components/os_crypt/libsecret_util_linux.cc - Issue 2441653002: Always unlock all libsecret items in Password Manager and OSCrypt

Side by Side Diff: components/os_crypt/libsecret_util_linux.cc

Issue 2441653002: Always unlock all libsecret items in Password Manager and OSCrypt (Closed)

Patch Set: Error handling Created 4 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

OLD	NEW
1 // Copyright 2016 The Chromium Authors. All rights reserved.	1 // Copyright 2016 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "components/os_crypt/libsecret_util_linux.h"	5 #include "components/os_crypt/libsecret_util_linux.h"

6	6

7 #include <dlfcn.h>	7 #include <dlfcn.h>

8	8

9 #include "base/logging.h"	9 #include "base/logging.h"

10 #include "base/strings/string_number_conversions.h"	10 #include "base/strings/string_number_conversions.h"

11	11

12 //	12 //

13 // LibsecretLoader	13 // LibsecretLoader

14 //	14 //

15	15

16 decltype(	16 decltype(

17 &::secret_password_store_sync) LibsecretLoader::secret_password_store_sync;	17 &::secret_password_store_sync) LibsecretLoader::secret_password_store_sync;

18 decltype(	18 decltype(

19 &::secret_service_search_sync) LibsecretLoader::secret_service_search_sync;	19 &::secret_service_search_sync) LibsecretLoader::secret_service_search_sync;

20 decltype(	20 decltype(

21 &::secret_password_clear_sync) LibsecretLoader::secret_password_clear_sync;	21 &::secret_password_clear_sync) LibsecretLoader::secret_password_clear_sync;

22 decltype(&::secret_item_get_secret) LibsecretLoader::secret_item_get_secret;	22 decltype(&::secret_item_get_secret) LibsecretLoader::secret_item_get_secret;

23 decltype(&::secret_value_get_text) LibsecretLoader::secret_value_get_text;	23 decltype(&::secret_value_get_text) LibsecretLoader::secret_value_get_text;

24 decltype(	24 decltype(

25 &::secret_item_get_attributes) LibsecretLoader::secret_item_get_attributes;	25 &::secret_item_get_attributes) LibsecretLoader::secret_item_get_attributes;

26 decltype(&::secret_item_load_secret_sync)	26 decltype(&::secret_item_load_secret_sync)

27 LibsecretLoader::secret_item_load_secret_sync;	27 LibsecretLoader::secret_item_load_secret_sync;

28 decltype(&::secret_value_unref) LibsecretLoader::secret_value_unref;	28 decltype(&::secret_value_unref) LibsecretLoader::secret_value_unref;

29 decltype(

30 &::secret_service_lookup_sync) LibsecretLoader::secret_service_lookup_sync;

31	29

32 bool LibsecretLoader::libsecret_loaded_ = false;	30 bool LibsecretLoader::libsecret_loaded_ = false;

33	31

34 const LibsecretLoader::FunctionInfo LibsecretLoader::kFunctions[] = {	32 const LibsecretLoader::FunctionInfo LibsecretLoader::kFunctions[] = {

35 {"secret_item_get_secret",	33 {"secret_item_get_secret",

36 reinterpret_cast<void**>(&secret_item_get_secret)},	34 reinterpret_cast<void**>(&secret_item_get_secret)},

37 {"secret_item_get_attributes",	35 {"secret_item_get_attributes",

38 reinterpret_cast<void**>(&secret_item_get_attributes)},	36 reinterpret_cast<void**>(&secret_item_get_attributes)},

39 {"secret_item_load_secret_sync",	37 {"secret_item_load_secret_sync",

40 reinterpret_cast<void**>(&secret_item_load_secret_sync)},	38 reinterpret_cast<void**>(&secret_item_load_secret_sync)},

41 {"secret_password_clear_sync",	39 {"secret_password_clear_sync",

42 reinterpret_cast<void**>(&secret_password_clear_sync)},	40 reinterpret_cast<void**>(&secret_password_clear_sync)},

43 {"secret_password_store_sync",	41 {"secret_password_store_sync",

44 reinterpret_cast<void**>(&secret_password_store_sync)},	42 reinterpret_cast<void**>(&secret_password_store_sync)},

45 {"secret_service_lookup_sync",

46 reinterpret_cast<void**>(&secret_service_lookup_sync)},

47 {"secret_service_search_sync",	43 {"secret_service_search_sync",

48 reinterpret_cast<void**>(&secret_service_search_sync)},	44 reinterpret_cast<void**>(&secret_service_search_sync)},

49 {"secret_value_get_text", reinterpret_cast<void**>(&secret_value_get_text)},	45 {"secret_value_get_text", reinterpret_cast<void**>(&secret_value_get_text)},

50 {"secret_value_unref", reinterpret_cast<void**>(&secret_value_unref)},	46 {"secret_value_unref", reinterpret_cast<void**>(&secret_value_unref)},

51 };	47 };

52	48

53 // static	49 // static

54 bool LibsecretLoader::EnsureLibsecretLoaded() {	50 bool LibsecretLoader::EnsureLibsecretLoaded() {

55 return LoadLibsecret() && LibsecretIsAvailable();	51 return LoadLibsecret() && LibsecretIsAvailable();

56 }	52 }

(...skipping 38 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
95 // is meant to return an empty result.	91 // is meant to return an empty result.

96 LibsecretAttributesBuilder attrs;	92 LibsecretAttributesBuilder attrs;

97 attrs.Append("application", "chrome-string_to_get_empty_result");	93 attrs.Append("application", "chrome-string_to_get_empty_result");

98 const SecretSchema kDummySchema = {	94 const SecretSchema kDummySchema = {

99 "_chrome_dummy_schema",	95 "_chrome_dummy_schema",

100 SECRET_SCHEMA_DONT_MATCH_NAME,	96 SECRET_SCHEMA_DONT_MATCH_NAME,

101 {{"application", SECRET_SCHEMA_ATTRIBUTE_STRING},	97 {{"application", SECRET_SCHEMA_ATTRIBUTE_STRING},

102 {nullptr, SECRET_SCHEMA_ATTRIBUTE_STRING}}};	98 {nullptr, SECRET_SCHEMA_ATTRIBUTE_STRING}}};

103	99

104 GError* error = nullptr;	100 GError* error = nullptr;

105 GList* found =	101 GList* found = secret_service_search_sync(

106 secret_service_search_sync(nullptr, // default secret service	102 nullptr, // default secret service

107 &kDummySchema, attrs.Get(), SECRET_SEARCH_ALL,	103 &kDummySchema, attrs.Get(),

