OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "components/password_manager/core/browser/login_database.h" | 5 #include "components/password_manager/core/browser/login_database.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <limits> | 8 #include <limits> |
9 | 9 |
10 #include "base/bind.h" | 10 #include "base/bind.h" |
11 #include "base/files/file_path.h" | 11 #include "base/files/file_path.h" |
12 #include "base/logging.h" | 12 #include "base/logging.h" |
13 #include "base/metrics/histogram_macros.h" | 13 #include "base/metrics/histogram_macros.h" |
14 #include "base/pickle.h" | 14 #include "base/pickle.h" |
| 15 #include "base/stl_util.h" |
15 #include "base/strings/string_util.h" | 16 #include "base/strings/string_util.h" |
16 #include "base/strings/stringprintf.h" | 17 #include "base/strings/stringprintf.h" |
17 #include "base/time/time.h" | 18 #include "base/time/time.h" |
18 #include "components/autofill/core/common/password_form.h" | 19 #include "components/autofill/core/common/password_form.h" |
19 #include "components/password_manager/core/browser/affiliation_utils.h" | 20 #include "components/password_manager/core/browser/affiliation_utils.h" |
20 #include "components/password_manager/core/browser/password_manager_client.h" | 21 #include "components/password_manager/core/browser/password_manager_client.h" |
21 #include "components/password_manager/core/browser/password_manager_metrics_util
.h" | 22 #include "components/password_manager/core/browser/password_manager_metrics_util
.h" |
22 #include "google_apis/gaia/gaia_auth_util.h" | 23 #include "google_apis/gaia/gaia_auth_util.h" |
23 #include "google_apis/gaia/gaia_urls.h" | 24 #include "google_apis/gaia/gaia_urls.h" |
24 #include "sql/connection.h" | 25 #include "sql/connection.h" |
(...skipping 569 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
594 return list; | 595 return list; |
595 } | 596 } |
596 | 597 |
597 PasswordStoreChangeList LoginDatabase::UpdateLogin(const PasswordForm& form) { | 598 PasswordStoreChangeList LoginDatabase::UpdateLogin(const PasswordForm& form) { |
598 std::string encrypted_password; | 599 std::string encrypted_password; |
599 if (EncryptedString( | 600 if (EncryptedString( |
600 clear_password_values_ ? base::string16() : form.password_value, | 601 clear_password_values_ ? base::string16() : form.password_value, |
601 &encrypted_password) != ENCRYPTION_RESULT_SUCCESS) | 602 &encrypted_password) != ENCRYPTION_RESULT_SUCCESS) |
602 return PasswordStoreChangeList(); | 603 return PasswordStoreChangeList(); |
603 | 604 |
| 605 #if defined(OS_IOS) |
| 606 DeleteEncryptedPassword(form); |
| 607 #endif |
604 // Replacement is necessary to deal with updating imported credentials. See | 608 // Replacement is necessary to deal with updating imported credentials. See |
605 // crbug.com/349138 for details. | 609 // crbug.com/349138 for details. |
606 sql::Statement s(db_.GetCachedStatement(SQL_FROM_HERE, | 610 sql::Statement s(db_.GetCachedStatement(SQL_FROM_HERE, |
607 "UPDATE OR REPLACE logins SET " | 611 "UPDATE OR REPLACE logins SET " |
608 "action_url = ?, " | 612 "action_url = ?, " |
609 "password_value = ?, " | 613 "password_value = ?, " |
610 "ssl_valid = ?, " | 614 "ssl_valid = ?, " |
611 "preferred = ?, " | 615 "preferred = ?, " |
612 "possible_usernames = ?, " | 616 "possible_usernames = ?, " |
