* Avoids using QDialog which breaks the standalone password generator
Revert "Fix password dialog close button"
This reverts commit 5b47190fcc4b2f51fb11849cef7f53346e8fe439.
This is mostly to ease setup and configuration with sandboxed browsers.
The socket currently existing in `$XDG_RUNTIME_DIR`. When sandboxing a browser, it would be unsafe to mount this directory inside the sandbox.
Mounting the socket into the sandbox's filesystem is also not possible in cases where KeePassXC is [re]started after the browser has started.
This commit moves the socket into its own isolated subdirectory, which can be safely mounted into sandboxes. Sandbox engines can create the directory themselves (in case the browser starts before KeePassXC). Both Flatpak and Firejail support this configuration.
A symlink is also created, linking the previous location to the new location. This is meant for backwards compatibility and should eventually be dropped.
The directory can't be named `org.keepassxc.KeePassXC.BrowserServer`,
since that would collide with the symlink. Instead, the directory has been created to match the format used for Flatpak builds, which make it a bit less of a snowflake build, while following accepted conventions.
Given that the preferred path now matches what Flatpak uses, the block handling Flatpak and non-Flatpak is now the same.
If `$XDG_RUNTIME_DIR` is undefined, the temporary directory is used, though reading the socket from this location is discouraged.
Closes: https://github.com/keepassxreboot/keepassxc/issues/8018
References: https://github.com/keepassxreboot/keepassxc/discussions/6741
* The main window doesn't hide properly during unlock sequence if it is in the background (ie, not minimized and not hidden to tray). This change makes sure the window hides after interaction on all platforms.
Selected the [Botan crypto library](https://github.com/randombit/botan) due to its feature list, maintainer support, availability across all deployment platforms, and ease of use. Also evaluated Crypto++ as a viable candidate, but the additional features of Botan (PKCS#11, TPM, etc) won out.
The random number generator received a backend upgrade. Botan prefers hardware-based RNG's and will provide one if available. This is transparent to KeePassXC and a significant improvement over gcrypt.
Replaced Argon2 library with built-in Botan implementation that supports i, d, and id. This requires Botan 2.11.0 or higher. Also simplified the parameter test across KDF's.
Aligned SymmetricCipher parameters with available modes. All encrypt and decrypt operations are done in-place instead of returning new objects. This allows use of secure vectors in the future with no additional overhead.
Took this opportunity to decouple KeeShare from SSH Agent. Removed leftover code from OpenSSHKey and consolidated the SSH Agent code into the same directory. Removed bcrypt and blowfish inserts since they are provided by Botan.
Additionally simplified KeeShare settings interface by removing raw certificate byte data from the user interface. KeeShare will be further refactored in a future PR.
NOTE: This PR breaks backwards compatibility with KeeShare certificates due to different RSA key storage with Botan. As a result, new "own" certificates will need to be generated and trust re-established.
Removed YKChallengeResponseKeyCLI in favor of just using the original implementation with signal/slots.
Removed TestRandom stub since it was just faking random numbers and not actually using the backend. TestRandomGenerator now uses the actual RNG.
Greatly simplified Secret Service plugin's use of crypto functions with Botan.
Significant improvements to the Auto-Type select dialog. Reduce stale and unnecessary code paths.
* Close select dialog when databases are locked.
* Close open modal dialogs prior to showing the Auto-Type select dialog to prevent interference.
* Never perform Auto-Type on the KeePassXC window.
* Only filter match list based on Group, Title, and Username column data (ie, ignore sequence column)
* Always show the sequence column (revert feature)
* Show selection dialog if there are no matches to allow for a database search
* Close#3630 - Allow typing {USERNAME} and {PASSWORD} from selection dialog (right-click menu).
* Close#429 - Ability to search open databases for an entry from the Auto-Type selection dialog.
* Fix#5361 - Default size of selection dialog doesn't cut off matches
