rixxc/keepassxc
1
0
Fork 0
mirror of https://github.com/keepassxreboot/keepassxc.git synced 2025-12-04 15:39:34 +01:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: rixxc:2.7.5
Branches Tags
rixxc:develop rixxc:fix/autotype-delay rixxc:release/2.7.x rixxc:copilot/fix-9539 rixxc:feature/remember-quickunlock rixxc:feature/fido2 rixxc:fix/cli-unlock-stderr rixxc:copilot/fix-9282 rixxc:copilot/fix-7450 rixxc:copilot/fix-11491 rixxc:fix/cli-show-cmd rixxc:refactor/simple-default-build rixxc:fix/underline-shortcuts rixxc:fix/snap-build rixxc:fix/password-discard-confirm rixxc:fork_keepassx_core rixxc:feature/update-totp-clipboard rixxc:feature/update-pwd-expiration-date
rixxc:2.7.11 rixxc:latest rixxc:2.7.10 rixxc:2.7.9 rixxc:2.7.8 rixxc:2.7.7 rixxc:2.7.6 rixxc:2.7.5 rixxc:2.7.4 rixxc:2.7.3 rixxc:2.7.2 rixxc:2.7.1 rixxc:2.7.0 rixxc:2.7.0-beta1 rixxc:2.6.6 rixxc:2.6.5 rixxc:2.6.4 rixxc:2.6.3 rixxc:2.6.2 rixxc:2.6.1 rixxc:2.6.0 rixxc:2.6.0-beta1 rixxc:2.5.4 rixxc:2.5.3 rixxc:2.5.2 rixxc:2.5.1 rixxc:2.5.0 rixxc:2.4.3 rixxc:2.4.2 rixxc:2.4.1 rixxc:2.4.0 rixxc:2.4.0-beta2 rixxc:2.4.0-beta1 rixxc:2.3.4 rixxc:2.3.3 rixxc:2.3.2 rixxc:2.3.1 rixxc:2.3.0 rixxc:2.3.0-beta1 rixxc:2.2.4 rixxc:2.2.3 rixxc:2.2.2 rixxc:2.2.1 rixxc:2.2.0 rixxc:2.1.4 rixxc:2.1.3 rixxc:2.1.2 rixxc:2.1.1 rixxc:2.1.0 rixxc:2.0.3-http rixxc:2.0.3 rixxc:2.0.2 rixxc:2.0.1 rixxc:2.0.0 rixxc:2.0-beta2 rixxc:2.0-beta1 rixxc:2.0-alpha6 rixxc:2.0-alpha5 rixxc:2.0-alpha4 rixxc:2.0-alpha3 rixxc:2.0-alpha2 rixxc:2.0-alpha1
..
compare: rixxc:2.6.6
Branches Tags
rixxc:fix/autotype-delay rixxc:release/2.7.x rixxc:develop rixxc:copilot/fix-9539 rixxc:feature/remember-quickunlock rixxc:feature/fido2 rixxc:fix/cli-unlock-stderr rixxc:copilot/fix-9282 rixxc:copilot/fix-7450 rixxc:copilot/fix-11491 rixxc:fix/cli-show-cmd rixxc:refactor/simple-default-build rixxc:fix/underline-shortcuts rixxc:fix/snap-build rixxc:fix/password-discard-confirm rixxc:fork_keepassx_core rixxc:feature/update-totp-clipboard rixxc:feature/update-pwd-expiration-date
rixxc:2.7.11 rixxc:latest rixxc:2.7.10 rixxc:2.7.9 rixxc:2.7.8 rixxc:2.7.7 rixxc:2.7.6 rixxc:2.7.5 rixxc:2.7.4 rixxc:2.7.3 rixxc:2.7.2 rixxc:2.7.1 rixxc:2.7.0 rixxc:2.7.0-beta1 rixxc:2.6.6 rixxc:2.6.5 rixxc:2.6.4 rixxc:2.6.3 rixxc:2.6.2 rixxc:2.6.1 rixxc:2.6.0 rixxc:2.6.0-beta1 rixxc:2.5.4 rixxc:2.5.3 rixxc:2.5.2 rixxc:2.5.1 rixxc:2.5.0 rixxc:2.4.3 rixxc:2.4.2 rixxc:2.4.1 rixxc:2.4.0 rixxc:2.4.0-beta2 rixxc:2.4.0-beta1 rixxc:2.3.4 rixxc:2.3.3 rixxc:2.3.2 rixxc:2.3.1 rixxc:2.3.0 rixxc:2.3.0-beta1 rixxc:2.2.4 rixxc:2.2.3 rixxc:2.2.2 rixxc:2.2.1 rixxc:2.2.0 rixxc:2.1.4 rixxc:2.1.3 rixxc:2.1.2 rixxc:2.1.1 rixxc:2.1.0 rixxc:2.0.3-http rixxc:2.0.3 rixxc:2.0.2 rixxc:2.0.1 rixxc:2.0.0 rixxc:2.0-beta2 rixxc:2.0-beta1 rixxc:2.0-alpha6 rixxc:2.0-alpha5 rixxc:2.0-alpha4 rixxc:2.0-alpha3 rixxc:2.0-alpha2 rixxc:2.0-alpha1

62 Commits
2.7.5 ... 2.6.6

Author SHA1 Message Date
Jonathan White
9c108b9510 Release 2.6.6 
Fixed

- Fix focusing search when pressing hotkey [#6603]
- Trim whitespace from TOTP key input prior to processing [#6604]
- Fix building on macOS [#6598]
- Resolve compiler warnings for unused return values [#6607]
 2021-06-11 22:13:52 -04:00
Jonathan White
596821ca0d Update translations 2021-06-11 22:13:32 -04:00
Jonathan White
faf48d0b02 Version bump to 2.6.6 2021-06-11 22:12:21 -04:00
Jonathan White
4bdc2539f9 Improve testdatabase performance 2021-06-11 22:01:19 -04:00
Jonathan White
6422fe5ca5 Trim TOTP key input of whitespace prior to processing 
* Fixes #6599
 2021-06-10 16:48:25 -04:00
Jonathan White
9e2399adf4 Resolve compiler warnings for unused return values 
* Fixes #1932 - See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66425#c29

Adding a negation before the function call allows the (void) syntax to work properly.
 2021-06-10 16:48:18 -04:00
Jonathan White
c661fa331f Fix focusing search using Ctrl + F 
* Fixes #6600 - error exists only on master branch due to poor cherrypick merge
 2021-06-09 05:55:43 -04:00
Jonathan White
db9fc57a37 Fix compilation on macOS 2021-06-08 18:57:15 -04:00
Jonathan White
2b262c5b24 Release 2.6.5 
Added

- Show search bar when toolbar is hidden or in overflow [#6279]
- Show countdown for clipboard clearing in status bar [#6333]
- Command line option to lock all open databases [#6511]
- Allow CSV import of bare TOTP secrets [#6211]
- Retain file creation time when saving database [#6576]
- Set permissions of saved attachments to be private to the current user [#6363]
- OPVault: Use Text instead of Name for attribute names [#6334]

Changed

- Reports: Allow resizing of reports columns [#6435]
- Reports: Toggle showing expired entries [#6534]
- Save Always on Top setting [#6236]
- Password generator can exclude additional lookalike characters (6/G, 8/B) [#6196]

Fixed

- Allow setting MSI properties in unattended install [#6196]
- Update MainWindow minimum size to enable smaller verticle space [#6196]
- Use application font size when setting default or monospace fonts [#6332]
- Fix notes not clearing in entry preview panel in some cases [#6481]
- macOS: Correct window activation when restoring from tray [#6575]
- macOS: Better handling of minimize after unlock when using browser integration [#6338]
- Linux: Start after the system tray is available on LXQt [#6216]
- Linux: Allow selection of modal dialogs on X11 in Auto-Type [#6204]
- KeeShare: prevent crash when file extension is missing [#6174]
 2021-06-07 23:18:37 -04:00
Jonathan White
ec33474845 Update translations 2021-06-07 23:18:29 -04:00
Jonathan White
e63881ccfb Add new VIP & long-term patrons 2021-06-07 23:15:50 -04:00
Jonathan White
ffdc37cd87 2.6.5 Version Bump and Changelog 2021-06-07 07:54:28 -04:00
Jonathan White
205ffd30ed Correct macOS window activation from hidden state (#6575) 
* Fix #6234 - properly set NSApplication activation policies when the window is hidden and shown
 2021-06-01 21:50:20 -04:00
Jonathan White
5cfbde0bb7 Retain file creation time when saving database (#6576) 
* Fix #6028
 2021-06-01 21:50:12 -04:00
Jonathan White
2a02242d44 Update SSH Agent PuTTYGen instructions 
* Fix #6378
 2021-05-30 13:39:21 -04:00
Jonathan White
6ebd341ea4 Add feature to ignore entries for HTTP-Auth Logins 
* Backport to fix #6173
 2021-05-30 10:02:43 -04:00
Jonathan White
a228219214 Make "Always on top" a local setting 2021-05-30 08:44:09 -04:00
Jonathan White
6248697443 Fix read usage in release-tool 
* Fixes #6562
 2021-05-30 08:44:09 -04:00
Jonathan White
def08ac1db Better description text for Key File change dialog 2021-05-30 08:44:09 -04:00
Xavier Valls
b2c636d9c7 Allow resizing of reports table columns (#6435) 
* Fix #5678

Co-authored-by: Jonathan White <support@dmapps.us>
 2021-05-30 08:44:09 -04:00
Jonathan White
7f2281940d Use application font size when setting default or monospace fonts 
* Fix #6286
 2021-05-30 08:44:09 -04:00
wundrweapon
aaf8f18852 Add command line option to lock open databases (#6511) 
Closes #6126
 2021-05-30 08:44:09 -04:00
Stefan Sundin
29de94b656 Set permissions of saved attachments to be private to the current user (#6363) 2021-05-30 08:44:09 -04:00
Lukas Rytz
438172bef9 MinimizeAfterUnlock also when unlocking through browser 
The MinimizeAfterUnlock setting added in #3439 closes the main window
after unlock. However, when the unlock is triggered through
KeePassXC-Browser, a password dialog is shown on top of the main window
and the main window remains open after the unlock. This is fixed
in this commit.
 2021-05-30 08:44:09 -04:00
Jonathan White
7941d59f4a Show search bar when toolbar is hidden or overflow 
* Fix #505 - always show the search bar when the search keyboard shortcut is pressed. If the toolbar is in overflow, the toolbar will be expanded automatically and search focused. If the toolbar is hidden it will be shown and expanded if necessary. When searching is canceled or the down arrow is pressed (to select the first entry) the toolbar will be set back to it's previous configuration.
 2021-05-30 08:44:09 -04:00
Xavier Valls
1fdfc153be Fix unreachable setting of file permissions (#6514) 
Fixes #6080
 2021-05-30 08:44:09 -04:00
Xavier Valls
9ae5b49136 Fix showing preview notes in an entry without notes 
Fixes #6461
 2021-05-30 08:44:09 -04:00
ByteHamster
f08086529b Show countdown for clipboard clearing (#6333) 
* Closes #1843

Co-authored-by: Jonathan White <support@dmapps.us>
 2021-05-30 08:44:09 -04:00
Jonathan White
5be06190bb OPVault: Use Text instead of Name for attribute and section names 
* Fix #6303 - the text attribute in 1Password contains the actual text seen in 1Password whereas the name attribute may contain a ref pointer and not a name.
 2021-05-30 08:44:09 -04:00
Guillaume Turchini
b47272a5ce Allow CSV import of bare TOTP secrets 
Fixes #6167
 2021-05-30 08:44:09 -04:00
Chih-Hsuan Yen
ae20ee61be Make KeePassXC start after the system tray is available on LXQt 2021-05-30 08:44:09 -04:00
mantlabs
7264b7fc26 Persist Always on Top setting 2021-05-30 08:44:09 -04:00
Jonathan White
0c57c7a67b Auto-Type: Allow selection of modal dialogs on X11 
* Fix #5958 - Modal dialogs do not have WM_STATE set even though they are a valid top-level window with a valid name. In this case, we need to poll for WM_TRANSIENT_FOR which returns the top level window the dialog is a child of.
 2021-05-30 08:44:09 -04:00
Jonathan White
215ca536d0 Fix Mac Pasteboard header location 2021-05-30 08:44:09 -04:00
Lars Wendler
0ce4e7001c Detect quazip >= 1.0 via pkgconfig 
Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
 2021-05-29 12:46:19 -04:00
Jonathan White
8f0e0b6f94 Backport: Prevent crash and resolve placeholders in Auto-Type dialog 
* Modified backport of specific improvements introduced on develop branch. 

- Prevent crash when multiple screens are at play and QApplication::screenAt returns nullptr. 
- Resolve username/password when copying to clipboard from Auto-Type selection dialog.
 2021-05-16 13:29:21 -04:00
Brandon Atkinson
bec7dafa91 Exclude additional lookalike characters (6G8B) 
* Fix #6075
 2021-02-27 07:35:03 -05:00
Jesse Ruth
9478ae30a0 Update MainWindow minimum size to enable smaller verticle space (#6149) 2021-02-27 07:35:03 -05:00
Jonathan White
3626ac1681 Allow setting MSI properties in unattended install 2021-02-27 07:35:03 -05:00
Bernhard
24977edf58 KeeShare: Default to unsigned container unless specifically chosen 
*Fix #6081 - Prevent assert and crash due to user entered data
 2021-02-26 14:24:41 -05:00
Janek Bevendorff
34a78f0ec3 Release 2.6.4 
Added

- Automatically adapt to light/dark system theme changes (Windows/macOS only) [#6034]

Changed

- Show window title as tooltip on system tray [#5948]
- Compress Snap release as LZO for faster initial startup [#5877]
- Password generator: Set maximum selectable password length to 999 [#5937]

Fixed

- Fix crash on app close when using SSH agent [#5935]
- Fix KDF selection showing wrong item when using Argon2id [#5923]
- Automatically close About dialog on database lock if it is still open [#5947]
- Linux: Fix automatic launch at system startup with AppImages [#5901]
- Linux: Fix click-to-move on empty area activating when using menus [#5971]
- Linux: Try multiple times to show tray icon if tray is not ready yet [#5948]
- macOS: Fix KeePassXC blocking clean shutdown [#6002]
 2021-01-31 22:37:23 +01:00
Janek Bevendorff
3e8a195eda Update translations 2021-01-31 22:37:18 +01:00
Janek Bevendorff
50bde82f17 Bump version to 2.6.4 2021-01-31 22:36:11 +01:00
Janek Bevendorff
bf0fd6f189 Update changelog 2021-01-31 22:36:07 +01:00
Jonathan White
109671900b Merge pull request #6034 from keepassxreboot/hotfix/theme-switching-backport 2021-01-31 15:43:37 -05:00
Janek Bevendorff
2889341acd Fix on/off icons not being redrawn on theme change (backport) 2021-01-31 14:29:49 -05:00
Janek Bevendorff
874e9e1075 Fix icon alpha blending in QTableView (backport) 
Some widgets such as QTableView do not call QIconEngine::pixmap(), but do
the drawing immediately through QIconEngine::paint(). This breaks alpha
blending for recolouring, since the underlying image canvas is not
necessarily transparent and also not anchored at (0, 0). This results in
a black box of the size of the icon bounding box.

Icon recolouring is now always done on a temporary QImage with
transparent background and only the finished end result is composed onto
the original canvas.

Fixes #6006
 2021-01-31 14:54:55 +01:00
Janek Bevendorff
48f2efbc92 Fix adaptive icon painting (backport) 
Fixes resolution problems on HighDPI.
Backport of c7323accf2
 2021-01-31 14:54:51 +01:00
Janek Bevendorff
f7d387d233 Add dynamic theme switching on Windows 10 (backport) 2021-01-31 12:38:01 +01:00
Janek Bevendorff
dad4ad68f3 Improve macOS platform integration (backport). 
- Allow switching between themes without restart (except classic)
- Rework icon loading and recolouring logic to react to theme changes
- Automatically react to light/dark theme change
- Remove explicit selection of monochrome tray icon variant (selected
  automatically now)

The tray icon doesn't respond perfectly to theme changes yet on Big Sur,
since we need different icons for dark and light theme and cannot simply
let the OS recolour the icon for us (we do that, too, but only as an
additional fallback). At the moment, there is no signal to listen to
that would allow this.

This patch adds a few generic methods to OSUtils for detecting and
communicating theme changes, which are only stubs for Windows and Linux at
the moment and need to be implemented in future commits.

Fixes #5349
 2021-01-31 12:18:58 +01:00
Jonathan White
63df00a723 Auto-close About Dialog before locking databases 
* Fixes #5941
 2021-01-28 21:21:49 -05:00
Jonathan White
db18a14cde Ensure app exiting flag is set on logoff/shutdown 
* Fix #3944
 2021-01-27 10:27:23 -05:00
Jonathan White
35d215aa70 Correct issues with system tray icon 
* Close #5780 - Show window title as system tray icon tooltip
* Fix #5943 - Try to show system tray icon up to 5 times, waiting 5 seconds between attempts, if the system tray is not available. This works around observed startup issues on Linux.
* Change function of "isTrayIconEnabled()" to return true if the tray icon is created and visible. This may correct some long standing bugs with the window hiding forever unexpectedly.
 2021-01-27 10:26:54 -05:00
Jonathan White
a3b9700f90 Fix unloading ssh keys on database lock 
* Fix #5928 - SSH Agent keys are properly removed on database lock. Also fixes crash when keys are still loaded on application close.
* Remove dependency on DatabaseWidget within SSH Agent.
 2021-01-26 18:35:34 +01:00
JCallicoat
0d3d5db87c Fix menubar click-to-move window with Qt 5.15 
Change logic in click handler in eventFilter so that
startSystemMove() is only called when there is no menubar
action under the mouse cursor (i.e., when a blank area
of the menubar is clicked).

Fixes #5925
 2021-01-20 15:37:12 -05:00
Jonathan White
fa239865f2 Allow max password length of 999 characters 
* The slidebar maxes out at 128 characters (same as before)
* The spinbox text entry maxes out at 999 characters
 2021-01-19 06:25:13 -05:00
Jonathan White
4216f1d03e Set Snap compression to lzo 
* Fix #5877, greatly improve startup time of snap package
 2021-01-16 10:37:51 -05:00
ei-ke
7fdc6010c5 Add documentation for creating YubiKey backups 
* Closes #465
 2021-01-16 10:37:33 -05:00
Farnbacher
031f31f83f Use AppImage path for startup on login 
Fixes #5050
 2021-01-16 10:37:07 -05:00
Jonathan White
2ddd61cff6 Ignore format changes for new clang-format version 2021-01-15 15:02:05 -05:00
Jonathan White
61ed2fff44 Update timestamp server for appsign 
Also add ability to set the timestamp server by command line switch.
 2021-01-15 15:02:05 -05:00
Janek Bevendorff
54b382f3fe Fix Argon2id UUID mixup 
Argon2Kdf was using a wrong UUID internally for the id variant, resulting
in the incorrect dropdown entry being selected in the database
encryption settings.

Reading and writing databases was not affected.

Fixes #5922
 2021-01-14 22:40:47 -05:00
979 changed files with 166450 additions and 279219 deletions
Expand all files Collapse all files

5
.clang-format
View File

@@ -19,7 +19,7 @@ AlwaysBreakBeforeMultilineStrings: false
AlwaysBreakTemplateDeclarations: false AlwaysBreakTemplateDeclarations: false
BinPackArguments: false BinPackArguments: false
BinPackParameters: false BinPackParameters: false
BraceWrapping: BraceWrapping:
AfterClass: true AfterClass: true
AfterFunction: true AfterFunction: true
AfterControlStatement: false AfterControlStatement: false
@@ -44,7 +44,7 @@ DerivePointerAlignment: false
DisableFormat: false DisableFormat: false
ExperimentalAutoDetectBinPacking: false ExperimentalAutoDetectBinPacking: false
ForEachMacros: [ foreach, Q_FOREACH, BOOST_FOREACH ] ForEachMacros: [ foreach, Q_FOREACH, BOOST_FOREACH ]
IncludeCategories: IncludeCategories:
- Regex: '^"(llvm|llvm-c|clang|clang-c)/' - Regex: '^"(llvm|llvm-c|clang|clang-c)/'
Priority: 2 Priority: 2
- Regex: '^(<|"(gtest|isl|json)/)' - Regex: '^(<|"(gtest|isl|json)/)'
@@ -85,3 +85,4 @@ Standard: Cpp11
TabWidth: 4 TabWidth: 4
UseTab: Never UseTab: Never
... ...

3
.gitattributes vendored
View File

@@ -14,6 +14,3 @@ AppImage-Recipe.sh export-ignore
# binary files # binary files
*.ai binary *.ai binary
# Line endings harmony
* text=auto

13
.github/CONTRIBUTING.md vendored
View File

@@ -63,7 +63,7 @@ Before submitting a bug report, check if the problem has already been reported.
### Discuss with the team ### Discuss with the team
As with feature requests, you can talk to the KeePassXC team about bugs, new features, other issues and pull requests on the dedicated issue tracker, on the [Matrix development channel](https://matrix.to/#/!RhJPJPGwQIFVQeXqZa:matrix.org?via=matrix.org), or in the IRC channel on Libera.Chat (`#keepassxc-dev` on `irc.libera.chat`, or use a [webchat link](https://web.libera.chat/#keepassxc-dev)). As with feature requests, you can talk to the KeePassXC team about bugs, new features, other issues and pull requests on the dedicated issue tracker, or in the IRC channel on Freenode (`#keepassxc-dev` on `irc.freenode.net`, or use a [webchat link](https://webchat.freenode.net/?channels=%23keepassxc-dev)).
### Your first code contribution ### Your first code contribution
@@ -85,23 +85,16 @@ All pull requests must comply with the above requirements and with the [stylegui
Translations are managed on [Transifex](https://www.transifex.com/keepassxc/keepassxc/) which offers a web interface. Translations are managed on [Transifex](https://www.transifex.com/keepassxc/keepassxc/) which offers a web interface.
Please join an existing language team or request a new one if there is none. Please join an existing language team or request a new one if there is none.
If you open a Pull Request with new strings that require translations, you will need to run the following:
```
./release-tool i18n lupdate
```
This will make the new strings available for translation in Transifex.
## Styleguides ## Styleguides
### Git branch strategy ### Git branch strategy
The Branch Strategy is based on [git-flow-lite](http://nvie.com/posts/a-successful-git-branching-model/). The Branch Strategy is based on [git-flow-lite](http://nvie.com/posts/a-successful-git-branching-model/).
* **master** points to the latest public release
* **develop** points to the development of the next release, contains tested and reviewed code * **develop** points to the development of the next release, contains tested and reviewed code
* **feature/**[name] points to a branch with a new feature, one which is candidate for merge into develop (subject to rebase) * **feature/**[name] points to a branch with a new feature, one which is candidate for merge into develop (subject to rebase)
* **fix/**[name] points to a branch with a fix for a particular issue ID * **hotfix/**[name] points to a branch with a fix for a particular issue ID
Note: The **latest** tag is used to point to the most recent stable release.
### Git commit messages ### Git commit messages

8
.github/pull.yml vendored
View File

@@ -1,8 +0,0 @@
# doc: https://github.com/wei/pull#basic-setup
# manual trigger: https://pull.git.ci/process/${fork-user}/keepassxc
# pull from: https://github.com/keepassxreboot/keepassxc
version: "1"
rules:
- base: develop
upstream: keepassxreboot:develop
mergeMethod: rebase

5
.gitignore vendored
View File

@@ -21,8 +21,3 @@ desktop.ini
/*.snap /*.snap
/*_source.tar.bz2 /*_source.tar.bz2
# MSVC Files
CMakeSettings.json
CMakePresets.json
.vs/
out/

21
.tx/config
View File

@@ -1,17 +1,8 @@
[main] [main]
host = https://app.transifex.com host = https://www.transifex.com
[o:keepassxc:p:keepassxc:r:share-translations-keepassxc-en-ts--develop]
file_filter = share/translations/keepassxc_<lang>.ts
source_file = share/translations/keepassxc_en.ts
type = QT
minimum_perc = 0
resource_name = keepassxc_en.ts (develop)
[o:keepassxc:p:keepassxc:r:share-translations-keepassxc-en-ts--master]
file_filter = share/translations/keepassxc_<lang>.ts
source_file = share/translations/keepassxc_en.ts
type = QT
minimum_perc = 0
resource_name = keepassxc_en.ts (2.7.x stable)
[keepassxc.keepassxc]
source_file = share/translations/keepassx_en.ts
file_filter = share/translations/keepassx_<lang>.ts
source_lang = en
type = QT

237
CHANGELOG.md
View File

@@ -1,233 +1,6 @@
# Changelog # Changelog
## 2.7.5 (2023-05-14) ## 2.6.6 (2021-06-11)
### Changes
- Add menu option to allow screenshots [#8841]
- Add support for Botan 3 [#9388]
- Increase max TOTP step to 24 hours [#9149]
- Improve HTML export layout [#8987]
- Turn search reset off by default [#9153]
- Use QClipboard::clear() instead of setting blank text [#9148]
- Hide group column header choice when not in search [#9171]
- Improve look of KeePassXC logo and icons [#9355]
- Add keyboard shortcuts for app and database settings [#9007]
- Hide rename button from attachments preview panel [#8842]
- Linux: Set SingleMainWindow in .desktop file [#7430]
### Fixes
- Fix crash when search clears while creating new entry [#9230]
- Fix crash when using Windows Hello in a Remote Desktop session [#9006]
- Fix crash in Group Edit after enabling Browser Integration [#8778]
- Fix canceling quick unlock when it is unavailable [#9034]
- Set password input field font correctly [#8732]
- Greatly improve performance when rendering entry view [#9398]
- Fix various accessibility issues [#9138]
- Fix arrows size when expand/collapse a group [#9096]
- Select the clone instead of the original after cloning an entry [#9070]
- Fix bugs with preview widget [#9170]
- Fix status bar update when switching to other DB [#9073]
- Fix database settings spin box bug [#9101]
- Fix Ctrl+Tab shortcut to cycle databases in unlock dialog [#8839]
- Fix TOTP QR code maintaining square ratio [#9027]
- Fix Auto-Type configuration page on custom sequence selection [#8752]
- Fix unexpected behavior of `--lock` when KeePassXC is not running [#8889]
- Make open folder icon exempt from "Apply group icon to entry" [#9205]
- Allow setting default file open directory with env var [#9192]
- SSH Agent: Fix support for AES-256/GCM openssh keys [#8968]
- Browser: Fix Native Messaging script path with BSD OS's [#8835]
- MacOS: Fix text selection for Auto-Type clear field [#9066]
- MacOS: Don't rely on AppleInterfaceStyle for theme switching [#8615]
- Windows: Remove registry detection of desktop shortcut [#9380]
## 2.7.4 (2022-10-29)
### Changes
- Add 2 months expiration preset [#8687]
- CLI: Add Unicode support on Windows [#8618]
### Fixes
- Fix crash on macOS when unlocking database [#8676]
- Fix display of passwords in preview panel [#8633]
- Fix clicking links in entry preview panel [#8644]
- Prevent expired entries search if no results returned [#8643]
- Browser: Revert code causing connection problems [#8665]
- Browser: Fix socket file symbolic link on Linux [#8656]
- Flatpak: Fix launching browser proxy service [#8680]
- SSH Agent: Fix paegent support on Windows [#8619]
## 2.7.3 (2022-10-23)
### Changes
- Enhance Tags Support and Add Saved Searches [#8435, #8607]
- Significant improvements to entry preview panel [#7993]
- Add password strength indicator to all password fields [#7885]
- Limit zxcvbn entropy estimation length to 128 characters [#7748]
- Try full URL path when fetching favicon [#8565]
- Hide usernames in preview panel when hidden in entry view [#8608]
- Enable dark title bar on windows when accent color is not used [#8498]
- Add option to display passwords in color in preview panel [#7097]
- Add XML Export option to GUI [#8524]
- Increase entropy required for a "good" password rating to 75 [#8523]
- Add shortcut to copy password with TOTP appended [#8443]
- Show entry count in status bar [#8435]
- Allow KeePassXC to be built without X11 [#8147]
- Enable use of VivoKey Apex and Dangerous Things FlexSecure tokens [#8332]
- Add setting for number of recent files [#8239]
- Add Ctrl+Tab shortcut to cycle databases in unlock dialog [#8168]
- Replace offensive words in eff_large.wordlist [#7968]
- Auto-Type: PICKCHARS can specify attribute and ignore BEEP [#8118]
- Linux: Add isHardwareKeySupported and refreshHardwareKeys to DBus methods [#8055]
- Add config variable to specify default database file name [#8042]
- Support numeric aware sorting on Windows and macOS [#8363]
- CLI: Add `db-edit` command [#8400]
- CLI: Add option to display all attributes with `show` command [#8256]
- CLI: Show UUID and tags with `show` and `clip` commands [#8241]
- Browser: Move socket into separate directory on Linux [#8030]
- Browser: Add group setting to omit WWW subdomain when matching URLs [#7988]
- FdoSecrets: Ask to unlock the database when creating items [#8022, #8028]
- FdoSecrets: Skip entries in recycle bin when searching [#8021]
### Fixes
- Fix potential deadlock in UI when saving [#8606]
- Fix newlines when copying notes from preview panel [#8542]
- Fix dark mode detection on Linux [#8477]
- Fix crash when deleting items in recycle bin while searching [#8117]
- Fix crash when trying to close database during unlock [#8144]
- Fix tabbing around the interface [#8435, #8520]
- Fix OPVault import when there are multiple OTP fields [#8436]
- Fix various Windows Hello bugs [#8354]
- Fix use of Apple Watch for Quick Unlock [#8311]
- Better handling of "Lock on Minimize" setting [#8202]
- Check for write permission before entering portable mode [#8447]
- Correct regex escape logic to prevent parse errors [#7778]
- Normalize slashes and file case for last used databases [#7864, #7214]
- Link ykcore against pthread [#7807]
- Auto-Type: Fix menu entries in selection dialog on Windows [#7987]
- Auto-Type: Fix use of modifiers under macOS [#8111]
- CLI: Fix output when using clip with the -t flag [#8271]
- Browser: Use asynchronous access confirm dialog [#8273]
- Browser: Always send database locked/unlocked status [#8114]
## 2.7.1 (2022-04-05)
### Changes
- Show when tags are changed in entry history [#7638]
- Improve tags editing and allow spaces in tags [#7708]
- Improve layout of entry preview panel [#7767]
- Incorporate patches to support Flatpak distribution [#7728]
- Add expiration presets for 12 and 24 hours [#7738]
### Fixes
- Fix crash when building history change list [#7638]
- Fix hiding password on database unlock [#7725]
- Fix AES KDF slow transform speed [#7755]
- Auto-Type: Correct timing issue on macOS and Linux that prevented typing [#7588]
- Auto-Type: Fix use of Ctrl/Alt/Shift/Win modifiers on Windows [#7629]
- Auto-Type: Reduce/eliminate delay when searching for entries [#7598]
- Auto-Type: Map ASCII dead keys on Linux for international keyboards [#7614]
- CLI: Fix detection of hardware keys (YubiKey) [#7593]
- CLI: Add missing parameter `-c` to add/edit entries command [#7594]
- Secret Service: Fix crash when multiple prompts are shown [#7786]
- SSH Agent: Fix default agent selection on Windows [#7764]
- Fix database unlock dialog not being the top window on Linux [#7771]
- Fix drag/drop entries between tabs on Wayland [#7628]
- Fix compiling with minizip-ng [#7638]
## 2.7.0 (2022-03-21)
### Major Additions
- Implement KDBX 4.1 [#7114]
- Add direct write save option for cloud storage and GVFS [#6594]
- Prevent screen capture on Windows and macOS [#6030]
- Support quick unlock using Windows Hello [#7384]
- Support quick unlock using Apple Watch [#5526]
- Allow specifying database backup paths [#7035]
- Add tag functionality [#6487][#7436][#7446]
- Add password rating column to entry view [#4797]
- Add group clone action [#6124]
- Show modifications between entry history items [#6789]
- Ability to bulk-delete and purge unused custom icons [#5970]
- Support adding custom passphrase wordlists [#6799]
- Support passphrase wordlists in numbered and PGP-signed formats [#6791]
- Implement support for hardware keys via wireless NFC [#6895]
- SSH Agent: Add support for OpenSSH 8.2 FIDO/U2F keys [#6371]
- CLI: Implement attachment handling [#5538]
- CLI: Add support for okon in offline HIBP checks [#5478]
- CLI: Implement `search` command and remove `locate` [#6805]
- CLI: Add db statistic output to `db-info` command [#7032]
- CLI: Add -i/--include option to `generate` command. [#7112]
- CLI: Add a -n (--notes) option to `add` and `edit` commands [#4646]
- CLI: Add keyfile option to `import` command [#5402]
- CLI: Adding a best option to clip to copy a password of the best match [#4489]
- Browser: Add Microsoft Edge support on Linux [#7100]
- Browser: Support native password generator from the extension [#6529]
- Browser: Add group settings [#4180]
- Browser: Add feature to ignore entries for HTTP-Auth Logins [#5394]
- Browser: Support triggering Auto-Type from browser extension [#6272]
- Browser: Add delete-entry command to API [#6899]
- Browser: Add search 'by-path' url to API [#5535]
- Browser: search for entries by UUID to API [#4763]
- Browser: Support auto-download of favicon on entry addition [#7179]
- Auto-Type: Major improvements to Auto-Type [#5864][#7463][#7435][#7391][#7129][#6400][#6364][#6361][#5283][#7507]
- Auto-Type: Fix typing to virtual machines on Windows [#7366]
- Auto-Type: Re-implement X11 keysym emulation [#7098]
- Auto-Type: Support multiple Xkb layouts [#6247]
- Auto-Type: Abort keystroke if modifiers held on X11 [#6351][#6357]
- Auto-Type: Add TOTP option to entry level Auto-Type menu [#6675]
- FdoSecrets: Major Refactor and Code Consolidation [#5747][#5660][#7043][#6915]
- FdoSecrets: Implement unlock before search [#6943]
- Reports: Add browser statistics report [#7197]
### Major Changes
- Port crypto backend to [Botan](https://github.com/randombit/botan) [#6209]
- Improve attachment handling and security [#6606][#5034][#7083]
- Allow selecting any open database in unlock dialog [#5427]
- KeeShare: Remove checking signed container and QuaZip dependency [#7223]
- Introduce security option to enable copy on double click (default off) [#6433]
- Add 'delete entry without confirm' functionality [#5812]
- Improve macOS and Windows platform integration [#5851]
- Lock only the current database by default [#6652]
- Show expired entries on DB unlock [#7290]
- Update D-Bus adaptor interface class name to match definition file [#7523]
### Other Changes and Fixes
- Add countdown progress bar to TOTP preview [#6930]
- Enter favicon url directly on icons page [#6614]
- Set C++17 as standard in the build system [#7180]
- Internalize ykcore into code base [#6654]
- Transition to Visual Studio builds on Windows [#5874]
- Ability to delete entries from health check reports [#6537]
- Enhance remembering last-used directories [#6711]
- Implement org.freedesktop.appearance.color-scheme support on Linux [#7422]
- Support sorting HTML export [#7011]
- Add display number of characters in passphrases [#5449]
- Use Alt+Tab on macOS to switch between databases [#5407]
- Add feature to sort groups using shortcut keys [#6999]
- Add CTRL+Enter to apply password generator changes [#6414]
- Display `Database created` timestamp on statistics report [#6876]
- Browser: Improve best matching credentials setting [#6893]
- SSH Agent: Use both Pageant and OpenSSH agent simultaneously on Windows [#6288]
- SSH Agent: Allow using database path to resolve keys [#6365]
- SSH Agent: Show correct error messages in main window [#7166]
- Multiple fixes for MSI installer [#6630]
- Fix tab order for CSV import dialog to match screen order [#7315]
- Don't mark kdbx:// urls as invalid [#7221]
- Make selected text copyable instead of copying password [#7209]
- Detect timestamp resolution for CSV files [#7196]
- Fix crash while downloading favicon [#7104]
- Correct naming of newly generated keyx files [#7010]
- Place the 'Recycle Bin' at the bottom of the list when groups are sorted [#7004]
- Handle tilde with custom browser paths [#6659]
- Don't scroll up when deleting an entry [#6833]
- Set the MIME-Type to text/plain when using wl-copy on wayland [#6832]
- Fix adaptive icon painting [#5989][#6033]
- Fix favicon download from URL with non-standard port [#5509]
- Ignore recycle bin on KeePassHTTP migration [#5481]
- Fix keepassxc-cr-recovery utility [#7521]
- Fix Auto-Type not working when audio recording indicator is active on macOS 12.2+ [#7526]
## 2.6.6 (2021-06-12)
### Fixed ### Fixed
@@ -236,7 +9,7 @@
- Fix building on macOS [#6598] - Fix building on macOS [#6598]
- Resolve compiler warnings for unused return values [#6607] - Resolve compiler warnings for unused return values [#6607]
## 2.6.5 (2021-06-08) ## 2.6.5 (2021-06-07)
### Added ### Added
@@ -490,7 +263,7 @@
- Return keyboard focus after saving database edits [#4287] - Return keyboard focus after saving database edits [#4287]
- Windows: Use bare minimum settings in portable version [#4131] - Windows: Use bare minimum settings in portable version [#4131]
- Windows: Use SHA256 code signing [#4129] - Windows: Use SHA256 code signing [#4129]
- macOS: Fix code signing incompatibility in latest macOS release [#4564] - macOS: Fix code signing incompatibility in latest macOS release [#4564]
## 2.5.3 (2020-01-19) ## 2.5.3 (2020-01-19)
@@ -622,8 +395,8 @@
- Redesign database unlock dialog [ #3287] - Redesign database unlock dialog [ #3287]
- Rework the entry preview panel [ #3306] - Rework the entry preview panel [ #3306]
- Move notes to General tab on Group Preview Panel [#3336] - Move notes to General tab on Group Preview Panel [#3336]
- Enable entry actions when editing an entry and cleanup entry context menu [#3641] - Enable entry actions when editing an entry and cleanup entry context menu [#3641]
- Improve detection of external database changes [#2389] - Improve detection of external database changes [#2389]
- Warn if user is trying to use a KDBX file as a key file [#3625] - Warn if user is trying to use a KDBX file as a key file [#3625]
- Add option to disable KeePassHTTP settings migrations prompt [#3349, #3344] - Add option to disable KeePassHTTP settings migrations prompt [#3349, #3344]
- Re-enabled Wayland support (no Auto-Type yet) [#3520, #3341] - Re-enabled Wayland support (no Auto-Type yet) [#3520, #3341]

