search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Pin Chrome's shortcut to the Win10 Start menu on install and OS upgrade.
[chromium-blink-merge.git] / chrome / browser / password_manager / native_backend_libsecret.cc
blobe6cc35af8120b932a9a676ee186c4ac4875501d8
1 // Copyright (c) 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/browser/password_manager/native_backend_libsecret.h"
6
7 #include <dlfcn.h>
8 #include <list>
9
10 #include "base/basictypes.h"
11 #include "base/logging.h"
12 #include "base/memory/scoped_ptr.h"
13 #include "base/metrics/histogram.h"
14 #include "base/strings/string_number_conversions.h"
15 #include "base/strings/stringprintf.h"
16 #include "base/strings/utf_string_conversions.h"
17 #include "components/password_manager/core/browser/password_manager_metrics_util.h"
18
19 using autofill::PasswordForm;
20 using base::UTF8ToUTF16;
21 using base::UTF16ToUTF8;
22 using namespace password_manager::metrics_util;
23
24 namespace {
25 const char kEmptyString[] = "";
26 const int kMaxPossibleTimeTValue = std::numeric_limits<int>::max();
27 }
28
29 typeof(&::secret_password_store_sync)
30 LibsecretLoader::secret_password_store_sync;
31 typeof(&::secret_service_search_sync)
32 LibsecretLoader::secret_service_search_sync;
33 typeof(&::secret_password_clear_sync)
34 LibsecretLoader::secret_password_clear_sync;
35 typeof(&::secret_item_get_secret) LibsecretLoader::secret_item_get_secret;
36 typeof(&::secret_value_get_text) LibsecretLoader::secret_value_get_text;
37 typeof(&::secret_item_get_attributes)
38 LibsecretLoader::secret_item_get_attributes;
39 typeof(&::secret_item_load_secret_sync)
40 LibsecretLoader::secret_item_load_secret_sync;
41 typeof(&::secret_value_unref) LibsecretLoader::secret_value_unref;
42
43 bool LibsecretLoader::libsecret_loaded = false;
44
45 const LibsecretLoader::FunctionInfo LibsecretLoader::functions[] = {
46 {"secret_password_store_sync",
47 reinterpret_cast<void**>(&secret_password_store_sync)},
48 {"secret_service_search_sync",
49 reinterpret_cast<void**>(&secret_service_search_sync)},
50 {"secret_password_clear_sync",
51 reinterpret_cast<void**>(&secret_password_clear_sync)},
52 {"secret_item_get_secret",
53 reinterpret_cast<void**>(&secret_item_get_secret)},
54 {"secret_value_get_text", reinterpret_cast<void**>(&secret_value_get_text)},
55 {"secret_item_get_attributes",
56 reinterpret_cast<void**>(&secret_item_get_attributes)},
57 {"secret_item_load_secret_sync",
58 reinterpret_cast<void**>(&secret_item_load_secret_sync)},
59 {"secret_value_unref", reinterpret_cast<void**>(&secret_value_unref)},
60 {nullptr, nullptr}};
61
62 bool LibsecretLoader::LoadLibsecret() {
63 if (libsecret_loaded)
64 return true;
65
66 void* handle = dlopen("libsecret-1.so.0", RTLD_NOW | RTLD_GLOBAL);
67 if (!handle) {
68 // We wanted to use libsecret, but we couldn't load it. Warn, because
69 // either the user asked for this, or we autodetected it incorrectly. (Or
70 // the system has broken libraries, which is also good to warn about.)
71 VLOG(1) << "Could not load libsecret-1.so.0: " << dlerror();
72 return false;
73 }
74
75 for (size_t i = 0; functions[i].name; ++i) {
76 dlerror();
77 *functions[i].pointer = dlsym(handle, functions[i].name);
78 const char* error = dlerror();
79 if (error) {
80 VLOG(1) << "Unable to load symbol " << functions[i].name << ": " << error;
81 dlclose(handle);
82 return false;
83 }
84 }
85
86 libsecret_loaded = true;
87 // We leak the library handle. That's OK: this function is called only once.
