From f00d029affb0a1e27fb6c0d0aae279bc165c2bf4 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Tue, 24 Aug 2021 22:29:30 +0200 Subject: IBAN test passes --- .../anastasis-helper-authorization-iban.c | 121 +++++++++++---------- .../anastasis_authorization_plugin_iban.c | 32 +++--- src/backend/anastasis-httpd_truth.c | 18 ++- src/cli/Makefile.am | 3 +- src/cli/test_iban.sh | 11 +- 5 files changed, 101 insertions(+), 84 deletions(-) diff --git a/src/authorization/anastasis-helper-authorization-iban.c b/src/authorization/anastasis-helper-authorization-iban.c index 4a14d05..012780d 100644 --- a/src/authorization/anastasis-helper-authorization-iban.c +++ b/src/authorization/anastasis-helper-authorization-iban.c @@ -46,9 +46,9 @@ static struct ANASTASIS_EUFIN_AuthenticationData auth; /** - * Bank account payto://-URI this process is monitoring. + * Bank account IBAN this process is monitoring. */ -static char *credit_account_uri; +static char *iban; /** * Active request for history. @@ -182,6 +182,41 @@ find_transfers (void *cls); #include "iban.c" +/** + * Extract IBAN from a payto URI. + * + * @return NULL on error + */ +static char * +payto_get_iban (const char *payto_uri) +{ + const char *start; + const char *q; + const char *bic_end; + + if (0 != + strncasecmp (payto_uri, + "payto://iban/", + strlen ("payto://iban/"))) + return NULL; + start = &payto_uri[strlen ("payto://iban/")]; + q = strchr (start, + '?'); + bic_end = strchr (start, + '/'); + if ( (NULL != q) && + (NULL != bic_end) && + (bic_end < q) ) + start = bic_end + 1; + if ( (NULL == q) && + (NULL != bic_end) ) + start = bic_end + 1; + if (NULL == q) + return GNUNET_strdup (start); + return GNUNET_strndup (start, + q - start); +} + /** * Callbacks of this type are used to serve the result of asking @@ -240,13 +275,20 @@ history_cb (void *cls, "Adding wire transfer over %s with (hashed) subject `%s'\n", TALER_amount2s (&details->amount), details->wire_subject); - qs = db_plugin->record_auth_iban_payment (db_plugin->cls, - serial_id, - details->wire_subject, - &details->amount, - details->debit_account_uri, - credit_account_uri, - details->execution_date); + { + char *dcanon = payto_get_iban (details->debit_account_uri); + char *ccanon = payto_get_iban (details->credit_account_uri); + + qs = db_plugin->record_auth_iban_payment (db_plugin->cls, + serial_id, + details->wire_subject, + &details->amount, + dcanon, + ccanon, + details->execution_date); + GNUNET_free (ccanon); + GNUNET_free (dcanon); + } switch (qs) { case GNUNET_DB_STATUS_HARD_ERROR: @@ -340,54 +382,19 @@ run (void *cls, global_ret = EXIT_NOTCONFIGURED; return; } + if (GNUNET_OK != + GNUNET_CONFIGURATION_get_value_string (cfg, + "authorization-iban", + "CREDIT_IBAN", + &iban)) { - char *iban; - char *receiver_name; - - if (GNUNET_OK != - GNUNET_CONFIGURATION_get_value_string (cfg, - "authorization-iban", - "CREDIT_IBAN", - &iban)) - { - GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, - "authorization-iban", - "CREDIT_IBAN"); - global_ret = EXIT_NOTCONFIGURED; - ANASTASIS_DB_plugin_unload (db_plugin); - db_plugin = NULL; - return; - } - if (GNUNET_OK != - GNUNET_CONFIGURATION_get_value_string (cfg, - "authorization-iban", - "BUSINESS_NAME", - &receiver_name)) - { - GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, - "authorization-iban", - "BUSINESS_NAME"); - global_ret = EXIT_NOTCONFIGURED; - ANASTASIS_DB_plugin_unload (db_plugin); - db_plugin = NULL; - return; - } - { - size_t len; - char *uri_receiver_name; - - len = GNUNET_STRINGS_urlencode (receiver_name, - strlen (receiver_name), - &uri_receiver_name); - GNUNET_assert (uri_receiver_name[len] == '\0'); - GNUNET_asprintf (&credit_account_uri, - "payto://iban/%s?receiver-name=%s", - iban, - uri_receiver_name); - GNUNET_free (uri_receiver_name); - } - GNUNET_free (iban); - GNUNET_free (receiver_name); + GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, + "authorization-iban", + "CREDIT_IBAN"); + global_ret = EXIT_NOTCONFIGURED; + ANASTASIS_DB_plugin_unload (db_plugin); + db_plugin = NULL; + return; } if (GNUNET_OK != @@ -406,7 +413,7 @@ run (void *cls, enum GNUNET_DB_QueryStatus qs; qs = db_plugin->get_last_auth_iban_payment_row (db_plugin->cls, - credit_account_uri, + iban, &latest_row_off); if (qs < 0) { diff --git a/src/authorization/anastasis_authorization_plugin_iban.c b/src/authorization/anastasis_authorization_plugin_iban.c index 49c2ad5..9aa0b96 100644 --- a/src/authorization/anastasis_authorization_plugin_iban.c +++ b/src/authorization/anastasis_authorization_plugin_iban.c @@ -277,17 +277,20 @@ bank_event_cb (void *cls, struct ANASTASIS_AUTHORIZATION_State *as = cls; char *amount_s; - amount_s = GNUNET_strndup (extra, - extra_size); - if (GNUNET_OK != - TALER_string_to_amount (amount_s, - &as->amount)) + if (NULL != extra) { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Expected amount in event notification, got `%s'\n", - amount_s); + amount_s = GNUNET_strndup (extra, + extra_size); + if (GNUNET_OK != + TALER_string_to_amount (amount_s, + &as->amount)) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Expected amount in event notification, got `%s'\n", + amount_s); + } + GNUNET_free (amount_s); } - GNUNET_free (amount_s); MHD_resume_connection (as->connection); as->trigger (as->trigger_cls); } @@ -463,12 +466,9 @@ test_wire_transfers (struct ANASTASIS_AUTHORIZATION_State *as) limit = GNUNET_TIME_absolute_subtract (now, CODE_VALIDITY_PERIOD); (void) GNUNET_TIME_round_abs (&limit); - GNUNET_asprintf (&debit_account_uri, - "payto://iban/%s", - as->iban_number); qs = db->test_auth_iban_payment ( db->cls, - debit_account_uri, + as->iban_number, limit, &check_payment_ok, as); @@ -489,6 +489,8 @@ test_wire_transfers (struct ANASTASIS_AUTHORIZATION_State *as) case GNUNET_DB_STATUS_SUCCESS_ONE_RESULT: break; } + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "Marking IBAN challenge as satisfied!\n"); qs = db->mark_challenge_code_satisfied ( db->cls, &as->truth_uuid, @@ -562,6 +564,8 @@ iban_process (struct ANASTASIS_AUTHORIZATION_State *as, switch (test_wire_transfers (as)) { case WTS_SUCCESS: + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "IBAN authorization finished!\n"); return ANASTASIS_AUTHORIZATION_RES_FINISHED; case WTS_NOT_READY: break; /* continue below */ @@ -579,6 +583,8 @@ iban_process (struct ANASTASIS_AUTHORIZATION_State *as, return respond_with_challenge (as, connection); case GNUNET_DB_STATUS_SUCCESS_ONE_RESULT: + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "IBAN authorization finished!\n"); return ANASTASIS_AUTHORIZATION_RES_FINISHED; } /* should be impossible */ diff --git a/src/backend/anastasis-httpd_truth.c b/src/backend/anastasis-httpd_truth.c index 3b853dc..aa3011b 100644 --- a/src/backend/anastasis-httpd_truth.c +++ b/src/backend/anastasis-httpd_truth.c @@ -129,6 +129,11 @@ struct GetContext */ struct GNUNET_CONTAINER_HeapNode *hn; + /** + * Challenge response we got from the request. + */ + struct GNUNET_HashCode challenge_response; + /** * How long do we wait at most for payment or * authorization? @@ -965,6 +970,8 @@ run_authorization_process (struct MHD_Connection *connection, GNUNET_assert (! gc->suspended); gc->authorization->cleanup (gc->as); gc->as = NULL; + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "Resuming with authorization successful!