288
CMakeLists.txt
View File

@@ -17,7 +17,6 @@
cmake_minimum_required(VERSION 3.3.0) cmake_minimum_required(VERSION 3.3.0)
project(KeePassXC) project(KeePassXC)
set(APP_ID "org.keepassxc.${PROJECT_NAME}")
if(NOT CMAKE_BUILD_TYPE) if(NOT CMAKE_BUILD_TYPE)
set(CMAKE_BUILD_TYPE "RelWithDebInfo" CACHE STRING set(CMAKE_BUILD_TYPE "RelWithDebInfo" CACHE STRING
@@ -25,16 +24,12 @@ if(NOT CMAKE_BUILD_TYPE)
FORCE) FORCE)
endif() endif()
string(TOLOWER "${CMAKE_BUILD_TYPE}" CMAKE_BUILD_TYPE_LOWER) string(TOLOWER "${CMAKE_BUILD_TYPE}" CMAKE_BUILD_TYPE_LOWER)
if(CMAKE_BUILD_TYPE_LOWER STREQUAL "debug" OR CMAKE_BUILD_TYPE_LOWER STREQUAL "relwithdebinfo")
set(IS_DEBUG_BUILD TRUE)
endif()
set(CMAKE_MODULE_PATH ${CMAKE_MODULE_PATH} ${CMAKE_CURRENT_SOURCE_DIR}/cmake) set(CMAKE_MODULE_PATH ${CMAKE_MODULE_PATH} ${CMAKE_CURRENT_SOURCE_DIR}/cmake)
# Support Visual Studio Code # Support Visual Studio Code
include(CMakeToolsHelpers OPTIONAL) include(CMakeToolsHelpers OPTIONAL)
include(FeatureSummary) include(FeatureSummary)
include(KPXCMacDeployHelpers)
include(CheckCCompilerFlag) include(CheckCCompilerFlag)
include(CheckCXXCompilerFlag) include(CheckCXXCompilerFlag)
@@ -55,42 +50,25 @@ option(WITH_XC_NETWORKING "Include networking code (e.g. for downloading website
option(WITH_XC_BROWSER "Include browser integration with keepassxc-browser." OFF) option(WITH_XC_BROWSER "Include browser integration with keepassxc-browser." OFF)
option(WITH_XC_YUBIKEY "Include YubiKey support." OFF) option(WITH_XC_YUBIKEY "Include YubiKey support." OFF)
option(WITH_XC_SSHAGENT "Include SSH agent support." OFF) option(WITH_XC_SSHAGENT "Include SSH agent support." OFF)
option(WITH_XC_KEESHARE "Sharing integration with KeeShare" OFF) option(WITH_XC_KEESHARE "Sharing integration with KeeShare (requires quazip5 for secure containers)" OFF)
option(WITH_XC_UPDATECHECK "Include automatic update checks; disable for controlled distributions" ON) option(WITH_XC_UPDATECHECK "Include automatic update checks; disable for controlled distributions" ON)
if(UNIX AND NOT APPLE) if(UNIX AND NOT APPLE)
option(WITH_XC_FDOSECRETS "Implement freedesktop.org Secret Storage Spec server side API." OFF) option(WITH_XC_FDOSECRETS "Implement freedesktop.org Secret Storage Spec server side API." OFF)
endif() endif()
option(WITH_XC_DOCS "Enable building of documentation" ON)
set(WITH_XC_X11 ON CACHE BOOL "Enable building with X11 deps")
if(APPLE) if(APPLE)
# Perform the platform checks before applying the stricter compiler flags. option(WITH_XC_TOUCHID "Include TouchID support for macOS." OFF)
# Otherwise the kSecAccessControlTouchIDCurrentSet deprecation warning will result in an error.
try_compile(XC_APPLE_COMPILER_SUPPORT_BIOMETRY
${CMAKE_CURRENT_BINARY_DIR}/tiometry_test/
${CMAKE_CURRENT_SOURCE_DIR}/cmake/compiler-checks/macos/control_biometry_support.mm)
message(STATUS "Biometry compiler support: ${XC_APPLE_COMPILER_SUPPORT_BIOMETRY}")
try_compile(XC_APPLE_COMPILER_SUPPORT_TOUCH_ID
${CMAKE_CURRENT_BINARY_DIR}/touch_id_test/
${CMAKE_CURRENT_SOURCE_DIR}/cmake/compiler-checks/macos/control_touch_id_support.mm)
message(STATUS "Touch ID compiler support: ${XC_APPLE_COMPILER_SUPPORT_TOUCH_ID}")
try_compile(XC_APPLE_COMPILER_SUPPORT_WATCH
${CMAKE_CURRENT_BINARY_DIR}/tiometry_test/
${CMAKE_CURRENT_SOURCE_DIR}/cmake/compiler-checks/macos/control_watch_support.mm)
message(STATUS "Apple watch compiler support: ${XC_APPLE_COMPILER_SUPPORT_WATCH}")
endif() endif()
option(WITH_XC_DOCS "Enable building of documentation" ON)
if(WITH_CCACHE) if(WITH_CCACHE)
# Use the Compiler Cache (ccache) program # Use the Compiler Cache (ccache) program
# (install with: sudo apt get ccache) # (install with: sudo apt get ccache)
find_program(CCACHE_FOUND ccache) find_program(CCACHE_FOUND ccache)
if(NOT CCACHE_FOUND) if(CCACHE_FOUND)
set_property(GLOBAL PROPERTY RULE_LAUNCH_COMPILE ${CCACHE_FOUND})
else()
message(FATAL_ERROR "ccache requested but cannot be found.") message(FATAL_ERROR "ccache requested but cannot be found.")
endif() endif()
set_property(GLOBAL PROPERTY RULE_LAUNCH_COMPILE ${CCACHE_FOUND})
endif() endif()
if(WITH_XC_ALL) if(WITH_XC_ALL)
@@ -101,25 +79,29 @@ if(WITH_XC_ALL)
set(WITH_XC_YUBIKEY ON) set(WITH_XC_YUBIKEY ON)
set(WITH_XC_SSHAGENT ON) set(WITH_XC_SSHAGENT ON)
set(WITH_XC_KEESHARE ON) set(WITH_XC_KEESHARE ON)
if(APPLE)
set(WITH_XC_TOUCHID ON)
endif()
if(UNIX AND NOT APPLE) if(UNIX AND NOT APPLE)
set(WITH_XC_FDOSECRETS ON) set(WITH_XC_FDOSECRETS ON)
endif() endif()
endif() endif()
if(WITH_XC_SSHAGENT OR WITH_XC_KEESHARE)
set(WITH_XC_CRYPTO_SSH ON)
else()
set(WITH_XC_CRYPTO_SSH OFF)
endif()
# Prefer WITH_XC_NETWORKING setting over WITH_XC_UPDATECHECK # Prefer WITH_XC_NETWORKING setting over WITH_XC_UPDATECHECK
if(NOT WITH_XC_NETWORKING AND WITH_XC_UPDATECHECK) if(NOT WITH_XC_NETWORKING AND WITH_XC_UPDATECHECK)
message(STATUS "Disabling WITH_XC_UPDATECHECK because WITH_XC_NETWORKING is disabled") message(STATUS "Disabling WITH_XC_UPDATECHECK because WITH_XC_NETWORKING is disabled")
set(WITH_XC_UPDATECHECK OFF) set(WITH_XC_UPDATECHECK OFF)
endif() endif()
if(UNIX AND NOT APPLE AND NOT WITH_XC_X11)
message(STATUS "Disabling WITH_XC_AUTOTYPE because WITH_XC_X11 is disabled")
set(WITH_XC_AUTOTYPE OFF)
endif()
set(KEEPASSXC_VERSION_MAJOR "2") set(KEEPASSXC_VERSION_MAJOR "2")
set(KEEPASSXC_VERSION_MINOR "7") set(KEEPASSXC_VERSION_MINOR "6")
set(KEEPASSXC_VERSION_PATCH "5") set(KEEPASSXC_VERSION_PATCH "6")
set(KEEPASSXC_VERSION "${KEEPASSXC_VERSION_MAJOR}.${KEEPASSXC_VERSION_MINOR}.${KEEPASSXC_VERSION_PATCH}") set(KEEPASSXC_VERSION "${KEEPASSXC_VERSION_MAJOR}.${KEEPASSXC_VERSION_MINOR}.${KEEPASSXC_VERSION_PATCH}")
set(OVERRIDE_VERSION "" CACHE STRING "Override the KeePassXC Version for Snapshot builds") set(OVERRIDE_VERSION "" CACHE STRING "Override the KeePassXC Version for Snapshot builds")
@@ -145,8 +127,7 @@ execute_process(COMMAND git tag --points-at HEAD
WORKING_DIRECTORY ${CMAKE_SOURCE_DIR} WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}
OUTPUT_VARIABLE GIT_TAG OUTPUT_VARIABLE GIT_TAG
ERROR_QUIET) ERROR_QUIET)
string(REGEX REPLACE "latest" "" GIT_TAG "${GIT_TAG}") if(GIT_TAG)
if(GIT_TAG MATCHES "[0-9]+\.[0-9]+\.[0-9]+")
string(STRIP "${GIT_TAG}" GIT_TAG) string(STRIP "${GIT_TAG}" GIT_TAG)
set(OVERRIDE_VERSION ${GIT_TAG}) set(OVERRIDE_VERSION ${GIT_TAG})
elseif(EXISTS ${CMAKE_SOURCE_DIR}/.version) elseif(EXISTS ${CMAKE_SOURCE_DIR}/.version)
@@ -155,14 +136,14 @@ endif()
string(REGEX REPLACE "(\r?\n)+" "" OVERRIDE_VERSION "${OVERRIDE_VERSION}") string(REGEX REPLACE "(\r?\n)+" "" OVERRIDE_VERSION "${OVERRIDE_VERSION}")
if(OVERRIDE_VERSION) if(OVERRIDE_VERSION)
if(OVERRIDE_VERSION MATCHES "^[\\.0-9]+-beta[0-9]*") if(OVERRIDE_VERSION MATCHES "^[\\.0-9]+-(alpha|beta)[0-9]+$")
set(KEEPASSXC_BUILD_TYPE "PreRelease") set(KEEPASSXC_BUILD_TYPE PreRelease)
set(KEEPASSXC_VERSION ${OVERRIDE_VERSION}) set(KEEPASSXC_VERSION ${OVERRIDE_VERSION})
elseif(OVERRIDE_VERSION MATCHES "^[\\.0-9]+$") elseif(OVERRIDE_VERSION MATCHES "^[\\.0-9]+$")
set(KEEPASSXC_BUILD_TYPE "Release") set(KEEPASSXC_BUILD_TYPE Release)
set(KEEPASSXC_VERSION ${OVERRIDE_VERSION}) set(KEEPASSXC_VERSION ${OVERRIDE_VERSION})
else() else()
set(KEEPASSXC_BUILD_TYPE "Snapshot") set(KEEPASSXC_BUILD_TYPE Snapshot)
set(KEEPASSXC_VERSION ${OVERRIDE_VERSION}) set(KEEPASSXC_VERSION ${OVERRIDE_VERSION})
endif() endif()
else() else()
@@ -186,36 +167,15 @@ message(STATUS "Setting up build for KeePassXC v${KEEPASSXC_VERSION}\n")
# Distribution info # Distribution info
set(KEEPASSXC_DIST ON) set(KEEPASSXC_DIST ON)
set(KEEPASSXC_DIST_TYPE "Other" CACHE STRING "KeePassXC Distribution Type") set(KEEPASSXC_DIST_TYPE "Other" CACHE STRING "KeePassXC Distribution Type")
set_property(CACHE KEEPASSXC_DIST_TYPE PROPERTY STRINGS Snap AppImage Flatpak Other) set_property(CACHE KEEPASSXC_DIST_TYPE PROPERTY STRINGS Snap AppImage Other)
if(KEEPASSXC_DIST_TYPE STREQUAL "Snap") if(KEEPASSXC_DIST_TYPE STREQUAL "Snap")
set(KEEPASSXC_DIST_SNAP ON) set(KEEPASSXC_DIST_SNAP ON)
elseif(KEEPASSXC_DIST_TYPE STREQUAL "AppImage") elseif(KEEPASSXC_DIST_TYPE STREQUAL "AppImage")
set(KEEPASSXC_DIST_APPIMAGE ON) set(KEEPASSXC_DIST_APPIMAGE ON)
elseif(KEEPASSXC_DIST_TYPE STREQUAL "Flatpak")
set(KEEPASSXC_DIST_FLATPAK ON)
elseif(KEEPASSXC_DIST_TYPE STREQUAL "Other") elseif(KEEPASSXC_DIST_TYPE STREQUAL "Other")
unset(KEEPASSXC_DIST) unset(KEEPASSXC_DIST)
endif() endif()
if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.14.0")
cmake_policy(SET CMP0083 NEW)
include(CheckPIESupported)
check_pie_supported()
endif()
# Find Botan early since the version affects subsequent compiler options
find_package(Botan REQUIRED)
if(BOTAN_VERSION VERSION_GREATER_EQUAL "3.0.0")
set(WITH_XC_BOTAN3 TRUE)
elseif(BOTAN_VERSION VERSION_LESS "2.11.0")
# Check for minimum Botan version
message(FATAL_ERROR "Botan 2.11.0 or higher is required")
endif()
include_directories(SYSTEM ${BOTAN_INCLUDE_DIR})
# Create position independent code for shared libraries and executables
set(CMAKE_POSITION_INDEPENDENT_CODE ON)
if("${CMAKE_SIZEOF_VOID_P}" EQUAL "4") if("${CMAKE_SIZEOF_VOID_P}" EQUAL "4")
set(IS_32BIT TRUE) set(IS_32BIT TRUE)
endif() endif()
@@ -285,20 +245,12 @@ macro(check_add_gcc_compiler_flag FLAG)
endmacro(check_add_gcc_compiler_flag) endmacro(check_add_gcc_compiler_flag)
add_definitions(-DQT_NO_EXCEPTIONS -DQT_STRICT_ITERATORS -DQT_NO_CAST_TO_ASCII) add_definitions(-DQT_NO_EXCEPTIONS -DQT_STRICT_ITERATORS -DQT_NO_CAST_TO_ASCII)
if(NOT IS_DEBUG_BUILD)
add_definitions(-DQT_NO_DEBUG_OUTPUT)
endif()
if(WITH_APP_BUNDLE) if(WITH_APP_BUNDLE)
add_definitions(-DWITH_APP_BUNDLE) add_definitions(-DWITH_APP_BUNDLE)
endif() endif()
add_gcc_compiler_flags("-fno-common") add_gcc_compiler_flags("-fno-common")
find_package(OpenMP)
if(OpenMP_FOUND)
add_gcc_compiler_cflags(${OpenMP_C_FLAGS})
add_gcc_compiler_cxxflags(${OpenMP_CXX_FLAGS})
endif()
add_gcc_compiler_flags("-Wall -Wextra -Wundef -Wpointer-arith -Wno-long-long") add_gcc_compiler_flags("-Wall -Wextra -Wundef -Wpointer-arith -Wno-long-long")
add_gcc_compiler_flags("-Wformat=2 -Wmissing-format-attribute") add_gcc_compiler_flags("-Wformat=2 -Wmissing-format-attribute")
add_gcc_compiler_flags("-fvisibility=hidden") add_gcc_compiler_flags("-fvisibility=hidden")
@@ -308,20 +260,17 @@ if(CMAKE_BUILD_TYPE_LOWER STREQUAL "debug")
check_add_gcc_compiler_flag("-Wshadow-compatible-local") check_add_gcc_compiler_flag("-Wshadow-compatible-local")
check_add_gcc_compiler_flag("-Wshadow-local") check_add_gcc_compiler_flag("-Wshadow-local")
add_gcc_compiler_flags("-Werror") add_gcc_compiler_flags("-Werror")
# This is needed since compiling aginst Botan3 requires compiling against C++20
if(WITH_XC_BOTAN3)
add_gcc_compiler_cxxflags("-Wno-error=deprecated-enum-enum-conversion -Wno-error=deprecated")
endif()
endif() endif()
if (NOT HAIKU) if (NOT HAIKU)
if((CMAKE_COMPILER_IS_GNUCXX AND CMAKE_CXX_COMPILER_VERSION VERSION_GREATER 4.8.999) OR CMAKE_COMPILER_IS_CLANGXX) if((CMAKE_COMPILER_IS_GNUCXX AND CMAKE_CXX_COMPILER_VERSION VERSION_GREATER 4.8.999) OR CMAKE_COMPILER_IS_CLANGXX)
add_gcc_compiler_flags("-fstack-protector-strong") add_gcc_compiler_flags("-fstack-protector-strong")
else() else()
add_gcc_compiler_flags("-fstack-protector --param=ssp-buffer-size=4") add_gcc_compiler_flags("-fstack-protector --param=ssp-buffer-size=4")
endif() endif()
endif() endif()
add_gcc_compiler_cxxflags("-fno-exceptions -fno-rtti")
add_gcc_compiler_cxxflags("-Wnon-virtual-dtor -Wold-style-cast -Woverloaded-virtual") add_gcc_compiler_cxxflags("-Wnon-virtual-dtor -Wold-style-cast -Woverloaded-virtual")
add_gcc_compiler_cflags("-Wchar-subscripts -Wwrite-strings") add_gcc_compiler_cflags("-Wchar-subscripts -Wwrite-strings")
@@ -348,90 +297,63 @@ check_add_gcc_compiler_flag("-Werror=format-security")
check_add_gcc_compiler_flag("-Werror=implicit-function-declaration" C) check_add_gcc_compiler_flag("-Werror=implicit-function-declaration" C)
check_add_gcc_compiler_flag("-Wcast-align") check_add_gcc_compiler_flag("-Wcast-align")
if(UNIX AND NOT APPLE) if(WITH_COVERAGE AND CMAKE_COMPILER_IS_CLANGXX)
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fprofile-instr-generate -fcoverage-mapping")
# then:
# $ llvm-profdata merge -sparse default.profraw -o default.profdata
# $ llvm-cov show ./tests/${the_test_binary} \
# -format=html -instr-profile=default.profdata -output-dir=./coverages \
# `find src -iname '*.h' -or -iname '*.cpp'`
endif()
if(CMAKE_SYSTEM_NAME STREQUAL "Linux")
check_add_gcc_compiler_flag("-Qunused-arguments") check_add_gcc_compiler_flag("-Qunused-arguments")
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -Wl,--as-needed -Wl,--no-undefined") add_gcc_compiler_flags("-pie -fPIE")
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -Wl,-z,relro,-z,now -pie") set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -Wl,--no-add-needed -Wl,--as-needed -Wl,--no-undefined")
set(CMAKE_MODULE_LINKER_FLAGS "${CMAKE_MODULE_LINKER_FLAGS} -Wl,--as-needed") set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -Wl,-z,relro,-z,now")
set(CMAKE_MODULE_LINKER_FLAGS "${CMAKE_MODULE_LINKER_FLAGS} -Wl,--no-add-needed -Wl,--as-needed")
set(CMAKE_MODULE_LINKER_FLAGS "${CMAKE_MODULE_LINKER_FLAGS} -Wl,-z,relro,-z,now") set(CMAKE_MODULE_LINKER_FLAGS "${CMAKE_MODULE_LINKER_FLAGS} -Wl,-z,relro,-z,now")
endif() endif()
set(CMAKE_C_STANDARD 99) add_gcc_compiler_cflags("-std=c99")
if(WITH_XC_BOTAN3) add_gcc_compiler_cxxflags("-std=c++11")
set(CMAKE_CXX_STANDARD 20)
else()
set(CMAKE_CXX_STANDARD 17)
endif()
set(CMAKE_CXX_STANDARD_REQUIRED ON)
check_cxx_compiler_flag("-fsized-deallocation" CXX_HAS_fsized_deallocation) check_add_gcc_compiler_flag("-fsized-deallocation" CXX)
if(CXX_HAS_fsized_deallocation)
# Do additional check: the deallocation functions must be there too.
set(CMAKE_REQUIRED_FLAGS "-fsized-deallocation")
check_cxx_source_compiles("#include <new>
int main() { void * ptr = nullptr; std::size_t size = 1; ::operator delete(ptr, size); }"
HAVE_DEALLOCATION_FUNCTIONS)
if(HAVE_DEALLOCATION_FUNCTIONS)
check_add_gcc_compiler_flag("-fsized-deallocation" CXX)
endif()
unset(CMAKE_REQUIRED_FLAGS)
endif()
if(APPLE AND CMAKE_COMPILER_IS_CLANGXX) if(APPLE AND CMAKE_COMPILER_IS_CLANGXX)
add_gcc_compiler_cxxflags("-stdlib=libc++") add_gcc_compiler_cxxflags("-stdlib=libc++")
endif() endif()
if(WITH_DEV_BUILD) if(WITH_DEV_BUILD)
add_definitions(-DQT_DEPRECATED_WARNINGS) add_definitions(-DQT_DEPRECATED_WARNINGS -DGCRYPT_NO_DEPRECATED)
else() else()
add_definitions(-DQT_NO_DEPRECATED_WARNINGS) add_definitions(-DQT_NO_DEPRECATED_WARNINGS)
add_gcc_compiler_cxxflags("-Wno-deprecated-declarations") add_gcc_compiler_cxxflags("-Wno-deprecated-declarations")
endif() endif()
# MSVC specific options if(MINGW)
if (MSVC)
if(MSVC_TOOLSET_VERSION LESS 141)
message(FATAL_ERROR "Only Microsoft Visual Studio 17 and newer are supported!")
endif()
add_compile_options(/permissive- /utf-8)
if(IS_DEBUG_BUILD)
add_compile_options(/Zf)
if(MSVC_TOOLSET_VERSION GREATER 141)
add_compile_definitions(/fsanitize=address)
endif()
endif()
endif()
if(WIN32)
set(CMAKE_RC_COMPILER_INIT windres) set(CMAKE_RC_COMPILER_INIT windres)
enable_language(RC) enable_language(RC)
if(MINGW) set(CMAKE_RC_COMPILE_OBJECT "<CMAKE_RC_COMPILER> <FLAGS> -O coff <DEFINES> -i <SOURCE> -o <OBJECT>")
set(CMAKE_RC_COMPILE_OBJECT "<CMAKE_RC_COMPILER> <FLAGS> -O coff <DEFINES> -i <SOURCE> -o <OBJECT>") if(NOT (CMAKE_BUILD_TYPE_LOWER STREQUAL "debug" OR CMAKE_BUILD_TYPE_LOWER STREQUAL "relwithdebinfo"))
endif() # Enable DEP and ASLR
if(NOT IS_DEBUG_BUILD) set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -Wl,--nxcompat -Wl,--dynamicbase")
if(MSVC) set(CMAKE_MODULE_LINKER_FLAGS "${CMAKE_MODULE_LINKER_FLAGS} -Wl,--nxcompat -Wl,--dynamicbase")
# By default MSVC enables NXCOMPAT # Enable high entropy ASLR for 64-bit builds
add_compile_options(/guard:cf) if(NOT IS_32BIT)
add_link_options(/DYNAMICBASE /HIGHENTROPYVA /GUARD:CF) set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -Wl,--high-entropy-va")
else(MINGW) set(CMAKE_MODULE_LINKER_FLAGS "${CMAKE_MODULE_LINKER_FLAGS} -Wl,--high-entropy-va")
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -Wl,--nxcompat -Wl,--dynamicbase")
set(CMAKE_MODULE_LINKER_FLAGS "${CMAKE_MODULE_LINKER_FLAGS} -Wl,--nxcompat -Wl,--dynamicbase")
# Enable high entropy ASLR for 64-bit builds
if(NOT IS_32BIT)
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -Wl,--high-entropy-va")
set(CMAKE_MODULE_LINKER_FLAGS "${CMAKE_MODULE_LINKER_FLAGS} -Wl,--high-entropy-va")
endif()
endif() endif()
endif() endif()
endif() endif()
if(APPLE AND WITH_APP_BUNDLE OR WIN32) if(APPLE AND WITH_APP_BUNDLE OR MINGW)
set(PROGNAME KeePassXC) set(PROGNAME KeePassXC)
else() else()
set(PROGNAME keepassxc) set(PROGNAME keepassxc)
endif() endif()
if(WIN32) if(MINGW)
set(CLI_INSTALL_DIR ".") set(CLI_INSTALL_DIR ".")
set(PROXY_INSTALL_DIR ".") set(PROXY_INSTALL_DIR ".")
set(BIN_INSTALL_DIR ".") set(BIN_INSTALL_DIR ".")
@@ -462,50 +384,26 @@ endif(WITH_TESTS)
if(WITH_COVERAGE) if(WITH_COVERAGE)
# Include code coverage, use with -DCMAKE_BUILD_TYPE=Debug # Include code coverage, use with -DCMAKE_BUILD_TYPE=Debug
include(CodeCoverage) include(CodeCoverage)
set(COVERAGE_GCOVR_EXCLUDES
"\\(.+/\\)?tests/.\\*"
".\\*/moc_\\[^/\\]+\\.cpp"
".\\*/ui_\\[^/\\]+\\.h"
"\\(.+/\\)?zxcvbn/.\\*")
append_coverage_compiler_flags() append_coverage_compiler_flags()
setup_target_for_coverage_gcovr_html(
set(COVERAGE_EXCLUDES NAME coverage
"'^(.+/)?(thirdparty|zxcvbn)/.*'" EXECUTABLE $(MAKE) && $(MAKE) test
"'^(.+/)?main\\.cpp$$'" )
"'^(.+/)?cli/keepassxc-cli\\.cpp$$'"
"'^(.+/)?proxy/keepassxc-proxy\\.cpp$$'")
if(WITH_COVERAGE AND CMAKE_COMPILER_IS_CLANGXX)
set(MAIN_BINARIES
"$<TARGET_FILE:${PROGNAME}>"
"$<TARGET_FILE:keepassxc-cli>"
"$<TARGET_FILE:keepassxc-proxy>")
setup_target_for_coverage_llvm(
NAME coverage
BINARY ${MAIN_BINARIES}
SOURCES_ROOT ${CMAKE_SOURCE_DIR}/src
)
else()
setup_target_for_coverage_gcovr(
NAME coverage
SOURCES_ROOT ${CMAKE_SOURCE_DIR}/src
)
endif()
endif() endif()
include(CLangFormat) include(CLangFormat)
set(QT_COMPONENTS Core Network Concurrent Gui Svg Widgets Test LinguistTools) set(QT_COMPONENTS Core Network Concurrent Gui Svg Widgets Test LinguistTools)
if(UNIX AND NOT APPLE) if(UNIX AND NOT APPLE)
if(WITH_XC_X11)
list(APPEND QT_COMPONENTS X11Extras)
endif()
find_package(Qt5 COMPONENTS ${QT_COMPONENTS} DBus REQUIRED) find_package(Qt5 COMPONENTS ${QT_COMPONENTS} DBus REQUIRED)
elseif(APPLE) elseif(APPLE)
find_package(Qt5 COMPONENTS ${QT_COMPONENTS} REQUIRED HINTS find_package(Qt5 COMPONENTS ${QT_COMPONENTS} REQUIRED HINTS /usr/local/opt/qt/lib/cmake /usr/local/Cellar/qt/*/lib/cmake ENV PATH)
/usr/local/opt/qt@5/lib/cmake find_package(Qt5 COMPONENTS MacExtras HINTS /usr/local/opt/qt/lib/cmake /usr/local/Cellar/qt/*/lib/cmake ENV PATH)
/usr/local/Cellar/qt@5/*/lib/cmake
/opt/homebrew/opt/qt@5/lib/cmake
ENV PATH)
find_package(Qt5 COMPONENTS MacExtras HINTS
/usr/local/opt/qt@5/lib/cmake
/usr/local/Cellar/qt@5/*/lib/cmake
/opt/homebrew/opt/qt@5/lib/cmake
ENV PATH)
else() else()
find_package(Qt5 COMPONENTS ${QT_COMPONENTS} REQUIRED) find_package(Qt5 COMPONENTS ${QT_COMPONENTS} REQUIRED)
endif() endif()
@@ -515,10 +413,6 @@ if(Qt5Core_VERSION VERSION_LESS "5.2.0")
endif() endif()
get_filename_component(Qt5_PREFIX ${Qt5_DIR}/../../.. REALPATH) get_filename_component(Qt5_PREFIX ${Qt5_DIR}/../../.. REALPATH)
if(APPLE)
# Add includes under Qt5 Prefix in case Qt6 is also installed
include_directories(SYSTEM ${Qt5_PREFIX}/include)
endif()
# Process moc automatically # Process moc automatically
set(CMAKE_AUTOMOC ON) set(CMAKE_AUTOMOC ON)
@@ -529,39 +423,45 @@ set(CMAKE_AUTORCC ON)
if(APPLE) if(APPLE)
set(CMAKE_MACOSX_RPATH TRUE) set(CMAKE_MACOSX_RPATH TRUE)
find_program(MACDEPLOYQT_EXE macdeployqt HINTS ${Qt5_PREFIX}/bin ${Qt5_PREFIX}/tools/qt5/bin ENV PATH) find_program(MACDEPLOYQT_EXE macdeployqt HINTS ${Qt5_PREFIX}/bin ENV PATH)
if(NOT MACDEPLOYQT_EXE) if(NOT MACDEPLOYQT_EXE)
message(FATAL_ERROR "macdeployqt is required to build on macOS") message(FATAL_ERROR "macdeployqt is required to build on macOS")
else()
message(STATUS "Using macdeployqt: ${MACDEPLOYQT_EXE}")
endif() endif()
message(STATUS "Using macdeployqt: ${MACDEPLOYQT_EXE}") elseif(MINGW)
set(MACDEPLOYQT_EXTRA_BINARIES "") find_program(WINDEPLOYQT_EXE windeployqt HINTS ${Qt5_PREFIX}/bin ENV PATH)
elseif(WIN32)
find_program(WINDEPLOYQT_EXE windeployqt HINTS ${Qt5_PREFIX}/bin ${Qt5_PREFIX}/tools/qt5/bin ENV PATH)
if(NOT WINDEPLOYQT_EXE) if(NOT WINDEPLOYQT_EXE)
message(FATAL_ERROR "windeployqt is required to build on Windows") message(FATAL_ERROR "windeployqt is required to build on Windows")
else()
message(STATUS "Using windeployqt: ${WINDEPLOYQT_EXE}")
endif() endif()
message(STATUS "Using windeployqt: ${WINDEPLOYQT_EXE}")
endif() endif()
# Debian sets the build type to None for package builds. # Debian sets the the build type to None for package builds.
# Make sure we don't enable asserts there. # Make sure we don't enable asserts there.
set_property(DIRECTORY APPEND PROPERTY COMPILE_DEFINITIONS_NONE QT_NO_DEBUG) set_property(DIRECTORY APPEND PROPERTY COMPILE_DEFINITIONS_NONE QT_NO_DEBUG)
# Find Argon2 -- Botan 2.18 and below does not support threaded Argon2 find_package(LibGPGError REQUIRED)
find_library(ARGON2_LIBRARIES NAMES argon2) find_package(Gcrypt 1.7.0 REQUIRED)
find_path(ARGON2_INCLUDE_DIR NAMES argon2.h PATH_SUFFIXES local/include) find_package(Argon2 REQUIRED)
include_directories(SYSTEM ${ARGON2_INCLUDE_DIR})
# Find zlib
find_package(ZLIB REQUIRED) find_package(ZLIB REQUIRED)
find_package(QREncode REQUIRED)
find_package(sodium 1.0.12 REQUIRED)
set(CMAKE_REQUIRED_INCLUDES ${ZLIB_INCLUDE_DIR})
if(ZLIB_VERSION_STRING VERSION_LESS "1.2.0") if(ZLIB_VERSION_STRING VERSION_LESS "1.2.0")
message(FATAL_ERROR "zlib 1.2.0 or higher is required to use the gzip format") message(FATAL_ERROR "zlib 1.2.0 or higher is required to use the gzip format")
endif() endif()
include_directories(SYSTEM ${ZLIB_INCLUDE_DIR})
include_directories(SYSTEM ${ARGON2_INCLUDE_DIR} ${sodium_INCLUDE_DIR})
# Optional
if(WITH_XC_YUBIKEY) if(WITH_XC_YUBIKEY)
find_package(PCSC REQUIRED) find_package(YubiKey REQUIRED)
include_directories(SYSTEM ${PCSC_INCLUDE_DIRS})
include_directories(SYSTEM ${YUBIKEY_INCLUDE_DIRS})
endif() endif()
if(UNIX) if(UNIX)
@@ -574,7 +474,7 @@ if(UNIX)
HAVE_MALLOC_H) HAVE_MALLOC_H)
check_cxx_source_compiles("#include <malloc.h> check_cxx_source_compiles("#include <malloc.h>
int main() { malloc_usable_size(NULL); return 0; }" int main() { malloc_usable_size(NULL, 0); return 0; }"
HAVE_MALLOC_USABLE_SIZE) HAVE_MALLOC_USABLE_SIZE)
check_cxx_source_compiles("#include <sys/resource.h> check_cxx_source_compiles("#include <sys/resource.h>
@@ -594,7 +494,7 @@ if(UNIX)
endif() endif()
endif() endif()
include_directories(SYSTEM ${ZLIB_INCLUDE_DIR}) include_directories(SYSTEM ${GCRYPT_INCLUDE_DIR} ${ZLIB_INCLUDE_DIR})
add_subdirectory(src) add_subdirectory(src)
add_subdirectory(share) add_subdirectory(share)

20
CODE-OF-CONDUCT.md
View File

@@ -1,20 +0,0 @@
# Contributor Code of Conduct
KeePassXC is an open project that welcomes everybody no matter their ethnicity, sex,
sexual identity or orientation, age, socio-economic status, nationality, or religion.
Regardless of what background you come from, feel encouraged to participate in
the project and express your views as long you are respectful to others.
We value all members of our community and so in order to ensure a harassment-free
experience for everyone and mutual respect among members of this community, we
impose the following simple rules:
- No bullying, no insults. Any form of harassment will not be tolerated.
- No racism, no sexism, no homophobia, no hurtful extremist views of any kind.
- Be mindful of what you say, be diligent in how you say it.
- Show respect and, as always, be excellent to each other.
Violations of these rules or any other form of abuse can be reported confidentially
to conduct AT keepassxc DOT org. Members who do not adhere to our code of conduct
will be banned either permanently or until they change their ways so as to be
compatible with a friendly, open, and inclusive community.

62
COPYING
View File

@@ -27,24 +27,24 @@ Copyright: 2010-2012, Felix Geyer <debfx@fobos.de>
2000-2008, Tom Sato <VEF00200@nifty.ne.jp> 2000-2008, Tom Sato <VEF00200@nifty.ne.jp>
2013, Laszlo Papp <lpapp@kde.org> 2013, Laszlo Papp <lpapp@kde.org>
2013, David Faure <faure@kde.org> 2013, David Faure <faure@kde.org>
2016-2023, KeePassXC Team <team@keepassxc.org> 2016-2020, KeePassXC Team <team@keepassxc.org>
License: GPL-2 or GPL-3 License: GPL-2 or GPL-3
Comment: The "KeePassXC Team" in every copyright notice is formed by the following people: Comment: The "KeePassXC Team" in every copyright notice is formed by the following people:
- droidmonkey - droidmonkey
- phoerious - phoerious
- varjolintu - TheZ3ro <io@thezero.org>
- hifi
- louib - louib
- weslly
Every other contributor is listed on https://github.com/keepassxreboot/keepassxc/graphs/contributors Every other contributor is listed on https://github.com/keepassxreboot/keepassxc/graphs/contributors
Files: cmake/CodeCoverage.cmake Files: cmake/CodeCoverage.cmake
Copyright: 2012 - 2015, Lars Bilke Copyright: 2012 - 2015, Lars Bilke
License: BSD-3-clause License: BSD-3-clause
Files: cmake/FindBotan.cmake Files: cmake/FindYubiKey.cmake
Copyright: none Copyright: 2014 Kyle Manna <kyle@kylemanna.com>
License: LGPL-2.1 License: GPL-2 or GPL-3
Files: cmake/GenerateProductVersion.cmake Files: cmake/GenerateProductVersion.cmake
Copyright: 2015 halex2005 <akharlov@gmail.com> Copyright: 2015 halex2005 <akharlov@gmail.com>
@@ -137,24 +137,11 @@ Files: share/icons/badges/2_Expired.svg
share/icons/database/C46_Help.svg share/icons/database/C46_Help.svg
share/icons/database/C53_Apply.svg share/icons/database/C53_Apply.svg
share/icons/database/C61_Services.svg share/icons/database/C61_Services.svg
Copyright: 2022 KeePassXC Team <team@keepassxc.org> Copyright: 2020 KeePassXC Team <team@keepassxc.org>
License: MIT License: MIT
Files: share/icons/application/scalable/actions/application-exit.svg Files: share/icons/application/scalable/actions/chevron-double-down.svg
share/icons/application/scalable/actions/attributes-copy.svg
share/icons/application/scalable/actions/auto-type.svg
share/icons/application/scalable/actions/bugreport.svg
share/icons/application/scalable/actions/chevron-double-down.svg
share/icons/application/scalable/actions/chevron-double-right.svg share/icons/application/scalable/actions/chevron-double-right.svg
share/icons/application/scalable/actions/clipboard-text.svg
share/icons/application/scalable/actions/configure.svg
share/icons/application/scalable/actions/database-change-key.svg
share/icons/application/scalable/actions/database-lock.svg
share/icons/application/scalable/actions/database-lock-all.svg
share/icons/application/scalable/actions/database-merge.svg
share/icons/application/scalable/actions/database-search.svg
share/icons/application/scalable/actions/dialog-close.svg
share/icons/application/scalable/actions/dialog-ok.svg
share/icons/application/scalable/actions/document-close.svg share/icons/application/scalable/actions/document-close.svg
share/icons/application/scalable/actions/document-edit.svg share/icons/application/scalable/actions/document-edit.svg
share/icons/application/scalable/actions/document-export.svg share/icons/application/scalable/actions/document-export.svg
@@ -166,60 +153,37 @@ Files: share/icons/application/scalable/actions/application-exit.svg
share/icons/application/scalable/actions/document-save.svg share/icons/application/scalable/actions/document-save.svg
share/icons/application/scalable/actions/document-save-as.svg share/icons/application/scalable/actions/document-save-as.svg
share/icons/application/scalable/actions/document-save-copy.svg share/icons/application/scalable/actions/document-save-copy.svg
share/icons/application/scalable/actions/donate.svg
share/icons/application/scalable/actions/edit-clear-locationbar-ltr.svg share/icons/application/scalable/actions/edit-clear-locationbar-ltr.svg
share/icons/application/scalable/actions/edit-clear-locationbar-rtl.svg share/icons/application/scalable/actions/edit-clear-locationbar-rtl.svg
share/icons/application/scalable/actions/entry-clone.svg share/icons/application/scalable/actions/entry-clone.svg
share/icons/application/scalable/actions/entry-delete.svg share/icons/application/scalable/actions/entry-delete.svg
share/icons/application/scalable/actions/entry-restore.svg
share/icons/application/scalable/actions/entry-edit.svg share/icons/application/scalable/actions/entry-edit.svg
share/icons/application/scalable/actions/entry-new.svg share/icons/application/scalable/actions/entry-new.svg
share/icons/application/scalable/actions/favicon-download.svg share/icons/application/scalable/actions/favicon-download.svg
share/icons/application/scalable/actions/fingerprint.svg
share/icons/application/scalable/actions/getting-started.svg
share/icons/application/scalable/actions/group-delete.svg share/icons/application/scalable/actions/group-delete.svg
share/icons/application/scalable/actions/group-edit.svg share/icons/application/scalable/actions/group-edit.svg
share/icons/application/scalable/actions/group-clone.svg
share/icons/application/scalable/actions/group-empty-trash.svg share/icons/application/scalable/actions/group-empty-trash.svg
share/icons/application/scalable/actions/group-new.svg share/icons/application/scalable/actions/group-new.svg
share/icons/application/scalable/actions/hammer-wrench.svg
share/icons/application/scalable/actions/health.svg
share/icons/application/scalable/actions/help-about.svg share/icons/application/scalable/actions/help-about.svg
share/icons/application/scalable/actions/lock-question.svg share/icons/application/scalable/actions/key-enter.svg
share/icons/application/scalable/actions/keyboard-shortcuts.svg
share/icons/application/scalable/actions/message-close.svg share/icons/application/scalable/actions/message-close.svg
share/icons/application/scalable/actions/move-down.svg share/icons/application/scalable/actions/move-down.svg
share/icons/application/scalable/actions/move-up.svg share/icons/application/scalable/actions/move-up.svg
share/icons/application/scalable/actions/object-locked.svg
share/icons/application/scalable/actions/object-unlocked.svg
share/icons/application/scalable/actions/paperclip.svg share/icons/application/scalable/actions/paperclip.svg
share/icons/application/scalable/actions/password-copy.svg share/icons/application/scalable/actions/password-copy.svg
share/icons/application/scalable/actions/password-generate.svg
share/icons/application/scalable/actions/password-generator.svg share/icons/application/scalable/actions/password-generator.svg
share/icons/application/scalable/actions/password-show-off.svg share/icons/application/scalable/actions/password-show-off.svg
share/icons/application/scalable/actions/password-show-on.svg share/icons/application/scalable/actions/password-show-on.svg
share/icons/application/scalable/actions/qrcode.svg
share/icons/application/scalable/actions/refresh.svg share/icons/application/scalable/actions/refresh.svg
share/icons/application/scalable/actions/reports.svg share/icons/application/scalable/actions/reports.svg
share/icons/application/scalable/actions/reports-exclude.svg share/icons/application/scalable/actions/reports-exclude.svg
share/icons/application/scalable/actions/sort-alphabetical-ascending.svg
share/icons/application/scalable/actions/sort-alphabetical-descending.svg
share/icons/application/scalable/actions/statistics.svg share/icons/application/scalable/actions/statistics.svg
share/icons/application/scalable/actions/system-help.svg share/icons/application/scalable/actions/system-help.svg
share/icons/application/scalable/actions/system-search.svg share/icons/application/scalable/actions/system-search.svg
share/icons/application/scalable/actions/system-software-update.svg
share/icons/application/scalable/actions/tag.svg
share/icons/application/scalable/actions/tag-multiple.svg
share/icons/application/scalable/actions/tag-search.svg
share/icons/application/scalable/actions/totp.svg
share/icons/application/scalable/actions/totp-copy.svg
share/icons/application/scalable/actions/totp-copy-password.svg
share/icons/application/scalable/actions/totp-edit.svg
share/icons/application/scalable/actions/trash.svg
share/icons/application/scalable/actions/url-copy.svg share/icons/application/scalable/actions/url-copy.svg
share/icons/application/scalable/actions/user-guide.svg
share/icons/application/scalable/actions/username-copy.svg share/icons/application/scalable/actions/username-copy.svg
share/icons/application/scalable/actions/view-history.svg share/icons/application/scalable/actions/view-history.svg
share/icons/application/scalable/actions/web.svg
share/icons/application/scalable/apps/internet-web-browser.svg share/icons/application/scalable/apps/internet-web-browser.svg
share/icons/application/scalable/apps/keepassxc.svg share/icons/application/scalable/apps/keepassxc.svg
share/icons/application/scalable/apps/keepassxc-dark.svg share/icons/application/scalable/apps/keepassxc-dark.svg
@@ -266,9 +230,3 @@ Files: share/icons/application/scalable/actions/hibp.svg
share/icons/database/C64_Apple.svg share/icons/database/C64_Apple.svg
Copyright: GPL-2+ Copyright: GPL-2+
Comment: from the Simple Icons repo (https://github.com/simple-icons/simple-icons/) Comment: from the Simple Icons repo (https://github.com/simple-icons/simple-icons/)
Files: src/thirdparty/ykcore/yk*
src/thirdparty/ykcore/yubikey.h
Copyright: 2006-2015, Yubico AB
License: BSD-2-Clause
Comment: from the yubikey-personalization repo (https://github.com/Yubico/yubikey-personalization)

