Commit Graph

281 Commits

Author SHA1 Message Date
Janek Bevendorff
7f262a1210 Move FeatureSummary include to top of CMakeLists.txt
* Fixes 
2019-12-21 17:26:41 -05:00
Jonathan White
d37e71b793 Bump version and update changelog 2019-11-11 11:37:23 -05:00
Rafael Sadowski
38a663163d Check include malloc.h and malloc_usable_size(3)
One some operating systems  malloc(3) is not in malloc.h nor in
malloc_np.h, instead it is in stdlib.h.

In addition, not all systems support malloc_usable_size(3). You could
argue it's not safe.

This patch tries to be portable and it fix the build on OpenBSD.
2019-11-01 22:54:24 -04:00
Wolfram Rösler
b13454eeb4 Compile with Compiler Cache (ccache) if it's installed
Install with `sudo apt install ccache`.

Makes building a huge lot faster, especially when switching branches.
Nothing happens if ccache is not installed.

Example: (measured on my laptop)

```
$ ccache -C # clear the cache
$ rm -fr build
$ cd build
$ cmake -DWITH_XC_ALL=ON -DCMAKE_BUILD_TYPE=Release ..
$ time make -j4
...
real	5m8,817s
user	16m47,107s
sys	1m38,808s

$ rm -fr ../build/*
$ cmake -DWITH_XC_ALL=ON -DCMAKE_BUILD_TYPE=Release ..
$ time make -j4
...
real	0m32,571s
user	1m0,253s
sys	0m24,069s
```
2019-06-09 20:01:12 -04:00
Jonathan White
96438a45b4 Various minor code improvements 2019-05-19 18:21:34 -04:00
Aetf
e121f4bc28 Add Freedesktop.org Secret Storage Spec Server Side API (Fix )
This plugin implements the Secret Storage specification version 0.2.
While running KeePassXC, it acts as a Secret Service server, registered
on DBus, so clients like seahorse, python-secretstorage, or other
implementations can connect and access the exposed database in KeePassXC.

Squashed commits:

- Initial code
- Add SessionAdaptor and fix build
- The skeletons for all dbus objects are in place
- Implement collection creation and deletion
- Emit collectionChanged signal
- Implement app-wise settings page
- Implement error message on GUI
- Implement settings
- Fix uuid to dbus path
- Implement app level settings
- Add freedesktop logo
- Implement database settings page
- Change database settings to a treeview
- Move all settings read/write to one place
- Rename SecretServiceOptionsPage to SettingsWidgetFdoSecrets
- Fix selected group can not be saved if the user hasn't click on the item
- Show selected group per database in app settings
- Disable editing of various readonly widgets
- Remove unused warning about non exposed database
- Fix method signature on dbus adaptors
- Fix type derived from DBusObject not recognized as QDBusContext
- Resolve a few TODOs around error handling
- Remove const when passing DBus exposed objects
- Move dismiss to PromptBase
- Implement per collection locking/unlocking
- Fix const correctness on Item::setSecret
- Implement SecretService::getSecrets
- Rework the signal connections around collections.
- Remove generateId from DBusObject
- Per spec, use encoded label as DBus object path for collections
- Fix some corner cases around collection name changes
- Implement alias
- Fix wrong alias dbus path
- Implement encryption per spec
- Cleanup SessionCipher
- Implement searchItems for SecretService
- Use Tools::uuidToHex
- Implement Item attributes and delete
- Implement createItem
- Always check if the database is unlocked before perform any operation
- Add missing ReadAlias/SetAlias on service
- Reorganize and fix OpenSession always returning empty output
- Overhaul error handling
- Make sure default alias is always present
- Remove collection aliases early in doDelete
- Handles all content types, fix setProperties not working
- Fix sometimes there is an extraneous leading zero when converting from MPI
- Fix session encryption negotiation
- Do not expose recycle bin
- Protect against the methods not called from DBus
- Also emit collectionChanged signal when lock state changes
- Show notification when entry secret is requested
- Add a README file
- Actually close session when client disconnects
- Gracefully return alternative label when collection is locked
- Reorganize, rename secretservice to fdosecrets
- Fix issues reported by clazy
- Unify UI strings and fix icon
- Implement a setting to skip confirmation when deleting entries from DBus
- Remove some unused debugging log
- Simply ignore errors when DBus context is not available. QtDBus won't set QDBusContext when deliver property get/set, and there is no way to get a QDBusMessage in property getter/setter.
- Simplify GcryptMPI using std::unique_ptr and add unit test
- Format code in fdosecrets
- Move DBusReturnImpl to details namespace
- Fix crash when locking a database: don't modify exposedGroup setting in customData when database is deleted
- Make sure Collection::searchItems works, whether it's locked or not
- Fix FdoSecrets::Collection becomes empty after a database reload
- Fix crash when looping while modifying the list
2019-05-12 12:35:42 -04:00
Jonathan White
bc891761b6
Merge branch 'release/2.4.2' into develop 2019-05-07 13:00:27 -04:00
Jonathan White
247b85fe69
Update INSTALL.md and cleanup CMakeLists.txt ()
INSTALL.md
* Better organization of CMake options

