Beispiel #1
0
        private void GetLoginsHandler(Request r, Response resp, Aes aes)
        {
            if (!VerifyRequest(r, aes))
            {
                return;
            }

            string submithost = null;
            var    host       = GetHost(CryptoTransform(r.Url, true, false, aes, CMode.DECRYPT));

            if (r.SubmitUrl != null)
            {
                submithost = GetHost(CryptoTransform(r.SubmitUrl, true, false, aes, CMode.DECRYPT));
            }

            var items = FindMatchingEntries(r, aes);

            if (items.ToList().Count > 0)
            {
                Func <PwEntry, bool> filter = delegate(PwEntry e)
                {
                    var c = GetEntryConfig(e);

                    var title    = e.Strings.ReadSafe(PwDefs.TitleField);
                    var entryUrl = e.Strings.ReadSafe(PwDefs.UrlField);
                    if (c != null)
                    {
                        return(title != host && entryUrl != host && !c.Allow.Contains(host) || (submithost != null && !c.Allow.Contains(submithost) && submithost != title && submithost != entryUrl));
                    }
                    return(title != host && entryUrl != host || (submithost != null && title != submithost && entryUrl != submithost));
                };

                var configOpt  = new ConfigOpt(this.host.CustomConfig);
                var config     = GetConfigEntry(true);
                var autoAllowS = config.Strings.ReadSafe("Auto Allow");
                var autoAllow  = autoAllowS != null && autoAllowS.Trim() != "";
                autoAllow = autoAllow || configOpt.AlwaysAllowAccess;
                var needPrompting = from e in items where filter(e.entry) select e;

                if (needPrompting.ToList().Count > 0 && !autoAllow)
                {
                    var win = this.host.MainWindow;

                    using (var f = new AccessControlForm())
                    {
                        win.Invoke((MethodInvoker) delegate
                        {
                            f.Icon    = win.Icon;
                            f.Plugin  = this;
                            f.Entries = (from e in items where filter(e.entry) select e.entry).ToList();
                            //f.Entries = needPrompting.ToList();
                            f.Host  = submithost != null ? submithost : host;
                            f.Load += delegate { f.Activate(); };
                            f.ShowDialog(win);
                            if (f.Remember && (f.Allowed || f.Denied))
                            {
                                foreach (var e in needPrompting)
                                {
                                    var c = GetEntryConfig(e.entry);
                                    if (c == null)
                                    {
                                        c = new KeePassHttpEntryConfig();
                                    }
                                    var set = f.Allowed ? c.Allow : c.Deny;
                                    set.Add(host);
                                    if (submithost != null && submithost != host)
                                    {
                                        set.Add(submithost);
                                    }
                                    SetEntryConfig(e.entry, c);
                                }
                            }
                            if (!f.Allowed)
                            {
                                items = items.Except(needPrompting);
                            }
                        });
                    }
                }

                string compareToUrl = null;
                if (r.SubmitUrl != null)
                {
                    compareToUrl = CryptoTransform(r.SubmitUrl, true, false, aes, CMode.DECRYPT);
                }
                if (String.IsNullOrEmpty(compareToUrl))
                {
                    compareToUrl = CryptoTransform(r.Url, true, false, aes, CMode.DECRYPT);
                }

                compareToUrl = compareToUrl.ToLower();

                foreach (var entryDatabase in items)
                {
                    string entryUrl = String.Copy(entryDatabase.entry.Strings.ReadSafe(PwDefs.UrlField));
                    if (String.IsNullOrEmpty(entryUrl))
                    {
                        entryUrl = entryDatabase.entry.Strings.ReadSafe(PwDefs.TitleField);
                    }

                    entryUrl = entryUrl.ToLower();

                    entryDatabase.entry.UsageCount = (ulong)LevenshteinDistance(compareToUrl, entryUrl);
                }

                var itemsList = items.ToList();

                if (configOpt.SpecificMatchingOnly)
                {
                    itemsList = (from e in itemsList
                                 orderby e.entry.UsageCount ascending
                                 select e).ToList();

                    ulong lowestDistance = itemsList.Count > 0 ?
                                           itemsList[0].entry.UsageCount :
                                           0;

                    itemsList = (from e in itemsList
                                 where e.entry.UsageCount == lowestDistance
                                 orderby e.entry.UsageCount
                                 select e).ToList();
                }

                if (configOpt.SortResultByUsername)
                {
                    var items2 = from e in itemsList orderby e.entry.UsageCount ascending, GetUserPass(e)[0] ascending select e;
                    itemsList = items2.ToList();
                }
                else
                {
                    var items2 = from e in itemsList orderby e.entry.UsageCount ascending, e.entry.Strings.ReadSafe(PwDefs.TitleField) ascending select e;
                    itemsList = items2.ToList();
                }

                foreach (var entryDatabase in itemsList)
                {
                    var e = PrepareElementForResponseEntries(configOpt, entryDatabase);
                    resp.Entries.Add(e);
                }

                if (itemsList.Count > 0)
                {
                    var names = (from e in resp.Entries select e.Name).Distinct <string>();
                    var n     = String.Join("\n    ", names.ToArray <string>());

                    if (configOpt.ReceiveCredentialNotification)
                    {
                        ShowNotification(String.Format("{0}: {1} is receiving credentials for:\n    {2}", r.Id, host, n));
                    }
                }

                resp.Success = true;
                resp.Id      = r.Id;
                SetResponseVerifier(resp, aes);

                foreach (var entry in resp.Entries)
                {
                    entry.Name     = CryptoTransform(entry.Name, false, true, aes, CMode.ENCRYPT);
                    entry.Login    = CryptoTransform(entry.Login, false, true, aes, CMode.ENCRYPT);
                    entry.Uuid     = CryptoTransform(entry.Uuid, false, true, aes, CMode.ENCRYPT);
                    entry.Password = CryptoTransform(entry.Password, false, true, aes, CMode.ENCRYPT);

                    if (entry.StringFields != null)
                    {
                        foreach (var sf in entry.StringFields)
                        {
                            sf.Key   = CryptoTransform(sf.Key, false, true, aes, CMode.ENCRYPT);
                            sf.Value = CryptoTransform(sf.Value, false, true, aes, CMode.ENCRYPT);
                        }
                    }
                }

                resp.Count = resp.Entries.Count;
            }
            else
            {
                resp.Success = true;
                resp.Id      = r.Id;
                SetResponseVerifier(resp, aes);
            }
        }
Beispiel #2
0
        private void GetLoginsHandler(Request r, Response resp, Aes aes)
        {
            if (!VerifyRequest(r, aes))
                return;

            string submithost = null;
            var host = GetHost(CryptoTransform(r.Url, true, false, aes, CMode.DECRYPT));
            if (r.SubmitUrl != null)
                submithost = GetHost(CryptoTransform(r.SubmitUrl, true, false, aes, CMode.DECRYPT));

            var items = FindMatchingEntries(r, aes);
            if (items.ToList().Count > 0)
            {
                Func<PwEntry, bool> filter = delegate(PwEntry e)
                {
                    var c = GetEntryConfig(e);

                    var title = e.Strings.ReadSafe(PwDefs.TitleField);
                    var entryUrl = e.Strings.ReadSafe(PwDefs.UrlField);
                    if (c != null)
                    {
                        return title != host && entryUrl != host && !c.Allow.Contains(host) || (submithost != null && !c.Allow.Contains(submithost) && submithost != title && submithost != entryUrl);
                    }
                    return title != host && entryUrl != host || (submithost != null && title != submithost && entryUrl != submithost);
                };

                var configOpt = new ConfigOpt(this.host.CustomConfig);
                var config = GetConfigEntry(true);
                var autoAllowS = config.Strings.ReadSafe("Auto Allow");
                var autoAllow = autoAllowS != null && autoAllowS.Trim() != "";
                autoAllow = autoAllow || configOpt.AlwaysAllowAccess;
                var needPrompting = from e in items where filter(e.entry) select e;

                if (needPrompting.ToList().Count > 0 && !autoAllow)
                {
                    var clicked = true;

                    if (canShowBalloonTips())
                    {
                        clicked = false;
                        var wait = new ManualResetEvent(false);
                        var delegated = false;
                        EventHandler onclick = delegate { delegated = true; clicked = true; wait.Set(); };
                        EventHandler onclose = delegate { delegated = true; wait.Set(); };

                        ShowNotification(String.Format(
                                "{0}: {1} is requesting access, click to allow or deny",
                                r.Id, submithost != null ? submithost : host), onclick, onclose);
                        wait.WaitOne(GetNotificationTime() + 5000); // give a little time to fade
                        if (!delegated)
                            resp.Error = "Notification bubble did not appear";
                    }

                    if (clicked)
                    {
                        var win = this.host.MainWindow;

                        using (var f = new AccessControlForm())
                        {
                            win.Invoke((MethodInvoker)delegate
                            {
                                f.Icon = win.Icon;
                                f.Plugin = this;
                                f.Entries = (from e in items where filter(e.entry) select e.entry).ToList();
                                //f.Entries = needPrompting.ToList();
                                f.Host = submithost != null ? submithost : host;
                                f.Load += delegate { f.Activate(); };
                                f.ShowDialog(win);
                                if (f.Remember && (f.Allowed || f.Denied))
                                {
                                    foreach (var e in needPrompting)
                                    {
                                        var c = GetEntryConfig(e.entry);
                                        if (c == null)
                                            c = new KeePassHttpEntryConfig();
                                        var set = f.Allowed ? c.Allow : c.Deny;
                                        set.Add(host);
                                        if (submithost != null && submithost != host)
                                            set.Add(submithost);
                                        SetEntryConfig(e.entry, c);

