From 23bc09fe3c2ca08ce209fffc0ad0ae3e51b06ef4 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Mon, 28 Feb 2022 20:37:19 +0100 Subject: get test-auditor and #7181 to pass --- src/auditor/Makefile.am | 3 +- src/auditor/auditor-basedb.conf | 186 ++++++++++++++++++++++ src/auditor/generate-auditor-basedb.sh | 4 +- src/auditor/generate-revoke-basedb.sh | 2 +- src/auditor/report-lib.c | 44 ++--- src/auditor/revoke-basedb.conf | 37 +++++ src/auditor/taler-helper-auditor-aggregation.c | 15 +- src/auditor/test-auditor.conf | 37 ----- src/auditor/test-auditor.sh | 122 ++++++++------ src/auditor/test-revocation.sh | 4 +- src/exchange/taler-exchange-httpd_transfers_get.c | 2 + src/exchangedb/exchange-0001.sql | 186 +++++++++++----------- src/exchangedb/plugin_exchangedb_postgres.c | 5 + src/exchangedb/test_exchangedb.c | 2 + src/include/taler_exchangedb_plugin.h | 2 + src/pq/pq_result_helper.c | 14 ++ src/testing/test_auditor_api-cs.conf | 2 +- src/testing/test_auditor_api-rsa.conf | 1 + 18 files changed, 464 insertions(+), 204 deletions(-) create mode 100644 src/auditor/auditor-basedb.conf create mode 100644 src/auditor/revoke-basedb.conf delete mode 100644 src/auditor/test-auditor.conf (limited to 'src') diff --git a/src/auditor/Makefile.am b/src/auditor/Makefile.am index 49f4030ea..cdf644d14 100644 --- a/src/auditor/Makefile.am +++ b/src/auditor/Makefile.am @@ -200,7 +200,6 @@ EXTRA_DIST = \ taler-auditor.in \ taler-helper-auditor-render.py \ auditor.conf \ - test-auditor.conf \ test-sync-in.conf \ test-sync-out.conf \ generate-auditor-basedb.sh \ @@ -209,8 +208,10 @@ EXTRA_DIST = \ generate-auditor-basedb-template.conf \ $(check_SCRIPTS) \ auditor-basedb.age \ + auditor-basedb.conf \ auditor-basedb.sql \ auditor-basedb.mpub \ revoke-basedb.age \ + revoke-basedb.conf \ revoke-basedb.sql \ revoke-basedb.mpub diff --git a/src/auditor/auditor-basedb.conf b/src/auditor/auditor-basedb.conf new file mode 100644 index 000000000..b224684e6 --- /dev/null +++ b/src/auditor/auditor-basedb.conf @@ -0,0 +1,186 @@ +[arm] +CONFIG = /research/taler/exchange/src/auditor/auditor-basedb.conf + +[benchmark] +MERCHANT_DETAILS = merchant_details.json +BANK_DETAILS = bank_details.json + +[coin_kudos_10] +rsa_keysize = 1024 +CIPHER = RSA +fee_refund = TESTKUDOS:0.01 +fee_refresh = TESTKUDOS:0.03 +fee_deposit = TESTKUDOS:0.01 +fee_withdraw = TESTKUDOS:0.01 +duration_legal = 3 years +duration_spend = 2 years +duration_withdraw = 7 days +value = TESTKUDOS:10 + +[coin_kudos_8] +rsa_keysize = 1024 +CIPHER = RSA +fee_refund = TESTKUDOS:0.04 +fee_refresh = TESTKUDOS:0.03 +fee_deposit = TESTKUDOS:0.02 +fee_withdraw = TESTKUDOS:0.05 +duration_legal = 3 years +duration_spend = 2 years +duration_withdraw = 7 days +value = TESTKUDOS:8 + +[coin_kudos_5] +rsa_keysize = 1024 +CIPHER = RSA +fee_refund = TESTKUDOS:0.01 +fee_refresh = TESTKUDOS:0.03 +fee_deposit = TESTKUDOS:0.01 +fee_withdraw = TESTKUDOS:0.01 +duration_legal = 3 years +duration_spend = 2 years +duration_withdraw = 7 days +value = TESTKUDOS:5 + +[coin_kudos_4] +rsa_keysize = 1024 +CIPHER = RSA +fee_refund = TESTKUDOS:0.02 +fee_refresh = TESTKUDOS:0.04 +fee_deposit = TESTKUDOS:0.03 +fee_withdraw = TESTKUDOS:0.03 +duration_legal = 3 years +duration_spend = 2 years +duration_withdraw = 7 days +value = TESTKUDOS:4 + +[coin_kudos_2] +rsa_keysize = 1024 +CIPHER = RSA +fee_refund = TESTKUDOS:0.02 +fee_refresh = TESTKUDOS:0.04 +fee_deposit = TESTKUDOS:0.03 +fee_withdraw = TESTKUDOS:0.03 +duration_legal = 3 years +duration_spend = 2 years +duration_withdraw = 7 days +value = TESTKUDOS:2 + +[coin_kudos_1] +rsa_keysize = 1024 +CIPHER = RSA +fee_refund = TESTKUDOS:0.01 +fee_refresh = TESTKUDOS:0.03 +fee_deposit = TESTKUDOS:0.02 +fee_withdraw = TESTKUDOS:0.02 +duration_legal = 3 years +duration_spend = 2 years +duration_withdraw = 7 days +value = TESTKUDOS:1 + +[coin_kudos_ct_10] +rsa_keysize = 1024 +CIPHER = RSA +fee_refund = TESTKUDOS:0.01 +fee_refresh = TESTKUDOS:0.03 +fee_deposit = TESTKUDOS:0.01 +fee_withdraw = TESTKUDOS:0.01 +duration_legal = 3 years +duration_spend = 2 years +duration_withdraw = 7 days +value = TESTKUDOS:0.10 + +[coin_kudos_ct_1] +rsa_keysize = 1024 +CIPHER = RSA +fee_refund = TESTKUDOS:0.01 +fee_refresh = TESTKUDOS:0.01 +fee_deposit = TESTKUDOS:0.01 +fee_withdraw = TESTKUDOS:0.01 +duration_legal = 3 years +duration_spend = 2 years +duration_withdraw = 7 days +value = TESTKUDOS:0.01 + +[payments-generator] +exchange = http://localhost:8081/ +exchange-admin = http://localhost:18080/ +exchange_admin = http://localhost:18080/ +merchant = http://localhost:9966/ +bank = http://localhost:8082/ +instance = default +currency = TESTKUDOS + +[merchant-exchange-default] +CURRENCY = TESTKUDOS +EXCHANGE_BASE_URL = http://localhost:8081/ +MASTER_KEY = TMQ09D9G18Z8TFEABD833SDJ6JQWRYKFHPTWT6DMPQS54ZC66RDG + +[merchant-account-merchant] +ACTIVE_default = YES +HONOR_default = YES +PAYTO_URI = payto://x-taler-bank/localhost/42 + +[exchange-accountcredentials-1] +PASSWORD = x +USERNAME = Exchange +WIRE_GATEWAY_AUTH_METHOD = basic +WIRE_GATEWAY_URL = http://localhost:8082/taler-wire-gateway/Exchange/ + +[exchange-account-1] +enable_credit = yes +enable_debit = yes +PAYTO_URI = payto://x-taler-bank/localhost/Exchange + +[instance-default] +NAME = Merchant Inc. +KEYFILE = ${TALER_DATA_HOME}/merchant/default.priv + +[taler] +CURRENCY_ROUND_UNIT = TESTKUDOS:0.01 +CURRENCY = TESTKUDOS + +[merchantdb-postgres] +CONFIG = postgres:///auditor-basedb + +[merchant] +DEFAULT_MAX_WIRE_FEE = TESTKUDOS:0.10 +KEYFILE = ${TALER_DATA_HOME}/merchant/merchant.priv +DEFAULT_MAX_DEPOSIT_FEE = TESTKUDOS:0.1 +WIREFORMAT = default +WIRE_TRANSFER_DELAY = 1 minute +FORCE_AUDIT = YES +UNIXPATH = ${TALER_RUNTIME_DIR}/merchant.http + +[exchangedb-postgres] +CONFIG = postgres:///auditor-basedb + +[exchange] +LOOKAHEAD_SIGN = 32 weeks 1 day +SIGNKEY_DURATION = 4 weeks +MASTER_PUBLIC_KEY = TMQ09D9G18Z8TFEABD833SDJ6JQWRYKFHPTWT6DMPQS54ZC66RDG +SIGNKEY_LEGAL_DURATION = 4 weeks +UNIXPATH = ${TALER_RUNTIME_DIR}/exchange.http + +[bank] +SERVE = http +ALLOW_REGISTRATIONS = YES +SUGGESTED_EXCHANGE_PAYTO = payto://x-taler-bank/localhost/2 +SUGGESTED_EXCHANGE = http://localhost:8081/ +HTTP_PORT = 8082 +MAX_DEBT_BANK = TESTKUDOS:100000.0 +MAX_DEBT = TESTKUDOS:50.0 +DATABASE = postgres:///taler-auditor-basedb + +[auditordb-postgres] +CONFIG = postgres:///taler-auditor-basedb + +[auditor] +PUBLIC_KEY = 95FVPHMW4110HTPVSGMT2YMDE2BSGXZEV5WSV0TD1DXMF2RQ5HN0 +TINY_AMOUNT = TESTKUDOS:0.01 +BASE_URL = http://localhost:8083/ + +[PATHS] +TALER_CACHE_HOME = $TALER_HOME/.cache/taler/ +TALER_CONFIG_HOME = $TALER_HOME/.config/taler/ +TALER_DATA_HOME = $TALER_HOME/.local/share/taler/ +TALER_HOME = ${PWD}/generate_auditordb_home/ diff --git a/src/auditor/generate-auditor-basedb.sh b/src/auditor/generate-auditor-basedb.sh index 41c91d32d..d05ceb526 100755 --- a/src/auditor/generate-auditor-basedb.sh +++ b/src/auditor/generate-auditor-basedb.sh @@ -41,9 +41,9 @@ BASEDB=${1:-"auditor-basedb"} # Name of the Postgres database we will use for the script. # Will be dropped, do NOT use anything that might be used # elsewhere -TARGET_DB=taler-auditor-basedb +export TARGET_DB=${BASEDB} -WALLET_DB=${BASEDB:-"wallet"}.wdb +export WALLET_DB=${BASEDB:-"wallet"}.wdb # delete existing wallet database rm -f $WALLET_DB diff --git a/src/auditor/generate-revoke-basedb.sh b/src/auditor/generate-revoke-basedb.sh index 09d18b0b7..e3795c72e 100755 --- a/src/auditor/generate-revoke-basedb.sh +++ b/src/auditor/generate-revoke-basedb.sh @@ -32,7 +32,7 @@ export BASEDB=${1:-"revoke-basedb"} # Name of the Postgres database we will use for the script. # Will be dropped, do NOT use anything that might be used # elsewhere -export TARGET_DB=taler-auditor-revokedb +export TARGET_DB=${BASEDB} TMP_DIR=`mktemp -d revocation-tmp-XXXXXX` export WALLET_DB=wallet-revocation.json rm -f $WALLET_DB diff --git a/src/auditor/report-lib.c b/src/auditor/report-lib.c index 0888f47ae..5337b17b4 100644 --- a/src/auditor/report-lib.c +++ b/src/auditor/report-lib.c @@ -186,6 +186,7 @@ TALER_ARL_get_denomination_info_by_hash ( NULL); if (0 > qs) { + GNUNET_break (0); *issue = NULL; return qs; } @@ -211,6 +212,7 @@ TALER_ARL_get_denomination_info_by_hash ( &issue); if (qs <= 0) { + GNUNET_break (qs >= 0); if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs) GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Denomination %s not found\n", @@ -598,38 +600,34 @@ TALER_ARL_init (const struct GNUNET_CONFIGURATION_Handle *c) if (GNUNET_is_zero (&TALER_ARL_auditor_pub)) { - /* private key not available, try configuration for public key */ char *auditor_public_key_str; - if (GNUNET_OK != + if (GNUNET_OK == GNUNET_CONFIGURATION_get_value_string (c, "auditor", "PUBLIC_KEY", &auditor_public_key_str)) { - GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, - "auditor", - "PUBLIC_KEY"); - return GNUNET_SYSERR; - } - if (GNUNET_OK != - GNUNET_CRYPTO_eddsa_public_key_from_string ( - auditor_public_key_str, - strlen (auditor_public_key_str), - &TALER_ARL_auditor_pub.eddsa_pub)) - { - GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, - "auditor", - "PUBLIC_KEY", - "invalid key"); + if (GNUNET_OK != + GNUNET_CRYPTO_eddsa_public_key_from_string ( + auditor_public_key_str, + strlen (auditor_public_key_str), + &TALER_ARL_auditor_pub.eddsa_pub)) + { + GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, + "auditor", + "PUBLIC_KEY", + "invalid