Closed Bug 1888293 Opened 1 year ago Closed 6 months ago

Connection to agent is not re-established if agent is restarted or started after Nightly

Categories

(Firefox :: Data Loss Prevention, enhancement)

Product:
Firefox
Component:
Data Loss Prevention
Type:
enhancement

Tracking

()

Status:
VERIFIED FIXED
Milestone:
137 Branch
Tracking Flags:
Tracking Status
firefox137 --- verified

People

(Reporter: haik, Assigned: gstoll)

References

(Blocks 1 open bug)

Details

Attachments

(3 files, 1 obsolete file)

Bug 1888293 part 1 - make connecting to agent threadsafe, add helper CallClientWithRetry() method r=#dlp-reviewers!
48 bytes, text/x-phabricator-request
Details | Review
Bug 1888293 part 2 - make anything that uses the client go through CallClientWithRetry() r=#dlp-reviewers!
48 bytes, text/x-phabricator-request
Details | Review
Bug 1888293 part 3 - add gtests for reconnecting to DLP agent r=#dlp-reviewers!
48 bytes, text/x-phabricator-request
Details | Review

If the DLP agent is started after Nightly starts, the connection is not established. This includes if the agent was running when Nightly launched and is then restarted.

The severity field is not set for this bug.
:handyman, could you have a look please?

For more information, please visit BugBot documentation.

Flags: needinfo?(davidp99)
Assignee: nobody → gstoll
Status: NEW → ASSIGNED

This seems fine but I thought the plan for this was to do nothing? The user would get DLP blocks for everything, along with a message about the agent connection having failed, until the browser was restarted.

Severity: -- → S4
Type: defect → enhancement
Flags: needinfo?(davidp99)
Assignee: gstoll → nobody
Status: ASSIGNED → NEW
Blocks: 1882607

This method is used in part 2 to avoid recreating a MozPromise that
hasn't been resolved or rejected.
This change also includes some linting.

Assignee: nobody → gstoll
Status: NEW → ASSIGNED

The CallClientWithRetry() method encapsulates the logic for attempting
to reconnect to the client if either:

  • the mCaClientPromise was rejected, so last time we failed to connect
    to the client
  • the mCaClientPromise was resolved, but calling the client returns an
    error, indicating that in the meantime the DLP agent has been terminated
    (and possibly started again)

After this change the only uses of mCaClientPromise should be in creating
the client or in CallClientWithRetry(), so everything that uses the client
will go through the retry logic if the client is not connected.

I also added a few tests for GetDiagnosticInfo().

Attachment #9466274 - Attachment description: Bug 1888293 part 2 - make connecting to agent threadsafe, add helper CallClientWithRetry() method r=#dlp-reviewers! → Bug 1888293 part 1 - make connecting to agent threadsafe, add helper CallClientWithRetry() method r=#dlp-reviewers!
Attachment #9466275 - Attachment description: Bug 1888293 part 3 - make anything that uses the client go through CallClientWithRetry() r=#dlp-reviewers! → Bug 1888293 part 2 - make anything that uses the client go through CallClientWithRetry() r=#dlp-reviewers!
Attachment #9466276 - Attachment description: Bug 1888293 part 4 - add gtests for reconnecting to DLP agent r=#dlp-reviewers! → Bug 1888293 part 3 - add gtests for reconnecting to DLP agent r=#dlp-reviewers!
Attachment #9466273 - Attachment is obsolete: true
Pushed by gstoll@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/1e50a6eb0b4b part 1 - make connecting to agent threadsafe, add helper CallClientWithRetry() method r=dlp-reviewers,handyman https://hg.mozilla.org/integration/autoland/rev/7f757483382e part 2 - make anything that uses the client go through CallClientWithRetry() r=dlp-reviewers,handyman https://hg.mozilla.org/integration/autoland/rev/9550881f6afa part 3 - add gtests for reconnecting to DLP agent r=dlp-reviewers,handyman

https://hg.mozilla.org/mozilla-central/rev/1e50a6eb0b4b
https://hg.mozilla.org/mozilla-central/rev/7f757483382e
https://hg.mozilla.org/mozilla-central/rev/9550881f6afa

Status: ASSIGNED → RESOLVED
Closed: 6 months ago
status-firefox137: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 137 Branch

Hello! We have verified that the DLP Agent connection can be established with Firefox 137.0a1 (2025-02-20) on Windows 10x64 in the following scenarios:

  • start Firefox, then start the DLP agent - test case C2749248
  • stop the DLP Agent while Firefox is running then restart the DLP agent - test case C2929598
    Note that the Browser connected log output is displayed in CMD only after performing clipboard paste/ drag and drop action or printing if the agent is started/ restarted while Firefox is running.

Please let us know if the verification and test cases are correct or if anything else should be added here. Thank you!

Flags: needinfo?(gstoll)

Great, thanks!

Those tests look good. I would recommend adding a step in both test cases to go to about:support and verify that the "Content Analysis (DLP)" section is correct, specifically:

  • "Active" should be true as long as the policy is set up correctly, even if the agent isn't running
  • "Connected to Agent" is true if the last time a DLP request was made it was successfully sent to the agent. (so if the agent is terminated, then a request is made from Firefox that fails, then the agent is restarted, it is OK if this value is false before another request is done)
  • "Agent Path" should be the path on disk of the agent, if it is connected

It would be nice to do this:

  • in C2749248 between steps 1 and 2 (before the new agent is started) and after step 3
  • in C2929598 between steps 3 and 4 (after the "unable to connect to the DLP agent" message) and after step 5.
Flags: needinfo?(gstoll)

(oh, and the "Browser connected" message not showing up until a request is sent to the agent is expected - we only try to reestablish the connection when we need to send a request, thanks!)

Thank you, Greg! I have updated the test cases and verified that everything works as expected on Windows10 x64 with 137.0a1 (2025-02-23).

Status: RESOLVED → VERIFIED
status-firefox137: fixedverified
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: