[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-exchange] branch master updated: various age restriction fixes, s
|
From: |
gnunet |
|
Subject: |
[taler-exchange] branch master updated: various age restriction fixes, some of them half-baked |
|
Date: |
Tue, 26 Apr 2022 23:10:15 +0200 |
This is an automated email from the git hooks/post-receive script.
dold pushed a commit to branch master
in repository exchange.
The following commit(s) were added to refs/heads/master by this push:
new be536de2 various age restriction fixes, some of them half-baked
be536de2 is described below
commit be536de23c4a6a7f33e05d1f9f658579a470821a
Author: Florian Dold <florian@dold.me>
AuthorDate: Tue Apr 26 23:10:05 2022 +0200
various age restriction fixes, some of them half-baked
---
src/exchange/taler-exchange-httpd.c | 3 +-
src/exchange/taler-exchange-httpd.h | 5 +-
src/exchange/taler-exchange-httpd_extensions.c | 3 -
src/exchange/taler-exchange-httpd_keys.c | 8 +-
.../taler-exchange-httpd_refreshes_reveal.c | 103 +++++++++++----------
src/util/age_restriction.c | 7 ++
src/util/wallet_signatures.c | 1 +
7 files changed, 71 insertions(+), 59 deletions(-)
diff --git a/src/exchange/taler-exchange-httpd.c
b/src/exchange/taler-exchange-httpd.c
index 48c0e534..d84289c2 100644
--- a/src/exchange/taler-exchange-httpd.c
+++ b/src/exchange/taler-exchange-httpd.c
@@ -144,8 +144,7 @@ char *TEH_base_url;
/**
* Age restriction flags and mask
*/
-bool TEH_age_restriction_enabled = false;
-struct TALER_AgeMask TEH_age_mask = {0};
+bool TEH_age_restriction_enabled = true;
/**
* Default timeout in seconds for HTTP requests.
diff --git a/src/exchange/taler-exchange-httpd.h
b/src/exchange/taler-exchange-httpd.h
index deb5b3e0..bb387696 100644
--- a/src/exchange/taler-exchange-httpd.h
+++ b/src/exchange/taler-exchange-httpd.h
@@ -196,7 +196,6 @@ extern char *TEH_currency;
* Age restriction extension state
*/
extern bool TEH_age_restriction_enabled;
-extern struct TALER_AgeMask TEH_age_mask;
/**
* Our (externally visible) base URL.
@@ -310,8 +309,8 @@ struct TEH_RequestHandler
* @return MHD result code
*/
MHD_RESULT
- (*get)(struct TEH_RequestContext *rc,
- const char *const args[]);
+ (*get)(struct TEH_RequestContext *rc,
+ const char *const args[]);
/**
diff --git a/src/exchange/taler-exchange-httpd_extensions.c
b/src/exchange/taler-exchange-httpd_extensions.c
index 71abfece..c9d47052 100644
--- a/src/exchange/taler-exchange-httpd_extensions.c
+++ b/src/exchange/taler-exchange-httpd_extensions.c
@@ -131,11 +131,8 @@ extension_update_event_cb (void *cls,
/* Special case age restriction: Update global flag and mask */
if (TALER_Extension_AgeRestriction == type)
{
- TEH_age_mask.bits = 0;
TEH_age_restriction_enabled =
TALER_extensions_age_restriction_is_enabled ();
- if (TEH_age_restriction_enabled)
- TEH_age_mask = TALER_extensions_age_restriction_ageMask ();
}
}
diff --git a/src/exchange/taler-exchange-httpd_keys.c
b/src/exchange/taler-exchange-httpd_keys.c
index 7aff0903..56fe6412 100644
--- a/src/exchange/taler-exchange-httpd_keys.c
+++ b/src/exchange/taler-exchange-httpd_keys.c
@@ -2060,7 +2060,7 @@ finish_keys_response (struct TEH_KeyStateHandle *ksh)
/* If age restriction is enabled, initialize the array of age restricted
denoms and prepare a hash for them, separate from the others. We will join
those hashes afterwards.*/
- if (TEH_age_restriction_enabled)
+ if (0)
{
age_restricted_denoms = json_array ();
GNUNET_assert (NULL != age_restricted_denoms);
