diff options
-rw-r--r-- | src/auditor/taler-auditor.c | 2 | ||||
-rw-r--r-- | src/lib/exchange_api_common.c | 38 |
2 files changed, 33 insertions, 7 deletions
diff --git a/src/auditor/taler-auditor.c b/src/auditor/taler-auditor.c index f3bb0e2b7..10b38f8b4 100644 --- a/src/auditor/taler-auditor.c +++ b/src/auditor/taler-auditor.c @@ -1805,7 +1805,7 @@ verify_reserve_balance (void *cls, if ( (0ULL == balance.value) && (0U == balance.fraction) ) { - /* TODO: balance is zero, drop reserve details (and then do not update/insert) */ + /* balance is zero, drop reserve details (and then do not update/insert) */ if (rs->had_ri) { GNUNET_log (GNUNET_ERROR_TYPE_INFO, diff --git a/src/lib/exchange_api_common.c b/src/lib/exchange_api_common.c index 3860a6613..04b87cbb9 100644 --- a/src/lib/exchange_api_common.c +++ b/src/lib/exchange_api_common.c @@ -47,6 +47,7 @@ TALER_EXCHANGE_verify_coin_history (const struct { size_t len; struct TALER_Amount rtotal; + struct TALER_Amount fee; if (NULL == history) { @@ -135,8 +136,16 @@ TALER_EXCHANGE_verify_coin_history (const struct GNUNET_break_op (0); return GNUNET_SYSERR; } - /* TODO: check that deposit fee and coin value match - our expectations from /keys! */ + /* check that deposit fee matches our expectations from /keys! */ + TALER_amount_ntoh (&fee, + &dr.deposit_fee); + if (0 != + TALER_amount_cmp (&fee, + &dk->fee_deposit)) + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } add = GNUNET_YES; } else if (0 == strcasecmp (type, @@ -176,8 +185,16 @@ TALER_EXCHANGE_verify_coin_history (const struct GNUNET_break_op (0); return GNUNET_SYSERR; } - /* TODO: check that deposit fee and coin value match - our expectations from /keys! */ + /* check that melt fee matches our expectations from /keys! */ + TALER_amount_ntoh (&fee, + &rm.melt_fee); + if (0 != + TALER_amount_cmp (&fee, + &dk->fee_refresh)) + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } add = GNUNET_YES; } else if (0 == strcasecmp (type, @@ -228,8 +245,17 @@ TALER_EXCHANGE_verify_coin_history (const struct (an auditor ought to check, though). Then again, we similarly had no reason to check the merchant's signature (other than a well-formendess check). */// - /* TODO: check that deposit fee and coin value match - our expectations from /keys! */// + + /* check that refund fee matches our expectations from /keys! */ + TALER_amount_ntoh (&fee, + &rr.refund_fee); + if (0 != + TALER_amount_cmp (&fee, + &dk->fee_refund)) + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } add = GNUNET_NO; } else if (0 == strcasecmp (type, |