summaryrefslogtreecommitdiff
path: root/src/exchange/taler-exchange-httpd_deposit.c
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2017-07-20 10:00:42 +0200
committerChristian Grothoff <christian@grothoff.org>2017-07-20 10:00:42 +0200
commit1e8d0eb4623bdc1ec2ee6d4edc406085d4c40a7a (patch)
tree0474bf23c7769acb3413f23d54b6c37894997886 /src/exchange/taler-exchange-httpd_deposit.c
parent6c63b3c41d45e367a2be5ecdfb4ed16155b7bc2a (diff)
downloadexchange-1e8d0eb4623bdc1ec2ee6d4edc406085d4c40a7a.tar.gz
exchange-1e8d0eb4623bdc1ec2ee6d4edc406085d4c40a7a.tar.bz2
exchange-1e8d0eb4623bdc1ec2ee6d4edc406085d4c40a7a.zip
implement #5114
Diffstat (limited to 'src/exchange/taler-exchange-httpd_deposit.c')
-rw-r--r--src/exchange/taler-exchange-httpd_deposit.c33
1 files changed, 33 insertions, 0 deletions
diff --git a/src/exchange/taler-exchange-httpd_deposit.c b/src/exchange/taler-exchange-httpd_deposit.c
index ccbd7754c..0234946d3 100644
--- a/src/exchange/taler-exchange-httpd_deposit.c
+++ b/src/exchange/taler-exchange-httpd_deposit.c
@@ -294,6 +294,30 @@ verify_and_execute_deposit (struct MHD_Connection *connection,
/**
+ * Check that @a ts is reasonably close to our own RTC.
+ *
+ * @param ts timestamp to check
+ * @return #GNUNET_OK if @a ts is reasonable
+ */
+static int
+check_timestamp_current (struct GNUNET_TIME_Absolute ts)
+{
+ struct GNUNET_TIME_Relative r;
+ struct GNUNET_TIME_Relative tolerance;
+
+ /* Let's be VERY generous */
+ tolerance = GNUNET_TIME_UNIT_MONTHS;
+ r = GNUNET_TIME_absolute_get_duration (ts);
+ if (r.rel_value_us > tolerance.rel_value_us)
+ return GNUNET_SYSERR;
+ r = GNUNET_TIME_absolute_get_remaining (ts);
+ if (r.rel_value_us > tolerance.rel_value_us)
+ return GNUNET_SYSERR;
+ return GNUNET_OK;
+}
+
+
+/**
* Handle a "/deposit" request. Parses the JSON, and, if successful,
* passes the JSON data to #verify_and_execute_deposit() to further
* check the details of the operation specified. If everything checks
@@ -381,6 +405,15 @@ TEH_DEPOSIT_handler_deposit (struct TEH_RequestHandler *rh,
return res;
}
if (GNUNET_OK !=
+ check_timestamp_current (deposit.timestamp))
+ {
+ GNUNET_break_op (0);
+ GNUNET_JSON_parse_free (spec);
+ return TEH_RESPONSE_reply_arg_invalid (connection,
+ TALER_EC_DEPOSIT_INVALID_TIMESTAMP,
+ "timestamp");
+ }
+ if (GNUNET_OK !=
TALER_JSON_hash (wire,
&my_h_wire))
{