                                    }
                                }
                                if (!f.Allowed)
                                {
                                    items = items.Except(needPrompting);
                                }
                            });
                        }
                    }
                    else
                    {
                        items = items.Except(needPrompting);
                    }
                }

                if (r.SortSelection == "true" || configOpt.SpecificMatchingOnly)
                {
                    string sortHost = CryptoTransform(r.Url, true, false, aes, CMode.DECRYPT);
                    if (sortHost.EndsWith("/"))
                        sortHost = sortHost.Substring(0, sortHost.Length - 1);

                    string sortSubmiturl = CryptoTransform(r.SubmitUrl, true, false, aes, CMode.DECRYPT);
                    if (sortSubmiturl == null)
                        sortSubmiturl = String.Copy(sortHost);
                    if (sortSubmiturl.EndsWith("/"))
                        sortSubmiturl = sortSubmiturl.Substring(0, sortSubmiturl.Length - 1);

                    if (!sortSubmiturl.Contains("://"))
                        sortSubmiturl = "http://" + sortSubmiturl;
                    if (!sortHost.Contains("://"))
                        sortHost = "http://" + sortHost;

                    string sortBaseSubmiturl = String.Copy(sortSubmiturl);
                    if (sortSubmiturl.LastIndexOf("/") > 7)
                    {
                        Uri sortBaseSubmithostURI = new Uri(sortSubmiturl);
                        sortBaseSubmiturl = String.Format("{0}{1}{2}{3}", sortBaseSubmithostURI.Scheme,
                            Uri.SchemeDelimiter, sortBaseSubmithostURI.Authority, sortBaseSubmithostURI.AbsolutePath.Substring(0, sortBaseSubmithostURI.AbsolutePath.LastIndexOf("/")));
                    }

                    sortSubmiturl = sortSubmiturl.ToLower();
                    sortHost = sortHost.ToLower();
                    sortBaseSubmiturl = sortBaseSubmiturl.ToLower();

                    foreach (var entryDatabase in items)
                    {
                        string entryUrl = String.Copy(entryDatabase.entry.Strings.ReadSafe(PwDefs.UrlField));
                        if (entryUrl.EndsWith("/"))
                            entryUrl = entryUrl.Substring(0, entryUrl.Length - 1);
                        entryUrl = entryUrl.ToLower();
                        if (!entryUrl.Contains("://"))
                            entryUrl = "http://" + entryUrl;

                        string baseEntryUrl = String.Copy(entryUrl);
                        if (baseEntryUrl.LastIndexOf("/") > 7)
                        {
                            Uri baseEntryUrlURI = new Uri(entryUrl);
                            baseEntryUrl = String.Format("{0}{1}{2}{3}", baseEntryUrlURI.Scheme,
                                Uri.SchemeDelimiter, baseEntryUrlURI.Authority, baseEntryUrlURI.AbsolutePath.Substring(0, baseEntryUrlURI.AbsolutePath.LastIndexOf("/")));
                        }

                        if (sortSubmiturl == entryUrl)
                            entryDatabase.entry.UsageCount = 90;
                        else if (sortSubmiturl.StartsWith(entryUrl) && sortHost != entryUrl && sortBaseSubmiturl != entryUrl)
                            entryDatabase.entry.UsageCount = 80;
                        else if (sortSubmiturl.StartsWith(baseEntryUrl) && sortHost != baseEntryUrl && sortBaseSubmiturl != baseEntryUrl)
                            entryDatabase.entry.UsageCount = 70;
                        else if (sortHost == entryUrl)
                            entryDatabase.entry.UsageCount = 50;
                        else if (sortBaseSubmiturl == entryUrl)
                            entryDatabase.entry.UsageCount = 40;
                        else if (entryUrl.StartsWith(sortSubmiturl))
                            entryDatabase.entry.UsageCount = 30;
                        else if (entryUrl.StartsWith(sortBaseSubmiturl) && sortBaseSubmiturl != sortHost)
                            entryDatabase.entry.UsageCount = 25;
                        else if (sortSubmiturl.StartsWith(entryUrl))
                            entryDatabase.entry.UsageCount = 20;
                        else if (sortSubmiturl.StartsWith(baseEntryUrl))
                            entryDatabase.entry.UsageCount = 15;
                        else if (entryUrl.StartsWith(sortHost))
                            entryDatabase.entry.UsageCount = 10;
                        else if (sortHost.StartsWith(entryUrl))
                            entryDatabase.entry.UsageCount = 5;
                        else
                            entryDatabase.entry.UsageCount = 1;
                    }

                    var items2 = from e in items orderby e.entry.UsageCount descending select e;
                    items = items2;
                }

                if (configOpt.SpecificMatchingOnly)
                {
                    ulong highestCount = 0;
                    foreach (var entryDatabase in items)
                    {
                        if (highestCount == 0)
                        {
                            highestCount = entryDatabase.entry.UsageCount;
                        }

                        if (entryDatabase.entry.UsageCount == highestCount)
                        {
                            var name = entryDatabase.entry.Strings.ReadSafe(PwDefs.TitleField);
                            var loginpass = GetUserPass(entryDatabase);
                            var login = loginpass[0];
                            var passwd = loginpass[1];
                            var uuid = entryDatabase.entry.Uuid.ToHexString();
                            var e = new ResponseEntry(name, login, passwd, uuid);
                            resp.Entries.Add(e);
                        }
                    }
                }
                else
                {
                    foreach (var entryDatabase in items)
                    {
                        var name = entryDatabase.entry.Strings.ReadSafe(PwDefs.TitleField);
                        var loginpass = GetUserPass(entryDatabase);
                        var login = loginpass[0];
                        var passwd = loginpass[1];
                        var uuid = entryDatabase.entry.Uuid.ToHexString();
                        var e = new ResponseEntry(name, login, passwd, uuid);
                        resp.Entries.Add(e);
                    }
                }

                if (items.ToList().Count > 0)
                {
                    var names = (from e in resp.Entries select e.Name).Distinct<string>();
                    var n = String.Join("\n    ", names.ToArray<string>());

