taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

-checkpoint

Browse Source
This commit is contained in:
Christian Grothoff 2021-11-17 20:38:21 +01:00
parent f76888378c
commit e51e60cfb4
No known key found for this signature in database
GPG Key ID: 939E6BE1E29FC3CC
2 changed files with 408 additions and 654 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

395
src/util/crypto_helper_denom.c
View File

@ -1,6 +1,6 @@
/* /*
This file is part of TALER This file is part of TALER
Copyright (C) 2020 Taler Systems SA Copyright (C) 2020, 2021 Taler Systems SA
TALER is free software; you can redistribute it and/or modify it under the TALER is free software; you can redistribute it and/or modify it under the
terms of the GNU General Public License as published by the Free Software terms of the GNU General Public License as published by the Free Software
@ -20,10 +20,10 @@
*/ */
#include "platform.h" #include "platform.h"
#include "taler_util.h" #include "taler_util.h"
#include "taler_extensions.h"
#include "taler_signatures.h" #include "taler_signatures.h"
#include "taler-exchange-secmod-rsa.h" #include "taler-exchange-secmod-rsa.h"
#include <poll.h> #include <poll.h>
#include "crypto_helper_common.h"
struct TALER_CRYPTO_DenominationHelper struct TALER_CRYPTO_DenominationHelper
@ -44,16 +44,6 @@ struct TALER_CRYPTO_DenominationHelper
*/ */
struct sockaddr_un sa; struct sockaddr_un sa;
/**
* Socket address of this process.
*/
struct sockaddr_un my_sa;
/**
* Template for @e my_sa.
*/
char *template;
/** /**
* The UNIX domain socket, -1 if we are currently not connected. * The UNIX domain socket, -1 if we are currently not connected.
*/ */
@ -63,11 +53,6 @@ struct TALER_CRYPTO_DenominationHelper
* Have we ever been sync'ed? * Have we ever been sync'ed?
*/ */
bool synced; bool synced;
/**
* Age Mask that applies to this denomination.
*/
struct TALER_AgeMask age_mask;
}; };
@ -81,10 +66,6 @@ static void
do_disconnect (struct TALER_CRYPTO_DenominationHelper *dh) do_disconnect (struct TALER_CRYPTO_DenominationHelper *dh)
{ {
GNUNET_break (0 == close (dh->sock)); GNUNET_break (0 == close (dh->sock));
if (0 != unlink (dh->my_sa.sun_path))
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
"unlink",
dh->my_sa.sun_path);
dh->sock = -1; dh->sock = -1;
dh->synced = false; dh->synced = false;
} }
@ -95,106 +76,34 @@ do_disconnect (struct TALER_CRYPTO_DenominationHelper *dh)
* @e sock field in @a dh. * @e sock field in @a dh.
* *
* @param[in,out] dh handle to establish connection for * @param[in,out] dh handle to establish connection for
* @return #GNUNET_OK on success
*/ */
static void static enum GNUNET_GenericReturnValue
try_connect (struct TALER_CRYPTO_DenominationHelper *dh) try_connect (struct TALER_CRYPTO_DenominationHelper *dh)
{ {
char *tmpdir;
if (-1 != dh->sock) if (-1 != dh->sock)
return; return GNUNET_OK;
dh->sock = socket (AF_UNIX, dh->sock = socket (AF_UNIX,
SOCK_DGRAM, SOCK_STREAM,
0); 0);
if (-1 == dh->sock) if (-1 == dh->sock)
{ {
GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
"socket"); "socket");
return; return GNUNET_SYSERR;
} }
tmpdir = GNUNET_DISK_mktemp (dh->template); if (0 !=
if (NULL == tmpdir) connect (dh->sock,
{
do_disconnect (dh);
return;
}
/* we use >= here because we want the sun_path to always
be 0-terminated */
if (strlen (tmpdir) >= sizeof (dh->sa.sun_path))
{
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
"PATHS",
"TALER_RUNTIME_DIR",
"path too long");
GNUNET_free (tmpdir);
do_disconnect (dh);
return;
}
dh->my_sa.sun_family = AF_UNIX;
strncpy (dh->my_sa.sun_path,
tmpdir,
sizeof (dh->sa.sun_path) - 1);
if (0 != unlink (tmpdir))
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
"unlink",
tmpdir);
if (0 != bind (dh->sock,
(const struct sockaddr *) &dh->my_sa,
sizeof (dh->my_sa)))
{
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
"bind",
tmpdir);
do_disconnect (dh);
GNUNET_free (tmpdir);
return;
}
/* Fix permissions on client UNIX domain socket,
just in case umask() is not set to enable group write */
{
char path[sizeof (dh->my_sa.sun_path) + 1];
strncpy (path,
dh->my_sa.sun_path,
sizeof (path) - 1);
path[sizeof (dh->my_sa.sun_path)] = '\0';
if (0 != chmod (path,
S_IRUSR | S_IWUSR | S_IWGRP))
{
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
"chmod",
path);
}
}
GNUNET_free (tmpdir);
{
struct GNUNET_MessageHeader hdr = {
.size = htons (sizeof (hdr)),
.type = htons (TALER_HELPER_RSA_MT_REQ_INIT)
};
ssize_t ret;
ret = sendto (dh->sock,
&hdr,
sizeof (hdr),
0,
(const struct sockaddr *) &dh->sa, (const struct sockaddr *) &dh->sa,
sizeof (dh->sa)); sizeof (dh->sa)))
if (ret < 0)
{ {
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
