parse config options for transaction/refund limits

8 files changed, 106 insertions, 21 deletions

diff --git a/src/exchange/taler-exchange-httpd.c b/src/exchange/taler-exchange-httpd.c
index 67718e125..e047d8471 100644
--- a/src/exchange/taler-exchange-httpd.c
+++ b/src/exchange/taler-exchange-httpd.c
@@ -156,6 +156,16 @@ struct TALER_AttributeEncryptionKeyP TEH_attribute_key;
 struct TALER_EXCHANGEDB_Plugin *TEH_plugin;
 
 /**
+ * Maximum amount per individual transaction. Invalid amount if unlimited.
+ */
+struct TALER_Amount TEH_transaction_limit;
+
+/**
+ * Maximum amount per refund. Invalid amount if unlimited.
+ */
+struct TALER_Amount TEH_refund_limit;
+
+/**
  * Absolute STEFAN parameter.
  */
 struct TALER_Amount TEH_stefan_abs;
@@ -2207,33 +2217,57 @@ exchange_serve_process_config (const char *cfg_fn)
   }
   /* currency parser must provide default spec for main currency */
   GNUNET_assert (NULL != TEH_cspec);
-  if (GNUNET_OK !=
+  if (GNUNET_SYSERR ==
+      TALER_config_get_amount (TEH_cfg,
+                               "exchange",
+                               "TRANSACTION_LIMIT",
+                               &TEH_transaction_limit))
+  {
+    GNUNET_break (0);
+    return GNUNET_SYSERR;
+  }
+  if (GNUNET_SYSERR ==
+      TALER_config_get_amount (TEH_cfg,
+                               "exchange",
+                               "REFUND_LIMIT",
+                               &TEH_refund_limit))
+  {
+    GNUNET_break (0);
+    return GNUNET_SYSERR;
+  }
+  GNUNET_assert (GNUNET_OK ==
+                 TALER_amount_set_zero (TEH_currency,
+                                        &TEH_stefan_abs));
+  if (GNUNET_SYSERR ==
       TALER_config_get_amount (TEH_cfg,
                                "exchange",
                                "STEFAN_ABS",
                                &TEH_stefan_abs))
   {
-    GNUNET_assert (GNUNET_OK ==
-                   TALER_amount_set_zero (TEH_currency,
-                                          &TEH_stefan_abs));
+    GNUNET_break (0);
+    return GNUNET_SYSERR;
   }
-  if (GNUNET_OK !=
+  GNUNET_assert (GNUNET_OK ==
+                 TALER_amount_set_zero (TEH_currency,
+                                        &TEH_stefan_log));
+  if (GNUNET_SYSERR ==
       TALER_config_get_amount (TEH_cfg,
                                "exchange",
                                "STEFAN_LOG",
                                &TEH_stefan_log))
   {
-    GNUNET_assert (GNUNET_OK ==
-                   TALER_amount_set_zero (TEH_currency,
-                                          &TEH_stefan_log));
+    GNUNET_break (0);
+    return GNUNET_SYSERR;
   }
-  if (GNUNET_OK !=
+  TEH_stefan_lin = 0.0f;
+  if (GNUNET_SYSERR ==
       GNUNET_CONFIGURATION_get_value_float (TEH_cfg,
                                             "exchange",
                                             "STEFAN_LIN",
                                             &TEH_stefan_lin))
   {
-    TEH_stefan_lin = 0.0f;
+    GNUNET_break (0);
+    return GNUNET_SYSERR;
   }
 
   if (GNUNET_OK !=
diff --git a/src/exchange/taler-exchange-httpd.h b/src/exchange/taler-exchange-httpd.h
index 7bdc79649..6f86fa39c 100644
--- a/src/exchange/taler-exchange-httpd.h
+++ b/src/exchange/taler-exchange-httpd.h
@@ -98,6 +98,16 @@ extern struct TALER_AttributeEncryptionKeyP TEH_attribute_key;
 extern struct TALER_EXCHANGEDB_Plugin *TEH_plugin;
 
 /**
+ * Maximum amount per individual transaction. Invalid amount if unlimited.
+ */
+extern struct TALER_Amount TEH_transaction_limit;
+
+/**
+ * Maximum amount per refund. Invalid amount if unlimited.
+ */
+extern struct TALER_Amount TEH_refund_limit;
+
+/**
  * Absolute STEFAN parameter.
  */
 extern struct TALER_Amount TEH_stefan_abs;
diff --git a/src/exchange/taler-exchange-httpd_keys.c b/src/exchange/taler-exchange-httpd_keys.c
index 490e4a9ac..094a41b37 100644
--- a/src/exchange/taler-exchange-httpd_keys.c
+++ b/src/exchange/taler-exchange-httpd_keys.c
@@ -2413,6 +2413,18 @@ create_krd (struct TEH_KeyStateHandle *ksh,
     GNUNET_JSON_pack_object_steal (
       "currency_specification",
       TALER_CONFIG_currency_specs_to_json (TEH_cspec)),
+    GNUNET_JSON_pack_allow_null (
+      TALER_JSON_pack_amount ("transaction_amount_limit",
+                              GNUNET_OK ==
+                              TALER_amount_is_valid (&TEH_transaction_limit)
+                              ? &TEH_transaction_limit
+                              : NULL)),
+    GNUNET_JSON_pack_allow_null (
+      TALER_JSON_pack_amount ("refund_amount_limit",
+                              GNUNET_OK ==
+                              TALER_amount_is_valid (&TEH_refund_limit)
+                              ? &TEH_refund_limit
+                              : NULL)),
     TALER_JSON_pack_amount ("stefan_abs",
                             &TEH_stefan_abs),
     TALER_JSON_pack_amount ("stefan_log",
diff --git a/src/include/taler_exchange_service.h b/src/include/taler_exchange_service.h
index f937d9293..b778fcceb 100644
--- a/src/include/taler_exchange_service.h
+++ b/src/include/taler_exchange_service.h
@@ -492,6 +492,7 @@ struct TALER_EXCHANGE_Keys
   /**
    * Array of amounts a wallet is allowed to hold from
    * this exchange before it must undergo further KYC checks.
+   * Length is given in @e wblwk_length.
    */
   struct TALER_Amount *wallet_balance_limit_without_kyc;
 
