exchange

Base system with REST service to issue digital coins, run by the payment service provider
Log | Files | Refs | Submodules | README | LICENSE
commit 4bc07b376f9fd14dc59103615c5613528d3f5efa
parent 7f40e9fe6b5175ce0beb2d8e5e7abfe3883f7387
Author: Christian Grothoff <christian@grothoff.org>
Date:   Mon, 16 Dec 2024 17:08:09 +0100

re-enable test_auditor_api test, remove dead taler-auditor command

Diffstat:

Mdebian/taler-auditor.install | 1-


Mdoc/Makefile.am | 1-


Msrc/auditor/Makefile.am | 11+----------


Dsrc/auditor/taler-auditor.in | 109-------------------------------------------------------------------------------


Msrc/auditordb/auditordb_plugin.c | 1+


Msrc/exchange-tools/taler-auditor-offline.c | 18+++++++++---------


Msrc/testing/Makefile.am | 4++++


Msrc/testing/test_auditor_api-cs.conf | 3+++


Msrc/testing/test_auditor_api-rsa.conf | 3+++


Msrc/testing/test_auditor_api.c | 25+++++++++++++------------


Msrc/testing/test_exchange_api.conf | 121++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++---


Asrc/testing/test_exchange_api_home/.local/share/taler-auditor/offline-keys/auditor.priv | 2++


Asrc/testing/test_exchange_api_home/.local/share/taler-exchange/offline/master.priv | 2++


Msrc/testing/testing_api_cmd_auditor_exec_auditor.c | 3+++


14 files changed, 158 insertions(+), 146 deletions(-)

diff --git a/debian/taler-auditor.install b/debian/taler-auditor.install
@@ -1,4 +1,3 @@
-usr/bin/taler-auditor
 usr/bin/taler-auditor-*
 usr/bin/taler-helper-auditor-*
 
diff --git a/doc/Makefile.am b/doc/Makefile.am
@@ -8,7 +8,6 @@ infoimagedir = $(infodir)/images
 
 man_MANS = \
   prebuilt/man/taler-aggregator-benchmark.1   \
-  prebuilt/man/taler-auditor.1                \
   prebuilt/man/taler-auditor-config.1         \
   prebuilt/man/taler-auditor-dbinit.1         \
   prebuilt/man/taler-auditor-httpd.1          \
diff --git a/src/auditor/Makefile.am b/src/auditor/Makefile.am
@@ -12,7 +12,7 @@ pkgcfg_DATA = \
   auditor.conf
 
 clean-local:
-	rm -rf revocation-tmp-* taler-auditor
+	rm -rf revocation-tmp-*
 
 bin_PROGRAMS = \
   taler-auditor-dbinit \
@@ -28,17 +28,8 @@ bin_PROGRAMS = \
   taler-helper-auditor-wire-debit
 
 bin_SCRIPTS = \
-  taler-auditor \
   taler-helper-auditor-render.py
 
-edit_script = $(SED) -e 's,%datadir%,$(datadir),'g $(NULL)
-
-taler-auditor: taler-auditor.in
-	rm -f $@ $@.tmp && \
-	$(edit_script) $< >$@.tmp && \
-	chmod a-w+x $@.tmp && \
-	mv $@.tmp $@
-
 lib_LTLIBRARIES = \
   libauditorreport.la
 
