[taler-anastasis] branch master updated: document and shorten default pa

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[taler-anastasis] branch master updated: document and shorten default pa

From:	gnunet
Subject:	[taler-anastasis] branch master updated: document and shorten default payment timeout (fixes #7073)
Date:	Fri, 31 Dec 2021 18:26:52 +0100

This is an automated email from the git hooks/post-receive script.

grothoff pushed a commit to branch master
in repository anastasis.

The following commit(s) were added to refs/heads/master by this push:
     new 0919fe8  document and shorten default payment timeout (fixes #7073)
0919fe8 is described below

commit 0919fe8b52588bd8f3adb83817158abc9434ac5b
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Fri Dec 31 18:26:49 2021 +0100

    document and shorten default payment timeout (fixes #7073)
---
 doc/sphinx/rest.rst                         | 4 ++--
 src/backend/anastasis-httpd_policy.c        | 7 -------
 src/backend/anastasis-httpd_policy_upload.c | 2 +-
 src/backend/anastasis-httpd_truth.c         | 7 -------
 4 files changed, 3 insertions(+), 17 deletions(-)

diff --git a/doc/sphinx/rest.rst b/doc/sphinx/rest.rst
index 9127354..605fc9f 100644
--- a/doc/sphinx/rest.rst
+++ b/doc/sphinx/rest.rst
@@ -216,7 +216,7 @@ In the following, UUID is always defined and used according 
to `RFC 4122`_.
   :query timeout_ms=NUMBER: *Optional.*  If specified, the Anastasis server 
will
     wait up to ``timeout_ms`` milliseconds for completion of the payment before
     sending the HTTP response.  A client must never rely on this behavior, as 
the
-    backend may return a response immediately.
+    backend may return a response immediately. If a ``timeout_ms`` is not 
given, the Anastasis server may apply a default timeout (usually 30s) when 
talking to the merchant backend.
 
   *If-None-Match*: This header MUST be present and set to the SHA512 hash 
(Etag) of the body by the client.
   The client SHOULD also set the ``Expect: 100-Continue`` header and wait for 
``100 continue``
@@ -227,7 +227,7 @@ In the following, UUID is always defined and used according 
to `RFC 4122`_.
 
   *Anastasis-Policy-Signature*: The client must provide Base-32 encoded EdDSA 
signature over hash of body with ``$ACCOUNT_PRIV``, affirming desire to upload 
an encrypted recovery document.
 
-  *Payment-Identifier*: Base-32 encoded 32-byte payment identifier that was 
included in a previous payment (see ``402`` status code). Used to allow the 
server to check that the client paid for the upload (to protect the server 
against DoS attacks) and that the client knows a real secret of financial value 
(as the **kdf_id** might be known to an attacker). If this header is missing in 
the client's request (or the associated payment has exceeded the upload limit), 
the server must return a  [...]
+  *Payment-Identifier*: Base-32 encoded 32-byte payment identifier that was 
included in a previous payment (see ``402`` status code). Used to allow the 
server to check that the client paid for the upload (to protect the server 
against DoS attacks) and that the client knows a real secret of financial value 
(as the **kdf_id** might be known to an attacker). If this header is missing in 
the client's request (or the associated payment has exceeded the upload limit), 
the server must return a  [...]
 
   **Response**:
 
diff --git a/src/backend/anastasis-httpd_policy.c 
b/src/backend/anastasis-httpd_policy.c
index 6e206a2..99ed719 100644
--- a/src/backend/anastasis-httpd_policy.c
+++ b/src/backend/anastasis-httpd_policy.c
@@ -30,13 +30,6 @@
 #include <taler/taler_merchant_service.h>
 #include <taler/taler_signatures.h>
 
-/**
- * How long do we hold an HTTP client connection if
- * we are awaiting payment before giving up?
- */
-#define CHECK_PAYMENT_GENERIC_TIMEOUT GNUNET_TIME_relative_multiply ( \
-    GNUNET_TIME_UNIT_MINUTES, 30)
-
 
 /**
  * Return the current recoverydocument of @a account on @a connection
diff --git a/src/backend/anastasis-httpd_policy_upload.c 
b/src/backend/anastasis-httpd_policy_upload.c
index 4c86241..11f15e2 100644
--- a/src/backend/anastasis-httpd_policy_upload.c
+++ b/src/backend/anastasis-httpd_policy_upload.c
@@ -35,7 +35,7 @@
  * we are awaiting payment before giving up?
  */
 #define CHECK_PAYMENT_GENERIC_TIMEOUT GNUNET_TIME_relative_multiply ( \
-    GNUNET_TIME_UNIT_MINUTES, 30)
+    GNUNET_TIME_UNIT_SECONDS, 30)
 
 
 /**
diff --git a/src/backend/anastasis-httpd_truth.c 
b/src/backend/anastasis-httpd_truth.c
index 54969bf..2a80cb7 100644
--- a/src/backend/anastasis-httpd_truth.c
+++ b/src/backend/anastasis-httpd_truth.c
@@ -37,13 +37,6 @@
 #define MAX_QUESTION_FREQ GNUNET_TIME_relative_multiply ( \
     GNUNET_TIME_UNIT_SECONDS, 30)
 
-/**
- * How long do we hold an HTTP client connection if
- * we are awaiting payment before giving up?
- */
-#define CHECK_PAYMENT_GENERIC_TIMEOUT GNUNET_TIME_relative_multiply ( \
-    GNUNET_TIME_UNIT_MINUTES, 30)
-
 /**
  * How long should the wallet check for auto-refunds before giving up?
  */

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.

[Prev in Thread]

Current Thread

[Next in Thread]

[taler-anastasis] branch master updated: document and shorten default payment timeout (fixes #7073), gnunet <=

Prev by Date: [taler-marketing] branch master updated: more texting
Next by Date: [taler-anastasis] branch master updated: default to account expiration minimum of 1 year
Previous by thread: [taler-marketing] branch master updated: more texting
Next by thread: [taler-anastasis] branch master updated: default to account expiration minimum of 1 year
Index(es):
- Date
- Thread