diff options
author | Christian Grothoff <christian@grothoff.org> | 2017-03-20 02:29:33 +0100 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2017-03-20 02:29:33 +0100 |
commit | a38fa32484286d2895dca10d3f53d3c7599d2f3b (patch) | |
tree | 64b840590eb69adca395368802548cd3febb0b84 /src/auditor/taler-auditor.c | |
parent | 7115eda899d6cd51342378047579d9a74b9cad29 (diff) |
fixing misc auditor issues
Diffstat (limited to 'src/auditor/taler-auditor.c')
-rw-r--r-- | src/auditor/taler-auditor.c | 1615 |
1 files changed, 910 insertions, 705 deletions
diff --git a/src/auditor/taler-auditor.c b/src/auditor/taler-auditor.c index 0427f12ab..971f6e51f 100644 --- a/src/auditor/taler-auditor.c +++ b/src/auditor/taler-auditor.c @@ -23,6 +23,14 @@ * the wire transfers from the bank. This needs to be checked separately! * - Similarly, we do not check that the outgoing wire transfers match those * given in the 'wire_out' table. This needs to be checked separately! + * + * KNOWN BUGS: + * - resolve HACK! -- need extra serial_id in 'pp' as we go over reserve_out twice! + * - risk is not calculated correctly + * - calculate, store and report aggregation fee balance! + * - error handling if denomination keys are used that are not known to the + * auditor is, eh, awful / non-existent. We just throw the DB's constraint + * violation back at the user. Great UX. */ #include "platform.h" #include <gnunet/gnunet_util_lib.h> @@ -251,20 +259,48 @@ static void report_reserve_balance (const struct TALER_Amount *total_balance, const struct TALER_Amount *total_fee_balance) { - char *balance; - char *fees; - - balance = TALER_amount_to_string (total_balance); - fees = TALER_amount_to_string (total_fee_balance); // TODO: implement proper reporting logic writing to file. GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, "Total escrow balance to be held for reserves: %s\n", - balance); + TALER_amount2s (total_balance)); GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, "Total profits made from reserves: %s\n", - fees); - GNUNET_free (fees); - GNUNET_free (balance); + TALER_amount2s (total_fee_balance)); +} + + +/** + * Report state of denomination processing. + * + * @param total_balance total value of outstanding coins + * @param total_risk total value of issued coins in active denominations + * @param deposit_fees total deposit fees collected + * @param melt_fees total melt fees collected + * @param refund_fees total refund fees collected + */ +static void +report_denomination_balance (const struct TALER_Amount *total_balance, + const struct TALER_Amount *total_risk, + const struct TALER_Amount *deposit_fees, + const struct TALER_Amount *melt_fees, + const struct TALER_Amount *refund_fees) +{ + // TODO: implement proper reporting logic writing to file. + GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, + "Final balance for all denominations is %s\n", + TALER_amount2s (total_balance)); + GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, + "Risk from active operations is %s\n", + TALER_amount2s (total_risk)); + GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, + "Deposit fee profits are %s\n", + TALER_amount2s (deposit_fees)); + GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, + "Melt fee profits are %s\n", + TALER_amount2s (melt_fees)); + GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, + "Refund fee profits are %s\n", + TALER_amount2s (refund_fees)); } @@ -321,6 +357,16 @@ get_denomination_info (const struct TALER_DenominationPublicKey *denom_pub, *dki = NULL; return ret; } + { + struct TALER_Amount value; + + TALER_amount_ntoh (&value, + &dkip->properties.value); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Tracking denomination `%s' (%s)\n", + GNUNET_h2s (dh), + TALER_amount2s (&value)); + } *dki = dkip; GNUNET_assert (GNUNET_OK == GNUNET_CONTAINER_multihashmap_put (denominations, @@ -346,6 +392,9 @@ free_dk_info (void *cls, { struct TALER_EXCHANGEDB_DenominationKeyInformationP *dki = value; + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Done with denomination `%s'\n", + GNUNET_h2s (key)); GNUNET_free (dki); return GNUNET_OK; } @@ -465,6 +514,10 @@ load_auditor_reserve_summary (struct ReserveSummary *rs) GNUNET_assert (GNUNET_OK == TALER_amount_get_zero (rs->total_in.currency, &rs->a_withdraw_fee_balance)); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Creating fresh reserve `%s' with starting balance %s\n", + TALER_B2S (&rs->reserve_pub), + TALER_amount2s (&rs->a_balance)); return GNUNET_OK; } rs->had_ri = GNUNET_YES; @@ -482,6 +535,10 @@ load_auditor_reserve_summary (struct ReserveSummary *rs) GNUNET_break (0); return GNUNET_SYSERR; } + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Auditor remembers reserve `%s' has balance %s\n", + TALER_B2S (&rs->reserve_pub), + TALER_amount2s (&rs->a_balance)); return GNUNET_OK; } @@ -573,6 +630,10 @@ handle_reserve_in (void *cls, &rs->total_in, credit)); } + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Additional incoming wire transfer for reserve `%s' of %s\n", + TALER_B2S (reserve_pub), + TALER_amount2s (credit)); expiry = GNUNET_TIME_absolute_add (execution_date, TALER_IDLE_RESERVE_EXPIRATION_TIME); rs->a_expiration_date = GNUNET_TIME_absolute_max (rs->a_expiration_date, @@ -705,7 +766,10 @@ handle_reserve_out (void *cls, &rs->total_out, amount_with_fee)); } - + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Reserve `%s' reduced by %s from withdraw\n", + TALER_B2S (reserve_pub), + TALER_amount2s (amount_with_fee)); TALER_amount_ntoh (&withdraw_fee, &dki->properties.fee_withdraw); GNUNET_assert (GNUNET_OK == @@ -794,6 +858,7 @@ verify_reserve_balance (void *cls, if (0 == GNUNET_TIME_absolute_get_remaining (rs->a_expiration_date).rel_value_us) { /* TODO: handle case where reserve is expired! (#4956) */ + GNUNET_break (0); /* not implemented */ /* NOTE: we may or may not have seen the wire-back transfer at this time, as the expiration may have just now happened. (That is, after we add the table structures and the logic to track @@ -806,6 +871,10 @@ verify_reserve_balance (void *cls, /* TODO: balance is zero, drop reserve details (and then do not update/insert) */ if (rs->had_ri) { + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "Final