CMakeLists.txt
* If WITH_XC_NETWORKING is disabled, also disable WITH_XC_UPDATECHECK
* Move KeeShare logic into KeeShare CMakeLists.txt
* Remove WITH_XC_KEESHARE_SECURE build option
* Attempt to find quazip, if found enable WITH_XC_KEESHARE_SECURE and build with secure container support
2019-05-07 12:56:55 -04:00
Janek Bevendorff
13eb1c0bbd Improve resilience against memory attacks
To reduce residual fragments of secret data in memory after
deallocation, this patch replaces the global delete operator with a
version that zeros out previously allocated memory. It makes use of
the new C++14 sized deallocation, but provides an unsized fallback
with platform-specific size deductions.

This change is only a minor mitigation and cannot protect against
buffer reallocations by the operating system or non-C++ libraries.
Thus, we still cannot guarantee all memory to be wiped after free.

As a further improvement, this patch uses libgcrypt and libsodium
to write long-lived master key component hashes into a secure
memory area and wipe it afterwards.

The patch also fixes compiler flags not being set properly on macOS.
2019-04-21 09:39:28 -04:00
Jonathan White
53796a216e Windows: use winqtdeploy instead of DeplyQt4 from CMake ()
* Ensure Qt dlls find plugins in bundled directory
* Reduce complexity of deployment code
* Standardize use of CMAKE_BUILD_TYPE_LOWER for more robust comparisons

Fixes . Fixes part of .
2019-04-20 18:12:00 +02:00
Jonathan White
a0c84dbd0d
Bump version numbers to 2.4.2 2019-04-16 21:09:42 -04:00
Jonathan White
ba4d68c76e
Bump version numbers to 2.5.0 2019-04-16 21:08:02 -04:00
Jonathan White
0d4318e466
Version bump to 2.4.1 2019-04-12 18:10:39 -04:00
Jonathan White
2ffefc95ae Enhance update checker
* Reduce initial update check notification to 500 ms to prevent inappropriately stealing focus from user
* Add build flag WITH_XC_UPDATECHECK which defaults to ON
* Update checks are resolved every 7 days instead of every time the application is started
* Better checks for beta builds; ignore snapshots
* Increase test cases
2019-04-11 08:52:51 -04:00
Jonathan White
8bc94874a1 Enhance release-tool handling of app signing
* Introduce .gitrev file to tarball generation
* Correct labeling of builds based on supplied parameters to CMake
* Convert supplied key file path to absolute when building under MSYS
* Support OVERRIDE_VERSION to build properly version numbered snapshots
* Do not build tests for any build
2019-04-10 16:12:33 -04:00
Jonathan White
86e5dbda4f
Add Haiku support 2019-03-24 09:32:45 -04:00
Jonathan White
21d1e981ca
Cleanup CMakeFiles prior to release
* Remove Git revision finding code in favor of a simple command call: git rev-parse --short=7 HEAD
* Added GIT_HEAD_OVERRIDE to explicitly define the hash for the current commit in case git is not available 
* Made WIX default over NSIS in release tool 
* Rename version.h to git-info.h
2019-01-30 15:03:03 -05:00
Weslly
779b529da2 Update checking feature ()
* Check on startup (toggleable setting) and manually
* Option to check for pre-releases (eg, 2.4.0-beta1)
* Only included if WITH_XC_NETWORKING is enabled
2019-01-30 09:11:50 -05:00
Jonathan White
d11bb247b3 Simplify CMakeLists 2019-01-10 07:57:13 -07:00
Christian Kieschnick
383b8b77eb Implemented feedback regarding build and ui
Changed build options to use only WITH_XC_KEESHARE and
WITH_XC_KEESHARE_SECURE - WITH_XC_KEESHARE_INSECURE remains as internal
variable to highlight differences (may allow to build schemes later)

