mirror of
https://github.com/keepassxreboot/keepassxc.git
synced 2025-01-14 08:50:08 -05:00
6d1fc31e96
* Support NFC readers for hardware tokens using PC/SC This requires a new library dependency: PCSC. The PCSC library provides methods to access smartcards. On Linux, the third-party pcsc-lite package is used. On Windows, the native Windows API (Winscard.dll) is used. On Mac OSX, the native OSX API (framework-PCSC) is used. * Split hardware key access into multiple classes to handle different methods of communicating with the keys. * Since the Yubikey can now be a wireless token as well, the verb "plug in" was replaced with a more generic "interface with". This shall indicate that the user has to present their token to the reader, or plug it in via USB. * Add PC/SC interface for YubiKey challenge-response This new interface uses the PC/SC protocol and API instead of the USB protocol via ykpers. Many YubiKeys expose their functionality as a CCID device, which can be interfaced with using PC/SC. This is especially useful for NFC-only or NFC-capable Yubikeys, when they are used together with a PC/SC compliant NFC reader device. Although many (not all) Yubikeys expose their CCID functionality over their own USB connection as well, the HMAC-SHA1 functionality is often locked in this mode, as it requires eg. a touch on the gold button. When accessing the CCID functionality wirelessly via NFC (like this code can do using a reader), then the user interaction is to present the key to the reader. This implementation has been tested on Linux using pcsc-lite, Windows using the native Winscard.dll library, and Mac OSX using the native PCSC-framework library. * Remove PC/SC ATR whitelist, instead scan for AIDs Before, a whitelist of ATR codes (answer to reset, hardware-specific) was used to scan for compatible (Yubi)Keys. Now, every connected smartcard is scanned for AIDs (applet identifier), which are known to implement the HMAC-SHA1 protocol. This enables the support of currently unknown or unreleased hardware. Co-authored-by: Jonathan White <support@dmapps.us>
168 lines
6.4 KiB
Markdown
168 lines
6.4 KiB
Markdown
Build and Install KeePassXC
|
|
=================
|
|
|
|
This document will guide you through the steps to build and install KeePassXC from source.
|
|
For more information, see also the [_Building KeePassXC_](https://github.com/keepassxreboot/keepassxc/wiki/Building-KeePassXC) page on the wiki.
|
|
|
|
The [QuickStart Guide](https://keepassxc.org/docs/KeePassXC_GettingStarted.html) gets you started using KeePassXC on your Windows, macOS, or Linux computer using pre-compiled binaries from the [downloads page](https://keepassxc.org/download).
|
|
|
|
Build Dependencies
|
|
==================
|
|
|
|
The following tools must exist within your PATH:
|
|
|
|
* make
|
|
* cmake (>= 3.3.0)
|
|
* g++ (>= 4.7) or clang++ (>= 6.0)
|
|
* asciidoctor
|
|
|
|
The following libraries are required:
|
|
|
|
* Qt 5 (>= 5.9.5): qtbase5, qtbase5-private, libqt5svg5, qttools5, qt5-image-formats-plugins
|
|
* botan (>= 2.12)
|
|
* zlib
|
|
* minizip
|
|
* readline (for completion in cli)
|
|
* libqt5x11extras5, libxi, and libxtst (for auto-type on X11)
|
|
* qrencode
|
|
* libusb-1.0, pcsclite (optional to support YubiKey on Linux)
|
|
|
|
Prepare the Building Environment
|
|
================================
|
|
|
|
* [Building Environment on Linux](https://github.com/keepassxreboot/keepassxc/wiki/Set-up-Build-Environment-on-Linux)
|
|
* [Building Environment on Windows](https://github.com/keepassxreboot/keepassxc/wiki/Set-up-Build-Environment-on-Windows)
|
|
* [Building Environment on MacOS](https://github.com/keepassxreboot/keepassxc/wiki/Set-up-Build-Environment-on-macOS)
|
|
|
|
Build Steps
|
|
===========
|
|
We recommend using the release tool to perform builds, please read up-to-date instructions [on our wiki](https://github.com/keepassxreboot/keepassxc/wiki/Building-KeePassXC#building-using-the-release-tool).
|
|
|
|
To compile from source, open a **Terminal (on Linux/MacOS)** or a **MSYS2-MinGW shell (on Windows)**<br/>
|
|
**Note:** on Windows you can also use MSVC to build natively, we recommend Visual Studio 2019
|
|
|
|
First, download the KeePassXC [source tarball](https://keepassxc.org/download#source)
|
|
or check out the latest version from our [Git repository](https://github.com/keepassxreboot/keepassxc).
|
|
|
|
To clone the project from Git, `cd` to a suitable location and run
|
|
|
|
```bash
|
|
git clone https://github.com/keepassxreboot/keepassxc.git
|
|
```
|
|
|
|
This will clone the entire contents of the repository and check out the current `develop` branch.
|
|
|
|
To update the project from within the project's folder, you can run the following command:
|
|
|
|
```bash
|
|
git pull
|
|
```
|
|
|
|
For a stable build, it is recommended to checkout the master branch.
|
|
|
|
```bash
|
|
git checkout master
|
|
```
|
|
|
|
NOTE: See the [Windows Build Instructions](https://github.com/keepassxreboot/keepassxc/wiki/Building-KeePassXC#windows) for building with MSVC.
|
|
|
|
Navigate to the directory where you have downloaded KeePassXC and type these commands:
|
|
|
|
```
|
|
mkdir build
|
|
cd build
|
|
cmake -DWITH_XC_ALL=ON ..
