Check instance before processing payment. - merchant - Merchant backend to process payments, run by merchants

commit 4d4d0dbd9365c76496eb0707bf339f82d2461a98
parent 8aaa9884cf6200bb3fc75175c1688e729c1fa976
Author: Marcello Stanisci <stanisci.m@gmail.com>
Date:   Tue, 15 Oct 2019 14:49:18 +0200

Check instance before processing payment.

Diffstat:
M src/backend/taler-merchant-httpd_pay.c  | 13 +++++++++++++

1 file changed, 13 insertions(+), 0 deletions(-)
diff --git a/src/backend/taler-merchant-httpd_pay.c b/src/backend/taler-merchant-httpd_pay.c
@@ -1405,6 +1405,19 @@ parse_pay (struct MHD_Connection *connection,
 
   session_id = json_string_value (json_object_get (root,
                                                    "session_id"));
+
+  if (0 != memcmp (&merchant_pub,
+                   &pc->mi->pubkey,
+                   sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)))
+  {
+    TALER_LOG_INFO ("Unknown merchant public key included in payment (usually wrong instance chosen)\n");
+    TMH_RESPONSE_reply_rc (connection,
+                           MHD_HTTP_NOT_FOUND,
+                           TALER_EC_PAY_WRONG_INSTANCE,
+                           "Payment sent to wrong instance (merchant_pub unknown to the merchant)");
+    return GNUNET_NO;
+  }
+
   if (NULL != session_id)
     pc->session_id = GNUNET_strdup (session_id);
   pc->order_id = GNUNET_strdup (order_id);

	merchant Merchant backend to process payments, run by merchants
	Log \| Files \| Refs \| Submodules \| README \| LICENSE