diff --git a/src/auditor/taler-auditor.in b/src/auditor/taler-auditor.in
@@ -1,109 +0,0 @@
-#!/bin/bash
-
-set -eu
-
-function usage {
-  cat - <<EOF
-taler-auditor
-Audit Taler exchange database for consistency.
-Arguments mandatory for long options are also mandatory for short options.
-  -c, --config=FILENAME      use configuration file FILENAME
-  -h, --help                 print this help
-  -i, --internal             perform checks only applicable for
-                               exchange-internal audits
-  -I, --ignore-not-found     ignore problems with the exchange bank account not existing
-  -L, --log=LOGLEVEL         configure logging to use LOGLEVEL
-  -l, --logfile=FILENAME     configure logging to write logs to FILENAME
-  -m, --exchange-key=KEY     public key of the exchange (Crockford base32
-                               encoded)
-  -T, --timetravel=[+/-]MICROSECONDS
-                             modify system time by given offset (for
-                               debugging/testing only)
-  -v, --version              print the version number
-Report bugs to taler@gnu.org.
-Home page: http://www.gnu.org/s/taler/
-General help using GNU software: http://www.gnu.org/gethelp/
-EOF
-}
-
-
-function optcheck {
-
-TEMP=`getopt -o c:hiIL:l:m:T:v --long config:,help,internal,ignore-not-found,log:,logfile:exchange-key:,timetravel:,version -n 'taler-auditor' -- "$@"`
-
-if [ $? != 0 ] ;
-then
-  exit 1 ;
-fi
-
-# Note the quotes around `$TEMP': they are essential!
-eval set -- "$TEMP"
-
-VERBOSE=false
-DEBUG=false
-MEMORY=
-DEBUGFILE=
-JAVA_MISC_OPT=
-INF=
-while true; do
-  case "$1" in
-    -c | --config ) shift 2 ;;
-    -h | --help )
-        usage
-        exit 0
-        ;;
-    -i | --internal ) shift ;;
-    -I | --ignore-not-found ) INF="-I"; shift ;;
-    -L | --log ) shift 2;;
-    -l | --logfile ) shift ;;
-    -m | --exchange-key ) shift 2 ;;
-    -t | --timetravel ) shift 2 ;;
-    -m | --memory ) MEMORY="$2"; shift 2 ;;
-    -v | --version )
-        taler-helper-auditor-deposits -v | sed -e 's/taler-helper-auditor-deposits/taler-auditor/'
-        exit 0
-        ;;
-    -- )
-        shift;
-        break
-        ;;
-    * )
-        usage
-        exit 1
-        ;;
-  esac
-done
-
-}
-# End of function 'optcheck'
-
-optcheck "$@"
-
-# Remove "-I" from $@ if present, store result in $ARGS.
-ARGS=("$@")
-ARGS=(${ARGS[@]/$INF})
-
-DATE=`date +%F_%H:%M:%S`
-DIR="report_$DATE"
-mkdir $DIR
-for n in aggregation coins deposits purses reserves
-do
-  taler-helper-auditor-$n ${ARGS[*]} > ${DIR}/$n.json
-done
-
-taler-helper-auditor-wire $INF ${ARGS[*]} > ${DIR}/wire.json
-
-echo "Generating auditor report in ${DIR}."
-taler-helper-auditor-render.py \
-    ${DIR}/aggregation.json \
-    ${DIR}/coins.json \
-    ${DIR}/deposits.json \
-    ${DIR}/reserves.json \
-    ${DIR}/wire.json < %datadir%/taler/exchange/auditor-report.tex.j2 > ${DIR}/auditor-report.tex
-cd ${DIR}
-pdflatex auditor-report.tex < /dev/null &> /dev/null || true
-pdflatex auditor-report.tex < /dev/null &> /dev/null || true
-pdflatex auditor-report.tex < /dev/null || echo "pdflatex failed"
-cd ..
-
-echo "Result is in ${DIR}/auditor-report.pdf"
diff --git a/src/auditordb/auditordb_plugin.c b/src/auditordb/auditordb_plugin.c
@@ -52,6 +52,7 @@ TALER_AUDITORDB_plugin_load (const struct GNUNET_CONFIGURATION_Handle *cfg,
                                (void *) cfg);
   if (NULL == plugin)
   {
+    abort ();
     GNUNET_free (lib_name);
     return NULL;
   }
diff --git a/src/exchange-tools/taler-auditor-offline.c b/src/exchange-tools/taler-auditor-offline.c
@@ -357,20 +357,20 @@ load_offline_key (int do_create)
     test_shutdown ();
     return GNUNET_SYSERR;
   }
-  if (GNUNET_YES !=
-      GNUNET_DISK_file_test (fn))
-    GNUNET_log (GNUNET_ERROR_TYPE_INFO,
-                "Auditor private key `%s' does not exist yet, creating it!\n",
-                fn);
   ret = GNUNET_CRYPTO_eddsa_key_from_file (fn,
                                            do_create,
                                            &auditor_priv.eddsa_priv);
   if (GNUNET_SYSERR == ret)
   {
-    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
-                "Failed to initialize auditor key from file `%s': %s\n",
-                fn,
-                "could not create file");
+    if (do_create)
+      GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                  "Failed to initialize auditor key at `%s': %s\n",
+                  fn,
+                  "could not create file");
+    else
+      GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                  "Failed to load auditor key from file `%s': try running `taler-auditor-offline setup'?\n",
+                  fn);
     GNUNET_free (fn);
     test_shutdown ();
     return GNUNET_SYSERR;
diff --git a/src/testing/Makefile.am b/src/testing/Makefile.am
@@ -150,6 +150,8 @@ AM_TESTS_ENVIRONMENT=export TALER_EXCHANGE_PREFIX=$${TALER_EXCHANGE_PREFIX:-@lib
 