108 nullptr, // no cancellable ojbect	104 static_cast<SecretSearchFlags>(SECRET_SEARCH_ALL \| SECRET_SEARCH_UNLOCK),
	vasilii 2016/10/21 14:10:07 Will it unlock if nothing is found? What actually Will it unlock if nothing is found? What actually happens when the Keyring is locked? Can you read metadata at least? cfroussios 2016/10/21 17:56:36 Search will always return the SecretItems, which i Show quoted text On 2016/10/21 14:10:07, vasilii wrote: > Will it unlock if nothing is found? > What actually happens when the Keyring is locked? Can you read metadata at > least? Search will always return the SecretItems, which individually may or may not be locked. Metadata isn't protected. In this particular call unlocking is redundant, because we're expecting no results. I added this so that I can make it a rule that we always unlock the stuff that we use. Tests now expect this flag without caring what we're fetching. Is there a case where we only need the metadata? I didn't see it. vasilii 2016/10/24 10:41:14 This method will never unlock anything, we put SEC Show quoted text On 2016/10/21 17:56:36, cfroussios wrote: > On 2016/10/21 14:10:07, vasilii wrote: > > Will it unlock if nothing is found? > > What actually happens when the Keyring is locked? Can you read metadata at > > least? > > Search will always return the SecretItems, which individually may or may not be > locked. Metadata isn't protected. > > In this particular call unlocking is redundant, because we're expecting no > results. I added this so that I can make it a rule that we always unlock the > stuff that we use. Tests now expect this flag without caring what we're > fetching. > > Is there a case where we only need the metadata? I didn't see it. This method will never unlock anything, we put SECRET_SEARCH_UNLOCK only for consistency. Is it correct? cfroussios 2016/10/24 11:25:55 Yes, it's only for consistency. I don't expect any Show quoted text On 2016/10/24 10:41:14, vasilii wrote: > On 2016/10/21 17:56:36, cfroussios wrote: > > On 2016/10/21 14:10:07, vasilii wrote: > > > Will it unlock if nothing is found? > > > What actually happens when the Keyring is locked? Can you read metadata at > > > least? > > > > Search will always return the SecretItems, which individually may or may not > be > > locked. Metadata isn't protected. > > > > In this particular call unlocking is redundant, because we're expecting no > > results. I added this so that I can make it a rule that we always unlock the > > stuff that we use. Tests now expect this flag without caring what we're > > fetching. > > > > Is there a case where we only need the metadata? I didn't see it. > > This method will never unlock anything, we put SECRET_SEARCH_UNLOCK only for > consistency. Is it correct? Yes, it's only for consistency. I don't expect any effect here. vasilii 2016/10/24 12:39:35 Acknowledged. Show quoted text On 2016/10/24 11:25:55, cfroussios wrote: > On 2016/10/24 10:41:14, vasilii wrote: > > On 2016/10/21 17:56:36, cfroussios wrote: > > > On 2016/10/21 14:10:07, vasilii wrote: > > > > Will it unlock if nothing is found? > > > > What actually happens when the Keyring is locked? Can you read metadata at > > > > least? > > > > > > Search will always return the SecretItems, which individually may or may not > > be > > > locked. Metadata isn't protected. > > > > > > In this particular call unlocking is redundant, because we're expecting no > > > results. I added this so that I can make it a rule that we always unlock the > > > stuff that we use. Tests now expect this flag without caring what we're > > > fetching. > > > > > > Is there a case where we only need the metadata? I didn't see it. > > > > This method will never unlock anything, we put SECRET_SEARCH_UNLOCK only for > > consistency. Is it correct? > > Yes, it's only for consistency. I don't expect any effect here. Acknowledged.
109 &error);	105 nullptr, // no cancellable ojbect

	106 &error);

110 bool success = (error == nullptr);	107 bool success = (error == nullptr);

111 if (error)	108 if (error)

112 g_error_free(error);	109 g_error_free(error);

113 if (found)	110 if (found)

114 g_list_free(found);	111 g_list_free(found);

115	112

116 return success;	113 return success;

117 }	114 }

118	115

119 //	116 //

(...skipping 18 matching lines...) Expand all Loading...
138 name_values_.push_back(value);	135 name_values_.push_back(value);

139 gpointer value_str =	136 gpointer value_str =

140 static_cast<gpointer>(const_cast<char*>(name_values_.back().c_str()));	137 static_cast<gpointer>(const_cast<char*>(name_values_.back().c_str()));

141 g_hash_table_insert(attrs_, name_str, value_str);	138 g_hash_table_insert(attrs_, name_str, value_str);

142 }	139 }

143	140

144 void LibsecretAttributesBuilder::Append(const std::string& name,	141 void LibsecretAttributesBuilder::Append(const std::string& name,

145 int64_t value) {	142 int64_t value) {

146 Append(name, base::Int64ToString(value));	143 Append(name, base::Int64ToString(value));

147 }	144 }

OLD	NEW

« components/os_crypt/key_storage_libsecret_unittest.cc ('K') | « components/os_crypt/libsecret_util_linux.h ('k') | no next file » | no next file with comments »