From 0cef479e00a89a6649c747f91aba5208affd30e0 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Tue, 31 May 2016 10:39:11 +0200 Subject: extend test to cover GC --- src/benchmark/taler-exchange-benchmark | Bin 24848 -> 25920 bytes src/exchangedb/plugin_exchangedb_postgres.c | 6 +++ src/exchangedb/test_exchangedb.c | 67 ++++++++++++++++++++++++++-- 3 files changed, 69 insertions(+), 4 deletions(-) (limited to 'src') diff --git a/src/benchmark/taler-exchange-benchmark b/src/benchmark/taler-exchange-benchmark index ae793dc9..ea5f1ce4 100755 Binary files a/src/benchmark/taler-exchange-benchmark and b/src/benchmark/taler-exchange-benchmark differ diff --git a/src/exchangedb/plugin_exchangedb_postgres.c b/src/exchangedb/plugin_exchangedb_postgres.c index 72f85e7b..5fbaa26b 100644 --- a/src/exchangedb/plugin_exchangedb_postgres.c +++ b/src/exchangedb/plugin_exchangedb_postgres.c @@ -4298,6 +4298,12 @@ postgres_gc (void *cls) conn = connect_to_postgres (pc); if (NULL == conn) return GNUNET_SYSERR; + if (GNUNET_OK != + postgres_prepare (conn)) + { + PQfinish (conn); + return GNUNET_SYSERR; + } result = GNUNET_PQ_exec_prepared (conn, "gc_prewire", params_none); diff --git a/src/exchangedb/test_exchangedb.c b/src/exchangedb/test_exchangedb.c index 2dee9a7e..b42fb30f 100644 --- a/src/exchangedb/test_exchangedb.c +++ b/src/exchangedb/test_exchangedb.c @@ -202,11 +202,17 @@ destroy_denom_key_pair (struct DenomKeyPair *dkp) * * @param size the size of the denomination key * @param session the DB session + * @param now time to use for key generation, legal expiration will be 3h later. + * @param fee_withdraw withdraw fee to use + * @param fee_deposit deposit fee to use + * @param fee_refresh refresh fee to use + * @param fee_refund refund fee to use * @return the denominaiton key pair; NULL upon error */ static struct DenomKeyPair * create_denom_key_pair (unsigned int size, struct TALER_EXCHANGEDB_Session *session, + struct GNUNET_TIME_Absolute now, const struct TALER_Amount *value, const struct TALER_Amount *fee_withdraw, const struct TALER_Amount *fee_deposit, @@ -216,7 +222,6 @@ create_denom_key_pair (unsigned int size, struct DenomKeyPair *dkp; struct TALER_EXCHANGEDB_DenominationKeyIssueInformation dki; struct TALER_EXCHANGEDB_DenominationKeyInformationP issue2; - struct GNUNET_TIME_Absolute now; dkp = GNUNET_new (struct DenomKeyPair); dkp->priv.rsa_private_key = GNUNET_CRYPTO_rsa_private_key_create (size); @@ -230,7 +235,6 @@ create_denom_key_pair (unsigned int size, 0, sizeof (struct TALER_EXCHANGEDB_DenominationKeyIssueInformation)); dki.denom_pub = dkp->pub; - now = GNUNET_TIME_absolute_get (); GNUNET_TIME_round_abs (&now); dki.issue.properties.start = GNUNET_TIME_absolute_hton (now); dki.issue.properties.expire_withdraw = GNUNET_TIME_absolute_hton @@ -558,7 +562,7 @@ test_melting (struct TALER_EXCHANGEDB_Session *session) struct TALER_EXCHANGEDB_LinkDataList *ldl; struct TALER_EXCHANGEDB_LinkDataList *ldlp; struct TALER_DenominationSignature ev_sigs[MELT_NEW_COINS]; - unsigned int cnt; + unsigned int cnt; unsigned int i; int ret; @@ -575,6 +579,7 @@ test_melting (struct TALER_EXCHANGEDB_Session *session) /* create a denomination (value: 1; fraction: 100) */ dkp = create_denom_key_pair (512, session, + GNUNET_TIME_absolute_get (), &value, &fee_withdraw, &fee_deposit, @@ -645,6 +650,7 @@ test_melting (struct TALER_EXCHANGEDB_Session *session) { new_dkp[cnt] = create_denom_key_pair (1024, session, + GNUNET_TIME_absolute_get (), &value, &fee_withdraw, &fee_deposit, @@ -974,6 +980,54 @@ deposit_cb (void *cls, } +/** + * Test garbage collection. + * + * @param session DB session to use + * @return #GNUNET_OK on success + */ +static int +test_gc (struct TALER_EXCHANGEDB_Session *session) +{ + struct DenomKeyPair *dkp; + struct GNUNET_TIME_Absolute now; + struct GNUNET_TIME_Absolute past; + struct TALER_EXCHANGEDB_DenominationKeyInformationP issue2; + + now = GNUNET_TIME_absolute_get (); + past = GNUNET_TIME_absolute_subtract (now, + GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_HOURS, + 4)); + dkp = create_denom_key_pair (1024, + session, + past, + &value, + &fee_withdraw, + &fee_deposit, + &fee_refresh, + &fee_refund); + if (GNUNET_OK != + plugin->gc (plugin->cls)) + { + GNUNET_break(0); + destroy_denom_key_pair (dkp); + return GNUNET_SYSERR; + } + if (GNUNET_OK == + plugin->get_denomination_info (plugin->cls, + session, + &dkp->pub, + &issue2)) + { + GNUNET_break(0); + destroy_denom_key_pair (dkp); + return GNUNET_SYSERR; + } + destroy_denom_key_pair (dkp); + return GNUNET_OK; +} + + /** * Main function that will be run by the scheduler. * @@ -1093,7 +1147,9 @@ run (void *cls) value.fraction * 2, value.currency)); result = 5; - dkp = create_denom_key_pair (1024, session, + dkp = create_denom_key_pair (1024, + session, + GNUNET_TIME_absolute_get (), &value, &fee_withdraw, &fee_deposit, @@ -1427,6 +1483,9 @@ run (void *cls) transaction_id_wt, &cb_wtid_check, &cb_wtid_never)); + FAILIF (GNUNET_OK != + test_gc (session)); + result = 0; drop: -- cgit v1.2.3 From 9164edd590b53696f9d2af4cee6fee50775664e7 Mon Sep 17 00:00:00 2001 From: Marcello Stanisci Date: Tue, 31 May 2016 11:05:49 +0200 Subject: linking benchmark using $(top_builddir) instead of -l in Makefile.am --- src/benchmark/Makefile.am | 6 +++--- src/benchmark/taler-exchange-benchmark | Bin 24848 -> 8195 bytes 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/benchmark/Makefile.am b/src/benchmark/Makefile.am index 4deb8172..e92a1394 100644 --- a/src/benchmark/Makefile.am +++ b/src/benchmark/Makefile.am @@ -13,9 +13,9 @@ taler_exchange_benchmark_SOURCES = \ taler-exchange-benchmark.c taler_exchange_benchmark_LDADD = \ $(LIBGCRYPT_LIBS) \ - -ltalerexchange \ - -ltalerjson \ - -ltalerutil \ + $(top_builddir)/src/json/libtalerjson.la \ + $(top_builddir)/src/util/libtalerutil.la \ + $(top_builddir)/src/exchange-lib/libtalerexchange.la \ -lgnunetjson \ -lgnunetcurl \ -lgnunetutil \ diff --git a/src/benchmark/taler-exchange-benchmark b/src/benchmark/taler-exchange-benchmark index ae793dc9..094ecffb 100755 Binary files a/src/benchmark/taler-exchange-benchmark and b/src/benchmark/taler-exchange-benchmark differ -- cgit v1.2.3 From bfd3ce29d166c8a72331a7c970a95022330b45e2 Mon Sep 17 00:00:00 2001 From: Marcello Stanisci Date: Tue, 31 May 2016 11:08:29 +0200 Subject: untracking binary --- src/benchmark/taler-exchange-benchmark | 228 --------------------------------- 1 file changed, 228 deletions(-) delete mode 100755 src/benchmark/taler-exchange-benchmark (limited to 'src') diff --git a/src/benchmark/taler-exchange-benchmark b/src/benchmark/taler-exchange-benchmark deleted file mode 100755 index 094ecffb..00000000 --- a/src/benchmark/taler-exchange-benchmark +++ /dev/null @@ -1,228 +0,0 @@ -#! /bin/bash - -# taler-exchange-benchmark - temporary wrapper script for .libs/taler-exchange-benchmark -# Generated by libtool (GNU libtool) 2.4.2 Debian-2.4.2-1.11 -# -# The taler-exchange-benchmark program cannot be directly executed until all the libtool -# libraries that it depends on are installed. -# -# This wrapper script should never be moved out of the build directory. -# If it is, it will not operate correctly. - -# Sed substitution that helps us do robust quoting. It backslashifies -# metacharacters that are still active within double-quoted strings. -sed_quote_subst='s/\([`"$\\]\)/\\\1/g' - -# Be Bourne compatible -if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then - emulate sh - NULLCMD=: - # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which - # is contrary to our usage. Disable this feature. - alias -g '${1+"$@"}'='"$@"' - setopt NO_GLOB_SUBST -else - case `(set -o) 2>/dev/null` in *posix*) set -o posix;; esac -fi -BIN_SH=xpg4; export BIN_SH # for Tru64 -DUALCASE=1; export DUALCASE # for MKS sh - -# The HP-UX ksh and POSIX shell print the target directory to stdout -# if CDPATH is set. -(unset CDPATH) >/dev/null 2>&1 && unset CDPATH - -relink_command="(cd /home/marcello/exchange/src/benchmark; { test -z \"\${LIBRARY_PATH+set}\" || unset LIBRARY_PATH || { LIBRARY_PATH=; export LIBRARY_PATH; }; }; { test -z \"\${COMPILER_PATH+set}\" || unset COMPILER_PATH || { COMPILER_PATH=; export COMPILER_PATH; }; }; { test -z \"\${GCC_EXEC_PREFIX+set}\" || unset GCC_EXEC_PREFIX || { GCC_EXEC_PREFIX=; export GCC_EXEC_PREFIX; }; }; { test -z \"\${LD_RUN_PATH+set}\" || unset LD_RUN_PATH || { LD_RUN_PATH=; export LD_RUN_PATH; }; }; { test -z \"\${LD_LIBRARY_PATH+set}\" || unset LD_LIBRARY_PATH || { LD_LIBRARY_PATH=; export