mirror of
https://github.com/keepassxreboot/keepassxc.git
synced 2025-04-03 20:47:37 +03:00
13eb1c0bbd
To reduce residual fragments of secret data in memory after deallocation, this patch replaces the global delete operator with a version that zeros out previously allocated memory. It makes use of the new C++14 sized deallocation, but provides an unsized fallback with platform-specific size deductions. This change is only a minor mitigation and cannot protect against buffer reallocations by the operating system or non-C++ libraries. Thus, we still cannot guarantee all memory to be wiped after free. As a further improvement, this patch uses libgcrypt and libsodium to write long-lived master key component hashes into a secure memory area and wipe it afterwards. The patch also fixes compiler flags not being set properly on macOS.
60 lines
3 KiB
CMake
Executable file
60 lines
3 KiB
CMake
Executable file
# Copyright (C) 2017 Sami Vänttinen <sami.vanttinen@protonmail.com>
|
|
# Copyright (C) 2017 KeePassXC Team <team@keepassxc.org>
|
|
#
|
|
# This program is free software: you can redistribute it and/or modify
|
|
# it under the terms of the GNU General Public License as published by
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
if(WITH_XC_BROWSER)
|
|
include_directories(${BROWSER_SOURCE_DIR})
|
|
|
|
set(proxy_SOURCES
|
|
../core/Alloc.cpp
|
|
keepassxc-proxy.cpp
|
|
${BROWSER_SOURCE_DIR}/NativeMessagingBase.cpp
|
|
NativeMessagingHost.cpp)
|
|
|
|
add_library(proxy STATIC ${proxy_SOURCES})
|
|
target_link_libraries(proxy Qt5::Core Qt5::Network ${sodium_LIBRARY_RELEASE})
|
|
add_executable(keepassxc-proxy keepassxc-proxy.cpp)
|
|
target_link_libraries(keepassxc-proxy proxy)
|
|
|
|
install(TARGETS keepassxc-proxy
|
|
BUNDLE DESTINATION . COMPONENT Runtime
|
|
RUNTIME DESTINATION ${PROXY_INSTALL_DIR} COMPONENT Runtime)
|
|
|
|
if(APPLE AND WITH_APP_BUNDLE)
|
|
add_custom_command(TARGET keepassxc-proxy
|
|
POST_BUILD
|
|
COMMAND ${CMAKE_INSTALL_NAME_TOOL}
|
|
-change ${Qt5_PREFIX}/lib/QtCore.framework/Versions/5/QtCore
|
|
"@executable_path/../Frameworks/QtCore.framework/Versions/5/QtCore"
|
|
-change /usr/local/opt/qt/lib/QtCore.framework/Versions/5/QtCore
|
|
"@executable_path/../Frameworks/QtCore.framework/Versions/5/QtCore"
|
|
-change ${Qt5_PREFIX}/lib/QtNetwork.framework/Versions/5/QtNetwork
|
|
"@executable_path/../Frameworks/QtNetwork.framework/Versions/5/QtNetwork"
|
|
-change /usr/local/opt/qt/lib/QtNetwork.framework/Versions/5/QtNetwork
|
|
"@executable_path/../Frameworks/QtNetwork.framework/Versions/5/QtNetwork"
|
|
keepassxc-proxy
|
|
COMMENT "Changing linking of keepassxc-proxy")
|
|
|
|
# Copy app to staging directory for pre-install testing
|
|
set(PROXY_APP_DIR "${CMAKE_BINARY_DIR}/src/${PROXY_INSTALL_DIR}")
|
|
add_custom_command(TARGET keepassxc-proxy
|
|
POST_BUILD
|
|
COMMAND ${CMAKE_COMMAND} -E copy keepassxc-proxy ${PROXY_APP_DIR}/keepassxc-proxy
|
|
COMMENT "Copying keepassxc-proxy inside the application")
|
|
endif()
|
|
if(MINGW)
|
|
target_link_libraries(keepassxc-proxy Wtsapi32.lib Ws2_32.lib)
|
|
endif()
|
|
endif()
|