Keepassxc: Windows builds don't work

I have the same issue with the portable version, didn't test the install version

• KeePassXC 2.1.0
• Operating System and version: Windows 10 64 bit

I have the same issue.

I tried both installer and portable version, neither work.

Same issue here.

SW: KeePassXC 2.1.0
OS: Windows 7 Professional 64bit

Thanks for the report, must be an issue with the packaging. I'll investigate today.

The packages are missing the Qt platform plugin for windows. libqwindows.a must be included. Or maybe even build Qt statically?

Keepassx uses DeployQt4 for windows packaging, which doesn't collect all dependencies.

There are some missing dlls:
1) imageformats/*.dll (without debug builds)
2) platforms/qwindows.dll
3) some other dlls from mingw

You can use the Dependency Walker to find the missing dlls
https://doc.qt.io/qt-5/windows-deployment.html#application-dependencies

or migrate to windeployqt.
https://doc.qt.io/qt-5/windows-deployment.html#the-windows-deployment-tool

I'll stick to Keepass, it works. Thanks though

Maybe the Windows download should be pulled? I came here also cause I wasted my time figuring out what is going on.

We need to regenerate the bundles. You can of course install Qt on your system, but that's a very heavy and time-consuming workaround.

I recompiled the Windows binaries, please check if you can execute them now.

It works now, thanks for the hard work!

Works like a charm!

Yeah works now

Was it built with autotype enabled ? Sorry to ask on a closed issue, but I can't seem to get autotype working on Windows.
I tried to compile it myself with the instructions, but I'm getting various errors (undefined reference to `gpg_strerror' are among them)

Yes, autotype ist enabled. Need to investigate why it isn't working.

For compiling the release branch, you need the CMakeLists.txt and main.cpp patches from the meta/release-preparation branch, otherwise you get those linker errors and the platform plugin isn't built into the binary.

I've uninstalled it. Very bad start for keepasxc. Turns out they have disabled http plugin as well at the last minute.

Would you like a refund? /s

@droidmonkey It's wrong advertisement. When I downloaded first it was clear that they claimed HTTP was working. The software is alpha but it's not mentioned anywhere. For a sensitive subject like passwords there should be more common sense in a project like this.
So "sarcasm" away all you like. A project like this is needed. And I appreciate the effort. I'll try it in the future sometime. All of this doesn't change the fact that this is a bad start which is all I've said above.

To be clear if you read the documentation it works. You just need to enable
it. If you care to read further you'll see why any security conscious
developer would make you compile it yourself to enable it as well. Being
critical over a stated security condition is your own problem and why youll
get "sarcastic" remarks from people that have better things to do with
there time then listen to people whine in a bug tracker.

On Thu, Jan 26, 2017 at 7:16 AM, Coşku Baş notifications@github.com wrote:

@droidmonkey https://github.com/droidmonkey It's wrong advertisement.
When I downloaded first it was clear that they claimed HTTP was working.
The software is alpha but it's not mentioned anywhere. For a sensitive
subjects like passwords there is should be more common sense in a project
like this.
So "sarcasm" away all you like. A project like this is needed. And I
appreciate the effor. I'll try it in the future sometime. All of this
doesn't change the fact that this is a bad start which is all I've said
above.

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
https://github.com/keepassxreboot/keepassxc/issues/208#issuecomment-275374949,
or mute the thread
https://github.com/notifications/unsubscribe-auth/ACk71Esm84Z1Z9WfOmqEk3L_O0LCTdqfks5rWI6SgaJpZM4LtJ4s
.

@WizardGed I think you missed to point where the website claimed it was enabled by default. Since then the website is changed.

You really not need to be so stuck up about criticisim.

1- No windows build
2- Not working windows build
3- HTTP claimed but not there
4- No working autocomplete

These are the problems I've faced and I didn't bad mouth your project I've just stated it's a bad start. Any person with right set of mind would classify this as a bad start.

The software is not alpha and this is a packaging problem and not a bug in the software and especially not a security problem.
This is our first release and we still need to optimize our build and distribution process until everything works smoothly. But you can always compile it yourself. There are projects out there which do not provide anything than the source code release. And "No Windows build" is just wrong. It only took a little longer to be available than the Linux release.

Nuff said, there are a million things that go wrong in software distribution. Full stop. We are working through the known issues as fast as we can and as securely as we can. All lessons learned go into a build and deploy process/script for fitire use.

@phoerious I understand. I hope you guys do well. I'm hoping to use it in the future as this looks promising compared to other alternatives.

Thank you 😶

I recompiled the Windows binaries again. I hoped I could link Qt statically because it reduces the file size massively and we don't need to ship the qwindows.dll platform plugin with KeePassXC. But unfortunately, that backfired. Apparently, we can't load Qt plugin DLLs when Qt is linked statically. So to make the autotype plugin work again, I linked it dynamically against Qt again. Unfortunately, this almost doubles the download size compared to the static version, but hopefully everything works fine now. Please check.

I also updated the Wiki page accordingly.

and especially not a security problem
KeepassHTTP functionality was disabled due to security concerns as per #147
where passwords are communicated via clear text over whichever network
device has been specified. (later versions disallow anything but localhost
loopback) as such builds were released without the support.
So yes according to 147 and other tickets including PFN's it was.

On Thu, Jan 26, 2017 at 7:28 AM, Janek Bevendorff notifications@github.com
wrote:

The software is not alpha and this is a packaging problem and not a bug in
the software and especially not a security problem.
This is our first release and we still need to optimize our build and
distribution process until everything works smoothly. But you can always
compile it yourself.

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/keepassxreboot/keepassxc/issues/208#issuecomment-275377060,
or mute the thread
https://github.com/notifications/unsubscribe-auth/ACk71PG3O6_-46o9UZE8iZAbL5OcsjWBks5rWJFogaJpZM4LtJ4s
.

KeePassHTTP never made it into the release. We decided to disable it before we released, so we don't run into security problems in the first place. None of the issues that DID occur in the released version were security problems. So what are you trying to say?

Nothing other than clarifying what I meant by saying Security problem.
Wasn't sure it was clear why I used those words to you/Cosku as it seemed
you had an objection to the use of those words. If I'm not mistaken the
http functionality was endorsed as something to enable if you wanted to use
it until it was clarified that it was completely plaintext and the decision
was made (the github emails from this project are huge & numerous I could
easily be wrong).

On Fri, Jan 27, 2017 at 7:03 AM, Janek Bevendorff notifications@github.com
wrote:

KeePassHTTP never made it into the release. We decided to disable it
before we released, so we don't run into security problems in the first
place. None of the issues that DID occur in the release version were
security problems. So what are you trying to say?

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/keepassxreboot/keepassxc/issues/208#issuecomment-275650903,
or mute the thread
https://github.com/notifications/unsubscribe-auth/ACk71LOf-JuE67MLdPy3WxWqfcIoCiqVks5rWdz2gaJpZM4LtJ4s
.

KeePassHTTP was one of the first things that was ported over, but it was pretty clear from the start that it wasn't safe to use over a network connection. We never endorsed its use over a non-local connection. The implementation used localhost as default which is safe, but it also allowed the user to configure unsafe connections and fell back to 0.0.0.0 when binding to localhost at that port failed for some reason. So it wasn't fail-safe enough for a public release and we decided to exclude it until those things were fixed.