Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add YK support on CLI. #3416

Merged
merged 1 commit into from
Sep 22, 2019
Merged

Add YK support on CLI. #3416

merged 1 commit into from
Sep 22, 2019

Conversation

louib
Copy link
Member

@louib louib commented Jul 31, 2019

This is a cleaner version of #2710, now that the database opening for the CLI is handled in DatabaseCommand only.

Add YubiKey support for the CLI with the -y, --yubikey option.

Added the YubiKey::isBlocking function, partly extracted from detect, so that the yubikey detection code could be reused from the GUI and the CLI.

Type of change

  • ✅ Refactor
  • ✅ New feature

Description and Context

#2451

Testing strategy

Locally + unit tests

Checklist:

  • ✅ I have read the CONTRIBUTING document. [REQUIRED]
  • ✅ My code follows the code style of this project. [REQUIRED]
  • ✅ All new and existing tests passed. [REQUIRED]
  • ✅ I have compiled and verified my code with -DWITH_ASAN=ON. [REQUIRED]
  • ✅ My change requires a change to the documentation, and I have updated it accordingly.
  • ✅ I have added tests to cover my changes.

@louib louib added this to the v2.5.0 milestone Jul 31, 2019
@louib louib requested review from droidmonkey and a team July 31, 2019 18:37
@louib louib force-pushed the cli_yubikey_option branch from af301c4 to 73855ab Compare July 31, 2019 18:43
@louib louib mentioned this pull request Jul 31, 2019
Merged
droidmonkey
droidmonkey requested changes Aug 3, 2019
View reviewed changes
src/cli/Utils.cpp Outdated Show resolved Hide resolved
src/keys/YkChallengeResponseKeyCLI.cpp Outdated Show resolved Hide resolved
src/keys/drivers/YubiKey.cpp Outdated Show resolved Hide resolved
src/keys/drivers/YubiKey.cpp Show resolved Hide resolved
src/keys/drivers/YubiKey.cpp Outdated Show resolved Hide resolved
src/cli/Utils.cpp Outdated Show resolved Hide resolved
src/cli/Utils.cpp Outdated Show resolved Hide resolved
src/cli/Utils.cpp Outdated Show resolved Hide resolved
@louib louib force-pushed the cli_yubikey_option branch from 8161ac2 to 03bdd9d Compare August 7, 2019 19:20
@louib louib force-pushed the cli_yubikey_option branch from 03bdd9d to d8a0b85 Compare August 23, 2019 02:44
@louib louib force-pushed the cli_yubikey_option branch from d8a0b85 to 1598cb7 Compare September 4, 2019 17:52
@louib
Copy link
Member Author

louib commented Sep 4, 2019

I think this one is ready for another review. @droidmonkey back to you!

@louib louib requested a review from droidmonkey September 4, 2019 18:33
@louib louib force-pushed the cli_yubikey_option branch from 6305196 to a12ce5d Compare September 5, 2019 14:11
@louib louib force-pushed the cli_yubikey_option branch from 170e796 to fbf8759 Compare September 14, 2019 15:25
droidmonkey
droidmonkey approved these changes Sep 17, 2019
View reviewed changes
src/cli/Utils.cpp Outdated Show resolved Hide resolved
@louib louib force-pushed the cli_yubikey_option branch from 1d0daaa to 721f608 Compare September 18, 2019 14:33
@louib
Copy link
Member Author

louib commented Sep 18, 2019

@droidmonkey I'd just like to test another time locally with the YubiKey unit tests enabled, and then I think we're good to go. Thanks for the review!

@louib louib force-pushed the cli_yubikey_option branch from 3046bb7 to 8265e1d Compare September 18, 2019 18:39
DuBistKomisch
DuBistKomisch approved these changes Sep 21, 2019
View reviewed changes
Copy link

@DuBistKomisch DuBistKomisch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this helped me resolve a syncthing conflict, great stuff 😄

src/cli/keepassxc-cli.1 Outdated Show resolved Hide resolved
@louib
Copy link
Member Author

louib commented Sep 21, 2019

@DuBistKomisch glad I was helpful to you! Thanks for the review!

