| blob | 6a7dc1ce78e04a873e36e712dd1da1956f68c41d |
1 /* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* ***** BEGIN LICENSE BLOCK *****
3 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
4 *
5 * The contents of this file are subject to the Mozilla Public License Version
6 * 1.1 (the "License"); you may not use this file except in compliance with
7 * the License. You may obtain a copy of the License at
8 * http://www.mozilla.org/MPL/
9 *
10 * Software distributed under the License is distributed on an "AS IS" basis,
11 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
12 * for the specific language governing rights and limitations under the
13 * License.
14 *
15 * The Original Code is Mozilla Communicator client code.
16 *
17 * The Initial Developer of the Original Code is
18 * Netscape Communications Corporation.
19 * Portions created by the Initial Developer are Copyright (C) 1998
20 * the Initial Developer. All Rights Reserved.
21 *
22 * Contributor(s):
23 * Pierre Phaneuf <pp@ludusdesign.com>
24 * Mike Calmus
25 *
26 * Alternatively, the contents of this file may be used under the terms of
27 * either the GNU General Public License Version 2 or later (the "GPL"), or
28 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
29 * in which case the provisions of the GPL or the LGPL are applicable instead
30 * of those above. If you wish to allow use of your version of this file only
31 * under the terms of either the GPL or the LGPL, and not to allow others to
32 * use your version of this file under the terms of the MPL, indicate your
33 * decision by deleting the provisions above and replace them with the notice
34 * and other provisions required by the GPL or the LGPL. If you do not delete
35 * the provisions above, a recipient may use your version of this file under
36 * the terms of any one of the MPL, the GPL or the LGPL.
37 *
38 * ***** END LICENSE BLOCK ***** */
40 #define alphabetize 1
46 #ifdef XP_MAC
53 #else
55 #endif
78 //#define SINGSIGN_LOGGING
79 #ifdef SINGSIGN_LOGGING
80 #define LOG(args) printf args
81 #else
82 #define LOG(args)
83 #endif
85 // Currently the default is on, so we don't need the code to prompt the
86 // user if the default is off.
87 #undef WALLET_PASSWORDMANAGER_DEFAULT_IS_OFF
89 /********************
90 * Global Variables *
91 ********************/
93 /* locks for signon cache */
99 /* load states */
104 /* apple keychain stuff */
106 #ifdef APPLE_KEYCHAIN
109 static int
111 #endif
116 /******************
117 * Key Management *
118 ******************/
125 /***************************
126 * Locking the Signon List *
127 ***************************/
129 static void
133 }
137 /* no current owner or owned by this thread */
141 signon_lock_count++;
144 }
146 /* owned by someone else -- wait till we can get it */
148 }
149 }
151 static void
155 #ifdef DEBUG
156 /* make sure someone doesn't try to free a lock they don't own */
158 #endif
160 signon_lock_count--;
164 }
166 }
169 /********************************
170 * Preference Utility Functions *
171 ********************************/
173 void
175 nsresult ret;
179 }
180 }
182 void
184 nsresult ret;
188 }
189 }
191 void
193 nsresult ret;
199 }
200 }
201 }
203 PRBool
205 nsresult ret;
210 }
212 }
214 void
218 }
219 nsresult ret;
225 }
226 }
227 }
229 void
231 nsresult ret;
237 }
240 }
241 }
243 void
245 nsresult ret;
251 }
254 }
255 }
258 /*********************************
259 * Preferences for Single Signon *
260 *********************************/
263 #ifdef WALLET_PASSWORDMANAGER_DEFAULT_IS_OFF
265 #endif
269 #ifdef WALLET_PASSWORDMANAGER_DEFAULT_IS_OFF
271 #endif
273 static int
276 int
279 void
282 #ifdef WALLET_PASSWORDMANAGER_DEFAULT_IS_OFF
283 static PRBool
286 }
288 static void
292 }
293 #endif
295 static void
297 #ifdef APPLE_KEYCHAIN
299 /* We no longer need the Keychain callback installed */
303 }
304 #endif
306 }
308 int PR_CALLBACK
310 PRBool x;
314 }
316 static void
318 PRBool x;
323 }
328 #ifdef WALLET_PASSWORDMANAGER_DEFAULT_IS_OFF
331 #endif
334 }
335 }
337 static PRBool
339 #ifdef APPLE_KEYCHAIN
340 /* If the Keychain has been locked or an item deleted or updated,
341 * we need to reload the signon data
342 */
344 /*
345 * set si_list_invalid to PR_FALSE first because SI_RemoveAllSignonData
346 * calls si_GetSignonRememberingPref
347 */
350 }
351 #endif
355 #ifdef WALLET_PASSWORDMANAGER_DEFAULT_IS_OFF
356 /*
357 * We initially want the rememberSignons pref to be PR_FALSE. But this will
358 * prevent the notification message from ever occurring. To get around
359 * this problem, if the signon pref is PR_FALSE and no notification has
360 * ever been given, we will treat this as if the signon pref were PR_TRUE.
