fix matching of auditor keys/denomination issues so that we return _all_ applicable auditor signatures, instead of a tiny subset
This commit is contained in:
parent
1fae7a4f9e
commit
0f67a9fca2
@ -1,3 +1,7 @@
|
|||||||
|
Tue Oct 17 14:32:46 CEST 2017
|
||||||
|
Fix building of /keys response to include full auditor
|
||||||
|
signature set instead of partial map. -CG
|
||||||
|
|
||||||
Mon Oct 16 12:10:35 CEST 2017
|
Mon Oct 16 12:10:35 CEST 2017
|
||||||
Realize JSON-based report formats from auditor (#4963). -CG
|
Realize JSON-based report formats from auditor (#4963). -CG
|
||||||
|
|
||||||
|
@ -542,7 +542,6 @@ store_in_map (struct GNUNET_CONTAINER_MultiHashMap *map,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Closure for #add_revocations_transaction().
|
* Closure for #add_revocations_transaction().
|
||||||
*/
|
*/
|
||||||
@ -671,8 +670,9 @@ reload_keys_denom_iter (void *cls,
|
|||||||
int res;
|
int res;
|
||||||
|
|
||||||
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
|
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
|
||||||
"Loading denomination key `%s'\n",
|
"Loading denomination key `%s' (%s)\n",
|
||||||
alias);
|
alias,
|
||||||
|
GNUNET_h2s (&dki->issue.properties.denom_hash));
|
||||||
now = GNUNET_TIME_absolute_get ();
|
now = GNUNET_TIME_absolute_get ();
|
||||||
expire_deposit = GNUNET_TIME_absolute_ntoh (dki->issue.properties.expire_deposit);
|
expire_deposit = GNUNET_TIME_absolute_ntoh (dki->issue.properties.expire_deposit);
|
||||||
if (expire_deposit.abs_value_us < now.abs_value_us)
|
if (expire_deposit.abs_value_us < now.abs_value_us)
|
||||||
@ -697,8 +697,9 @@ reload_keys_denom_iter (void *cls,
|
|||||||
struct AddRevocationContext arc;
|
struct AddRevocationContext arc;
|
||||||
|
|
||||||
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
|
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
|
||||||
"Adding denomination key `%s' to revocation set\n",
|
"Adding denomination key `%s' (%s) to revocation set\n",
|
||||||
alias);
|
alias,
|
||||||
|
GNUNET_h2s (&dki->issue.properties.denom_hash));
|
||||||
res = store_in_map (key_state->revoked_map,
|
res = store_in_map (key_state->revoked_map,
|
||||||
dki);
|
dki);
|
||||||
if (GNUNET_NO == res)
|
if (GNUNET_NO == res)
|
||||||
@ -729,8 +730,9 @@ reload_keys_denom_iter (void *cls,
|
|||||||
if (start.abs_value_us > horizon.abs_value_us)
|
if (start.abs_value_us > horizon.abs_value_us)
|
||||||
{
|
{
|
||||||
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
|
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
|
||||||
"Skipping future denomination key `%s' (starts at %s)\n",
|
"Skipping future denomination key `%s' (%s), validity starts at %s\n",
|
||||||
alias,
|
alias,
|
||||||
|
GNUNET_h2s (&dki->issue.properties.denom_hash),
|
||||||
GNUNET_STRINGS_absolute_time_to_string (start));
|
GNUNET_STRINGS_absolute_time_to_string (start));
|
||||||
return GNUNET_OK;
|
return GNUNET_OK;
|
||||||
}
|
}
|
||||||
@ -742,11 +744,16 @@ reload_keys_denom_iter (void *cls,
|
|||||||
(void *) dki))
|
(void *) dki))
|
||||||
{
|
{
|
||||||
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
|
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
|
||||||
"Could not persist denomination key in DB. Committing suicide via SIGTERM.\n");
|
"Could not persist denomination key %s in DB. Committing suicide via SIGTERM.\n",
|
||||||
|
GNUNET_h2s (&dki->issue.properties.denom_hash));
|
||||||
handle_signal (SIGTERM);
|
handle_signal (SIGTERM);
|
||||||
return GNUNET_SYSERR;
|
return GNUNET_SYSERR;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
|
||||||
|
"Adding denomination key `%s' (%s) to active set\n",
|
||||||
|
alias,
|
||||||
|
GNUNET_h2s (&dki->issue.properties.denom_hash));
|
||||||
res = store_in_map (key_state->denomkey_map,
|
res = store_in_map (key_state->denomkey_map,
|
||||||
dki);
|
dki);
|
||||||
if (GNUNET_NO == res)
|
if (GNUNET_NO == res)
|
||||||
@ -892,25 +899,42 @@ reload_auditor_iter (void *cls,
|
|||||||