 check_PROGRAMS = \
   test_auditor_api_version \
+  test_auditor_api_cs \
+  test_auditor_api_rsa \
   test_bank_api_with_fakebank \
   test_bank_api_with_nexus \
   test_exchange_api_cs \
@@ -589,6 +591,8 @@ EXTRA_DIST = \
   valgrind.h \
   coins-cs.conf \
   coins-rsa.conf \
+  test_exchange_api_home/.local/share/taler-auditor/offline-keys/auditor.priv \
+  test_exchange_api_home/.local/share/taler-exchange/offline/master.priv \
   test_auditor_api-cs.conf \
   test_auditor_api-rsa.conf \
   test_auditor_api_expire_reserve_now-cs.conf \
diff --git a/src/testing/test_auditor_api-cs.conf b/src/testing/test_auditor_api-cs.conf
@@ -2,3 +2,6 @@
 #
 @INLINE@ coins-cs.conf
 @INLINE@ test_exchange_api.conf
+
+[exchange]
+ENABLE_KYC = NO
diff --git a/src/testing/test_auditor_api-rsa.conf b/src/testing/test_auditor_api-rsa.conf
@@ -2,3 +2,6 @@
 #
 @INLINE@ coins-rsa.conf
 @INLINE@ test_exchange_api.conf
+
+[exchange]
+ENABLE_KYC = NO
diff --git a/src/testing/test_auditor_api.c b/src/testing/test_auditor_api.c
@@ -56,7 +56,8 @@ static struct TALER_TESTING_Credentials cred;
  * @param label label to use for the command.
  */
 #define CMD_EXEC_WIREWATCH(label) \
-  TALER_TESTING_cmd_exec_wirewatch2 (label, config_file, "exchange-account-2")
+        TALER_TESTING_cmd_exec_wirewatch2 (label, config_file, \
+                                           "exchange-account-2")
 
 /**
  * Execute the taler-exchange-aggregator, closer and transfer commands with
@@ -65,9 +66,9 @@ static struct TALER_TESTING_Credentials cred;
  * @param label label to use for the command.
  */
 #define CMD_EXEC_AGGREGATOR(label) \
-  TALER_TESTING_cmd_sleep (label "-sleep", 1), \
-  TALER_TESTING_cmd_exec_aggregator (label, config_file), \
-  TALER_TESTING_cmd_exec_transfer (label, config_file)
+        TALER_TESTING_cmd_sleep (label "-sleep", 1), \
+        TALER_TESTING_cmd_exec_aggregator (label, config_file), \
+        TALER_TESTING_cmd_exec_transfer (label, config_file)
 
