summaryrefslogtreecommitdiff
path: root/src/auditor
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2021-01-07 21:25:52 +0100
committerChristian Grothoff <christian@grothoff.org>2021-01-07 21:25:52 +0100
commit6ccda0b02e143a179e2c62c2cce5b0f53dcf5022 (patch)
treeeb67b7d48d1a913de6a4c7aedecee91d15612791 /src/auditor
parent9d5a3ef6597a6a4d44a1737b9234011bc94328db (diff)
downloadexchange-6ccda0b02e143a179e2c62c2cce5b0f53dcf5022.tar.gz
exchange-6ccda0b02e143a179e2c62c2cce5b0f53dcf5022.tar.bz2
exchange-6ccda0b02e143a179e2c62c2cce5b0f53dcf5022.zip
make reserve balance check used in internal_auditor mode only
Diffstat (limited to 'src/auditor')
-rw-r--r--src/auditor/taler-helper-auditor-reserves.c129
-rwxr-xr-xsrc/auditor/test-auditor.sh8
2 files changed, 72 insertions, 65 deletions
diff --git a/src/auditor/taler-helper-auditor-reserves.c b/src/auditor/taler-helper-auditor-reserves.c
index 8e53214f..87b555e0 100644
--- a/src/auditor/taler-helper-auditor-reserves.c
+++ b/src/auditor/taler-helper-auditor-reserves.c
@@ -1026,7 +1026,6 @@ verify_reserve_balance (void *cls,
{
struct ReserveContext *rc = cls;
struct ReserveSummary *rs = value;
- struct TALER_EXCHANGEDB_Reserve reserve;
struct TALER_Amount balance;
struct TALER_Amount nbalance;
enum GNUNET_DB_QueryStatus qs;
@@ -1063,73 +1062,81 @@ verify_reserve_balance (void *cls,
&nbalance));
}
- /* Now check OUR balance calculation vs. the one the exchange has
- in its database */
- reserve.pub = rs->reserve_pub;
- qs = TALER_ARL_edb->reserves_get (TALER_ARL_edb->cls,
- TALER_ARL_esession,
- &reserve);
- if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT != qs)
+ if (internal_checks)
{
- /* If the exchange doesn't have this reserve in the summary, it
- is like the exchange 'lost' that amount from its records,
- making an illegitimate gain over the amount it dropped.
- We don't add the amount to some total simply because it is
- not an actualized gain and could be trivially corrected by
- restoring the summary. *///
- TALER_ARL_report (report_reserve_balance_insufficient_inconsistencies,
- json_pack ("{s:o, s:o}",
- "reserve_pub",
- GNUNET_JSON_from_data_auto (&rs->reserve_pub),
- "gain",
- TALER_JSON_from_amount (&nbalance)));
- if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs)
- {
- GNUNET_break (0);
- qs = GNUNET_DB_STATUS_HARD_ERROR;
- }
- rc->qs = qs;
- }
- else
- {
- /* Check that exchange's balance matches our expected balance for the reserve */
- if (0 != TALER_amount_cmp (&nbalance,
- &reserve.balance))
+ /* Now check OUR balance calculation vs. the one the exchange has
+ in its database. This can only be done when we are doing an
+ internal audit, as otherwise the balance of the 'reserves' table
+ is not replicated at the auditor. */
+ struct TALER_EXCHANGEDB_Reserve reserve;
+
+ reserve.pub = rs->reserve_pub;
+ qs = TALER_ARL_edb->reserves_get (TALER_ARL_edb->cls,
+ TALER_ARL_esession,
+ &reserve);
+ if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT != qs)
{
- struct TALER_Amount delta;
-
- if (0 < TALER_amount_cmp (&nbalance,
- &reserve.balance))
- {
- /* balance > reserve.balance */
- TALER_ARL_amount_subtract (&delta,
- &nbalance,
- &reserve.balance);
- TALER_ARL_amount_add (&total_balance_summary_delta_plus,
- &total_balance_summary_delta_plus,
- &delta);
- }
- else
- {
- /* balance < reserve.balance */
- TALER_ARL_amount_subtract (&delta,
- &reserve.balance,
- &nbalance);
- TALER_ARL_amount_add (&total_balance_summary_delta_minus,
- &total_balance_summary_delta_minus,
- &delta);
- }
- TALER_ARL_report (report_reserve_balance_summary_wrong_inconsistencies,
- json_pack ("{s:o, s:o, s:o}",
+ /* If the exchange doesn't have this reserve in the summary, it
+ is like the exchange 'lost' that amount from its records,
+ making an illegitimate gain over the amount it dropped.