Message widget in KeeShare settings for groups is not closeable anymore
2019-01-07 10:38:38 +01:00
Christian Kieschnick
ba604390d2 Fixed ci builds
ubuntu:14.04 does not have quazip5 libraries in the standard repository, therefore only insecure builds are created using the ci server
2019-01-04 11:03:15 +01:00
Christian Kieschnick
080b02e9d5 KeeShare uses only one flag - checks for QuaZip
Changed flag for KeeShare to
* enable insecure sharing in all cases
* enable secure sharing if QuaZip was found
2019-01-04 09:33:00 +01:00
Christian Kieschnick
d4c391deb2 Splitted KeeShare into secure and insecure parts
KeeShare is now supported in a secure and insecure flavor (set
CMake-Flags accordingly to allow or disallow the corresponding import
and exports)
2019-01-03 10:05:08 +01:00
Jonathan White
21de6f6163
Merge branch 'develop'
Conflicts:
	src/core/Tools.cpp
	src/sshagent/SSHAgent.cpp
2018-12-30 16:32:57 -05:00
JTL
dd5665c656 Multiple macOS fixes and include keepassxc-cli in DMG ()
* Fixes including keepassxc-cli when building KeePassXC dmg on Mac.
resolves 
* Fix Qt search path and Properties display on macOS
* Simplify packaging POST_BUILD fixups
* Various fixes to get cli to run on macos
* Correct cli tests on macOS
* Several macOS related GUI test fixes
2018-12-28 18:32:25 -05:00
Jonathan White
9e2be34897
Merge branch 'develop'
Conflicts:
	CMakeLists.txt
	cmake/CLangFormat.cmake
	snapcraft.yaml
	src/CMakeLists.txt
	src/core/Database.cpp
	src/core/Database.h
	src/core/Tools.cpp
	src/crypto/CryptoHash.h
	src/crypto/ssh/ASN1Key.h
	src/crypto/ssh/OpenSSHKey.cpp
	src/format/Kdbx4Reader.cpp
	src/gui/DatabaseTabWidget.cpp
	src/gui/DatabaseTabWidget.h
	src/gui/DatabaseWidget.cpp
	src/gui/DatabaseWidget.h
	src/gui/DetailsWidget.cpp
	src/gui/DetailsWidget.ui
	src/gui/EditWidgetProperties.cpp
	src/gui/EntryPreviewWidget.cpp
	src/gui/EntryPreviewWidget.ui
	src/gui/FileDialog.cpp
	src/gui/dbsettings/DatabaseSettingsDialog.cpp
	src/gui/dbsettings/DatabaseSettingsDialog.h
	src/gui/group/EditGroupWidget.cpp
	src/gui/group/EditGroupWidget.h
	src/sshagent/ASN1Key.h
	src/sshagent/OpenSSHKey.cpp
	src/sshagent/SSHAgent.cpp
	tests/CMakeLists.txt
2018-12-18 22:28:56 -05:00
Janek Bevendorff
77adbef401 Reformat CMakeLists.txt files 2018-10-19 22:16:44 +02:00
Janek Bevendorff
113c8eb702 Add CLI tests and improve coding style and i18n
The CLI module was lacking unit test coverage and showed some severe
coding style violations, which this patch addresses.

In addition, all uses of qCritical() with untranslatble raw char*
sequences were removed in favor of proper locale strings. These are
written to STDERR through QTextStreams and support output
redirection for testing purposes. With this change, error messages don't
depend on the global Qt logging settings and targets anymore and go
directly to the terminal or into a file if needed.

This patch also fixes a bug discovered during unit test development,
where the extract command would just dump the raw XML contents without
decrypting embedded Salsa20-protected values first, making the XML
export mostly useless, since passwords are scrambled.

