summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2020-04-19 22:31:00 +0200
committerChristian Grothoff <christian@grothoff.org>2020-04-19 22:31:00 +0200
commitab752e95910fe5a077be9e4807b2d8536ce3fc70 (patch)
treed4faf0f7e59fc7ad2cfee65ccc99f8e58a93d2c7
parent7a46b3fb1a177506dcc5b462df8a1d2a9c5b99c5 (diff)
downloadexchange-ab752e95910fe5a077be9e4807b2d8536ce3fc70.tar.gz
exchange-ab752e95910fe5a077be9e4807b2d8536ce3fc70.tar.bz2
exchange-ab752e95910fe5a077be9e4807b2d8536ce3fc70.zip
also validate merchant IBANs before signing
-rw-r--r--src/include/taler_error_codes.h141
-rw-r--r--src/json/json_wire.c17
2 files changed, 152 insertions, 6 deletions
diff --git a/src/include/taler_error_codes.h b/src/include/taler_error_codes.h
index 10ad555a..c882d27d 100644
--- a/src/include/taler_error_codes.h
+++ b/src/include/taler_error_codes.h
@@ -1539,6 +1539,70 @@ enum TALER_ErrorCode
TALER_EC_TRACK_TRANSFER_JSON_BAD_WIRE_FEE = 2410,
/**
+ * The merchant backend cannot create an instance under the given
+ * identifier as one already exists. Use PATCH to modify the existing
+ * entry. The response is provied with an HTTP status of
+ * #MHD_HTTP_CONFLICT.
+ */
+ TALER_EC_POST_INSTANCES_ALREADY_EXISTS = 2450,
+
+ /**
+ * The merchant backend cannot create an instance because the
+ * specified bank accounts are somehow invalid. The response is
+ * provied with an HTTP status of #MHD_HTTP_BAD_REQUEST.
+ */
+ TALER_EC_POST_INSTANCES_BAD_PAYTO_URIS = 2451,
+
+ /**
+ * The merchant backend cannot create an instance because it failed to
+ * start the database transaction. The response is provied with an
+ * HTTP status of #MHD_HTTP_INTERNAL_SERVER_ERROR.
+ */
+ TALER_EC_POST_INSTANCES_DB_START_ERROR = 2452,
+
+ /**
+ * The merchant backend cannot create an instance because it failed to
+ * commit the database transaction. The response is provied with an
+ * HTTP status of #MHD_HTTP_INTERNAL_SERVER_ERROR.
+ */
+ TALER_EC_POST_INSTANCES_DB_COMMIT_ERROR = 2453,
+
+ /**
+ * The merchant backend cannot delete an instance because it failed to
+ * commit the database transaction. The response is provied with an
+ * HTTP status of #MHD_HTTP_INTERNAL_SERVER_ERROR.
+ */
+ TALER_EC_DELETE_INSTANCES_ID_DB_HARD_FAILURE = 2454,
+
+ /**
+ * The merchant backend cannot delete the data because it already does
+ * not exist. The response is provied with an HTTP status of
+ * #MHD_HTTP_NOT_FOUND.
+ */
+ TALER_EC_DELETE_INSTANCES_ID_NO_SUCH_INSTANCE = 2455,
+
+ /**
+ * The merchant backend cannot update an instance because the
+ * specified bank accounts are somehow invalid. The response is
+ * provied with an HTTP status of #MHD_HTTP_BAD_REQUEST.
+ */
+ TALER_EC_PATCH_INSTANCES_BAD_PAYTO_URIS = 2456,
+
+ /**
+ * The merchant backend cannot patch an instance because it failed to
+ * start the database transaction. The response is provied with an
+ * HTTP status of #MHD_HTTP_INTERNAL_SERVER_ERROR.
+ */
+ TALER_EC_PATCH_INSTANCES_DB_START_ERROR = 2457,
+
+ /**
+ * The merchant backend cannot patch an instance because it failed to
+ * commit the database transaction. The response is provied with an
+ * HTTP status of #MHD_HTTP_INTERNAL_SERVER_ERROR.
+ */
+ TALER_EC_PATCH_INSTANCES_DB_COMMIT_ERROR = 2458,
+
+ /**
* The hash provided in the request of /map/in does not match the
* contract sent alongside in the same request.
*/
@@ -1610,6 +1674,83 @@ enum TALER_ErrorCode
TALER_EC_PROPOSAL_REPLY_MALFORMED = 2510,
/**
+ * The merchant backend failed to lookup the products. The response is
+ * provied with an HTTP status of #MHD_HTTP_INTERNAL_SERVER_ERROR.
+ */
+ TALER_EC_GET_PRODUCTS_DB_LOOKUP_ERROR = 2550,
+
+ /**
+ * The merchant backend failed to start the transaction. The response
+ * is provied with an HTTP status of #MHD_HTTP_INTERNAL_SERVER_ERROR.