"sendto", "connect",
dh->sa.sun_path); dh->sa.sun_path);
do_disconnect (dh); do_disconnect (dh);
return; return GNUNET_SYSERR;
} }
/* We are using SOCK_DGRAM, partial writes should not be possible */ return GNUNET_OK;
GNUNET_break (((size_t) ret) == sizeof (hdr));
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Successfully sent REQ_INIT\n");
}
} }
@ -238,17 +147,9 @@ TALER_CRYPTO_helper_denom_connect (
sizeof (dh->sa.sun_path) - 1); sizeof (dh->sa.sun_path) - 1);
GNUNET_free (unixpath); GNUNET_free (unixpath);
dh->sock = -1; dh->sock = -1;
/* Extract the age groups from the config, if the extension has been set,
* and serialize them into the age mask
*/
if (GNUNET_OK != if (GNUNET_OK !=
TALER_get_age_mask (cfg, &dh->age_mask)) try_connect (dh))
{ {
/* FIXME: maybe more specific error? */
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
"extensions", /* FIXME: right section etc? */
"age-restriction",
"invalid age groups");
TALER_CRYPTO_helper_denom_disconnect (dh); TALER_CRYPTO_helper_denom_disconnect (dh);
return NULL; return NULL;
} }
@ -298,7 +199,6 @@ handle_mt_avail (struct TALER_CRYPTO_DenominationHelper *dh,
struct TALER_DenominationHash h_denom_pub; struct TALER_DenominationHash h_denom_pub;
denom_pub.cipher = TALER_DENOMINATION_RSA; denom_pub.cipher = TALER_DENOMINATION_RSA;
denom_pub.age_mask = dh->age_mask;
denom_pub.details.rsa_public_key denom_pub.details.rsa_public_key
= GNUNET_CRYPTO_rsa_public_key_decode (buf, = GNUNET_CRYPTO_rsa_public_key_decode (buf,
ntohs (kan->pub_size)); ntohs (kan->pub_size));
@ -307,8 +207,8 @@ handle_mt_avail (struct TALER_CRYPTO_DenominationHelper *dh,
GNUNET_break_op (0); GNUNET_break_op (0);
return GNUNET_SYSERR; return GNUNET_SYSERR;
} }
TALER_denom_pub_hash (&denom_pub, GNUNET_CRYPTO_rsa_public_key_hash (denom_pub.details.rsa_public_key,
&h_denom_pub); &h_denom_pub.hash);
GNUNET_log (GNUNET_ERROR_TYPE_INFO, GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Received RSA key %s (%s)\n", "Received RSA key %s (%s)\n",
GNUNET_h2s (&h_denom_pub.hash), GNUNET_h2s (&h_denom_pub.hash),
@ -323,7 +223,7 @@ handle_mt_avail (struct TALER_CRYPTO_DenominationHelper *dh,
&kan->secm_sig)) &kan->secm_sig))
{ {
GNUNET_break_op (0); GNUNET_break_op (0);
GNUNET_CRYPTO_rsa_public_key_free (denom_pub.details.rsa_public_key); TALER_denom_pub_free (&denom_pub);
return GNUNET_SYSERR; return GNUNET_SYSERR;
} }
dh->dkc (dh->dkc_cls, dh->dkc (dh->dkc_cls,
@ -334,7 +234,7 @@ handle_mt_avail (struct TALER_CRYPTO_DenominationHelper *dh,
&denom_pub, &denom_pub,
&kan->secm_pub, &kan->secm_pub,
&kan->secm_sig); &kan->secm_sig);
GNUNET_CRYPTO_rsa_public_key_free (denom_pub.details.rsa_public_key); TALER_denom_pub_free (&denom_pub);
} }
return GNUNET_OK; return GNUNET_OK;
} }
@ -374,115 +274,62 @@ handle_mt_purge (struct TALER_CRYPTO_DenominationHelper *dh,
} }
/**
* Wait until the socket is ready to read.
*
* @param dh helper to wait for
* @return false on timeout (after 1s)
*/
static bool
await_read_ready (struct TALER_CRYPTO_DenominationHelper *dh)
{
/* wait for reply with 1s timeout */
struct pollfd pfd = {
.fd = dh->sock,
.events = POLLIN
};
sigset_t sigmask;
struct timespec ts = {
.tv_sec = 1
};
int ret;
GNUNET_assert (0 == sigemptyset (&sigmask));
GNUNET_assert (0 == sigaddset (&sigmask, SIGTERM));
GNUNET_assert (0 == sigaddset (&sigmask, SIGHUP));
ret = ppoll (&pfd,
1,
&ts,
&sigmask);
if ( (-1 == ret) &&
(EINTR != errno) )
GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR,
"ppoll");
return (0 < ret);
}
void void
TALER_CRYPTO_helper_denom_poll (struct TALER_CRYPTO_DenominationHelper *dh) TALER_CRYPTO_helper_denom_poll (struct TALER_CRYPTO_DenominationHelper *dh)
{ {
char buf[UINT16_MAX]; char buf[UINT16_MAX];
ssize_t ret; size_t off = 0;
unsigned int retry_limit = 3; unsigned int retry_limit = 3;
const struct GNUNET_MessageHeader *hdr const struct GNUNET_MessageHeader *hdr
= (const struct GNUNET_MessageHeader *) buf; = (const struct GNUNET_MessageHeader *) buf;
int flag = MSG_DONTWAIT;
try_connect (dh); if (GNUNET_OK !=
if (-1 == dh->sock) try_connect (dh))
{
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
"Cannot poll denom helper: socket down\n");
return; /* give up */ return; /* give up */
}
while (1) while (1)
{ {
uint16_t msize;
ssize_t ret;
ret = recv (dh->sock, ret = recv (dh->sock,
buf, buf,
sizeof (buf), sizeof (buf),
flag); (dh->synced && (0 == off))
? MSG_DONTWAIT
: 0);
if (ret < 0) if (ret < 0)
{ {
if (EINTR == errno)
continue;
if (EAGAIN == errno) if (EAGAIN == errno)
{ {
/* EAGAIN should only happen if we did not GNUNET_assert (dh->synced);
already go through this loop */ GNUNET_assert (0 == off);