Lastly, all CLI commands received a dedicated -h/--help option.
2018-10-19 21:49:54 +02:00
Janek Bevendorff
18b22834c1 Update and fix test coverage report generation
Generation of unit test coverage reports used to be quite complicated
and required a lot of different settings, including a custom CMake
build type. This patch updates the coverage CMake module to only
require -DWITH_COVERAGE=ON to be set on a normal Debug build in order
to create a coverage target.

This patch also moves away from lcov in favor of gcovr, since lcov appears
to be broken in GCC 8. However, the routines for generating lcov reports
still exist, so provided lcov receives updates and there is sufficient
reason to switch back, it is easy to do so.
2018-10-19 21:45:53 +02:00
Adolfo E. García
bb16dc6d01 Add QR code generator for TOTP export ()
* Resolves 
* Add libqrencode and qtsvg dependencies 
* Ensure QR code remains square
* Auto-close QR code dialog when database is locked
* Add databaseLocked() Signal to databaseWidget
* Correct otpauth URI output in Totp::writeSettings(...)
2018-10-19 14:42:49 -04:00
Christian Kieschnick
eca9c658f4
Add sharing of groups between databases
* Add source folder keeshare for sharing with corresponding define WITH_XC_KEESHARE
* Move common crypto parts to src/crypto/ssh
* Extended OpenSSHKey
* Move filewatching to own file (currently in two related classes DelayedFileWatcher and BulkFileWatcher)
* Small improvements for style and code in several classes
* Sharing is secured using RSA-Keys which are generated on demand
* Publisher signs the container using their private key
* Client can verify the signed container and choose to decline an import,
import only once or trust the publisher and automatically import all
data of this source henceforth
* Integration of settings into Group-Settings, Database-Settings and Application-Settings
* Introduced dependency QuaZip as dependency to allow combined export of
key container and the (custom format) certificate
2018-10-01 10:39:37 -04:00
Gianluca Recchia
f1a13a1f2b Remove duplicate statement from CMakeLists.txt 2018-09-18 22:50:56 -04:00
Max Kolhagen
d9fcdd2920 Add TouchID support on macOS 2018-09-18 22:42:05 -04:00
Jonathan White
4ce42fa6d4
Bumped version number to 2.4.0-preview 2018-09-16 10:28:39 -04:00
Jonathan White
ca27fb06d5
Merge branch 'master'
Conflicts:
	INSTALL.md
	release-tool
	src/browser/BrowserOptionDialog.cpp
	src/browser/BrowserService.cpp
	src/browser/BrowserService.h
	src/browser/NativeMessagingBase.h
	src/browser/NativeMessagingHost.h
	src/core/Uuid.cpp
	src/gui/DatabaseTabWidget.cpp
	src/gui/DatabaseWidget.cpp
	src/gui/EditWidget.cpp
	src/gui/MainWindow.cpp
	src/gui/MainWindow.ui
	src/proxy/NativeMessagingHost.h
	src/sshagent/ASN1Key.cpp
2018-08-24 09:42:38 -04:00
