chrome/browser/chromeos/login/google_authenticator.cc - Issue 1094009: Ensure that data doesn't leak between users on cros chrome crash.

Side by Side Diff: chrome/browser/chromeos/login/google_authenticator.cc

Issue 1094009: Ensure that data doesn't leak between users on cros chrome crash. (Closed)

Patch Set: Make tests not use OTR Profile Created 10 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

OLD	NEW
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include <errno.h>	5 #include <errno.h>

6 #include <string>	6 #include <string>

7 #include <vector>	7 #include <vector>

8 #include <time.h>	8 #include <time.h>

9	9

10 #include "base/logging.h"	10 #include "base/logging.h"

(...skipping 42 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
53	53

54 // String that appears at the start of OpenSSL cipher text with embedded salt	54 // String that appears at the start of OpenSSL cipher text with embedded salt

55 const char GoogleAuthenticator::kOpenSSLMagic[] = "Salted__";	55 const char GoogleAuthenticator::kOpenSSLMagic[] = "Salted__";

56	56

57 bool GoogleAuthenticator::Authenticate(const std::string& username,	57 bool GoogleAuthenticator::Authenticate(const std::string& username,

58 const std::string& password) {	58 const std::string& password) {

59 FilePath user_data_dir;	59 FilePath user_data_dir;

60 PathService::Get(chrome::DIR_USER_DATA, &user_data_dir);	60 PathService::Get(chrome::DIR_USER_DATA, &user_data_dir);

61 ProfileManager* profile_manager = g_browser_process->profile_manager();	61 ProfileManager* profile_manager = g_browser_process->profile_manager();

62 Profile* profile = profile_manager->GetDefaultProfile(user_data_dir);	62 Profile* profile = profile_manager->GetDefaultProfile(user_data_dir);

63 getter_ = profile->GetOffTheRecordProfile()->GetRequestContext();	63 getter_ = profile->GetRequestContext();

64 fetcher_.reset(new URLFetcher(GURL(AuthResponseHandler::kClientLoginUrl),	64 fetcher_.reset(new URLFetcher(GURL(AuthResponseHandler::kClientLoginUrl),

65 URLFetcher::POST,	65 URLFetcher::POST,

66 this));	66 this));

67 fetcher_->set_request_context(getter_);	67 fetcher_->set_request_context(getter_);

68 fetcher_->set_load_flags(net::LOAD_DO_NOT_SEND_COOKIES);	68 fetcher_->set_load_flags(net::LOAD_DO_NOT_SEND_COOKIES);

69 // TODO(cmasone): be more careful about zeroing memory that stores	69 // TODO(cmasone): be more careful about zeroing memory that stores

70 // the user's password.	70 // the user's password.

71 std::string body = StringPrintf(kFormat,	71 std::string body = StringPrintf(kFormat,

72 UrlEncodeString(username).c_str(),	72 UrlEncodeString(username).c_str(),

73 UrlEncodeString(password).c_str(),	73 UrlEncodeString(password).c_str(),

(...skipping 168 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
242 const unsigned int binary_len,	242 const unsigned int binary_len,

243 char* hex_string,	243 char* hex_string,

244 const unsigned int len) {	244 const unsigned int len) {

245 if (len < 2*binary_len)	245 if (len < 2*binary_len)

246 return false;	246 return false;

247 memset(hex_string, 0, len);	247 memset(hex_string, 0, len);

248 for (uint i = 0, j = 0; i < binary_len; i++, j+=2)	248 for (uint i = 0, j = 0; i < binary_len; i++, j+=2)

249 sprintf(hex_string + j, "%02x", binary[i]);	249 sprintf(hex_string + j, "%02x", binary[i]);

250 return true;	250 return true;

251 }	251 }

OLD	NEW

« no previous file with comments | « chrome/browser/chromeos/login/account_screen.cc ('k') | chrome/browser/process_singleton_linux.cc » ('j') | no next file with comments »