commit aa6c67546510d6a0274600cea8b06dbb87e486a9
parent fb153cb474a6d87d44f83603efafd7a0c73332ae
Author: Christian Grothoff <christian@grothoff.org>
Date: Sun, 29 Dec 2024 12:54:34 +0100
fix #9421
Diffstat:
3 files changed, 69 insertions(+), 36 deletions(-)
diff --git a/src/include/taler_util.h b/src/include/taler_util.h
@@ -626,6 +626,17 @@ TALER_payto_validate (const struct TALER_FullPayto fpayto_uri);
/**
+ * Check that a normalized payto:// URI is well-formed.
+ *
+ * @param npayto_uri the normalized URL to check
+ * @return NULL on success, otherwise an error
+ * message to be freed by the caller!
+ */
+char *
+TALER_normalized_payto_validate (const struct TALER_NormalizedPayto npayto_uri);
+
+
+/**
* Create payto://-URI for a given exchange base URL
* and a @a reserve_pub.
*
diff --git a/src/json/json_helper.c b/src/json/json_helper.c
@@ -1399,11 +1399,10 @@ parse_normalized_payto_uri (void *cls,
return GNUNET_SYSERR;
}
payto_uri->normalized_payto = (char *) str;
-#if FIXME /* #9421 need reduced validation for normalized paytos! */
{
char *err;
- err = TALER_payto_validate (*payto_uri);
+ err = TALER_normalized_payto_validate (*payto_uri);
if (NULL != err)
{
GNUNET_break_op (0);
@@ -1412,7 +1411,6 @@ parse_normalized_payto_uri (void *cls,
return GNUNET_SYSERR;
}
}
-#endif
return GNUNET_OK;
}
diff --git a/src/util/payto.c b/src/util/payto.c
@@ -216,12 +216,12 @@ TALER_xtalerbank_account_from_payto (const struct TALER_FullPayto payto)
* Validate payto://iban/ account URL (only account information,
* wire subject and amount are ignored).
*
- * @param account_url payto URL to parse
+ * @param payto_uri payto URL to parse
* @return NULL on success, otherwise an error message
* to be freed by the caller
*/
static char *
-validate_payto_iban (struct TALER_FullPayto account_url)
+validate_payto_iban (const char *payto_uri)
{
const char *iban;
const char *q;
@@ -229,11 +229,11 @@ validate_payto_iban (struct TALER_FullPayto account_url)
char *err;
#define IBAN_PREFIX "payto://iban/"
- if (0 != strncasecmp (account_url.full_payto,
+ if (0 != strncasecmp (payto_uri,
IBAN_PREFIX,
strlen (IBAN_PREFIX)))
return NULL; /* not an IBAN */
- iban = strrchr (account_url.full_payto,
+ iban = strrchr (payto_uri,
'/') + 1;
#undef IBAN_PREFIX
q = strchr (iban,
@@ -254,15 +254,6 @@ validate_payto_iban (struct TALER_FullPayto account_url)
return err;
}
GNUNET_free (result);
- {
- char *target;
-
- target = payto_get_key (account_url,
- "receiver-name=");
- if (NULL == target)
- return GNUNET_strdup ("'receiver-name' parameter missing");
- GNUNET_free (target);
- }
return NULL;
}
@@ -271,12 +262,12 @@ validate_payto_iban (struct TALER_FullPayto account_url)
* Validate payto://x-taler-bank/ account URL (only account information,
* wire subject and amount are ignored).
*
- * @param account_url payto URL to parse
+ * @param payto_uri payto URL to parse
* @return NULL on success, otherwise an error message
* to be freed by the caller
*/
static char *
-validate_payto_xtalerbank (const struct TALER_FullPayto account_url)
+validate_payto_xtalerbank (const char *payto_uri)
{
const char *user;
const char *nxt;
@@ -288,11 +279,11 @@ validate_payto_xtalerbank (const struct TALER_FullPayto account_url)
bool port_ok;
#define XTALERBANK_PREFIX PAYTO "x-taler-bank/"
- if (0 != strncasecmp (account_url.full_payto,
+ if (0 != strncasecmp (payto_uri,
XTALERBANK_PREFIX,
strlen (XTALERBANK_PREFIX)))
- return NULL; /* not an IBAN */
- host = &account_url.full_payto[strlen (XTALERBANK_PREFIX)];
+ return NULL; /* not an x-taler-bank URI */
+ host = &payto_uri[strlen (XTALERBANK_PREFIX)];
#undef XTALERBANK_PREFIX
beg = strchr (host,
'/');
@@ -387,23 +378,20 @@ validate_payto_xtalerbank (const struct TALER_FullPayto account_url)
{
return GNUNET_strdup ("port missing after ':'");
}
- {
- char *target;
-
- target = payto_get_key (account_url,
- "receiver-name=");
- if (NULL == target)
- return GNUNET_strdup ("'receiver-name' parameter missing");
- GNUNET_free (target);
- }
return NULL;
}
-char *
-TALER_payto_validate (const struct TALER_FullPayto fpayto_uri)
+/**
+ * Generic validation of a payto:// URI. Checks the prefix
+ * and character set.
+ *
+ * @param payto_uri URI to validate
+ * @return NULL on success, otherwise an error message
+ */
+static char *
+payto_validate (const char *payto_uri)
{
- const char *payto_uri = fpayto_uri.full_payto;
char *ret;
const char *start;
const char *end;
@@ -437,12 +425,48 @@ TALER_payto_validate (const struct TALER_FullPayto fpayto_uri)
if (NULL == end)
return GNUNET_strdup ("missing '/' in payload");
- if (NULL != (ret = validate_payto_iban (fpayto_uri)))
+ if (NULL != (ret = validate_payto_iban (payto_uri)))
return ret; /* got a definitive answer */
- if (NULL != (ret = validate_payto_xtalerbank (fpayto_uri)))
+ if (NULL != (ret = validate_payto_xtalerbank (payto_uri)))
return ret; /* got a definitive answer */
- /* Insert other bank account validation methods here later! */
+ /* Insert validation calls for other bank account validation methods here! */
+
+ return NULL;
+}
+
+
+char *
+TALER_normalized_payto_validate (const struct TALER_NormalizedPayto npayto_uri)
+{
+ const char *payto_uri = npayto_uri.normalized_payto;
+ char *ret;
+
+ ret = payto_validate (payto_uri);
+ if (NULL != ret)
+ return ret;
+ return NULL;
+}
+
+
+char *
+TALER_payto_validate (const struct TALER_FullPayto fpayto_uri)
+{
+ const char *payto_uri = fpayto_uri.full_payto;
+ char *ret;
+
+ ret = payto_validate (payto_uri);
+ if (NULL != ret)
+ return ret;
+ {
+ char *target;
+
+ target = payto_get_key (fpayto_uri,
+ "receiver-name=");
+ if (NULL == target)
+ return GNUNET_strdup ("'receiver-name' parameter missing");
+ GNUNET_free (target);
+ }
return NULL;
}
