diff options
| author | Christian Grothoff <christian@grothoff.org> | 2015-03-15 16:52:19 +0100 | 
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2015-03-15 16:52:19 +0100 | 
| commit | 92afa4e1db4fc9e4e29f26ca94bd22ccb0963cb5 (patch) | |
| tree | 19f8fb6ce5d93d1bf30256b47565e88d1c2b325c /src/mint | |
| parent | 37a194c0bada3161bd75d765da00d6fb9de3d5f9 (diff) | |
adding filename argument to signkey iterator for better diagnostic messages
Diffstat (limited to 'src/mint')
| -rw-r--r-- | src/mint/key_io.c | 8 | ||||
| -rw-r--r-- | src/mint/key_io.h | 27 | ||||
| -rw-r--r-- | src/mint/taler-mint-httpd_keystate.c | 82 | ||||
| -rw-r--r-- | src/mint/taler-mint-keycheck.c | 5 | 
4 files changed, 77 insertions, 45 deletions
| diff --git a/src/mint/key_io.c b/src/mint/key_io.c index 6b70e980..e02e0f56 100644 --- a/src/mint/key_io.c +++ b/src/mint/key_io.c @@ -55,10 +55,14 @@ signkeys_iterate_dir_iter (void *cls,                                 sizeof (struct TALER_MINT_SignKeyIssuePriv));    if (nread != sizeof (struct TALER_MINT_SignKeyIssuePriv))    { -    GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "Invalid signkey file: '%s'\n", filename); +    GNUNET_log (GNUNET_ERROR_TYPE_WARNING, +                "Invalid signkey file: '%s'\n", +                filename);      return GNUNET_OK;    } -  return skc->it (skc->it_cls, &issue); +  return skc->it (skc->it_cls, +                  filename, +                  &issue);  } diff --git a/src/mint/key_io.h b/src/mint/key_io.h index c9fd5762..bd7f9511 100644 --- a/src/mint/key_io.h +++ b/src/mint/key_io.h @@ -41,13 +41,21 @@   */  struct TALER_MINT_SignKeyIssuePriv  { +  /** +   * FIXME. +   */    struct GNUNET_CRYPTO_EddsaPrivateKey signkey_priv; +  /** +   * FIXME. +   */    struct TALER_MINT_SignKeyIssue issue;  }; - +/** + * FIXME. + */  struct TALER_MINT_DenomKeyIssuePriv  {    /** @@ -56,16 +64,18 @@ struct TALER_MINT_DenomKeyIssuePriv     */    struct GNUNET_CRYPTO_rsa_PrivateKey *denom_priv; +  /** +   * FIXME. +   */    struct TALER_MINT_DenomKeyIssue issue;  }; - -  /**   * Iterator for sign keys.   *   * @param cls closure + * @param filename name of the file the key came from   * @param ski the sign key issue   * @return #GNUNET_OK to continue to iterate,   *  #GNUNET_NO to stop iteration with no error, @@ -73,8 +83,10 @@ struct TALER_MINT_DenomKeyIssuePriv   */  typedef int  (*TALER_MINT_SignkeyIterator)(void *cls, +                              const char *filename,                                const struct TALER_MINT_SignKeyIssuePriv *ski); +  /**   * Iterator for denomination keys.   * @@ -97,7 +109,8 @@ typedef int   */  int  TALER_MINT_signkeys_iterate (const char *mint_base_dir, -                             TALER_MINT_SignkeyIterator it, void *cls); +                             TALER_MINT_SignkeyIterator it, +                             void *it_cls);  /** @@ -105,7 +118,8 @@ TALER_MINT_signkeys_iterate (const char *mint_base_dir,   */  int  TALER_MINT_denomkeys_iterate (const char *mint_base_dir, -                              TALER_MINT_DenomkeyIterator it, void *cls); +                              TALER_MINT_DenomkeyIterator it, +                              void *it_cls);  /** @@ -132,7 +146,4 @@ TALER_MINT_read_denom_key (const char *filename,                             struct TALER_MINT_DenomKeyIssuePriv *dki); - - -  #endif diff --git a/src/mint/taler-mint-httpd_keystate.c b/src/mint/taler-mint-httpd_keystate.c index 4be13a0b..d5872d96 100644 --- a/src/mint/taler-mint-httpd_keystate.c +++ b/src/mint/taler-mint-httpd_keystate.c @@ -141,30 +141,6 @@ denom_key_issue_to_json (const struct TALER_MINT_DenomKeyIssue *dki)  /** - * Convert the public part of a sign key issue to a JSON object. - * - * @param ski the sign key issue - * @return a JSON object describing the sign key isue (public part) - */ -static json_t * -sign_key_issue_to_json (const struct TALER_MINT_SignKeyIssue *ski) -{ -  return -    json_pack ("{s:o, s:o, s:o, s:o}", -               "stamp_start", -               TALER_JSON_from_abs (GNUNET_TIME_absolute_ntoh (ski->start)), -               "stamp_expire", -               TALER_JSON_from_abs (GNUNET_TIME_absolute_ntoh (ski->expire)), -               "master_sig", -               TALER_JSON_from_data (&ski->signature, -                                     sizeof (struct GNUNET_CRYPTO_EddsaSignature)), -               "key", -               TALER_JSON_from_data (&ski->signkey_pub, -                                     sizeof (struct GNUNET_CRYPTO_EddsaPublicKey))); -} - - -/**   * Get the relative time value that describes how   * far in the future do we want to provide coin keys.   * @@ -207,6 +183,7 @@ reload_keys_denom_iter (void *cls,    struct MintKeyState *ctx = cls;    struct GNUNET_TIME_Absolute stamp_provide;    struct GNUNET_HashCode denom_key_hash; +  struct TALER_MINT_DenomKeyIssuePriv *d2;    int res;    stamp_provide = GNUNET_TIME_absolute_add (ctx->reload_time, @@ -214,39 +191,71 @@ reload_keys_denom_iter (void *cls,    if (GNUNET_TIME_absolute_ntoh (dki->issue.expire_spend).abs_value_us < ctx->reload_time.abs_value_us)    { -    // this key is expired +    GNUNET_log (GNUNET_ERROR_TYPE_INFO, +                "Skipping expired denomination key `%s'\n", +                alias);      return GNUNET_OK;    }    if (GNUNET_TIME_absolute_ntoh (dki->issue.start).abs_value_us > stamp_provide.abs_value_us)    { -    // we are to early for this key +    GNUNET_log (GNUNET_ERROR_TYPE_INFO, +                "Skipping future denomination key `%s'\n", +                alias);      return GNUNET_OK;    }    GNUNET_CRYPTO_hash (&dki->issue.denom_pub,                        sizeof (struct GNUNET_CRYPTO_EddsaPublicKey),                        &denom_key_hash); - +  d2 = GNUNET_memdup (dki, +                      sizeof (struct TALER_MINT_DenomKeyIssuePriv));    res = GNUNET_CONTAINER_multihashmap_put (ctx->denomkey_map,                                             &denom_key_hash, -                                           GNUNET_memdup (dki, -                                                          sizeof (struct TALER_MINT_DenomKeyIssuePriv)), +                                           d2,                                             GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY);    if (GNUNET_OK != res) +  {      GNUNET_log (GNUNET_ERROR_TYPE_WARNING, -                "Duplicate denomination key\n"); - +                "Duplicate denomination key `%s'\n", +                alias); +    GNUNET_free (d2); +    return GNUNET_OK; +  }    json_array_append_new (ctx->denom_keys_array,                           denom_key_issue_to_json (&dki->issue)); -    return GNUNET_OK;  }  /** + * Convert the public part of a sign key issue to a JSON object. + * + * @param ski the sign key issue + * @return a JSON object describing the sign key isue (public part) + */ +static json_t * +sign_key_issue_to_json (const struct TALER_MINT_SignKeyIssue *ski) +{ +  return +    json_pack ("{s:o, s:o, s:o, s:o}", +               "stamp_start", +               TALER_JSON_from_abs (GNUNET_TIME_absolute_ntoh (ski->start)), +               "stamp_expire", +               TALER_JSON_from_abs (GNUNET_TIME_absolute_ntoh (ski->expire)), +               "master_sig", +               TALER_JSON_from_data (&ski->signature, +                                     sizeof (struct GNUNET_CRYPTO_EddsaSignature)), +               "key", +               TALER_JSON_from_data (&ski->signkey_pub, +                                     sizeof (struct GNUNET_CRYPTO_EddsaPublicKey))); +} + + +/**   * Iterator for sign keys.   *   * @param cls closure + * @param filename name of the file the key came from   * @param ski the sign key issue   * @return #GNUNET_OK to continue to iterate,   *  #GNUNET_NO to stop iteration with no error, @@ -254,6 +263,7 @@ reload_keys_denom_iter (void *cls,   */  static int  reload_keys_sign_iter (void *cls, +                       const char *filename,                         const struct TALER_MINT_SignKeyIssuePriv *ski)  {    struct MintKeyState *ctx = cls; @@ -264,13 +274,17 @@ reload_keys_sign_iter (void *cls,    if (GNUNET_TIME_absolute_ntoh (ski->issue.expire).abs_value_us < ctx->reload_time.abs_value_us)    { -    // this key is expired +    GNUNET_log (GNUNET_ERROR_TYPE_INFO, +                "Skipping expired signing key `%s'\n", +                filename);      return GNUNET_OK;    }    if (GNUNET_TIME_absolute_ntoh (ski->issue.start).abs_value_us > stamp_provide.abs_value_us)    { -    // we are to early for this key +    GNUNET_log (GNUNET_ERROR_TYPE_INFO, +                "Skipping future signing key `%s'\n", +                filename);      return GNUNET_OK;    } diff --git a/src/mint/taler-mint-keycheck.c b/src/mint/taler-mint-keycheck.c index c934d08f..b8f40c58 100644 --- a/src/mint/taler-mint-keycheck.c +++ b/src/mint/taler-mint-keycheck.c @@ -28,11 +28,14 @@  static char *mintdir; +  static struct GNUNET_CONFIGURATION_Handle *kcfg;  static int -signkeys_iter (void *cls, const struct TALER_MINT_SignKeyIssuePriv *ski) +signkeys_iter (void *cls, +               const char *filename, +               const struct TALER_MINT_SignKeyIssuePriv *ski)  {    struct GNUNET_TIME_Absolute start; | 
