Bug 1297552 - Only permit U2F operations in e10s mode r=keeler
authorJ.C. Jones <jjones@mozilla.com>
Fri, 07 Oct 2016 17:28:52 -0700
changeset 363076 bf9ddecd3f458234c1f85137b2263f40131b3d61
parent 363075 f824c01ff5ca54dfaf16d8a64110ef8ca2ddbac2
child 363077 8ffab2bebce514abb1df000808408ab5ce3b4c73
push id1369
push userjlorenzo@mozilla.com
push dateMon, 27 Feb 2017 14:59:41 +0000
treeherdermozilla-release@d75a1dba431f [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerskeeler
bugs1297552, 1298838
milestone52.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1297552 - Only permit U2F operations in e10s mode r=keeler - Breaks compatibility with non-e10s windows, as the underlying USB implementation from Bug 1298838 won't support non-e10s either. - Now that U2F doesn't support non-e10s, disable tests if we're not in e10s mode. MozReview-Commit-ID: 5F2323xtXEC
dom/u2f/U2F.cpp
dom/u2f/U2F.h
dom/u2f/tests/mochitest.ini
--- a/dom/u2f/U2F.cpp
+++ b/dom/u2f/U2F.cpp
@@ -561,16 +561,17 @@ EvaluateAppIDAndRunTask(U2FTask* aTask)
   }
 
   // TODO(Bug 1244959) Implement the remaining algorithm.
   aTask->ReturnError(ErrorCode::BAD_REQUEST);
   return;
 }
 
 U2F::U2F()
+ : mInitialized(false)
 {}
 
 U2F::~U2F()
 {
   nsNSSShutDownPreventionLock locker;
 
   if (isAlreadyShutDown()) {
     return;
@@ -582,16 +583,17 @@ U2F::~U2F()
 U2F::WrapObject(JSContext* aCx, JS::Handle<JSObject*> aGivenProto)
 {
   return U2FBinding::Wrap(aCx, this, aGivenProto);
 }
 
 void
 U2F::Init(nsPIDOMWindowInner* aParent, ErrorResult& aRv)
 {
+  MOZ_ASSERT(!mInitialized);
   MOZ_ASSERT(!mParent);
   mParent = do_QueryInterface(aParent);
   MOZ_ASSERT(mParent);
 
   nsCOMPtr<nsIDocument> doc = mParent->GetDoc();
   MOZ_ASSERT(doc);
 
   nsIPrincipal* principal = doc->NodePrincipal();
@@ -601,61 +603,59 @@ U2F::Init(nsPIDOMWindowInner* aParent, E
   }
 
   if (NS_WARN_IF(mOrigin.IsEmpty())) {
     aRv.Throw(NS_ERROR_FAILURE);
     return;
   }
 
   if (!EnsureNSSInitializedChromeOrContent()) {
-    MOZ_LOG(gWebauthLog, LogLevel::Debug, ("Failed to get NSS context for U2F"));
+    MOZ_LOG(gWebauthLog, LogLevel::Debug,
+            ("Failed to get NSS context for U2F"));
     aRv.Throw(NS_ERROR_FAILURE);
     return;
   }
 
+  // This only functions in e10s mode
+  if (XRE_IsParentProcess()) {
+    MOZ_LOG(gWebauthLog, LogLevel::Debug,
+      ("Is non-e10s Process, U2F not available"));
+     aRv.Throw(NS_ERROR_FAILURE);
+     return;
+   }
+
   // Monolithically insert compatible nsIU2FToken objects into mAuthenticators.
   // In future functionality expansions, this is where we could add a dynamic
   // add/remove interface.
   if (Preferences::GetBool(PREF_U2F_SOFTTOKEN_ENABLED)) {
-    if (!XRE_IsParentProcess()) {
-      MOZ_LOG(gWebauthLog, LogLevel::Debug,
-        ("Is e10s Process, getting remote U2F soft token"));
-
-      if (!mAuthenticators.AppendElement(new NSSU2FTokenRemote(),
-                                         mozilla::fallible)) {
-        aRv.Throw(NS_ERROR_OUT_OF_MEMORY);
-        return;
-      }
-    } else {
-       MOZ_LOG(gWebauthLog, LogLevel::Debug,
-        ("Is non-e10s Process, getting direct U2F soft token"));
-
-      nsCOMPtr<nsINSSU2FToken> softToken =
-        do_GetService(NS_NSSU2FTOKEN_CONTRACTID);
-      if (NS_WARN_IF(!softToken)) {
-        aRv.Throw(NS_ERROR_FAILURE);
-        return;
-      }
-
-      if (!mAuthenticators.AppendElement(softToken, mozilla::fallible)) {
-        aRv.Throw(NS_ERROR_OUT_OF_MEMORY);
-        return;
-      }
+    if (!mAuthenticators.AppendElement(new NSSU2FTokenRemote(),
+                                       mozilla::fallible)) {
+      aRv.Throw(NS_ERROR_OUT_OF_MEMORY);
+      return;
     }
   }
+
+  mInitialized = true;
 }
 
