summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--doc/taler-exchange.texi21
-rw-r--r--src/exchange/taler-exchange-httpd_keystate.c19
2 files changed, 29 insertions, 11 deletions
diff --git a/doc/taler-exchange.texi b/doc/taler-exchange.texi
index 50a0535ec..4e6a0fb96 100644
--- a/doc/taler-exchange.texi
+++ b/doc/taler-exchange.texi
@@ -472,14 +472,17 @@ ENABLE for each account whether it should be used, and for what
[account-1]
URL = "payto://sepa/CH9300762011623852957"
WIRE_RESPONSE = $@{TALER_CONFIG_HOME@}/account-1.json
-PLUGIN = ebics
+
+# Currently, only the 'taler_bank' plugin is implemented.
+PLUGIN = <plugin_name_here>
# Use for exchange-aggregator (outgoing transfers)
ENABLE_DEBIT = YES
# Use for exchange-wirewatch (and listed in /wire)
ENABLE_CREDIT = YES
-# ... add authentication options here
+# Authentication options for the chosen plugin go here.
+# (Next sections have examples of authentication mechanisms)
@end example
The command line tool @cite{taler-exchange-wire} is used to create
@@ -509,9 +512,7 @@ requests.
The @code{taler_bank} plugin implements the wire method ``x-taler-bank''.
-The format of the @code{payto://} URL is @code{payto://x-taler-bank/HOSTNAME:PORT},
-possibly followed by other parameters like the amount and wire transfer subject
-as per the @code{payto://} standard.
+The format of the @code{payto://} URL is @code{payto://x-taler-bank/HOSTNAME[:PORT]}.
For basic authentication, the @code{taler_bank} plugin only supports
simple password-based authentication. For this, the configuration
@@ -520,8 +521,14 @@ account at the bank.
@setsyntax ini
@example
-[account-2]
-URL = "payto://test/localhost:8080"
+[account-1]
+
+# Bank account details here..
+# ..
+
+# Authentication options for the taler_bank plugin below:
+
+TALER_BANK_AUTH_METHOD = basic
USERNAME = exchange
PASSWORD = super-secure
@end example
diff --git a/src/exchange/taler-exchange-httpd_keystate.c b/src/exchange/taler-exchange-httpd_keystate.c
index 36f464ba8..30a0bbf12 100644
--- a/src/exchange/taler-exchange-httpd_keystate.c
+++ b/src/exchange/taler-exchange-httpd_keystate.c
@@ -783,16 +783,27 @@ revocations_iter (void *cls,
GNUNET_h2s (denom_hash));
dki = GNUNET_CONTAINER_multihashmap_get (key_state->denomkey_map,
denom_hash);
- if (NULL == dki)
+ // FIXME: what do we do if dki is not known?
+ // especially what if we have neither private key NOR
+ // DB entry? (maybe ancient revocation? should we ignore it?)
+ if (NULL != dki)
{
GNUNET_assert (GNUNET_YES ==
GNUNET_CONTAINER_multihashmap_remove (key_state->denomkey_map,
denom_hash,
dki));
- res = store_in_map (key_state->revoked_map,
- dki);
- if (GNUNET_NO == res)
+ if (GNUNET_NO ==
+ GNUNET_CONTAINER_multihashmap_put (key_state->revoked_map,
+ &dki->issue.properties.denom_hash,
+ dki,
+ GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY))
+ {
+ /* revocation file must exist twice, keep only one of the dkis */
+ GNUNET_CRYPTO_rsa_private_key_free (dki->denom_priv.rsa_private_key);
+ GNUNET_CRYPTO_rsa_public_key_free (dki->denom_pub.rsa_public_key);
+ GNUNET_free (dki);
return GNUNET_OK;
+ }
}
/* Try to insert DKI into DB until we succeed; note that if the DB
failure is persistent, we need to die, as we cannot continue