@louib
Copy link
Member Author

louib commented Sep 21, 2019

@droidmonkey fixed the YubiKey tests, this one is ready!

@louib louib force-pushed the cli_yubikey_option branch 2 times, most recently from 15a5a61 to c986f95 Compare September 22, 2019 17:44
@droidmonkey
Copy link
Member

droidmonkey commented Sep 22, 2019
edited
Loading

I added a challenge/response test to check if the yubikey was correctly configured with the secret key from the test file. Otherwise it was confusing if you had a Yubikey connected, with slot 2 as non-blocking, there was no obvious reason why the test was failing.

@droidmonkey droidmonkey merged commit 964478e into keepassxreboot:develop Sep 22, 2019
phoerious added a commit that referenced this pull request Oct 26, 2019
@phoerious
Release 2.5.0
1ab8a9f 
Added

- Add 'Paper Backup' aka 'Export to HTML file' to the 'Database' menu [[#3277](#3277)]
- Add statistics panel with information about the database (number of entries, number of unique passwords, etc.) to the Database Settings dialog [[#2034](#2034)]
- Add offline user manual accessible via the 'Help' menu [[#3274](#3274)]
- Add support for importing 1Password OpVault files [[#2292](#2292)]
- Implement Freedesktop.org secret storage DBus protocol so that KeePassXC can be used as a vault service by libsecret [[#2726](#2726)]
- Add support for OnlyKey as an alternative to YubiKeys (requires yubikey-personalization >= 1.20.0) [[#3352](#3352)]
- Add group sorting feature [[#3282](#3282)]
- Add feature to download favicons for all entries at once [[#3169](#3169)]
- Add word case option to passphrase generator [[#3172](#3172)]
- Add support for RFC6238-compliant TOTP hashes [[#2972](#2972)]
- Add UNIX man page for main program [[#3665](#3665)]
- Add 'Monospaced font' option to the notes field [[#3321](#3321)]
- Add support for key files in auto open [[#3504](#3504)]
- Add search field for filtering entries in Auto-Type dialog [[#2955](#2955)]
- Complete usernames based on known usernames from other entries [[#3300](#3300)]
- Parse hyperlinks in the notes field of the entry preview pane [[#3596](#3596)]
- Allow abbreviation of field names in entry search [[#3440](#3440)]
- Allow setting group icons recursively [[#3273](#3273)]
- Add copy context menu for username and password in Auto-Type dialog [[#3038](#3038)]
- Drop to background after copying a password to the clipboard [[#3253](#3253)]
- Add 'Lock databases' entry to tray icon menu [[#2896](#2896)]
- Add option to minimize window after unlocking [[#3439](#3439)]
- Add option to minimize window after opening a URL [[#3302](#3302)]
- Request accessibility permissions for Auto-Type on macOS [[#3624](#3624)]
- Browser: Add initial support for multiple URLs [[#3558](#3558)]
- Browser: Add entry-specific browser integration settings [[#3444](#3444)]
- CLI: Add offline HIBP checker (requires a downloaded HIBP dump) [[#2707](#2707)]
- CLI: Add 'flatten' option to the 'ls' command [[#3276](#3276)]
- CLI: Add password generation options to `Add` and `Edit` commands [[#3275](#3275)]
- CLI: Add XML import [[#3572](#3572)]
- CLI: Add CSV export to the 'export' command [[#3278](#3278)]
- CLI: Add `-y --yubikey` option for YubiKey [[#3416](#3416)]
- CLI: Add `--dry-run` option for merging databases [[#3254](#3254)]
- CLI: Add group commands (mv, mkdir and rmdir) [[#3313](#3313)].
- CLI: Add interactive shell mode command `open` [[#3224](#3224)]

