1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "chrome/browser/password_manager/password_store_factory.h" 6 7 #include "base/command_line.h" 8 #include "base/environment.h" 9 #include "base/prefs/pref_service.h" 10 #include "chrome/browser/profiles/incognito_helpers.h" 11 #include "chrome/browser/sync/glue/sync_start_util.h" 12 #include "chrome/browser/webdata/web_data_service.h" 13 #include "chrome/browser/webdata/web_data_service_factory.h" 14 #include "chrome/common/chrome_constants.h" 15 #include "chrome/common/chrome_switches.h" 16 #include "components/keyed_service/content/browser_context_dependency_manager.h" 17 #include "components/os_crypt/os_crypt_switches.h" 18 #include "components/password_manager/core/browser/login_database.h" 19 #include "components/password_manager/core/browser/password_store.h" 20 #include "components/password_manager/core/browser/password_store_default.h" 21 #include "components/password_manager/core/common/password_manager_pref_names.h" 22 #include "components/pref_registry/pref_registry_syncable.h" 23 #include "content/public/browser/browser_thread.h" 24 25 #if defined(OS_WIN) 26 #include "chrome/browser/password_manager/password_store_win.h" 27 #elif defined(OS_MACOSX) 28 #include "chrome/browser/password_manager/password_store_mac.h" 29 #include "crypto/apple_keychain.h" 30 #include "crypto/mock_apple_keychain.h" 31 #elif defined(OS_CHROMEOS) || defined(OS_ANDROID) 32 // Don't do anything. We're going to use the default store. 33 #elif defined(USE_X11) 34 #include "base/nix/xdg_util.h" 35 #if defined(USE_GNOME_KEYRING) 36 #include "chrome/browser/password_manager/native_backend_gnome_x.h" 37 #endif 38 #include "chrome/browser/password_manager/native_backend_kwallet_x.h" 39 #include "chrome/browser/password_manager/password_store_x.h" 40 #endif 41 42 using password_manager::PasswordStore; 43 44 #if !defined(OS_CHROMEOS) && defined(USE_X11) 45 namespace { 46 47 const LocalProfileId kInvalidLocalProfileId = 48 static_cast<LocalProfileId>(0); 49 50 } // namespace 51 #endif 52 53 PasswordStoreService::PasswordStoreService( 54 scoped_refptr<PasswordStore> password_store) 55 : password_store_(password_store) {} 56 57 PasswordStoreService::~PasswordStoreService() {} 58 59 scoped_refptr<PasswordStore> PasswordStoreService::GetPasswordStore() { 60 return password_store_; 61 } 62 63 void PasswordStoreService::Shutdown() { 64 if (password_store_) 65 password_store_->Shutdown(); 66 } 67 68 // static 69 scoped_refptr<PasswordStore> PasswordStoreFactory::GetForProfile( 70 Profile* profile, 71 Profile::ServiceAccessType sat) { 72 if (sat == Profile::IMPLICIT_ACCESS && profile->IsOffTheRecord()) { 73 NOTREACHED() << "This profile is OffTheRecord"; 74 return NULL; 75 } 76 77 PasswordStoreFactory* factory = GetInstance(); 78 PasswordStoreService* service = static_cast<PasswordStoreService*>( 79 factory->GetServiceForBrowserContext(profile, true)); 80 if (!service) 81 return NULL; 82 return service->GetPasswordStore(); 83 } 84 85 // static 86 PasswordStoreFactory* PasswordStoreFactory::GetInstance() { 87 return Singleton<PasswordStoreFactory>::get(); 88 } 89 90 PasswordStoreFactory::PasswordStoreFactory() 91 : BrowserContextKeyedServiceFactory( 92 "PasswordStore", 93 BrowserContextDependencyManager::GetInstance()) { 94 DependsOn(WebDataServiceFactory::GetInstance()); 95 } 96 97 PasswordStoreFactory::~PasswordStoreFactory() {} 98 99 #if !defined(OS_CHROMEOS) && defined(USE_X11) 100 LocalProfileId PasswordStoreFactory::GetLocalProfileId( 101 PrefService* prefs) const { 102 LocalProfileId id = 103 prefs->GetInteger(password_manager::prefs::kLocalProfileId); 104 if (id == kInvalidLocalProfileId) { 105 // Note that there are many more users than this. Thus, by design, this is 106 // not a unique id. However, it is large enough that it is very unlikely 107 // that it would be repeated twice on a single machine. It is still possible 108 // for that to occur though, so the potential results of it actually 109 // happening should be considered when using this value. 110 static const LocalProfileId kLocalProfileIdMask = 111 static_cast<LocalProfileId>((1 << 24) - 1); 112 do { 113 id = rand() & kLocalProfileIdMask; 114 // TODO(mdm): scan other profiles to make sure they are not using this id? 115 } while (id == kInvalidLocalProfileId); 116 prefs->SetInteger(password_manager::prefs::kLocalProfileId, id); 117 } 118 return id; 119 } 120 #endif 121 122 KeyedService* PasswordStoreFactory::BuildServiceInstanceFor( 123 content::BrowserContext* context) const { 124 Profile* profile = static_cast<Profile*>(context); 125 126 base::FilePath login_db_file_path = profile->GetPath(); 127 login_db_file_path = login_db_file_path.Append(chrome::kLoginDataFileName); 128 scoped_ptr<password_manager::LoginDatabase> login_db( 129 new password_manager::LoginDatabase()); 130 { 131 // TODO(paivanof (at) gmail.com): execution of login_db->Init() should go 132 // to DB thread. http://crbug.com/138903 