search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fire an error if a pref used in the UI is missing once all prefs are fetched.
[chromium-blink-merge.git] / chrome / browser / password_manager / native_backend_libsecret.cc
blob86db71acd2860a881a5b0778804fb2161f78a882
1 // Copyright (c) 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/browser/password_manager/native_backend_libsecret.h"
6
7 #include <dlfcn.h>
8 #include <list>
9
10 #include "base/basictypes.h"
11 #include "base/logging.h"
12 #include "base/memory/scoped_ptr.h"
13 #include "base/metrics/histogram.h"
14 #include "base/strings/string_number_conversions.h"
15 #include "base/strings/stringprintf.h"
16 #include "base/strings/utf_string_conversions.h"
17
18 using autofill::PasswordForm;
19 using base::UTF8ToUTF16;
20 using base::UTF16ToUTF8;
21
22 namespace {
23 const char kEmptyString[] = "";
24 const int kMaxPossibleTimeTValue = std::numeric_limits<int>::max();
25 }
26
27 typeof(&::secret_password_store_sync)
28 LibsecretLoader::secret_password_store_sync;
29 typeof(&::secret_service_search_sync)
30 LibsecretLoader::secret_service_search_sync;
31 typeof(&::secret_password_clear_sync)
32 LibsecretLoader::secret_password_clear_sync;
33 typeof(&::secret_item_get_secret) LibsecretLoader::secret_item_get_secret;
34 typeof(&::secret_value_get_text) LibsecretLoader::secret_value_get_text;
35 typeof(&::secret_item_get_attributes)
36 LibsecretLoader::secret_item_get_attributes;
37 typeof(&::secret_item_load_secret_sync)
38 LibsecretLoader::secret_item_load_secret_sync;
39 typeof(&::secret_value_unref) LibsecretLoader::secret_value_unref;
40
41 bool LibsecretLoader::libsecret_loaded = false;
42
43 const LibsecretLoader::FunctionInfo LibsecretLoader::functions[] = {
44 {"secret_password_store_sync",
45 reinterpret_cast<void**>(&secret_password_store_sync)},
46 {"secret_service_search_sync",
47 reinterpret_cast<void**>(&secret_service_search_sync)},
48 {"secret_password_clear_sync",
49 reinterpret_cast<void**>(&secret_password_clear_sync)},
50 {"secret_item_get_secret",
51 reinterpret_cast<void**>(&secret_item_get_secret)},
52 {"secret_value_get_text", reinterpret_cast<void**>(&secret_value_get_text)},
53 {"secret_item_get_attributes",
54 reinterpret_cast<void**>(&secret_item_get_attributes)},
55 {"secret_item_load_secret_sync",
56 reinterpret_cast<void**>(&secret_item_load_secret_sync)},
57 {"secret_value_unref", reinterpret_cast<void**>(&secret_value_unref)},
58 {nullptr, nullptr}};
59
60 bool LibsecretLoader::LoadLibsecret() {
61 if (libsecret_loaded)
62 return true;
63
64 void* handle = dlopen("libsecret-1.so.0", RTLD_NOW | RTLD_GLOBAL);
65 if (!handle) {
66 // We wanted to use libsecret, but we couldn't load it. Warn, because
67 // either the user asked for this, or we autodetected it incorrectly. (Or
68 // the system has broken libraries, which is also good to warn about.)
69 VLOG(1) << "Could not load libsecret-1.so.0: " << dlerror();
70 return false;
71 }
72
73 for (size_t i = 0; functions[i].name; ++i) {
74 dlerror();
75 *functions[i].pointer = dlsym(handle, functions[i].name);
76 const char* error = dlerror();
77 if (error) {
78 VLOG(1) << "Unable to load symbol " << functions[i].name << ": " << error;
79 dlclose(handle);
80 return false;
81 }
82 }
83
84 libsecret_loaded = true;
85 // We leak the library handle. That's OK: this function is called only once.
86 return true;
87 }
88
89 namespace {
90
91 const char kLibsecretAppString[] = "chrome";
92
93 // Schema is analagous to the fields in PasswordForm.
94 const SecretSchema kLibsecretSchema = {
95 "chrome_libsecret_password_schema",
96 // We have to use SECRET_SCHEMA_DONT_MATCH_NAME in order to get old
97 // passwords stored with gnome_keyring.
98 SECRET_SCHEMA_DONT_MATCH_NAME,
99 {{"origin_url", SECRET_SCHEMA_ATTRIBUTE_STRING},
100 {"action_url", SECRET_SCHEMA_ATTRIBUTE_STRING},
101 {"username_element", SECRET_SCHEMA_ATTRIBUTE_STRING},
102 {"username_value", SECRET_SCHEMA_ATTRIBUTE_STRING},
103 {"password_element", SECRET_SCHEMA_ATTRIBUTE_STRING},
104 {"submit_element", SECRET_SCHEMA_ATTRIBUTE_STRING},
105 {"signon_realm", SECRET_SCHEMA_ATTRIBUTE_STRING},
106 {"ssl_valid", SECRET_SCHEMA_ATTRIBUTE_INTEGER},
107 {"preferred", SECRET_SCHEMA_ATTRIBUTE_INTEGER},
108 {"date_created", SECRET_SCHEMA_ATTRIBUTE_STRING},
109 {"blacklisted_by_user", SECRET_SCHEMA_ATTRIBUTE_INTEGER},
110 {"scheme", SECRET_SCHEMA_ATTRIBUTE_INTEGER},
111 {"type", SECRET_SCHEMA_ATTRIBUTE_INTEGER},
112 {"times_used", SECRET_SCHEMA_ATTRIBUTE_INTEGER},
113 {"date_synced", SECRET_SCHEMA_ATTRIBUTE_STRING},
114 {"display_name", SECRET_SCHEMA_ATTRIBUTE_STRING},
115 {"avatar_url", SECRET_SCHEMA_ATTRIBUTE_STRING},
116 {"federation_url", SECRET_SCHEMA_ATTRIBUTE_STRING},
117 {"skip_zero_click", SECRET_SCHEMA_ATTRIBUTE_INTEGER},
118 {"generation_upload_status", SECRET_SCHEMA_ATTRIBUTE_INTEGER},
119 {"form_data", SECRET_SCHEMA_ATTRIBUTE_STRING},
120 // This field is always "chrome-profile_id" so that we can search for it.
121 {"application", SECRET_SCHEMA_ATTRIBUTE_STRING},
122 {nullptr, SECRET_SCHEMA_ATTRIBUTE_STRING}}};
123
124 const char* GetStringFromAttributes(GHashTable* attrs, const char* keyname) {
125 gpointer value = g_hash_table_lookup(attrs, keyname);
126 return value ? static_cast<char*>(value) : kEmptyString;
127 }
128
129 uint32_t GetUintFromAttributes(GHashTable* attrs, const char* keyname) {
130 gpointer value = g_hash_table_lookup(attrs, keyname);
131 if (!value)
132 return uint32_t();
133 uint32_t result;
134 bool value_ok = base::StringToUint(static_cast<char*>(value), &result);
135 DCHECK(value_ok);
136 return result;
137 }
138
139 // Convert the attributes into a new PasswordForm.
140 // Note: does *not* get the actual password, as that is not a key attribute!
141 // Returns nullptr if the attributes are for the wrong application.
