implement #5114

src/exchange/taler-exchange-httpd_deposit.c

@@ -293,6 +293,30 @@ verify_and_execute_deposit (struct MHD_Connection *connection,
 }
 
 
+/**
+ * Check that @a ts is reasonably close to our own RTC.
+ *
+ * @param ts timestamp to check
+ * @return #GNUNET_OK if @a ts is reasonable
+ */
+static int
+check_timestamp_current (struct GNUNET_TIME_Absolute ts)
+{
+  struct GNUNET_TIME_Relative r;
+  struct GNUNET_TIME_Relative tolerance;
+
+  /* Let's be VERY generous */
+  tolerance = GNUNET_TIME_UNIT_MONTHS;
+  r = GNUNET_TIME_absolute_get_duration (ts);
+  if (r.rel_value_us > tolerance.rel_value_us)
+    return GNUNET_SYSERR;
+  r = GNUNET_TIME_absolute_get_remaining (ts);
+  if (r.rel_value_us > tolerance.rel_value_us)
+    return GNUNET_SYSERR;
+  return GNUNET_OK;
+}
+
+
 /**
  * Handle a "/deposit" request.  Parses the JSON, and, if successful,
  * passes the JSON data to #verify_and_execute_deposit() to further
@@ -380,6 +404,15 @@ TEH_DEPOSIT_handler_deposit (struct TEH_RequestHandler *rh,
     GNUNET_free (emsg);
     return res;
   }
+  if (GNUNET_OK !=
+      check_timestamp_current (deposit.timestamp))
+  {
+    GNUNET_break_op (0);
+    GNUNET_JSON_parse_free (spec);
+    return TEH_RESPONSE_reply_arg_invalid (connection,
+					   TALER_EC_DEPOSIT_INVALID_TIMESTAMP,
+                                           "timestamp");
+  }
   if (GNUNET_OK !=
       TALER_JSON_hash (wire,
                        &my_h_wire))

src/include/taler_error_codes.h

@@ -407,6 +407,11 @@ enum TALER_ErrorCode
    */
   TALER_EC_DEPOSIT_INVALID_WIRE_FORMAT_TYPE_UNSUPPORTED = 1217,
 
+  /**
+   * Timestamp included in deposit permission is intolerably far off
+   * with respect to the clock of the exchange.
+   */
+  TALER_EC_DEPOSIT_INVALID_TIMESTAMP = 1218,
 
   /**
    * The respective coin did not have sufficient residual value