wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 1056523 - Ensure sync credentials are reset during reauth flow. r=markh

Browse Source 
This patch addresses a bug in the following scenario:

User has browser 1 connected to sync and open, and resets her password
on browser 2. Eventually the browser detects the need to reauthenticate
the user, and prompts the user. When the user entered her new password,
the browserid_identity module failed to re-derive a new syncKeyBundle
from the new password and happily used the old one. Chaos ensued.

This patch mitigate the problem by calling resetCredentials at the
start of initializeWithCurrentIdentity(), which will clear the
syncKeyBundle, along with other credentials. Previously this
function was only resetting this._shouldHaveSyncKeyBundle.

I also removed a misleading comment about the syncKeyBundle being
cleared when it wasn't.
This commit is contained in:
Chris Karlof 2014-08-27 16:14:58 -07:00
parent 43f304ad43
commit 34ef3af90d
1 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
services/sync/modules/browserid_identity.js
View File

@ -188,7 +188,11 @@ this.BrowserIDManager.prototype = {
this._log.error("Could not authenticate: " + err);
});
this._shouldHaveSyncKeyBundle = false;
// initializeWithCurrentIdentity() can be called after the
// identity module was first initialized, e.g., after the
// user completes a force authentication, so we should make
// sure all credentials are reset before proceeding.
this.resetCredentials();
this._authFailureReason = null;
return this._fxaService.getSignedInUser().then(accountData => {
@ -579,9 +583,10 @@ this.BrowserIDManager.prototype = {
// for now assume it is just a transient network related problem.
this._authFailureReason = LOGIN_FAILED_NETWORK_ERROR;
}
// Drop the sync key bundle, but still expect to have one.
// This will arrange for us to be in the right 'currentAuthState'
// such that UI will show the right error.
// this._authFailureReason being set to be non-null in the above if clause
// ensures we are in the correct currentAuthState, and
// this._shouldHaveSyncKeyBundle being true ensures everything that cares knows
// that there is no authentication dance still under way.
this._shouldHaveSyncKeyBundle = true;
Weave.Status.login = this._authFailureReason;
Services.obs.notifyObservers(null, "weave:service:login:error", null);