LD_LIBRARY_PATH; }; }; PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games; export PATH; gcc -Wall -g -O2 -o \$progdir/\$file taler-exchange-benchmark.o -L/home/marcello/local/lib -lgcrypt ../../src/json/.libs/libtalerjson.so ../../src/util/.libs/libtalerutil.so ../../src/exchange-lib/.libs/libtalerexchange.so /home/marcello/local/lib/libgnunetjson.so /home/marcello/local/lib/libgnunetcurl.so /home/marcello/local/lib/libgnunetutil.so -ljansson -pthread -Wl,-rpath -Wl,/home/marcello/exchange/src/json/.libs -Wl,-rpath -Wl,/home/marcello/exchange/src/util/.libs -Wl,-rpath -Wl,/home/marcello/exchange/src/exchange-lib/.libs -Wl,-rpath -Wl,/home/marcello/local/lib -Wl,-rpath -Wl,/home/marcello/local/lib)" - -# This environment variable determines our operation mode. -if test "$libtool_install_magic" = "%%%MAGIC variable%%%"; then - # install mode needs the following variables: - generated_by_libtool_version='2.4.2' - notinst_deplibs=' ../../src/json/libtalerjson.la ../../src/util/libtalerutil.la ../../src/exchange-lib/libtalerexchange.la' -else - # When we are sourced in execute mode, $file and $ECHO are already set. - if test "$libtool_execute_magic" != "%%%MAGIC variable%%%"; then - file="$0" - -# A function that is used when there is no print builtin or printf. -func_fallback_echo () -{ - eval 'cat <<_LTECHO_EOF -$1 -_LTECHO_EOF' -} - ECHO="printf %s\\n" - fi - -# Very basic option parsing. These options are (a) specific to -# the libtool wrapper, (b) are identical between the wrapper -# /script/ and the wrapper /executable/ which is used only on -# windows platforms, and (c) all begin with the string --lt- -# (application programs are unlikely to have options which match -# this pattern). -# -# There are only two supported options: --lt-debug and -# --lt-dump-script. There is, deliberately, no --lt-help. -# -# The first argument to this parsing function should be the -# script's ../../libtool value, followed by no. -lt_option_debug= -func_parse_lt_options () -{ - lt_script_arg0=$0 - shift - for lt_opt - do - case "$lt_opt" in - --lt-debug) lt_option_debug=1 ;; - --lt-dump-script) - lt_dump_D=`$ECHO "X$lt_script_arg0" | /bin/sed -e 's/^X//' -e 's%/[^/]*$%%'` - test "X$lt_dump_D" = "X$lt_script_arg0" && lt_dump_D=. - lt_dump_F=`$ECHO "X$lt_script_arg0" | /bin/sed -e 's/^X//' -e 's%^.*/%%'` - cat "$lt_dump_D/$lt_dump_F" - exit 0 - ;; - --lt-*) - $ECHO "Unrecognized --lt- option: '$lt_opt'" 1>&2 - exit 1 - ;; - esac - done - - # Print the debug banner immediately: - if test -n "$lt_option_debug"; then - echo "taler-exchange-benchmark:taler-exchange-benchmark:${LINENO}: libtool wrapper (GNU libtool) 2.4.2 Debian-2.4.2-1.11" 1>&2 - fi -} - -# Used when --lt-debug. Prints its arguments to stdout -# (redirection is the responsibility of the caller) -func_lt_dump_args () -{ - lt_dump_args_N=1; - for lt_arg - do - $ECHO "taler-exchange-benchmark:taler-exchange-benchmark:${LINENO}: newargv[$lt_dump_args_N]: $lt_arg" - lt_dump_args_N=`expr $lt_dump_args_N + 1` - done -} - -# Core function for launching the target application -func_exec_program_core () -{ - - if test -n "$lt_option_debug"; then - $ECHO "taler-exchange-benchmark:taler-exchange-benchmark:${LINENO}: newargv[0]: $progdir/$program" 1>&2 - func_lt_dump_args ${1+"$@"} 1>&2 - fi - exec "$progdir/$program" ${1+"$@"} - - $ECHO "$0: cannot exec $program $*" 1>&2 - exit 1 -} - -# A function to encapsulate launching the target application -# Strips options in the --lt-* namespace from $@ and -# launches target application with the remaining arguments. -func_exec_program () -{ - case " $* " in - *\ --lt-*) - for lt_wr_arg - do - case $lt_wr_arg in - --lt-*) ;; - *) set x "$@" "$lt_wr_arg"; shift;; - esac - shift - done ;; - esac - func_exec_program_core ${1+"$@"} -} - - # Parse options - func_parse_lt_options "$0" ${1+"$@"} - - # Find the directory that this script lives in. - thisdir=`$ECHO "$file" | /bin/sed 's%/[^/]*$%%'` - test "x$thisdir" = "x$file" && thisdir=. - - # Follow symbolic links until we get to the real thisdir. - file=`ls -ld "$file" | /bin/sed -n 's/.