613 "times_used = ?, " | 617 "times_used = ?, " |
(...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
658 return PasswordStoreChangeList(); | 662 return PasswordStoreChangeList(); |
659 | 663 |
660 PasswordStoreChangeList list; | 664 PasswordStoreChangeList list; |
661 if (db_.GetLastChangeCount()) | 665 if (db_.GetLastChangeCount()) |
662 list.push_back(PasswordStoreChange(PasswordStoreChange::UPDATE, form)); | 666 list.push_back(PasswordStoreChange(PasswordStoreChange::UPDATE, form)); |
663 | 667 |
664 return list; | 668 return list; |
665 } | 669 } |
666 | 670 |
667 bool LoginDatabase::RemoveLogin(const PasswordForm& form) { | 671 bool LoginDatabase::RemoveLogin(const PasswordForm& form) { |
| 672 #if defined(OS_IOS) |
| 673 DeleteEncryptedPassword(form); |
| 674 #endif |
668 if (form.IsPublicSuffixMatch()) { | 675 if (form.IsPublicSuffixMatch()) { |
669 // Do not try to remove |form|. It is a modified copy of a password stored | 676 // Do not try to remove |form|. It is a modified copy of a password stored |
670 // for a different origin, and it is not contained in the database. | 677 // for a different origin, and it is not contained in the database. |
671 return false; | 678 return false; |
672 } | 679 } |
673 // Remove a login by UNIQUE-constrained fields. | 680 // Remove a login by UNIQUE-constrained fields. |
674 sql::Statement s(db_.GetCachedStatement(SQL_FROM_HERE, | 681 sql::Statement s(db_.GetCachedStatement(SQL_FROM_HERE, |
675 "DELETE FROM logins WHERE " | 682 "DELETE FROM logins WHERE " |
676 "origin_url = ? AND " | 683 "origin_url = ? AND " |
677 "username_element = ? AND " | 684 "username_element = ? AND " |
678 "username_value = ? AND " | 685 "username_value = ? AND " |
679 "password_element = ? AND " | 686 "password_element = ? AND " |
680 "submit_element = ? AND " | 687 "submit_element = ? AND " |
681 "signon_realm = ? ")); | 688 "signon_realm = ? ")); |
682 s.BindString(0, form.origin.spec()); | 689 s.BindString(0, form.origin.spec()); |
683 s.BindString16(1, form.username_element); | 690 s.BindString16(1, form.username_element); |
684 s.BindString16(2, form.username_value); | 691 s.BindString16(2, form.username_value); |
685 s.BindString16(3, form.password_element); | 692 s.BindString16(3, form.password_element); |
686 s.BindString16(4, form.submit_element); | 693 s.BindString16(4, form.submit_element); |
687 s.BindString(5, form.signon_realm); | 694 s.BindString(5, form.signon_realm); |
688 | 695 |
689 return s.Run() && db_.GetLastChangeCount() > 0; | 696 return s.Run() && db_.GetLastChangeCount() > 0; |
690 } | 697 } |
691 | 698 |
692 bool LoginDatabase::RemoveLoginsCreatedBetween(base::Time delete_begin, | 699 bool LoginDatabase::RemoveLoginsCreatedBetween(base::Time delete_begin, |
693 base::Time delete_end) { | 700 base::Time delete_end) { |
| 701 #if defined(OS_IOS) |
| 702 ScopedVector<autofill::PasswordForm> forms; |
| 703 if (GetLoginsCreatedBetween(delete_begin, delete_end, &forms)) { |
| 704 for (size_t i = 0; i < forms.size(); i++) { |
| 705 DeleteEncryptedPassword(*forms[i]); |
| 706 } |
| 707 } |
| 708 #endif |
| 709 |
694 sql::Statement s(db_.GetCachedStatement(SQL_FROM_HERE, | 710 sql::Statement s(db_.GetCachedStatement(SQL_FROM_HERE, |
695 "DELETE FROM logins WHERE " | 711 "DELETE FROM logins WHERE " |