                    if (configOpt.ReceiveCredentialNotification)
                        ShowNotification(String.Format("{0}: {1} is receiving credentials for:\n    {2}", r.Id, host, n));
                }

                resp.Success = true;
                resp.Id = r.Id;
                SetResponseVerifier(resp, aes);

                foreach (var entry in resp.Entries)
                {
                    entry.Name = CryptoTransform(entry.Name, false, true, aes, CMode.ENCRYPT);
                    entry.Login = CryptoTransform(entry.Login, false, true, aes, CMode.ENCRYPT);
                    entry.Uuid = CryptoTransform(entry.Uuid, false, true, aes, CMode.ENCRYPT);
                    entry.Password = CryptoTransform(entry.Password, false, true, aes, CMode.ENCRYPT);
                }

                resp.Count = resp.Entries.Count;
            }
            else
            {
                resp.Success = true;
                resp.Id = r.Id;
                SetResponseVerifier(resp, aes);
            }
        }
Beispiel #3
0
        private void GetLoginsHandler(Request r, Response resp, Aes aes)
        {
            if (!VerifyRequest(r, aes))
                return;

            string submithost = null;
            var host = GetHost(CryptoTransform(r.Url, true, false, aes, CMode.DECRYPT));
            if (r.SubmitUrl != null)
                submithost = GetHost(CryptoTransform(r.SubmitUrl, true, false, aes, CMode.DECRYPT));

            var items = FindMatchingEntries(r, aes);
            if (items.ToList().Count > 0)
            {
                Func<PwEntry, bool> filter = delegate(PwEntry e)
                {
                    var c = GetEntryConfig(e);

                    var title = e.Strings.ReadSafe(PwDefs.TitleField);
                    var entryUrl = e.Strings.ReadSafe(PwDefs.UrlField);
                    if (c != null)
                    {
                        return title != host && entryUrl != host && !c.Allow.Contains(host) || (submithost != null && !c.Allow.Contains(submithost) && submithost != title && submithost != entryUrl);
                    }
                    return title != host && entryUrl != host || (submithost != null && title != submithost && entryUrl != submithost);
                };

                var configOpt = new ConfigOpt(this.host.CustomConfig);
                var config = GetConfigEntry(true);
                var autoAllowS = config.Strings.ReadSafe("Auto Allow");
                var autoAllow = autoAllowS != null && autoAllowS.Trim() != "";
                autoAllow = autoAllow || configOpt.AlwaysAllowAccess;
                var needPrompting = from e in items where filter(e.entry) select e;

                if (needPrompting.ToList().Count > 0 && !autoAllow)
                {
                    var win = this.host.MainWindow;

                    using (var f = new AccessControlForm())
                    {
                        win.Invoke((MethodInvoker)delegate
                        {
                            f.Icon = win.Icon;
                            f.Plugin = this;
                            f.Entries = (from e in items where filter(e.entry) select e.entry).ToList();
                            //f.Entries = needPrompting.ToList();
                            f.Host = submithost != null ? submithost : host;
                            f.Load += delegate { f.Activate(); };
                            f.ShowDialog(win);
                            if (f.Remember && (f.Allowed || f.Denied))
                            {
                                foreach (var e in needPrompting)
                                {
                                    var c = GetEntryConfig(e.entry);
                                    if (c == null)
                                        c = new KeePassHttpEntryConfig();
                                    var set = f.Allowed ? c.Allow : c.Deny;
                                    set.Add(host);
                                    if (submithost != null && submithost != host)
                                        set.Add(submithost);
                                    SetEntryConfig(e.entry, c);

                                }
                            }
                            if (!f.Allowed)
                            {
                                items = items.Except(needPrompting);
                            }
                        });
                    }
                }

                string compareToUrl = null;
                if (r.SubmitUrl != null)
                {
                    compareToUrl = CryptoTransform(r.SubmitUrl, true, false, aes, CMode.DECRYPT);
                }
                if(String.IsNullOrEmpty(compareToUrl))
                    compareToUrl = CryptoTransform(r.Url, true, false, aes, CMode.DECRYPT);

                compareToUrl = compareToUrl.ToLower();

                foreach (var entryDatabase in items)
                {
                    string entryUrl = String.Copy(entryDatabase.entry.Strings.ReadSafe(PwDefs.UrlField));
                    if (String.IsNullOrEmpty(entryUrl))
                        entryUrl = entryDatabase.entry.Strings.ReadSafe(PwDefs.TitleField);

                    entryUrl = entryUrl.ToLower();

                    entryDatabase.entry.UsageCount = (ulong)LevenshteinDistance(compareToUrl, entryUrl);

                }

                var itemsList = items.ToList();

                if (configOpt.SpecificMatchingOnly)
                {
                    itemsList = (from e in itemsList
                                 orderby e.entry.UsageCount ascending
                                 select e).ToList();

                    ulong lowestDistance = itemsList.Count > 0 ?
                        itemsList[0].entry.UsageCount :
                        0;

                    itemsList = (from e in itemsList
                                 where e.entry.UsageCount == lowestDistance
                                 orderby e.entry.UsageCount
                                 select e).ToList();