195
INSTALL.md
View File

@@ -12,21 +12,21 @@ Build Dependencies
The following tools must exist within your PATH: The following tools must exist within your PATH:
* make * make
* cmake (>= 3.3.0) * cmake (>= 2.8.12)
* g++ (>= 4.7) or clang++ (>= 6.0) * g++ (>= 4.7) or clang++ (>= 3.0)
* asciidoctor (>= 2.0) * asciidoctor (on Linux/MacOS)
The following libraries are required: The following libraries are required:
* Qt 5 (>= 5.9.5): qtbase5, qtbase5-private, libqt5svg5, qttools5, qt5-image-formats-plugins * Qt 5 (>= 5.2): qtbase and qttools5
* botan (>= 2.12) * libgcrypt (>= 1.6)
* libargon2
* zlib * zlib
* minizip * libmicrohttpd
* readline (for completion in cli) * libxi, libxtst, qtx11extras (optional for auto-type on X11)
* qtx11extras, libxi, and libxtst (for auto-type on X11) * libsodium (>= 1.0.12)
* libargon2
* qrencode * qrencode
* libusb-1.0, pcsc-lite (for Yubikey support on Linux) * yubikey ykpers (optional to support YubiKey)
Prepare the Building Environment Prepare the Building Environment
================================ ================================
@@ -39,119 +39,110 @@ Build Steps
=========== ===========
We recommend using the release tool to perform builds, please read up-to-date instructions [on our wiki](https://github.com/keepassxreboot/keepassxc/wiki/Building-KeePassXC#building-using-the-release-tool). We recommend using the release tool to perform builds, please read up-to-date instructions [on our wiki](https://github.com/keepassxreboot/keepassxc/wiki/Building-KeePassXC#building-using-the-release-tool).
To compile from source, open a **Terminal (Linux/MacOS)**, the **MSVC Tools Command Prompt (Windows)**, or **MSYS2-MinGW shell (Windows)**. For code development on Windows, you can use Visual Studio 2022, Visual Studio Code, or CLion. To compile from source, open a **Terminal (on Linux/MacOS)** or a **MSYS2-MinGW shell (on Windows)**<br/>
**Note:** on Windows make sure you are using a **MINGW shell** by checking the label before the current path
1. Download the KeePassXC [source tarball](https://keepassxc.org/download#source) or check out the latest version from our [Git repository](https://github.com/keepassxreboot/keepassxc). First, download the KeePassXC [source tarball](https://keepassxc.org/download#source)
or check out the latest version from our [Git repository](https://github.com/keepassxreboot/keepassxc).
To clone the project from Git, `cd` to a suitable location and run To clone the project from Git, `cd` to a suitable location and run
``` ```bash
git clone https://github.com/keepassxreboot/keepassxc.git git clone https://github.com/keepassxreboot/keepassxc.git
```
This will clone the entire contents of the repository and check out the current `develop` branch.
To update the project from within the project's folder, you can run the following command:
```
git pull
```
For a stable build, it is recommended to check out the `latest` tag.
```
git checkout latest
```
2. Navigate to the directory where you have downloaded KeePassXC and type these commands:
```
mkdir build
cd build
cmake -DWITH_XC_ALL=ON ..
make
```
Note: These steps place the compiled KeePassXC binary inside the `./build/src/` directory.
## MacOS Build Notes
If you installed Qt5 via Homebrew, you should be able to compile KeePassXC without any changes. If CMake fails to find your Qt installation, you can specify it manually by adding the following parameter:
`-DCMAKE_PREFIX_PATH=$(brew --prefix qt5)/lib/cmake`
(or whatever your Qt installation path is)
When building with ASAN support on macOS, you need to use `export ASAN_OPTIONS=detect_leaks=0` before running the tests (LSAN is no supported on macOS).
## Windows Build Notes
For detailed build steps see the [Windows Build Instructions](https://github.com/keepassxreboot/keepassxc/wiki/Building-KeePassXC#windows).
If you are using MSVC, you may have to specify your Vcpkg toolchain by adding the following CMake parameter: `-DCMAKE_TOOLCHAIN_FILE=C:\vcpkg\scripts\buildsystems\vcpkg.cmake`
If you are using MSYS2, you have to add ```-G "MSYS Makefiles"``` at the beginning of the cmake command.
CMake Configuration Options
==========================
## Common Parameters
```
-DCMAKE_INSTALL_PREFIX=$(brew --prefix)
-DCMAKE_VERBOSE_MAKEFILE=ON
-DCMAKE_BUILD_TYPE=<RelWithDebInfo/Debug/Release>
-DWITH_GUI_TESTS=ON
``` ```
## KeePassXC Parameters This will clone the entire contents of the repository and check out the current `develop` branch.
KeePassXC comes with a variety of build options that can turn on/off features. Most notably, we allow you to build the application with all TCP/IP networking code disabled. Please note that we still require and link against Qt5's network library in order to use local named pipes on all operating systems. Each of these build options are supplied at the time of calling cmake: To update the project from within the project's folder, you can run the following command:
```bash
git pull
```
For a stable build, it is recommended to checkout the master branch.
```bash
git checkout master
```
Navigate to the directory where you have downloaded KeePassXC and type these commands:
``` ```
-DWITH_XC_AUTOTYPE=[ON|OFF] Enable/Disable Auto-Type (default: ON) mkdir build
-DWITH_XC_YUBIKEY=[ON|OFF] Enable/Disable YubiKey HMAC-SHA1 authentication support (default: OFF) cd build
-DWITH_XC_BROWSER=[ON|OFF] Enable/Disable KeePassXC-Browser extension support (default: OFF) cmake -DWITH_XC_ALL=ON ..
-DWITH_XC_NETWORKING=[ON|OFF] Enable/Disable Networking support (e.g., favicon downloading) (default: OFF) make
-DWITH_XC_SSHAGENT=[ON|OFF] Enable/Disable SSHAgent support (default: OFF)
-DWITH_XC_FDOSECRETS=[ON|OFF] (Linux Only) Enable/Disable Freedesktop.org Secrets Service support (default:OFF)
-DWITH_XC_KEESHARE=[ON|OFF] Enable/Disable KeeShare group synchronization extension (default: OFF)
-DWITH_XC_ALL=[ON|OFF] Enable/Disable compiling all plugins above (default: OFF)
-DWITH_XC_UPDATECHECK=[ON|OFF] Enable/Disable automatic updating checking (requires WITH_XC_NETWORKING) (default: ON)
-DWITH_TESTS=[ON|OFF] Enable/Disable building of unit tests (default: ON)
-DWITH_GUI_TESTS=[ON|OFF] Enable/Disable building of GUI tests (default: OFF)
-DWITH_DEV_BUILD=[ON|OFF] Enable/Disable deprecated method warnings (default: OFF)
-DWITH_ASAN=[ON|OFF] Enable/Disable address sanitizer checks (Linux / macOS only) (default: OFF)
-DWITH_COVERAGE=[ON|OFF] Enable/Disable coverage tests (GCC only) (default: OFF)
-DWITH_APP_BUNDLE=[ON|OFF] Enable Application Bundle for macOS (default: ON)
-DKEEPASSXC_BUILD_TYPE=[Snapshot|PreRelease|Release] Set the build type to show/hide stability warnings (default: "Snapshot")
-DKEEPASSXC_DIST_TYPE=[Snap|AppImage|Other] Specify the distribution method (default: "Other")
-DOVERRIDE_VERSION=[X.X.X] Specify a version number when building. Used with snapshot builds (default: "")
-DGIT_HEAD_OVERRIDE=[XXXXXXX] Specify the 7 digit git commit ref for this build. Used with distribution builds (default: "")
``` ```
If you are on Windows, you may have to add ```-G "MSYS Makefiles"``` to the beginning of the cmake command. See the [Windows Build Instructions](https://github.com/keepassxreboot/keepassxc/wiki/Building-KeePassXC#windows) for more information.
These steps place the compiled KeePassXC binary inside the `./build/src/` directory.
(Note the cmake notes/options below.)
**Cmake Notes:**
* Common cmake parameters
```
-DCMAKE_INSTALL_PREFIX=/usr/local
-DCMAKE_VERBOSE_MAKEFILE=ON
-DCMAKE_BUILD_TYPE=<RelWithDebInfo/Debug/Release>
-DWITH_GUI_TESTS=ON
```
* cmake accepts the following options:
```
-DWITH_XC_AUTOTYPE=[ON|OFF] Enable/Disable Auto-Type (default: ON)
-DWITH_XC_YUBIKEY=[ON|OFF] Enable/Disable YubiKey HMAC-SHA1 authentication support (default: OFF)
-DWITH_XC_BROWSER=[ON|OFF] Enable/Disable KeePassXC-Browser extension support (default: OFF)
-DWITH_XC_NETWORKING=[ON|OFF] Enable/Disable Networking support (e.g., favicon downloading) (default: OFF)
-DWITH_XC_SSHAGENT=[ON|OFF] Enable/Disable SSHAgent support (default: OFF)
-DWITH_XC_TOUCHID=[ON|OFF] (macOS Only) Enable/Disable Touch ID unlock (default:OFF)
-DWITH_XC_FDOSECRETS=[ON|OFF] (Linux Only) Enable/Disable Freedesktop.org Secrets Service support (default:OFF)
-DWITH_XC_KEESHARE=[ON|OFF] Enable/Disable KeeShare group synchronization extension (default: OFF)
-DWITH_XC_KEESHARE_SECURE=[ON|OFF] Enable/Disable KeeShare signed containers, requires libquazip5 (default: OFF)
-DWITH_XC_ALL=[ON|OFF] Enable/Disable compiling all plugins above (default: OFF)
-DWITH_XC_UPDATECHECK=[ON|OFF] Enable/Disable automatic updating checking (requires WITH_XC_NETWORKING) (default: ON)
-DWITH_TESTS=[ON|OFF] Enable/Disable building of unit tests (default: ON)
-DWITH_GUI_TESTS=[ON|OFF] Enable/Disable building of GUI tests (default: OFF)
-DWITH_DEV_BUILD=[ON|OFF] Enable/Disable deprecated method warnings (default: OFF)
-DWITH_ASAN=[ON|OFF] Enable/Disable address sanitizer checks (Linux / macOS only) (default: OFF)
-DWITH_COVERAGE=[ON|OFF] Enable/Disable coverage tests (GCC only) (default: OFF)
-DWITH_APP_BUNDLE=[ON|OFF] Enable Application Bundle for macOS (default: ON)
-DKEEPASSXC_BUILD_TYPE=[Snapshot|PreRelease|Release] Set the build type to show/hide stability warnings (default: "Snapshot")
-DKEEPASSXC_DIST_TYPE=[Snap|AppImage|Other] Specify the distribution method (default: "Other")
-DOVERRIDE_VERSION=[X.X.X] Specify a version number when building. Used with snapshot builds (default: "")
-DGIT_HEAD_OVERRIDE=[XXXXXXX] Specify the 7 digit git commit ref for this build. Used with distribution builds (default: "")
```
* If you are on MacOS you must add this parameter to **Cmake**, with the Qt version you have installed<br/> `-DCMAKE_PREFIX_PATH=/usr/local/Cellar/qt5/5.6.2/lib/cmake/`
:exclamation: When building with ASan support on macOS, you need to use `export ASAN_OPTIONS=detect_leaks=0` before running the tests (no LSan support in macOS).
Installation Installation
============ ============
After you have successfully built KeePassXC, install the binary by executing the following: After you have successfully built KeePassXC, install the binary by executing the following:
``` ```bash
sudo make install sudo make install
``` ```
You can specify the destination dir with
```
DESTDIR=X
```
Packaging Packaging
========= =========
You can create a package to redistribute KeePassXC (zip, deb, rpm, dmg, etc..). Refer to [keepassxc-packaging](https://github.com/keepassxreboot/keepassxc-packaging) for packaging scripts. You can create a package to redistribute KeePassXC (zip, deb, rpm, dmg, etc..). Refer to [keepassxc-packaging](https://github.com/keepassxreboot/keepassxc-packaging)
To package using CMake, run the following command using whichever [generators](https://cmake.org/cmake/help/latest/manual/cpack-generators.7.html) you would like to package with.
```
cpack -G "ZIP;WIX"
```
Testing Testing
======= =======
@@ -161,7 +152,7 @@ You can perform tests on the built executables with:
make test ARGS+="--output-on-failure" make test ARGS+="--output-on-failure"
``` ```
On Linux, if you are not currently running on an X Server or Wayland, run the tests as follows: If you are not currently running on an X Server or Wayland, run the tests as follows:
``` ```
make test ARGS+="-E test\(cli\|gui\) --output-on-failure" make test ARGS+="-E test\(cli\|gui\) --output-on-failure"
xvfb-run -e errors -a --server-args="-screen 0 1024x768x24" make test ARGS+="-R test\(cli\|gui\) --output-on-failure" xvfb-run -e errors -a --server-args="-screen 0 1024x768x24" make test ARGS+="-R test\(cli\|gui\) --output-on-failure"

14
LICENSE.GPL-2
View File

@@ -1,12 +1,12 @@
GNU GENERAL PUBLIC LICENSE GNU GENERAL PUBLIC LICENSE
Version 2, June 1991 Version 2, June 1991
Copyright (C) 1989, 1991 Free Software Foundation, Inc., Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed. of this license document, but changing it is not allowed.
Preamble Preamble
The licenses for most software are designed to take away your The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public freedom to share and change it. By contrast, the GNU General Public
@@ -56,7 +56,7 @@ patent must be licensed for everyone's free use or not licensed at all.
The precise terms and conditions for copying, distribution and The precise terms and conditions for copying, distribution and
modification follow. modification follow.
GNU GENERAL PUBLIC LICENSE GNU GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License applies to any program or other work which contains 0. This License applies to any program or other work which contains
@@ -255,7 +255,7 @@ make exceptions for this. Our decision will be guided by the two goals
of preserving the free status of all derivatives of our free software and of preserving the free status of all derivatives of our free software and
of promoting the sharing and reuse of software generally. of promoting the sharing and reuse of software generally.
NO WARRANTY NO WARRANTY
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
@@ -277,9 +277,9 @@ YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES. POSSIBILITY OF SUCH DAMAGES.
END OF TERMS AND CONDITIONS END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it possible use to the public, the best way to achieve this is to make it

26
LICENSE.GPL-3
View File

@@ -1,11 +1,12 @@
GNU GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> GNU GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed. of this license document, but changing it is not allowed.
Preamble Preamble
The GNU General Public License is a free, copyleft license for The GNU General Public License is a free, copyleft license for
software and other kinds of works. software and other kinds of works.
@@ -68,7 +69,7 @@ patents cannot be used to render the program non-free.
The precise terms and conditions for copying, distribution and The precise terms and conditions for copying, distribution and
modification follow. modification follow.
TERMS AND CONDITIONS TERMS AND CONDITIONS
0. Definitions. 0. Definitions.
@@ -76,7 +77,7 @@ modification follow.
"Copyright" also means copyright-like laws that apply to other kinds of "Copyright" also means copyright-like laws that apply to other kinds of
works, such as semiconductor masks. works, such as semiconductor masks.
"The Program" refers to any copyrightable work licensed under this "The Program" refers to any copyrightable work licensed under this
License. Each licensee is addressed as "you". "Licensees" and License. Each licensee is addressed as "you". "Licensees" and
"recipients" may be individuals or organizations. "recipients" may be individuals or organizations.
@@ -509,7 +510,7 @@ actual knowledge that, but for the patent license, your conveying the
covered work in a country, or your recipient's use of the covered work covered work in a country, or your recipient's use of the covered work
in a country, would infringe one or more identifiable patents in that in a country, would infringe one or more identifiable patents in that
country that you have reason to believe are valid. country that you have reason to believe are valid.
If, pursuant to or in connection with a single transaction or If, pursuant to or in connection with a single transaction or
arrangement, you convey, or propagate by procuring conveyance of, a arrangement, you convey, or propagate by procuring conveyance of, a
covered work, and grant a patent license to some of the parties covered work, and grant a patent license to some of the parties
@@ -618,9 +619,9 @@ an absolute waiver of all civil liability in connection with the
Program, unless a warranty or assumption of liability accompanies a Program, unless a warranty or assumption of liability accompanies a
copy of the Program in return for a fee. copy of the Program in return for a fee.
END OF TERMS AND CONDITIONS END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it possible use to the public, the best way to achieve this is to make it
@@ -645,7 +646,7 @@ the "copyright" line and a pointer to where the full notice is found.
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>. along with this program. If not, see <http://www.gnu.org/licenses/>.
Also add information on how to contact you by electronic and paper mail. Also add information on how to contact you by electronic and paper mail.
@@ -664,11 +665,12 @@ might be different; for a GUI interface, you would use an "about box".
You should also get your employer (if you work as a programmer) or school, You should also get your employer (if you work as a programmer) or school,
if any, to sign a "copyright disclaimer" for the program, if necessary. if any, to sign a "copyright disclaimer" for the program, if necessary.
For more information on this, and how to apply and follow the GNU GPL, see For more information on this, and how to apply and follow the GNU GPL, see
<https://www.gnu.org/licenses/>. <http://www.gnu.org/licenses/>.
The GNU General Public License does not permit incorporating your program The GNU General Public License does not permit incorporating your program
into proprietary programs. If your program is a subroutine library, you into proprietary programs. If your program is a subroutine library, you
may consider it more useful to permit linking proprietary applications with may consider it more useful to permit linking proprietary applications with
the library. If this is what you want to do, use the GNU Lesser General the library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License. But first, please read Public License instead of this License. But first, please read
<https://www.gnu.org/licenses/why-not-lgpl.html>. <http://www.gnu.org/philosophy/why-not-lgpl.html>.

18
LICENSE.LGPL-2.1
View File

@@ -55,7 +55,7 @@ modified by someone else and passed on, the recipients should know
that what they have is not the original version, so that the original that what they have is not the original version, so that the original
author's reputation will not be affected by problems that might be author's reputation will not be affected by problems that might be
introduced by others. introduced by others.
Finally, software patents pose a constant threat to the existence of Finally, software patents pose a constant threat to the existence of
any free program. We wish to make sure that a company cannot any free program. We wish to make sure that a company cannot
effectively restrict the users of a free program by obtaining a effectively restrict the users of a free program by obtaining a
@@ -111,7 +111,7 @@ modification follow. Pay close attention to the difference between a
"work based on the library" and a "work that uses the library". The "work based on the library" and a "work that uses the library". The
former contains code derived from the library, whereas the latter must former contains code derived from the library, whereas the latter must
be combined with the library in order to run. be combined with the library in order to run.
GNU LESSER GENERAL PUBLIC LICENSE GNU LESSER GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
@@ -158,7 +158,7 @@ Library.
You may charge a fee for the physical act of transferring a copy, You may charge a fee for the physical act of transferring a copy,
and you may at your option offer warranty protection in exchange for a and you may at your option offer warranty protection in exchange for a
fee. fee.
2. You may modify your copy or copies of the Library or any portion 2. You may modify your copy or copies of the Library or any portion
of it, thus forming a work based on the Library, and copy and of it, thus forming a work based on the Library, and copy and
distribute such modifications or work under the terms of Section 1 distribute such modifications or work under the terms of Section 1
@@ -216,7 +216,7 @@ instead of to this License. (If a newer version than version 2 of the
ordinary GNU General Public License has appeared, then you can specify ordinary GNU General Public License has appeared, then you can specify
that version instead if you wish.) Do not make any other change in that version instead if you wish.) Do not make any other change in
these notices. these notices.
Once this change is made in a given copy, it is irreversible for Once this change is made in a given copy, it is irreversible for
that copy, so the ordinary GNU General Public License applies to all that copy, so the ordinary GNU General Public License applies to all
subsequent copies and derivative works made from that copy. subsequent copies and derivative works made from that copy.
@@ -267,7 +267,7 @@ Library will still fall under Section 6.)
distribute the object code for the work under the terms of Section 6. distribute the object code for the work under the terms of Section 6.
Any executables containing that work also fall under Section 6, Any executables containing that work also fall under Section 6,
whether or not they are linked directly with the Library itself. whether or not they are linked directly with the Library itself.
6. As an exception to the Sections above, you may also combine or 6. As an exception to the Sections above, you may also combine or
link a "work that uses the Library" with the Library to produce a link a "work that uses the Library" with the Library to produce a
work containing portions of the Library, and distribute that work work containing portions of the Library, and distribute that work
@@ -329,7 +329,7 @@ restrictions of other proprietary libraries that do not normally
accompany the operating system. Such a contradiction means you cannot accompany the operating system. Such a contradiction means you cannot
use both them and the Library together in an executable that you use both them and the Library together in an executable that you
distribute. distribute.
7. You may place library facilities that are a work based on the 7. You may place library facilities that are a work based on the
Library side-by-side in a single library together with other library Library side-by-side in a single library together with other library
facilities not covered by this License, and distribute such a combined facilities not covered by this License, and distribute such a combined
@@ -370,7 +370,7 @@ subject to these terms and conditions. You may not impose any further
restrictions on the recipients' exercise of the rights granted herein. restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties with You are not responsible for enforcing compliance by third parties with
this License. this License.
11. If, as a consequence of a court judgment or allegation of patent 11. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues), infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or conditions are imposed on you (whether by court order, agreement or
@@ -422,7 +422,7 @@ conditions either of that version or of any later version published by
the Free Software Foundation. If the Library does not specify a the Free Software Foundation. If the Library does not specify a
license version number, you may choose any version ever published by license version number, you may choose any version ever published by
the Free Software Foundation. the Free Software Foundation.
14. If you wish to incorporate parts of the Library into other free 14. If you wish to incorporate parts of the Library into other free
programs whose distribution conditions are incompatible with these, programs whose distribution conditions are incompatible with these,
write to the author to ask for permission. For software which is write to the author to ask for permission. For software which is
@@ -456,7 +456,7 @@ SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
DAMAGES. DAMAGES.
END OF TERMS AND CONDITIONS END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Libraries How to Apply These Terms to Your New Libraries
If you develop a new library, and you want it to be of the greatest If you develop a new library, and you want it to be of the greatest

2
LICENSE.LGPL-3
View File

@@ -1,7 +1,7 @@
GNU LESSER GENERAL PUBLIC LICENSE GNU LESSER GENERAL PUBLIC LICENSE
Version 3, 29 June 2007 Version 3, 29 June 2007
Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed. of this license document, but changing it is not allowed.

13
README.md
View File

@@ -3,10 +3,7 @@
[![codecov](https://codecov.io/gh/keepassxreboot/keepassxc/branch/develop/graph/badge.svg)](https://codecov.io/gh/keepassxreboot/keepassxc) [![codecov](https://codecov.io/gh/keepassxreboot/keepassxc/branch/develop/graph/badge.svg)](https://codecov.io/gh/keepassxreboot/keepassxc)
[![GitHub release](https://img.shields.io/github/release/keepassxreboot/keepassxc)](https://github.com/keepassxreboot/keepassxc/releases/) [![GitHub release](https://img.shields.io/github/release/keepassxreboot/keepassxc)](https://github.com/keepassxreboot/keepassxc/releases/)
[![Matrix community channel](https://img.shields.io/matrix/keepassxc:matrix.org?label=Community%20channel)](https://app.element.io/#/room/#keepassxc:mozilla.org) [KeePassXC](https://keepassxc.org) is a modern, secure, and open-source password manager that stores and manages your most sensitive information. You can run KeePassXC on Windows, macOS, and Linux systems. KeePassXC is for people with extremely high demands of secure personal data management. It saves many different types of information, such as usernames, passwords, URLs, attachments, and notes in an offline, encrypted file that can be stored in any location, including private and public cloud solutions. For easy identification and management, user-defined titles and icons can be specified for entries. In addition, entries are sorted in customizable groups. An integrated search function allows you to use advanced patterns to easily find any entry in your database. A customizable, fast, and easy-to-use password generator utility allows you to create passwords with any combination of characters or easy to remember passphrases.
[![Matrix development channel](https://img.shields.io/matrix/keepassxc-dev:matrix.org?label=Development%20channel)](https://app.element.io/#/room/#keepassxc-dev:mozilla.org)
[KeePassXC](https://keepassxc.org) is a modern, secure, and open-source password manager that stores and manages your most sensitive information. You can run KeePassXC on Windows, macOS, and Linux systems. KeePassXC is for people with extremely high demands of secure personal data management. It saves many different types of information, such as usernames, passwords, URLs, attachments, and notes in an offline, encrypted file that can be stored in any location, including private and public cloud solutions. For easy identification and management, user-defined titles and icons can be specified for entries. In addition, entries are sorted into customizable groups. An integrated search function allows you to use advanced patterns to easily find any entry in your database. A customizable, fast, and easy-to-use password generator utility allows you to create passwords with any combination of characters or easy to remember passphrases.
## Quick Start ## Quick Start
The [QuickStart Guide](https://keepassxc.org/docs/KeePassXC_GettingStarted.html) gets you started using KeePassXC on your Windows, macOS, or Linux computer using pre-compiled binaries from the [downloads page](https://keepassxc.org/download). Additionally, individual Linux distributions may ship their own versions, so please check your distribution's package list to see if KeePassXC is available. Detailed documentation is available in the [User Guide](https://keepassxc.org/docs/KeePassXC_UserGuide.html). The [QuickStart Guide](https://keepassxc.org/docs/KeePassXC_GettingStarted.html) gets you started using KeePassXC on your Windows, macOS, or Linux computer using pre-compiled binaries from the [downloads page](https://keepassxc.org/download). Additionally, individual Linux distributions may ship their own versions, so please check your distribution's package list to see if KeePassXC is available. Detailed documentation is available in the [User Guide](https://keepassxc.org/docs/KeePassXC_UserGuide.html).
@@ -15,7 +12,7 @@ The [QuickStart Guide](https://keepassxc.org/docs/KeePassXC_GettingStarted.html)
KeePassXC has numerous features for novice and power users alike. Our goal is to create an application that can be used by anyone while still offering advanced features to those that need them. KeePassXC has numerous features for novice and power users alike. Our goal is to create an application that can be used by anyone while still offering advanced features to those that need them.
### Basic ### Basic
* Create, open, and save databases in the KDBX format (KeePass-compatible with KDBX4 and KDBX3) * Create, open, and save databases in the KDBX format (KeePass compatible to KDBX4 and KDBX3)
* Store sensitive information in entries that are organized by groups * Store sensitive information in entries that are organized by groups
* Search for entries * Search for entries
* Password generator * Password generator
@@ -35,7 +32,7 @@ KeePassXC has numerous features for novice and power users alike. Our goal is to
* Command line interface (keepassxc-cli) * Command line interface (keepassxc-cli)
* Auto-Open databases * Auto-Open databases
* KeeShare shared databases (import, export, and synchronize) * KeeShare shared databases (import, export, and synchronize)
* SSH Agent integration * SSH Agent
* FreeDesktop.org Secret Service (replace Gnome keyring, etc.) * FreeDesktop.org Secret Service (replace Gnome keyring, etc.)
* Additional encryption choices: Twofish and ChaCha20 * Additional encryption choices: Twofish and ChaCha20
@@ -48,12 +45,10 @@ Detailed instructions are available in the [Build and Install](./INSTALL.md) pag
## Contributing ## Contributing
We are always looking for suggestions on how to improve KeePassXC. If you find any bugs or have an idea for a new feature, please let us know by opening a report in the [issue tracker](https://github.com/keepassxreboot/keepassxc/issues) on GitHub, or join us on [Matrix community channel](https://matrix.to/#/!zUxwGnFkUyycpxeHeM:matrix.org?via=matrix.org) or [Matrix development channel](https://matrix.to/#/!RhJPJPGwQIFVQeXqZa:matrix.org?via=matrix.org), or on IRC in [Libera.Chat](https://web.libera.chat/) channels #keepassxc and #keepassxc-dev. We are always looking for suggestions on how to improve KeePassXC. If you find any bugs or have an idea for a new feature, please let us know by opening a report in the [issue tracker](https://github.com/keepassxreboot/keepassxc/issues) on GitHub or join us on IRC in [freenode](https://webchat.freenode.net/) channels #keepassxc and #keepassxc-dev.
You may directly contribute your own code by submitting a pull request. Please read the [CONTRIBUTING](.github/CONTRIBUTING.md) document for further information. You may directly contribute your own code by submitting a pull request. Please read the [CONTRIBUTING](.github/CONTRIBUTING.md) document for further information.
Contributors are required to adhere to the project's [Code of Conduct](CODE-OF-CONDUCT.md).
## License ## License
KeePassXC code is licensed under GPL-2 or GPL-3. Additional licensing for third-party files is detailed in [COPYING](./COPYING). KeePassXC code is licensed under GPL-2 or GPL-3. Additional licensing for third-party files is detailed in [COPYING](./COPYING).

72
cmake/CLangFormat.cmake
View File

@@ -15,46 +15,50 @@
set(EXCLUDED_DIRS set(EXCLUDED_DIRS
# third-party directories # third-party directories
src/thirdparty src/zxcvbn/
src/zxcvbn
# objective-c directories # objective-c directories
src/touchid src/touchid/
src/autotype/mac src/autotype/mac/
src/gui/osutils/macutils) src/gui/osutils/macutils/)
set(EXCLUDED_FILES set(EXCLUDED_FILES
# third-party files # third-party files
src/streams/qtiocompressor.\\* streams/qtiocompressor.cpp
src/gui/KMessageWidget.\\* streams/qtiocompressor.h
src/gui/MainWindowAdaptor.\\* gui/KMessageWidget.h
src/gui/tag/TagsEdit.\\* gui/KMessageWidget.cpp
tests/modeltest.\\* gui/MainWindowAdaptor.h
gui/MainWindowAdaptor.cpp
crypto/ssh/bcrypt_pbkdf.cpp
crypto/ssh/blf.h
crypto/ssh/blowfish.c
tests/modeltest.cpp
tests/modeltest.h
# objective-c files # objective-c files
src/core/ScreenLockListenerMac.\\*) core/ScreenLockListenerMac.h
core/ScreenLockListenerMac.cpp)
set(FIND_EXCLUDE_DIR_EXPR "") file(GLOB_RECURSE ALL_SOURCE_FILES RELATIVE ${CMAKE_SOURCE_DIR} src/*.cpp src/*.h tests/*.cpp tests/*.h)
foreach(EXCLUDE ${EXCLUDED_DIRS}) foreach(SOURCE_FILE ${ALL_SOURCE_FILES})
list(APPEND FIND_EXCLUDE_DIR_EXPR -o -path "${EXCLUDE}" -prune) foreach(EXCLUDED_DIR ${EXCLUDED_DIRS})
string(FIND ${SOURCE_FILE} ${EXCLUDED_DIR} SOURCE_FILE_EXCLUDED)
if(NOT ${SOURCE_FILE_EXCLUDED} EQUAL -1)
list(REMOVE_ITEM ALL_SOURCE_FILES ${SOURCE_FILE})
endif()
endforeach()
foreach(EXCLUDED_FILE ${EXCLUDED_FILES})
if(${SOURCE_FILE} MATCHES ".*${EXCLUDED_FILE}$")
list(REMOVE_ITEM ALL_SOURCE_FILES ${SOURCE_FILE})
endif()
endforeach()
endforeach() endforeach()
set(FIND_EXCLUDE_FILE_EXPR "")
foreach(EXCLUDE ${EXCLUDED_FILES})
if(FIND_EXCLUDE_FILE_EXPR)
list(APPEND FIND_EXCLUDE_FILE_EXPR -o)
endif()
list(APPEND FIND_EXCLUDE_FILE_EXPR -path "${EXCLUDE}")
endforeach()
if(FIND_EXCLUDE_FILE_EXPR)
set(FIND_EXCLUDE_FILE_EXPR -a -not "\\(" ${FIND_EXCLUDE_FILE_EXPR} "\\)")
endif()
add_custom_target(format) add_custom_target(format)
foreach(SOURCE_FILE ${ALL_SOURCE_FILES})
add_custom_command( add_custom_command(
TARGET format TARGET format
PRE_BUILD PRE_BUILD
COMMAND find src tests "\\(" -name "\\*.h" -o -name "\\*.cpp" ${FIND_EXCLUDE_DIR_EXPR} "\\)" COMMAND echo Formatting ${SOURCE_FILE}
${FIND_EXCLUDE_FILE_EXPR} -type f -print0 | xargs -0 -P0 -n10 clang-format -style=file -i COMMAND clang-format -style=file -i \"${SOURCE_FILE}\"
WORKING_DIRECTORY ${CMAKE_SOURCE_DIR})
COMMENT "Formatting source files..." endforeach()
WORKING_DIRECTORY ${CMAKE_SOURCE_DIR})