GNUNET_assert (0 != flag);
if (dh->synced)
break; break;
if (! await_read_ready (dh))
{
/* timeout AND not synced => full reconnect */
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Restarting connection to RSA helper, did not come up properly\n");
do_disconnect (dh);
if (0 == retry_limit)
{
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
"Cannot poll denom helper: retry limit reached\n");
return; /* give up */
}
try_connect (dh);
if (-1 == dh->sock)
{
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
"Cannot poll denom helper: failed to connect\n");
return; /* give up */
}
retry_limit--;
flag = MSG_DONTWAIT;
}
else
{
flag = 0; /* syscall must be non-blocking this time */
}
continue; /* try again */
} }
GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
"recv"); "recv");
do_disconnect (dh); do_disconnect (dh);
return; if (0 == retry_limit)
return; /* give up */
if (GNUNET_OK !=
try_connect (dh))
return; /* give up */
retry_limit--;
continue;
} }
retry_limit = 10; if (0 == ret)
flag = MSG_DONTWAIT;
if ( (ret < sizeof (struct GNUNET_MessageHeader)) ||
(ret != ntohs (hdr->size)) )
{ {
GNUNET_break_op (0); GNUNET_break (0 == off);
do_disconnect (dh);
return; return;
} }
off += ret;
more:
if (off < sizeof (struct GNUNET_MessageHeader))
continue;
msize = ntohs (hdr->size);
if (off < msize)
continue;
switch (ntohs (hdr->type)) switch (ntohs (hdr->type))
{ {
case TALER_HELPER_RSA_MT_AVAIL: case TALER_HELPER_RSA_MT_AVAIL:
@ -511,10 +358,19 @@ TALER_CRYPTO_helper_denom_poll (struct TALER_CRYPTO_DenominationHelper *dh)
dh->synced = true; dh->synced = true;
break; break;
default: default:
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Received unexpected message of type %d (len: %u)\n",
(unsigned int) ntohs (hdr->type),
(unsigned int) msize);
GNUNET_break_op (0); GNUNET_break_op (0);
do_disconnect (dh); do_disconnect (dh);
return; return;
} }
memmove (buf,
&buf[msize],
off - msize);
off -= msize;
goto more;
} }
} }
@ -528,22 +384,23 @@ TALER_CRYPTO_helper_denom_sign (
enum TALER_ErrorCode *ec) enum TALER_ErrorCode *ec)
{ {
struct TALER_BlindedDenominationSignature ds = { struct TALER_BlindedDenominationSignature ds = {
.details.blinded_rsa_signature = NULL .cipher = TALER_DENOMINATION_INVALID
}; };
{
char buf[sizeof (struct TALER_CRYPTO_SignRequest) + msg_size];
struct TALER_CRYPTO_SignRequest *sr
= (struct TALER_CRYPTO_SignRequest *) buf;
ssize_t ret;
try_connect (dh); if (GNUNET_OK !=
if (-1 == dh->sock) try_connect (dh))
{ {
GNUNET_log (GNUNET_ERROR_TYPE_WARNING, GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
"Failed to connect to helper\n"); "Failed to connect to helper\n");
*ec = TALER_EC_EXCHANGE_DENOMINATION_HELPER_UNAVAILABLE; *ec = TALER_EC_EXCHANGE_DENOMINATION_HELPER_UNAVAILABLE;
return ds; return ds;
} }
{
char buf[sizeof (struct TALER_CRYPTO_SignRequest) + msg_size];
struct TALER_CRYPTO_SignRequest *sr
= (struct TALER_CRYPTO_SignRequest *) buf;
sr->header.size = htons (sizeof (buf)); sr->header.size = htons (sizeof (buf));
sr->header.type = htons (TALER_HELPER_RSA_MT_REQ_SIGN); sr->header.type = htons (TALER_HELPER_RSA_MT_REQ_SIGN);
sr->reserved = htonl (0); sr->reserved = htonl (0);
@ -551,95 +408,106 @@ TALER_CRYPTO_helper_denom_sign (
memcpy (&sr[1], memcpy (&sr[1],
msg, msg,
msg_size); msg_size);
ret = sendto (dh->sock, if (GNUNET_OK !=
TALER_crypto_helper_send_all (dh->sock,
buf, buf,
sizeof (buf), sizeof (buf)))
0,
(const struct sockaddr *) &dh->sa,
sizeof (dh->sa));
if (ret < 0)
{ {
GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
"sendto"); "send");
do_disconnect (dh); do_disconnect (dh);
*ec = TALER_EC_EXCHANGE_DENOMINATION_HELPER_UNAVAILABLE; *ec = TALER_EC_EXCHANGE_DENOMINATION_HELPER_UNAVAILABLE;
return ds; return ds;
} }
/* We are using SOCK_DGRAM, partial writes should not be possible */
GNUNET_break (((size_t) ret) == sizeof (buf));
} }
while (1)
{ {
char buf[UINT16_MAX]; char buf[UINT16_MAX];
ssize_t ret; size_t off = 0;
const struct GNUNET_MessageHeader *hdr const struct GNUNET_MessageHeader *hdr
= (const struct GNUNET_MessageHeader *) buf; = (const struct GNUNET_MessageHeader *) buf;
bool finished = false;
if (! await_read_ready (dh)) *ec = TALER_EC_INVALID;
while (1)
{ {
do_disconnect (dh); uint16_t msize;
GNUNET_log (GNUNET_ERROR_TYPE_WARNING, ssize_t ret;
"Timeout waiting for helper\n");
*ec = TALER_EC_GENERIC_TIMEOUT;
return ds;
}
ret = recv (dh->sock, ret = recv (dh->sock,
buf, buf,
sizeof (buf), sizeof (buf),
0); (finished && (0 == off))
? MSG_DONTWAIT
: 0);
if (ret < 0) if (ret < 0)
{ {
if (EINTR == errno)
continue;
if (EAGAIN == errno)
{
GNUNET_assert (finished);
GNUNET_assert (0 == off);
return ds;
