[Qt] Payment request expiration bug fix (re-done)

- this is based on #4122 (which can be closed) Currently a payment request is only checked for expiration upon receipt. It should be checked again immediately before sending coins to prevent the user from paying to an expired invoice which would then require a customer service interaction. - add static verifyExpired() function to PaymentServer to be able to use the same validation code in GUI and unit-testing code - extend unit tests to use that function and also add an unit test which overflows, because payment requests allow expires as uint64, whereas we use int64_t for verification of expired payment requests
2015-01-08 14:42:04 +01:00
parent e0cd2f5523
commit 6715efb9ca
7 changed files with 137 additions and 13 deletions
--- a/src/qt/paymentserver.cpp
+++ b/src/qt/paymentserver.cpp
@@ -518,8 +518,6 @@ bool PaymentServer::processPaymentRequest(PaymentRequestPlus& request, SendCoins
        return false;

    if (request.IsInitialized()) {
-        const payments::PaymentDetails& details = request.getDetails();
-
        // Payment request network matches client network?
        if (!verifyNetwork(request.getDetails())) {
            emit message(tr("Payment request rejected"), tr("Payment request network doesn't match client network."),
@@ -528,16 +526,15 @@ bool PaymentServer::processPaymentRequest(PaymentRequestPlus& request, SendCoins
            return false;
        }

-        // Expired payment request?
-        if (details.has_expires() && (int64_t)details.expires() < GetTime())
-        {
-            emit message(tr("Payment request rejected"), tr("Payment request has expired."),
+        // Make sure any payment requests involved are still valid.
+        // This is re-checked just before sending coins in WalletModel::sendCoins().
+        if (verifyExpired(request.getDetails())) {
+            emit message(tr("Payment request rejected"), tr("Payment request expired."),
                CClientUIInterface::MSG_ERROR);

            return false;
        }
-    }
-    else {
+    } else {
        emit message(tr("Payment request error"), tr("Payment request is not initialized."),
            CClientUIInterface::MSG_ERROR);

@@ -756,3 +753,15 @@ bool PaymentServer::verifyNetwork(const payments::PaymentDetails& requestDetails
    }
    return fVerified;
 }
+
+bool PaymentServer::verifyExpired(const payments::PaymentDetails& requestDetails)
+{
+    bool fVerified = (requestDetails.has_expires() && (int64_t)requestDetails.expires() < GetTime());
+    if (fVerified) {
+        const QString requestExpires = QString::fromStdString(DateTimeStrFormat("%Y-%m-%d %H:%M:%S", (int64_t)requestDetails.expires()));
+        qWarning() << QString("PaymentServer::%1: Payment request expired \"%2\".")
+            .arg(__func__)
+            .arg(requestExpires);
+    }
+    return fVerified;
+}