gecko

wine/gecko

mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00

History

Nick Alexander 35c4d91d0e Bug 1148504 - Protect Firefox Account state with a critical section. r=rnewman ======== `8b1d353ee8` Author: Nick Alexander <nalexander@mozilla.com> Bug 1148504 - Part 2: Make updating Firefox Account state happen in a critical section. It's worth noting that the two consumers of the shared state lock will only race for a very short window -- essentially only when creating or re-connecting an account. That's because Reading List oauth tokens are long-lived and do not expire (yet) in response to remote Account state changes, such as updating the Account password. So Sync and RL will race to initialize the Account state; eventually RL will get an oauth token; and that token will be cached forever until RL produces a 401 for the token or Android expires the token. Since Sync requests a token server token at the start of every sync, the lock will be constantly exercised, but should never block. ======== `d7a8611810` Author: Nick Alexander <nalexander@mozilla.com> Date: Fri Mar 27 08:27:28 2015 -0700 Bug 1148504 - Part 1: Reduce scope of section that may set Account state. The only place that might throw a TokenServerException is the token server client code itself. By handling such an exception earlier, we reduce the scope of the section that may update the Firefox Account state. (This comes at the cost of threading AndroidFxAccount into syncWithAssertion, but c'est la vie.) This does not interact with the exist handling of 401s that we might see from the storage endpoint. Those 401s never generated TokenServerExceptions; in fact, they were (essentially) ignored. Since we fetch a fresh token every Sync, what was (and is) expected is that such 401s would be transient and fixed by authenticating with a fresher token. Test plan: manually verify that remotely changing the Firefox Account's password while the device is in the Married state does the following: 1) uses the cached certificate to generate a local assertion; 2) the assertion produces a 401 from the TokenServerException, since the certificate is no longer fresh; 3) the TokenServerException drives the Account state to Cohabiting; 4) the state machine discovers it cannot /sign, driving the Account state to Separated.	2015-03-27 10:01:35 -07:00
..
android	Bug 1148504 - Protect Firefox Account state with a critical section. r=rnewman	2015-03-27 10:01:35 -07:00
locales	Bug 1088220 - Add login doorhanger. r=margaret	2015-03-26 16:34:29 -07:00

Nick Alexander 35c4d91d0e Bug 1148504 - Protect Firefox Account state with a critical section. r=rnewman

========

8b1d353ee8
Author: Nick Alexander <nalexander@mozilla.com>
    Bug 1148504 - Part 2: Make updating Firefox Account state happen in a critical section.

    It's worth noting that the two consumers of the shared state lock will
    only race for a very short window -- essentially only when creating or
    re-connecting an account.

    That's because Reading List oauth tokens are long-lived and do not
    expire (yet) in response to remote Account state changes, such as
    updating the Account password.  So Sync and RL will race to initialize
    the Account state; eventually RL will get an oauth token; and that token
    will be cached forever until RL produces a 401 for the token or Android
    expires the token.

    Since Sync requests a token server token at the start of every sync, the
    lock will be constantly exercised, but should never block.

========

d7a8611810
Author: Nick Alexander <nalexander@mozilla.com>
Date:   Fri Mar 27 08:27:28 2015 -0700

    Bug 1148504 - Part 1: Reduce scope of section that may set Account state.

    The only place that might throw a TokenServerException is the token
    server client code itself.  By handling such an exception earlier, we
    reduce the scope of the section that may update the Firefox Account
    state.  (This comes at the cost of threading AndroidFxAccount into
    syncWithAssertion, but c'est la vie.)

    This does not interact with the exist handling of 401s that we might see
    from the storage endpoint.  Those 401s never generated
    TokenServerExceptions; in fact, they were (essentially) ignored.  Since
    we fetch a fresh token every Sync, what was (and is) expected is that
    such 401s would be transient and fixed by authenticating with a fresher
    token.

    Test plan: manually verify that remotely changing the Firefox Account's
    password while the device is in the Married state does the following:

    1) uses the cached certificate to generate a local assertion;
    2) the assertion produces a 401 from the TokenServerException, since the
    certificate is no longer fresh;
    3) the TokenServerException drives the Account state to Cohabiting;
    4) the state machine discovers it cannot /sign, driving the Account
    state to Separated.

2015-03-27 10:01:35 -07:00

android Bug 1148504 - Protect Firefox Account state with a critical section. r=rnewman 2015-03-27 10:01:35 -07:00

locales Bug 1088220 - Add login doorhanger. r=margaret 2015-03-26 16:34:29 -07:00