[Sync] Gracefully handle writing to a node when the cryptographer is not ready.

chrome/browser/sync/internal_api/sync_manager.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/sync/internal_api/sync_manager.h"
 
 #include <string>
 #include <vector>
 
 #include "base/base64.h"
@@ skipping 825 matching lines @@
       cryptographer->Update(node.GetNigoriSpecifics());
   if (result == Cryptographer::NEEDS_PASSPHRASE) {
     ObserverList<SyncManager::Observer> temp_obs_list;
     CopyObservers(&temp_obs_list);
     FOR_EACH_OBSERVER(SyncManager::Observer, temp_obs_list,
                       OnPassphraseRequired(sync_api::REASON_DECRYPTION));
   }
 
   allstatus_.SetCryptographerReady(cryptographer->is_ready());
   allstatus_.SetCryptoHasPendingKeys(cryptographer->has_pending_keys());
+  allstatus_.SetEncryptedTypes(cryptographer->GetEncryptedTypes());
 
   return cryptographer->is_ready();
 }
 
 void SyncManager::SyncInternal::StartSyncingNormally() {
   // Start the sync scheduler. This won't actually result in any
   // syncing until at least the DirectoryManager broadcasts the OPENED
   // event, and a valid server connection is detected.
   if (scheduler())  // NULL during certain unittests.
     scheduler()->Start(SyncScheduler::NORMAL_MODE, NULL);
@@ skipping 162 matching lines @@
 
     // TODO(tim): Bug 58231. It would be nice if SetPassphrase didn't require
     // messing with the Nigori node, because we can't call SetPassphrase until
     // download conditions are met vs Cryptographer init.  It seems like it's
     // safe to defer this work.
     sync_pb::NigoriSpecifics specifics(node.GetNigoriSpecifics());
     specifics.clear_encrypted();
     cryptographer->GetKeys(specifics.mutable_encrypted());
     specifics.set_using_explicit_passphrase(is_explicit);
     node.SetNigoriSpecifics(specifics);
-    ReEncryptEverything(&trans);
   }
 
+  // Does nothing if everything is already encrypted or the cryptographer has
+  // pending keys.
+  ReEncryptEverything(&trans);
+
   VLOG(1) << "Passphrase accepted, bootstrapping encryption.";
   std::string bootstrap_token;
   cryptographer->GetBootstrapToken(&bootstrap_token);
   ObserverList<SyncManager::Observer> temp_obs_list;
   CopyObservers(&temp_obs_list);
   FOR_EACH_OBSERVER(SyncManager::Observer, temp_obs_list,
                     OnPassphraseAccepted(bootstrap_token));
 }
 
 bool SyncManager::SyncInternal::IsUsingExplicitPassphrase() {
@@ skipping 17 matching lines @@
   WriteTransaction trans(FROM_HERE, GetUserShare());
   WriteNode node(&trans);
   if (!node.InitByTagLookup(kNigoriTag)) {
     NOTREACHED() << "Unable to set encrypted datatypes because Nigori node not "
                  << "found.";
     return;
   }
 
   Cryptographer* cryptographer = trans.GetCryptographer();
 
-  if (!cryptographer->is_initialized()) {
+  if (!cryptographer->is_ready()) {
     VLOG(1) << "Attempting to encrypt datatypes when cryptographer not "
             << "initialized, prompting for passphrase.";
     ObserverList<SyncManager::Observer> temp_obs_list;
     CopyObservers(&temp_obs_list);
     // TODO(zea): this isn't really decryption, but that's the only way we have
     // to prompt the user for a passsphrase. See http://crbug.com/91379.
     FOR_EACH_OBSERVER(SyncManager::Observer, temp_obs_list,
                       OnPassphraseRequired(sync_api::REASON_DECRYPTION));
     return;
   }
 
   // Update the Nigori node's set of encrypted datatypes.
   // Note, we merge the current encrypted types with those requested. Once a
   // datatypes is marked as needing encryption, it is never unmarked.
   sync_pb::NigoriSpecifics nigori;
   nigori.CopyFrom(node.GetNigoriSpecifics());
   syncable::ModelTypeSet current_encrypted_types = GetEncryptedTypes(&trans);
   syncable::ModelTypeSet newly_encrypted_types;
   std::set_union(current_encrypted_types.begin(), current_encrypted_types.end(),
                  encrypted_types.begin(), encrypted_types.end(),
                  std::inserter(newly_encrypted_types,
                                newly_encrypted_types.begin()));
   allstatus_.SetEncryptedTypes(newly_encrypted_types);
-  if (newly_encrypted_types == current_encrypted_types) {
-    // Set of encrypted types has not changed, just notify and return.
-    ObserverList<SyncManager::Observer> temp_obs_list;
-    CopyObservers(&temp_obs_list);
-    FOR_EACH_OBSERVER(SyncManager::Observer, temp_obs_list,
-                      OnEncryptionComplete(current_encrypted_types));
-    return;
-  }
   syncable::FillNigoriEncryptedTypes(newly_encrypted_types, &nigori);
   node.SetNigoriSpecifics(nigori);
-
   cryptographer->SetEncryptedTypes(nigori);
 
-  // TODO(zea): only reencrypt this datatype? ReEncrypting everything is a
-  // safer approach, and should not impact anything that is already encrypted
-  // (redundant changes are ignored).
+  // We reencrypt everything regardless of whether the set of encrypted
+  // types changed to ensure that any stray unencrypted entries are overwritten.
   ReEncryptEverything(&trans);
   return;
 }
 
 // TODO(zea): Add unit tests that ensure no sync changes are made when not
 // needed.
 void SyncManager::SyncInternal::ReEncryptEverything(WriteTransaction* trans) {
-  syncable::ModelTypeSet encrypted_types =
-      GetEncryptedTypes(trans);
+  Cryptographer* cryptographer = trans->GetCryptographer();
+  if (!cryptographer || !cryptographer->is_ready())
+    return;
+  syncable::ModelTypeSet encrypted_types = GetEncryptedTypes(trans);
   ModelSafeRoutingInfo routes;
   registrar_->GetModelSafeRoutingInfo(&routes);
   std::string tag;
   for (syncable::ModelTypeSet::iterator iter = encrypted_types.begin();
        iter != encrypted_types.end(); ++iter) {
     if (*iter == syncable::PASSWORDS || routes.count(*iter) == 0)
       continue;
     ReadNode type_root(trans);
     tag = syncable::ModelTypeToRootTag(*iter);
     if (!type_root.InitByTagLookup(tag)) {
@@ skipping 931 matching lines @@
 
   for (syncable::ModelTypeSet::const_iterator i = types.begin();
        i != types.end(); ++i) {
     if (!lookup->initial_sync_ended_for_type(*i))
       return false;
   }
   return true;
 }
 
 }  // namespace sync_api