}
GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
"recv"); "recv");
do_disconnect (dh); do_disconnect (dh);
*ec = TALER_EC_EXCHANGE_DENOMINATION_HELPER_UNAVAILABLE; *ec = TALER_EC_EXCHANGE_DENOMINATION_HELPER_UNAVAILABLE;
return ds; break;
} }
if ( (ret < sizeof (struct GNUNET_MessageHeader)) || if (0 == ret)
(ret != ntohs (hdr->size)) )
{ {
GNUNET_break_op (0); GNUNET_break (0 == off);
do_disconnect (dh); if (! finished)
*ec = TALER_EC_EXCHANGE_DENOMINATION_HELPER_BUG; *ec = TALER_EC_EXCHANGE_SIGNKEY_HELPER_BUG;
return ds; return ds;
} }
off += ret;
more:
if (off < sizeof (struct GNUNET_MessageHeader))
continue;
msize = ntohs (hdr->size);
if (off < msize)
continue;
switch (ntohs (hdr->type)) switch (ntohs (hdr->type))
{ {
case TALER_HELPER_RSA_MT_RES_SIGNATURE: case TALER_HELPER_RSA_MT_RES_SIGNATURE:
if (ret < sizeof (struct TALER_CRYPTO_SignResponse)) if ( (msize < sizeof (struct TALER_CRYPTO_SignResponse)) ||
(finished) )
{ {
GNUNET_break_op (0); GNUNET_break_op (0);
do_disconnect (dh); do_disconnect (dh);
*ec = TALER_EC_EXCHANGE_DENOMINATION_HELPER_BUG; *ec = TALER_EC_EXCHANGE_DENOMINATION_HELPER_BUG;
return ds; goto end;
} }
{ {
const struct TALER_CRYPTO_SignResponse *sr = const struct TALER_CRYPTO_SignResponse *sr =
(const struct TALER_CRYPTO_SignResponse *) buf; (const struct TALER_CRYPTO_SignResponse *) buf;
struct GNUNET_CRYPTO_RsaSignature *rsa_signature; struct GNUNET_CRYPTO_RsaSignature *rsa_signature;
rsa_signature = GNUNET_CRYPTO_rsa_signature_decode (&sr[1], rsa_signature = GNUNET_CRYPTO_rsa_signature_decode (
ret - sizeof (*sr)); &sr[1],
msize - sizeof (*sr));
if (NULL == rsa_signature) if (NULL == rsa_signature)
{ {
GNUNET_break_op (0); GNUNET_break_op (0);
do_disconnect (dh); do_disconnect (dh);
*ec = TALER_EC_EXCHANGE_DENOMINATION_HELPER_BUG; *ec = TALER_EC_EXCHANGE_DENOMINATION_HELPER_BUG;
return ds; goto end;
} }
*ec = TALER_EC_NONE; *ec = TALER_EC_NONE;
ds.cipher = TALER_DENOMINATION_RSA; finished = true;
ds.details.blinded_rsa_signature = rsa_signature; ds.details.blinded_rsa_signature = rsa_signature;
return ds; break;
} }
case TALER_HELPER_RSA_MT_RES_SIGN_FAILURE: case TALER_HELPER_RSA_MT_RES_SIGN_FAILURE:
if (ret != sizeof (struct TALER_CRYPTO_SignFailure)) if (msize != sizeof (struct TALER_CRYPTO_SignFailure))
{ {
GNUNET_break_op (0); GNUNET_break_op (0);
do_disconnect (dh); do_disconnect (dh);
*ec = TALER_EC_EXCHANGE_DENOMINATION_HELPER_BUG; *ec = TALER_EC_EXCHANGE_DENOMINATION_HELPER_BUG;
return ds; goto end;
} }
{ {
const struct TALER_CRYPTO_SignFailure *sf = const struct TALER_CRYPTO_SignFailure *sf =
@ -656,7 +524,7 @@ TALER_CRYPTO_helper_denom_sign (
GNUNET_break_op (0); GNUNET_break_op (0);
do_disconnect (dh); do_disconnect (dh);
*ec = TALER_EC_EXCHANGE_DENOMINATION_HELPER_BUG; *ec = TALER_EC_EXCHANGE_DENOMINATION_HELPER_BUG;
return ds; goto end;
} }
break; /* while(1) loop ensures we recvfrom() again */ break; /* while(1) loop ensures we recvfrom() again */
case TALER_HELPER_RSA_MT_PURGE: case TALER_HELPER_RSA_MT_PURGE:
@ -667,15 +535,33 @@ TALER_CRYPTO_helper_denom_sign (
GNUNET_break_op (0); GNUNET_break_op (0);
do_disconnect (dh); do_disconnect (dh);
*ec = TALER_EC_EXCHANGE_DENOMINATION_HELPER_BUG; *ec = TALER_EC_EXCHANGE_DENOMINATION_HELPER_BUG;
return ds; goto end;
} }
break; /* while(1) loop ensures we recvfrom() again */ break; /* while(1) loop ensures we recvfrom() again */
case TALER_HELPER_RSA_SYNCED:
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
"Synchronized add odd time with RSA helper!\n");
dh->synced = true;
break;
default: default:
GNUNET_break_op (0); GNUNET_break_op (0);
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Received unexpected message of type %u\n",
ntohs (hdr->type));
do_disconnect (dh); do_disconnect (dh);
*ec = TALER_EC_EXCHANGE_DENOMINATION_HELPER_BUG; *ec = TALER_EC_EXCHANGE_DENOMINATION_HELPER_BUG;
return ds; goto end;
} }
memmove (buf,
&buf[msize],
off - msize);
off -= msize;
goto more;
} /* while(1) */
end:
if (finished)
TALER_blinded_denom_sig_free (&ds);
return ds;
} }
} }
@ -690,26 +576,20 @@ TALER_CRYPTO_helper_denom_revoke (
.header.type = htons (TALER_HELPER_RSA_MT_REQ_REVOKE), .header.type = htons (TALER_HELPER_RSA_MT_REQ_REVOKE),
.h_denom_pub = *h_denom_pub .h_denom_pub = *h_denom_pub
}; };
ssize_t ret;
try_connect (dh); if (GNUNET_OK !=
if (-1 == dh->sock) try_connect (dh))
return; /* give up */ return; /* give up */
ret = sendto (dh->sock, if (GNUNET_OK !=
TALER_crypto_helper_send_all (dh->sock,
&rr, &rr,
sizeof (rr), sizeof (rr)))
0,
(const struct sockaddr *) &dh->sa,
sizeof (dh->sa));
if (ret < 0)
{ {
GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
