OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "components/password_manager/core/browser/login_database.h" | 5 #include "components/password_manager/core/browser/login_database.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <limits> | 8 #include <limits> |
9 | 9 |
10 #include "base/bind.h" | 10 #include "base/bind.h" |
11 #include "base/files/file_path.h" | 11 #include "base/files/file_path.h" |
12 #include "base/logging.h" | 12 #include "base/logging.h" |
13 #include "base/metrics/histogram_macros.h" | 13 #include "base/metrics/histogram_macros.h" |
14 #include "base/metrics/sparse_histogram.h" | 14 #include "base/metrics/sparse_histogram.h" |
15 #include "base/pickle.h" | 15 #include "base/pickle.h" |
| 16 #include "base/stl_util.h" |
16 #include "base/strings/string_util.h" | 17 #include "base/strings/string_util.h" |
17 #include "base/strings/stringprintf.h" | 18 #include "base/strings/stringprintf.h" |
18 #include "base/time/time.h" | 19 #include "base/time/time.h" |
19 #include "components/autofill/core/common/password_form.h" | 20 #include "components/autofill/core/common/password_form.h" |
20 #include "components/password_manager/core/browser/affiliation_utils.h" | 21 #include "components/password_manager/core/browser/affiliation_utils.h" |
21 #include "components/password_manager/core/browser/password_manager_client.h" | 22 #include "components/password_manager/core/browser/password_manager_client.h" |
22 #include "components/password_manager/core/browser/password_manager_metrics_util
.h" | 23 #include "components/password_manager/core/browser/password_manager_metrics_util
.h" |
23 #include "google_apis/gaia/gaia_auth_util.h" | 24 #include "google_apis/gaia/gaia_auth_util.h" |
24 #include "google_apis/gaia/gaia_urls.h" | 25 #include "google_apis/gaia/gaia_urls.h" |
25 #include "sql/connection.h" | 26 #include "sql/connection.h" |
(...skipping 845 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
871 return list; | 872 return list; |
872 } | 873 } |
873 | 874 |
874 PasswordStoreChangeList LoginDatabase::UpdateLogin(const PasswordForm& form) { | 875 PasswordStoreChangeList LoginDatabase::UpdateLogin(const PasswordForm& form) { |
875 std::string encrypted_password; | 876 std::string encrypted_password; |
876 if (EncryptedString( | 877 if (EncryptedString( |
877 clear_password_values_ ? base::string16() : form.password_value, | 878 clear_password_values_ ? base::string16() : form.password_value, |
878 &encrypted_password) != ENCRYPTION_RESULT_SUCCESS) | 879 &encrypted_password) != ENCRYPTION_RESULT_SUCCESS) |
879 return PasswordStoreChangeList(); | 880 return PasswordStoreChangeList(); |
880 | 881 |
| 882 #if defined(OS_IOS) |
| 883 DeleteEncryptedPassword(form); |
| 884 #endif |
881 // Replacement is necessary to deal with updating imported credentials. See | 885 // Replacement is necessary to deal with updating imported credentials. See |
882 // crbug.com/349138 for details. | 886 // crbug.com/349138 for details. |
883 sql::Statement s(db_.GetCachedStatement(SQL_FROM_HERE, | 887 sql::Statement s(db_.GetCachedStatement(SQL_FROM_HERE, |
884 "UPDATE OR REPLACE logins SET " | 888 "UPDATE OR REPLACE logins SET " |
885 "action_url = ?, " | 889 "action_url = ?, " |