+ We don't add the amount to some total simply because it is
+ not an actualized gain and could be trivially corrected by
+ restoring the summary. *///
+ TALER_ARL_report (report_reserve_balance_insufficient_inconsistencies,
+ json_pack ("{s:o, s:o}",
"reserve_pub",
GNUNET_JSON_from_data_auto (
&rs->reserve_pub),
- "exchange",
- TALER_JSON_from_amount (&reserve.balance),
- "auditor",
+ "gain",
TALER_JSON_from_amount (&nbalance)));
+ if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs)
+ {
+ GNUNET_break (0);
+ qs = GNUNET_DB_STATUS_HARD_ERROR;
+ }
+ rc->qs = qs;
}
- }
+ else
+ {
+ /* Check that exchange's balance matches our expected balance for the reserve */
+ if (0 != TALER_amount_cmp (&nbalance,
+ &reserve.balance))
+ {
+ struct TALER_Amount delta;
+
+ if (0 < TALER_amount_cmp (&nbalance,
+ &reserve.balance))
+ {
+ /* balance > reserve.balance */
+ TALER_ARL_amount_subtract (&delta,
+ &nbalance,
+ &reserve.balance);
+ TALER_ARL_amount_add (&total_balance_summary_delta_plus,
+ &total_balance_summary_delta_plus,
+ &delta);
+ }
+ else
+ {
+ /* balance < reserve.balance */
+ TALER_ARL_amount_subtract (&delta,
+ &reserve.balance,
+ &nbalance);
+ TALER_ARL_amount_add (&total_balance_summary_delta_minus,
+ &total_balance_summary_delta_minus,
+ &delta);
+ }
+ TALER_ARL_report (report_reserve_balance_summary_wrong_inconsistencies,
+ json_pack ("{s:o, s:o, s:o}",
+ "reserve_pub",
+ GNUNET_JSON_from_data_auto (
+ &rs->reserve_pub),
+ "exchange",
+ TALER_JSON_from_amount (&reserve.balance),
+ "auditor",
+ TALER_JSON_from_amount (&nbalance)));
+ }
+ }
+ } /* end of 'if (internal_checks)' */
/* Check that reserve is being closed if it is past its expiration date
(and the closing fee would not exceed the remaining balance) */
diff --git a/src/auditor/test-auditor.sh b/src/auditor/test-auditor.sh
index 0c9ef472..ae0c3cba 100755
--- a/src/auditor/test-auditor.sh
+++ b/src/auditor/test-auditor.sh
@@ -104,13 +104,13 @@ function audit_only () {
echo -n "."
$VALGRIND taler-helper-auditor-deposits -L DEBUG -c $CONF -m $MASTER_PUB > test-audit-deposits-inc.json 2> test-audit-deposits-inc.log || exit_fail "incremental deposits audit failed"
echo -n "."
- $VALGRIND taler-helper-auditor-reserves -L DEBUG -c $CONF -m $MASTER_PUB > test-audit-reserves.json 2> test-audit-reserves.log || exit_fail "reserves audit failed"
+ $VALGRIND taler-helper-auditor-reserves -i -L DEBUG -c $CONF -m $MASTER_PUB > test-audit-reserves.json 2> test-audit-reserves.log || exit_fail "reserves audit failed"
echo -n "."
- $VALGRIND taler-helper-auditor-reserves -L DEBUG -c $CONF -m $MASTER_PUB > test-audit-reserves-inc.json 2> test-audit-reserves-inc.log || exit_fail "incremental reserves audit failed"
+ $VALGRIND taler-helper-auditor-reserves -i -L DEBUG -c $CONF -m $MASTER_PUB > test-audit-reserves-inc.json 2> test-audit-reserves-inc.log || exit_fail "incremental reserves audit failed"
echo -n "."
- $VALGRIND taler-helper-auditor-wire -L DEBUG -c $CONF -m $MASTER_PUB > test-audit-wire.json 2> test-wire-audit.log || exit_fail "wire audit failed"
+ $VALGRIND taler-helper-auditor-wire -i -L DEBUG -c $CONF -m $MASTER_PUB > test-audit-wire.json 2> test-wire-audit.log || exit_fail "wire audit failed"
echo -n "."
- $VALGRIND taler-helper-auditor-wire -L DEBUG -c $CONF -m $MASTER_PUB > test-audit-wire-inc.json 2> test-wire-audit-inc.log || exit_fail "wire audit failed"
+ $VALGRIND taler-helper-auditor-wire -i -L DEBUG -c $CONF -m $MASTER_PUB > test-audit-wire-inc.json 2> test-wire-audit-inc.log || exit_fail "wire audit failed"
echo -n "."
echo " DONE"