"sendto"); "send");
do_disconnect (dh); do_disconnect (dh);
return; return;
} }
/* We are using SOCK_DGRAM, partial writes should not be possible */
GNUNET_break (((size_t) ret) == sizeof (rr));
GNUNET_log (GNUNET_ERROR_TYPE_INFO, GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Requested revocation of denomination key %s\n", "Requested revocation of denomination key %s\n",
GNUNET_h2s (&h_denom_pub->hash)); GNUNET_h2s (&h_denom_pub->hash));
@ -722,7 +602,6 @@ TALER_CRYPTO_helper_denom_disconnect (
{ {
if (-1 != dh->sock) if (-1 != dh->sock)
do_disconnect (dh); do_disconnect (dh);
GNUNET_free (dh->template);
GNUNET_free (dh); GNUNET_free (dh);
} }

401
src/util/crypto_helper_esign.c
View File

@ -1,6 +1,6 @@
/* /*
This file is part of TALER This file is part of TALER
Copyright (C) 2020 Taler Systems SA Copyright (C) 2020, 2021 Taler Systems SA
TALER is free software; you can redistribute it and/or modify it under the TALER is free software; you can redistribute it and/or modify it under the
terms of the GNU General Public License as published by the Free Software terms of the GNU General Public License as published by the Free Software
@ -23,6 +23,7 @@
#include "taler_signatures.h" #include "taler_signatures.h"
#include "taler-exchange-secmod-eddsa.h" #include "taler-exchange-secmod-eddsa.h"
#include <poll.h> #include <poll.h>
#include "crypto_helper_common.h"
struct TALER_CRYPTO_ExchangeSignHelper struct TALER_CRYPTO_ExchangeSignHelper
@ -43,16 +44,6 @@ struct TALER_CRYPTO_ExchangeSignHelper
*/ */
struct sockaddr_un sa; struct sockaddr_un sa;
/**
* Socket address of this process.
*/
struct sockaddr_un my_sa;
/**
* Template for @e my_sa.
*/
char *template;
/** /**
* The UNIX domain socket, -1 if we are currently not connected. * The UNIX domain socket, -1 if we are currently not connected.
*/ */
@ -76,10 +67,6 @@ static void
do_disconnect (struct TALER_CRYPTO_ExchangeSignHelper *esh) do_disconnect (struct TALER_CRYPTO_ExchangeSignHelper *esh)
{ {
GNUNET_break (0 == close (esh->sock)); GNUNET_break (0 == close (esh->sock));
if (0 != unlink (esh->my_sa.sun_path))
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
"unlink",
esh->my_sa.sun_path);
esh->sock = -1; esh->sock = -1;
esh->synced = false; esh->synced = false;
} }
@ -90,107 +77,34 @@ do_disconnect (struct TALER_CRYPTO_ExchangeSignHelper *esh)
* @e sock field in @a esh. * @e sock field in @a esh.
* *
* @param[in,out] esh handle to establish connection for * @param[in,out] esh handle to establish connection for
* @return #GNUNET_OK on success
*/ */
static void static enum GNUNET_GenericReturnValue
try_connect (struct TALER_CRYPTO_ExchangeSignHelper *esh) try_connect (struct TALER_CRYPTO_ExchangeSignHelper *esh)
{ {
char *tmpdir;
if (-1 != esh->sock) if (-1 != esh->sock)
return; return GNUNET_OK;
esh->sock = socket (AF_UNIX, esh->sock = socket (AF_UNIX,
SOCK_DGRAM, SOCK_STREAM,
0); 0);
if (-1 == esh->sock) if (-1 == esh->sock)
{ {
GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
"socket"); "socket");
return; return GNUNET_SYSERR;
} }
tmpdir = GNUNET_DISK_mktemp (esh->template); if (0 !=
if (NULL == tmpdir) connect (esh->sock,
{
do_disconnect (esh);
return;
}
/* we use >= here because we want the sun_path to always
be 0-terminated */
if (strlen (tmpdir) >= sizeof (esh->sa.sun_path))
{
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
"PATHS",
"TALER_RUNTIME_DIR",
"path too long");
GNUNET_free (tmpdir);
do_disconnect (esh);
return;
}
esh->my_sa.sun_family = AF_UNIX;
strncpy (esh->my_sa.sun_path,
tmpdir,
sizeof (esh->sa.sun_path) - 1);
if (0 != unlink (tmpdir))
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
"unlink",
tmpdir);
if (0 != bind (esh->sock,
(const struct sockaddr *) &esh->my_sa,
sizeof (esh->my_sa)))
{
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
"bind",
tmpdir);
do_disconnect (esh);
GNUNET_free (tmpdir);
return;
}
/* Fix permissions on client UNIX domain socket,
just in case umask() is not set to enable group write */
{
char path[sizeof (esh->my_sa.sun_path) + 1];
strncpy (path,
esh->my_sa.sun_path,
sizeof (path) - 1);
path[sizeof (esh->my_sa.sun_path)] = '\0';
if (0 != chmod (path,
S_IRUSR | S_IWUSR | S_IWGRP))
{
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
"chmod",
path);
}
}
GNUNET_free (tmpdir);
{
struct GNUNET_MessageHeader hdr = {
.size = htons (sizeof (hdr)),
.type = htons (TALER_HELPER_EDDSA_MT_REQ_INIT)
};
ssize_t ret;
ret = sendto (esh->sock,
&hdr,
sizeof (hdr),
0,
(const struct sockaddr *) &esh->sa, (const struct sockaddr *) &esh->sa,
sizeof (esh->sa)); sizeof (esh->sa)))
if (ret < 0)
{ {
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
"sendto", "connect",
