Passwords PSL Matching on Gnome: overwrite realm and origin

chrome/browser/password_manager/native_backend_gnome_x.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/password_manager/native_backend_gnome_x.h"
 
 #include <dlfcn.h>
 #include <gnome-keyring.h>
 
 #include <map>
@@ skipping 125 matching lines @@
   form->blacklisted_by_user = uint_attr_map["blacklisted_by_user"];
   form->type = static_cast<PasswordForm::Type>(uint_attr_map["type"]);
   form->times_used = uint_attr_map["times_used"];
   form->scheme = static_cast<PasswordForm::Scheme>(uint_attr_map["scheme"]);
 
   return form.Pass();
 }
 
 // Parse all the results from the given GList into a PasswordFormList, and free
 // the GList. PasswordForms are allocated on the heap, and should be deleted by
-// the consumer. If not empty, |filter_by_signon_realm| is used to filter out
-// results -- only credentials with signon realms passing the PSL matching
-// (done by |helper|) against |filter_by_signon_realm| will be kept.
+// the consumer. If not NULL, |lookup_form| is used to filter out results --
+// only credentials with signon realms passing the PSL matching (done by
+// |helper|) against |lookup_form->signon_realm| will be kept. PSL matched
+// results get their signon_realm, origin, and action rewritten to those of
+// |lookup_form_|, with the original signon_realm saved into the result's
+// original_signon_realm data member.
 void ConvertFormList(GList* found,
-                     const std::string& filter_by_signon_realm,
+                     const PasswordForm* lookup_form,
                      const PSLMatchingHelper& helper,
                      NativeBackendGnome::PasswordFormList* forms) {
   PSLMatchingHelper::PSLDomainMatchMetric psl_domain_match_metric =
       PSLMatchingHelper::PSL_DOMAIN_MATCH_NONE;
   for (GList* element = g_list_first(found); element != NULL;
        element = g_list_next(element)) {
     GnomeKeyringFound* data = static_cast<GnomeKeyringFound*>(element->data);
     GnomeKeyringAttributeList* attrs = data->attributes;
 
     scoped_ptr<PasswordForm> form(FormFromAttributes(attrs));
     if (form) {
-      if (!filter_by_signon_realm.empty() &&
-          form->signon_realm != filter_by_signon_realm) {
+      if (lookup_form && form->signon_realm != lookup_form->signon_realm) {
         // This is not an exact match, we try PSL matching.
         if (!(PSLMatchingHelper::IsPublicSuffixDomainMatch(
-                 filter_by_signon_realm, form->signon_realm))) {
+                lookup_form->signon_realm, form->signon_realm))) {
           continue;
         }
         psl_domain_match_metric = PSLMatchingHelper::PSL_DOMAIN_MATCH_FOUND;
         form->original_signon_realm = form->signon_realm;
+        form->signon_realm = lookup_form->signon_realm;
+        form->origin = lookup_form->origin;
+        form->action = lookup_form->action;
       }
       if (data->secret) {
         form->password_value = UTF8ToUTF16(data->secret);
       } else {
         LOG(WARNING) << "Unable to access password from list element!";
       }
       forms->push_back(form.release());
     } else {
       LOG(WARNING) << "Could not initialize PasswordForm from attributes!";
     }
   }
-  if (!filter_by_signon_realm.empty()) {
+  if (lookup_form) {
     UMA_HISTOGRAM_ENUMERATION(
         "PasswordManager.PslDomainMatchTriggering",
         helper.IsMatchingEnabled()
             ? psl_domain_match_metric
             : PSLMatchingHelper::PSL_DOMAIN_MATCH_DISABLED,
         PSLMatchingHelper::PSL_DOMAIN_MATCH_COUNT);
   }
 }
 
 // Schema is analagous to the fields in PasswordForm.
@@ skipping 87 matching lines @@
 
   // All these callbacks are called on UI thread.
   static void OnOperationDone(GnomeKeyringResult result, gpointer data);
 
   static void OnOperationGetList(GnomeKeyringResult result, GList* list,
                                  gpointer data);
 
   base::WaitableEvent event_;
   GnomeKeyringResult result_;
   NativeBackendGnome::PasswordFormList forms_;
-  // Two additional arguments to OnOperationGetList:
-  // If the credential search is related to a particular form,
-  // |original_signon_realm_| contains the signon realm of that form. It is used
-  // to filter the relevant results out of all the found ones.
-  std::string original_signon_realm_;
+  // If the credential search is specified by a single form and needs to use PSL
+  // matching, then the specifying form is stored in |lookup_form_|. If PSL
+  // matching is used to find a result, then the results signon realm, origin
+  // and action are stored are replaced by those of |lookup_form_|.
+  // Additionally, |lookup_form_->signon_realm| is also used to narrow down the
+  // found logins to those which indeed PSL-match the look-up. And finally,
+  // |lookup_form_| set to NULL means that PSL matching is not required.
+  scoped_ptr<PasswordForm> lookup_form_;
   const PSLMatchingHelper helper_;
 };
 
 void GKRMethod::AddLogin(const PasswordForm& form, const char* app_string) {
   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
   time_t date_created = form.date_created.ToTimeT();
   // If we are asked to save a password with 0 date, use the current time.
   // We don't want to actually save passwords as though on January 1, 1970.
   if (!date_created)
     date_created = time(NULL);
@@ skipping 19 matching lines @@
       "type", form.type,
       "times_used", form.times_used,
       "scheme", form.scheme,
       "application", app_string,
       NULL);
 }
 
