commit 803f82de2bdc3d2750443bad067ded1c1dce3a25
parent ea83a6cbf9fef8d634c0935465a9df5e7de684a0
Author: Christian Grothoff <christian@grothoff.org>
Date: Tue, 16 Jul 2024 12:45:14 +0200
add account_sig for authorization
Diffstat:
5 files changed, 47 insertions(+), 15 deletions(-)
diff --git a/src/exchange/taler-exchange-httpd_kyc-info.c b/src/exchange/taler-exchange-httpd_kyc-info.c
@@ -356,7 +356,8 @@ TEH_handler_kyc_info (
&dummy))
{
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
- "Client send malformed `If-None-Match' header `%s'\n",
+ "Client send malformed `%s' header `%s'\n",
+ MHD_HTTP_HEADER_IF_NONE_MATCH,
etags);
}
else
diff --git a/src/exchange/taler-exchange-httpd_kyc-upload.c b/src/exchange/taler-exchange-httpd_kyc-upload.c
@@ -436,7 +436,7 @@ TEH_handler_kyc_upload (struct TEH_RequestContext *rc,
expiration_time,
enc_attributes_size,
enc_attributes,
- false /* require aml??? Pass do not know? */
+ false /* FIXME: require aml!? Pass do not know? */
);
GNUNET_free (enc_attributes);
if (qs < 0)
diff --git a/src/exchangedb/pg_add_policy_fulfillment_proof.c b/src/exchangedb/pg_add_policy_fulfillment_proof.c
@@ -56,11 +56,11 @@ TEH_PG_add_policy_fulfillment_proof (
struct PostgresClosure *pg = cls;
size_t count = fulfillment->details_count;
/* FIXME: this seems to be prone to VLA attacks */
- struct GNUNET_HashCode hcs[count];
+ struct GNUNET_HashCode hcs[GNUNET_NZL (count)];
/* Create the sorted policy_hash_codes */
{
- size_t idx[count];
+ size_t idx[GNUNET_NZL (count)];
for (size_t i = 0; i < count; i++)
idx[i] = i;
diff --git a/src/kyclogic/kyclogic_api.c b/src/kyclogic/kyclogic_api.c
@@ -2155,10 +2155,10 @@ TALER_KYCLOGIC_measure_to_requirement (
ids = GNUNET_STRINGS_data_to_string_alloc (&shv,
sizeof (shv));
GNUNET_asprintf (&xids,
- "%llu/%u/%s",
- (unsigned long long) row_id,
+ "%s-%u-%llu",
+ ids,
(unsigned int) offset,
- ids);
+ (unsigned long long) row_id);
GNUNET_free (ids);
kri = GNUNET_JSON_PACK (
GNUNET_JSON_pack_string ("form",
@@ -2176,10 +2176,10 @@ TALER_KYCLOGIC_measure_to_requirement (
ids = GNUNET_STRINGS_data_to_string_alloc (&shv,
sizeof (shv));
GNUNET_asprintf (&xids,
- "%llu/%u/%s",
- (unsigned long long) row_id,
+ "%s-%u-%llu",
+ ids,
(unsigned int) offset,
- ids);
+ (unsigned long long) row_id);
GNUNET_free (ids);
kri = GNUNET_JSON_PACK (
GNUNET_JSON_pack_string ("form",
diff --git a/src/lib/exchange_api_kyc_check.c b/src/lib/exchange_api_kyc_check.c
@@ -238,6 +238,7 @@ TALER_EXCHANGE_kyc_check (
struct TALER_EXCHANGE_KycCheckHandle *kch;
CURL *eh;
char *arg_str;
+ struct curl_slist *job_headers = NULL;
{
unsigned long long timeout_ms;
@@ -269,11 +270,41 @@ TALER_EXCHANGE_kyc_check (
GNUNET_free (kch);
return NULL;
}
- // FIXME: use account_priv!!
- kch->job = GNUNET_CURL_job_add_with_ct_json (ctx,
- eh,
- &handle_kyc_check_finished,
- kch);
+
+ job_headers = curl_slist_append (job_headers,
+ "Content-Type: application/json");
+ {
+ union TALER_AccountSignatureP account_sig;
+ char *sig_hdr;
+ char *hdr;
+
+ TALER_account_kyc_auth_sign (account_priv,
+ &account_sig);
+
+ sig_hdr = GNUNET_STRINGS_data_to_string_alloc (
+ &account_sig,
+ sizeof (account_sig));
+ GNUNET_asprintf (&hdr,
+ "%s: %s",
+ TALER_HTTP_HEADER_ACCOUNT_OWNER_SIGNATURE,
+ sig_hdr);
+ GNUNET_free (sig_hdr);
+ job_headers = curl_slist_append (NULL,
+ hdr);
+ GNUNET_free (hdr);
+ if (NULL == job_headers)
+ {
+ GNUNET_break (0);
+ curl_easy_cleanup (eh);
+ return NULL;
+ }
+ }
+ kch->job = GNUNET_CURL_job_add2 (ctx,
+ eh,
+ job_headers,
+ &handle_kyc_check_finished,
+ kch);
+ curl_slist_free_all (job_headers);
return kch;
}
