taler-merchant-httpd_exchanges.c (35101B)
1 /* 2 This file is part of TALER 3 (C) 2014-2024 Taler Systems SA 4 5 TALER is free software; you can redistribute it and/or modify it under the 6 terms of the GNU Affero General Public License as published by the Free Software 7 Foundation; either version 3, or (at your option) any later version. 8 9 TALER is distributed in the hope that it will be useful, but WITHOUT ANY 10 WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR 11 A PARTICULAR PURPOSE. See the GNU General Public License for more details. 12 13 You should have received a copy of the GNU General Public License along with 14 TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/> 15 */ 16 /** 17 * @file src/backend/taler-merchant-httpd_exchanges.c 18 * @brief logic this HTTPD keeps for each exchange we interact with 19 * @author Marcello Stanisci 20 * @author Christian Grothoff 21 */ 22 #include "platform.h" 23 #include <taler/taler_json_lib.h> 24 #include <taler/taler_dbevents.h> 25 #include "taler-merchant-httpd_exchanges.h" 26 #include "taler-merchant-httpd.h" 27 #include "merchant-database/get_kyc_limits.h" 28 #include "merchant-database/set_instance.h" 29 #include "merchant-database/select_exchange_keys.h" 30 #include "merchant-database/event_listen.h" 31 #include "merchant-database/event_notify.h" 32 33 34 /** 35 * How often do we retry DB transactions with soft errors? 36 */ 37 #define MAX_RETRIES 3 38 39 /** 40 * Threshold after which exponential backoff should not increase. 41 */ 42 #define RETRY_BACKOFF_THRESHOLD GNUNET_TIME_relative_multiply ( \ 43 GNUNET_TIME_UNIT_SECONDS, 60) 44 45 /** 46 * This is how long /keys long-polls for, so we should 47 * allow this time between requests if there is no 48 * answer. See exchange_api_handle.c. 49 */ 50 #define LONG_POLL_THRESHOLD GNUNET_TIME_relative_multiply ( \ 51 GNUNET_TIME_UNIT_SECONDS, 120) 52 53 54 /** 55 * Information we keep for a pending #MMH_EXCHANGES_keys4exchange() operation. 56 */ 57 struct TMH_EXCHANGES_KeysOperation 58 { 59 60 /** 61 * Kept in a DLL. 62 */ 63 struct TMH_EXCHANGES_KeysOperation *next; 64 65 /** 66 * Kept in a DLL. 67 */ 68 struct TMH_EXCHANGES_KeysOperation *prev; 69 70 /** 71 * Function to call with the result. 72 */ 73 TMH_EXCHANGES_Find2Continuation fc; 74 75 /** 76 * Closure for @e fc. 77 */ 78 void *fc_cls; 79 80 /** 81 * Exchange we wait for the /keys for. 82 */ 83 struct TMH_Exchange *my_exchange; 84 85 /** 86 * Task scheduled to asynchronously return the result to 87 * the find continuation. 88 */ 89 struct GNUNET_SCHEDULER_Task *at; 90 91 }; 92 93 94 /** 95 * Information about wire transfer fees of an exchange, by wire method. 96 */ 97 struct FeesByWireMethod 98 { 99 100 /** 101 * Kept in a DLL. 102 */ 103 struct FeesByWireMethod *next; 104 105 /** 106 * Kept in a DLL. 107 */ 108 struct FeesByWireMethod *prev; 109 110 /** 111 * Wire method these fees are for. 112 */ 113 char *wire_method; 114 115 /** 116 * Applicable fees, NULL if unknown/error. 117 */ 118 struct TALER_EXCHANGE_WireAggregateFees *af; 119 120 }; 121 122 123 /** 124 * Internal representation for an exchange 125 */ 126 struct TMH_Exchange 127 { 128 129 /** 130 * Kept in a DLL. 131 */ 132 struct TMH_Exchange *next; 133 134 /** 135 * Kept in a DLL. 136 */ 137 struct TMH_Exchange *prev; 138 139 /** 140 * Head of FOs pending for this exchange. 141 */ 142 struct TMH_EXCHANGES_KeysOperation *keys_head; 143 144 /** 145 * Tail of FOs pending for this exchange. 146 */ 147 struct TMH_EXCHANGES_KeysOperation *keys_tail; 148 149 /** 150 * (base) URL of the exchange. 151 */ 152 char *url; 153 154 /** 155 * Currency offered by the exchange according to OUR configuration. 156 */ 157 char *currency; 158 159 /** 160 * The keys of this exchange. 161 */ 162 struct TALER_EXCHANGE_Keys *keys; 163 164 /** 165 * Head of wire fees from /wire request. 166 */ 167 struct FeesByWireMethod *wire_fees_head; 168 169 /** 170 * Tail of wire fees from /wire request. 171 */ 172 struct FeesByWireMethod *wire_fees_tail; 173 174 /** 175 * Task to retry downloading /keys again. 