From 3b19278a24ec6f1062d3c5e38580fe9fb20326cf Mon Sep 17 00:00:00 2001
From: Marc Blank <mblank@google.com>
Date: Sat, 10 Apr 2010 19:43:56 -0700
Subject: [PATCH] Only allow the account mailbox to attempt provisioning

* We were allowing all sync services to attempt provisioning, but this
  could potentially lead to a race condition in which two different
  policy keys are created on the server (this is speculative)
* Change to allow only the account mailbox to attempt provisioning
* Log policy keys when verbose exchange logging is enabled
* We'll see if this solves the referenced bug

Bug: 2569162
Change-Id: I36c60098a4866882a8f9f4c288da54ea378d9aee
---
 src/com/android/exchange/EasSyncService.java | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/src/com/android/exchange/EasSyncService.java b/src/com/android/exchange/EasSyncService.java
index ba346076e..9ddb46f68 100644
--- a/src/com/android/exchange/EasSyncService.java
+++ b/src/com/android/exchange/EasSyncService.java
@@ -1020,6 +1020,9 @@ public class EasSyncService extends AbstractSyncService {
             String key = mAccount.mSecuritySyncKey;
             if (key == null || key.length() == 0) {
                 return;
+            }
+             if (Eas.PARSER_LOG) {
+                userLog("Policy key: " , key);
             }
             method.setHeader("X-MS-PolicyKey", key);
         }
@@ -1385,7 +1388,10 @@ public class EasSyncService extends AbstractSyncService {
                     }
                 } else if (isProvisionError(code)) {
                     // If the sync error is a provisioning failure (perhaps the policies changed),
-                    // let's try the provisining procedure
+                    // let's try the provisioning procedure
+                    // Provisioning must only be attempted for the account mailbox - trying to
+                    // provision any other mailbox may result in race conditions and the creation
+                    // of multiple policy keys.
                     if (!tryProvision()) {
                         // Set the appropriate failure status
                         mExitStatus = EXIT_SECURITY_FAILURE;
@@ -1918,10 +1924,7 @@ public class EasSyncService extends AbstractSyncService {
             } else {
                 userLog("Sync response error: ", code);
                 if (isProvisionError(code)) {
-                    if (!tryProvision()) {
-                        mExitStatus = EXIT_SECURITY_FAILURE;
-                        return;
-                    }
+                    mExitStatus = EXIT_SECURITY_FAILURE;
                 } else if (isAuthError(code)) {
                     mExitStatus = EXIT_LOGIN_FAILURE;
                 } else {