From 446761b6029298410000181697abef5dbdbd4b57 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Tue, 7 Jun 2022 16:57:12 +0200 Subject: [PATCH] -more minor bugfixes --- src/lib/exchange_api_common.c | 53 +++++++++----------- src/lib/exchange_api_purse_merge.c | 5 +- src/lib/exchange_api_refund.c | 27 +++++++--- src/lib/exchange_api_reserves_history.c | 2 + src/testing/testing_api_cmd_insert_deposit.c | 18 ++++--- 5 files changed, 58 insertions(+), 47 deletions(-) diff --git a/src/lib/exchange_api_common.c b/src/lib/exchange_api_common.c index 79e5a31dd..4b36aa932 100644 --- a/src/lib/exchange_api_common.c +++ b/src/lib/exchange_api_common.c @@ -842,21 +842,17 @@ help_melt (struct CoinHistoryParseContext *pc, return GNUNET_SYSERR; } - if (NULL != pc->dk) + /* check that melt fee matches our expectations from /keys! */ + if ( (GNUNET_YES != + TALER_amount_cmp_currency (&melt_fee, + &pc->dk->fees.refresh)) || + (0 != + TALER_amount_cmp (&melt_fee, + &pc->dk->fees.refresh)) ) { - /* check that melt fee matches our expectations from /keys! */ - if ( (GNUNET_YES != - TALER_amount_cmp_currency (&melt_fee, - &pc->dk->fees.refresh)) || - (0 != - TALER_amount_cmp (&melt_fee, - &pc->dk->fees.refresh)) ) - { - GNUNET_break_op (0); - return GNUNET_SYSERR; - } + GNUNET_break_op (0); + return GNUNET_SYSERR; } - if (GNUNET_OK != TALER_wallet_melt_verify ( amount, @@ -938,26 +934,23 @@ help_refund (struct CoinHistoryParseContext *pc, return GNUNET_SYSERR; } /* NOTE: theoretically, we could also check that the given - merchant_pub and h_contract_terms appear in the - history under deposits. However, there is really no benefit - for the exchange to lie here, so not checking is probably OK - (an auditor ought to check, though). Then again, we similarly - had no reason to check the merchant's signature (other than a - well-formendess check). */ + merchant_pub and h_contract_terms appear in the + history under deposits. However, there is really no benefit + for the exchange to lie here, so not checking is probably OK + (an auditor ought to check, though). Then again, we similarly + had no reason to check the merchant's signature (other than a + well-formendess check). */ /* check that refund fee matches our expectations from /keys! */ - if (NULL != pc->dk) + if ( (GNUNET_YES != + TALER_amount_cmp_currency (&refund_fee, + &pc->dk->fees.refund)) || + (0 != + TALER_amount_cmp (&refund_fee, + &pc->dk->fees.refund)) ) { - if ( (GNUNET_YES != - TALER_amount_cmp_currency (&refund_fee, - &pc->dk->fees.refund)) || - (0 != - TALER_amount_cmp (&refund_fee, - &pc->dk->fees.refund)) ) - { - GNUNET_break_op (0); - return GNUNET_SYSERR; - } + GNUNET_break_op (0); + return GNUNET_SYSERR; } return GNUNET_NO; } diff --git a/src/lib/exchange_api_purse_merge.c b/src/lib/exchange_api_purse_merge.c index 4b65e97f1..6b6c37519 100644 --- a/src/lib/exchange_api_purse_merge.c +++ b/src/lib/exchange_api_purse_merge.c @@ -406,8 +406,9 @@ TALER_EXCHANGE_account_merge ( { struct TALER_Amount zero_purse_fee; - TALER_amount_set_zero (purse_value_after_fees->currency, - &zero_purse_fee); + GNUNET_assert (GNUNET_OK == + TALER_amount_set_zero (purse_value_after_fees->currency, + &zero_purse_fee)); TALER_wallet_account_merge_sign (merge_timestamp, purse_pub, purse_expiration, diff --git a/src/lib/exchange_api_refund.c b/src/lib/exchange_api_refund.c index 09a21883d..b1cd7c843 100644 --- a/src/lib/exchange_api_refund.c +++ b/src/lib/exchange_api_refund.c @@ -1,6 +1,6 @@ /* This file is part of TALER - Copyright (C) 2014-2021 Taler Systems SA + Copyright (C) 2014-2022 Taler Systems SA TALER is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software @@ -445,17 +445,30 @@ verify_conflict_history_ok (struct TALER_EXCHANGE_RefundHandle *rh, { rtotal = rh->refund_amount; } - if (-1 == TALER_amount_cmp (&dtotal, + if ( (have_refund) && (! have_deposit) ) + { + GNUNET_break (0); + GNUNET_JSON_parse_free (spec); + return GNUNET_SYSERR; + } + if (! (have_refund && have_deposit)) + { + /* need both for a refund-deposit conflict proof */ + GNUNET_break (0); + GNUNET_JSON_parse_free (spec); + return GNUNET_SYSERR; + } + if (-1 != TALER_amount_cmp (&dtotal, &rtotal)) { - /* dtotal < rtotal: good! */ + /* rtotal <= dtotal is fine, no conflict! */ + GNUNET_break_op (0); GNUNET_JSON_parse_free (spec); - return GNUNET_OK; + return GNUNET_SYSERR; } - /* this fails to prove a conflict */ - GNUNET_break_op (0); + /* dtotal < rtotal: that's a conflict! */ GNUNET_JSON_parse_free (spec); - return GNUNET_SYSERR; + return GNUNET_OK; } diff --git a/src/lib/exchange_api_reserves_history.c b/src/lib/exchange_api_reserves_history.c index 1d3891c2e..2a0dd5651 100644 --- a/src/lib/exchange_api_reserves_history.c +++ b/src/lib/exchange_api_reserves_history.c @@ -311,6 +311,7 @@ TALER_EXCHANGE_reserves_history ( if (NULL == keys) { GNUNET_break (0); + curl_easy_cleanup (eh); GNUNET_free (rsh->url); GNUNET_free (rsh); return NULL; @@ -320,6 +321,7 @@ TALER_EXCHANGE_reserves_history ( if (NULL == gf) { GNUNET_break_op (0); + curl_easy_cleanup (eh); GNUNET_free (rsh->url); GNUNET_free (rsh); return NULL; diff --git a/src/testing/testing_api_cmd_insert_deposit.c b/src/testing/testing_api_cmd_insert_deposit.c index a82caa730..032ff72dc 100644 --- a/src/testing/testing_api_cmd_insert_deposit.c +++ b/src/testing/testing_api_cmd_insert_deposit.c @@ -164,14 +164,16 @@ insert_deposit_run (void *cls, 0, sizeof (deposit)); - GNUNET_CRYPTO_kdf (&merchant_priv, - sizeof (struct TALER_MerchantPrivateKeyP), - "merchant-priv", - strlen ("merchant-priv"), - ids->merchant_name, - strlen (ids->merchant_name), - NULL, - 0); + GNUNET_assert ( + GNUNET_YES == + GNUNET_CRYPTO_kdf (&merchant_priv, + sizeof (struct TALER_MerchantPrivateKeyP), + "merchant-priv", + strlen ("merchant-priv"), + ids->merchant_name, + strlen (ids->merchant_name), + NULL, + 0)); GNUNET_CRYPTO_eddsa_key_get_public (&merchant_priv.eddsa_priv, &deposit.merchant_pub.eddsa_pub); GNUNET_CRYPTO_hash_create_random (GNUNET_CRYPTO_QUALITY_WEAK,