Closed
Bug 975214
Opened 11 years ago
Closed 11 years ago
"Disable" Hawk timestamp and nonce checking
Categories
(Cloud Services Graveyard :: Server: Sync, defect)
Cloud Services Graveyard
Server: Sync
Tracking
(Not tracked)
VERIFIED
FIXED
People
(Reporter: rfkelly, Assigned: rfkelly)
Details
(Whiteboard: [qa?])
Attachments
(1 file)
|
3.29 KB,
patch
|
telliott
:
review+
|
Details | Diff | Splinter Review |
(copy of https://github.com/mozilla/fxa-auth-server/issues/578)
This isn't buying us that much and there's reason to believe it's causing failures and retries. Let's put it in "warn" mode for now and measure what's going on:
Set the time window to something large, e.g., 20 years
Disable the nonce replay checks
Log all timestamp deltas so we can build a distribution of these deltas
|
||
Comment 1•11 years ago
|
||
This is relevant to my interests. Please subscribe me to your newsletter.
|
Assignee | |
Comment 2•11 years ago
|
||
This patch creates a PermissiveNonceCache class that will not actually check the timestamps or nonces, just log them if they seem to be too highly skewed.
Attachment #8379456 -
Flags: review?(telliott)
|
||
Updated•11 years ago
|
Whiteboard: [qa?]
|
||
Updated•11 years ago
|
Attachment #8379456 -
Flags: review?(telliott) → review+
|
|
Assignee | |
Comment 3•11 years ago
|
||
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
|
|
||
Comment 4•11 years ago
|
||
Any QA required here or just a code fix verification?
|
|
Assignee | |
Comment 5•11 years ago
|
||
Code fix verification fine here, additional verification discussion in Bug 975001
|
||
Updated•2 years ago
|
Product: Cloud Services → Cloud Services Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•