handle (most) TEH_KS_acquire errors

2017-10-06 21:54:55 +02:00 · 2017-10-06 21:54:55 +02:00 · 332a37292c
commit 332a37292c
parent 98b7444a7b
9 changed files with 92 additions and 19 deletions
--- a/src/exchange/taler-exchange-httpd_deposit.c
+++ b/src/exchange/taler-exchange-httpd_deposit.c
@ -255,6 +255,13 @@ verify_and_execute_deposit (struct MHD_Connection *connection,

  /* check denomination */
  mks = TEH_KS_acquire ();
+  if (NULL == mks)
+  {
+    TALER_LOG_ERROR ("Lacking keys to operate\n");
+    return TEH_RESPONSE_reply_internal_error (connection,
+                                              TALER_EC_EXCHANGE_BAD_CONFIGURATION,
+                                              "no keys");
+  }
  dki = TEH_KS_denomination_key_lookup (mks,
                                        &deposit->coin.denom_pub,
 					TEH_KS_DKU_DEPOSIT);
@ -450,6 +457,14 @@ TEH_DEPOSIT_handler_deposit (struct TEH_RequestHandler *rh,

  /* check denomination exists and is valid */
  key_state = TEH_KS_acquire ();
+  if (NULL == key_state)
+  {
+    TALER_LOG_ERROR ("Lacking keys to operate\n");
+    GNUNET_JSON_parse_free (spec);
+    return TEH_RESPONSE_reply_internal_error (connection,
+                                              TALER_EC_EXCHANGE_BAD_CONFIGURATION,
+                                              "no keys");
+  }
  dki = TEH_KS_denomination_key_lookup (key_state,
                                        &deposit.coin.denom_pub,
 					TEH_KS_DKU_DEPOSIT);
--- a/src/exchange/taler-exchange-httpd_keystate.c
+++ b/src/exchange/taler-exchange-httpd_keystate.c
@ -1571,7 +1571,7 @@ TEH_KS_release_ (const char *location,
 * to #TEH_KS_release() must be made.
 *
 * @param location name of the function in which the lock is acquired
- * @return the key state
+ * @return the key state, NULL on error (usually pretty fatal)
 */
 struct TEH_KS_StateHandle *
 TEH_KS_acquire_ (const char *location)
@ -1837,6 +1837,11 @@ read_again:
 /**
 * Sign the message in @a purpose with the exchange's signing key.
 *
+ * FIXME:
+ * - Change API to return status code and do not assert on TEH_KS_acquire()
+ *   failures, instead allow caller to handle it (i.e. by returning
+ *   #TALER_EC_EXCHANGE_BAD_CONFIGURATION to application).
+ *
 * @param purpose the message to sign
 * @param[out] pub set to the current public signing key of the exchange
 * @param[out] sig signature over purpose using current signing key
@ -1850,6 +1855,9 @@ TEH_KS_sign (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
  struct TEH_KS_StateHandle *key_state;

  key_state = TEH_KS_acquire ();
+  GNUNET_assert (NULL != key_state); /* This *can* happen if the exchange's keys are
+                                        not properly maintained, but in this case we
+                                        simply have no good way forward. */
  *pub = key_state->current_sign_key_issue.issue.signkey_pub;
  GNUNET_assert (GNUNET_OK ==
                 GNUNET_CRYPTO_eddsa_sign (&key_state->current_sign_key_issue.signkey_priv.eddsa_priv,
@ -1930,6 +1938,13 @@ TEH_KS_handler_keys (struct TEH_RequestHandler *rh,
    last_issue_date.abs_value_us = 0LLU;
  }
  key_state = TEH_KS_acquire ();
+  if (NULL == key_state)
+  {
+    TALER_LOG_ERROR ("Lacking keys to operate\n");
+    return TEH_RESPONSE_reply_internal_error (connection,
+                                              TALER_EC_EXCHANGE_BAD_CONFIGURATION,
+                                              "no keys");
+  }
  krd = bsearch (&last_issue_date,
                 key_state->krd_array,
                 key_state->krd_array_length,
--- a/src/exchange/taler-exchange-httpd_keystate.h
+++ b/src/exchange/taler-exchange-httpd_keystate.h
@ -42,7 +42,7 @@ struct TEH_KS_StateHandle;
 * to #TEH_KS_release() must be made.
 *
 * @param location name of the function in which the lock is acquired
- * @return the key state
+ * @return the key state, NULL on error (usually pretty fatal)
 */
 struct TEH_KS_StateHandle *
 TEH_KS_acquire_ (const char *location);
--- a/src/exchange/taler-exchange-httpd_payback.c
+++ b/src/exchange/taler-exchange-httpd_payback.c
@ -312,6 +312,13 @@ verify_and_execute_payback (struct MHD_Connection *connection,

