gnunet-svn
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[GNUnet-SVN] [taler-exchange] 02/02: implement #5114

From: gnunet
Subject: [GNUnet-SVN] [taler-exchange] 02/02: implement #5114
Date: Thu, 20 Jul 2017 10:01:30 +0200 
This is an automated email from the git hooks/post-receive script.

grothoff pushed a commit to branch master
in repository exchange.

commit 1e8d0eb4623bdc1ec2ee6d4edc406085d4c40a7a
Author: Christian Grothoff <address@hidden>
AuthorDate: Thu Jul 20 10:00:42 2017 +0200

    implement #5114
---
 src/exchange/taler-exchange-httpd_deposit.c | 33 +++++++++++++++++++++++++++++
 src/include/taler_error_codes.h             |  5 +++++
 2 files changed, 38 insertions(+)

diff --git a/src/exchange/taler-exchange-httpd_deposit.c 
b/src/exchange/taler-exchange-httpd_deposit.c
index ccbd775..0234946 100644
--- a/src/exchange/taler-exchange-httpd_deposit.c
+++ b/src/exchange/taler-exchange-httpd_deposit.c
@@ -294,6 +294,30 @@ verify_and_execute_deposit (struct MHD_Connection 
*connection,
 
 
 /**
+ * Check that @a ts is reasonably close to our own RTC.
+ *
+ * @param ts timestamp to check
+ * @return #GNUNET_OK if @a ts is reasonable
+ */
+static int
+check_timestamp_current (struct GNUNET_TIME_Absolute ts)
+{
+  struct GNUNET_TIME_Relative r;
+  struct GNUNET_TIME_Relative tolerance;
+
+  /* Let's be VERY generous */
+  tolerance = GNUNET_TIME_UNIT_MONTHS;
+  r = GNUNET_TIME_absolute_get_duration (ts);
+  if (r.rel_value_us > tolerance.rel_value_us)
+    return GNUNET_SYSERR;
+  r = GNUNET_TIME_absolute_get_remaining (ts);
+  if (r.rel_value_us > tolerance.rel_value_us)
+    return GNUNET_SYSERR;
+  return GNUNET_OK;
+}
+
+
+/**
  * Handle a "/deposit" request.  Parses the JSON, and, if successful,
  * passes the JSON data to #verify_and_execute_deposit() to further
  * check the details of the operation specified.  If everything checks
@@ -381,6 +405,15 @@ TEH_DEPOSIT_handler_deposit (struct TEH_RequestHandler *rh,
     return res;
   }
   if (GNUNET_OK !=
+      check_timestamp_current (deposit.timestamp))
+  {
+    GNUNET_break_op (0);
+    GNUNET_JSON_parse_free (spec);
+    return TEH_RESPONSE_reply_arg_invalid (connection,
+                                          TALER_EC_DEPOSIT_INVALID_TIMESTAMP,
+                                           "timestamp");
+  }
+  if (GNUNET_OK !=
       TALER_JSON_hash (wire,
                        &my_h_wire))
   {
diff --git a/src/include/taler_error_codes.h b/src/include/taler_error_codes.h
index 907be84..d1727c7 100644
--- a/src/include/taler_error_codes.h
+++ b/src/include/taler_error_codes.h
@@ -407,6 +407,11 @@ enum TALER_ErrorCode
    */
   TALER_EC_DEPOSIT_INVALID_WIRE_FORMAT_TYPE_UNSUPPORTED = 1217,
 
+  /**
+   * Timestamp included in deposit permission is intolerably far off
+   * with respect to the clock of the exchange.
+   */
+  TALER_EC_DEPOSIT_INVALID_TIMESTAMP = 1218,
 
   /**
    * The respective coin did not have sufficient residual value

-- 
To stop receiving notification emails like this one, please contact
address@hidden
reply via email to
[Prev in Thread] Current Thread [Next in Thread]