2022-03-21 08:42:17 -04:00
Janek Bevendorff
60f7744ec6 Fix translations 2022-03-20 23:31:52 +01:00
Jonathan White
8a7eb36950 Several fixes for Auto-Type
* On Windows, offer explicit methods to use the virtual keyboard style of typing. This partially reverts 1150b69836 by going back to the standard unicode method by default. However, uses can either add {MODE=VIRTUAL} to their sequence or choose "Use Virtual Keyboard" / CTRL+4 from the selection dialog.

* Took this opportunity to clean up the signature of  AutoType::performAutoType and AutoType::performAutoTypeWithSequence by removing the "hideWindow" attribute.

* Show keyboard shortcuts on the selection dialog context menu

* Fix selection dialog help icon color when in dark theme
2022-03-19 08:23:53 -04:00
Jonathan White
4f0710350f Add support for Windows Hello
* Special thanks to @HexF and @smlu for their contributions towards this feature.

* Add MVP support for Windows Hello as a Quick Unlock solution using the WinRT API. This works by signing a random challenge vector with the Windows Hello protected key store (typically from TPM). The signed challenge is hashed using SHA-256 and then used as the encryption key to encrypt the database credentials. Credentials are encrypted using AES-256/GCM. This ensures the database password can only be decrypted following a successful authentication with Windows Hello in the future.

* Unify Touch ID and Windows Hello behavior under the Quick Unlock branding. Remove all timeout features of Touch ID as they are unnecessary and complicate the feature for no security gain.

* Quick Unlock is automatically reset only when the database key is changed vice whenever database settings are modified.

* Don't set database unlock dialog as always on top. This allows Touch ID and Windows Hello prompts to appear above the dialog properly.

* Prevent quick unlock when using AutoOpen or opening from the command line.
2022-02-22 17:53:50 -05:00
Toni Spets
bfbc0e5ec6 Auto-Type: Allow retyping with automatic relock
If relock after performing Auto-Type is enabled it will wait until
specified timeout before doing so.

Retype time is now configurable and is decreased from the old
hardcoded 30 seconds down to 15 seconds to keep the default a bit
more secure while still allowing the user to set it higher for
their liking.

To restore old behavior the user can set retype time to 0 which
will make the database relock instantly.

Auto-Type relock setting relocated to Auto-Type tab to group it
better with the other Auto-Type settings.
2022-02-20 16:12:16 -05:00
Jonathan White
0701d1d6cd Fix styling of database tag view in main window
* Also allow collapsing the entire left splitter instead of a dedicated option to hide the group view.
2022-02-20 15:37:22 -05:00
Toni Spets
5927821896 Auto-Type: Only match non-empty associations
Previously empty associations matched any window but since you can
use a wildcard (*) if you specifically want that this change makes
it possible to define multiple sequences for the global search
if you need to.

Additionally show empty associations in the list as "(empty)" to
better differentiate between rows if no title is set.
2022-02-08 19:07:00 -05:00
Balazs Gyurak
6897787d8f Show expired entries on DB unlock
* Show banner message about expired entries
* Add config option and expiration offset
* Only show expiry warning on first DB unlock
* Default to on with 3-day offset from expiration
2022-01-31 07:19:45 -05:00
Patrick Klein
bce8c84c26
Remove obsolete read only state from database. (#7324) 2022-01-28 21:26:53 -05:00
oysteins-a
c914c116e4 Fixed typo occurences 2022-01-28 21:25:31 -05:00
Xavier Valls
4a21cee98c Add tags feature
* show the tags in the entry preview
* allow searching by tag
* add a sidebar listing the tags in the database
* filter entries by tag on click
* Introduce a new TagsEdit widget that provides pill aesthetics, fast removal functionality and autocompletion
* add tests for the tags feature
* introduce the "is" tag for searching. Support for weak passwords and expired added.
2022-01-28 16:13:49 -05:00
Sami Vänttinen
cd642e7fee
Add support for Browser statistics (#7197)
Co-authored-by: Jonathan White <support@dmapps.us>
2021-12-30 07:31:06 -05:00
osx user
15d1b2f0ab Show what changed between entry history items
* Also show what is changed on the current state
* Closes #2621
2021-12-22 05:52:54 -05:00
Jonathan White
12990e59ad KeeShare: Remove checking signed container
* Remove QuaZip dependency in favor of minizip
* Remove signature checks, but maintain signatures for backwards compatibility
* Remove UI components related to certificates except for personal certificate for backwards compatibility
* Default to unsigned containers (*.kdbx)
2021-12-14 23:23:23 -05:00
Lorenzo Tucci
c88d8c870f Add lock selected database action on toolbar
Closes #6445