318
cmake/CodeCoverage.cmake
View File

@@ -1,5 +1,4 @@
# Copyright (c) 2012 - 2017, Lars Bilke # Copyright (c) 2012 - 2017, Lars Bilke
# Copyright (c) 2021 KeePassXC Team
# All rights reserved. # All rights reserved.
# #
# Redistribution and use in source and binary forms, with or without modification, # Redistribution and use in source and binary forms, with or without modification,
@@ -26,218 +25,279 @@
# ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT # ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#
# CHANGES:
#
# 2012-01-31, Lars Bilke
# - Enable Code Coverage
#
# 2013-09-17, Joakim Söderberg
# - Added support for Clang.
# - Some additional usage instructions.
#
# 2016-02-03, Lars Bilke
# - Refactored functions to use named parameters
#
# 2017-06-02, Lars Bilke
# - Merged with modified version from github.com/ufz/ogs
#
#
# USAGE:
#
# 1. Copy this file into your cmake modules path.
#
# 2. Add the following line to your CMakeLists.txt:
# include(CodeCoverage)
#
# 3. Append necessary compiler flags:
# APPEND_COVERAGE_COMPILER_FLAGS()
#
# 4. If you need to exclude additional directories from the report, specify them
# using the COVERAGE_LCOV_EXCLUDES variable before calling SETUP_TARGET_FOR_COVERAGE_LCOV.
# Example:
# set(COVERAGE_LCOV_EXCLUDES 'dir1/*' 'dir2/*')
#
# 5. Use the functions described below to create a custom make target which
# runs your test executable and produces a code coverage report.
#
# 6. Build a Debug build:
# cmake -DCMAKE_BUILD_TYPE=Debug ..
# make
# make my_coverage_target
#
include(CMakeParseArguments) include(CMakeParseArguments)
# Check prereqs # Check prereqs
find_program(GCOV_PATH gcov) find_program( GCOV_PATH gcov )
find_program(LLVM_COV_PATH llvm-cov) find_program( LCOV_PATH NAMES lcov lcov.bat lcov.exe lcov.perl)
find_program(LLVM_PROFDATA_PATH llvm-profdata) find_program( GENHTML_PATH NAMES genhtml genhtml.perl genhtml.bat )
find_program(XCRUN_PATH xcrun) find_program( GCOVR_PATH gcovr PATHS ${CMAKE_SOURCE_DIR}/scripts/test)
find_program(GENHTML_PATH NAMES genhtml genhtml.perl genhtml.bat) find_program( SIMPLE_PYTHON_EXECUTABLE python )
find_program(GCOVR_PATH gcovr PATHS ${CMAKE_SOURCE_DIR}/scripts/test)
set(COVERAGE_COMPILER_FLAGS "-g -O0" CACHE INTERNAL "") if(NOT GCOV_PATH)
if(CMAKE_COMPILER_IS_GNUCXX) message(FATAL_ERROR "gcov not found! Aborting...")
set(COVERAGE_COMPILER_FLAGS "${COVERAGE_COMPILER_FLAGS} --coverage -fprofile-arcs -ftest-coverage") endif() # NOT GCOV_PATH
elseif(CMAKE_COMPILER_IS_CLANGXX)
set(COVERAGE_COMPILER_FLAGS "${COVERAGE_COMPILER_FLAGS} -fprofile-instr-generate -fcoverage-mapping") if("${CMAKE_CXX_COMPILER_ID}" MATCHES "(Apple)?[Cc]lang")
if("${CMAKE_CXX_COMPILER_VERSION}" VERSION_LESS 3)
message(FATAL_ERROR "Clang version must be 3.0.0 or greater! Aborting...")
endif()
elseif(NOT CMAKE_COMPILER_IS_GNUCXX)
message(FATAL_ERROR "Compiler is not GNU gcc! Aborting...")
endif() endif()
set(CMAKE_COVERAGE_FORMAT set(COVERAGE_COMPILER_FLAGS "-g -O0 --coverage -fprofile-arcs -ftest-coverage"
"html" "xml" CACHE INTERNAL "")
CACHE STRING "Coverage report output format.")
set_property(CACHE CMAKE_COVERAGE_FORMAT PROPERTY STRINGS "html" "txt")
set(CMAKE_CXX_FLAGS_COVERAGE set(CMAKE_CXX_FLAGS_COVERAGE
${COVERAGE_COMPILER_FLAGS} ${COVERAGE_COMPILER_FLAGS}
CACHE STRING "Flags used by the C++ compiler during coverage builds.") CACHE STRING "Flags used by the C++ compiler during coverage builds."
FORCE )
set(CMAKE_C_FLAGS_COVERAGE set(CMAKE_C_FLAGS_COVERAGE
${COVERAGE_COMPILER_FLAGS} ${COVERAGE_COMPILER_FLAGS}
CACHE STRING "Flags used by the C compiler during coverage builds.") CACHE STRING "Flags used by the C compiler during coverage builds."
FORCE )
set(CMAKE_EXE_LINKER_FLAGS_COVERAGE set(CMAKE_EXE_LINKER_FLAGS_COVERAGE
"" ""
CACHE STRING "Flags used for linking binaries during coverage builds.") CACHE STRING "Flags used for linking binaries during coverage builds."
FORCE )
set(CMAKE_SHARED_LINKER_FLAGS_COVERAGE set(CMAKE_SHARED_LINKER_FLAGS_COVERAGE
"" ""
CACHE STRING "Flags used by the shared libraries linker during coverage builds.") CACHE STRING "Flags used by the shared libraries linker during coverage builds."
FORCE )
mark_as_advanced( mark_as_advanced(
CMAKE_COVERAGE_FORMAT
CMAKE_CXX_FLAGS_COVERAGE CMAKE_CXX_FLAGS_COVERAGE
CMAKE_C_FLAGS_COVERAGE CMAKE_C_FLAGS_COVERAGE
CMAKE_EXE_LINKER_FLAGS_COVERAGE CMAKE_EXE_LINKER_FLAGS_COVERAGE
CMAKE_SHARED_LINKER_FLAGS_COVERAGE) CMAKE_SHARED_LINKER_FLAGS_COVERAGE )
if(NOT CMAKE_BUILD_TYPE_LOWER STREQUAL "debug") if(NOT CMAKE_BUILD_TYPE_LOWER STREQUAL "debug")
message(WARNING "Code coverage results with an optimised (non-Debug) build may be misleading") message(WARNING "Code coverage results with an optimised (non-Debug) build may be misleading")
endif() # NOT CMAKE_BUILD_TYPE STREQUAL "Debug" endif() # NOT CMAKE_BUILD_TYPE STREQUAL "Debug"
if(CMAKE_COMPILER_IS_GNUCXX) if(CMAKE_C_COMPILER_ID STREQUAL "GNU")
if(NOT GCOV_PATH)
message(FATAL_ERROR "gcov not found! Aborting...")
endif() # NOT GCOV_PATH
link_libraries(gcov) link_libraries(gcov)
else()
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} --coverage")
endif() endif()
# Defines a target for running and collection code coverage information # Defines a target for running and collection code coverage information
# Builds dependencies, runs the given executable and outputs reports. # Builds dependencies, runs the given executable and outputs reports.
# NOTE! The executable should always have a ZERO as exit code otherwise # NOTE! The executable should always have a ZERO as exit code otherwise
# the coverage generation will not complete. # the coverage generation will not complete.
# #
# SETUP_TARGET_FOR_COVERAGE_GCOVR( # SETUP_TARGET_FOR_COVERAGE_LCOV(
# NAME testrunner_coverage # New target name
# EXECUTABLE testrunner -j ${PROCESSOR_COUNT} # Executable in PROJECT_BINARY_DIR
# DEPENDENCIES testrunner # Dependencies to build first
# )
function(SETUP_TARGET_FOR_COVERAGE_LCOV)
set(options NONE)
set(oneValueArgs NAME)
set(multiValueArgs EXECUTABLE EXECUTABLE_ARGS DEPENDENCIES)
cmake_parse_arguments(Coverage "${options}" "${oneValueArgs}" "${multiValueArgs}" ${ARGN})
if(NOT LCOV_PATH)
message(FATAL_ERROR "lcov not found! Aborting...")
endif() # NOT LCOV_PATH
if(NOT GENHTML_PATH)
message(FATAL_ERROR "genhtml not found! Aborting...")
endif() # NOT GENHTML_PATH
# Setup target
add_custom_target(${Coverage_NAME}
# Cleanup lcov
COMMAND ${LCOV_PATH} --gcov-tool ${GCOV_PATH} -directory . --zerocounters
# Create baseline to make sure untouched files show up in the report
COMMAND ${LCOV_PATH} --gcov-tool ${GCOV_PATH} -c -i -d . -o ${Coverage_NAME}.base
# Run tests
COMMAND ${Coverage_EXECUTABLE}
# Capturing lcov counters and generating report
COMMAND ${LCOV_PATH} --gcov-tool ${GCOV_PATH} --directory . --capture --output-file ${Coverage_NAME}.info
# add baseline counters
COMMAND ${LCOV_PATH} --gcov-tool ${GCOV_PATH} -a ${Coverage_NAME}.base -a ${Coverage_NAME}.info --output-file ${Coverage_NAME}.total
COMMAND ${LCOV_PATH} --gcov-tool ${GCOV_PATH} --remove ${Coverage_NAME}.total ${COVERAGE_LCOV_EXCLUDES} --output-file ${PROJECT_BINARY_DIR}/${Coverage_NAME}.info.cleaned
COMMAND ${GENHTML_PATH} -o ${Coverage_NAME} ${PROJECT_BINARY_DIR}/${Coverage_NAME}.info.cleaned
COMMAND ${CMAKE_COMMAND} -E remove ${Coverage_NAME}.base ${Coverage_NAME}.total ${PROJECT_BINARY_DIR}/${Coverage_NAME}.info.cleaned
WORKING_DIRECTORY ${PROJECT_BINARY_DIR}
DEPENDS ${Coverage_DEPENDENCIES}
COMMENT "Resetting code coverage counters to zero.\nProcessing code coverage counters and generating report."
)
# Show where to find the lcov info report
add_custom_command(TARGET ${Coverage_NAME} POST_BUILD
COMMAND ;
COMMENT "Lcov code coverage info report saved in ${Coverage_NAME}.info."
)
# Show info where to find the report
add_custom_command(TARGET ${Coverage_NAME} POST_BUILD
COMMAND ;
COMMENT "Open ./${Coverage_NAME}/index.html in your browser to view the coverage report."
)
endfunction() # SETUP_TARGET_FOR_COVERAGE_LCOV
# Defines a target for running and collection code coverage information
# Builds dependencies, runs the given executable and outputs reports.
# NOTE! The executable should always have a ZERO as exit code otherwise
# the coverage generation will not complete.
#
# SETUP_TARGET_FOR_COVERAGE_GCOVR_XML(
# NAME ctest_coverage # New target name # NAME ctest_coverage # New target name
# EXECUTABLE ctest -j ${PROCESSOR_COUNT} # Executable in PROJECT_BINARY_DIR # EXECUTABLE ctest -j ${PROCESSOR_COUNT} # Executable in PROJECT_BINARY_DIR
# DEPENDENCIES executable_target # Dependencies to build first # DEPENDENCIES executable_target # Dependencies to build first
# ) # )
function(SETUP_TARGET_FOR_COVERAGE_GCOVR) function(SETUP_TARGET_FOR_COVERAGE_GCOVR_XML)
set(options NONE) set(options NONE)
set(oneValueArgs NAME SOURCES_ROOT) set(oneValueArgs NAME)
set(multiValueArgs EXECUTABLE EXECUTABLE_ARGS DEPENDENCIES) set(multiValueArgs EXECUTABLE EXECUTABLE_ARGS DEPENDENCIES)
cmake_parse_arguments(Coverage "${options}" "${oneValueArgs}" "${multiValueArgs}" ${ARGN}) cmake_parse_arguments(Coverage "${options}" "${oneValueArgs}" "${multiValueArgs}" ${ARGN})
if(NOT SIMPLE_PYTHON_EXECUTABLE)
message(FATAL_ERROR "python not found! Aborting...")
endif() # NOT SIMPLE_PYTHON_EXECUTABLE
if(NOT GCOVR_PATH) if(NOT GCOVR_PATH)
message(FATAL_ERROR "gcovr not found! Aborting...") message(FATAL_ERROR "gcovr not found! Aborting...")
endif() # NOT GCOVR_PATH endif() # NOT GCOVR_PATH
# Combine excludes to several -e arguments # Combine excludes to several -e arguments
set(GCOVR_EXCLUDES "") set(GCOVR_EXCLUDES "")
foreach(EXCLUDE ${COVERAGE_EXCLUDES}) foreach(EXCLUDE ${COVERAGE_GCOVR_EXCLUDES})
list(APPEND GCOVR_EXCLUDES "-e") list(APPEND GCOVR_EXCLUDES "-e")
list(APPEND GCOVR_EXCLUDES "${EXCLUDE}") list(APPEND GCOVR_EXCLUDES "${EXCLUDE}")
endforeach() endforeach()
add_custom_target(${Coverage_NAME} add_custom_target(${Coverage_NAME}
# Run tests # Run tests
COMMAND ctest -C $<CONFIG> $ENV{ARGS} $$ARGS ${Coverage_EXECUTABLE}
# Running gcovr
COMMAND ${GCOVR_PATH} --xml
-r ${PROJECT_SOURCE_DIR} ${GCOVR_EXCLUDES}
--object-directory=${PROJECT_BINARY_DIR}
-o ${Coverage_NAME}.xml
WORKING_DIRECTORY ${PROJECT_BINARY_DIR} WORKING_DIRECTORY ${PROJECT_BINARY_DIR}
DEPENDS ${Coverage_DEPENDENCIES} DEPENDS ${Coverage_DEPENDENCIES}
COMMENT "Running gcovr to produce Cobertura code coverage report."
) )
if("html" IN_LIST CMAKE_COVERAGE_FORMAT) # Show info where to find the report
add_custom_command(TARGET ${Coverage_NAME} POST_BUILD add_custom_command(TARGET ${Coverage_NAME} POST_BUILD
# Create folder COMMAND ;
COMMAND ${CMAKE_COMMAND} -E make_directory ${PROJECT_BINARY_DIR}/${Coverage_NAME}-html COMMENT "Cobertura code coverage report saved in ${Coverage_NAME}.xml."
)
# Running gcovr HTML endfunction() # SETUP_TARGET_FOR_COVERAGE_GCOVR_XML
COMMAND ${GCOVR_PATH} --html --html-details
-r ${Coverage_SOURCES_ROOT} ${GCOVR_EXCLUDES}
--object-directory=${PROJECT_BINARY_DIR}
--exclude-unreachable-branches --exclude-throw-branches
-o ${Coverage_NAME}-html/index.html
WORKING_DIRECTORY ${PROJECT_BINARY_DIR}
COMMENT "Running gcovr to produce HTML code coverage report ${Coverage_NAME}-html."
)
endif()
if("xml" IN_LIST CMAKE_COVERAGE_FORMAT)
add_custom_command(TARGET ${Coverage_NAME} POST_BUILD
# Running gcovr TXT
COMMAND ${GCOVR_PATH} --xml
-r ${Coverage_SOURCES_ROOT} ${GCOVR_EXCLUDES}
--object-directory=${PROJECT_BINARY_DIR}
--exclude-unreachable-branches --exclude-throw-branches
-o ${Coverage_NAME}.xml
WORKING_DIRECTORY ${PROJECT_BINARY_DIR}
COMMENT "Running gcovr to produce XML code coverage report ${Coverage_NAME}.xml."
)
endif()
if("txt" IN_LIST CMAKE_COVERAGE_FORMAT)
add_custom_command(TARGET ${Coverage_NAME} POST_BUILD
# Running gcovr TXT
COMMAND ${GCOVR_PATH}
-r ${Coverage_SOURCES_ROOT} ${GCOVR_EXCLUDES}
--object-directory=${PROJECT_BINARY_DIR}
--exclude-unreachable-branches --exclude-throw-branches
-o ${Coverage_NAME}.txt
WORKING_DIRECTORY ${PROJECT_BINARY_DIR}
COMMENT "Running gcovr to produce TXT code coverage report ${Coverage_NAME}.txt."
)
endif()
endfunction() # SETUP_TARGET_FOR_COVERAGE_GCOVR
# Defines a target for running and collection code coverage information # Defines a target for running and collection code coverage information
# Builds dependencies, runs the given executable and outputs reports. # Builds dependencies, runs the given executable and outputs reports.
# NOTE! The executable should always have a ZERO as exit code otherwise # NOTE! The executable should always have a ZERO as exit code otherwise
# the coverage generation will not complete. # the coverage generation will not complete.
# #
# SETUP_TARGET_FOR_COVERAGE_LLVM( # SETUP_TARGET_FOR_COVERAGE_GCOVR_HTML(
# NAME ctest_coverage # New target name # NAME ctest_coverage # New target name
# EXECUTABLE ctest -j ${PROCESSOR_COUNT} # Executable in PROJECT_BINARY_DIR # EXECUTABLE ctest -j ${PROCESSOR_COUNT} # Executable in PROJECT_BINARY_DIR
# DEPENDENCIES executable_target # Dependencies to build first # DEPENDENCIES executable_target # Dependencies to build first
# ) # )
function(SETUP_TARGET_FOR_COVERAGE_LLVM) function(SETUP_TARGET_FOR_COVERAGE_GCOVR_HTML)
set(options NONE) set(options NONE)
set(oneValueArgs NAME SOURCES_ROOT PROF_FILE) set(oneValueArgs NAME)
set(multiValueArgs EXECUTABLE BINARY EXECUTABLE_ARGS DEPENDENCIES) set(multiValueArgs EXECUTABLE EXECUTABLE_ARGS DEPENDENCIES)
cmake_parse_arguments(Coverage "${options}" "${oneValueArgs}" "${multiValueArgs}" ${ARGN}) cmake_parse_arguments(Coverage "${options}" "${oneValueArgs}" "${multiValueArgs}" ${ARGN})
if(XCRUN_PATH) if(NOT SIMPLE_PYTHON_EXECUTABLE)
set(LLVM_COV_PATH ${XCRUN_PATH} llvm-cov) message(FATAL_ERROR "python not found! Aborting...")
set(LLVM_PROFDATA_PATH ${XCRUN_PATH} llvm-profdata) endif() # NOT SIMPLE_PYTHON_EXECUTABLE
else()
if(NOT LLVM_COV_PATH)
message(FATAL_ERROR "llvm-cov not found! Aborting...")
endif() # NOT LLVM_COV_PATH
if(NOT LLVM_PROFDATA_PATH)
message(FATAL_ERROR "llvm-profdata not found! Aborting...")
endif() # NOT LLVM_PROFDATA_PATH
endif() # XCRUN_PATH
set(LLVM_PROFILE_DIR ${PROJECT_BINARY_DIR}/llvm_profile) if(NOT GCOVR_PATH)
file(REMOVE_RECURSE ${LLVM_PROFILE_DIR}) message(FATAL_ERROR "gcovr not found! Aborting...")
endif() # NOT GCOVR_PATH
set(COV_EXCLUDES "") # Combine excludes to several -e arguments
foreach(EXCLUDE ${COVERAGE_EXCLUDES}) set(GCOVR_EXCLUDES "")
list(APPEND COV_EXCLUDES "-ignore-filename-regex=${EXCLUDE}") foreach(EXCLUDE ${COVERAGE_GCOVR_EXCLUDES})
list(APPEND GCOVR_EXCLUDES "-e")
list(APPEND GCOVR_EXCLUDES "${EXCLUDE}")
endforeach() endforeach()
list(GET Coverage_BINARY 0 COV_BINARY)
if(Coverage_BINARY)
list(REMOVE_AT Coverage_BINARY 0)
foreach(BIN ${Coverage_BINARY})
list(APPEND COV_BINARY -object ${BIN})
endforeach()
endif()
add_custom_target(${Coverage_NAME} add_custom_target(${Coverage_NAME}
COMMAND ${CMAKE_COMMAND} -E env LLVM_PROFILE_FILE=${LLVM_PROFILE_DIR}/profile-%p.profraw ctest -C $<CONFIG> $$ARGS # Run tests
${Coverage_EXECUTABLE}
COMMAND ${LLVM_PROFDATA_PATH} merge -sparse ${LLVM_PROFILE_DIR}/* -o coverage.profdata # Create folder
WORKING_DIRECTORY ${PROJECT_BINARY_DIR} COMMAND ${CMAKE_COMMAND} -E make_directory ${PROJECT_BINARY_DIR}/${Coverage_NAME}
DEPENDS ${Coverage_DEPENDENCIES})
if("html" IN_LIST CMAKE_COVERAGE_FORMAT) # Running gcovr
add_custom_command(TARGET ${Coverage_NAME} POST_BUILD COMMAND ${GCOVR_PATH} --html --html-details
COMMAND ${LLVM_COV_PATH} show -instr-profile=coverage.profdata ${COV_BINARY} -r ${PROJECT_SOURCE_DIR} ${GCOVR_EXCLUDES}
--format=html --output-dir=${Coverage_NAME}-html ${COV_EXCLUDES} ${Coverage_SOURCES_ROOT} --object-directory=${PROJECT_BINARY_DIR}
WORKING_DIRECTORY ${PROJECT_BINARY_DIR} -o ${Coverage_NAME}/index.html
COMMENT "Running llvm-cov to produce HTML code coverage report ${Coverage_NAME}-html") WORKING_DIRECTORY ${PROJECT_BINARY_DIR}
endif() DEPENDS ${Coverage_DEPENDENCIES}
COMMENT "Running gcovr to produce HTML code coverage report."
)
if("xml" IN_LIST CMAKE_COVERAGE_FORMAT) # Show info where to find the report
message(WARNING "XML coverage report format not supported for llvm-cov") add_custom_command(TARGET ${Coverage_NAME} POST_BUILD
endif() COMMAND ;
COMMENT "Open ./${Coverage_NAME}/index.html in your browser to view the coverage report."
if("txt" IN_LIST CMAKE_COVERAGE_FORMAT) )
add_custom_command(TARGET ${Coverage_NAME} POST_BUILD
COMMAND ${LLVM_COV_PATH} show -instr-profile=coverage.profdata ${COV_BINARY}
--format=text ${COV_EXCLUDES} ${Coverage_SOURCES_ROOT} > ${Coverage_NAME}.txt
WORKING_DIRECTORY ${PROJECT_BINARY_DIR}
COMMENT "Running llvm-cov to produce TXT code coverage report ${Coverage_NAME}.txt.")
endif()
endfunction() # SETUP_TARGET_FOR_COVERAGE_LLVM
endfunction() # SETUP_TARGET_FOR_COVERAGE_GCOVR_HTML
function(APPEND_COVERAGE_COMPILER_FLAGS) function(APPEND_COVERAGE_COMPILER_FLAGS)
message(STATUS "Appending code coverage compiler flags: ${COVERAGE_COMPILER_FLAGS}")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${COVERAGE_COMPILER_FLAGS}" PARENT_SCOPE) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${COVERAGE_COMPILER_FLAGS}" PARENT_SCOPE)
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${COVERAGE_COMPILER_FLAGS}" PARENT_SCOPE) set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${COVERAGE_COMPILER_FLAGS}" PARENT_SCOPE)
endfunction() # APPEND_COVERAGE_COMPILER_FLAGS message(STATUS "Appending code coverage compiler flags: ${COVERAGE_COMPILER_FLAGS}")
endfunction() # APPEND_COVERAGE_COMPILER_FLAGS

36
cmake/FindArgon2.cmake Normal file
View File

@@ -0,0 +1,36 @@
# Copyright (C) 2017 KeePassXC Team
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 2 or (at your option)
# version 3 of the License.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
find_path(ARGON2_INCLUDE_DIR argon2.h)
if(MINGW)
# find static library on Windows, and redefine used symbols to
# avoid definition name conflicts with libsodium
find_library(ARGON2_SYS_LIBRARIES libargon2.a)
message(STATUS "Patching libargon2...\n")
execute_process(COMMAND objcopy
--redefine-sym argon2_hash=libargon2_argon2_hash
--redefine-sym _argon2_hash=_libargon2_argon2_hash
--redefine-sym argon2_error_message=libargon2_argon2_error_message
--redefine-sym _argon2_error_message=_libargon2_argon2_error_message
${ARGON2_SYS_LIBRARIES} ${CMAKE_BINARY_DIR}/libargon2_patched.a
WORKING_DIRECTORY ${CMAKE_BINARY_DIR})
find_library(ARGON2_LIBRARIES libargon2_patched.a PATHS ${CMAKE_BINARY_DIR} NO_DEFAULT_PATH)
else()
find_library(ARGON2_LIBRARIES argon2)
endif()
mark_as_advanced(ARGON2_LIBRARIES ARGON2_INCLUDE_DIR)
include(FindPackageHandleStandardArgs)
find_package_handle_standard_args(Argon2 DEFAULT_MSG ARGON2_LIBRARIES ARGON2_INCLUDE_DIR)

65
cmake/FindBotan.cmake
View File

@@ -1,65 +0,0 @@
# - Find botan
# Find the botan cryptographic library
#
# This module defines the following variables:
# BOTAN_FOUND - True if library and include directory are found
# If set to TRUE, the following are also defined:
# BOTAN_INCLUDE_DIRS - The directory where to find the header file
# BOTAN_LIBRARIES - Where to find the library files
#
# This file is in the public domain (https://github.com/vistle/vistle/blob/master/cmake/Modules/FindBOTAN.cmake)
include(FindPackageHandleStandardArgs)
set(BOTAN_VERSIONS botan-3 botan-2)
set(BOTAN_NAMES botan-3 botan-2 botan)
set(BOTAN_NAMES_DEBUG botand-3 botand-2 botand botan)
find_path(
BOTAN_INCLUDE_DIR
NAMES botan/build.h
PATH_SUFFIXES ${BOTAN_VERSIONS}
DOC "The Botan include directory")
if(BOTAN_INCLUDE_DIR)
file(READ "${BOTAN_INCLUDE_DIR}/botan/build.h" build)
string(REGEX MATCH "BOTAN_VERSION_MAJOR ([0-9]*)" _ ${build})
set(BOTAN_VERSION_MAJOR ${CMAKE_MATCH_1})
string(REGEX MATCH "BOTAN_VERSION_MINOR ([0-9]*)" _ ${build})
set(BOTAN_VERSION_MINOR ${CMAKE_MATCH_1})
string(REGEX MATCH "BOTAN_VERSION_PATCH ([0-9]*)" _ ${build})
set(BOTAN_VERSION_PATCH ${CMAKE_MATCH_1})
set(BOTAN_VERSION "${BOTAN_VERSION_MAJOR}.${BOTAN_VERSION_MINOR}.${BOTAN_VERSION_PATCH}")
endif()
find_library(
BOTAN_LIBRARY
NAMES ${BOTAN_NAMES}
PATH_SUFFIXES release/lib lib
DOC "The Botan (release) library")
if(MSVC)
find_library(
BOTAN_LIBRARY_DEBUG
NAMES ${BOTAN_NAMES_DEBUG}
PATH_SUFFIXES debug/lib lib
DOC "The Botan debug library")
find_package_handle_standard_args(
Botan
REQUIRED_VARS BOTAN_LIBRARY BOTAN_LIBRARY_DEBUG BOTAN_INCLUDE_DIR
VERSION_VAR BOTAN_VERSION)
else()
find_package_handle_standard_args(
Botan
REQUIRED_VARS BOTAN_LIBRARY BOTAN_INCLUDE_DIR
VERSION_VAR BOTAN_VERSION)
endif()
if(BOTAN_FOUND)
set(BOTAN_INCLUDE_DIRS ${BOTAN_INCLUDE_DIR})
if(MSVC)
set(BOTAN_LIBRARIES optimized ${BOTAN_LIBRARY} debug ${BOTAN_LIBRARY_DEBUG})
else()
set(BOTAN_LIBRARIES ${BOTAN_LIBRARY})
endif()
endif()
mark_as_advanced(BOTAN_INCLUDE_DIR BOTAN_LIBRARY BOTAN_LIBRARY_DEBUG)

31
cmake/FindGcrypt.cmake Normal file
View File

@@ -0,0 +1,31 @@
# Copyright (C) 2011 Felix Geyer <debfx@fobos.de>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 2 or (at your option)
# version 3 of the License.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
find_path(GCRYPT_INCLUDE_DIR gcrypt.h)
find_library(GCRYPT_LIBRARIES gcrypt)
mark_as_advanced(GCRYPT_LIBRARIES GCRYPT_INCLUDE_DIR)
if(GCRYPT_INCLUDE_DIR AND EXISTS "${GCRYPT_INCLUDE_DIR}/gcrypt.h")
file(STRINGS "${GCRYPT_INCLUDE_DIR}/gcrypt.h" GCRYPT_H REGEX "^#define GCRYPT_VERSION \"[^\"]*\"$")
string(REGEX REPLACE "^.*GCRYPT_VERSION \"([0-9]+).*$" "\\1" GCRYPT_VERSION_MAJOR "${GCRYPT_H}")
string(REGEX REPLACE "^.*GCRYPT_VERSION \"[0-9]+\\.([0-9]+).*$" "\\1" GCRYPT_VERSION_MINOR "${GCRYPT_H}")
string(REGEX REPLACE "^.*GCRYPT_VERSION \"[0-9]+\\.[0-9]+\\.([0-9]+).*$" "\\1" GCRYPT_VERSION_PATCH "${GCRYPT_H}")
set(GCRYPT_VERSION_STRING "${GCRYPT_VERSION_MAJOR}.${GCRYPT_VERSION_MINOR}.${GCRYPT_VERSION_PATCH}")
endif()
include(FindPackageHandleStandardArgs)
find_package_handle_standard_args(Gcrypt DEFAULT_MSG GCRYPT_LIBRARIES GCRYPT_INCLUDE_DIR)

42
src/thirdparty/CMakeLists.txt → cmake/FindLibGPGError.cmake
View File

@@ -1,19 +1,23 @@
# Copyright (C) 2021 KeePassXC Team <team@keepassxc.org> # Copyright (C) 2017 KeePassXC Team <team@keepassxc.org>
# #
# This program is free software: you can redistribute it and/or modify # This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by # it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 2 or (at your option) # the Free Software Foundation, either version 2 or (at your option)
# version 3 of the License. # version 3 of the License.
# #
# This program is distributed in the hope that it will be useful, # This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of # but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details. # GNU General Public License for more details.
# #
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
if(WITH_XC_YUBIKEY) find_path(GPGERROR_INCLUDE_DIR gpg-error.h)
add_subdirectory(ykcore) find_library(GPGERROR_LIBRARIES gpg-error)
set(thirdparty_LIBRARIES ${thirdparty_LIBRARIES} ykcore PARENT_SCOPE)
endif() mark_as_advanced(GPGERROR_LIBRARIES GPGERROR_INCLUDE_DIR)
include(FindPackageHandleStandardArgs)
include_directories(${GPGERROR_INCLUDE_DIR})
find_package_handle_standard_args(LibGPGError DEFAULT_MSG GPGERROR_LIBRARIES GPGERROR_INCLUDE_DIR)

9
cmake/FindMinizip.cmake
View File

@@ -1,9 +0,0 @@
# MINIZIP_FOUND - Minizip library was found
# MINIZIP_INCLUDE_DIR - Path to Minizip include dir
# MINIZIP_LIBRARIES - List of Minizip libraries
find_library(MINIZIP_LIBRARIES NAMES minizip libminizip)
find_path(MINIZIP_INCLUDE_DIR zip.h PATH_SUFFIXES minizip)
include(FindPackageHandleStandardArgs)
find_package_handle_standard_args(Minizip DEFAULT_MSG MINIZIP_LIBRARIES MINIZIP_INCLUDE_DIR)

39
cmake/FindPCSC.cmake
View File

@@ -1,39 +0,0 @@
# Copyright (C) 2021 KeePassXC Team <team@keepassxc.org>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 2 or (at your option)
# version 3 of the License.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# Use pkgconfig on Linux
if(NOT WIN32)
find_package(PkgConfig QUIET)
pkg_check_modules(PCSC libpcsclite)
endif()
if(NOT PCSC_FOUND)
# Search for PC/SC headers on Mac and Windows
find_path(PCSC_INCLUDE_DIRS winscard.h
HINTS
${CMAKE_C_IMPLICIT_INCLUDE_DIRECTORIES}
/usr/include/PCSC
PATH_SUFFIXES PCSC)
# MAC library is PCSC, Windows library is WinSCard
find_library(PCSC_LIBRARIES NAMES pcsclite libpcsclite WinSCard PCSC
HINTS
${CMAKE_C_IMPLICIT_LINK_DIRECTORIES})
endif()
include(FindPackageHandleStandardArgs)
find_package_handle_standard_args(PCSC DEFAULT_MSG PCSC_LIBRARIES PCSC_INCLUDE_DIRS)
mark_as_advanced(PCSC_LIBRARIES PCSC_INCLUDE_DIRS)

11
cmake/FindQREncode.cmake
View File

@@ -13,15 +13,8 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
find_path(QRENCODE_INCLUDE_DIR NAMES qrencode.h) find_path(QRENCODE_INCLUDE_DIR qrencode.h)
find_library(QRENCODE_LIBRARY qrencode)
if (VCPKG_INSTALLED_DIR)
find_library(QRENCODE_LIBRARY_RELEASE qrencode)
find_library(QRENCODE_LIBRARY_DEBUG qrencoded)
set(QRENCODE_LIBRARY optimized ${QRENCODE_LIBRARY_RELEASE} debug ${QRENCODE_LIBRARY_DEBUG})
else()
find_library(QRENCODE_LIBRARY qrencode)
endif()
mark_as_advanced(QRENCODE_LIBRARY QRENCODE_INCLUDE_DIR) mark_as_advanced(QRENCODE_LIBRARY QRENCODE_INCLUDE_DIR)

33
cmake/FindQuaZip.cmake Normal file
View File

@@ -0,0 +1,33 @@
# QUAZIP_FOUND - QuaZip library was found
# QUAZIP_INCLUDE_DIRS - Path to QuaZip include dir
# QUAZIP_LIBRARIES - List of QuaZip libraries
if(MINGW)
find_library(QUAZIP_LIBRARIES libquazip5)
find_path(QUAZIP_INCLUDE_DIRS quazip.h PATH_SUFFIXES quazip5)
elseif(APPLE)
find_library(QUAZIP_LIBRARIES quazip1-qt5)
find_path(QUAZIP_INCLUDE_DIRS quazip.h PATH_SUFFIXES quazip)
else()
# Try pkgconfig first
find_package(PkgConfig QUIET)
if (PKG_CONFIG_FOUND)
pkg_check_modules(QUAZIP QUIET quazip1-qt5)
endif()
if(NOT QUAZIP_FOUND)
# Try to find QuaZip version 0.x
find_library(QUAZIP_LIBRARIES
NAMES quazip5 quazip
PATHS /usr/lib /usr/lib64 /usr/local/lib
)
find_path(QUAZIP_INCLUDE_DIRS quazip.h
PATHS /usr/include /usr/local/include
PATH_SUFFIXES quazip5 quazip
)
endif()
endif()
mark_as_advanced(QUAZIP_LIBRARIES QUAZIP_INCLUDE_DIRS)
include(FindPackageHandleStandardArgs)
find_package_handle_standard_args(QuaZip DEFAULT_MSG QUAZIP_LIBRARIES QUAZIP_INCLUDE_DIRS)

1
cmake/FindReadline.cmake
View File

@@ -47,3 +47,4 @@ mark_as_advanced(
Readline_INCLUDE_DIR Readline_INCLUDE_DIR
Readline_LIBRARY Readline_LIBRARY
) )

27
cmake/FindYubiKey.cmake Normal file
View File

@@ -0,0 +1,27 @@
# Copyright (C) 2014 Kyle Manna <kyle@kylemanna.com>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 2 or (at your option)
# version 3 of the License.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
find_path(YUBIKEY_CORE_INCLUDE_DIR yubikey.h)
find_path(YUBIKEY_PERS_INCLUDE_DIR ykcore.h PATH_SUFFIXES ykpers-1)
set(YUBIKEY_INCLUDE_DIRS ${YUBIKEY_CORE_INCLUDE_DIR} ${YUBIKEY_PERS_INCLUDE_DIR})
find_library(YUBIKEY_CORE_LIBRARY NAMES yubikey.dll libyubikey.so yubikey)
find_library(YUBIKEY_PERS_LIBRARY NAMES ykpers-1.dll libykpers-1.so ykpers-1)
set(YUBIKEY_LIBRARIES ${YUBIKEY_CORE_LIBRARY} ${YUBIKEY_PERS_LIBRARY})
include(FindPackageHandleStandardArgs)
find_package_handle_standard_args(YubiKey DEFAULT_MSG YUBIKEY_LIBRARIES YUBIKEY_INCLUDE_DIRS)
mark_as_advanced(YUBIKEY_LIBRARIES YUBIKEY_INCLUDE_DIRS)

267
cmake/Findsodium.cmake Normal file
View File

@@ -0,0 +1,267 @@
# Written in 2016 by Henrik Steffen Gaßmann <henrik@gassmann.onl>
#
# To the extent possible under law, the author(s) have dedicated all
# copyright and related and neighboring rights to this software to the
# public domain worldwide. This software is distributed without any warranty.
#
# You should have received a copy of the CC0 Public Domain Dedication
# along with this software. If not, see
#
# http://creativecommons.org/publicdomain/zero/1.0/
#
########################################################################
# Tries to find the local libsodium installation.
#
# On Windows the sodium_DIR environment variable is used as a default
# hint which can be overridden by setting the corresponding cmake variable.
#
# Once done the following variables will be defined:
#
# sodium_FOUND
# sodium_INCLUDE_DIR
# sodium_LIBRARY_DEBUG
# sodium_LIBRARY_RELEASE
#
#
# Furthermore an imported "sodium" target is created.
#
if (CMAKE_C_COMPILER_ID STREQUAL "GNU"
OR CMAKE_C_COMPILER_ID STREQUAL "Clang")
set(_GCC_COMPATIBLE 1)
endif()
# static library option
option(sodium_USE_STATIC_LIBS "enable to statically link against sodium")
if(NOT (sodium_USE_STATIC_LIBS EQUAL sodium_USE_STATIC_LIBS_LAST))
unset(sodium_LIBRARY CACHE)
unset(sodium_LIBRARY_DEBUG CACHE)
unset(sodium_LIBRARY_RELEASE CACHE)
unset(sodium_DLL_DEBUG CACHE)
unset(sodium_DLL_RELEASE CACHE)
set(sodium_USE_STATIC_LIBS_LAST ${sodium_USE_STATIC_LIBS} CACHE INTERNAL "internal change tracking variable")
endif()
########################################################################
# UNIX
if (UNIX)
# import pkg-config
find_package(PkgConfig QUIET)
if (PKG_CONFIG_FOUND)
pkg_check_modules(sodium_PKG QUIET libsodium)
endif()
if(sodium_USE_STATIC_LIBS)
set(XPREFIX sodium_PKG_STATIC)
else()
set(XPREFIX sodium_PKG)
endif()
find_path(sodium_INCLUDE_DIR sodium.h
HINTS ${${XPREFIX}_INCLUDE_DIRS}
)
find_library(sodium_LIBRARY_DEBUG NAMES ${${XPREFIX}_LIBRARIES} sodium
HINTS ${${XPREFIX}_LIBRARY_DIRS}
)
find_library(sodium_LIBRARY_RELEASE NAMES ${${XPREFIX}_LIBRARIES} sodium
HINTS ${${XPREFIX}_LIBRARY_DIRS}
)
########################################################################
# Windows
elseif (WIN32)
set(sodium_DIR "$ENV{sodium_DIR}" CACHE FILEPATH "sodium install directory")
mark_as_advanced(sodium_DIR)
find_path(sodium_INCLUDE_DIR sodium.h
HINTS ${sodium_DIR}
PATH_SUFFIXES include
)
if (MSVC)
# detect target architecture
file(WRITE "${CMAKE_CURRENT_BINARY_DIR}/arch.c" [=[
#if defined _M_IX86
#error ARCH_VALUE x86_32
#elif defined _M_X64
#error ARCH_VALUE x86_64
#endif
#error ARCH_VALUE unknown
]=])
try_compile(_UNUSED_VAR "${CMAKE_CURRENT_BINARY_DIR}" "${CMAKE_CURRENT_BINARY_DIR}/arch.c"
OUTPUT_VARIABLE _COMPILATION_LOG
)
string(REGEX REPLACE ".*ARCH_VALUE ([a-zA-Z0-9_]+).*" "\\1" _TARGET_ARCH "${_COMPILATION_LOG}")
# construct library path
if (_TARGET_ARCH STREQUAL "x86_32")
string(APPEND _PLATFORM_PATH "Win32")
elseif(_TARGET_ARCH STREQUAL "x86_64")
string(APPEND _PLATFORM_PATH "x64")
else()
message(FATAL_ERROR "the ${_TARGET_ARCH} architecture is not supported by Findsodium.cmake.")
endif()
string(APPEND _PLATFORM_PATH "/$$CONFIG$$")
if (MSVC_VERSION LESS 1900)
math(EXPR _VS_VERSION "${MSVC_VERSION} / 10 - 60")
else()
math(EXPR _VS_VERSION "${MSVC_VERSION} / 10 - 50")
endif()
string(APPEND _PLATFORM_PATH "/v${_VS_VERSION}")
if (sodium_USE_STATIC_LIBS)
string(APPEND _PLATFORM_PATH "/static")
else()
string(APPEND _PLATFORM_PATH "/dynamic")
endif()
string(REPLACE "$$CONFIG$$" "Debug" _DEBUG_PATH_SUFFIX "${_PLATFORM_PATH}")
string(REPLACE "$$CONFIG$$" "Release" _RELEASE_PATH_SUFFIX "${_PLATFORM_PATH}")
find_library(sodium_LIBRARY_DEBUG libsodium.lib
HINTS ${sodium_DIR}
PATH_SUFFIXES ${_DEBUG_PATH_SUFFIX}
)
find_library(sodium_LIBRARY_RELEASE libsodium.lib
HINTS ${sodium_DIR}
PATH_SUFFIXES ${_RELEASE_PATH_SUFFIX}
)
if (NOT sodium_USE_STATIC_LIBS)
set(CMAKE_FIND_LIBRARY_SUFFIXES ".dll")
find_library(sodium_DLL_DEBUG libsodium
HINTS ${sodium_DIR}
PATH_SUFFIXES ${_DEBUG_PATH_SUFFIX}
)
find_library(sodium_DLL_RELEASE libsodium
HINTS ${sodium_DIR}
PATH_SUFFIXES ${_RELEASE_PATH_SUFFIX}
)
endif()
elseif(_GCC_COMPATIBLE)
if (sodium_USE_STATIC_LIBS)
find_library(sodium_LIBRARY_DEBUG libsodium.a
HINTS ${sodium_DIR}
PATH_SUFFIXES lib
)
find_library(sodium_LIBRARY_RELEASE libsodium.a
HINTS ${sodium_DIR}
PATH_SUFFIXES lib
)
else()
find_library(sodium_LIBRARY_DEBUG libsodium.dll.a
HINTS ${sodium_DIR}
PATH_SUFFIXES lib
)
find_library(sodium_LIBRARY_RELEASE libsodium.dll.a
HINTS ${sodium_DIR}
PATH_SUFFIXES lib
)
file(GLOB _DLL
LIST_DIRECTORIES false
RELATIVE "${sodium_DIR}/bin"
"${sodium_DIR}/bin/libsodium*.dll"
)
find_library(sodium_DLL_DEBUG ${_DLL} libsodium
HINTS ${sodium_DIR}
PATH_SUFFIXES bin
)
find_library(sodium_DLL_RELEASE ${_DLL} libsodium
HINTS ${sodium_DIR}
PATH_SUFFIXES bin
)
endif()
else()
message(FATAL_ERROR "this platform is not supported by FindSodium.cmake")
endif()
########################################################################
# unsupported
else()
message(FATAL_ERROR "this platform is not supported by FindSodium.cmake")
endif()
########################################################################
# common stuff
# extract sodium version
if (sodium_INCLUDE_DIR)
set(_VERSION_HEADER "${_INCLUDE_DIR}/sodium/version.h")
if (EXISTS _VERSION_HEADER)
file(READ "${_VERSION_HEADER}" _VERSION_HEADER_CONTENT)
string(REGEX REPLACE ".*#[ \t]*define[ \t]*SODIUM_VERSION_STRING[ \t]*\"([^\n]*)\".*" "\\1"
sodium_VERSION "${_VERSION_HEADER_CONTENT}")
set(sodium_VERSION "${sodium_VERSION}" PARENT_SCOPE)
endif()
endif()
# communicate results
include(FindPackageHandleStandardArgs)
find_package_handle_standard_args(sodium
REQUIRED_VARS
sodium_LIBRARY_RELEASE
sodium_LIBRARY_DEBUG
sodium_INCLUDE_DIR
VERSION_VAR
sodium_VERSION
)
# mark file paths as advanced
mark_as_advanced(sodium_INCLUDE_DIR)
mark_as_advanced(sodium_LIBRARY_DEBUG)
mark_as_advanced(sodium_LIBRARY_RELEASE)
if (WIN32)
mark_as_advanced(sodium_DLL_DEBUG)
mark_as_advanced(sodium_DLL_RELEASE)
endif()
# create imported target
if(sodium_USE_STATIC_LIBS)
set(_LIB_TYPE STATIC)
else()
set(_LIB_TYPE SHARED)
endif()
add_library(sodium ${_LIB_TYPE} IMPORTED)
set_target_properties(sodium PROPERTIES
INTERFACE_INCLUDE_DIRECTORIES "${sodium_INCLUDE_DIR}"
IMPORTED_LINK_INTERFACE_LANGUAGES "C"
)
if (sodium_USE_STATIC_LIBS)
set_target_properties(sodium PROPERTIES
INTERFACE_COMPILE_DEFINITIONS "SODIUM_STATIC"
IMPORTED_LOCATION "${sodium_LIBRARY_RELEASE}"
IMPORTED_LOCATION_DEBUG "${sodium_LIBRARY_DEBUG}"
)
else()
if (UNIX)
set_target_properties(sodium PROPERTIES
IMPORTED_LOCATION "${sodium_LIBRARY_RELEASE}"
IMPORTED_LOCATION_DEBUG "${sodium_LIBRARY_DEBUG}"
)
elseif (WIN32)
set_target_properties(sodium PROPERTIES
IMPORTED_IMPLIB "${sodium_LIBRARY_RELEASE}"
IMPORTED_IMPLIB_DEBUG "${sodium_LIBRARY_DEBUG}"
)
if (NOT (sodium_DLL_DEBUG MATCHES ".*-NOTFOUND"))
set_target_properties(sodium PROPERTIES
IMPORTED_LOCATION_DEBUG "${sodium_DLL_DEBUG}"
)
endif()
if (NOT (sodium_DLL_RELEASE MATCHES ".*-NOTFOUND"))
set_target_properties(sodium PROPERTIES
IMPORTED_LOCATION_RELWITHDEBINFO "${sodium_DLL_RELEASE}"
IMPORTED_LOCATION_MINSIZEREL "${sodium_DLL_RELEASE}"
IMPORTED_LOCATION_RELEASE "${sodium_DLL_RELEASE}"
)
endif()
endif()
endif()