*-> //p'` - while test -n "$file"; do - destdir=`$ECHO "$file" | /bin/sed 's%/[^/]*$%%'` - - # If there was a directory component, then change thisdir. - if test "x$destdir" != "x$file"; then - case "$destdir" in - [\\/]* | [A-Za-z]:[\\/]*) thisdir="$destdir" ;; - *) thisdir="$thisdir/$destdir" ;; - esac - fi - - file=`$ECHO "$file" | /bin/sed 's%^.*/%%'` - file=`ls -ld "$thisdir/$file" | /bin/sed -n 's/.*-> //p'` - done - - # Usually 'no', except on cygwin/mingw when embedded into - # the cwrapper. - WRAPPER_SCRIPT_BELONGS_IN_OBJDIR=no - if test "$WRAPPER_SCRIPT_BELONGS_IN_OBJDIR" = "yes"; then - # special case for '.' - if test "$thisdir" = "."; then - thisdir=`pwd` - fi - # remove .libs from thisdir - case "$thisdir" in - *[\\/].libs ) thisdir=`$ECHO "$thisdir" | /bin/sed 's%[\\/][^\\/]*$%%'` ;; - .libs ) thisdir=. ;; - esac - fi - - # Try to get the absolute directory name. - absdir=`cd "$thisdir" && pwd` - test -n "$absdir" && thisdir="$absdir" - - program=lt-'taler-exchange-benchmark' - progdir="$thisdir/.libs" - - if test ! -f "$progdir/$program" || - { file=`ls -1dt "$progdir/$program" "$progdir/../$program" 2>/dev/null | /bin/sed 1q`; \ - test "X$file" != "X$progdir/$program"; }; then - - file="$$-$program" - - if test ! -d "$progdir"; then - mkdir "$progdir" - else - rm -f "$progdir/$file" - fi - - # relink executable if necessary - if test -n "$relink_command"; then - if relink_command_output=`eval $relink_command 2>&1`; then : - else - printf %s\n "$relink_command_output" >&2 - rm -f "$progdir/$file" - exit 1 - fi - fi - - mv -f "$progdir/$file" "$progdir/$program" 2>/dev/null || - { rm -f "$progdir/$program"; - mv -f "$progdir/$file" "$progdir/$program"; } - rm -f "$progdir/$file" - fi - - if test -f "$progdir/$program"; then - if test "$libtool_execute_magic" != "%%%MAGIC variable%%%"; then - # Run the actual program with our arguments. - func_exec_program ${1+"$@"} - fi - else - # The program doesn't exist. - $ECHO "$0: error: \`$progdir/$program' does not exist" 1>&2 - $ECHO "This script is just a wrapper for $program." 1>&2 - $ECHO "See the libtool documentation for more information." 1>&2 - exit 1 - fi -fi -- cgit v1.2.3 From ce3d7c360b7b0bd5cbdbe93ec86e1cb3c9108ea9 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Tue, 31 May 2016 14:32:06 +0200 Subject: add support for /keys cache control (#4036) --- src/benchmark/taler-exchange-benchmark | Bin 25920 -> 25920 bytes src/exchange-lib/exchange_api_handle.c | 275 ++++++++++++++++++++++---- src/exchange/taler-exchange-httpd_keystate.c | 91 ++++++++- src/exchange/taler-exchange-httpd_responses.c | 7 +- src/include/taler_exchange_service.h | 23 ++- 5 files changed, 336 insertions(+), 60 deletions(-) (limited to 'src') diff --git a/src/benchmark/taler-exchange-benchmark b/src/benchmark/taler-exchange-benchmark index ea5f1ce4..53057a9e 100755 Binary files a/src/benchmark/taler-exchange-benchmark and b/src/benchmark/taler-exchange-benchmark differ diff --git a/src/exchange-lib/exchange_api_handle.c b/src/exchange-lib/exchange_api_handle.c index 6de5ee59..b9104869 100644 --- a/src/exchange-lib/exchange_api_handle.c +++ b/src/exchange-lib/exchange_api_handle.c @@ -108,6 +108,11 @@ struct TALER_EXCHANGE_Handle */ struct TALER_EXCHANGE_Keys key_data; + /** + * When does @e key_data expire? + */ + struct GNUNET_TIME_Absolute key_data_expiration; + /** * Raw key data of the exchange, only valid if * @e handshake_complete is past stage #MHS_CERT. @@ -144,6 +149,12 @@ struct KeysRequest */ struct GNUNET_CURL_Job *job; + /** + * Expiration time according to "Expire:" header. + * 0 if not provided by the server. + */ + struct GNUNET_TIME_Absolute expire; + }; @@ -485,6 +496,7 @@ decode_keys_json (const json_t *resp_obj, struct GNUNET_HashContext *hash_context; struct TALER_ExchangePublicKeyP pub; + memset (key_data, 0, sizeof (struct TALER_EXCHANGE_Keys)); if (JSON_OBJECT != json_typeof (resp_obj)) return GNUNET_SYSERR; @@ -604,6 +616,58 @@ decode_keys_json (const json_t *resp_obj, } +/** + * Free key data object. + * + * @param key_data data to free (pointer itself excluded) + */ +static void +free_key_data (struct TALER_EXCHANGE_Keys *key_data) +{ + unsigned int i; + + GNUNET_array_grow (key_data->sign_keys, + key_data->num_sign_keys, + 0); + for (i=0;inum_denom_keys;i++) + GNUNET_CRYPTO_rsa_public_key_free (key_data->denom_keys[i].key.rsa_public_key); + GNUNET_array_grow (key_data->denom_keys, + key_data->num_denom_keys, + 0); + GNUNET_array_grow (key_data->auditors, + key_data->num_auditors, + 0); +} + + +/** + * Initiate download of /keys from the exchange. + * + * @param exchange where to download /keys from + */ +static void +request_keys (struct TALER_EXCHANGE_Handle *exchange); + + +/** + * Check if our current response for /keys is valid, and if + * not trigger download. + * + * @param exchange exchange to check keys for + * @return until when the response is current, 0 if we are re-downloading + */ +struct GNUNET_TIME_Absolute +TALER_EXCHANGE_check_keys_current (struct TALER_EXCHANGE_Handle *exchange) +{ + if (NULL != exchange->kr) + return GNUNET_TIME_UNIT_ZERO_ABS; + if (0 < GNUNET_TIME_absolute_get_remaining (exchange->key_data_expiration).rel_value_us) + return exchange->key_data_expiration; + request_keys (exchange); + return GNUNET_TIME_UNIT_ZERO_ABS; +} + + /** * Callback used when downloading the reply to a /keys request * is complete. @@ -619,13 +683,16 @@ keys_completed_cb (void *cls, { struct KeysRequest *kr = cls; struct TALER_EXCHANGE_Handle *exchange = kr->exchange; - TALER_EXCHANGE_CertificationCallback cb; + struct TALER_EXCHANGE_Keys kd; + struct TALER_EXCHANGE_Keys kd_old; GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Received keys from URL `%s' with status %ld.\n", kr->url, response_code); - switch (response_code) { + kd_old = exchange->key_data; + switch (response_code) + { case 0: break; case MHD_HTTP_OK: @@ -635,11 +702,14 @@ keys_completed_cb (void *cls, break; } if (GNUNET_OK != - decode_keys_json (resp_obj, &kr->exchange->key_data)) + decode_keys_json (resp_obj, + &kd)) { response_code = 0; break; } + exchange->key_data = kd; + json_decref (exchange->key_data_raw); exchange->key_data_raw = json_deep_copy (resp_obj); break; default: @@ -655,24 +725,25 @@ keys_completed_cb (void *cls, free_keys_request (kr); exchange->state = MHS_FAILED; /* notify application that we failed */ - if (NULL != (cb = exchange->cert_cb)) - { - exchange->cert_cb = NULL; - cb (exchange->cert_cb_cls, - NULL); - } + exchange->cert_cb (exchange->cert_cb_cls, + NULL); + if (NULL != exchange->key_data_raw) + { + json_decref (exchange->key_data_raw); + exchange->key_data_raw = NULL; + } + free_key_data (&kd_old); return; } + exchange->kr = NULL; + exchange->key_data_expiration = kr->expire; free_keys_request (kr); exchange->state = MHS_CERT; /* notify application about the key information */ - if (NULL != (cb = exchange->cert_cb)) - { - exchange->cert_cb = NULL; - cb (exchange->cert_cb_cls, - &exchange->key_data); - } + exchange->cert_cb (exchange->cert_cb_cls, + &exchange->key_data); + free_key_data (&kd_old); } @@ -730,6 +801,108 @@ MAH_path_to_url (struct TALER_EXCHANGE_Handle *h, } +/** + * Parse HTTP timestamp. + * + * @param date header to parse header + * @param at where to write the result + * @return #GNUNET_OK on success + */ +static int +parse_date_string (const char *date, + struct GNUNET_TIME_Absolute *at) +{ + static const char *const days[] = + { "Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat" }; + static const char *const mons[] = + { "Jan", "Feb", "Mar", "Apr", "May", "Jun", + "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" }; + struct tm now; + time_t t; + char day[3]; + char mon[3]; + unsigned int i; + unsigned int mday; + unsigned int year; + unsigned int h; + unsigned int m; + unsigned int s; + + if (7 != sscanf (date, + "%3s, %02u %3s %04u %02u:%02u:%02u GMT", + day, + &mday, + mon, + &year, + &h, + &m, + &s)) + return GNUNET_SYSERR; + memset (&now, 0, sizeof (now)); + now.tm_year = year - 1900; + now.tm_mday = mday; + now.tm_hour = h; + now.tm_min = m; + now.tm_sec = s; + now.tm_wday = 7; + for (i=0;i<7;i++) + if (0 == strcasecmp (days[i], day)) + now.tm_wday = i; + now.tm_mon = 12; + for (i=0;i<12;i++) + if (0 == strcasecmp (mons[i], mon)) + now.tm_mon = i; + if ( (7 == now.tm_mday) || + (12 == now.tm_mon) ) + return GNUNET_SYSERR; + t = mktime (&now); + at->abs_value_us = 1000LL * 1000LL * t; + return GNUNET_OK; +} + + +/** + * Function called for each header in the HTTP /keys response. + * Finds the "Expire:" header and parses it, storing the result + * in the "expire" field fo the keys request. + * + * @param