diff options
| author | Christian Grothoff <christian@grothoff.org> | 2021-06-16 23:15:18 +0200 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2021-06-16 23:15:18 +0200 |
| commit | 5a838bfb359b78cbef8ad3fcd1f6dffd13f897d2 (patch) | |
| tree | fb52833e42868d02b245fa15dfbf0a528a9a069c | |
| parent | 0f66ec87f8613795effdf11cc27db7b2f2ba71e4 (diff) | |
| download | merchant-5a838bfb359b78cbef8ad3fcd1f6dffd13f897d2.tar.gz merchant-5a838bfb359b78cbef8ad3fcd1f6dffd13f897d2.tar.bz2 merchant-5a838bfb359b78cbef8ad3fcd1f6dffd13f897d2.zip | |
fix #6904
| -rw-r--r-- | src/backend/taler-merchant-httpd_private-post-orders.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/src/backend/taler-merchant-httpd_private-post-orders.c b/src/backend/taler-merchant-httpd_private-post-orders.c index 6208fdcf..ad7cef4b 100644 --- a/src/backend/taler-merchant-httpd_private-post-orders.c +++ b/src/backend/taler-merchant-httpd_private-post-orders.c @@ -980,7 +980,15 @@ patch_order (struct MHD_Connection *connection, "merchant_pub", GNUNET_JSON_from_data_auto ( &hc->instance->merchant_pub))); - /* FIXME: #6904: transform 'true' in $forgettable into random salts! */ + if (GNUNET_OK != + TALER_JSON_contract_seed_forgettable (order)) + { + return TALER_MHD_reply_with_error ( + connection, + MHD_HTTP_BAD_REQUEST, + TALER_EC_GENERIC_JSON_INVALID, + "could not compute hash of order due to bogus forgettable fields"); + } /* sanity check result */ { struct GNUNET_HashCode hc; |