key"); + GNUNET_free (auditor_public_key_str); + return GNUNET_SYSERR; + } GNUNET_free (auditor_public_key_str); - return GNUNET_SYSERR; } - GNUNET_free (auditor_public_key_str); } if (GNUNET_is_zero (&TALER_ARL_auditor_pub)) { + /* public key not configured */ /* try loading private key and deriving public key */ char *fn; @@ -656,6 +654,14 @@ TALER_ARL_init (const struct GNUNET_CONFIGURATION_Handle *c) } } + if (GNUNET_is_zero (&TALER_ARL_auditor_pub)) + { + GNUNET_log_config_missing (GNUNET_ERROR_TYPE_INFO, + "auditor", + "PUBLIC_KEY/AUDITOR_PRIV_FILE"); + return GNUNET_SYSERR; + } + if (GNUNET_OK != TALER_config_get_currency (TALER_ARL_cfg, &TALER_ARL_currency)) diff --git a/src/auditor/revoke-basedb.conf b/src/auditor/revoke-basedb.conf new file mode 100644 index 000000000..da440c60a --- /dev/null +++ b/src/auditor/revoke-basedb.conf @@ -0,0 +1,37 @@ +[auditor] +DB = postgres +TINY_AMOUNT = TESTKUDOS:0.01 +BASE_URL = http://localhost:8083/ + +[exchange-account-1] +PAYTO_URI = payto://x-taler-bank/localhost/Exchange +enable_debit = yes +enable_credit = yes + +[exchange-accountcredentials-1] +WIRE_GATEWAY_URL = "http://localhost:8082/taler-wire-gateway/Exchange/" +WIRE_GATEWAY_AUTH_METHOD = basic +USERNAME = Exchange +PASSWORD = x + +[exchangedb] +WIREFEE_BASE_DIR = ${PWD}/wirefees/ + +[auditordb-postgres] +CONFIG = postgres:///taler-auditor-test + +[exchangedb-postgres] +CONFIG = postgres:///taler-auditor-test + +[taler] +CURRENCY = TESTKUDOS +CURRENCY_ROUND_UNIT = TESTKUDOS:0.01 + +[bank] +DATABASE = postgres:///taler-auditor-test +MAX_DEBT = TESTKUDOS:50.0 +MAX_DEBT_BANK = TESTKUDOS:100000.0 +HTTP_PORT = 8082 +SUGGESTED_EXCHANGE = http://localhost:8081/ +SUGGESTED_EXCHANGE_PAYTO = payto://x-taler-bank/localhost/2 +SERVE = http diff --git a/src/auditor/taler-helper-auditor-aggregation.c b/src/auditor/taler-helper-auditor-aggregation.c index b088b615d..33c51731d 100644 --- a/src/auditor/taler-helper-auditor-aggregation.c +++ b/src/auditor/taler-helper-auditor-aggregation.c @@ -390,7 +390,7 @@ struct WireCheckContext * @param[out] deposit_gain amount the coin contributes excluding refunds * @return #GNUNET_OK on success, #GNUNET_SYSERR if the transaction must fail (hard error) */ -static int +static enum GNUNET_GenericReturnValue check_transaction_history_for_deposit ( const struct TALER_CoinSpendPublicKeyP *coin_pub, const struct TALER_PrivateContractHashP *h_contract_terms, @@ -683,6 +683,7 @@ check_transaction_history_for_deposit ( * @param rowid which row in the table is the information from (for diagnostics) * @param merchant_pub public key of the merchant (should be same for all callbacks with the same @e cls) * @param account_pay_uri where did we transfer the funds? + * @param h_payto hash over @a account_payto_uri as it is in the DB * @param exec_time execution time of the wire transfer (should be same for all callbacks with the same @e cls) * @param h_contract_terms which proposal was this payment about * @param denom_pub denomination of @a coin_pub @@ -698,6 +699,7 @@ wire_transfer_information_cb ( uint64_t rowid, const struct TALER_MerchantPublicKeyP *merchant_pub, const char *account_pay_uri, + const struct TALER_PaytoHashP *h_payto, struct GNUNET_TIME_Timestamp exec_time, const struct TALER_PrivateContractHashP *h_contract_terms, const struct TALER_DenominationPublicKey *denom_pub, @@ -712,7 +714,18 @@ wire_transfer_information_cb ( struct TALER_EXCHANGEDB_TransactionList *tl; struct TALER_CoinPublicInfo coin; enum GNUNET_DB_QueryStatus qs; + struct TALER_PaytoHashP hpt; + TALER_payto_hash (account_pay_uri, + &hpt); + if (0 != + GNUNET_memcmp (&hpt, + h_payto)) + { + report_row_inconsistency ("wire_targets", + rowid, + "h-payto does not match payto URI"); + } /* Obtain coin's transaction history */ qs = TALER_ARL_edb->get_coin_transactions (TALER_ARL_edb->cls, coin_pub, diff --git a/src/auditor/test-auditor.conf b/src/auditor/test-auditor.conf deleted file mode 100644 index da440c60a..000000000 --- a/src/auditor/test-auditor.conf +++ /dev/null @@ -1,37 +0,0 @@ -[auditor] -DB = postgres -TINY_AMOUNT = TESTKUDOS:0.01 -BASE_URL = http://localhost:8083/ - -[exchange-account-1] -PAYTO_URI = payto://x-taler-bank/localhost/Exchange -enable_debit = yes -enable_credit = yes - -[exchange-accountcredentials-1] -WIRE_GATEWAY_URL = "http://localhost:8082/taler-wire-gateway/Exchange/" -WIRE_GATEWAY_AUTH_METHOD = basic -USERNAME = Exchange -PASSWORD = x - -[exchangedb] -WIREFEE_BASE_DIR = ${PWD}/wirefees/ - -[auditordb-postgres] -CONFIG = postgres:///taler-auditor-test - -[exchangedb-postgres] -CONFIG = postgres:///taler-auditor-test - -[taler] -CURRENCY = TESTKUDOS -CURRENCY_ROUND_UNIT = TESTKUDOS:0.01 - -[bank] -DATABASE = postgres:///taler-auditor-test -MAX_DEBT = TESTKUDOS:50.0 -MAX_DEBT_BANK = TESTKUDOS:100000.0 -HTTP_PORT = 8082 -SUGGESTED_EXCHANGE = http://localhost:8081/ -SUGGESTED_EXCHANGE_PAYTO = payto://x-taler-bank/localhost/2 -SERVE = http diff --git a/src/auditor/test-auditor.sh b/src/auditor/test-auditor.sh index 6138b3d35..2c0d2233b 100755 --- a/src/auditor/test-auditor.sh +++ b/src/auditor/test-auditor.sh @@ -866,10 +866,10 @@ function test_13() { echo "===========13: wrong melt signature ===========" # Modify denom_sig, so it is wrong -COIN_ID=`echo "SELECT old_known_coin_id FROM refresh_commitments LIMIT 1;" | psql $DB -Aqt` -OLD_SIG=`echo "SELECT old_coin_sig FROM refresh_commitments WHERE old_known_coin_id='$COIN_ID';" | psql $DB -Aqt` +COIN_PUB=`echo "SELECT old_coin_pub FROM refresh_commitments LIMIT 1;" | psql $DB -Aqt` +OLD_SIG=`echo "SELECT old_coin_sig FROM refresh_commitments WHERE old_known_pub='$COIN_PUB';" | psql $DB -Aqt` NEW_SIG="\xba588af7c13c477dca1ac458f65cc484db8fba53b969b873f4353ecbd815e6b4c03f42c0cb63a2b609c2d726e612fd8e0c084906a41f409b6a23a08a83c89a02" -echo "UPDATE refresh_commitments SET old_coin_sig='$NEW_SIG' WHERE old_known_coin_id='$COIN_ID'" | psql -Aqt $DB +echo "UPDATE refresh_commitments SET old_coin_sig='$NEW_SIG' WHERE old_coin_pub='$COIN_PUB'" | psql -Aqt $DB run_audit @@ -943,42 +943,27 @@ fi } - -# Test where h_wire in the deposit table is wrong +# Test where salt in the deposit table is wrong function test_15() { -echo "===========15: deposit wire hash wrong=================" +echo "===========15: deposit wire salt wrong=================" -# Check wire transfer lag reported (no aggregator!) +# Modify wire_salt hash, so it is inconsistent +SALT=`echo "SELECT wire_salt FROM deposits WHERE deposit_serial_id=1;" | psql -Aqt $DB` +echo "UPDATE deposits SET wire_salt='\x1197cd7f7b0e13ab1905fedb36c536a2' WHERE deposit_serial_id=1;" | psql -Aqt $DB -# NOTE: This test is EXPECTED to fail for ~1h after -# re-generating the test database as we do not -# report lag of less than 1h (see GRACE_PERIOD in -# taler-helper-auditor-wire.c) -if [ $DATABASE_AGE -gt 3600 ] -then - - # Modify h_wire hash, so it is inconsistent with 'wire' - echo "UPDATE deposits SET h_wire='\x973e52d193a357940be9ef2939c19b0575ee1101f52188c3c01d9005b7d755c397e92624f09cfa709104b3b65605fe5130c90d7e1b7ee30f8fc570f39c16b853' WHERE deposit_serial_id=1" | psql -Aqt $DB - - # The auditor checks h_wire consistency only for - # coins where the wire transfer has happened, hence - # run aggregator first to get this test to work. - run_audit aggregator +run_audit - echo -n "Testing inconsistency detection... " - TABLE=`jq -r .row_inconsistencies[0].table < test-audit-aggregation.json` - if test "x$TABLE" != "xaggregation" -a "x$TABLE" != "xdeposits" - then - exit_fail "Reported table wrong: $TABLE" - fi - echo PASS +echo -n "Testing inconsistency detection... " +OP=`jq -r .bad_sig_losses[0].operation < test-audit-coins.json` +if test "x$OP" != "xdeposit" +then + exit_fail "Reported operation wrong: $OP" +fi +echo PASS - # cannot easily undo aggregator, hence full reload - full_reload +# Restore DB +echo "UPDATE deposits SET wire_salt='$SALT' WHERE deposit_serial_id=1;" | psql -Aqt $DB -else - echo "Test skipped (database too new)" -fi } @@ -1181,14 +1166,14 @@ then OLD_TIME=`echo "SELECT execution_date FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` OLD_VAL=`echo "SELECT credit_val FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` - RES_UUID=`echo "SELECT reserve_uuid FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` - OLD_EXP=`echo "SELECT expiration_date FROM reserves WHERE reserve_uuid='${RES_UUID}';" | psql $DB -Aqt` + RES_PUB=`echo "SELECT reserve_pub FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` + OLD_EXP=`echo "SELECT expiration_date FROM reserves WHERE reserve_pub='${RES_PUB}';" | psql $DB -Aqt` VAL_DELTA=1 NEW_TIME=`expr $OLD_TIME - 3024000000000 || true` # 5 weeks NEW_EXP=`expr $OLD_EXP - 3024000000000 || true` # 5 weeks NEW_CREDIT=`expr $OLD_VAL + $VAL_DELTA || true` echo "UPDATE reserves_in SET execution_date='${NEW_TIME}',credit_val=${NEW_CREDIT} WHERE reserve_in_serial_id=1;" | psql -Aqt $DB - echo "UPDATE reserves SET current_balance_val=${VAL_DELTA}+current_balance_val,expiration_date='${NEW_EXP}' WHERE reserve_uuid='${RES_UUID}';" | psql -Aqt $DB + echo "UPDATE reserves SET current_balance_val=${VAL_DELTA}+current_balance_val,expiration_date='${NEW_EXP}' WHERE reserve_pub='${RES_PUB}';" | psql -Aqt $DB # Need to run with the aggregator so the reserve closure happens run_audit