Sync never recovers from master password reset (or other failure to decrypt logins) or from a corrupt/missing logins.json

NEW
Unassigned

Status

()

Firefox
Sync
P3
normal
a year ago
8 months ago

People

(Reporter: a.harrowell@gmail.com, Unassigned)

Tracking

(Blocks: 1 bug)

54 Branch
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [sync:passwords])

(Reporter)

Description

a year ago
User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:54.0) Gecko/20100101 Firefox/54.0
Build ID: 20170608105825

Steps to reproduce:

Using Sync to synchronise between a Firefox for Android device and a Firefox instance on a PC.


Actual results:

Since the update to FF 54 and consequent re-authentication on the 23rd of June, 324 out of 336 saved passwords are no longer available either via the Password Manager or the Edit Passwords add-on. They are still present on the mobile device.

About Sync shows all the 336 total passwords as server records and the 324 it needs to download under ClientMissing. However, although they are evidently fetched, they are not written to local storage.

about:sync-log shows lots of the following error, ever since the re-authentication:

https://api.accounts.firefox.com/v1/certificate/sign failed: 2152398878 - NS_ERROR_UNKNOWN_HOST
1498648337388	Hawk	WARN	hawk request error: [Exception... "NS_ERROR_UNKNOWN_HOST"  nsresult: "0x804b001e (NS_ERROR_UNKNOWN_HOST)

This happens irrespective of whether I am on an enterprise network, VPN'd into it, or at home - therefore the problem seems to be with this web service of yours. Requesting https://api.accounts.firefox.com/v1/certificate/sign explicitly fails with a 404 error and errorno 999 ("Unspecified error"), as does anything under /v1/. 
And yes, I've clicked on the link to confirm the sign-in (I just pulled up the e-mail and did so again, and was informed I already had done). 

Timing strongly suggests that either FF 54 or release v1.89.0 of fxa-auth-server is guilty.


Expected results:

My passwords should get written to the local store.
(Reporter)

Comment 1

a year ago
WORKAROUND: disconnect affected device from sync, re-add it, all is love again.
Component: Untriaged → Sync
I'm glad it seems to be working for you again, but in the interests of finding the underlying issue, could you please upload all logs from about:sync-log?
Flags: needinfo?(a.harrowell)
(Reporter)

Comment 3

a year ago
OK, here's a link: https://www.dropbox.com/sh/kf3wzl07lkz4yoy/AAC7nY-R9ppK6F6Y-F1jr1u2a?dl=1
Flags: needinfo?(a.harrowell)
Thanks - those logs are helpful. I'll get back to this.
Flags: needinfo?(markh)
I thought we already had a bug for this, but I can't find it.

(In reply to a.harrowell@gmail.com from comment #0)
> Since the update to FF 54 and consequent re-authentication on the 23rd of
> June,

I'm not sure what happened as you updated, but whatever it was, I expect all your logins were suddenly unable to be decrypted. This is roughly the same thing that will happen if you set a master password then reset it. In short, Sync doesn't know the data has been lost, so doesn't attempt to refetch the logins and re-save them. Sadly, even if it did, currently it would still fail due to bug 621846, but hopefully that will be fixed soon.

What *might* be possible is for Sync to count how many logins are unable to be decrypted and store that in preferences. If it ever finds that number has changed since the last sync, it could do a local "reset" and force all new logins to be downloaded and applied.

(This still wouldn't solve the issue if the problem is actually that logins.json was deleted or became corrupt - we could possibly solve that by storing a GUID in logins.json and in sync preferences, and if sync finds them different it also does a reset.)
Status: UNCONFIRMED → NEW
Ever confirmed: true
Flags: needinfo?(markh)
Summary: Firefox Sync gets passwords from server, but fails to store them in the client → Sync never recovers from master password reset (or other failure to decrypt logins) or from a corrupt/missing logins.json
Whiteboard: [sync:passwords]
Priority: -- → P3
Blocks: 1337275

Updated

8 months ago
See Also: → bug 1412332
You need to log in before you can comment on or make changes to this bug.