88 return true;
89 }
90
91 namespace {
92
93 const char kLibsecretAppString[] = "chrome";
94
95 // Schema is analagous to the fields in PasswordForm.
96 const SecretSchema kLibsecretSchema = {
97 "chrome_libsecret_password_schema",
98 // We have to use SECRET_SCHEMA_DONT_MATCH_NAME in order to get old
99 // passwords stored with gnome_keyring.
100 SECRET_SCHEMA_DONT_MATCH_NAME,
101 {{"origin_url", SECRET_SCHEMA_ATTRIBUTE_STRING},
102 {"action_url", SECRET_SCHEMA_ATTRIBUTE_STRING},
103 {"username_element", SECRET_SCHEMA_ATTRIBUTE_STRING},
104 {"username_value", SECRET_SCHEMA_ATTRIBUTE_STRING},
105 {"password_element", SECRET_SCHEMA_ATTRIBUTE_STRING},
106 {"submit_element", SECRET_SCHEMA_ATTRIBUTE_STRING},
107 {"signon_realm", SECRET_SCHEMA_ATTRIBUTE_STRING},
108 {"ssl_valid", SECRET_SCHEMA_ATTRIBUTE_INTEGER},
109 {"preferred", SECRET_SCHEMA_ATTRIBUTE_INTEGER},
110 {"date_created", SECRET_SCHEMA_ATTRIBUTE_STRING},
111 {"blacklisted_by_user", SECRET_SCHEMA_ATTRIBUTE_INTEGER},
112 {"scheme", SECRET_SCHEMA_ATTRIBUTE_INTEGER},
113 {"type", SECRET_SCHEMA_ATTRIBUTE_INTEGER},
114 {"times_used", SECRET_SCHEMA_ATTRIBUTE_INTEGER},
115 {"date_synced", SECRET_SCHEMA_ATTRIBUTE_STRING},
116 {"display_name", SECRET_SCHEMA_ATTRIBUTE_STRING},
117 {"avatar_url", SECRET_SCHEMA_ATTRIBUTE_STRING},
118 {"federation_url", SECRET_SCHEMA_ATTRIBUTE_STRING},
119 {"skip_zero_click", SECRET_SCHEMA_ATTRIBUTE_INTEGER},
120 {"generation_upload_status", SECRET_SCHEMA_ATTRIBUTE_INTEGER},
121 {"form_data", SECRET_SCHEMA_ATTRIBUTE_STRING},
122 // This field is always "chrome-profile_id" so that we can search for it.
123 {"application", SECRET_SCHEMA_ATTRIBUTE_STRING},
124 {nullptr, SECRET_SCHEMA_ATTRIBUTE_STRING}}};
125
126 const char* GetStringFromAttributes(GHashTable* attrs, const char* keyname) {
127 gpointer value = g_hash_table_lookup(attrs, keyname);
128 return value ? static_cast<char*>(value) : kEmptyString;
129 }
130
131 uint32_t GetUintFromAttributes(GHashTable* attrs, const char* keyname) {
132 gpointer value = g_hash_table_lookup(attrs, keyname);
133 if (!value)
134 return uint32_t();
135 uint32_t result;
136 bool value_ok = base::StringToUint(static_cast<char*>(value), &result);
137 DCHECK(value_ok);
138 return result;
139 }
140
141 // Convert the attributes into a new PasswordForm.
142 // Note: does *not* get the actual password, as that is not a key attribute!
143 // Returns nullptr if the attributes are for the wrong application.