176 */ 177 struct GNUNET_SCHEDULER_Task *retry_task; 178 179 /** 180 * When are we willing to force downloading again? 181 */ 182 struct GNUNET_TIME_Absolute first_retry; 183 184 /** 185 * Current exponential back-off for @e retry_task. 186 */ 187 struct GNUNET_TIME_Relative retry_delay; 188 189 /** 190 * Master public key of the exchange. 191 */ 192 struct TALER_MasterPublicKeyP master_pub; 193 194 /** 195 * true if this exchange is from our configuration and 196 * explicitly trusted, false if we need to check each 197 * key to be sure it is trusted. 198 */ 199 bool trusted; 200 201 }; 202 203 204 /** 205 * Head of exchanges we know about. 206 */ 207 static struct TMH_Exchange *exchange_head; 208 209 /** 210 * Tail of exchanges we know about. 211 */ 212 static struct TMH_Exchange *exchange_tail; 213 214 /** 215 * Our event handler listening for /keys downloads 216 * being put into the database. 217 */ 218 static struct GNUNET_DB_EventHandler *keys_eh; 219 220 /** 221 * How many exchanges do we trust (for our configured 222 * currency) as per our configuration? Used for a 223 * sanity-check on startup. 224 */ 225 static int trusted_exchange_count; 226 227 228 const struct TALER_MasterPublicKeyP * 229 TMH_EXCHANGES_get_master_pub ( 230 const struct TMH_Exchange *exchange) 231 { 232 GNUNET_break ( (exchange->trusted) || 233 (NULL != exchange->keys) ); 234 return &exchange->master_pub; 235 } 236 237 238 const char * 239 TMH_EXCHANGES_get_currency ( 240 const struct TMH_Exchange *exchange) 241 { 242 return exchange->currency; 243 } 244 245 246 struct TMH_Exchange * 247 TMH_EXCHANGES_lookup_exchange (const char *exchange_url) 248 { 249 for (struct TMH_Exchange *exchange = exchange_head; 250 NULL != exchange; 251 exchange = exchange->next) 252 if (0 == strcmp (exchange->url, 253 exchange_url)) 254 return exchange; 255 return NULL; 256 } 257 258 259 bool 260 TMH_EXCHANGES_check_trusted ( 261 const char *exchange_url) 262 { 263 struct TMH_Exchange *exchange = TMH_EXCHANGES_lookup_exchange (exchange_url); 264 265 if (NULL == exchange) 266 return false; 267 return exchange->trusted; 268 } 269 270 271 /** 272 * Check if we have any remaining pending requests for the 273 * given @a exchange, and if we have the required data, call 274 * the callback. 275 * 276 * @param exchange the exchange to check for pending find operations 277 */ 278 static void 279 process_find_operations (struct TMH_Exchange *exchange) 280 { 281 struct GNUNET_TIME_Timestamp now; 282 283 now = GNUNET_TIME_timestamp_get (); 284 for (struct FeesByWireMethod *fbw = exchange->wire_fees_head; 285 NULL != fbw; 286 fbw = fbw->next) 287 { 288 while ( (NULL != fbw->af) && 289 (GNUNET_TIME_timestamp_cmp (fbw->af->end_date, 290 <, 291 now)) ) 292 { 293 struct TALER_EXCHANGE_WireAggregateFees *af = fbw->af; 294 295 fbw->af = af->next; 296 GNUNET_free (af); 297 } 298 if (NULL == fbw->af) 299 { 300 /* Disagreement on the current time */ 301 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 302 "Exchange has no wire fees configured for `%s' wire method\n", 303 fbw->wire_method); 304 } 305 else if (GNUNET_TIME_timestamp_cmp (fbw->af->start_date, 306 >, 307 now)) 308 { 309 /* Disagreement on the current time */ 310 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 311 "Exchange's earliest fee is %s ahead of our time. Clock skew issue?\n", 312 GNUNET_TIME_relative2s ( 313 GNUNET_TIME_absolute_get_remaining ( 314 fbw->af->start_date.abs_time), 315 true)); 316 } 317 } /* for all wire methods */ 318 319 { 320 struct TMH_EXCHANGES_KeysOperation *kon; 321 322 kon = NULL; 323 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 324 "Processing find operations for `%s'\n", 325 exchange->url); 326 for (struct TMH_EXCHANGES_KeysOperation *ko = exchange->keys_head; 327 NULL != ko; 328 ko = kon) 329 { 330 kon = ko->next; 331 ko->fc (ko->fc_cls, 332 exchange->keys, 333 exchange); 334 TMH_EXCHANGES_keys4exchange_cancel (ko); 335 } 336 } 337 } 338 339 340 /** 341 * Function called with information about the wire fees for each wire method. 