886 "password_value = ?, " | 890 "password_value = ?, " |
887 "ssl_valid = ?, " | 891 "ssl_valid = ?, " |
888 "preferred = ?, " | 892 "preferred = ?, " |
889 "possible_usernames = ?, " | 893 "possible_usernames = ?, " |
890 "times_used = ?, " | 894 "times_used = ?, " |
(...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
940 | 944 |
941 return list; | 945 return list; |
942 } | 946 } |
943 | 947 |
944 bool LoginDatabase::RemoveLogin(const PasswordForm& form) { | 948 bool LoginDatabase::RemoveLogin(const PasswordForm& form) { |
945 if (form.is_public_suffix_match) { | 949 if (form.is_public_suffix_match) { |
946 // TODO(dvadym): Discuss whether we should allow to remove PSL matched | 950 // TODO(dvadym): Discuss whether we should allow to remove PSL matched |
947 // credentials. | 951 // credentials. |
948 return false; | 952 return false; |
949 } | 953 } |
| 954 #if defined(OS_IOS) |
| 955 DeleteEncryptedPassword(form); |
| 956 #endif |
950 // Remove a login by UNIQUE-constrained fields. | 957 // Remove a login by UNIQUE-constrained fields. |
951 sql::Statement s(db_.GetCachedStatement(SQL_FROM_HERE, | 958 sql::Statement s(db_.GetCachedStatement(SQL_FROM_HERE, |
952 "DELETE FROM logins WHERE " | 959 "DELETE FROM logins WHERE " |
953 "origin_url = ? AND " | 960 "origin_url = ? AND " |
954 "username_element = ? AND " | 961 "username_element = ? AND " |
955 "username_value = ? AND " | 962 "username_value = ? AND " |
956 "password_element = ? AND " | 963 "password_element = ? AND " |
957 "submit_element = ? AND " | 964 "submit_element = ? AND " |
958 "signon_realm = ? ")); | 965 "signon_realm = ? ")); |
959 s.BindString(0, form.origin.spec()); | 966 s.BindString(0, form.origin.spec()); |
960 s.BindString16(1, form.username_element); | 967 s.BindString16(1, form.username_element); |
961 s.BindString16(2, form.username_value); | 968 s.BindString16(2, form.username_value); |
962 s.BindString16(3, form.password_element); | 969 s.BindString16(3, form.password_element); |
963 s.BindString16(4, form.submit_element); | 970 s.BindString16(4, form.submit_element); |
964 s.BindString(5, form.signon_realm); | 971 s.BindString(5, form.signon_realm); |
965 | 972 |
966 return s.Run() && db_.GetLastChangeCount() > 0; | 973 return s.Run() && db_.GetLastChangeCount() > 0; |
967 } | 974 } |
968 | 975 |
969 bool LoginDatabase::RemoveLoginsCreatedBetween(base::Time delete_begin, | 976 bool LoginDatabase::RemoveLoginsCreatedBetween(base::Time delete_begin, |
970 base::Time delete_end) { | 977 base::Time delete_end) { |
| 978 #if defined(OS_IOS) |
| 979 ScopedVector<autofill::PasswordForm> forms; |
| 980 if (GetLoginsCreatedBetween(delete_begin, delete_end, &forms)) { |
| 981 for (size_t i = 0; i < forms.size(); i++) { |
| 982 DeleteEncryptedPassword(*forms[i]); |
| 983 } |
| 984 } |
| 985 #endif |
| 986 |
971 sql::Statement s(db_.GetCachedStatement(SQL_FROM_HERE, | 987 sql::Statement s(db_.GetCachedStatement(SQL_FROM_HERE, |
972 "DELETE FROM logins WHERE " | 988 "DELETE FROM logins WHERE " |
973 "date_created >= ? AND date_created < ?")); | 989 "date_created >= ? AND date_created < ?")); |
974 s.BindInt64(0, delete_begin.ToInternalValue()); | 990 s.BindInt64(0, delete_begin.ToInternalValue()); |
