From 1e8d0eb4623bdc1ec2ee6d4edc406085d4c40a7a Mon Sep 17 00:00:00 2001
From: Christian Grothoff <christian@grothoff.org>
Date: Thu, 20 Jul 2017 10:00:42 +0200
Subject: [PATCH] implement #5114

---
 src/exchange/taler-exchange-httpd_deposit.c | 33 +++++++++++++++++++++
 src/include/taler_error_codes.h             |  5 ++++
 2 files changed, 38 insertions(+)

diff --git a/src/exchange/taler-exchange-httpd_deposit.c b/src/exchange/taler-exchange-httpd_deposit.c
index ccbd7754c..0234946d3 100644
--- a/src/exchange/taler-exchange-httpd_deposit.c
+++ b/src/exchange/taler-exchange-httpd_deposit.c
@@ -293,6 +293,30 @@ verify_and_execute_deposit (struct MHD_Connection *connection,
 }
 
 
+/**
+ * Check that @a ts is reasonably close to our own RTC.
+ *
+ * @param ts timestamp to check
+ * @return #GNUNET_OK if @a ts is reasonable
+ */
+static int
+check_timestamp_current (struct GNUNET_TIME_Absolute ts)
+{
+  struct GNUNET_TIME_Relative r;
+  struct GNUNET_TIME_Relative tolerance;
+
+  /* Let's be VERY generous */
+  tolerance = GNUNET_TIME_UNIT_MONTHS;
+  r = GNUNET_TIME_absolute_get_duration (ts);
+  if (r.rel_value_us > tolerance.rel_value_us)
+    return GNUNET_SYSERR;
+  r = GNUNET_TIME_absolute_get_remaining (ts);
+  if (r.rel_value_us > tolerance.rel_value_us)
+    return GNUNET_SYSERR;
+  return GNUNET_OK;
+}
+
+
 /**
  * Handle a "/deposit" request.  Parses the JSON, and, if successful,
  * passes the JSON data to #verify_and_execute_deposit() to further
@@ -380,6 +404,15 @@ TEH_DEPOSIT_handler_deposit (struct TEH_RequestHandler *rh,
     GNUNET_free (emsg);
     return res;
   }
+  if (GNUNET_OK !=
+      check_timestamp_current (deposit.timestamp))
+  {
+    GNUNET_break_op (0);
+    GNUNET_JSON_parse_free (spec);
+    return TEH_RESPONSE_reply_arg_invalid (connection,
+					   TALER_EC_DEPOSIT_INVALID_TIMESTAMP,
+                                           "timestamp");
+  }
   if (GNUNET_OK !=
       TALER_JSON_hash (wire,
                        &my_h_wire))
diff --git a/src/include/taler_error_codes.h b/src/include/taler_error_codes.h
index 907be847b..d1727c7d4 100644
--- a/src/include/taler_error_codes.h
+++ b/src/include/taler_error_codes.h
@@ -407,6 +407,11 @@ enum TALER_ErrorCode
    */
   TALER_EC_DEPOSIT_INVALID_WIRE_FORMAT_TYPE_UNSUPPORTED = 1217,
 
+  /**
+   * Timestamp included in deposit permission is intolerably far off
+   * with respect to the clock of the exchange.
+   */
+  TALER_EC_DEPOSIT_INVALID_TIMESTAMP = 1218,
 
   /**
    * The respective coin did not have sufficient residual value