361 */
366 }
367 #else
369 #endif
370 }
372 void
378 }
379 }
382 /***********
383 * Dialogs *
384 ***********/
386 #ifdef WALLET_PASSWORDMANAGER_DEFAULT_IS_OFF
387 static PRBool
390 }
391 #endif
393 static PRInt32
396 }
398 static PRBool
399 si_SelectDialog(const PRUnichar* szMessage, nsIPrompt* dialog, PRUnichar** pList, PRInt32* pCount, PRUint32 formNumber) {
401 /* a user was already selected for this form, use same one again */
404 }
405 nsresult rv;
406 PRInt32 selectedIndex;
407 PRBool rtnValue;
410 /* Notify signon manager dialog to update its display */
412 gSelectUserDialogCount++;
415 }
417 rv = dialog->Select( title_string, szMessage, *pCount, const_cast<const PRUnichar**>(pList), &selectedIndex, &rtnValue );
419 gSelectUserDialogCount--;
422 }
427 }
431 }
433 }
435 static nsresult
436 si_CheckGetPassword
441 PRUint32 savePassword,
443 {
444 nsresult res;
451 // According to nsIPrompt spec, the checkbox is shown or not
452 // depending on whether or not checkValue == nsnull, not checkMsg.
461 }
465 szMessage,
466 password,
467 check_string,
468 check_value,
478 }
483 }
484 }
486 static nsresult
487 si_CheckGetData
492 PRUint32 savePassword,
494 {
495 nsresult res;
502 // According to nsIPrompt spec, the checkbox is shown or not
503 // depending on whether or not checkValue == nsnull, not checkMsg.
512 }
516 szMessage,
517 data,
518 check_string,
519 check_value,
529 }
534 }
535 }
537 static nsresult
538 si_CheckGetUsernamePassword
544 PRUint32 savePassword,
546 {
547 nsresult res;
553 // According to nsIPrompt spec, the checkbox is shown or not
554 // depending on whether or not checkValue == nsnull, not checkMsg.
563 }
567 szMessage,
569 check_string,
570 check_value,
580 }
585 }
586 }
588 static nsresult
589 si_CheckPromptAuth
592 {
598 }
614 }
615 }
619 /********************
620 * Utility Routines *
621 ********************/
623 /* StrAllocCopy should really be defined elsewhere */
627 #undef StrAllocCopy
628 #define StrAllocCopy(dest, src) Local_SACopy (&(dest), src)
633 }
636 }
638 #ifdef WALLET_PASSWORDMANAGER_DEFAULT_IS_OFF
639 /* If user-entered password is "********", then generate a random password */
640 static void
642 PRIntervalTime randomNumber;
650 }
651 }
652 }
653 #endif
656 /***********************
657 * Encryption Routines *
658 ***********************/
660 static PRBool
662 nsAutoString decrypted;
665 }
667 }
669 static PRBool
671 nsAutoString decrypted1;
672 nsAutoString decrypted2;
675 }
678 }
680 }
683 /************************
684 * Managing Signon List *
685 ************************/
687 static PRUint32
690 PRUint32 seconds;
696 }
700 {
702 }
704 {
706 }
711 {
713 }
715 {
718 }
720 }
721 PRUint32 time;
723 };
728 {
730 }
732 {
734 }
737 nsVoidArray signonUser_list;
738 };
743 {
745 }
747 {
749 }
751 nsString userName;
752 };
756 #define LIST_COUNT(list) (list ? list->Count() : 0)
759 /*
760 * Get the URL node for a given URL name
761 *
762 * This routine is called only when holding the signon lock!!!
763 */
768 /* no passwordRealm specified, return first URL (returns NULL if not URLs) */
771 }
772 /* XXX how can this be right -- seems wrong to give back a random password */
775 }
779 // If the last char of passwordRealm is '/' then strip it before making comparison.
788 }
789 }
790 }
792 }
794 /**
795 * composite URL struct for handling the migration of legacy password entries.
