From 2d49fa974c4f325610157f3606efa939f961e7f4 Mon Sep 17 00:00:00 2001 From: Thien-Thi Nguyen Date: Tue, 22 Dec 2020 09:36:32 -0500 Subject: add link to ‘Auditor-configuration’ in Exchange manual MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- taler-auditor-manual.rst | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/taler-auditor-manual.rst b/taler-auditor-manual.rst index 3bab780f..8b8c309a 100644 --- a/taler-auditor-manual.rst +++ b/taler-auditor-manual.rst @@ -335,8 +335,7 @@ The equivalent step must be performed by the exchange operator. Here, the exchange operator must use the ``taler-exchange-offline`` tool to add the auditor's public key, base URL and (business) name to the list of approved auditors of the exchange. For details, -see the exchange operator manual. -# FIXME-ttn: add link please? +see the `exchange operator manual Auditor-configuration`__). .. _SigningDenominations: -- cgit v1.2.3 From 66bb864d675166928146391eb7ea64769ffb7a04 Mon Sep 17 00:00:00 2001 From: Thien-Thi Nguyen Date: Tue, 22 Dec 2020 09:39:09 -0500 Subject: add link to ‘Auditor-configuration’ in Exchange manual (try 2) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- taler-auditor-manual.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/taler-auditor-manual.rst b/taler-auditor-manual.rst index 8b8c309a..d455fe1a 100644 --- a/taler-auditor-manual.rst +++ b/taler-auditor-manual.rst @@ -335,7 +335,7 @@ The equivalent step must be performed by the exchange operator. Here, the exchange operator must use the ``taler-exchange-offline`` tool to add the auditor's public key, base URL and (business) name to the list of approved auditors of the exchange. For details, -see the `exchange operator manual Auditor-configuration`__). +see the `exchange operator manual Auditor-configuration`_). .. _SigningDenominations: -- cgit v1.2.3 From e9064172e45b1d4fcbdc80d9785b8510737e2f3b Mon Sep 17 00:00:00 2001 From: Thien-Thi Nguyen Date: Tue, 22 Dec 2020 09:41:14 -0500 Subject: add link to ‘Auditor-configuration’ in Exchange manual (try 3) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- taler-auditor-manual.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/taler-auditor-manual.rst b/taler-auditor-manual.rst index d455fe1a..638f8903 100644 --- a/taler-auditor-manual.rst +++ b/taler-auditor-manual.rst @@ -335,7 +335,7 @@ The equivalent step must be performed by the exchange operator. Here, the exchange operator must use the ``taler-exchange-offline`` tool to add the auditor's public key, base URL and (business) name to the list of approved auditors of the exchange. For details, -see the `exchange operator manual Auditor-configuration`_). +see the exchange operator manual (`Auditor configuration`_). .. _SigningDenominations: -- cgit v1.2.3 From 5d92afe9604ae8ad48ed2dc17998c375e789070a Mon Sep 17 00:00:00 2001 From: Thien-Thi Nguyen Date: Tue, 22 Dec 2020 09:53:09 -0500 Subject: add link to ‘Auditor-configuration’ in Exchange manual (try 4) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- taler-auditor-manual.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/taler-auditor-manual.rst b/taler-auditor-manual.rst index 638f8903..66415f66 100644 --- a/taler-auditor-manual.rst +++ b/taler-auditor-manual.rst @@ -335,7 +335,7 @@ The equivalent step must be performed by the exchange operator. Here, the exchange operator must use the ``taler-exchange-offline`` tool to add the auditor's public key, base URL and (business) name to the list of approved auditors of the exchange. For details, -see the exchange operator manual (`Auditor configuration`_). +see :ref:`Auditor-configuration`. .. _SigningDenominations: -- cgit v1.2.3 From 8efedaa39c2448f28393514b311d203800c7f33d Mon Sep 17 00:00:00 2001 From: Thien-Thi Nguyen Date: Tue, 22 Dec 2020 09:56:46 -0500 Subject: mention that the link is in the exchange operator manual --- taler-auditor-manual.