buffer header data received + * @param size size of an item in @a buffer + * @param nitems number of items in @a buffer + * @param userdata the `struct KeysRequest` + * @return `size * nitems` on success (everything else aborts) + */ +static size_t +header_cb (char *buffer, + size_t size, + size_t nitems, + void *userdata) +{ + struct KeysRequest *kr = userdata; + size_t total = size * nitems; + char *val; + + if (total < strlen (MHD_HTTP_HEADER_EXPIRES ": ")) + return total; + if (0 != strncasecmp (MHD_HTTP_HEADER_EXPIRES ": ", + buffer, + strlen (MHD_HTTP_HEADER_EXPIRES ": "))) + return total; + val = GNUNET_strndup (&buffer[strlen (MHD_HTTP_HEADER_EXPIRES ": ")], + total - strlen (MHD_HTTP_HEADER_EXPIRES ": ")); + if (GNUNET_OK != + parse_date_string (val, + &kr->expire)) + { + GNUNET_log (GNUNET_ERROR_TYPE_WARNING, + "Failed to parse %s-header `%s'\n", + MHD_HTTP_HEADER_EXPIRES, + val); + } + GNUNET_free (val); + return total; +} + /* ********************* public API ******************* */ /** @@ -755,40 +928,62 @@ TALER_EXCHANGE_connect (struct GNUNET_CURL_Context *ctx, ...) { struct TALER_EXCHANGE_Handle *exchange; - struct KeysRequest *kr; - CURL *c; exchange = GNUNET_new (struct TALER_EXCHANGE_Handle); exchange->ctx = ctx; exchange->url = GNUNET_strdup (url); exchange->cert_cb = cert_cb; exchange->cert_cb_cls = cert_cb_cls; + request_keys (exchange); + return exchange; +} + + +/** + * Initiate download of /keys from the exchange. + * + * @param exchange where to download /keys from + */ +static void +request_keys (struct TALER_EXCHANGE_Handle *exchange) +{ + struct KeysRequest *kr; + CURL *eh; + + GNUNET_assert (NULL == exchange->kr); kr = GNUNET_new (struct KeysRequest); kr->exchange = exchange; kr->url = MAH_path_to_url (exchange, "/keys"); GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Requesting keys with URL `%s'.\n", kr->url); - c = curl_easy_init (); + eh = curl_easy_init (); GNUNET_assert (CURLE_OK == - curl_easy_setopt (c, + curl_easy_setopt (eh, CURLOPT_VERBOSE, 0)); GNUNET_assert (CURLE_OK == - curl_easy_setopt (c, - CURLOPT_STDERR, - stdout)); + curl_easy_setopt (eh, + CURLOPT_TIMEOUT, + (long) 300)); GNUNET_assert (CURLE_OK == - curl_easy_setopt (c, + curl_easy_setopt (eh, + CURLOPT_HEADERFUNCTION, + &header_cb)); + GNUNET_assert (CURLE_OK == + curl_easy_setopt (eh, + CURLOPT_HEADERDATA, + kr)); + GNUNET_assert (CURLE_OK == + curl_easy_setopt (eh, CURLOPT_URL, kr->url)); kr->job = GNUNET_CURL_job_add (exchange->ctx, - c, + eh, GNUNET_NO, &keys_completed_cb, kr); exchange->kr = kr; - return exchange; } @@ -800,26 +995,18 @@ TALER_EXCHANGE_connect (struct GNUNET_CURL_Context *ctx, void TALER_EXCHANGE_disconnect (struct TALER_EXCHANGE_Handle *exchange) { - unsigned int i; - if (NULL != exchange->kr) { GNUNET_CURL_job_cancel (exchange->kr->job); free_keys_request (exchange->kr); exchange->kr = NULL; } - GNUNET_array_grow (exchange->key_data.sign_keys, - exchange->key_data.num_sign_keys, - 0); - for (i=0;ikey_data.num_denom_keys;i++) - GNUNET_CRYPTO_rsa_public_key_free (exchange->key_data.denom_keys[i].key.rsa_public_key); - GNUNET_array_grow (exchange->key_data.denom_keys, - exchange->key_data.num_denom_keys, - 0); - GNUNET_array_grow (exchange->key_data.auditors, - exchange->key_data.num_auditors, - 0); - json_decref (exchange->key_data_raw); + free_key_data (&exchange->key_data); + if (NULL != exchange->key_data_raw) + { + json_decref (exchange->key_data_raw); + exchange->key_data_raw = NULL; + } GNUNET_free (exchange->url); GNUNET_free (exchange); } @@ -863,7 +1050,7 @@ TALER_EXCHANGE_test_signing_key (const struct TALER_EXCHANGE_Keys *keys, */ const struct TALER_EXCHANGE_DenomPublicKey * TALER_EXCHANGE_get_denomination_key (const struct TALER_EXCHANGE_Keys *keys, - const struct TALER_DenominationPublicKey *pk) + const struct TALER_DenominationPublicKey *pk) { unsigned int i; @@ -884,7 +1071,7 @@ TALER_EXCHANGE_get_denomination_key (const struct TALER_EXCHANGE_Keys *keys, */ const struct TALER_EXCHANGE_DenomPublicKey * TALER_EXCHANGE_get_denomination_key_by_hash (const struct TALER_EXCHANGE_Keys *keys, - const struct GNUNET_HashCode *hc) + const struct GNUNET_HashCode *hc) { unsigned int i; @@ -904,8 +1091,9 @@ TALER_EXCHANGE_get_denomination_key_by_hash (const struct TALER_EXCHANGE_Keys *k * @return the exchange's key set */ const struct TALER_EXCHANGE_Keys * -TALER_EXCHANGE_get_keys (const struct TALER_EXCHANGE_Handle *exchange) +TALER_EXCHANGE_get_keys (struct TALER_EXCHANGE_Handle *exchange) { + (void) TALER_EXCHANGE_check_keys_current (exchange); return &exchange->key_data; } @@ -918,8 +1106,9 @@ TALER_EXCHANGE_get_keys (const struct TALER_EXCHANGE_Handle *exchange) * @return the exchange's keys in raw JSON */ json_t * -TALER_EXCHANGE_get_keys_raw (const struct TALER_EXCHANGE_Handle *exchange) +TALER_EXCHANGE_get_keys_raw (struct TALER_EXCHANGE_Handle *exchange) { + (void) TALER_EXCHANGE_check_keys_current (exchange); return json_deep_copy (exchange->key_data_raw); } diff --git a/src/exchange/taler-exchange-httpd_keystate.c b/src/exchange/taler-exchange-httpd_keystate.c index a71d7676..54dd0937 100644 --- a/src/exchange/taler-exchange-httpd_keystate.c +++ b/src/exchange/taler-exchange-httpd_keystate.c @@ -88,6 +88,11 @@ struct TMH_KS_StateHandle */ struct GNUNET_TIME_Absolute next_reload; + /** + * When does the first active denomination key expire (for deposit)? + */ + struct GNUNET_TIME_Absolute min_dk_expire; + /** * Exchange signing key that should be used currently. */ @@ -217,6 +222,7 @@ reload_keys_denom_iter (void *cls, struct TMH_KS_StateHandle *ctx = cls; struct GNUNET_TIME_Absolute now; struct GNUNET_TIME_Absolute horizon; + struct GNUNET_TIME_Absolute expire_deposit; struct GNUNET_HashCode denom_key_hash; struct TALER_EXCHANGEDB_DenominationKeyIssueInformation *d2; struct TALER_EXCHANGEDB_Session *session; @@ -235,8 +241,8 @@ reload_keys_denom_iter (void *cls, return GNUNET_OK; } now = GNUNET_TIME_absolute_get (); - if (GNUNET_TIME_absolute_ntoh (dki->issue.properties.expire_deposit).abs_value_us < - now.abs_value_us) + expire_deposit = GNUNET_TIME_absolute_ntoh (dki->issue.properties.expire_deposit); + if (expire_deposit.abs_value_us < now.abs_value_us) { GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Skipping expired denomination key `%s'\n", @@ -339,6 +345,8 @@ reload_keys_denom_iter (void *cls, GNUNET_free (d2); return GNUNET_OK; } + ctx->min_dk_expire = GNUNET_TIME_absolute_min (ctx->min_dk_expire, + expire_deposit); json_array_append_new (ctx->denom_keys_array, denom_key_issue_to_json (&dki->denom_pub, &dki->issue)); @@ -643,7 +651,7 @@ TMH_KS_acquire_ (const char *location) { key_state = GNUNET_new (struct TMH_KS_StateHandle); key_state->hash_context = GNUNET_CRYPTO_hash_context_start (); - + key_state->min_dk_expire = GNUNET_TIME_UNIT_FOREVER_ABS; key_state->denom_keys_array = json_array (); GNUNET_assert (NULL != key_state->denom_keys_array); @@ -680,7 +688,6 @@ TMH_KS_acquire_ (const char *location) return NULL; } - ks.purpose.size = htonl (sizeof (ks)); ks.purpose.purpose = htonl (TALER_SIGNATURE_EXCHANGE_KEY_SET); ks.list_issue_date = GNUNET_TIME_absolute_hton (key_state->reload_time); @@ -691,7 +698,9 @@ TMH_KS_acquire_ (const char *location) GNUNET_CRYPTO_eddsa_sign (&key_state->current_sign_key_issue.signkey_priv.eddsa_priv, &ks.purpose, &sig.eddsa_signature)); - key_state->next_reload = GNUNET_TIME_absolute_ntoh (key_state->current_sign_key_issue.issue.expire); + key_state->next_reload = + GNUNET_TIME_absolute_min (GNUNET_TIME_absolute_ntoh (key_state->current_sign_key_issue.issue.expire), + key_state->min_dk_expire); if (0 == key_state->next_reload.abs_value_us) GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No valid signing key found!\n"); @@ -1001,6 +1010,58 @@ TMH_KS_sign (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, } +/** + * Produce HTTP "Date:" header. + * + * @param at time to write to @a date + * @param[out] date where to write the header, with + * at least 128 bytes available space. + */ +static void +get_date_string (struct GNUNET_TIME_Absolute at, + char *date) +{ + static const char *const days[] = + { "Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat" }; + static const char *const mons[] = + { "Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", "Oct", + "Nov", "Dec" + }; + struct tm now; + time_t t; +#if !defined(HAVE_C11_GMTIME_S) && !defined(HAVE_W32_GMTIME_S) && !defined(HAVE_GMTIME_R) + struct tm* pNow; +#endif + + date[0] = 0; + t = (time_t) (at.abs_value_us / 1000LL / 1000LL); +#if defined(HAVE_C11_GMTIME_S) + if (NULL == gmtime_s (&t, &now)) + return; +#elif defined(HAVE_W32_GMTIME_S) + if (0 != gmtime_s (&now, &t)) + return; +#elif defined(HAVE_GMTIME_R) + if (NULL == gmtime_r(&t, &now)) + return; +#else + pNow = gmtime(&t); + if (NULL == pNow) + return; + now = *pNow; +#endif + sprintf (date, + "%3s, %02u %3s %04u %02u:%02u:%02u GMT", + days[now.tm_wday % 7], + (unsigned int) now.tm_mday, + mons[now.tm_mon % 12], + (unsigned int) (1900 + now.tm_year), + (unsigned int) now.tm_hour, + (unsigned int) now.tm_min, + (unsigned int) now.tm_sec); +} + + /** * Function to call to handle the request by sending * back static data from the @a rh. @@ -1022,6 +1083,7 @@ TMH_KS_handler_keys (struct TMH_RequestHandler *rh, struct TMH_KS_StateHandle *key_state; struct MHD_Response *response; int ret; + char dat[128]; key_state = TMH_KS_acquire (); response = MHD_create_response_from_buffer (strlen (key_state->keys_json), @@ -1034,9 +1096,22 @@ TMH_KS_handler_keys (struct TMH_RequestHandler *rh, return MHD_NO; } TMH_RESPONSE_add_global_headers (response); - (void) MHD_add_response_header (response, - "Content-Type", - rh->mime_type); + GNUNET_break (MHD_YES == + MHD_add_response_header (response, + MHD_HTTP_HEADER_CONTENT_TYPE, + rh->mime_type)); + get_date_string (key_state->reload_time, + dat); + GNUNET_break (MHD_YES == + MHD_add_response_header (response, + MHD_HTTP_HEADER_LAST_MODIFIED, + dat)); + get_date_string (key_state->next_reload, + dat); + GNUNET_break (MHD_YES == + MHD_add_response_header (response, + MHD_HTTP_HEADER_EXPIRES, + dat)); ret = MHD_queue_response (connection, rh->response_code, response); diff --git a/src/exchange/taler-exchange-httpd_responses.c b/src/exchange/taler-exchange-httpd_responses.c index aec2ac27..d6d3d3f9 100644 --- a/src/exchange/taler-exchange-httpd_responses.c +++ b/src/exchange/taler-exchange-httpd_responses.c @@ -40,9 +40,10 @@ void TMH_RESPONSE_add_global_headers (struct MHD_Response *response) { if (TMH_exchange_connection_close) - (void) MHD_add_response_header (response, - MHD_HTTP_HEADER_CONNECTION, - "close"); + GNUNET_break (MHD_YES == + MHD_add_response_header (response, + MHD_HTTP_HEADER_CONNECTION, + "close")); } diff --git a/src/include/taler_exchange_service.h b/src/include/taler_exchange_service.h index 1da42b89..e65a9fae 100644 --- a/src/include/taler_exchange_service.h +++ b/src/include/taler_exchange_service.h @@ -220,7 +220,7 @@ struct TALER_EXCHANGE_Keys * * @param cls closure * @param keys information about the various keys used - * by the exchange + * by the exchange, NULL if /keys failed */ typedef void (*TALER_EXCHANGE_CertificationCallback) (void *cls, @@ -244,7 +244,8 @@ struct TALER_EXCHANGE_Handle; * * @param ctx the context * @param url HTTP base URL for the exchange - * @param cert_cb function to call with the exchange's certification information + * @param cert_cb function to call with the exchange's certification information, + * possibly called repeatedly if the information changes * @param cert_cb_cls closure for @a cert_cb * @param ... list of additional arguments, terminated by #TALER_EXCHANGE_OPTION_END. * @return the exchange handle; NULL upon error @@ -273,18 +274,28 @@ TALER_EXCHANGE_disconnect (struct TALER_EXCHANGE_Handle *exchange); * @return the exchange's key set */ const struct TALER_EXCHANGE_Keys * -TALER_EXCHANGE_get_keys (const struct TALER_EXCHANGE_Handle *exchange); +TALER_EXCHANGE_get_keys (struct TALER_EXCHANGE_Handle *exchange); /** - * Obtain the keys from the exchange in the - * raw JSON format + * Check if our current response for /keys is valid, and if + * not, trigger /keys download. + * + * @param exchange exchange to check keys for + * @return until when the response is current, 0 if we are re-downloading + */ +struct GNUNET_TIME_Absolute +TALER_EXCHANGE_check_keys_current (struct TALER_EXCHANGE_Handle *exchange); + + +/** + * Obtain the keys from the exchange in the raw JSON format. * * @param exchange the exchange handle * @return the exchange's keys in raw JSON */ json_t * -TALER_EXCHANGE_get_keys_raw (const struct TALER_EXCHANGE_Handle *exchange); +TALER_EXCHANGE_get_keys_raw (struct TALER_EXCHANGE_Handle *exchange); /** -- cgit v1.2.3