paivana

HTTP paywall reverse proxy
Log | Files | Refs | README | LICENSE
commit e0c644bddca4bab83c3f9ec197fe5e59d1d3e9c1
parent 7b1a8c6bd79cc2c4065536c6339a912c7b2d318f
Author: Christian Grothoff <christian@grothoff.org>
Date:   Mon, 20 Apr 2026 00:11:10 +0200

compute paivana_id for session check

Diffstat:

Msrc/backend/paivana-httpd_cookie.c | 35+++++++++++++++++++++++++++++++++++


Msrc/backend/paivana-httpd_cookie.h | 16++++++++++++++++


Msrc/backend/paivana-httpd_pay.c | 20+++++++++++++++++++-


3 files changed, 70 insertions(+), 1 deletion(-)

diff --git a/src/backend/paivana-httpd_cookie.c b/src/backend/paivana-httpd_cookie.c
@@ -142,3 +142,38 @@ PAIVANA_HTTPD_compute_cookie (struct GNUNET_TIME_Timestamp cur_time,
     cstr);
   return res;
 }
+
+
+char *
+PAIVANA_HTTPD_compute_paivana_id (struct GNUNET_TIME_Timestamp cur_time,
+                                  const char *website,
+                                  const struct PAIVANA_Nonce *nonce)
+{
+  struct GNUNET_TIME_AbsoluteNBO e;
+  struct GNUNET_HashCode h;
+  char *end;
+  char cstr[128];
+  char *res;
+
+  e = GNUNET_TIME_absolute_hton (cur_time.abs_time);
+  GNUNET_assert (GNUNET_YES ==
+                 GNUNET_CRYPTO_hkdf_gnunet (
+                   &h,            /* result */
+                   sizeof (h),
+                   nonce,
+                   sizeof (*nonce),
+                   &e,
+                   sizeof (e),
+                   GNUNET_CRYPTO_kdf_arg_string (website)));
+  end = GNUNET_STRINGS_data_to_string (&h,
+                                       sizeof (h),
+                                       cstr,
+                                       sizeof (cstr));
+  *end = '\0';
+  GNUNET_asprintf (
+    &res,
+    "%llu-%s",
+    (unsigned long long) (cur_time.abs_time.abs_value_us / 1000LLU / 1000LLU),
+    cstr);
+  return res;
+}
diff --git a/src/backend/paivana-httpd_cookie.h b/src/backend/paivana-httpd_cookie.h
@@ -77,4 +77,20 @@ PAIVANA_HTTPD_compute_cookie (struct GNUNET_TIME_Timestamp cur_time,
                               size_t ca_len,
                               const void *ca);
 
+
+/**
+ * Compute the Paivana ID for the given @a cur_time,
+ * @a website and @a nonce.
+ *
+ * @param cur_time time chosen (by client)
+ * @param website website to be accessed
+ * @param nonce client-selected nonce
+ * @return corresponding Paivana ID.
+ */
+char *
+PAIVANA_HTTPD_compute_paivana_id (struct GNUNET_TIME_Timestamp cur_time,
+                                  const char *website,
+                                  const struct PAIVANA_Nonce *nonce);
+
+
 #endif
diff --git a/src/backend/paivana-httpd_pay.c b/src/backend/paivana-httpd_pay.c
@@ -191,8 +191,12 @@ order_status_cb (struct PayRequest *ph,
         ca_len = 0;
         break;
       }
-      // FIXME: check paivana_id / nonce matches!
+      // FIXME: check ph->website matches template that
+      // was paid here. If not:
       // => TALER_EC_PAIVANA_WRONG_ORDER with 409!
+      // FIXME: check ph->cur_time is not too far into the
+      // future (if purchase is for limited time!). If so:
+      // => response with 410!
       cookie = PAIVANA_HTTPD_compute_cookie (ph->cur_time,
                                              ph->website,
                                              ca_len,
@@ -309,6 +313,20 @@ PAIVANA_HTTPD_payment_handle (struct PayRequest *ph,
                                        TALER_EC_PAIVANA_GET_ORDER_FAILED,
                                        ph->order_id);
   }
+  {
+    char *paivana_id;
+
+    paivana_id = PAIVANA_HTTPD_compute_paivana_id (ph->cur_time,
+                                                   ph->website,
+                                                   &ph->nonce);
+    GNUNET_assert (
+      GNUNET_OK ==
+      TALER_MERCHANT_get_private_order_set_options (
+        ph->co,
+        TALER_MERCHANT_get_private_order_option_session_id (
+          paivana_id)));
+    GNUNET_free (paivana_id);
+  }
   GNUNET_CONTAINER_DLL_insert (ph_head,
                                ph_tail,
                                ph);