diff options
| author | Christian Grothoff <christian@grothoff.org> | 2024-08-18 21:29:51 +0200 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2024-08-18 21:29:51 +0200 |
| commit | 5fff83e86d040fa43e6805255b7acacd6af72448 (patch) | |
| tree | f95b2207e6bd91a6c2f40dffdeacee3558b60fae | |
| parent | e191ecf0b594bb1aa3c0e009285b5890fbba9c24 (diff) | |
fix #9075: add -c option to AML programs, also enable -h/-v/-V and move to short options
| -rw-r--r-- | src/exchange/taler-exchange-aggregator.c | 3 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd.c | 9 | ||||
| -rw-r--r-- | src/include/taler_kyclogic_lib.h | 4 | ||||
| -rw-r--r-- | src/kyclogic/kyclogic_api.c | 25 | ||||
| -rwxr-xr-x | src/kyclogic/taler-exchange-helper-measure-freeze | 63 | ||||
| -rwxr-xr-x | src/kyclogic/taler-exchange-helper-measure-test-form | 70 | ||||
| -rwxr-xr-x | src/kyclogic/taler-exchange-helper-measure-test-oauth | 69 | ||||
| -rw-r--r-- | src/kyclogic/taler-exchange-kyc-tester.c | 3 |
8 files changed, 187 insertions, 59 deletions
diff --git a/src/exchange/taler-exchange-aggregator.c b/src/exchange/taler-exchange-aggregator.c index 145280d2a..ae77cb6c3 100644 --- a/src/exchange/taler-exchange-aggregator.c +++ b/src/exchange/taler-exchange-aggregator.c @@ -1247,7 +1247,8 @@ run (void *cls, else shard_size = (uint32_t) ass; if (GNUNET_OK != - TALER_KYCLOGIC_kyc_init (cfg)) + TALER_KYCLOGIC_kyc_init (cfg, + cfgfile)) { cfg = NULL; global_ret = EXIT_NOTCONFIGURED; diff --git a/src/exchange/taler-exchange-httpd.c b/src/exchange/taler-exchange-httpd.c index 38bf10719..67718e125 100644 --- a/src/exchange/taler-exchange-httpd.c +++ b/src/exchange/taler-exchange-httpd.c @@ -2110,10 +2110,11 @@ handle_mhd_request (void *cls, * Load configuration parameters for the exchange * server into the corresponding global variables. * + * @param cfg_fn name of our configuration file * @return #GNUNET_OK on success */ static enum GNUNET_GenericReturnValue -exchange_serve_process_config (void) +exchange_serve_process_config (const char *cfg_fn) { TEH_enable_kyc = GNUNET_CONFIGURATION_get_value_yesno ( @@ -2127,8 +2128,10 @@ exchange_serve_process_config (void) return GNUNET_SYSERR; } if (GNUNET_OK != - TALER_KYCLOGIC_kyc_init (TEH_cfg)) + TALER_KYCLOGIC_kyc_init (TEH_cfg, + cfg_fn)) { + GNUNET_break (0); return GNUNET_SYSERR; } if (GNUNET_OK != @@ -2643,7 +2646,7 @@ run (void *cls, TEH_cfg = config; if (GNUNET_OK != - exchange_serve_process_config ()) + exchange_serve_process_config (cfgfile)) { global_ret = EXIT_NOTCONFIGURED; GNUNET_SCHEDULER_shutdown (); diff --git a/src/include/taler_kyclogic_lib.h b/src/include/taler_kyclogic_lib.h index 4302ab09a..39256bb1e 100644 --- a/src/include/taler_kyclogic_lib.h +++ b/src/include/taler_kyclogic_lib.h @@ -238,10 +238,12 @@ TALER_KYCLOGIC_kyc_trigger2s (enum TALER_KYCLOGIC_KycTriggerEvent trigger); * Initialize KYC subsystem. Loads the KYC configuration. * * @param cfg configuration to parse + * @param cfg_fn configuration filename for AML helpers * @return #GNUNET_OK on success */ enum GNUNET_GenericReturnValue -TALER_KYCLOGIC_kyc_init (const struct GNUNET_CONFIGURATION_Handle *cfg); +TALER_KYCLOGIC_kyc_init (const struct GNUNET_CONFIGURATION_Handle *cfg, + const char *cfg_fn); /** diff --git a/src/kyclogic/kyclogic_api.c b/src/kyclogic/kyclogic_api.c index 9674ea691..d34974006 100644 --- a/src/kyclogic/kyclogic_api.c +++ b/src/kyclogic/kyclogic_api.c @@ -228,7 +228,7 @@ struct TALER_KYCLOGIC_AmlProgram char *fallback; /** - * Output of @e command "--required-context". + * Output of @e command "-r". */ char **required_contexts; @@ -238,7 +238,7 @@ struct TALER_KYCLOGIC_AmlProgram unsigned int num_required_contexts; /** - * Output of @e command "--required-attributes". + * Output of @e command "-a". */ char **required_attributes; @@ -295,6 +295,11 @@ static struct TALER_KYCLOGIC_AmlProgram **aml_programs; */ static unsigned int num_aml_programs; +/** + * Name of our configuration file. + */ +static char *cfg_filename; + struct GNUNET_TIME_Timestamp