From 84a40be0bce66cda800de7891f758a0c69afc7fa Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Wed, 8 Apr 2020 23:52:01 +0200 Subject: fix #6170 and rest of #6164 --- src/auditor/report-lib.c | 188 ++++++++++++ src/auditor/report-lib.h | 137 +++++++++ src/auditor/taler-helper-auditor-aggregation.c | 239 +++++---------- src/auditor/taler-helper-auditor-coins.c | 391 +++++++++++-------------- src/auditor/taler-helper-auditor-deposits.c | 7 +- src/auditor/taler-helper-auditor-reserves.c | 191 ++++++------ src/auditor/taler-helper-auditor-wire.c | 141 ++++----- 7 files changed, 718 insertions(+), 576 deletions(-) (limited to 'src/auditor') diff --git a/src/auditor/report-lib.c b/src/auditor/report-lib.c index 6baf6e8b5..3074b579a 100644 --- a/src/auditor/report-lib.c +++ b/src/auditor/report-lib.c @@ -417,6 +417,194 @@ test_master_present (void *cls, } +/** + * Perform addition of amounts. If the addition fails, logs + * a detailed error and calls exit() to terminate the process (!). + * + * Do not call this function directly, use #TALER_ARL_amount_add(). + * + * @param[out] sum where to store @a a1 + @a a2, set to "invalid" on overflow + * @param a1 first amount to add + * @param a2 second amount to add + * @param filename where is the addition called + * @param functionname name of the function where the addition is called + * @param line line number of the addition + */ +void +TALER_ARL_amount_add_ (struct TALER_Amount *sum, + const struct TALER_Amount *a1, + const struct TALER_Amount *a2, + const char *filename, + const char *functionname, + unsigned int line) +{ + enum TALER_AmountArithmeticResult aar; + const char *msg; + char *a2s; + + aar = TALER_amount_add (sum, + a1, + a2); + if (aar >= 0) + return; + switch (aar) + { + case TALER_AAR_INVALID_RESULT_OVERFLOW: + msg = + "arithmetic overflow in amount addition (likely the database is corrupt, see manual)"; + break; + case TALER_AAR_INVALID_NORMALIZATION_FAILED: + msg = + "normalization failed in amount addition (likely the database is corrupt, see manual)"; + break; + case TALER_AAR_INVALID_CURRENCIES_INCOMPATIBLE: + msg = + "incompatible currencies in amount addition (likely bad configuration and auditor code missing a sanity check, see manual)"; + break; + default: + GNUNET_assert (0); /* should be impossible */ + } + a2s = TALER_amount_to_string (a2); + fprintf (stderr, + "Aborting audit due to fatal error in function %s at %s:%d trying to add %s to %s: %s\n", + functionname, + filename, + line, + TALER_amount2s (a1), + a2s, + msg); + GNUNET_free (a2s); + exit (42); +} + + +/** + * Perform subtraction of amounts. If the subtraction fails, logs + * a detailed error and calls exit() to terminate the process (!). + * + * Do not call this function directly, use #TALER_ARL_amount_subtract(). + * + * @param[out] diff where to store (@a a1 - @a a2) + * @param a1 amount to subtract from + * @param a2 amount to subtract + * @param filename where is the addition called + * @param functionname name of the function where the addition is called + * @param line line number of the addition + */ +void +TALER_ARL_amount_subtract_ (struct TALER_Amount *diff, + const struct TALER_Amount *a1, + const struct TALER_Amount *a2, + const char *filename, + const char *functionname, + unsigned int line) +{ + enum TALER_AmountArithmeticResult aar; + const char *msg; + char *a2s; + + aar = TALER_amount_subtract (diff, + a1, + a2); + if (aar >= 0) + return; + switch (aar) + { + case TALER_AAR_INVALID_NEGATIVE_RESULT: + msg = + "negative result in amount subtraction (likely the database is corrupt, see manual)"; + break; + case TALER_AAR_INVALID_NORMALIZATION_FAILED: + msg = + "normalization failed in amount subtraction (likely the database is corrupt, see manual)"; + break; + case TALER_AAR_INVALID_CURRENCIES_INCOMPATIBLE: + msg = + "currencies incompatible in amount subtraction (likely bad configuration and auditor code missing a sanity check, see manual)"; + break; + default: + GNUNET_assert (0); /* should be impossible */ + } + a2s = TALER_amount_to_string (a2); + fprintf (stderr, + "Aborting audit due to fatal error in function %s at %s:%d trying to subtract %s from %s: %s\n", + functionname, + filename, + line, + a2s, + TALER_amount2s (a1), + msg); + GNUNET_free (a2s); + exit (42); +} + + +/** + * Perform subtraction of amounts. Negative results should be signalled by the + * return value (leaving @a diff set to 'invalid'). If the subtraction fails + * for other reasons (currency missmatch, normalization failure), logs a + * detailed error and calls exit() to terminate the process (!). + * + * Do not call this function directly, use #TALER_ARL_amount_subtract_neg(). + * + * @param[out] diff where to store (@a a1 - @a a2) + * @param a1 amount to subtract from + * @param a2 amount to subtract + * @param filename where is the addition called + * @param functionname name of the function where the addition is called + * @param line line number of the addition + * @return #TALER_ARL_SR_NEGATIVE if the result was negative (and @a diff is now invalid), + * #TALER_ARL_SR_ZERO if the result was zero, + * #TALER_ARL_SR_POSITIVE if the result is positive + */ +enum TALER_ARL_SubtractionResult +TALER_ARL_amount_subtract_neg_ (struct TALER_Amount *diff, + const struct TALER_Amount *a1, + const struct TALER_Amount *a2, + const char *filename, + const char *functionname, + unsigned int line) +{ + enum TALER_AmountArithmeticResult aar; + const char *msg; + char *a2s; + + aar = TALER_amount_subtract (diff, + a1, + a2); + switch (aar) + { + case TALER_AAR_RESULT_POSITIVE: + return TALER_ARL_SR_POSITIVE; + case TALER_AAR_RESULT_ZERO: + return TALER_ARL_SR_ZERO; + case TALER_AAR_INVALID_NEGATIVE_RESULT: + return TALER_ARL_SR_INVALID_NEGATIVE; + case TALER_AAR_INVALID_NORMALIZATION_FAILED: + msg = + "normalization failed in amount subtraction (likely the database is corrupt, see manual)"; + break; + case TALER_AAR_INVALID_CURRENCIES_INCOMPATIBLE: + msg = + "currencies incompatible in amount subtraction (likely bad configuration and auditor code missing a sanity check, see manual)"; + break; + default: + GNUNET_assert (0); /* should be impossible */ + } + a2s = TALER_amount_to_string (a2); + fprintf (stderr, + "Aborting audit due to fatal error in function %s at %s:%d trying to subtract %s from %s: %s\n", + functionname, + filename, + line, + a2s, + TALER_amount2s (a1), + msg); + GNUNET_free (a2s); + exit (42); +} + + /** * Setup global variables based on configuration. * diff --git a/src/auditor/report-lib.h b/src/auditor/report-lib.h index 8176e740b..eeb36f0a3 100644 --- a/src/auditor/report-lib.h +++ b/src/auditor/report-lib.h @@ -152,6 +152,143 @@ typedef enum GNUNET_DB_QueryStatus (*TALER_ARL_Analysis)(void *cls); +/** + * Perform addition of amounts. If the addition fails, logs + * a detailed error and calls exit() to terminate the process (!). + * + * Do not call this function directly, use #TALER_ARL_amount_add(). + * + * @param[out] sum where to store @a a1 + @a a2, set