From df653e582dc9995f6ee5a0a237533f7255fb8806 Mon Sep 17 00:00:00 2001
From: Florian Dold <florian.dold@gmail.com>
Date: Wed, 26 Jun 2019 21:39:03 +0200
Subject: check payment logic: allow session_id without session_sig_str

---
 src/backend/taler-merchant-httpd_check-payment.c | 14 ++------------
 1 file changed, 2 insertions(+), 12 deletions(-)

diff --git a/src/backend/taler-merchant-httpd_check-payment.c b/src/backend/taler-merchant-httpd_check-payment.c
index 3c5909d9..6542c717 100644
--- a/src/backend/taler-merchant-httpd_check-payment.c
+++ b/src/backend/taler-merchant-httpd_check-payment.c
@@ -257,21 +257,11 @@ MH_handler_check_payment (struct TMH_RequestHandler *rh,
   session_sig_str = MHD_lookup_connection_value (connection,
                                                 MHD_GET_ARGUMENT_KIND,
                                                 "session_sig");
-  if (NULL != session_id)
+  if ((NULL != session_id) && (NULL != session_sig_str))
   {
     struct GNUNET_CRYPTO_EddsaSignature sig;
     struct TALER_MerchantPaySessionSigPS mps;
-    /* If the session id is given, the frontend wants us
-       to verify the session signature. */
-    if (NULL == session_sig_str)
-    {
-      /* pay session signature required but missing */
-      GNUNET_break_op (0);
-      GNUNET_free (final_contract_url);
-      return TMH_RESPONSE_reply_bad_request (connection,
-                                             TALER_EC_PARAMETER_MISSING,
-                                             "session_sig required if session_id given");
-    }
+
     if (GNUNET_OK !=
         GNUNET_STRINGS_string_to_data (session_sig_str,
                                        strlen (session_sig_str),
-- 
cgit v1.2.3