db checks claim_token in insert_contract_terms

2 files changed, 28 insertions, 9 deletions

diff --git a/src/backenddb/plugin_merchantdb_postgres.c b/src/backenddb/plugin_merchantdb_postgres.c
index 60f42a16..1174fb79 100644
--- a/src/backenddb/plugin_merchantdb_postgres.c
+++ b/src/backenddb/plugin_merchantdb_postgres.c
@@ -1478,11 +1478,13 @@ postgres_lookup_contract_terms (void *cls,
  * contract terms (to be hashed), the creation_time and pay_deadline (to be
  * obtained from the merchant_orders table). The "session_id" should be
  * initially set to the empty string.  The "fulfillment_url" and "refund_deadline"
- * must be extracted from @a contract_terms.
+ * must be extracted from @a contract_terms. This function will only
+ * succeed if @a claim_token matches the token created for the order.
  *
  * @param cls closure
  * @param instance_id instance's identifier
  * @param order_id order_id used to store
+ * @param claim_token the token belonging to the order (NULL for none)
  * @param contract_terms contract to store
  * @return transaction status, #GNUNET_DB_STATUS_HARD_ERROR if @a contract_terms
  *          is malformed
@@ -1491,6 +1493,7 @@ static enum GNUNET_DB_QueryStatus
 postgres_insert_contract_terms (void *cls,
                                 const char *instance_id,
                                 const char *order_id,
+                                const struct TALER_ClaimTokenP *claim_token,
                                 json_t *contract_terms)
 {
   struct PostgresClosure *pg = cls;
@@ -1539,6 +1542,7 @@ postgres_insert_contract_terms (void *cls,
       GNUNET_PQ_query_param_absolute_time (&pay_deadline),
       GNUNET_PQ_query_param_absolute_time (&refund_deadline),
       GNUNET_PQ_query_param_string (fulfillment_url),
+      GNUNET_PQ_query_param_auto_from_type (claim_token),
       GNUNET_PQ_query_param_end
     };
 
@@ -7130,8 +7134,9 @@ libtaler_plugin_merchantdb_postgres_init (void *cls)
                             "   AND merchant_serial="
                             "     (SELECT merchant_serial"
                             "        FROM merchant_instances"
-                            "        WHERE merchant_id=$1)",
-                            7),
+                            "        WHERE merchant_id=$1)"
+                            "   AND claim_token=$8",
+                            8),
     /* for postgres_update_contract_terms() */
     GNUNET_PQ_make_prepare ("update_contract_terms",
                             "UPDATE merchant_contract_terms SET"
diff --git a/src/backenddb/test_merchantdb.c b/src/backenddb/test_merchantdb.c
index fbbdaa18..c9c3500f 100644
--- a/src/backenddb/test_merchantdb.c
+++ b/src/backenddb/test_merchantdb.c
@@ -1282,6 +1282,11 @@ struct OrderData
    * The contract of the order
    */
   json_t *contract;
+
+  /**
+   * The claim token for the order.
+   */
+  struct TALER_ClaimTokenP claim_token;
 };
 
 
@@ -1302,6 +1307,9 @@ make_order (const char *order_id,
   GNUNET_assert (NULL != order->contract);
   order->pay_deadline = GNUNET_TIME_absolute_add (GNUNET_TIME_absolute_get (),
                                                   GNUNET_TIME_UNIT_DAYS);
+  GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
+                              &order->claim_token,
+                              sizeof (order->claim_token));
   refund_deadline = GNUNET_TIME_absolute_add (GNUNET_TIME_absolute_get (),
                                               GNUNET_TIME_UNIT_WEEKS);
   GNUNET_TIME_round_abs (&order->pay_deadline);
@@ -1346,17 +1354,12 @@ test_insert_order (const struct InstanceData *instance,
                    const struct OrderData *order,
                    enum GNUNET_DB_QueryStatus expected_result)
 {
-  struct TALER_ClaimTokenP no_token;
-
-  memset (&no_token,
-          0,
-          sizeof (no_token));
   TEST_COND_RET_ON_FAIL (expected_result ==
                          plugin->insert_order (plugin->cls,
                                                instance->instance.id,
                                                order->id,
                                                order->pay_deadline,
-                                               &no_token,
+                                               &order->claim_token,
                                                order->contract),
                          "Insert order failed\n");
   return 0;
@@ -1629,6 +1632,7 @@ test_insert_contract_terms (const struct InstanceData *instance,
                          plugin->insert_contract_terms (plugin->cls,
                                                         instance->instance.id,
                                                         order->id,
+                                                        &order->claim_token,
                                                         order->contract),
                          "Insert contract terms failed\n");
   return 0;
@@ -2015,6 +2019,16 @@ run_test_orders (struct TestOrders_Closure *cls)
                                         &filter,
                                         2,
                                         cls->orders));
+  /* Test contract terms must have the correct claim token */
+  {
+    struct OrderData tmp = cls->orders[0];
+    /* just increment part of the token to guarantee we don't generate the
+       same token by chance. */
+    tmp.claim_token.token.value[0] += 1;
+    TEST_RET_ON_FAIL (test_insert_contract_terms (&cls->instance,
+                                                  &tmp,
+                                                  GNUNET_DB_STATUS_SUCCESS_NO_RESULTS));
+  }
   /* Test inserting contract terms */
   TEST_RET_ON_FAIL (test_insert_contract_terms (&cls->instance,
                                                 &cls->orders[0],