From cc5d09cf1d28e31ca8eca054b7da2c3873e2efe7 Mon Sep 17 00:00:00 2001
From: Christian Grothoff <christian@grothoff.org>
Date: Sat, 7 Oct 2017 15:10:24 +0200
Subject: properly handle signing errors if httpd lacks signing keys by
 returning internal errors (and handling new return value from TEH_KS_sign)

---
 src/exchange/taler-exchange-httpd_refund.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

(limited to 'src/exchange/taler-exchange-httpd_refund.c')

diff --git a/src/exchange/taler-exchange-httpd_refund.c b/src/exchange/taler-exchange-httpd_refund.c
index 46c6dfd46..f0aaa65c0 100644
--- a/src/exchange/taler-exchange-httpd_refund.c
+++ b/src/exchange/taler-exchange-httpd_refund.c
@@ -61,9 +61,15 @@ reply_refund_success (struct MHD_Connection *connection,
                      &refund->refund_amount);
   TALER_amount_hton (&rc.refund_fee,
                      &refund->refund_fee);
-  TEH_KS_sign (&rc.purpose,
-               &pub,
-               &sig);
+  if (GNUNET_OK !=
+      TEH_KS_sign (&rc.purpose,
+		   &pub,
+		   &sig))
+  {
+    return TEH_RESPONSE_reply_internal_error (connection,
+                                              TALER_EC_EXCHANGE_BAD_CONFIGURATION,
+                                              "no keys");
+  }
   return TEH_RESPONSE_reply_json_pack (connection,
                                        MHD_HTTP_OK,
                                        "{s:s, s:o, s:o}",
-- 
cgit v1.2.3