From 690019c1758a0cdfd4a1b9ae51cbb9b26d8e5915 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Thu, 17 Sep 2015 14:13:41 +0200 Subject: implement mintdb API for mint to read auditor keys from disk -- and form auditor-sign tool to write them in the right format --- src/mintdb/mintdb_keyio.c | 201 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 201 insertions(+) (limited to 'src/mintdb/mintdb_keyio.c') diff --git a/src/mintdb/mintdb_keyio.c b/src/mintdb/mintdb_keyio.c index 7cf77558..b7cdcf50 100644 --- a/src/mintdb/mintdb_keyio.c +++ b/src/mintdb/mintdb_keyio.c @@ -351,4 +351,205 @@ TALER_MINTDB_denomination_keys_iterate (const char *mint_base_dir, } +/** + * Closure for #auditor_iter() and + */ +struct AuditorIterateContext +{ + + /** + * Function to call with the information for each auditor. + */ + TALER_MINTDB_AuditorIterator it; + + /** + * Closure for @e it. + */ + void *it_cls; +}; + + +GNUNET_NETWORK_STRUCT_BEGIN + +/** + * Header of a file with auditing information. + */ +struct AuditorFileHeaderP +{ + + /** + * Public key of the auditor. + */ + struct TALER_AuditorPublicKeyP apub; + + /** + * Signature from the auditor. + */ + struct TALER_AuditorSignatureP asig; + + /** + * Master public key of the mint the auditor is signing + * information for. + */ + struct TALER_MasterPublicKeyP mpub; + +}; +GNUNET_NETWORK_STRUCT_END + + +/** + * Load the auditor signature and the information signed by the + * auditor and call the callback in @a cls with the information. + * + * @param cls the `struct AuditorIterateContext *` + * @param filename name of a file that should contain + * a denomination key + * @return #GNUNET_OK to continue to iterate + * #GNUNET_NO to abort iteration with success + * #GNUNET_SYSERR to abort iteration with failure + */ +static int +auditor_iter (void *cls, + const char *filename) +{ + struct AuditorIterateContext *aic = cls; + uint64_t size; + struct AuditorFileHeaderP *af; + const struct TALER_DenominationKeyValidityPS *dki; + unsigned int len; + int ret; + + if (GNUNET_OK != GNUNET_DISK_file_size (filename, + &size, + GNUNET_YES, + GNUNET_YES)) + { + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "Skipping inaccessable auditor information file `%s'\n", + filename); + return GNUNET_SYSERR; + } + if ( (size < sizeof (struct AuditorFileHeaderP)) || + (0 != (len = ((size - sizeof (struct AuditorFileHeaderP)) % + sizeof (struct TALER_DenominationKeyValidityPS)))) ) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + af = GNUNET_malloc (size); + if (size != + GNUNET_DISK_fn_read (filename, + af, + size)) + { + GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, + "read", + filename); + GNUNET_free (af); + return GNUNET_SYSERR; + } + dki = (const struct TALER_DenominationKeyValidityPS *) &af[1]; + ret = aic->it (aic->it_cls, + &af->apub, + &af->asig, + &af->mpub, + len, + dki); + GNUNET_free (af); + return ret; +} + + +/** + * Call @a it with information for each auditor found in the @a mint_base_dir. + * + * @param mint_base_dir base directory for the mint, + * the signing keys must be in the #TALER_MINTDB_DIR_DENOMINATION_KEYS + * subdirectory + * @param it function to call with auditor information + * @param it_cls closure for @a it + * @return -1 on error, 0 if no files were found, otherwise + * a positive number (however, even with a positive + * number it is possible that @a it was never called + * as maybe none of the files were well-formed) + */ +int +TALER_MINTDB_auditor_iterate (const char *mint_base_dir, + TALER_MINTDB_AuditorIterator it, + void *it_cls) +{ + char *dir; + struct AuditorIterateContext aic; + int ret; + + GNUNET_asprintf (&dir, + "%s" DIR_SEPARATOR_STR TALER_MINTDB_DIR_AUDITORS, + mint_base_dir); + aic.it = it; + aic.it_cls = it_cls; + ret = GNUNET_DISK_directory_scan (dir, + &auditor_iter, + &aic); + GNUNET_free (dir); + return ret; +} + + +/** + * Write auditor information to the given file. + * + * @param filename the file where to write the auditor information to + * @param apub the auditor's public key + * @param asig the auditor's signature + * @param mpub the mint's public key (as expected by the auditor) + * @param dki_len length of @a dki + * @param dki array of denomination coin data signed by the auditor + * @return #GNUNET_OK upon success; #GNUNET_SYSERR upon failure. + */ +int +TALER_MINTDB_auditor_write (const char *filename, + const struct TALER_AuditorPublicKeyP *apub, + const struct TALER_AuditorSignatureP *asig, + const struct TALER_MasterPublicKeyP *mpub, + unsigned int dki_len, + const struct TALER_DenominationKeyValidityPS *dki) +{ + struct AuditorFileHeaderP af; + struct GNUNET_DISK_FileHandle *fh; + ssize_t wrote; + size_t wsize; + int ret; + int eno; + + af.apub = *apub; + af.asig = *asig; + af.mpub = *mpub; + ret = GNUNET_SYSERR; + if (NULL == (fh = GNUNET_DISK_file_open + (filename, + GNUNET_DISK_OPEN_WRITE | GNUNET_DISK_OPEN_CREATE | GNUNET_DISK_OPEN_TRUNCATE, + GNUNET_DISK_PERM_USER_READ | GNUNET_DISK_PERM_USER_WRITE))) + goto cleanup; + wsize = sizeof (struct AuditorFileHeaderP); + if (GNUNET_SYSERR == (wrote = GNUNET_DISK_file_write (fh, + &af, + wsize))) + goto cleanup; + if (wrote != wsize) + goto cleanup; + wsize = dki_len * sizeof (struct TALER_DenominationKeyValidityPS); + if (wsize == + GNUNET_DISK_file_write (fh, + dki, + wsize)) + ret = GNUNET_OK; + cleanup: + eno = errno; + if (NULL != fh) + (void) GNUNET_DISK_file_close (fh); + errno = eno; + return ret; +} + + /* end of mintdb_keyio.c */ -- cgit v1.2.3 From 37a84c5af7b466bef1d4ca4b18999e8b6ef590f2 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sat, 19 Sep 2015 16:34:27 +0200 Subject: finish implementing #3847 --- src/include/taler_mintdb_lib.h | 14 +++--- src/mint-tools/Makefile.am | 10 ++++- src/mint-tools/taler-auditor-sign.c | 82 ++++++++++++++++++++++-------------- src/mint/taler-mint-httpd_keystate.c | 54 ++++++++++++------------ src/mintdb/mintdb_keyio.c | 25 ++++++----- 5 files changed, 108 insertions(+), 77 deletions(-) (limited to 'src/mintdb/mintdb_keyio.c') diff --git a/src/include/taler_mintdb_lib.h b/src/include/taler_mintdb_lib.h index b7f28cff..7dfef8dc 100644 --- a/src/include/taler_mintdb_lib.h +++ b/src/include/taler_mintdb_lib.h @@ -212,10 +212,10 @@ TALER_MINTDB_denomination_key_read (const char *filename, * * @param cls closure * @param apub the auditor's public key - * @param asig the auditor's signature * @param mpub the mint's public key (as expected by the auditor) - * @param dki_len length of @a dki - * @param dki array of denomination coin data signed by the auditor + * @param dki_len length of @a asig and @a dki arrays + * @param asigs array of the auditor's signatures over the @a dks, of length @a dki_len + * @param dki array of denomination coin data signed by the auditor, of length @a dki_len * @return #GNUNET_OK to continue to iterate, * #GNUNET_NO to stop iteration with no error, * #GNUNET_SYSERR to abort iteration