796 */
802 };
806 #if defined(SINGSIGN_LOGGING)
807 static void
809 {
821 }
822 }
823 }
824 #endif
828 {
835 else
843 }
854 #if defined(SINGSIGN_LOGGING)
856 #endif
858 /* need to transfer the chosen_user state variable */
863 PRInt32 index;
864 /* XXX fixup chosen_user -- THIS SHOULD NOT BE NECESSARY */
871 }
872 /* move first element of legacy user list to front */
877 }
878 else
881 #if defined(SINGSIGN_LOGGING)
884 #endif
887 }
893 }
895 static PRInt32
897 {
898 PRInt32 index;
904 }
908 }
910 static void
912 {
915 /* need to transfer the chosen_user state variable */
917 PRInt32 index;
919 /* store chosen_user */
923 else
927 /* need to move chosen_user to front of list */
929 }
933 }
941 }
942 }
944 /* Remove a user node from a given URL node */
945 static PRBool
946 si_RemoveUser(const char *passwordRealm, const nsString& userName, PRBool save, PRBool loginFailure, PRBool notify, PRBool first = PR_FALSE) {
953 /* get URL corresponding to host */
956 /* URL not found */
959 }
961 /* free the data in each node of the specified user node for this URL */
964 /* remove the first user */
970 /* find the specified user */
979 }
980 }
981 }
984 foundUser: ;
985 }
987 /* free the user node */
991 /* remove this URL if it contains no more users */
996 }
998 /* write out the change to disk */
1002 }
1006 }
1008 nsresult
1012 }
1014 nsresult
1018 }
1020 static void
1023 nsresult
1028 /* step backwards through all rejects */
1032 rejectCount--;
1038 }
1039 }
1043 }
1045 static void
1048 nsresult
1051 // @see http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/extensions/wallet/src/singsign.cpp&rev=1.212&mark=1693#1650
1053 }
1055 /* Determine if a specified url/user exists */
1056 static PRBool
1062 /* do nothing if signon preference is not enabled */
1065 }
1069 /* get URL corresponding to passwordRealm */
1072 /* URL not found */
1075 }
1077 /* find the specified user */
1087 }
1088 }
1089 }
1092 }
1094 /*
1095 * Get first data node that is not a password
1096 */
1106 }
1107 }
1109 }
1111 /*
1112 * Get the user node for a given URL
1113 *
1114 * This routine is called only when holding the signon lock!!!
1115 *
1116 * This routine is called only if signon pref is enabled!!!
1117 */
1125 /* get to node for this URL */
1130 /* node for this URL was found */
1131 PRInt32 user_count;
1134 /* only one set of data exists for this URL so select it */
1143 /* consider first data node to be the identifying item */
1147 /* name of current data item does not match name in data node */
1149 }
1151 }
1155 /* multiple users for this URL so a choice needs to be made */
1165 /* step through set of user nodes for this URL and create list of
1166 * first data node of each (presumably that is the user name).
1167 * Note that the user nodes are already ordered by
1168 * most-recently-used so the first one in the list is the most
1169 * likely one to be chosen.
1170 */
1175 /* consider first data node to be the identifying item */
1179 /* name of current data item does not match name in data node */
1181 }
1182 nsAutoString userName;
1187 user_count++;
1190 }
1191 }
1193 /* have user select a username from the list */
1196 /* not first data node for any saved user, so simply pick first user */
1200 /* no user selection had been made for first data node */
1202 }
1204 /* only one user for this form at this url, so select it */
1206 } else if ((user_count > 1) && si_SelectDialog(selectUser, dialog, list, &user_count, formNumber)) {
1207 /* user pressed OK */
1210 }
1212 /* item selected is now most-recently used, put at head of list */
1217 }
1222 }
1226 /* if we don't remove the URL from the cache at this point, the
1227 * cached copy will be brought containing the last-used username
1228 * rather than the username that was just selected
1229 */
1231 #ifdef junk
1233 #endif
1235 }
1239 }
1241 }
1243 /*
1244 * Get a specific user node for a given URL
1245 *
1246 * This routine is called only when holding the signon lock!!!
1247 *
1248 * This routine is called only if signon pref is enabled!!!
1249 */
1251 si_GetSpecificUser(const char* passwordRealm, const nsString& userName, const nsString& userText) {
1256 /* get to node for this URL */
1260 /* step through set of user nodes for this URL looking for specified username */
1264 /* consider first data node to be the identifying item */
1268 /* desired username text does not match name in data node */
1270 }
1272 /* desired username value does not match value in data node */
1274 }
1276 }
1278 /* if we don't remove the URL from the cache at this point, the
1279 * cached copy will be brought containing the last-used username
1280 * rather than the username that was just selected
1281 */
1283 #ifdef junk
1285 #endif
1287 }
1289 }
1291 /*
1292 * Get the url and user for which a change-of-password is to be applied
1293 *
1294 * This routine is called only when holding the signon lock!!!
1295 *
1296 * This routine is called only if signon pref is enabled!!!
1297 */
1300 {
1304 PRInt32 user_count;
1313 /* get count of total number of user nodes at all url nodes */
1321 user_count++;
1322 }
1323 }
1325 /* avoid malloc of zero */
1327 {
1329 }
1331 /* allocate lists for maximumum possible url and user names */
1339 /* step through set of URLs and users and create list of each */
1347 /* find saved password and see if it matches password user just entered */
1352 /* passwords match so add entry to list */
1353 /* consider first data node to be the identifying item */
1357 nsAutoString userName;
1364 list2++;
1367 user_count++;
1368 }
1370 }
1371 }
1372 }
1373 }
1375 /* query user */
1377 //@@@@ is 0 correct?
