commit 4f8b3cf90826b2f0c44c0dfdf18232cfd8893cdc
parent b9c64ba7f04bcc1da490d1dd7483a2e86ba53029
Author: Christian Grothoff <christian@grothoff.org>
Date: Thu, 4 Dec 2025 22:29:46 +0100
introduce protocol v24: refuse refunds past wire deadline
Diffstat:
4 files changed, 25 insertions(+), 3 deletions(-)
diff --git a/src/backend/taler-merchant-httpd_config.c b/src/backend/taler-merchant-httpd_config.c
@@ -43,7 +43,7 @@
* #MERCHANT_PROTOCOL_CURRENT and #MERCHANT_PROTOCOL_AGE in
* merchant_api_get_config.c!
*/
-#define MERCHANT_PROTOCOL_VERSION "23:1:11"
+#define MERCHANT_PROTOCOL_VERSION "24:0:12"
/**
diff --git a/src/backend/taler-merchant-httpd_private-post-orders-ID-refund.c b/src/backend/taler-merchant-httpd_private-post-orders-ID-refund.c
@@ -175,6 +175,7 @@ TMH_private_post_orders_ID_refund (
enum GNUNET_DB_QueryStatus qs;
uint64_t order_serial;
struct GNUNET_TIME_Timestamp refund_deadline;
+ struct GNUNET_TIME_Timestamp wire_deadline;
qs = TMH_db->lookup_contract_terms (TMH_db->cls,
hc->instance->settings.id,
@@ -215,6 +216,8 @@ TMH_private_post_orders_ID_refund (
struct GNUNET_JSON_Specification cspec[] = {
GNUNET_JSON_spec_timestamp ("refund_deadline",
&refund_deadline),
+ GNUNET_JSON_spec_timestamp ("wire_transfer_deadline",
+ &wire_deadline),
GNUNET_JSON_spec_timestamp ("timestamp",
×tamp),
GNUNET_JSON_spec_end ()
@@ -251,6 +254,15 @@ TMH_private_post_orders_ID_refund (
/* NOTE: We MAY still be lucky that the exchange did not yet
wire the funds, so we will try to give the refund anyway */
}
+ if (GNUNET_TIME_absolute_is_past (wire_deadline.abs_time))
+ {
+ /* it is *really* too late for refunds */
+ return TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_GONE,
+ TALER_EC_MERCHANT_PRIVATE_POST_REFUND_AFTER_WIRE_DEADLINE,
+ NULL);
+ }
}
}
diff --git a/src/lib/merchant_api_get_config.c b/src/lib/merchant_api_get_config.c
@@ -34,12 +34,12 @@
* Which version of the Taler protocol is implemented
* by this library? Used to determine compatibility.
*/
-#define MERCHANT_PROTOCOL_CURRENT 23
+#define MERCHANT_PROTOCOL_CURRENT 24
/**
* How many configs are we backwards-compatible with?
*/
-#define MERCHANT_PROTOCOL_AGE 11
+#define MERCHANT_PROTOCOL_AGE 12
/**
* How many exchanges do we allow at most per merchant?
diff --git a/src/lib/merchant_api_post_order_refund.c b/src/lib/merchant_api_post_order_refund.c
@@ -131,7 +131,17 @@ handle_refund_finished (void *cls,
/* Nothing really to verify, merchant says we need to authenticate. */
break;
case MHD_HTTP_NOT_FOUND:
+ /* order unknown (or not paid) */
+ rr.hr.ec = TALER_JSON_get_error_code (json);
+ rr.hr.hint = TALER_JSON_get_error_hint (json);
+ break;
case MHD_HTTP_CONFLICT:
+ /* amount not acceptable */
+ rr.hr.ec = TALER_JSON_get_error_code (json);
+ rr.hr.hint = TALER_JSON_get_error_hint (json);
+ break;
+ case MHD_HTTP_GONE:
+ /* too late, wire deadline is past */
rr.hr.ec = TALER_JSON_get_error_code (json);
rr.hr.hint = TALER_JSON_get_error_hint (json);
break;