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/taler-auditor-manual.rst b/taler-auditor-manual.rst index 66415f66..f08d0fab 100644 --- a/taler-auditor-manual.rst +++ b/taler-auditor-manual.rst @@ -335,7 +335,7 @@ The equivalent step must be performed by the exchange operator. Here, the exchange operator must use the ``taler-exchange-offline`` tool to add the auditor's public key, base URL and (business) name to the list of approved auditors of the exchange. For details, -see :ref:`Auditor-configuration`. +see :ref:`Auditor-configuration` in the exchange operator manual. .. _SigningDenominations: -- cgit v1.2.3 From d0858fc12a3929029add55eebb16c4636e457dfb Mon Sep 17 00:00:00 2001 From: Thien-Thi Nguyen Date: Tue, 22 Dec 2020 09:58:42 -0500 Subject: add link to ‘Revocations’ in Exchange manual MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- taler-auditor-manual.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/taler-auditor-manual.rst b/taler-auditor-manual.rst index f08d0fab..7d9e9932 100644 --- a/taler-auditor-manual.rst +++ b/taler-auditor-manual.rst @@ -540,7 +540,7 @@ When an auditor detects that the private key of a denomination key pair has been compromised, one important step is to revoke the denomination key. The exchange operator includes the details on how to revoke a denomination key, so the auditor should only have to report (and possibly enforce) this step. --- FIXME-ttn: link to exchange chapter on revocations here? +For more information, see :ref:`Revocations` in the exchange operator manual. If all denominations of an exchange are revoked, the exchange includes logic to wire back all returned funds to the bank accounts from which they -- cgit v1.2.3 From b8210fad7bee4f452ec837237d5cd6ca29e5b621 Mon Sep 17 00:00:00 2001 From: Thien-Thi Nguyen Date: Tue, 22 Dec 2020 10:52:21 -0500 Subject: mark up ‘[auditor]’ MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- taler-auditor-manual.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/taler-auditor-manual.rst b/taler-auditor-manual.rst index 7d9e9932..c8c6786f 100644 --- a/taler-auditor-manual.rst +++ b/taler-auditor-manual.rst @@ -266,7 +266,7 @@ documentation for details. Database -------- -The option ``DB`` under section [auditor] gets the DB backend’s name the +The option ``DB`` under section ``[auditor]`` gets the DB backend’s name the exchange is going to use. So far, only ``DB = postgres`` is supported. After choosing the backend, it is mandatory to supply the connection string (namely, the database name). This is possible in two ways: -- cgit v1.2.3 From 5c6f937a6d199eb5a78b19dc91f504b62cb31caf Mon Sep 17 00:00:00 2001 From: Thien-Thi Nguyen Date: Tue, 22 Dec 2020 10:53:15 -0500 Subject: mark up ‘[auditor]’ (two instances) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- taler-auditor-manual.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/taler-auditor-manual.rst b/taler-auditor-manual.rst index c8c6786f..4ff022b9 100644 --- a/taler-auditor-manual.rst +++ b/taler-auditor-manual.rst @@ -223,7 +223,7 @@ offline key, it is only used for a few cryptographic signatures and thus the respective code can be run on modest hardware, like a Raspberry Pi. -The following values are to be configured in the section [auditor]: +The following values are to be configured in the section ``[auditor]``: - ``AUDITOR_PRIV_FILE``: Path to the auditor’s private key file. @@ -238,7 +238,7 @@ Serving The auditor can serve HTTP over both TCP and UNIX domain socket. -The following values are to be configured in the section [auditor]: +The following values are to be configured in the section ``[auditor]``: - ``serve``: must be set to ``tcp`` to serve HTTP over TCP, or ``unix`` to serve HTTP over a UNIX domain socket -- cgit v1.2.3 From 2d44c7138315e815ed6f1a944aa29202839dfd8d Mon Sep 17 00:00:00 2001 From: Thien-Thi