142 scoped_ptr<PasswordForm> FormOutOfAttributes(GHashTable* attrs) {
143 base::StringPiece app_value = GetStringFromAttributes(attrs, "application");
144 if (!app_value.starts_with(kLibsecretAppString))
145 return scoped_ptr<PasswordForm>();
146
147 scoped_ptr<PasswordForm> form(new PasswordForm());
148 form->origin = GURL(GetStringFromAttributes(attrs, "origin_url"));
149 form->action = GURL(GetStringFromAttributes(attrs, "action_url"));
150 form->username_element =
151 UTF8ToUTF16(GetStringFromAttributes(attrs, "username_element"));
152 form->username_value =
153 UTF8ToUTF16(GetStringFromAttributes(attrs, "username_value"));
154 form->password_element =
155 UTF8ToUTF16(GetStringFromAttributes(attrs, "password_element"));
156 form->submit_element =
157 UTF8ToUTF16(GetStringFromAttributes(attrs, "submit_element"));
158 form->signon_realm = GetStringFromAttributes(attrs, "signon_realm");
159 form->ssl_valid = GetUintFromAttributes(attrs, "ssl_valid");
160 form->preferred = GetUintFromAttributes(attrs, "preferred");
161 int64 date_created = 0;
162 bool date_ok = base::StringToInt64(
163 GetStringFromAttributes(attrs, "date_created"), &date_created);
164 DCHECK(date_ok);
165 // In the past |date_created| was stored as time_t. Currently is stored as
166 // base::Time's internal value. We need to distinguish, which format the
167 // number in |date_created| was stored in. We use the fact that
168 // kMaxPossibleTimeTValue interpreted as the internal value corresponds to an
169 // unlikely date back in 17th century, and anything above
170 // kMaxPossibleTimeTValue clearly must be in the internal value format.
171 form->date_created = date_created < kMaxPossibleTimeTValue
172 ? base::Time::FromTimeT(date_created)
173 : base::Time::FromInternalValue(date_created);
174 form->blacklisted_by_user =
175 GetUintFromAttributes(attrs, "blacklisted_by_user");
176 form->type =
177 static_cast<PasswordForm::Type>(GetUintFromAttributes(attrs, "type"));
178 form->times_used = GetUintFromAttributes(attrs, "times_used");
179 form->scheme =
180 static_cast<PasswordForm::Scheme>(GetUintFromAttributes(attrs, "scheme"));
181 int64 date_synced = 0;
182 base::StringToInt64(GetStringFromAttributes(attrs, "date_synced"),
183 &date_synced);
184 form->date_synced = base::Time::FromInternalValue(date_synced);
185 form->display_name =
186 UTF8ToUTF16(GetStringFromAttributes(attrs, "display_name"));
187 form->avatar_url = GURL(GetStringFromAttributes(attrs, "avatar_url"));
188 form->federation_url = GURL(GetStringFromAttributes(attrs, "federation_url"));
189 form->skip_zero_click = GetUintFromAttributes(attrs, "skip_zero_click");
190 form->generation_upload_status =
191 static_cast<PasswordForm::GenerationUploadStatus>(
192 GetUintFromAttributes(attrs, "generation_upload_status"));
193 DeserializeFormDataFromBase64String(
194 GetStringFromAttributes(attrs, "form_data"), &form->form_data);
195 return form.Pass();
196 }
197
198 class LibsecretAttributesBuilder {
199 public:
200 LibsecretAttributesBuilder();
201 ~LibsecretAttributesBuilder();
202 void Append(const std::string& name, const std::string& value);
203 void Append(const std::string& name, int64 value);
204 // GHashTable, its keys and values returned from Get() are destroyed in
205 // |LibsecretAttributesBuilder| desctructor.
206 GHashTable* Get() { return attrs_; }
207
208 private:
209 // |name_values_| is a storage for strings referenced in |attrs_|.
210 std::list<std::string> name_values_;
211 GHashTable* attrs_;
212 };
213
214 LibsecretAttributesBuilder::LibsecretAttributesBuilder() {
215 attrs_ = g_hash_table_new_full(g_str_hash, g_str_equal,
216 nullptr, // no deleter for keys
217 nullptr); // no deleter for values
218 }
219
220 LibsecretAttributesBuilder::~LibsecretAttributesBuilder() {
221 g_hash_table_destroy(attrs_);
222 }
223
224 void LibsecretAttributesBuilder::Append(const std::string& name,
225 const std::string& value) {
226 name_values_.push_back(name);
227 gpointer name_str =
228 static_cast<gpointer>(const_cast<char*>(name_values_.back().c_str()));
229 name_values_.push_back(value);
230 gpointer value_str =
231 static_cast<gpointer>(const_cast<char*>(name_values_.back().c_str()));
232 g_hash_table_insert(attrs_, name_str, value_str);
233 }
234
235 void LibsecretAttributesBuilder::Append(const std::string& name, int64 value) {
236 Append(name, base::Int64ToString(value));
237 }
238
239 // Generates a profile-specific app string based on profile_id_.
