aboutsummaryrefslogtreecommitdiff
path: root/src/revocation
diff options
context:
space:
mode:
authorSchanzenbach, Martin <mschanzenbach@posteo.de>2020-04-20 19:38:41 +0200
committerSchanzenbach, Martin <mschanzenbach@posteo.de>2020-04-20 19:38:41 +0200
commitd4fd97e693e462f3bd16425f4e803fe5a99b9d62 (patch)
tree613d9d0c251c5ce7c6d309faf6453d692c496299 /src/revocation
parentc20768b8b09fabaa3c2330cde381e894b1f90efb (diff)
downloadgnunet-d4fd97e693e462f3bd16425f4e803fe5a99b9d62.tar.gz
gnunet-d4fd97e693e462f3bd16425f4e803fe5a99b9d62.zip
predate validity time on creation; extent ttl on validation
Diffstat (limited to 'src/revocation')
-rw-r--r--src/revocation/revocation_api.c16
1 files changed, 10 insertions, 6 deletions
diff --git a/src/revocation/revocation_api.c b/src/revocation/revocation_api.c
index fe600ec7a..291c58dd8 100644
--- a/src/revocation/revocation_api.c
+++ b/src/revocation/revocation_api.c
@@ -510,8 +510,9 @@ GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_Pow *pow,
510 */ 510 */
511 buffer = GNUNET_TIME_relative_divide (epoch_length, 511 buffer = GNUNET_TIME_relative_divide (epoch_length,
512 10); 512 10);
513 ts = GNUNET_TIME_absolute_subtract (ts, 513 exp = GNUNET_TIME_absolute_add (ts, ttl);
514 buffer); 514 exp = GNUNET_TIME_absolute_add (exp,
515 buffer);
515 516
516 if (0 != GNUNET_TIME_absolute_get_remaining (ts).rel_value_us) 517 if (0 != GNUNET_TIME_absolute_get_remaining (ts).rel_value_us)
517 return GNUNET_NO; /* Not yet valid. */ 518 return GNUNET_NO; /* Not yet valid. */
@@ -519,10 +520,6 @@ GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_Pow *pow,
519 ts = GNUNET_TIME_absolute_add (ts, 520 ts = GNUNET_TIME_absolute_add (ts,
520 buffer); 521 buffer);
521 522
522 exp = GNUNET_TIME_absolute_add (ts, ttl);
523 exp = GNUNET_TIME_absolute_add (exp,
524 buffer);
525
526 if (0 == GNUNET_TIME_absolute_get_remaining (exp).rel_value_us) 523 if (0 == GNUNET_TIME_absolute_get_remaining (exp).rel_value_us)
527 return GNUNET_NO; /* expired */ 524 return GNUNET_NO; /* expired */
528 return GNUNET_YES; 525 return GNUNET_YES;
@@ -545,6 +542,13 @@ GNUNET_REVOCATION_pow_init (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
545 struct GNUNET_REVOCATION_PowCalculationHandle *pc; 542 struct GNUNET_REVOCATION_PowCalculationHandle *pc;
546 struct GNUNET_TIME_Absolute ts = GNUNET_TIME_absolute_get (); 543 struct GNUNET_TIME_Absolute ts = GNUNET_TIME_absolute_get ();
547 544
545 /**
546 * Predate the validity period to prevent rejections due to
547 * unsynchronized clocks
548 */
549 ts = GNUNET_TIME_absolute_subtract (ts,
550 GNUNET_TIME_UNIT_WEEKS);
551
548 pc = GNUNET_new (struct GNUNET_REVOCATION_PowCalculationHandle); 552 pc = GNUNET_new (struct GNUNET_REVOCATION_PowCalculationHandle);
549 pc->pow.timestamp = GNUNET_TIME_absolute_hton (ts); 553 pc->pow.timestamp = GNUNET_TIME_absolute_hton (ts);
550 pc->pow.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION); 554 pc->pow.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_REVOCATION);