diff options
Diffstat (limited to 'src/auditor/generate-revoke-basedb.sh')
-rwxr-xr-x | src/auditor/generate-revoke-basedb.sh | 365 |
1 files changed, 179 insertions, 186 deletions
diff --git a/src/auditor/generate-revoke-basedb.sh b/src/auditor/generate-revoke-basedb.sh index e687b1ffd..29aa74b27 100755 --- a/src/auditor/generate-revoke-basedb.sh +++ b/src/auditor/generate-revoke-basedb.sh @@ -6,183 +6,138 @@ # create/drop databases. # set -eu +# set -x +. setup.sh -trap "kill `jobs -p` &> /dev/null || true" ERR - -# Exit, with status code "skip" (no 'real' failure) -function exit_skip() { - echo $1 - exit 77 -} - -# Where do we write the result? -export BASEDB=${1:-"revoke-basedb"} - -# Name of the Postgres database we will use for the script. -# Will be dropped, do NOT use anything that might be used -# elsewhere -export TARGET_DB=taler-auditor-revokedb -TMP_DIR=`mktemp -d revocation-tmp-XXXXXX` -export WALLET_DB=wallet-revocation.json -rm -f $WALLET_DB - -# Configuration file will be edited, so we create one -# from the template. -export CONF=generate-auditor-basedb-revocation.conf -cp generate-auditor-basedb-template.conf $CONF - - -echo -n "Testing for taler-bank-manage" -taler-bank-manage -h >/dev/null </dev/null || exit_skip " MISSING" -echo " FOUND" -echo -n "Testing for taler-wallet-cli" -taler-wallet-cli -v >/dev/null </dev/null || exit_skip " MISSING" +echo -n "Testing for curl ..." +curl --help >/dev/null </dev/null || exit_skip " MISSING" echo " FOUND" - - -# Clean up -DATA_DIR=`taler-config -f -c $CONF -s PATHS -o TALER_HOME` -rm -rf $DATA_DIR || true +CONF="generate-auditor-basedb.conf" # reset database -dropdb $TARGET_DB >/dev/null 2>/dev/null || true -createdb $TARGET_DB || exit_skip "Could not create database $TARGET_DB" +echo -n "Reset 'auditor-basedb' database ..." +dropdb "auditor-basedb" >/dev/null 2>/dev/null || true +createdb "auditor-basedb" || exit_skip "Could not create database '$BASEDB'" +echo " DONE" -# obtain key configuration data -MASTER_PRIV_FILE=`taler-config -f -c $CONF -s EXCHANGE -o MASTER_PRIV_FILE` -MASTER_PRIV_DIR=`dirname $MASTER_PRIV_FILE` -mkdir -p $MASTER_PRIV_DIR -gnunet-ecc -g1 $MASTER_PRIV_FILE > /dev/null -export MASTER_PUB=`gnunet-ecc -p $MASTER_PRIV_FILE` -export EXCHANGE_URL=`taler-config -c $CONF -s EXCHANGE -o BASE_URL` -MERCHANT_PORT=`taler-config -c $CONF -s MERCHANT -o PORT` -export MERCHANT_URL=http://localhost:${MERCHANT_PORT}/ -BANK_PORT=`taler-config -c $CONF -s BANK -o HTTP_PORT` -export BANK_URL=http://localhost:${BANK_PORT}/ -export AUDITOR_URL=http://localhost:8083/ - -# patch configuration -taler-config -c $CONF -s exchange -o MASTER_PUBLIC_KEY -V $MASTER_PUB -taler-config -c $CONF -s merchant-exchange-default -o MASTER_KEY -V $MASTER_PUB -taler-config -c $CONF -s exchangedb-postgres -o CONFIG -V postgres:///$TARGET_DB -taler-config -c $CONF -s auditordb-postgres -o CONFIG -V postgres:///$TARGET_DB -taler-config -c $CONF -s merchantdb-postgres -o CONFIG -V