Changed location of LibsecretLoader

chrome/browser/password_manager/native_backend_libsecret.cc

 // Copyright (c) 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/password_manager/native_backend_libsecret.h"
 
-#include <dlfcn.h>
 #include <stddef.h>
 #include <stdint.h>
 
+#include <libsecret/secret.h>

[Lei Zhang, 2016/04/28 21:49:09]

I'm curious what this is needed for if "password_manager will not interact with
libsecret directly"

[vabr (Chromium), 2016/04/29 07:36:45]

Not interacting with libsecret is the ultimate goal, but we are not there yet.
Even with os_crypt hosting the libsecret loader, this native backend still needs
to save and retrieve data to the Keyring via libsecret.
The plan is as follows:
(1) Implement encryption on Linux with libsecret.
(2) Stop saving passwords through libsecret and store them encrypted in the
LoginDatabase instead.

After step (2) there will be no need for referencing libsecret in the native
backend.

+
 #include <limits>
 #include <list>
 #include <memory>
 #include <utility>
 #include <vector>
 
 #include "base/logging.h"
 #include "base/metrics/histogram.h"
 #include "base/strings/string_number_conversions.h"
 #include "base/strings/stringprintf.h"
 #include "base/strings/utf_string_conversions.h"
 #include "components/password_manager/core/browser/password_manager_metrics_util.h"
 #include "components/password_manager/core/browser/password_manager_util.h"
 #include "url/origin.h"
 
 using autofill::PasswordForm;
 using base::UTF8ToUTF16;
 using base::UTF16ToUTF8;
 
 namespace {
 const char kEmptyString[] = "";
 const int kMaxPossibleTimeTValue = std::numeric_limits<int>::max();
 }  // namespace
 
-typeof(&::secret_password_store_sync)
-    LibsecretLoader::secret_password_store_sync;
-typeof(&::secret_service_search_sync)
-    LibsecretLoader::secret_service_search_sync;
-typeof(&::secret_password_clear_sync)
-    LibsecretLoader::secret_password_clear_sync;
-typeof(&::secret_item_get_secret) LibsecretLoader::secret_item_get_secret;
-typeof(&::secret_value_get_text) LibsecretLoader::secret_value_get_text;
-typeof(&::secret_item_get_attributes)
-    LibsecretLoader::secret_item_get_attributes;
-typeof(&::secret_item_load_secret_sync)
-    LibsecretLoader::secret_item_load_secret_sync;
-typeof(&::secret_value_unref) LibsecretLoader::secret_value_unref;
-
-bool LibsecretLoader::libsecret_loaded = false;
-
-const LibsecretLoader::FunctionInfo LibsecretLoader::functions[] = {
-    {"secret_password_store_sync",
-     reinterpret_cast<void**>(&secret_password_store_sync)},
-    {"secret_service_search_sync",
-     reinterpret_cast<void**>(&secret_service_search_sync)},
-    {"secret_password_clear_sync",
-     reinterpret_cast<void**>(&secret_password_clear_sync)},
-    {"secret_item_get_secret",
-     reinterpret_cast<void**>(&secret_item_get_secret)},
-    {"secret_value_get_text", reinterpret_cast<void**>(&secret_value_get_text)},
-    {"secret_item_get_attributes",
-     reinterpret_cast<void**>(&secret_item_get_attributes)},
-    {"secret_item_load_secret_sync",
-     reinterpret_cast<void**>(&secret_item_load_secret_sync)},
-    {"secret_value_unref", reinterpret_cast<void**>(&secret_value_unref)},
-    {nullptr, nullptr}};
-
-bool LibsecretLoader::LoadLibsecret() {
-  if (libsecret_loaded)
-    return true;
-
-  void* handle = dlopen("libsecret-1.so.0", RTLD_NOW | RTLD_GLOBAL);
-  if (!handle) {
-    // We wanted to use libsecret, but we couldn't load it. Warn, because
-    // either the user asked for this, or we autodetected it incorrectly. (Or
-    // the system has broken libraries, which is also good to warn about.)
-    LOG(WARNING) << "Could not load libsecret-1.so.0: " << dlerror();
-    return false;
-  }
-
-  for (size_t i = 0; functions[i].name; ++i) {
-    dlerror();
-    *functions[i].pointer = dlsym(handle, functions[i].name);
-    const char* error = dlerror();
-    if (error) {
-      VLOG(1) << "Unable to load symbol " << functions[i].name << ": " << error;
-      dlclose(handle);
-      return false;
-    }
-  }
-
-  libsecret_loaded = true;
-  // We leak the library handle. That's OK: this function is called only once.
-  return true;
-}
-
 namespace {
 
 const char kLibsecretAppString[] = "chrome";
 