240 std::string GetProfileSpecificAppString(LocalProfileId id) {
241 // Originally, the application string was always just "chrome" and used only
242 // so that we had *something* to search for since GNOME Keyring won't search
243 // for nothing. Now we use it to distinguish passwords for different profiles.
244 return base::StringPrintf("%s-%d", kLibsecretAppString, id);
245 }
246
247 } // namespace
248
249 bool LibsecretLoader::LibsecretIsAvailable() {
250 if (!libsecret_loaded)
251 return false;
252 // A dummy query is made to check for availability, because libsecret doesn't
253 // have a dedicated availability function. For performance reasons, the query
254 // is meant to return an empty result.
255 LibsecretAttributesBuilder attrs;
256 attrs.Append("application", "chrome-string_to_get_empty_result");
257
258 GError* error = nullptr;
259 GList* found = secret_service_search_sync(nullptr, // default secret service
260 &kLibsecretSchema, attrs.Get(),
261 SECRET_SEARCH_ALL,
262 nullptr, // no cancellable ojbect
263 &error);
264 bool success = (error == nullptr);
265 if (error)
266 g_error_free(error);
267 if (found)
268 g_list_free(found);
269
270 return success;
271 }
272
273 NativeBackendLibsecret::NativeBackendLibsecret(LocalProfileId id)
274 : app_string_(GetProfileSpecificAppString(id)) {
275 }
276
277 NativeBackendLibsecret::~NativeBackendLibsecret() {
278 }
279
280 bool NativeBackendLibsecret::Init() {
281 return LoadLibsecret() && LibsecretIsAvailable();
282 }
283
284 password_manager::PasswordStoreChangeList NativeBackendLibsecret::AddLogin(
285 const PasswordForm& form) {
286 // Based on LoginDatabase::AddLogin(), we search for an existing match based
287 // on origin_url, username_element, username_value, password_element, submit
288 // element, and signon_realm first, remove that, and then add the new entry.
289 // We'd add the new one first, and then delete the original, but then the
290 // delete might actually delete the newly-added entry!
291 ScopedVector<autofill::PasswordForm> forms =
292 AddUpdateLoginSearch(form, SEARCH_USE_SUBMIT);
293 password_manager::PasswordStoreChangeList changes;
294 if (forms.size() > 0) {
295 if (forms.size() > 1) {
296 VLOG(1) << "Adding login when there are " << forms.size()
297 << " matching logins already! Will replace only the first.";
298 }
299
300 if (RemoveLogin(*forms[0])) {
301 changes.push_back(password_manager::PasswordStoreChange(
302 password_manager::PasswordStoreChange::REMOVE, *forms[0]));
303 }
304 }
305 if (RawAddLogin(form)) {
306 changes.push_back(password_manager::PasswordStoreChange(
307 password_manager::PasswordStoreChange::ADD, form));
308 }
309 return changes;
310 }
311
312 bool NativeBackendLibsecret::UpdateLogin(
313 const PasswordForm& form,
314 password_manager::PasswordStoreChangeList* changes) {
315 // Based on LoginDatabase::UpdateLogin(), we search for forms to update by
316 // origin_url, username_element, username_value, password_element, and
317 // signon_realm. We then compare the result to the updated form. If they
318 // differ in any of the mutable fields, then we remove the original, and
319 // then add the new entry. We'd add the new one first, and then delete the
320 // original, but then the delete might actually delete the newly-added entry!