|
|
make
|
|
```
|
|
|
|
NOTE: If you are using MSYS2, you may have to add ```-G "MSYS Makefiles"``` to the beginning of the cmake command.
|
|
|
|
These steps place the compiled KeePassXC binary inside the `./build/src/` directory.
|
|
(Note the cmake notes/options below.)
|
|
|
|
**Cmake Notes:**
|
|
|
|
* Common cmake parameters
|
|
|
|
```
|
|
-DCMAKE_INSTALL_PREFIX=/usr/local
|
|
-DCMAKE_VERBOSE_MAKEFILE=ON
|
|
-DCMAKE_BUILD_TYPE=<RelWithDebInfo/Debug/Release>
|
|
-DWITH_GUI_TESTS=ON
|
|
```
|
|
|
|
* cmake accepts the following options:
|
|
|
|
```
|
|
-DWITH_XC_AUTOTYPE=[ON|OFF] Enable/Disable Auto-Type (default: ON)
|
|
-DWITH_XC_YUBIKEY=[ON|OFF] Enable/Disable YubiKey HMAC-SHA1 authentication support (default: OFF)
|
|
-DWITH_XC_BROWSER=[ON|OFF] Enable/Disable KeePassXC-Browser extension support (default: OFF)
|
|
-DWITH_XC_NETWORKING=[ON|OFF] Enable/Disable Networking support (e.g., favicon downloading) (default: OFF)
|
|
-DWITH_XC_SSHAGENT=[ON|OFF] Enable/Disable SSHAgent support (default: OFF)
|
|
-DWITH_XC_TOUCHID=[ON|OFF] (macOS Only) Enable/Disable Touch ID unlock (default:OFF)
|
|
-DWITH_XC_FDOSECRETS=[ON|OFF] (Linux Only) Enable/Disable Freedesktop.org Secrets Service support (default:OFF)
|
|
-DWITH_XC_KEESHARE=[ON|OFF] Enable/Disable KeeShare group synchronization extension (default: OFF)
|
|
-DWITH_XC_KEESHARE_SECURE=[ON|OFF] Enable/Disable KeeShare signed containers, requires libquazip5 (default: OFF)
|
|
-DWITH_XC_ALL=[ON|OFF] Enable/Disable compiling all plugins above (default: OFF)
|
|
|
|
-DWITH_XC_UPDATECHECK=[ON|OFF] Enable/Disable automatic updating checking (requires WITH_XC_NETWORKING) (default: ON)
|
|
|
|
-DWITH_TESTS=[ON|OFF] Enable/Disable building of unit tests (default: ON)
|
|
-DWITH_GUI_TESTS=[ON|OFF] Enable/Disable building of GUI tests (default: OFF)
|
|
-DWITH_DEV_BUILD=[ON|OFF] Enable/Disable deprecated method warnings (default: OFF)
|
|
-DWITH_ASAN=[ON|OFF] Enable/Disable address sanitizer checks (Linux / macOS only) (default: OFF)
|
|
-DWITH_COVERAGE=[ON|OFF] Enable/Disable coverage tests (GCC only) (default: OFF)
|
|
-DWITH_APP_BUNDLE=[ON|OFF] Enable Application Bundle for macOS (default: ON)
|
|
|
|
-DKEEPASSXC_BUILD_TYPE=[Snapshot|PreRelease|Release] Set the build type to show/hide stability warnings (default: "Snapshot")
|
|
-DKEEPASSXC_DIST_TYPE=[Snap|AppImage|Other] Specify the distribution method (default: "Other")
|
|
-DOVERRIDE_VERSION=[X.X.X] Specify a version number when building. Used with snapshot builds (default: "")
|
|
-DGIT_HEAD_OVERRIDE=[XXXXXXX] Specify the 7 digit git commit ref for this build. Used with distribution builds (default: "")
|
|
```
|
|
|
|
* If you are on MacOS you must add this parameter to **Cmake**, with the Qt version you have installed<br/> `-DCMAKE_PREFIX_PATH=/usr/local/Cellar/qt5/5.6.2/lib/cmake/`
|
|
|
|
:exclamation: When building with ASan support on macOS, you need to use `export ASAN_OPTIONS=detect_leaks=0` before running the tests (no LSan support in macOS).
|
|
|
|
Installation
|
|
============
|
|
|
|
After you have successfully built KeePassXC, install the binary by executing the following:
|
|
|
|
```bash
|
|
sudo make install
|
|
```
|
|
|
|
You can specify the destination dir with
|
|
```
|
|
DESTDIR=X
|
|
```
|
|
|
|
|
|
Packaging
|
|
=========
|
|
|
|
You can create a package to redistribute KeePassXC (zip, deb, rpm, dmg, etc..). Refer to [keepassxc-packaging](https://github.com/keepassxreboot/keepassxc-packaging)
|
|
|
|
|
|
Testing
|
|
=======
|
|
|
|
You can perform tests on the built executables with:
|
|
```
|
|
make test ARGS+="--output-on-failure"
|
|
```
|
|
|
|
If you are not currently running on an X Server or Wayland, run the tests as follows:
|
|
```
|
|
make test ARGS+="-E test\(cli\|gui\) --output-on-failure"
|
|
xvfb-run -e errors -a --server-args="-screen 0 1024x768x24" make test ARGS+="-R test\(cli\|gui\) --output-on-failure"
|
|
```
|
|
|
|
Common parameters:
|
|
```
|
|
CTEST_OUTPUT_ON_FAILURE=1
|
|
ARGS+=-jX
|
|
ARGS+="-E testgui"
|
|
```
|