Switch tab when locking a database and move Lock Database actions to the Database section of the toolbar.
2021-12-12 23:40:59 -05:00
Daniel Peshev
456726556d Add url field to download favicon 2021-12-12 12:32:11 -05:00
Geert Ijewski
d16fc2d62a Add db statistic output to CLI db-info command.
Closes #6920
2021-12-08 23:41:05 -05:00
Patrick Klein
a0a063b57f
Add -i/--include option to "generate" CLI command. (#7112) 2021-12-07 23:40:09 -05:00
Patrick Sean Klein
296cbf0df7 Add sorting of HTML export
- Closes #6164
- Implement sorting support in HtmlExporter
- Add ExportDialog class and UI, which allows to configure export options.
2021-11-24 00:12:13 -05:00
Janek Bevendorff
a3dc977e58 Correctly set KDBX envelope version
Shows a warning when trying to open with a newer minor version than what is currently supported.

We always try to save with the lowest KDBX version possible for maximum compatibility.
2021-11-22 12:58:04 +01:00
Janek Bevendorff
70e62d90db Add "Restore Entries" feature 2021-11-22 12:58:04 +01:00
Patrick Klein
84ff6a13f9
Allow specifing database backup paths. (#7035)
- Default backupFilePath is '{DB_FILENAME}.old.kdbx' to conform to existing standards
- Implement backupPathPattern tests.
- Show tooltip on how to format database backup location text field.
2021-11-07 17:41:17 -05:00
Andre Blanke
7d37f65ad0 CLI: Add commands to handle attachments
* Add commands to manipulate entry attachments from the CLI
* Closes #4462

* Add the following commands:
  attachment-export: Exports the content of an attachment to a specified file.

  attachment-import: Imports the attachment into an entry. An existing attachment with the same name may be overwritten if the -f option is specified.

  attachment-rm: Removes the named attachment from an entry.

* Add --show-attachments  to the show command
2021-11-07 17:27:16 -05:00
snipfoo
7811f10dba
Support for wordlists in user configuration directory (#6799)
This commit allows users to put alternative wordlists in a `wordlists` subdirectory below their KeePassXC directory (e.g., under Linux, `~/.config/keepassxc/wordlists`). These wordlists will then appear in the dropdown menu in the *Password Generator* widget.

In order to differentiate between lists shipped with KeePassXC and user-provided lists, the former appears with a (SYSTEM) prefix.
2021-11-04 23:02:33 -04:00
Patrick Sean Klein
20db504c3a Implement "Overwrite attachment" confirmation dialog. 2021-10-24 23:41:57 -04:00
Sami Vänttinen
55f2bd41aa
Modify the KeePassHTTP attribute conversion button text (#7073) 2021-10-24 22:34:30 -04:00
Aetf
a31c5ba006 FdoSecrets: Implement unlock before search
Fixes #6942 and fixes #4443

- Return number of deleted entries
- Fix minor memory leak
- FdoSecrets: make all prompt truly async per spec and update tests
    * the waited signal may already be emitted before calling spy.wait(),
      causing the test to fail. This commit checks the count before waiting.
    * check unlock result after waiting for signal
- FdoSecrets: implement unlockBeforeSearch option
- FdoSecrets: make search always work regardless of entry group searching settings, fixes #6942
- FdoSecrets: cleanup gracefully even if some test failed
- FdoSecrets: make it safe to call prompts concurrently
- FdoSecrets: make sure in unit test we click on the correct dialog

Note on the unit tests: objects are not deleted (due to deleteLater event not handled).
So there may be multiple AccessControlDialog. But only one of
it is visible and is the correctly one to click on.

