diff options
Diffstat (limited to 'src/auditor/taler-auditor.c')
-rw-r--r-- | src/auditor/taler-auditor.c | 131 |
1 files changed, 102 insertions, 29 deletions
diff --git a/src/auditor/taler-auditor.c b/src/auditor/taler-auditor.c index 9d4dff83f..6ab9bb344 100644 --- a/src/auditor/taler-auditor.c +++ b/src/auditor/taler-auditor.c | |||
@@ -269,9 +269,24 @@ static json_int_t number_missed_deposit_confirmations; | |||
269 | static struct TALER_Amount total_missed_deposit_confirmations; | 269 | static struct TALER_Amount total_missed_deposit_confirmations; |
270 | 270 | ||
271 | /** | 271 | /** |
272 | * Total amount reported in all calls to #report_emergency_by_count(). | ||
273 | */ | ||
274 | static struct TALER_Amount reported_emergency_risk_by_count; | ||
275 | |||
276 | /** | ||
272 | * Total amount reported in all calls to #report_emergency(). | 277 | * Total amount reported in all calls to #report_emergency(). |
273 | */ | 278 | */ |
274 | static struct TALER_Amount reported_emergency_sum; | 279 | static struct TALER_Amount reported_emergency_risk_by_amount; |
280 | |||
281 | /** | ||
282 | * Total amount in losses reported in all calls to #report_emergency(). | ||
283 | */ | ||
284 | static struct TALER_Amount reported_emergency_loss; | ||
285 | |||
286 | /** | ||
287 | * Total amount in losses reported in all calls to #report_emergency_by_count(). | ||
288 | */ | ||
289 | static struct TALER_Amount reported_emergency_loss_by_count; | ||
275 | 290 | ||
276 | /** | 291 | /** |
277 | * Expected balance in the escrow account. | 292 | * Expected balance in the escrow account. |
@@ -419,9 +434,13 @@ report_emergency_by_amount (const struct | |||
419 | "value", | 434 | "value", |
420 | TALER_JSON_from_amount_nbo (&dki->properties.value))); | 435 | TALER_JSON_from_amount_nbo (&dki->properties.value))); |
421 | GNUNET_assert (GNUNET_OK == | 436 | GNUNET_assert (GNUNET_OK == |
422 | TALER_amount_add (&reported_emergency_sum, | 437 | TALER_amount_add (&reported_emergency_risk_by_amount, |
423 | &reported_emergency_sum, | 438 | &reported_emergency_risk_by_amount, |
424 | risk)); | 439 | risk)); |
440 | GNUNET_assert (GNUNET_OK == | ||
441 | TALER_amount_add (&reported_emergency_loss, | ||
442 | &reported_emergency_loss, | ||
443 | loss)); | ||
425 | } | 444 | } |
426 | 445 | ||
427 | 446 | ||
@@ -446,6 +465,8 @@ report_emergency_by_count (const struct | |||
446 | uint64_t num_known, | 465 | uint64_t num_known, |
447 | const struct TALER_Amount *risk) | 466 | const struct TALER_Amount *risk) |
448 | { | 467 | { |
468 | struct TALER_Amount denom_value; | ||
469 | |||
449 | report (report_emergencies_by_count, | 470 | report (report_emergencies_by_count, |
450 | json_pack ("{s:o, s:I, s:I, s:o, s:o, s:o, s:o}", | 471 | json_pack ("{s:o, s:I, s:I, s:o, s:o, s:o, s:o}", |
451 | "denompub_hash", | 472 | "denompub_hash", |
@@ -463,9 +484,17 @@ report_emergency_by_count (const struct | |||
463 | "value", | 484 | "value", |
464 | TALER_JSON_from_amount_nbo (&dki->properties.value))); | 485 | TALER_JSON_from_amount_nbo (&dki->properties.value))); |
465 | GNUNET_assert (GNUNET_OK == | 486 | GNUNET_assert (GNUNET_OK == |
466 | TALER_amount_add (&reported_emergency_sum, | 487 | TALER_amount_add (&reported_emergency_risk_by_count, |
467 | &reported_emergency_sum, | 488 | &reported_emergency_risk_by_count, |
468 | risk)); | 489 | risk)); |
490 | TALER_amount_ntoh (&denom_value, | ||
491 | &dki->properties.value); | ||
492 | for (uint64_t i = num_issued; i<num_known; i++) | ||
493 | GNUNET_assert (GNUNET_OK == | ||
494 | TALER_amount_add (&reported_emergency_loss_by_count, | ||
495 | &reported_emergency_loss_by_count, | ||
496 | &denom_value)); | ||
497 | |||
469 | } | 498 | } |
470 | 499 | ||
471 | 500 | ||
@@ -1650,7 +1679,7 @@ verify_reserve_balance (void *cls, | |||
1650 | ret = GNUNET_SYSERR; | 1679 | ret = GNUNET_SYSERR; |
1651 | rc->qs = qs; | 1680 | rc->qs = qs; |
1652 | } | 1681 | } |
1653 | cleanup: | 1682 | cleanup: |
1654 | GNUNET_assert (GNUNET_YES == | 1683 | GNUNET_assert (GNUNET_YES == |
1655 | GNUNET_CONTAINER_multihashmap_remove (rc->reserves, | 1684 | GNUNET_CONTAINER_multihashmap_remove (rc->reserves, |
1656 | key, | 1685 | key, |
@@ -3859,16 +3888,28 @@ refresh_session_cb (void *cls, | |||
3859 | { | 3888 | { |
3860 | dso->denom_balance = tmp; | 3889 | dso->denom_balance = tmp; |
3861 | } | 3890 | } |
3862 | if (GNUNET_SYSERR == | 3891 | if (-1 == TALER_amount_cmp (&total_escrow_balance, |
3863 | TALER_amount_subtract (&total_escrow_balance, | 3892 | amount_with_fee)) |
3864 | &total_escrow_balance, | ||
3865 | amount_with_fee)) | ||
3866 | { | 3893 | { |
3867 | /* This should not be possible, unless the AUDITOR | 3894 | /* This can theoretically happen if for example the exchange |
3868 | has a bug in tracking total balance. */ | 3895 | never issued any coins (i.e. escrow balance is zero), but |
3869 | GNUNET_break (0); | 3896 | accepted a forged coin (i.e. emergency situation after |
3870 | cc->qs = GNUNET_DB_STATUS_HARD_ERROR; | 3897 | private key compromise). In that case, we cannot even |
3871 | return GNUNET_SYSERR; | 3898 | subtract the profit we make from the fee from the escrow |
3899 | balance. Tested as part of test-auditor.sh, case #18 */ | ||
3900 | report_amount_arithmetic_inconsistency ( | ||
3901 | "subtracting refresh fee from escrow balance", | ||
3902 | rowid, | ||
3903 | &total_escrow_balance, | ||
3904 | amount_with_fee, | ||
3905 | 0); | ||
3906 | } | ||
3907 | else | ||
3908 | { | ||
3909 | GNUNET_assert (GNUNET_SYSERR != | ||
3910 | TALER_amount_subtract (&total_escrow_balance, | ||
3911 | &total_escrow_balance, | ||
3912 | amount_with_fee)); | ||
3872 | } | 3913 | } |
3873 | 3914 | ||
3874 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 3915 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
@@ -4030,16 +4071,29 @@ deposit_cb (void *cls, | |||
4030 | { | 4071 | { |
4031 | ds->denom_balance = tmp; | 4072 | ds->denom_balance = tmp; |
4032 | } | 4073 | } |
4033 | if (GNUNET_SYSERR == | 4074 | |
4034 | TALER_amount_subtract (&total_escrow_balance, | 4075 | if (-1 == TALER_amount_cmp (&total_escrow_balance, |
4035 | &total_escrow_balance, | 4076 | amount_with_fee)) |
4036 | amount_with_fee)) | ||
4037 | { | 4077 | { |
4038 | /* This should not be possible, unless the AUDITOR | 4078 | /* This can theoretically happen if for example the exchange |
4039 | has a bug in tracking total balance. */ | 4079 | never issued any coins (i.e. escrow balance is zero), but |
4040 | GNUNET_break (0); | 4080 | accepted a forged coin (i.e. emergency situation after |
4041 | cc->qs = GNUNET_DB_STATUS_HARD_ERROR; | 4081 | private key compromise). In that case, we cannot even |
4042 | return GNUNET_SYSERR; | 4082 | subtract the profit we make from the fee from the escrow |
4083 | balance. Tested as part of test-auditor.sh, case #18 */ | ||
4084 | report_amount_arithmetic_inconsistency ( | ||
4085 | "subtracting deposit fee from escrow balance", | ||
4086 | rowid, | ||
4087 | &total_escrow_balance, | ||
4088 | amount_with_fee, | ||
4089 | 0); | ||
4090 | } | ||
4091 | else | ||