                }

                if (configOpt.SortResultByUsername)
                {
                    var items2 = from e in itemsList orderby e.entry.UsageCount ascending, GetUserPass(e)[0] ascending select e;
                    itemsList = items2.ToList();
                }
                else
                {
                    var items2 = from e in itemsList orderby e.entry.UsageCount ascending, e.entry.Strings.ReadSafe(PwDefs.TitleField) ascending select e;
                    itemsList = items2.ToList();
                }

                foreach (var entryDatabase in itemsList)
                {
                    var e = PrepareElementForResponseEntries(configOpt, entryDatabase);
                    resp.Entries.Add(e);
                }

                if (itemsList.Count > 0)
                {
                    var names = (from e in resp.Entries select e.Name).Distinct<string>();
                    var n = String.Join("\n    ", names.ToArray<string>());

                    if (configOpt.ReceiveCredentialNotification)
                        ShowNotification(String.Format("{0}: {1} is receiving credentials for:\n    {2}", r.Id, host, n));
                }

                resp.Success = true;
                resp.Id = r.Id;
                SetResponseVerifier(resp, aes);

                foreach (var entry in resp.Entries)
                {
                    entry.Name = CryptoTransform(entry.Name, false, true, aes, CMode.ENCRYPT);
                    entry.Login = CryptoTransform(entry.Login, false, true, aes, CMode.ENCRYPT);
                    entry.Uuid = CryptoTransform(entry.Uuid, false, true, aes, CMode.ENCRYPT);
                    entry.Password = CryptoTransform(entry.Password, false, true, aes, CMode.ENCRYPT);

                    if (entry.StringFields != null)
                    {
                        foreach (var sf in entry.StringFields)
                        {
                            sf.Key = CryptoTransform(sf.Key, false, true, aes, CMode.ENCRYPT);
                            sf.Value = CryptoTransform(sf.Value, false, true, aes, CMode.ENCRYPT);
                        }
                    }
                }

                resp.Count = resp.Entries.Count;
            }
            else
            {
                resp.Success = true;
                resp.Id = r.Id;
                SetResponseVerifier(resp, aes);
            }
        }
Beispiel #4
0
        private void GetLoginsHandler(Request r, Response resp, Aes aes)
        {
            if (!VerifyRequest(r, aes))
            {
                return;
            }

            string submithost = null;
            var    host       = GetHost(CryptoTransform(r.Url, true, false, aes, CMode.DECRYPT));

            if (r.SubmitUrl != null)
            {
                submithost = GetHost(CryptoTransform(r.SubmitUrl, true, false, aes, CMode.DECRYPT));
            }

            var items = FindMatchingEntries(r, aes);

            if (items.ToList().Count > 0)
            {
                Func <PwEntry, bool> filter = delegate(PwEntry e)
                {
                    var c = GetEntryConfig(e);

                    var title    = e.Strings.ReadSafe(PwDefs.TitleField);
                    var entryUrl = e.Strings.ReadSafe(PwDefs.UrlField);
                    if (c != null)
                    {
                        return(title != host && entryUrl != host && !c.Allow.Contains(host) || (submithost != null && !c.Allow.Contains(submithost) && submithost != title && submithost != entryUrl));
                    }
                    return(title != host && entryUrl != host || (submithost != null && title != submithost && entryUrl != submithost));
                };

                var configOpt  = new ConfigOpt(this.host.CustomConfig);
                var config     = GetConfigEntry(true);
                var autoAllowS = config.Strings.ReadSafe("Auto Allow");
                var autoAllow  = autoAllowS != null && autoAllowS.Trim() != "";
                autoAllow = autoAllow || configOpt.AlwaysAllowAccess;
                var needPrompting = from e in items where filter(e.entry) select e;

                if (needPrompting.ToList().Count > 0 && !autoAllow)
                {
                    var win = this.host.MainWindow;

                    using (var f = new AccessControlForm())
                    {
                        win.Invoke((MethodInvoker) delegate
                        {
                            f.Icon    = win.Icon;
                            f.Plugin  = this;
                            f.Entries = (from e in items where filter(e.entry) select e.entry).ToList();
                            //f.Entries = needPrompting.ToList();
                            f.Host  = submithost != null ? submithost : host;
                            f.Load += delegate { f.Activate(); };
                            f.ShowDialog(win);
                            if (f.Remember && (f.Allowed || f.Denied))
                            {
                                foreach (var e in needPrompting)
                                {
                                    var c = GetEntryConfig(e.entry);
                                    if (c == null)
                                    {
                                        c = new KeePassHttpEntryConfig();
                                    }
                                    var set = f.Allowed ? c.Allow : c.Deny;
                                    set.Add(host);
                                    if (submithost != null && submithost != host)
                                    {
                                        set.Add(submithost);
                                    }
                                    SetEntryConfig(e.entry, c);
                                }
                            }
                            if (!f.Allowed)
                            {
                                items = items.Except(needPrompting);
                            }
                        });
                    }
                }

