Need to check for revoked keys as well before adding from DB. Fixes ~13838. - exchange - Base system with REST service to issue digital coins, run by the payment service provider

commit 62e8c183902d7d7b7535c247f750aa8a37d6365a
parent 9fb889404ad6f76dd92a7e249e5438148594fcaf
Author: Christian Grothoff <christian@grothoff.org>
Date:   Sun, 17 Feb 2019 14:40:21 +0100

Need to check for revoked keys as well before adding from DB.
Fixes ~13838.

Diffstat:
M src/exchange/taler-exchange-httpd_keystate.c  | 15 ++++++++-------
M src/exchangedb/exchangedb_denomkeys.c  | 1 +

2 files changed, 9 insertions(+), 7 deletions(-)
diff --git a/src/exchange/taler-exchange-httpd_keystate.c b/src/exchange/taler-exchange-httpd_keystate.c
@@ -1457,6 +1457,10 @@ reload_public_denoms_cb (void *cls,
       GNUNET_CONTAINER_multihashmap_get (rfc->key_state->denomkey_map,
                                          &issue->properties.denom_hash))
     return; /* exists / known */
+  if (NULL !=
+      GNUNET_CONTAINER_multihashmap_get (rfc->key_state->revoked_map,
+                                         &issue->properties.denom_hash))
+    return; /* exists / known */
   /* zero-out, just for future-proofing */
   memset (&dki,
           0,
@@ -1548,13 +1552,10 @@ make_fresh_key_state ()
   /* Once we no longer get expired DKIs from
      TALER_EXCHANGEDB_denomination_keys_iterate(),
      we must fetch the information from the database! */
-  if (0 /* #5536 */)
-  {
-    qs = TEH_plugin->iterate_denomination_info (TEH_plugin->cls,
-                                                &reload_public_denoms_cb,
-                                                &rfc);
-    GNUNET_break (0 <= qs); /* warn, but continue, fingers crossed */
-  }
+  qs = TEH_plugin->iterate_denomination_info (TEH_plugin->cls,
+                                              &reload_public_denoms_cb,
+                                              &rfc);
+  GNUNET_break (0 <= qs); /* warn, but continue, fingers crossed */
   /* Initialize `current_sign_key_issue` and `rfc.sign_keys_array` */
   TALER_EXCHANGEDB_signing_keys_iterate (TEH_exchange_directory,
                                          &reload_keys_sign_iter,
diff --git a/src/exchangedb/exchangedb_denomkeys.c b/src/exchangedb/exchangedb_denomkeys.c
@@ -268,6 +268,7 @@ denomkeys_iterate_keydir_iter (void *cls,
   struct TALER_MasterDenominationKeyRevocation rm;
   const struct TALER_MasterSignatureP *revoked;
 
+  /* FIXME: #5536: should move .rev files into DB! */
   if ( (strlen(filename) > strlen (".rev")) &&
        (0 == strcmp (&filename[strlen(filename) - strlen (".rev")],
                      ".rev")) )

	exchange Base system with REST service to issue digital coins, run by the payment service provider
	Log \| Files \| Refs \| Submodules \| README \| LICENSE

M	src/exchange/taler-exchange-httpd_keystate.c	\|	15	++++++++-------
M	src/exchangedb/exchangedb_denomkeys.c	\|	1	+