Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(508)

Side by Side Diff: sync/engine/syncer_util.cc

Issue 10825137: FYI: Control Data + Per-Device Metadata (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Add PER_USER_METADATA, refactor some encryption code Created 8 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "sync/engine/syncer_util.h" 5 #include "sync/engine/syncer_util.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 #include <set> 8 #include <set>
9 #include <string> 9 #include <string>
10 #include <vector> 10 #include <vector>
(...skipping 176 matching lines...) Expand 10 before | Expand all | Expand 10 after
187 syncable::WriteTransaction* const trans, 187 syncable::WriteTransaction* const trans,
188 syncable::MutableEntry* const entry, 188 syncable::MutableEntry* const entry,
189 ConflictResolver* resolver, 189 ConflictResolver* resolver,
190 Cryptographer* cryptographer) { 190 Cryptographer* cryptographer) {
191 CHECK(entry->good()); 191 CHECK(entry->good());
192 if (!entry->Get(IS_UNAPPLIED_UPDATE)) 192 if (!entry->Get(IS_UNAPPLIED_UPDATE))
193 return SUCCESS; // No work to do. 193 return SUCCESS; // No work to do.
194 syncable::Id id = entry->Get(ID); 194 syncable::Id id = entry->Get(ID);
195 const sync_pb::EntitySpecifics& specifics = entry->Get(SERVER_SPECIFICS); 195 const sync_pb::EntitySpecifics& specifics = entry->Get(SERVER_SPECIFICS);
196 196
197 // We intercept updates to the Nigori node, update the Cryptographer and
198 // encrypt any unsynced changes here because there is no Nigori
199 // ChangeProcessor. We never put the nigori node in a state of
200 // conflict_encryption.
201 //
202 // We always update the cryptographer with the server's nigori node,
203 // even if we have a locally modified nigori node (we manually merge nigori
204 // data in the conflict resolver in that case). This handles the case where
205 // two clients both set a different passphrase. The second client to attempt
206 // to commit will go into a state of having pending keys, unioned the set of
207 // encrypted types, and eventually re-encrypt everything with the passphrase
208 // of the first client and commit the set of merged encryption keys. Until the
209 // second client provides the pending passphrase, the cryptographer will
210 // preserve the encryption keys based on the local passphrase, while the
211 // nigori node will preserve the server encryption keys.
212 //
213 // If non-encryption changes are made to the nigori node, they will be
214 // lost as part of conflict resolution. This is intended, as we place a higher
215 // priority on preserving the server's passphrase change to preserving local
216 // non-encryption changes. Next time the non-encryption changes are made to
217 // the nigori node (e.g. on restart), they will commit without issue.
218 if (specifics.has_nigori()) {
219 const sync_pb::NigoriSpecifics& nigori = specifics.nigori();
220 cryptographer->Update(nigori);
221
222 // Make sure any unsynced changes are properly encrypted as necessary.
223 // We only perform this if the cryptographer is ready. If not, these are
224 // re-encrypted at SetDecryptionPassphrase time (via ReEncryptEverything).
225 // This logic covers the case where the nigori update marked new datatypes
226 // for encryption, but didn't change the passphrase.
227 if (cryptographer->is_ready()) {
228 // Note that we don't bother to encrypt any data for which IS_UNSYNCED
229 // == false here. The machine that turned on encryption should know about
230 // and re-encrypt all synced data. It's possible it could get interrupted
231 // during this process, but we currently reencrypt everything at startup
232 // as well, so as soon as a client is restarted with this datatype marked
233 // for encryption, all the data should be updated as necessary.
234
235 // If this fails, something is wrong with the cryptographer, but there's
236 // nothing we can do about it here.
237 DVLOG(1) << "Received new nigori, encrypting unsynced changes.";
238 syncable::ProcessUnsyncedChangesForEncryption(trans, cryptographer);
239 }
240 }
241
242 // Only apply updates that we can decrypt. If we can't decrypt the update, it 197 // Only apply updates that we can decrypt. If we can't decrypt the update, it
243 // is likely because the passphrase has not arrived yet. Because the 198 // is likely because the passphrase has not arrived yet. Because the
244 // passphrase may not arrive within this GetUpdates, we can't just return 199 // passphrase may not arrive within this GetUpdates, we can't just return
245 // conflict, else we try to perform normal conflict resolution prematurely or 200 // conflict, else we try to perform normal conflict resolution prematurely or
246 // the syncer may get stuck. As such, we return CONFLICT_ENCRYPTION, which is 201 // the syncer may get stuck. As such, we return CONFLICT_ENCRYPTION, which is
247 // treated as an unresolvable conflict. See the description in syncer_types.h. 202 // treated as an unresolvable conflict. See the description in syncer_types.h.
248 // This prevents any unsynced changes from commiting and postpones conflict 203 // This prevents any unsynced changes from commiting and postpones conflict
249 // resolution until all data can be decrypted. 204 // resolution until all data can be decrypted.