with error! @@ -223,9 +223,9 @@ TALER_MINTDB_denomination_key_read (const char *filename, typedef int (*TALER_MINTDB_AuditorIterator)(void *cls, const struct TALER_AuditorPublicKeyP *apub, - const struct TALER_AuditorSignatureP *asig, const struct TALER_MasterPublicKeyP *mpub, unsigned int dki_len, + const struct TALER_AuditorSignatureP *asigs, const struct TALER_DenominationKeyValidityPS *dki); @@ -253,16 +253,16 @@ TALER_MINTDB_auditor_iterate (const char *mint_base_dir, * * @param filename the file where to write the auditor information to * @param apub the auditor's public key - * @param asig the auditor's signature + * @param asigs the auditor's signatures, array of length @a dki_len * @param mpub the mint's public key (as expected by the auditor) - * @param dki_len length of @a dki + * @param dki_len length of @a dki and @a asigs arrays * @param dki array of denomination coin data signed by the auditor * @return #GNUNET_OK upon success; #GNUNET_SYSERR upon failure. */ int TALER_MINTDB_auditor_write (const char *filename, const struct TALER_AuditorPublicKeyP *apub, - const struct TALER_AuditorSignatureP *asig, + const struct TALER_AuditorSignatureP *asigs, const struct TALER_MasterPublicKeyP *mpub, unsigned int dki_len, const struct TALER_DenominationKeyValidityPS *dki); diff --git a/src/mint-tools/Makefile.am b/src/mint-tools/Makefile.am index a1b1302d..94b8fb39 100644 --- a/src/mint-tools/Makefile.am +++ b/src/mint-tools/Makefile.am @@ -7,6 +7,7 @@ if USE_COVERAGE endif bin_PROGRAMS = \ + taler-auditor-sign \ taler-mint-keyup \ taler-mint-keycheck \ taler-mint-reservemod \ @@ -15,7 +16,6 @@ bin_PROGRAMS = \ taler_mint_keyup_SOURCES = \ taler-mint-keyup.c - taler_mint_keyup_LDADD = \ $(LIBGCRYPT_LIBS) \ $(top_builddir)/src/util/libtalerutil.la \ @@ -24,6 +24,14 @@ taler_mint_keyup_LDADD = \ -lgnunetutil $(XLIB) taler_mint_keyup_LDFLAGS = $(POSTGRESQL_LDFLAGS) +taler_auditor_sign_SOURCES = \ + taler-auditor-sign.c +taler_auditor_sign_LDADD = \ + $(LIBGCRYPT_LIBS) \ + $(top_builddir)/src/util/libtalerutil.la \ + $(top_builddir)/src/mintdb/libtalermintdb.la \ + -lgnunetutil $(XLIB) + taler_mint_sepa_SOURCES = \ taler-mint-sepa.c diff --git a/src/mint-tools/taler-auditor-sign.c b/src/mint-tools/taler-auditor-sign.c index 8d180790..bd37e68d 100644 --- a/src/mint-tools/taler-auditor-sign.c +++ b/src/mint-tools/taler-auditor-sign.c @@ -49,11 +49,6 @@ static char *mint_request_file; */ static char *output_file; -/** - * Handle to the auditor's configuration - */ -static struct GNUNET_CONFIGURATION_Handle *kcfg; - /** * Master public key of the mint. */ @@ -101,16 +96,16 @@ print_dk (const struct TALER_DenominationKeyValidityPS *dk) fprintf (stdout, "Validity start time: %s\n", - GNUNET_TIME_absolute_to_string (GNUNET_TIME_absolute_ntoh (dk->start))); + GNUNET_STRINGS_absolute_time_to_string (GNUNET_TIME_absolute_ntoh (dk->start))); fprintf (stdout, "Withdraw end time: %s\n", - GNUNET_TIME_absolute_to_string (GNUNET_TIME_absolute_ntoh (dk->expire_withdraw))); + GNUNET_STRINGS_absolute_time_to_string (GNUNET_TIME_absolute_ntoh (dk->expire_withdraw))); fprintf (stdout, "Deposit end time: %s\n", - GNUNET_TIME_absolute_to_string (GNUNET_TIME_absolute_ntoh (dk->expire_spend))); + GNUNET_STRINGS_absolute_time_to_string (GNUNET_TIME_absolute_ntoh (dk->expire_spend))); fprintf (stdout, "Legal dispute end time: %s\n", - GNUNET_TIME_absolute_to_string (GNUNET_TIME_absolute_ntoh (dk->expire_legal))); + GNUNET_STRINGS_absolute_time_to_string (GNUNET_TIME_absolute_ntoh (dk->expire_legal))); fprintf (stdout, "\n"); @@ -150,12 +145,12 @@ main (int argc, GNUNET_GETOPT_OPTION_END }; struct GNUNET_CRYPTO_EddsaPrivateKey *eddsa_priv; - struct TALER_AuditorSignatureP sig; + struct TALER_AuditorSignatureP *sigs; struct TALER_AuditorPublicKeyP apub; struct GNUNET_DISK_FileHandle *fh; struct TALER_DenominationKeyValidityPS *dks; unsigned int dks_len; - struct TALER_MintKeyValidityPS *ap; + struct TALER_MintKeyValidityPS kv; off_t in_size; unsigned int i; @@ -187,6 +182,7 @@ main (int argc, { fprintf (stderr, "Mint public key not given\n"); + GNUNET_free (eddsa_priv); return 1; } if (GNUNET_OK != @@ -198,12 +194,14 @@ main (int argc, fprintf (stderr, "Public key `%s' malformed\n", mint_public_key); + GNUNET_free (eddsa_priv); return 1; } if (NULL == mint_request_file) { fprintf (stderr, "Mint signing request not given\n"); + GNUNET_free (eddsa_priv); return 1; } fh = GNUNET_DISK_file_open (mint_request_file, @@ -215,6 +213,7 @@ main (int argc, "Failed to open file `%s': %s\n", mint_request_file, STRERROR (errno)); + GNUNET_free (eddsa_priv); return 1; } if (GNUNET_OK != @@ -226,6 +225,7 @@ main (int argc, mint_request_file, STRERROR (errno)); GNUNET_DISK_file_close (fh); + GNUNET_free (eddsa_priv); return 1; } if (0 != (in_size % sizeof (struct TALER_DenominationKeyValidityPS))) @@ -234,16 +234,17 @@ main (int argc, "Input file size of file `%s' is invalid\n", mint_request_file); GNUNET_DISK_file_close (fh); + GNUNET_free (eddsa_priv); return 1; } dks_len = in_size / sizeof (struct TALER_DenominationKeyValidityPS); - ap = GNUNET_malloc (sizeof (struct TALER_MintKeyValidityPS) + - in_size); - ap.purpose.purpose = htonl (TALER_SIGNATURE_AUDITOR_MINT_KEYS); - ap.purpose.size = htonl (sizeof (struct TALER_MintKeyValidityPS) + - in_size); - ap.master = master_public_key; - dks = (struct TALER_DenominationKeyValidityPS *) &ap[1]; + kv.purpose.purpose = htonl (TALER_SIGNATURE_AUDITOR_MINT_KEYS); + kv.purpose.size = htonl (sizeof (struct TALER_MintKeyValidityPS)); + kv.master = master_public_key; + dks = GNUNET_new_array (dks_len, + struct TALER_DenominationKeyValidityPS); + sigs = GNUNET_new_array (dks_len, + struct TALER_AuditorSignatureP); if (in_size != GNUNET_DISK_file_read (fh, dks, @@ -254,34 +255,51 @@ main (int argc, mint_request_file, STRERROR (errno)); GNUNET_DISK_file_close (fh); - GNUNET_free (ap); + GNUNET_free (sigs); + GNUNET_free (dks); + GNUNET_free (eddsa_priv); return 1; } GNUNET_DISK_file_close (fh); - if (verbose) + for (i=0;istart; + kv.expire_withdraw = dk->expire_withdraw; + kv.expire_spend = dk->expire_spend; + kv.expire_legal = dk->expire_legal; + kv.value = dk->value; + kv.fee_withdraw = dk->fee_withdraw; + kv.fee_deposit = dk->fee_deposit; + kv.fee_refresh = dk->fee_refresh; + kv.denom_hash = dk->denom_hash; + + /* Finally sign ... */ + GNUNET_CRYPTO_eddsa_sign (eddsa_priv, + &kv.purpose, + &sigs[i].eddsa_sig); + + } if (NULL == output_file) { fprintf (stderr, "Output file not given\n"); - GNUNET_free (ap); + GNUNET_free (dks); + GNUNET_free (sigs); + GNUNET_free (eddsa_priv); return 1; } - /* Finally sign ... */ - GNUNET_CRYPTO_eddsa_sign (eddsa_priv, - &ap->purpose, - &sig.eddsa_sig); - /* write result to disk */ if (GNUNET_OK != TALER_MINTDB_auditor_write (output_file, &apub, - &sig, + sigs, &master_public_key, dks_len, dks)) @@ -290,10 +308,12 @@ main (int argc, "Failed to write to file `%s': %s\n", output_file, STRERROR (errno)); - GNUNET_free (ap); + GNUNET_free (sigs); + GNUNET_free (dks); return 1; } - GNUNET_free (ap); + GNUNET_free (sigs); + GNUNET_free (dks); GNUNET_free (eddsa_priv); return 0; } diff --git a/src/mint/taler-mint-httpd_keystate.c b/src/mint/taler-mint-httpd_keystate.c index 608e791b..939d57d0 100644 --- a/src/mint/taler-mint-httpd_keystate.c +++ b/src/mint/taler-mint-httpd_keystate.c @@ -417,16 +417,16 @@ reload_keys_sign_iter (void *cls, * Convert information from an auditor to a JSON object. * * @param apub the auditor's public key - * @param asig the auditor's signature - * @param dki_len length of @a dki + * @param dki_len length of @a dki and @a asigs arrays + * @param asigs the auditor's signatures * @param dki array of denomination coin data signed by the auditor * @return a JSON object describing the auditor information and signature */ static json_t * auditor_to_json (const struct TALER_AuditorPublicKeyP *apub, - const struct TALER_AuditorSignatureP *asig, unsigned int dki_len, - const struct TALER_DenominationKeyValidityPS *dki) + const struct TALER_AuditorSignatureP **asigs, + const struct TALER_DenominationKeyValidityPS **dki) { unsigned int i; json_t *ja; @@ -434,19 +434,19 @@ auditor_to_json (const struct TALER_AuditorPublicKeyP *apub, ja = json_array (); for (i=0;idenom_hash, - sizeof (struct GNUNET_HashCode)))); + TALER_json_from_data (&dki[i]->denom_hash, + sizeof (struct GNUNET_HashCode)), + "auditor_sig", + TALER_json_from_data (asigs[i], + sizeof (struct TALER_AuditorSignatureP)))); return - json_pack ("{s:o, s:o, s:o}", + json_pack ("{s:o, s:o}", "denomination_keys", ja, "auditor_pub", TALER_json_from_data (apub, - sizeof (struct TALER_AuditorPublicKeyP)), - "auditor_sig", - TALER_json_from_data (asig, - sizeof (struct TALER_AuditorSignatureP))); + sizeof (struct TALER_AuditorPublicKeyP))); } @@ -458,9 +458,9 @@ auditor_to_json (const struct TALER_AuditorPublicKeyP *apub, * * @param cls closure with the `struct TMH_KS_StateHandle *` * @param apub the auditor's public key - * @param asig the auditor's signature * @param mpub the mint's public key (as expected by the auditor) - * @param dki_len length of @a dki + * @param dki_len length of @a dki and @a asigs + * @param asigs array with the auditor's signatures, of length @a dki_len * @param dki array of denomination coin data signed by the auditor * @return #GNUNET_OK to continue to iterate, * #GNUNET_NO to stop iteration with no error, @@ -469,14 +469,16 @@ auditor_to_json (const struct TALER_AuditorPublicKeyP *apub, static int reload_auditor_iter (void *cls, const struct TALER_AuditorPublicKeyP *apub, - const struct TALER_AuditorSignatureP *asig, const struct TALER_MasterPublicKeyP *mpub, unsigned int dki_len, + const struct TALER_AuditorSignatureP *asigs, const struct TALER_DenominationKeyValidityPS *dki) { struct TMH_KS_StateHandle *ctx = cls; unsigned int i; - int found; + unsigned int keep; + const struct TALER_AuditorSignatureP *kept_asigs[dki_len]; + const struct TALER_DenominationKeyValidityPS *kept_dkis[dki_len]; /* Check if the signature is at least for this mint. */ if (0 != memcmp (&mpub->eddsa_pub, @@ -487,28 +489,26 @@ reload_auditor_iter (void *cls, "Auditing information provided for a different mint, ignored\n"); return GNUNET_OK; } - /* check if there is an overlap between the set of keys signed by - the auditor and the denomination keys that are active right now */ - found = GNUNET_NO; + /* Filter