1381 /*
1382 * since this user node is now the most-recently-used one, move it
1383 * to the head of the user list so that it can be favored for
1384 * re-use the next time this form is encountered
1385 */
1392 }
1395 /* free allocated strings */
1398 }
1403 }
1405 /*
1406 * Remove all the signons and free everything
1407 */
1409 void
1412 /* repeatedly remove first user node of first URL node */
1414 }
1415 }
1425 }
1426 }
1429 }
1432 }
1434 void
1437 /* repeatedly remove first user node of first URL node */
1439 }
1440 }
1444 }
1446 void
1450 }
1452 void
1462 }
1463 }
1464 }
1466 /****************************
1467 * Managing the Reject List *
1468 ****************************/
1470 static void
1473 /*
1474 * This routine should only be called while holding the
1475 * signon list lock
1476 */
1480 }
1484 }
1486 static PRBool
1496 // No need for username check on a rejectlist entry. URL check is sufficient
1497 // if(!PL_strcmp(userName, reject->userName) && !PL_strcmp(passwordRealm, reject->passwordRealm)) {
1500 }
1501 }
1502 }
1505 }
1507 static void
1510 nsAutoString userName2;
1519 }
1520 }
1522 /*
1523 * lock the signon list
1524 * Note that, for efficiency, SI_LoadSignonData already sets the lock
1525 * before calling this routine whereas none of the other callers do.
1526 * So we need to determine whether or not we were called from
1527 * SI_LoadSignonData before setting or clearing the lock. We can
1528 * determine this by testing "save" since only SI_LoadSignonData
1529 * passes in a value of PR_FALSE for "save".
1530 */
1533 }
1540 #ifdef alphabetize
1541 /* add it to the list in alphabetical order */
1552 }
1553 }
1554 }
1557 }
1558 #else
1559 /* add it to the end of the list */
1561 #endif
1568 }
1569 }
1570 }
1572 /*
1573 * Put data obtained from a submit form into the data structure for
1574 * the specified URL
1575 *
1576 * See comments below about state of signon lock when routine is called!!!
1577 *
1578 * This routine is called only if signon pref is enabled!!!
1579 */
1580 static void
1589 /* discard this if the password is empty */
1595 }
1596 }
1598 /* make sure the signon list exists */
1603 }
1604 }
1606 /*
1607 * lock the signon list
1608 * Note that, for efficiency, SI_LoadSignonData already sets the lock
1609 * before calling this routine whereas none of the other callers do.
1610 * So we need to determine whether or not we were called from
1611 * SI_LoadSignonData before setting or clearing the lock. We can
1612 * determine this by testing "save" since only SI_LoadSignonData passes
1613 * in a value of PR_FALSE for "save".
1614 */
1617 }
1619 /* find node in signon list having the same URL */
1622 /* doesn't exist so allocate new node to be put into signon list */
1627 }
1629 }
1631 /* fill in fields of new node */
1635 }
1640 }
1642 }
1644 /* put new node into signon list */
1646 #ifdef alphabetize
1647 /* add it to the list in alphabetical order */
1657 }
1658 }
1659 }
1662 }
1663 #else
1664 /* add it to the end of the list */
1666 #endif
1667 }
1669 /* initialize state variables in URL node */
1672 /*
1673 * see if a user node with data list matching new data already exists
1674 * (password fields will not be checked for in this matching)
1675 */
1680 }
1688 /* check for match on name field and type field */
1694 /* success, now check for match on value field if not password */
1700 }
1704 }
1705 }
1706 }
1709 /* all names and types matched and all non-password values matched */
1711 /*
1712 * note: it is ok for password values not to match; it means
1713 * that the user has either changed his password behind our
1714 * back or that he previously mis-entered the password
1715 */
1717 /* update the saved password values */
1723 /* update saved password */
1730 /* commenting out because I don't see how such randomizing could ever have worked. */
1731 // si_Randomize(data->value);
1732 }
1733 }
1734 j++;
1735 }
1737 /*
1738 * since this user node is now the most-recently-used one, move it
1739 * to the head of the user list so that it can be favored for
1740 * re-use the next time this form is encountered
1741 */
1745 /* return */
1750 }
1752 }
1753 }
1755 /* user node with current data not found so create one */
1760 }
1762 }
1764 /* create and fill in data nodes for new user node */
1767 /* create signon data node */
1773 }
1775 }
1780 /* commenting out because I don't see how such randomizing could ever have worked. */
1781 // if (data->isPassword) {
1782 // si_Randomize(data->value);
1783 // }
1784 /* append new data node to end of data list */
1786 }
1788 /* append new user node to front of user list for matching URL */
1789 /*
1790 * Note that by appending to the front, we assure that if there are
1791 * several users, the most recently used one will be favored for
1792 * reuse the next time this form is encountered. But don't do this
1793 * when reading in the saved signons (i.e., when save is PR_FALSE), otherwise
1794 * we will be reversing the order when reading in.
1795 */
1805 }
1806 }
1809 /*****************************
1810 * Managing the Signon Files *
1811 *****************************/
1813 ////////////////////////////////////////////////////////////////////////////////
1814 // nsSingleSignOnProfileObserver
1815 // This observer is a global object and is registered the first time any consumer
1816 // touches signon profile data. That is, when SI_LoadSignonData() is called.