342 * Stores the wire fees within our internal data structures for later use. 343 * 344 * @param exchange connection to the exchange 345 * @param master_pub public key of the exchange 346 * @param num_methods number of wire methods supported 347 * @param fbm wire fees by method 348 * @return #GNUNET_OK on success 349 */ 350 static enum GNUNET_GenericReturnValue 351 process_wire_fees ( 352 struct TMH_Exchange *exchange, 353 const struct TALER_MasterPublicKeyP *master_pub, 354 unsigned int num_methods, 355 const struct TALER_EXCHANGE_WireFeesByMethod fbm[static num_methods]) 356 { 357 for (unsigned int i = 0; i<num_methods; i++) 358 { 359 const char *wire_method = fbm[i].method; 360 const struct TALER_EXCHANGE_WireAggregateFees *fees = fbm[i].fees_head; 361 struct FeesByWireMethod *f; 362 struct TALER_EXCHANGE_WireAggregateFees *endp; 363 364 for (f = exchange->wire_fees_head; NULL != f; f = f->next) 365 if (0 == strcasecmp (wire_method, 366 f->wire_method)) 367 break; 368 if (NULL == f) 369 { 370 f = GNUNET_new (struct FeesByWireMethod); 371 f->wire_method = GNUNET_strdup (wire_method); 372 GNUNET_CONTAINER_DLL_insert (exchange->wire_fees_head, 373 exchange->wire_fees_tail, 374 f); 375 } 376 endp = f->af; 377 while ( (NULL != endp) && 378 (NULL != endp->next) ) 379 endp = endp->next; 380 while ( (NULL != endp) && 381 (NULL != fees) && 382 (GNUNET_TIME_timestamp_cmp (fees->start_date, 383 <, 384 endp->end_date)) ) 385 fees = fees->next; 386 if ( (NULL != endp) && 387 (NULL != fees) && 388 (GNUNET_TIME_timestamp_cmp (fees->start_date, 389 !=, 390 endp->end_date)) ) 391 { 392 /* Hole or overlap in the fee structure, not allowed! */ 393 GNUNET_break_op (0); 394 return GNUNET_SYSERR; 395 } 396 while (NULL != fees) 397 { 398 struct TALER_EXCHANGE_WireAggregateFees *af; 399 400 af = GNUNET_new (struct TALER_EXCHANGE_WireAggregateFees); 401 *af = *fees; 402 af->next = NULL; 403 if (NULL == endp) 404 f->af = af; 405 else 406 endp->next = af; 407 endp = af; 408 fees = fees->next; 409 } /* all fees for this method */ 410 } /* for all methods (i) */ 411 return GNUNET_OK; 412 } 413 414 415 /** 416 * Retry getting keys from the given exchange in the closure. 417 * 418 * @param cls the `struct TMH_Exchange *` 419 */ 420 static void 421 retry_exchange (void *cls) 422 { 423 struct TMH_Exchange *exchange = cls; 424 struct GNUNET_DB_EventHeaderP es = { 425 .size = htons (sizeof (es)), 426 .type = htons (TALER_DBEVENT_MERCHANT_EXCHANGE_FORCE_KEYS) 427 }; 428 429 exchange->retry_task = NULL; 430 exchange->retry_delay 431 = GNUNET_TIME_randomized_backoff (exchange->retry_delay, 432 RETRY_BACKOFF_THRESHOLD); 433 exchange->first_retry 434 = GNUNET_TIME_relative_to_absolute ( 435 exchange->retry_delay); 436 437 TALER_MERCHANTDB_event_notify (TMH_db, 438 &es, 439 exchange->url, 440 strlen (exchange->url) + 1); 441 } 442 443 444 /** 445 * Task to asynchronously return keys operation result to caller. 446 * 447 * @param cls a `struct TMH_EXCHANGES_KeysOperation` 448 */ 449 static void 450 return_keys (void *cls) 451 { 452 struct TMH_EXCHANGES_KeysOperation *fo = cls; 453 struct TMH_Exchange *exchange = fo->my_exchange; 454 455 fo->at = NULL; 456 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 457 "Returning key data for %s instantly\n", 458 exchange->url); 459 process_find_operations (exchange); 460 } 461 462 463 struct TMH_EXCHANGES_KeysOperation * 464 TMH_EXCHANGES_keys4exchange ( 465 const char *chosen_exchange, 466 bool force_download, 467 TMH_EXCHANGES_Find2Continuation fc, 468 void *fc_cls) 469 { 470 struct TMH_Exchange *exchange; 471 struct TMH_EXCHANGES_KeysOperation *fo; 472 473 if (NULL == TMH_curl_ctx) 474 { 475 GNUNET_break (0); 476 return NULL; 477 } 478 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 479 "Trying to find chosen exchange `%s'\n", 480 chosen_exchange); 481 exchange = TMH_EXCHANGES_lookup_exchange (chosen_exchange); 482 if (NULL == exchange) 483 { 484 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, 485 "Exchange `%s' not configured\n", 486 chosen_exchange); 487 return NULL; 488 } 489 if (! exchange->trusted) 490 { 491 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, 492 "Exchange `%s' not trusted\n", 493 chosen_exchange); 494 return NULL; 495 } 496 fo = GNUNET_new (struct TMH_EXCHANGES_KeysOperation); 497 fo->fc = fc; 498 fo->fc_cls = fc_cls; 499 fo->my_exchange = exchange; 500 GNUNET_CONTAINER_DLL_insert (exchange->keys_head, 501 exchange->keys_tail, 502 fo); 503 if ( (NULL == exchange->keys) && 504 (! force_download) ) 505 { 506 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 507 "Waiting for `%skeys' already, failing query instantly\n", 508 exchange->url); 509 GNUNET_assert (NULL == fo->at); 510 fo->at = GNUNET_SCHEDULER_add_now (&return_keys, 511 fo); 512 return fo; 513 } 514 if ( (NULL != exchange->keys) && 515 (! force_download) && 516 (GNUNET_TIME_absolute_is_future ( 517 exchange->keys->key_data_expiration.abs_time)) ) 518 { 519 /* We have a valid reply, immediately return result */ 520 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 521 "The exchange `%s' is ready\n", 522 exchange->url); 523 GNUNET_assert (NULL == fo->at); 524 fo->at = GNUNET_SCHEDULER_add_now (&return_keys, 525 fo); 526 return fo; 527 } 528 if ( (force_download) && 529 (GNUNET_TIME_absolute_is_future (exchange->first_retry)) && 530 (NULL != exchange->keys) ) 531 { 532 /* Return results immediately. */ 533 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 534 "Earliest retry is in the future, returning keys now\n"); 535 fo->at = GNUNET_SCHEDULER_add_now (&return_keys, 536 fo); 537 /* *no* return here, we MAY schedule a 'retry_task' in the 538 next block if there isn't one yet */ 539 } 540 if (NULL == exchange->retry_task) 541 exchange->retry_task 542 = GNUNET_SCHEDULER_add_at (exchange->first_retry, 543 &retry_exchange, 544 exchange); 545 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 546 "Next %skeys request scheduled for %s\n", 547 exchange->url, 548 GNUNET_TIME_absolute2s ( 549 exchange->first_retry)); 550 /* No activity to launch, we are already doing so. */ 551 return fo; 552 } 553 554 555 void 556 TMH_EXCHANGES_keys4exchange_cancel ( 557 struct TMH_EXCHANGES_KeysOperation *fo) 558 { 559 struct TMH_Exchange *exchange = fo->my_exchange; 560 561 if (NULL != fo->at) 562 { 563 GNUNET_SCHEDULER_cancel (fo->at); 564 fo->at = NULL; 565 } 566 GNUNET_CONTAINER_DLL_remove (exchange->keys_head, 567 exchange->keys_tail, 568 fo); 569 GNUNET_free (fo); 570 } 571 572 573 /** 574 * Obtain applicable fees for @a exchange and @a wire_method. 575 * 576 * @param exchange the exchange to query 577 * @param now current time 578 * @param wire_method the wire method we want the fees for 579 * @return NULL if we do not have fees for this method yet 580 */ 581 static const struct FeesByWireMethod * 582 get_wire_fees (const struct TMH_Exchange *exchange, 583 struct GNUNET_TIME_Timestamp now, 584 const char *wire_method) 585 { 586 for (struct FeesByWireMethod *fbw = exchange->wire_fees_head; 587 NULL != fbw; 588 fbw = fbw->next) 589 { 590 if (0 == strcasecmp (fbw->wire_method, 591 wire_method) ) 592 { 593 struct TALER_EXCHANGE_WireAggregateFees *af; 594 595 /* Advance through list up to current time */ 596 while ( (NULL != (af = fbw->af)) && 597 (GNUNET_TIME_timestamp_cmp (now, 598 >=, 599 af->end_date)) ) 600 { 601 fbw->af = af->next; 602 GNUNET_free (af); 603 } 604 return fbw; 605 } 606 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 607 "Exchange supports `%s' as a wire method (but we do not use that one)\n", 608 fbw->wire_method); 609 } 610 return NULL; 611 } 612 613 614 /** 615 * Free @a exchange. 616 * 617 * @param[in] exchange entry to free 618 */ 619 static void 620 free_exchange_entry (struct TMH_Exchange *exchange) 621 { 622 struct FeesByWireMethod *f; 623 624 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 625 "Releasing %s exchange %s\n", 626 exchange->trusted ? "trusted" : "untrusted", 627 exchange->url); 628 GNUNET_CONTAINER_DLL_remove (exchange_head, 629 exchange_tail, 630 exchange); 631 while (NULL != (f = exchange->wire_fees_head)) 632 { 633 struct TALER_EXCHANGE_WireAggregateFees *af; 634 635 GNUNET_CONTAINER_DLL_remove (exchange->wire_fees_head, 636 exchange->wire_fees_tail, 637 f); 638 while (NULL != (af = f->af)) 639 { 640 f->af = af->next; 641 GNUNET_free (af); 642 } 643 GNUNET_free (f->wire_method); 644 GNUNET_free (f); 645 } 646 TALER_EXCHANGE_keys_decref (exchange->keys); 647 exchange->keys = NULL; 648 if (NULL != exchange->retry_task) 649 { 650 GNUNET_SCHEDULER_cancel (exchange->retry_task); 651 exchange->retry_task = NULL; 652 } 653 GNUNET_assert (NULL == exchange->keys_head); 654 GNUNET_assert (NULL == exchange->keys_tail); 655 GNUNET_free (exchange->currency); 656 GNUNET_free (exchange->url); 657 GNUNET_free (exchange); 658 } 659 660 661 enum GNUNET_GenericReturnValue 662 TMH_EXCHANGES_lookup_wire_fee ( 663 const struct TMH_Exchange *exchange, 664 const char *wire_method, 665 struct TALER_Amount *wire_fee) 666 { 667 const struct FeesByWireMethod *fbm; 668 const struct TALER_EXCHANGE_WireAggregateFees *af; 669 670 fbm = get_wire_fees (exchange, 671 GNUNET_TIME_timestamp_get (), 672 wire_method); 673 if (NULL == fbm) 674 return GNUNET_NO; 675 af = fbm->af; 676 *wire_fee = af->fees.wire; 677 return GNUNET_OK; 678 } 679 680 681 enum TMH_ExchangeStatus 682 TMH_exchange_check_debit ( 683 const char *instance_id, 684 const struct TMH_Exchange *exchange, 685 const struct TMH_WireMethod *wm, 686 struct TALER_Amount *max_amount) 687 { 688 const struct TALER_EXCHANGE_Keys *keys = exchange->keys; 689 bool have_kyc = false; 690 bool no_access_token = true; 691 enum TMH_ExchangeStatus retry_ok = 0; 692 693 if (GNUNET_TIME_absolute_is_past (exchange->first_retry)) 694 retry_ok = TMH_ES_RETRY_OK; 695 696 if (NULL == keys) 697 return TMH_ES_NO_KEYS | retry_ok; 698 if (0 != strcasecmp (keys->currency, 699 max_amount->currency)) 700 { 701 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 702 "Currency mismatch: exchange %s uses %s, we need %s\n", 703 exchange->url, 704 keys->currency, 705 max_amount->currency); 706 return TMH_ES_NO_CURR | retry_ok; 707 } 708 { 709 struct TALER_NormalizedPayto np; 710 bool account_ok; 711 712 np = TALER_payto_normalize (wm->payto_uri); 713 account_ok = TALER_EXCHANGE_keys_test_account_allowed (keys, 714 false, 715 np); 716 GNUNET_free (np.normalized_payto); 717 if (! account_ok) 718 return TMH_ES_NO_ACC | retry_ok; 719 } 720 if (! keys->kyc_enabled) 721 return TMH_ES_OK | retry_ok; 722 723 { 724 json_t *jlimits = NULL; 725 enum GNUNET_DB_QueryStatus qs; 726 727 qs = TALER_MERCHANTDB_set_instance ( 728 TMH_db, 729 instance_id); 730 if (0 >= qs) 731 { 732 GNUNET_break (0); 733 return TMH_ES_NO_KEYS | TMH_ES_RETRY_OK; 734 } 735 qs = TALER_MERCHANTDB_get_kyc_limits (TMH_db, 736 wm->payto_uri, 737 instance_id, 738 exchange->url, 739 &have_kyc, 740 &no_access_token, 741 &jlimits); 742 GNUNET_break (qs >= 0); 743 GNUNET_break (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT == 744 TALER_MERCHANTDB_set_instance ( 745 TMH_db, 746 NULL)); 747 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 748 "get_kyc_limits for %s at %s returned %s/%s\n", 749 wm->payto_uri.full_payto, 750 exchange->url, 751 have_kyc ? "KYC OK" : "KYC missing", 752 NULL == jlimits ? "default limits" : "custom limits"); 753 if ( (qs > 0) && 754 (NULL != jlimits) ) 755 { 756 json_t *jlimit; 757 size_t idx; 758 struct TALER_Amount kyc_limit; 759 bool unlimited = true; 760 761 json_array_foreach (jlimits, idx, jlimit) 762 { 763 enum TALER_KYCLOGIC_KycTriggerEvent ot; 764 struct TALER_Amount threshold; 765 bool soft_limit = false; 766 struct GNUNET_JSON_Specification spec[] = { 767 TALER_JSON_spec_kycte ("operation_type", 768 &ot), 769 TALER_JSON_spec_amount_any ("threshold", 770 &threshold), 771 GNUNET_JSON_spec_mark_optional ( 772 GNUNET_JSON_spec_bool ("soft_limit", 773 &soft_limit), 774 NULL), 775 GNUNET_JSON_spec_end () 776 }; 777 778 if (GNUNET_OK != 779 GNUNET_JSON_parse (jlimit, 780 spec, 781 NULL, NULL)) 782 { 783 GNUNET_break (0); 784 continue; 785 } 786 if (soft_limit) 787 continue; 788 if ( (TALER_KYCLOGIC_KYC_TRIGGER_DEPOSIT != ot) && 789 (TALER_KYCLOGIC_KYC_TRIGGER_TRANSACTION != ot) ) 790 continue; 791 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 792 "KYC rule %u with limit %s applies\n", 793 (unsigned