check payment logic: allow session_id without session_sig_str - merchant - Merchant backend to process payments, run by merchants

commit df653e582dc9995f6ee5a0a237533f7255fb8806
parent ad666d7d20533d67ab7072ea161e11860204d192
Author: Florian Dold <florian.dold@gmail.com>
Date:   Wed, 26 Jun 2019 21:39:03 +0200

check payment logic: allow session_id without session_sig_str

Diffstat:
M src/backend/taler-merchant-httpd_check-payment.c  | 14 ++------------

1 file changed, 2 insertions(+), 12 deletions(-)
diff --git a/src/backend/taler-merchant-httpd_check-payment.c b/src/backend/taler-merchant-httpd_check-payment.c
@@ -257,21 +257,11 @@ MH_handler_check_payment (struct TMH_RequestHandler *rh,
   session_sig_str = MHD_lookup_connection_value (connection,
                                                 MHD_GET_ARGUMENT_KIND,
                                                 "session_sig");
-  if (NULL != session_id)
+  if ((NULL != session_id) && (NULL != session_sig_str))
   {
     struct GNUNET_CRYPTO_EddsaSignature sig;
     struct TALER_MerchantPaySessionSigPS mps;
-    /* If the session id is given, the frontend wants us
-       to verify the session signature. */
-    if (NULL == session_sig_str)
-    {
-      /* pay session signature required but missing */
-      GNUNET_break_op (0);
-      GNUNET_free (final_contract_url);
-      return TMH_RESPONSE_reply_bad_request (connection,
-                                             TALER_EC_PARAMETER_MISSING,
-                                             "session_sig required if session_id given");
-    }
+
     if (GNUNET_OK !=
         GNUNET_STRINGS_string_to_data (session_sig_str,
                                        strlen (session_sig_str),

	merchant Merchant backend to process payments, run by merchants
	Log \| Files \| Refs \| Submodules \| README \| LICENSE