remove auditor support from merchant

author: Christian Grothoff <christian@grothoff.org> 2023-05-02 21:55:32 +0200
committer: Christian Grothoff <christian@grothoff.org> 2023-05-02 21:55:32 +0200
commit: fbba13c83b7e209962558c9207358f607074a6da (patch)
tree: 401630d05fce862b53888e779739004fac85c601 /src/backend/taler-merchant-httpd_auditors.c
parent: f1d8b299384d02c9dcd88f69ac2395fc8286e9ce (diff)
download: merchant-fbba13c83b7e209962558c9207358f607074a6da.tar.gz
merchant-fbba13c83b7e209962558c9207358f607074a6da.tar.bz2
merchant-fbba13c83b7e209962558c9207358f607074a6da.zip
1 files changed, 59 insertions, 5 deletions
diff --git a/src/backend/taler-merchant-httpd_auditors.c b/src/backend/taler-merchant-httpd_auditors.c
index a1d70053..8a09af63 100644
--- a/src/backend/taler-merchant-httpd_auditors.c
+++ b/src/backend/taler-merchant-httpd_auditors.c
@@ -1,6 +1,6 @@
 /*
   This file is part of TALER
-  (C) 2014-2021 Taler Systems SA
+  (C) 2014-2023 Taler Systems SA
 
   TALER is free software; you can redistribute it and/or modify it under the
   terms of the GNU Affero General Public License as published by the Free Software
@@ -23,6 +23,15 @@
 #include <taler/taler_json_lib.h>
 #include "taler-merchant-httpd_auditors.h"
 
+
+/**
+ * Auditors are currently not a supported feature, as having merchants
+ * allow all exchanges of an auditor creates problems when exchanges
+ * have restricted their bank accounts via ``/wire``. Thus, for now,
+ * merchants must specify the exact list of trusted exchanges.
+ */
+#define ENABLE_AUDITORS 0
+
 /**
  * Our representation of an auditor.
  */
@@ -46,6 +55,7 @@ struct Auditor
 };
 
 
+#if ENABLE_AUDITORS
 /**
  * Array of the auditors this merchant is willing to accept.
  */
@@ -56,12 +66,13 @@ static struct Auditor *auditors;
  */
 static unsigned int nauditors;
 
+#endif
+
 /**
  * JSON representation of the auditors accepted by this exchange.
  */
 json_t *j_auditors;
 
-
 enum GNUNET_GenericReturnValue
 TMH_AUDITORS_check_dk (struct TALER_EXCHANGE_Handle *mh,
                        const struct TALER_EXCHANGE_DenomPublicKey *dk,
@@ -70,7 +81,6 @@ TMH_AUDITORS_check_dk (struct TALER_EXCHANGE_Handle *mh,
                        enum TALER_ErrorCode *ec)
 {
   const struct TALER_EXCHANGE_Keys *keys;
-  const struct TALER_EXCHANGE_AuditorInformation *ai;
 
   if (GNUNET_TIME_absolute_is_past (dk->expire_deposit.abs_time))
   {
@@ -96,9 +106,11 @@ TMH_AUDITORS_check_dk (struct TALER_EXCHANGE_Handle *mh,
     *hc = MHD_HTTP_INTERNAL_SERVER_ERROR;
     return GNUNET_SYSERR;
   }
+#if ENABLE_AUDITORS
   for (unsigned int i = 0; i<keys->num_auditors; i++)
   {
-    ai = &keys->auditors[i];
+    const struct TALER_EXCHANGE_AuditorInformation *ai = &keys->auditors[i];
+
     for (unsigned int j = 0; j<nauditors; j++)
     {
       if (0 == GNUNET_memcmp (&ai->auditor_pub,
@@ -118,6 +130,7 @@ TMH_AUDITORS_check_dk (struct TALER_EXCHANGE_Handle *mh,
         }
     }
   }
+#endif
   GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
               "Denomination key %s offered by client not audited by any accepted auditor\n",
               GNUNET_h2s (&dk->h_key.hash));
@@ -127,6 +140,7 @@ TMH_AUDITORS_check_dk (struct TALER_EXCHANGE_Handle *mh,
 }
 
 
+#if ENABLE_AUDITORS
 /**
  * Function called on each configuration section. Finds sections
  * about auditors and parses the entries.
@@ -219,15 +233,20 @@ parse_auditors (void *cls,
 }
 
 
+#endif
+
+
 int
 TMH_AUDITORS_init (const struct GNUNET_CONFIGURATION_Handle *cfg)
 {
+#if ENABLE_AUDITORS
   GNUNET_CONFIGURATION_iterate_sections (cfg,
                                          &parse_auditors,
                                          (void *) cfg);
-
+#endif
   /* Generate preferred exchange(s) array. */
   j_auditors = json_array ();
+#if ENABLE_AUDITORS
   for (unsigned int cnt = 0; cnt < nauditors; cnt++)
     GNUNET_assert (0 ==
                    json_array_append_new (
@@ -240,6 +259,9 @@ TMH_AUDITORS_init (const struct GNUNET_CONFIGURATION_Handle *cfg)
                        GNUNET_JSON_pack_string ("url",
                                                 auditors[cnt].url))));
   return nauditors;
+#else
+  return 0;
+#endif
 }
 
 
@@ -251,6 +273,7 @@ TMH_AUDITORS_done ()
 {
   json_decref (j_auditors);
   j_auditors = NULL;
+#if ENABLE_AUDITORS
   for (unsigned int i = 0; i<nauditors; i++)
   {
     GNUNET_free (auditors[i].name);
@@ -259,7 +282,38 @@ TMH_AUDITORS_done ()
   GNUNET_free (auditors);
   auditors = NULL;
   nauditors = 0;
+#endif
 }
 
 
+#if ENABLE_AUDITORS
+
+/*
+Something like the following text should be added to the taler.5.conf man-page
+if auditor support is brought back.
+
+KNOWN AUDITORS (for merchants)
+------------------------------
+
+The merchant configuration can include a list of known exchanges if the
+merchant wants to specify that certain auditors are explicitly trusted.
+For each trusted exchange, a section “[merchant-auditor-$NAME]” must exist, where
+``$NAME`` is a merchant-given name for the auditor. The following options
+must be given in each “[merchant-auditor-$NAME]” section.
+
+AUDITOR_BASE_URL
+  Base URL of the auditor, e.g. “https://auditor.demo.taler.net/”
+
+AUDITOR_KEY
+  Crockford Base32 encoded auditor public key.
+
+CURRENCY
+  Name of the currency for which this auditor is trusted, e.g. “KUDOS”
+  The entire section is ignored if the currency does not match the currency
+  we use, which must be given in the ``[taler]`` section.
+
+*/
+
+#endif
+
 /* end of taler-merchant-httpd_auditors.c */
author	Christian Grothoff <christian@grothoff.org>	2023-05-02 21:55:32 +0200
committer	Christian Grothoff <christian@grothoff.org>	2023-05-02 21:55:32 +0200
commit	fbba13c83b7e209962558c9207358f607074a6da (patch)
tree	401630d05fce862b53888e779739004fac85c601 /src/backend/taler-merchant-httpd_auditors.c
parent	f1d8b299384d02c9dcd88f69ac2395fc8286e9ce (diff)
download	merchant-fbba13c83b7e209962558c9207358f607074a6da.tar.gz merchant-fbba13c83b7e209962558c9207358f607074a6da.tar.bz2 merchant-fbba13c83b7e209962558c9207358f607074a6da.zip