postgres:///$TARGET_DB -taler-config -c $CONF -s bank -o database -V postgres:///$TARGET_DB -taler-config -c $CONF -s exchange -o KEYDIR -V "${TMP_DIR}/keydir/" -taler-config -c $CONF -s exchange -o REVOCATION_DIR -V "${TMP_DIR}/revdir/" - -# setup exchange -echo "Setting up exchange" -taler-exchange-dbinit -c $CONF -taler-exchange-wire -c $CONF 2> taler-exchange-wire.log -taler-exchange-keyup -L INFO -c $CONF -o e2a.dat 2> taler-exchange-keyup.log - -# setup auditor -echo "Setting up auditor" -taler-auditor-dbinit -c $CONF -taler-auditor-exchange -c $CONF -m $MASTER_PUB -u $EXCHANGE_URL -taler-auditor-sign -c $CONF -u $AUDITOR_URL -r e2a.dat -o a2e.dat -m $MASTER_PUB -rm -f e2a.dat - -# provide auditor's signature to exchange -ABD=`taler-config -c $CONF -s EXCHANGEDB -o AUDITOR_BASE_DIR -f` -mkdir -p $ABD -mv a2e.dat $ABD - -# Launch services -echo "Launching services" -taler-bank-manage-testing $CONF postgres:///$TARGET_DB serve-http &> revocation-bank.log & -taler-exchange-httpd -c $CONF 2> taler-exchange-httpd.log & -EXCHANGE_PID=$! -taler-merchant-httpd -c $CONF -L INFO 2> taler-merchant-httpd.log & -MERCHANT_PID=$! -taler-exchange-wirewatch -c $CONF 2> taler-exchange-wirewatch.log & -taler-auditor-httpd -c $CONF 2> taler-auditor-httpd.log & +# Launch exchange, merchant and bank. +setup -c "$CONF" \ + -abemw \ + -d "iban" -# Wait for all bank to be available (usually the slowest) -for n in `seq 1 50` -do - echo -n "." - sleep 0.2 - OK=0 - # bank - wget http://localhost:8082/ -o /dev/null -O /dev/null >/dev/null || continue - OK=1 - break -done -# Wait for all other services to be available -for n in `seq 1 50` -do - echo -n "." - sleep 0.1 - OK=0 - # exchange - wget http://localhost:8081/ -o /dev/null -O /dev/null >/dev/null || continue - # merchant - wget http://localhost:9966/ -o /dev/null -O /dev/null >/dev/null || continue - # Auditor - wget http://localhost:8083/ -o /dev/null -O /dev/null >/dev/null || continue - OK=1 - break -done +# obtain key configuration data +EXCHANGE_URL=$(taler-config -c "$CONF" -s EXCHANGE -o BASE_URL) +MERCHANT_PORT=$(taler-config -c "$CONF" -s MERCHANT -o PORT) +MERCHANT_URL="http://localhost:${MERCHANT_PORT}/" +BANK_PORT=$(taler-config -c "$CONF" -s BANK -o HTTP_PORT) +BANK_URL="http://localhost:${BANK_PORT}" -if [ 1 != $OK ] -then - kill `jobs -p` - wait - exit_skip "Failed to launch services" -fi +# Setup merchant +echo -n "Setting up merchant ..." +curl -H "Content-Type: application/json" -X POST -d '{"auth": {"method": "external"}, "accounts":[{"payto_uri":"payto://iban/SANDBOXX/DE474361?receiver-name=Merchant43"}],"id":"default","name":"default","address":{},"jurisdiction":{},"default_max_wire_fee":"TESTKUDOS:1", "default_max_deposit_fee":"TESTKUDOS:1","default_wire_fee_amortization":1,"default_wire_transfer_delay":{"d_us" : 3600000000},"default_pay_delay":{"d_us": 3600000000},"use_stefan":true}' "${MERCHANT_URL}management/instances" echo " DONE" + # run wallet CLI echo "Running