1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
|
/* Any copyright is dedicated to the Public Domain.
* http://creativecommons.org/publicdomain/zero/1.0/ */
const { CryptoWrapper, WBORecord } = ChromeUtils.importESModule(
"resource://services-sync/record.sys.mjs"
);
const { Service } = ChromeUtils.importESModule(
"resource://services-sync/service.sys.mjs"
);
add_task(async function v4_upgrade() {
enableValidationPrefs();
let clients = new ServerCollection();
let meta_global = new ServerWBO("global");
// Tracking info/collections.
let collectionsHelper = track_collections_helper();
let upd = collectionsHelper.with_updated_collection;
let collections = collectionsHelper.collections;
let keysWBO = new ServerWBO("keys");
let server = httpd_setup({
// Special.
"/1.1/johndoe/info/collections": collectionsHelper.handler,
"/1.1/johndoe/storage/crypto/keys": upd("crypto", keysWBO.handler()),
"/1.1/johndoe/storage/meta/global": upd("meta", meta_global.handler()),
// Track modified times.
"/1.1/johndoe/storage/clients": upd("clients", clients.handler()),
"/1.1/johndoe/storage/tabs": upd("tabs", new ServerCollection().handler()),
// Just so we don't get 404s in the logs.
"/1.1/johndoe/storage/bookmarks": new ServerCollection().handler(),
"/1.1/johndoe/storage/forms": new ServerCollection().handler(),
"/1.1/johndoe/storage/history": new ServerCollection().handler(),
"/1.1/johndoe/storage/passwords": new ServerCollection().handler(),
"/1.1/johndoe/storage/prefs": new ServerCollection().handler(),
});
try {
Service.status.resetSync();
_("Logging in.");
await configureIdentity({ username: "johndoe" }, server);
await Service.login();
Assert.ok(Service.isLoggedIn);
await Service.verifyAndFetchSymmetricKeys();
Assert.ok(await Service._remoteSetup());
async function test_out_of_date() {
_("Old meta/global: " + JSON.stringify(meta_global));
meta_global.payload = JSON.stringify({
syncID: "foooooooooooooooooooooooooo",
storageVersion: STORAGE_VERSION + 1,
});
collections.meta = Date.now() / 1000;
_("New meta/global: " + JSON.stringify(meta_global));
Service.recordManager.set(Service.metaURL, meta_global);
try {
await Service.sync();
} catch (ex) {}
Assert.equal(Service.status.sync, VERSION_OUT_OF_DATE);
}
// See what happens when we bump the storage version.
_("Syncing after server has been upgraded.");
await test_out_of_date();
// Same should happen after a wipe.
_("Syncing after server has been upgraded and wiped.");
await Service.wipeServer();
await test_out_of_date();
// Now's a great time to test what happens when keys get replaced.
_("Syncing afresh...");
Service.logout();
Service.collectionKeys.clear();
meta_global.payload = JSON.stringify({
syncID: "foooooooooooooobbbbbbbbbbbb",
storageVersion: STORAGE_VERSION,
});
collections.meta = Date.now() / 1000;
Service.recordManager.set(Service.metaURL, meta_global);
await Service.login();
Assert.ok(Service.isLoggedIn);
await Service.sync();
Assert.ok(Service.isLoggedIn);
let serverDecrypted;
let serverKeys;
let serverResp;
async function retrieve_server_default() {
serverKeys = serverResp = serverDecrypted = null;
serverKeys = new CryptoWrapper("crypto", "keys");
serverResp = (
await serverKeys.fetch(Service.resource(Service.cryptoKeysURL))
).response;
Assert.ok(serverResp.success);
serverDecrypted = await serverKeys.decrypt(
Service.identity.syncKeyBundle
);
_("Retrieved WBO: " + JSON.stringify(serverDecrypted));
_("serverKeys: " + JSON.stringify(serverKeys));
return serverDecrypted.default;
}
async function retrieve_and_compare_default(should_succeed) {
let serverDefault = await retrieve_server_default();
let localDefault = Service.collectionKeys.keyForCollection().keyPairB64;
_("Retrieved keyBundle: " + JSON.stringify(serverDefault));
_("Local keyBundle: " + JSON.stringify(localDefault));
if (should_succeed) {
Assert.equal(
JSON.stringify(serverDefault),
JSON.stringify(localDefault)
);
} else {
Assert.notEqual(
JSON.stringify(serverDefault),
JSON.stringify(localDefault)
);
}
}
// Uses the objects set above.