                //if (r.SortSelection == "true" || configOpt.SpecificMatchingOnly)
                //{
                string sortHost = CryptoTransform(r.Url, true, false, aes, CMode.DECRYPT);
                if (sortHost.EndsWith("/"))
                {
                    sortHost = sortHost.Substring(0, sortHost.Length - 1);
                }

                string sortSubmiturl = null;
                if (r.SubmitUrl != null)
                {
                    sortSubmiturl = CryptoTransform(r.SubmitUrl, true, false, aes, CMode.DECRYPT);
                }
                if (sortSubmiturl == null)
                {
                    sortSubmiturl = String.Copy(sortHost);
                }
                if (sortSubmiturl.EndsWith("/"))
                {
                    sortSubmiturl = sortSubmiturl.Substring(0, sortSubmiturl.Length - 1);
                }

                if (!sortSubmiturl.Contains("://"))
                {
                    sortSubmiturl = "http://" + sortSubmiturl;
                }
                if (!sortHost.Contains("://"))
                {
                    sortHost = "http://" + sortHost;
                }

                string sortBaseSubmiturl = String.Copy(sortSubmiturl);
                if (sortSubmiturl.LastIndexOf("/") > 7)
                {
                    Uri sortBaseSubmithostURI = new Uri(sortSubmiturl);
                    sortBaseSubmiturl = String.Format("{0}{1}{2}{3}",
                                                      sortBaseSubmithostURI.Scheme,
                                                      Uri.SchemeDelimiter,
                                                      sortBaseSubmithostURI.Authority,
                                                      sortBaseSubmithostURI.AbsolutePath.Substring(0, sortBaseSubmithostURI.AbsolutePath.LastIndexOf("/"))
                                                      );
                }

                sortSubmiturl     = sortSubmiturl.ToLower();
                sortHost          = sortHost.ToLower();
                sortBaseSubmiturl = sortBaseSubmiturl.ToLower();

                foreach (var entryDatabase in items)
                {
                    string entryUrl = String.Copy(entryDatabase.entry.Strings.ReadSafe(PwDefs.UrlField));
                    if (entryUrl.EndsWith("/"))
                    {
                        entryUrl = entryUrl.Substring(0, entryUrl.Length - 1);
                    }
                    entryUrl = entryUrl.ToLower();
                    if (!entryUrl.Contains("://"))
                    {
                        entryUrl = "http://" + entryUrl;
                    }

                    string baseEntryUrl = String.Copy(entryUrl);
                    if (baseEntryUrl.LastIndexOf("/") > 7)
                    {
                        Uri baseEntryUrlURI = new Uri(entryUrl);
                        baseEntryUrl = String.Format("{0}{1}{2}{3}", baseEntryUrlURI.Scheme,
                                                     Uri.SchemeDelimiter, baseEntryUrlURI.Authority, baseEntryUrlURI.AbsolutePath.Substring(0, baseEntryUrlURI.AbsolutePath.LastIndexOf("/")));
                    }

                    if (sortSubmiturl == entryUrl)
                    {
                        entryDatabase.entry.UsageCount = 90;
                    }
                    else if (sortSubmiturl.StartsWith(entryUrl) && sortHost != entryUrl && sortBaseSubmiturl != entryUrl)
                    {
                        entryDatabase.entry.UsageCount = 80;
                    }
                    else if (sortSubmiturl.StartsWith(baseEntryUrl) && sortHost != baseEntryUrl && sortBaseSubmiturl != baseEntryUrl)
                    {
                        entryDatabase.entry.UsageCount = 70;
                    }
                    else if (sortHost == entryUrl)
                    {
                        entryDatabase.entry.UsageCount = 50;
                    }
                    else if (sortBaseSubmiturl == entryUrl)
                    {
                        entryDatabase.entry.UsageCount = 40;
                    }
                    else if (entryUrl.StartsWith(sortSubmiturl))
                    {
                        entryDatabase.entry.UsageCount = 30;
                    }
                    else if (entryUrl.StartsWith(sortBaseSubmiturl) && sortBaseSubmiturl != sortHost)
                    {
                        entryDatabase.entry.UsageCount = 25;
                    }
                    else if (sortSubmiturl.StartsWith(entryUrl))
                    {
                        entryDatabase.entry.UsageCount = 20;
                    }
                    else if (sortSubmiturl.StartsWith(baseEntryUrl))
                    {
                        entryDatabase.entry.UsageCount = 15;
                    }
                    else if (entryUrl.StartsWith(sortHost))
                    {
                        entryDatabase.entry.UsageCount = 10;
                    }
                    else if (sortHost.StartsWith(entryUrl))
                    {
                        entryDatabase.entry.UsageCount = 5;
                    }
                    else
                    {
                        entryDatabase.entry.UsageCount = 1;
                    }
                }
                //}

                var itemsList = items.ToList();

                if (configOpt.SpecificMatchingOnly)
                {
                    ulong highestCount = 0;
                    foreach (var entryDatabase in itemsList.ToList())
                    {
                        if (highestCount == 0)
                        {
                            highestCount = entryDatabase.entry.UsageCount;
                        }

