aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2019-02-17 14:40:21 +0100
committerChristian Grothoff <christian@grothoff.org>2019-02-17 14:40:21 +0100
commit62e8c183902d7d7b7535c247f750aa8a37d6365a (patch)
tree3c2b6e1ae9f621eaa638debf555e5bbbc7786644 /src
parent9fb889404ad6f76dd92a7e249e5438148594fcaf (diff)
Need to check for revoked keys as well before adding from DB.
Fixes ~13838.
Diffstat (limited to 'src')
-rw-r--r--src/exchange/taler-exchange-httpd_keystate.c15
-rw-r--r--src/exchangedb/exchangedb_denomkeys.c1
2 files changed, 9 insertions, 7 deletions
diff --git a/src/exchange/taler-exchange-httpd_keystate.c b/src/exchange/taler-exchange-httpd_keystate.c
index 4cdfc2ccb..10bff8269 100644
--- a/src/exchange/taler-exchange-httpd_keystate.c
+++ b/src/exchange/taler-exchange-httpd_keystate.c
@@ -1457,6 +1457,10 @@ reload_public_denoms_cb (void *cls,
GNUNET_CONTAINER_multihashmap_get (rfc->key_state->denomkey_map,
&issue->properties.denom_hash))
return; /* exists / known */
+ if (NULL !=
+ GNUNET_CONTAINER_multihashmap_get (rfc->key_state->revoked_map,
+ &issue->properties.denom_hash))
+ return; /* exists / known */
/* zero-out, just for future-proofing */
memset (&dki,
0,
@@ -1548,13 +1552,10 @@ make_fresh_key_state ()
/* Once we no longer get expired DKIs from
TALER_EXCHANGEDB_denomination_keys_iterate(),
we must fetch the information from the database! */
- if (0 /* #5536 */)
- {
- qs = TEH_plugin->iterate_denomination_info (TEH_plugin->cls,
- &reload_public_denoms_cb,
- &rfc);
- GNUNET_break (0 <= qs); /* warn, but continue, fingers crossed */
- }
+ qs = TEH_plugin->iterate_denomination_info (TEH_plugin->cls,
+ &reload_public_denoms_cb,
+ &rfc);
+ GNUNET_break (0 <= qs); /* warn, but continue, fingers crossed */
/* Initialize `current_sign_key_issue` and `rfc.sign_keys_array` */
TALER_EXCHANGEDB_signing_keys_iterate (TEH_exchange_directory,
&reload_keys_sign_iter,
diff --git a/src/exchangedb/exchangedb_denomkeys.c b/src/exchangedb/exchangedb_denomkeys.c
index d23f8f2f0..400912168 100644
--- a/src/exchangedb/exchangedb_denomkeys.c
+++ b/src/exchangedb/exchangedb_denomkeys.c
@@ -268,6 +268,7 @@ denomkeys_iterate_keydir_iter (void *cls,
struct TALER_MasterDenominationKeyRevocation rm;
const struct TALER_MasterSignatureP *revoked;
+ /* FIXME: #5536: should move .rev files into DB! */
if ( (strlen(filename) > strlen (".rev")) &&
(0 == strcmp (&filename[strlen(filename) - strlen (".rev")],
".rev")) )