Encrypt password values in LoginDatabase on Mac.

components/password_manager/core/browser/login_database.h

Index: components/password_manager/core/browser/login_database.h
diff --git a/components/password_manager/core/browser/login_database.h b/components/password_manager/core/browser/login_database.h
index ca3db84438e09ffb6d07e3d4ab36b2d109eaba92..f865580673cc4c930ffa72361c4ed386ee082a4f 100644
--- a/components/password_manager/core/browser/login_database.h
+++ b/components/password_manager/core/browser/login_database.h
@@ -111,6 +111,11 @@ class LoginDatabase {
 
   StatisticsTable& stats_table() { return stats_table_; }
 
+  // If set to 'true', then the password values are cleared before encrypting

[vabr (Chromium), 2015/06/18 13:39:09]

This comment should go to the variable declaration. Not everybody looking at the
decl. will think about finding the setter, but everybody looking at the setter
can look up the declaration.

[vasilii, 2015/06/18 14:28:13]

Done.

+  // and storing in the database. At the same time AddLogin/UpdateLogin return
+  // PasswordStoreChangeList containing the real password.
+  void set_clear_password_values(bool val) { clear_password_values_ = val; }
+
  private:
   // Result values for encryption/decryption actions.
   enum EncryptionResult {
@@ -169,6 +174,7 @@ class LoginDatabase {
   mutable sql::Connection db_;
   sql::MetaTable meta_table_;
   StatisticsTable stats_table_;
+  bool clear_password_values_;

[vabr (Chromium), 2015/06/18 13:39:09]

Also, is this just some temporary measure until we stop using the keychain? If
so, it should be marked as such, including the link to http://crbug.com/466638.

[vasilii, 2015/06/18 14:28:13]

Done.

 
   DISALLOW_COPY_AND_ASSIGN(LoginDatabase);
 };