async function set_server_keys(pair) {
serverDecrypted.default = pair;
serverKeys.cleartext = serverDecrypted;
await serverKeys.encrypt(Service.identity.syncKeyBundle);
await serverKeys.upload(Service.resource(Service.cryptoKeysURL));
}
_("Checking we have the latest keys.");
await retrieve_and_compare_default(true);
_("Update keys on server.");
await set_server_keys([
"KaaaaaaaaaaaHAtfmuRY0XEJ7LXfFuqvF7opFdBD/MY=",
"aaaaaaaaaaaapxMO6TEWtLIOv9dj6kBAJdzhWDkkkis=",
]);
_("Checking that we no longer have the latest keys.");
await retrieve_and_compare_default(false);
_("Indeed, they're what we set them to...");
Assert.equal(
"KaaaaaaaaaaaHAtfmuRY0XEJ7LXfFuqvF7opFdBD/MY=",
(await retrieve_server_default())[0]
);
_("Sync. Should download changed keys automatically.");
let oldClientsModified = collections.clients;
let oldTabsModified = collections.tabs;
await Service.login();
await Service.sync();
_("New key should have forced upload of data.");
_("Tabs: " + oldTabsModified + " < " + collections.tabs);
_("Clients: " + oldClientsModified + " < " + collections.clients);
Assert.ok(collections.clients > oldClientsModified);
Assert.ok(collections.tabs > oldTabsModified);
_("... and keys will now match.");
await retrieve_and_compare_default(true);
// Clean up.
await Service.startOver();
} finally {
for (const pref of Svc.PrefBranch.getChildList("")) {
Svc.PrefBranch.clearUserPref(pref);
}
await promiseStopServer(server);
}
});
add_task(async function v5_upgrade() {
enableValidationPrefs();
// Tracking info/collections.
let collectionsHelper = track_collections_helper();
let upd = collectionsHelper.with_updated_collection;
let keysWBO = new ServerWBO("keys");
let bulkWBO = new ServerWBO("bulk");
let clients = new ServerCollection();
let meta_global = new ServerWBO("global");
let server = httpd_setup({
// Special.
"/1.1/johndoe/storage/meta/global": upd("meta", meta_global.handler()),
"/1.1/johndoe/info/collections": collectionsHelper.handler,
"/1.1/johndoe/storage/crypto/keys": upd("crypto", keysWBO.handler()),
"/1.1/johndoe/storage/crypto/bulk": upd("crypto", bulkWBO.handler()),
// Track modified times.
"/1.1/johndoe/storage/clients": upd("clients", clients.handler()),
"/1.1/johndoe/storage/tabs": upd("tabs", new ServerCollection().handler()),
});
try {
Service.status.resetSync();
Service.clusterURL = server.baseURI + "/";
await configureIdentity({ username: "johndoe" }, server);
// Test an upgrade where the contents of the server would cause us to error
// -- keys decrypted with a different sync key, for example.
_("Testing v4 -> v5 (or similar) upgrade.");
async function update_server_keys(syncKeyBundle, wboName, collWBO) {
await generateNewKeys(Service.collectionKeys);
let serverKeys = Service.collectionKeys.asWBO("crypto", wboName);
await serverKeys.encrypt(syncKeyBundle);
let res = Service.resource(Service.storageURL + collWBO);
Assert.ok((await serverKeys.upload(res)).success);
}
_("Bumping version.");
// Bump version on the server.
let m = new WBORecord("meta", "global");
m.payload = {
syncID: "foooooooooooooooooooooooooo",
storageVersion: STORAGE_VERSION + 1,
};
await m.upload(Service.resource(Service.metaURL));
_("New meta/global: " + JSON.stringify(meta_global));
// Fill the keys with bad data.
let badKeys = new BulkKeyBundle("crypto");
await badKeys.generateRandom();
await update_server_keys(badKeys, "keys", "crypto/keys"); // v4
await update_server_keys(badKeys, "bulk", "crypto/bulk"); // v5
_("Generating new keys.");
await generateNewKeys(Service.collectionKeys);
// Now sync and see what happens. It should be a version fail, not a crypto
// fail.
_("Logging in.");
try {
await Service.login();
} catch (e) {
_("Exception: " + e);
}
_("Status: " + Service.status);
Assert.ok(!Service.isLoggedIn);
Assert.equal(VERSION_OUT_OF_DATE, Service.status.sync);
// Clean up.
await Service.startOver();
} finally {
for (const pref of Svc.PrefBranch.getChildList("")) {
Svc.PrefBranch.clearUserPref(pref);
}
await promiseStopServer(server);
}
});
function run_test() {
Log.repository.rootLogger.addAppender(new Log.DumpAppender());
run_next_test();
}
|