esh->sa.sun_path); esh->sa.sun_path);
do_disconnect (esh); do_disconnect (esh);
return; return GNUNET_SYSERR;
} }
/* We are using SOCK_DGRAM, partial writes should not be possible */ return GNUNET_OK;
GNUNET_break (((size_t) ret) == sizeof (hdr));
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Successfully sent REQ_INIT\n");
}
} }
@ -234,50 +148,13 @@ TALER_CRYPTO_helper_esign_connect (
sizeof (esh->sa.sun_path) - 1); sizeof (esh->sa.sun_path) - 1);
GNUNET_free (unixpath); GNUNET_free (unixpath);
esh->sock = -1; esh->sock = -1;
{
char *tmpdir;
char *template;
if (GNUNET_OK != if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_filename (cfg, try_connect (esh))
"taler-exchange-secmod-eddsa",
"CLIENT_DIR",
&tmpdir))
{ {
GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
"taler-exchange-secmod-eddsa",
"CLIENT_DIR");
GNUNET_free (esh);
return NULL;
}
GNUNET_asprintf (&template,
"%s/cli",
tmpdir);
/* We expect the service to create the client directory */
if (GNUNET_OK !=
GNUNET_DISK_directory_test (tmpdir,
GNUNET_YES))
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Unable to read secmod client directory (%s)\n",
tmpdir);
GNUNET_free (esh);
GNUNET_free (template);
GNUNET_free (tmpdir);
return NULL;
}
GNUNET_free (tmpdir);
esh->template = template;
if (strlen (template) >= sizeof (esh->sa.sun_path))
{
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
"PATHS",
"TALER_RUNTIME_DIR",
"path too long");
TALER_CRYPTO_helper_esign_disconnect (esh); TALER_CRYPTO_helper_esign_disconnect (esh);
return NULL; return NULL;
} }
}
TALER_CRYPTO_helper_esign_poll (esh); TALER_CRYPTO_helper_esign_poll (esh);
return esh; return esh;
} }
@ -290,7 +167,7 @@ TALER_CRYPTO_helper_esign_connect (
* @param hdr message that we received * @param hdr message that we received
* @return #GNUNET_OK on success * @return #GNUNET_OK on success
*/ */
static int static enum GNUNET_GenericReturnValue
handle_mt_avail (struct TALER_CRYPTO_ExchangeSignHelper *esh, handle_mt_avail (struct TALER_CRYPTO_ExchangeSignHelper *esh,
const struct GNUNET_MessageHeader *hdr) const struct GNUNET_MessageHeader *hdr)
{ {
@ -330,7 +207,7 @@ handle_mt_avail (struct TALER_CRYPTO_ExchangeSignHelper *esh,
* @param hdr message that we received * @param hdr message that we received
* @return #GNUNET_OK on success * @return #GNUNET_OK on success
*/ */
static int static enum GNUNET_GenericReturnValue
handle_mt_purge (struct TALER_CRYPTO_ExchangeSignHelper *esh, handle_mt_purge (struct TALER_CRYPTO_ExchangeSignHelper *esh,
const struct GNUNET_MessageHeader *hdr) const struct GNUNET_MessageHeader *hdr)
{ {
@ -352,101 +229,62 @@ handle_mt_purge (struct TALER_CRYPTO_ExchangeSignHelper *esh,
} }
/**
* Wait until the socket is ready to read.
*
* @param esh helper to wait for
* @return false on timeout (after 1s)
*/
static bool
await_read_ready (struct TALER_CRYPTO_ExchangeSignHelper *esh)
{
/* wait for reply with 1s timeout */
struct pollfd pfd = {
.fd = esh->sock,
.events = POLLIN
};
sigset_t sigmask;
struct timespec ts = {
.tv_sec = 1
};
int ret;
GNUNET_assert (0 == sigemptyset (&sigmask));
GNUNET_assert (0 == sigaddset (&sigmask, SIGTERM));
GNUNET_assert (0 == sigaddset (&sigmask, SIGHUP));
ret = ppoll (&pfd,
1,
&ts,
&sigmask);
if ( (-1 == ret) &&
(EINTR != errno) )
GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR,
"ppoll");
return (0 < ret);
}
void void
TALER_CRYPTO_helper_esign_poll (struct TALER_CRYPTO_ExchangeSignHelper *esh) TALER_CRYPTO_helper_esign_poll (struct TALER_CRYPTO_ExchangeSignHelper *esh)
{ {
char buf[UINT16_MAX]; char buf[UINT16_MAX];
ssize_t ret; size_t off = 0;
unsigned int retry_limit = 3; unsigned int retry_limit = 3;
const struct GNUNET_MessageHeader *hdr const struct GNUNET_MessageHeader *hdr
= (const struct GNUNET_MessageHeader *) buf; = (const struct GNUNET_MessageHeader *) buf;
int flag = MSG_DONTWAIT;
try_connect (esh); if (GNUNET_OK !=
if (-1 == esh->sock) try_connect (esh))
return; /* give up */ return; /* give up */
while (1) while (1)
{ {
uint16_t msize;
ssize_t ret;
ret = recv (esh->sock, ret = recv (esh->sock,
buf, buf + off,
sizeof (buf), sizeof (buf) - off,
flag); (esh->synced && (0 == off))
? MSG_DONTWAIT
: 0);
if (ret < 0) if (ret < 0)
{ {
if (EINTR == errno)
continue;
if (EAGAIN == errno) if (EAGAIN == errno)
{ {
GNUNET_assert (0 != flag); GNUNET_assert (esh->synced);
if (esh->synced) GNUNET_assert (0 == off);
break; break;
if (! await_read_ready (esh))
{
/* timeout AND not synced => full reconnect */
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Restarting connection to EdDSA helper, did not come up properly\n");
do_disconnect (esh);
if (0 == retry_limit)