\n"); if (gc->in_list) { GNUNET_CONTAINER_DLL_remove (gc_head, @@ -986,7 +993,6 @@ AH_handler_truth_get ( struct TM_HandlerContext *hc) { struct GetContext *gc = hc->ctx; - struct GNUNET_HashCode challenge_response; void *encrypted_truth; size_t encrypted_truth_size; void *decrypted_truth; @@ -1071,7 +1077,7 @@ AH_handler_truth_get ( if ( (NULL != challenge_response_s) && (GNUNET_OK != GNUNET_CRYPTO_hash_from_string (challenge_response_s, - &challenge_response)) ) + &gc->challenge_response)) ) { GNUNET_break_op (0); return TALER_MHD_reply_with_error (connection, @@ -1367,15 +1373,15 @@ AH_handler_truth_get ( GNUNET_assert (0); } } - if ( (decrypted_truth_size != sizeof (challenge_response)) || - (0 != memcmp (&challenge_response, + if ( (decrypted_truth_size != sizeof (struct GNUNET_HashCode)) || + (0 != memcmp (&gc->challenge_response, decrypted_truth, decrypted_truth_size)) ) { GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Wrong answer provided to secure question had %u bytes, wanted %u\n", (unsigned int) decrypted_truth_size, - (unsigned int) sizeof (challenge_response)); + (unsigned int) sizeof (struct GNUNET_HashCode)); GNUNET_free (decrypted_truth); GNUNET_free (truth_mime); return TALER_MHD_reply_with_error (connection, @@ -1398,7 +1404,7 @@ AH_handler_truth_get ( GNUNET_free (truth_mime); cs = db->verify_challenge_code (db->cls, &gc->truth_uuid, - &challenge_response, + &gc->challenge_response, &satisfied); switch (cs) { diff --git a/src/cli/Makefile.am b/src/cli/Makefile.am index 74cfcef..8434c91 100644 --- a/src/cli/Makefile.am +++ b/src/cli/Makefile.am @@ -18,7 +18,8 @@ check_SCRIPTS = \ test_anastasis_reducer_done_authentication.sh \ test_anastasis_reducer_done_policy_review.sh \ test_anastasis_reducer_enter_secret.sh \ - test_anastasis_reducer_recovery_enter_user_attributes.sh + test_anastasis_reducer_recovery_enter_user_attributes.sh \ + test_iban.sh AM_TESTS_ENVIRONMENT=export ANASTASIS_PREFIX=$${ANASTASIS_PREFIX:-@libdir@};export PATH=$${ANASTASIS_PREFIX:-@prefix@}/bin:$$PATH;unset XDG_DATA_HOME;unset XDG_CONFIG_HOME; diff --git a/src/cli/test_iban.sh b/src/cli/test_iban.sh index f3f9f79..772b1c0 100755 --- a/src/cli/test_iban.sh +++ b/src/cli/test_iban.sh @@ -17,9 +17,6 @@ function exit_fail() { # Cleanup to run whenever we exit function cleanup() { - if test $? != 0 -o $? != 77; then - echo "ERROR: see also nexus.log and sandbox.log" - fi for n in `jobs -p` do kill $n 2> /dev/null || true @@ -82,7 +79,7 @@ function see_anastasis_transactions_via_facade() { # $4 = bank account name local to Nexus, $5 = bank account name as known # by Sandbox function prepare_nexus_account() { - echo -n Making bank connection $3 + echo -n "Making bank connection $3 ..." libeufin-cli connections new-ebics-connection \ --ebics-url="${SANDBOX_URL}ebicsweb" \ --host-id=$EBICS_HOST \ @@ -90,7 +87,7 @@ function prepare_nexus_account() { --ebics-user-id=$1 \ $3 > /dev/null echo " OK" - echo -n Connecting $3 .. + echo -n "Connecting $3 ..." libeufin-cli connections connect $3 > /dev/null echo " OK" echo -n "Importing Sandbox bank account ($5) to Nexus ($4) ..." @@ -160,7 +157,7 @@ nexus_pid=$! if ! curl -s --retry 5 --retry-connrefused $NEXUS_URL > /dev/null; then exit_skip "Could not launch Nexus" fi -echo "OK" +echo " OK" echo -n "Starting Sandbox ..." libeufin-sandbox serve &> sandbox.log & @@ -287,7 +284,7 @@ echo " OK" echo -n "Launching Anastasis service ..." PREFIX="" #valgrind -$PREFIX anastasis-httpd -c $CONF 2> anastasis-httpd_1.log & +$PREFIX anastasis-httpd -c $CONF -L INFO 2> anastasis-httpd_1.log & echo " OK" echo -n "Waiting for Anastasis service ..." -- cgit v1.2.3