321 DCHECK(changes);
322 changes->clear();
323
324 ScopedVector<autofill::PasswordForm> forms =
325 AddUpdateLoginSearch(form, SEARCH_IGNORE_SUBMIT);
326
327 bool removed = false;
328 for (size_t i = 0; i < forms.size(); ++i) {
329 if (*forms[i] != form) {
330 RemoveLogin(*forms[i]);
331 removed = true;
332 }
333 }
334 if (!removed)
335 return true;
336
337 if (RawAddLogin(form)) {
338 password_manager::PasswordStoreChange change(
339 password_manager::PasswordStoreChange::UPDATE, form);
340 changes->push_back(change);
341 return true;
342 }
343 return false;
344 }
345
346 bool NativeBackendLibsecret::RemoveLogin(const autofill::PasswordForm& form) {
347 GError* error = nullptr;
348 secret_password_clear_sync(
349 &kLibsecretSchema, nullptr, &error, "origin_url",
350 form.origin.spec().c_str(), "username_element",
351 UTF16ToUTF8(form.username_element).c_str(), "username_value",
352 UTF16ToUTF8(form.username_value).c_str(), "password_element",
353 UTF16ToUTF8(form.password_element).c_str(), "submit_element",
354 UTF16ToUTF8(form.submit_element).c_str(), "signon_realm",
355 form.signon_realm.c_str(), "application", app_string_.c_str(), nullptr);
356
357 if (error) {
358 VLOG(1) << "Libsecret delete failed: " << error->message;
359 g_error_free(error);
360 return false;
361 }
362 return true;
363 }
364
365 bool NativeBackendLibsecret::RemoveLoginsCreatedBetween(
366 base::Time delete_begin,
367 base::Time delete_end,
368 password_manager::PasswordStoreChangeList* changes) {
369 return RemoveLoginsBetween(delete_begin, delete_end, CREATION_TIMESTAMP,
370 changes);
371 }
372
373 bool NativeBackendLibsecret::RemoveLoginsSyncedBetween(
374 base::Time delete_begin,
375 base::Time delete_end,
376 password_manager::PasswordStoreChangeList* changes) {
377 return RemoveLoginsBetween(delete_begin, delete_end, SYNC_TIMESTAMP, changes);
378 }
379
380 bool NativeBackendLibsecret::GetLogins(
381 const PasswordForm& form,
382 ScopedVector<autofill::PasswordForm>* forms) {
383 return GetLoginsList(&form, ALL_LOGINS, forms);
384 }
385
386 ScopedVector<autofill::PasswordForm>
387 NativeBackendLibsecret::AddUpdateLoginSearch(
388 const autofill::PasswordForm& lookup_form,
389 AddUpdateLoginSearchOptions options) {
390 LibsecretAttributesBuilder attrs;
391 attrs.Append("origin_url", lookup_form.origin.spec());
392 attrs.Append("username_element", UTF16ToUTF8(lookup_form.username_element));
393 attrs.Append("username_value", UTF16ToUTF8(lookup_form.username_value));
394 attrs.Append("password_element", UTF16ToUTF8(lookup_form.password_element));
395 if (options == SEARCH_USE_SUBMIT)
396 attrs.Append("submit_element", UTF16ToUTF8(lookup_form.submit_element));
397 attrs.Append("signon_realm", lookup_form.signon_realm);
398 attrs.Append("application", app_string_);
399
400 GError* error = nullptr;
401 GList* found = secret_service_search_sync(nullptr, // default secret service
402 &kLibsecretSchema, attrs.Get(),
403 SECRET_SEARCH_ALL,
404 nullptr, // no cancellable ojbect
405 &error);
406 if (error) {
407 VLOG(1) << "Unable to get logins " << error->message;
408 g_error_free(error);
409 if (found)
410 g_list_free(found);
411 return ScopedVector<autofill::PasswordForm>();
412 }
413
414 return ConvertFormList(found, &lookup_form);
415 }
416
417 bool NativeBackendLibsecret::RawAddLogin(const PasswordForm& form) {
418 int64 date_created = form.date_created.ToInternalValue();
419 // If we are asked to save a password with 0 date, use the current time.
420 // We don't want to actually save passwords as though on January 1, 1601.
421 if (!date_created)
422 date_created = base::Time::Now().ToInternalValue();
423 int64 date_synced = form.date_synced.ToInternalValue();
424 std::string form_data;
425 SerializeFormDataToBase64String(form.form_data, &form_data);
426 GError* error = nullptr;
427 secret_password_store_sync(
428 &kLibsecretSchema,
429 nullptr, // Default collection.