the auditor information for those for which the + keys actually match the denomination keys that are active right now */ + keep = 0; for (i=0;idenomkey_map, &dki[i].denom_hash)) { - found = GNUNET_YES; - break; + kept_asigs[keep] = &asigs[i]; + kept_dkis[keep] = &dki[i]; + keep++; } } - if (GNUNET_NO == found) - return GNUNET_OK; /* None of the keys are relevant for us right now, - so skip this auditor signature */ /* add auditor information to our /keys response */ json_array_append_new (ctx->auditors_array, auditor_to_json (apub, - asig, - dki_len, - dki)); + keep, + kept_asigs, + kept_dkis)); return GNUNET_OK; } diff --git a/src/mintdb/mintdb_keyio.c b/src/mintdb/mintdb_keyio.c index b7cdcf50..5bfe5bb1 100644 --- a/src/mintdb/mintdb_keyio.c +++ b/src/mintdb/mintdb_keyio.c @@ -382,11 +382,6 @@ struct AuditorFileHeaderP */ struct TALER_AuditorPublicKeyP apub; - /** - * Signature from the auditor. - */ - struct TALER_AuditorSignatureP asig; - /** * Master public key of the mint the auditor is signing * information for. @@ -415,6 +410,7 @@ auditor_iter (void *cls, struct AuditorIterateContext *aic = cls; uint64_t size; struct AuditorFileHeaderP *af; + const struct TALER_AuditorSignatureP *sigs; const struct TALER_DenominationKeyValidityPS *dki; unsigned int len; int ret; @@ -431,7 +427,8 @@ auditor_iter (void *cls, } if ( (size < sizeof (struct AuditorFileHeaderP)) || (0 != (len = ((size - sizeof (struct AuditorFileHeaderP)) % - sizeof (struct TALER_DenominationKeyValidityPS)))) ) + (sizeof (struct TALER_DenominationKeyValidityPS) + + sizeof (struct TALER_AuditorSignatureP))))) ) { GNUNET_break (0); return GNUNET_SYSERR; @@ -448,12 +445,13 @@ auditor_iter (void *cls, GNUNET_free (af); return GNUNET_SYSERR; } - dki = (const struct TALER_DenominationKeyValidityPS *) &af[1]; + sigs = (const struct TALER_AuditorSignatureP *) &af[1]; + dki = (const struct TALER_DenominationKeyValidityPS *) &sigs[len]; ret = aic->it (aic->it_cls, &af->apub, - &af->asig, &af->mpub, len, + sigs, dki); GNUNET_free (af); return ret; @@ -500,7 +498,7 @@ TALER_MINTDB_auditor_iterate (const char *mint_base_dir, * * @param filename the file where to write the auditor information to * @param apub the auditor's public key - * @param asig the auditor's signature + * @param asigs the auditor's signatures, array of length @a dki_len * @param mpub the mint's public key (as expected by the auditor) * @param dki_len length of @a dki * @param dki array of denomination coin data signed by the auditor @@ -509,7 +507,7 @@ TALER_MINTDB_auditor_iterate (const char *mint_base_dir, int TALER_MINTDB_auditor_write (const char *filename, const struct TALER_AuditorPublicKeyP *apub, - const struct TALER_AuditorSignatureP *asig, + const struct TALER_AuditorSignatureP *asigs, const struct TALER_MasterPublicKeyP *mpub, unsigned int dki_len, const struct TALER_DenominationKeyValidityPS *dki) @@ -522,7 +520,6 @@ TALER_MINTDB_auditor_write (const char *filename, int eno; af.apub = *apub; - af.asig = *asig; af.mpub = *mpub; ret = GNUNET_SYSERR; if (NULL == (fh = GNUNET_DISK_file_open @@ -537,6 +534,12 @@ TALER_MINTDB_auditor_write (const char *filename, goto cleanup; if (wrote != wsize) goto cleanup; + wsize = dki_len * sizeof (struct TALER_AuditorSignatureP); + if (wsize == + GNUNET_DISK_file_write (fh, + asigs, + wsize)) + ret = GNUNET_OK; wsize = dki_len * sizeof (struct TALER_DenominationKeyValidityPS); if (wsize == GNUNET_DISK_file_write (fh, -- cgit v1.2.3