61
cmake/KPXCMacDeployHelpers.cmake
View File

@@ -1,61 +0,0 @@
# Running macdeployqt on a POST_BUILD copied binaries is pointless when using CPack because
# the copied binaries will be overriden by the corresponding install(TARGETS) commands.
# That's why we run macdeployqt using install(CODE) on the already installed binaries.
# The precondition is that all install(TARGETS) calls have to be called before this function is
# called.
# macdeloyqt is called only once, but it is given all executables that should be processed.
function(kpxc_run_macdeployqt_at_install_time)
set(NO_VALUE_OPTIONS)
set(SINGLE_VALUE_OPTIONS
APP_NAME
)
set(MULTI_VALUE_OPTIONS
EXTRA_BINARIES
)
cmake_parse_arguments(PARSE_ARGV 0 ARG
"${NO_VALUE_OPTIONS}" "${SINGLE_VALUE_OPTIONS}" "${MULTI_VALUE_OPTIONS}"
)
set(ESCAPED_PREFIX "\${CMAKE_INSTALL_PREFIX}")
set(APP_BUNDLE_NAME "${ARG_APP_NAME}.app")
set(APP_BUNDLE_PATH "${ESCAPED_PREFIX}/${APP_BUNDLE_NAME}")
# Collect extra binaries and plugins that should be handled by macdpeloyqt.
set(EXTRA_BINARIES "")
foreach(EXTRA_BINARY ${ARG_EXTRA_BINARIES})
set(INSTALLED_BINARY_PATH "${ESCAPED_PREFIX}/${EXTRA_BINARY}")
list(APPEND EXTRA_BINARIES "-executable=${INSTALLED_BINARY_PATH}")
endforeach()
list(JOIN EXTRA_BINARIES " " EXTRA_BINARIES_STR)
if(CMAKE_VERSION VERSION_GREATER "3.14")
set(COMMAND_ECHO "COMMAND_ECHO STDOUT")
else()
set(COMMAND_ECHO "")
endif()
set(COMMAND_ARGS
${MACDEPLOYQT_EXE}
${APP_BUNDLE_PATH}
# Adjusts dependency rpaths of extra binaries
${EXTRA_BINARIES_STR}
# Silences warnings on subsequent re-installations
-always-overwrite
)
install(CODE
"
execute_process(
COMMAND ${COMMAND_ARGS}
${COMMAND_ECHO}
RESULT_VARIABLE EXIT_CODE
)
if(NOT EXIT_CODE EQUAL 0)
message(FATAL_ERROR
\"Running ${COMMAND_ARGS} failed with exit code \${EXIT_CODE}.\")
endif()
")
endfunction()

3
cmake/MakePortableZip.cmake
View File

@@ -1,3 +0,0 @@
if (CMAKE_INSTALL_PREFIX MATCHES "/ZIP/")
file(TOUCH "${CMAKE_INSTALL_PREFIX}/.portable")
endif()

5
cmake/compiler-checks/macos/control_biometry_support.mm
View File

@@ -1,5 +0,0 @@
#include <Security/Security.h>
int main() {
return static_cast<int>(kSecAccessControlBiometryCurrentSet);
}

5
cmake/compiler-checks/macos/control_touch_id_support.mm
View File

@@ -1,5 +0,0 @@
#include <Security/Security.h>
int main() {
return static_cast<int>(kSecAccessControlTouchIDCurrentSet);
}

5
cmake/compiler-checks/macos/control_watch_support.mm
View File

@@ -1,5 +0,0 @@
#include <Security/Security.h>
int main() {
return static_cast<int>(kSecAccessControlWatch);
}

8
codecov.yaml
View File

@@ -1,8 +0,0 @@
coverage:
range: 60..80
round: nearest
precision: 2
fixes:
- "*/src/::"
comment:
require_changes: true

51
docs/CMakeLists.txt
View File

@@ -16,44 +16,51 @@
find_program(ASCIIDOCTOR_EXE asciidoctor) find_program(ASCIIDOCTOR_EXE asciidoctor)
if(NOT ASCIIDOCTOR_EXE) if(NOT ASCIIDOCTOR_EXE)
message(FATAL_ERROR "asciidoctor is required to build documentation") message(FATAL_ERROR "asciidoctor is required to build documentation")
else()
message(STATUS "Using asciidoctor: ${ASCIIDOCTOR_EXE}")
endif() endif()
message(STATUS "Using asciidoctor: ${ASCIIDOCTOR_EXE}")
set(DOC_DIR ${CMAKE_CURRENT_SOURCE_DIR}) set(DOC_DIR ${CMAKE_CURRENT_SOURCE_DIR})
set(OUT_DIR ${CMAKE_CURRENT_BINARY_DIR}) set(OUT_DIR ${CMAKE_CURRENT_BINARY_DIR})
set(REV -a revnumber=${KEEPASSXC_VERSION})
# Build html documentation on all platforms # Build html documentation on all platforms
# NOTE: Combine into one long command to prevent MSVC from failing to build all docs file(GLOB html_depends ${DOC_DIR}/topics/* ${DOC_DIR}/styles/* ${DOC_DIR}/images/*)
file(GLOB doc_depends ${DOC_DIR}/*.adoc ${DOC_DIR}/topics/* ${DOC_DIR}/styles/* ${DOC_DIR}/images/*) add_custom_command(OUTPUT KeePassXC_GettingStarted.html
add_custom_command( COMMAND ${ASCIIDOCTOR_EXE} -D ${OUT_DIR} -o KeePassXC_GettingStarted.html ${DOC_DIR}/GettingStarted.adoc
OUTPUT KeePassXC_GettingStarted.html KeePassXC_UserGuide.html KeePassXC_KeyboardShortcuts.html DEPENDS ${html_depends} ${DOC_DIR}/GettingStarted.adoc
COMMAND VERBATIM)
${ASCIIDOCTOR_EXE} -D ${OUT_DIR} -o KeePassXC_GettingStarted.html ${REV} ${DOC_DIR}/GettingStarted.adoc && add_custom_command(OUTPUT KeePassXC_UserGuide.html
${ASCIIDOCTOR_EXE} -D ${OUT_DIR} -o KeePassXC_UserGuide.html ${REV} ${DOC_DIR}/UserGuide.adoc && COMMAND ${ASCIIDOCTOR_EXE} -D ${OUT_DIR} -o KeePassXC_UserGuide.html ${DOC_DIR}/UserGuide.adoc
${ASCIIDOCTOR_EXE} -D ${OUT_DIR} -o KeePassXC_KeyboardShortcuts.html ${REV} ${DOC_DIR}/topics/KeyboardShortcuts.adoc DEPENDS ${html_depends} ${DOC_DIR}/UserGuide.adoc
DEPENDS ${doc_depends} WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
VERBATIM)
file(GLOB styles_depends ${DOC_DIR}/styles/*)
add_custom_command(OUTPUT KeePassXC_KeyboardShortcuts.html
COMMAND ${ASCIIDOCTOR_EXE} -D ${OUT_DIR} -o KeePassXC_KeyboardShortcuts.html ${DOC_DIR}/topics/KeyboardShortcuts.adoc
DEPENDS ${DOC_DIR}/topics/KeyboardShortcuts.adoc ${styles_depends}
VERBATIM) VERBATIM)
add_custom_target(docs ALL DEPENDS KeePassXC_GettingStarted.html KeePassXC_UserGuide.html KeePassXC_KeyboardShortcuts.html) add_custom_target(docs ALL DEPENDS KeePassXC_GettingStarted.html KeePassXC_UserGuide.html KeePassXC_KeyboardShortcuts.html)
install(FILES install(FILES
${OUT_DIR}/KeePassXC_GettingStarted.html ${OUT_DIR}/KeePassXC_GettingStarted.html
${OUT_DIR}/KeePassXC_UserGuide.html ${OUT_DIR}/KeePassXC_UserGuide.html
${OUT_DIR}/KeePassXC_KeyboardShortcuts.html ${OUT_DIR}/KeePassXC_KeyboardShortcuts.html
DESTINATION ${DATA_INSTALL_DIR}/docs) DESTINATION ${DATA_INSTALL_DIR}/docs)
# Build Man Pages on Linux and macOS # Build Man Pages on Linux and macOS
if(UNIX) if(APPLE OR UNIX)
add_custom_command(OUTPUT keepassxc.1 keepassxc-cli.1 add_custom_command(OUTPUT keepassxc.1
COMMAND ${ASCIIDOCTOR_EXE} -D ${OUT_DIR} -b manpage ${REV} ./man/keepassxc.1.adoc COMMAND ${ASCIIDOCTOR_EXE} -D ${OUT_DIR} -b manpage ${DOC_DIR}/man/keepassxc.1.adoc
COMMAND ${ASCIIDOCTOR_EXE} -D ${OUT_DIR} -b manpage ${REV} ./man/keepassxc-cli.1.adoc DEPENDS ${DOC_DIR}/man/keepassxc.1.adoc
DEPENDS ${DOC_DIR}/man/keepassxc.1.adoc ${DOC_DIR}/man/keepassxc-cli.1.adoc VERBATIM)
WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR} add_custom_command(OUTPUT keepassxc-cli.1
COMMAND ${ASCIIDOCTOR_EXE} -D ${OUT_DIR} -b manpage ${DOC_DIR}/man/keepassxc-cli.1.adoc
DEPENDS ${DOC_DIR}/man/keepassxc-cli.1.adoc
VERBATIM) VERBATIM)
add_custom_target(manpages ALL DEPENDS keepassxc.1 keepassxc-cli.1) add_custom_target(manpages ALL DEPENDS keepassxc.1 keepassxc-cli.1)
install(FILES install(FILES
${OUT_DIR}/keepassxc.1 ${OUT_DIR}/keepassxc.1
${OUT_DIR}/keepassxc-cli.1 ${OUT_DIR}/keepassxc-cli.1
DESTINATION ${CMAKE_INSTALL_MANDIR}/man1/) DESTINATION ${CMAKE_INSTALL_MANDIR}/man1/)

68
docs/FuzzTest.md
View File

@@ -1,68 +0,0 @@
# Fuzz-Testing KeePassXC
Fuzz-testing = feeding random input into a program until it crashes. Be smart about what's "random" by looking at how the program executes the input.
We use the "American Fuzzy Lop" (AFL) fuzz tester (https://lcamtuf.coredump.cx/afl/).
The following assumes that all tools and libraries required to build KeePassXC from source have already been installed.
## Installing AFL
$ sudo apt install afl
Optionally, build AFL from source:
$ git clone https://github.com/google/AFL
$ cd AFL
$ make
$ make install
## Building KeePassXC For Fuzzing
A special "instrumented build" is used that allows the fuzzer to look into the program as it executes. We place it in its own build directory so it doesn't get confused with the production build.
$ cd your_keepassxc_source_directory
$ mkdir buildafl
$ cd buildafl
$ CXX=afl-g++ AFL_HARDEN=1 cmake -DWITH_XC_ALL=ON ..
$ make
In the source code, special behavior for fuzz testing can be implemented with `#ifdef __AFL_COMPILER`. For example, in fuzz builds, the KeePassXC CLI takes the database password from environment variable `KEYPASSXC_AFL_PASSWORD` to allow non-interactive operation.
## Prepare Fuzzer Input
To get the fuzzer started, we provide empty password database files (the password is `secret`).
$ cd buildafl
$ mkdir -p findings/testcases
$ cp ../share/empty*.kdbx findings/testcases
The fuzzer works by running KeePassXC with variations of this input, mutated in ways that make the program crash or hang.
## Run The Fuzzer
$ cd buildafl
$ KEYPASSXC_AFL_PASSWORD=secret afl-fuzz -i findings/testcases -o findings -m 2000 -t 1000 src/cli/keepassxc-cli ls @@
This fuzz-tests the `ls` command of the KeePassXC CLI, which loads and decrypts a database file and then lists its contents. The parameters mean:
* `KEYPASSXC_AFL_PASSWORD=secret`: In fuzz test builds, the KeePassXC CLI takes the database password from this environment variable.
* `-i findings/testcases`: The directory which contains the initial fuzzer input.
* `-o findings`: The directory in which to store fuzzer results.
* `-m 2000`: Fuzzer memory (in megabytes). Adjust as required if the fuzzer fails to start up.
* `-t 1000`: Timeout until a hang is detected (in milliseconds).
* `src/cli/keepassxc-cli`: The instrumented executable.
* `ls`: The subcommand we're testing.
* `@@`: The fuzzer replaces this by the name of a file with the generated input.
You may also need `export AFL_SKIP_CPUFREQ=1`.
If KeePassXC crashes or hangs when processing the input, the fuzzer writes the database file (that was used in place of `@@`) to the `findings/crashes` or `findings/hangs` directory, respectively.
To continue where the fuzzer left off, use `-i -`. To start over, remove and re-create the `findings` directory.
## More Information
AFL documentation: https://afl-1.readthedocs.io/en/latest/
Read this if you want to get serious about fuzz-testing.

1
docs/GettingStarted.adoc
View File

@@ -1,5 +1,6 @@
= KeePassXC: Getting Started Guide = KeePassXC: Getting Started Guide
KeePassXC Team <team@keepassxc.org> KeePassXC Team <team@keepassxc.org>
v2.6.0
:data-uri: :data-uri:
:linkcss!: :linkcss!:
:homepage: https://keepassxc.org :homepage: https://keepassxc.org

3
docs/UserGuide.adoc
View File

@@ -1,5 +1,6 @@
= KeePassXC: User Guide = KeePassXC: User Guide
KeePassXC Team <team@keepassxc.org> KeePassXC Team <team@keepassxc.org>
v2.6.0
:data-uri: :data-uri:
:homepage: https://keepassxc.org :homepage: https://keepassxc.org
:icons: font :icons: font
@@ -34,5 +35,3 @@ include::topics/AutoType.adoc[tags=*]
include::topics/KeeShare.adoc[tags=*] include::topics/KeeShare.adoc[tags=*]
include::topics/SSHAgent.adoc[tags=*] include::topics/SSHAgent.adoc[tags=*]
include::topics/Reference.adoc[tags=*]

BIN
docs/images/autotype_entry_sequences.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 64 KiB

After

Width:  |  Height:  |  Size: 37 KiB

BIN
docs/images/autotype_entrylevel.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 82 KiB

After

Width:  |  Height:  |  Size: 104 KiB

BIN
docs/images/autotype_selection_dialog.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 27 KiB

After

Width:  |  Height:  |  Size: 32 KiB

BIN
docs/images/autotype_selection_dialog_search.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 31 KiB

BIN
docs/images/autotype_selection_dialog_type_menu.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 61 KiB

BIN
docs/images/autotype_settings.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 64 KiB

After

Width:  |  Height:  |  Size: 35 KiB

BIN
docs/images/browser_database_settings.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 55 KiB

After

Width:  |  Height:  |  Size: 33 KiB

BIN
docs/images/browser_group_settings.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 56 KiB

BIN
docs/images/browser_settings.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 69 KiB

After

Width:  |  Height:  |  Size: 45 KiB

BIN
docs/images/browser_statistics.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 106 KiB

BIN
docs/images/compact_mode_comparison.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 74 KiB

After

Width:  |  Height:  |  Size: 108 KiB

BIN
docs/images/csv_import.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 81 KiB

After

Width:  |  Height:  |  Size: 44 KiB

BIN
docs/images/database_maintenance.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 100 KiB

BIN
docs/images/database_settings.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 54 KiB

After

Width:  |  Height:  |  Size: 33 KiB

BIN
docs/images/database_view.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 102 KiB

After

Width:  |  Height:  |  Size: 55 KiB

BIN
docs/images/edit_entry.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 49 KiB

After

Width:  |  Height:  |  Size: 60 KiB

BIN
docs/images/edit_entry_history.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 56 KiB

After

Width:  |  Height:  |  Size: 37 KiB

BIN
docs/images/edit_entry_icons.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 145 KiB

After

Width:  |  Height:  |  Size: 117 KiB

BIN
docs/images/export_database.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 126 KiB

After

Width:  |  Height:  |  Size: 80 KiB

BIN
docs/images/keeshare_application_settings.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 52 KiB

After

Width:  |  Height:  |  Size: 80 KiB

BIN
docs/images/main_interface.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 110 KiB

After

Width:  |  Height:  |  Size: 117 KiB

BIN
docs/images/open_database.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 47 KiB

After

Width:  |  Height:  |  Size: 27 KiB

BIN
docs/images/passphrase_generator.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 43 KiB

After

Width:  |  Height:  |  Size: 23 KiB

BIN
docs/images/password_generator.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 39 KiB

After

Width:  |  Height:  |  Size: 23 KiB

BIN
docs/images/password_generator_advanced.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 48 KiB

After

Width:  |  Height:  |  Size: 29 KiB

BIN
docs/images/quick_unlock.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 33 KiB

BIN
docs/images/quick_unlock_windows_hello.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 70 KiB

BIN
docs/images/save_options.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 53 KiB

BIN
docs/images/sshagent_application_settings.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 56 KiB

After

Width:  |  Height:  |  Size: 36 KiB

BIN
docs/images/theme_selection.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 26 KiB

After

Width:  |  Height:  |  Size: 15 KiB

BIN
docs/images/toolbar.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 21 KiB

After

Width:  |  Height:  |  Size: 12 KiB

BIN
docs/images/totp_code_example.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 48 KiB

BIN
docs/images/totp_setup.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 86 KiB

BIN
docs/images/totp_usage_examples.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 97 KiB

BIN
docs/images/welcome_screen.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 44 KiB

After

Width:  |  Height:  |  Size: 26 KiB

80
docs/man/keepassxc-cli.1.adoc
View File

@@ -15,9 +15,9 @@
// along with this program. If not, see <http://www.gnu.org/licenses/>. // along with this program. If not, see <http://www.gnu.org/licenses/>.
= keepassxc-cli(1) = keepassxc-cli(1)
KeePassXC Team <team@keepassxc.org> :docdate: 2020-07-10
:docdate: 2022-08-20
:doctype: manpage :doctype: manpage
:revnumber: 2.6.0
:mansource: KeePassXC {revnumber} :mansource: KeePassXC {revnumber}
:manmanual: General Commands Manual :manmanual: General Commands Manual
@@ -38,25 +38,14 @@ It provides the ability to query and modify the entries of a KeePass database, d
The same password generation options as documented for the generate command can be used when the *-g* option is set. The same password generation options as documented for the generate command can be used when the *-g* option is set.
*analyze* [_options_] <__database__>:: *analyze* [_options_] <__database__>::
Analyzes passwords in a database for weaknesses using offline HIBP SHA-1 hash lookup. Analyzes passwords in a database for weaknesses.
*attachment-export* [_options_] <__database__> <__entry__> <__attachment_name__> <__export_file__>::
Exports the content of an attachment to a specified file.
Use *--stdout* option to instead output the contents of the attachment to stdout.
*attachment-import* [_options_] <__database__> <__entry__> <__attachment_name__> <__import_file__>::
Imports the attachment into an entry.
An existing attachment with the same name may be overwritten if the *-f* option is specified.
*attachment-rm* <__database__> <__entry__> <__attachment_name__>::
Removes the named attachment from an entry.
*clip* [_options_] <__database__> <__entry__> [_timeout_]:: *clip* [_options_] <__database__> <__entry__> [_timeout_]::
Copies an attribute or the current TOTP (if the *-t* option is specified) of a database entry to the clipboard. Copies an attribute or the current TOTP (if the *-t* option is specified) of a database entry to the clipboard.
If no attribute name is specified using the *-a* option, the password is copied. If no attribute name is specified using the *-a* option, the password is copied.
If multiple entries with the same name exist in different groups, only the attribute for the first one is copied. If multiple entries with the same name exist in different groups, only the attribute for the first one is copied.
For copying the attribute of an entry in a specific group, the group path to the entry should be specified as well, instead of just the name. For copying the attribute of an entry in a specific group, the group path to the entry should be specified as well, instead of just the name.
Optionally, a timeout in seconds can be specified to automatically clear the clipboard, the default timeout is 10 seconds, set to 0 to disable. Optionally, a timeout in seconds can be specified to automatically clear the clipboard.
*close*:: *close*::
In interactive mode, closes the currently opened database (see *open*). In interactive mode, closes the currently opened database (see *open*).
@@ -66,11 +55,6 @@ It provides the ability to query and modify the entries of a KeePass database, d
The key file will be created if the file that is referred to does not exist. The key file will be created if the file that is referred to does not exist.
If both the key file and password are empty, no database will be created. If both the key file and password are empty, no database will be created.
*db-edit* [_options_] <__database__>::
Edits a database.
When setting a key file, the key file will be created if the file that is referred to
does not exist.
*db-info* [_options_] <__database__>:: *db-info* [_options_] <__database__>::
Show a database's information. Show a database's information.
@@ -100,11 +84,10 @@ It provides the ability to query and modify the entries of a KeePass database, d
Displays a list of available commands, or detailed information about the specified command. Displays a list of available commands, or detailed information about the specified command.
*import* [_options_] <__xml__> <__database__>:: *import* [_options_] <__xml__> <__database__>::
Imports the contents of an XML exported database to a new created database Imports the contents of an XML database to the target database.
with a password and/or key file.
The key file will be created if the file that is referred to does not exist. *locate* [_options_] <__database__> <__term__>::
If both the key file and password are empty, no database will be created. Locates all the entries that match a specific search term in a database.
The new database will be in kdbx 4 format.
*ls* [_options_] <__database__> [_group_]:: *ls* [_options_] <__database__> [_group_]::
Lists the contents of a group in a database. Lists the contents of a group in a database.
@@ -139,9 +122,6 @@ It provides the ability to query and modify the entries of a KeePass database, d
If the database has a recycle bin, the group will be moved there. If the database has a recycle bin, the group will be moved there.
If the group is already in the recycle bin, it will be removed permanently. If the group is already in the recycle bin, it will be removed permanently.
*search* [_options_] <__database__> <__term__>::
Searches all entries that match a specific search term in a database.
*show* [_options_] <__database__> <__entry__>:: *show* [_options_] <__database__> <__entry__>::
Shows the title, username, password, URL and notes of a database entry. Shows the title, username, password, URL and notes of a database entry.
Can also show the current TOTP. Can also show the current TOTP.
@@ -159,7 +139,7 @@ It provides the ability to query and modify the entries of a KeePass database, d
*--no-password*:: *--no-password*::
Deactivates the password key for the database. Deactivates the password key for the database.
*-y*, *--yubikey* <__slot[:serial]__>:: *-y*, *--yubikey* <__slot__>::
Specifies a yubikey slot for unlocking the database. Specifies a yubikey slot for unlocking the database.
In a merge operation this option is used to specify the YubiKey slot for the first database. In a merge operation this option is used to specify the YubiKey slot for the first database.
@@ -182,7 +162,7 @@ It provides the ability to query and modify the entries of a KeePass database, d
*--no-password-from*:: *--no-password-from*::
Deactivates password key for the database to merge from. Deactivates password key for the database to merge from.
*--yubikey-from* <__slot[:serial]__>:: *--yubikey-from* <__slot__>::
YubiKey slot for the second database. YubiKey slot for the second database.
*-s*, *--same-credentials*:: *-s*, *--same-credentials*::
@@ -197,9 +177,6 @@ The same password generation options as documented for the generate command can
*--url* <__url__>:: *--url* <__url__>::
Specifies the URL of the entry. Specifies the URL of the entry.
*--notes* <__notes__>::
Specifies the notes of the entry.
*-p*, *--password-prompt*:: *-p*, *--password-prompt*::
Uses a password prompt for the entry's password. Uses a password prompt for the entry's password.
@@ -220,10 +197,6 @@ The same password generation options as documented for the generate command can
Such files are available from https://haveibeenpwned.com/Passwords; Such files are available from https://haveibeenpwned.com/Passwords;
note that they are large, and so this operation typically takes some time (minutes up to an hour or so). note that they are large, and so this operation typically takes some time (minutes up to an hour or so).
*--okon* <__okon-cli path__>::
Use the specified okon-cli program to perform offline breach checks. You can obtain okon-cli from https://github.com/stryku/okon.
When using this option, *-H, --hibp* must point to a post-processed okon file (e.g. file.okon).
=== Clip options === Clip options
*-a*, *--attribute*:: *-a*, *--attribute*::
Copies the specified attribute to the clipboard. Copies the specified attribute to the clipboard.
@@ -235,29 +208,16 @@ The same password generation options as documented for the generate command can
Copies the current TOTP instead of the specified attribute to the clipboard. Copies the current TOTP instead of the specified attribute to the clipboard.
Will report an error if no TOTP is configured for the entry. Will report an error if no TOTP is configured for the entry.
*-b*, *--best*:: === Create options
Try to find and copy to clipboard a unique entry matching the input *-k*, *--set-key-file* <__path__>::
If a unique matching entry is found it will be copied to the clipboard.
If multiple entries are found they will be listed to refine the search. (no clip performed)
=== Db-create, Db-edit and Import options
*--set-key-file* <__path__>::
Set the key file for the database. Set the key file for the database.
*-p*, *--set-password*:: *-p*, *--set-password*::
Set a password for the database. Set a password for the database.
=== Db-create, Import options
*-t*, *--decryption-time* <__time__>:: *-t*, *--decryption-time* <__time__>::
Target decryption time in MS for the database. Target decryption time in MS for the database.
=== Db-edit options
*--unset-password* <__path__>::
Removes the password for the database.
*--unset-key-file* <__path__>::
Removes the key file for the database.
=== Show options === Show options
*-a*, *--attributes* <__attribute__>...:: *-a*, *--attributes* <__attribute__>...::
Shows the named attributes. Shows the named attributes.
@@ -265,15 +225,9 @@ The same password generation options as documented for the generate command can
If no attributes are specified and *-t* is not specified, a summary of the default attributes is given. If no attributes are specified and *-t* is not specified, a summary of the default attributes is given.
Protected attributes will be displayed in clear text if specified explicitly by this option. Protected attributes will be displayed in clear text if specified explicitly by this option.
*--all*::
Show all the attributes of the entry.
*-s*, *--show-protected*:: *-s*, *--show-protected*::
Shows the protected attributes in clear text. Shows the protected attributes in clear text.
*--show-attachments*::
Shows the attachment names along with the size of the attachments.
*-t*, *--totp*:: *-t*, *--totp*::
Also shows the current TOTP, reporting an error if no TOTP is configured for the entry. Also shows the current TOTP, reporting an error if no TOTP is configured for the entry.
@@ -286,7 +240,6 @@ The same password generation options as documented for the generate command can
Sets the Path of the wordlist for the diceware generator. Sets the Path of the wordlist for the diceware generator.
The wordlist must have > 1000 words, otherwise the program will fail. The wordlist must have > 1000 words, otherwise the program will fail.
If the wordlist has < 4000 words a warning will be printed to STDERR. If the wordlist has < 4000 words a warning will be printed to STDERR.
Any *diceware*-compatible wordlist can be used. Note however that *KeePassXC* will NOT verify the PGP signature of signed wordlists.
=== Export options === Export options
*-f*, *--format*:: *-f*, *--format*::
@@ -339,14 +292,11 @@ The same password generation options as documented for the generate command can
Include characters from every selected group. Include characters from every selected group.
[Default: Disabled] [Default: Disabled]
include::includes/section-notes.adoc[] include::section-notes.adoc[]
== AUTHOR == AUTHOR
This manual page was originally written by Manolis Agkopian <m.agkopian@gmail.com>. This manual page was originally written by Manolis Agkopian <m.agkopian@gmail.com>.
include::includes/section-reporting-bugs.adoc[] include::section-reporting-bugs.adoc[]
include::includes/section-copyright.adoc[] include::section-copyright.adoc[]
== SEE ALSO
*keepassxc*(1)

16
docs/man/keepassxc.1.adoc
View File

@@ -15,9 +15,9 @@
// along with this program. If not, see <http://www.gnu.org/licenses/>. // along with this program. If not, see <http://www.gnu.org/licenses/>.
= keepassxc(1) = keepassxc(1)
KeePassXC Team <team@keepassxc.org> :docdate: 2020-07-10
:docdate: 2020-08-31
:doctype: manpage :doctype: manpage
:revnumber: 2.6.0
:mansource: KeePassXC {revnumber} :mansource: KeePassXC {revnumber}
:manmanual: General Commands Manual :manmanual: General Commands Manual
@@ -49,17 +49,17 @@ Your wallet works offline and requires no Internet connection.
*--pw-stdin*:: *--pw-stdin*::
Read password of the database from stdin. Read password of the database from stdin.
*--pw*, *--parent-window* <__handle__>::
Parent window handle.
*--debug-info*:: *--debug-info*::
Displays debugging information. Displays debugging information.
include::includes/section-notes.adoc[] include::section-notes.adoc[]
== AUTHOR == AUTHOR
This manual page was originally written by Janek Bevendorff <janek@jbev.net>. This manual page was originally written by Janek Bevendorff <janek@jbev.net>.
include::includes/section-reporting-bugs.adoc[] include::section-reporting-bugs.adoc[]
include::includes/section-copyright.adoc[] include::section-copyright.adoc[]
== SEE ALSO
*keepassxc-cli*(1)

3
docs/man/includes/section-copyright.adoc → docs/man/section-copyright.adoc
View File

@@ -16,5 +16,4 @@
== COPYRIGHT == COPYRIGHT
Copyright \(C) 2016-2020 KeePassXC Team <team@keepassxc.org> Copyright \(C) 2016-2020 KeePassXC Team <team@keepassxc.org>
This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License, either version 2 or version 3. *KeePassXC* code is licensed under GPL-2 or GPL-3.
There is NO WARRANTY, to the extent permitted by law.

0
docs/man/includes/section-notes.adoc → docs/man/section-notes.adoc
View File

0
docs/man/includes/section-reporting-bugs.adoc → docs/man/section-reporting-bugs.adoc
View File

1
docs/topics/.sharedheader
View File

@@ -1,4 +1,5 @@
KeePassXC Team <team@keepassxc.org> KeePassXC Team <team@keepassxc.org>
v2.6.0
:data-uri: :data-uri:
:homepage: https://keepassxc.org :homepage: https://keepassxc.org
:stylesheet: ../styles/dark.css :stylesheet: ../styles/dark.css

89
docs/topics/AutoType.adoc
View File

@@ -1,4 +1,4 @@
= KeePassXC Auto-Type = KeePassXC - Auto-Type
:imagesdir: ../images :imagesdir: ../images
// tag::content[] // tag::content[]
@@ -12,34 +12,45 @@ WARNING: Auto-Type will be disabled when run with a Wayland compositor on Linux.
=== Configure Global Auto-Type === Configure Global Auto-Type
You can define a global Auto-Type hotkey that starts the Auto-Type process. To configure the hotkey, perform the following steps: You can define a global Auto-Type hotkey that starts the Auto-Type process. To configure the hotkey, perform the following steps:
Navigate to _Tools_ -> _Settings_ -> Auto-Type tab *(1)*. Click into the _Global Auto-Type shortcut_ box and press the desired key combination that will trigger the Auto-Type process *(2)*. 1. Navigate to _Tools_ -> _Settings_ -> Auto-Type tab *(1)*. Click into the _Global Auto-Type shortcut_ box and press the desired key combination that will trigger the Auto-Type process *(2)*.
+
.Auto-Type settings .Auto-Type settings
image::autotype_settings.png[] image::autotype_settings.png[]
+
You can configure additional Auto-Type settings in this window such as start delay, inter-key typing delay, and matching options. If Auto-Type is not working well for you, try adjusting the default delays. You can configure additional Auto-Type settings in this window such as start delay, inter-key typing delay, and matching options. If Auto-Type is not working well for you, try adjusting the default delays.
You can also set the time to remember the last used entry between presses of the global Auto-Type hotkey. This is useful for typing parts of a sequence during complex login workflows without having to find the specific each time.
=== Configure Auto-Type Sequences === Configure Auto-Type Sequences
Each entry in your database can have multiple Auto-Type sequences associated with various window titles. Simulated key presses can be sent to any other currently open window of your choice (web browser windows, login dialogs boxes, and so on). When the Global Auto-Type hotkey is pressed, KeePassXC will search your database for entries matching the current selected window title. Each entry in your database can have multiple Auto-Type sequences associated with various window titles. Simulated key presses can be sent to any other currently open window of your choice (web browser windows, login dialogs boxes, and so on). When the Global Auto-Type hotkey is pressed, KeePassXC will search your database for entries matching the current selected window title.
NOTE: The default Auto-Type sequence is `{USERNAME}{TAB}{PASSWORD}{ENTER}`. This means that it first types the username of the selected entry, then presses the `Tab` key, then types the password of the entry and finally presses the `Enter` key. NOTE: The default Auto-Type sequence is `{USERNAME}{TAB}{PASSWORD}{ENTER}`. This means that it first types the username of the selected entry, then presses the `Tab` key, then types the password of the entry and finally presses the `Enter` key.
TIP: To change the default Auto-Type sequence for all entries of your database, edit the root (top-most) group of your database and set a specific sequence. Child groups and entries will inherit this sequence by default.
To configure Auto-Type sequences for your entries, perform the following steps: To configure Auto-Type sequences for your entries, perform the following steps:
1. Navigate to the entries list and open the desired entry for editing. Click the _Auto-Type_ item from the left-hand menu bar *(1)*. Press the `+` button *(2)* to add a new sequence entry. Select the desired window using the drop-down menu, or simply type a window title in the box *(3)*. 1. Navigate to the entries list and open the desired entry for editing. Click the _Auto-Type_ item from the left-hand menu bar *(1)*. Press the `+` button *(2)* to add a new sequence entry. Select the desired window using the drop-down menu, or simply type a window title in the box *(3)*. You can use wildcard `*` to match any value (e.g., when a window title contains a filename or website name).
+
TIP: You can use an asterisk (`\*`) to match any value (e.g., when a window title contains a dynamic filename or website name). Set the window title to `*` to match all windows. Leave the window title blank to offer additional default Auto-Type sequences, such as custom attributes.
+ +
.Auto-Type entry sequences .Auto-Type entry sequences
image::autotype_entry_sequences.png[] image::autotype_entry_sequences.png[]
2. _(Optional)_ Define a custom Auto-Type sequence for each window title match by selecting the _Use specific sequence for this association_ checkbox. Sequence action codes and field placeholders are detailed in the following table. Beyond the most important ones detailed below, there are additional action codes and placeholders available: xref:UserGuide.adoc#_auto_type_actions[Auto-Type Actions Reference] and xref:UserGuide.adoc#_entry_placeholders[Entry Placeholders Reference]. Action codes and placeholders are not case sensitive. 2. _(Optional)_ Define a custom auto-type sequence for each window title match by selecting the _Use specific sequence for this association_ checkbox. Sequence action codes and field placeholders are detailed in the following table. A complete list of supported actions and placeholders can be found at https://keepass.info/help/base/autotype.html#autoseq[KeePass Auto-Type Action Codes] and https://keepass.info/help/base/placeholders.html[KeePass Placeholders]. Action codes and placeholders are not case sensitive.
+ +
[grid=rows, frame=none, width=90%] [grid=rows, frame=none, width=70%]
|===
|Action Code |Description
|{TAB}, {ENTER}, {SPACE}, {INSERT}, {DELETE}, {HOME}, {END}, {PGUP}, {PGDN}, {BACKSPACE}, {CAPSLOCK}, {ESC}
|Press the corresponding keyboard key
|{UP}, {DOWN}, {LEFT}, {RIGHT} |Press the corresponding arrow key
|{F1}, {F2}, ..., {F16} |Press F1, F2, etc.
|{LEFTBRACE}, {RIGHTBRACE} |Press `{` or `}`, respectively
|{DELAY=X} |Set key press delay to X milliseconds
|{DELAY X} |Delay typing start by X milliseconds
|{CLEARFIELD} |Clear the input field before typing
|{TOTP} |Insert calculated TOTP value (if configured)
|{<ACTION> X} |Repeat <ACTION> X times (e.g., {SPACE 5} inserts five spaces)
|===
+
[grid=rows, frame=none, width=70%]
|=== |===
|Placeholder |Description |Placeholder |Description
@@ -49,59 +60,21 @@ image::autotype_entry_sequences.png[]
|{URL} |URL |{URL} |URL
|{NOTES} |Notes |{NOTES} |Notes
|{TOTP} |Current TOTP value (if configured) |{TOTP} |Current TOTP value (if configured)
|{S:ATTRIBUTE_NAME} |Value for the given attribute name (e.g., {S:Address}) |{DT_SIMPLE} |Current date-time
|{DB_DIR} |Absolute directory path for database file
|{S:<ATTRIBUTE_NAME>} |Value for the given attribute name
|{REF:<FIELD>@<SEARCH_IN>:<SEARCH_TEXT>} |Search for a field in another entry using the reference syntax.
|=== |===
+
[grid=rows, frame=none, width=90%]
|===
|Action Code |Description
|{TAB}, {ENTER}, {SPACE}, {INSERT}, {DELETE}, {HOME}, {END}, {PGUP}, {PGDN}, {BACKSPACE}, {CAPSLOCK}, {ESC}
|Press the corresponding keyboard key
|{UP}, {DOWN}, {LEFT}, {RIGHT} |Press the corresponding arrow key
|{LEFTBRACE}, {RIGHTBRACE} |Press `{` or `}`, respectively
|{&lt;KEY&gt; X} |Repeat &lt;KEY&gt; X times (e.g., {SPACE 5} inserts five spaces)
|{DELAY=X} |Set delay between key presses to X milliseconds
|{DELAY X} |Pause typing for X milliseconds
|{CLEARFIELD} |Clear the input field
|{PICKCHARS} |Pick specific password characters from a dialog
|{MODE=VIRTUAL} |(Experimental) Use virtual key presses on Windows, useful for virtual machines
|===
+
[grid=rows, frame=none, width=90%]
|===
|Modifier |Description
|+ |SHIFT
|^ |CTRL
|% |ALT
|# |WIN/CMD
|===
TIP: Use modifiers to hold down special keys before typing the next character. For example, to type *CTRL+SHIFT+D* use: `^+d`. This is useful if you need to activate certain actions in a program or on your desktop.
=== Performing Global Auto-Type === Performing Global Auto-Type
The global Auto-Type keyboard shortcut is used when you have focus on the window you want to type into. To make use of this feature, you must have previously configured an Auto-Type hotkey. The global Auto-Type keyboard shortcut is used when you have focus on the window you want to type into. To make use of this feature, you must have previously configured an Auto-Type hotkey.
When you press the global Auto-Type hotkey, KeePassXC searches all unlocked databases for entries that match the focused window title. The Auto-Type selection dialog will appear in the following circumstances: there are no matches found, there are multiple matches found, or the setting "Always ask before performing Auto-Type" is enabled. The selection is remembered for a short while to help retype with the same entry in quick succession. Pressing the global Auto-Type hotkey cause KeePassXC to search the database for entries that match the window title. Multiple matches may be returned and will cause the sequence selection dialog to appear. Click on a sequence line will immediately execute the Auto-Type action. A search box is also available in case numerous matches are returned.
.Auto-Type sequence selection .Auto-Type sequence selection
image::autotype_selection_dialog.png[,70%] image::autotype_selection_dialog.png[,70%]
Perform the selected Auto-Type sequence by double clicking the desired row or pressing _Enter_. Press the up and down arrows to navigate the list. Sequences can be filtered through the text edit field. TIP: The _Sequence_ column will only appear when there are different sequences defined by one or more entries displayed in the selection dialog.
.Auto-Type search database
image::autotype_selection_dialog_search.png[,70%]
Search the unlocked databases by activating Search Database radio button. Use the text edit field to issue search queries using the same syntax as database searching.
.Additional Auto-Type choices
image::autotype_selection_dialog_type_menu.png[,70%]
The option to type just the username, password, or current TOTP value is available by right-clicking the desired row or expanding the Type Sequence button options. You can also copy these values to the clipboard.
TIP: On Windows, you will see an option to use a virtual keyboard in this sub-menu. This is an experimental feature that allows you to type into virtual machines by simulating actual keyboard presses. Some international keyboards may be unsupported due to limitations in the Windows API.
=== Performing Entry-Level Auto-Type === Performing Entry-Level Auto-Type
You can quickly activate the default Auto-Type sequence for a particular entry using Entry-Level Auto-Type. For this operation, the KeePassXC window will be minimized and the Auto-Type sequence occurs in the previously selected window. You can perform Entry-Level Auto-Type from the toolbar icon *(A)*, entry context menu *(B)*, or by pressing `Ctrl+Shift+V`. You can quickly activate the default Auto-Type sequence for a particular entry using Entry-Level Auto-Type. For this operation, the KeePassXC window will be minimized and the Auto-Type sequence occurs in the previously selected window. You can perform Entry-Level Auto-Type from the toolbar icon *(A)*, entry context menu *(B)*, or by pressing `Ctrl+Shift+V`.
@@ -110,4 +83,4 @@ WARNING: Be careful when using Entry-Level Auto-Type as you can inadvertently ty
.Entry-Level Auto-Type .Entry-Level Auto-Type
image::autotype_entrylevel.png[] image::autotype_entrylevel.png[]
// end::content[] // end::content[]

