[Sync] Fix encryption/passphrase handling.

chrome/browser/sync/engine/syncapi.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/sync/engine/syncapi.h"
 
 #include <algorithm>
 #include <bitset>
 #include <iomanip>
 #include <list>
@@ skipping 2086 matching lines @@
   WriteNode node(&trans);
   if (!node.InitByTagLookup(kNigoriTag)) {
     NOTREACHED() << "Unable to set encrypted datatypes because Nigori node not "
                  << "found.";
     return;
   }
 
   Cryptographer* cryptographer = trans.GetCryptographer();
 
   if (!cryptographer->is_initialized()) {
-    NOTREACHED() << "Attempting to encrypt datatypes when cryptographer not "
-                 << "initialized.";
+    VLOG(1) << "Attempting to encrypt datatypes when cryptographer not "
+            << "initialized, prompting for passphrase.";
+    ObserverList<SyncManager::Observer> temp_obs_list;
+    CopyObservers(&temp_obs_list);
+    // TODO(zea): this isn't really decryption, but that's the only way we have
+    // to prompt the user for a passsphrase. See http://crbug.com/91379.
+    FOR_EACH_OBSERVER(SyncManager::Observer, temp_obs_list,
+                      OnPassphraseRequired(sync_api::REASON_DECRYPTION));
     return;
   }
 
-  // Update the Nigori node set of encrypted datatypes so other machines notice.
+  // Update the Nigori node's set of encrypted datatypes.
   // Note, we merge the current encrypted types with those requested. Once a
   // datatypes is marked as needing encryption, it is never unmarked.
   sync_pb::NigoriSpecifics nigori;
   nigori.CopyFrom(node.GetNigoriSpecifics());
   syncable::ModelTypeSet current_encrypted_types = GetEncryptedTypes(&trans);
   syncable::ModelTypeSet newly_encrypted_types;
   std::set_union(current_encrypted_types.begin(), current_encrypted_types.end(),
                  encrypted_types.begin(), encrypted_types.end(),
                  std::inserter(newly_encrypted_types,
                                newly_encrypted_types.begin()));
-  if (newly_encrypted_types == current_encrypted_types)
-    return;  // Set of encrypted types did not change.
+  if (newly_encrypted_types == current_encrypted_types) {
+    // Set of encrypted types has not changed, just notify and return.
+    ObserverList<SyncManager::Observer> temp_obs_list;
+    CopyObservers(&temp_obs_list);
+    FOR_EACH_OBSERVER(SyncManager::Observer, temp_obs_list,
+                      OnEncryptionComplete(current_encrypted_types));
+    return;
+  }
   syncable::FillNigoriEncryptedTypes(newly_encrypted_types, &nigori);
   node.SetNigoriSpecifics(nigori);
 
   cryptographer->SetEncryptedTypes(nigori);
 
   // TODO(zea): only reencrypt this datatype? ReEncrypting everything is a
   // safer approach, and should not impact anything that is already encrypted
   // (redundant changes are ignored).
   ReEncryptEverything(&trans);
   return;
@@ skipping 24 matching lines @@
     to_visit.push(child_id);
     while (!to_visit.empty()) {
       child_id = to_visit.front();
       to_visit.pop();
       if (child_id == kInvalidId)
         continue;
 
       WriteNode child(trans);
       if (!child.InitByIdLookup(child_id)) {
         NOTREACHED();
-        return;
+        continue;
       }
       if (child.GetIsFolder()) {
         to_visit.push(child.GetFirstChildId());
       }
       if (child.GetEntry()->Get(syncable::UNIQUE_SERVER_TAG).empty()) {
       // Rewrite the specifics of the node with encrypted data if necessary
       // (only rewrite the non-unique folders).
         child.ResetFromSpecifics();
       }
       to_visit.push(child.GetSuccessorId());
     }
   }
 
   if (routes.count(syncable::PASSWORDS) > 0) {
     // Passwords are encrypted with their own legacy scheme.
     ReadNode passwords_root(trans);
     std::string passwords_tag =
         syncable::ModelTypeToRootTag(syncable::PASSWORDS);
-    if (!passwords_root.InitByTagLookup(passwords_tag)) {
-      LOG(WARNING) << "No passwords to reencrypt.";
-      return;
-    }
-
-    int64 child_id = passwords_root.GetFirstChildId();
-    while (child_id != kInvalidId) {
-      WriteNode child(trans);
-      if (!child.InitByIdLookup(child_id)) {
-        NOTREACHED();
-        return;
+    // It's possible we'll have the password routing info and not the password
+    // root if we attempted to SetPassphrase before passwords was enabled.
+    if (passwords_root.InitByTagLookup(passwords_tag)) {
+      int64 child_id = passwords_root.GetFirstChildId();
+      while (child_id != kInvalidId) {
+        WriteNode child(trans);
+        if (!child.InitByIdLookup(child_id)) {
+          NOTREACHED();
+          return;
+        }
+        child.SetPasswordSpecifics(child.GetPasswordSpecifics());
+        child_id = child.GetSuccessorId();
       }
-      child.SetPasswordSpecifics(child.GetPasswordSpecifics());
-      child_id = child.GetSuccessorId();
     }
   }
 
   ObserverList<SyncManager::Observer> temp_obs_list;
   CopyObservers(&temp_obs_list);
   FOR_EACH_OBSERVER(SyncManager::Observer, temp_obs_list,
                     OnEncryptionComplete(encrypted_types));
 }
 
 SyncManager::~SyncManager() {
@@ skipping 862 matching lines @@
 void SyncManager::TriggerOnIncomingNotificationForTest(
     const syncable::ModelTypeBitSet& model_types) {
   syncable::ModelTypePayloadMap model_types_with_payloads =
       syncable::ModelTypePayloadMapFromBitSet(model_types,
           std::string());
 
   data_->OnIncomingNotification(model_types_with_payloads);
 }
 
 }  // namespace sync_api