144 scoped_ptr<PasswordForm> FormOutOfAttributes(GHashTable* attrs) {
145 base::StringPiece app_value = GetStringFromAttributes(attrs, "application");
146 if (!app_value.starts_with(kLibsecretAppString))
147 return scoped_ptr<PasswordForm>();
148
149 scoped_ptr<PasswordForm> form(new PasswordForm());
150 form->origin = GURL(GetStringFromAttributes(attrs, "origin_url"));
151 form->action = GURL(GetStringFromAttributes(attrs, "action_url"));
152 form->username_element =
153 UTF8ToUTF16(GetStringFromAttributes(attrs, "username_element"));
154 form->username_value =
155 UTF8ToUTF16(GetStringFromAttributes(attrs, "username_value"));
156 form->password_element =
157 UTF8ToUTF16(GetStringFromAttributes(attrs, "password_element"));
158 form->submit_element =
159 UTF8ToUTF16(GetStringFromAttributes(attrs, "submit_element"));
160 form->signon_realm = GetStringFromAttributes(attrs, "signon_realm");
161 form->ssl_valid = GetUintFromAttributes(attrs, "ssl_valid");
162 form->preferred = GetUintFromAttributes(attrs, "preferred");
163 int64 date_created = 0;
164 bool date_ok = base::StringToInt64(
165 GetStringFromAttributes(attrs, "date_created"), &date_created);
166 DCHECK(date_ok);
167 // In the past |date_created| was stored as time_t. Currently is stored as
168 // base::Time's internal value. We need to distinguish, which format the
169 // number in |date_created| was stored in. We use the fact that
170 // kMaxPossibleTimeTValue interpreted as the internal value corresponds to an
171 // unlikely date back in 17th century, and anything above
172 // kMaxPossibleTimeTValue clearly must be in the internal value format.
173 form->date_created = date_created < kMaxPossibleTimeTValue
174 ? base::Time::FromTimeT(date_created)
175 : base::Time::FromInternalValue(date_created);
176 form->blacklisted_by_user =
177 GetUintFromAttributes(attrs, "blacklisted_by_user");
178 form->type =
179 static_cast<PasswordForm::Type>(GetUintFromAttributes(attrs, "type"));
180 form->times_used = GetUintFromAttributes(attrs, "times_used");
181 form->scheme =
182 static_cast<PasswordForm::Scheme>(GetUintFromAttributes(attrs, "scheme"));
183 int64 date_synced = 0;
184 base::StringToInt64(GetStringFromAttributes(attrs, "date_synced"),
185 &date_synced);
186 form->date_synced = base::Time::FromInternalValue(date_synced);
187 form->display_name =
188 UTF8ToUTF16(GetStringFromAttributes(attrs, "display_name"));
189 form->icon_url = GURL(GetStringFromAttributes(attrs, "avatar_url"));
190 form->federation_url = GURL(GetStringFromAttributes(attrs, "federation_url"));
191 form->skip_zero_click = GetUintFromAttributes(attrs, "skip_zero_click");
192 form->generation_upload_status =
193 static_cast<PasswordForm::GenerationUploadStatus>(
194 GetUintFromAttributes(attrs, "generation_upload_status"));
195 base::StringPiece encoded_form_data =
196 GetStringFromAttributes(attrs, "form_data");
197 if (!encoded_form_data.empty()) {
198 bool success = DeserializeFormDataFromBase64String(encoded_form_data,
199 &form->form_data);
200 FormDeserializationStatus status = success ? GNOME_SUCCESS : GNOME_FAILURE;
201 LogFormDataDeserializationStatus(status);
202 }
203 return form.Pass();
204 }
205
206 class LibsecretAttributesBuilder {
207 public:
208 LibsecretAttributesBuilder();
209 ~LibsecretAttributesBuilder();
210 void Append(const std::string& name, const std::string& value);
211 void Append(const std::string& name, int64 value);
212 // GHashTable, its keys and values returned from Get() are destroyed in
213 // |LibsecretAttributesBuilder| desctructor.
214 GHashTable* Get() { return attrs_; }
215
216 private:
217 // |name_values_| is a storage for strings referenced in |attrs_|.
218 std::list<std::string> name_values_;
219 GHashTable* attrs_;
220 };
221
222 LibsecretAttributesBuilder::LibsecretAttributesBuilder() {
223 attrs_ = g_hash_table_new_full(g_str_hash, g_str_equal,
224 nullptr, // no deleter for keys
225 nullptr); // no deleter for values
226 }
227
228 LibsecretAttributesBuilder::~LibsecretAttributesBuilder() {
229 g_hash_table_destroy(attrs_);
230 }
231
232 void LibsecretAttributesBuilder::Append(const std::string& name,
233 const std::string& value) {
234 name_values_.push_back(name);
235 gpointer name_str =
236 static_cast<gpointer>(const_cast<char*>(name_values_.back().c_str()));
237 name_values_.push_back(value);
238 gpointer value_str =
239 static_cast<gpointer>(const_cast<char*>(name_values_.back().c_str()));
240 g_hash_table_insert(attrs_, name_str, value_str);
241 }
242
243 void LibsecretAttributesBuilder::Append(const std::string& name, int64 value) {
244 Append(name, base::Int64ToString(value));
245 }
246
247 // Generates a profile-specific app string based on profile_id_.