balance of reserve `%s' is %s, dropping it\n", + TALER_B2S (&rs->reserve_pub), + TALER_amount2s (&balance)); ret = adb->del_reserve_info (adb->cls, asession, &rs->reserve_pub, @@ -822,13 +891,21 @@ verify_reserve_balance (void *cls, goto cleanup; } } + else + { + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "Final balance of reserve `%s' is %s, no need to remember it\n", + TALER_B2S (&rs->reserve_pub), + TALER_amount2s (&balance)); + } ret = GNUNET_OK; goto cleanup; } GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, - "Reserve balance `%s' OK\n", - TALER_B2S (&rs->reserve_pub)); + "Remembering final balance of reserve `%s' as %s\n", + TALER_B2S (&rs->reserve_pub), + TALER_amount2s (&balance)); /* Add withdraw fees we encountered to totals */ if (GNUNET_YES != @@ -898,6 +975,8 @@ analyze_reserves (void *cls) struct ReserveContext rc; int ret; + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Analyzing reserves\n"); ret = adb->get_reserve_summary (adb->cls, asession, &master_pub, @@ -978,6 +1057,678 @@ analyze_reserves (void *cls) } +/* *********************** Analyze aggregations ******************** */ +/* This logic checks that the aggregator did the right thing + paying each merchant what they were due (and on time). */ + + +/** + * Information we keep per loaded wire plugin. + */ +struct WirePlugin +{ + + /** + * Kept in a DLL. + */ + struct WirePlugin *next; + + /** + * Kept in a DLL. + */ + struct WirePlugin *prev; + + /** + * Name of the wire method. + */ + char *type; + + /** + * Handle to the wire plugin. + */ + struct TALER_WIRE_Plugin *plugin; + +}; + + +/** + * Closure for callbacks during #analyze_merchants(). + */ +struct AggregationContext +{ + + /** + * DLL of wire plugins encountered. + */ + struct WirePlugin *wire_head; + + /** + * DLL of wire plugins encountered. + */ + struct WirePlugin *wire_tail; + +}; + + +/** + * Find the relevant wire plugin. + * + * @param ac context to search + * @param type type of the wire plugin to load + * @return NULL on error + */ +static struct TALER_WIRE_Plugin * +get_wire_plugin (struct AggregationContext *ac, + const char *type) +{ + struct WirePlugin *wp; + struct TALER_WIRE_Plugin *plugin; + + for (wp = ac->wire_head; NULL != wp; wp = wp->next) + if (0 == strcmp (type, + wp->type)) + return wp->plugin; + plugin = TALER_WIRE_plugin_load (cfg, + type); + if (NULL == plugin) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Failed to locate wire plugin for `%s'\n", + type); + return NULL; + } + wp = GNUNET_new (struct WirePlugin); + wp->type = GNUNET_strdup (type); + wp->plugin = plugin; + GNUNET_CONTAINER_DLL_insert (ac->wire_head, + ac->wire_tail, + wp); + return plugin; +} + + +/** + * Closure for #wire_transfer_information_cb. + */ +struct WireCheckContext +{ + + /** + * Corresponding merchant context. + */ + struct AggregationContext *ac; + + /** + * Total deposits claimed by all transactions that were aggregated + * under the given @e wtid. + */ + struct TALER_Amount total_deposits; + + /** + * Hash of the wire transfer details of the receiver. + */ + struct GNUNET_HashCode h_wire; + + /** + * Execution time of the wire transfer. + */ + struct GNUNET_TIME_Absolute date; + + /** + * Wire method used for the transfer. + */ + const char *method; + + /** + * Set to #GNUNET_SYSERR if there are inconsistencies. + */ + int ok; + +}; + + +/** + * Check coin's transaction history for plausibility. Does NOT check + * the signatures (those are checked independently), but does calculate + * the amounts for the aggregation table and checks that the total + * claimed coin value is within the value of the coin's denomination. + * + * @param coin_pub public key of the coin (for reporting) + * @param h_proposal_data hash of the proposal for which we calculate the amount + * @param merchant_pub public key of the merchant (who is allowed to issue refunds) + * @param dki denomination information about the coin + * @param tl_head head of transaction history to verify + * @param[out] merchant_gain amount the coin contributes to the wire transfer to the merchant + * @param[out] merchant_fees fees the exchange charged the merchant for the transaction(s) + * @return #GNUNET_OK on success, #GNUNET_SYSERR on error + */ +static int +check_transaction_history (const struct TALER_CoinSpendPublicKeyP *coin_pub, + const struct GNUNET_HashCode *h_proposal_data, + const struct TALER_MerchantPublicKeyP *merchant_pub, + const struct TALER_EXCHANGEDB_DenominationKeyInformationP *dki, + const struct TALER_EXCHANGEDB_TransactionList *tl_head, + struct TALER_Amount *merchant_gain, + struct TALER_Amount *merchant_fees) +{ + struct TALER_Amount expenditures; + struct TALER_Amount refunds; + struct TALER_Amount spent; + struct TALER_Amount value; + struct TALER_Amount merchant_loss; + + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Checking transaction history of coin %s\n", + TALER_B2S (coin_pub)); + + GNUNET_assert (NULL != tl_head); + TALER_amount_get_zero (currency, + &expenditures); + TALER_amount_get_zero (currency, + &refunds); + TALER_amount_get_zero (currency, + merchant_gain); + TALER_amount_get_zero (currency, + merchant_fees); + TALER_amount_get_zero (currency, + &merchant_loss); + /* Go over transaction history to compute totals; note that we do not + know the order, so instead of subtracting we compute positive + (deposit, melt) and negative (refund) values separately here, + and then subtract the negative from the positive after the loop. */ + for (const struct TALER_EXCHANGEDB_TransactionList *tl = tl_head;NULL != tl;tl = tl->next) + { + const struct TALER_Amount *amount_with_fee; + const struct TALER_Amount *fee; + const struct TALER_AmountNBO *fee_dki; + struct TALER_Amount tmp; + + switch (tl->type) { + case TALER_EXCHANGEDB_TT_DEPOSIT: + amount_with_fee = &tl->details.deposit->amount_with_fee; + fee = &tl->details.deposit->deposit_fee; + fee_dki = &dki->properties.fee_deposit; + if (GNUNET_OK != + TALER_amount_add (&expenditures, + &expenditures, + amount_with_fee)) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + /* Check if this deposit is within the remit of the aggregation + we are investigating, if so, include it in the totals. */ + if ( (0 == memcmp (merchant_pub, + &tl->details.deposit->merchant_pub, + sizeof (struct TALER_MerchantPublicKeyP))) && + (0 == memcmp (h_proposal_data, + &tl->details.deposit->h_proposal_data, + sizeof (struct GNUNET_HashCode))) ) + { + struct TALER_Amount amount_without_fee; + + if (GNUNET_OK != + TALER_amount_subtract (&amount_without_fee, + amount_with_fee, + fee)) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + if (GNUNET_OK != + TALER_amount_add (merchant_gain, + merchant_gain, + &amount_without_fee)) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Detected applicable deposit of %s\n", + TALER_amount2s (&amount_without_fee)); + if (GNUNET_OK != + TALER_amount_add (merchant_fees, + merchant_fees, + fee)) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + } + break; + case TALER_EXCHANGEDB_TT_REFRESH_MELT: + amount_with_fee = &tl->details.melt->amount_with_fee; + fee = &tl->details.melt->melt_fee; + fee_dki = &dki->properties.fee_refresh; + if (GNUNET_OK != + TALER_amount_add (&expenditures, + &expenditures, + amount_with_fee)) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + break; + case TALER_EXCHANGEDB_TT_REFUND: + amount_with_fee = &tl->details.refund->refund_amount; + fee = &tl->details.refund->refund_fee; + fee_dki = &dki->properties.fee_refund; + if (GNUNET_OK != + TALER_amount_add (&refunds, + &refunds, + amount_with_fee)) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + if (GNUNET_OK != + TALER_amount_add (&expenditures, + &expenditures, + fee)) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + /* Check if this refund is within the remit of the aggregation + we are investigating, if so, include it in the totals. */ + if ( (0 == memcmp (merchant_pub, + &tl->details.refund->merchant_pub, + sizeof (struct TALER_MerchantPublicKeyP))) && + (0 == memcmp (h_proposal_data, + &tl->details.refund->h_proposal_data, + sizeof (struct GNUNET_HashCode))) ) + { + if (GNUNET_OK != + TALER_amount_add (&merchant_loss, + &merchant_loss, + amount_with_fee)) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Detected applicable refund of %s\n", + TALER_amount2s (amount_with_fee)); + if (GNUNET_OK != + TALER_amount_add (merchant_fees, + merchant_fees, + fee)) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + } + break; + } + + /* Check that the fees given in the transaction list and in dki match */ + TALER_amount_ntoh (&tmp, + fee_dki); + if (0 != + TALER_amount_cmp (&tmp, + fee)) + { + /* Disagreement in fee structure within DB, should be impossible! */ + GNUNET_break (0); + return GNUNET_SYSERR; + } + } /* for 'tl' */ + + /* Calculate total balance change, i.e. expenditures minus refunds */ + if (GNUNET_SYSERR == + TALER_amount_subtract (&spent, + &expenditures, + &refunds)) + { + /* refunds above expenditures? Bad! */ + report_coin_inconsistency (coin_pub, + &expenditures, + &refunds, + "could not subtract refunded amount from expenditures"); + return GNUNET_SYSERR; + } + + /* Now check that 'spent' is less or equal than total coin value */ + TALER_amount_ntoh (&value, + &dki->properties.value); + if (1 == TALER_amount_cmp (&spent, + &value)) + { + /* spent > value */ + report_coin_inconsistency (coin_pub, + &spent, + &value, + "accepted deposits (minus refunds) exceeds denomination value"); + return GNUNET_SYSERR; + } + + /* Finally, update @a merchant_gain by subtracting what he "lost" from refunds */ + if (GNUNET_SYSERR == + TALER_amount_subtract (merchant_gain, + merchant_gain, + &merchant_loss)) + { + /* refunds above deposits? Bad! */ + report_coin_inconsistency (coin_pub, + merchant_gain, + &merchant_loss, + "merchant was granted more refunds than he deposited"); + return GNUNET_SYSERR; + } + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Coin %s contributes %s to contract %s\n", + TALER_B2S (coin_pub), + TALER_amount2s (merchant_gain), + GNUNET_h2s (h_proposal_data)); + return GNUNET_OK; +} + + +/** + * Function called with the results of the lookup of the + * transaction data associated with a wire transfer identifier. + * + * @param cls a `struct WireCheckContext` + * @param rowid which row in the table is the information from (for diagnostics) + * @param merchant_pub public key of the merchant (should be same for all callbacks with the same @e cls) + * @param wire_method which wire plugin was used for the transfer? + * @param h_wire hash of wire transfer details of the merchant (should be same for all callbacks with the same @e cls) + * @param exec_time execution time of the wire transfer (should be same for all callbacks with the same @e cls) + * @param h_proposal_data which proposal was this payment about + * @param coin_pub which public key was this payment about + * @param coin_value amount contributed by this coin in total (with fee) + * @param coin_fee applicable fee for this coin + */ +static void +wire_transfer_information_cb (void *cls, + uint64_t rowid, + const struct TALER_MerchantPublicKeyP *merchant_pub, + const char *wire_method, + const struct GNUNET_HashCode *h_wire, + struct GNUNET_TIME_Absolute exec_time, + const struct GNUNET_HashCode *h_proposal_data, + const struct TALER_CoinSpendPublicKeyP *coin_pub, + const struct TALER_Amount *coin_value, + const struct TALER_Amount *coin_fee) +{ + struct WireCheckContext *wcc = cls; + const struct TALER_EXCHANGEDB_DenominationKeyInformationP *dki; + struct TALER_Amount contribution; + struct TALER_Amount computed_value; + struct TALER_Amount computed_fees; + struct TALER_Amount coin_value_without_fee; + struct TALER_EXCHANGEDB_TransactionList *tl; + const struct TALER_CoinPublicInfo *coin; + + /* Obtain coin's transaction history */ + tl = edb->get_coin_transactions (edb->cls, + esession, + coin_pub); + if (NULL == tl) + { + wcc->ok = GNUNET_SYSERR; + report_row_inconsistency ("aggregation", + rowid, + "no transaction history for coin claimed in aggregation"); + return; + } + + /* Obtain general denomination information about the coin */ + coin = NULL; + switch (tl->type) + { + case TALER_EXCHANGEDB_TT_DEPOSIT: + coin = &tl->details.deposit->coin; + break; + case TALER_EXCHANGEDB_TT_REFRESH_MELT: + coin = &tl->details.melt->coin; + break; + case TALER_EXCHANGEDB_TT_REFUND: + coin = &tl->details.refund->coin; + break; + } + GNUNET_assert (NULL != coin); /* hard check that switch worked */ + if (GNUNET_OK != + get_denomination_info (&coin->denom_pub, + &dki, + NULL)) + { + /* This should be impossible from database constraints */ + GNUNET_break (0); + edb->free_coin_transaction_list (edb->cls, + tl); + wcc->ok = GNUNET_SYSERR; + report_row_inconsistency ("aggregation", + rowid, + "could not find denomination key for coin claimed in aggregation"); + return; + } + + /* Check transaction history to see if it supports aggregate valuation */ + check_transaction_history (coin_pub, + h_proposal_data, + merchant_pub, + dki, + tl, + &computed_value, + &computed_fees); + if (GNUNET_SYSERR == + TALER_amount_subtract (&coin_value_without_fee, + coin_value, + coin_fee)) + { + wcc->ok = GNUNET_SYSERR; + report_row_inconsistency ("aggregation", + rowid, + "inconsistent coin value and fee claimed in aggregation"); + return; + } + if (0 != + TALER_amount_cmp (&computed_value, + &coin_value_without_fee)) + { + wcc->ok = GNUNET_SYSERR; + report_row_inconsistency ("aggregation", + rowid, + "coin transaction history and aggregation disagree about coin's contribution"); + } + if (0 != + TALER_amount_cmp (&computed_fees, + coin_fee)) + { + wcc->ok = GNUNET_SYSERR; + report_row_inconsistency ("aggregation", + rowid, + "coin transaction history and aggregation disagree about applicable fees"); + } + edb->free_coin_transaction_list (edb->cls, + tl); + + /* Check other details of wire transfer match */ + if (0 != strcmp (wire_method, + wcc->method)) + { + wcc->ok = GNUNET_SYSERR; + report_row_inconsistency ("aggregation", + rowid, + "wire method of aggregate do not match wire transfer"); + } + if (0 != memcmp (h_wire, + &wcc->h_wire, + sizeof (struct GNUNET_HashCode))) + { + wcc->ok = GNUNET_SYSERR; + report_row_inconsistency ("aggregation", + rowid, + "account details of aggregate do not match account details of wire transfer"); + return; + } + if (exec_time.abs_value_us != wcc->date.abs_value_us) + { + /* This should be impossible from database constraints */ + GNUNET_break (0); + wcc->ok = GNUNET_SYSERR; + report_row_inconsistency ("aggregation", + rowid, + "date given in aggregate does not match wire transfer date"); + return; + } + if (GNUNET_SYSERR == + TALER_amount_subtract (&contribution, + coin_value, + coin_fee)) + { + wcc->ok = GNUNET_SYSERR; + report_row_inconsistency ("aggregation", + rowid, + "could not calculate contribution of coin"); + return; + } + + /* Add coin's contribution to total aggregate value */ + GNUNET_assert (GNUNET_OK == + TALER_amount_add (&wcc->total_deposits, + &wcc->total_deposits, + &contribution)); +} + + +/** + * Check that a wire transfer made by the exchange is valid + * (has matching deposits). + * + * @param cls a `struct AggregationContext` + * @param rowid identifier of the respective row in the database + * @param date timestamp of the wire transfer (roughly) + * @param wtid wire transfer subject + * @param wire wire transfer details of the receiver + * @param amount amount that was wired + */ +static void +check_wire_out_cb (void *cls, + uint64_t rowid, + struct GNUNET_TIME_Absolute date, + const struct TALER_WireTransferIdentifierRawP *wtid, + const json_t *wire, + const struct TALER_Amount *amount) +{ + struct AggregationContext *ac = cls; + struct WireCheckContext wcc; + json_t *method; + struct TALER_WIRE_Plugin *plugin; + + /* should be monotonically increasing */ + GNUNET_assert (rowid >= pp.last_wire_out_serial_id); + pp.last_wire_out_serial_id = rowid + 1; + + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Checking wire transfer %s over %s performed on %s\n", + TALER_B2S (wtid), + TALER_amount2s (amount), + GNUNET_STRINGS_absolute_time_to_string (date)); + wcc.ac = ac; + method = json_object_get (wire, + "type"); + if ( (NULL == method) || + (! json_is_string (method)) ) + { + report_row_inconsistency ("wire_out", + rowid, + "specified wire address lacks type"); + return; + } + wcc.method = json_string_value (method); + wcc.ok = GNUNET_OK; + wcc.date = date; + TALER_amount_get_zero (amount->currency, + &wcc.total_deposits); + TALER_JSON_hash (wire, + &wcc.h_wire); + edb->lookup_wire_transfer (edb->cls, + esession, + wtid, + &wire_transfer_information_cb, + &wcc); + if (GNUNET_OK != wcc.ok) + { + report_row_inconsistency ("wire_out", + rowid, + "audit of associated transactions failed"); + } + plugin = get_wire_plugin (ac, + wcc.method); + if (NULL == plugin) + { + report_row_inconsistency ("wire_out", + rowid, + "could not load required wire plugin to validate"); + return; + } + if (GNUNET_SYSERR == + plugin->amount_round (plugin->cls, + &wcc.total_deposits)) + { + report_row_minor_inconsistency ("wire_out", + rowid, + "wire plugin failed to round given amount"); + } + if (0 != TALER_amount_cmp (amount, + &wcc.total_deposits)) + { + report_wire_out_inconsistency (wire, + rowid, + &wcc.total_deposits, + amount, + "computed amount inconsistent with wire amount"); + return; + } + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "Wire transfer %s is OK\n", + TALER_B2S (wtid)); +} + + +/** + * Analyze the exchange aggregator's payment processing. + * + * @param cls closure + * @param int #GNUNET_OK on success, #GNUNET_SYSERR on hard errors + */ +static int +analyze_aggregations (void *cls) +{ + struct AggregationContext ac; + struct WirePlugin *wc; + int ret; + + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Analyzing aggregations\n"); + ret = GNUNET_OK; + ac.wire_head = NULL; + ac.wire_tail = NULL; + if (GNUNET_SYSERR == + edb->select_wire_out_above_serial_id (edb->cls, + esession, + pp.last_wire_out_serial_id, + &check_wire_out_cb, + &ac)) + { + GNUNET_break (0); + ret = GNUNET_SYSERR; + } + while (NULL != (wc = ac.wire_head)) + { + GNUNET_CONTAINER_DLL_remove (ac.wire_head, + ac.wire_tail, + wc); + TALER_WIRE_plugin_unload (wc->plugin); + GNUNET_free (wc->type); + GNUNET_free (wc); + } + return ret; +} + + /* ************************* Analyze coins ******************** */ /* This logic checks that the exchange did the right thing for each coin, checking deposits, refunds, refresh* and known_coins @@ -1087,6 +1838,10 @@ init_denomination (const struct GNUNET_HashCode *denom_hash, if (GNUNET_OK == ret) { ds->in_db = GNUNET_YES; + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Starting balance for denomination `%s' is %s\n", + GNUNET_h2s (denom_hash), + TALER_amount2s (&ds->denom_balance)); return GNUNET_OK; } if (GNUNET_SYSERR == ret) @@ -1100,6 +1855,10 @@ init_denomination (const struct GNUNET_HashCode *denom_hash, GNUNET_assert (GNUNET_OK == TALER_amount_get_zero (currency, &ds->denom_risk)); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Starting balance for denomination `%s' is %s\n", + GNUNET_h2s (denom_hash), + TALER_amount2s (&ds->denom_balance)); return GNUNET_OK; } @@ -1204,6 +1963,10 @@ sync_denomination (void *cls, (0 != ds->denom_balance.fraction) ) ) { /* book denom_balance coin expiration profits! */ + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Denomination `%s' expired, booking %s in expiration profits\n", + GNUNET_h2s (denom_hash), + TALER_amount2s (&ds->denom_balance)); if (GNUNET_OK != adb->insert_historic_denom_revenue (adb->cls, asession, @@ -1221,6 +1984,10 @@ sync_denomination (void *cls, } else { + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "Final balance for denomination `%s' is %s\n", + GNUNET_h2s (denom_hash), + TALER_amount2s (&ds->denom_balance)); if (ds->in_db) ret = adb->update_denomination_balance (adb->cls, asession, @@ -1297,6 +2064,10 @@ withdraw_cb (void *cls, &dh); TALER_amount_ntoh (&value, &dki->properties.value); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Issued coin in denomination `%s' of total value %s\n", + GNUNET_h2s (&dh), + TALER_amount2s (&value)); if (GNUNET_OK != TALER_amount_add (&ds->denom_balance, &ds->denom_balance, @@ -1305,6 +2076,10 @@ withdraw_cb (void *cls, GNUNET_break (0); return GNUNET_SYSERR; } + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "New balance of denomination `%s' is %s\n", + GNUNET_h2s (&dh), + TALER_amount2s (&ds->denom_balance)); if (GNUNET_OK != TALER_amount_add (&cc->total_denom_balance, &cc->total_denom_balance, @@ -1381,6 +2156,11 @@ refresh_session_cb (void *cls, "invalid signature for coin melt"); return GNUNET_OK; } + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Melting coin %s in denomination `%s' of value %s\n", + TALER_B2S (coin_pub), + GNUNET_h2s (&dki->properties.denom_hash), + TALER_amount2s (amount_with_fee)); { struct TALER_DenominationPublicKey new_dp[num_newcoins]; @@ -1422,29 +2202,28 @@ refresh_session_cb (void *cls, if (err) return GNUNET_SYSERR; + /* calculate total refresh cost */ for (unsigned int i=0;i<num_newcoins;i++) { /* update cost of refresh */ + struct TALER_Amount fee; + struct TALER_Amount value; + + TALER_amount_ntoh (&fee, + &new_dki[i]->properties.fee_withdraw); + TALER_amount_ntoh (&value, + &new_dki[i]->properties.value); + if ( (GNUNET_OK != + TALER_amount_add (&refresh_cost, + &refresh_cost, + &fee)) || + (GNUNET_OK != + TALER_amount_add (&refresh_cost, + &refresh_cost, + &value)) ) { - struct TALER_Amount fee; - struct TALER_Amount value; - - TALER_amount_ntoh (&fee, - &new_dki[i]->properties.fee_withdraw); - TALER_amount_ntoh (&value, - &new_dki[i]->properties.value); - if ( (GNUNET_OK != - TALER_amount_add (&refresh_cost, - &refresh_cost, - &fee)) || - (GNUNET_OK != - TALER_amount_add (&refresh_cost, - &refresh_cost, - &value)) ) - { - GNUNET_break (0); - return GNUNET_SYSERR; - } + GNUNET_break (0); + return GNUNET_SYSERR; } } @@ -1486,6 +2265,10 @@ refresh_session_cb (void *cls, &new_dki[i]->properties.denom_hash); TALER_amount_ntoh (&value, &new_dki[i]->properties.value); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Created fresh coin in denomination `%s' of value %s\n", + GNUNET_h2s (&new_dki[i]->properties.denom_hash), + TALER_amount2s (&value)); if (GNUNET_OK != TALER_amount_add (&dsi->denom_balance, &dsi->denom_balance, @@ -1494,6 +2277,10 @@ refresh_session_cb (void *cls, GNUNET_break (0); return GNUNET_SYSERR; } + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "New balance of denomination `%s' is %s\n", + GNUNET_h2s (&new_dki[i]->properties.denom_hash), + TALER_amount2s (&dsi->denom_balance)); if (GNUNET_OK != TALER_amount_add (&cc->total_denom_balance, &cc->total_denom_balance, @@ -1509,7 +2296,7 @@ refresh_session_cb (void *cls, dso = get_denomination_summary (cc, dki, &dki->properties.denom_hash); - if (GNUNET_OK != + if (GNUNET_SYSERR == TALER_amount_subtract (&tmp, &dso->denom_balance, amount_with_fee)) @@ -1518,6 +2305,10 @@ refresh_session_cb (void *cls, return GNUNET_SYSERR; } dso->denom_balance = tmp; + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "New balance of denomination `%s' after melt is %s\n", + GNUNET_h2s (&dki->properties.denom_hash), + TALER_amount2s (&dso->denom_balance)); /* update global up melt fees */ { @@ -1623,12 +2414,17 @@ deposit_cb (void *cls, "invalid signature for coin deposit"); return GNUNET_OK; } + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Deposited coin %s in denomination `%s' of value %s\n", + TALER_B2S (coin_pub), + GNUNET_h2s (&dki->properties.denom_hash), + TALER_amount2s (amount_with_fee)); /* update old coin's denomination balance */ ds = get_denomination_summary (cc, dki, &dki->properties.denom_hash); - if (GNUNET_OK != + if (GNUNET_SYSERR == TALER_amount_subtract (&tmp, &ds->denom_balance, amount_with_fee)) @@ -1637,6 +2433,10 @@ deposit_cb (void *cls, return GNUNET_SYSERR; } ds->denom_balance = tmp; + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "New balance of denomination `%s' after deposit is %s\n", + GNUNET_h2s (&dki->properties.denom_hash), + TALER_amount2s (&ds->denom_balance)); /* update global up melt fees */ { @@ -1740,6 +2540,12 @@ refund_cb (void *cls, return GNUNET_OK; } + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Refunding coin %s in denomination `%s' value %s\n", + TALER_B2S (coin_pub), + GNUNET_h2s (&dki->properties.denom_hash), + TALER_amount2s (amount_with_fee)); + /* update coin's denomination balance */ ds = get_denomination_summary (cc, dki, @@ -1752,6 +2558,10 @@ refund_cb (void *cls, GNUNET_break (0); return GNUNET_SYSERR; } + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "New balance of denomination `%s' after refund is %s\n", + GNUNET_h2s (&dki->properties.denom_hash), + TALER_amount2s (&ds->denom_balance)); /* update total refund fee balance */ if (GNUNET_OK != @@ -1779,6 +2589,9 @@ analyze_coins (void *cls) struct CoinContext cc; int dret; + pp.last_reserve_out_serial_id = 0; // HACK! FIXME! + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Analyzing coins\n"); /* setup 'cc' */ cc.ret = GNUNET_OK; cc.denom_summaries = GNUNET_CONTAINER_multihashmap_create (256, @@ -1827,6 +2640,18 @@ analyze_coins (void *cls) return GNUNET_SYSERR; } + /* process refunds */ + if (GNUNET_SYSERR == + edb->select_refunds_above_serial_id (edb->cls, + esession, + pp.last_refund_serial_id, + &refund_cb, + &cc)) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + /* process refreshs */ if (GNUNET_SYSERR == edb->select_refreshs_above_serial_id (edb->cls, @@ -1851,18 +2676,6 @@ analyze_coins (void *cls) return GNUNET_SYSERR; } - /* process refunds */ - if (GNUNET_SYSERR == - edb->select_refunds_above_serial_id (edb->cls, - esession, - pp.last_refund_serial_id, - &refund_cb, - &cc)) - { - GNUNET_break (0); - return GNUNET_SYSERR; - } - /* sync 'cc' back to disk */ GNUNET_CONTAINER_multihashmap_iterate (cc.denom_summaries, &sync_denomination, @@ -1887,6 +2700,11 @@ analyze_coins (void *cls) &cc.melt_fee_balance, &cc.refund_fee_balance, &cc.risk); + report_denomination_balance (&cc.total_denom_balance, + &cc.risk, + &cc.deposit_fee_balance, + &cc.melt_fee_balance, + &cc.refund_fee_balance); if (GNUNET_OK != dret) { GNUNET_break (0); @@ -1897,641 +2715,6 @@ analyze_coins (void *cls) } -/* ************************* Analyze merchants ******************** */ -/* This logic checks that the aggregator did the right thing - paying each merchant what they were due (and on time). */ - - -/** - * Information we keep per loaded wire plugin. - */ -struct WirePlugin -{ - - /** - * Kept in a DLL. - */ - struct WirePlugin *next; - - /** - * Kept in a DLL. - */ - struct WirePlugin *prev; - - /** - * Name of the wire method. - */ - char *type; - - /** - * Handle to the wire plugin. - */ - struct TALER_WIRE_Plugin *plugin; - -}; - - -/** - * Closure for callbacks during #analyze_merchants(). - */ -struct AggregationContext -{ - - /** - * DLL of wire plugins encountered. - */ - struct WirePlugin *wire_head; - - /** - * DLL of wire plugins encountered. - */ - struct WirePlugin *wire_tail; - -}; - - -/** - * Find the relevant wire plugin. - * - * @param ac context to search - * @param type type of the wire plugin to load - * @return NULL on error - */ -static struct TALER_WIRE_Plugin * -get_wire_plugin (struct AggregationContext *ac, - const char *type) -{ - struct WirePlugin *wp; - struct TALER_WIRE_Plugin *plugin; - - for (wp = ac->wire_head; NULL != wp; wp = wp->next) - if (0 == strcmp (type, - wp->type)) - return wp->plugin; - plugin = TALER_WIRE_plugin_load (cfg, - type); - if (NULL == plugin) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Failed to locate wire plugin for `%s'\n", - type); - return NULL; - } - wp = GNUNET_new (struct WirePlugin); - wp->type = GNUNET_strdup (type); - wp->plugin = plugin; - GNUNET_CONTAINER_DLL_insert (ac->wire_head, - ac->wire_tail, - wp); - return plugin; -} - - -/** - * Closure for #wire_transfer_information_cb. - */ -struct WireCheckContext -{ - - /** - * Corresponding merchant context. - */ - struct AggregationContext *ac; - - /** - * Total deposits claimed by all transactions that were aggregated - * under the given @e wtid. - */ - struct TALER_Amount total_deposits; - - /** - * Hash of the wire transfer details of the receiver. - */ - struct GNUNET_HashCode h_wire; - - /** - * Execution time of the wire transfer. - */ - struct GNUNET_TIME_Absolute date; - - /** - * Wire method used for the transfer. - */ - const char *method; - - /** - * Set to #GNUNET_SYSERR if there are inconsistencies. - */ - int ok; - -}; - - -/** - * Check coin's transaction history for plausibility. Does NOT check - * the signatures (those are checked independently), but does calculate - * the amounts for the aggregation table and checks that the total - * claimed coin value is within the value of the coin's denomination. - * - * @param coin_pub public key of the coin (for reporting) - * @param h_proposal_data hash of the proposal for which we calculate the amount - * @param merchant_pub public key of the merchant (who is allowed to issue refunds) - * @param dki denomination information about the coin - * @param tl_head head of transaction history to verify - * @param[out] merchant_gain amount the coin contributes to the wire transfer to the merchant - * @param[out] merchant_fees fees the exchange charged the merchant for the transaction(s) - * @return #GNUNET_OK on success, #GNUNET_SYSERR on error - */ -static int -check_transaction_history (const struct TALER_CoinSpendPublicKeyP *coin_pub, - const struct GNUNET_HashCode *h_proposal_data, - const struct TALER_MerchantPublicKeyP *merchant_pub, - const struct TALER_EXCHANGEDB_DenominationKeyInformationP *dki, - const struct TALER_EXCHANGEDB_TransactionList *tl_head, - struct TALER_Amount *merchant_gain, - struct TALER_Amount *merchant_fees) -{ - struct TALER_Amount expenditures; - struct TALER_Amount refunds; - struct TALER_Amount spent; - struct TALER_Amount value; - struct TALER_Amount merchant_loss; - - GNUNET_assert (NULL != tl_head); - TALER_amount_get_zero (currency, - &expenditures); - TALER_amount_get_zero (currency, - &refunds); - TALER_amount_get_zero (currency, - merchant_gain); - TALER_amount_get_zero (currency, - merchant_fees); - TALER_amount_get_zero (currency, - &merchant_loss); - /* Go over transaction history to compute totals; note that we do not - know the order, so instead of subtracting we compute positive - (deposit, melt) and negative (refund) values separately here, - and then subtract the negative from the positive after the loop. */ - for (const struct TALER_EXCHANGEDB_TransactionList *tl = tl_head;NULL != tl;tl = tl->next) - { - const struct TALER_Amount *amount_with_fee; - const struct TALER_Amount *fee; - const struct TALER_AmountNBO *fee_dki; - struct TALER_Amount tmp; - - // FIXME: - // - for refunds/deposits that apply to this merchant and this contract - // we need to update the total expenditures/refunds/fees - // - for all other operations, we need to update the per-coin totals - // and at the end check that they do not