[epiphany] Add profile migrator to migrate insecure passwords
- From: Michael Catanzaro <mcatanzaro src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [epiphany] Add profile migrator to migrate insecure passwords
- Date: Wed, 1 Feb 2017 17:36:30 +0000 (UTC)
commit 1320bb12a25cd4be63278302e33a4ea35564fe7f
Author: Michael Catanzaro <mcatanzaro gnome org>
Date: Wed Feb 1 11:32:32 2017 -0600
Add profile migrator to migrate insecure passwords
All previously-saved passwords will now only be available to https://
origins. Users will have to manually enter their passwords once again in
order to save them separately for an insecure origin.
https://bugzilla.gnome.org/show_bug.cgi?id=752738
lib/ephy-profile-utils.h | 2 +-
src/profile-migrator/ephy-profile-migrator.c | 82 +++++++++++++++++++++++++-
2 files changed, 82 insertions(+), 2 deletions(-)
---
diff --git a/lib/ephy-profile-utils.h b/lib/ephy-profile-utils.h
index db6c660..5c02886 100644
--- a/lib/ephy-profile-utils.h
+++ b/lib/ephy-profile-utils.h
@@ -24,7 +24,7 @@
G_BEGIN_DECLS
-#define EPHY_PROFILE_MIGRATION_VERSION 14
+#define EPHY_PROFILE_MIGRATION_VERSION 15
#define EPHY_BOOKMARKS_FILE "bookmarks.gvdb"
#define EPHY_HISTORY_FILE "ephy-history.db"
diff --git a/src/profile-migrator/ephy-profile-migrator.c b/src/profile-migrator/ephy-profile-migrator.c
index 8f486d5..9d2c454 100644
--- a/src/profile-migrator/ephy-profile-migrator.c
+++ b/src/profile-migrator/ephy-profile-migrator.c
@@ -723,6 +723,85 @@ migrate_permissions (void)
g_object_unref (file);
}
+/* https://bugzilla.gnome.org/show_bug.cgi?id=752738 */
+static void
+migrate_insecure_password (SecretItem *item)
+{
+ GHashTable *attributes;
+ WebKitSecurityOrigin *original_origin;
+ const char *original_uri;
+
+ attributes = secret_item_get_attributes (item);
+ original_uri = g_hash_table_lookup (attributes, URI_KEY);
+ original_origin = webkit_security_origin_new_for_uri (original_uri);
+ if (original_origin == NULL) {
+ g_warning ("Failed to convert URI %s to a security origin, insecure password will not be migrated",
original_uri);
+ g_hash_table_unref (attributes);
+ return;
+ }
+
+ if (g_strcmp0 (webkit_security_origin_get_protocol (original_origin), "http") == 0) {
+ WebKitSecurityOrigin *new_origin;
+ char *new_uri;
+ GError *error = NULL;
+
+ new_origin = webkit_security_origin_new ("https",
+ webkit_security_origin_get_host (original_origin),
+ webkit_security_origin_get_port (original_origin));
+ new_uri = webkit_security_origin_to_string (new_origin);
+ webkit_security_origin_unref (new_origin);
+
+ g_hash_table_replace (attributes, g_strdup (URI_KEY), new_uri);
+ secret_item_set_attributes_sync (item, EPHY_FORM_PASSWORD_SCHEMA, attributes, NULL, &error);
+ if (error != NULL) {
+ g_warning ("Failed to convert URI %s to https://, insecure password will not be migrated: %s",
original_uri, error->message);
+ g_error_free (error);
+ }
+ }
+
+ g_hash_table_unref (attributes);
+ webkit_security_origin_unref (original_origin);
+}
+
+static void
+migrate_insecure_passwords (void)
+{
+ SecretService *service;
+ GHashTable *attributes;
+ GList *items;
+ GError *error = NULL;
+
+ service = secret_service_get_sync (SECRET_SERVICE_LOAD_COLLECTIONS, NULL, &error);
+ if (error != NULL) {
+ g_warning ("Failed to get secret service proxy, insecure passwords will not be migrated: %s",
error->message);
+ g_error_free (error);
+ return;
+ }
+
+ attributes = secret_attributes_build (EPHY_FORM_PASSWORD_SCHEMA, NULL);
+
+ items = secret_service_search_sync (service,
+ EPHY_FORM_PASSWORD_SCHEMA,
+ attributes,
+ SECRET_SEARCH_ALL | SECRET_SEARCH_UNLOCK | SECRET_SEARCH_LOAD_SECRETS,
+ NULL,
+ &error);
+ if (error != NULL) {
+ g_warning ("Failed to search secret service, insecure passwords will not be migrated: %s",
error->message);
+ g_error_free (error);
+ goto out;
+ }
+
+ for (GList *l = items; l != NULL; l = l->next)
+ migrate_insecure_password ((SecretItem *)l->data);
+
+ g_list_free_full (items, g_object_unref);
+
+out:
+ g_object_unref (service);
+ g_hash_table_unref (attributes);
+}
+
static void
migrate_nothing (void)
{
@@ -750,7 +829,8 @@ const EphyProfileMigrator migrators[] = {
migrate_bookmarks,
migrate_adblock_filters,
migrate_initial_state,
- migrate_permissions
+ migrate_permissions,
+ migrate_insecure_passwords,
};
static gboolean
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]