aboutsummaryrefslogtreecommitdiff
path: root/src/backend/anastasis-httpd_truth.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/backend/anastasis-httpd_truth.c')
-rw-r--r--src/backend/anastasis-httpd_truth.c41
1 files changed, 26 insertions, 15 deletions
diff --git a/src/backend/anastasis-httpd_truth.c b/src/backend/anastasis-httpd_truth.c
index 6c05ef8..54969bf 100644
--- a/src/backend/anastasis-httpd_truth.c
+++ b/src/backend/anastasis-httpd_truth.c
@@ -237,6 +237,27 @@ static struct GNUNET_SCHEDULER_Task *to_task;
237 237
238 238
239/** 239/**
240 * Generate a response telling the client that answering this
241 * challenge failed because the rate limit has been exceeded.
242 *
243 * @param gc request to answer for
244 * @return MHD status code
245 */
246static MHD_RESULT
247reply_rate_limited (const struct GetContext *gc)
248{
249 return TALER_MHD_REPLY_JSON_PACK (
250 gc->connection,
251 MHD_HTTP_TOO_MANY_REQUESTS,
252 TALER_MHD_PACK_EC (TALER_EC_ANASTASIS_TRUTH_RATE_LIMITED),
253 GNUNET_JSON_pack_uint64 ("request_limit",
254 gc->authorization->retry_counter),
255 GNUNET_JSON_pack_time_rel ("request_frequency",
256 gc->authorization->code_rotation_period));
257}
258
259
260/**
240 * Timeout requests that are past their due date. 261 * Timeout requests that are past their due date.
241 * 262 *
242 * @param cls NULL 263 * @param cls NULL
@@ -991,9 +1012,8 @@ run_authorization_process (struct MHD_Connection *connection,
991 1012
992 1013
993/** 1014/**
994 * Use the database to rate-limit queries to the 1015 * Use the database to rate-limit queries to the authentication
995 * authentication procedure, but without actually 1016 * procedure, but without actually storing 'real' challenge codes.
996 * storing 'real' challenge codes.
997 * 1017 *
998 * @param[in,out] gc context to rate limit requests for 1018 * @param[in,out] gc context to rate limit requests for
999 * @return #GNUNET_OK if rate-limiting passes, 1019 * @return #GNUNET_OK if rate-limiting passes,
@@ -1034,10 +1054,7 @@ rate_limit (struct GetContext *gc)
1034 if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs) 1054 if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs)
1035 { 1055 {
1036 return (MHD_YES == 1056 return (MHD_YES ==
1037 TALER_MHD_reply_with_error (gc->connection, 1057 reply_rate_limited (gc))
1038 MHD_HTTP_TOO_MANY_REQUESTS,
1039 TALER_EC_ANASTASIS_TRUTH_RATE_LIMITED,
1040 NULL))
1041 ? GNUNET_NO 1058 ? GNUNET_NO
1042 : GNUNET_SYSERR; 1059 : GNUNET_SYSERR;
1043 } 1060 }
@@ -1066,10 +1083,7 @@ rate_limit (struct GetContext *gc)
1066 : GNUNET_SYSERR; 1083 : GNUNET_SYSERR;
1067 case ANASTASIS_DB_CODE_STATUS_NO_RESULTS: 1084 case ANASTASIS_DB_CODE_STATUS_NO_RESULTS:
1068 return (MHD_YES == 1085 return (MHD_YES ==
1069 TALER_MHD_reply_with_error (gc->connection, 1086 reply_rate_limited (gc))
1070 MHD_HTTP_TOO_MANY_REQUESTS,
1071 TALER_EC_ANASTASIS_TRUTH_RATE_LIMITED,
1072 NULL))
1073 ? GNUNET_NO 1087 ? GNUNET_NO
1074 : GNUNET_SYSERR; 1088 : GNUNET_SYSERR;
1075 case ANASTASIS_DB_CODE_STATUS_VALID_CODE_STORED: 1089 case ANASTASIS_DB_CODE_STATUS_VALID_CODE_STORED:
@@ -1640,10 +1654,7 @@ AH_handler_truth_get (
1640 case GNUNET_DB_STATUS_SUCCESS_NO_RESULTS: 1654 case GNUNET_DB_STATUS_SUCCESS_NO_RESULTS:
1641 /* 0 == retry_counter of existing challenge => rate limit exceeded */ 1655 /* 0 == retry_counter of existing challenge => rate limit exceeded */
1642 GNUNET_free (decrypted_truth); 1656 GNUNET_free (decrypted_truth);
1643 return TALER_MHD_reply_with_error (connection, 1657 return reply_rate_limited (gc);
1644 MHD_HTTP_TOO_MANY_REQUESTS,
1645 TALER_EC_ANASTASIS_TRUTH_RATE_LIMITED,
1646 NULL);
1647 case GNUNET_DB_STATUS_SUCCESS_ONE_RESULT: 1658 case GNUNET_DB_STATUS_SUCCESS_ONE_RESULT:
1648 /* challenge code was stored successfully*/ 1659 /* challenge code was stored successfully*/
1649 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 1660 GNUNET_log (GNUNET_ERROR_TYPE_INFO,