From 4dea098f54757f618abcfdfd27514bdab281997a Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sat, 23 Feb 2019 14:47:44 +0100 Subject: actually disable 100 continue --- src/exchange/taler-exchange-httpd_keystate.c | 116 ++++++++++++++++++--------- 1 file changed, 78 insertions(+), 38 deletions(-) (limited to 'src/exchange/taler-exchange-httpd_keystate.c') diff --git a/src/exchange/taler-exchange-httpd_keystate.c b/src/exchange/taler-exchange-httpd_keystate.c index 10bff8269..36f464ba8 100644 --- a/src/exchange/taler-exchange-httpd_keystate.c +++ b/src/exchange/taler-exchange-httpd_keystate.c @@ -677,7 +677,6 @@ add_denomination_transaction (void *cls, * @param cls closure with a `struct ResponseFactoryContext *` * @param dki the denomination key issue * @param alias coin alias - * @param revocation_master_sig non-NULL if @a dki was revoked * @return #GNUNET_OK to continue to iterate, * #GNUNET_NO to stop iteration with no error, * #GNUNET_SYSERR to abort iteration with error! @@ -685,8 +684,7 @@ add_denomination_transaction (void *cls, static int reload_keys_denom_iter (void *cls, const char *alias, - const struct TALER_EXCHANGEDB_DenominationKeyIssueInformation *dki, - const struct TALER_MasterSignatureP *revocation_master_sig) + const struct TALER_EXCHANGEDB_DenominationKeyIssueInformation *dki) { struct ResponseFactoryContext *rfc = cls; struct TEH_KS_StateHandle *key_state = rfc->key_state; @@ -719,40 +717,6 @@ reload_keys_denom_iter (void *cls, return GNUNET_OK; } - if (NULL != revocation_master_sig) - { - struct AddRevocationContext arc; - - GNUNET_log (GNUNET_ERROR_TYPE_INFO, - "Adding denomination key `%s' (%s) to revocation set\n", - alias, - GNUNET_h2s (&dki->issue.properties.denom_hash)); - res = store_in_map (key_state->revoked_map, - dki); - if (GNUNET_NO == res) - return GNUNET_OK; - /* Try to insert DKI into DB until we succeed; note that if the DB - failure is persistent, we need to die, as we cannot continue - without the DKI being in the DB). */ - arc.dki = dki; - arc.revocation_master_sig = revocation_master_sig; - if (GNUNET_OK != - TEH_DB_run_transaction (NULL, - "add denomination key revocations", - NULL, - &add_revocations_transaction, - &arc)) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Giving up, this is fatal. Committing suicide via SIGTERM.\n"); - handle_signal (SIGTERM); - return GNUNET_SYSERR; - } - GNUNET_assert (0 == - json_array_append_new (rfc->payback_array, - GNUNET_JSON_from_data_auto (&dki->issue.properties.denom_hash))); - return GNUNET_OK; - } horizon = GNUNET_TIME_relative_to_absolute (TALER_EXCHANGE_conf_duration_provide ()); start = GNUNET_TIME_absolute_ntoh (dki->issue.properties.start); if (start.abs_value_us > horizon.abs_value_us) @@ -793,6 +757,67 @@ reload_keys_denom_iter (void *cls, } +/** + * Iterator for revocation of denomination keys. + * + * @param cls closure with a `struct ResponseFactoryContext *` + * @param denom_hash hash of revoked denomination public key + * @param revocation_master_sig signature showing @a denom_hash was revoked + * @return #GNUNET_OK to continue to iterate, + * #GNUNET_NO to stop iteration with no error, + * #GNUNET_SYSERR to abort iteration with error! + */ +static int +revocations_iter (void *cls, + const struct GNUNET_HashCode *denom_hash, + const struct TALER_MasterSignatureP *revocation_master_sig) +{ + struct ResponseFactoryContext *rfc = cls; + struct TEH_KS_StateHandle *key_state = rfc->key_state; + int res; + struct AddRevocationContext arc; + const struct TALER_EXCHANGEDB_DenominationKeyIssueInformation *dki; + + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "Adding denomination key `%s' to revocation set\n", + GNUNET_h2s (denom_hash)); + dki = GNUNET_CONTAINER_multihashmap_get (key_state->denomkey_map, + denom_hash); + if (NULL == dki) + { + GNUNET_assert (GNUNET_YES == + GNUNET_CONTAINER_multihashmap_remove (key_state->denomkey_map, + denom_hash, + dki)); + res = store_in_map (key_state->revoked_map, + dki); + if (GNUNET_NO == res) + return GNUNET_OK; + } + /* Try to insert DKI into DB until we succeed; note that if the DB + failure is persistent, we need to die, as we cannot continue + without the DKI being in the DB). */ + arc.dki = dki; + arc.revocation_master_sig = revocation_master_sig; + if (GNUNET_OK != + TEH_DB_run_transaction (NULL, + "add denomination key revocations", + NULL, + &add_revocations_transaction, + &arc)) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Giving up, this is fatal. Committing suicide via SIGTERM.\n"); + handle_signal (SIGTERM); + return GNUNET_SYSERR; + } + GNUNET_assert (0 == + json_array_append_new (rfc->payback_array, + GNUNET_JSON_from_data_auto (denom_hash))); + return GNUNET_OK; +} + + /** * Convert the public part of a sign key issue to a JSON object. * @@ -1527,7 +1552,6 @@ make_fresh_key_state () 'rfc.payback_array' */ if (-1 == TALER_EXCHANGEDB_denomination_keys_iterate (TEH_exchange_directory, - &TEH_master_public_key, &reload_keys_denom_iter, &rfc)) { @@ -1540,6 +1564,22 @@ make_fresh_key_state () json_decref (rfc.sign_keys_array); return NULL; } + + if (-1 == + TALER_EXCHANGEDB_revocations_iterate (TEH_revocation_directory, + &TEH_master_public_key, + &revocations_iter, + &rfc)) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Failed to load denomination keys from `%s'.\n", + TEH_exchange_directory); + key_state->refcnt = 1; + ks_release (key_state); + json_decref (rfc.payback_array); + json_decref (rfc.sign_keys_array); + return NULL; + } if (0 == GNUNET_CONTAINER_multihashmap_size (key_state->denomkey_map)) { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, -- cgit v1.2.3