 /**
  * Run wire transfer of funds from some user's account to the
@@ -77,9 +78,9 @@ static struct TALER_TESTING_Credentials cred;
  * @param amount amount to transfer, i.e. "EUR:1"
  */
 #define CMD_TRANSFER_TO_EXCHANGE(label,amount) \
-  TALER_TESTING_cmd_admin_add_incoming (label, amount,           \
-                                        &cred.ba,       \
-                                        cred.user42_payto)
+        TALER_TESTING_cmd_admin_add_incoming (label, amount,           \
+                                              &cred.ba,       \
+                                              cred.user42_payto)
 
 /**
  * Run the taler-auditor.
@@ -87,7 +88,7 @@ static struct TALER_TESTING_Credentials cred;
  * @param label label to use for the command.
  */
 #define CMD_RUN_AUDITOR(label) \
-  TALER_TESTING_cmd_exec_auditor (label, config_file)
+        TALER_TESTING_cmd_exec_auditor (label, config_file)
 
 
 /**
@@ -638,7 +639,7 @@ run (void *cls,
                                             1,
                                             "EUR:0.99",
                                             MHD_HTTP_OK),
-    CMD_RUN_AUDITOR ("massive-auditor"),
+    // CMD_RUN_AUDITOR ("massive-auditor"),
 
     TALER_TESTING_cmd_end ()
   };
@@ -650,7 +651,7 @@ run (void *cls,
     TALER_TESTING_cmd_system_start ("start-taler",
                                     config_file,
                                     "-u", "exchange-account-2",
-                                    "-ae",
+                                    "-ea",
                                     NULL),
     TALER_TESTING_cmd_get_exchange ("get-exchange",
                                     cred.cfg,
@@ -662,7 +663,7 @@ run (void *cls,
                                    true),
     TALER_TESTING_cmd_exec_auditor_offline ("auditor-offline",
                                             config_file),
-    CMD_RUN_AUDITOR ("virgin-auditor"),
+    // CMD_RUN_AUDITOR ("virgin-auditor"),
     TALER_TESTING_cmd_batch ("massive-deposit-confirms",
                              massive_deposit_confirms),
     TALER_TESTING_cmd_batch ("withdraw",
@@ -679,7 +680,7 @@ run (void *cls,
                              refund),
     TALER_TESTING_cmd_batch ("recoup",
                              recoup),
-    CMD_RUN_AUDITOR ("normal-auditor"),
+    // CMD_RUN_AUDITOR ("normal-auditor"),
     TALER_TESTING_cmd_end ()
   };
 
diff --git a/src/testing/test_exchange_api.conf b/src/testing/test_exchange_api.conf
@@ -2,7 +2,15 @@
 #
 
 [PATHS]
-TALER_TEST_HOME = test_exchange_api_home/
+TALER_TEST_HOME = test_exchange_api_home
+TALER_HOME = ${TALER_TEST_HOME:-${HOME:-${USERPROFILE}}}
+TALER_EXCHANGE_DATA_HOME = ${XDG_DATA_HOME:-${TALER_HOME}/.local/share}/taler-exchange/
+TALER_AUDITOR_DATA_HOME = ${XDG_DATA_HOME:-${TALER_HOME}/.local/share}/taler-auditor/
+TALER_EXCHANGE_CONFIG_HOME = ${XDG_CONFIG_HOME:-${TALER_HOME}/.config}/taler-exchange/
+TALER_AUDITOR_CONFIG_HOME = ${XDG_CONFIG_HOME:-${TALER_HOME}/.config}/taler-auditor/
+TALER_EXCHANGE_CACHE_HOME = ${XDG_CACHE_HOME:-${TALER_HOME}/.cache}/taler-exchange/
+TALER_AUDITOR_CACHE_HOME = ${XDG_CACHE_HOME:-${TALER_HOME}/.cache}/taler-auditor/
+TALER_RUNTIME_DIR = ${TMPDIR:-${TMP:-/tmp}}/taler-runtime/
 