21
docs/topics/BrowserPlugin.adoc
View File

@@ -1,4 +1,4 @@
= KeePassXC Browser Plugin = KeePassXC - Browser Plugin
include::.sharedheader[] include::.sharedheader[]
:imagesdir: ../images :imagesdir: ../images
@@ -23,8 +23,6 @@ You can download the KeePassXC-Browser extension from your web browser. To downl
2. Click the button to install/add the extension to the browser. Accept any confirmation dialogs. 2. Click the button to install/add the extension to the browser. Accept any confirmation dialogs.
TIP: For the most up-to-date troubleshooting advice on all platforms, please read our https://github.com/keepassxreboot/keepassxc-browser/wiki/Troubleshooting-guide[Troubleshooting Guide].
// tag::advanced[] // tag::advanced[]
NOTE: When Microsoft Edge is installed as a managed application, system administrators are required to deploy a custom native messaging configuration. Instructions for this are found in the advanced section below. NOTE: When Microsoft Edge is installed as a managed application, system administrators are required to deploy a custom native messaging configuration. Instructions for this are found in the advanced section below.
// end::advanced[] // end::advanced[]
@@ -50,7 +48,7 @@ image::browser_settings.png[]
.Connect Extension to KeePassXC .Connect Extension to KeePassXC
image::browser_extension_connect.png[,80%] image::browser_extension_connect.png[,80%]
6. Click the _Connect_ button *(B)* in the pop-up window to complete integrating the KeePassXC-Browser extension with your KeePassXC desktop application. 6. Click the _Connect_ button *(B)* in the pop-up window to complete integrating the KeePassXC-Browser extension with your KeePassXC desktop application.
7. You are now prompted to enter a unique name to identify the connection between this browser and your database. Enter a unique name in the field (e.g., firefox-laptop) and click the _Save and allow access_ button. 7. You are now prompted to enter a unique name to identify the connection between this browser and your database. Enter a unique name in the field (e.g., firefox-laptop) and click the _Save and allow access_ button.
+ +
@@ -64,7 +62,7 @@ The KeePassXC-Browser extension lets you automatically populate the entries from
1. Open your KeePassXC desktop application and unlock your database. 1. Open your KeePassXC desktop application and unlock your database.
2. Open your web browser. The KeePassXC-Browser extension icon in your browser window will change based on its connection state. The figure below shows the different states. 2. Open your web browser. The KeePassXC-Browser extension icon in your browser window will change based on its connection state. The figure below shows the different states.
+ +
*(A)* KeePassXC is not running or is disconnected + *(A)* KeePassXC is not running or is disconnected +
*(B)* Connected to KeePassXC, but database is locked + *(B)* Connected to KeePassXC, but database is locked +
@@ -83,7 +81,7 @@ image::browser_extension_reload.png[,80%]
.Confirm Access Dialog .Confirm Access Dialog
image::browser_confirm_access_dialog.png[,80%] image::browser_confirm_access_dialog.png[,80%]
5. Ensure the credentials you want to use are checked, then click *(A)* Remember _(optional)_, then click _Allow Selected_ *(B)*. 5. Ensure the credentials you want use are checked, then click *(A)* Remember _(optional)_, then click _Allow Selected_ *(B)*.
6. In your website, the KeePassXC icon will appear in the username field of the login form *(A)*. Click the icon to populate the field with your stored credentials. If you have more than one credential for this website, a dropdown will appear to choose the one to use. 6. In your website, the KeePassXC icon will appear in the username field of the login form *(A)*. Click the icon to populate the field with your stored credentials. If you have more than one credential for this website, a dropdown will appear to choose the one to use.
+ +
@@ -91,12 +89,6 @@ image::browser_confirm_access_dialog.png[,80%]
image::browser_fill_credentials.png[,80%] image::browser_fill_credentials.png[,80%]
// tag::advanced[] // tag::advanced[]
=== Browser statistics
You can see a cross-section of all browser-related settings applied to entries within a database through the Browser Statistics report. To access these, use the _Database_ -> _Database reports..._ menu option then click on _Browser Statistics_ on the left-hand menu. From here you can see all entries with URLs applied to them, explicitly allowed and denied URLs, and any entries with custom browser settings.
.Browser statistics
image::browser_statistics.png[]
=== Advanced Usage === Advanced Usage
You can configure unique browser integration behavior for each entry. This allows you to add multiple URLs to an entry, hide an entry from the browser integration, and more. To access these settings, open an entry for editing then click on _Browser Integration_ option in the left-hand menu *(1)*. You can configure unique browser integration behavior for each entry. This allows you to add multiple URLs to an entry, hide an entry from the browser integration, and more. To access these settings, open an entry for editing then click on _Browser Integration_ option in the left-hand menu *(1)*.
@@ -105,11 +97,6 @@ After opening the settings you can add any number of additional URLs by clicking
.Entry browser settings .Entry browser settings
image::browser_entry_settings.png[] image::browser_entry_settings.png[]
To set options for all entries within a group, edit the group and go to the browser integration section *(1)*. Here you can explicitly disable access to all entries under a group hierarchy to the browser extension. You can set other useful options for groups of entries as well.
.Group browser settings
image::browser_group_settings.png[]
Database-wide operations are available in the database settings. To access these use the _Database_ -> _Database settings..._ menu option. Click on _Browser Integration_ on the left-hand menu. From here you can disconnect all browsers, convert legacy KeePass-HTTP settings, reset all entry-level settings, and refresh the database root group ID (useful when making copies of your database file). Database-wide operations are available in the database settings. To access these use the _Database_ -> _Database settings..._ menu option. Click on _Browser Integration_ on the left-hand menu. From here you can disconnect all browsers, convert legacy KeePass-HTTP settings, reset all entry-level settings, and refresh the database root group ID (useful when making copies of your database file).
.Database browser settings .Database browser settings