                        if (entryDatabase.entry.UsageCount != highestCount)
                        {
                            itemsList.Remove(entryDatabase);
                        }
                    }
                }

                if (configOpt.SortResultByUsername)
                {
                    var items2 = from e in itemsList orderby e.entry.UsageCount descending, GetUserPass(e)[0] ascending select e;
                    itemsList = items2.ToList();
                }
                else
                {
                    var items2 = from e in itemsList orderby e.entry.UsageCount descending, e.entry.Strings.ReadSafe(PwDefs.TitleField) ascending select e;
                    itemsList = items2.ToList();
                }

                foreach (var entryDatabase in itemsList)
                {
                    var e = PrepareElementForResponseEntries(configOpt, entryDatabase);
                    resp.Entries.Add(e);
                }

                if (itemsList.Count > 0)
                {
                    var names = (from e in resp.Entries select e.Name).Distinct <string>();
                    var n     = String.Join("\n    ", names.ToArray <string>());

                    if (configOpt.ReceiveCredentialNotification)
                    {
                        ShowNotification(String.Format("{0}: {1} is receiving credentials for:\n    {2}", r.Id, host, n));
                    }
                }

                resp.Success = true;
                resp.Id      = r.Id;
                SetResponseVerifier(resp, aes);

                foreach (var entry in resp.Entries)
                {
                    entry.Name     = CryptoTransform(entry.Name, false, true, aes, CMode.ENCRYPT);
                    entry.Login    = CryptoTransform(entry.Login, false, true, aes, CMode.ENCRYPT);
                    entry.Uuid     = CryptoTransform(entry.Uuid, false, true, aes, CMode.ENCRYPT);
                    entry.Password = CryptoTransform(entry.Password, false, true, aes, CMode.ENCRYPT);

                    if (entry.StringFields != null)
                    {
                        foreach (var sf in entry.StringFields)
                        {
                            sf.Key   = CryptoTransform(sf.Key, false, true, aes, CMode.ENCRYPT);
                            sf.Value = CryptoTransform(sf.Value, false, true, aes, CMode.ENCRYPT);
                        }
                    }
                }

                resp.Count = resp.Entries.Count;
            }
            else
            {
                resp.Success = true;
                resp.Id      = r.Id;
                SetResponseVerifier(resp, aes);
            }
        }
Beispiel #5
0
        private void GetLoginsHandler(Request r, Response resp, Aes aes)
        {
            if (!VerifyRequest(r, aes))
                return;

            string submithost = null;
            var host = GetHost(CryptoTransform(r.Url, true, false, aes, CMode.DECRYPT));
            if (r.SubmitUrl != null)
                submithost = GetHost(CryptoTransform(r.SubmitUrl, true, false, aes, CMode.DECRYPT));

            var items = FindMatchingEntries(r, aes);
            if (items.ToList().Count > 0)
            {
                Func<PwEntry, bool> filter = delegate(PwEntry e)
                {
                    var c = GetEntryConfig(e);

                    var title = e.Strings.ReadSafe(PwDefs.TitleField);
                    var entryUrl = e.Strings.ReadSafe(PwDefs.UrlField);
                    if (c != null)
                    {
                        return title != host && entryUrl != host && !c.Allow.Contains(host) || (submithost != null && !c.Allow.Contains(submithost) && submithost != title && submithost != entryUrl);
                    }
                    return title != host && entryUrl != host || (submithost != null && title != submithost && entryUrl != submithost);
                };

                var needPrompting = from e in items where filter(e) select e;

                if (needPrompting.ToList().Count > 0)
                {
                    var wait = new ManualResetEvent(false);
                    var clicked = false;
                    var delegated = false;
                    EventHandler onclick = delegate { delegated = true; clicked = true; wait.Set(); };
                    EventHandler onclose = delegate { delegated = true; wait.Set(); };

                    ShowNotification(String.Format(
                            "{0}: {1} is requesting access, click to allow or deny",
                            r.Id, submithost != null ? submithost : host), onclick, onclose);
                    wait.WaitOne(GetNotificationTime() + 5000); // give a little time to fade
                    if (!delegated)
                        resp.Error = "Notification bubble did not appear";

                    if (clicked)
                    {
                        var win = this.host.MainWindow;
                        using (var f = new AccessControlForm())
                        {
                            win.Invoke((MethodInvoker)delegate
                            {
                                f.Icon = win.Icon;
                                f.Plugin = this;
                                f.Entries = needPrompting.ToList();
                                f.Host = submithost != null ? submithost : host;
                                f.Load += delegate { f.Activate(); };
                                f.ShowDialog(win);
                                if (f.Remember && (f.Allowed || f.Denied))
                                {
                                    foreach (var e in needPrompting)
                                    {
                                        var c = GetEntryConfig(e);
                                        if (c == null)
                                            c = new KeePassHttpEntryConfig();
                                        var set = f.Allowed ? c.Allow : c.Deny;
                                        set.Add(host);
                                        if (submithost != null && submithost != host)
                                            set.Add(submithost);
                                        SetEntryConfig(e, c);

