diff options
author | Christian Grothoff <christian@grothoff.org> | 2019-02-17 14:40:21 +0100 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2019-02-17 14:40:21 +0100 |
commit | 62e8c183902d7d7b7535c247f750aa8a37d6365a (patch) | |
tree | 3c2b6e1ae9f621eaa638debf555e5bbbc7786644 /src | |
parent | 9fb889404ad6f76dd92a7e249e5438148594fcaf (diff) |
Need to check for revoked keys as well before adding from DB.
Fixes ~13838.
Diffstat (limited to 'src')
-rw-r--r-- | src/exchange/taler-exchange-httpd_keystate.c | 15 | ||||
-rw-r--r-- | src/exchangedb/exchangedb_denomkeys.c | 1 |
2 files changed, 9 insertions, 7 deletions
diff --git a/src/exchange/taler-exchange-httpd_keystate.c b/src/exchange/taler-exchange-httpd_keystate.c index 4cdfc2ccb..10bff8269 100644 --- a/src/exchange/taler-exchange-httpd_keystate.c +++ b/src/exchange/taler-exchange-httpd_keystate.c @@ -1457,6 +1457,10 @@ reload_public_denoms_cb (void *cls, GNUNET_CONTAINER_multihashmap_get (rfc->key_state->denomkey_map, &issue->properties.denom_hash)) return; /* exists / known */ + if (NULL != + GNUNET_CONTAINER_multihashmap_get (rfc->key_state->revoked_map, + &issue->properties.denom_hash)) + return; /* exists / known */ /* zero-out, just for future-proofing */ memset (&dki, 0, @@ -1548,13 +1552,10 @@ make_fresh_key_state () /* Once we no longer get expired DKIs from TALER_EXCHANGEDB_denomination_keys_iterate(), we must fetch the information from the database! */ - if (0 /* #5536 */) - { - qs = TEH_plugin->iterate_denomination_info (TEH_plugin->cls, - &reload_public_denoms_cb, - &rfc); - GNUNET_break (0 <= qs); /* warn, but continue, fingers crossed */ - } + qs = TEH_plugin->iterate_denomination_info (TEH_plugin->cls, + &reload_public_denoms_cb, + &rfc); + GNUNET_break (0 <= qs); /* warn, but continue, fingers crossed */ /* Initialize `current_sign_key_issue` and `rfc.sign_keys_array` */ TALER_EXCHANGEDB_signing_keys_iterate (TEH_exchange_directory, &reload_keys_sign_iter, diff --git a/src/exchangedb/exchangedb_denomkeys.c b/src/exchangedb/exchangedb_denomkeys.c index d23f8f2f0..400912168 100644 --- a/src/exchangedb/exchangedb_denomkeys.c +++ b/src/exchangedb/exchangedb_denomkeys.c @@ -268,6 +268,7 @@ denomkeys_iterate_keydir_iter (void *cls, struct TALER_MasterDenominationKeyRevocation rm; const struct TALER_MasterSignatureP *revoked; + /* FIXME: #5536: should move .rev files into DB! */ if ( (strlen(filename) > strlen (".rev")) && (0 == strcmp (&filename[strlen(filename) - strlen (".rev")], ".rev")) ) |