@@ -2146,7 +2146,7 @@ finish_keys_response (struct TEH_KeyStateHandle *ksh)
/* Put the denom into the correct array depending on the settings and
* the properties of the denomination. Also, we build up the right
* hash for the corresponding array. */
- if (TEH_age_restriction_enabled &&
+ if (0 &&
(0 != dk->denom_pub.age_mask.bits))
{
have_age_restricted_denoms = true;
@@ -2180,7 +2180,7 @@ finish_keys_response (struct TEH_KeyStateHandle *ksh)
/* If age restriction is active and we had at least one denomination of
* that sort, we simply add the hash of all age restricted denominations at
* the end of the others. */
- if (TEH_age_restriction_enabled && have_age_restricted_denoms)
+ if (0 && have_age_restricted_denoms)
{
struct GNUNET_HashCode hcr;
GNUNET_CRYPTO_hash_context_finish (hash_context_restricted, &hcr);
@@ -2205,7 +2205,7 @@ finish_keys_response (struct TEH_KeyStateHandle *ksh)
"Failed to generate key response data for %s\n",
GNUNET_TIME_timestamp2s (last_cpd));
json_decref (denoms);
- if (TEH_age_restriction_enabled && NULL != age_restricted_denoms)
+ if (0 && NULL != age_restricted_denoms)
json_decref (age_restricted_denoms);
json_decref (sctx.signkeys);
json_decref (recoup);
diff --git a/src/exchange/taler-exchange-httpd_refreshes_reveal.c
b/src/exchange/taler-exchange-httpd_refreshes_reveal.c
index 8a5d8a80..fbfbf8ac 100644
--- a/src/exchange/taler-exchange-httpd_refreshes_reveal.c
+++ b/src/exchange/taler-exchange-httpd_refreshes_reveal.c
@@ -440,6 +440,7 @@ resolve_refreshes_reveal_denominations (struct
MHD_Connection *connection,
unsigned int num_fresh_coins = json_array_size (new_denoms_h_json);
/* We know num_fresh_coins is bounded by #TALER_MAX_FRESH_COINS, so this is
safe */
const struct TEH_DenominationKey *dks[num_fresh_coins];
+ const struct TEH_DenominationKey *old_dk;
struct TALER_RefreshCoinData rcds[num_fresh_coins];
struct TALER_EXCHANGEDB_RefreshRevealedCoin rrcs[num_fresh_coins];
MHD_RESULT ret;
@@ -460,6 +461,53 @@ resolve_refreshes_reveal_denominations (struct
MHD_Connection *connection,
NULL);
}
+ /* lookup old_coin_pub in database */
+ {
+ enum GNUNET_DB_QueryStatus qs;
+
+ if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT !=
+ (qs = TEH_plugin->get_melt (TEH_plugin->cls,
+ &rctx->rc,
+ &rctx->melt,
+ &melt_serial_id)))
+ {
+ switch (qs)
+ {
+ case GNUNET_DB_STATUS_SUCCESS_NO_RESULTS:
+ ret = TALER_MHD_reply_with_error (connection,
+ MHD_HTTP_NOT_FOUND,
+
TALER_EC_EXCHANGE_REFRESHES_REVEAL_SESSION_UNKNOWN,
+ NULL);
+ break;
+ case GNUNET_DB_STATUS_HARD_ERROR:
+ ret = TALER_MHD_reply_with_error (connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_GENERIC_DB_FETCH_FAILED,
+ "melt");
+ break;
+ case GNUNET_DB_STATUS_SOFT_ERROR:
+ default:
+ GNUNET_break (0); /* should be impossible */
+ ret = TALER_MHD_reply_with_error (connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+
TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE,
+ NULL);
+ break;
+ }
+ goto cleanup;
+ }
+ if (rctx->melt.session.noreveal_index >= TALER_CNC_KAPPA)
+ {
+ GNUNET_break (0);
+ ret = TALER_MHD_reply_with_error (connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_GENERIC_DB_FETCH_FAILED,
+ "melt");
+ goto cleanup;
+ }
+ }
+
+
/* Parse denomination key hashes */
for (unsigned int i = 0; i<num_fresh_coins; i++)
{
@@ -483,6 +531,13 @@ resolve_refreshes_reveal_denominations (struct
MHD_Connection *connection,
&ret);
if (NULL == dks[i])
return ret;
+ old_dk = TEH_keys_denomination_by_hash2 (ksh,
+ &rctx->melt.session.coin.
