Return 400 error if requested tree size > reality

Currently we return a 500 error if a consistency proof is requested for a size that exceeds the current state of the log. This change causes a 400 "Bad Request" error with a more descriptive error message to be returned. Fixes #199 Signed-off-by: Bob Callaway <bcallawa@redhat.com>

Return 400 error if requested tree size > reality
5366584c · Bob Callaway · 3c6ce167 · 5366584c · 5366584c
Commit 5366584c authored 4 years ago by Bob Callaway
--- a/pkg/api/error.go
+++ b/pkg/api/error.go
@@ -34,12 +34,13 @@ const (
 	trillianUnexpectedResult       = "Unexpected result from transparency log"
 	failedToGenerateCanonicalEntry = "Error generating canonicalized entry"
 	entryAlreadyExists             = "An equivalent entry already exists in the transparency log"
-	firstSizeLessThanLastSize      = "firstSize(%v) must be less than lastSize(%v)"
+	firstSizeLessThanLastSize      = "firstSize(%d) must be less than lastSize(%d)"
 	malformedUUID                  = "UUID must be a 64-character hexadecimal string"
 	malformedHash                  = "Hash must be a 64-character hexadecimal string created from SHA256 algorithm"
 	malformedPublicKey             = "Public key provided could not be parsed"
 	failedToGenerateCanonicalKey   = "Error generating canonicalized public key"
 	redisUnexpectedResult          = "Unexpected result from searching index"
+	lastSizeGreaterThanKnown       = "The tree size requested(%d) was greater than what is currently observable(%d)"
 )

 func errorMsg(message string, code int) *models.Error {

--- a/pkg/api/tlog.go
+++ b/pkg/api/tlog.go
@@ -21,7 +21,6 @@ import (
 	"crypto/x509"
 	"encoding/hex"
 	"encoding/pem"
-	"errors"
 	"fmt"
 	"net/http"

@@ -107,7 +106,10 @@ func GetLogProofHandler(params tlog.GetLogProofParams) middleware.Responder {
 			proofHashes = append(proofHashes, hex.EncodeToString(hash))
 		}
 	} else {
-		return handleRekorAPIError(params, http.StatusInternalServerError, errors.New("grpc call succeeded but no proof returned"), trillianUnexpectedResult)
+		// The proof field may be empty if the requested tree_size was larger than that available at the server
+		// (e.g. because there is skew between server instances, and an earlier client request was processed by
+		// a more up-to-date instance). root.TreeSize is the maximum size currently observed
+		return handleRekorAPIError(params, http.StatusBadRequest, nil, fmt.Sprintf(lastSizeGreaterThanKnown, params.LastSize, root.TreeSize))
 	}

 	consistencyProof := models.ConsistencyProof{