 // Schema is analagous to the fields in PasswordForm.
 const SecretSchema kLibsecretSchema = {
     "chrome_libsecret_password_schema",
     // We have to use SECRET_SCHEMA_DONT_MATCH_NAME in order to get old
     // passwords stored with gnome_keyring.
     SECRET_SCHEMA_DONT_MATCH_NAME,
@@ skipping 101 matching lines @@
     bool success = DeserializeFormDataFromBase64String(encoded_form_data,
                                                        &form->form_data);
     password_manager::metrics_util::FormDeserializationStatus status =
         success ? password_manager::metrics_util::GNOME_SUCCESS
                 : password_manager::metrics_util::GNOME_FAILURE;
     LogFormDataDeserializationStatus(status);
   }
   return form;
 }
 
-class LibsecretAttributesBuilder {
- public:
-  LibsecretAttributesBuilder();
-  ~LibsecretAttributesBuilder();
-  void Append(const std::string& name, const std::string& value);
-  void Append(const std::string& name, int64_t value);
-  // GHashTable, its keys and values returned from Get() are destroyed in
-  // |LibsecretAttributesBuilder| desctructor.
-  GHashTable* Get() { return attrs_; }
-
- private:
-  // |name_values_| is a storage for strings referenced in |attrs_|.
-  std::list<std::string> name_values_;
-  GHashTable* attrs_;
-};
-
-LibsecretAttributesBuilder::LibsecretAttributesBuilder() {
-  attrs_ = g_hash_table_new_full(g_str_hash, g_str_equal,
-                                 nullptr,   // no deleter for keys
-                                 nullptr);  // no deleter for values
-}
-
-LibsecretAttributesBuilder::~LibsecretAttributesBuilder() {
-  g_hash_table_destroy(attrs_);
-}
-
-void LibsecretAttributesBuilder::Append(const std::string& name,
-                                        const std::string& value) {
-  name_values_.push_back(name);
-  gpointer name_str =
-      static_cast<gpointer>(const_cast<char*>(name_values_.back().c_str()));
-  name_values_.push_back(value);
-  gpointer value_str =
-      static_cast<gpointer>(const_cast<char*>(name_values_.back().c_str()));
-  g_hash_table_insert(attrs_, name_str, value_str);
-}
-
-void LibsecretAttributesBuilder::Append(const std::string& name,
-                                        int64_t value) {
-  Append(name, base::Int64ToString(value));
-}
-
 // Generates a profile-specific app string based on profile_id_.
 std::string GetProfileSpecificAppString(LocalProfileId id) {
   // Originally, the application string was always just "chrome" and used only
   // so that we had *something* to search for since GNOME Keyring won't search
   // for nothing. Now we use it to distinguish passwords for different profiles.
   return base::StringPrintf("%s-%d", kLibsecretAppString, id);
 }
 
 }  // namespace
 
-bool LibsecretLoader::LibsecretIsAvailable() {
-  if (!libsecret_loaded)
-    return false;
-  // A dummy query is made to check for availability, because libsecret doesn't
-  // have a dedicated availability function. For performance reasons, the query
-  // is meant to return an empty result.
-  LibsecretAttributesBuilder attrs;
-  attrs.Append("application", "chrome-string_to_get_empty_result");
-
-  GError* error = nullptr;
-  GList* found = secret_service_search_sync(nullptr,  // default secret service
-                                            &kLibsecretSchema, attrs.Get(),
-                                            SECRET_SEARCH_ALL,
-                                            nullptr,  // no cancellable ojbect
-                                            &error);
-  bool success = (error == nullptr);
-  if (error)
-    g_error_free(error);
-  if (found)
-    g_list_free(found);
-
-  return success;
-}
-
 NativeBackendLibsecret::NativeBackendLibsecret(LocalProfileId id)
     : app_string_(GetProfileSpecificAppString(id)) {
 }
 
 NativeBackendLibsecret::~NativeBackendLibsecret() {
 }
 
 bool NativeBackendLibsecret::Init() {
-  return LoadLibsecret() && LibsecretIsAvailable();
+  return LibsecretLoader::LoadLibsecret() &&
+         LibsecretLoader::LibsecretIsAvailable();
 }
 
 password_manager::PasswordStoreChangeList NativeBackendLibsecret::AddLogin(
     const PasswordForm& form) {
   // Based on LoginDatabase::AddLogin(), we search for an existing match based
   // on origin_url, username_element, username_value, password_element and
   // signon_realm first, remove that, and then add the new entry.
   password_manager::PasswordStoreChangeList changes;
   ScopedVector<autofill::PasswordForm> forms;
   if (!AddUpdateLoginSearch(form, &forms))
@@ skipping 53 matching lines @@
     return true;
   }
   return false;
 }
 
 bool NativeBackendLibsecret::RemoveLogin(
     const autofill::PasswordForm& form,
     password_manager::PasswordStoreChangeList* changes) {
   DCHECK(changes);
   GError* error = nullptr;
-  if (secret_password_clear_sync(
-          &kLibsecretSchema, nullptr, &error,
-          "origin_url", form.origin.spec().c_str(),
-          "username_element", UTF16ToUTF8(form.username_element).c_str(),
-          "username_value", UTF16ToUTF8(form.username_value).c_str(),
-          "password_element", UTF16ToUTF8(form.password_element).c_str(),
-          "signon_realm", form.signon_realm.c_str(),
-          "application", app_string_.c_str(), nullptr)) {
+  if (LibsecretLoader::secret_password_clear_sync(
+          &kLibsecretSchema, nullptr, &error, "origin_url",
+          form.origin.spec().c_str(), "username_element",
+          UTF16ToUTF8(form.username_element).c_str(), "username_value",
+          UTF16ToUTF8(form.username_value).c_str(), "password_element",
+          UTF16ToUTF8(form.password_element).c_str(), "signon_realm",
+          form.signon_realm.c_str(), "application", app_string_.c_str(),
+          nullptr)) {
     changes->push_back(password_manager::PasswordStoreChange(
         password_manager::PasswordStoreChange::REMOVE, form));
   }
 
   if (error) {
     LOG(ERROR) << "Libsecret delete failed: " << error->message;
     g_error_free(error);
     return false;
   }
   return true;
@@ skipping 42 matching lines @@
     ScopedVector<autofill::PasswordForm>* forms) {
   LibsecretAttributesBuilder attrs;
   attrs.Append("origin_url", lookup_form.origin.spec());
   attrs.Append("username_element", UTF16ToUTF8(lookup_form.username_element));
   attrs.Append("username_value", UTF16ToUTF8(lookup_form.username_value));
   attrs.Append("password_element", UTF16ToUTF8(lookup_form.password_element));
   attrs.Append("signon_realm", lookup_form.signon_realm);
   attrs.Append("application", app_string_);
 
   GError* error = nullptr;
-  GList* found = secret_service_search_sync(nullptr,  // default secret service
-                                            &kLibsecretSchema, attrs.Get(),
-                                            SECRET_SEARCH_ALL,
-                                            nullptr,  // no cancellable ojbect
-                                            &error);
+  GList* found = LibsecretLoader::secret_service_search_sync(
+      nullptr,  // default secret service
+      &kLibsecretSchema, attrs.Get(), SECRET_SEARCH_ALL,
+      nullptr,  // no cancellable ojbect
+      &error);
   if (error) {
     LOG(ERROR) << "Unable to get logins " << error->message;
     g_error_free(error);
     if (found)
       g_list_free(found);
     return false;
   }
 
