1 files changed, 58 insertions, 29 deletions

diff --git a/src/backend/taler-merchant-httpd.c b/src/backend/taler-merchant-httpd.c
index e46e4c8e..721221a0 100644
--- a/src/backend/taler-merchant-httpd.c
+++ b/src/backend/taler-merchant-httpd.c
@@ -1066,6 +1066,51 @@ url_handler (void *cls,
          in the code... */
       .max_upload = 1024 * 1024 * 8
     },
+    /* GET /instances/$ID/: MUST be at the beginning of the
+       array, as this endpoint ONLY applies to the
+       default instance! See use_default logic below. */
+    {
+      .url_prefix = "/instances/",
+      .method = MHD_HTTP_METHOD_GET,
+      .have_id_segment = true,
+      .handler = &TMH_private_get_instances_default_ID
+    },
+    /* DELETE /private/instances/$ID: MUST be at the beginning of the
+       array, as this endpoint ONLY applies to the
+       default instance! See use_default logic below. */
+    {
+      .url_prefix = "/instances/",
+      .method = MHD_HTTP_METHOD_DELETE,
+      .have_id_segment = true,
+      .handler = &TMH_private_delete_instances_default_ID
+    },
+    /* PATCH /instances/$ID/: MUST be at the beginning of the
+       array, as this endpoint ONLY applies to the
+       default instance! See use_default logic below.*/
+    {
+      .url_prefix = "/instances/",
+      .method = MHD_HTTP_METHOD_PATCH,
+      .have_id_segment = true,
+      .handler = &TMH_private_patch_instances_default_ID,
+      /* allow instance data of up to 8 MB, that should be plenty;
+         note that exceeding #GNUNET_MAX_MALLOC_CHECKED (40 MB)
+         would require further changes to the allocation logic
+         in the code... */
+      .max_upload = 1024 * 1024 * 8
+    },
+    /* POST /auth: MUST be at the beginning of the
+       array, as this endpoint ONLY applies to the
+       default instance! See use_default logic below.*/
+    {
+      .url_prefix = "/instances/",
+      .url_suffix = "auth",
+      .method = MHD_HTTP_METHOD_POST,
+      .have_id_segment = true,
+      .handler = &TMH_private_post_instances_default_ID_auth,
+      /* Body should be pretty small. */
+      .max_upload = 1024 * 1024,
+    },
+
     /* **** End of array entries specific to default instance **** */
     /* GET /instances/$ID/: */
     {
@@ -1555,7 +1600,7 @@ url_handler (void *cls,
       if (use_default)
         handlers = private_handlers;
       else
-        handlers = &private_handlers[2]; /* skip first two methods: default instance-only! */
+        handlers = &private_handlers[6]; /* skip first six methods: default instance-only! */
       url += strlen (private_prefix) - 1;
       use_private = true;
     }
@@ -1617,7 +1662,7 @@ url_handler (void *cls,
                            rh->url_prefix,
                            prefix_strlen)) )
           continue;
-        if (GNUNET_NO == rh->have_id_segment)
+        if (! rh->have_id_segment)
         {
           if (NULL != suffix_url)
             continue; /* too many segments to match */
@@ -1634,7 +1679,7 @@ url_handler (void *cls,
         else
         {
           if ( (NULL == infix_url)
-               ^ (GNUNET_NO == rh->have_id_segment) )
+               ^ (! rh->have_id_segment) ) // FIXME: have_id_segment is always 'true' here!
             continue; /* infix existence mismatch */
           if ( ( (NULL == suffix_url)
                  ^ (NULL == rh->url_suffix) ) )
@@ -1679,13 +1724,11 @@ url_handler (void *cls,
   if (use_private)
   {
     const char *auth;
-    struct TMH_MerchantInstance *def_instance;
     bool auth_ok;
     bool auth_malformed = false;
 
     /* PATCHing an instance can alternatively be checked against
        the default instance */
-    def_instance = TMH_lookup_instance (NULL);
     auth = MHD_lookup_connection_value (connection,
                                         MHD_HEADER_KIND,
                                         MHD_HTTP_HEADER_AUTHORIZATION);
@@ -1702,30 +1745,16 @@ url_handler (void *cls,
         auth_malformed = true;
     }
 
-    /* Are the credentials provided OK for the default instance?
-       Check against CLI override and default instance. */
-    auth_ok = ( (NULL == default_auth) ||
-                ( (NULL != auth) &&
-                  (0 == strcmp (auth,
-                                default_auth)) ) );
-    /* If we have no default instance, authentication is satisfied EVEN
-       if the 'default_auth' is NULL; otherwise, only if the default_auth
-       matched OR the auth_hash matched */
-    if ( (NULL != def_instance) &&
-         (NULL == default_auth) )
-      auth_ok = (GNUNET_OK ==
-                 TMH_check_auth (auth,
-                                 &def_instance->auth.auth_salt,
-                                 &def_instance->auth.auth_hash));
-    /* Only permit 'default' auth if we are either working with
-       the default instance OR patching/deleting an instance OR have no instance */
-    if ( (hc->rh->handler != &TMH_private_patch_instances_ID) &&
-         (hc->rh->handler != &TMH_private_delete_instances_ID) &&
-         ( (NULL != hc->instance) ||
-           (def_instance != hc->instance) ) )
-      auth_ok = false;
-
-    /* Check against selected instance if we have one */
+    /* If we have not even a default instance AND no override
+       credentials, THEN we accept anything (no access control) */
+    auth_ok = ( (NULL == TMH_lookup_instance (NULL)) &&
+                (NULL == default_auth) );
+    /* Are the credentials provided OK for CLI override? */
+    auth_ok |= ( (NULL != default_auth) &&
+                 (NULL != auth) &&
+                 (0 == strcmp (auth,
+                               default_auth)) );
+    /* Check against selected instance, if we have one */
     if (NULL != hc->instance)
       auth_ok |= (GNUNET_OK ==
                   TMH_check_auth (auth,