133 base::ThreadRestrictions::ScopedAllowIO allow_io; 134 if (!login_db->Init(login_db_file_path)) { 135 LOG(ERROR) << "Could not initialize login database."; 136 return NULL; 137 } 138 } 139 140 scoped_refptr<base::SingleThreadTaskRunner> main_thread_runner( 141 base::MessageLoopProxy::current()); 142 scoped_refptr<base::SingleThreadTaskRunner> db_thread_runner( 143 content::BrowserThread::GetMessageLoopProxyForThread( 144 content::BrowserThread::DB)); 145 146 scoped_refptr<PasswordStore> ps; 147 #if defined(OS_WIN) 148 ps = new PasswordStoreWin(main_thread_runner, 149 db_thread_runner, 150 login_db.release(), 151 WebDataService::FromBrowserContext(profile)); 152 #elif defined(OS_MACOSX) 153 crypto::AppleKeychain* keychain = 154 CommandLine::ForCurrentProcess()->HasSwitch( 155 os_crypt::switches::kUseMockKeychain) ? 156 new crypto::MockAppleKeychain() : new crypto::AppleKeychain(); 157 ps = new PasswordStoreMac( 158 main_thread_runner, db_thread_runner, keychain, login_db.release()); 159 #elif defined(OS_CHROMEOS) || defined(OS_ANDROID) 160 // For now, we use PasswordStoreDefault. We might want to make a native 161 // backend for PasswordStoreX (see below) in the future though. 162 ps = new password_manager::PasswordStoreDefault( 163 main_thread_runner, db_thread_runner, login_db.release()); 164 #elif defined(USE_X11) 165 // On POSIX systems, we try to use the "native" password management system of 166 // the desktop environment currently running, allowing GNOME Keyring in XFCE. 167 // (In all cases we fall back on the basic store in case of failure.) 168 base::nix::DesktopEnvironment desktop_env; 169 std::string store_type = 170 CommandLine::ForCurrentProcess()->GetSwitchValueASCII( 171 switches::kPasswordStore); 172 if (store_type == "kwallet") { 173 desktop_env = base::nix::DESKTOP_ENVIRONMENT_KDE4; 174 } else if (store_type == "gnome") { 175 desktop_env = base::nix::DESKTOP_ENVIRONMENT_GNOME; 176 } else if (store_type == "basic") { 177 desktop_env = base::nix::DESKTOP_ENVIRONMENT_OTHER; 178 } else { 179 // Detect the store to use automatically. 180 scoped_ptr<base::Environment> env(base::Environment::Create()); 181 desktop_env = base::nix::GetDesktopEnvironment(env.get()); 182 const char* name = base::nix::GetDesktopEnvironmentName(desktop_env); 183 VLOG(1) << "Password storage detected desktop environment: " 184 << (name ? name : "(unknown)"); 185 } 186 187 PrefService* prefs = profile->GetPrefs(); 188 LocalProfileId id = GetLocalProfileId(prefs); 189 190 scoped_ptr<PasswordStoreX::NativeBackend> backend; 191 if (desktop_env == base::nix::DESKTOP_ENVIRONMENT_KDE4) { 192 // KDE3 didn't use DBus, which our KWallet store uses. 193 VLOG(1) << "Trying KWallet for password storage."; 194 backend.reset(new NativeBackendKWallet(id)); 195 if (backend->Init()) 196 VLOG(1) << "Using KWallet for password storage."; 197 else 198 backend.reset(); 199 } else if (desktop_env == base::nix::DESKTOP_ENVIRONMENT_GNOME || 200 desktop_env == base::nix::DESKTOP_ENVIRONMENT_UNITY || 201 desktop_env == base::nix::DESKTOP_ENVIRONMENT_XFCE) { 202 #if defined(USE_GNOME_KEYRING) 203 VLOG(1) << "Trying GNOME keyring for password storage."; 204 backend.reset(new NativeBackendGnome(id)); 205 if (backend->Init()) 206 VLOG(1) << "Using GNOME keyring for password storage."; 207 else 208 backend.reset(); 209 #endif // defined(USE_GNOME_KEYRING) 210 } 211 212 if (!backend.get()) { 213 LOG(WARNING) << "Using basic (unencrypted) store for password storage. " 214 "See http://code.google.com/p/chromium/wiki/LinuxPasswordStorage for " 215 "more information about password storage options."; 216 } 217 218 ps = new PasswordStoreX(main_thread_runner, 219 db_thread_runner, 220 login_db.release(), 221 backend.release()); 222 #elif defined(USE_OZONE) 223 ps = new password_manager::PasswordStoreDefault( 224 main_thread_runner, db_thread_runner, login_db.release()); 225 #else 226 NOTIMPLEMENTED(); 227 #endif 228 if (!ps || !ps->Init( 229 sync_start_util::GetFlareForSyncableService(profile->GetPath()))) { 230 NOTREACHED() << "Could not initialize password manager."; 231 return NULL; 232 } 233 234 return new PasswordStoreService(ps); 235 } 236 237 void PasswordStoreFactory::RegisterProfilePrefs( 238 user_prefs::PrefRegistrySyncable* registry) { 239 #if !defined(OS_CHROMEOS) && defined(USE_X11) 240 // Notice that the preprocessor conditions above are exactly those that will 241 // result in using PasswordStoreX in BuildServiceInstanceFor(). 242 registry->RegisterIntegerPref( 243 password_manager::prefs::kLocalProfileId, 244 kInvalidLocalProfileId, 245 user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF); 246 #endif 247 } 248 249 content::BrowserContext* PasswordStoreFactory::GetBrowserContextToUse( 250 content::BrowserContext* context) const { 251 return chrome::GetBrowserContextRedirectedInIncognito(context); 252 } 253 254 bool PasswordStoreFactory::ServiceIsNULLWhileTesting() const { 255 return true; 256 } 257