Jonathan White
d6cae74176
Release 2.3.4 version bump
* Corrects INSTALL.md build instructions for Windows ()
* Rephrase Qt 5.5.x warning to include on-screen keyboard combo
2018-08-22 11:23:18 -04:00
Adolfo E. García
83917299db Add AppVeyor support () 2018-06-10 18:16:30 -04:00
Janek Bevendorff
b02bd59e0c
Merge branch 'master' into develop 2018-05-09 19:25:58 +02:00
Janek Bevendorff
34ed6fdd1c
Bump version to 2.3.3 2018-05-09 19:22:16 +02:00
Jonathan White
4f304aa384 Fix Windows 32-bit building with ASLR 2018-05-09 13:03:55 +02:00
Jonathan White
aae6d09fd3
Merge branch 'master' into develop
Conflicts:
	src/CMakeLists.txt
	src/autotype/xcb/AutoTypeXCB.cpp
	src/browser/BrowserAction.cpp
	src/browser/BrowserService.cpp
	src/browser/BrowserService.h
	src/browser/BrowserSettings.h
	src/browser/NativeMessagingHost.cpp
	src/browser/NativeMessagingHost.h
	src/gui/EditWidgetIcons.cpp
	src/gui/EditWidgetIcons.h
	src/gui/MainWindow.cpp
	src/proxy/NativeMessagingHost.cpp
	tests/TestOpenSSHKey.cpp
2018-05-07 23:24:30 -04:00
Jonathan White
3b7e63a773
Bump version number to 2.3.2 & fix Win build 2018-05-07 23:17:32 -04:00
Louis-Bertrand Varin
07bc9a7b4b Add ClangFormat rules 2018-03-31 12:15:09 -04:00
Jonathan White
410d88bf99
Remove KeePassHttp plugin and qhttp ()
Remove KeePassHttp plugin and qhttp
2018-03-31 11:36:18 -04:00
Jonathan White
4a207f079b Enable high entropy ASLR for Windows builds 2018-03-17 12:13:47 -04:00
Janek Bevendorff
642daa641b
Bump version to 2.3.1 and update CHANGELOG 2018-03-06 22:54:01 +01:00
Janek Bevendorff
d3a80513a7 Fix GCC 8 memset warning and set -Werror only for debug builds, resolves 2018-03-04 21:18:13 +01:00
thez3ro
923d24b448
release build when checking out a git-tag 2018-03-01 14:47:16 +01:00
Janek Bevendorff
e231774b05 Don't hardcode HINTS to macdeployqt 2018-02-27 20:11:03 +01:00
Janek Bevendorff
a06a1f84e0 Don't hardcode install_name_tool change path, resolves 2018-02-26 00:55:06 +01:00
Janek Bevendorff
3089894d20 Allow KeePassXC version overrides from file in addition to Git tags 2018-02-23 00:59:45 +01:00
Janek Bevendorff
924d472de5 Add support for pre-releases 2018-02-18 10:20:34 +01:00
Jonathan White
d911987787 Ensure yubikey libs are dynamic; bump to c99 2018-02-01 21:40:47 +01:00
Jonathan White
d8649f7a60 Check for tag to automatically determine release build 2018-01-30 21:21:24 +01:00
Jonathan White
3e2443a861 Add support for nightly builds to release tool 2018-01-30 21:21:23 +01:00
Janek Bevendorff
f520a0f272
Deprecate KeePassHTTP and introduce WITH_XC_NETWORKING CMake option 2018-01-19 20:40:54 +01:00
Jonathan White
542ee42313
Add Argon2Kdf and enable parameters in db settings
Note: This implementation is not yet connected to the
database itself and will corrupt existing kdbx3 db's.

