diff options
| author | Christian Grothoff <christian@grothoff.org> | 2019-03-11 02:56:05 +0100 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2019-03-11 02:56:05 +0100 |
| commit | 82ce84fe67e14ff547bdca068c39511d8c0125fb (patch) | |
| tree | 4f58688ff93d4f1523ab8c27d755bcef1101e9ad | |
| parent | c3b9ebc1effea652e3cdfc93fb6ed5b1cf83826a (diff) | |
| parent | 4405438d9c2db21be566a57a57b5eeeaf294bbc9 (diff) | |
pre-pull merging
| -rw-r--r-- | doc/taler-exchange.texi | 21 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_keystate.c | 19 |
2 files changed, 29 insertions, 11 deletions
diff --git a/doc/taler-exchange.texi b/doc/taler-exchange.texi index 50a0535ec..4e6a0fb96 100644 --- a/doc/taler-exchange.texi +++ b/doc/taler-exchange.texi @@ -472,14 +472,17 @@ ENABLE for each account whether it should be used, and for what [account-1] URL = "payto://sepa/CH9300762011623852957" WIRE_RESPONSE = $@{TALER_CONFIG_HOME@}/account-1.json -PLUGIN = ebics + +# Currently, only the 'taler_bank' plugin is implemented. +PLUGIN = <plugin_name_here> # Use for exchange-aggregator (outgoing transfers) ENABLE_DEBIT = YES # Use for exchange-wirewatch (and listed in /wire) ENABLE_CREDIT = YES -# ... add authentication options here +# Authentication options for the chosen plugin go here. +# (Next sections have examples of authentication mechanisms) @end example The command line tool @cite{taler-exchange-wire} is used to create @@ -509,9 +512,7 @@ requests. The @code{taler_bank} plugin implements the wire method ``x-taler-bank''. -The format of the @code{payto://} URL is @code{payto://x-taler-bank/HOSTNAME:PORT}, -possibly followed by other parameters like the amount and wire transfer subject -as per the @code{payto://} standard. +The format of the @code{payto://} URL is @code{payto://x-taler-bank/HOSTNAME[:PORT]}. For basic authentication, the @code{taler_bank} plugin only supports simple password-based authentication. For this, the configuration @@ -520,8 +521,14 @@ account at the bank. @setsyntax ini @example -[account-2] -URL = "payto://test/localhost:8080" +[account-1] + +# Bank account details here.. +# .. + +# Authentication options for the taler_bank plugin below: + +TALER_BANK_AUTH_METHOD = basic USERNAME = exchange PASSWORD = super-secure @end example diff --git a/src/exchange/taler-exchange-httpd_keystate.c b/src/exchange/taler-exchange-httpd_keystate.c index 36f464ba8..30a0bbf12 100644 --- a/src/exchange/taler-exchange-httpd_keystate.c +++ b/src/exchange/taler-exchange-httpd_keystate.c @@ -783,16 +783,27 @@ revocations_iter (void *cls, GNUNET_h2s (denom_hash)); dki = GNUNET_CONTAINER_multihashmap_get (key_state->denomkey_map, denom_hash); - if (NULL == dki) + // FIXME: what do we do if dki is not known? + // especially what if we have neither private key NOR + // DB entry? (maybe ancient revocation? should we ignore it?) + if (NULL != dki) { GNUNET_assert (GNUNET_YES == GNUNET_CONTAINER_multihashmap_remove (key_state->denomkey_map, denom_hash, dki)); - res = store_in_map (key_state->revoked_map, - dki); - if (GNUNET_NO == res) + if (GNUNET_NO == + GNUNET_CONTAINER_multihashmap_put (key_state->revoked_map, + &dki->issue.properties.denom_hash, + dki, + GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY)) + { + /* revocation file must exist twice, keep only one of the dkis */ + GNUNET_CRYPTO_rsa_private_key_free (dki->denom_priv.rsa_private_key); + GNUNET_CRYPTO_rsa_public_key_free (dki->denom_pub.rsa_public_key); + GNUNET_free (dki); return GNUNET_OK; + } } /* Try to insert DKI into DB until we succeed; note that if the DB failure is persistent, we need to die, as we cannot continue |