int) idx, 794 TALER_amount2s (&threshold)); 795 if (unlimited) 796 { 797 unlimited = false; 798 kyc_limit = threshold; 799 } 800 else 801 { 802 TALER_amount_min (&kyc_limit, 803 &kyc_limit, 804 &threshold); 805 } 806 } 807 json_decref (jlimits); 808 /* We had custom rules, do not evaluate default rules */ 809 if (! unlimited) 810 TALER_amount_min (max_amount, 811 max_amount, 812 &kyc_limit); 813 return TMH_ES_OK | retry_ok; 814 } /* END of if qs > 0, NULL != jlimits */ 815 } 816 817 /* Check zero limits *only* if we did no KYC process at all yet. 818 Because if we did, there is at least a chance that those have 819 been lifted. */ 820 if ( (no_access_token) || 821 ( (! have_kyc) && 822 (TALER_EXCHANGE_keys_evaluate_zero_limits ( 823 keys, 824 TALER_KYCLOGIC_KYC_TRIGGER_DEPOSIT) || 825 TALER_EXCHANGE_keys_evaluate_zero_limits ( 826 keys, 827 TALER_KYCLOGIC_KYC_TRIGGER_TRANSACTION)) ) ) 828 { 829 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 830 "KYC requirements of %s not satisfied\n", 831 exchange->url); 832 GNUNET_assert (GNUNET_OK == 833 TALER_amount_set_zero ( 834 max_amount->currency, 835 max_amount)); 836 return TMH_ES_OK | retry_ok; 837 } 838 /* In any case, abide by hard limits (unless we have custom rules). */ 839 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 840 "Evaluating default hard limits of %s\n", 841 exchange->url); 842 TALER_EXCHANGE_keys_evaluate_hard_limits ( 843 keys, 844 TALER_KYCLOGIC_KYC_TRIGGER_DEPOSIT, 845 max_amount); 846 TALER_EXCHANGE_keys_evaluate_hard_limits ( 847 keys, 848 TALER_KYCLOGIC_KYC_TRIGGER_TRANSACTION, 849 max_amount); 850 if (TALER_EXCHANGE_keys_evaluate_zero_limits ( 851 keys, 852 TALER_KYCLOGIC_KYC_TRIGGER_DEPOSIT) || 853 TALER_EXCHANGE_keys_evaluate_zero_limits ( 854 keys, 855 TALER_KYCLOGIC_KYC_TRIGGER_TRANSACTION)) 856 { 857 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 858 "Operation is zero-limited by default\n"); 859 GNUNET_assert (GNUNET_OK == 860 TALER_amount_set_zero (max_amount->currency, 861 max_amount)); 862 } 863 return TMH_ES_OK | retry_ok; 864 } 865 866 867 void 868 TMH_exchange_get_trusted (TMH_ExchangeCallback cb, 869 void *cb_cls) 870 { 871 for (const struct TMH_Exchange *exchange = exchange_head; 872 NULL != exchange; 873 exchange = exchange->next) 874 { 875 if (! exchange->trusted) 876 { 877 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 878 "Exchange %s not trusted, skipping!\n", 879 exchange->url); 880 continue; 881 } 882 cb (cb_cls, 883 exchange->url, 884 exchange); 885 } 886 } 887 888 889 bool 890 TMH_test_exchange_configured_for_currency ( 891 const char *currency) 892 { 893 for (const struct TMH_Exchange *exchange = exchange_head; 894 NULL != exchange; 895 exchange = exchange->next) 896 { 897 if (! exchange->trusted) 898 continue; 899 if (NULL == exchange->currency) 900 continue; 901 if (0 == strcmp (currency, 902 exchange->currency)) 903 return true; 904 } 905 return false; 906 } 907 908 909 /** 910 * (Re)load of keys from DB. 911 * 912 * @param exchange exchange to reload keys of 913 */ 914 static void 915 reload_exchange_keys (struct TMH_Exchange *exchange) 916 { 917 enum GNUNET_DB_QueryStatus qs; 918 struct TALER_EXCHANGE_Keys *keys; 919 struct GNUNET_TIME_Absolute first_retry; 920 921 qs = TALER_MERCHANTDB_select_exchange_keys (TMH_db, 922 exchange->url, 923 &first_retry, 924 &keys); 925 if (qs < 0) 926 { 927 GNUNET_break (0); 928 return; 929 } 930 if ( (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs) || 931 (NULL == keys) ) 932 { 933 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, 934 "No keys yet for `%s'\n", 935 exchange->url); 936 return; 937 } 938 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 939 "Loading latest keys of `%s' from database\n", 940 exchange->url); 941 exchange->retry_delay = GNUNET_TIME_UNIT_ZERO; 942 exchange->first_retry = first_retry; 943 if (NULL == exchange->currency) 944 exchange->currency = GNUNET_strdup (keys->currency); 945 if (0 != strcmp (keys->currency, 946 exchange->currency)) 947 { 948 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, 949 "/keys cached in our database