From 6e3765d85253867fcc8cb6409ac65d0dd637c479 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Tue, 10 Mar 2020 18:51:08 +0100 Subject: more careful use of TALER_JSON_get_error_code(), limit to cases where we expect to get one --- src/lib/auditor_api_deposit_confirmation.c | 15 ++++++++++++--- src/lib/exchange_api_deposit.c | 18 +++++++++++++++--- src/lib/exchange_api_deposits_get.c | 14 +++++++++++++- src/lib/exchange_api_melt.c | 28 +++++++++++++++++++++++----- src/lib/exchange_api_refund.c | 19 ++++++++++++++++--- 5 files changed, 79 insertions(+), 15 deletions(-) (limited to 'src/lib') diff --git a/src/lib/auditor_api_deposit_confirmation.c b/src/lib/auditor_api_deposit_confirmation.c index ddaf9b7cd..0aa9ff731 100644 --- a/src/lib/auditor_api_deposit_confirmation.c +++ b/src/lib/auditor_api_deposit_confirmation.c @@ -87,43 +87,52 @@ handle_deposit_confirmation_finished (void *cls, { const json_t *json = djson; struct TALER_AUDITOR_DepositConfirmationHandle *dh = cls; + enum TALER_ErrorCode ec; dh->job = NULL; switch (response_code) { case 0: + ec = TALER_EC_INVALID_RESPONSE; break; case MHD_HTTP_OK: + ec = TALER_EC_NONE; break; case MHD_HTTP_BAD_REQUEST: + ec = TALER_JSON_get_error_code (json); /* This should never happen, either us or the auditor is buggy (or API version conflict); just pass JSON reply to the application */ break; case MHD_HTTP_FORBIDDEN: + ec = TALER_JSON_get_error_code (json); /* Nothing really to verify, auditor says one of the signatures is invalid; as we checked them, this should never happen, we should pass the JSON reply to the application */ break; case MHD_HTTP_NOT_FOUND: + ec = TALER_JSON_get_error_code (json); /* Nothing really to verify, this should never happen, we should pass the JSON reply to the application */ break; case MHD_HTTP_INTERNAL_SERVER_ERROR: + ec = TALER_JSON_get_error_code (json); /* Server had an internal issue; we should retry, but this API leaves this to the application */ break; default: /* unexpected response code */ + ec = TALER_JSON_get_error_code (json); GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Unexpected response code %u\n", - (unsigned int) response_code); + "Unexpected response code %u/%d\n", + (unsigned int) response_code, + ec); GNUNET_break (0); response_code = 0; break; } dh->cb (dh->cb_cls, response_code, - TALER_JSON_get_error_code (json), + ec, json); TALER_AUDITOR_deposit_confirmation_cancel (dh); } diff --git a/src/lib/exchange_api_deposit.c b/src/lib/exchange_api_deposit.c index 928a378b2..a47790f95 100644 --- a/src/lib/exchange_api_deposit.c +++ b/src/lib/exchange_api_deposit.c @@ -301,11 +301,13 @@ handle_deposit_finished (void *cls, struct TALER_ExchangeSignatureP *es = NULL; struct TALER_ExchangePublicKeyP *ep = NULL; const json_t *j = response; + enum TALER_ErrorCode ec; dh->job = NULL; switch (response_code) { case 0: + ec = TALER_EC_INVALID_RESPONSE; break; case MHD_HTTP_OK: if (GNUNET_OK != @@ -316,52 +318,62 @@ handle_deposit_finished (void *cls, { GNUNET_break_op (0); response_code = 0; + ec = TALER_EC_DEPOSIT_INVALID_SIGNATURE_BY_EXCHANGE; } else { es = &exchange_sig; ep = &exchange_pub; + ec = TALER_EC_NONE; } break; case MHD_HTTP_BAD_REQUEST: /* This should never happen, either us or the exchange is buggy (or API version conflict); just pass JSON reply to the application */ + ec = TALER_JSON_get_error_code (j); break; case MHD_HTTP_CONFLICT: /* Double spending; check signatures on transaction history */ + ec = TALER_JSON_get_error_code (j); if (GNUNET_OK != verify_deposit_signature_forbidden (dh, j)) { GNUNET_break_op (0); response_code = 0; + ec = TALER_EC_DEPOSIT_INVALID_SIGNATURE_BY_EXCHANGE; } break; case MHD_HTTP_FORBIDDEN: + ec = TALER_JSON_get_error_code (j); /* Nothing really to verify, exchange says one of the signatures is invalid; as we checked them, this should never happen, we should pass the JSON reply to the application */ break; case MHD_HTTP_NOT_FOUND: + ec = TALER_JSON_get_error_code (j); /* Nothing really to verify, this should never happen, we should pass the JSON reply to the application */ break; case MHD_HTTP_INTERNAL_SERVER_ERROR: + ec = TALER_JSON_get_error_code (j); /* Server had an internal issue; we should retry, but this API leaves this to the application */ break; default: /* unexpected response code */ + ec = TALER_JSON_get_error_code (j); GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Unexpected response code %u\n", - (unsigned int) response_code); + "Unexpected response code %u/%d\n", + (unsigned int) response_code, + ec); GNUNET_break (0); response_code = 0; break; } dh->cb (dh->cb_cls, response_code, - TALER_JSON_get_error_code (j), + ec, es, ep, j); diff --git a/src/lib/exchange_api_deposits_get.c b/src/lib/exchange_api_deposits_get.c index bfacd1781..020250134 100644 --- a/src/lib/exchange_api_deposits_get.c +++ b/src/lib/exchange_api_deposits_get.c @@ -151,11 +151,13 @@ handle_deposit_wtid_finished (void *cls, struct TALER_ExchangePublicKeyP exchange_pub; struct TALER_ExchangePublicKeyP *ep = NULL; const json_t *j = response; + enum TALER_ErrorCode ec; dwh->job = NULL; switch (response_code) { case 0: + ec = TALER_EC_INVALID_RESPONSE; break; case MHD_HTTP_OK: { @@ -173,6 +175,7 @@ handle_deposit_wtid_finished (void *cls, { GNUNET_break_op (0); response_code = 0; + ec = TALER_EC_DEPOSITS_INVALID_BODY_BY_EXCHANGE; break; } wtid = &dwh->depconf.wtid; @@ -187,10 +190,12 @@ handle_deposit_wtid_finished (void *cls, { GNUNET_break_op (0); response_code = 0; + ec = TALER_EC_DEPOSITS_INVALID_SIGNATURE_BY_EXCHANGE; } else { ep = &exchange_pub; + ec = TALER_EC_NONE; } } break; @@ -209,24 +214,30 @@ handle_deposit_wtid_finished (void *cls, { GNUNET_break_op (0); response_code = 0; + ec = TALER_EC_DEPOSITS_INVALID_BODY_BY_EXCHANGE; break; } + ec = TALER_EC_NONE; } break; case MHD_HTTP_BAD_REQUEST: + ec = TALER_JSON_get_error_code (j); /* This should never happen, either us or the exchange is buggy (or API version conflict); just pass JSON reply to the application */ break; case MHD_HTTP_FORBIDDEN: + ec = TALER_JSON_get_error_code (j); /* Nothing really to verify, exchange says one of the signatures is invalid; as we checked them, this should never happen, we should pass the JSON reply to the application */ break; case MHD_HTTP_NOT_FOUND: + ec = TALER_JSON_get_error_code (j); /* Exchange does not know about transaction; we should pass the reply to the application */ break; case MHD_HTTP_INTERNAL_SERVER_ERROR: + ec = TALER_JSON_get_error_code (j); /* Server had an internal issue; we should retry, but this API leaves this to the application */ break; @@ -236,12 +247,13 @@ handle_deposit_wtid_finished (void *cls, "Unexpected response code %u\n", (unsigned int) response_code); GNUNET_break (0); + ec = TALER_JSON_get_error_code (j); response_code = 0; break; } dwh->cb (dwh->cb_cls, response_code, - TALER_JSON_get_error_code (j), + ec, ep, j, wtid, diff --git a/src/lib/exchange_api_melt.c b/src/lib/exchange_api_melt.c index 39d9d4e03..621e9e1df 100644 --- a/src/lib/exchange_api_melt.c +++ b/src/lib/exchange_api_melt.c @@ -267,11 +267,13 @@ handle_melt_finished (void *cls, uint32_t noreveal_index = TALER_CNC_KAPPA; /* invalid value */ struct TALER_ExchangePublicKeyP exchange_pub; const json_t *j = response; + enum TALER_ErrorCode ec; mh->job = NULL; switch (response_code) { case 0: + ec = TALER_EC_INVALID_RESPONSE; break; case MHD_HTTP_OK: if (GNUNET_OK != @@ -282,19 +284,27 @@ handle_melt_finished (void *cls, { GNUNET_break_op (0); response_code = 0; + ec = TALER_EC_MELT_INVALID_SIGNATURE_BY_EXCHANGE; + } + else + { + ec = TALER_EC_NONE; } if (NULL != mh->melt_cb) { mh->melt_cb (mh->melt_cb_cls, response_code, - TALER_JSON_get_error_code (j), + ec, noreveal_index, - (0 == response_code) ? NULL : &exchange_pub, + (0 == response_code) + ? NULL + : &exchange_pub, j); mh->melt_cb = NULL; } break; case MHD_HTTP_BAD_REQUEST: + ec = TALER_JSON_get_error_code (j); /* This should never happen, either us or the exchange is buggy (or API version conflict); just pass JSON reply to the application */ break; @@ -306,26 +316,34 @@ handle_melt_finished (void *cls, { GNUNET_break_op (0); response_code = 0; + ec = TALER_EC_MELT_INVALID_SIGNATURE_BY_EXCHANGE; } + else + ec = TALER_EC_NONE; break; case MHD_HTTP_FORBIDDEN: + ec = TALER_JSON_get_error_code (j); /* Nothing really to verify, exchange says one of the signatures is invalid; assuming we checked them, this should never happen, we should pass the JSON reply to the application */ break; case MHD_HTTP_NOT_FOUND: + ec = TALER_JSON_get_error_code (j); /* Nothing really to verify, this should never happen, we should pass the JSON reply to the application */ break; case MHD_HTTP_INTERNAL_SERVER_ERROR: + ec = TALER_JSON_get_error_code (j); /* Server had an internal issue; we should retry, but this API leaves this to the application */ break; default: /* unexpected response code */ + ec = TALER_JSON_get_error_code (j); GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Unexpected response code %u\n", - (unsigned int) response_code); + "Unexpected response code %u/%d\n", + (unsigned int) response_code, + ec); GNUNET_break (0); response_code = 0; break; @@ -333,7 +351,7 @@ handle_melt_finished (void *cls, if (NULL != mh->melt_cb) mh->melt_cb (mh->melt_cb_cls, response_code, - TALER_JSON_get_error_code (j), + ec, UINT32_MAX, NULL, j); diff --git a/src/lib/exchange_api_refund.c b/src/lib/exchange_api_refund.c index d14481e7b..826c39b17 100644 --- a/src/lib/exchange_api_refund.c +++ b/src/lib/exchange_api_refund.c @@ -145,11 +145,13 @@ handle_refund_finished (void *cls, struct TALER_ExchangePublicKeyP exchange_pub; struct TALER_ExchangePublicKeyP *ep = NULL; const json_t *j = response; + enum TALER_ErrorCode ec; rh->job = NULL; switch (response_code) { case 0: + ec = TALER_EC_INVALID_RESPONSE; break; case MHD_HTTP_OK: if (GNUNET_OK != @@ -159,53 +161,64 @@ handle_refund_finished (void *cls, { GNUNET_break_op (0); response_code = 0; + ec = TALER_EC_REFUND_INVALID_SIGNATURE_BY_EXCHANGE; } else { ep = &exchange_pub; + ec = TALER_EC_NONE; } break; case MHD_HTTP_BAD_REQUEST: /* This should never happen, either us or the exchange is buggy (or API version conflict); just pass JSON reply to the application */ + ec = TALER_JSON_get_error_code (j); break; case MHD_HTTP_FORBIDDEN: /* Nothing really to verify, exchange says one of the signatures is invalid; as we checked them, this should never happen, we should pass the JSON reply to the application */ + ec = TALER_JSON_get_error_code (j); break; case MHD_HTTP_NOT_FOUND: /* Nothing really to verify, this should never happen, we should pass the JSON reply to the application */ + ec = TALER_JSON_get_error_code (j); break; case MHD_HTTP_GONE: /* Kind of normal: the money was already sent to the merchant (it was too late for the refund). */ + ec = TALER_JSON_get_error_code (j); break; case MHD_HTTP_PRECONDITION_FAILED: /* Client request was inconsistent; might be a currency mismatch problem. */ + ec = TALER_JSON_get_error_code (j); break; case MHD_HTTP_CONFLICT: /* Two refund requests were made about the same deposit, but carrying different refund transaction ids. */ + ec = TALER_JSON_get_error_code (j); break; case MHD_HTTP_INTERNAL_SERVER_ERROR: /* Server had an internal issue; we should retry, but this API leaves this to the application */ + ec = TALER_JSON_get_error_code (j); break; default: /* unexpected response code */ + ec = TALER_JSON_get_error_code (j); GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Unexpected response code %u\n", - (unsigned int) response_code); + "Unexpected response code %u/%d\n", + (unsigned int) response_code, + ec); GNUNET_break (0); response_code = 0; break; } rh->cb (rh->cb_cls, response_code, - TALER_JSON_get_error_code (j), + ec, ep, j); TALER_EXCHANGE_refund_cancel (rh); -- cgit v1.2.3