mirror of
https://github.com/Xahau/xahaud.git
synced 2025-11-20 18:45:55 +00:00
Howard Hinnant
committed by
Nik Bougalis
Nik Bougalis
parent
157c066f2b
commit
146ea5d44e
@@ -288,6 +288,19 @@ ManifestCache::applyManifest (Manifest m)
|
|||||||
|
|
||||||
bool const revoked = m.revoked();
|
bool const revoked = m.revoked();
|
||||||
|
|
||||||
|
if (revoked)
|
||||||
|
{
|
||||||
|
/*
|
||||||
|
A validator master key has been compromised, so its manifests
|
||||||
|
are now untrustworthy. In order to prevent us from accepting
|
||||||
|
a forged manifest signed by the compromised master key, store
|
||||||
|
this manifest, which has the highest possible sequence number
|
||||||
|
and therefore can't be superseded by a forged one.
|
||||||
|
*/
|
||||||
|
if (auto stream = j_.warn())
|
||||||
|
logMftAct(stream, "Revoked", m.masterKey, m.sequence);
|
||||||
|
}
|
||||||
|
|
||||||
if (iter == map_.end ())
|
if (iter == map_.end ())
|
||||||
{
|
{
|
||||||
/*
|
/*
|
||||||
@@ -301,7 +314,8 @@ ManifestCache::applyManifest (Manifest m)
|
|||||||
if (! revoked)
|
if (! revoked)
|
||||||
signingToMasterKeys_[m.signingKey] = m.masterKey;
|
signingToMasterKeys_[m.signingKey] = m.masterKey;
|
||||||
|
|
||||||
map_.emplace (std::make_pair(m.masterKey, std::move (m)));
|
auto masterKey = m.masterKey;
|
||||||
|
map_.emplace(std::move(masterKey), std::move(m));
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
@@ -321,19 +335,6 @@ ManifestCache::applyManifest (Manifest m)
|
|||||||
iter->second = std::move (m);
|
iter->second = std::move (m);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (revoked)
|
|
||||||
{
|
|
||||||
/*
|
|
||||||
A validator master key has been compromised, so its manifests
|
|
||||||
are now untrustworthy. In order to prevent us from accepting
|
|
||||||
a forged manifest signed by the compromised master key, store
|
|
||||||
this manifest, which has the highest possible sequence number
|
|
||||||
and therefore can't be superseded by a forged one.
|
|
||||||
*/
|
|
||||||
if (auto stream = j_.warn())
|
|
||||||
logMftAct(stream, "Revoked", m.masterKey, m.sequence);
|
|
||||||
}
|
|
||||||
|
|
||||||
return ManifestDisposition::accepted;
|
return ManifestDisposition::accepted;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -779,15 +779,15 @@ ServerHandlerImp::processRequest (Port const& port,
|
|||||||
result["code"] = result[jss::error_code];
|
result["code"] = result[jss::error_code];
|
||||||
result["message"] = result[jss::error_message];
|
result["message"] = result[jss::error_message];
|
||||||
result.removeMember(jss::error_message);
|
result.removeMember(jss::error_message);
|
||||||
r[jss::error] = std::move(result);
|
|
||||||
JLOG (m_journal.debug()) <<
|
JLOG (m_journal.debug()) <<
|
||||||
"rpcError: " << result [jss::error] <<
|
"rpcError: " << result [jss::error] <<
|
||||||
": " << result [jss::error_message];
|
": " << result [jss::error_message];
|
||||||
|
r[jss::error] = std::move(result);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
result[jss::status] = jss::success;
|
result[jss::status] = jss::success;
|
||||||
r[jss::result] = std::move(result);
|
r[jss::result] = std::move(result);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
|
|||||||
Reference in New Issue
Block a user