1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
|
/* Any copyright is dedicated to the Public Domain.
* http://creativecommons.org/publicdomain/zero/1.0/ */
Cu.import("resource://gre/modules/Log.jsm");
Cu.import("resource://services-sync/constants.js");
Cu.import("resource://services-sync/keys.js");
Cu.import("resource://services-sync/service.js");
Cu.import("resource://services-sync/util.js");
Cu.import("resource://testing-common/services/sync/fakeservices.js");
Cu.import("resource://testing-common/services/sync/utils.js");
function run_test() {
let logger = Log.repository.rootLogger;
Log.repository.rootLogger.addAppender(new Log.DumpAppender());
let guidSvc = new FakeGUIDService();
let clients = new ServerCollection();
let meta_global = new ServerWBO('global');
let collectionsHelper = track_collections_helper();
let upd = collectionsHelper.with_updated_collection;
let collections = collectionsHelper.collections;
function wasCalledHandler(wbo) {
let handler = wbo.handler();
return function() {
wbo.wasCalled = true;
handler.apply(this, arguments);
};
}
let keysWBO = new ServerWBO("keys");
let cryptoColl = new ServerCollection({keys: keysWBO});
let metaColl = new ServerCollection({global: meta_global});
do_test_pending();
/**
* Handle the bulk DELETE request sent by wipeServer.
*/
function storageHandler(request, response) {
do_check_eq("DELETE", request.method);
do_check_true(request.hasHeader("X-Confirm-Delete"));
_("Wiping out all collections.");
cryptoColl.delete({});
clients.delete({});
metaColl.delete({});
let ts = new_timestamp();
collectionsHelper.update_collection("crypto", ts);
collectionsHelper.update_collection("clients", ts);
collectionsHelper.update_collection("meta", ts);
return_timestamp(request, response, ts);
}
let server = httpd_setup({
"/1.1/johndoe/storage": storageHandler,
"/1.1/johndoe/storage/crypto/keys": upd("crypto", keysWBO.handler()),
"/1.1/johndoe/storage/crypto": upd("crypto", cryptoColl.handler()),
"/1.1/johndoe/storage/clients": upd("clients", clients.handler()),
"/1.1/johndoe/storage/meta/global": upd("meta", wasCalledHandler(meta_global)),
"/1.1/johndoe/storage/meta": upd("meta", wasCalledHandler(metaColl)),
"/1.1/johndoe/info/collections": collectionsHelper.handler
});
try {
_("Log in.");
ensureLegacyIdentityManager();
Service.serverURL = server.baseURI;
_("Checking Status.sync with no credentials.");
Service.verifyAndFetchSymmetricKeys();
do_check_eq(Service.status.sync, CREDENTIALS_CHANGED);
do_check_eq(Service.status.login, LOGIN_FAILED_NO_PASSPHRASE);
_("Log in with an old secret phrase, is upgraded to Sync Key.");
Service.login("johndoe", "ilovejane", "my old secret phrase!!1!");
_("End of login");
do_check_true(Service.isLoggedIn);
do_check_true(Utils.isPassphrase(Service.identity.syncKey));
let syncKey = Service.identity.syncKey;
Service.startOver();
Service.serverURL = server.baseURI;
Service.login("johndoe", "ilovejane", syncKey);
do_check_true(Service.isLoggedIn);
_("Checking that remoteSetup returns true when credentials have changed.");
Service.recordManager.get(Service.metaURL).payload.syncID = "foobar";
do_check_true(Service._remoteSetup());
_("Do an initial sync.");
let beforeSync = Date.now()/1000;
Service.sync();
_("Checking that remoteSetup returns true.");
do_check_true(Service._remoteSetup());
_("Verify that the meta record was uploaded.");
do_check_eq(meta_global.data.syncID, Service.syncID);
do_check_eq(meta_global.data.storageVersion, STORAGE_VERSION);
do_check_eq(meta_global.data.engines.clients.version, Service.clientsEngine.version);
do_check_eq(meta_global.data.engines.clients.syncID, Service.clientsEngine.syncID);
_("Set the collection info hash so that sync() will remember the modified times for future runs.");
collections.meta = Service.clientsEngine.lastSync;
collections.clients = Service.clientsEngine.lastSync;
Service.sync();
_("Sync again and verify that meta/global wasn't downloaded again");
meta_global.wasCalled = false;
Service.sync();
do_check_false(meta_global.wasCalled);
_("Fake modified records. This will cause a redownload, but not reupload since it hasn't changed.");
collections.meta += 42;
meta_global.wasCalled = false;
let metaModified = meta_global.modified;
Service.sync();
do_check_true(meta_global.wasCalled);
do_check_eq(metaModified, meta_global.modified);
_("Checking bad passphrases.");
let pp = Service.identity.syncKey;
Service.identity.syncKey = "notvalid";
do_check_false(Service.verifyAndFetchSymmetricKeys());
do_check_eq(Service.status.sync, CREDENTIALS_CHANGED);
do_check_eq(Service.status.login, LOGIN_FAILED_INVALID_PASSPHRASE);
Service.identity.syncKey = pp;
do_check_true(Service.verifyAndFetchSymmetricKeys());
// changePassphrase wipes our keys, and they're regenerated on next sync.
_("Checking changed passphrase.");
let existingDefault = Service.collectionKeys.keyForCollection();
let existingKeysPayload = keysWBO.payload;
let newPassphrase = "bbbbbabcdeabcdeabcdeabcdea";
Service.changePassphrase(newPassphrase);
_("Local key cache is full, but different.");
do_check_true(!!Service.collectionKeys._default);
do_check_false(Service.collectionKeys._default.equals(existingDefault));
_("Server has new keys.");
do_check_true(!!keysWBO.payload);
do_check_true(!!keysWBO.modified);
do_check_neq(keysWBO.payload, existingKeysPayload);
// Try to screw up HMAC calculation.
// Re-encrypt keys with a new random keybundle, and upload them to the
// server, just as might happen with a second client.
_("Attempting to screw up HMAC by re-encrypting keys.");
let keys = Service.collectionKeys.asWBO();
let b = new BulkKeyBundle("hmacerror");
b.generateRandom();
collections.crypto = keys.modified = 100 + (Date.now()/1000); // Future modification time.
keys.encrypt(b);
keys.upload(Service.resource(Service.cryptoKeysURL));
do_check_false(Service.verifyAndFetchSymmetricKeys());
do_check_eq(Service.status.login, LOGIN_FAILED_INVALID_PASSPHRASE);
} finally {
Svc.Prefs.resetBranch("");
server.stop(do_test_finished);
}
}
|