keys actually match the denomination keys that are active right now */
|
keys actually match the denomination keys that are active right now */
|
||||||
for (unsigned int i=0;i<dki_len;i++)
|
for (unsigned int i=0;i<dki_len;i++)
|
||||||
{
|
{
|
||||||
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
|
int matched;
|
||||||
"Found auditor signature for DK `%s'\n",
|
|
||||||
GNUNET_h2s (&dki[i].denom_hash));
|
|
||||||
if (GNUNET_YES !=
|
if (GNUNET_YES !=
|
||||||
GNUNET_CONTAINER_multihashmap_contains (key_state->denomkey_map,
|
GNUNET_CONTAINER_multihashmap_contains (key_state->denomkey_map,
|
||||||
&dki[i].denom_hash))
|
&dki[i].denom_hash))
|
||||||
|
{
|
||||||
|
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
|
||||||
|
"Found auditor signature for DK `%s', but key is not in active map\n",
|
||||||
|
GNUNET_h2s (&dki[i].denom_hash));
|
||||||
continue;
|
continue;
|
||||||
|
}
|
||||||
|
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
|
||||||
|
"Found auditor signature for DK `%s'\n",
|
||||||
|
GNUNET_h2s (&dki[i].denom_hash));
|
||||||
/* Note: the array is sorted, we could theoretically
|
/* Note: the array is sorted, we could theoretically
|
||||||
speed this up using a binary search. */
|
speed this up using a binary search. */
|
||||||
|
matched = GNUNET_NO;
|
||||||
for (unsigned int j=0;j<rfc->denomkey_array_length;j++)
|
for (unsigned int j=0;j<rfc->denomkey_array_length;j++)
|
||||||
{
|
{
|
||||||
struct DenominationKeyEntry *dke = &rfc->denomkey_array[j];
|
struct DenominationKeyEntry *dke = &rfc->denomkey_array[j];
|
||||||
struct AuditorSignature *as;
|
struct AuditorSignature *as;
|
||||||
|
|
||||||
if (0 !=
|
if (0 !=
|
||||||
memcmp (dki,
|
memcmp (&dki[i].denom_hash,
|
||||||
&dke->dki[i].issue.properties,
|
&dke->dki->issue.properties.denom_hash,
|
||||||
sizeof (struct TALER_DenominationKeyValidityPS)))
|
sizeof (struct GNUNET_HashCode)))
|
||||||
continue;
|
continue;
|
||||||
|
if (0 !=
|
||||||
|
memcmp (&dki[i],
|
||||||
|
&dke->dki->issue.properties,
|
||||||
|
sizeof (struct TALER_DenominationKeyValidityPS)))
|
||||||
|
{
|
||||||
|
/* if the hash is the same, the properties should also match! */
|
||||||
|
GNUNET_break (0);
|
||||||
|
continue;
|
||||||
|
}
|
||||||
as = GNUNET_malloc (sizeof (struct AuditorSignature) +
|
as = GNUNET_malloc (sizeof (struct AuditorSignature) +
|
||||||
strlen (auditor_url) + 1);
|
strlen (auditor_url) + 1);
|
||||||
as->asig = asigs[i];
|
as->asig = asigs[i];
|
||||||
@ -922,6 +946,15 @@ reload_auditor_iter (void *cls,
|
|||||||
GNUNET_CONTAINER_DLL_insert (dke->as_head,
|
GNUNET_CONTAINER_DLL_insert (dke->as_head,
|
||||||
dke->as_tail,
|
dke->as_tail,
|
||||||
as);
|
as);
|
||||||
|
matched = GNUNET_YES;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
if (GNUNET_NO == matched)
|
||||||
|
{
|
||||||
|
GNUNET_break (0);
|
||||||
|
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
|
||||||
|
"DK `%s' is in active map, but not in array!?\n",
|
||||||
|
GNUNET_h2s (&dki[i].denom_hash));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return GNUNET_OK;
|
return GNUNET_OK;
|
||||||
@ -1459,10 +1492,12 @@ make_fresh_key_state ()
|
|||||||
{
|
{
|
||||||
const struct DenominationKeyEntry *dke
|
const struct DenominationKeyEntry *dke
|
||||||
= &rfc.denomkey_array[i];
|
= &rfc.denomkey_array[i];
|
||||||
|
|
||||||
if (NULL == dke->as_head)
|
if (NULL == dke->as_head)
|
||||||
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
|
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
|
||||||
"Denomination key `%s' not signed by any auditor!\n",
|
"Denomination key `%s' at %p not signed by any auditor!\n",
|
||||||
GNUNET_h2s (&dke->denom_key_hash));
|
GNUNET_h2s (&dke->denom_key_hash),
|
||||||
|
dke);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Determine size of `krd_array` by counting number of discrete
|
/* Determine size of `krd_array` by counting number of discrete
|
||||||
|
Loading…
Reference in New Issue
Block a user