Before this change, a random one may be clicked on, causing the
completed signal never be sent.
2021-10-16 22:50:04 -04:00
varjolintu
b6716bdfe5 Add Browser Integration to Group Edit page
Closes #1789 and closes #3998
2021-10-11 00:19:06 -04:00
mhmdanas
be6835e42f Cleanup PCSC interface code
Fixes #7025
2021-10-09 14:41:26 -04:00
Jonathan White
f2aa32c7b0 Add direct write save option
* Closes #6335
* Modify application settings presentation to  allow for alternative saving strategies
* Transition Database::save calls to using flags to control saving behavior. Reduces boolean flags on function call.
* Made direct write save option a local setting to prevent unintentional carry over between platforms.
2021-10-09 11:12:25 -04:00
Aetf
60cfba8e46
FdoSecrets: Improve client executable path handling (#6915)
* Fixes #6459 

Improves the overall handling of FdoSecrets showing client executable paths to the user. It does the following:

* Check executable file existence as described in [RFC] fdosecrets: add optional confirmation to secret access (#4733)
* Show application PID and dbus address in the client list
* When the executable file is inaccessible, depending on where the client name is shown:
    * when shown inline, e.g. in notification text, where space is limited, clearly say that the path is invalid
    * when shown in auth dialog, show warning and print detailed info about the client
    * when shown in the client list, draw a warning icon

Co-authored-by: Jonathan White <support@dmapps.us>
2021-10-01 18:22:15 -04:00
Toni Spets
860fcfd78d SSH Agent: Add support for OpenSSH 8.2 FIDO/U2F keys
Closes #4334
2021-10-01 16:25:14 -04:00
Christoph Honal
6d1fc31e96
Implement support for Yubikeys and potential other tokens via wireless NFC using smartcard readers (Rebase) (#6895)
* Support NFC readers for hardware tokens using PC/SC

This requires a new library dependency: PCSC.
The PCSC library provides methods to access smartcards. On Linux, the third-party pcsc-lite package is used. On Windows, the native Windows API (Winscard.dll) is used. On Mac OSX, the native OSX API (framework-PCSC) is used.

* Split hardware key access into multiple classes to handle different methods of communicating with the keys.

* Since the Yubikey can now be a wireless token as well, the verb "plug in" was replaced with a more
generic "interface with". This shall indicate that the user has to present their token to the reader, or plug it in via USB.

* Add PC/SC interface for YubiKey challenge-response

This new interface uses the PC/SC protocol and API
instead of the USB protocol via ykpers. Many YubiKeys expose their functionality as a CCID device, which can be interfaced with using PC/SC. This is especially useful for NFC-only or NFC-capable Yubikeys, when they are used together with a PC/SC compliant NFC reader device.

Although many (not all) Yubikeys expose their CCID functionality over their own USB connection as well, the HMAC-SHA1 functionality is often locked in this mode, as it requires eg. a touch on the gold button. When accessing the CCID functionality wirelessly via NFC (like this code can do using a reader), then the user interaction is to present the key to the reader.

This implementation has been tested on Linux using pcsc-lite, Windows using the native Winscard.dll library, and Mac OSX using the native PCSC-framework library.

* Remove PC/SC ATR whitelist, instead scan for AIDs

Before, a whitelist of ATR codes (answer to reset, hardware-specific)
was used to scan for compatible (Yubi)Keys.
Now, every connected smartcard is scanned for AIDs (applet identifier),
which are known to implement the HMAC-SHA1 protocol.

This enables the support of currently unknown or unreleased hardware.

Co-authored-by: Jonathan White <support@dmapps.us>
2021-10-01 10:39:07 -04:00