* Fixes#11357
* Introduces validity parameter to TOTP generator function for future use elsewhere in the code base
* Fixes this in preview panel and TOTP dialog
* Disable actions to copy/show TOTP if the settings are invalid
* Show an error message on the TOTP setup dialog if the settings are invalid
* Show a TOTP icon with an x if the settings are invalid
* Fixes#11856
* Set the minimum recommended wordlist size to 1,296 - equal to the EFF Short List
* Issue a clear warning when using a smaller wordlist but do not prevent generation of passphrases
* Improve wording when removing custom wordlist
* Fixes#11808
* Don't show tear off menu or option to tear off if there are no tags
* Fix "No Tags" not being shown on first hover
* Fix issues when using a tag named "No Tags"
* Fix#12153 - tags becoming unsorted in the context menu when switching between database tabs
* Renamed NewEntryAttachmentsDialog to EditEntryAttachmentsDialog for clarity.
* Introduced EditEntryAttachmentsDialog class to manage editing of existing attachments.
* Added functionality to preview attachments while editing them.
* Enhanced EntryAttachmentsModel with rowByKey method for better key management.
* Add image attachment support with zoom functionality.
* Add html and markdown detection.
* Improve button layout on the attachment section when editing an entry
Fixes#9362
This commit was authored by GitHub copilot agent and reviewed by @droidmonkey.
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: droidmonkey <2809491+droidmonkey@users.noreply.github.com>
Co-authored-by: Jonathan White <support@dmapps.us>
* Fixes#11819
When direct write save option is enabled and a hardware key is used with a press required, it is possible that the database file will be truncated to 0 bytes. This is avoided by writing the database to a memory buffer first allowing for key transform to occur, then dumping the buffer into the database file.
This change also improves the overall safety of the direct write save option as there is far less chance for an error to occur while writing to the database file.
Thanks to @ChrisLnrn for reporting this issue!
* Fixes sporadic failures on gui tests on Windows
* Corrects inability to write to temporary config file while running tests
* Corrects errors when using MockRemoteProcess due to missing functions
* Add support for URL wildcards with Additional URL feature
* Only check TLD if wildcard is used
* Avoid using network function in no-feature build
---------
Co-authored-by: varjolintu <sami.vanttinen@ahmala.org>
Co-authored-by: Jonathan White <support@dmapps.us>
Fixes#5290Fixes#9062Fixes#8545
* Fix data loss on failed reload
- External modifications to the db file can no longer be missed.
- Fixed dialogFinished signal of DatabaseOpenDialog was not emitted when dialog was closed via the 'X' (close) button
- For reloading with a modified db, an additional choice has been added to allow the user to ignore the changes in the file on disk.
- User is now presented with an unlock database dialog if reload fails to open the db automatically. For example when the user removed the YubiKey, failed to touch the YubiKey within the timeout period, or db pw has been changed.
- Mark db as modified when db file is gone or invalid.
- Prevent saving when db is being reloaded
- If merge is triggered by a save action, continue on with the save action after the user makes their choice
---------
Co-authored-by: vuurvlieg <vuurvli3g@protonmail.com>
Co-authored-by: Jonathan White <support@dmapps.us>
This change avoids a situation where the open file has changed or an entry in the application has changed (possibly to be implemented in the future) and when you open that entry the editor shows you outdated data.
* Fixes bug from previous attachments preview commit
* Fix logic error when creating new attachment
Closes#11506Closes#3383
* This change adds a new opportunity to add attachments that don’t require a real file in the file system.
* Add a new dialog window to add and preview attachments and integrate it into the EntryAttachmentsWidget.
* Attachment preview support for images and plain text files.
Additional enhancements:
* Fix sizing of attachment columns
* Add padding to attachment table items
* Fix targeting of preview widget styling to not impact unintended children
* An additional approach to create passphrases with one random word being in UPPERCASE.
* Also remove duplicate character count from passphrase generator
---------
Co-authored-by: Stephan Heffner <stephan@heffner.it>
Co-authored-by: Jonathan White <support@dmapps.us>
* Closes#7293
* Move existing T-CONV and T-REPLACE-RX code from AutoType to Entry. Replumb AutoType to use the entry functions.
* Improve placeholder code in various place
* Prevent group pane from being hidden just by dragging. Introduce new View menu setting to hide the group pane.
* Replace the preview panel "close" icon with a "collapse down" icon making the intention clearer.
* Better organize the view menu
Closes#10783
Adds three database configuration options (stored as public custom data) that allow a database to have a public name/summary, color, and/or icon to be displayed on the unlock screen. This information is configured in the Database Settings and stored in the database public custom data (ie, unencrypted).
The name/summary is stored in KPXC_PUBLIC_NAME, the color is stored in KPXC_PUBLIC_COLOR, and the icon is stored in KPXC_PUBLIC_ICON.
---------
Co-authored-by: Jonathan White <support@dmapps.us>
* Closes#9452 - add import/export buttons to application settings
* Fixes#11120 - duplicate both menubar and toolbar visibility settings into the application settings
* Fixes#8561 - improve placement of various settings between General and Security pages
* Improve tool tip for backup database setting
* Improve wording of various settings
Replace a QVector for the wordlist with a QSet. This removes all duplicate entries in a given wordlist.
Thus, it hinders a malicious wordlist that has the proper length (>4000 entries) but with repetitions (effectively << 4000 entries) to be used and potentially create weaker passphrases than estimated.
