diff options
| author | Christian Grothoff <christian@grothoff.org> | 2024-11-01 08:33:11 +0100 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2024-11-05 10:37:37 +0100 |
| commit | fc48ce87685f83f020e8808d3304ec1f97bec4bb (patch) | |
| tree | 85b516e9a63fb85af0c7d5f6041fd8de5d4ac79c | |
| parent | 0c68d975368f25d3fd0a8781f5fefa51de701cdc (diff) | |
-work on exchange
| -rw-r--r-- | src/exchange/taler-exchange-httpd_age-withdraw.c | 20 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_aml-attributes-get.c | 2 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_aml-decision.c | 18 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_aml-decisions-get.c | 4 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_batch-deposit.c | 23 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_batch-withdraw.c | 17 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_common_kyc.c | 38 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_common_kyc.h | 17 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_keys.c | 2 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_responses.h | 2 |
10 files changed, 80 insertions, 63 deletions
diff --git a/src/exchange/taler-exchange-httpd_age-withdraw.c b/src/exchange/taler-exchange-httpd_age-withdraw.c index e7d4b139c..d5f60a862 100644 --- a/src/exchange/taler-exchange-httpd_age-withdraw.c +++ b/src/exchange/taler-exchange-httpd_age-withdraw.c @@ -82,10 +82,10 @@ struct AgeWithdrawContext struct TALER_EXCHANGEDB_KycStatus kyc; /** - * Set to the hash of the payto account that established + * Set to the hash of the normalized payto URI that established * the reserve. */ - struct TALER_PaytoHashP h_payto; + struct TALER_NormalizedPaytoHashP h_normalized_payto; /** * value the client committed to @@ -498,7 +498,7 @@ check_kyc_result (struct AgeWithdrawContext *awc) finish_loop (awc, TEH_RESPONSE_reply_kyc_required ( awc->rc->connection, - &awc->h_payto, + &awc->h_normalized_payto, &awc->kyc, false)); return; @@ -577,7 +577,7 @@ withdraw_amount_cb ( return GNUNET_DB_STATUS_SUCCESS_NO_RESULTS; qs = TEH_plugin->select_withdraw_amounts_for_kyc_check ( TEH_plugin->cls, - &awc->h_payto, + &awc->h_normalized_payto, limit, cb, cb_cls); @@ -599,13 +599,14 @@ static void run_legi_check (struct AgeWithdrawContext *awc) { enum GNUNET_DB_QueryStatus qs; - char *payto_uri; + struct TALER_FullPayto payto_uri; + struct TALER_FullPaytoHashP h_full_payto; /* Check if the money came from a wire transfer */ qs = TEH_plugin->reserves_get_origin ( TEH_plugin->cls, &awc->commitment.reserve_pub, - &awc->h_payto, + &h_full_payto, &payto_uri); if (qs < 0) { @@ -625,19 +626,20 @@ run_legi_check (struct AgeWithdrawContext *awc) awc->phase = AWC_PHASE_PREPARE_TRANSACTION; return; } - + TALER_full_payto_normalize_and_hash (payto_uri, + &awc->h_normalized_payto); awc->lch = TEH_legitimization_check ( &awc->rc->async_scope_id, TALER_KYCLOGIC_KYC_TRIGGER_WITHDRAW, payto_uri, - &awc->h_payto, + &awc->h_normalized_payto, NULL, /* no account pub: this is about the origin account */ &withdraw_amount_cb, awc, &withdraw_legi_cb, awc); GNUNET_assert (NULL != awc->lch); - GNUNET_free (payto_uri); + GNUNET_free (payto_uri.full_payto); GNUNET_CONTAINER_DLL_insert (awc_head, awc_tail, awc); diff --git a/src/exchange/taler-exchange-httpd_aml-attributes-get.c b/src/exchange/taler-exchange-httpd_aml-attributes-get.c index ee3b6de5a..1d6589c56 100644 --- a/src/exchange/taler-exchange-httpd_aml-attributes-get.c +++ b/src/exchange/taler-exchange-httpd_aml-attributes-get.c @@ -88,7 +88,7 @@ TEH_handler_aml_attributes_get ( { int64_t limit = -20; uint64_t offset; - struct TALER_PaytoHashP h_payto; + struct TALER_NormalizedPaytoHashP h_payto; if ( (NULL == args[0]) || (NULL != args[1]) ) diff --git a/src/exchange/taler-exchange-httpd_aml-decision.c b/src/exchange/taler-exchange-httpd_aml-decision.c index cbd1f0a5f..4f6848524 100644 --- a/src/exchange/taler-exchange-httpd_aml-decision.c +++ b/src/exchange/taler-exchange-httpd_aml-decision.c @@ -164,8 +164,10 @@ TEH_handler_post_aml_decision ( struct GNUNET_TIME_Timestamp decision_time; const json_t *new_rules; const json_t *properties = NULL; - const char *payto_uri = NULL; - struct TALER_PaytoHashP h_payto; + struct TALER_FullPayto payto_uri = { + .full_payto = NULL + }; + struct TALER_NormalizedPaytoHashP h_payto; struct TALER_AmlOfficerSignatureP officer_sig; struct TALER_KYCLOGIC_LegitimizationRuleSet *lrs = NULL; uint64_t legi_measure_serial_id = 0; @@ -179,8 +181,8 @@ TEH_handler_post_aml_decision ( GNUNET_JSON_spec_string ("justification", &justification), GNUNET_JSON_spec_mark_optional ( - GNUNET_JSON_spec_string ("payto_uri", - &payto_uri), + TALER_JSON_spec_full_payto_uri ("payto_uri", + &payto_uri), NULL), GNUNET_JSON_spec_fixed_auto ("h_payto", &h_payto), @@ -236,12 +238,12 @@ TEH_handler_post_aml_decision ( goto done; } } - if (NULL != payto_uri) + if (NULL != payto_uri.full_payto) { - struct TALER_PaytoHashP h_payto2; + struct TALER_NormalizedPaytoHashP h_payto2; - TALER_payto_hash (payto_uri, - &h_payto2); + TALER_full_payto_normalize_and_hash (payto_uri, + &h_payto2); if (0 != GNUNET_memcmp (&h_payto, &h_payto2)) diff --git a/src/exchange/taler-exchange-httpd_aml-decisions-get.c b/src/exchange/taler-exchange-httpd_aml-decisions-get.c index 9059d1437..f82a4eeac 100644 --- a/src/exchange/taler-exchange-httpd_aml-decisions-get.c +++ b/src/exchange/taler-exchange-httpd_aml-decisions-get.c @@ -56,7 +56,7 @@ record_cb ( void *cls, uint64_t row_id, const char *justification, - const struct TALER_PaytoHashP *h_payto, + const struct TALER_NormalizedPaytoHashP *h_payto, struct GNUNET_TIME_Timestamp decision_time, struct GNUNET_TIME_Absolute expiration_time, const json_t *jproperties, @@ -101,7 +101,7 @@ TEH_handler_aml_decisions_get ( { int64_t limit = -20; uint64_t offset; - struct TALER_PaytoHashP h_payto; + struct TALER_NormalizedPaytoHashP h_payto; bool have_payto = false; enum TALER_EXCHANGE_YesNoAll active_filter; enum TALER_EXCHANGE_YesNoAll investigation_filter; diff --git a/src/exchange/taler-exchange-httpd_batch-deposit.c b/src/exchange/taler-exchange-httpd_batch-deposit.c index fdb705e14..e46d2124a 100644 --- a/src/exchange/taler-exchange-httpd_batch-deposit.c +++ b/src/exchange/taler-exchange-httpd_batch-deposit.c @@ -80,7 +80,6 @@ struct BatchDepositContext */ json_t *policy_json; - /** * Response to return, if set. */ @@ -108,6 +107,12 @@ struct BatchDepositContext uint64_t policy_details_serial_id; /** + * Hash over the normalized payto://-URI of the account we are + * depositing into. + */ + struct TALER_NormalizedPaytoHashP nph; + + /** * Our timestamp (when we received the request). * Possibly updated by the transaction if the * request is idempotent (was repeated). @@ -507,7 +512,7 @@ bdc_phase_check_kyc_result (struct BatchDepositContext *bdc) finish_loop (bdc, TEH_RESPONSE_reply_kyc_required ( bdc->rc->connection, - &bdc->bd.wire_target_h_payto, + &bdc->nph, &bdc->kyc, bdc->bad_kyc_auth)); return; @@ -587,7 +592,7 @@ deposit_amount_cb ( return GNUNET_DB_STATUS_SUCCESS_NO_RESULTS; qs = TEH_plugin->select_deposit_amounts_for_kyc_check ( TEH_plugin->cls, - &bdc->bd.wire_target_h_payto, + &bdc->nph, limit, cb, cb_cls); @@ -613,11 +618,13 @@ bdc_phase_kyc (struct BatchDepositContext *bdc) bdc->phase++; return; } + TALER_full_payto_normalize_and_hash (bdc->bd.receiver_wire_account, + &bdc->nph); bdc->lch = TEH_legitimization_check2 ( &bdc->rc->async_scope_id, TALER_KYCLOGIC_KYC_TRIGGER_DEPOSIT, bdc->bd.receiver_wire_account, - &bdc->bd.wire_target_h_payto, + &bdc->nph, &bdc->bd.merchant_pub, &deposit_amount_cb, bdc, @@ -891,8 +898,8 @@ bdc_phase_parse (struct BatchDepositContext *bdc, const json_t *policy_json; bool no_refund_deadline = true; struct GNUNET_JSON_Specification spec[] = { - TALER_JSON_spec_payto_uri ("merchant_payto_uri", - &bd->receiver_wire_account), + TALER_JSON_spec_full_payto_uri ("merchant_payto_uri", + &bd->receiver_wire_account), GNUNET_JSON_spec_fixed_auto ("wire_salt", &bd->wire_salt), GNUNET_JSON_spec_fixed_auto ("merchant_pub", @@ -996,8 +1003,8 @@ bdc_phase_parse (struct BatchDepositContext *bdc, NULL)); return; } - TALER_payto_hash (bd->receiver_wire_account, - &bd->wire_target_h_payto); + TALER_full_payto_hash (bd->receiver_wire_account, + &bd->wire_target_h_payto); TALER_merchant_wire_signature_hash (bd->receiver_wire_account, &bd->wire_salt, &bdc->h_wire); diff --git a/src/exchange/taler-exchange-httpd_batch-withdraw.c b/src/exchange/taler-exchange-httpd_batch-withdraw.c index cc61b98e7..857856a7d 100644 --- a/src/exchange/taler-exchange-httpd_batch-withdraw.c +++ b/src/exchange/taler-exchange-httpd_batch-withdraw.c @@ -110,7 +110,7 @@ struct BatchWithdrawContext * established the reserve, set during the @e kyc * check (if any). */ - struct TALER_PaytoHashP h_payto; + struct TALER_NormalizedPaytoHashP h_normalized_payto; /** * Array of @e planchets_length planchets we are processing. @@ -570,7 +570,7 @@ check_kyc_result (struct BatchWithdrawContext *bwc) finish_loop (bwc, TEH_RESPONSE_reply_kyc_required ( bwc->rc->connection, - &bwc->h_payto, + &bwc->h_normalized_payto, &bwc->kyc, false)); return; @@ -649,7 +649,7 @@ withdraw_amount_cb ( return GNUNET_DB_STATUS_SUCCESS_NO_RESULTS; qs = TEH_plugin->select_withdraw_amounts_for_kyc_check ( TEH_plugin->cls, - &bwc->h_payto, + &bwc->h_normalized_payto, limit, cb, cb_cls); @@ -671,7 +671,8 @@ static void run_legi_check (struct BatchWithdrawContext *bwc) { enum GNUNET_DB_QueryStatus qs; - char *payto_uri; + struct TALER_FullPaytoHashP h_payto; + struct TALER_FullPayto payto_uri; if (GNUNET_YES != TEH_enable_kyc) { @@ -682,7 +683,7 @@ run_legi_check (struct BatchWithdrawContext *bwc) qs = TEH_plugin->reserves_get_origin ( TEH_plugin->cls, &bwc->reserve_pub, - &bwc->h_payto, + &h_payto, &payto_uri); if (qs < 0) { @@ -694,6 +695,8 @@ run_legi_check (struct BatchWithdrawContext *bwc) "reserves_get_origin")); return; } + TALER_full_payto_normalize_and_hash (payto_uri, + &bwc->h_normalized_payto); /* If _no_ results, reserve was created by merge, in which case no KYC check is required as the merge already did that. */ @@ -707,14 +710,14 @@ run_legi_check (struct BatchWithdrawContext *bwc) &bwc->rc->async_scope_id, TALER_KYCLOGIC_KYC_TRIGGER_WITHDRAW, payto_uri, - &bwc->h_payto, + &bwc->h_normalized_payto, NULL, /* no account pub: this is about the origin account */ &withdraw_amount_cb, bwc, &withdraw_legi_cb, bwc); GNUNET_assert (NULL != bwc->lch); - GNUNET_free (payto_uri); + GNUNET_free (payto_uri.full_payto); GNUNET_CONTAINER_DLL_insert (bwc_head, bwc_tail, bwc); diff --git a/src/exchange/taler-exchange-httpd_common_kyc.c b/src/exchange/taler-exchange-httpd_common_kyc.c index 1adc808bc..c7f1cef76 100644 --- a/src/exchange/taler-exchange-httpd_common_kyc.c +++ b/src/exchange/taler-exchange-httpd_common_kyc.c @@ -46,7 +46,7 @@ struct TEH_KycAmlTrigger /** * account the operation is about */ - struct TALER_PaytoHashP account_id; + struct TALER_NormalizedPaytoHashP account_id; /** * until when is the KYC data valid @@ -482,7 +482,7 @@ TEH_kyc_finished2 ( const struct GNUNET_AsyncScopeId *scope, uint64_t process_row, const struct TALER_KYCLOGIC_Measure *instant_ms, - const struct TALER_PaytoHashP *account_id, + const struct TALER_NormalizedPaytoHashP *account_id, const char *provider_name, const char *provider_user_id, const char *provider_legitimization_id, @@ -611,7 +611,7 @@ struct TEH_KycAmlTrigger * TEH_kyc_finished ( const struct GNUNET_AsyncScopeId *scope, uint64_t process_row, - const struct TALER_PaytoHashP *account_id, + const struct TALER_NormalizedPaytoHashP *account_id, const char *provider_name, const char *provider_user_id, const char *provider_legitimization_id, @@ -679,7 +679,7 @@ struct TEH_KycAmlFallback /** * Account this is for. */ - struct TALER_PaytoHashP account_id; + struct TALER_NormalizedPaytoHashP account_id; /** * Function to call when done. @@ -844,7 +844,7 @@ return_fallback_result (void *cls) struct TEH_KycAmlFallback* TEH_kyc_fallback ( const struct GNUNET_AsyncScopeId *scope, - const struct TALER_PaytoHashP *account_id, + const struct TALER_NormalizedPaytoHashP *account_id, uint64_t orig_requirement_row, const json_t *attributes, const json_t *aml_history, @@ -897,11 +897,14 @@ TEH_kyc_fallback ( json_t *jmeasures; enum GNUNET_DB_QueryStatus qs; bool bad_kyc_auth; + struct TALER_FullPayto null_account = { + .full_payto = NULL + }; jmeasures = TALER_KYCLOGIC_check_to_measures (&kcc); qs = TEH_plugin->trigger_kyc_rule_for_account ( TEH_plugin->cls, - NULL, /* account_id is already in wire targets */ + null_account, /* account_id is already in wire targets */ account_id, NULL, /* account_pub */ NULL, /* merchant_pub */ @@ -939,7 +942,7 @@ TEH_kyc_fallback_cancel ( bool TEH_kyc_failed ( uint64_t process_row, - const struct TALER_PaytoHashP *account_id, + const struct TALER_NormalizedPaytoHashP *account_id, const char *provider_name, const char *provider_user_id, const char *provider_legitimization_id, @@ -991,7 +994,7 @@ struct TEH_LegitimizationCheckHandle /** * Payto-URI of the account. */ - char *payto_uri; + struct TALER_FullPayto payto_uri; /** * Amount iterator to call to check for amounts. @@ -1017,7 +1020,7 @@ struct TEH_LegitimizationCheckHandle /** * Hash of @e payto_uri. */ - struct TALER_PaytoHashP h_payto; + struct TALER_NormalizedPaytoHashP h_payto; /** * Public key of the account. We should associate this public @@ -1190,8 +1193,8 @@ static struct TEH_LegitimizationCheckHandle * setup_legitimization_check ( const struct GNUNET_AsyncScopeId *scope, enum TALER_KYCLOGIC_KycTriggerEvent et, - const char *payto_uri, - const struct TALER_PaytoHashP *h_payto, + const struct TALER_FullPayto payto_uri, + const struct TALER_NormalizedPaytoHashP *h_payto, const union TALER_AccountPublicKeyP *account_pub, TALER_KYCLOGIC_KycAmountIterator ai, void *ai_cls, @@ -1203,7 +1206,8 @@ setup_legitimization_check ( lch = GNUNET_new (struct TEH_LegitimizationCheckHandle); lch->scope = *scope; lch->et = et; - lch->payto_uri = GNUNET_strdup (payto_uri); + lch->payto_uri.full_payto + = GNUNET_strdup (payto_uri.full_payto); lch->h_payto = *h_payto; if (NULL != account_pub) { @@ -1222,8 +1226,8 @@ struct TEH_LegitimizationCheckHandle * TEH_legitimization_check ( const struct GNUNET_AsyncScopeId *scope, enum TALER_KYCLOGIC_KycTriggerEvent et, - const char *payto_uri, - const struct TALER_PaytoHashP *h_payto, + const struct TALER_FullPayto payto_uri, + const struct TALER_NormalizedPaytoHashP *h_payto, const union TALER_AccountPublicKeyP *account_pub, TALER_KYCLOGIC_KycAmountIterator ai, void *ai_cls, @@ -1250,8 +1254,8 @@ struct TEH_LegitimizationCheckHandle * TEH_legitimization_check2 ( const struct GNUNET_AsyncScopeId *scope, enum TALER_KYCLOGIC_KycTriggerEvent et, - const char *payto_uri, - const struct TALER_PaytoHashP *h_payto, + const struct TALER_FullPayto payto_uri, + const struct TALER_NormalizedPaytoHashP *h_payto, const struct TALER_MerchantPublicKeyP *merchant_pub, TALER_KYCLOGIC_KycAmountIterator ai, void *ai_cls, @@ -1895,7 +1899,7 @@ TEH_legitimization_check_cancel ( MHD_destroy_response (lch->lcr.response); lch->lcr.response = NULL; } - GNUNET_free (lch->payto_uri); + GNUNET_free (lch->payto_uri.full_payto); GNUNET_free (lch->aml_program); GNUNET_free (lch); } diff --git a/src/exchange/taler-exchange-httpd_common_kyc.h b/src/exchange/taler-exchange-httpd_common_kyc.h index af9e22bca..2c9e9bcff 100644 --- a/src/exchange/taler-exchange-httpd_common_kyc.h +++ b/src/exchange/taler-exchange-httpd_common_kyc.h @@ -76,7 +76,7 @@ struct TEH_KycAmlTrigger * TEH_kyc_finished ( const struct GNUNET_AsyncScopeId *scope, uint64_t process_row, - const struct TALER_PaytoHashP *account_id, + const struct TALER_NormalizedPaytoHashP *account_id, const char *provider_name, const char *provider_user_id, const char *provider_legitimization_id, @@ -118,7 +118,7 @@ TEH_kyc_finished2 ( const struct GNUNET_AsyncScopeId *scope, uint64_t process_row, const struct TALER_KYCLOGIC_Measure *instant_ms, - const struct TALER_PaytoHashP *account_id, + const struct TALER_NormalizedPaytoHashP *account_id, const char *provider_name, const char *provider_user_id, const char *provider_legitimization_id, @@ -181,8 +181,7 @@ typedef void struct TEH_KycAmlFallback * TEH_kyc_fallback ( const struct GNUNET_AsyncScopeId *scope, - const struct TALER_PaytoHashP * - account_id, + const struct TALER_NormalizedPaytoHashP *account_id, uint64_t orig_requirement_row, const json_t *attributes, const json_t *aml_history, @@ -218,7 +217,7 @@ TEH_kyc_fallback_cancel ( bool TEH_kyc_failed ( uint64_t process_row, - const struct TALER_PaytoHashP *account_id, + const struct TALER_NormalizedPaytoHashP *account_id, const char *provider_name, const char *provider_user_id, const char *provider_legitimization_id, @@ -319,8 +318,8 @@ struct TEH_LegitimizationCheckHandle * TEH_legitimization_check ( const struct GNUNET_AsyncScopeId *scope, enum TALER_KYCLOGIC_KycTriggerEvent et, - const char *payto_uri, - const struct TALER_PaytoHashP *h_payto, + const struct TALER_FullPayto payto_uri, + const struct TALER_NormalizedPaytoHashP *h_payto, const union TALER_AccountPublicKeyP *account_pub, TALER_KYCLOGIC_KycAmountIterator ai, void *ai_cls, @@ -349,8 +348,8 @@ struct TEH_LegitimizationCheckHandle * TEH_legitimization_check2 ( const struct GNUNET_AsyncScopeId *scope, enum TALER_KYCLOGIC_KycTriggerEvent et, - const char *payto_uri, - const struct TALER_PaytoHashP *h_payto, + const struct TALER_FullPayto payto_uri, + const struct TALER_NormalizedPaytoHashP *h_payto, const struct TALER_MerchantPublicKeyP *merchant_pub, TALER_KYCLOGIC_KycAmountIterator ai, void *ai_cls, diff --git a/src/exchange/taler-exchange-httpd_keys.c b/src/exchange/taler-exchange-httpd_keys.c index d9bc440e3..b861ad49d 100644 --- a/src/exchange/taler-exchange-httpd_keys.c +++ b/src/exchange/taler-exchange-httpd_keys.c @@ -1,6 +1,6 @@ /* This file is part of TALER - Copyright (C) 2020-2023 Taler Systems SA + Copyright (C) 2020-2024 Taler Systems SA TALER is free software; you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software diff --git a/src/exchange/taler-exchange-httpd_responses.h b/src/exchange/taler-exchange-httpd_responses.h index 79f505538..e6f13e419 100644 --- a/src/exchange/taler-exchange-httpd_responses.h +++ b/src/exchange/taler-exchange-httpd_responses.h @@ -98,7 +98,7 @@ TEH_RESPONSE_reply_reserve_age_restriction_required ( MHD_RESULT TEH_RESPONSE_reply_kyc_required ( struct MHD_Connection *connection, - const struct TALER_PaytoHashP *h_payto, + const struct TALER_NormalizedPaytoHashP *h_payto, const struct TALER_EXCHANGEDB_KycStatus *kyc, bool bad_kyc_auth); |