  /* check denomination exists and is in payback mode */
  key_state = TEH_KS_acquire ();
+  if (NULL == key_state)
+  {
+    TALER_LOG_ERROR ("Lacking keys to operate\n");
+    return TEH_RESPONSE_reply_internal_error (connection,
+                                              TALER_EC_EXCHANGE_BAD_CONFIGURATION,
+                                              "no keys");
+  }
  dki = TEH_KS_denomination_key_lookup (key_state,
                                        &coin->denom_pub,
 					TEH_KS_DKU_PAYBACK);
--- a/src/exchange/taler-exchange-httpd_refresh_melt.c
+++ b/src/exchange/taler-exchange-httpd_refresh_melt.c
@ -767,6 +767,13 @@ handle_refresh_melt_json (struct MHD_Connection *connection,
  rmc.hash_context = NULL;

  rmc.key_state = TEH_KS_acquire ();
+  if (NULL == rmc.key_state)
+  {
+    TALER_LOG_ERROR ("Lacking keys to operate\n");
+    return TEH_RESPONSE_reply_internal_error (connection,
+                                              TALER_EC_EXCHANGE_BAD_CONFIGURATION,
+                                              "no keys");
+  }
  rmc.dki = TEH_KS_denomination_key_lookup (rmc.key_state,
 					    &rmc.coin_melt_details.coin_info.denom_pub,
 					    TEH_KS_DKU_DEPOSIT);
--- a/src/exchange/taler-exchange-httpd_refresh_reveal.c
+++ b/src/exchange/taler-exchange-httpd_refresh_reveal.c
@ -604,6 +604,12 @@ refresh_reveal_transaction (void *cls,
    struct TEH_KS_StateHandle *key_state;

    key_state = TEH_KS_acquire ();
+    if (NULL == key_state)
+    {
+      TALER_LOG_ERROR ("Lacking keys to operate\n");
+      cleanup_rc (rc);
+      return GNUNET_DB_STATUS_HARD_ERROR;
+    }
    for (unsigned int j=0;j<rc->refresh_session.num_newcoins;j++)
    {
      qs = refresh_exchange_coin (connection,
--- a/src/exchange/taler-exchange-httpd_refund.c
+++ b/src/exchange/taler-exchange-httpd_refund.c
@ -325,6 +325,16 @@ refund_transaction (void *cls,
  // FIXME: do this outside of transaction function?
  /* Check refund fee matches fee of denomination key! */
  mks = TEH_KS_acquire ();
+  if (NULL == mks)
+  {
+    TALER_LOG_ERROR ("Lacking keys to operate\n");
+    TEH_plugin->free_coin_transaction_list (TEH_plugin->cls,
+                                            tl);
+    *mhd_ret = TEH_RESPONSE_reply_internal_error (connection,
+                                                  TALER_EC_EXCHANGE_BAD_CONFIGURATION,
+                                                  "no keys");
+    return GNUNET_DB_STATUS_HARD_ERROR;
+  }
  dki = TEH_KS_denomination_key_lookup (mks,
                                        &dep->coin.denom_pub,
 					TEH_KS_DKU_DEPOSIT);
--- a/src/exchange/taler-exchange-httpd_reserve_withdraw.c
+++ b/src/exchange/taler-exchange-httpd_reserve_withdraw.c
@ -432,6 +432,14 @@ TEH_RESERVE_handler_reserve_withdraw (struct TEH_RequestHandler *rh,
  if (GNUNET_OK != res)
    return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES;
  wc.key_state = TEH_KS_acquire ();
+  if (NULL == wc.key_state)
+  {
+    TALER_LOG_ERROR ("Lacking keys to operate\n");
+    GNUNET_JSON_parse_free (spec);
+    return TEH_RESPONSE_reply_internal_error (connection,
+                                              TALER_EC_EXCHANGE_BAD_CONFIGURATION,
+                                              "no keys");
+  }
  wc.dki = TEH_KS_denomination_key_lookup (wc.key_state,
 					   &wc.denomination_pub,
 					   TEH_KS_DKU_WITHDRAW);
--- a/src/include/taler_error_codes.h
+++ b/src/include/taler_error_codes.h
@ -53,6 +53,11 @@ enum TALER_ErrorCode
   */
  TALER_EC_NOT_IMPLEMENTED = 3,

+  /**
+   * Exchange is badly configured and thus cannot operate.
+   */
+  TALER_EC_EXCHANGE_BAD_CONFIGURATION = 4,
+
  /* ********** generic error codes ************* */

  /**