                                    }
                                }
                                if (!f.Allowed)
                                    items = items.Except(needPrompting);
                            });
                        }
                    }
                    else
                    {
                        items = items.Except(needPrompting);
                    }
                }

                foreach (var entry in items)
                {
                    var name = entry.Strings.ReadSafe(PwDefs.TitleField);
                    var loginpass = GetUserPass(entry);
                    var login = loginpass[0];
                    var passwd = loginpass[1];
                    var uuid = entry.Uuid.ToHexString();
                    var e = new ResponseEntry(name, login, passwd, uuid);
                    resp.Entries.Add(e);
                }

                if (items.ToList().Count > 0)
                {
                    var names = (from e in resp.Entries select e.Name).Distinct<string>();
                    var n = String.Join("\n    ", names.ToArray<string>());
                    ShowNotification(String.Format("{0}: {1} is receiving credentials for:\n    {2}", r.Id, host, n));
                }

                resp.Success = true;
                resp.Id = r.Id;
                SetResponseVerifier(resp, aes);

                foreach (var entry in resp.Entries)
                {
                    entry.Name = CryptoTransform(entry.Name, false, true, aes, CMode.ENCRYPT);
                    entry.Login = CryptoTransform(entry.Login, false, true, aes, CMode.ENCRYPT);
                    entry.Uuid = CryptoTransform(entry.Uuid, false, true, aes, CMode.ENCRYPT);
                    entry.Password = CryptoTransform(entry.Password, false, true, aes, CMode.ENCRYPT);
                }
            }
        }
Beispiel #6
0
        private void GetLoginsHandler(Request r, Response resp, Aes aes)
        {
            if (!VerifyRequest(r, aes))
            {
                return;
            }

            string submithost = null;
            var    host       = GetHost(CryptoTransform(r.Url, true, false, aes, CMode.DECRYPT));

            if (r.SubmitUrl != null)
            {
                submithost = GetHost(CryptoTransform(r.SubmitUrl, true, false, aes, CMode.DECRYPT));
            }

            var items = FindMatchingEntries(r, aes);

            if (items.ToList().Count > 0)
            {
                Func <PwEntry, bool> filter = delegate(PwEntry e)
                {
                    var c = GetEntryConfig(e);

                    var title    = e.Strings.ReadSafe(PwDefs.TitleField);
                    var entryUrl = e.Strings.ReadSafe(PwDefs.UrlField);
                    if (c != null)
                    {
                        return(title != host && entryUrl != host && !c.Allow.Contains(host) || (submithost != null && !c.Allow.Contains(submithost) && submithost != title && submithost != entryUrl));
                    }
                    return(title != host && entryUrl != host || (submithost != null && title != submithost && entryUrl != submithost));
                };

                var needPrompting = from e in items where filter(e) select e;

                if (needPrompting.ToList().Count > 0)
                {
                    var          wait      = new ManualResetEvent(false);
                    var          clicked   = false;
                    var          delegated = false;
                    EventHandler onclick   = delegate { delegated = true; clicked = true; wait.Set(); };
                    EventHandler onclose   = delegate { delegated = true; wait.Set(); };

                    ShowNotification(String.Format(
                                         "{0}: {1} is requesting access, click to allow or deny",
                                         r.Id, submithost != null ? submithost : host), onclick, onclose);
                    wait.WaitOne(GetNotificationTime() + 5000); // give a little time to fade
                    if (!delegated)
                    {
                        resp.Error = "Notification bubble did not appear";
                    }

                    if (clicked)
                    {
                        var win = this.host.MainWindow;
                        using (var f = new AccessControlForm())
                        {
                            win.Invoke((MethodInvoker) delegate
                            {
                                f.Icon    = win.Icon;
                                f.Plugin  = this;
                                f.Entries = needPrompting.ToList();
                                f.Host    = submithost != null ? submithost : host;
                                f.Load   += delegate { f.Activate(); };
                                f.ShowDialog(win);
                                if (f.Remember && (f.Allowed || f.Denied))
                                {
                                    foreach (var e in needPrompting)
                                    {
                                        var c = GetEntryConfig(e);
                                        if (c == null)
                                        {
                                            c = new KeePassHttpEntryConfig();
                                        }
                                        var set = f.Allowed ? c.Allow : c.Deny;
                                        set.Add(host);
                                        if (submithost != null && submithost != host)
                                        {
                                            set.Add(submithost);
                                        }
                                        SetEntryConfig(e, c);
                                    }
                                }
                                if (!f.Allowed)
                                {
                                    items = items.Except(needPrompting);
                                }
                            });
                        }
                    }
                    else
                    {
                        items = items.Except(needPrompting);
                    }
                }

                foreach (var entry in items)
                {
                    var name      = entry.Strings.ReadSafe(PwDefs.TitleField);
                    var loginpass = GetUserPass(entry);
                    var login     = loginpass[0];
                    var passwd    = loginpass[1];
                    var uuid      = entry.Uuid.ToHexString();
                    var e         = new ResponseEntry(name, login, passwd, uuid);
                    resp.Entries.Add(e);
                }

                if (items.ToList().Count > 0)
                {
                    var names = (from e in resp.Entries select e.Name).Distinct <string>();
                    var n     = String.Join("\n    ", names.ToArray <string>());
                    ShowNotification(String.Format("{0}: {1} is receiving credentials for:\n    {2}", r.Id, host, n));
                }

                resp.Success = true;
                resp.Id      = r.Id;
                SetResponseVerifier(resp, aes);

                foreach (var entry in resp.Entries)
                {
                    entry.Name     = CryptoTransform(entry.Name, false, true, aes, CMode.ENCRYPT);
                    entry.Login    = CryptoTransform(entry.Login, false, true, aes, CMode.ENCRYPT);
                    entry.Uuid     = CryptoTransform(entry.Uuid, false, true, aes, CMode.ENCRYPT);
                    entry.Password = CryptoTransform(entry.Password, false, true, aes, CMode.ENCRYPT);
                }
            }
        }