@@ -550,6 +551,20 @@ struct TALER_EXCHANGE_Keys
   struct TALER_Amount stefan_log;
 
   /**
+   * Maximum amount for an individual transaction.
+   * Set to an invalid amount (see #TALER_amount_is_valid())
+   * if there is no limit.
+   */
+  struct TALER_Amount transaction_limit;
+
+  /**
+   * Maximum amount that can be refunded per individual transaction.
+   * Set to an invalid amount (see #TALER_amount_is_valid())
+   * if there is no limit.
+   */
+  struct TALER_Amount refund_limit;
+
+  /**
    * Linear STEFAN parameter.
    */
   double stefan_lin;
diff --git a/src/include/taler_util.h b/src/include/taler_util.h
index 10671ea4b..f2121f9cb 100644
--- a/src/include/taler_util.h
+++ b/src/include/taler_util.h
@@ -158,7 +158,9 @@ TALER_b2s (const void *buf,
  * @param section section of the configuration to access
  * @param option option of the configuration to access
  * @param[out] denom set to the amount found in configuration
- * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
+ * @return #GNUNET_OK on success,
+ *         #GNUNET_NO if not found,
+ *         #GNUNET_SYSERR on error
  */
 enum GNUNET_GenericReturnValue
 TALER_config_get_amount (const struct GNUNET_CONFIGURATION_Handle *cfg,
diff --git a/src/lib/Makefile.am b/src/lib/Makefile.am
index 4e834461c..8924ee604 100644
--- a/src/lib/Makefile.am
+++ b/src/lib/Makefile.am
@@ -18,7 +18,7 @@ lib_LTLIBRARIES = \
   libtalerexchange.la
 
 libtalerexchange_la_LDFLAGS = \
-  -version-info 8:0:0 \
+  -version-info 9:0:0 \
   -no-undefined
 libtalerexchange_la_SOURCES = \
   exchange_api_add_aml_decision.c \
diff --git a/src/lib/exchange_api_handle.c b/src/lib/exchange_api_handle.c
index fdadc8d2a..f614ff3c2 100644
--- a/src/lib/exchange_api_handle.c
+++ b/src/lib/exchange_api_handle.c
@@ -74,7 +74,7 @@
  * how long do we assume the reply to be valid at least?
  */
 #define MINIMUM_EXPIRATION GNUNET_TIME_relative_multiply ( \
-    GNUNET_TIME_UNIT_MINUTES, 2)
+          GNUNET_TIME_UNIT_MINUTES, 2)
 
 
 /**
@@ -363,7 +363,8 @@ TEAH_get_auditors_for_dc (
   if (0 == keys->num_auditors)
   {
     GNUNET_log (GNUNET_ERROR_TYPE_INFO,
-                "No auditor available. Not submitting deposit confirmations.\n");
+                "No auditor available. Not submitting deposit confirmations.\n")
+    ;
     return;
   }
   for (unsigned int i = 0; i<keys->num_auditors; i++)
@@ -379,9 +380,9 @@ TEAH_get_auditors_for_dc (
 
 
 #define EXITIF(cond)                                              \
-  do {                                                            \
-    if (cond) { GNUNET_break (0); goto EXITIF_exit; }             \
-  } while (0)
+        do {                                                            \
+          if (cond) { GNUNET_break (0); goto EXITIF_exit; }             \
+        } while (0)
 
 
 /**
@@ -932,6 +933,18 @@ decode_keys_json (const json_t *resp_obj,
           "stefan_log",
           currency,
           &key_data->stefan_log),
+        GNUNET_JSON_spec_mark_optional (
+          TALER_JSON_spec_amount (
+            "transaction_amount_limit",
+            currency,
+            &key_data->transaction_limit),
+          NULL),
+        GNUNET_JSON_spec_mark_optional (
+          TALER_JSON_spec_amount (
+            "refund_amount_limit",
+            currency,
+            &key_data->refund_limit),
+          NULL),
         GNUNET_JSON_spec_double (
           "stefan_lin",
           &key_data->stefan_lin),
@@ -1411,7 +1424,8 @@ keys_completed_cb (void *cls,
                               &kd_old->denom_keys[i].key);
       kd->num_auditors = kd_old->num_auditors;
       kd->auditors = GNUNET_new_array (kd->num_auditors,
-                                       struct TALER_EXCHANGE_AuditorInformation);
+                                       struct TALER_EXCHANGE_AuditorInformation)
+      ;
       /* Now the necessary deep copy... */
       for (unsigned int i = 0; i<kd_old->num_auditors; i++)
       {
diff --git a/src/util/config.c b/src/util/config.c
index 9a32ec3e8..bfc2c67da 100644
--- a/src/util/config.c
+++ b/src/util/config.c
@@ -37,9 +37,7 @@ TALER_config_get_amount (const struct GNUNET_CONFIGURATION_Handle *cfg,
                                              option,
                                              &str))
   {
-    GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
-                               section,
-                               option);
+    /* may be OK! */
     return GNUNET_NO;
   }
   if (GNUNET_OK !=