138
docs/topics/DatabaseOperations.adoc
View File

@@ -1,4 +1,4 @@
= KeePassXC Database Operations = KeePassXC - Database Operations
include::.sharedheader[] include::.sharedheader[]
:imagesdir: ../images :imagesdir: ../images
@@ -11,22 +11,22 @@ To create a database, perform the following steps:
1. Open your KeePassXC application. Click the create new database button *(A)*: 1. Open your KeePassXC application. Click the create new database button *(A)*:
+ +
.Create database Welcome screen .Create database - Welcome screen
image::welcome_screen.png[] image::welcome_screen.png[]
2. The database creation wizard appears. Enter the desired database name and a short description (optional): 2. The database creation wizard appears. Enter the desired database name and a short description (optional):
+ +
.Create database General information .Create database - General information
image::new_db_wizard_1.png[,80%] image::new_db_wizard_1.png[,80%]
3. Click Continue. The Encryption Settings screen appears, we don't recommend making any changes besides increasing or decreasing the decryption time using the slider. Setting the Decryption Time slider at higher values means that the database will have higher level of protection but the time taken by the database to open will increase. 3. Click Continue. The Encryption Settings screen appears, we don't recommend making any changes besides increasing or decreasing the decryption time using the slider. Setting the Decryption Time slider at a higher values means that the database will have higher level of protection but the time taken by the database to open will increase.
+ +
.Create database Encryption settings .Create database - Encryption settings
image::new_db_wizard_2.png[,80%] image::new_db_wizard_2.png[,80%]
4. Click the Continue button. The Database Credentials screen appears, enter your desired database password. We recommend using a long, randomized password. 4. Click the Continue button. The Database Credentials screen appears, enter your desired database password. We recommend using a long, randomized password.
+ +
.Create database Database credentials .Create database - Database credentials
image::new_db_wizard_3.png[,80%] image::new_db_wizard_3.png[,80%]
+ +
*(A)* Open the password generator + *(A)* Open the password generator +
@@ -44,7 +44,7 @@ To open an existing database, perform the following steps:
.Open an existing database .Open an existing database
image::open_database.png[] image::open_database.png[]
2. Navigate to the location of the database on your computer and open the database file. The database unlock screen will appear: 2. Navigate to the location of the your database on your computer and open the database file. The database unlock screen will appear:
+ +
.Database unlock screen .Database unlock screen
image::unlock_database.png[] image::unlock_database.png[]
@@ -58,37 +58,6 @@ image::unlock_database.png[]
.Unlocked database .Unlocked database
image::database_view.png[] image::database_view.png[]
=== Quick Unlock
On Windows and macOS, subject to hardware availability, your credentials can be securely stored to enable subsequent unlocking of your database through biometric authentication. This is enabled by default on Windows using _Windows Hello_ and on macOS using _Touch ID or Apple Watch_ services. You can disable this feature in the Application Settings under the Security section.
NOTE: On Windows you will be prompted to authenticate to Windows Hello on the initial database unlock. This is required to access the hardware certificate store that encrypts your credentials.
.Windows Hello example
image::quick_unlock_windows_hello.png[]
When your database is locked, you will see the following unlock dialog. Simply press _Enter_ or click on _Unlock Database_ to initiate the biometric authentication process. If you are using a hardware key (e.g. Yubikey), it must be connected to your computer to complete the unlock.
.Quick Unlock
image::quick_unlock.png[]
// tag::advanced[]
=== Expired Entries
By default, KeePassXC will show entries that are expired or will be expiring within 3 days after unlocking the database. This feature allows you to change your passwords before they expire and be aware of passwords that are no longer valid. You can disable or change this feature in the Application Settings.
=== Advanced Save Options
There are three ways that KeePassXC can handle database files. This behavior is set in the Application Settings under _File Operations_.
1. _(Default)_ *Safe saves* create a temporary database file alongside the existing one and atomically move it into place when all writing is complete. This prevents database corruption in the case of application crashes, loss of power, or other interruptions.
2. *Temporary file saves* create a database in the temporary files folder. This database is then moved into place overtop of the existing file. Although rare, interruptions in this move process could leave your database in an unknown state. This option is useful for overcoming poorly behaved cloud sync tools.
3. *Direct-write saves* write directly to the existing database file. This is an unsafe operation since any interruption can leave your entire database inaccessible. We only recommend using this option when interfacing with Linux GVFS services (e.g. Google Cloud on Gnome) and other types of storage services that host a virtual drive system.
In addition to these save options, KeePassXC can create a backup of your existing database file just prior to saving. This backup will be saved at the path specified in the *Backup destination* field. This path can be absolute or relative. The latter will be resolved according to the databases path. It is possible to specify a custom naming scheme with placeholders. See xref:UserGuide.adoc#_backup_path_placeholders[Backup Path Placeholders] for available placeholders and examples.
image::save_options.png[]
// end::advanced[]
=== Adding an Entry === Adding an Entry
All the details such as usernames, passwords, URLs, attachments, notes, and so on are stored in database entries. You can create as many entries as you want in the database. All the details such as usernames, passwords, URLs, attachments, notes, and so on are stored in database entries. You can create as many entries as you want in the database.
@@ -100,17 +69,10 @@ To add an entry, perform the following step:
image::edit_entry.png[] image::edit_entry.png[]
2. Enter a desired title for the entry, username, password, URL, and notes on this screen. 2. Enter a desired title for the entry, username, password, URL, and notes on this screen.
a. Your most frequently used usernames will automatically be available in the username drop-down menu. They will also auto-complete for you when typing.
b. You can generate a secure random password by clicking the dice icon in the password field to launch the password generator. Reveal the password by clicking the eye icon. 3. _(Optional)_ Select the Expires check-box to set the expiry date for the password. You can manually enter the date and time or click the Presets button to select a expiry date and time for your password.
c. After you add a URL to an entry you can press the download button to automatically download the website's icon for this entry. 4. Click *OK* to add the entry to your database.
3. _(Optional)_ Add tags to the entry to quickly search for it using the tags panel on the main database view. You can easily add new tags or select existing ones from the drop-down list.
4. _(Optional)_ Select the _Expires_ check-box to set the expiry date for the password. You can manually enter the date and time or click the _Presets_ button to select an expiry date and time for your password.
5. Click *OK* to add the entry to your database.
=== Editing an Entry === Editing an Entry
To edit the details in an entry, perform the following steps: To edit the details in an entry, perform the following steps:
@@ -123,28 +85,6 @@ To edit the details in an entry, perform the following steps:
4. Click *OK*. 4. Click *OK*.
=== Adding TOTP to an Entry
Timed One-Time Passwords (TOTP) are a popular choice for two-factor authentication methods. These codes are typically six digits long and change every 30 seconds. They are derived from a shared secret value and the current time. Once set up, KeePassXC can calculate TOTP codes like any authenticator app, such as Google Authenticator. The codes can be used with copy/paste, browser extension, and Auto-Type.
TIP: Your computer time must be synchronized with an internet time source to generate valid TOTP codes, https://www.nist.gov/pml/time-and-frequency-division/time-distribution/internet-time-service-its[read more here].
WARNING: Storing TOTP codes in the same database as the password will eliminate the advantages of two-factor authentication. If you desire maximum security, we recommend keeping TOTP codes in a separate database that you only unlock when needed.
To add TOTP to a database entry, you must first retrieve the secret string from the website or application you are authenticating to. Often this secret is accompanied with a QR code and can be copy/pasted below. Example:
.Example TOTP Secret
image::totp_code_example.png[,40%]
Once obtained, right-click the desired entry *(1)*, choose _TOTP_ -> _Set up TOTP..._ *(2)*, and the setup dialog will appear. In that dialog, paste the secret code from the website *(3)*, setup any custom settings (rare) *(4)*, then press OK to save the settings.
.TOTP Setup Process
image::totp_setup.png[]
After an entry is configured with TOTP, you will see a clock icon in that entry's row and have the ability to reveal the current code in the preview pane. Additionally, you can navigate to the entry's _TOTP_ menu to show the code in a separate window. You can also view the secret and configuration as a QR code for exporting to a mobile device. TOTP codes can be entered into forms with the browser extension, with Auto-Type by using the `{TOTP}` placeholder, or via menu options in the Auto-Type selection dialog.
.TOTP Usage
image::totp_usage_examples.png[]
=== Deleting an Entry === Deleting an Entry
To delete an entry, perform the following steps: To delete an entry, perform the following steps:
@@ -170,7 +110,7 @@ image::clone_entry.png[]
2. The clone dialog will appear. 2. The clone dialog will appear.
+ +
.Clone entry dialog .Clone entry dialog
image::clone_entry_dialog.png[,50%] image::clone_entry_dialog.png[,70%]
* Select the Append - Clone to title check-box to create a new entry with the word Clone as the suffix to the name of the new entry. * Select the Append - Clone to title check-box to create a new entry with the word Clone as the suffix to the name of the new entry.
* Select the Replace username and password with references check-box to create the new entry where the username and the password fields contain the references to the username and password to the master entry. * Select the Replace username and password with references check-box to create the new entry where the username and the password fields contain the references to the username and password to the master entry.
* Select the Copy history checkbox to copy the history of the master entry to the clone. * Select the Copy history checkbox to copy the history of the master entry to the clone.
@@ -180,7 +120,18 @@ image::clone_entry_dialog.png[,50%]
.References in a cloned entry .References in a cloned entry
image::clone_entry_references.png[] image::clone_entry_references.png[]
4. You can create your own references using the xref:UserGuide.adoc#_entry_cross_reference[Entry Reference Syntax] 4. You can create your own references using the following syntax:
+
`{REF:<ShortCode>@I:<UUID>}`
+
Where `<UUID>` is the Unique Identifier of the entry to pull data from and `<ShortCode>` is from the following:
+
* T - Title
* U - Username
* P - Password
* A - URL
* N - Notes
* I - UUID
== Searching the Database == Searching the Database
KeePassXC provides an enhanced and granular search features the enables you to search for specific entries in the databases using the different modifiers, wild card characters, and logical operators. KeePassXC provides an enhanced and granular search features the enables you to search for specific entries in the databases using the different modifiers, wild card characters, and logical operators.
@@ -196,17 +147,16 @@ KeePassXC provides an enhanced and granular search features the enables you to s
|* |Term is handled as a regular expression |* |Term is handled as a regular expression
|=== |===
The following fields can be searched along with their abbreviated name in parentheses: The following fields can be searched along with their abbreviated name in parenthesis:
* Title (t) * Title (t)
* Username (u) * Username (u)
* Password (p, pw) * Password (p, pw)
* URL * URL
* Notes (n) * Notes (n)
* Attribute names and values (attr) * Attribute (attr)
* Attachment (attach) * Attachment (attach)
* Group (g) * Group (g)
* Entry State (is:expired, is:weak)
=== Wild Card Characters and Logical Operators === Wild Card Characters and Logical Operators
[grid=rows, frame=none, width=70%] [grid=rows, frame=none, width=70%]
@@ -232,17 +182,11 @@ The following tables lists a few samples search queries for your reference:
|`+user:johnsmith -url:www.google.com *notes:"secret note \d"` |`+user:johnsmith -url:www.google.com *notes:"secret note \d"`
|Search the username field for exactly johnsmith, the URL must not contain www.google.com, and notes contains secret note [digit]. |Search the username field for exactly johnsmith, the URL must not contain www.google.com, and notes contains secret note [digit].
|`+attr:mystring123`
|Searches all additional attributes for any name OR value equal to mystring123.
|`is:expired is:weak`
|Searches for all expired entries with weak passwords.
|=== |===
== Advanced Entry Options == Advanced Entry Options
=== Additional Attributes === Additional Attributes
A lot of applications and web sites now require providing additional information when you create accounts. The additional information is used to block hackers if any suspicious activity is detected. In addition, the additional information you provide can be used to reset passwords if you forget them. You can also store arbitrary information here that can be copied to the clipboard or Auto-Typed using the `{S:<ATTR_NAME>}` action code. A lot of applications and web sites now require to provide additional information when you create accounts. The additional information is used to block hackers if any suspicious activity is detected. In addition, the additional information you provide can be used to reset passwords if you forget them. You can also store arbitrary information here that can be copied to the clipboard or Auto-Typed using the `{S:<ATTR_NAME}` action code.
To protect an attribute from being displayed by default, activate the _Protect_ checkbox *(A)*. To show the contents of the attribute while keeping it protected, press the _Reveal_ button *(B)*. To protect an attribute from being displayed by default, activate the _Protect_ checkbox *(A)*. To show the contents of the attribute while keeping it protected, press the _Reveal_ button *(B)*.
@@ -266,7 +210,7 @@ image::edit_entry_colors.png[]
=== Icons === Icons
You can select an icon to be displayed with each entry for easy identification. KeePassXC comes with a set of default icons that you can use or you can use your own custom icons. If you defined a URL with an entry, you can also download the favorite icon for that particular website. You can select an icon to be displayed with each entry for easy identification. KeePassXC comes with a set of default icons that you can use or you can use your own custom icons. If you defined a URL with an entry, you can also download the favorite icon for that particular website.
NOTE: To delete a custom icon, go to xref:UserGuide.adoc#_database_maintenance[Database Maintenance] where you can purge unused icons and delete one or more icons at a time. NOTE: To delete a custom icon, select the item to be deleted and click the _Delete custom icon_ button.
.Entry icon selection .Entry icon selection
image::edit_entry_icons.png[] image::edit_entry_icons.png[]
@@ -280,7 +224,7 @@ KeePassXC lets you view the basic properties such as date and time of creation,
image::edit_entry_properties.png[] image::edit_entry_properties.png[]
=== History === History
KeePassXC maintains a history of changes you make to your entries. Each time you change an entry, KeePassXC automatically creates a backup copy of the current, non-modified entry before saving the new values. You can view the changes you made previously, restore, and delete the history of changes you made. The age of the history item, the changes that were made, and the entry's size are shown in the table view. KeePassXC maintains a history of changes you make to your entries. Each time you change an entry, KeePassXC automatically creates a backup copy of the current, non-modified entry before saving the new values. You can view the changes you made previously, restore, and delete the history of changes you made.
* Show: Display this history item for review, a read-only copy of the entry will be shown. * Show: Display this history item for review, a read-only copy of the entry will be shown.
* Restore: Reinstate the selected history item as the active entry details. * Restore: Reinstate the selected history item as the active entry details.
@@ -295,7 +239,7 @@ NOTE: Restoring an old history item will store the current entry settings as a n
== Automatic Database Opening == Automatic Database Opening
You can setup one or more databases to open automatically when you unlock a single database. This is done by *(1)* defining a special group named `AutoOpen` with *(2)* entries that contain the file path and credentials for each database that should be opened. There is no limit to the number of databases that can be opened. You can setup one or more databases to open automatically when you unlock a single database. This is done by *(1)* defining a special group named `AutoOpen` with *(2)* entries that contain the file path and credentials for each database that should be opened. There is no limit to the number of databases that can be opened.
TIP: Case matters with auto open, the group name must be exactly `AutoOpen` and it must be a child of the root group. TIP: Case matters with auto open, the group name must be exactly `AutoOpen`.
.AutoOpen Group and Entries .AutoOpen Group and Entries
image::autoopen.png[] image::autoopen.png[]
@@ -332,7 +276,7 @@ image::database_settings.png[]
* *Max history items:* This is the maximum number of history items that are stored for each entry. When you set this to 0, no history will be saved. Set this value to a low value to prevent the database from getting too large (we recommend no more than 10). * *Max history items:* This is the maximum number of history items that are stored for each entry. When you set this to 0, no history will be saved. Set this value to a low value to prevent the database from getting too large (we recommend no more than 10).
* *Max. history size:* When the history of an entry gets above this size, it is truncated. For example, this happens when entries have large attachments. Set this value small to prevent the database from getting too large (we recommend 6 MiB). * *Max. history size:* When the history of an entry gets above this size, it is truncated. For example, this happens when entries have large attachments. Set this value small to prevent the database from getting too large (we recommend 6 MiB).
* *Use recycle bin:* Select this check-box if you want deleted entries to move to the recycle bin instead of being permanently removed. The recycle bin will be created if it does not already exist after your first deletion. To delete entries permanently, you must empty the recycle bin manually. * *Use recycle bin:* Select this check-box if you want deleted entries to move to the recycle bin instead of being permanently removed. The recycle bin will be created if it does not already exist after your first deletion. To delete entries permanently, you must empty the recycle bin manually.
* *Enable compression:* KeePassXC databases can be compressed before being encrypted. Compression reduces the size of the database and does not have any appreciable affect on speed. It is recommended to always save databases with compression. * *Enable compression:* KeePassXC databases can be compressed before being encrypted. Compression reduces the size of the database and does not have any appreciable affect on speed. It is recommended to always save databases with compression.
3. Click the Security button in the left-hand menu bar to change your database credentials and change encryption settings. 3. Click the Security button in the left-hand menu bar to change your database credentials and change encryption settings.
+ +
@@ -343,10 +287,10 @@ image::database_security.png[]
+ +
.Database credentials .Database credentials
image::database_security_credentials.png[] image::database_security_credentials.png[]
+
WARNING: Consider creating a backup of your YubiKey. Please refer to <<Creating a YubiKey backup>> WARNING: Consider creating a backup of your YubiKey. Please refer to <<Creating a YubiKey backup>>
5. Encryption settings allow you to change the average time it takes to encrypt and decrypt the database. The longer time that is chosen, the harder it will be to brute force attack your database. *We recommend a setting of one second.* 5. Encryption settings allows you to change the average time it takes to encrypt and decrypt the database. The longer time that is chosen, the harder it will be to brute force attack your database. *We recommend a setting of one second.*
+ +
.Database encryption .Database encryption
image::database_security_encryption.png[] image::database_security_encryption.png[]
@@ -362,12 +306,7 @@ The following key derivation functions are supported:
* AES-KDF (KDBX 4 and KDBX 3.1): This key derivation function is based on iterating AES. Users can change the number of iterations. The more iterations, the harder are dictionary and guessing attacks, but also database loading/saving takes more time (linearly). KDBX 3.1 only supports AES-KDF; any other key derivation function, like for instance Argon2, requires KDBX 4. * AES-KDF (KDBX 4 and KDBX 3.1): This key derivation function is based on iterating AES. Users can change the number of iterations. The more iterations, the harder are dictionary and guessing attacks, but also database loading/saving takes more time (linearly). KDBX 3.1 only supports AES-KDF; any other key derivation function, like for instance Argon2, requires KDBX 4.
* Argon2 (KDBX 4 recommended): KDBX 4, the Argon2 key derivation function can be used for transforming the composite master key (as protection against dictionary attacks). The main advantage of Argon2 over AES-KDF is that it provides a better resistance against GPU/ASIC attacks (due to being a memory-hard function). The number of iterations scales linearly with the required time. By increasing the memory parameter, GPU/ASIC attacks become harder and the required time increases. The parallelism parameter can be used to specify how many threads should be used. We recommend using Argon2id to prevent against timing-based attacks. Argon2d offers maximum compatibility with other KeePass-based apps, the default settings provide sufficient protection against any known attacks. * Argon2 (KDBX 4 - recommended): KDBX 4, the Argon2 key derivation function can be used for transforming the composite master key (as protection against dictionary attacks). The main advantage of Argon2 over AES-KDF is that it provides a better resistance against GPU/ASIC attacks (due to being a memory-hard function). The number of iterations scales linearly with the required time. By increasing the memory parameter, GPU/ASIC attacks become harder (and the required time increases). The parallelism parameter can be used to specify how many threads should be used.
== Database Maintenance
KeePassXC offers some maintenance features that can be applied to clean up your database. Navigate to _Database_ -> _Database settings_ then click on _Maintenance_ on the left hand panel. The following screen appears. On this screen you can delete multiple icons at once and purge any unused icons in your database.
image::database_maintenance.png[]
=== Creating a YubiKey backup === Creating a YubiKey backup
It is advisable to have a backup replica YubiKey In case your main YubiKey gets damaged, lost, or stolen. The same HMAC key will need to be written to both keys. To do this you can either use the YubiKey Personalization Tool GUI or the ykpersonalize CLI tool. The steps for the CLI tool are shown: It is advisable to have a backup replica YubiKey In case your main YubiKey gets damaged, lost, or stolen. The same HMAC key will need to be written to both keys. To do this you can either use the YubiKey Personalization Tool GUI or the ykpersonalize CLI tool. The steps for the CLI tool are shown:
@@ -384,22 +323,19 @@ dd status=none if=/dev/random bs=20 count=1 | xxd -p -c 40
ykpersonalize -2 -a -ochal-resp -ochal-hmac -ohmac-lt64 -oserial-api-visible -oallow-update ykpersonalize -2 -a -ochal-resp -ochal-hmac -ohmac-lt64 -oserial-api-visible -oallow-update
``` ```
You will be asked to enter the HMAC key you created earlier, copy/paste they key output in the first step. Repeat step 2 for your second YubiKey using the same HMAC key from before. We recommend storing your HMAC key in a safe place (e.g., printed on paper) in case you need to recreate another key. You will be asked to enter the HMAC key you created earlier, copy/paste they key output in the first step. Repeat both steps for your second YubiKey. We recommend storing your HMAC key in a safe place (e.g., printed on paper) in case you need to recreate another key.
== Command Line Tool
KeePassXC comes with the command line tool *keepassxc-cli* to access, view, and manipulate your database directly from a terminal window. The tool is documented through a separate man page, which can be shown using `man keepassxc-cli`, or through the on-demand help using `keepassxc-cli [command] -h`. An online version of the man page is https://github.com/keepassxreboot/keepassxc/blob/master/docs/man/keepassxc-cli.1.adoc[available on GitHub].
// end::advanced[] // end::advanced[]
== Storing a Database File == Storing a Database File
The database file that you create might contain highly sensitive data and must be stored in a very secure way. You must make sure that the database is always protected with a strong and long password. The database file that is protected with a strong and long password is secure and encrypted while stored on your computer or cloud storage service. The database file that you create might contain highly sensitive data and must be stored in a very secure way. You must make sure that the database is always protected with a strong and long password. The database file that is protected with a strong and long password is secure and encrypted while stored on your computer or cloud storage service.
Make sure that you or someone else does not accidentally delete the database file. Deletion of the database file will result in the total loss of all your information (including all your passwords!) and a lot of inconvenience to manually retrieve your logins for various web applications. Do not share the credentials to access your database file with anyone unless you absolutely trust them (spouse, child, etc.). Make sure that the database file is stored in a folder that is secure. Make sure that you or someone else does not accidentally delete the database file. Deletion of the database file will result in the total loss of your information and a lot of inconvenience to manually retrieve your logins for various web applications. You must not share your database file with anyone unless absolutely necessary.
TIP: You can safely store your database file in the cloud (OneDrive, Dropbox, Google Drive, Nextcloud, Syncthing, etc.). The database file is always fully encrypted; unencrypted data is never written to disk and is never accessible to your cloud storage provider. We recommend using a storage service that keeps automatic backups (version history) of your database file in the event of corruption or accidental deletion. == Backing up a Database File
== Backing up a Database File
It is a good practice to create copies of your database file and store the copies of your database on a different computer, smart phone, or cloud storage space such a Google Drive or Microsoft OneDrive. Backups can be created automatically by selecting the _Backup database file before saving_ option in the application settings. Additionally, you can create a backup on-demand using the _Database_ -> _Save Database Backup..._ menu feature. It is a good practice to create copies of your database file and store the copies of your database on a different computer, smart phone, or cloud storage space such a Google Drive or Microsoft OneDrive. Backups can be created automatically by selecting the _Backup database file before saving_ option in the application settings. Additionally, you can create a backup on-demand using the _Database_ -> _Save Database Backup..._ menu feature.
.Saving a database backup .Saving a database backup
image::save_database_backup.png[,40%] image::save_database_backup.png[,40%]
Creating backups for your database give you a peace of mind should you lose one copy of your database. You can quickly retrieve the copy of your database and start using it.
// end::content[] // end::content[]

16
docs/topics/DownloadInstall.adoc
View File

@@ -1,4 +1,4 @@
= KeePassXC Download and Install = KeePassXC - Download and Install
include::.sharedheader[] include::.sharedheader[]
:imagesdir: ../images :imagesdir: ../images
@@ -8,9 +8,9 @@ KeePassXC is available for download for the following operating systems and plat
* Microsoft Windows * Microsoft Windows
** Portable and MSI Installer (64-bit and 32-bit) ** Portable and MSI Installer (64-bit and 32-bit)
* Linux Official Cross-Distribution Packages * Linux - Official Cross-Distribution Packages
** AppImage and Snap Package ** AppImage and Snap Package
* Linux Distribution-Specific Packages * Linux - Distribution-Specific Packages
** Ubuntu, Debian, Arch Linux, Gentoo, Fedora, CentOS, and OpenSUSE ** Ubuntu, Debian, Arch Linux, Gentoo, Fedora, CentOS, and OpenSUSE
* macOS * macOS
** DMG Installer, Homebrew Cask ** DMG Installer, Homebrew Cask
@@ -43,14 +43,6 @@ image::install_wizard_1.png[,80%]
.Install wizard (cont) .Install wizard (cont)
image::install_wizard_2.png[,80%] image::install_wizard_2.png[,80%]
The following options can be set when running the MSI in an unattended installation:
* *LAUNCHAPPONEXIT* Launch KeePassXC after install (default ON)
* *AUTOSTARTPROGRAM* KeePassXC will auto-start on login (default ON)
* *INSTALLDESKTOPSHORTCUT* A desktop icon will be installed (default OFF)
Example: `msiexec.exe /q /i KeePassXC-Y.Y.Y-WinZZ.msi AUTOSTARTPROGRAM=0`
=== Linux === Linux
You can easily download the KeePassXC installer for Linux. When you search for KeePassXC, multiple options are displayed as shown in the following screen: You can easily download the KeePassXC installer for Linux. When you search for KeePassXC, multiple options are displayed as shown in the following screen:
@@ -68,5 +60,3 @@ To install the KeePassXC app on macOS, double click on the downloaded DMG file a
image::macos_install.png[,80%] image::macos_install.png[,80%]
// end::content[] // end::content[]
// tag::advanced[]
// end::advanced[]

19
docs/topics/ImportExport.adoc
View File

@@ -1,10 +1,10 @@
= KeePassXC Import/Export Operations = KeePassXC - Import/Export Operations
include::.sharedheader[] include::.sharedheader[]
:imagesdir: ../images :imagesdir: ../images
// tag::content[] // tag::content[]
== Importing External Databases == Importing External Databases
KeePassXC allows you to import external databases from the following options: KeePassXC allows your to import external databases from the following options:
* Comma-Separated Values (CSV) file * Comma-Separated Values (CSV) file
* 1Password OPVault * 1Password OPVault
@@ -21,10 +21,10 @@ To open the CSV file, perform the following steps:
3. Navigate to the location of the your CSV file on your computer and open the file. The new database wizard will appear. Follow the steps of creating a new database in Chapter 1. 3. Navigate to the location of the your CSV file on your computer and open the file. The new database wizard will appear. Follow the steps of creating a new database in Chapter 1.
4. After saving your new database file, the CSV import wizard will appear. On this dialog you can choose the various options for properly importing the data. You may need to select the _First line has field names_ checkbox before starting. Analyze the output in the preview at the bottom to determine the correct import settings. 4. After saving your new database file, the CSV import wizard will appear:
+ +
.CSV Import Wizard .CSV Import Wizard
image::csv_import.png[] image::csv_import.png[,80%]
Your CSV file gets imported to KeePassXC and the data is converted to the KeePassXC format for further usage and maintenance. The new database file is saved on to your computer with the default `.kdbx` extension. Your CSV file gets imported to KeePassXC and the data is converted to the KeePassXC format for further usage and maintenance. The new database file is saved on to your computer with the default `.kdbx` extension.
@@ -55,17 +55,10 @@ To import a KeePass 1 database file in KeePassXC, perform the following steps:
6. The data from the `.kdb` file gets imported and converted to the new format, which is compatible with KeePassXC. You can now start using the new database file (`.kdbx`) in KeePassXC. 6. The data from the `.kdb` file gets imported and converted to the new format, which is compatible with KeePassXC. You can now start using the new database file (`.kdbx`) in KeePassXC.
== Exporting Databases == Exporting Databases
KeePassXC supports multiple ways to export your database for transfer to another program or to print out and archive. KeePassXC supports multiple ways to export your database for transfer to another program or to print out and archive. To export your database into the KDB XML format, you must use the KeePassXC Command Line Interface program: `keepassxc-cli export <database.kdbx>`.
WARNING: Exporting your database will result in all of your passwords and sensitive information being stored in an unencrypted format. We do not recommend saving your exported database for long periods of time as that can cause a compromise of sensitive information. WARNING: Exporting your database will result in all of your passwords and sensitive information being stored unencrypted. We do not recommend saving your exported database for long periods of time as that can cause compromise.
.Database export menu .Database export menu
image::export_database.png[,80%] image::export_database.png[,80%]
The HTML export file is intended to be human-readable (viewed/printed in a web browser) rather than machine-readable (re-imported into another database file). The intention of HTML export is to provide a "paper backup" functionality for those who want to ensure access to their passwords in case of catastrophic failure of IT infrastructure. To create a paper backup, export the database to an HTML file, print the file with your web browser, then delete the file.
WARNING: Creating a paper backup exposes your passwords to potentially insecure components, like printer drivers on your computer or software inside the printer. Make sure all these components can be trusted.
For more information, check out the https://keepassxc.org/blog/2020-10-03-paper-backup/[blog article about paper backups].
// end::content[] // end::content[]

16
docs/topics/KeeShare.adoc
View File

@@ -1,4 +1,4 @@
= KeePassXC KeeShare = KeePassXC - KeeShare
include::.sharedheader[] include::.sharedheader[]
:imagesdir: ../images :imagesdir: ../images
@@ -11,23 +11,23 @@ To use sharing, you need to enable it for the application.
1. Go to _Tools_ -> _Settings_. Select the KeeShare category on the left sidebar *(1)*. 1. Go to _Tools_ -> _Settings_. Select the KeeShare category on the left sidebar *(1)*.
2. Check _Allow import_ if you want to import shared credentials. Check _Allow export_ if you want to share credentials. *(2)* 2. Check _Allow import_ if you want to import shared credentials. Check _Allow export_ if you want to share credentials. *(2)*
3. (Optional) Click _Generate_ *(3)* to create your own signing certificate. If you are using signed shares then your signing certificate will be used to generate the signature. *_This feature is deprecated and will be removed in a future version._* 3. (Optional) Click _Generate_ *(3)* to create your own certificate or _Import_ to select an existing one. The certificate allows you to sign shared databases. This ensures the integrity of the share and prevent import of untrusted information.
.KeeShare Application Settings .KeeShare Application Settings
image::keeshare_application_settings.png[] image::keeshare_application_settings.png[]
=== Sharing Credentials === Sharing Credentials
If you checked _Allow export_ in the Sharing settings you can now share a group of passwords. Sharing is always defined on a particular group. If you enable sharing on a group, every entry under this group, and its children, are shared. If you enable sharing on the root node, **every password** inside your database gets shared! If you checked _Allow export_ in the Sharing settings you can now share a group of passwords. Sharing is always is defined on a particular group. If you enable sharing on a group, every entry under this group, and its children, are shared. If you enable sharing on the root node, **every password** inside your database gets shared!
NOTE: KeeShare does not synchronize group structure after the initial share is created. At this time, KeeShare operates at the entry level; shared entries moved outside of a shared group are still synchronized. NOTE: KeeShare does not synchronize group structure after the initial share is created. At this time, KeeShare operates at the entry level; shared entries moved outside of a shared group are still synchronized.
1. Open the edit sheet on a group you want to share. 1. Open the edit sheet on a group you want to share.
2. Select the KeeShare category on the left toolbar. 2. Select the KeeShare category on the left toolbar.
3. Choose a sharing type: 3. Choose a sharing type:
a. *Inactive* Disable sharing this group a. *Inactive* - Disable sharing this group
b. *Import* Read-only import of entries, merge changes b. *Import* - Read-only import of entries, merge changes
c. *Export* Write-only export of entries, no merge c. *Export* - Write-only export of entries, no merge
d. *Synchronize* Read/Write entries from the share, merge changes d. *Synchronize* - Read/Write entries from the share, merge changes
4. Choose a path to store the shared credentials to. 4. Choose a path to store the shared credentials to.
5. The password to use for this share container. 5. The password to use for this share container.
@@ -45,7 +45,7 @@ A shared group shows a cloud icon badge over the group icon *(A)* and a banner i
image::keeshare_shared_group.png[] image::keeshare_shared_group.png[]
=== Technical Details and Limitations of Sharing === Technical Details and Limitations of Sharing
Sharing relies on the combination of file exports and imports as well as the synchronization mechanism provided by KeePassXC. Since the merge algorithm uses the history of entries to prevent data loss, this history must be enabled and have a sufficient size. Furthermore, the merge algorithm is location independent, therefore it does not matter if entries are moved outside of an import group. These entries will be updated nonetheless. Moving entries outside of export groups will prevent a further export of the entry, but it will not ensure that the already shared data will be removed from any client. Sharing relies on the combination of file exports and imports as well as the synchronization mechanism provided by KeePassXC. Since the merge algorithm uses the history of entries to prevent data loss, this history must be enabled and have a sufficient size. Furthermore, the merge algorithm is location independent, therefore it does not matter if entries are moved outside of an import group. These entries will be updated none the less. Moving entries outside of export groups will prevent a further export of the entry, but it will not ensure that the already shared data will be removed from any client.
KeeShare uses a custom certification mechanism to ensure that the source of the data is the expected one. This ensures that the data was exported by the signer but it is not possible to detect if someone replaced the data with an older version from a valid signer. To prevent this, the container could be placed at a location which is only writeable for valid signers. KeeShare uses a custom certification mechanism to ensure that the source of the data is the expected one. This ensures that the data was exported by the signer but it is not possible to detect if someone replaced the data with an older version from a valid signer. To prevent this, the container could be placed at a location which is only writeable for valid signers.
// end::content[] // end::content[]

6
docs/topics/KeyboardShortcuts.adoc
View File

@@ -1,4 +1,4 @@
= KeePassXC Keyboard Shortcuts = KeePassXC - Keyboard Shortcuts
include::.sharedheader[] include::.sharedheader[]
:imagesdir: ../images :imagesdir: ../images
@@ -9,15 +9,12 @@ NOTE: On macOS please substitute `Ctrl` with `Cmd` (aka `⌘`).
|=== |===
|Action | Keyboard Shortcut |Action | Keyboard Shortcut
|Settings | Ctrl + ,
|Open Database | Ctrl + O |Open Database | Ctrl + O
|Save Database | Ctrl + S |Save Database | Ctrl + S
|Save Database As | Ctrl + Shift + S |Save Database As | Ctrl + Shift + S
|New Database | Ctrl + Shift + N |New Database | Ctrl + Shift + N
|Close Database | Ctrl + W ; Ctrl + F4 |Close Database | Ctrl + W ; Ctrl + F4
|Lock All Databases | Ctrl + L |Lock All Databases | Ctrl + L
|Database Settings | Ctrl + Shift + ,
|Database Reports | Ctrl + Shift + R
|Quit | Ctrl + Q |Quit | Ctrl + Q
|New Entry | Ctrl + N |New Entry | Ctrl + N
|Edit Entry | Enter ; Ctrl + E |Edit Entry | Enter ; Ctrl + E
@@ -28,7 +25,6 @@ NOTE: On macOS please substitute `Ctrl` with `Cmd` (aka `⌘`).
|Copy URL | Ctrl + U |Copy URL | Ctrl + U
|Open URL | Ctrl + Shift + U |Open URL | Ctrl + Shift + U
|Copy TOTP | Ctrl + T |Copy TOTP | Ctrl + T
|Copy Password and TOTP | Ctrl + Y
|Show TOTP | Ctrl + Shift + T |Show TOTP | Ctrl + Shift + T
|Trigger AutoType | Ctrl + Shift + V |Trigger AutoType | Ctrl + Shift + V
|Add key to SSH Agent | Ctrl + H |Add key to SSH Agent | Ctrl + H

14
docs/topics/PasswordGenerator.adoc
View File

@@ -1,4 +1,4 @@
= KeePassXC Password Generator = KeePassXC - Password Generator
include::.sharedheader[] include::.sharedheader[]
:imagesdir: ../images :imagesdir: ../images
@@ -22,13 +22,13 @@ image::password_generator.png[]
5. Use the regenerate button (Ctrl + R) to make a new password using the chosen options. 5. Use the regenerate button (Ctrl + R) to make a new password using the chosen options.
6. Use the clipboard button (Ctrl + C) to copy the generated password to the clipboard. 6. Use the clipboard button (Ctrl + C) to copy the generated password to the clipboard.
// tag::advanced[] // tag::advanced[]
7. Click the Advanced button to specify additional conditions for your desired password. 7. Click the Advanced button to specify additional conditions for your desired password.
+ +
.Advanced Password Generator Options .Advanced Password Generator Options
image::password_generator_advanced.png[] image::password_generator_advanced.png[]
=== Generating Passphrases === Generating Passphrases
A passphrase is a sequence of words or other text used to control access to your applications and data. A passphrase is specifically designed to be simple to remember but hard to guess. For this reason, we do not recommend making passphrases too complex; if you require something that is more complex than you could easily remember, it is better to use a randomly generated password instead. A passphrase is a sequence of words or other text used to control access to your applications and data. A passphrase is similar to a password in usage, but is generally longer for added security. To generate the random passphrase using Password Generator, perform the following steps:
1. From the password generator, click the Passphrase tab. The following screen appears: 1. From the password generator, click the Passphrase tab. The following screen appears:
+ +
@@ -37,10 +37,8 @@ image::passphrase_generator.png[]
2. Select the number of words you want to be included in your passphrase by dragging the 2. Select the number of words you want to be included in your passphrase by dragging the
Word Count slider. Word Count slider.
3. In the Word Separator field, enter a character, word, number, or space that you want to use as a separator between the words in your passphrase. 3. In the Word Separator field, enter a character, word, number, or space that you want to use a separator between the words in your passphrase.
4. _(Optional)_ You can choose a word case between lower, upper, and title case options. 4. Click the Regenerate button (Ctrl + R) to generate a new random passphrase.
5. _(Optional)_ You can also load your own custom word lists. Click the plus sign button to the right of the wordlist selection dialog to choose a custom word list. You can download alternative lists from the https://www.eff.org/deeplinks/2016/07/new-wordlists-random-passphrases[EFF's Website] or from https://github.com/redacted/XKCD-password-generator#additional-languages[GitHub]. 5. Click the Clipboard button (Ctrl + C) to copy the passphrase to the clipboard.
6. Click the Regenerate button (Ctrl + R) to generate a new random passphrase.
7. Click the Clipboard button (Ctrl + C) to copy the passphrase to the clipboard.
// end::advanced[] // end::advanced[]
// end::content[] // end::content[]

128
docs/topics/Reference.adoc
View File

@@ -1,128 +0,0 @@
= KeePassXC Reference
include::.sharedheader[]
:imagesdir: ../images
// tag::content[]
== Reference
This section contains full details on advanced features available in KeePassXC.
=== Entry Placeholders
[grid=rows, frame=none, width=90%]
|===
|Placeholder |Description
|{TITLE} |Entry Title
|{USERNAME} |Username
|{PASSWORD} |Password
|{URL} |URL
|{NOTES} |Notes
|{TOTP} |Current TOTP value (if configured)
|{S:&lt;ATTRIBUTE_NAME&gt;} |Value for the given attribute (case sensitive)
|{URL:RMVSCM} |URL without scheme (e.g., https)
|{URL:WITHOUTSCHEME} |URL without scheme
|{URL:SCM} |URL Scheme
|{URL:SCHEME} |URL Scheme
|{URL:HOST} |URL Host (e.g., example.com)
|{URL:PORT} |URL Port
|{URL:PATH} |URL Path (e.g., /path/to/page.html)
|{URL:QUERY} |URL Query String
|{URL:FRAGMENT} |URL Fragment
|{URL:USERINFO} |URL Username:Password
|{URL:USERNAME} |URL Username
|{URL:PASSWORD} |URL Password
|{DT_SIMPLE} |Current Date-Time (yyyyMMddhhmmss)
|{DT_YEAR} |Current Year (yyyy)
|{DT_MONTH} |Current Month (MM)
|{DT_DAY} |Current Day (dd)
|{DT_HOUR} |Current Hour (hh)
|{DT_MINUTE} |Current Minutes (mm)
|{DT_SECOND} |Current Seconds (ss)
|{DT_UTC_SIMPLE} |Current UTC Date-Time (yyyyMMddhhmmss)
|{DT_UTC_YEAR} |Current UTC Year (yyyy)
|{DT_UTC_MONTH} |Current UTC Month (MM)
|{DT_UTC_DAY} |Current UTC Day (dd)
|{DT_UTC_HOUR} |Current UTC Hour (hh)
|{DT_UTC_MINUTE} |Current UTC Minutes (mm)
|{DT_UTC_SECOND} |Current UTC Seconds (ss)
|{DB_DIR} |Absolute directory path of database file
|===
=== Entry Cross-Reference
A reference to another entry's field is possible using the shorthand syntax:
`{REF:&lt;FIELD&gt;@&lt;SEARCH_IN&gt;:&lt;SEARCH_TEXT&gt;}`
`&lt;FIELD&gt;` and `&lt;SEARCH_IN&gt;` can be one of following:
* T Title
* U Username
* P Password
* A URL
* N Notes
* I UUID (found on entry properties page)
* O Custom Attribute _(SEARCH_IN only)_
Examples: +
`{REF:U@I:033054D445C648C59092CC1D661B1B71}` +
`{REF:P@T:Other Entry}` +
`{REF:A@O:Attribute 1}`
=== Auto-Type Actions
[grid=rows, frame=none, width=90%]
|===
|Action Code |Description
|{TAB}, {ENTER}, {SPACE}, {INSERT}, {DELETE}, {HOME}, {END}, {PGUP}, {PGDN}, {BACKSPACE}, {CAPSLOCK}, {ESC}
|Press the corresponding keyboard key
|{UP}, {DOWN}, {LEFT}, {RIGHT} |Press the corresponding arrow key
|{F1}, {F2}, ..., {F16} |Press F1, F2, etc.
|{LEFTBRACE}, {RIGHTBRACE} |Press `{` or `}`, respectively
|{&lt;KEY&gt; X} |Repeat &lt;KEY&gt; X times (e.g., {SPACE 5} inserts five spaces)
|{DELAY=X} |Set delay between key presses to X milliseconds
|{DELAY X} |Pause typing for X milliseconds
|{CLEARFIELD} |Clear the input field
|{PICKCHARS} |Pick specific password characters from a dialog
|===
[grid=rows, frame=none, width=90%]
|===
|Modifier |Description
|+ |SHIFT
|^ |CTRL
|% |ALT
|# |WIN/CMD
|===
*Text Conversions:*
`{T-CONV:/&lt;PLACEHOLDER&gt;/&lt;METHOD&gt;/}` +
Convert resolved placeholder (e.g., {USERNAME}, {PASSWORD}, etc.) using the following methods: UPPER, LOWER, BASE64, HEX, URI, URI-DEC.
`{T-REPLACE-RX:/&lt;PLACEHOLDER&gt;/&lt;SEARCH&gt;/&lt;REPLACE&gt;/}` +
Use regular expressions to find and replace data from a resolved placeholder. Refer to match groups using $1, $2, etc.
=== Backup Path Placeholders
[grid=rows, frame=none, width=90%]
|===
|Database Backup Path Placeholder |Description
|{DB_FILENAME} |The database's filename without extension
|{TIME} |The current time formatted as dd_MM_yyyy_hh-mm-ss.
|{TIME:<format>} |The current time formatted according to the format string specified by <format>. See https://doc.qt.io/qt-5/qtime.html#toString for a list of available placeholders.
|===
[grid=rows, frame=none, width=90%]
|===
|Backup path example |Location of backup(s)
|`{DB_FILENAME}-{TIME}.bak.kdbx` |`C:\Users\MyUsername\MyDatabase-02_01_2022_03-04-05.bak.kdbx` +
`C:\Users\MyUsername\MyDatabase-05_01_2022_12-10-00.bak.kdbx`
|`backups\\{DB_FILENAME}.bak.kdbx` |`C:\Users\MyUsername\backups\MyDatabase.bak.kdbx`
|`C:\Backups\{TIME:dd.MM.yyyy}\\{DB_FILENAME}.kdbx` |`C:\Backups\02.01.2022\MyDatabase.kdbx` +
`C:\Backups\05.01.2022\MyDatabase.kdbx`
|`C:\Backups\\{DB_FILENAME}\{TIME:MM-dd-yyyy}.kdbx` |`C:\Backups\MyDatabase\01-02-2022.kdbx` +
`C:\Backups\MyDatabase\01-05-2022.kdbx`
|===
// end::content[]

93
docs/topics/SSHAgent.adoc
View File

@@ -1,10 +1,10 @@
= KeePassXC SSH Agent integration = KeePassXC - SSH Agent
include::.sharedheader[] include::.sharedheader[]
:imagesdir: ../images :imagesdir: ../images
// tag::content[] // tag::content[]
== SSH Agent integration == SSH Agent
SSH (Secure Shell) is a widely used remote secure shell protocol and is considered an industry standard for secure remote access to UNIX-like systems including Linux, BSDs, macOS and more recently even Windows received native support. SSH supports multiple types of authentication and the most widely used ones are either interactive keyboard input with a password or a public-key cryptography pair of keys. SSH (Secure Shell) is a widely used remote secure shell protocol and is considered an industry standard for secure remote access to UNIX-like systems including Linux, BSDs, MacOS and more recently even Windows received native support. SSH supports multiple types of authentication and the most widely used ones are either interactive keyboard input with a password or a public-key cryptography pair of keys.
KeePassXC SSH Agent integration is built to manage SSH keys in a secure manner by either storing them completely within your KeePassXC database or by having only the decryption key of a key file that is stored elsewhere. SSH Agent integration _does not_ provide an agent itself but works as a client for any agent implementation that is OpenSSH compatible. KeePassXC SSH Agent integration is built to manage SSH keys in a secure manner by either storing them completely within your KeePassXC database or by having only the decryption key of a key file that is stored elsewhere. SSH Agent integration _does not_ provide an agent itself but works as a client for any agent implementation that is OpenSSH compatible.
@@ -32,35 +32,18 @@ WARNING: _GNOME Keyring_ prior to release 3.27.92 had its own custom implementat
