diff options
Diffstat (limited to 'src/exchange')
| -rw-r--r-- | src/exchange/taler-exchange-httpd.c | 30 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_keys.c | 5 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_management_post_keys.c | 6 |
3 files changed, 40 insertions, 1 deletions
diff --git a/src/exchange/taler-exchange-httpd.c b/src/exchange/taler-exchange-httpd.c index 57c96518..58e9b572 100644 --- a/src/exchange/taler-exchange-httpd.c +++ b/src/exchange/taler-exchange-httpd.c @@ -1003,6 +1003,36 @@ handle_mhd_request (void *cls, "illegal incoming correlation ID\n"); correlation_id = NULL; } + + /* Check if upload is in bounds */ + if (0 == strcasecmp (method, + MHD_HTTP_METHOD_POST)) + { + const char *cl; + + /* Maybe check for maximum upload size + and refuse requests if they are just too big. */ + cl = MHD_lookup_connection_value (connection, + MHD_HEADER_KIND, + MHD_HTTP_HEADER_CONTENT_LENGTH); + if (NULL != cl) + { + unsigned long long cv; + char dummy; + + if (1 != sscanf (cl, + "%llu%c", + &cv, + &dummy)) + { + /* Not valid HTTP request, just close connection. */ + GNUNET_break_op (0); + return MHD_NO; + } + if (cv > TALER_MHD_REQUEST_BUFFER_MAX) + return TALER_MHD_reply_request_too_large (connection); + } + } } GNUNET_async_scope_enter (&rc->async_scope_id, diff --git a/src/exchange/taler-exchange-httpd_keys.c b/src/exchange/taler-exchange-httpd_keys.c index fbca5d65..29d964c6 100644 --- a/src/exchange/taler-exchange-httpd_keys.c +++ b/src/exchange/taler-exchange-httpd_keys.c @@ -1557,7 +1557,7 @@ get_date_string (struct GNUNET_TIME_Absolute at, * @return #GNUNET_OK on success */ static enum GNUNET_GenericReturnValue -setup_general_response_headers (const struct TEH_KeyStateHandle *ksh, +setup_general_response_headers (struct TEH_KeyStateHandle *ksh, struct MHD_Response *response) { char dat[128]; @@ -1590,6 +1590,9 @@ setup_general_response_headers (const struct TEH_KeyStateHandle *ksh, MHD_add_response_header (response, MHD_HTTP_HEADER_EXPIRES, dat)); + ksh->signature_expires + = GNUNET_TIME_absolute_min (m, + ksh->signature_expires); } return GNUNET_OK; } diff --git a/src/exchange/taler-exchange-httpd_management_post_keys.c b/src/exchange/taler-exchange-httpd_management_post_keys.c index ad4cd3c0..f0c3f1f3 100644 --- a/src/exchange/taler-exchange-httpd_management_post_keys.c +++ b/src/exchange/taler-exchange-httpd_management_post_keys.c @@ -367,6 +367,8 @@ TEH_handler_management_post_keys ( TALER_EC_GENERIC_PARAMETER_MALFORMED, "array expected for denom_sigs and signkey_sigs"); } + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "Received /management/keys\n"); akc.nd_sigs = json_array_size (denom_sigs); akc.d_sigs = GNUNET_new_array (akc.nd_sigs, struct DenomSig); @@ -404,6 +406,8 @@ TEH_handler_management_post_keys ( { GNUNET_free (akc.d_sigs); GNUNET_JSON_parse_free (spec); + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Failure to handle /management/keys\n"); return ret; } akc.ns_sigs = json_array_size (signkey_sigs); @@ -440,6 +444,8 @@ TEH_handler_management_post_keys ( } if (! ok) { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Failure to handle /management/keys\n"); GNUNET_free (akc.d_sigs); GNUNET_free (akc.s_sigs); GNUNET_JSON_parse_free (spec); |