Passkeys: Fix RP ID validation #10384
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
droidmonkey
approved these changes
Mar 12, 2024
droidmonkey
force-pushed
the
fix/passkeys_rpid_validation
branch
from
5ae49bf to
3b30d54
Compare
libf-de
pushed a commit
to libf-de/keepassxc-secretservice-dbus
that referenced
this pull request
May 6, 2024
Release 2.7.8 Changes - Add hotkey for showing search help [keepassxreboot#10591] - Add hotkey for group switching (Ctrl+Shift+PgUp/PgDown) [keepassxreboot#10625] - Add per-database auto-save delay setting [keepassxreboot#9100] - Add setting to hide menubar [keepassxreboot#10341] - Improve Bitwarden 1PUX import and support organization collections [keepassxreboot#10499] - Show advanced settings checkbox only for settings that have them [keepassxreboot#6513] - Remove obsolete setting for requiring repeated password entry [keepassxreboot#9722] - Passkeys: Allow registering Passkeys to existing entries [keepassxreboot#10408] - Passkeys: Show warning about data being unencrypted before Passkey export [keepassxreboot#10411] - Passkeys: Support NFC and USB transports [keepassxreboot#10402] - Passkeys: Pass extension JSON data to browser [keepassxreboot#10615] - SSH Agent: Do not use entries from recycle bin [keepassxreboot#10518] - Linux: Change hotkey sequence used for {CLEARFIELD} Auto-Type [keepassxreboot#10008] - Windows: Improve DACL memory access protection [keepassxreboot#10618] Fixes - Fix crash when deleting history items [keepassxreboot#10451] - Fix crash on screen lock or computer sleep [keepassxreboot#10458] - Fix search field not being focused after unlock [keepassxreboot#10459] - Fix loss of window focus when Auto-Type needs to unlock a database [keepassxreboot#10555] - Fix inconsistent TOTP visibility on unlock [keepassxreboot#10009] - Fix CSV import skipping over single-name groups [keepassxreboot#10575] - Fix key file folder being remembered even if disabled in settings [keepassxreboot#10636] - Fix issues with entry editing and database locking [keepassxreboot#10667] - Fix key file text when provided on command line [keepassxreboot#10642] - Fix issues with hardware key auto detection [keepassxreboot#10663] - Do not override monospace font size [keepassxreboot#10282] - Perform group sort only when group view is in focus [keepassxreboot#10202] - Do not show decimals for attachment sizes in Bytes [keepassxreboot#10595] - Prevent merging of global custom data when merging databases [keepassxreboot#10452] - Fix minor translation issues [keepassxreboot#10635] - Passkeys: Fix StrongBox incompatibility [keepassxreboot#10420] - Passkeys: Set RP ID to effective domain if unset instead of returning an error [keepassxreboot#10384] - Passkeys: Various UI fixes and improvements [keepassxreboot#10427, keepassxreboot#10608, keepassxreboot#10609] - AppImage: Fix URL opening [keepassxreboot#10624] - Flatpak: Fix application autostart [keepassxreboot#10563] - Linux/macOS: Fix button sizes on modal alert popups [keepassxreboot#10500] - Linux: Fix clipboard clear on Wayland [keepassxreboot#10500] - Windows: Preserve file-hidden attribute [keepassxreboot#10343] # -----BEGIN PGP SIGNATURE----- # # iQIzBAABCAAdFiEE6A9nU7OzJX8m9B8ILPQdKqhDj5kFAmY4A30ACgkQLPQdKqhD # j5npgBAApBCGfhdugBE3X9iCkGQ69LKKWizgp44AzmezxU2ee7KEoZgSmZpOCPyO # bg9EIgwac+3yCh4i4hJrTvnwIemrUKNsNLE18Kn/Uw3HJBCtsb40CeIFcZktOegu # RQ5G7jhBtnAopnTKQhdwcwJ0Yq6ZSTSiSuo+miDAN22DjnWVd7BLMOioSBPgxFUT # td+2MAPeydLoMdFRmkuBaDSStLWThdCz6DrWcBYQSK2b6Mu+3mzmtE24zNM1jCKu # Tl0t6fRkOhqWSRyWBSMzIH3uMuV95yQNudjDMnuOVWVE9Ai+A1RPFHtf8Zj1ydh9 # n9JGPDyloWRcYQdDBgbn6lFHWnwSaYVCRpRPPmjpmXVwt5/AdtB8wN+6uGbcYTzw # u9l0YYWx84W0kNPkJ0ZejF33qioQ7FaZruJv2ej++NtO0FJP48UVyrQ4EMG6V+17 # AcQ0aoSWWTb5AYhJXLjImDG7DNY1mbgW6deJLKVS7pkoRke1uSLGqYTUAJCFaXnq # d9uZt4HRUUMeq6x8dvFNvIcZhsfRUaO/iXjp81nl8hlWIeTYNTj22eww3yapFs+S # cdmdCmfGZAx5FWCXaszXwD3gLF8Bg6S63l9TvbjEHGR2riYKOO1IbFz8JXXjWpdN # l4SIcWJfdO2mNz0MWfzNtmMYNu9LBfU2Hod5JHJQYiQh3dh4EG4= # =MrBi # -----END PGP SIGNATURE----- # gpg: directory '/home/runner/.gnupg' created # gpg: keybox '/home/runner/.gnupg/pubring.kbx' created # gpg: Signature made Sun May 5 22:09:01 2024 UTC # gpg: using RSA key E80F6753B3B3257F26F41F082CF41D2AA8438F99 # gpg: Can't check signature: No public key
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When RP ID is not set, it should be set to the effective domain, and not return an error.
https://www.w3.org/TR/2019/REC-webauthn-1-20190304/#GetAssn-DetermineRpId
Extension side will have a temporary fix until this has been merged and released.
Testing strategy
Manually. Automatic test modified.
Type of change