1819 {
1824 NS_DECL_ISUPPORTS
1827 {
1832 }
1834 }
1835 };
1839 {
1843 nsCOMPtr<nsIObserverService> observerService(do_GetService("@mozilla.org/observer-service;1"));
1851 // The observer service holds the only ref to the observer
1852 // It thus has the lifespan of the observer service
1853 nsresult rv = observerService->AddObserver(gSignOnProfileObserver, "profile-before-change", PR_FALSE);
1858 }
1859 }
1861 }
1863 #define BUFFER_SIZE 4096
1865 /*
1866 * get a line from a file
1867 * return -1 if end of file reached
1868 * strip carriage returns and line feeds from end of line
1869 */
1870 static PRInt32
1872 {
1873 nsCAutoString line;
1880 }
1882 /*
1883 * Load signon data from disk file
1884 * Return value is:
1885 * -1: fatal error
1886 * 0: successfully load
1887 * +1: user aborted the load (by failing to open the database)
1888 */
1889 int
1892 nsAutoString buffer;
1895 #ifdef APPLE_KEYCHAIN
1899 }
1900 #endif
1902 /* open the signon file */
1907 }
1921 }
1925 /* read the format information */
1926 nsAutoString format;
1929 }
1931 /* something's wrong */
1933 }
1935 /* read the reject list */
1938 /* a blank line is perfectly valid here -- corresponds to a local file */
1941 }
1945 }
1947 /* read the URL line */
1949 /* a blank line is perfectly valid here -- corresponds to a local file */
1954 }
1956 /* prepare to read the name/value pairs */
1959 nsVoidArray signonData;
1963 /* line starting with . terminates the pairs for this URL entry */
1966 }
1968 /* line just read is the name part */
1970 /* save the name part and determine if it is a password */
1971 PRBool ret;
1972 nsAutoString name;
1973 nsAutoString value;
1974 PRBool isPassword;
1983 }
1985 /* read in and save the value part */
1987 /* error in input file so give up */
1990 }
1998 }
2000 /* store the info for this URL into memory-resident data structure */
2004 }
2006 /* free up all the allocations done for processing this URL */
2011 }
2012 }
2017 }
2019 /*
2020 * Save signon data to disk file
2021 * The parameter passed in on entry is ignored
2022 *
2023 * This routine is called only when holding the signon lock!!!
2024 *
2025 * This routine is called only if signon pref is enabled!!!
2026 */
2028 static int
2035 /* do nothing if signon list has not changed */
2038 }
2040 #ifdef APPLE_KEYCHAIN
2043 }
2044 #endif
2046 /* do nothing if we are unable to open file that contains signon list */
2051 }
2057 file,
2068 /* write out the format revision number */
2072 /* format for next part of file shall be:
2073 * passwordRealm -- first url/username on reject list
2074 * userName
2075 * passwordRealm -- second url/username on reject list
2076 * userName
2077 * ... -- etc.
2078 * . -- end of list
2079 */
2081 /* write out reject list */
2087 }
2088 }
2091 /* format for cached logins shall be:
2092 * url LINEBREAK {name LINEBREAK value LINEBREAK}* . LINEBREAK
2093 * if type is password, name is preceded by an asterisk (*)
2094 */
2096 /* write out each URL node */
2102 /* write out each user node of the URL node */
2108 /* write out each data node of the user node */
2114 PRUint32 dummy;
2116 }
2119 }
2121 }
2122 }
2123 }
2126 // All went ok. Maybe except for problems in Write(), but the stream detects
2127 // that for us
2135 }
2136 }
2141 /* Notify signon manager dialog to update its display */
2146 }
2147 }
2150 }
2153 /***************************
2154 * Processing Signon Forms *
2155 ***************************/
2157 static PRBool
2159 {
2160 nsCAutoString hostPort;
2162 /* Security check: if URI is of a scheme that doesn't support hostnames,
2163 * we have no host to get the signon data from, so we must not attempt to
2164 * build a valid realm from the URI (bug 159484) */
2169 nsCAutoString scheme;
2176 }
2178 /* Ask user if it is ok to save the signon data */
2179 static PRBool
2183 /* if url/user already exists, then it is safe to save it again */
2186 }
2189 }
2191 #ifdef WALLET_PASSWORDMANAGER_DEFAULT_IS_OFF
2199 }
2202 }
2203 #endif
2207 }
2210 }
2217 }
2222 }
2225 }
2227 /*
2228 * Check for a signon submission and remember the data if so
2229 */
2230 static void
2231 si_RememberSignonData
2234 {
2242 /* do nothing if signon preference is not enabled */
2245 }
2247 /* determine how many passwords are in the form and where they are */
2253 }
2254 passwordCount++;
2255 }
2256 }
2258 /* process the form according to how many passwords it has */
2260 /* one-password form is a log-in so remember it */
2262 /* obtain the index of the first input field (that is the username) */
2263 PRInt32 j;
2268 }
2269 }
2273 // remove legacy password entry if found
2276 }
2283 }
2284 }
2286 }
2287 }
2289 /* two-password form is a registration */
2292 /* three-password form is a change-of-password request */
2296 /* make sure all passwords are non-null and 2nd and 3rd are identical */
2303 }
2305 /* ask user if this is a password change */
2309 /* return if user said no */
2313 }
2315 /* get to password being saved */
2321 }
2322 }
2324 /*
2325 * if second password is "********" then generate a random
2326 * password for it and use same random value for third password
2327 * as well (Note: this all works because we already know that
2328 * second and third passwords are identical so third password
2329 * must also be "********". Furthermore si_Randomize() will
2330 * create a random password of exactly eight characters -- the
2331 * same length as "********".)