430 form.origin.spec().c_str(), // Display name.
431 UTF16ToUTF8(form.password_value).c_str(),
432 nullptr, // no cancellable ojbect
433 &error,
434 "origin_url", form.origin.spec().c_str(),
435 "action_url", form.action.spec().c_str(),
436 "username_element", UTF16ToUTF8(form.username_element).c_str(),
437 "username_value", UTF16ToUTF8(form.username_value).c_str(),
438 "password_element", UTF16ToUTF8(form.password_element).c_str(),
439 "submit_element", UTF16ToUTF8(form.submit_element).c_str(),
440 "signon_realm", form.signon_realm.c_str(),
441 "ssl_valid", form.ssl_valid,
442 "preferred", form.preferred,
443 "date_created", base::Int64ToString(date_created).c_str(),
444 "blacklisted_by_user", form.blacklisted_by_user,
445 "type", form.type,
446 "times_used", form.times_used,
447 "scheme", form.scheme,
448 "date_synced", base::Int64ToString(date_synced).c_str(),
449 "display_name", UTF16ToUTF8(form.display_name).c_str(),
450 "avatar_url", form.avatar_url.spec().c_str(),
451 "federation_url", form.federation_url.spec().c_str(),
452 "skip_zero_click", form.skip_zero_click,
453 "generation_upload_status", form.generation_upload_status,
454 "form_data", form_data.c_str(),
455 "application", app_string_.c_str(), nullptr);
456
457 if (error) {
458 VLOG(1) << "Libsecret add raw login failed: " << error->message;
459 g_error_free(error);
460 return false;
461 }
462 return true;
463 }
464
465 bool NativeBackendLibsecret::GetAutofillableLogins(
466 ScopedVector<autofill::PasswordForm>* forms) {
467 return GetLoginsList(nullptr, AUTOFILLABLE_LOGINS, forms);
468 }
469
470 bool NativeBackendLibsecret::GetBlacklistLogins(
471 ScopedVector<autofill::PasswordForm>* forms) {
472 return GetLoginsList(nullptr, BLACKLISTED_LOGINS, forms);
473 }
474
475 bool NativeBackendLibsecret::GetLoginsList(
476 const PasswordForm* lookup_form,
477 GetLoginsListOptions options,
478 ScopedVector<autofill::PasswordForm>* forms) {
479 LibsecretAttributesBuilder attrs;
480 attrs.Append("application", app_string_);
481 if (options != ALL_LOGINS)
482 attrs.Append("blacklisted_by_user", options == BLACKLISTED_LOGINS);
483 if (lookup_form &&
484 !password_manager::ShouldPSLDomainMatchingApply(
485 password_manager::GetRegistryControlledDomain(
486 GURL(lookup_form->signon_realm))))
487 attrs.Append("signon_realm", lookup_form->signon_realm);
488
489 GError* error = nullptr;
490 GList* found = secret_service_search_sync(nullptr, // default secret service
491 &kLibsecretSchema, attrs.Get(),
492 SECRET_SEARCH_ALL,
493 nullptr, // no cancellable ojbect
494 &error);
495 if (error) {
496 VLOG(1) << "Unable to get logins " << error->message;
497 g_error_free(error);
498 if (found)
499 g_list_free(found);
500 return false;
501 }
502
503 *forms = ConvertFormList(found, lookup_form);
504 return true;
505 }
506
507 bool NativeBackendLibsecret::GetLoginsBetween(
508 base::Time get_begin,
509 base::Time get_end,
510 TimestampToCompare date_to_compare,
511 ScopedVector<autofill::PasswordForm>* forms) {
512 forms->clear();
513 ScopedVector<autofill::PasswordForm> all_forms;
514 if (!GetLoginsList(nullptr, ALL_LOGINS, &all_forms))
515 return false;
516
517 base::Time autofill::PasswordForm::*date_member =
518 date_to_compare == CREATION_TIMESTAMP
519 ? &autofill::PasswordForm::date_created
520 : &autofill::PasswordForm::date_synced;
