slightly better error generation on /refresh/reveal errors

4 files changed, 84 insertions, 16 deletions

diff --git a/INSTALL b/INSTALL
index 209984075..a1e89e18a 100644
--- a/INSTALL
+++ b/INSTALL
@@ -1,7 +1,7 @@
 Installation Instructions
 *************************
 
-Copyright (C) 1994-1996, 1999-2002, 2004-2013 Free Software Foundation,
+Copyright (C) 1994-1996, 1999-2002, 2004-2011 Free Software Foundation,
 Inc.
 
    Copying and distribution of this file, with or without modification,
@@ -12,8 +12,8 @@ without warranty of any kind.
 Basic Installation
 ==================
 
-   Briefly, the shell command `./configure && make && make install'
-should configure, build, and install this package.  The following
+   Briefly, the shell commands `./configure; make; make install' should
+configure, build, and install this package.  The following
 more-detailed instructions are generic; see the `README' file for
 instructions specific to this package.  Some packages provide this
 `INSTALL' file but do not implement all of the features documented
@@ -309,10 +309,9 @@ causes the specified `gcc' to be used as the C compiler (unless it is
 overridden in the site shell script).
 
 Unfortunately, this technique does not work for `CONFIG_SHELL' due to
-an Autoconf limitation.  Until the limitation is lifted, you can use
-this workaround:
+an Autoconf bug.  Until the bug is fixed you can use this workaround:
 
-     CONFIG_SHELL=/bin/bash ./configure CONFIG_SHELL=/bin/bash
+     CONFIG_SHELL=/bin/bash /bin/bash ./configure CONFIG_SHELL=/bin/bash
 
 `configure' Invocation
 ======================
@@ -368,3 +367,4 @@ operates.
 
 `configure' also accepts some other, not widely useful, options.  Run
 `configure --help' for more details.
+
diff --git a/src/mint/taler-mint-httpd_db.c b/src/mint/taler-mint-httpd_db.c
index 4ae4408e5..63bca2ecc 100644
--- a/src/mint/taler-mint-httpd_db.c
+++ b/src/mint/taler-mint-httpd_db.c
@@ -732,8 +732,12 @@ check_commitment (struct MHD_Connection *connection,
     {
       GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                   "transfer keys do not match\n");
-      return (MHD_YES == TALER_MINT_reply_external_error (connection,
-                                                          "Transfer private key missmatch"))
+      /* FIXME: return more specific error with original signature (#3712) */
+      return (MHD_YES == 
+	      TALER_MINT_reply_refresh_reveal_missmatch (connection,
+							 off,
+							 j,
+							 "transfer key"))
         ? GNUNET_NO : GNUNET_SYSERR;
     }
 
@@ -757,8 +761,9 @@ check_commitment (struct MHD_Connection *connection,
                                 &shared_secret))
     {
       GNUNET_break (0);
-      return (MHD_YES == TALER_MINT_reply_internal_error (connection,
-                                                          "Decryption error"))
+      return (MHD_YES == 
+	      TALER_MINT_reply_internal_error (connection,
+					       "Decryption error"))
         ? GNUNET_NO : GNUNET_SYSERR;
     }
 
@@ -773,8 +778,12 @@ check_commitment (struct MHD_Connection *connection,
     {
       GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                   "shared secrets do not match\n");
-      return (MHD_YES == TALER_MINT_reply_external_error (connection,
-                                                          "Shared secret missmatch"))
+      /* FIXME: return more specific error with original signature (#3712) */
+      return (MHD_YES ==
+	      TALER_MINT_reply_refresh_reveal_missmatch (connection,
+							 off,
+							 j,
+							 "transfer secret"))
         ? GNUNET_NO : GNUNET_SYSERR;
     }
   }
@@ -843,9 +852,12 @@ check_commitment (struct MHD_Connection *connection,
                   "blind envelope does not match for kappa=%u, old=%d\n",
                   off,
                   (int) j);
-      /* FIXME: return more specific error with exact offset */
-      return (MHD_YES == TALER_MINT_reply_external_error (connection,
-                                                          "Envelope missmatch"))
+      /* FIXME: return more specific error with original signature (#3712) */
+      return (MHD_YES ==
+	      TALER_MINT_reply_refresh_reveal_missmatch (connection,
+							 off,
+							 j,
+							 "envelope"))
         ? GNUNET_NO : GNUNET_SYSERR;
     }
     GNUNET_free (buf);
diff --git a/src/mint/taler-mint-httpd_responses.c b/src/mint/taler-mint-httpd_responses.c
index 2faeb5ca8..dc51dee4b 100644
--- a/src/mint/taler-mint-httpd_responses.c
+++ b/src/mint/taler-mint-httpd_responses.c
@@ -189,7 +189,6 @@ TALER_MINT_reply_external_error (struct MHD_Connection *connection,
 }
 
 
-
 /**
  * Send a response indicating an error committing a
  * transaction (concurrent interference).
@@ -717,6 +716,39 @@ TALER_MINT_reply_refresh_reveal_success (struct MHD_Connection *connection,
 
 
 /**
+ * Send a response for a failed "/refresh/reveal", where the
+ * revealed value(s) do not match the original commitment.
+ *
+ * FIXME: should also include the client's signature over
+ * the original reveal operation and the data that was signed
+ * over eventually... (#3712)
+ *
+ * @param connection the connection to send the response to
+ * @param off offset in the array of kappa-commitments where
+ *            the missmatch was detected
+ * @param j index of the coin for which the missmatch was
+ *            detected
+ * @param missmatch_object name of the object that was
+ *            bogus (i.e. "transfer key").
+ * @return a MHD result code
+ */
+int
+TALER_MINT_reply_refresh_reveal_missmatch (struct MHD_Connection *connection,
+					   unsigned int off,
+					   unsigned int j,
+					   const char *missmatch_object)
+{
+  return TALER_MINT_reply_json_pack (connection,
+				     MHD_HTTP_BAD_REQUEST,
+				     "{s:s, s:i, s:i, s:s}",
+				     "error", "commitment violation",
+				     "offset", (int) off,
+				     "index", (int) j,
+				     "object", missmatch_object);
+}
+
+
+/**
  * Send a response for "/refresh/link".
  *
  * @param connection the connection to send the response to
diff --git a/src/mint/taler-mint-httpd_responses.h b/src/mint/taler-mint-httpd_responses.h
index 7d0824c88..d42aa29b6 100644
--- a/src/mint/taler-mint-httpd_responses.h
+++ b/src/mint/taler-mint-httpd_responses.h
@@ -298,6 +298,30 @@ TALER_MINT_reply_refresh_reveal_success (struct MHD_Connection *connection,
 
 
 /**
+ * Send a response for a failed "/refresh/reveal", where the
+ * revealed value(s) do not match the original commitment.
+ *
+ * FIXME: should also include the client's signature over
+ * the original reveal operation and the data that was signed
+ * over eventually... (#3712)
+ *
+ * @param connection the connection to send the response to
+ * @param off offset in the array of kappa-commitments where
+ *            the missmatch was detected
+ * @param j index of the coin for which the missmatch was
+ *            detected
+ * @param missmatch_object name of the object that was
+ *            bogus (i.e. "transfer key").
+ * @return a MHD result code
+ */
+int
+TALER_MINT_reply_refresh_reveal_missmatch (struct MHD_Connection *connection,
+					   unsigned int off,
+					   unsigned int j,
+					   const char *missmatch_object);
+
+
+/**
  * Send a response for "/refresh/link".
  *
  * @param connection the connection to send the response to