* Implemented memory and parallelism parameters for Argon2Kdf
* Using libargon2; libsodium does not support Argon2d algorithm
* Moved basic rounds parameter into Kdf class
* Reimplemented benchmark algorithm; previous was utterly broken
2018-01-13 14:23:30 -05:00
angelsl
6a0d05e1ef
Add support for various algorithms for kdbx4
* Add SHA512 support to CryptoHash
* Add ChaCha20 support
* Add HMAC support
* Add new HmacBlockStream, used in KDBX 4
* Add support for ChaCha20 protected stream
2018-01-13 14:23:26 -05:00
varjolintu
06518c5736 keepassxc-browser 2018-01-04 21:42:20 +01:00
thez3ro
506057d202
undefine FORTIFY_SOURCE before trying to define it. In case it's already defined by the distro 2018-01-03 20:19:23 +01:00
Orivej Desh
f6a48f2672
Fix use of cmake_minimum_required
cmake_minimum_required() must be used before project(), otherwise it has no effect on internal cmake code that runs when project() is invoked. In particular CMP0025 does not default to NEW and CMake does not detect Clang features on Darwin, which is necessary to compile the project with the upstream (non Apple) compiler.
2017-12-20 08:25:55 +00:00
Janek Bevendorff
57845851c0
Merge branch 'master' into develop 2017-12-13 19:00:04 +01:00
Janek Bevendorff
8c682c80ce
Bump version to 2.2.4 2017-12-13 18:55:54 +01:00
Jonathan White
28ad6ed552 Merge branch 'master' into develop 2017-12-11 21:10:25 -05:00
Jonathan White
228843b010
Version bump to 2.2.3 and changelog 2017-12-11 20:59:41 -05:00
Janek Bevendorff
d35f3fc573 Treat warning as errors 2017-11-27 20:57:55 +01:00
Toni Spets
4840c2c64f SSH agent support 2017-11-19 14:38:59 +02:00
Janek Bevendorff
d4343a5e42
Merge branch 'master' into develop 2017-10-22 00:30:37 +02:00
Janek Bevendorff
880a8da68a
Bump version to 2.2.2 and update changelog 2017-10-22 00:27:26 +02:00
Adolfo E. García
fdc7471a7b Make QtMacExtras optional 2017-10-21 10:12:28 -06:00
Adolfo E. García
7198f20d69 Improve building of macOS target 2017-10-21 10:12:28 -06:00
Adolfo E. García
de065c728f Enable option WITH_ASAN for macOS builds 2017-10-21 10:12:28 -06:00
Adolfo E. García
2fa3f5072d Simplify the ZLIB version check 2017-10-21 10:12:28 -06:00
Janek Bevendorff
8592f7e672 Merge branch 'release/2.2.2' into develop 2017-10-19 21:45:49 +02:00
Janek Bevendorff
ec8c99c3b2 Fix remaining uses of KEEPASSXC_SNAP_BUILD 2017-10-19 15:52:46 +02:00
Janek Bevendorff
bae9dbc407 Add distribution information to debug info screen 2017-10-19 15:52:46 +02:00
Janek Bevendorff
ab21f718ba Merge branch 'release/2.2.2' into develop 2017-10-12 14:10:20 +02:00
Weslly
8a8eecbe8b Fix macOS man path 2017-10-06 00:15:23 -03:00
Jonathan White
91d746c5c0 Corrected issues with desktop and tray icons in snap build 2017-10-03 15:43:52 -04:00
Jonathan White
7d3c18e1fb
Version number bump 2017-10-01 10:58:00 -04:00
Yen Chi Hsuan
ea1554915b 🐛 Use correct ZLib include path
Fixes 
2017-08-17 11:09:37 +08:00
Janek Bevendorff
35e86efbce
Require CMake 3.1.0 and update Dockerfile 2017-06-26 16:41:16 +02:00
Jonathan White
a3020b6787
Bumped version to 2.2.0 and populated CHANGELOG 2017-06-20 23:14:44 -04:00
thez3ro
a53b111182
Update and fix copyright headers 2017-06-14 15:54:43 +02:00
TheZ3ro
adf61d9878 Merge branch 'develop' into single-instance 2017-05-27 09:18:13 +02:00
Yen Chi Hsuan
3822625e77 Allow disabling .app bundles on Mac 2017-05-14 22:51:12 +08:00
VukoDrakkeinen
d1310b3337 Raise existing instance
Closes 
2017-05-09 14:06:45 +02:00
Jonathan White
5c8809e55d
Update cmake files, fixes 2017-05-06 11:51:43 -04:00
Jonathan White
af4f56abfd Support vscode 2017-05-05 20:20:27 -04:00
seatedscribe
73b0188126
Substitute deprecated commands with feature_summary 2017-04-10 22:05:53 +02:00
Jonathan White
4cd461f57a
Disable DEP and ASLR for Debug builds. This allows for debugging with GDB. 2017-04-09 18:52:54 -04:00
Jonathan White
3de4395d5e
Merge remote-tracking branch 'origin/master' into develop 2017-04-09 10:28:15 -04:00
Jonathan White
918db68c52
Bumped version to 2.1.4, updated CHANGELOG 2017-04-09 09:54:55 -04:00
Louis-Bertrand Varin
e1e8f33f67 Install path on Mac. 2017-03-16 10:09:50 -04:00
Louis-Bertrand Varin
992d8a90c7 Migrate entropy-meter to keepassxc-cli 2017-03-16 10:09:50 -04:00
Janek Bevendorff
8b04040d7e
Add WITH_ASAN option to README 2017-03-16 00:20:38 +01:00
Janek Bevendorff
9608464ed1
Show error message when trying to use WITH_ASAN on Windows or OS X 2017-03-15 15:23:55 +01:00
Janek Bevendorff
2587bac300
Enable ASAN option in Travis build 2017-03-15 15:23:52 +01:00
Janek Bevendorff
504bd40263
Prevent massive end-of-process leak sanitizer dump 2017-03-15 15:23:50 +01:00
Janek Bevendorff
65d4a0a8cd
Add ASAN option to CMake 2017-03-15 15:23:44 +01:00