It does not support any constraints you may want to configure for an added key. It does not support any constraints you may want to configure for an added key.
If you are running a modern distribution the custom agent has been removed and replaced with the stock OpenSSH agent which is feature complete. If you are running a modern distribution the custom agent has been removed and replaced with the stock OpenSSH agent which is feature complete.
=== OpenSSH agent on macOS === OpenSSH agent on MacOS
Apple has made OpenSSH an integrated part of macOS with automatic agent startup when it is first used. No further configuration is needed. Apple has made OpenSSH an integrated part of MacOS with automatic agent startup when it is first used. No further configuration is needed.
=== OpenSSH agent and Pageant on Windows === Pageant agent on Windows
The SSH Agent integration on Windows supports both _PuTTY Pageant_ and _OpenSSH for Windows 10_. The SSH Agent integration on Windows supports both _PuTTY Pageant_ and _OpenSSH for Windows 10_.
Since Pageant is currently still the most widely used implementation and is easily installable on any version of Windows, it is the default on KeePassXC. Since Pageant is currently still the most widely used implementation and is easily installable on any version of Windows we focus on that.
However, Microsoft includes a native OpenSSH client implementation with Windows 10 since autumn 2018 that can be used instead. If you would like to self-manage your OpenSSH version you can use the builds offered via their official https://github.com/powershell/Win32-OpenSSH[GitHub repository]. It is also the default on KeePassXC.
==== Pageant
Download Pageant from the official PuTTY home page at https://www.chiark.greenend.org.uk/~sgtatham/putty/ Download Pageant from the official PuTTY home page at https://www.chiark.greenend.org.uk/~sgtatham/putty/
To use Pageant with KeePassXC, simply start it and it will minimize into the system tray and is ready to use. PuTTY and compatible tools will use Pageant automatically. To use Pageant with KeePassXC, simply start it and it will minimize into the system tray and is ready to use. PuTTY and compatible tools will use Pageant automatically.
==== OpenSSH
Make sure your Windows version has at least update 1809 installed. For more details consult the https://docs.microsoft.com/en-us/windows-server/administration/openssh/openssh_overview[official documentation].
To use Windows OpenSSH the _OpenSSH Authentication Agent_ service has to be enabled first:
1. Open the Services application via the _Start Menu_, it is located in the _Windows Administrative Tools_ section
2. Select the _OpenSSH Authentication Agent_ and open its _Properties_
3. Set the _Startup type_ to _Automatic_ and start the service
Alternatively, you can use a _Windows PowerShell_ running as _Administrator_ to enable and start the service:
PS C:\Users\user> Get-Service ssh-agent | Set-Service -StartupType Automatic
PS C:\Users\user> Start-Service ssh-agent
KeePassXC and other compatible tools can now use the Windows OpenSSH agent. To use it with KeePassXC, update the settings explained in <<Setting up SSH Agent integration>>.
=== Setting up SSH Agent integration === Setting up SSH Agent integration
By default the SSH Agent integration plugin is disabled. By default the SSH Agent integration plugin is disabled.
To enable integration, follow the steps below to access the settings: To enable integration, follow the steps below to access the settings:
@@ -74,20 +57,21 @@ image::sshagent_application_settings.png[]
On the settings page you can enable the integration by checking _Enable SSH Agent integration_. On the settings page you can enable the integration by checking _Enable SSH Agent integration_.
When the integration is enabled coming back to the settings page also shows if connection to the agent is working. When the integration is enabled coming back to the settings page also shows if connection to the agent is working.
On Windows, you have the option to select _Pageant_ and/or _OpenSSH for Windows_. On macOS and Linux, the system ssh-agent will be used automatically and the settings page shows the current value of _SSH_AUTH_SOCK_ environment variable which is used to connect to the running agent and an option to manually override the automatically detected path. On Windows you have the option to select between _Pageant_ and _OpenSSH for Windows_ and on other platforms the settings page shows the current value of _SSH_AUTH_SOCK_ environment variable which is used to connect to the running agent and an option to manually override the automatically detected path.
If the value of _SSH_AUTH_SOCK_ is empty it means the agent is not properly configured and KeePassXC will be unable to connect to it unless you provide a static override path to the socket. If the value of _SSH_AUTH_SOCK_ is empty it means the agent is not properly configured and KeePassXC will be unable to connect to it unless you provide a static override path to the socket.
=== Generating a key to use with KeePassXC === Generating a key to use with KeePassXC
KeePassXC only supports keys in the _OpenSSH_ format. On Windows, _PuTTYgen_ saves keys in its own format by default and you will need to convert them to OpenSSH format before being used. In this guide we are going to generate a standard RSA key in the default size. KeePassXC only supports keys in the _OpenSSH_ format. On Windows, _PuTTYgen_ saves keys in its own format by default and you will need to convert them to OpenSSH format before being used. In this guide we are going to generate a standard RSA key in the default size.
==== Generating a key on Linux or macOS with _ssh-keygen_ ==== Generating a key on Linux or MacOS with _ssh-keygen_
Open a terminal window and type the following command to generate a key: Open a terminal window and type the following command to generate a key:
$ ssh-keygen -o -f keepassxc -C johndoe@example $ ssh-keygen -o -f keepassxc -C johndoe@example
Generating public/private rsa key pair. Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase): Enter passphrase (empty for no passphrase):
Enter same passphrase again: Enter same passphrase again:
Your identification has been saved in keepassxc Your identification has been saved in keepassxc
Your public key has been saved in keepassxc.pub Your public key has been saved in keepassxc.pub
The key fingerprint is: The key fingerprint is:
@@ -105,6 +89,7 @@ Open a terminal window and type the following command to generate a key:
|. ..++ooo | |. ..++ooo |
+----[SHA256]-----+ +----[SHA256]-----+
Now we can see two files were generated: Now we can see two files were generated:
$ ls -l keepassxc* $ ls -l keepassxc*
@@ -113,59 +98,19 @@ Now we can see two files were generated:
With KeePassXC you only need the first file listed. With KeePassXC you only need the first file listed.
==== Generating a key on Windows ==== Generating a key on Windows with PuTTYgen
On Windows you can generate key pairs with _PuTTYgen_ and with _ssh-keygen_, depending on whether you installed PuTTY and your Windows version. Please read the manual on how to use PuTTYgen for details on generate a key: https://the.earth.li/~sgtatham/putty/0.74/htmldoc/Chapter8.html#pubkey-puttygen. Once generated, you must save the key in the new OpenSSH format, see image below.
===== Using _PuTTYgen_ .Generating a key with PuTTYgen
Please read the manual on how to use _PuTTYgen_ for details on generate a key: https://the.earth.li/~sgtatham/putty/0.74/htmldoc/Chapter8.html#pubkey-puttygen. Once generated, you must save the key in the new OpenSSH format, see image below.
.Generating a key with _PuTTYgen_
image::sshagent_puttygen.png[,70%] image::sshagent_puttygen.png[,70%]
===== Using _ssh-keygen_
Open _Command Prompt_ or _Windows PowerShell_ and type the following command to generate a key:
PS C:\Users\user> ssh-keygen.exe -o -f keepassxc -C johndoe@example
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in keepassxc
Your public key has been saved in keepassxc.pub
The key fingerprint is:
SHA256:pN+o5AqUmijYBDUrFV/caMus9oIR61+MiWLa8fcsVYI johndoe@example
The key's randomart image is:
+---[RSA 3072]----+
| =. ..o |
| o + .+ . |
|o . .+ o. |
| o.. Eo. . |
| +o .. So |
|o*o.o+ ..o |
|Bo=+o.+.o . |
|+oo+.++o |
|. ..++ooo |
+----[SHA256]-----+
Now we can see two files were generated:
PS C:\Users\user> dir keepassxc*
Directory C:\Users\user
Mode LastWriteTime Length Name
---- ------------- ------ ----
-a---- 9/19/2021 12:08 PM 2655 keepassxc
-a---- 9/19/2021 12:08 PM 570 keepassxc.pub
With KeePassXC you only need the first file listed.
=== Configuring an entry to use SSH Agent === Configuring an entry to use SSH Agent
The last step is to setup an entry to contain the SSH Agent settings and key file you generated. The last step is to setup an entry to contain the SSH Agent settings and key file you generated.
1. Create a new entry, or open an existing entry in edit mode. 1. Create a new entry, or open an existing entry in edit mode.
2. Set the password you used for the key file in the password field. 2. Set the password you used for the key file in the password field.
3. Go to the advanced category and attach the key file you generated previously. 3. Go to the advanced category and attach the key file you generated previously.
4. Go to the SSH Agent category *(1)* and select the attachment from the list *(2)*. 4. Go to the SSH Agent category *(1)* and select the attachment from the list *(2)*.
5. Alternatively, you can load an external file dynamically using the file selection. 5. Alternatively, you can load an external file dynamically using the file selection.
6. Choose the options for this key. 6. Choose the options for this key.
7. Press *OK* to accept the entry. Depending on the options you chose, KeePassXC will load the key and present it for use. 7. Press *OK* to accept the entry. Depending on the options you chose, KeePassXC will load the key and present it for use.
@@ -173,7 +118,7 @@ The last step is to setup an entry to contain the SSH Agent settings and key fil
.SSH Agent Entry Settings Page .SSH Agent Entry Settings Page
image::sshagent_entry_settings.png[] image::sshagent_entry_settings.png[]
If you chose to not autoload the key on database unlock, you can manually make the key available by using the context menu from the entry list. If you chose to not auto-load the key on database unlock, you can manually make the key available by using the context menu from the entry list.
.SSH Agent Load Key from Context Menu .SSH Agent Load Key from Context Menu
image::sshagent_context_menu.png[] image::sshagent_context_menu.png[]

33
docs/topics/UserInterface.adoc
View File

@@ -1,24 +1,22 @@
= KeePassXC Database Operations = KeePassXC - Database Operations
include::.sharedheader[] include::.sharedheader[]
:imagesdir: ../images :imagesdir: ../images
// tag::content[] // tag::content[]
== Interface Overview == Interface Overview
=== Application Layout === Application Layout
The KeePassXC interface is designed for simplicity and easy access to your information. The main database view is split into four main partitions detailed below. You can open multiple databases at the same time, they will appear in tabs. The KeePassXC interface is designed for simplicity and easy access to your information. The main database view is split into three main partitions detailed below. You can open multiple databases at the same time, they will appear in tabs.
.Main database interface .Main database interface
image::main_interface.png[] image::main_interface.png[]
*(A) Groups* Organize your entries into discrete groups to bring order to all of your sensitive information. Groups can be nested under each other to create a hierarchy. Settings from parent groups get applied to their children. You can hide this panel on the View menu. *(A) Groups* - Organize your entries into discrete groups to bring order to all of your sensitive information. Groups can be nested under each other to create a hierarchy. Settings from parent groups get applied to their children.
*(B) Tags* Dynamic groups of entries that can be quickly displayed with one click. Any number of custom tags can be added when editing an entry. This panel also includes useful pre-defined searches, such as finding expired and weak passwords. *(B) Entries* - Entries contain all the information for each website or application you are storing in KeePassXC. This view shows all the entries in the selected group. Each column can be resized, reordered, and shown or hidden based on your preference. Right click the header row to see all available options.
*\(C) Entries* Entries contain all the information you want to store for a website or application you are storing in KeePassXC. This view shows all the entries in the selected group. Each column can be resized, reordered, and shown or hidden based on your preference. Right-click the header row to see all available options. *\(C) Preview* - Shows a preview of the selected group or entry. You can temporarily hide this preview using the close button on the right hand side or completely disabled in the application settings.
*(D) Preview* Shows a preview of the selected group or entry. You can temporarily hide this preview using the close button on the right hand side or completely disabled in the application settings. TIP: Double clicking on the text in the entries list copies that field to the clipboard. Double clicking the entry title will open the entry for editing.
TIP: You can enable double-click copying of entry username and password in the Application Security Settings. This is turned off by default starting with version 2.7.0.
=== Toolbar === Toolbar
The toolbar provides a quick way to perform common tasks with your database. Some entries in the toolbar are dynamically disabled based on the information contained in the selected entry. Every common action in KeePassXC can be controlled with a keyboard shortcut as well. The toolbar provides a quick way to perform common tasks with your database. Some entries in the toolbar are dynamically disabled based on the information contained in the selected entry. Every common action in KeePassXC can be controlled with a keyboard shortcut as well.
@@ -26,11 +24,12 @@ The toolbar provides a quick way to perform common tasks with your database. Som
.Toolbar overview .Toolbar overview
image::toolbar.png[] image::toolbar.png[]
*(A) Database* Open Database, Save Database, Lock Database + *(A) Database* - Open Database, Save Database +
*(B) Entries* Create Entry, Edit Entry, Delete Selected Entries + *(B) Entries* - Create Entry, Edit Selected Entry, Delete Selected Entry +
*\(C) Entry Data* Copy Username, Copy Password, Copy URL, Perform Auto-Type + *\(C) Entry Data* - Copy Username, Copy Password, Copy URL, Perform Auto-Type +
*(D) Tools* Password Generator, Application Settings + *(D) Lock All Databases* +
*(E) Search* *(E) Tools* - Password Generator, Application Settings +
*(F) Search*
=== Application Settings === Application Settings
Users can configure KeePassXC to their personal tastes with a wide variety of general and security settings that apply to the whole application. These settings are accessible from _Tools_ -> _Settings_ or the cog wheel icon from the toolbar. Settings include: startup options, file management, entry management, user interface, language, security timeouts, and convenience. Users can configure KeePassXC to their personal tastes with a wide variety of general and security settings that apply to the whole application. These settings are accessible from _Tools_ -> _Settings_ or the cog wheel icon from the toolbar. Settings include: startup options, file management, entry management, user interface, language, security timeouts, and convenience.
@@ -47,9 +46,6 @@ For users with smaller screens or those who desire seeing more entries at once,
.Compact mode comparison .Compact mode comparison
image::compact_mode_comparison.png[] image::compact_mode_comparison.png[]
=== Screenshot Security
By default, KeePassXC prevents recordings and screenshots of the application window on Windows and macOS. This prevents inadvertent spillage of information during meetings and disallows other applications to capture the window contents. If you would like to enable screen capture, you must start the application with the `--allow-screencapture` command line flag.
=== Keyboard Shortcuts === Keyboard Shortcuts
include::KeyboardShortcuts.adoc[tag=content, leveloffset=+1] include::KeyboardShortcuts.adoc[tag=content, leveloffset=+1]
@@ -59,7 +55,7 @@ You can use the following command line options to tailor the application to your
---- ----
Usage: keepassxc.exe [options] [filename(s)] Usage: keepassxc.exe [options] [filename(s)]
KeePassXC cross-platform password manager KeePassXC - cross-platform password manager
Options: Options:
-?, -h, --help Displays help on commandline options. -?, -h, --help Displays help on commandline options.
@@ -67,11 +63,9 @@ Options:
-v, --version Displays version information. -v, --version Displays version information.
--config <config> path to a custom config file --config <config> path to a custom config file
--localconfig <localconfig> path to a custom local config file --localconfig <localconfig> path to a custom local config file
--lock lock all open databases
--keyfile <keyfile> key file of the database --keyfile <keyfile> key file of the database
--pw-stdin read password of the database from stdin --pw-stdin read password of the database from stdin
--debug-info Displays debugging information. --debug-info Displays debugging information.
--allow-screencapture Allow screen recording and screenshots
Arguments: Arguments:
filename(s) filenames of the password databases to open (*.kdbx) filename(s) filenames of the password databases to open (*.kdbx)
@@ -85,7 +79,6 @@ Additionally, the following environment variables may be useful when running the
|KPXC_CONFIG | Override default path to roaming configuration file |KPXC_CONFIG | Override default path to roaming configuration file
|KPXC_CONFIG_LOCAL | Override default path to local configuration file |KPXC_CONFIG_LOCAL | Override default path to local configuration file
|KPXC_INITIAL_DIR | Override initial location picking for databases
|SSH_AUTH_SOCKET | Path of the unix file socket that the agent uses for communication with other processes (SSH Agent) |SSH_AUTH_SOCKET | Path of the unix file socket that the agent uses for communication with other processes (SSH Agent)
|QT_SCALE_FACTOR [numeric] | Defines a global scale factor for the whole application, including point-sized fonts. |QT_SCALE_FACTOR [numeric] | Defines a global scale factor for the whole application, including point-sized fonts.
|QT_SCREEN_SCALE_FACTORS [list] | Specifies scale factors for each screen. See https://doc.qt.io/qt-5/highdpi.html#high-dpi-support-in-qt |QT_SCREEN_SCALE_FACTORS [list] | Specifies scale factors for each screen. See https://doc.qt.io/qt-5/highdpi.html#high-dpi-support-in-qt

6
docs/topics/Welcome.adoc
View File

@@ -1,4 +1,4 @@
= KeePassXC Welcome = KeePassXC - Welcome
include::.sharedheader[] include::.sharedheader[]
:imagesdir: ../images :imagesdir: ../images
@@ -9,7 +9,7 @@ KeePassXC is a modern, secure, and open-source password manager that stores and
KeePassXC is for people with extremely high demands of secure personal data management. It saves many different types of information, such as usernames, passwords, URLs, attachments, and notes in an offline, encrypted file that can be stored in any location, including private and public cloud solutions. For easy identification and management, user-defined titles and icons can be specified for entries. In addition, entries are sorted in customizable groups. An integrated search function allows you to use advanced patterns to easily find any entry in your database. A customizable, fast, and easy-to-use password generator utility allows you to create passwords with any combination of characters or easy to remember passphrases. KeePassXC is for people with extremely high demands of secure personal data management. It saves many different types of information, such as usernames, passwords, URLs, attachments, and notes in an offline, encrypted file that can be stored in any location, including private and public cloud solutions. For easy identification and management, user-defined titles and icons can be specified for entries. In addition, entries are sorted in customizable groups. An integrated search function allows you to use advanced patterns to easily find any entry in your database. A customizable, fast, and easy-to-use password generator utility allows you to create passwords with any combination of characters or easy to remember passphrases.
=== Overview === Overview
You can store an unlimited number of passwords and information in a KeePassXC database. Every piece of information you store in your database is encrypted at all times within the `kdbx` file. When you are accessing your database from within KeePassXC, your information is decrypted and stored in your computer's memory. KeePassXC places controls over the access to this data so other applications cannot read it (unless they have administrative rights). The interface is designed to let you quickly access your passwords, search for the right entry, perform Auto-Type or copy/paste operations, make and save changes, and then get out of your way. You can store an unlimited number of passwords and information in a KeePassXC database. Every piece of information you store in your database is encrypted at all times within the `kdbx` file. When you are accessing your database from within KeePassXC, your information in decrypted and stored in your computer's memory. KeePassXC places controls over the access to this data so other applications cannot read it (unless they have administrative rights). The interface is designed to let you quickly access your passwords, search for the right entry, perform Auto-Type or copy/paste operations, make and save changes, and then get out of your way.
KeePassXC ships with light and dark themes specifically designed to meet accessibility standards. In most cases, the appropriate theme for your system will be determined automatically, but you can always set a specific theme in the application settings. KeePassXC ships with light and dark themes specifically designed to meet accessibility standards. In most cases, the appropriate theme for your system will be determined automatically, but you can always set a specific theme in the application settings.
@@ -44,5 +44,3 @@ KeePassXC has numerous features for novice and power users alike. This guide wil
** FreeDesktop.org Secret Service (replace Gnome keyring, etc.) ** FreeDesktop.org Secret Service (replace Gnome keyring, etc.)
** Additional encryption choices: Twofish and ChaCha20 ** Additional encryption choices: Twofish and ChaCha20
// end::content[] // end::content[]
// tag::advanced[]
// end::advanced[]

631
release-tool
View File

File diff suppressed because it is too large Load Diff

598
release-tool.ps1
View File

@@ -1,598 +0,0 @@
<#
.SYNOPSIS
KeePassXC Release Tool
.DESCRIPTION
Commands:
merge Merge release branch into main branch and create release tags
build Build and package binary release from sources
sign Sign previously compiled release packages
.NOTES
The following are descriptions of certain parameters:
-Vcpkg Specify VCPKG toolchain location (example: C:\vcpkg)
-Tag Release tag to check out (defaults to version number)
-Snapshot Build current HEAD without checkout out Tag
-CMakeGenerator Override the default CMake generator
-CMakeOptions Additional CMake options for compiling the sources
-CPackGenerators Set CPack generators (default: WIX;ZIP)
-Compiler Compiler to use (example: g++, clang, msbuild)
-MakeOptions Options to pass to the make program
-SignBuild Perform platform specific App Signing before packaging
-SignKey Specify the App Signing Key/Identity
-TimeStamp Explicitly set the timestamp server to use for appsign
-SourceBranch Source branch to merge from (default: 'release/$Version')
-TargetBranch Target branch to merge to (default: master)
-VSToolChain Specify Visual Studio Toolchain by name if more than one is available
#>
param(
[Parameter(ParameterSetName = "merge", Mandatory, Position = 0)]
[switch] $Merge,
[Parameter(ParameterSetName = "build", Mandatory, Position = 0)]
[switch] $Build,
[Parameter(ParameterSetName = "sign", Mandatory, Position = 0)]
[switch] $Sign,
[Parameter(ParameterSetName = "merge", Mandatory, Position = 1)]
[Parameter(ParameterSetName = "build", Mandatory, Position = 1)]
[Parameter(ParameterSetName = "sign", Mandatory, Position = 1)]
[string] $Version,
[Parameter(ParameterSetName = "build", Mandatory)]
[string] $Vcpkg,
[Parameter(ParameterSetName = "sign", Mandatory)]
[SupportsWildcards()]
[string[]] $SignFiles,
# [Parameter(ParameterSetName = "build")]
# [switch] $DryRun,
[Parameter(ParameterSetName = "build")]
[switch] $Snapshot,
[Parameter(ParameterSetName = "build")]
[switch] $SignBuild,
[Parameter(ParameterSetName = "build")]
[string] $CMakeGenerator = "Ninja",
[Parameter(ParameterSetName = "build")]
[string] $CMakeOptions,
[Parameter(ParameterSetName = "build")]
[string] $CPackGenerators = "WIX;ZIP",
[Parameter(ParameterSetName = "build")]
[string] $Compiler,
[Parameter(ParameterSetName = "build")]
[string] $MakeOptions,
[Parameter(ParameterSetName = "build")]
[Parameter(ParameterSetName = "sign")]
[string] $SignKey,
[Parameter(ParameterSetName = "build")]
[Parameter(ParameterSetName = "sign")]
[string] $Timestamp = "http://timestamp.sectigo.com",
[Parameter(ParameterSetName = "merge")]
[Parameter(ParameterSetName = "build")]
[Parameter(ParameterSetName = "sign")]
[string] $GpgKey = "CFB4C2166397D0D2",
[Parameter(ParameterSetName = "merge")]
[Parameter(ParameterSetName = "build")]
[string] $SourceDir = ".",
[Parameter(ParameterSetName = "build")]
[string] $OutDir = ".\release",
[Parameter(ParameterSetName = "merge")]
[Parameter(ParameterSetName = "build")]
[string] $Tag,
[Parameter(ParameterSetName = "merge")]
[string] $SourceBranch,
[Parameter(ParameterSetName = "build")]
[string] $VSToolChain,
[Parameter(ParameterSetName = "merge")]
[Parameter(ParameterSetName = "build")]
[Parameter(ParameterSetName = "sign")]
[string] $ExtraPath
)
# Helper function definitions
function Test-RequiredPrograms {
# If any of these fail they will throw an exception terminating the script
if ($Build) {
Get-Command git | Out-Null
Get-Command cmake | Out-Null
}
if ($Merge) {
Get-Command git | Out-Null
Get-Command tx | Out-Null
Get-Command lupdate | Out-Null
}
if ($Sign -or $SignBuild) {
if ($SignKey.Length) {
Get-Command signtool | Out-Null
}
Get-Command gpg | Out-Null
}
}
function Test-VersionInFiles {
# Check CMakeLists.txt
$Major, $Minor, $Patch = $Version.split(".", 3)
if (!(Select-String "$SourceDir\CMakeLists.txt" -pattern "KEEPASSXC_VERSION_MAJOR `"$Major`"" -Quiet) `
-or !(Select-String "$SourceDir\CMakeLists.txt" -pattern "KEEPASSXC_VERSION_MINOR `"$Minor`"" -Quiet) `
-or !(Select-String "$SourceDir\CMakeLists.txt" -pattern "KEEPASSXC_VERSION_PATCH `"$Patch`"" -Quiet)) {
throw "CMakeLists.txt has not been updated to $Version."
}
# Check Changelog
if (!(Select-String "$SourceDir\CHANGELOG.md" -pattern "^## $Version \(\d{4}-\d{2}-\d{2}\)$" -Quiet)) {
throw "CHANGELOG.md does not contain a section for $Version."
}
# Check AppStreamInfo
if (!(Select-String "$SourceDir\share\linux\org.keepassxc.KeePassXC.appdata.xml" `
-pattern "<release version=`"$Version`" date=`"\d{4}-\d{2}-\d{2}`">" -Quiet)) {
throw "share/linux/org.keepassxc.KeePassXC.appdata.xml does not contain a section for $Version."
}
}
function Test-WorkingTreeClean {
& git diff-index --quiet HEAD --
if ($LASTEXITCODE) {
throw "Current working tree is not clean! Please commit or unstage any changes."
}
}
function Invoke-VSToolchain([String] $Toolchain, [String] $Path, [String] $Arch) {
# Find Visual Studio installations
$vs = Get-CimInstance MSFT_VSInstance
if ($vs.count -eq 0) {
$err = "No Visual Studio installations found, download one from https://visualstudio.com/downloads."
$err = "$err`nIf Visual Studio is installed, you may need to repair the install then restart."
throw $err
}
$VSBaseDir = $vs[0].InstallLocation
if ($Toolchain) {
# Try to find the specified toolchain by name
foreach ($_ in $vs) {
if ($_.Name -eq $Toolchain) {
$VSBaseDir = $_.InstallLocation
break
}
}
} elseif ($vs.count -gt 1) {
# Ask the user which install to use
$i = 0
foreach ($_ in $vs) {
$i = $i + 1
$i.ToString() + ") " + $_.Name | Write-Host
}
$i = Read-Host -Prompt "Which Visual Studio installation do you want to use?"
$i = [Convert]::ToInt32($i, 10) - 1
if ($i -lt 0 -or $i -ge $vs.count) {
throw "Invalid selection made"
}
$VSBaseDir = $vs[$i].InstallLocation
}
# Bootstrap the specified VS Toolchain
Import-Module "$VSBaseDir\Common7\Tools\Microsoft.VisualStudio.DevShell.dll"
Enter-VsDevShell -VsInstallPath $VSBaseDir -Arch $Arch -StartInPath $Path | Write-Host
Write-Host # Newline after command output
}
function Invoke-Cmd([string] $command, [string[]] $options = @(), [switch] $maskargs, [switch] $quiet) {
$call = ('{0} {1}' -f $command, ($options -Join ' '))
if ($maskargs) {
Write-Host "$command <masked>" -ForegroundColor DarkGray
}
else {
Write-Host $call -ForegroundColor DarkGray
}
if ($quiet) {
Invoke-Expression $call > $null
} else {
Invoke-Expression $call
}
if ($LASTEXITCODE -ne 0) {
throw "Failed to run command: {0}" -f $command
}
Write-Host #insert newline after command output
}
function Invoke-SignFiles([string[]] $files, [string] $key, [string] $time) {
if (!(Test-Path -Path "$key" -PathType leaf)) {
throw "Appsign key file was not found! ($key)"
}
if ($files.Length -eq 0) {
return
}
Write-Host "Signing files using $key" -ForegroundColor Cyan
$KeyPassword = Read-Host "Key password: " -MaskInput
foreach ($_ in $files) {
Write-Host "Signing file '$_' using Microsoft signtool..."
Invoke-Cmd "signtool" "sign -f `"$key`" -p `"$KeyPassword`" -d `"KeePassXC`" -td sha256 -fd sha256 -tr `"$time`" `"$_`"" -maskargs
}
}
function Invoke-GpgSignFiles([string[]] $files, [string] $key) {
if ($files.Length -eq 0) {
return
}
Write-Host "Signing files using GPG key $key" -ForegroundColor Cyan
foreach ($_ in $files) {
Write-Host "Signing file '$_' and creating DIGEST..."
if (Test-Path "$_.sig") {
Remove-Item "$_.sig"
}
Invoke-Cmd "gpg" "--output `"$_.sig`" --armor --local-user `"$key`" --detach-sig `"$_`""
$FileName = (Get-Item $_).Name
(Get-FileHash "$_" SHA256).Hash + " *$FileName" | Out-File "$_.DIGEST" -NoNewline
}
}
# Handle errors and restore state
$OrigDir = (Get-Location).Path
$OrigBranch = & git rev-parse --abbrev-ref HEAD
$ErrorActionPreference = 'Stop'
trap {
Write-Host "Restoring state..." -ForegroundColor Yellow
& git checkout $OrigBranch
Set-Location "$OrigDir"
}
Write-Host "KeePassXC Release Preparation Helper" -ForegroundColor Green
Write-Host "Copyright (C) 2022 KeePassXC Team <https://keepassxc.org/>`n" -ForegroundColor Green
# Prepend extra PATH locations as specified
if ($ExtraPath) {
$env:Path = "$ExtraPath;$env:Path"
}
# Resolve absolute directory for paths
$SourceDir = (Resolve-Path $SourceDir).Path
# Check format of -Version
if ($Version -notmatch "^\d+\.\d+\.\d+(-Beta\d*)?$") {
throw "Invalid format for -Version input"
}
# Check platform
if (!$IsWindows) {
throw "The PowerShell release tool is not available for Linux or macOS at this time."
}
if ($Merge) {
Test-RequiredPrograms
# Change to SourceDir
Set-Location "$SourceDir"
Test-VersionInFiles
Test-WorkingTreeClean
if (!$SourceBranch.Length) {
$SourceBranch = & git branch --show-current
}
if ($SourceBranch -notmatch "^release/.*$") {
throw "Must be on a release/* branch to continue."
}
# Update translation files
Write-Host "Updating source translation file..."
Invoke-Cmd "lupdate" "-no-ui-lines -disable-heuristic similartext -locations none", `
"-extensions c,cpp,h,js,mm,qrc,ui -no-obsolete ./src -ts share/translations/keepassxc_en.ts"
Write-Host "Pulling updated translations from Transifex..."
Invoke-Cmd "tx" "pull -af --minimum-perc=60 --parallel -r keepassxc.share-translations-keepassxc-en-ts--develop"
# Only commit if there are changes
$changes = & git status --porcelain
if ($changes.Length -gt 0) {
Write-Host "Committing translation updates..."
Invoke-Cmd "git" "add -A ./share/translations/" -quiet
Invoke-Cmd "git" "commit -m `"Update translations`"" -quiet
}
# Read the version release notes from CHANGELOG
$Changelog = ""
$ReadLine = $false
Get-Content "CHANGELOG.md" | ForEach-Object {
if ($ReadLine) {
if ($_ -match "^## ") {
$ReadLine = $false
} else {
$Changelog += $_ + "`n"
}
} elseif ($_ -match "$Version \(\d{4}-\d{2}-\d{2}\)") {
$ReadLine = $true
}
}
Write-Host "Creating tag for '$Version'..."
$tmp = New-TemporaryFile
"Release $Version`n$Changelog" | Out-File $tmp.FullName
Invoke-Cmd "git" "tag -a `"$Version`" -F `"$tmp`" -s" -quiet
Remove-Item $tmp.FullName -Force
Write-Host "Moving latest tag..."
Invoke-Cmd "git" "tag -f -a `"latest`" -m `"Latest stable release`" -s" -quiet
Write-Host "All done!"
Write-Host "Please merge the release branch back into the develop branch now and then push your changes."
Write-Host "Don't forget to also push the tags using 'git push --tags'."
} elseif ($Build) {
$Vcpkg = (Resolve-Path "$Vcpkg/scripts/buildsystems/vcpkg.cmake").Path
# Find Visual Studio and establish build environment
Invoke-VSToolchain $VSToolChain $SourceDir -Arch "amd64"
Test-RequiredPrograms
if ($Snapshot) {
$Tag = "HEAD"
$SourceBranch = & git rev-parse --abbrev-ref HEAD
$ReleaseName = "$Version-snapshot"
$CMakeOptions = "-DKEEPASSXC_BUILD_TYPE=Snapshot -DOVERRIDE_VERSION=`"$ReleaseName`" $CMakeOptions"
Write-Host "Using current branch '$SourceBranch' to build." -ForegroundColor Cyan
} else {
Test-WorkingTreeClean
# Clear output directory
if (Test-Path $OutDir) {
Remove-Item $OutDir -Recurse
}
if ($Version -match "-beta\d*$") {
$CMakeOptions = "-DKEEPASSXC_BUILD_TYPE=PreRelease $CMakeOptions"
} else {
$CMakeOptions = "-DKEEPASSXC_BUILD_TYPE=Release $CMakeOptions"
}
# Setup Tag if not defined then checkout tag
if ($Tag -eq "" -or $Tag -eq $null) {
$Tag = $Version
}
Write-Host "Checking out tag 'tags/$Tag' to build." -ForegroundColor Cyan
Invoke-Cmd "git" "checkout `"tags/$Tag`""
}
# Create directories
New-Item "$OutDir" -ItemType Directory -Force | Out-Null
$OutDir = (Resolve-Path $OutDir).Path
$BuildDir = "$OutDir\build-release"
New-Item "$BuildDir" -ItemType Directory -Force | Out-Null
# Enter build directory
Set-Location "$BuildDir"
# Setup CMake options
$CMakeOptions = "-DWITH_XC_ALL=ON -DWITH_TESTS=OFF -DCMAKE_BUILD_TYPE=Release $CMakeOptions"
$CMakeOptions = "-DCMAKE_TOOLCHAIN_FILE:FILEPATH=`"$Vcpkg`" -DX_VCPKG_APPLOCAL_DEPS_INSTALL=ON $CMakeOptions"
Write-Host "Configuring build..." -ForegroundColor Cyan
Invoke-Cmd "cmake" "-G `"$CMakeGenerator`" $CMakeOptions `"$SourceDir`""
Write-Host "Compiling sources..." -ForegroundColor Cyan
Invoke-Cmd "cmake" "--build . --config Release -- $MakeOptions"
if ($SignBuild) {
$files = Get-ChildItem "$BuildDir\src" -Include "*keepassxc*.exe", "*keepassxc*.dll" -Recurse -File | ForEach-Object { $_.FullName }
Invoke-SignFiles $files $SignKey $Timestamp
}
Write-Host "Create deployment packages..." -ForegroundColor Cyan
Invoke-Cmd "cpack" "-G `"$CPackGenerators`""
Move-Item "$BuildDir\keepassxc-*" -Destination "$OutDir" -Force
if ($SignBuild) {
# Enter output directory
Set-Location -Path "$OutDir"
# Sign MSI files using AppSign key
$files = Get-ChildItem $OutDir -Include "*.msi" -Name
Invoke-SignFiles $files $SignKey $Timestamp
# Sign all output files using the GPG key then hash them
$files = Get-ChildItem $OutDir -Include "*.msi", "*.zip" -Name
Invoke-GpgSignFiles $files $GpgKey
}
# Restore state
Invoke-Command {git checkout $OrigBranch}
Set-Location "$OrigDir"
} elseif ($Sign) {
if (Test-Path $SignKey) {
# Need to include path to signtool program
Invoke-VSToolchain $VSToolChain $SourceDir -Arch "amd64"
}
Test-RequiredPrograms
# Resolve wildcard paths
$ResolvedFiles = @()
foreach ($_ in $SignFiles) {
$ResolvedFiles += (Get-ChildItem $_ -File | ForEach-Object { $_.FullName })
}
$AppSignFiles = $ResolvedFiles.Where({ $_ -match "\.(msi|exe|dll)$" })
Invoke-SignFiles $AppSignFiles $SignKey $Timestamp
$GpgSignFiles = $ResolvedFiles.Where({ $_ -match "\.(msi|zip|gz|xz|dmg|appimage)$" })
Invoke-GpgSignFiles $GpgSignFiles $GpgKey
}
# SIG # Begin signature block
# MIIfXAYJKoZIhvcNAQcCoIIfTTCCH0kCAQExDzANBglghkgBZQMEAgEFADB5Bgor
# BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG
# KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCCyL72KYcPC3xiu
# XNxyDy0dxda/uihakmlcLUtXbyvnkaCCGSAwggU6MIIEIqADAgECAhBYotctjMD9
# icz/IeDU7cdKMA0GCSqGSIb3DQEBCwUAMHwxCzAJBgNVBAYTAkdCMRswGQYDVQQI
# ExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoT
# D1NlY3RpZ28gTGltaXRlZDEkMCIGA1UEAxMbU2VjdGlnbyBSU0EgQ29kZSBTaWdu
# aW5nIENBMB4XDTIxMDMxNTAwMDAwMFoXDTI0MDMxNDIzNTk1OVowgaExCzAJBgNV
# BAYTAlVTMQ4wDAYDVQQRDAUyMjMxNTERMA8GA1UECAwIVmlyZ2luaWExEjAQBgNV
# BAcMCUZyYW5jb25pYTEbMBkGA1UECQwSNjY1MyBBdWRyZXkgS2F5IEN0MR4wHAYD
# VQQKDBVEcm9pZE1vbmtleSBBcHBzLCBMTEMxHjAcBgNVBAMMFURyb2lkTW9ua2V5
# IEFwcHMsIExMQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALAH0v/7
# XOVxc5Auhi92tgBZL0Hm6L7sT1xcKfrBwHg12ZpFs0zeR1ZzyduM44d45y3aNXNW
# 7+klHVJqAj5XVHUF/OB/O5bnljKIeupdAZ8v3GGokBZK91BGKe+WRn5ZjdDGc6HN
# xCT4FMth1TCrTg7eMy/u+cfp+4ur8dcSyAM5tkLsTIoS1VtZWjiepjS1RO+Ile9E
# j+wUM3wO9Qt5/BlYi8XsbXU0V4oi3bj6EMLO9UEq0SfsM2YUY7UIkAHtLPiMV7BX
# gw/WC+IwB8ZtIGpq/JEME4bt51pJVvVmrjzbKgc0Cz6akhArZIa9QooAkrbAINvO
# Cm+7mx/PBK2lzSECAwEAAaOCAZAwggGMMB8GA1UdIwQYMBaAFA7hOqhTOjHVir7B
# u61nGgOFrTQOMB0GA1UdDgQWBBTu7ZZnt+omJoze71KXMDAYGGhYfTAOBgNVHQ8B
# Af8EBAMCB4AwDAYDVR0TAQH/BAIwADATBgNVHSUEDDAKBggrBgEFBQcDAzARBglg
# hkgBhvhCAQEEBAMCBBAwSgYDVR0gBEMwQTA1BgwrBgEEAbIxAQIBAwIwJTAjBggr
# BgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwCAYGZ4EMAQQBMEMGA1Ud
# HwQ8MDowOKA2oDSGMmh0dHA6Ly9jcmwuc2VjdGlnby5jb20vU2VjdGlnb1JTQUNv
# ZGVTaWduaW5nQ0EuY3JsMHMGCCsGAQUFBwEBBGcwZTA+BggrBgEFBQcwAoYyaHR0
# cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBQ29kZVNpZ25pbmdDQS5jcnQw
# IwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLnNlY3RpZ28uY29tMA0GCSqGSIb3DQEB
# CwUAA4IBAQAPbD9O3krI9tfYz6FZXCCqkqbjaeTpo3Ye9Kn4paWsHa37OIv7UhFf
# CrtLRXunZ7Vkry5cvMGNQNUaMFy6CHmEYb3kwZWW3EImuv9uTUd7rYvszBXF8flv
# kysT+8L9wdxLEQHUBnBnFgqMM99HzVuINVyH75d4qa9TF9PhcajsxwmpPgr9NwvC
# KNJv8BaxdH6vYFcQCqCygbfuST99s8qKaknTuHF39E1hWkTfcT3fMJDVONzW0/cN
# ourxylLqMZRjk007NGCnaYZwYfKW/pD/F/jmo28eKoVVy129j2h/RAWODl5gOvis
# sNr6aSz1/Ul3xoNYpyx8IGeWiFMoh99tMIIF9TCCA92gAwIBAgIQHaJIMG+bJhjQ
# guCWfTPTajANBgkqhkiG9w0BAQwFADCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgT
# Ck5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVUaGUg
# VVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlm
# aWNhdGlvbiBBdXRob3JpdHkwHhcNMTgxMTAyMDAwMDAwWhcNMzAxMjMxMjM1OTU5
# WjB8MQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAw
# DgYDVQQHEwdTYWxmb3JkMRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0ZWQxJDAiBgNV
# BAMTG1NlY3RpZ28gUlNBIENvZGUgU2lnbmluZyBDQTCCASIwDQYJKoZIhvcNAQEB
# BQADggEPADCCAQoCggEBAIYijTKFehifSfCWL2MIHi3cfJ8Uz+MmtiVmKUCGVEZ0
# MWLFEO2yhyemmcuVMMBW9aR1xqkOUGKlUZEQauBLYq798PgYrKf/7i4zIPoMGYmo
# bHutAMNhodxpZW0fbieW15dRhqb0J+V8aouVHltg1X7XFpKcAC9o95ftanK+ODtj
# 3o+/bkxBXRIgCFnoOc2P0tbPBrRXBbZOoT5Xax+YvMRi1hsLjcdmG0qfnYHEckC1
# 4l/vC0X/o84Xpi1VsLewvFRqnbyNVlPG8Lp5UEks9wO5/i9lNfIi6iwHr0bZ+UYc
# 3Ix8cSjz/qfGFN1VkW6KEQ3fBiSVfQ+noXw62oY1YdMCAwEAAaOCAWQwggFgMB8G
# A1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBQO4TqoUzox
# 1Yq+wbutZxoDha00DjAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIB
# ADAdBgNVHSUEFjAUBggrBgEFBQcDAwYIKwYBBQUHAwgwEQYDVR0gBAowCDAGBgRV
# HSAAMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9V
# U0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcB
# AQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VS
# VHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3Au
# dXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEATWNQ7Uc0SmGk295qKoyb
# 8QAAHh1iezrXMsL2s+Bjs/thAIiaG20QBwRPvrjqiXgi6w9G7PNGXkBGiRL0C3da
# nCpBOvzW9Ovn9xWVM8Ohgyi33i/klPeFM4MtSkBIv5rCT0qxjyT0s4E307dksKYj
# alloUkJf/wTr4XRleQj1qZPea3FAmZa6ePG5yOLDCBaxq2NayBWAbXReSnV+pbjD
# bLXP30p5h1zHQE1jNfYw08+1Cg4LBH+gS667o6XQhACTPlNdNKUANWlsvp8gJRAN
# GftQkGG+OY96jk32nw4e/gdREmaDJhlIlc5KycF/8zoFm/lv34h/wCOe0h5DekUx
# wZxNqfBZslkZ6GqNKQQCd3xLS81wvjqyVVp4Pry7bwMQJXcVNIr5NsxDkuS6T/Fi
# kyglVyn7URnHoSVAaoRXxrKdsbwcCtp8Z359LukoTBh+xHsxQXGaSynsCz1XUNLK
# 3f2eBVHlRHjdAd6xdZgNVCT98E7j4viDvXK6yz067vBeF5Jobchh+abxKgoLpbn0
# nu6YMgWFnuv5gynTxix9vTp3Los3QqBqgu07SqqUEKThDfgXxbZaeTMYkuO1dfih
# 6Y4KJR7kHvGfWocj/5+kUZ77OYARzdu1xKeogG/lU9Tg46LC0lsa+jImLWpXcBw8
# pFguo/NbSwfcMlnzh6cabVgwggbsMIIE1KADAgECAhAwD2+s3WaYdHypRjaneC25
# MA0GCSqGSIb3DQEBDAUAMIGIMQswCQYDVQQGEwJVUzETMBEGA1UECBMKTmV3IEpl
# cnNleTEUMBIGA1UEBxMLSmVyc2V5IENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJV
# U1QgTmV0d29yazEuMCwGA1UEAxMlVVNFUlRydXN0IFJTQSBDZXJ0aWZpY2F0aW9u
# IEF1dGhvcml0eTAeFw0xOTA1MDIwMDAwMDBaFw0zODAxMTgyMzU5NTlaMH0xCzAJ
# BgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcT
# B1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDElMCMGA1UEAxMcU2Vj
# dGlnbyBSU0EgVGltZSBTdGFtcGluZyBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIP
# ADCCAgoCggIBAMgbAa/ZLH6ImX0BmD8gkL2cgCFUk7nPoD5T77NawHbWGgSlzkeD
# tevEzEk0y/NFZbn5p2QWJgn71TJSeS7JY8ITm7aGPwEFkmZvIavVcRB5h/RGKs3E
# Wsnb111JTXJWD9zJ41OYOioe/M5YSdO/8zm7uaQjQqzQFcN/nqJc1zjxFrJw06PE
# 37PFcqwuCnf8DZRSt/wflXMkPQEovA8NT7ORAY5unSd1VdEXOzQhe5cBlK9/gM/R
# EQpXhMl/VuC9RpyCvpSdv7QgsGB+uE31DT/b0OqFjIpWcdEtlEzIjDzTFKKcvSb/
# 01Mgx2Bpm1gKVPQF5/0xrPnIhRfHuCkZpCkvRuPd25Ffnz82Pg4wZytGtzWvlr7a
# TGDMqLufDRTUGMQwmHSCIc9iVrUhcxIe/arKCFiHd6QV6xlV/9A5VC0m7kUaOm/N
# 14Tw1/AoxU9kgwLU++Le8bwCKPRt2ieKBtKWh97oaw7wW33pdmmTIBxKlyx3GSuT
# lZicl57rjsF4VsZEJd8GEpoGLZ8DXv2DolNnyrH6jaFkyYiSWcuoRsDJ8qb/fVfb
# Enb6ikEk1Bv8cqUUotStQxykSYtBORQDHin6G6UirqXDTYLQjdprt9v3GEBXc/Bx
# o/tKfUU2wfeNgvq5yQ1TgH36tjlYMu9vGFCJ10+dM70atZ2h3pVBeqeDAgMBAAGj
# ggFaMIIBVjAfBgNVHSMEGDAWgBRTeb9aqitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4E
# FgQUGqH4YRkgD8NBd0UojtE1XwYSBFUwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB
# /wQIMAYBAf8CAQAwEwYDVR0lBAwwCgYIKwYBBQUHAwgwEQYDVR0gBAowCDAGBgRV
# HSAAMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9V
# U0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcB
# AQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VS
# VHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3Au
# dXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAbVSBpTNdFuG1U4GRdd8D
# ejILLSWEEbKw2yp9KgX1vDsn9FqguUlZkClsYcu1UNviffmfAO9Aw63T4uRW+VhB
# z/FC5RB9/7B0H4/GXAn5M17qoBwmWFzztBEP1dXD4rzVWHi/SHbhRGdtj7BDEA+N
# 5Pk4Yr8TAcWFo0zFzLJTMJWk1vSWVgi4zVx/AZa+clJqO0I3fBZ4OZOTlJux3LJt
# QW1nzclvkD1/RXLBGyPWwlWEZuSzxWYG9vPWS16toytCiiGS/qhvWiVwYoFzY16g
# u9jc10rTPa+DBjgSHSSHLeT8AtY+dwS8BDa153fLnC6NIxi5o8JHHfBd1qFzVwVo
# mqfJN2Udvuq82EKDQwWli6YJ/9GhlKZOqj0J9QVst9JkWtgqIsJLnfE5XkzeSD2b
# NJaaCV+O/fexUpHOP4n2HKG1qXUfcb9bQ11lPVCBbqvw0NP8srMftpmWJvQ8eYtc
# ZMzN7iea5aDADHKHwW5NWtMe6vBE5jJvHOsXTpTDeGUgOw9Bqh/poUGd/rG4oGUq
# NODeqPk85sEwu8CgYyz8XBYAqNDEf+oRnR4GxqZtMl20OAkrSQeq/eww2vGnL8+3
# /frQo4TZJ577AWZ3uVYQ4SBuxq6x+ba6yDVdM3aO8XwgDCp3rrWiAoa6Ke60WgCx
# jKvj+QrJVF3UuWp0nr1Irpgwggb1MIIE3aADAgECAhA5TCXhfKBtJ6hl4jvZHSLU
# MA0GCSqGSIb3DQEBDAUAMH0xCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVy
# IE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28g
# TGltaXRlZDElMCMGA1UEAxMcU2VjdGlnbyBSU0EgVGltZSBTdGFtcGluZyBDQTAe
# Fw0yMzA1MDMwMDAwMDBaFw0zNDA4MDIyMzU5NTlaMGoxCzAJBgNVBAYTAkdCMRMw
# EQYDVQQIEwpNYW5jaGVzdGVyMRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0ZWQxLDAq
# BgNVBAMMI1NlY3RpZ28gUlNBIFRpbWUgU3RhbXBpbmcgU2lnbmVyICM0MIICIjAN
# BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApJMoUkvPJ4d2pCkcmTjA5w7U0Rzs
# aMsBZOSKzXewcWWCvJ/8i7u7lZj7JRGOWogJZhEUWLK6Ilvm9jLxXS3AeqIO4OBW
# ZO2h5YEgciBkQWzHwwj6831d7yGawn7XLMO6EZge/NMgCEKzX79/iFgyqzCz2Ix6
# lkoZE1ys/Oer6RwWLrCwOJVKz4VQq2cDJaG7OOkPb6lampEoEzW5H/M94STIa7GZ
# 6A3vu03lPYxUA5HQ/C3PVTM4egkcB9Ei4GOGp7790oNzEhSbmkwJRr00vOFLUHty
# 4Fv9GbsfPGoZe267LUQqvjxMzKyKBJPGV4agczYrgZf6G5t+iIfYUnmJ/m53N9e7
# UJ/6GCVPE/JefKmxIFopq6NCh3fg9EwCSN1YpVOmo6DtGZZlFSnF7TMwJeaWg4Ga
# 9mBmkFgHgM1Cdaz7tJHQxd0BQGq2qBDu9o16t551r9OlSxihDJ9XsF4lR5F0zXUS
# 0Zxv5F4Nm+x1Ju7+0/WSL1KF6NpEUSqizADKh2ZDoxsA76K1lp1irScL8htKycOU
# QjeIIISoh67DuiNye/hU7/hrJ7CF9adDhdgrOXTbWncC0aT69c2cPcwfrlHQe2zY
# HS0RQlNxdMLlNaotUhLZJc/w09CRQxLXMn2YbON3Qcj/HyRU726txj5Ve/Fchzpk
# 8WBLBU/vuS/sCRMCAwEAAaOCAYIwggF+MB8GA1UdIwQYMBaAFBqh+GEZIA/DQXdF
# KI7RNV8GEgRVMB0GA1UdDgQWBBQDDzHIkSqTvWPz0V1NpDQP0pUBGDAOBgNVHQ8B
# Af8EBAMCBsAwDAYDVR0TAQH/BAIwADAWBgNVHSUBAf8EDDAKBggrBgEFBQcDCDBK
# BgNVHSAEQzBBMDUGDCsGAQQBsjEBAgEDCDAlMCMGCCsGAQUFBwIBFhdodHRwczov
# L3NlY3RpZ28uY29tL0NQUzAIBgZngQwBBAIwRAYDVR0fBD0wOzA5oDegNYYzaHR0
# cDovL2NybC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBVGltZVN0YW1waW5nQ0EuY3Js
# MHQGCCsGAQUFBwEBBGgwZjA/BggrBgEFBQcwAoYzaHR0cDovL2NydC5zZWN0aWdv
# LmNvbS9TZWN0aWdvUlNBVGltZVN0YW1waW5nQ0EuY3J0MCMGCCsGAQUFBzABhhdo
# dHRwOi8vb2NzcC5zZWN0aWdvLmNvbTANBgkqhkiG9w0BAQwFAAOCAgEATJtlWPrg
# ec/vFcMybd4zket3WOLrvctKPHXefpRtwyLHBJXfZWlhEwz2DJ71iSBewYfHAyTK
# x6XwJt/4+DFlDeDrbVFXpoyEUghGHCrC3vLaikXzvvf2LsR+7fjtaL96VkjpYeWa
# OXe8vrqRZIh1/12FFjQn0inL/+0t2v++kwzsbaINzMPxbr0hkRojAFKtl9RieCqE
# eajXPawhj3DDJHk6l/ENo6NbU9irALpY+zWAT18ocWwZXsKDcpCu4MbY8pn76rSS
# ZXwHfDVEHa1YGGti+95sxAqpbNMhRnDcL411TCPCQdB6ljvDS93NkiZ0dlw3oJok
# nk5fTtOPD+UTT1lEZUtDZM9I+GdnuU2/zA2xOjDQoT1IrXpl5Ozf4AHwsypKOazB
# pPmpfTXQMkCgsRkqGCGyyH0FcRpLJzaq4Jgcg3Xnx35LhEPNQ/uQl3YqEqxAwXBb
# mQpA+oBtlGF7yG65yGdnJFxQjQEg3gf3AdT4LhHNnYPl+MolHEQ9J+WwhkcqCxuE
# dn17aE+Nt/cTtO2gLe5zD9kQup2ZLHzXdR+PEMSU5n4k5ZVKiIwn1oVmHfmuZHaR
# 6Ej+yFUK7SnDH944psAU+zI9+KmDYjbIw74Ahxyr+kpCHIkD3PVcfHDZXXhO7p9e
# IOYJanwrCKNI9RX8BE/fzSEceuX1jhrUuUAxggWSMIIFjgIBATCBkDB8MQswCQYD
# VQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdT
# YWxmb3JkMRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0ZWQxJDAiBgNVBAMTG1NlY3Rp
# Z28gUlNBIENvZGUgU2lnbmluZyBDQQIQWKLXLYzA/YnM/yHg1O3HSjANBglghkgB
# ZQMEAgEFAKCBhDAYBgorBgEEAYI3AgEMMQowCKACgAChAoAAMBkGCSqGSIb3DQEJ
# AzEMBgorBgEEAYI3AgEEMBwGCisGAQQBgjcCAQsxDjAMBgorBgEEAYI3AgEVMC8G
# CSqGSIb3DQEJBDEiBCAqTz6Ip2LLYNFN5K1JJDf7b5f7S+xfp3YvZbz/pRmklTAN
# BgkqhkiG9w0BAQEFAASCAQAKN1cBYbsh7MV3GuUP/EmgN1E/SnQt8ZmqO7kinpF3
# xIaoeAAUWBD8tBHJHGEMyykgkkDaDexoxIiOFfTCbVI1PasUxuvuA/I+8ReVSRjH
# E8+iT9Gh2IL1O2a0Wzjk7Xf0YeGK1rj635N9bhQeO7U8mBOZxe87kez5wj9e9jjM
# VK3dU69ymf6QHfilkQjPhIYBgdIwcwhXJZDZuh6TJFHzdsxigYoKY9LCEKDS1YkX
# ucGpn3xZ0DGg7RESFNF+Uhw/8NbaLH+pJomvgchJeCesmaQjUB7YC6dPofYFGS1Q
# CkdWSEZIUNYPr9uovh1lxsGrUSmu85boJigDrL6BkbQjoYIDSzCCA0cGCSqGSIb3
# DQEJBjGCAzgwggM0AgEBMIGRMH0xCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVh
# dGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3Rp
# Z28gTGltaXRlZDElMCMGA1UEAxMcU2VjdGlnbyBSU0EgVGltZSBTdGFtcGluZyBD
# QQIQOUwl4XygbSeoZeI72R0i1DANBglghkgBZQMEAgIFAKB5MBgGCSqGSIb3DQEJ
# AzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTIzMDUxNDE1NDEwNFowPwYJ
# KoZIhvcNAQkEMTIEMKBb5TFeMuv1qxZqrDJfQEEWakbNGIkGSDjYiTjHu6rQDjE+
# wn2WhvQ9S7rrqkZ4TzANBgkqhkiG9w0BAQEFAASCAgAcsBPpVC80NuqHDGOCHCx3
# gjzmKUKAT1CjGBPiTzU95fCC/PkP/OdKa2GsivTG3mmvjLRSIOhl4wehz1rn3ikf
# 0T9/wKfDrUNbuUPoa+vxMQgFXas1d0Lkz0UxUr5LjJL2JBwt5KFpDysKDwENo7kz
# /FRuhr2b3TsOc/9SIcIpl44VUyD1Rr+3XS1NG+AWPNGjLLmLXX/WIPBvn3V7fVj7
# QKON02nMgascYzIkpIfxNZgpRXBVOnigAAjuBEQvlI82gnupxLY8H/Ax2SNIVMJq
# EElnBN4bWAw96ULiQCrU/5xHsX8qelCTW3HQ8njT1qwiBD5UT/BREdNzJ4bzAJHD
# MW0hmuAUMbLiI2QAzNr7rOCBK5jD9HB0524LsstEWpX/8U9nxiSaNDDqaW34PGTa
# 6Pniz9Hl12NO9CFeV2BhNSeHk8VqG211zQaK05yfgHHvCdASTDlHGF+EnE8ZwlC7
# d8wQ4niLVzgm3I+De+IcMWXjhrYycnfnIuABGnuHB+y8h5w5KdAJiQ+1ycGvR1d+
# Lu8m70USIGpP6galNcxXwmxViey4HRXwesMiQ9NMquOlw+Te6JE7FWqXkSkbj54G
# NvwPxrLgAJv/0ovBnCD38buVRjwKtFMk3x/GreiAaOnm9lpCcw9P09KtcZQ0sxBk
# 4SaGAirPFtpy1bmHiDh/4Q==
# SIG # End signature block

50
share/CMakeLists.txt
View File

@@ -23,53 +23,21 @@ install(FILES ${wordlists_files} DESTINATION ${DATA_INSTALL_DIR}/wordlists)
file(COPY "wordlists" DESTINATION ${CMAKE_CURRENT_BINARY_DIR}) file(COPY "wordlists" DESTINATION ${CMAKE_CURRENT_BINARY_DIR})
if(UNIX AND NOT APPLE AND NOT HAIKU) if(UNIX AND NOT APPLE AND NOT HAIKU)
# Flatpak requires all host accessible files to use filenames based upon the app id install(DIRECTORY icons/application/ DESTINATION ${CMAKE_INSTALL_DATADIR}/icons/hicolor
if(KEEPASSXC_DIST_FLATPAK) FILES_MATCHING PATTERN "keepassx*.png" PATTERN "keepassx*.svg"
set(APP_ICON_NAME "${APP_ID}") PATTERN "status" EXCLUDE PATTERN "actions" EXCLUDE PATTERN "categories" EXCLUDE)
set(MIME_ICON "${APP_ID}-application-x-keepassxc") install(DIRECTORY icons/application/ DESTINATION ${CMAKE_INSTALL_DATADIR}/icons/hicolor
configure_file(linux/keepassxc.xml.in ${CMAKE_CURRENT_BINARY_DIR}/linux/${APP_ID}.xml @ONLY) FILES_MATCHING PATTERN "application-x-keepassxc.png" PATTERN "application-x-keepassxc.svg"
install(FILES ${CMAKE_CURRENT_BINARY_DIR}/linux/${APP_ID}.xml DESTINATION ${CMAKE_INSTALL_DATADIR}/mime/packages) PATTERN "status" EXCLUDE PATTERN "actions" EXCLUDE PATTERN "categories" EXCLUDE)
install(FILES linux/org.keepassxc.KeePassXC.desktop DESTINATION ${CMAKE_INSTALL_DATADIR}/applications)
file(GLOB_RECURSE ICON_FILES LIST_DIRECTORIES false install(FILES linux/org.keepassxc.KeePassXC.appdata.xml DESTINATION ${CMAKE_INSTALL_DATADIR}/metainfo)
"icons/application/*/keepassxc*.png" install(FILES linux/keepassxc.xml DESTINATION ${CMAKE_INSTALL_DATADIR}/mime/packages)
"icons/application/*/*keepassxc*.svg")
foreach(icon_match ${ICON_FILES})
get_filename_component(icon_name ${icon_match} NAME)
get_filename_component(icon_dir ${icon_match} DIRECTORY)
# Prefix all icons with application id: "org.keepassxc.KeePassXC"
string(REGEX REPLACE "^keepassxc(.*)?(\\.png|\\.svg)$" "${APP_ID}\\1\\2" icon_name ${icon_name})
string(REGEX REPLACE "^(application-x-keepassxc\\.svg)$" "${APP_ID}-\\1" icon_name ${icon_name})
# Find icon sub dir ex. "scalable/mimetypes/"
file(RELATIVE_PATH icon_subdir ${CMAKE_CURRENT_SOURCE_DIR}/icons/application ${icon_dir})
install(FILES ${icon_match} DESTINATION ${CMAKE_INSTALL_DATADIR}/icons/hicolor/${icon_subdir}
RENAME ${icon_name})
endforeach()
else()
set(APP_ICON_NAME "keepassxc")
set(MIME_ICON "application-x-keepassxc")
configure_file(linux/keepassxc.xml.in ${CMAKE_CURRENT_BINARY_DIR}/linux/keepassxc.xml @ONLY)
install(FILES ${CMAKE_CURRENT_BINARY_DIR}/linux/keepassxc.xml DESTINATION ${CMAKE_INSTALL_DATADIR}/mime/packages)
install(DIRECTORY icons/application/ DESTINATION ${CMAKE_INSTALL_DATADIR}/icons/hicolor
FILES_MATCHING PATTERN "keepassx*.png" PATTERN "keepassx*.svg"
PATTERN "status" EXCLUDE PATTERN "actions" EXCLUDE PATTERN "categories" EXCLUDE)
install(DIRECTORY icons/application/ DESTINATION ${CMAKE_INSTALL_DATADIR}/icons/hicolor
FILES_MATCHING PATTERN "application-x-keepassxc.svg" PATTERN "status"
EXCLUDE PATTERN "actions" EXCLUDE PATTERN "categories" EXCLUDE)
endif(KEEPASSXC_DIST_FLATPAK)
configure_file(linux/${APP_ID}.desktop.in ${CMAKE_CURRENT_BINARY_DIR}/linux/${APP_ID}.desktop @ONLY)
install(FILES ${CMAKE_CURRENT_BINARY_DIR}/linux/${APP_ID}.desktop DESTINATION ${CMAKE_INSTALL_DATADIR}/applications)
install(FILES linux/${APP_ID}.appdata.xml DESTINATION ${CMAKE_INSTALL_DATADIR}/metainfo)
endif(UNIX AND NOT APPLE AND NOT HAIKU) endif(UNIX AND NOT APPLE AND NOT HAIKU)
if(APPLE) if(APPLE)
install(FILES macosx/keepassxc.icns DESTINATION ${DATA_INSTALL_DIR}) install(FILES macosx/keepassxc.icns DESTINATION ${DATA_INSTALL_DIR})
endif() endif()
if(WIN32)
install(FILES windows/qt.conf DESTINATION ${BIN_INSTALL_DIR})
endif()
install(FILES icons/application/256x256/apps/keepassxc.png DESTINATION ${DATA_INSTALL_DIR}/icons/application/256x256/apps) install(FILES icons/application/256x256/apps/keepassxc.png DESTINATION ${DATA_INSTALL_DIR}/icons/application/256x256/apps)
add_custom_target(icons) add_custom_target(icons)

1906
share/branding/keepassxc-fileicon.ai
View File

File diff suppressed because one or more lines are too long

1722
share/branding/keepassxc-icon.ai
View File

File diff suppressed because one or more lines are too long

1872
share/branding/keepassxc.ai
View File

File diff suppressed because one or more lines are too long

BIN
share/branding/png/keepassxc-128x128.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 11 KiB

BIN
share/branding/png/keepassxc-256x256.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 28 KiB

Some files were not shown because too many files have changed in this diff Show More