Page MenuHomePhabricator

[keyserver][lib] Introduce fetch_pending_updates endpoint
ClosedPublic

Authored by ashoat on Sat, Jun 8, 3:42 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sat, Jun 15, 7:01 PM
Unknown Object (File)
Sat, Jun 15, 6:50 PM
Unknown Object (File)
Sat, Jun 15, 3:23 PM
Unknown Object (File)
Sat, Jun 15, 3:22 PM
Unknown Object (File)
Fri, Jun 14, 8:30 PM
Unknown Object (File)
Fri, Jun 14, 7:54 AM
Unknown Object (File)
Mon, Jun 10, 5:04 AM
Unknown Object (File)
Mon, Jun 10, 5:02 AM
Subscribers

Details

Summary

This addresses ENG-8088. In a later diff, the client will call this when encountering a socket crash loop. The higher timeout will allow us to download a larger amount of data.

Depends on D12363

Test Plan

In combination with later diffs, I tested as follows:

  1. I created a socket crash loop on a physical iOS device using @inka's create-many-threads-to-trigger-crash-loop.js script (see ENG-8090
  2. I confirmed that the socket was unable to connect prior to my diff stack
  3. I confirmed that after applying my diff stack, the SUCCESS action was dispatched, and the socket was able to connect afterwards

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

Harbormaster returned this revision to the author for changes because remote builds failed.Sat, Jun 8, 4:03 PM
Harbormaster failed remote builds in B29554: Diff 41141!
ashoat requested review of this revision.Sat, Jun 8, 6:40 PM
ashoat added inline comments.
keyserver/src/responders/update-responders.js
13 ↗(On Diff #41141)

I wonder if we need to do something special here for users that haven't acknowledged the latest policies. I'm worried that eg. the socket normally won't allow those users to connect, but perhaps we're allowing them to circumvent that by just calling this endpoint.

cc @kamil, do you recall how the keyserver <> client socket code handles this case?

tomek added 1 blocking reviewer(s): kamil.
kamil added inline comments.
keyserver/src/responders/update-responders.js
13 ↗(On Diff #41141)

When policies are not acknowledged socket should refuse to open. Adding this endpoint shouldn't affect that because this endpoint whenever called should also validate policies, see here.

This revision is now accepted and ready to land.Mon, Jun 10, 10:01 AM
keyserver/src/responders/update-responders.js
13 ↗(On Diff #41141)

Thanks @kamil!! That makes sense... I guess baseLegalPolicies is what protects us here