to "invalid" on overflow + * @param a1 first amount to add + * @param a2 second amount to add + * @param filename where is the addition called + * @param functionname name of the function where the addition is called + * @param line line number of the addition + */ +void +TALER_ARL_amount_add_ (struct TALER_Amount *sum, + const struct TALER_Amount *a1, + const struct TALER_Amount *a2, + const char *filename, + const char *functionname, + unsigned int line); + + +/** + * Perform addition of amounts. If the addition fails, logs + * a detailed error and calls exit() to terminate the process (!). + * + * @param[out] sum where to store @a a1 + @a a2, set to "invalid" on overflow + * @param a1 first amount to add + * @param a2 second amount to add + */ +#define TALER_ARL_amount_add(sum,a1,a2) \ + TALER_ARL_amount_add_ (sum, a1, a2, __FILE__, __FUNCTION__, __LINE__) + + +/** + * Perform subtraction of amounts where the result "cannot" be negative. If the + * subtraction fails, logs a detailed error and calls exit() to terminate the + * process (!). + * + * Do not call this function directly, use #TALER_ARL_amount_subtract(). + * + * @param[out] diff where to store (@a a1 - @a a2) + * @param a1 amount to subtract from + * @param a2 amount to subtract + * @param filename where is the addition called + * @param functionname name of the function where the addition is called + * @param line line number of the addition + */ +void +TALER_ARL_amount_subtract_ (struct TALER_Amount *diff, + const struct TALER_Amount *a1, + const struct TALER_Amount *a2, + const char *filename, + const char *functionname, + unsigned int line); + + +/** + * Perform subtraction of amounts where the result "cannot" be negative. If + * the subtraction fails, logs a detailed error and calls exit() to terminate + * the process (!). + * + * @param[out] diff where to store (@a a1 - @a a2) + * @param a1 amount to subtract from + * @param a2 amount to subtract + */ +#define TALER_ARL_amount_subtract(diff,a1,a2) \ + TALER_ARL_amount_subtract_ (diff, a1, a2, __FILE__, __FUNCTION__, __LINE__) + + +/** + * Possible outcomes of #TALER_ARL_amount_subtract_neg(). + */ +enum TALER_ARL_SubtractionResult +{ + /** + * Note that in this case no actual result was computed. + */ + TALER_ARL_SR_INVALID_NEGATIVE = -1, + + /** + * The result of the subtraction is exactly zero. + */ + TALER_ARL_SR_ZERO = 0, + + /** + * The result of the subtraction is a positive value. + */ + TALER_ARL_SR_POSITIVE = 1 +}; + + +/** + * Perform subtraction of amounts. Negative results should be signalled by the + * return value (leaving @a diff set to 'invalid'). If the subtraction fails + * for other reasons (currency missmatch, normalization failure), logs a + * detailed error and calls exit() to terminate the process (!). + * + * Do not call this function directly, use #TALER_ARL_amount_subtract_neg(). + * + * @param[out] diff where to store (@a a1 - @a a2) + * @param a1 amount to subtract from + * @param a2 amount to subtract + * @param filename where is the addition called + * @param functionname name of the function where the addition is called + * @param line line number of the addition + * @return #TALER_ARL_SR_NEGATIVE if the result was negative (and @a diff is now invalid), + * #TALER_ARL_SR_ZERO if the result was zero, + * #TALER_ARL_SR_POSITIVE if the result is positive + */ +enum TALER_ARL_SubtractionResult +TALER_ARL_amount_subtract_neg_ (struct TALER_Amount *diff, + const struct TALER_Amount *a1, + const struct TALER_Amount *a2, + const char *filename, + const char *functionname, + unsigned int line); + + +/** + * Perform subtraction of amounts. Negative results should be signalled by + * the return value (leaving @a diff set to 'invalid'). If the subtraction + * fails for other reasons (currency missmatch, normalization failure), logs a + * detailed error and calls exit() to terminate the process (!). + * + * @param[out] diff where to store (@a a1 - @a a2) + * @param a1 amount to subtract from + * @param a2 amount to subtract + * @return #TALER_ARL_SR_NEGATIVE if the result was negative (and @a diff is now invalid), + * #TALER_ARL_SR_ZERO if the result was zero, + * #TALER_ARL_SR_POSITIVE if the result is positive + */ +#define TALER_ARL_amount_subtract_neg(diff,a1,a2) \ + TALER_ARL_amount_subtract_neg_ (diff, a1, a2, __FILE__, __FUNCTION__, \ + __LINE__) + + /** * Initialize DB sessions and run the analysis. * diff --git a/src/auditor/taler-helper-auditor-aggregation.c b/src/auditor/taler-helper-auditor-aggregation.c index 09376a799..2a56971d8 100644 --- a/src/auditor/taler-helper-auditor-aggregation.c +++ b/src/auditor/taler-helper-auditor-aggregation.c @@ -145,19 +145,17 @@ report_amount_arithmetic_inconsistency ( auditor)) { /* exchange > auditor */ - GNUNET_assert (GNUNET_OK == - TALER_amount_subtract (&delta, - exchange, - auditor)); + TALER_ARL_amount_subtract (&delta, + exchange, + auditor); } else { /* auditor < exchange */ profitable = -profitable; - GNUNET_assert (GNUNET_OK == - TALER_amount_subtract (&delta, - auditor, - exchange)); + TALER_ARL_amount_subtract (&delta, + auditor, + exchange); } TALER_ARL_report (report_amount_arithmetic_inconsistencies, json_pack ("{s:s, s:I, s:o, s:o, s:I}", @@ -171,10 +169,9 @@ report_amount_arithmetic_inconsistency ( target = (1 == profitable) ? &total_arithmetic_delta_plus : &total_arithmetic_delta_minus; - GNUNET_assert (GNUNET_OK == - TALER_amount_add (target, - target, - &delta)); + TALER_ARL_amount_add (target, + target, + &delta); } } @@ -207,19 +204,17 @@ report_coin_arithmetic_inconsistency ( auditor)) { /* exchange > auditor */ - GNUNET_assert (GNUNET_OK == - TALER_amount_subtract (&delta, - exchange, - auditor)); + TALER_ARL_amount_subtract (&delta, + exchange, + auditor); } else { /* auditor < exchange */ profitable = -profitable; - GNUNET_assert (GNUNET_OK == - TALER_amount_subtract (&delta, - auditor, - exchange)); + TALER_ARL_amount_subtract (&delta, + auditor, + exchange); } TALER_ARL_report (report_coin_inconsistencies, json_pack ("{s:s, s:o, s:o, s:o, s:I}", @@ -234,10 +229,9 @@ report_coin_arithmetic_inconsistency ( target = (1 == profitable) ? &total_coin_delta_plus : &total_coin_delta_minus; - GNUNET_assert (GNUNET_OK == - TALER_amount_add (target, - target, - &delta)); + TALER_ARL_amount_add (target, + target, + &delta); } } @@ -452,14 +446,9 @@ check_transaction_history_for_deposit ( } amount_with_fee = &tl->details.deposit->amount_with_fee; /* according to exchange*/ fee_claimed = &tl->details.deposit->deposit_fee; /* Fee according to exchange DB */ - if (GNUNET_OK != - TALER_amount_add (&expenditures, + TALER_ARL_amount_add (&expenditures, &expenditures, - amount_with_fee)) - { - GNUNET_break (0); - return GNUNET_SYSERR; - } + amount_with_fee); /* Check if this deposit is within the remit of the aggregation we are investigating, if so, include it in the totals. */ if ( (0 == GNUNET_memcmp (merchant_pub, @@ -469,22 +458,12 @@ check_transaction_history_for_deposit ( { struct TALER_Amount