diff options
author | Christian Grothoff <christian@grothoff.org> | 2020-03-17 17:33:30 +0100 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2020-03-17 17:33:30 +0100 |
commit | c17909d8209e18829102c7de2789909722e1af3b (patch) | |
tree | 3c6d9f942b965c4aed0942307fb546a37e4cfa86 /src/exchange/taler-exchange-httpd.c | |
parent | fb47c680b1380d36812f8b42cd64595e210cef38 (diff) | |
download | exchange-c17909d8209e18829102c7de2789909722e1af3b.tar.gz exchange-c17909d8209e18829102c7de2789909722e1af3b.tar.bz2 exchange-c17909d8209e18829102c7de2789909722e1af3b.zip |
add cmd line option to restrict timetravel, minor code cleanup of keystate logic
Diffstat (limited to 'src/exchange/taler-exchange-httpd.c')
-rw-r--r-- | src/exchange/taler-exchange-httpd.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/src/exchange/taler-exchange-httpd.c b/src/exchange/taler-exchange-httpd.c index 4095d00fa..0754163bf 100644 --- a/src/exchange/taler-exchange-httpd.c +++ b/src/exchange/taler-exchange-httpd.c @@ -83,6 +83,14 @@ char *TEH_exchange_directory; char *TEH_revocation_directory; /** + * Are clients allowed to request /keys for times other than the + * current time? Allowing this could be abused in a DoS-attack + * as building new /keys responses is expensive. Should only be + * enabled for testcases, development and test systems. + */ +int TEH_allow_keys_timetravel; + +/** * The exchange's configuration (global) */ struct GNUNET_CONFIGURATION_Handle *TEH_cfg; @@ -1183,6 +1191,10 @@ main (int argc, char *logfile = NULL; int connection_close = GNUNET_NO; const struct GNUNET_GETOPT_CommandLineOption options[] = { + GNUNET_GETOPT_option_flag ('a', + "allow-timetravel", + "allow clients to request /keys for arbitrary timestamps (for testing and development only)", + &TEH_allow_keys_timetravel), GNUNET_GETOPT_option_flag ('C', "connection-close", "force HTTP connections to be closed after each request", |