commit 32af48c0d6c910065d266bb53490f8b0b01bbeb9
parent ac98fa5e3b275ee010e72cd5446a9a03632867ed
Author: Christian Grothoff <christian@grothoff.org>
Date: Sun, 18 Feb 2024 11:27:36 +0100
provide more error details on bad PIN
Diffstat:
5 files changed, 31 insertions(+), 3 deletions(-)
diff --git a/src/challenger/challenger-httpd_solve.c b/src/challenger/challenger-httpd_solve.c
@@ -210,6 +210,8 @@ CH_handler_solve (struct CH_HandlerContext *hc,
char dummy;
enum GNUNET_DB_QueryStatus qs;
bool solved;
+ bool exhausted;
+ bool no_challenge;
if (1 != sscanf (bc->pin,
"%u%c",
@@ -228,6 +230,8 @@ CH_handler_solve (struct CH_HandlerContext *hc,
&bc->nonce,
pin,
&solved,
+ &exhausted,
+ &no_challenge,
&bc->addr_left,
&bc->auth_attempts_left,
&bc->pin_transmissions_left,
@@ -277,6 +281,12 @@ CH_handler_solve (struct CH_HandlerContext *hc,
"Invalid PIN supplied, client has chance to solve it again\n");
details = GNUNET_JSON_PACK (
TALER_JSON_pack_ec (TALER_EC_CHALLENGER_INVALID_PIN),
+ GNUNET_JSON_pack_bool ("exhausted",
+ exhausted),
+ GNUNET_JSON_pack_bool ("no_challenge",
+ no_challenge),
+ GNUNET_JSON_pack_uint64 ("addresses_left",
+ bc->addr_left),
GNUNET_JSON_pack_uint64 ("addresses_left",
bc->addr_left),
GNUNET_JSON_pack_uint64 ("pin_transmissions_left",
diff --git a/src/challengerdb/challenger_do_validate_and_solve_pin.sql b/src/challengerdb/challenger_do_validate_and_solve_pin.sql
@@ -18,6 +18,8 @@ CREATE OR REPLACE FUNCTION challenger_do_validate_and_solve_pin (
IN in_nonce BYTEA,
IN in_new_pin INT4,
OUT out_not_found BOOLEAN,
+ OUT out_exhausted BOOLEAN,
+ OUT out_no_challenge BOOLEAN,
OUT out_solved BOOLEAN,
OUT out_address_attempts_left INT4,
OUT out_auth_attempts_left INT4,
@@ -41,6 +43,8 @@ SELECT auth_attempts_left
IF NOT FOUND
THEN
out_not_found=TRUE;
+ out_no_challenge=TRUE;
+ out_exhausted=FALSE;
out_solved=FALSE;
out_address_attempts_left=0;
out_auth_attempts_left=0;
@@ -56,19 +60,21 @@ out_client_redirect_uri=my_status.client_redirect_uri;
IF (my_status.last_pin IS NULL)
THEN
out_solved=FALSE;
+ out_exhausted=FALSE;
out_auth_attempts_left=0;
- out_client_redirect_uri=NULL;
+ out_no_challenge=TRUE;
RETURN;
END IF;
+out_no_challenge=FALSE;
IF (0 = my_status.auth_attempts_left)
THEN
out_solved=FALSE;
+ out_exhausted=TRUE;
out_auth_attempts_left=0;
- out_client_redirect_uri=NULL;
RETURN;
END IF;
-
+out_exhausted=FALSE;
out_solved = (my_status.last_pin = in_new_pin);
IF NOT out_solved
diff --git a/src/challengerdb/pg_validate_solve_pin.c b/src/challengerdb/pg_validate_solve_pin.c
@@ -31,6 +31,8 @@ CH_PG_validate_solve_pin (void *cls,
const struct CHALLENGER_ValidationNonceP *nonce,
uint32_t new_pin,
bool *solved,
+ bool *exhausted,
+ bool *no_challenge,
uint32_t *addr_left,
uint32_t *auth_attempts_left,
uint32_t *pin_transmissions_left,
@@ -68,6 +70,8 @@ CH_PG_validate_solve_pin (void *cls,
"SELECT "
" out_not_found AS not_found"
",out_solved AS solved"
+ ",out_exhausted AS exhausted"
+ ",out_no_challenge AS no_challenge"
",out_address_attempts_left AS address_attempts_left"
",out_auth_attempts_left AS auth_attempts_left"
",out_pin_transmissions_left AS pin_transmissions_left"
diff --git a/src/challengerdb/pg_validate_solve_pin.h b/src/challengerdb/pg_validate_solve_pin.h
@@ -33,6 +33,8 @@
* @param nonce unique nonce to use to identify the validation
* @param new_pin the PIN the user entered
* @param[out] solved set to true if the PIN was correct
+ * @param[out] exhausted set to true if the number of attempts to enter the correct PIN has been exhausted
+ * @param[out] no_challenge set to true if we never even issued a challenge
* @param[out] addr_left set to number of address changes remaining
* @param[out] auth_attempts_left set to number of authentication attempts remaining
* @param[out] pin_transmissions_left set to number of times the PIN can still be re-requested
@@ -48,6 +50,8 @@ CH_PG_validate_solve_pin (
const struct CHALLENGER_ValidationNonceP *nonce,
uint32_t new_pin,
bool *solved,
+ bool *exhausted,
+ bool *no_challenge,
uint32_t *addr_left,
uint32_t *auth_attempts_left,
uint32_t *pin_transmissions_left,
diff --git a/src/include/challenger_database_plugin.h b/src/include/challenger_database_plugin.h
@@ -289,6 +289,8 @@ struct CHALLENGER_DatabasePlugin
* @param nonce unique nonce to use to identify the validation
* @param new_pin the PIN the user entered
* @param[out] solved set to true if the PIN was correct
+ * @param[out] exhausted set to true if the number of attempts to enter the correct PIN has been exhausted
+ * @param[out] no_challenge set to true if we never even issued a challenge
* @param[out] addr_left set to number of address changes remaining
* @param[out] auth_attempts_left set to number of authentication attempts remaining
* @param[out] pin_transmissions_left set to number of times the PIN can still be re-requested
@@ -303,6 +305,8 @@ struct CHALLENGER_DatabasePlugin
const struct CHALLENGER_ValidationNonceP *nonce,
uint32_t new_pin,
bool *solved,
+ bool *exhausted,
+ bool *no_challenge,
uint32_t *addr_left,
uint32_t *auth_attempts_left,
uint32_t *pin_transmissions_left,