aggregator @@ -1219,11 +1204,11 @@ echo "===========20: reserve closure missing =================" OLD_TIME=`echo "SELECT execution_date FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` OLD_VAL=`echo "SELECT credit_val FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` -RES_UUID=`echo "SELECT reserve_uuid FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` +RES_PUB=`echo "SELECT reserve_pub FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` NEW_TIME=`expr $OLD_TIME - 3024000000000 || true` # 5 weeks NEW_CREDIT=`expr $OLD_VAL + 100 || true` echo "UPDATE reserves_in SET execution_date='${NEW_TIME}',credit_val=${NEW_CREDIT} WHERE reserve_in_serial_id=1;" | psql -Aqt $DB -echo "UPDATE reserves SET current_balance_val=100+current_balance_val WHERE reserve_uuid='${RES_UUID}';" | psql -Aqt $DB +echo "UPDATE reserves SET current_balance_val=100+current_balance_val WHERE reserve_pub='${RES_PUB}';" | psql -Aqt $DB # This time, run without the aggregator so the reserve closure is skipped! run_audit @@ -1240,7 +1225,7 @@ fi # Undo echo "UPDATE reserves_in SET execution_date='${OLD_TIME}',credit_val=${OLD_VAL} WHERE reserve_in_serial_id=1;" | psql -Aqt $DB -echo "UPDATE reserves SET current_balance_val=current_balance_val-100 WHERE reserve_uuid='${RES_UUID}';" | psql -Aqt $DB +echo "UPDATE reserves SET current_balance_val=current_balance_val-100 WHERE reserve_pub='${RES_PUB}';" | psql -Aqt $DB } @@ -1259,19 +1244,18 @@ then OLD_TIME=`echo "SELECT execution_date FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` OLD_VAL=`echo "SELECT credit_val FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` - RES_UUID=`echo "SELECT reserve_uuid FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` - OLD_EXP=`echo "SELECT expiration_date FROM reserves WHERE reserve_uuid='${RES_UUID}';" | psql $DB -Aqt` + RES_PUB=`echo "SELECT reserve_pub FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` + OLD_EXP=`echo "SELECT expiration_date FROM reserves WHERE reserve_pub='${RES_PUB}';" | psql $DB -Aqt` VAL_DELTA=1 NEW_TIME=`expr $OLD_TIME - 3024000000000 || true` # 5 weeks NEW_EXP=`expr $OLD_EXP - 3024000000000 || true` # 5 weeks NEW_CREDIT=`expr $OLD_VAL + $VAL_DELTA || true` echo "UPDATE reserves_in SET execution_date='${NEW_TIME}',credit_val=${NEW_CREDIT} WHERE reserve_in_serial_id=1;" | psql -Aqt $DB - echo "UPDATE reserves SET current_balance_val=${VAL_DELTA}+current_balance_val,expiration_date='${NEW_EXP}' WHERE reserve_uuid='${RES_UUID}';" | psql -Aqt $DB + echo "UPDATE reserves SET current_balance_val=${VAL_DELTA}+current_balance_val,expiration_date='${NEW_EXP}' WHERE reserve_pub='${RES_PUB}';" | psql -Aqt $DB # Need to first run the aggregator so the transfer is marked as done exists pre_audit aggregator - # remove transaction from bank DB echo "DELETE FROM app_banktransaction WHERE debit_account_id=2 AND amount='TESTKUDOS:${VAL_DELTA}';" | psql -Aqt $DB @@ -1312,7 +1296,7 @@ S_DENOM=`echo 'SELECT denominations_serial FROM reserves_out LIMIT 1;' | psql $D OLD_START=`echo "SELECT valid_from FROM denominations WHERE denominations_serial='${S_DENOM}';" | psql $DB -Aqt` OLD_WEXP=`echo "SELECT expire_withdraw FROM denominations WHERE denominations_serial='${S_DENOM}';" | psql $DB -Aqt` # Basically expires 'immediately', so that the withdraw must have been 'invalid' -NEW_WEXP=`expr $OLD_START + 1 || true` +NEW_WEXP=$OLD_START echo "UPDATE denominations SET expire_withdraw=${NEW_WEXP} WHERE denominations_serial='${S_DENOM}';" | psql -Aqt $DB @@ -1320,7 +1304,7 @@ echo "UPDATE denominations SET expire_withdraw=${NEW_WEXP} WHERE denominations_s run_audit echo -n "Testing inconsistency detection... " -jq -e .denomination_key_validity_withdraw_inconsistencies[0] < test-audit-reserves.json > /dev/null || exit_fail "Denomination key withdraw inconsistency not detected" +jq -e .denomination_key_validity_withdraw_inconsistencies[0] < test-audit-reserves.json > /dev/null || exit_fail "Denomination key withdraw inconsistency for $S_DENOM not detected" echo PASS @@ -1793,6 +1777,50 @@ fi +# Test where h_payto in the wire_targets table is wrong +function test_33() { +echo "===========33: h_payto wrong=================" + +# Check wire transfer lag reported (no aggregator!) +# NOTE: this test is BRAND NEW and expected +# to fail until we implement the check in the auditor! + +# NOTE: This test is EXPECTED to fail for ~1h after +# re-generating the test database as we do not +# report lag of less than 1h (see GRACE_PERIOD in +# taler-helper-auditor-wire.c) +if [ $DATABASE_AGE -gt 3600 ] +then + + # Modify h_payto hash, so it is inconsistent with 'wire' + WTSID=`echo "SELECT wire_target_serial_id FROM deposits