+ denom_pub_hash,
+ connection,
+ &ret);
+ if (NULL == old_dk)
+ return ret;
if ( (TALER_DENOMINATION_CS == dks[i]->denom_pub.cipher) &&
(rctx->no_rms) )
{
@@ -548,52 +603,6 @@ resolve_refreshes_reveal_denominations (struct
MHD_Connection *connection,
&rrc->coin_envelope_hash);
}
- /* lookup old_coin_pub in database */
- {
- enum GNUNET_DB_QueryStatus qs;
-
- if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT !=
- (qs = TEH_plugin->get_melt (TEH_plugin->cls,
- &rctx->rc,
- &rctx->melt,
- &melt_serial_id)))
- {
- switch (qs)
- {
- case GNUNET_DB_STATUS_SUCCESS_NO_RESULTS:
- ret = TALER_MHD_reply_with_error (connection,
- MHD_HTTP_NOT_FOUND,
-
TALER_EC_EXCHANGE_REFRESHES_REVEAL_SESSION_UNKNOWN,
- NULL);
- break;
- case GNUNET_DB_STATUS_HARD_ERROR:
- ret = TALER_MHD_reply_with_error (connection,
- MHD_HTTP_INTERNAL_SERVER_ERROR,
- TALER_EC_GENERIC_DB_FETCH_FAILED,
- "melt");
- break;
- case GNUNET_DB_STATUS_SOFT_ERROR:
- default:
- GNUNET_break (0); /* should be impossible */
- ret = TALER_MHD_reply_with_error (connection,
- MHD_HTTP_INTERNAL_SERVER_ERROR,
-
TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE,
- NULL);
- break;
- }
- goto cleanup;
- }
- if (rctx->melt.session.noreveal_index >= TALER_CNC_KAPPA)
- {
- GNUNET_break (0);
- ret = TALER_MHD_reply_with_error (connection,
- MHD_HTTP_INTERNAL_SERVER_ERROR,
- TALER_EC_GENERIC_DB_FETCH_FAILED,
- "melt");
- goto cleanup;
- }
- }
-
if (TEH_age_restriction_enabled &&
((NULL == old_age_commitment_json) !=
TALER_AgeCommitmentHash_isNullOrZero (
@@ -619,7 +628,7 @@ resolve_refreshes_reveal_denominations (struct
MHD_Connection *connection,
rctx->old_age_commitment = GNUNET_new (struct TALER_AgeCommitment);
oac = rctx->old_age_commitment;
- oac->mask = TEH_age_mask;
+ oac->mask = old_dk->meta.age_mask;
oac->num = ng;
oac->keys = GNUNET_new_array (ng, struct TALER_AgeCommitmentPublicKeyP);
diff --git a/src/util/age_restriction.c b/src/util/age_restriction.c
index 45ebc03c..e69e7412 100644
--- a/src/util/age_restriction.c
+++ b/src/util/age_restriction.c
@@ -38,6 +38,13 @@ TALER_age_commitment_hash (
return;
}
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ "popcount - 1: %d\n",
+ __builtin_popcount (commitment->mask.bits) - 1);
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ "commitment num: %d\n",
+ commitment->num);
+
GNUNET_assert (__builtin_popcount (commitment->mask.bits) - 1 ==
commitment->num);
diff --git a/src/util/wallet_signatures.c b/src/util/wallet_signatures.c
index ce757b75..85caaca6 100644
--- a/src/util/wallet_signatures.c
+++ b/src/util/wallet_signatures.c
@@ -190,6 +190,7 @@ TALER_wallet_deposit_verify (
amount);
TALER_amount_hton (&dr.deposit_fee,
deposit_fee);
+
if (GNUNET_OK !=
GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_DEPOSIT,
&dr,
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-exchange] branch master updated: various age restriction fixes, some of them half-baked,
gnunet <=