521 for (auto& saved_form : all_forms) {
522 if (get_begin <= saved_form->*date_member &&
523 (get_end.is_null() || saved_form->*date_member < get_end)) {
524 forms->push_back(saved_form);
525 saved_form = nullptr;
526 }
527 }
528
529 return true;
530 }
531
532 bool NativeBackendLibsecret::RemoveLoginsBetween(
533 base::Time get_begin,
534 base::Time get_end,
535 TimestampToCompare date_to_compare,
536 password_manager::PasswordStoreChangeList* changes) {
537 DCHECK(changes);
538 changes->clear();
539 ScopedVector<autofill::PasswordForm> forms;
540 if (!GetLoginsBetween(get_begin, get_end, date_to_compare, &forms))
541 return false;
542
543 bool ok = true;
544 for (size_t i = 0; i < forms.size(); ++i) {
545 if (RemoveLogin(*forms[i])) {
546 changes->push_back(password_manager::PasswordStoreChange(
547 password_manager::PasswordStoreChange::REMOVE, *forms[i]));
548 } else {
549 ok = false;
550 }
551 }
552 return ok;
553 }
554
555 ScopedVector<autofill::PasswordForm> NativeBackendLibsecret::ConvertFormList(
556 GList* found,
557 const PasswordForm* lookup_form) {
558 ScopedVector<autofill::PasswordForm> forms;
559 password_manager::PSLDomainMatchMetric psl_domain_match_metric =
560 password_manager::PSL_DOMAIN_MATCH_NONE;
561 GError* error = nullptr;
562 for (GList* element = g_list_first(found); element != nullptr;
563 element = g_list_next(element)) {
564 SecretItem* secretItem = static_cast<SecretItem*>(element->data);
565 LibsecretLoader::secret_item_load_secret_sync(secretItem, nullptr, &error);
566 if (error) {
567 VLOG(1) << "Unable to load secret item" << error->message;
568 g_error_free(error);
569 error = nullptr;
570 continue;
571 }
572 GHashTable* attrs = secret_item_get_attributes(secretItem);
573 scoped_ptr<PasswordForm> form(FormOutOfAttributes(attrs));
574 g_hash_table_unref(attrs);
575 if (form) {
576 if (lookup_form && form->signon_realm != lookup_form->signon_realm) {
577 // This is not an exact match, we try PSL matching.
578 if (lookup_form->scheme != PasswordForm::SCHEME_HTML ||
579 form->scheme != PasswordForm::SCHEME_HTML ||
580 !(password_manager::IsPublicSuffixDomainMatch(
581 lookup_form->signon_realm, form->signon_realm))) {
582 continue;
583 }
584 psl_domain_match_metric = password_manager::PSL_DOMAIN_MATCH_FOUND;
585 form->original_signon_realm = form->signon_realm;
586 form->signon_realm = lookup_form->signon_realm;
587 form->origin = lookup_form->origin;
588 }
589 SecretValue* secretValue = secret_item_get_secret(secretItem);
590 if (secretValue) {
591 form->password_value = UTF8ToUTF16(secret_value_get_text(secretValue));
592 secret_value_unref(secretValue);
593 } else {
594 VLOG(1) << "Unable to access password from list element!";
595 }
596 forms.push_back(form.release());
597 } else {
598 VLOG(1) << "Could not initialize PasswordForm from attributes!";
599 }
600 }
601
602 if (lookup_form) {
603 const GURL signon_realm(lookup_form->signon_realm);
604 std::string registered_domain =
605 password_manager::GetRegistryControlledDomain(signon_realm);
606 UMA_HISTOGRAM_ENUMERATION(
607 "PasswordManager.PslDomainMatchTriggering",
608 password_manager::ShouldPSLDomainMatchingApply(registered_domain)
609 ? psl_domain_match_metric
610 : password_manager::PSL_DOMAIN_MATCH_NOT_USED,
611 password_manager::PSL_DOMAIN_MATCH_COUNT);
612 }
613 g_list_free(found);
614 return forms.Pass();
615 }