4092 | { | ||
4093 | GNUNET_assert (GNUNET_SYSERR != | ||
4094 | TALER_amount_subtract (&total_escrow_balance, | ||
4095 | &total_escrow_balance, | ||
4096 | amount_with_fee)); | ||
4043 | } | 4097 | } |
4044 | 4098 | ||
4045 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 4099 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
@@ -5094,7 +5148,16 @@ run (void *cls, | |||
5094 | "Starting audit\n"); | 5148 | "Starting audit\n"); |
5095 | GNUNET_assert (GNUNET_OK == | 5149 | GNUNET_assert (GNUNET_OK == |
5096 | TALER_amount_get_zero (currency, | 5150 | TALER_amount_get_zero (currency, |
5097 | &reported_emergency_sum)); | 5151 | &reported_emergency_loss)); |
5152 | GNUNET_assert (GNUNET_OK == | ||
5153 | TALER_amount_get_zero (currency, | ||
5154 | &reported_emergency_risk_by_amount)); | ||
5155 | GNUNET_assert (GNUNET_OK == | ||
5156 | TALER_amount_get_zero (currency, | ||
5157 | &reported_emergency_risk_by_count)); | ||
5158 | GNUNET_assert (GNUNET_OK == | ||
5159 | TALER_amount_get_zero (currency, | ||
5160 | &reported_emergency_loss_by_count)); | ||
5098 | GNUNET_assert (GNUNET_OK == | 5161 | GNUNET_assert (GNUNET_OK == |
5099 | TALER_amount_get_zero (currency, | 5162 | TALER_amount_get_zero (currency, |
5100 | &total_escrow_balance)); | 5163 | &total_escrow_balance)); |
@@ -5213,7 +5276,8 @@ run (void *cls, | |||
5213 | " s:o, s:o, s:o, s:o, s:o," | 5276 | " s:o, s:o, s:o, s:o, s:o," |
5214 | " s:o, s:o, s:o, s:o, s:o," | 5277 | " s:o, s:o, s:o, s:o, s:o," |
5215 | " s:o, s:o, s:o, s:o, s:I," | 5278 | " s:o, s:o, s:o, s:o, s:I," |
5216 | " s:o, s:o, s:o }", | 5279 | " s:o, s:o, s:o, s:o, s:o," |
5280 | " s:o }", | ||
5217 | /* blocks of 5 for easier counting/matching to format string */ | 5281 | /* blocks of 5 for easier counting/matching to format string */ |
5218 | /* block */ | 5282 | /* block */ |
5219 | "reserve_balance_insufficient_inconsistencies", | 5283 | "reserve_balance_insufficient_inconsistencies", |
@@ -5248,8 +5312,9 @@ run (void *cls, | |||
5248 | TALER_JSON_from_amount (&income_fee_total), | 5312 | TALER_JSON_from_amount (&income_fee_total), |
5249 | "emergencies", | 5313 | "emergencies", |
5250 | report_emergencies, | 5314 | report_emergencies, |
5251 | "emergencies_risk_total", | 5315 | "emergencies_risk_by_amount", |
5252 | TALER_JSON_from_amount (&reported_emergency_sum), | 5316 | TALER_JSON_from_amount ( |
5317 | &reported_emergency_risk_by_amount), | ||
5253 | "reserve_not_closed_inconsistencies", | 5318 | "reserve_not_closed_inconsistencies", |
5254 | report_reserve_not_closed_inconsistencies, | 5319 | report_reserve_not_closed_inconsistencies, |
5255 | /* block */ | 5320 | /* block */ |
@@ -5309,7 +5374,15 @@ run (void *cls, | |||
5309 | "total_payback_loss", | 5374 | "total_payback_loss", |
5310 | TALER_JSON_from_amount (&total_payback_loss), | 5375 | TALER_JSON_from_amount (&total_payback_loss), |
5311 | "emergencies_by_count", | 5376 | "emergencies_by_count", |
5312 | report_emergencies_by_count | 5377 | report_emergencies_by_count, |
5378 | "emergencies_risk_by_count", | ||
5379 | TALER_JSON_from_amount ( | ||
5380 | &reported_emergency_risk_by_count), | ||
5381 | "emergencies_loss", | ||
5382 | TALER_JSON_from_amount (&reported_emergency_loss), | ||
5383 | /* block */ | ||
5384 | "emergencies_loss_by_count", | ||
5385 | TALER_JSON_from_amount (&reported_emergency_loss_by_count) | ||
5313 | ); | 5386 | ); |
5314 | GNUNET_break (NULL != report); | 5387 | GNUNET_break (NULL != report); |
5315 | json_dumpf (report, | 5388 | json_dumpf (report, |