TALER_KYCLOGIC_rules_get_expiration ( @@ -1113,6 +1118,8 @@ command_output (const char *command, execlp (command, command, argument, + "-c", + cfg_filename, NULL); GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, "exec", @@ -1302,6 +1309,7 @@ load_logic (const struct GNUNET_CONFIGURATION_Handle *cfg, char *lib_name; struct TALER_KYCLOGIC_Plugin *plugin; + GNUNET_asprintf (&lib_name, "libtaler_plugin_kyclogic_%s", name); @@ -1991,23 +1999,23 @@ add_program (const struct GNUNET_CONFIGURATION_Handle *cfg, } required_contexts = command_output (command, - "--required-context"); + "-r"); if (NULL == required_contexts) { GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, section, "COMMAND", - "output for --required-context invalid"); + "output for -r invalid"); goto fail; } required_attributes = command_output (command, - "--required-attributes"); + "-a"); if (NULL == required_attributes) { GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, section, "COMMAND", - "output for --required-attributes invalid"); + "output for -a invalid"); goto fail; } @@ -2209,13 +2217,15 @@ sort_by_timeframe (const void *p1, enum GNUNET_GenericReturnValue TALER_KYCLOGIC_kyc_init ( - const struct GNUNET_CONFIGURATION_Handle *cfg) + const struct GNUNET_CONFIGURATION_Handle *cfg, + const char *cfg_fn) { struct SectionContext sc = { .cfg = cfg, .result = true }; + cfg_filename = GNUNET_strdup (cfg_fn); GNUNET_CONFIGURATION_iterate_sections (cfg, &handle_provider_section, &sc); @@ -2422,6 +2432,7 @@ TALER_KYCLOGIC_kyc_done (void) GNUNET_array_grow (aml_programs, num_aml_programs, 0); + GNUNET_free (cfg_filename); } diff --git a/src/kyclogic/taler-exchange-helper-measure-freeze b/src/kyclogic/taler-exchange-helper-measure-freeze index 5b2fc554f..3505f5945 100755 --- a/src/kyclogic/taler-exchange-helper-measure-freeze +++ b/src/kyclogic/taler-exchange-helper-measure-freeze @@ -18,24 +18,63 @@ # Hard error reporting on. set -eu -echo "Running $0" 1>&2 -# This is a KYC measure program that freezes -# the account and flags it for manual investigation. -# This is the ultimate fallback measure. -if [ "${1:-no}" = "--required-context" ] -then - # No context is required. - exit 0 -fi +# Exit, with error message (hard failure) +function exit_fail() { + echo " FAIL: " "$@" >&2 + EXIT_STATUS=1 + exit "$EXIT_STATUS" +} + +CONF="$HOME/.config/taler.conf" +VERBOSE=0 -if [ "${1:-no}" = "--required-attributes" ] +while getopts 'ac:hrvV' OPTION; +do + case "$OPTION" in + a) + # No attributes are required. + exit 0 + ;; + c) + # shellcheck disable=SC2034 + CONF="$OPTARG" + ;; + h) + echo "This is a KYC measure program that freezes the account and flags it for manual investigation. This is the ultimate fallback measure." + echo 'Supported options:' + echo ' -a -- show required attributes' + # shellcheck disable=SC2016 + echo ' -c $CONF -- set configuration' + echo ' -h -- print this help' + echo ' -r -- show required context' + echo ' -v -- show version' + echo ' -V -- be verbose' + ;; + r) + # No context is required. + exit 0 + ;; + v) + echo "$0 v0.0.0" + exit 0 + ;; + V) + VERBOSE=1 + ;; + ?) + exit_fail "Unrecognized command line option" + ;; + esac +done + +if [ 1 = "$VERBOSE" ] then - # No required attributes. - exit 0 + echo "Running $0" 1>&2 fi + # See https://docs.taler.net/taler-exchange-manual.html#tsref-type-AmlProgramInput # for the full JSON with possible inputs. diff --git a/src/kyclogic/taler-exchange-helper-measure-test-form b/src/kyclogic/taler-exchange-helper-measure-test-form index c5895a833..042e443b7 100755 --- a/src/kyclogic/taler-exchange-helper-measure-test-form +++ b/src/kyclogic/taler-exchange-helper-measure-test-form @@ -18,31 +18,67 @@ # Hard error reporting on. set -eu -echo "Running $0" 1>&2 -# This is a KYC measure program that checks the output -# of a simple FORM submission, and if it passed, -# increases all limits to EUR:1000. -# (and doesn't impose any other limits) +# Exit, with error message (hard failure) +function exit_fail() { + echo " FAIL: " "$@" >&2 + EXIT_STATUS=1 + exit "$EXIT_STATUS" +} -if [ "${1:-no}" = "--required-context" ] -then - # No context is required. - exit 0 -fi +CONF="$HOME/.config/taler.conf" +VERBOSE=0 + +while getopts 'ac:hrvV' OPTION; +do + case "$OPTION" in + a) + # This AML program expects as inputs a full_name + # and a birthdate. + echo "full_name" + echo "birthdate" + exit 0 + ;; + c) + # shellcheck disable=SC2034 + CONF="$OPTARG" + ;; + h) + echo "This is a KYC measure program that checks the output of a simple FORM submission, and if it passed, increases all limits to EUR:1000. (and does not impose any other limits)" + echo 'Supported options:' + echo ' -a -- show required attributes' + # shellcheck disable=SC2016 + echo ' -c $CONF -- set configuration' + echo ' -h -- print this help' + echo ' -r -- show required context' + echo ' -v -- show version' + echo ' -V -- be verbose' + ;; + r) + # No context is required. + exit 0 + ;; + v) + echo "$0 v0.0.0" + exit 0 + ;; + V) + VERBOSE=1 + ;; + ?) + exit_fail "Unrecognized command line option" + ;; + esac +done -if [ "${1:-no}" = "--required-attributes" ] +if [ 1 = "$VERBOSE" ] then - # This AML program expects as inputs a full_name - # and a birthdate. - echo "full_name" - echo "birthdate" - exit 0 + echo "Running $0" 1>&2 fi # First, check everything we expect is in stdin. A=$(jq -r .attributes) -J=$(echo $A | jq -r 'def get($k): +J=$(echo "$A" | jq -r 'def get($k): if has($k) then .[$k] else error("attribute missing") diff --git a/src/kyclogic/taler-exchange-helper-measure-test-oauth b/src/kyclogic/taler-exchange-helper-measure-test-oauth index 959ac1b8d..4d6c4a43a 100755 --- a/src/kyclogic/taler-exchange-helper-measure-test-oauth +++ b/src/kyclogic/taler-exchange-helper-measure-test-oauth @@ -18,31 +18,66 @@ # Hard error reporting on. set -eu -echo "Running $0" 1>&2 +# Exit, with error message (hard failure) +function exit_fail() { + echo " FAIL: " "$@" >&2 + EXIT_STATUS=1 + exit "$EXIT_STATUS" +} -# This is a KYC measure program that checks the output -# of an OAuth2 authentication, and if it passed, -# increases all limits to EUR:1000. -# (and doesn't impose any other limits) +CONF="$HOME/.config/taler.conf" +VERBOSE=0 -if [ "${1:-no}" = "--required-context" ] -then - # No context is required. - exit 0 -fi +while getopts 'ac:hrvV' OPTION; +do + case "$OPTION" in + a) + # This AML program expects as inputs a full_name + # and a birthdate. + echo "full_name" + echo "birthdate" + exit 0 + ;; + c) + # shellcheck disable=SC2034 + CONF="$OPTARG" + ;; + h) + echo "This is a KYC measure program that checks the output of an OAuth2 authentication, and if it passed, increases all limits to EUR:1000. (and does not impose any other limits)" + echo 'Supported options:' + echo ' -a -- show required attributes' + # shellcheck disable=SC2016 + echo ' -c $CONF -- set configuration' + echo ' -h -- print this help' + echo ' -r -- show required context' + echo ' -v -- show version' + echo ' -V -- be verbose' + ;; + r) + # No context is required. + exit 0 + ;; + v) + echo "$0 v0.0.0" + exit 0 + ;; + V) + VERBOSE=1 + ;; + ?) + exit_fail "Unrecognized command line option" + ;; + esac +done -if [ "${1:-no}" = "--required-attributes" ] +if [ 1 = "$VERBOSE" ] then - # This AML program expects as inputs a full_name - # and a birthdate. - echo "full_name" - echo "birthdate" - exit 0 + echo "Running $0" 1>&2 fi # First, check everything we expect is in stdin. A=$(jq -r .attributes) -J=$(echo $A | jq -r 'def get($k): +J=$(echo "$A" | jq -r 'def get($k): if has($k) then .[$k] else error("attribute missing") diff --git a/src/kyclogic/taler-exchange-kyc-tester.c b/src/kyclogic/taler-exchange-kyc-tester.c index 021b10fb8..b4d752525 100644 --- a/src/kyclogic/taler-exchange-kyc-tester.c +++ b/src/kyclogic/taler-exchange-kyc-tester.c @@ -1559,7 +1559,8 @@ run (void *cls, GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL); if (GNUNET_OK != - TALER_KYCLOGIC_kyc_init (config)) + TALER_KYCLOGIC_kyc_init (config, + cfgfile)) { global_ret = EXIT_NOTCONFIGURED; GNUNET_SCHEDULER_shutdown (); |