248 std::string GetProfileSpecificAppString(LocalProfileId id) {
249 // Originally, the application string was always just "chrome" and used only
250 // so that we had *something* to search for since GNOME Keyring won't search
251 // for nothing. Now we use it to distinguish passwords for different profiles.
252 return base::StringPrintf("%s-%d", kLibsecretAppString, id);
253 }
254
255 } // namespace
256
257 bool LibsecretLoader::LibsecretIsAvailable() {
258 if (!libsecret_loaded)
259 return false;
260 // A dummy query is made to check for availability, because libsecret doesn't
261 // have a dedicated availability function. For performance reasons, the query
262 // is meant to return an empty result.
263 LibsecretAttributesBuilder attrs;
264 attrs.Append("application", "chrome-string_to_get_empty_result");
265
266 GError* error = nullptr;
267 GList* found = secret_service_search_sync(nullptr, // default secret service
268 &kLibsecretSchema, attrs.Get(),
269 SECRET_SEARCH_ALL,
270 nullptr, // no cancellable ojbect
271 &error);
272 bool success = (error == nullptr);
273 if (error)
274 g_error_free(error);
275 if (found)
276 g_list_free(found);
277
278 return success;
279 }
280
281 NativeBackendLibsecret::NativeBackendLibsecret(LocalProfileId id)
282 : app_string_(GetProfileSpecificAppString(id)) {
283 }
284
285 NativeBackendLibsecret::~NativeBackendLibsecret() {
286 }
287
288 bool NativeBackendLibsecret::Init() {
289 return LoadLibsecret() && LibsecretIsAvailable();
290 }
291
292 password_manager::PasswordStoreChangeList NativeBackendLibsecret::AddLogin(
293 const PasswordForm& form) {
294 // Based on LoginDatabase::AddLogin(), we search for an existing match based
295 // on origin_url, username_element, username_value, password_element, submit
296 // element, and signon_realm first, remove that, and then add the new entry.
297 // We'd add the new one first, and then delete the original, but then the
298 // delete might actually delete the newly-added entry!
299 ScopedVector<autofill::PasswordForm> forms =
300 AddUpdateLoginSearch(form, SEARCH_USE_SUBMIT);
301 password_manager::PasswordStoreChangeList changes;
302 if (forms.size() > 0) {
303 if (forms.size() > 1) {
304 VLOG(1) << "Adding login when there are " << forms.size()
305 << " matching logins already! Will replace only the first.";
306 }
307
308 if (RemoveLogin(*forms[0])) {
309 changes.push_back(password_manager::PasswordStoreChange(
310 password_manager::PasswordStoreChange::REMOVE, *forms[0]));
311 }
312 }
313 if (RawAddLogin(form)) {
314 changes.push_back(password_manager::PasswordStoreChange(
315 password_manager::PasswordStoreChange::ADD, form));
316 }
317 return changes;
318 }
319
320 bool NativeBackendLibsecret::UpdateLogin(
321 const PasswordForm& form,
322 password_manager::PasswordStoreChangeList* changes) {
323 // Based on LoginDatabase::UpdateLogin(), we search for forms to update by
324 // origin_url, username_element, username_value, password_element, and
325 // signon_realm. We then compare the result to the updated form. If they
326 // differ in any of the mutable fields, then we remove the original, and
327 // then add the new entry. We'd add the new one first, and then delete the
328 // original, but then the delete might actually delete the newly-added entry!
329 DCHECK(changes);
330 changes->clear();
331
332 ScopedVector<autofill::PasswordForm> forms =
333 AddUpdateLoginSearch(form, SEARCH_IGNORE_SUBMIT);
334
335 bool removed = false;
336 for (size_t i = 0; i < forms.size(); ++i) {
337 if (*forms[i] != form) {
338 RemoveLogin(*forms[i]);
339 removed = true;
340 }
341 }
342 if (!removed)
343 return true;
344
345 if (RawAddLogin(form)) {
346 password_manager::PasswordStoreChange change(
347 password_manager::PasswordStoreChange::UPDATE, form);
348 changes->push_back(change);
349 return true;
350 }
351 return false;
352 }
353
354 bool NativeBackendLibsecret::RemoveLogin(const autofill::PasswordForm& form) {
355 GError* error = nullptr;
356 secret_password_clear_sync(
357 &kLibsecretSchema, nullptr, &error, "origin_url",
358 form.origin.spec().c_str(), "username_element",
359 UTF16ToUTF8(form.username_element).c_str(), "username_value",
360 UTF16ToUTF8(form.username_value).c_str(), "password_element",
361 UTF16ToUTF8(form.password_element).c_str(), "submit_element",
362 UTF16ToUTF8(form.submit_element).c_str(), "signon_realm",
363 form.signon_realm.c_str(), "application", app_string_.c_str(), nullptr);
364
365 if (error) {
366 VLOG(1) << "Libsecret delete failed: " << error->message;
367 g_error_free(error);
368 return false;
369 }
370 return true;
371 }
372
373 bool NativeBackendLibsecret::RemoveLoginsCreatedBetween(
374 base::Time delete_begin,
375 base::Time delete_end,
376 password_manager::PasswordStoreChangeList* changes) {
377 return RemoveLoginsBetween(delete_begin, delete_end, CREATION_TIMESTAMP,
378 changes);
379 }
380
381 bool NativeBackendLibsecret::RemoveLoginsSyncedBetween(
382 base::Time delete_begin,
383 base::Time delete_end,
384 password_manager::PasswordStoreChangeList* changes) {
385 return RemoveLoginsBetween(delete_begin, delete_end, SYNC_TIMESTAMP, changes);
386 }
387
388 bool NativeBackendLibsecret::GetLogins(
389 const PasswordForm& form,
390 ScopedVector<autofill::PasswordForm>* forms) {
391 return GetLoginsList(&form, ALL_LOGINS, forms);
392 }
393
394 ScopedVector<autofill::PasswordForm>
395 NativeBackendLibsecret::AddUpdateLoginSearch(
396 const autofill::PasswordForm& lookup_form,
397 AddUpdateLoginSearchOptions options) {
398 LibsecretAttributesBuilder attrs;
399 attrs.Append("origin_url", lookup_form.origin.spec());
400 attrs.Append("username_element", UTF16ToUTF8(lookup_form.username_element));
401 attrs.Append("username_value", UTF16ToUTF8(lookup_form.username_value));
402 attrs.Append("password_element", UTF16ToUTF8(lookup_form.password_element));
403 if (options == SEARCH_USE_SUBMIT)
404 attrs.Append("submit_element", UTF16ToUTF8(lookup_form.submit_element));
405 attrs.Append("signon_realm", lookup_form.signon_realm);
406 attrs.Append("application", app_string_);
407
408 GError* error = nullptr;
409 GList* found = secret_service_search_sync(nullptr, // default secret service
410 &kLibsecretSchema, attrs.Get(),
411 SECRET_SEARCH_ALL,
412 nullptr, // no cancellable ojbect
413 &error);
414 if (error) {
415 VLOG(1) << "Unable to get logins " << error->message;
416 g_error_free(error);
417 if (found)
418 g_list_free(found);
419 return ScopedVector<autofill::PasswordForm>();
420 }
421
422 return ConvertFormList(found, &lookup_form);
423 }
424
425 bool NativeBackendLibsecret::RawAddLogin(const PasswordForm& form) {
426 int64 date_created = form.date_created.ToInternalValue();
427 // If we are asked to save a password with 0 date, use the current time.
428 // We don't want to actually save passwords as though on January 1, 1601.