+ */
+ TALER_EC_PRODUCTS_POST_DB_START_ERROR = 2551,
+
+ /**
+ * The product ID exists. The response is provied with an HTTP status
+ * of #MHD_HTTP_CONFLICT.
+ */
+ TALER_EC_PRODUCTS_POST_CONFLICT_PRODUCT_EXISTS = 2552,
+
+ /**
+ * The merchant backend failed to serialize the transaction. The
+ * response is provied with an HTTP status of
+ * #MHD_HTTP_INTERNAL_SERVER_ERROR.
+ */
+ TALER_EC_PRODUCTS_POST_DB_COMMIT_SOFT_ERROR = 2553,
+
+ /**
+ * The merchant backend failed to commit the transaction. The response
+ * is provied with an HTTP status of #MHD_HTTP_INTERNAL_SERVER_ERROR.
+ */
+ TALER_EC_PRODUCTS_POST_DB_COMMIT_HARD_ERROR = 2554,
+
+ /**
+ * The merchant backend failed to commit the transaction. The response
+ * is provied with an HTTP status of #MHD_HTTP_INTERNAL_SERVER_ERROR.
+ */
+ TALER_EC_PRODUCTS_PATCH_DB_COMMIT_HARD_ERROR = 2555,
+
+ /**
+ * The merchant backend did not find the product to be updated. The
+ * response is provied with an HTTP status of #MHD_HTTP_NOT_FOUND.
+ */
+ TALER_EC_PRODUCTS_PATCH_UNKNOWN_PRODUCT = 2556,
+
+ /**
+ * The update would have reduced the total amount of product lost,
+ * which is not allowed. The response is provied with an HTTP status
+ * of #MHD_HTTP_CONFLICT.
+ */
+ TALER_EC_PRODUCTS_PATCH_TOTAL_LOST_REDUCED = 2557,
+
+ /**
+ * The update would have reduced the total amount of product sold,
+ * which is not allowed. The response is provied with an HTTP status
+ * of #MHD_HTTP_CONFLICT.
+ */
+ TALER_EC_PRODUCTS_PATCH_TOTAL_SOLD_REDUCED = 2558,
+
+ /**
+ * The update would have reduced the total amount of product in stock,
+ * which is not allowed. The response is provied with an HTTP status
+ * of #MHD_HTTP_CONFLICT.
+ */
+ TALER_EC_PRODUCTS_PATCH_TOTAL_STOCKED_REDUCED = 2559,
+
+ /**
+ * The lock request is for more products than we have left (unlocked)
+ * in stock. The response is provied with an HTTP status of
+ * #MHD_HTTP_CONFLICT.
+ */
+ TALER_EC_PRODUCTS_LOCK_INSUFFICIENT_STOCKS = 2560,
+
+ /**
+ * The lock request is for an unknown product. The response is provied
+ * with an HTTP status of #MHD_HTTP_NOT_FOUND.
+ */
+ TALER_EC_PRODUCTS_LOCK_UNKNOWN_PRODUCT = 2561,
+
+ /**
* The merchant returned a malformed response. Error created client-
* side.
*/
diff --git a/src/json/json_wire.c b/src/json/json_wire.c
index 8fd99ab6..f0580819 100644
--- a/src/json/json_wire.c
+++ b/src/json/json_wire.c
@@ -414,6 +414,11 @@ TALER_JSON_merchant_wire_signature_hash (const json_t *wire_s,
GNUNET_break_op (0);
return GNUNET_SYSERR;
}
+ if (GNUNET_SYSERR == validate_payto (payto_uri))
+ {
+ GNUNET_break_op (0);
+ return GNUNET_SYSERR;
+ }
TALER_merchant_wire_signature_hash (payto_uri,
salt,
hc);
@@ -430,9 +435,9 @@ TALER_JSON_merchant_wire_signature_hash (const json_t *wire_s,
* @return #GNUNET_OK if signature is valid
*/
int
-TALER_JSON_exchange_wire_signature_check (const json_t *wire_s,
- const struct
- TALER_MasterPublicKeyP *master_pub)
+TALER_JSON_exchange_wire_signature_check (
+ const json_t *wire_s,
+ const struct TALER_MasterPublicKeyP *master_pub)
{
const char *payto_uri;
struct TALER_MasterSignatureP master_sig;
@@ -471,9 +476,9 @@ TALER_JSON_exchange_wire_signature_check (const json_t *wire_s,
* @return NULL if @a payto_uri is malformed
*/
json_t *
-TALER_JSON_exchange_wire_signature_make (const char *payto_uri,
- const struct
- TALER_MasterPrivateKeyP *master_priv)
+TALER_JSON_exchange_wire_signature_make (
+ const char *payto_uri,
+ const struct TALER_MasterPrivateKeyP *master_priv)
{
struct TALER_MasterSignatureP master_sig;