diff options
author | Christian Grothoff <christian@grothoff.org> | 2015-11-29 13:46:46 +0100 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2015-11-29 13:46:46 +0100 |
commit | 3e3c96110fbb224519ed2e3cd14f6990f2345563 (patch) | |
tree | 08fc10f533cb6f23fb426791f013f90ba2ba1ee1 /src | |
parent | 98af8406d8f06262a09aa40ab04a88ea25e6d3a8 (diff) | |
download | merchant-3e3c96110fbb224519ed2e3cd14f6990f2345563.tar.gz merchant-3e3c96110fbb224519ed2e3cd14f6990f2345563.tar.bz2 merchant-3e3c96110fbb224519ed2e3cd14f6990f2345563.zip |
implement #4074
Diffstat (limited to 'src')
-rw-r--r-- | src/backend/taler-merchant-httpd_auditors.c | 44 | ||||
-rw-r--r-- | src/backend/taler-merchant-httpd_auditors.h | 4 | ||||
-rw-r--r-- | src/backend/taler-merchant-httpd_mints.c | 6 | ||||
-rw-r--r-- | src/backend/taler-merchant-httpd_mints.h | 6 | ||||
-rw-r--r-- | src/backend/taler-merchant-httpd_pay.c | 7 |
5 files changed, 51 insertions, 16 deletions
diff --git a/src/backend/taler-merchant-httpd_auditors.c b/src/backend/taler-merchant-httpd_auditors.c index ac112166..7efc7078 100644 --- a/src/backend/taler-merchant-httpd_auditors.c +++ b/src/backend/taler-merchant-httpd_auditors.c @@ -68,20 +68,46 @@ json_t *j_auditors; * * @param mh mint issuing @a dk * @param dk a denomination issued by @a mh + * @param mint_trusted #GNUNET_YES if the mint of @a dk is trusted by config * @return #GNUNET_OK if we accept this denomination */ int TMH_AUDITORS_check_dk (struct TALER_MINT_Handle *mh, - const struct TALER_MINT_DenomPublicKey *dk) + const struct TALER_MINT_DenomPublicKey *dk, + int mint_trusted) { - // First, we should probably check to see if dk is expired. - // - // We should find out which auditors have signed off on this - // dk, and if there is any overlap with the auditors we accept; - // alternatively, if the given mint is flagged as trusted, we - // also accept this. - GNUNET_break (0); // NOT IMPLEMENTED, warn! #4074 - return GNUNET_OK; /* stop-gap for now */ + const struct TALER_MINT_Keys *keys; + const struct TALER_MINT_AuditorInformation *ai; + unsigned int i; + unsigned int j; + + if (0 == GNUNET_TIME_absolute_get_remaining (dk->deposit_valid_until).rel_value_us) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Denomination key offered by client has expired for deposits\n"); + return GNUNET_SYSERR; /* expired */ + } + if (GNUNET_YES == mint_trusted) + return GNUNET_OK; + keys = TALER_MINT_get_keys (mh); + if (NULL == keys) + { + /* this should never happen, keys should have been successfully + obtained before we even got into this function */ + GNUNET_break (0); + return GNUNET_SYSERR; + } + for (i=0;i<keys->num_auditors;i++) + { + ai = &keys->auditors[i]; + for (j=0;j<ai->num_denom_keys;j++) + if (ai->denom_keys[j] == dk) + return GNUNET_OK; + } + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Denomination key %s offered by client not audited by accepted auditor\n", + GNUNET_h2s (&dk->h_key)); + return GNUNET_NO; } diff --git a/src/backend/taler-merchant-httpd_auditors.h b/src/backend/taler-merchant-httpd_auditors.h index a0323941..1a05a78d 100644 --- a/src/backend/taler-merchant-httpd_auditors.h +++ b/src/backend/taler-merchant-httpd_auditors.h @@ -53,11 +53,13 @@ TMH_AUDITORS_init (const struct GNUNET_CONFIGURATION_Handle *cfg); * * @param mh mint issuing @a dk * @param dk a denomination issued by @a mh + * @param mint_trusted #GNUNET_YES if the mint of @a dk is trusted by config * @return #GNUNET_OK if we accept this denomination */ int TMH_AUDITORS_check_dk (struct TALER_MINT_Handle *mh, - const struct TALER_MINT_DenomPublicKey *dk); + const struct TALER_MINT_DenomPublicKey *dk, + int mint_trusted); /** diff --git a/src/backend/taler-merchant-httpd_mints.c b/src/backend/taler-merchant-httpd_mints.c index aecca780..caf39774 100644 --- a/src/backend/taler-merchant-httpd_mints.c +++ b/src/backend/taler-merchant-httpd_mints.c @@ -204,7 +204,8 @@ keys_mgmt_cb (void *cls, mint->fo_tail, fo); fo->fc (fo->fc_cls, - (NULL != keys) ? mint->conn : NULL); + (NULL != keys) ? mint->conn : NULL, + mint->trusted); GNUNET_free (fo); } } @@ -286,7 +287,8 @@ return_result (void *cls, mint->fo_tail, fo); fo->fc (fo->fc_cls, - (GNUNET_SYSERR == mint->pending) ? NULL : mint->conn); + (GNUNET_SYSERR == mint->pending) ? NULL : mint->conn, + mint->trusted); GNUNET_free (fo); GNUNET_SCHEDULER_cancel (poller_task); GNUNET_SCHEDULER_add_now (&context_task, diff --git a/src/backend/taler-merchant-httpd_mints.h b/src/backend/taler-merchant-httpd_mints.h index 0892a0a5..f546b826 100644 --- a/src/backend/taler-merchant-httpd_mints.h +++ b/src/backend/taler-merchant-httpd_mints.h @@ -59,12 +59,13 @@ TMH_MINTS_done (void); * operation. * * @param cls closure - * @param mint handle to the mint * @param mh handle to the mint context + * @param mint_trusted #GNUNET_YES if this mint is trusted by config */ typedef void (*TMH_MINTS_FindContinuation)(void *cls, - struct TALER_MINT_Handle *mh); + struct TALER_MINT_Handle *mh, + int mint_trusted); /** @@ -100,4 +101,5 @@ TMH_MINTS_find_mint (const char *chosen_mint, void TMH_MINTS_find_mint_cancel (struct TMH_MINTS_FindOperation *fo); + #endif diff --git a/src/backend/taler-merchant-httpd_pay.c b/src/backend/taler-merchant-httpd_pay.c index b287bdd1..f6423fce 100644 --- a/src/backend/taler-merchant-httpd_pay.c +++ b/src/backend/taler-merchant-httpd_pay.c @@ -327,10 +327,12 @@ pay_context_cleanup (struct TM_HandlerContext *hc) * * @param cls the `struct PayContext` * @param mh NULL if mint was not found to be acceptable + * @param mint_trusted #GNUNET_YES if this mint is trusted by config */ static void process_pay_with_mint (void *cls, - struct TALER_MINT_Handle *mh) + struct TALER_MINT_Handle *mh, + int mint_trusted) { struct PayContext *pc = cls; struct TALER_Amount acc_fee; @@ -379,7 +381,8 @@ process_pay_with_mint (void *cls, } if (GNUNET_OK != TMH_AUDITORS_check_dk (mh, - denom_details)) + denom_details, + mint_trusted)) { resume_pay_with_response (pc, MHD_HTTP_BAD_REQUEST, |