Nguyen Date: Tue, 22 Dec 2020 11:05:09 -0500 Subject: indent code block --- taler-auditor-manual.rst | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/taler-auditor-manual.rst b/taler-auditor-manual.rst index 4ff022b9..52d00f67 100644 --- a/taler-auditor-manual.rst +++ b/taler-auditor-manual.rst @@ -276,15 +276,15 @@ choosing the backend, it is mandatory to supply the connection string - via configuration option ``CONFIG``, under section ``[auditordb-BACKEND]``. For example, the demo exchange is configured as follows: -.. code-block:: ini + .. code-block:: ini - [auditor] - ... - DB = postgres - ... + [auditor] + ... + DB = postgres + ... - [auditordb-postgres] - CONFIG = postgres:///auditordemo + [auditordb-postgres] + CONFIG = postgres:///auditordemo If an exchange runs its own auditor, it may use the same database for the auditor and the exchange itself. -- cgit v1.2.3 From 582112ffdd6586329d457e42b7c8d5e86175d024 Mon Sep 17 00:00:00 2001 From: Thien-Thi Nguyen Date: Tue, 22 Dec 2020 11:07:37 -0500 Subject: add colon at end of para to introduce code block --- taler-auditor-manual.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/taler-auditor-manual.rst b/taler-auditor-manual.rst index 52d00f67..c940527b 100644 --- a/taler-auditor-manual.rst +++ b/taler-auditor-manual.rst @@ -355,7 +355,7 @@ each auditor should run $ taler-auditor-offline download > input.json to import the latest set of denomination keys. The key data -should then be inspected using +should then be inspected using: .. code-block:: console -- cgit v1.2.3 From c7f9f998c6b6cfecadcad310a6acad48a74c206c Mon Sep 17 00:00:00 2001 From: Thien-Thi Nguyen Date: Tue, 22 Dec 2020 11:08:21 -0500 Subject: add colon at end of para to introduce code block --- taler-auditor-manual.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/taler-auditor-manual.rst b/taler-auditor-manual.rst index c940527b..e01981be 100644 --- a/taler-auditor-manual.rst +++ b/taler-auditor-manual.rst @@ -348,7 +348,7 @@ Signing Denominations This step must be performed regularly whenever the exchange is deploying new denomination keys. After the exchange operator has signed new keys using the ``taler-exchange-offline`` tool, -each auditor should run +each auditor should run: .. code-block:: console -- cgit v1.2.3 From c4715b175841c6c36d9bd33a8c2175741d6bc508 Mon Sep 17 00:00:00 2001 From: Thien-Thi Nguyen Date: Tue, 22 Dec 2020 11:11:12 -0500 Subject: add ‘.. code-block:: console’ MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- taler-auditor-manual.rst | 2 ++ 1 file changed, 2 insertions(+) diff --git a/taler-auditor-manual.rst b/taler-auditor-manual.rst index e01981be..b953b3f2 100644 --- a/taler-auditor-manual.rst +++ b/taler-auditor-manual.rst @@ -383,6 +383,8 @@ on its offline system) using: The resulting ``output.json`` should then be copied to an online system, and from there uploaded to the exchange using: +.. code-block:: console + $ taler-auditor-offline upload < output.json The contents of ``output.json`` can again be public and require no special -- cgit v1.2.3 From 7a0cef1bfdba2b44b9d3865feca99856f5f35fe1 Mon Sep 17 00:00:00 2001 From: Thien-Thi Nguyen Date: Tue, 22 Dec 2020 22:11:28 -0500 Subject: mention "HTTP basic auth"; add rfc link --- libeufin/concepts.rst | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/libeufin/concepts.rst b/libeufin/concepts.rst index 9cfc13e4..157d6fe3 100644 --- a/libeufin/concepts.rst +++ b/libeufin/concepts.rst @@ -38,8 +38,9 @@ Nexus Users The concept of a *nexus user* is used to implement access control to the operations that the nexus provides. -A user has a login name and a (salted, hashed) password. (Other authentication -methods could be added in the future.) +A user has a login name and a (salted, hashed) password. +This is the `HTTP basic auth `_ method. +(Other authentication methods could be added in the