429 if (!date_created)
430 date_created = base::Time::Now().ToInternalValue();
431 int64 date_synced = form.date_synced.ToInternalValue();
432 std::string form_data;
433 SerializeFormDataToBase64String(form.form_data, &form_data);
434 GError* error = nullptr;
435 secret_password_store_sync(
436 &kLibsecretSchema,
437 nullptr, // Default collection.
438 form.origin.spec().c_str(), // Display name.
439 UTF16ToUTF8(form.password_value).c_str(),
440 nullptr, // no cancellable ojbect
441 &error,
442 "origin_url", form.origin.spec().c_str(),
443 "action_url", form.action.spec().c_str(),
444 "username_element", UTF16ToUTF8(form.username_element).c_str(),
445 "username_value", UTF16ToUTF8(form.username_value).c_str(),
446 "password_element", UTF16ToUTF8(form.password_element).c_str(),
447 "submit_element", UTF16ToUTF8(form.submit_element).c_str(),
448 "signon_realm", form.signon_realm.c_str(),
449 "ssl_valid", form.ssl_valid,
450 "preferred", form.preferred,
451 "date_created", base::Int64ToString(date_created).c_str(),
452 "blacklisted_by_user", form.blacklisted_by_user,
453 "type", form.type,
454 "times_used", form.times_used,
455 "scheme", form.scheme,
456 "date_synced", base::Int64ToString(date_synced).c_str(),
457 "display_name", UTF16ToUTF8(form.display_name).c_str(),
458 "avatar_url", form.icon_url.spec().c_str(),
459 "federation_url", form.federation_url.spec().c_str(),
460 "skip_zero_click", form.skip_zero_click,
461 "generation_upload_status", form.generation_upload_status,
462 "form_data", form_data.c_str(),
463 "application", app_string_.c_str(), nullptr);
464
465 if (error) {
466 VLOG(1) << "Libsecret add raw login failed: " << error->message;
467 g_error_free(error);
468 return false;
469 }
470 return true;
471 }
472
473 bool NativeBackendLibsecret::GetAutofillableLogins(
474 ScopedVector<autofill::PasswordForm>* forms) {
475 return GetLoginsList(nullptr, AUTOFILLABLE_LOGINS, forms);
476 }
477
478 bool NativeBackendLibsecret::GetBlacklistLogins(
479 ScopedVector<autofill::PasswordForm>* forms) {
480 return GetLoginsList(nullptr, BLACKLISTED_LOGINS, forms);
481 }
482
483 bool NativeBackendLibsecret::GetLoginsList(
484 const PasswordForm* lookup_form,
485 GetLoginsListOptions options,
486 ScopedVector<autofill::PasswordForm>* forms) {
487 LibsecretAttributesBuilder attrs;
488 attrs.Append("application", app_string_);
489 if (options != ALL_LOGINS)
490 attrs.Append("blacklisted_by_user", options == BLACKLISTED_LOGINS);
491 if (lookup_form &&
492 !password_manager::ShouldPSLDomainMatchingApply(
493 password_manager::GetRegistryControlledDomain(
494 GURL(lookup_form->signon_realm))))
495 attrs.Append("signon_realm", lookup_form->signon_realm);
496
497 GError* error = nullptr;
498 GList* found = secret_service_search_sync(nullptr, // default secret service
499 &kLibsecretSchema, attrs.Get(),
500 SECRET_SEARCH_ALL,
501 nullptr, // no cancellable ojbect
502 &error);
503 if (error) {
504 VLOG(1) << "Unable to get logins " << error->message;
505 g_error_free(error);
506 if (found)
507 g_list_free(found);
508 return false;
509 }
510
511 *forms = ConvertFormList(found, lookup_form);
512 return true;
513 }
514
515 bool NativeBackendLibsecret::GetLoginsBetween(
516 base::Time get_begin,
517 base::Time get_end,
518 TimestampToCompare date_to_compare,
519 ScopedVector<autofill::PasswordForm>* forms) {
520 forms->clear();
521 ScopedVector<autofill::PasswordForm> all_forms;
522 if (!GetLoginsList(nullptr, ALL_LOGINS, &all_forms))
523 return false;
524
