add phone number validation against regex in backend - merchant - Merchant backend to process payments, run by merchants

commit 22b48adaf32946e447cecd1422d9e38bfbdc2f84
parent 9db8b714b6d7b6b97dd39139b7659a28e93707c2
Author: Christian Grothoff <christian@grothoff.org>
Date:   Fri,  6 Feb 2026 21:11:08 +0100

add phone number validation against regex in backend

Diffstat:
M src/backend/taler-merchant-httpd.c  | 17 +++++++++++++++++
M src/backend/taler-merchant-httpd.h  | 6 ++++++
M src/backend/taler-merchant-httpd_dispatcher.c  | 2 +-
M src/backend/taler-merchant-httpd_get-config.c  | 3 +++

4 files changed, 27 insertions(+), 1 deletion(-)
diff --git a/src/backend/taler-merchant-httpd.c b/src/backend/taler-merchant-httpd.c
@@ -74,6 +74,8 @@ char *TMH_helper_sms;
 
 char *TMH_phone_regex;
 
+regex_t TMH_phone_rx;
+
 char *TMH_allowed_payment_targets;
 
 char *TMH_default_persona;
@@ -1272,6 +1274,21 @@ run (void *cls,
                                "PHONE_REGEX",
                                "no restrictions on phone number specified");
   }
+  else
+  {
+    if (0 != regcomp (&TMH_phone_rx,
+                      TMH_phone_regex,
+                      REG_EXTENDED))
+    {
+      GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
+                                 "merchant",
+                                 "PHONE_REGEX",
+                                 "Invalid regex specified");
+      global_ret = EXIT_NOTCONFIGURED;
+      GNUNET_SCHEDULER_shutdown ();
+      return;
+    }
+  }
 
   if (GNUNET_OK !=
       GNUNET_CONFIGURATION_get_value_string (TMH_cfg,
diff --git a/src/backend/taler-merchant-httpd.h b/src/backend/taler-merchant-httpd.h
@@ -713,6 +713,12 @@ extern char *TMH_helper_sms;
 extern char *TMH_phone_regex;
 
 /**
+ * Compiled version of #TMH_phone_regex, only set if #TMH_phone_regex
+ * is not NULL.
+ */
+extern regex_t TMH_phone_rx;
+
+/**
  * Space-separated list of allowed payment target types.
  * "*" for "all" (no restriction).
  */
diff --git a/src/backend/taler-merchant-httpd_dispatcher.c b/src/backend/taler-merchant-httpd_dispatcher.c
@@ -617,7 +617,7 @@ determine_handler_group (const char **urlp,
     },
     /* GET /incoming/$ID: */
     {
-      .url_prefix = "/incoming",
+      .url_prefix = "/incoming/",
       .permission = "transfers-read",
       .method = MHD_HTTP_METHOD_GET,
       .allow_deleted_instance = true,
diff --git a/src/backend/taler-merchant-httpd_get-config.c b/src/backend/taler-merchant-httpd_get-config.c
@@ -162,6 +162,9 @@ MH_handler_config (const struct TMH_RequestHandler *rh,
                                TMH_currency),
       GNUNET_JSON_pack_string ("payment_target_types",
                                TMH_allowed_payment_targets),
+      GNUNET_JSON_pack_allow_null (
+        GNUNET_JSON_pack_string ("phone_regex",
+                                 TMH_phone_regex)),
       GNUNET_JSON_pack_time_rel ("default_refund_delay",
                                  TMH_default_refund_delay),
       GNUNET_JSON_pack_time_rel ("default_wire_transfer_delay",

	merchant Merchant backend to process payments, run by merchants
	Log \| Files \| Refs \| Submodules \| README \| LICENSE

M	src/backend/taler-merchant-httpd.c	\|	17	+++++++++++++++++
M	src/backend/taler-merchant-httpd.h	\|	6	++++++
M	src/backend/taler-merchant-httpd_dispatcher.c	\|	2	+-
M	src/backend/taler-merchant-httpd_get-config.c	\|	3	+++