Changed

- Redesign database unlock dialog [ [#3287](#3287)]
- Rework the entry preview panel [ [#3306](#3306)]
- Move notes to General tab on Group Preview Panel [[#3336](#3336)]
- Enable entry actions when editing an entry and cleanup entry context menu  [[#3641](#3641)]
- Improve detection of external database changes  [[#2389](#2389)]
- Warn if user is trying to use a KDBX file as a key file [[#3625](#3625)]
- Add option to disable KeePassHTTP settings migrations prompt [[#3349](#3349), [#3344](#3344)]
- Re-enabled Wayland support (no Auto-Type yet) [[#3520](#3520), [#3341](#3341)]
- Add icon to 'Toggle Window' action in tray icon menu [[3244](#3244)]
- Merge custom data between databases only when necessary [[#3475](#3475)]
- Improve various file-handling related issues when picking files using the system's file dialog [[#3473](#3473)]
- Add 'New Entry' context menu when no entries are selected [[#3671](#3671)]
- Reduce default Argon2 settings from 128 MiB and one thread per CPU core to 64 MiB and two threads to account for lower-spec mobile hardware [ [#3672](#3672)]
- Browser: Remove unused 'Remember' checkbox for HTTP Basic Auth [[#3371](#3371)]
- Browser: Show database name when pairing with a new browser [[#3638](#3638)]
- Browser: Show URL in allow access dialog [[#3639](#3639)]
- CLI: The password length option `-l` for the CLI commands `Add` and `Edit` is now `-L` [[#3275](#3275)]
- CLI: The `-u` shorthand for the `--upper` password generation option has been renamed to `-U` [[#3275](#3275)]
- CLI: Rename command `extract` to `export`. [[#3277](#3277)]

Fixed

- Improve accessibility for assistive technologies [[#3409](#3409)]
- Correctly unlock all databases if `--pw-stdin` is provided [[#2916](#2916)]
- Fix password generator issues with special characters [[#3303](#3303)]
- Fix KeePassXC interrupting shutdown procedure [[#3666](#3666)]
- Fix password visibility toggle button state on unlock dialog [[#3312](#3312)]
- Fix potential data loss if database is reloaded while user is editing an entry [[#3656](#3656)]
- Fix hard-coded background color in search help popup [[#3001](#3001)]
- Fix font choice for password preview [[#3425](#3425)]
- Fix handling of read-only files when autosave is enabled [[#3408](#3408)]
- Handle symlinks correctly when atomic saves are disabled [[#3463](#3463)]
- Enable HighDPI icon scaling on Linux [[#3332](#3332)]
- Make Auto-Type on macOS more robust and remove old Carbon API calls [[#3634](#3634), [[#3347](#3347))]
- Hide Share tab if KeePassXC is compiled without KeeShare support and other minor KeeShare improvements [[#3654](#3654), [[#3291](#3291), [#3029](#3029), [#3031](#3031), [#3236](#3236)]
- Correctly bring window to the front when clicking tray icon on macOS [[#3576](#3576)]
- Correct application shortcut created by MSI Installer on Windows [[#3296](#3296)]
- Fix crash when removing custom data [[#3508](#3508)]
- Fix placeholder resolution in URLs [[#3281](#3281)]
- Fix various inconsistencies and platform-dependent compilation bugs [[#3664](#3664), [#3662](#3662), [#3660](#3660), [#3655](#3655), [#3649](#3649), [#3417](#3417), [#3357](#3357), [#3319](#3319), [#3318](#3318), [#3304](#3304)]
- Browser: Fix potential leaking of entries through the browser integration API if multiple databases are opened [[#3480](#3480)]
- Browser: Fix password entropy calculation [[#3107](#3107)]
- Browser: Fix Windows registry settings for portable installation [[#3603](#3603)]
@louib louib mentioned this pull request Nov 1, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@droidmonkey droidmonkey droidmonkey approved these changes

@DuBistKomisch DuBistKomisch DuBistKomisch approved these changes

Assignees
No one assigned
Labels
feature: CLI feature: Hardware Keys
Projects
None yet
Milestone
v2.5.0
Development

Successfully merging this pull request may close these issues.
3 participants
@louib @droidmonkey @DuBistKomisch