diff options
author | Christian Grothoff <christian@grothoff.org> | 2023-05-02 21:55:32 +0200 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2023-05-02 21:55:32 +0200 |
commit | fbba13c83b7e209962558c9207358f607074a6da (patch) | |
tree | 401630d05fce862b53888e779739004fac85c601 /src/backend/taler-merchant-httpd_auditors.c | |
parent | f1d8b299384d02c9dcd88f69ac2395fc8286e9ce (diff) | |
download | merchant-fbba13c83b7e209962558c9207358f607074a6da.tar.gz merchant-fbba13c83b7e209962558c9207358f607074a6da.tar.bz2 merchant-fbba13c83b7e209962558c9207358f607074a6da.zip |
remove auditor support from merchant
Diffstat (limited to 'src/backend/taler-merchant-httpd_auditors.c')
-rw-r--r-- | src/backend/taler-merchant-httpd_auditors.c | 64 |
1 files changed, 59 insertions, 5 deletions
diff --git a/src/backend/taler-merchant-httpd_auditors.c b/src/backend/taler-merchant-httpd_auditors.c index a1d70053..8a09af63 100644 --- a/src/backend/taler-merchant-httpd_auditors.c +++ b/src/backend/taler-merchant-httpd_auditors.c @@ -1,6 +1,6 @@ /* This file is part of TALER - (C) 2014-2021 Taler Systems SA + (C) 2014-2023 Taler Systems SA TALER is free software; you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software @@ -23,6 +23,15 @@ #include <taler/taler_json_lib.h> #include "taler-merchant-httpd_auditors.h" + +/** + * Auditors are currently not a supported feature, as having merchants + * allow all exchanges of an auditor creates problems when exchanges + * have restricted their bank accounts via ``/wire``. Thus, for now, + * merchants must specify the exact list of trusted exchanges. + */ +#define ENABLE_AUDITORS 0 + /** * Our representation of an auditor. */ @@ -46,6 +55,7 @@ struct Auditor }; +#if ENABLE_AUDITORS /** * Array of the auditors this merchant is willing to accept. */ @@ -56,12 +66,13 @@ static struct Auditor *auditors; */ static unsigned int nauditors; +#endif + /** * JSON representation of the auditors accepted by this exchange. */ json_t *j_auditors; - enum GNUNET_GenericReturnValue TMH_AUDITORS_check_dk (struct TALER_EXCHANGE_Handle *mh, const struct TALER_EXCHANGE_DenomPublicKey *dk, @@ -70,7 +81,6 @@ TMH_AUDITORS_check_dk (struct TALER_EXCHANGE_Handle *mh, enum TALER_ErrorCode *ec) { const struct TALER_EXCHANGE_Keys *keys; - const struct TALER_EXCHANGE_AuditorInformation *ai; if (GNUNET_TIME_absolute_is_past (dk->expire_deposit.abs_time)) { @@ -96,9 +106,11 @@ TMH_AUDITORS_check_dk (struct TALER_EXCHANGE_Handle *mh, *hc = MHD_HTTP_INTERNAL_SERVER_ERROR; return GNUNET_SYSERR; } +#if ENABLE_AUDITORS for (unsigned int i = 0; i<keys->num_auditors; i++) { - ai = &keys->auditors[i]; + const struct TALER_EXCHANGE_AuditorInformation *ai = &keys->auditors[i]; + for (unsigned int j = 0; j<nauditors; j++) { if (0 == GNUNET_memcmp (&ai->auditor_pub, @@ -118,6 +130,7 @@ TMH_AUDITORS_check_dk (struct TALER_EXCHANGE_Handle *mh, } } } +#endif GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Denomination key %s offered by client not audited by any accepted auditor\n", GNUNET_h2s (&dk->h_key.hash)); @@ -127,6 +140,7 @@ TMH_AUDITORS_check_dk (struct TALER_EXCHANGE_Handle *mh, } +#if ENABLE_AUDITORS /** * Function called on each configuration section. Finds sections * about auditors and parses the entries. @@ -219,15 +233,20 @@ parse_auditors (void *cls, } +#endif + + int TMH_AUDITORS_init (const struct GNUNET_CONFIGURATION_Handle *cfg) { +#if ENABLE_AUDITORS GNUNET_CONFIGURATION_iterate_sections (cfg, &parse_auditors, (void *) cfg); - +#endif /* Generate preferred exchange(s) array. */ j_auditors = json_array (); +#if ENABLE_AUDITORS for (unsigned int cnt = 0; cnt < nauditors; cnt++) GNUNET_assert (0 == json_array_append_new ( @@ -240,6 +259,9 @@ TMH_AUDITORS_init (const struct GNUNET_CONFIGURATION_Handle *cfg) GNUNET_JSON_pack_string ("url", auditors[cnt].url)))); return nauditors; +#else + return 0; +#endif } @@ -251,6 +273,7 @@ TMH_AUDITORS_done () { json_decref (j_auditors); j_auditors = NULL; +#if ENABLE_AUDITORS for (unsigned int i = 0; i<nauditors; i++) { GNUNET_free (auditors[i].name); @@ -259,7 +282,38 @@ TMH_AUDITORS_done () GNUNET_free (auditors); auditors = NULL; nauditors = 0; +#endif } +#if ENABLE_AUDITORS + +/* +Something like the following text should be added to the taler.5.conf man-page +if auditor support is brought back. + +KNOWN AUDITORS (for merchants) +------------------------------ + +The merchant configuration can include a list of known exchanges if the +merchant wants to specify that certain auditors are explicitly trusted. +For each trusted exchange, a section “[merchant-auditor-$NAME]” must exist, where +``$NAME`` is a merchant-given name for the auditor. The following options +must be given in each “[merchant-auditor-$NAME]” section. + +AUDITOR_BASE_URL + Base URL of the auditor, e.g. “https://auditor.demo.taler.net/” + +AUDITOR_KEY + Crockford Base32 encoded auditor public key. + +CURRENCY + Name of the currency for which this auditor is trusted, e.g. “KUDOS” + The entire section is ignored if the currency does not match the currency + we use, which must be given in the ``[taler]`` section. + +*/ + +#endif + /* end of taler-merchant-httpd_auditors.c */ |