return; /* give up */
try_connect (esh);
if (-1 == esh->sock)
return; /* give up */
retry_limit--;
flag = MSG_DONTWAIT;
}
else
{
flag = 0; /* syscall must be non-blocking this time */
}
continue; /* try again */
} }
GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
"recv"); "recv");
do_disconnect (esh); do_disconnect (esh);
return; if (0 == retry_limit)
return; /* give up */
if (GNUNET_OK !=
try_connect (esh))
return; /* give up */
retry_limit--;
continue;
} }
if (0 == ret)
flag = MSG_DONTWAIT;
if ( (ret < sizeof (struct GNUNET_MessageHeader)) ||
(ret != ntohs (hdr->size)) )
{ {
GNUNET_break_op (0); GNUNET_break (0 == off);
do_disconnect (esh);
return; return;
} }
off += ret;
more:
if (off < sizeof (struct GNUNET_MessageHeader))
continue;
msize = ntohs (hdr->size);
if (off < msize)
continue;
switch (ntohs (hdr->type)) switch (ntohs (hdr->type))
{ {
case TALER_HELPER_EDDSA_MT_AVAIL: case TALER_HELPER_EDDSA_MT_AVAIL:
@ -475,10 +313,19 @@ TALER_CRYPTO_helper_esign_poll (struct TALER_CRYPTO_ExchangeSignHelper *esh)
esh->synced = true; esh->synced = true;
break; break;
default: default:
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Received unexpected message of type %d (len: %u)\n",
(unsigned int) ntohs (hdr->type),
(unsigned int) msize);
GNUNET_break_op (0); GNUNET_break_op (0);
do_disconnect (esh); do_disconnect (esh);
return; return;
} }
memmove (buf,
&buf[msize],
off - msize);
off -= msize;
goto more;
} }
} }
@ -490,81 +337,95 @@ TALER_CRYPTO_helper_esign_sign_ (
struct TALER_ExchangePublicKeyP *exchange_pub, struct TALER_ExchangePublicKeyP *exchange_pub,
struct TALER_ExchangeSignatureP *exchange_sig) struct TALER_ExchangeSignatureP *exchange_sig)
{ {
if (GNUNET_OK !=
try_connect (esh))
{
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
"Failed to connect to helper\n");
return TALER_EC_EXCHANGE_SIGNKEY_HELPER_UNAVAILABLE;
}
{ {
uint32_t purpose_size = ntohl (purpose->size); uint32_t purpose_size = ntohl (purpose->size);
char buf[sizeof (struct TALER_CRYPTO_EddsaSignRequest) + purpose_size char buf[sizeof (struct TALER_CRYPTO_EddsaSignRequest) + purpose_size
- sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose)]; - sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose)];
struct TALER_CRYPTO_EddsaSignRequest *sr struct TALER_CRYPTO_EddsaSignRequest *sr
= (struct TALER_CRYPTO_EddsaSignRequest *) buf; = (struct TALER_CRYPTO_EddsaSignRequest *) buf;
ssize_t ret;
try_connect (esh);
if (-1 == esh->sock)
{
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
"Failed to connect to helper\n");
return TALER_EC_EXCHANGE_SIGNKEY_HELPER_UNAVAILABLE;
}
sr->header.size = htons (sizeof (buf)); sr->header.size = htons (sizeof (buf));
sr->header.type = htons (TALER_HELPER_EDDSA_MT_REQ_SIGN); sr->header.type = htons (TALER_HELPER_EDDSA_MT_REQ_SIGN);
sr->reserved = htonl (0); sr->reserved = htonl (0);
memcpy (&sr->purpose, memcpy (&sr->purpose,
purpose, purpose,
purpose_size); purpose_size);
ret = sendto (esh->sock, if (GNUNET_OK !=
TALER_crypto_helper_send_all (esh->sock,
buf, buf,
sizeof (buf), sizeof (buf)))
0,
(const struct sockaddr *) &esh->sa,
sizeof (esh->sa));
if (ret < 0)
{ {
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
"sendto", "send",
esh->sa.sun_path); esh->sa.sun_path);
do_disconnect (esh); do_disconnect (esh);
return TALER_EC_EXCHANGE_SIGNKEY_HELPER_UNAVAILABLE; return TALER_EC_EXCHANGE_SIGNKEY_HELPER_UNAVAILABLE;
} }
/* We are using SOCK_DGRAM, partial writes should not be possible */
GNUNET_break (((size_t) ret) == sizeof (buf));
} }
{
char buf[UINT16_MAX];
size_t off = 0;
const struct GNUNET_MessageHeader *hdr
= (const struct GNUNET_MessageHeader *) buf;
bool finished = false;
enum TALER_ErrorCode ec = TALER_EC_INVALID;
while (1) while (1)
{ {
char buf[UINT16_MAX];
ssize_t ret; ssize_t ret;
const struct GNUNET_MessageHeader *hdr uint16_t msize;
= (const struct GNUNET_MessageHeader *) buf;
if (! await_read_ready (esh))
{
do_disconnect (esh);
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
"Timeout waiting for helper\n");
return TALER_EC_GENERIC_TIMEOUT;
}
ret = recv (esh->sock, ret = recv (esh->sock,
buf, buf,
sizeof (buf), sizeof (buf),
0); (finished && (0 == off))
? MSG_DONTWAIT
: 0);
if (ret < 0) if (ret < 0)
{ {
if (EINTR == errno)
continue;
if (EAGAIN == errno)
{
GNUNET_assert (finished);
GNUNET_assert (0 == off);
break;
}
GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
"recv"); "recv");
do_disconnect (esh); do_disconnect (esh);
return TALER_EC_EXCHANGE_SIGNKEY_HELPER_UNAVAILABLE; return TALER_EC_EXCHANGE_SIGNKEY_HELPER_UNAVAILABLE;
} }
if ( (ret < sizeof (struct GNUNET_MessageHeader)) || if (0 == ret)
(ret != ntohs (hdr->size)) ) {