 void
 U2F::Register(const nsAString& aAppId,
               const Sequence<RegisterRequest>& aRegisterRequests,
               const Sequence<RegisteredKey>& aRegisteredKeys,
               U2FRegisterCallback& aCallback,
               const Optional<Nullable<int32_t>>& opt_aTimeoutSeconds,
               ErrorResult& aRv)
 {
+  MOZ_ASSERT(NS_IsMainThread());
+
+  if (!mInitialized) {
+    aRv.Throw(NS_ERROR_NOT_AVAILABLE);
+    return;
+  }
+
   RefPtr<U2FRegisterTask> registerTask = new U2FRegisterTask(mOrigin, aAppId,
                                                              aRegisterRequests,
                                                              aRegisteredKeys,
                                                              &aCallback,
                                                              mAuthenticators);
 
   EvaluateAppIDAndRunTask(registerTask);
 }
@@ -663,16 +663,23 @@ U2F::Register(const nsAString& aAppId,
 void
 U2F::Sign(const nsAString& aAppId,
           const nsAString& aChallenge,
           const Sequence<RegisteredKey>& aRegisteredKeys,
           U2FSignCallback& aCallback,
           const Optional<Nullable<int32_t>>& opt_aTimeoutSeconds,
           ErrorResult& aRv)
 {
+  MOZ_ASSERT(NS_IsMainThread());
+
+  if (!mInitialized) {
+    aRv.Throw(NS_ERROR_NOT_AVAILABLE);
+    return;
+  }
+
   RefPtr<U2FSignTask> signTask = new U2FSignTask(mOrigin, aAppId, aChallenge,
                                                  aRegisteredKeys, &aCallback,
                                                  mAuthenticators);
 
   EvaluateAppIDAndRunTask(signTask);
 }
 
 } // namespace dom
--- a/dom/u2f/U2F.h
+++ b/dom/u2f/U2F.h
@@ -153,16 +153,17 @@ public:
   // No NSS resources to release.
   virtual
   void virtualDestroyNSSReference() override {};
 
 private:
   nsCOMPtr<nsPIDOMWindowInner> mParent;
   nsString mOrigin;
   Sequence<Authenticator> mAuthenticators;
+  bool mInitialized;
 
   ~U2F();
 };
 
 } // namespace dom
 } // namespace mozilla
 
 #endif // mozilla_dom_U2F_h
--- a/dom/u2f/tests/mochitest.ini
+++ b/dom/u2f/tests/mochitest.ini
@@ -7,15 +7,23 @@ support-files =
   frame_register.html
   frame_register_sign.html
   pkijs/asn1.js
   pkijs/common.js
   pkijs/x509_schema.js
   pkijs/x509_simpl.js
   u2futil.js
 
+# Feature does not function on e10s (Disabled in Bug 1297552)
 [test_util_methods.html]
+skip-if = !e10s
 [test_no_token.html]
+skip-if = !e10s
 [test_register.html]
+skip-if = !e10s
 [test_register_sign.html]
+skip-if = !e10s
 [test_appid_facet.html]
+skip-if = !e10s
 [test_appid_facet_insecure.html]
+skip-if = !e10s
 [test_appid_facet_subdomain.html]
+skip-if = !e10s