enforce RFC 8959 prefix for passwords - merchant - Merchant backend to process payments, run by merchants

commit a97ee62dab172a39eab1bebdcd0d8512f5ce4dac
parent ec72fbc08ad2734831b3ee2517f0121ad27afd89
Author: Christian Grothoff <christian@grothoff.org>
Date:   Wed,  1 May 2024 09:42:59 +0200

enforce RFC 8959 prefix for passwords

Diffstat:
M src/merchant-tools/taler-merchant-passwd.c  | 14 ++++++++++++--

1 file changed, 12 insertions(+), 2 deletions(-)
diff --git a/src/merchant-tools/taler-merchant-passwd.c b/src/merchant-tools/taler-merchant-passwd.c
@@ -54,7 +54,7 @@ run (void *cls,
   const char *pw = args[0];
   struct TALER_MERCHANTDB_InstanceAuthSettings ias;
   enum GNUNET_DB_QueryStatus qs;
-  
+
   if (NULL == pw)
     pw = getenv ("TALER_MERCHANT_PASSWORD");
   if (NULL == pw)
@@ -64,6 +64,16 @@ run (void *cls,
     global_ret = -1;
     return;
   }
+  if (0 != strncmp (pw,
+                    RFC_8959_PREFIX,
+                    strlen (RFC_8959_PREFIX)))
+  {
+    fprintf (stderr,
+             "Invalid password specified, does not begin with `%s'\n",
+             RFC_8959_PREFIX);
+    global_ret = 1;
+    return;
+  }
   if (NULL == instance)
     instance = GNUNET_strdup ("default");
   cfg = GNUNET_CONFIGURATION_dup (config);
@@ -112,7 +122,7 @@ run (void *cls,
         .size = ntohs (sizeof (es)),
         .type = ntohs (TALER_DBEVENT_MERCHANT_INSTANCE_SETTINGS)
       };
-      
+
       plugin->event_notify (plugin->cls,
                             &es,
                             instance,

	merchant Merchant backend to process payments, run by merchants
	Log \| Files \| Refs \| Submodules \| README \| LICENSE