are for currency `%s', but we expected `%s'\n", 950 keys->currency, 951 exchange->currency); 952 return; 953 } 954 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 955 "Loaded /keys from database with %u accounts, %u fees\n", 956 keys->accounts_len, 957 keys->fees_len); 958 if (GNUNET_OK != 959 process_wire_fees (exchange, 960 &keys->master_pub, 961 keys->fees_len, 962 keys->fees)) 963 { 964 /* invalid wire fee specification given */ 965 GNUNET_break_op (0); 966 /* but: we can continue anyway, things may just not 967 work, but probably better than to not keep going. */ 968 return; 969 } 970 971 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 972 "Reloaded /keys of %s from database\n", 973 exchange->url); 974 TALER_EXCHANGE_keys_decref (exchange->keys); 975 exchange->keys = keys; 976 if ( (exchange->trusted) && 977 (0 != GNUNET_memcmp (&exchange->master_pub, 978 &keys->master_pub)) ) 979 { 980 /* master pub differs => do not trust the exchange (without auditor) */ 981 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, 982 "Master public key of exchange `%s' differs from our configuration. Not trusting exchange.\n", 983 exchange->url); 984 exchange->trusted = false; 985 } 986 if (! exchange->trusted) 987 { 988 exchange->master_pub = keys->master_pub; 989 for (struct TMH_Exchange *e = exchange_head; 990 NULL != e; 991 e = e->next) 992 { 993 if (e == exchange) 994 continue; 995 if (! e->trusted) 996 continue; 997 if (0 == 998 GNUNET_memcmp (&e->master_pub, 999 &exchange->master_pub)) 1000 exchange->trusted = true; /* same exchange, different URL => trust applies */ 1001 } 1002 } 1003 1004 process_find_operations (exchange); 1005 } 1006 1007 1008 /** 1009 * Function called on each configuration section. Finds sections 1010 * about exchanges, parses the entries. 1011 * 1012 * @param cls closure, with a `const struct GNUNET_CONFIGURATION_Handle *` 1013 * @param section name of the section 1014 */ 1015 static void 1016 accept_exchanges (void *cls, 1017 const char *section) 1018 { 1019 const struct GNUNET_CONFIGURATION_Handle *cfg = cls; 1020 char *url; 1021 char *mks; 1022 struct TMH_Exchange *exchange; 1023 char *currency; 1024 1025 if (GNUNET_SYSERR == trusted_exchange_count) 1026 return; 1027 if (0 != strncasecmp (section, 1028 "merchant-exchange-", 1029 strlen ("merchant-exchange-"))) 1030 return; 1031 if (GNUNET_YES == 1032 GNUNET_CONFIGURATION_get_value_yesno (cfg, 1033 section, 1034 "DISABLED")) 1035 return; 1036 if (GNUNET_OK != 1037 GNUNET_CONFIGURATION_get_value_string (cfg, 1038 section, 1039 "EXCHANGE_BASE_URL", 1040 &url)) 1041 { 1042 GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, 1043 section, 1044 "EXCHANGE_BASE_URL"); 1045 return; 1046 } 1047 exchange = TMH_EXCHANGES_lookup_exchange (url); 1048 if (NULL != exchange) 1049 { 1050 GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, 1051 section, 1052 "EXCHANGE_BASE_URL", 1053 "same base URL specified again"); 1054 GNUNET_free (url); 1055 return; 1056 } 1057 if (GNUNET_OK != 1058 GNUNET_CONFIGURATION_get_value_string (cfg, 1059 section, 1060 "CURRENCY", 1061 ¤cy)) 1062 { 1063 GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, 1064 section, 1065 "CURRENCY"); 1066 GNUNET_free (url); 1067 return; 1068 } 1069 exchange = GNUNET_new (struct TMH_Exchange); 1070 exchange->url = url; 1071 exchange->currency = currency; 1072 GNUNET_CONTAINER_DLL_insert (exchange_head, 1073 exchange_tail, 1074 exchange); 1075 if (GNUNET_OK == 1076 GNUNET_CONFIGURATION_get_value_string (cfg, 1077 section, 1078 "MASTER_KEY", 1079 &mks)) 1080 { 1081 if (GNUNET_OK == 1082 GNUNET_CRYPTO_eddsa_public_key_from_string ( 1083 mks, 1084 strlen (mks), 1085 &exchange->master_pub.eddsa_pub)) 1086 { 1087 exchange->trusted = true; 1088 trusted_exchange_count++; 1089 } 1090 else 1091 { 1092 GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, 1093 section, 1094 "MASTER_KEY", 1095 "malformed EdDSA key"); 1096 } 1097 GNUNET_free (mks); 1098 } 1099 else 1100 { 1101 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, 1102 "MASTER_KEY missing in section '%s', not trusting exchange\n", 1103 section); 1104 } 1105 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 1106 "Setup exchange %s as %s\n", 1107 exchange->url, 1108 exchange->trusted ? "trusted" : "untrusted"); 1109 reload_exchange_keys (exchange); 1110 if (NULL != exchange->retry_task) 1111 { 1112 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 1113 "Exchange at `%s' configured in multiple configuration sections (see `%s')!