amount_without_fee; - if (GNUNET_OK != - TALER_amount_subtract (&amount_without_fee, + TALER_ARL_amount_subtract (&amount_without_fee, amount_with_fee, - fee_claimed)) - { - GNUNET_break (0); - return GNUNET_SYSERR; - } - if (GNUNET_OK != - TALER_amount_add (merchant_gain, + fee_claimed); + TALER_ARL_amount_add (merchant_gain, merchant_gain, - &amount_without_fee)) - { - GNUNET_break (0); - return GNUNET_SYSERR; - } + &amount_without_fee); GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Detected applicable deposit of %s\n", TALER_amount2s (&amount_without_fee)); @@ -513,14 +492,9 @@ check_transaction_history_for_deposit ( case TALER_EXCHANGEDB_TT_MELT: amount_with_fee = &tl->details.melt->amount_with_fee; fee_claimed = &tl->details.melt->melt_fee; - if (GNUNET_OK != - TALER_amount_add (&expenditures, + TALER_ARL_amount_add (&expenditures, &expenditures, - amount_with_fee)) - { - GNUNET_break (0); - return GNUNET_SYSERR; - } + amount_with_fee); /* Check that the fees given in the transaction list and in dki match */ { struct TALER_Amount fee_expected; @@ -543,22 +517,12 @@ check_transaction_history_for_deposit ( case TALER_EXCHANGEDB_TT_REFUND: amount_with_fee = &tl->details.refund->refund_amount; fee_claimed = &tl->details.refund->refund_fee; - if (GNUNET_OK != - TALER_amount_add (&refunds, + TALER_ARL_amount_add (&refunds, &refunds, - amount_with_fee)) - { - GNUNET_break (0); - return GNUNET_SYSERR; - } - if (GNUNET_OK != - TALER_amount_add (&expenditures, + amount_with_fee); + TALER_ARL_amount_add (&expenditures, &expenditures, - fee_claimed)) - { - GNUNET_break (0); - return GNUNET_SYSERR; - } + fee_claimed); /* Check if this refund is within the remit of the aggregation we are investigating, if so, include it in the totals. */ if ( (0 == GNUNET_memcmp (merchant_pub, @@ -569,14 +533,9 @@ check_transaction_history_for_deposit ( GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Detected applicable refund of %s\n", TALER_amount2s (amount_with_fee)); - if (GNUNET_OK != - TALER_amount_add (&merchant_loss, + TALER_ARL_amount_add (&merchant_loss, &merchant_loss, - amount_with_fee)) - { - GNUNET_break (0); - return GNUNET_SYSERR; - } + amount_with_fee); /* If there is a refund, we give back the deposit fee */ refund_deposit_fee = GNUNET_YES; } @@ -604,40 +563,25 @@ check_transaction_history_for_deposit ( /* We count recoups of refreshed coins like refunds for the dirty old coin, as they equivalently _increase_ the remaining value on the _old_ coin */ - if (GNUNET_OK != - TALER_amount_add (&refunds, + TALER_ARL_amount_add (&refunds, &refunds, - amount_with_fee)) - { - GNUNET_break (0); - return GNUNET_SYSERR; - } + amount_with_fee); break; case TALER_EXCHANGEDB_TT_RECOUP: /* We count recoups of the coin as expenditures, as it equivalently decreases the remaining value of the recouped coin. */ amount_with_fee = &tl->details.recoup->value; - if (GNUNET_OK != - TALER_amount_add (&expenditures, + TALER_ARL_amount_add (&expenditures, &expenditures, - amount_with_fee)) - { - GNUNET_break (0); - return GNUNET_SYSERR; - } + amount_with_fee); break; case TALER_EXCHANGEDB_TT_RECOUP_REFRESH: /* We count recoups of the coin as expenditures, as it equivalently decreases the remaining value of the recouped coin. */ amount_with_fee = &tl->details.recoup_refresh->value; - if (GNUNET_OK != - TALER_amount_add (&expenditures, + TALER_ARL_amount_add (&expenditures, &expenditures, - amount_with_fee)) - { - GNUNET_break (0); - return GNUNET_SYSERR; - } + amount_with_fee); break; } } /* for 'tl' */ @@ -654,22 +598,17 @@ check_transaction_history_for_deposit ( { /* We had a /deposit operation AND a /refund operation, and should thus not charge the merchant the /deposit fee */ - if (GNUNET_OK != - TALER_amount_add (merchant_gain, + TALER_ARL_amount_add (merchant_gain, merchant_gain, - deposit_fee)) - { - GNUNET_break (0); - return GNUNET_SYSERR; - } + deposit_fee); } { struct TALER_Amount final_gain; - if (GNUNET_SYSERR == - TALER_amount_subtract (&final_gain, - merchant_gain, - &merchant_loss)) + if (TALER_ARL_SR_INVALID_NEGATIVE == + TALER_ARL_amount_subtract_neg (&final_gain, + merchant_gain, + &merchant_loss)) { /* refunds above deposits? Bad! */ report_coin_arithmetic_inconsistency ("refund (merchant)", @@ -696,10 +635,10 @@ check_transaction_history_for_deposit ( GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Subtracting refunds of %s from coin value loss\n", TALER_amount2s (&refunds)); - if (GNUNET_SYSERR == - TALER_amount_subtract (&spent, - &expenditures, - &refunds)) + if (TALER_ARL_SR_INVALID_NEGATIVE == + TALER_ARL_amount_subtract_neg (&spent, + &expenditures, + &refunds)) { /* refunds above expenditures? Bad! */ report_coin_arithmetic_inconsistency ("refund (balance)", @@ -859,10 +798,9 @@ wire_transfer_information_cb ( "loss", TALER_JSON_from_amount (coin_value), "coin_pub", GNUNET_JSON_from_data_auto ( &coin.coin_pub))); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_bad_sig_loss, - &total_bad_sig_loss, - coin_value)); + TALER_ARL_amount_add (&total_bad_sig_loss, + &total_bad_sig_loss, + coin_value); GNUNET_CRYPTO_rsa_signature_free (coin.denom_sig.rsa_signature); TALER_ARL_edb->free_coin_transaction_list (TALER_ARL_edb->cls, tl); @@ -898,10 +836,10 @@ wire_transfer_information_cb ( { struct TALER_Amount coin_value_without_fee; - if (GNUNET_SYSERR == - TALER_amount_subtract (&coin_value_without_fee, - coin_value, - deposit_fee)) + if (TALER_ARL_SR_INVALID_NEGATIVE == + TALER_ARL_amount_subtract_neg (&coin_value_without_fee, + coin_value, + deposit_fee)) { wcc->qs = GNUNET_DB_STATUS_HARD_ERROR; report_amount_arithmetic_inconsistency ( @@ -949,15 +887,9 @@ wire_transfer_information_cb ( { struct TALER_Amount res; - if (GNUNET_OK != - TALER_amount_add (&res, + TALER_ARL_amount_add (&res, &wcc->total_deposits, - &computed_value)) - { - GNUNET_break (0); - wcc->qs = GNUNET_DB_STATUS_HARD_ERROR; - return; - } + &computed_value); wcc->total_deposits = res; } } @@ -1177,10 +1109,10 @@ check_wire_out_cb (void *cls, /* If fee is unknown, we just assume the fee is zero */ final_amount = wcc.total_deposits; } - else if (GNUNET_SYSERR == - TALER_amount_subtract (&final_amount, - &wcc.total_deposits, - wire_fee)) + else if (TALER_ARL_SR_INVALID_NEGATIVE == + TALER_ARL_amount_subtract_neg (&final_amount, + &wcc.total_deposits, + wire_fee)) { report_amount_arithmetic_inconsistency ( "wire out (fee structure)", @@ -1200,26 +1132,13 @@ check_wire_out_cb (void *cls, &TALER_ARL_currency_round_unit)); /* Calculate the exchange's gain as the fees plus rounding differences! */ - if (GNUNET_SYSERR == - TALER_amount_subtract (&exchange_gain, + TALER_ARL_amount_subtract (&exchange_gain, &wcc.total_deposits, - &final_amount)) - { - GNUNET_break (0); - ac->qs = GNUNET_DB_STATUS_HARD_ERROR; - return GNUNET_SYSERR; - } - + &final_amount); /* Sum up aggregation fees (we simply include the rounding gains) */ - if (GNUNET_OK != - TALER_amount_add (&total_aggregation_fee_income, + TALER_ARL_amount_add (&total_aggregation_fee_income, &total_aggregation_fee_income, - &exchange_gain)) - { - GNUNET_break (0); - ac->qs = GNUNET_DB_STATUS_HARD_ERROR; - return GNUNET_SYSERR; - } + &exchange_gain); /* Check that calculated amount matches actual amount */ if (0 != TALER_amount_cmp (amount, @@ -1231,26 +1150,22 @@ check_wire_out_cb (void *cls, &final_amount)) { /* amount > final_amount */ - GNUNET_assert (GNUNET_OK == - TALER_amount_subtract (&delta, - amount, - &final_amount)); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_wire_out_delta_plus, - &total_wire_out_delta_plus, - &delta)); + TALER_ARL_amount_subtract (&delta, + amount, + &final_amount); + TALER_ARL_amount_add (&total_wire_out_delta_plus, + &total_wire_out_delta_plus, + &delta); } else { /* amount < final_amount */ - GNUNET_assert (GNUNET_OK == - TALER_amount_subtract (&delta, - &final_amount, - amount)); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_wire_out_delta_minus, - &total_wire_out_delta_minus, - &delta)); + TALER_ARL_amount_subtract (&delta, + &final_amount, + amount); + TALER_ARL_amount_add (&total_wire_out_delta_minus, + &total_wire_out_delta_minus, + &delta); } TALER_ARL_report (report_wire_out_inconsistencies, diff --git a/src/auditor/taler-helper-auditor-coins.c b/src/auditor/taler-helper-auditor-coins.c index 8acc874c9..9d5e66706 100644 --- a/src/auditor/taler-helper-auditor-coins.c +++ b/src/auditor/taler-helper-auditor-coins.c @@ -290,14 +290,12 @@ report_emergency_by_amount ( issue->expire_deposit), "value", TALER_JSON_from_amount_nbo (&issue->value))); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&reported_emergency_risk_by_amount, - &reported_emergency_risk_by_amount, - risk)); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&reported_emergency_loss, - &reported_emergency_loss, - loss)); + TALER_ARL_amount_add (&reported_emergency_risk_by_amount, + &reported_emergency_risk_by_amount, + risk); + TALER_ARL_amount_add (&reported_emergency_loss, + &reported_emergency_loss, + loss); } @@ -342,18 +340,15 @@ report_emergency_by_count ( issue->expire_deposit), "value", TALER_JSON_from_amount_nbo (&issue->value))); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&reported_emergency_risk_by_count, - &reported_emergency_risk_by_count, - risk)); + TALER_ARL_amount_add (&reported_emergency_risk_by_count, + &reported_emergency_risk_by_count, + risk); TALER_amount_ntoh (&denom_value, &issue->value); for (uint64_t i = num_issued; i auditor */ - GNUNET_assert (GNUNET_OK == - TALER_amount_subtract (&delta, - exchange, - auditor)); + TALER_ARL_amount_subtract (&delta, + exchange, + auditor); } else { /* auditor < exchange */ profitable = -profitable; - GNUNET_assert (GNUNET_OK == - TALER_amount_subtract (&delta, - auditor, - exchange)); + TALER_ARL_amount_subtract (&delta, + auditor, + exchange); } TALER_ARL_report (report_amount_arithmetic_inconsistencies, json_pack ("{s:s, s:I, s:o, s:o, s:I}", @@ -414,10 +407,9 @@ report_amount_arithmetic_inconsistency ( target = (1 == profitable) ? &total_arithmetic_delta_plus : &total_arithmetic_delta_minus; - GNUNET_assert (GNUNET_OK == - TALER_amount_add (target, - target, - &delta)); + TALER_ARL_amount_add (target, + target, + &delta); } } @@ -495,51 +487,44 @@ check_coin_history (const struct TALER_CoinSpendPublicKeyP *coin_pub, { case TALER_EXCHANGEDB_TT_DEPOSIT: /* spent += pos->amount_with_fee */ - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&spent, - &spent, - &pos->details.deposit->amount_with_fee)); + TALER_ARL_amount_add (&spent, + &spent, + &pos->details.deposit->amount_with_fee); deposit_fee = pos->details.deposit->deposit_fee; break; case TALER_EXCHANGEDB_TT_MELT: /* spent += pos->amount_with_fee */ - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&spent, - &spent, - &pos->details.melt->amount_with_fee)); + TALER_ARL_amount_add (&spent, + &spent, + &pos->details.melt->amount_with_fee); break; case TALER_EXCHANGEDB_TT_REFUND: /* refunded += pos->refund_amount - pos->refund_fee */ - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&refunded, - &refunded, - &pos->details.refund->refund_amount)); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&spent, - &spent, - &pos->details.refund->refund_fee)); + TALER_ARL_amount_add (&refunded, + &refunded, + &pos->details.refund->refund_amount); + TALER_ARL_amount_add (&spent, + &spent, + &pos->details.refund->refund_fee); have_refund = GNUNET_YES; break; case TALER_EXCHANGEDB_TT_OLD_COIN_RECOUP: /* refunded += pos->value */ - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&refunded, - &refunded, - &pos->details.old_coin_recoup->value)); + TALER_ARL_amount_add (&refunded, + &refunded, + &pos->details.old_coin_recoup->value); break; case TALER_EXCHANGEDB_TT_RECOUP: /* spent += pos->value */ - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&spent, - &spent, - &pos->details.recoup->value)); + TALER_ARL_amount_add (&spent, + &spent, + &pos->details.recoup->value); break; case TALER_EXCHANGEDB_TT_RECOUP_REFRESH: /* spent += pos->value */ - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&spent, - &spent, - &pos->details.recoup_refresh->value)); + TALER_ARL_amount_add (&spent, + &spent, + &pos->details.recoup_refresh->value); break; } } @@ -547,16 +532,14 @@ check_coin_history (const struct TALER_CoinSpendPublicKeyP *coin_pub, if (have_refund) { /* If we gave any refund, also discount ONE deposit fee */ - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&refunded, - &refunded, - &deposit_fee)); + TALER_ARL_amount_add (&refunded, + &refunded, + &deposit_fee); } /* total coin value = original value plus refunds */ - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total, - &refunded, - value)); + TALER_ARL_amount_add (&total, + &refunded, + value); if (1 == TALER_amount_cmp (&spent, &total)) @@ -564,10 +547,9 @@ check_coin_history (const struct TALER_CoinSpendPublicKeyP *coin_pub, /* spent > total: bad */ struct TALER_Amount loss; - GNUNET_assert (GNUNET_OK == - TALER_amount_subtract (&loss, - &spent, - &total)); + TALER_ARL_amount_subtract (&loss, + &spent, + &total); GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Loss detected for coin %s - %s\n", TALER_B2S (coin_pub), @@ -844,10 +826,9 @@ sync_denomination (void *cls, /* The denomination expired and carried a balance; we can now book the remaining balance as profit, and reduce our risk exposure by the accumulated risk of the denomination. */ - GNUNET_assert (GNUNET_SYSERR != - TALER_amount_subtract (&total_risk, - &total_risk, - &ds->denom_risk)); + TALER_ARL_amount_subtract (&total_risk, + &total_risk, + &ds->denom_risk); /* If the above fails, our risk assessment is inconsistent! This is really, really bad (auditor-internal invariant would be violated). Hence we can "safely" assert. If @@ -1035,26 +1016,22 @@ withdraw_cb (void *cls, GNUNET_h2s (&dh), TALER_amount2s (&value)); ds->num_issued++; - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&ds->denom_balance, - &ds->denom_balance, - &value)); + TALER_ARL_amount_add (&ds->denom_balance, + &ds->denom_balance, + &value); GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "New balance of denomination `%s' is %s\n", GNUNET_h2s (&dh), TALER_amount2s (&ds->denom_balance)); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_escrow_balance, - &total_escrow_balance, - &value)); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_risk, - &total_risk, - &value)); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&ds->denom_risk, - &ds->denom_risk, - &value)); + TALER_ARL_amount_add (&total_escrow_balance, + &total_escrow_balance, + &value); + TALER_ARL_amount_add (&total_risk, + &total_risk, + &value); + TALER_ARL_amount_add (&ds->denom_risk, + &ds->denom_risk, + &value); return GNUNET_OK; } @@ -1220,11 +1197,9 @@ check_known_coin (const char *operation, loss_potential), "coin_pub", GNUNET_JSON_from_data_auto ( coin_pub))); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_bad_sig_loss, - &total_bad_sig_loss, - loss_potential)); - + TALER_ARL_amount_add (&total_bad_sig_loss, + &total_bad_sig_loss, + loss_potential); } GNUNET_CRYPTO_rsa_signature_free (ci.denom_sig.rsa_signature); return qs; @@ -1324,10 +1299,9 @@ refresh_session_cb (void *cls, amount_with_fee), "coin_pub", GNUNET_JSON_from_data_auto ( coin_pub))); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_bad_sig_loss, - &total_bad_sig_loss, - amount_with_fee)); + TALER_ARL_amount_add (&total_bad_sig_loss, + &total_bad_sig_loss, + amount_with_fee); } } GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, @@ -1367,10 +1341,9 @@ refresh_session_cb (void *cls, amount_with_fee), "coin_pub", GNUNET_JSON_from_data_auto ( coin_pub))); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_refresh_hanging, - &total_refresh_hanging, - amount_with_fee)); + TALER_ARL_amount_add (&total_refresh_hanging, + &total_refresh_hanging, + amount_with_fee); return GNUNET_OK; } if (GNUNET_SYSERR == reveal_ctx.err) @@ -1397,14 +1370,12 @@ refresh_session_cb (void *cls, &reveal_ctx.new_issues[i]->fee_withdraw); TALER_amount_ntoh (&value, &reveal_ctx.new_issues[i]->value); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&refresh_cost, - &refresh_cost, - &fee)); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&refresh_cost, - &refresh_cost, - &value)); + TALER_ARL_amount_add (&refresh_cost, + &refresh_cost, + &fee); + TALER_ARL_amount_add (&refresh_cost, + &refresh_cost, + &value); } /* compute contribution of old coin */ @@ -1413,10 +1384,10 @@ refresh_session_cb (void *cls, TALER_amount_ntoh (&melt_fee, &issue->fee_refresh); - if (GNUNET_OK != - TALER_amount_subtract (&amount_without_fee, - amount_with_fee, - &melt_fee)) + if (TALER_ARL_SR_POSITIVE != + TALER_ARL_amount_subtract_neg (&amount_without_fee, + amount_with_fee, + &melt_fee)) { /* Melt fee higher than contribution of melted coin; this makes no sense (exchange should never have accepted the operation) */ @@ -1469,26 +1440,22 @@ refresh_session_cb (void *cls, GNUNET_h2s (&reveal_ctx.new_issues[i]->denom_hash), TALER_amount2s (&value)); dsi->num_issued++; - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&dsi->denom_balance, - &dsi->denom_balance, - &value)); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&dsi->denom_risk, - &dsi->denom_risk, - &value)); + TALER_ARL_amount_add (&dsi->denom_balance, + &dsi->denom_balance, + &value); + TALER_ARL_amount_add (&dsi->denom_risk, + &dsi->denom_risk, + &value); GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "New balance of denomination `%s' is %s\n", GNUNET_h2s (&reveal_ctx.new_issues[i]->denom_hash), TALER_amount2s (&dsi->denom_balance)); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_escrow_balance, - &total_escrow_balance, - &value)); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_risk, - &total_risk, - &value)); + TALER_ARL_amount_add (&total_escrow_balance, + &total_escrow_balance, + &value); + TALER_ARL_amount_add (&total_risk, + &total_risk, + &value); } } GNUNET_free_non_null (reveal_ctx.new_issues); @@ -1506,15 +1473,14 @@ refresh_session_cb (void *cls, } else { - if (GNUNET_SYSERR == - TALER_amount_subtract (&tmp, - &dso->denom_balance, - amount_with_fee)) + if (TALER_ARL_SR_INVALID_NEGATIVE == + TALER_ARL_amount_subtract_neg (&tmp, + &dso->denom_balance, + amount_with_fee)) { - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&dso->denom_loss, - &dso->denom_loss, - amount_with_fee)); + TALER_ARL_amount_add (&dso->denom_loss, + &dso->denom_loss, + amount_with_fee); dso->report_emergency = GNUNET_YES; } else @@ -1539,10 +1505,9 @@ refresh_session_cb (void *cls, } else { - GNUNET_assert (GNUNET_SYSERR != - TALER_amount_subtract (&total_escrow_balance, - &total_escrow_balance, - amount_with_fee)); + TALER_ARL_amount_subtract (&total_escrow_balance, + &total_escrow_balance, + amount_with_fee); } GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "New balance of denomination `%s' after melt is %s\n", @@ -1556,10 +1521,9 @@ refresh_session_cb (void *cls, TALER_amount_ntoh (&rfee, &issue->fee_refresh); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_melt_fee_income, - &total_melt_fee_income, - &rfee)); + TALER_ARL_amount_add (&total_melt_fee_income, + &total_melt_fee_income, + &rfee); } return GNUNET_OK; } @@ -1666,10 +1630,9 @@ deposit_cb (void *cls, amount_with_fee), "coin_pub", GNUNET_JSON_from_data_auto ( coin_pub))); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_bad_sig_loss, - &total_bad_sig_loss, - amount_with_fee)); + TALER_ARL_amount_add (&total_bad_sig_loss, + &total_bad_sig_loss, + amount_with_fee); return GNUNET_OK; } TALER_amount_hton (&dr.amount_with_fee, @@ -1691,10 +1654,9 @@ deposit_cb (void *cls, amount_with_fee), "coin_pub", GNUNET_JSON_from_data_auto ( coin_pub))); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_bad_sig_loss, - &total_bad_sig_loss, - amount_with_fee)); + TALER_ARL_amount_add (&total_bad_sig_loss, + &total_bad_sig_loss, + amount_with_fee); return GNUNET_OK; } } @@ -1718,15 +1680,14 @@ deposit_cb (void *cls, { struct TALER_Amount tmp; - if (GNUNET_SYSERR == - TALER_amount_subtract (&tmp, - &ds->denom_balance, - amount_with_fee)) + if (TALER_ARL_SR_INVALID_NEGATIVE == + TALER_ARL_amount_subtract_neg (&tmp, + &ds->denom_balance, + amount_with_fee)) { - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&ds->denom_loss, - &ds->denom_loss, - amount_with_fee)); + TALER_ARL_amount_add (&ds->denom_loss, + &ds->denom_loss, + amount_with_fee); ds->report_emergency = GNUNET_YES; } else @@ -1752,10 +1713,9 @@ deposit_cb (void *cls, } else { - GNUNET_assert (GNUNET_SYSERR != - TALER_amount_subtract (&total_escrow_balance, - &total_escrow_balance, - amount_with_fee)); + TALER_ARL_amount_subtract (&total_escrow_balance, + &total_escrow_balance, + amount_with_fee); } GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, @@ -1770,10 +1730,9 @@ deposit_cb (void *cls, TALER_amount_ntoh (&dfee, &issue->fee_deposit); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_deposit_fee_income, - &total_deposit_fee_income, - &dfee)); + TALER_ARL_amount_add (&total_deposit_fee_income, + &total_deposit_fee_income, + &dfee); } return GNUNET_OK; @@ -1862,20 +1821,19 @@ refund_cb (void *cls, amount_with_fee), "coin_pub", GNUNET_JSON_from_data_auto ( coin_pub))); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_bad_sig_loss, - &total_bad_sig_loss, - amount_with_fee)); + TALER_ARL_amount_add (&total_bad_sig_loss, + &total_bad_sig_loss, + amount_with_fee); return GNUNET_OK; } } TALER_amount_ntoh (&refund_fee, &issue->fee_refund); - if (GNUNET_OK != - TALER_amount_subtract (&amount_without_fee, - amount_with_fee, - &refund_fee)) + if (TALER_ARL_SR_INVALID_NEGATIVE == + TALER_ARL_amount_subtract_neg (&amount_without_fee, + amount_with_fee, + &refund_fee)) { report_amount_arithmetic_inconsistency ("refund (fee)", rowid, @@ -1903,32 +1861,27 @@ refund_cb (void *cls, } else { - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&ds->denom_balance, - &ds->denom_balance, - &amount_without_fee)); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&ds->denom_risk, - &ds->denom_risk, - &amount_without_fee)); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_escrow_balance, - &total_escrow_balance, - &amount_without_fee)); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_risk, - &total_risk, - &amount_without_fee)); + TALER_ARL_amount_add (&ds->denom_balance, + &ds->denom_balance, + &amount_without_fee); + TALER_ARL_amount_add (&ds->denom_risk, + &ds->denom_risk, + &amount_without_fee); + TALER_ARL_amount_add (&total_escrow_balance, + &total_escrow_balance, + &amount_without_fee); + TALER_ARL_amount_add (&total_risk, + &total_risk, + &amount_without_fee); GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "New balance of denomination `%s' after refund is %s\n", GNUNET_h2s (&issue->denom_hash), TALER_amount2s (&ds->denom_balance)); } /* update total refund fee balance */ - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_refund_fee_income, - &total_refund_fee_income, - &refund_fee)); + TALER_ARL_amount_add (&total_refund_fee_income, + &total_refund_fee_income, + &refund_fee); return GNUNET_OK; } @@ -1972,10 +1925,9 @@ check_recoup (struct CoinContext *cc, "loss", TALER_JSON_from_amount (amount), "coin_pub", GNUNET_JSON_from_data_auto ( &coin->denom_pub_hash))); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_bad_sig_loss, - &total_bad_sig_loss, - amount)); + TALER_ARL_amount_add (&total_bad_sig_loss, + &total_bad_sig_loss, + amount); } qs = TALER_ARL_get_denomination_info_by_hash (&coin->denom_pub_hash, &issue); @@ -2028,10 +1980,9 @@ check_recoup (struct CoinContext *cc, "loss", TALER_JSON_from_amount (amount), "coin_pub", GNUNET_JSON_from_data_auto ( &coin->coin_pub))); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_bad_sig_loss, - &total_bad_sig_loss, - amount)); + TALER_ARL_amount_add (&total_bad_sig_loss, + &total_bad_sig_loss, + amount); return GNUNET_OK; } } @@ -2059,19 +2010,16 @@ check_recoup (struct CoinContext *cc, "loss", TALER_JSON_from_amount (amount), "coin_pub", GNUNET_JSON_from_data_auto ( &coin->coin_pub))); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_bad_sig_loss, - &total_bad_sig_loss, - amount)); + TALER_ARL_amount_add (&total_bad_sig_loss, + &total_bad_sig_loss, + amount); } - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&ds->denom_recoup, - &ds->denom_recoup, - amount)); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_recoup_loss, - &total_recoup_loss, - amount)); + TALER_ARL_amount_add (&ds->denom_recoup, + &ds->denom_recoup, + amount); + TALER_ARL_amount_add (&total_recoup_loss, + &total_recoup_loss, + amount); } return GNUNET_OK; } @@ -2189,10 +2137,9 @@ recoup_refresh_cb (void *cls, } else { - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&dso->denom_balance, - &dso->denom_balance, - amount)); + TALER_ARL_amount_add (&dso->denom_balance, + &dso->denom_balance, + amount); GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "New balance of denomination `%s' after refresh-recoup is %s\n", GNUNET_h2s (&issue->denom_hash), diff --git a/src/auditor/taler-helper-auditor-deposits.c b/src/auditor/taler-helper-auditor-deposits.c index 1b6a46f1d..291558590 100644 --- a/src/auditor/taler-helper-auditor-deposits.c +++ b/src/auditor/taler-helper-auditor-deposits.c @@ -147,10 +147,9 @@ test_dc (void *cls, dcc->first_missed_coin_serial = GNUNET_MIN (dcc->first_missed_coin_serial, serial_id); dcc->missed_count++; - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&dcc->missed_amount, - &dcc->missed_amount, - &dc->amount_without_fee)); + TALER_ARL_amount_add (&dcc->missed_amount, + &dcc->missed_amount, + &dc->amount_without_fee); } diff --git a/src/auditor/taler-helper-auditor-reserves.c b/src/auditor/taler-helper-auditor-reserves.c index 766a8fda4..8879d4950 100644 --- a/src/auditor/taler-helper-auditor-reserves.c +++ b/src/auditor/taler-helper-auditor-reserves.c @@ -174,19 +174,17 @@ report_amount_arithmetic_inconsistency ( auditor)) { /* exchange > auditor */ - GNUNET_assert (GNUNET_OK == - TALER_amount_subtract (&delta, - exchange, - auditor)); + TALER_ARL_amount_subtract (&delta, + exchange, + auditor); } else { /* auditor < exchange */ profitable = -profitable; - GNUNET_assert (GNUNET_OK == - TALER_amount_subtract (&delta, - auditor, - exchange)); + TALER_ARL_amount_subtract (&delta, + auditor, + exchange); } TALER_ARL_report (report_amount_arithmetic_inconsistencies, json_pack ("{s:s, s:I, s:o, s:o, s:I}", @@ -200,10 +198,9 @@ report_amount_arithmetic_inconsistency ( target = (1 == profitable) ? &total_arithmetic_delta_plus : &total_arithmetic_delta_minus; - GNUNET_assert (GNUNET_OK == - TALER_amount_add (target, - target, - &delta)); + TALER_ARL_amount_add (target, + target, + &delta); } } @@ -445,10 +442,9 @@ handle_reserve_in (void *cls, } else { - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&rs->total_in, - &rs->total_in, - credit)); + TALER_ARL_amount_add (&rs->total_in, + &rs->total_in, + credit); if (NULL == rs->sender_account) rs->sender_account = GNUNET_strdup (sender_account_details); } @@ -571,10 +567,9 @@ handle_reserve_out (void *cls, amount_with_fee), "key_pub", GNUNET_JSON_from_data_auto ( reserve_pub))); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_bad_sig_loss, - &total_bad_sig_loss, - amount_with_fee)); + TALER_ARL_amount_add (&total_bad_sig_loss, + &total_bad_sig_loss, + amount_with_fee); return GNUNET_OK; /* exit here, we cannot add this to the legitimate withdrawals */ } @@ -610,10 +605,9 @@ handle_reserve_out (void *cls, } else { - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&rs->total_out, - &rs->total_out, - amount_with_fee)); + TALER_ARL_amount_add (&rs->total_out, + &rs->total_out, + amount_with_fee); } GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Reserve `%s' reduced by %s from withdraw\n", @@ -624,10 +618,9 @@ handle_reserve_out (void *cls, GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Increasing withdraw profits by fee %s\n", TALER_amount2s (&withdraw_fee)); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&rs->total_fee, - &rs->total_fee, - &withdraw_fee)); + TALER_ARL_amount_add (&rs->total_fee, + &rs->total_fee, + &withdraw_fee); return GNUNET_OK; } @@ -697,10 +690,9 @@ handle_recoup_by_reserve ( "loss", TALER_JSON_from_amount (amount), "key_pub", GNUNET_JSON_from_data_auto ( &coin->coin_pub))); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_bad_sig_loss, - &total_bad_sig_loss, - amount)); + TALER_ARL_amount_add (&total_bad_sig_loss, + &total_bad_sig_loss, + amount); } } @@ -725,10 +717,9 @@ handle_recoup_by_reserve ( report_row_inconsistency ("recoup", rowid, "denomination key not in revocation set"); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_irregular_recoups, - &total_irregular_recoups, - amount)); + TALER_ARL_amount_add (&total_irregular_recoups, + &total_irregular_recoups, + amount); } else { @@ -774,10 +765,9 @@ handle_recoup_by_reserve ( "loss", TALER_JSON_from_amount (amount), "key_pub", GNUNET_JSON_from_data_auto ( &TALER_ARL_master_pub))); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_bad_sig_loss, - &total_bad_sig_loss, - amount)); + TALER_ARL_amount_add (&total_bad_sig_loss, + &total_bad_sig_loss, + amount); } GNUNET_CRYPTO_hash (reserve_pub, @@ -812,10 +802,9 @@ handle_recoup_by_reserve ( } else { - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&rs->total_in, - &rs->total_in, - amount)); + TALER_ARL_amount_add (&rs->total_in, + &rs->total_in, + amount); } GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Additional /recoup value to for reserve `%s' of %s\n", @@ -949,14 +938,12 @@ handle_reserve_closed ( { struct TALER_Amount expected_fee; - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&rs->total_out, - &rs->total_out, - amount_with_fee)); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&rs->total_fee, - &rs->total_fee, - closing_fee)); + TALER_ARL_amount_add (&rs->total_out, + &rs->total_out, + amount_with_fee); + TALER_ARL_amount_add (&rs->total_fee, + &rs->total_fee, + closing_fee); /* verify closing_fee is correct! */ if (GNUNET_OK != get_closing_fee (receiver_account, @@ -1025,25 +1012,22 @@ verify_reserve_balance (void *cls, ret = GNUNET_OK; /* Check our reserve summary balance calculation shows that the reserve balance is acceptable (i.e. non-negative) */ - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&balance, - &rs->total_in, - &rs->balance_at_previous_audit)); - if (GNUNET_SYSERR == - TALER_amount_subtract (&nbalance, - &balance, - &rs->total_out)) + TALER_ARL_amount_add (&balance, + &rs->total_in, + &rs->balance_at_previous_audit); + if (TALER_ARL_SR_INVALID_NEGATIVE == + TALER_ARL_amount_subtract_neg (&nbalance, + &balance, + &rs->total_out)) { struct TALER_Amount loss; - GNUNET_assert (GNUNET_SYSERR != - TALER_amount_subtract (&loss, - &rs->total_out, - &balance)); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_balance_insufficient_loss, - &total_balance_insufficient_loss, - &loss)); + TALER_ARL_amount_subtract (&loss, + &rs->total_out, + &balance); + TALER_ARL_amount_add (&total_balance_insufficient_loss, + &total_balance_insufficient_loss, + &loss); TALER_ARL_report (report_reserve_balance_insufficient_inconsistencies, json_pack ("{s:o, s:o}", "reserve_pub", @@ -1095,26 +1079,22 @@ verify_reserve_balance (void *cls, &reserve.balance)) { /* balance > reserve.balance */ - GNUNET_assert (GNUNET_OK == - TALER_amount_subtract (&delta, - &nbalance, - &reserve.balance)); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_balance_summary_delta_plus, - &total_balance_summary_delta_plus, - &delta)); + TALER_ARL_amount_subtract (&delta, + &nbalance, + &reserve.balance); + TALER_ARL_amount_add (&total_balance_summary_delta_plus, + &total_balance_summary_delta_plus, + &delta); } else { /* balance < reserve.balance */ - GNUNET_assert (GNUNET_OK == - TALER_amount_subtract (&delta, - &reserve.balance, - &nbalance)); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_balance_summary_delta_minus, - &total_balance_summary_delta_minus, - &delta)); + TALER_ARL_amount_subtract (&delta, + &reserve.balance, + &nbalance); + TALER_ARL_amount_add (&total_balance_summary_delta_minus, + &total_balance_summary_delta_minus, + &delta); } TALER_ARL_report (report_reserve_balance_summary_wrong_inconsistencies, json_pack ("{s:o, s:o, s:o}", @@ -1147,10 +1127,9 @@ verify_reserve_balance (void *cls, &cfee)) { /* remaining balance (according to us) exceeds closing fee */ - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_balance_reserve_not_closed, - &total_balance_reserve_not_closed, - &nbalance)); + TALER_ARL_amount_add (&total_balance_reserve_not_closed, + &total_balance_reserve_not_closed, + &nbalance); TALER_ARL_report (report_reserve_not_closed_inconsistencies, json_pack ("{s:o, s:o, s:o}", "reserve_pub", @@ -1166,10 +1145,9 @@ verify_reserve_balance (void *cls, else { /* We failed to determine the closing fee, complain! */ - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_balance_reserve_not_closed, - &total_balance_reserve_not_closed, - &nbalance)); + TALER_ARL_amount_add (&total_balance_reserve_not_closed, + &total_balance_reserve_not_closed, + &nbalance); TALER_ARL_report (report_reserve_not_closed_inconsistencies, json_pack ("{s:o, s:o, s:o, s:s}", "reserve_pub", @@ -1190,25 +1168,22 @@ verify_reserve_balance (void *cls, "Reserve reserve `%s' made %s in withdraw fees\n", TALER_B2S (&rs->reserve_pub), TALER_amount2s (&rs->total_fee)); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&rs->a_withdraw_fee_balance, - &rs->a_withdraw_fee_balance, - &rs->total_fee)); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_escrow_balance, - &total_escrow_balance, - &rs->total_in)); - GNUNET_assert (GNUNET_YES == - TALER_amount_add (&total_withdraw_fee_income, - &total_withdraw_fee_income, - &rs->total_fee)); + TALER_ARL_amount_add (&rs->a_withdraw_fee_balance, + &rs->a_withdraw_fee_balance, + &rs->total_fee); + TALER_ARL_amount_add (&total_escrow_balance, + &total_escrow_balance, + &rs->total_in); + TALER_ARL_amount_add (&total_withdraw_fee_income, + &total_withdraw_fee_income, + &rs->total_fee); { struct TALER_Amount r; - if (GNUNET_SYSERR == - TALER_amount_subtract (&r, - &total_escrow_balance, - &rs->total_out)) + if (TALER_ARL_SR_INVALID_NEGATIVE == + TALER_ARL_amount_subtract_neg (&r, + &total_escrow_balance, + &rs->total_out)) { /* We could not reduce our total balance, i.e. exchange allowed IN TOTAL (!) to be withdrawn more than it was IN TOTAL ever given (exchange balance diff --git a/src/auditor/taler-helper-auditor-wire.c b/src/auditor/taler-helper-auditor-wire.c index 59cb544a4..9dfed13bc 100644 --- a/src/auditor/taler-helper-auditor-wire.c +++ b/src/auditor/taler-helper-auditor-wire.c @@ -629,10 +629,9 @@ check_pending_rc (void *cls, (void) cls; (void) key; - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_closure_amount_lag, - &total_closure_amount_lag, - &rc->amount)); + TALER_ARL_amount_add (&total_closure_amount_lag, + &total_closure_amount_lag, + &rc->amount); if ( (0 != rc->amount.value) || (0 != rc->amount.fraction) ) TALER_ARL_report (report_closure_lags, @@ -835,10 +834,9 @@ wire_missing_cb (void *cls, /* bool? */ int done) { (void) cls; - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_amount_lag, - &total_amount_lag, - amount)); + TALER_ARL_amount_add (&total_amount_lag, + &total_amount_lag, + amount); if ( (GNUNET_YES == tiny) && (0 > TALER_amount_cmp (amount, &tiny_amount)) ) @@ -1001,10 +999,9 @@ wire_out_cb (void *cls, date), "diagnostic", "wire transfer not made (yet?)", "account_section", wa->section_name)); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_bad_amount_out_minus, - &total_bad_amount_out_minus, - amount)); + TALER_ARL_amount_add (&total_bad_amount_out_minus, + &total_bad_amount_out_minus, + amount); return GNUNET_OK; } { @@ -1029,10 +1026,9 @@ wire_out_cb (void *cls, date), "diagnostic", "recevier account mismatch", "account_section", wa->section_name)); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_bad_amount_out_plus, - &total_bad_amount_out_plus, - &roi->details.amount)); + TALER_ARL_amount_add (&total_bad_amount_out_plus, + &total_bad_amount_out_plus, + &roi->details.amount); TALER_ARL_report (report_wire_out_inconsistencies, json_pack ("{s:I, s:o, s:o, s:o, s:o, s:s, s:s}", "row", (json_int_t) rowid, @@ -1045,10 +1041,9 @@ wire_out_cb (void *cls, date), "diagnostic", "receiver account mismatch", "account_section", wa->section_name)); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_bad_amount_out_minus, - &total_bad_amount_out_minus, - amount)); + TALER_ARL_amount_add (&total_bad_amount_out_minus, + &total_bad_amount_out_minus, + amount); GNUNET_free (payto_uri); goto cleanup; } @@ -1075,28 +1070,24 @@ wire_out_cb (void *cls, /* amount > roi->details.amount: wire transfer was smaller than it should have been */ struct TALER_Amount delta; - GNUNET_assert (GNUNET_OK == - TALER_amount_subtract (&delta, - amount, - &roi->details.amount)); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_bad_amount_out_minus, - &total_bad_amount_out_minus, - &delta)); + TALER_ARL_amount_subtract (&delta, + amount, + &roi->details.amount); + TALER_ARL_amount_add (&total_bad_amount_out_minus, + &total_bad_amount_out_minus, + &delta); } else { /* roi->details.amount < amount: wire transfer was larger than it should have been */ struct TALER_Amount delta; - GNUNET_assert (GNUNET_OK == - TALER_amount_subtract (&delta, - &roi->details.amount, - amount)); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_bad_amount_out_plus, - &total_bad_amount_out_plus, - &delta)); + TALER_ARL_amount_subtract (&delta, + &roi->details.amount, + amount); + TALER_ARL_amount_add (&total_bad_amount_out_plus, + &total_bad_amount_out_plus, + &delta); } goto cleanup; } @@ -1217,10 +1208,9 @@ complain_out_not_found (void *cls, wa->section_name, "diagnostic", "justification for wire transfer not found")); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_bad_amount_out_plus, - &total_bad_amount_out_plus, - &roi->details.amount)); + TALER_ARL_amount_add (&total_bad_amount_out_plus, + &total_bad_amount_out_plus, + &roi->details.amount); return GNUNET_OK; } @@ -1350,10 +1340,9 @@ history_debit_cb (void *cls, GNUNET_asprintf (&diagnostic, "duplicate subject hash `%s'", TALER_B2S (&roi->subject_hash)); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_wire_format_amount, - &total_wire_format_amount, - &details->amount)); + TALER_ARL_amount_add (&total_wire_format_amount, + &total_wire_format_amount, + &details->amount); TALER_ARL_report (report_wire_format_inconsistencies, json_pack ("{s:o, s:I, s:s}", "amount", TALER_JSON_from_amount ( @@ -1540,10 +1529,9 @@ complain_in_not_found (void *cls, "account", wa->section_name, "diagnostic", "incoming wire transfer claimed by exchange not found")); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_bad_amount_in_minus, - &total_bad_amount_in_minus, - &rii->details.amount)); + TALER_ARL_amount_add (&total_bad_amount_in_minus, + &total_bad_amount_in_minus, + &rii->details.amount); return GNUNET_OK; } @@ -1653,10 +1641,9 @@ history_credit_cb (void *cls, "timestamp", TALER_ARL_json_from_time_abs ( rii->details.execution_date), "diagnostic", "wire subject does not match")); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_bad_amount_in_minus, - &total_bad_amount_in_minus, - &rii->details.amount)); + TALER_ARL_amount_add (&total_bad_amount_in_minus, + &total_bad_amount_in_minus, + &rii->details.amount); TALER_ARL_report (report_reserve_in_inconsistencies, json_pack ("{s:I, s:I, s:o, s:o, s:o, s:o, s:s}", "row", (json_int_t) rii->rowid, @@ -1672,10 +1659,9 @@ history_credit_cb (void *cls, details->execution_date), "diagnostic", "wire subject does not match")); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_bad_amount_in_plus, - &total_bad_amount_in_plus, - &details->amount)); + TALER_ARL_amount_add (&total_bad_amount_in_plus, + &total_bad_amount_in_plus, + &details->amount); goto cleanup; } if (0 != TALER_amount_cmp (&rii->details.amount, @@ -1701,28 +1687,24 @@ history_credit_cb (void *cls, /* details->amount > rii->details.amount: wire transfer was larger than it should have been */ struct TALER_Amount delta; - GNUNET_assert (GNUNET_OK == - TALER_amount_subtract (&delta, - &details->amount, - &rii->details.amount)); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_bad_amount_in_plus, - &total_bad_amount_in_plus, - &delta)); + TALER_ARL_amount_subtract (&delta, + &details->amount, + &rii->details.amount); + TALER_ARL_amount_add (&total_bad_amount_in_plus, + &total_bad_amount_in_plus, + &delta); } else { /* rii->details.amount < details->amount: wire transfer was smaller than it should have been */ struct TALER_Amount delta; - GNUNET_assert (GNUNET_OK == - TALER_amount_subtract (&delta, - &rii->details.amount, - &details->amount)); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_bad_amount_in_minus, - &total_bad_amount_in_minus, - &delta)); + TALER_ARL_amount_subtract (&delta, + &rii->details.amount, + &details->amount); + TALER_ARL_amount_add (&total_bad_amount_in_minus, + &total_bad_amount_in_minus, + &delta); } goto cleanup; } @@ -1737,10 +1719,9 @@ history_credit_cb (void *cls, "bank_row", (json_int_t) row_off, "reserve_pub", GNUNET_JSON_from_data_auto ( &rii->details.reserve_pub))); - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&total_missattribution_in, - &total_missattribution_in, - &rii->details.amount)); + TALER_ARL_amount_add (&total_missattribution_in, + &total_missattribution_in, + &rii->details.amount); } if (details->execution_date.abs_value_us != rii->details.execution_date.abs_value_us) @@ -1867,10 +1848,10 @@ reserve_closed_cb (void *cls, (void) cls; rc = GNUNET_new (struct ReserveClosure); - if (GNUNET_SYSERR == - TALER_amount_subtract (&rc->amount, - amount_with_fee, - closing_fee)) + if (TALER_ARL_SR_INVALID_NEGATIVE == + TALER_ARL_amount_subtract_neg (&rc->amount, + amount_with_fee, + closing_fee)) { TALER_ARL_report (report_row_inconsistencies, json_pack ("{s:s, s:I, s:o, s:o, s:o, s:s}", -- cgit v1.2.3