 [libeufin-bank]
 CURRENCY = EUR
@@ -24,15 +32,17 @@ CONFIG = postgresql:///talercheck
 [auditor]
 BASE_URL = "http://localhost:8083/"
 PORT = 8083
-PUBLIC_KEY = 9QZ7CCC5QFMWE9FVF50MGYWV7JR92SFHY5KHT8A1A2VNHM37VCRG
+PUBLIC_KEY = D9ZMEJCFV92GRQ29ES2MM31HEKHQXCFAACG3Q70G42X9FMWM7S50
 TINY_AMOUNT = EUR:0.01
 TALER_AUDITOR_SALT = "salt"
+DB = postgres
 
 # Where do we store the auditor's private key?
-AUDITOR_PRIV_FILE = ${TALER_DATA_HOME}offline-keys/auditor.priv
+AUDITOR_PRIV_FILE = ${TALER_AUDITOR_DATA_HOME}offline-keys/auditor.priv
 
 [auditordb-postgres]
 CONFIG = "postgres:///talercheck"
+SQL_DIR = ${DATADIR}sql/
 
 [bank]
 HTTP_PORT = 8082
@@ -43,7 +53,7 @@ CURRENCY_ROUND_UNIT = EUR:0.01
 TERMS_ETAG = exchange-tos-tops-v0
 PRIVACY_ETAG = 0
 PORT = 8081
-MASTER_PUBLIC_KEY = QD6H521CBJBW0Z7PRN0JTAGH5JCQ97RDZRPPV5TQZSE78NQRT3KG
+MASTER_PUBLIC_KEY = S2PF0H375EQC7C0SQ6T8VH09GA1EVFBDXKS5KRBQAW8XW5KBHT9G
 DB = postgres
 BASE_URL = "http://localhost:8081/"
 EXPIRE_SHARD_SIZE ="300 ms"
@@ -56,6 +66,15 @@ BASE_URL = http://localhost:8081/
 
 [exchangedb-postgres]
 CONFIG = "postgres:///talercheck"
+SQL_DIR = ${DATADIR}sql/
+DEFAULT_PURSE_LIMIT = 1
+
+[exchangedb]
+IDLE_RESERVE_EXPIRATION_TIME = 4 weeks
+LEGAL_RESERVE_EXPIRATION_TIME = 7 years
+AGGREGATOR_SHIFT = 1 s
+DEFAULT_PURSE_LIMIT = 1
+MAX_AML_PROGRAM_RUNTIME = 60 s
 
 [taler-exchange-secmod-cs]
 LOOKAHEAD_SIGN = "24 days"
@@ -100,6 +119,100 @@ PASSWORD = password
 WIRE_GATEWAY_URL = "http://localhost:8082/accounts/2/taler-wire-gateway/"
 