250 if (specifics.has_encrypted() && 205 if (specifics.has_encrypted() &&
251 !cryptographer->CanDecrypt(specifics.encrypted())) { 206 !cryptographer->CanDecrypt(specifics.encrypted())) {
(...skipping 212 matching lines...) Expand 10 before | Expand all | Expand 10 after
464 << " Illegal predecessor after converting from server position."; 419 << " Illegal predecessor after converting from server position.";
465 } 420 }
466 421
467 entry->Put(CTIME, entry->Get(SERVER_CTIME)); 422 entry->Put(CTIME, entry->Get(SERVER_CTIME));
468 entry->Put(MTIME, entry->Get(SERVER_MTIME)); 423 entry->Put(MTIME, entry->Get(SERVER_MTIME));
469 entry->Put(BASE_VERSION, entry->Get(SERVER_VERSION)); 424 entry->Put(BASE_VERSION, entry->Get(SERVER_VERSION));
470 entry->Put(IS_DEL, entry->Get(SERVER_IS_DEL)); 425 entry->Put(IS_DEL, entry->Get(SERVER_IS_DEL));
471 entry->Put(IS_UNAPPLIED_UPDATE, false); 426 entry->Put(IS_UNAPPLIED_UPDATE, false);
472 } 427 }
473 428
429 // Allow the server's changes to take precedence.
430 // This will take effect during the next ApplyUpdates step.
431 void IgnoreLocalChanges(MutableEntry* entry) {
432 DCHECK(entry->Get(IS_UNSYNCED));
433 DCHECK(entry->Get(IS_UNAPPLIED_UPDATE));
434 entry->Put(syncable::IS_UNSYNCED, false);
435 }
436
437 // Overwrite the server with our own value.
438 // We will commit our local data, overwriting the server, at the next
439 // opportunity.
440 void OverwriteServerChanges(MutableEntry* entry) {
441 DCHECK(entry->Get(IS_UNSYNCED));
442 DCHECK(entry->Get(IS_UNAPPLIED_UPDATE));
443 entry->Put(syncable::BASE_VERSION, entry->Get(syncable::SERVER_VERSION));
444 entry->Put(syncable::IS_UNAPPLIED_UPDATE, false);
445 }
446
447 // Having determined that everything matches, we ignore the non-conflict.
448 void IgnoreConflict(MutableEntry* entry) {
449 // If we didn't also unset IS_UNAPPLIED_UPDATE, then we would lose unsynced
450 // positional data from adjacent entries when the server update gets applied
451 // and the item is re-inserted into the PREV_ID/NEXT_ID linked list. This is
452 // primarily an issue because we commit after applying updates, and is most
453 // commonly seen when positional changes are made while a passphrase is
454 // required (and hence there will be many encryption conflicts).
455 DCHECK(entry->Get(IS_UNSYNCED));
456 DCHECK(entry->Get(IS_UNAPPLIED_UPDATE));
457 entry->Put(syncable::BASE_VERSION, entry->Get(syncable::SERVER_VERSION));
458 entry->Put(syncable::IS_UNAPPLIED_UPDATE, false);
459 entry->Put(syncable::IS_UNSYNCED, false);
460 }
461
474 VerifyCommitResult ValidateCommitEntry(syncable::Entry* entry) { 462 VerifyCommitResult ValidateCommitEntry(syncable::Entry* entry) {
475 syncable::Id id = entry->Get(ID); 463 syncable::Id id = entry->Get(ID);
476 if (id == entry->Get(PARENT_ID)) { 464 if (id == entry->Get(PARENT_ID)) {
477 CHECK(id.IsRoot()) << "Non-root item is self parenting." << *entry; 465 CHECK(id.IsRoot()) << "Non-root item is self parenting." << *entry;
478 // If the root becomes unsynced it can cause us problems. 466 // If the root becomes unsynced it can cause us problems.
479 LOG(ERROR) << "Root item became unsynced " << *entry; 467 LOG(ERROR) << "Root item became unsynced " << *entry;
480 return VERIFY_UNSYNCABLE; 468 return VERIFY_UNSYNCABLE;
481 } 469 }
482 if (entry->IsRoot()) { 470 if (entry->IsRoot()) {
483 LOG(ERROR) << "Permanent item became unsynced " << *entry; 471 LOG(ERROR) << "Permanent item became unsynced " << *entry;
(...skipping 208 matching lines...) Expand 10 before | Expand all | Expand 10 after
692 if (update.version() < target->Get(SERVER_VERSION)) { 680 if (update.version() < target->Get(SERVER_VERSION)) {
693 LOG(WARNING) << "Update older than current server version for " 681 LOG(WARNING) << "Update older than current server version for "
694 << *target << " Update:" 682 << *target << " Update:"
695 << SyncerProtoUtil::SyncEntityDebugString(update); 683 << SyncerProtoUtil::SyncEntityDebugString(update);
696 return VERIFY_SUCCESS; // Expected in new sync protocol. 684 return VERIFY_SUCCESS; // Expected in new sync protocol.
697 } 685 }
698 return VERIFY_UNDECIDED; 686 return VERIFY_UNDECIDED;
699 } 687 }
700 688
701 } // namespace syncer 689 } // namespace syncer
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698