2332 */
2334 /* commenting out because I don't see how such randomizing could ever have worked. */
2335 // si_Randomize(data1->value);
2336 // data2->value = data1->value;
2343 }
2344 }
2345 }
2347 void
2349 {
2353 }
2354 }
2356 void
2357 SINGSIGN_RememberSignonData
2360 {
2373 }
2374 }
2376 static void
2383 nsAutoString correctedName;
2385 /* do nothing if signon preference is not enabled */
2388 }
2393 }
2395 /* Correct the field name to avoid mistaking for fields in browser-generated form
2396 *
2397 * Note that data saved for browser-generated logins (e.g. http authentication)
2398 * use artificial field names starting with * \= (see USERNAMEFIELD and PASSWORDFIELD.
2399 * To avoid mistakes whereby saved logins for http authentication is then prefilled
2400 * into a field on the html form at the same URL, we will prevent html field names
2401 * from starting with \=. We do that by doubling up a backslash if it appears in the
2402 * first character position
2403 */
2408 }
2410 /* determine if name has been saved (avoids unlocking the database if not) */
2422 }
2423 }
2424 }
2428 }
2430 #ifdef xxx
2431 /*
2432 * determine if it is a change-of-password field
2433 * the heuristic that we will use is that if this is the first
2434 * item on the form and it is a password, this is probably a
2435 * change-of-password form
2436 */
2437 /* see if this is first item in form and is a password */
2438 /* get first saved user just so we can see the name of the first item on the form */
2439 user = si_GetUser(passwordRealm, PR_TRUE, NULL, formNumber); /* this is the first saved user */
2444 /* current item is first item on form and is a password */
2447 /* user has confirmed it's a change-of-password form */
2452 nsAutoString password;
2455 }
2458 }
2459 }
2460 }
2461 }
2462 }
2463 #endif
2465 /* restore the data from previous time this URL was visited */
2476 nsAutoString password;
2479 }
2482 }
2483 }
2484 }
2486 }
2488 void
2489 SINGSIGN_RestoreSignonData(nsIPrompt* dialog, nsIURI* passwordRealm, const PRUnichar* name, PRUnichar** value, PRUint32 formNumber, PRUint32 elementNumber) {
2495 nsCAutoString realm;
2499 nsCAutoString legacyRealm;
2503 si_RestoreSignonData(dialog, realm.get(), legacyRealm.get(), name, value, formNumber, elementNumber);
2507 }
2509 /*
2510 * Remember signon data from a browser-generated password dialog
2511 */
2512 static void
2513 si_RememberSignonDataFromBrowser(const char* passwordRealm, const nsString& username, const nsString& password) {
2514 /* do nothing if signon preference is not enabled */
2517 }
2519 nsVoidArray signonData;
2520 si_SignonDataStruct data1;
2524 }
2527 si_SignonDataStruct data2;
2531 }
2535 /* Save the signon data */
2537 }
2539 /*
2540 * Check for remembered data from a previous browser-generated password dialog
2541 * restore it if so
2542 */
2543 static PRBool
2544 si_RestoreOldSignonDataFromBrowser
2545 (nsIPrompt* dialog, const char* passwordRealm, PRBool pickFirstUser, nsString& username, nsString& password) {
2549 /* get the data from previous time this URL was visited */
2555 user = si_GetUser(dialog, passwordRealm, nsnull, pickFirstUser, NS_ConvertASCIItoUTF16(USERNAMEFIELD), 0);
2556 }
2558 /* leave original username and password from caller unchanged */
2559 /* username = 0; */
2560 /* *password = 0; */
2563 }
2565 /* restore the data from previous time this URL was visited */
2569 nsAutoString decrypted;
2575 }
2576 }
2577 }
2580 }
2582 PRBool
2583 SINGSIGN_StorePassword(const char *passwordRealm, const PRUnichar *user, const PRUnichar *password)
2584 {
2585 // Wallet_GiveCaveat(nsnull, dialog); ??? what value to use for dialog?
2586 si_RememberSignonDataFromBrowser(passwordRealm, nsDependentString(user), nsDependentString(password));
2588 }
2592 static nsresult
2603 PRUint32 savePassword,
2604 DialogType dlg) {
2610 }
2616 text,
2617 user,
2618 pwd,
2620 pressedOK);
2624 text,
2625 pwd,
2627 pressedOK);
2632 text,
2633 resultText,
2635 pressedOK);
2636 #ifdef DEBUG
2640 #endif
2641 }
2645 }
2647 }
2649 /* The following comments apply to the three prompt routines that follow
2650 *
2651 * If a password was successfully obtain (either from the single-signon
2652 * database or from a dialog with the user), we return NS_OK for the
2653 * function value and PR_TRUE for the boolean argument "pressedOK".