WHERE deposit_serial_id=1;" | psql -Aqt $DB` + echo "UPDATE wire_targets SET h_payto='\x973e52d193a357940be9ef2939c19b0575ee1101f52188c3c01d9005b7d755c397e92624f09cfa709104b3b65605fe5130c90d7e1b7ee30f8fc570f39c16b853' WHERE wire_target_serial_id=$WTSID" | psql -Aqt $DB + + # The auditor checks h_wire consistency only for + # coins where the wire transfer has happened, hence + # run aggregator first to get this test to work. + run_audit aggregator + + echo -n "Testing inconsistency detection... " + TABLE=`jq -r .row_inconsistencies[0].table < test-audit-aggregation.json` + if test "x$TABLE" != "xwire_targets" + then + exit_fail "Reported table wrong: $TABLE" + fi + echo PASS + + # cannot easily undo aggregator, hence full reload + full_reload + +else + echo "Test skipped (database too new)" +fi +} + + + + + # *************** Main test loop starts here ************** @@ -1840,10 +1868,10 @@ check_with_database() # ####### Setup globals ###### # Postgres database to use -DB=taler-auditor-test +DB=auditor-basedb # Configuration file to use -CONF=test-auditor.conf +CONF=${DB}.conf # test required commands exist echo "Testing for jq" diff --git a/src/auditor/test-revocation.sh b/src/auditor/test-revocation.sh index 766825723..06d54dc9e 100755 --- a/src/auditor/test-revocation.sh +++ b/src/auditor/test-revocation.sh @@ -482,11 +482,11 @@ check_with_database() # *************** Main logic starts here ************** # ####### Setup globals ###### -# Postgres database to use (must match test-auditor.conf) +# Postgres database to use (must match revoke-basedb.conf) DB=taler-auditor-test # Configuration file to use -CONF=test-auditor.conf +CONF=revoke-basedb.conf # test required commands exist echo "Testing for jq" diff --git a/src/exchange/taler-exchange-httpd_transfers_get.c b/src/exchange/taler-exchange-httpd_transfers_get.c index 99946a326..5b914c417 100644 --- a/src/exchange/taler-exchange-httpd_transfers_get.c +++ b/src/exchange/taler-exchange-httpd_transfers_get.c @@ -260,6 +260,7 @@ struct WtidTransactionContext * @param rowid which row in the DB is the information from (for diagnostics), ignored * @param merchant_pub public key of the merchant (should be same for all callbacks with the same @e cls) * @param account_payto_uri where the funds were sent + * @param h_payto hash over @a account_payto_uri as it is in the DB * @param exec_time execution time of the wire transfer (should be same for all callbacks with the same @e cls) * @param h_contract_terms which proposal was this payment about * @param denom_pub denomination public key of the @a coin_pub (ignored) @@ -272,6 +273,7 @@ handle_deposit_data (void *cls, uint64_t rowid, const struct TALER_MerchantPublicKeyP *merchant_pub, const char *account_payto_uri, + const struct TALER_PaytoHashP *h_payto, struct GNUNET_TIME_Timestamp exec_time, const struct TALER_PrivateContractHashP *h_contract_terms, const struct TALER_DenominationPublicKey *denom_pub, diff --git a/src/exchangedb/exchange-0001.sql b/src/exchangedb/exchange-0001.sql index baf0056b0..272ee84b3 100644 --- a/src/exchangedb/exchange-0001.sql +++ b/src/exchangedb/exchange-0001.sql @@ -88,7 +88,7 @@ CREATE TABLE IF NOT EXISTS wire_targets_default PARTITION OF wire_targets FOR VALUES WITH (MODULUS 1, REMAINDER 0); --- FIXME partition by serial_id rather than h_payto, +-- FIXME partition by serial_id rather than h_payto, -- it is used more in join conditions - crucial for sharding to select this. -- Author: (Boss Marco) CREATE INDEX IF NOT EXISTS wire_targets_serial_id_index @@ -108,19 +108,19 @@ DECLARE partition_str VARCHAR; BEGIN - table_name = CASE + table_name = CASE shard_suffix - WHEN '' THEN + WHEN '' THEN 'reserves' - ELSE + ELSE 'reserves_' || shard_suffix END; - partition_str = CASE + partition_str = CASE shard_suffix - WHEN '' THEN + WHEN '' THEN 'PARTITION BY HASH (reserve_pub);' - ELSE + ELSE ';' END; @@ -189,19 +189,19 @@ DECLARE partition_str VARCHAR; BEGIN - table_name = CASE + table_name = CASE shard_suffix - WHEN '' THEN + WHEN '' THEN 'reserves_in' - ELSE + ELSE 'reserves_in_' || shard_suffix END; - partition_str = CASE + partition_str = CASE shard_suffix - WHEN '' THEN + WHEN '' THEN 'PARTITION BY HASH (reserve_pub);' - ELSE + ELSE ';' END; @@ -267,19 +267,19 @@ DECLARE partition_str VARCHAR; BEGIN - table_name = CASE + table_name = CASE shard_suffix - WHEN '' THEN + WHEN '' THEN 'reserves_close' - ELSE + ELSE 'reserves_close_' || shard_suffix END; - partition_str = CASE + partition_str = CASE shard_suffix - WHEN '' THEN + WHEN '' THEN 'PARTITION BY HASH (reserve_pub);' - ELSE + ELSE ';' END; @@ -335,19 +335,19 @@ DECLARE partition_str VARCHAR; BEGIN - table_name = CASE + table_name = CASE shard_suffix - WHEN '' THEN + WHEN '' THEN 'reserves_out' - ELSE + ELSE 'reserves_out_' || shard_suffix END; - partition_str = CASE + partition_str = CASE shard_suffix - WHEN '' THEN + WHEN '' THEN 'PARTITION BY HASH (h_blind_ev);' - ELSE + ELSE ';' END; @@ -488,19 +488,19 @@ DECLARE partition_str VARCHAR; BEGIN - table_name = CASE + table_name = CASE shard_suffix - WHEN '' THEN + WHEN '' THEN 'known_coins' - ELSE + ELSE 'known_coins_' || shard_suffix END; - partition_str = CASE + partition_str = CASE shard_suffix - WHEN '' THEN + WHEN '' THEN 'PARTITION BY HASH (coin_pub);' -- FIXME: or include denominations_serial? or multi-level partitioning? - ELSE + ELSE ';' END; @@ -559,19 +559,19 @@ DECLARE partition_str VARCHAR; BEGIN - table_name = CASE + table_name = CASE shard_suffix - WHEN '' THEN + WHEN '' THEN 'refresh_commitments' - ELSE + ELSE 'refresh_commitments_' || shard_suffix END; - partition_str = CASE + partition_str = CASE shard_suffix - WHEN '' THEN + WHEN '' THEN 'PARTITION BY HASH (rc);' - ELSE + ELSE ';' END; @@ -632,19 +632,19 @@ DECLARE partition_str VARCHAR; BEGIN - table_name = CASE + table_name = CASE shard_suffix - WHEN '' THEN + WHEN '' THEN 'refresh_revealed_coins' - ELSE + ELSE 'refresh_revealed_coins_' || shard_suffix END; - partition_str = CASE + partition_str = CASE shard_suffix - WHEN '' THEN + WHEN '' THEN 'PARTITION BY HASH (melt_serial_id);' - ELSE + ELSE ';' END; @@ -715,19 +715,19 @@ DECLARE partition_str VARCHAR; BEGIN - table_name = CASE + table_name = CASE shard_suffix - WHEN '' THEN + WHEN '' THEN 'refresh_transfer_keys' - ELSE + ELSE 'refresh_transfer_keys_' || shard_suffix END; - partition_str = CASE + partition_str = CASE shard_suffix - WHEN '' THEN + WHEN '' THEN 'PARTITION BY HASH (melt_serial_id);' - ELSE + ELSE ';' END; @@ -790,19 +790,19 @@ DECLARE partition_str VARCHAR; BEGIN - table_name = CASE + table_name = CASE shard_suffix - WHEN '' THEN + WHEN '' THEN 'deposits' - ELSE + ELSE 'deposits_' || shard_suffix END; - partition_str = CASE + partition_str = CASE shard_suffix - WHEN '' THEN + WHEN '' THEN 'PARTITION BY HASH (shard);' - ELSE + ELSE ';' END; @@ -902,19 +902,19 @@ DECLARE partition_str VARCHAR; BEGIN - table_name = CASE + table_name = CASE shard_suffix - WHEN '' THEN + WHEN '' THEN 'refunds' - ELSE + ELSE 'refunds_' || shard_suffix END; - partition_str = CASE + partition_str = CASE shard_suffix - WHEN '' THEN + WHEN '' THEN 'PARTITION BY HASH (deposit_serial_id);' - ELSE + ELSE ';' END; @@ -969,19 +969,19 @@ DECLARE partition_str VARCHAR; BEGIN - table_name = CASE + table_name = CASE shard_suffix - WHEN '' THEN + WHEN '' THEN 'wire_out' - ELSE + ELSE 'wire_out_' || shard_suffix END; - partition_str = CASE + partition_str = CASE shard_suffix - WHEN '' THEN + WHEN '' THEN 'PARTITION BY HASH (wtid_raw);' - ELSE + ELSE ';' END; @@ -1037,19 +1037,19 @@ DECLARE partition_str VARCHAR; BEGIN - table_name = CASE + table_name = CASE shard_suffix - WHEN '' THEN + WHEN '' THEN 'aggregation_tracking' - ELSE + ELSE 'aggregation_tracking_' || shard_suffix END; - partition_str = CASE + partition_str = CASE shard_suffix - WHEN '' THEN + WHEN '' THEN 'PARTITION BY HASH (deposit_serial_id);' - ELSE + ELSE ';' END; @@ -1123,19 +1123,19 @@ DECLARE partition_str VARCHAR; BEGIN - table_name = CASE + table_name = CASE shard_suffix - WHEN '' THEN + WHEN '' THEN 'recoup' - ELSE + ELSE 'recoup_' || shard_suffix END; - partition_str = CASE + partition_str = CASE shard_suffix - WHEN '' THEN + WHEN '' THEN 'PARTITION BY HASH (known_coin_id);' - ELSE + ELSE ';' END; @@ -1199,19 +1199,19 @@ DECLARE partition_str VARCHAR; BEGIN - table_name = CASE + table_name = CASE shard_suffix - WHEN '' THEN + WHEN '' THEN 'recoup_refresh' - ELSE + ELSE 'recoup_refresh_' || shard_suffix END; - partition_str = CASE + partition_str = CASE shard_suffix - WHEN '' THEN + WHEN '' THEN 'PARTITION BY HASH (known_coin_id);' - ELSE + ELSE ';' END; @@ -1273,19 +1273,19 @@ DECLARE partition_str VARCHAR; BEGIN - table_name = CASE + table_name = CASE shard_suffix - WHEN '' THEN + WHEN '' THEN 'prewire' - ELSE + ELSE 'prewire_' || shard_suffix END; - partition_str = CASE + partition_str = CASE shard_suffix - WHEN '' THEN + WHEN '' THEN 'PARTITION BY HASH (prewire_uuid);' - ELSE + ELSE ';' END; @@ -1697,8 +1697,8 @@ IF EXISTS ( SELECT 1 FROM information_Schema.constraint_column_usage WHERE table_name='wire_out' - AND constraint_name='wire_out_ref') -THEN + AND constraint_name='wire_out_ref') +THEN SET CONSTRAINTS wire_out_ref DEFERRED; END IF; diff --git a/src/exchangedb/plugin_exchangedb_postgres.c b/src/exchangedb/plugin_exchangedb_postgres.c index 2476fcfd7..1ee401bc6 100644 --- a/src/exchangedb/plugin_exchangedb_postgres.c +++ b/src/exchangedb/plugin_exchangedb_postgres.c @@ -1240,6 +1240,7 @@ prepare_statements (struct PostgresClosure *pg) " aggregation_serial_id" ",deposits.h_contract_terms" ",payto_uri" + ",h_payto" ",kc.coin_pub" ",deposits.merchant_pub" ",wire_out.execution_date" @@ -7160,6 +7161,7 @@ handle_wt_result (void *cls, uint64_t rowid; struct TALER_PrivateContractHashP h_contract_terms; struct TALER_CoinSpendPublicKeyP coin_pub; + struct TALER_PaytoHashP h_payto; struct TALER_MerchantPublicKeyP merchant_pub; struct GNUNET_TIME_Timestamp exec_time; struct TALER_Amount amount_with_fee; @@ -7172,6 +7174,8 @@ handle_wt_result (void *cls, &h_contract_terms), GNUNET_PQ_result_spec_string ("payto_uri", &payto_uri), + GNUNET_PQ_result_spec_auto_from_type ("h_payto", + &h_payto), TALER_PQ_result_spec_denom_pub ("denom_pub", &denom_pub), GNUNET_PQ_result_spec_auto_from_type ("coin_pub", @@ -7200,6 +7204,7 @@ handle_wt_result (void *cls, rowid, &merchant_pub, payto_uri, + &h_payto, exec_time, &h_contract_terms, &denom_pub, diff --git a/src/exchangedb/test_exchangedb.c b/src/exchangedb/test_exchangedb.c index a3652a500..497d6140a 100644 --- a/src/exchangedb/test_exchangedb.c +++ b/src/exchangedb/test_exchangedb.c @@ -536,6 +536,7 @@ cb_wt_never (void *cls, uint64_t serial_id, const struct TALER_MerchantPublicKeyP *merchant_pub, const char *account_payto_uri, + const struct TALER_PaytoHashP *h_payto, struct GNUNET_TIME_Timestamp exec_time, const struct TALER_PrivateContractHashP *h_contract_terms, const struct TALER_DenominationPublicKey *denom_pub, @@ -576,6 +577,7 @@ cb_wt_check (void *cls, uint64_t rowid, const struct TALER_MerchantPublicKeyP *merchant_pub, const char *account_payto_uri, + const struct TALER_PaytoHashP *h_payto, struct GNUNET_TIME_Timestamp exec_time, const struct TALER_PrivateContractHashP *h_contract_terms, const struct TALER_DenominationPublicKey *denom_pub, diff --git a/src/include/taler_exchangedb_plugin.h b/src/include/taler_exchangedb_plugin.h index dfe9ab7fe..80cab782b 100644 --- a/src/include/taler_exchangedb_plugin.h +++ b/src/include/taler_exchangedb_plugin.h @@ -1950,6 +1950,7 @@ typedef void * @param rowid which row in the table is the information from (for diagnostics) * @param merchant_pub public key of the merchant (should be same for all callbacks with the same @e cls) * @param account_payto_uri which account did the transfer go to? + * @param h_payto hash over @a account_payto_uri as it is in the DB * @param exec_time execution time of the wire transfer (should be same for all callbacks with the same @e cls) * @param h_contract_terms which proposal was this payment about * @param denom_pub denomination of @a coin_pub @@ -1963,6 +1964,7 @@ typedef void uint64_t rowid, const struct TALER_MerchantPublicKeyP *merchant_pub, const char *account_payto_uri, + const struct TALER_PaytoHashP *h_payto, struct GNUNET_TIME_Timestamp exec_time, const struct TALER_PrivateContractHashP *h_contract_terms, const struct TALER_DenominationPublicKey *denom_pub, diff --git a/src/pq/pq_result_helper.c b/src/pq/pq_result_helper.c index 1115a130c..68cbbcd4c 100644 --- a/src/pq/pq_result_helper.c +++ b/src/pq/pq_result_helper.c @@ -97,6 +97,20 @@ extract_amount_nbo_helper (PGresult *result, r_amount_nbo->fraction = *(uint32_t *) PQgetvalue (result, row, frac_num); + if (GNUNET_ntohll (r_amount_nbo->value) >= TALER_AMOUNT_MAX_VALUE) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Field `%s' exceeds legal range\n", + val_name); + return GNUNET_SYSERR; + } + if (ntohl (r_amount_nbo->fraction) >= TALER_AMOUNT_FRAC_BASE) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Field `%s' exceeds legal range\n", + frac_name); + return GNUNET_SYSERR; + } len = GNUNET_MIN (TALER_CURRENCY_LEN - 1, strlen (currency)); memcpy (r_amount_nbo->currency, diff --git a/src/testing/test_auditor_api-cs.conf b/src/testing/test_auditor_api-cs.conf index fbd84461d..3a9092451 100644 --- a/src/testing/test_auditor_api-cs.conf +++ b/src/testing/test_auditor_api-cs.conf @@ -27,7 +27,7 @@ BASE_URL = "http://localhost:8083/" # HTTP port the auditor listens to PORT = 8083 - +PUBLIC_KEY = XNYZPJJ6YPSQ4C6QPW120ACG9B5E5GBTTSYWXDMDB6G4X74TDBPG TINY_AMOUNT = EUR:0.01 [exchange] diff --git a/src/testing/test_auditor_api-rsa.conf b/src/testing/test_auditor_api-rsa.conf index 95eb47b38..e226abb26 100644 --- a/src/testing/test_auditor_api-rsa.conf +++ b/src/testing/test_auditor_api-rsa.conf @@ -27,6 +27,7 @@ BASE_URL = "http://localhost:8083/" # HTTP port the auditor listens to PORT = 8083 +PUBLIC_KEY = XNYZPJJ6YPSQ4C6QPW120ACG9B5E5GBTTSYWXDMDB6G4X74TDBPG TINY_AMOUNT = EUR:0.01 -- cgit v1.2.3