Example:
List with 4000 items but only 64 unique words would lead to only 48 bit of Entropy instead of ~95 bit!
This PR splits the GUI source files from the core source files. The immediate goal is to allow the CLI to require only a minimum number of dynamic libraries. The long term goal is to create an architectural boundary around the core module, in preparation of libkdbx.
Previously, in a pattern like "{TIME:yy} {TIME}",
substituteBackupFilePath() would greedily use the entire string
"yy} {TIME" as the format specifier for the first TIME template, instead
of just "yy". Fix this, by adjusting the regular expression.
This ends up changing the behaviour of a weird corner case that is
covered in the tests, so change the test. I don't think anyone cares
about that case, and I think the current behaviour is better there.
Fixes#10505 (proved by adding a test case very similar to what was
reported there).
* Deprecated qSort() -> std::sort()
* Replace QDateTime::toString(Qt::DefaultLocaleShortDate) with Clock::toString()
* Replace QDateTime::toString(Qt::SystemLocaleShortDate) with QLocale::system().toString(..., QLocale::ShortFormat)
* Use QDateTime::startOfDay() instead of QDate(QDateTime)
Note: QDateTime::startOfDay() is only available in Qt 5.14, we need to guard it
* Replace QString::SkipEmptyParts with Qt::SkipEmptyParts
Note: Its designated replacement, Qt::SplitBehavior, was only added in Qt 5.14.
* Don't call deprecated QFlags(nullptr) constructor
* QSet::{toList->values}
* Replace QList::toSet, QSet::fromList with Tools::asSet()
* QHash::insertMulti -> QMultiHash::insert
* QProcess::startDetached: non-deprecated overload
* QProcess::{pid->processId}
* QPainter::{HighQuality->}Antialiasing
* QPalette::{background->window}()
* Use Qt::{Background,Foreground}Role
* endl -> Qt::endl, flush -> Qt::flush
* Make YubiKey::s_interfaceMutex non-recursive
* OpenSSHKeyGenDialog: use non-deprecated QComboBox::sizeAdjustPolicy setting
Bump the minimum required Qt version up to 5.12, as per
https://github.com/keepassxreboot/keepassxc/issues/10859#issuecomment-2148477826.
Previously, the minimum version was 5.2.0 based on the CMakeLists.txt
check, though it's unclear if such old versions would actually work.
With this, we are able to remove a whole bunch of #ifdef'd code.
* Entry placeholder resolution: don't overdo it
After resolving placeholders, previously the code would do it all over again if anything had changed, multiple times up to the recursion limit. This would have the effect of applying a much greater recursion limit, which is confusing and unnecessary, and probably undesired.
* Entry tweaks and minor refactoring
- Entry::size(): when computing tag size, use same delimiter set as in other places in the code
- Factor tag delimiter set regex out into global constant
- Placeholder resolution: remove unnecessary special casing for self-referential placeholders (these are taken care of by existing recursion depth limit)
- Placeholder resolution: less wasteful string building loop
- Move some constants from being public static data members of Entry to being local to Entry.cpp (in anonymous namespace)
- Migrate some QRegEx instances to QRegularExpression, the modern alternative
- Miscellanous minor code cleanups
* Entry: fix hitting recursion limit with {braces}
When encountering a {brace-enclosed} substring, the placeholder resolution logic would previously keep recursing until it hit the recursion depth limit (currently 10). This would lead to "Maximum depth of replacement has been reached" messages, and was also wasting CPU cycles.
Fixes#1741
---------
Co-authored-by: Jonathan White <support@dmapps.us>
* Use SHA256 hash of the file path of the database to generate a UUID when using the KDBX3 format. This restores the original behavior of using the file path as the quick unlock lookup key.
A warning is issued from Qt when the path is empty. This happens most often during test runs, but can also occur when closing a database before everything gets cleaned up.
* Provide remote database sync capability
Allow arbitrary commands to be defined and executed for syncing databases with remote services. This includes sftp, scp, rsync, etc.
Remote commands are stored per-database and sync operations are manually triggered by the user from the Database -> Remote Sync menu.
---------
Co-authored-by: Stefan Forstenlechner <t-h-e@users.noreply.github.com>
Co-authored-by: Jonathan White <support@dmapps.us>
Remove Unicode character U+FEFF ZERO WIDTH NO-BREAK SPACE from Weslly's
email address in a few places.
Not sure if this was done on purpose (anti-spam measure?), but it's not
consistently done anyway (e.g. wasn't the case in
src/gui/TotpDialog.cpp), so it seems cleanest to remove this.
Each AddAccessAllowedAce invocation should be matched with a corresponding sizeof(ACCESS_ALLOWED_ACE) and the respective GetLengthSid of the SID being used. This ensures that there is enough space in the ACL for each entry.
The issue manifest itself only when WITH_XC_SSHAGENT is defined.
This issue previously caused parent databases to be marked as modified on unlock. This was because of the new protections against byte-by-byte side channel attacks adds a randomized string to the database custom data. We should never be merging database custom data with keeshare or imports since we are merging groups only.
Also prevent overwrite of auto-generated custom data fields, Last Modified and Random Slug.
* Restrict access to changing DACL's after the process is started. This prevents the creator of the keepassxc.exe process from simply adding the permission to read memory back to the DACL list.
* Verified using System Informer.