OLD | NEW |
---|---|
(Empty) | |
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "chrome/browser/ui/pk11_password_dialog.h" | |
6 | |
7 #include <pk11pub.h> | |
8 | |
9 #include "base/logging.h" | |
10 #include "chrome/browser/browser_thread.h" | |
11 #include "net/base/pk11_slot.h" | |
12 #include "net/base/x509_certificate.h" | |
13 | |
14 namespace { | |
15 | |
16 // Basically an asynchronous implementation of NSS's PK11_DoPassword. | |
wtc
2010/12/15 20:54:36
Please note that we're missing a side effect of PK
mattm
2011/01/12 01:22:07
Added a note.
| |
17 class SlotUnlocker { | |
18 public: | |
19 SlotUnlocker(net::PK11Slot* slot, | |
20 browser::PK11PasswordReason reason, | |
21 const std::string& host, | |
22 Callback0::Type* callback); | |
23 | |
24 void Start(); | |
25 | |
26 private: | |
27 void GotPassword(const char* password); | |
28 void Done(); | |
29 | |
30 scoped_refptr<net::PK11Slot> slot_; | |
31 browser::PK11PasswordReason reason_; | |
32 std::string host_; | |
33 Callback0::Type* callback_; | |
34 PRBool retry_; | |
35 }; | |
36 | |
37 SlotUnlocker::SlotUnlocker(net::PK11Slot* slot, | |
38 browser::PK11PasswordReason reason, | |
39 const std::string& host, | |
40 Callback0::Type* callback) | |
41 : slot_(slot), | |
42 reason_(reason), | |
43 host_(host), | |
44 callback_(callback), | |
45 retry_(PR_FALSE) { | |
46 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | |
47 } | |
48 | |
49 void SlotUnlocker::Start() { | |
50 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | |
51 | |
52 ShowPK11PasswordDialog( | |
53 slot_->GetTokenName(), | |
54 retry_, | |
55 reason_, | |
56 host_, | |
57 NewCallback(this, &SlotUnlocker::GotPassword)); | |
58 } | |
59 | |
60 void SlotUnlocker::GotPassword(const char* password) { | |
61 // TODO(mattm): PK11_DoPassword has something about PK11_Global.verifyPass. | |
62 // Do we need it? | |
63 // http://mxr.mozilla.org/mozilla/source/security/nss/lib/pk11wrap/pk11auth.c# 577 | |
Evan Stade
2010/12/10 04:17:04
80 (i think people will still understand the url w
mattm
2011/01/12 01:22:07
The style guide has an exception for long urls
| |
64 | |
65 if (!password) { | |
66 // User cancelled entering password. Oh well. | |
67 Done(); | |
68 return; | |
69 } | |
70 | |
71 // TODO(mattm): handle protectedAuthPath | |
72 SECStatus rv = PK11_CheckUserPassword(slot_->os_slot_handle(), | |
73 password); | |
74 if (rv == SECWouldBlock) { | |
75 // Incorrect password. Try again. | |
76 retry_ = PR_TRUE; | |
77 Start(); | |
78 return; | |
79 } | |
80 | |
81 // Correct password (SECSuccess) or too many attempts/other failure | |
82 // (SECFailure). Either way we're done. | |
83 Done(); | |
84 } | |
85 | |
86 void SlotUnlocker::Done() { | |
87 callback_->Run(); | |
88 delete this; | |
89 } | |
90 | |
91 } // namespace | |
92 | |
93 namespace browser { | |
94 | |
95 void UnlockSlotIfNecessary(net::PK11Slot* slot, | |
96 browser::PK11PasswordReason reason, | |
97 const std::string& host, | |
98 Callback0::Type* callback) { | |
99 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | |
100 if (PK11_NeedLogin(slot->os_slot_handle()) && | |
101 !PK11_IsLoggedIn(slot->os_slot_handle(), NULL)) { | |
wtc
2010/12/15 20:54:36
Please add a comment to note that we can pass NULL
mattm
2011/01/12 01:22:07
Done.
| |
102 (new SlotUnlocker(slot, reason, host, callback))->Start(); | |
103 } else { | |
104 callback->Run(); | |
105 } | |
106 } | |
107 | |
108 void UnlockCertSlotIfNecessary(net::X509Certificate* cert, | |
109 browser::PK11PasswordReason reason, | |
110 const std::string& host, | |
111 Callback0::Type* callback) { | |
112 scoped_refptr<net::PK11Slot> slot(net::PK11Slot::CreateFromHandle( | |
113 cert->os_cert_handle()->slot)); | |
114 UnlockSlotIfNecessary(slot.get(), reason, host, callback); | |
115 } | |
116 | |
117 } // namespace browser | |
OLD | NEW |