GNUNET_break (0 == off);
return TALER_EC_EXCHANGE_SIGNKEY_HELPER_BUG;
}
off += ret;
more:
if (off < sizeof (struct GNUNET_MessageHeader))
continue;
msize = ntohs (hdr->size);
if (off < msize)
continue;
switch (ntohs (hdr->type))
{
case TALER_HELPER_EDDSA_MT_RES_SIGNATURE:
if (msize != sizeof (struct TALER_CRYPTO_EddsaSignResponse))
{ {
GNUNET_break_op (0); GNUNET_break_op (0);
do_disconnect (esh); do_disconnect (esh);
return TALER_EC_EXCHANGE_SIGNKEY_HELPER_BUG; return TALER_EC_EXCHANGE_SIGNKEY_HELPER_BUG;
} }
switch (ntohs (hdr->type)) if (finished)
{
case TALER_HELPER_EDDSA_MT_RES_SIGNATURE:
if (ret != sizeof (struct TALER_CRYPTO_EddsaSignResponse))
{ {
GNUNET_break_op (0); GNUNET_break_op (0);
do_disconnect (esh); do_disconnect (esh);
@ -575,10 +436,12 @@ TALER_CRYPTO_helper_esign_sign_ (
(const struct TALER_CRYPTO_EddsaSignResponse *) buf; (const struct TALER_CRYPTO_EddsaSignResponse *) buf;
*exchange_sig = sr->exchange_sig; *exchange_sig = sr->exchange_sig;
*exchange_pub = sr->exchange_pub; *exchange_pub = sr->exchange_pub;
return TALER_EC_NONE; finished = true;
ec = TALER_EC_NONE;
break;
} }
case TALER_HELPER_EDDSA_MT_RES_SIGN_FAILURE: case TALER_HELPER_EDDSA_MT_RES_SIGN_FAILURE:
if (ret != sizeof (struct TALER_CRYPTO_EddsaSignFailure)) if (msize != sizeof (struct TALER_CRYPTO_EddsaSignFailure))
{ {
GNUNET_break_op (0); GNUNET_break_op (0);
do_disconnect (esh); do_disconnect (esh);
@ -588,7 +451,9 @@ TALER_CRYPTO_helper_esign_sign_ (
const struct TALER_CRYPTO_EddsaSignFailure *sf = const struct TALER_CRYPTO_EddsaSignFailure *sf =
(const struct TALER_CRYPTO_EddsaSignFailure *) buf; (const struct TALER_CRYPTO_EddsaSignFailure *) buf;
return (enum TALER_ErrorCode) ntohl (sf->ec); finished = true;
ec = (enum TALER_ErrorCode) ntohl (sf->ec);
break;
} }
case TALER_HELPER_EDDSA_MT_AVAIL: case TALER_HELPER_EDDSA_MT_AVAIL:
if (GNUNET_OK != if (GNUNET_OK !=
@ -599,7 +464,7 @@ TALER_CRYPTO_helper_esign_sign_ (
do_disconnect (esh); do_disconnect (esh);
return TALER_EC_EXCHANGE_SIGNKEY_HELPER_BUG; return TALER_EC_EXCHANGE_SIGNKEY_HELPER_BUG;
} }
break; /* while(1) loop ensures we recvfrom() again */ break; /* while(1) loop ensures we recv() again */
case TALER_HELPER_EDDSA_MT_PURGE: case TALER_HELPER_EDDSA_MT_PURGE:
if (GNUNET_OK != if (GNUNET_OK !=
handle_mt_purge (esh, handle_mt_purge (esh,
@ -609,12 +474,27 @@ TALER_CRYPTO_helper_esign_sign_ (
do_disconnect (esh); do_disconnect (esh);
return TALER_EC_EXCHANGE_SIGNKEY_HELPER_BUG; return TALER_EC_EXCHANGE_SIGNKEY_HELPER_BUG;
} }
break; /* while(1) loop ensures we recvfrom() again */ break; /* while(1) loop ensures we recv() again */
case TALER_HELPER_EDDSA_SYNCED:
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
"Synchronized add odd time with EdDSA helper!\n");
esh->synced = true;
break;
default: default:
GNUNET_break_op (0); GNUNET_break_op (0);
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Received unexpected message of type %u\n",
ntohs (hdr->type));
do_disconnect (esh); do_disconnect (esh);
return TALER_EC_EXCHANGE_SIGNKEY_HELPER_BUG; return TALER_EC_EXCHANGE_SIGNKEY_HELPER_BUG;
} }
memmove (buf,
&buf[msize],
off - msize);
off -= msize;
goto more;
} /* while(1) */
return ec;
} }
} }
@ -623,32 +503,28 @@ void
TALER_CRYPTO_helper_esign_revoke ( TALER_CRYPTO_helper_esign_revoke (
struct TALER_CRYPTO_ExchangeSignHelper *esh, struct TALER_CRYPTO_ExchangeSignHelper *esh,
const struct TALER_ExchangePublicKeyP *exchange_pub) const struct TALER_ExchangePublicKeyP *exchange_pub)
{
if (GNUNET_OK !=
try_connect (esh))
return; /* give up */
{ {
struct TALER_CRYPTO_EddsaRevokeRequest rr = { struct TALER_CRYPTO_EddsaRevokeRequest rr = {
.header.size = htons (sizeof (rr)), .header.size = htons (sizeof (rr)),
.header.type = htons (TALER_HELPER_EDDSA_MT_REQ_REVOKE), .header.type = htons (TALER_HELPER_EDDSA_MT_REQ_REVOKE),
.exchange_pub = *exchange_pub .exchange_pub = *exchange_pub
}; };
ssize_t ret;
try_connect (esh); if (GNUNET_OK !=
if (-1 == esh->sock) TALER_crypto_helper_send_all (esh->sock,
return; /* give up */
ret = sendto (esh->sock,
&rr, &rr,
sizeof (rr), sizeof (rr)))
0,
(const struct sockaddr *) &esh->sa,
sizeof (esh->sa));
if (ret < 0)
{ {
GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
"sendto"); "send");
do_disconnect (esh); do_disconnect (esh);
return; return;
} }
/* We are using SOCK_DGRAM, partial writes should not be possible */ }
GNUNET_break (((size_t) ret) == sizeof (rr));
} }
@ -658,7 +534,6 @@ TALER_CRYPTO_helper_esign_disconnect (
{ {
if (-1 != esh->sock) if (-1 != esh->sock)
do_disconnect (esh); do_disconnect (esh);
GNUNET_free (esh->template);
GNUNET_free (esh); GNUNET_free (esh);
} }