975 s.BindInt64(1, delete_end.is_null() ? std::numeric_limits<int64>::max() | 991 s.BindInt64(1, delete_end.is_null() ? std::numeric_limits<int64>::max() |
976 : delete_end.ToInternalValue()); | 992 : delete_end.ToInternalValue()); |
977 | 993 |
978 return s.Run(); | 994 return s.Run(); |
979 } | 995 } |
980 | 996 |
(...skipping 219 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1200 } | 1216 } |
1201 | 1217 |
1202 bool LoginDatabase::DeleteAndRecreateDatabaseFile() { | 1218 bool LoginDatabase::DeleteAndRecreateDatabaseFile() { |
1203 DCHECK(db_.is_open()); | 1219 DCHECK(db_.is_open()); |
1204 meta_table_.Reset(); | 1220 meta_table_.Reset(); |
1205 db_.Close(); | 1221 db_.Close(); |
1206 sql::Connection::Delete(db_path_); | 1222 sql::Connection::Delete(db_path_); |
1207 return Init(); | 1223 return Init(); |
1208 } | 1224 } |
1209 | 1225 |
| 1226 std::string LoginDatabase::GetEncryptedPassword( |
| 1227 const autofill::PasswordForm& form) const { |
| 1228 sql::Statement s( |
| 1229 db_.GetCachedStatement(SQL_FROM_HERE, |
| 1230 "SELECT password_value FROM logins WHERE " |
| 1231 "origin_url = ? AND " |
| 1232 "username_element = ? AND " |
| 1233 "username_value = ? AND " |
| 1234 "password_element = ? AND " |
| 1235 "submit_element = ? AND " |
| 1236 "signon_realm = ? ")); |
| 1237 |
| 1238 s.BindString(0, form.origin.spec()); |
| 1239 s.BindString16(1, form.username_element); |
| 1240 s.BindString16(2, form.username_value); |
| 1241 s.BindString16(3, form.password_element); |
| 1242 s.BindString16(4, form.submit_element); |
| 1243 s.BindString(5, form.signon_realm); |
| 1244 |
| 1245 std::string encrypted_password; |
| 1246 if (s.Step()) { |
| 1247 s.ColumnBlobAsString(0, &encrypted_password); |
| 1248 } |
| 1249 return encrypted_password; |
| 1250 } |
| 1251 |
1210 // static | 1252 // static |
1211 bool LoginDatabase::StatementToForms( | 1253 bool LoginDatabase::StatementToForms( |
1212 sql::Statement* statement, | 1254 sql::Statement* statement, |
1213 const autofill::PasswordForm* psl_match, | 1255 const autofill::PasswordForm* psl_match, |
1214 ScopedVector<autofill::PasswordForm>* forms) { | 1256 ScopedVector<autofill::PasswordForm>* forms) { |
1215 PSLDomainMatchMetric psl_domain_match_metric = PSL_DOMAIN_MATCH_NONE; | 1257 PSLDomainMatchMetric psl_domain_match_metric = PSL_DOMAIN_MATCH_NONE; |
1216 | 1258 |
1217 forms->clear(); | 1259 forms->clear(); |
1218 while (statement->Step()) { | 1260 while (statement->Step()) { |
1219 scoped_ptr<PasswordForm> new_form(new PasswordForm()); | 1261 scoped_ptr<PasswordForm> new_form(new PasswordForm()); |
(...skipping 23 matching lines...) Expand all Loading... |
1243 UMA_HISTOGRAM_ENUMERATION("PasswordManager.PslDomainMatchTriggering", | 1285 UMA_HISTOGRAM_ENUMERATION("PasswordManager.PslDomainMatchTriggering", |
1244 psl_domain_match_metric, PSL_DOMAIN_MATCH_COUNT); | 1286 psl_domain_match_metric, PSL_DOMAIN_MATCH_COUNT); |
1245 } | 1287 } |
1246 | 1288 |
1247 if (!statement->Succeeded()) | 1289 if (!statement->Succeeded()) |
1248 return false; | 1290 return false; |
1249 return true; | 1291 return true; |
1250 } | 1292 } |
1251 | 1293 |
1252 } // namespace password_manager | 1294 } // namespace password_manager |
OLD | NEW |