2654 *
2655 * If the user presses cancel from the dialog, we return NS_OK for the
2656 * function value and PR_FALSE for the boolean argument "pressedOK".
2657 *
2658 * If a password is not collected for any other reason, we return the
2659 * failure code for the function value and the boolean argument
2660 * "pressedOK" is undefined.
2661 */
2663 nsresult
2664 SINGSIGN_PromptUsernameAndPassword
2668 nsresult res;
2670 /* do only the dialog if signon preference is not enabled */
2673 text,
2674 user,
2675 pwd,
2676 nsnull,
2677 nsnull,
2678 passwordRealm,
2679 dialog,
2680 pressedOK,
2681 savePassword,
2682 promptUsernameAndPassword);
2683 }
2685 /* prefill with previous username/password if any */
2689 /* get new username/password from user */
2692 }
2696 }
2700 res = si_CheckGetUsernamePassword(user, pwd, dialogTitle, text, dialog, savePassword, &checked);
2702 /* user pressed Cancel */
2707 }
2710 si_RememberSignonDataFromBrowser (passwordRealm, nsDependentString(*user), nsDependentString(*pwd));
2712 /* a login was remembered but user unchecked the box; we forget the remembered login */
2714 }
2716 /* cleanup and return */
2719 }
2721 nsresult
2722 SINGSIGN_PromptPassword
2723 (const PRUnichar *dialogTitle, const PRUnichar *text, PRUnichar **pwd, const char *passwordRealm,
2725 {
2727 nsresult res;
2730 /* do only the dialog if signon preference is not enabled */
2733 text,
2734 nsnull,
2735 pwd,
2736 nsnull,
2737 nsnull,
2738 passwordRealm,
2739 dialog,
2740 pressedOK,
2741 savePassword,
2742 promptPassword);
2743 }
2745 /* get previous password used with this username, pick first user if no username found */
2746 si_RestoreOldSignonDataFromBrowser(dialog, passwordRealm, username.IsEmpty(), username, password);
2748 /* return if a password was found */
2753 }
2755 /* no password found, get new password from user */
2759 /* user pressed Cancel */
2763 }
2767 }
2769 /* cleanup and return */
2772 }
2774 nsresult
2775 SINGSIGN_Prompt
2776 (const PRUnichar *dialogTitle, const PRUnichar *text, const PRUnichar *defaultText, PRUnichar **resultText,
2778 {
2779 nsresult res;
2782 /* do only the dialog if signon preference is not enabled */
2785 text,
2786 nsnull,
2787 nsnull,
2788 defaultText,
2789 resultText,
2790 passwordRealm,
2791 dialog,
2792 pressedOK,
2793 savePassword,
2794 prompt);
2795 }
2797 /* get previous data used with this hostname */
2800 /* return if data was found */
2805 }
2807 /* no data found, get new data from user */
2813 /* user pressed Cancel */
2817 }
2820 si_RememberSignonDataFromBrowser(passwordRealm, emptyUsername, nsDependentString(*resultText));
2821 }
2823 /* cleanup and return */
2826 }
2828 nsresult
2829 SINGSIGN_PromptAuth
2833 nsCAutoString key;
2836 /* do only the dialog if signon preference is not enabled */
2840 retval);
2841 }
2843 /* prefill with previous username/password if any */
2844 /* this needs a dialog to choose between multiple usernames */
2846 nsresult rv;
2851 // If we have a domain, insert a "domain\" in front of the username
2852 // for the lookup
2859 }
2860 // Offer saving the data iff we had previously stored information
2863 PR_FALSE,
2864 username,
2865 password);
2872 // If we were only asked for a password, return immediately
2873 // (to match SINGSIGN_PromptPassword)
2876 }
2882 /* user pressed Cancel */
2885 }
2887 /* Get the newly entered data back */
2894 }
2900 /* a login was remembered but user unchecked the box; we forget the remembered login */
2902 }
2904 /* cleanup and return */
2907 }
2910 /*****************
2911 * Signon Viewer *
2912 *****************/
2914 /* return PR_TRUE if "number" is in sequence of comma-separated numbers */
2915 PRBool
2917 {
2920 PRInt32 separator;
2923 /* get next item in list */
2927 }
2932 /* test item to see if it equals our number */
2933 PRInt32 error;
2937 }
2938 }
2939 /* NOTREACHED */
2941 }
2943 void
2945 {
2946 /* note: name must start and end with a vertical bar */
2954 }
2960 }
2962 PRBool
2964 {
2965 /* force loading of the signons file */
2968 nsAutoString buffer;
2985 nsAutoString userName;
2987 //Don't try to re-encrypt. Just go to the next one.