future.) A nexus user can be marked as *superuser*. All permission checks are skipped for superusers. Only superusers are allowed to create/modify other users. -- cgit v1.2.3 From 8b56c12d1845b044df381e3cc60bd1e7d8387f9c Mon Sep 17 00:00:00 2001 From: Thien-Thi Nguyen Date: Tue, 22 Dec 2020 22:29:24 -0500 Subject: in examples, replace curl(1) w/ http(1) invocations (httpie) --- libeufin/concepts.rst | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/libeufin/concepts.rst b/libeufin/concepts.rst index 157d6fe3..a0f2bb7b 100644 --- a/libeufin/concepts.rst +++ b/libeufin/concepts.rst @@ -67,7 +67,8 @@ Examples: .. code-block:: console # Download latest transactions via the default bank connection and store them locally - $ curl -XPOST $AUTHEADER https://example1.libeufin.tech/bank-accounts/my-acct/fetch-transactions + $ http -a $USER:$PASSWORD POST \ + https://example1.libeufin.tech/bank-accounts/my-acct/fetch-transactions Bank Connections ---------------- @@ -101,12 +102,14 @@ Examples: .. code-block:: console # Manually request the inter-day account report via the EBICS C52 order - $ curl -XPOST $AUTHEADER https://example1.libeufin.tech/bank-connections/my-ebics-testacct/ebics/download/C52 + $ http -a $USER:$PASSWORD POST \ + https://example1.libeufin.tech/bank-connections/my-ebics-testacct/ebics/download/C52 # Download available bank accounts that can be accessed through this connection, # according to the bank server (with EBICS, does a HTD request). # For each of them, create a bank account resource in LibEuFin. - $ curl -XPOST $AUTHEADER https://example1.libeufin.tech/bank-connection/my-ebics-testacct/fetch-accounts + $ http -a $USER:$PASSWORD POST \ + https://example1.libeufin.tech/bank-connection/my-ebics-testacct/fetch-accounts Facades ------- @@ -129,7 +132,8 @@ Examples: .. code-block:: console # Request the Taler-specific history through the facade - $ curl $AUTHEADER https://example1.libeufin.tech/facades/my-taler-wire-gw/taler/history/incoming + $ http -a $USER:$PASSWORD \ + https://example1.libeufin.tech/facades/my-taler-wire-gw/taler/history/incoming Access Control ============== -- cgit v1.2.3 From d2824c938212fc9de85ec3bbf3bb0f595e7ac01e Mon Sep 17 00:00:00 2001 From: Thien-Thi Nguyen Date: Tue, 22 Dec 2020 23:21:16 -0500 Subject: mention "no escaping" for quoted strings in taler.conf(5) This addresses . --- manpages/taler.conf.5.rst | 3 +++ 1 file changed, 3 insertions(+) diff --git a/manpages/taler.conf.5.rst b/manpages/taler.conf.5.rst index 66e9699d..ad64c92c 100644 --- a/manpages/taler.conf.5.rst +++ b/manpages/taler.conf.5.rst @@ -27,6 +27,9 @@ The values, however, are *case-sensitive*. In particular, boolean values are one of ``YES`` or ``NO``. Values can include whitespace by surrounding the entire value with ``"`` (double quote). +Note, however, that there are no escape characters in such strings; +all characters between the double quotes (including other double quotes) +are taken verbatim. Values that represent filenames can begin with a ``/bin/sh``-like variable reference. -- cgit v1.2.3 From dfcce6afb735a8fb8fb3c784f6dff539f415e744 Mon Sep 17 00:00:00 2001 From: Thien-Thi Nguyen Date: Thu, 24 Dec 2020 06:02:54 -0500 Subject: mention GNU recutils necessary for bootstrap --- developers-manual.rst | 2 ++ 1 file changed, 2 insertions(+) diff --git a/developers-manual.rst b/developers-manual.rst index f176cbe9..22e933e9 100644 --- a/developers-manual.rst +++ b/developers-manual.rst @@ -570,6 +570,8 @@ Update the Texinfo documentation using the files from docs.git: Finally, the Automake ``Makefile.am`` files may have to be adjusted to include new ``*.texi`` files or images. +For bootstrap, you will need to install +`GNU Recutils `_. For the exchange test cases to pass, ``make install`` must be run first. Without it, test cases will fail because plugins can't be located. -- cgit v1.2.3