Commit e27d4fe1 authored by Jonathon Duerig's avatar Jonathon Duerig
Browse files

Do not allow stale tickets to be redeemed.

parent 1dc32f23
......@@ -1507,14 +1507,19 @@ sub RedeemTicket($)
return GeniResponse->Create(GENIRESPONSE_BADARGS, undef,
"No slice here");
}
my $open_ticket = GeniTicket->SliceTicket($slice);
if (! defined($open_ticket) || $open_ticket->idx() ne $ticket->idx()) {
return GeniResponse->Create(GENIRESPONSE_BADARGS, undef,
"This ticket is stale");
}
if ($slice_urn ne $slice->urn()) {
return GeniResponse->Create(GENIRESPONSE_FORBIDDEN(), undef,
"Credential does not match the URN");
}
my $isupdate = defined($aggregate);
return GeniCM::SliverWorkAux($credential,
$ticket, $keys, $isupdate, $impotent, 1, 1);
return GeniCM::SliverWorkAux($credential, $open_ticket, $keys,
$isupdate, $impotent, 1, 1);
}
#
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment