search

eu-federation-gateway-service / efgs-federation-gateway

The goal of this project is to develop the official European solution for the interoperability between national backend servers of decentralised contact tracing applications to combat COVID-19.
Apache License 2.0
59 stars 25 forks source link

Audit Endpoint returns Audit information in wrong order #237

Closed f11h closed 3 years ago

f11h commented 4 years ago

Describe the bug

Under special circumstances (they are not known yet) the audit endpoint returns the audit information in a wrong order.

Uploading 3 batches (A, B, C) with each 3 keys inside. EFGS will batch these into one batch with a batch tag (e.g. 20201029-12). Downloading the keys will result in 9 key in the following order: A1, A2, A3, B1, B2, ...

The corresponding audit download has returned something like:

This makes the Batch signature verification difficult.

Expected behaviour

The corresponding audit download should be:

Steps to reproduce the issue

not known yet

Possible Fix

see linked PR

cascremers commented 4 years ago

A possible cause could be implicit concurrency in the uploads if there are multiple servers handling the requests.

(As mentioned in earlier discussions, the current ordering reconstruction based on timestamps / database result order is rather fragile especially in the context of multiple servers.)