wallet" -taler-wallet-cli --wallet-db=$WALLET_DB --no-throttle \ - testing withdraw \ - -e $EXCHANGE_URL \ - -b $BANK_URL \ - -a TESTKUDOS:8 - -export coins=$(taler-wallet-cli --wallet-db=$WALLET_DB advanced dump-coins) +export WALLET_DB="wallet.wdb" +rm -f "$WALLET_DB" + +taler-wallet-cli \ + --no-throttle \ + --wallet-db="$WALLET_DB" \ + api \ + --expect-success 'withdrawTestBalance' \ + "$(jq -n ' + { + amount: "TESTKUDOS:8", + corebankApiBaseUrl: $BANK_URL, + exchangeBaseUrl: $EXCHANGE_URL, + }' \ + --arg BANK_URL "$BANK_URL" \ + --arg EXCHANGE_URL "$EXCHANGE_URL" + )" &> taler-wallet-cli-withdraw.log + +taler-wallet-cli \ + --no-throttle \ + --wallet-db="$WALLET_DB" \ + run-until-done \ + &> taler-wallet-cli-withdraw-finish.log + +export COINS=$(taler-wallet-cli --wallet-db="$WALLET_DB" advanced dump-coins) + +echo -n "COINS are:" +echo "$COINS" # Find coin we want to revoke -export rc=$(echo "$coins" | jq -r '[.coins[] | select((.denom_value == "TESTKUDOS:2"))][0] | .coin_pub') +export rc=$(echo "$COINS" | jq -r '[.coins[] | select((.denom_value == "TESTKUDOS:2"))][0] | .coin_pub') # Find the denom -export rd=$(echo "$coins" | jq -r '[.coins[] | select((.denom_value == "TESTKUDOS:2"))][0] | .denom_pub_hash') -echo "Revoking denomination ${rd} (to affect coin ${rc})" +export rd=$(echo "$COINS" | jq -r '[.coins[] | select((.denom_value == "TESTKUDOS:2"))][0] | .denom_pub_hash') +echo -n "Revoking denomination ${rd} (to affect coin ${rc}) ..." # Find all other coins, which will be suspended -export susp=$(echo "$coins" | jq --arg rc "$rc" '[.coins[] | select(.coin_pub != $rc) | .coin_pub]') +export susp=$(echo "$COINS" | jq --arg rc "$rc" '[.coins[] | select(.coin_pub != $rc) | .coin_pub]') # Do the revocation -taler-exchange-keyup -o e2a2.dat -c $CONF -r $rd -taler-auditor-sign -c $CONF -u $AUDITOR_URL -r e2a2.dat -o a2e2.dat -m $MASTER_PUB -rm e2a2.dat -mv a2e2.dat $ABD - -# Restart the exchange... -kill -SIGUSR1 $EXCHANGE_PID -sleep 1 # Give exchange time to re-scan data -echo "Restarted the exchange post revocation" +taler-exchange-offline \ + -c $CONF \ + revoke-denomination "${rd}" \ + upload \ + &> taler-exchange-offline-revoke.log +echo "DONE" + +echo -n "Signing replacement keys ..." +sleep 1 # Give exchange time to create replacmenent key + +# Re-sign replacement keys +taler-auditor-offline \ + -c $CONF \ + download \ + sign \ + upload \ + &> taler-auditor-offline-reinit.log +echo " DONE" # Now we suspend the other coins, so later we will pay with the recouped coin -taler-wallet-cli --wallet-db=$WALLET_DB advanced suspend-coins "$susp" +taler-wallet-cli \ + --wallet-db="$WALLET_DB" \ + advanced \ + suspend-coins "$susp" # Update exchange /keys so recoup gets scheduled -taler-wallet-cli --wallet-db=$WALLET_DB exchanges update \ - -f $EXCHANGE_URL +taler-wallet-cli \ + --wallet-db="$WALLET_DB" \ + exchanges \ + update \ + -f "$EXCHANGE_URL" # Block until scheduled operations are done -taler-wallet-cli --wallet-db=$WALLET_DB run-until-done +taler-wallet-cli \ + --wallet-db="$WALLET_DB"\ + run-until-done -# Now we buy something, only the coins resulting from recouped will be +# Now we buy something, only the coins resulting from recoup will be # used, as other ones are suspended -taler-wallet-cli --wallet-db=$WALLET_DB testing test-pay \ - -m $MERCHANT_URL -k sandbox \ - -a "TESTKUDOS:1" -s "foo" -taler-wallet-cli --wallet-db=$WALLET_DB run-until-done +taler-wallet-cli \ + --no-throttle \ + --wallet-db="$WALLET_DB" \ + api \ + 'testPay' \ + "$(jq -n ' + { + amount: "TESTKUDOS:1", + merchantBaseUrl: $MERCHANT_URL, + summary: "foo", + }' \ + --arg MERCHANT_URL "$MERCHANT_URL" + )" + +taler-wallet-cli \ + --wallet-db="$WALLET_DB" \ + run-until-done echo "Purchase with recoup'ed coin (via reserve) done" @@ -195,15 +150,21 @@ echo "Will refresh coin ${rrc} of denomination ${zombie_denom}" # Find all other coins, which will be suspended export susp=$(echo "$coins" | jq --arg rrc "$rrc" '[.coins[] | select(.coin_pub != $rrc) | .coin_pub]') -export rrc -export zombie_denom - # Travel into the future! (must match DURATION_WITHDRAW option) export TIMETRAVEL="--timetravel=604800000000" echo "Launching exchange 1 week in the future" kill -TERM $EXCHANGE_PID -taler-exchange-httpd $TIMETRAVEL -c $CONF 2> taler-exchange-httpd.log & +kill -TERM $RSA_DENOM_HELPER_PID +kill -TERM $CS_DENOM_HELPER_PID +kill -TERM $SIGNKEY_HELPER_PID +taler-exchange-secmod-eddsa $TIMETRAVEL -c $CONF 2> ${MY_TMP_DIR}/taler-exchange-secmod-eddsa.log & +SIGNKEY_HELPER_PID=$! +taler-exchange-secmod-rsa $TIMETRAVEL -c $CONF 2> ${MY_TMP_DIR}/taler-exchange-secmod-rsa.log & +RSA_DENOM_HELPER_PID=$! +taler-exchange-secmod-cs $TIMETRAVEL -c $CONF 2> ${MY_TMP_DIR}/taler-exchange-secmod-cs.log & +CS_DENOM_HELPER_PID=$! +taler-exchange-httpd $TIMETRAVEL -c $CONF 2> ${MY_TMP_DIR}/taler-exchange-httpd.log & export EXCHANGE_PID=$! # Wait for exchange to be available @@ -219,8 +180,15 @@ do done echo "Refreshing coin $rrc" -taler-wallet-cli $TIMETRAVEL --wallet-db=$WALLET_DB advanced force-refresh "$rrc" -taler-wallet-cli $TIMETRAVEL --wallet-db=$WALLET_DB run-until-done +taler-wallet-cli \ + "$TIMETRAVEL" \ + --wallet-db="$WALLET_DB" \ + advanced force-refresh \ + "$rrc" +taler-wallet-cli \ + "$TIMETRAVEL" \ + --wallet-db="$WALLET_DB" \ + run-until-done # Update our list of the coins export coins=$(taler-wallet-cli $TIMETRAVEL --wallet-db=$WALLET_DB advanced dump-coins) @@ -243,30 +211,49 @@ export susp=$(echo "$coins" | jq --arg freshc "$freshc" '[.coins[] | select(.coi # Do the revocation of freshc echo "Revoking ${fresh_denom} (to affect coin ${freshc})" -taler-exchange-keyup -c $CONF -o e2a3.dat -r $fresh_denom -taler-auditor-sign -c $CONF -u $AUDITOR_URL -r e2a3.dat -o a2e3.dat -m $MASTER_PUB -rm e2a3.dat -mv a2e3.dat $ABD +taler-exchange-offline \ + -c "$CONF" \ + revoke-denomination \ + "${fresh_denom}" \ + upload &> taler-exchange-offline-revoke-2.log -# Restart the exchange... -kill -SIGUSR1 $EXCHANGE_PID -sleep 1 # give exchange time to re-scan data +sleep 1 # Give exchange time to create replacmenent key +# Re-sign replacement keys +taler-auditor-offline \ + -c "$CONF" \ + download \ + sign \ + upload &> taler-auditor-offline.log # Now we suspend the other coins, so later we will pay with the recouped coin -taler-wallet-cli $TIMETRAVEL --wallet-db=$WALLET_DB advanced suspend-coins "$susp" +taler-wallet-cli \ + "$TIMETRAVEL" \ + --wallet-db="$WALLET_DB" \ + advanced \ + suspend-coins "$susp" # Update exchange /keys so recoup gets scheduled -taler-wallet-cli $TIMETRAVEL --wallet-db=$WALLET_DB exchanges update \ - -f $EXCHANGE_URL +taler-wallet-cli \ + "$TIMETRAVEL"\ + --wallet-db="$WALLET_DB" \ + exchanges update \ + -f "$EXCHANGE_URL" # Block until scheduled operations are done -taler-wallet-cli $TIMETRAVEL --wallet-db=$WALLET_DB run-until-done +taler-wallet-cli \ + "$TIMETRAVEL" \ + --wallet-db="$WALLET_DB" \ + run-until-done echo "Restarting merchant (so new keys are known)" kill -TERM $MERCHANT_PID -taler-merchant-httpd -c $CONF -L INFO 2> taler-merchant-httpd.log & +taler-merchant-httpd \ + -c "$CONF" \ + -L INFO \ + 2> ${MY_TMP_DIR}/taler-merchant-httpd.log & MERCHANT_PID=$! + # Wait for merchant to be again available for n in `seq 1 50` do @@ -281,38 +268,44 @@ done # Now we buy something, only the coins resulting from recoup+refresh will be # used, as other ones are suspended -taler-wallet-cli $TIMETRAVEL --wallet-db=$WALLET_DB testing test-pay \ - -m $MERCHANT_URL -k sandbox \ - -a "TESTKUDOS:0.02" -s "bar" -taler-wallet-cli $TIMETRAVEL --wallet-db=$WALLET_DB run-until-done +taler-wallet-cli $TIMETRAVEL --no-throttle --wallet-db=$WALLET_DB api 'testPay' \ + "$(jq -n ' + { + amount: "TESTKUDOS:0.02", + merchantBaseUrl: $MERCHANT_URL, + summary: "bar", + }' \ + --arg MERCHANT_URL $MERCHANT_URL + )" +taler-wallet-cli \ + "$TIMETRAVEL" \ + --wallet-db="$WALLET_DB" \ + run-until-done echo "Bought something with refresh-recouped coin" echo "Shutting down services" -kill `jobs -p` -wait - +exit_cleanup -# Dump database -echo "Dumping database" -pg_dump -O $TARGET_DB | sed -e '/AS integer/d' > ${BASEDB}.sql -echo $MASTER_PUB > ${BASEDB}.mpub +# Where do we write the result? +export BASEDB=${1:-"revoke-basedb"} -WIRE_FEE_DIR=`taler-config -c $CONF -f -s exchangedb -o WIREFEE_BASE_DIR` -cp $WIRE_FEE_DIR/x-taler-bank.fee ${BASEDB}.fees -date +%s > ${BASEDB}.age +# Dump database +echo "Dumping database ${BASEDB}.sql" +pg_dump -O "auditor-basedb" | sed -e '/AS integer/d' > "${BASEDB}.sql" # clean up -echo "Final clean up (disabled)" -dropdb $TARGET_DB -rm -r $DATA_DIR || true -rm $CONF -rm -r $TMP_DIR +echo -n "Final clean up ..." +kill -TERM "$SETUP_PID" +wait +unset SETUP_PID +dropdb "auditor-basedb" +echo " DONE" echo "=====================================" -echo " Finished revocation DB generation " +echo "Finished generation of ${BASEDB}.sql" echo "=====================================" exit 0 |