From 6ccda0b02e143a179e2c62c2cce5b0f53dcf5022 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Thu, 7 Jan 2021 21:25:52 +0100 Subject: make reserve balance check used in internal_auditor mode only --- src/auditor/taler-helper-auditor-reserves.c | 129 +++++++++++++++------------- src/auditor/test-auditor.sh | 8 +- 2 files changed, 72 insertions(+), 65 deletions(-) (limited to 'src/auditor') diff --git a/src/auditor/taler-helper-auditor-reserves.c b/src/auditor/taler-helper-auditor-reserves.c index 8e53214ff..87b555e05 100644 --- a/src/auditor/taler-helper-auditor-reserves.c +++ b/src/auditor/taler-helper-auditor-reserves.c @@ -1026,7 +1026,6 @@ verify_reserve_balance (void *cls, { struct ReserveContext *rc = cls; struct ReserveSummary *rs = value; - struct TALER_EXCHANGEDB_Reserve reserve; struct TALER_Amount balance; struct TALER_Amount nbalance; enum GNUNET_DB_QueryStatus qs; @@ -1063,73 +1062,81 @@ verify_reserve_balance (void *cls, &nbalance)); } - /* Now check OUR balance calculation vs. the one the exchange has - in its database */ - reserve.pub = rs->reserve_pub; - qs = TALER_ARL_edb->reserves_get (TALER_ARL_edb->cls, - TALER_ARL_esession, - &reserve); - if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT != qs) + if (internal_checks) { - /* If the exchange doesn't have this reserve in the summary, it - is like the exchange 'lost' that amount from its records, - making an illegitimate gain over the amount it dropped. - We don't add the amount to some total simply because it is - not an actualized gain and could be trivially corrected by - restoring the summary. */// - TALER_ARL_report (report_reserve_balance_insufficient_inconsistencies, - json_pack ("{s:o, s:o}", - "reserve_pub", - GNUNET_JSON_from_data_auto (&rs->reserve_pub), - "gain", - TALER_JSON_from_amount (&nbalance))); - if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs) - { - GNUNET_break (0); - qs = GNUNET_DB_STATUS_HARD_ERROR; - } - rc->qs = qs; - } - else - { - /* Check that exchange's balance matches our expected balance for the reserve */ - if (0 != TALER_amount_cmp (&nbalance, - &reserve.balance)) + /* Now check OUR balance calculation vs. the one the exchange has + in its database. This can only be done when we are doing an + internal audit, as otherwise the balance of the 'reserves' table + is not replicated at the auditor. */ + struct TALER_EXCHANGEDB_Reserve reserve; + + reserve.pub = rs->reserve_pub; + qs = TALER_ARL_edb->reserves_get (TALER_ARL_edb->cls, + TALER_ARL_esession, + &reserve); + if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT != qs) { - struct TALER_Amount delta; - - if (0 < TALER_amount_cmp (&nbalance, - &reserve.balance)) - { - /* balance > reserve.balance */ - TALER_ARL_amount_subtract (&delta, - &nbalance, - &reserve.balance); - TALER_ARL_amount_add (&total_balance_summary_delta_plus, - &total_balance_summary_delta_plus, - &delta); - } - else - { - /* balance < reserve.balance */ - TALER_ARL_amount_subtract (&delta, - &reserve.balance, - &nbalance); - TALER_ARL_amount_add (&total_balance_summary_delta_minus, - &total_balance_summary_delta_minus, - &delta); - } - TALER_ARL_report (report_reserve_balance_summary_wrong_inconsistencies, - json_pack ("{s:o, s:o, s:o}", + /* If the exchange doesn't have this reserve in the summary, it + is like the exchange 'lost' that amount from its records, + making an illegitimate gain over the amount it dropped. + We don't add the amount to some total simply because it is + not an actualized gain and could be trivially corrected by + restoring the summary. */// + TALER_ARL_report (report_reserve_balance_insufficient_inconsistencies, + json_pack ("{s:o, s:o}", "reserve_pub", GNUNET_JSON_from_data_auto ( &rs->reserve_pub), - "exchange", - TALER_JSON_from_amount (&reserve.balance), - "auditor", + "gain", TALER_JSON_from_amount (&nbalance))); + if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs) + { + GNUNET_break (0); + qs = GNUNET_DB_STATUS_HARD_ERROR; + } + rc->qs = qs; } - } + else + { + /* Check that exchange's balance matches our expected balance for the reserve */ + if (0 != TALER_amount_cmp (&nbalance, + &reserve.balance)) + { + struct TALER_Amount delta; + + if (0 < TALER_amount_cmp (&nbalance, + &reserve.balance)) + { + /* balance > reserve.balance */ + TALER_ARL_amount_subtract (&delta, + &nbalance, + &reserve.balance); + TALER_ARL_amount_add (&total_balance_summary_delta_plus, + &total_balance_summary_delta_plus, + &delta); + } + else + { + /* balance < reserve.balance */ + TALER_ARL_amount_subtract (&delta, + &reserve.balance, + &nbalance); + TALER_ARL_amount_add (&total_balance_summary_delta_minus, + &total_balance_summary_delta_minus, + &delta); + } + TALER_ARL_report (report_reserve_balance_summary_wrong_inconsistencies, + json_pack ("{s:o, s:o, s:o}", + "reserve_pub", + GNUNET_JSON_from_data_auto ( + &rs->reserve_pub), + "exchange", + TALER_JSON_from_amount (&reserve.balance), + "auditor", + TALER_JSON_from_amount (&nbalance))); + } + } + } /* end of 'if (internal_checks)' */ /* Check that reserve is being closed if it is past its expiration date (and the closing fee would not exceed the remaining balance) */ diff --git a/src/auditor/test-auditor.sh b/src/auditor/test-auditor.sh index 0c9ef4724..ae0c3cbae 100755 --- a/src/auditor/test-auditor.sh +++ b/src/auditor/test-auditor.sh @@ -104,13 +104,13 @@ function audit_only () { echo -n "." $VALGRIND taler-helper-auditor-deposits -L DEBUG -c $CONF -m $MASTER_PUB > test-audit-deposits-inc.json 2> test-audit-deposits-inc.log || exit_fail "incremental deposits audit failed" echo -n "." - $VALGRIND taler-helper-auditor-reserves -L DEBUG -c $CONF -m $MASTER_PUB > test-audit-reserves.json 2> test-audit-reserves.log || exit_fail "reserves audit failed" + $VALGRIND taler-helper-auditor-reserves -i -L DEBUG -c $CONF -m $MASTER_PUB > test-audit-reserves.json 2> test-audit-reserves.log || exit_fail "reserves audit failed" echo -n "." - $VALGRIND taler-helper-auditor-reserves -L DEBUG -c $CONF -m $MASTER_PUB > test-audit-reserves-inc.json 2> test-audit-reserves-inc.log || exit_fail "incremental reserves audit failed" + $VALGRIND taler-helper-auditor-reserves -i -L DEBUG -c $CONF -m $MASTER_PUB > test-audit-reserves-inc.json 2> test-audit-reserves-inc.log || exit_fail "incremental reserves audit failed" echo -n "." - $VALGRIND taler-helper-auditor-wire -L DEBUG -c $CONF -m $MASTER_PUB > test-audit-wire.json 2> test-wire-audit.log || exit_fail "wire audit failed" + $VALGRIND taler-helper-auditor-wire -i -L DEBUG -c $CONF -m $MASTER_PUB > test-audit-wire.json 2> test-wire-audit.log || exit_fail "wire audit failed" echo -n "." - $VALGRIND taler-helper-auditor-wire -L DEBUG -c $CONF -m $MASTER_PUB > test-audit-wire-inc.json 2> test-wire-audit-inc.log || exit_fail "wire audit failed" + $VALGRIND taler-helper-auditor-wire -i -L DEBUG -c $CONF -m $MASTER_PUB > test-audit-wire-inc.json 2> test-wire-audit-inc.log || exit_fail "wire audit failed" echo -n "." echo " DONE" -- cgit v1.2.3