696 "date_created >= ? AND date_created < ?")); | 712 "date_created >= ? AND date_created < ?")); |
697 s.BindInt64(0, delete_begin.ToInternalValue()); | 713 s.BindInt64(0, delete_begin.ToInternalValue()); |
698 s.BindInt64(1, delete_end.is_null() ? std::numeric_limits<int64>::max() | 714 s.BindInt64(1, delete_end.is_null() ? std::numeric_limits<int64>::max() |
699 : delete_end.ToInternalValue()); | 715 : delete_end.ToInternalValue()); |
700 | 716 |
701 return s.Run(); | 717 return s.Run(); |
702 } | 718 } |
703 | 719 |
(...skipping 218 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
922 } | 938 } |
923 | 939 |
924 bool LoginDatabase::DeleteAndRecreateDatabaseFile() { | 940 bool LoginDatabase::DeleteAndRecreateDatabaseFile() { |
925 DCHECK(db_.is_open()); | 941 DCHECK(db_.is_open()); |
926 meta_table_.Reset(); | 942 meta_table_.Reset(); |
927 db_.Close(); | 943 db_.Close(); |
928 sql::Connection::Delete(db_path_); | 944 sql::Connection::Delete(db_path_); |
929 return Init(); | 945 return Init(); |
930 } | 946 } |
931 | 947 |
| 948 std::string LoginDatabase::GetEncryptedPassword( |
| 949 const autofill::PasswordForm& form) const { |
| 950 sql::Statement s( |
| 951 db_.GetCachedStatement(SQL_FROM_HERE, |
| 952 "SELECT password_value FROM logins WHERE " |
| 953 "origin_url = ? AND " |
| 954 "username_element = ? AND " |
| 955 "username_value = ? AND " |
| 956 "password_element = ? AND " |
| 957 "submit_element = ? AND " |
| 958 "signon_realm = ? ")); |
| 959 |
| 960 s.BindString(0, form.origin.spec()); |
| 961 s.BindString16(1, form.username_element); |
| 962 s.BindString16(2, form.username_value); |
| 963 s.BindString16(3, form.password_element); |
| 964 s.BindString16(4, form.submit_element); |
| 965 s.BindString(5, form.signon_realm); |
| 966 |
| 967 std::string encrypted_password; |
| 968 if (s.Step()) { |
| 969 s.ColumnBlobAsString(0, &encrypted_password); |
| 970 } |
| 971 return encrypted_password; |
| 972 } |
| 973 |
932 // static | 974 // static |
933 bool LoginDatabase::StatementToForms( | 975 bool LoginDatabase::StatementToForms( |
934 sql::Statement* statement, | 976 sql::Statement* statement, |
935 const autofill::PasswordForm* psl_match, | 977 const autofill::PasswordForm* psl_match, |
936 ScopedVector<autofill::PasswordForm>* forms) { | 978 ScopedVector<autofill::PasswordForm>* forms) { |
937 PSLDomainMatchMetric psl_domain_match_metric = PSL_DOMAIN_MATCH_NONE; | 979 PSLDomainMatchMetric psl_domain_match_metric = PSL_DOMAIN_MATCH_NONE; |
938 | 980 |
939 forms->clear(); | 981 forms->clear(); |
940 while (statement->Step()) { | 982 while (statement->Step()) { |
941 scoped_ptr<PasswordForm> new_form(new PasswordForm()); | 983 scoped_ptr<PasswordForm> new_form(new PasswordForm()); |
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
974 UMA_HISTOGRAM_ENUMERATION("PasswordManager.PslDomainMatchTriggering", | 1016 UMA_HISTOGRAM_ENUMERATION("PasswordManager.PslDomainMatchTriggering", |
975 psl_domain_match_metric, PSL_DOMAIN_MATCH_COUNT); | 1017 psl_domain_match_metric, PSL_DOMAIN_MATCH_COUNT); |
976 } | 1018 } |
977 | 1019 |
978 if (!statement->Succeeded()) | 1020 if (!statement->Succeeded()) |
979 return false; | 1021 return false; |
980 return true; | 1022 return true; |
981 } | 1023 } |
982 | 1024 |
983 } // namespace password_manager | 1025 } // namespace password_manager |
OLD | NEW |