 void GKRMethod::AddLoginSearch(const PasswordForm& form,
                                const char* app_string) {
   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
-  original_signon_realm_ = form.signon_realm;
+  lookup_form_.reset(NULL);
   // Search GNOME Keyring for matching passwords to update.
   ScopedAttributeList attrs(gnome_keyring_attribute_list_new());
   AppendString(&attrs, "origin_url", form.origin.spec());
   AppendString(&attrs, "username_element", UTF16ToUTF8(form.username_element));
   AppendString(&attrs, "username_value", UTF16ToUTF8(form.username_value));
   AppendString(&attrs, "password_element", UTF16ToUTF8(form.password_element));
   AppendString(&attrs, "submit_element", UTF16ToUTF8(form.submit_element));
   AppendString(&attrs, "signon_realm", form.signon_realm);
   AppendString(&attrs, "application", app_string);
   gnome_keyring_find_items(GNOME_KEYRING_ITEM_GENERIC_SECRET,
                            attrs.get(),
                            OnOperationGetList,
                            /*data=*/this,
                            /*destroy_data=*/NULL);
 }
 
 void GKRMethod::UpdateLoginSearch(const PasswordForm& form,
                                   const char* app_string) {
   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
-  original_signon_realm_ = form.signon_realm;
+  lookup_form_.reset(NULL);
   // Search GNOME Keyring for matching passwords to update.
   ScopedAttributeList attrs(gnome_keyring_attribute_list_new());
   AppendString(&attrs, "origin_url", form.origin.spec());
   AppendString(&attrs, "username_element", UTF16ToUTF8(form.username_element));
   AppendString(&attrs, "username_value", UTF16ToUTF8(form.username_value));
   AppendString(&attrs, "password_element", UTF16ToUTF8(form.password_element));
   AppendString(&attrs, "signon_realm", form.signon_realm);
   AppendString(&attrs, "application", app_string);
   gnome_keyring_find_items(GNOME_KEYRING_ITEM_GENERIC_SECRET,
                            attrs.get(),
@@ skipping 16 matching lines @@
       "username_value", UTF16ToUTF8(form.username_value).c_str(),
       "password_element", UTF16ToUTF8(form.password_element).c_str(),
       "submit_element", UTF16ToUTF8(form.submit_element).c_str(),
       "signon_realm", form.signon_realm.c_str(),
       "application", app_string,
       NULL);
 }
 
 void GKRMethod::GetLogins(const PasswordForm& form, const char* app_string) {
   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
-  original_signon_realm_ = form.signon_realm;
+  lookup_form_.reset(new PasswordForm(form));
   // Search GNOME Keyring for matching passwords.
   ScopedAttributeList attrs(gnome_keyring_attribute_list_new());
   if (!helper_.ShouldPSLDomainMatchingApply(
            PSLMatchingHelper::GetRegistryControlledDomain(
                GURL(form.signon_realm)))) {
     AppendString(&attrs, "signon_realm", form.signon_realm);
   }
   AppendString(&attrs, "application", app_string);
   gnome_keyring_find_items(GNOME_KEYRING_ITEM_GENERIC_SECRET,
                            attrs.get(),
                            OnOperationGetList,
                            /*data=*/this,
                            /*destroy_data=*/NULL);
 }
 
 void GKRMethod::GetLoginsList(uint32_t blacklisted_by_user,
                               const char* app_string) {
   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
-  original_signon_realm_.clear();
+  lookup_form_.reset(NULL);
   // Search GNOME Keyring for matching passwords.
   ScopedAttributeList attrs(gnome_keyring_attribute_list_new());
   AppendUint32(&attrs, "blacklisted_by_user", blacklisted_by_user);
   AppendString(&attrs, "application", app_string);
   gnome_keyring_find_items(GNOME_KEYRING_ITEM_GENERIC_SECRET,
                            attrs.get(),
                            OnOperationGetList,
                            /*data=*/this,
                            /*destroy_data=*/NULL);
 }
 
 void GKRMethod::GetAllLogins(const char* app_string) {
   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
-  original_signon_realm_.clear();
+  lookup_form_.reset(NULL);
   // We need to search for something, otherwise we get no results - so
   // we search for the fixed application string.
   ScopedAttributeList attrs(gnome_keyring_attribute_list_new());
   AppendString(&attrs, "application", app_string);
   gnome_keyring_find_items(GNOME_KEYRING_ITEM_GENERIC_SECRET,
                            attrs.get(),
                            OnOperationGetList,
                            /*data=*/this,
                            /*destroy_data=*/NULL);
 }
@@ skipping 47 matching lines @@
 }
 
 // static
 void GKRMethod::OnOperationGetList(GnomeKeyringResult result, GList* list,
                                    gpointer data) {
   GKRMethod* method = static_cast<GKRMethod*>(data);
   method->result_ = result;
   method->forms_.clear();
   // |list| will be freed after this callback returns, so convert it now.
   ConvertFormList(
-      list, method->original_signon_realm_, method->helper_, &method->forms_);
-  method->original_signon_realm_.clear();
+      list, method->lookup_form_.get(), method->helper_, &method->forms_);
+  method->lookup_form_.reset(NULL);
   method->event_.Signal();
 }
 
 }  // namespace
 
 NativeBackendGnome::NativeBackendGnome(LocalProfileId id)
     : profile_id_(id) {
   app_string_ = GetProfileSpecificAppString();
 }
 
@@ skipping 224 matching lines @@
   }
   return true;
 }
 
 std::string NativeBackendGnome::GetProfileSpecificAppString() const {
   // Originally, the application string was always just "chrome" and used only
   // so that we had *something* to search for since GNOME Keyring won't search
   // for nothing. Now we use it to distinguish passwords for different profiles.
   return base::StringPrintf("%s-%d", kGnomeKeyringAppString, profile_id_);
 }