525 base::Time autofill::PasswordForm::*date_member =
526 date_to_compare == CREATION_TIMESTAMP
527 ? &autofill::PasswordForm::date_created
528 : &autofill::PasswordForm::date_synced;
529 for (auto& saved_form : all_forms) {
530 if (get_begin <= saved_form->*date_member &&
531 (get_end.is_null() || saved_form->*date_member < get_end)) {
532 forms->push_back(saved_form);
533 saved_form = nullptr;
534 }
535 }
536
537 return true;
538 }
539
540 bool NativeBackendLibsecret::RemoveLoginsBetween(
541 base::Time get_begin,
542 base::Time get_end,
543 TimestampToCompare date_to_compare,
544 password_manager::PasswordStoreChangeList* changes) {
545 DCHECK(changes);
546 changes->clear();
547 ScopedVector<autofill::PasswordForm> forms;
548 if (!GetLoginsBetween(get_begin, get_end, date_to_compare, &forms))
549 return false;
550
551 bool ok = true;
552 for (size_t i = 0; i < forms.size(); ++i) {
553 if (RemoveLogin(*forms[i])) {
554 changes->push_back(password_manager::PasswordStoreChange(
555 password_manager::PasswordStoreChange::REMOVE, *forms[i]));
556 } else {
557 ok = false;
558 }
559 }
560 return ok;
561 }
562
563 ScopedVector<autofill::PasswordForm> NativeBackendLibsecret::ConvertFormList(
564 GList* found,
565 const PasswordForm* lookup_form) {
566 ScopedVector<autofill::PasswordForm> forms;
567 password_manager::PSLDomainMatchMetric psl_domain_match_metric =
568 password_manager::PSL_DOMAIN_MATCH_NONE;
569 GError* error = nullptr;
570 for (GList* element = g_list_first(found); element != nullptr;
571 element = g_list_next(element)) {
572 SecretItem* secretItem = static_cast<SecretItem*>(element->data);
573 LibsecretLoader::secret_item_load_secret_sync(secretItem, nullptr, &error);
574 if (error) {
575 VLOG(1) << "Unable to load secret item" << error->message;
576 g_error_free(error);
577 error = nullptr;
578 continue;
579 }
580 GHashTable* attrs = secret_item_get_attributes(secretItem);
581 scoped_ptr<PasswordForm> form(FormOutOfAttributes(attrs));
582 g_hash_table_unref(attrs);
583 if (form) {
584 if (lookup_form && form->signon_realm != lookup_form->signon_realm) {
585 // This is not an exact match, we try PSL matching.
586 if (lookup_form->scheme != PasswordForm::SCHEME_HTML ||
587 form->scheme != PasswordForm::SCHEME_HTML ||
588 !(password_manager::IsPublicSuffixDomainMatch(
589 lookup_form->signon_realm, form->signon_realm))) {
590 continue;
591 }
592 psl_domain_match_metric = password_manager::PSL_DOMAIN_MATCH_FOUND;
593 form->original_signon_realm = form->signon_realm;
594 form->signon_realm = lookup_form->signon_realm;
595 form->origin = lookup_form->origin;
596 }
597 SecretValue* secretValue = secret_item_get_secret(secretItem);
598 if (secretValue) {
599 form->password_value = UTF8ToUTF16(secret_value_get_text(secretValue));
600 secret_value_unref(secretValue);
601 } else {
602 VLOG(1) << "Unable to access password from list element!";
603 }
604 forms.push_back(form.Pass());
605 } else {
606 VLOG(1) << "Could not initialize PasswordForm from attributes!";
607 }
608 }
609
610 if (lookup_form) {
611 const GURL signon_realm(lookup_form->signon_realm);
612 std::string registered_domain =
613 password_manager::GetRegistryControlledDomain(signon_realm);
614 UMA_HISTOGRAM_ENUMERATION(
615 "PasswordManager.PslDomainMatchTriggering",
616 password_manager::ShouldPSLDomainMatchingApply(registered_domain)
617 ? psl_domain_match_metric
618 : password_manager::PSL_DOMAIN_MATCH_NOT_USED,
619 password_manager::PSL_DOMAIN_MATCH_COUNT);
620 }
621 g_list_free(found);
622 return forms.Pass();
623 }