   *forms = ConvertFormList(found, &lookup_form);
   return true;
 }
 
 bool NativeBackendLibsecret::RawAddLogin(const PasswordForm& form) {
   int64_t date_created = form.date_created.ToInternalValue();
   // If we are asked to save a password with 0 date, use the current time.
   // We don't want to actually save passwords as though on January 1, 1601.
   if (!date_created)
     date_created = base::Time::Now().ToInternalValue();
   int64_t date_synced = form.date_synced.ToInternalValue();
   std::string form_data;
   SerializeFormDataToBase64String(form.form_data, &form_data);
   GError* error = nullptr;
   // clang-format off
-  secret_password_store_sync(
+  LibsecretLoader::secret_password_store_sync(
       &kLibsecretSchema,
       nullptr,                     // Default collection.
       form.origin.spec().c_str(),  // Display name.
       UTF16ToUTF8(form.password_value).c_str(),
       nullptr,  // no cancellable ojbect
       &error,
       "origin_url", form.origin.spec().c_str(),
       "action_url", form.action.spec().c_str(),
       "username_element", UTF16ToUTF8(form.username_element).c_str(),
       "username_value", UTF16ToUTF8(form.username_value).c_str(),
@@ skipping 54 matching lines @@
   if (options != ALL_LOGINS)
     attrs.Append("blacklisted_by_user", options == BLACKLISTED_LOGINS);
   if (lookup_form &&
       !password_manager::ShouldPSLDomainMatchingApply(
           password_manager::GetRegistryControlledDomain(
               GURL(lookup_form->signon_realm))) &&
       lookup_form->scheme != PasswordForm::SCHEME_HTML)
     attrs.Append("signon_realm", lookup_form->signon_realm);
 
   GError* error = nullptr;
-  GList* found = secret_service_search_sync(nullptr,  // default secret service
-                                            &kLibsecretSchema, attrs.Get(),
-                                            SECRET_SEARCH_ALL,
-                                            nullptr,  // no cancellable ojbect
-                                            &error);
+  GList* found = LibsecretLoader::secret_service_search_sync(
+      nullptr,  // default secret service
+      &kLibsecretSchema, attrs.Get(), SECRET_SEARCH_ALL,
+      nullptr,  // no cancellable ojbect
+      &error);
   if (error) {
     LOG(ERROR) << "Unable to get logins " << error->message;
     g_error_free(error);
     if (found)
       g_list_free(found);
     return false;
   }
 
   *forms = ConvertFormList(found, lookup_form);
   if (lookup_form)
@@ skipping 75 matching lines @@
   for (GList* element = g_list_first(found); element != nullptr;
        element = g_list_next(element)) {
     SecretItem* secretItem = static_cast<SecretItem*>(element->data);
     LibsecretLoader::secret_item_load_secret_sync(secretItem, nullptr, &error);
     if (error) {
       LOG(ERROR) << "Unable to load secret item" << error->message;
       g_error_free(error);
       error = nullptr;
       continue;
     }
-    GHashTable* attrs = secret_item_get_attributes(secretItem);
+    GHashTable* attrs = LibsecretLoader::secret_item_get_attributes(secretItem);
     std::unique_ptr<PasswordForm> form(FormOutOfAttributes(attrs));
     g_hash_table_unref(attrs);
     if (form) {
       if (lookup_form && form->signon_realm != lookup_form->signon_realm) {
         if (lookup_form->scheme != PasswordForm::SCHEME_HTML ||
             form->scheme != PasswordForm::SCHEME_HTML)
           continue;
         // This is not an exact match, we try PSL matching and federated match.
         if (allow_psl_match &&
             password_manager::IsPublicSuffixDomainMatch(
                 form->signon_realm, lookup_form->signon_realm)) {
           psl_domain_match_metric = password_manager::PSL_DOMAIN_MATCH_FOUND;
           form->is_public_suffix_match = true;
         } else if (!form->federation_origin.unique() &&
                    password_manager::IsFederatedMatch(form->signon_realm,
                                                       lookup_form->origin)) {
         } else {
           continue;
         }
       }
-      SecretValue* secretValue = secret_item_get_secret(secretItem);
+      SecretValue* secretValue =
+          LibsecretLoader::secret_item_get_secret(secretItem);
       if (secretValue) {
-        form->password_value = UTF8ToUTF16(secret_value_get_text(secretValue));
-        secret_value_unref(secretValue);
+        form->password_value =
+            UTF8ToUTF16(LibsecretLoader::secret_value_get_text(secretValue));
+        LibsecretLoader::secret_value_unref(secretValue);
       } else {
         LOG(WARNING) << "Unable to access password from list element!";
       }
       forms.push_back(std::move(form));
     } else {
       VLOG(1) << "Could not initialize PasswordForm from attributes!";
     }
   }
 
   if (lookup_form) {
     UMA_HISTOGRAM_ENUMERATION("PasswordManager.PslDomainMatchTriggering",
                               allow_psl_match
                                   ? psl_domain_match_metric
                                   : password_manager::PSL_DOMAIN_MATCH_NOT_USED,
                               password_manager::PSL_DOMAIN_MATCH_COUNT);
   }
   g_list_free(found);
   return forms;
 }