2989 }
2992 }
2993 }
2994 }
2995 }
3000 }
3002 nsresult
3003 SINGSIGN_HaveData(nsIPrompt* dialog, const char *passwordRealm, const PRUnichar *userName, PRBool *retval)
3004 {
3011 }
3013 /* get previous data used with this username, pick first user if no username found */
3014 si_RestoreOldSignonDataFromBrowser(dialog, passwordRealm, usernameForLookup.IsEmpty(), usernameForLookup, data);
3018 }
3021 }
3023 PRInt32
3025 /* force loading of the signons file */
3030 }
3032 }
3034 PRInt32
3038 }
3043 }
3045 nsresult
3046 SINGSIGN_Enumerate
3051 // starting to enumerate over all saved logins
3052 // notify recipients if login list is in use by SelectUserDialog
3056 }
3057 }
3061 }
3071 userStruct =
3074 /* first non-password data item for user is the username */
3076 PRInt32 k;
3081 }
3082 }
3084 nsresult rv;
3085 nsAutoString userName;
3089 /* don't display saved signons if user couldn't unlock the database */
3091 }
3094 }
3097 }
3099 /* first password data item for user is the password */
3104 }
3105 }
3107 nsAutoString passWord;
3111 /* don't display saved signons if user couldn't unlock the database */
3114 }
3117 }
3121 }
3123 }
3125 PRInt32
3129 }
3131 }
3133 nsresult
3134 SINGSIGN_RejectEnumerate
3145 }
3147 #ifdef APPLE_KEYCHAIN
3148 /************************************
3149 * Apple Keychain Specific Routines *
3150 ************************************/
3152 /*
3153 * APPLE
3154 * The Keychain callback. This routine will be called whenever a lock,
3155 * delete, or update event occurs in the Keychain. The only action taken
3156 * is to make the signon list invalid, so it will be read in again the
3157 * next time it is accessed.
3158 */
3159 OSStatus PR_CALLBACK
3163 }
3165 /*
3166 * APPLE
3167 * Get the signon data from the keychain
3168 *
3169 * This routine is called only if signon pref is enabled!!!
3170 */
3171 static int
3174 si_FormSubmitData submit;
3181 KCItemRef itemRef;
3182 KCAttributeList attrList;
3188 /* initialize the submit structure */
3193 /* set up the attribute list */
3206 #if 0
3208 /* if we found a Netscape item, let's assume notice has been given */
3212 }
3213 #endif
3219 uint32 actualSize;
3220 KCItemFlags flags;
3224 /* first find out if it is a reject entry */
3231 }
3234 }
3236 /* get the server name */
3243 }
3245 /* null terminate */
3250 /* get the password data */
3254 }
3256 /* null terminate */
3259 /* parse for '=' which separates the name and value */
3266 }
3267 }
3273 }
3275 /* get the account attribute */
3282 }
3284 /* null terminate */
3287 /* parse for '=' which separates the name and value */
3294 }
3295 }
3303 /* check for overruning of the arrays */
3306 }
3308 /* store the info for this URL into memory-resident data structure */
3311 }
3314 }
3317 /* reject */
3319 }
3324 }
3329 }
3331 /* Register a callback with the Keychain if we haven't already done so. */
3337 }
3339 KCAddCallback( si_kcUPP, kLockKCEventMask + kDeleteKCEventMask + kUpdateKCEventMask, &si_list_invalid );
3340 /*
3341 * Note that the callback is not necessarily removed. We take advantage
3342 * of the fact that the Keychain will clean up the callback when the app
3343 * goes away. It is explicitly removed when the signon preference is turned off.
3344 */
3345 }
3348 }
3350 }
3352 /*
3353 * APPLE
3354 * Save signon data to Apple Keychain
3355 *
3356 * This routine is called only if signon pref is enabled!!!
3357 */
3358 static int
3366 OSStatus status;
3367 KCItemRef itemRef;
3368 KCAttribute attr;
3370 uint32 actualLength;
3372 /* save off the reject list */
3377 status = kcaddinternetpassword
3380 kAnyPort,
3381 kNetscapeProtocolType,
3382 kAnyAuthType,
3384 nil,
3388 }
3390 /*
3391 * make the item invisible so the user doesn't see it and
3392 * negative so we know that it is a reject entry
3393 */
3401 }
3405 }
3407 }
3408 }
3409 }
3411 /* save off the passwords */
3417 /* add each user node of the URL node */
3422 /* write out each data node of the user node */
3431 }
3438 }
3440 }
3444 }
3445 /* if it's already there, we just want to change the password */
3446 status = kcfindinternetpassword
3448 nil,
3449 account,
3450 kAnyPort,
3451 kNetscapeProtocolType,
3452 kAnyAuthType,
3454 nil,
3461 }
3465 /* wasn't there, let's add it */
3466 status = kcaddinternetpassword
3468 nil,
3469 account,
3470 kAnyPort,
3471 kNetscapeProtocolType,
3472 kAnyAuthType,
3474 password,
3475 nil);
3476 }
3479 }
3482 }
3486 }
3487 }
3488 }
3489 }
3492 }
3494 #endif