\n", 1114 exchange->url, 1115 section); 1116 trusted_exchange_count = GNUNET_SYSERR; 1117 return; 1118 } 1119 exchange->retry_task 1120 = GNUNET_SCHEDULER_add_now (&retry_exchange, 1121 exchange); 1122 } 1123 1124 1125 /** 1126 * Trigger (re)loading of keys from DB. 1127 * 1128 * @param cls NULL 1129 * @param extra base URL of the exchange that changed 1130 * @param extra_len number of bytes in @a extra 1131 */ 1132 static void 1133 update_exchange_keys (void *cls, 1134 const void *extra, 1135 size_t extra_len) 1136 { 1137 const char *url = extra; 1138 struct TMH_Exchange *exchange; 1139 1140 if ( (NULL == extra) || 1141 (0 == extra_len) ) 1142 { 1143 GNUNET_break (0); 1144 return; 1145 } 1146 if ('\0' != url[extra_len - 1]) 1147 { 1148 GNUNET_break (0); 1149 return; 1150 } 1151 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 1152 "Received keys change notification: reload `%s'\n", 1153 url); 1154 exchange = TMH_EXCHANGES_lookup_exchange (url); 1155 GNUNET_break (NULL != exchange); 1156 if (NULL != exchange) 1157 reload_exchange_keys (exchange); 1158 } 1159 1160 1161 bool 1162 TMH_EXCHANGES_is_below_limit ( 1163 const struct TALER_EXCHANGE_Keys *keys, 1164 enum TALER_KYCLOGIC_KycTriggerEvent operation_type, 1165 const struct TALER_Amount *amount) 1166 { 1167 if (NULL == keys) 1168 { 1169 /* should only be called after we have keys! */ 1170 GNUNET_break (0); 1171 return false; 1172 } 1173 for (unsigned int i = 0; i<keys->hard_limits_length; i++) 1174 { 1175 const struct TALER_EXCHANGE_AccountLimit *al 1176 = &keys->hard_limits[i]; 1177 1178 if (operation_type != al->operation_type) 1179 continue; 1180 if (-1 == 1181 TALER_amount_cmp (&al->threshold, 1182 amount)) 1183 /* -1: threshold < amount */ 1184 return false; 1185 } 1186 return true; 1187 } 1188 1189 1190 void 1191 TMH_EXCHANGES_get_limit ( 1192 const char *exchange_url, 1193 enum TALER_KYCLOGIC_KycTriggerEvent operation_type, 1194 struct TALER_Amount *amount) 1195 { 1196 struct TMH_Exchange *exchange; 1197 const struct TALER_EXCHANGE_Keys *keys; 1198 1199 exchange = TMH_EXCHANGES_lookup_exchange (exchange_url); 1200 if ( (NULL == exchange) || 1201 (NULL == (keys = exchange->keys)) ) 1202 { 1203 GNUNET_assert (GNUNET_OK == 1204 TALER_amount_set_zero ( 1205 amount->currency, 1206 amount)); 1207 return; 1208 } 1209 for (unsigned int i = 0; i<keys->hard_limits_length; i++) 1210 { 1211 const struct TALER_EXCHANGE_AccountLimit *al 1212 = &keys->hard_limits[i]; 1213 1214 if (operation_type != al->operation_type) 1215 continue; 1216 TALER_amount_min (amount, 1217 amount, 1218 &al->threshold); 1219 } 1220 } 1221 1222 1223 enum GNUNET_GenericReturnValue 1224 TMH_EXCHANGES_init (const struct GNUNET_CONFIGURATION_Handle *cfg) 1225 { 1226 /* get exchanges from the merchant configuration and try to connect to them */ 1227 { 1228 struct GNUNET_DB_EventHeaderP es = { 1229 .size = htons (sizeof (es)), 1230 .type = htons (TALER_DBEVENT_MERCHANT_EXCHANGE_KEYS) 1231 }; 1232 1233 GNUNET_assert (NULL == keys_eh); 1234 keys_eh = TALER_MERCHANTDB_event_listen (TMH_db, 1235 &es, 1236 GNUNET_TIME_UNIT_FOREVER_REL, 1237 &update_exchange_keys, 1238 NULL); 1239 } 1240 GNUNET_CONFIGURATION_iterate_sections (cfg, 1241 &accept_exchanges, 1242 (void *) cfg); 1243 /* build JSON with list of trusted exchanges (will be included in contracts) */ 1244 return trusted_exchange_count; 1245 } 1246 1247 1248 void 1249 TMH_EXCHANGES_done () 1250 { 1251 if (NULL != keys_eh) 1252 { 1253 TALER_MERCHANTDB_event_listen_cancel (keys_eh); 1254 keys_eh = NULL; 1255 } 1256 while (NULL != exchange_head) 1257 free_exchange_entry (exchange_head); 1258 } 1259 1260 1261 /* end of taler-merchant-httpd_get-exchanges.c */