diff options
| author | Philip Kaufmann <phil.kaufmann@t-online.de> | 2015-01-08 14:42:04 +0100 |
|---|---|---|
| committer | Philip Kaufmann <phil.kaufmann@t-online.de> | 2015-01-15 09:08:22 +0100 |
| commit | 6715efb9ca5cabeb07ae4ba8390a6e1b7638f66c (patch) | |
| tree | a6a984a35af1053209e0cd884ee90eff1d87797a /src/qt/paymentserver.cpp | |
| parent | e0cd2f55233d10476b75ac75df95a079735921ec (diff) | |
[Qt] Payment request expiration bug fix (re-done)
- this is based on #4122 (which can be closed)
Currently a payment request is only checked for expiration upon receipt.
It should be checked again immediately before sending coins to prevent
the user from paying to an expired invoice which would then require a
customer service interaction.
- add static verifyExpired() function to PaymentServer to be able to use
the same validation code in GUI and unit-testing code
- extend unit tests to use that function and also add an unit test which
overflows, because payment requests allow expires as uint64, whereas we
use int64_t for verification of expired payment requests
Diffstat (limited to 'src/qt/paymentserver.cpp')
| -rw-r--r-- | src/qt/paymentserver.cpp | 25 |
1 files changed, 17 insertions, 8 deletions
diff --git a/src/qt/paymentserver.cpp b/src/qt/paymentserver.cpp index 8703966606..0187e4c229 100644 --- a/src/qt/paymentserver.cpp +++ b/src/qt/paymentserver.cpp @@ -518,8 +518,6 @@ bool PaymentServer::processPaymentRequest(PaymentRequestPlus& request, SendCoins return false; if (request.IsInitialized()) { - const payments::PaymentDetails& details = request.getDetails(); - // Payment request network matches client network? if (!verifyNetwork(request.getDetails())) { emit message(tr("Payment request rejected"), tr("Payment request network doesn't match client network."), @@ -528,16 +526,15 @@ bool PaymentServer::processPaymentRequest(PaymentRequestPlus& request, SendCoins return false; } - // Expired payment request? - if (details.has_expires() && (int64_t)details.expires() < GetTime()) - { - emit message(tr("Payment request rejected"), tr("Payment request has expired."), + // Make sure any payment requests involved are still valid. + // This is re-checked just before sending coins in WalletModel::sendCoins(). + if (verifyExpired(request.getDetails())) { + emit message(tr("Payment request rejected"), tr("Payment request expired."), CClientUIInterface::MSG_ERROR); return false; } - } - else { + } else { emit message(tr("Payment request error"), tr("Payment request is not initialized."), CClientUIInterface::MSG_ERROR); @@ -756,3 +753,15 @@ bool PaymentServer::verifyNetwork(const payments::PaymentDetails& requestDetails } return fVerified; } + +bool PaymentServer::verifyExpired(const payments::PaymentDetails& requestDetails) +{ + bool fVerified = (requestDetails.has_expires() && (int64_t)requestDetails.expires() < GetTime()); + if (fVerified) { + const QString requestExpires = QString::fromStdString(DateTimeStrFormat("%Y-%m-%d %H:%M:%S", (int64_t)requestDetails.expires())); + qWarning() << QString("PaymentServer::%1: Payment request expired \"%2\".") + .arg(__func__) + .arg(requestExpires); + } + return fVerified; +} |