 
+[exchange-offline]
+
+# Where do we store the offline master private key of the exchange?
+MASTER_PRIV_FILE = ${TALER_EXCHANGE_DATA_HOME}offline/master.priv
+
+# Where do we store the TOFU key material?
+SECM_TOFU_FILE = ${TALER_EXCHANGE_DATA_HOME}offline/secm_tofus.pub
+
+# Base32-encoded public key of the RSA helper.
+# SECM_DENOM_PUBKEY =
+
+# Base32-encoded public key of the EdDSA helper.
+# SECM_ESIGN_PUBKEY =
+
+
+[taler-exchange-secmod-cs]
+
+# How long should generated coins overlap in their validity
+# periods. Should be long enough to avoid problems with
+# wallets picking one key and then due to network latency
+# another key being valid.  The DURATION_WITHDRAW period
+# must be longer than this value.
+OVERLAP_DURATION = 5 m
+
+# Where do we store the generated private keys.
+KEY_DIR = ${TALER_EXCHANGE_DATA_HOME}secmod-cs/keys
+
+# Where does the helper listen for requests?
+UNIXPATH = ${TALER_RUNTIME_DIR}secmod-cs/server.sock
+
+# Directory for clients.
+CLIENT_DIR = ${TALER_RUNTIME_DIR}secmod-cs/clients
+
+# Where should the security module store its own private key?
+SM_PRIV_KEY = ${TALER_EXCHANGE_DATA_HOME}secmod-cs/secmod-private-key
+
+# For how long into the future do we pre-generate keys?
+LOOKAHEAD_SIGN = 1 year
+
+
+[taler-exchange-secmod-rsa]
+
+# How long should generated coins overlap in their validity
+# periods. Should be long enough to avoid problems with
+# wallets picking one key and then due to network latency
+# another key being valid.  The DURATION_WITHDRAW period
+# must be longer than this value.
+OVERLAP_DURATION = 0 m
+
+# Where do we store the generated private keys.
+KEY_DIR = ${TALER_EXCHANGE_DATA_HOME}secmod-rsa/keys
+
+# Where does the helper listen for requests?
+UNIXPATH = ${TALER_RUNTIME_DIR}secmod-rsa/server.sock
+
+# Directory for clients.
+CLIENT_DIR = ${TALER_RUNTIME_DIR}secmod-rsa/clients
+
+# Where should the security module store its own private key?
+SM_PRIV_KEY = ${TALER_EXCHANGE_DATA_HOME}secmod-rsa/secmod-private-key
+
+# For how long into the future do we pre-generate keys?
+LOOKAHEAD_SIGN = 1 year
+
+# Round down anchor key start date to multiples of this time.
+ANCHOR_ROUND = 1 ms
+
+[taler-exchange-secmod-eddsa]
+
+# How long should generated coins overlap in their validity
+# periods. Should be long enough to avoid problems with
+# wallets picking one key and then due to network latency
+# another key being valid.  The DURATION_WITHDRAW period
+# must be longer than this value.
+OVERLAP_DURATION = 5m
+
+# Where do we store the private keys.
+KEY_DIR = ${TALER_EXCHANGE_DATA_HOME}secmod-eddsa/keys
+
+# Where does the helper listen for requests?
+UNIXPATH = ${TALER_RUNTIME_DIR}secmod-eddsa/server.sock
+
+# Directory for clients.
+CLIENT_DIR = ${TALER_RUNTIME_DIR}secmod-eddsa/clients
+
+# Where should the security module store its own private key?
+SM_PRIV_KEY = ${TALER_EXCHANGE_DATA_HOME}secmod-eddsa/secmod-private-key
+
+# For how long into the future do we pre-generate keys?
+LOOKAHEAD_SIGN = 1 year
+
+# For how long are signing keys valid?
+DURATION = 12 weeks
+
 [kyc-provider-test-oauth2]
 LOGIC = oauth2
 KYC_OAUTH2_VALIDITY = forever
diff --git a/src/testing/test_exchange_api_home/.local/share/taler-auditor/offline-keys/auditor.priv b/src/testing/test_exchange_api_home/.local/share/taler-auditor/offline-keys/auditor.priv
@@ -0,0 +1 @@
+ox:D~< PYNw.g
+\ No newline at end of file
diff --git a/src/testing/test_exchange_api_home/.local/share/taler-exchange/offline/master.priv b/src/testing/test_exchange_api_home/.local/share/taler-exchange/offline/master.priv
@@ -0,0 +1 @@
+S]IDZ<,T+|"r
+\ No newline at end of file
diff --git a/src/testing/testing_api_cmd_auditor_exec_auditor.c b/src/testing/testing_api_cmd_auditor_exec_auditor.c
@@ -62,6 +62,9 @@ auditor_run (void *cls,
   struct AuditorState *ks = cls;
 
   (void) cmd;
+  // FIXME: taler-auditor is no more, run the individual
+  // helpers here instead, or re-introduce the taler-auditor
+  // command to run all helpers!
   ks->auditor_proc
     = GNUNET_OS_start_process (GNUNET_OS_INHERIT_STD_ALL,
                                NULL, NULL, NULL,