Skip to content

Fix updating reference passwords from KeePassXC-Browser#2218

Merged
droidmonkey merged 2 commits intokeepassxreboot:developfrom
varjolintu:reference_update_fix
Jan 21, 2019
Merged

Fix updating reference passwords from KeePassXC-Browser#2218
droidmonkey merged 2 commits intokeepassxreboot:developfrom
varjolintu:reference_update_fix

Conversation

@varjolintu
Copy link
Copy Markdown
Member

@varjolintu varjolintu commented Aug 22, 2018
edited
Loading

Fix updating reference passwords from KeePassXC-Browser.

Description

If an entry has a password field as a reference from another entry, updating credentials from KeePassXC-Browser overrides the reference with the new password.

This change detects the reference and updates the password to the original entry instead.

Motivation and context

This solves situations where the original entry doesn't have any URL set, but the clone(s) where the password is used as a reference does.

Fixes keepassxreboot/keepassxc-browser#271.

How has this been tested?

Manually. A test case has been also modified.

Types of changes

  • ✅ Bug fix (non-breaking change which fixes an issue)

Checklist:

  • ✅ I have read the CONTRIBUTING document. [REQUIRED]
  • ✅ My code follows the code style of this project. [REQUIRED]
  • ✅ All new and existing tests passed. [REQUIRED]
  • ✅ I have compiled and verified my code with -DWITH_ASAN=ON. [REQUIRED]
  • ✅ I have added tests to cover my changes.

@varjolintu varjolintu added this to the v2.3.4 milestone Aug 22, 2018
@varjolintu varjolintu requested a review from a team August 22, 2018 08:13
@varjolintu varjolintu force-pushed the reference_update_fix branch from 4895589 to a14c9e5 Compare August 22, 2018 08:14
@varjolintu varjolintu added the bug label Aug 22, 2018
@varjolintu varjolintu mentioned this pull request Aug 22, 2018
Closed
@varjolintu varjolintu changed the title Allow updating reference passwords from KeePassXC-Browser Fix updating reference passwords from KeePassXC-Browser Aug 22, 2018
droidmonkey
droidmonkey requested changes Aug 22, 2018
View reviewed changes
Copy link
Copy Markdown
Member

@droidmonkey droidmonkey left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does not check if the username is also a reference. This function can likely be made generic to update any chosen field and check for references appropriately.

Does this handle recursive references?

@droidmonkey droidmonkey modified the milestones: v2.3.4, v2.4.0 Aug 22, 2018
@droidmonkey
Copy link
Copy Markdown
Member

droidmonkey commented Aug 22, 2018

Please rebase onto develop after 2.3.4 is merged in.

@droidmonkey droidmonkey force-pushed the release/2.3.4 branch 2 times, most recently from 4264ed6 to d6cae74 Compare August 22, 2018 15:23
@varjolintu
Copy link
Copy Markdown
Member Author

varjolintu commented Aug 22, 2018

The username is not overwritten when updating credentials. But you are correct that this might not work with recursive references.

PR is closed..?

@varjolintu varjolintu changed the base branch from release/2.3.4 to develop August 22, 2018 17:12
@varjolintu varjolintu reopened this Aug 22, 2018
@varjolintu
Copy link
Copy Markdown
Member Author

varjolintu commented Aug 22, 2018
edited
Loading

Todo:

  • Handle recursive references
  • Prevent updating the username to the original entry
  • Rebase

@varjolintu varjolintu force-pushed the reference_update_fix branch from 8a36db2 to d19d61d Compare August 25, 2018 08:06
@varjolintu
Copy link
Copy Markdown
Member Author

varjolintu commented Aug 25, 2018

@droidmonkey Necessary changes done.

@droidmonkey
Copy link
Copy Markdown
Member

droidmonkey commented Aug 26, 2018

I'll run it through some tests and see if i can still break it

@droidmonkey droidmonkey merged commit 0da9efd into keepassxreboot:develop Jan 21, 2019
@varjolintu varjolintu deleted the reference_update_fix branch January 22, 2019 05:23
droidmonkey added a commit that referenced this pull request Mar 19, 2019
@droidmonkey
Release 2.4.0
c51752d 
- New Database Wizard [#1952]
- Advanced Search [#1797]
- Automatic update checker [#2648]
- KeeShare database synchronization [#2109, #1992, #2738, #2742, #2746, #2739]
- Improve favicon fetching; transition to Duck-Duck-Go [#2795, #2011, #2439]
- Remove KeePassHttp support [#1752]
- CLI: output info to stderr for easier scripting [#2558]
- CLI: Add --quiet option [#2507]
- CLI: Add create command [#2540]
- CLI: Add recursive listing of entries [#2345]
- CLI: Fix stdin/stdout encoding on Windows [#2425]
- SSH Agent: Support OpenSSH for Windows [#1994]
- macOS: TouchID Quick Unlock [#1851]
- macOS: Multiple improvements; include CLI in DMG [#2165, #2331, #2583]
- Linux: Prevent Klipper from storing secrets in clipboard [#1969]
- Linux: Use polling based file watching for NFS [#2171]
- Linux: Enable use of browser plugin in Snap build [#2802]
- TOTP QR Code Generator [#1167]
- High-DPI Scaling for 4k screens [#2404]
- Make keyboard shortcuts more consistent [#2431]
- Warn user if deleting referenced entries [#1744]
- Allow toolbar to be hidden and repositioned [#1819, #2357]
- Increase max allowed database timeout to 12 hours [#2173]
- Password generator uses existing password length by default [#2318]
- Improve alert message box button labels [#2376]
- Show message when a database merge makes no changes [#2551]
- Browser Integration Enhancements [#1497, #2253, #1904, #2232, #1850, #2218, #2391, #2396, #2542, #2622, #2637, #2790]
- Overall Code Improvements [#2316, #2284, #2351, #2402, #2410, #2419, #2422, #2443, #2491, #2506, #2610, #2667, #2709, #2731]
@phoerious phoerious added pr: bugfix Pull request fixes a bug and removed bug labels Nov 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@droidmonkey droidmonkey droidmonkey approved these changes

Assignees

No one assigned

Labels

feature: Browser pr: bugfix Pull request fixes a bug

Projects

None yet

Milestone

v2.4.0

Development

Successfully merging this pull request may close these issues.

Improve support for field references

3 participants

@varjolintu @droidmonkey @phoerious