exceed the value of the coin! - switch (tl->type) { - case TALER_EXCHANGEDB_TT_DEPOSIT: - amount_with_fee = &tl->details.deposit->amount_with_fee; - fee = &tl->details.deposit->deposit_fee; - fee_dki = &dki->properties.fee_deposit; - if (GNUNET_OK != - TALER_amount_add (&expenditures, - &expenditures, - amount_with_fee)) - { - GNUNET_break (0); - return GNUNET_SYSERR; - } - /* Check if this deposit is within the remit of the aggregation - we are investigating, if so, include it in the totals. */ - if ( (0 == memcmp (merchant_pub, - &tl->details.deposit->merchant_pub, - sizeof (struct TALER_MerchantPublicKeyP))) && - (0 == memcmp (h_proposal_data, - &tl->details.deposit->h_proposal_data, - sizeof (struct GNUNET_HashCode))) ) - { - struct TALER_Amount amount_without_fee; - - if (GNUNET_OK != - TALER_amount_subtract (&amount_without_fee, - amount_with_fee, - fee)) - { - GNUNET_break (0); - return GNUNET_SYSERR; - } - if (GNUNET_OK != - TALER_amount_add (merchant_gain, - merchant_gain, - &amount_without_fee)) - { - GNUNET_break (0); - return GNUNET_SYSERR; - } - if (GNUNET_OK != - TALER_amount_add (merchant_fees, - merchant_fees, - fee)) - { - GNUNET_break (0); - return GNUNET_SYSERR; - } - } - break; - case TALER_EXCHANGEDB_TT_REFRESH_MELT: - amount_with_fee = &tl->details.melt->amount_with_fee; - fee = &tl->details.melt->melt_fee; - fee_dki = &dki->properties.fee_refresh; - if (GNUNET_OK != - TALER_amount_add (&expenditures, - &expenditures, - amount_with_fee)) - { - GNUNET_break (0); - return GNUNET_SYSERR; - } - break; - case TALER_EXCHANGEDB_TT_REFUND: - amount_with_fee = &tl->details.refund->refund_amount; - fee = &tl->details.refund->refund_fee; - fee_dki = &dki->properties.fee_refund; - if (GNUNET_OK != - TALER_amount_add (&refunds, - &refunds, - amount_with_fee)) - { - GNUNET_break (0); - return GNUNET_SYSERR; - } - if (GNUNET_OK != - TALER_amount_add (&expenditures, - &expenditures, - fee)) - { - GNUNET_break (0); - return GNUNET_SYSERR; - } - /* Check if this refund is within the remit of the aggregation - we are investigating, if so, include it in the totals. */ - if ( (0 == memcmp (merchant_pub, - &tl->details.refund->merchant_pub, - sizeof (struct TALER_MerchantPublicKeyP))) && - (0 == memcmp (h_proposal_data, - &tl->details.refund->h_proposal_data, - sizeof (struct GNUNET_HashCode))) ) - { - if (GNUNET_OK != - TALER_amount_add (&merchant_loss, - &merchant_loss, - amount_with_fee)) - { - GNUNET_break (0); - return GNUNET_SYSERR; - } - if (GNUNET_OK != - TALER_amount_add (merchant_fees, - merchant_fees, - fee)) - { - GNUNET_break (0); - return GNUNET_SYSERR; - } - } - break; - } - - /* Check that the fees given in the transaction list and in dki match */ - TALER_amount_ntoh (&tmp, - fee_dki); - if (0 != - TALER_amount_cmp (&tmp, - fee)) - { - /* Disagreement in fee structure within DB, should be impossible! */ - GNUNET_break (0); - return GNUNET_SYSERR; - } - } /* for 'tl' */ - - /* Calculate total balance change, i.e. expenditures minus refunds */ - if (GNUNET_SYSERR == - TALER_amount_subtract (&spent, - &expenditures, - &refunds)) - { - /* refunds above expenditures? Bad! */ - report_coin_inconsistency (coin_pub, - &expenditures, - &refunds, - "could not subtract refunded amount from expenditures"); - return GNUNET_SYSERR; - } - - /* Now check that 'spent' is less or equal than total coin value */ - TALER_amount_ntoh (&value, - &dki->properties.value); - if (1 == TALER_amount_cmp (&spent, - &value)) - { - /* spent > value */ - report_coin_inconsistency (coin_pub, - &spent, - &value, - "accepted deposits (minus refunds) exceeds denomination value"); - return GNUNET_SYSERR; - } - - /* Finally, update @a merchant_gain by subtracting what he "lost" from refunds */ - if (GNUNET_SYSERR == - TALER_amount_subtract (merchant_gain, - merchant_gain, - &merchant_loss)) - { - /* refunds above deposits? Bad! */ - report_coin_inconsistency (coin_pub, - merchant_gain, - &merchant_loss, - "merchant was granted more refunds than he deposited"); - return GNUNET_SYSERR; - } - return GNUNET_OK; -} - - -/** - * Function called with the results of the lookup of the - * transaction data associated with a wire transfer identifier. - * - * @param cls a `struct WireCheckContext` - * @param rowid which row in the table is the information from (for diagnostics) - * @param merchant_pub public key of the merchant (should be same for all callbacks with the same @e cls) - * @param wire_method which wire plugin was used for the transfer? - * @param h_wire hash of wire transfer details of the merchant (should be same for all callbacks with the same @e cls) - * @param exec_time execution time of the wire transfer (should be same for all callbacks with the same @e cls) - * @param h_proposal_data which proposal was this payment about - * @param coin_pub which public key was this payment about - * @param coin_value amount contributed by this coin in total (with fee) - * @param coin_fee applicable fee for this coin - */ -static void -wire_transfer_information_cb (void *cls, - uint64_t rowid, - const struct TALER_MerchantPublicKeyP *merchant_pub, - const char *wire_method, - const struct GNUNET_HashCode *h_wire, - struct GNUNET_TIME_Absolute exec_time, - const struct GNUNET_HashCode *h_proposal_data, - const struct TALER_CoinSpendPublicKeyP *coin_pub, - const struct TALER_Amount *coin_value, - const struct TALER_Amount *coin_fee) -{ - struct WireCheckContext *wcc = cls; - const struct TALER_EXCHANGEDB_DenominationKeyInformationP *dki; - struct TALER_Amount contribution; - struct TALER_Amount computed_value; - struct TALER_Amount computed_fees; - struct TALER_EXCHANGEDB_TransactionList *tl; - const struct TALER_CoinPublicInfo *coin; - - /* Obtain coin's transaction history */ - tl = edb->get_coin_transactions (edb->cls, - esession, - coin_pub); - if (NULL == tl) - { - wcc->ok = GNUNET_SYSERR; - report_row_inconsistency ("aggregation", - rowid, - "no transaction history for coin claimed in aggregation"); - return; - } - - /* Obtain general denomination information about the coin */ - coin = NULL; - switch (tl->type) - { - case TALER_EXCHANGEDB_TT_DEPOSIT: - coin = &tl->details.deposit->coin; - break; - case TALER_EXCHANGEDB_TT_REFRESH_MELT: - coin = &tl->details.melt->coin; - break; - case TALER_EXCHANGEDB_TT_REFUND: - coin = &tl->details.refund->coin; - break; - } - GNUNET_assert (NULL != coin); /* hard check that switch worked */ - if (GNUNET_OK != - get_denomination_info (&coin->denom_pub, - &dki, - NULL)) - { - /* This should be impossible from database constraints */ - GNUNET_break (0); - edb->free_coin_transaction_list (edb->cls, - tl); - wcc->ok = GNUNET_SYSERR; - report_row_inconsistency ("aggregation", - rowid, - "could not find denomination key for coin claimed in aggregation"); - return; - } - - /* Check transaction history to see if it supports aggregate valuation */ - check_transaction_history (coin_pub, - h_proposal_data, - merchant_pub, - dki, - tl, - &computed_value, - &computed_fees); - if (0 != - TALER_amount_cmp (&computed_value, - coin_value)) - { - wcc->ok = GNUNET_SYSERR; - report_row_inconsistency ("aggregation", - rowid, - "coin transaction history and aggregation disagree about coin's contribution"); - } - if (0 != - TALER_amount_cmp (&computed_fees, - coin_fee)) - { - wcc->ok = GNUNET_SYSERR; - report_row_inconsistency ("aggregation", - rowid, - "coin transaction history and aggregation disagree about applicable fees"); - } - edb->free_coin_transaction_list (edb->cls, - tl); - - /* Check other details of wire transfer match */ - if (0 != strcmp (wire_method, - wcc->method)) - { - wcc->ok = GNUNET_SYSERR; - report_row_inconsistency ("aggregation", - rowid, - "wire method of aggregate do not match wire transfer"); - } - if (0 != memcmp (h_wire, - &wcc->h_wire, - sizeof (struct GNUNET_HashCode))) - { - wcc->ok = GNUNET_SYSERR; - report_row_inconsistency ("aggregation", - rowid, - "account details of aggregate do not match account details of wire transfer"); - return; - } - if (exec_time.abs_value_us != wcc->date.abs_value_us) - { - /* This should be impossible from database constraints */ - GNUNET_break (0); - wcc->ok = GNUNET_SYSERR; - report_row_inconsistency ("aggregation", - rowid, - "date given in aggregate does not match wire transfer date"); - return; - } - if (GNUNET_SYSERR == - TALER_amount_subtract (&contribution, - coin_value, - coin_fee)) - { - wcc->ok = GNUNET_SYSERR; - report_row_inconsistency ("aggregation", - rowid, - "could not calculate contribution of coin"); - return; - } - - /* Add coin's contribution to total aggregate value */ - GNUNET_assert (GNUNET_OK == - TALER_amount_add (&wcc->total_deposits, - &wcc->total_deposits, - &contribution)); -} - - -/** - * Check that a wire transfer made by the exchange is valid - * (has matching deposits). - * - * @param cls a `struct AggregationContext` - * @param rowid identifier of the respective row in the database - * @param date timestamp of the wire transfer (roughly) - * @param wtid wire transfer subject - * @param wire wire transfer details of the receiver - * @param amount amount that was wired - */ -static void -check_wire_out_cb (void *cls, - uint64_t rowid, - struct GNUNET_TIME_Absolute date, - const struct TALER_WireTransferIdentifierRawP *wtid, - const json_t *wire, - const struct TALER_Amount *amount) -{ - struct AggregationContext *ac = cls; - struct WireCheckContext wcc; - json_t *method; - struct TALER_WIRE_Plugin *plugin; - - wcc.ac = ac; - method = json_object_get (wire, - "type"); - if ( (NULL == method) || - (! json_is_string (method)) ) - { - report_row_inconsistency ("wire_out", - rowid, - "specified wire address lacks type"); - return; - } - wcc.method = json_string_value (method); - wcc.ok = GNUNET_OK; - wcc.date = date; - TALER_amount_get_zero (amount->currency, - &wcc.total_deposits); - TALER_JSON_hash (wire, - &wcc.h_wire); - edb->lookup_wire_transfer (edb->cls, - esession, - wtid, - &wire_transfer_information_cb, - &wcc); - if (GNUNET_OK != wcc.ok) - { - report_row_inconsistency ("wire_out", - rowid, - "audit of associated transactions failed"); - } - plugin = get_wire_plugin (ac, - wcc.method); - if (NULL == plugin) - { - report_row_inconsistency ("wire_out", - rowid, - "could not load required wire plugin to validate"); - return; - } - if (GNUNET_SYSERR == - plugin->amount_round (plugin->cls, - &wcc.total_deposits)) - { - report_row_minor_inconsistency ("wire_out", - rowid, - "wire plugin failed to round given amount"); - } - if (0 != TALER_amount_cmp (amount, - &wcc.total_deposits)) - { - report_wire_out_inconsistency (wire, - rowid, - &wcc.total_deposits, - amount, - "computed amount inconsistent with wire amount"); - } -} - - -/** - * Analyze the exchange aggregator's payment processing. - * - * @param cls closure - * @param int #GNUNET_OK on success, #GNUNET_SYSERR on hard errors - */ -static int -analyze_aggregations (void *cls) -{ - struct AggregationContext ac; - struct WirePlugin *wc; - int ret; - - ret = GNUNET_OK; - ac.wire_head = NULL; - ac.wire_tail = NULL; - if (GNUNET_SYSERR == - edb->select_wire_out_above_serial_id (edb->cls, - esession, - pp.last_wire_out_serial_id, - &check_wire_out_cb, - &ac)) - { - GNUNET_break (0); - ret = GNUNET_SYSERR; - } - while (NULL != (wc = ac.wire_head)) - { - GNUNET_CONTAINER_DLL_remove (ac.wire_head, - ac.wire_tail, - wc); - TALER_WIRE_plugin_unload (wc->plugin); - GNUNET_free (wc->type); - GNUNET_free (wc); - } - return ret; -} - - /* *************************** General transaction logic ****************** */ /** @@ -2559,28 +2742,18 @@ incremental_processing (Analysis analysis, void *analysis_cls) { int ret; + int have_pp; - if (! restart) - { - ret = adb->get_auditor_progress (adb->cls, - asession, - &master_pub, - &pp); - } - else - { - ret = GNUNET_NO; - GNUNET_break (GNUNET_OK == - adb->drop_tables (adb->cls)); - GNUNET_break (GNUNET_OK == - adb->create_tables (adb->cls)); - } - if (GNUNET_SYSERR == ret) + have_pp = adb->get_auditor_progress (adb->cls, + asession, + &master_pub, + &pp); + if (GNUNET_SYSERR == have_pp) { GNUNET_break (0); return GNUNET_SYSERR; } - if (GNUNET_NO == ret) + if (GNUNET_NO == have_pp) { GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, _("First analysis using this auditor, starting audit from scratch\n")); @@ -2588,7 +2761,7 @@ incremental_processing (Analysis analysis, else { GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, - _("Resuming audit at %llu/%llu/%llu/%llu/%llu/%llu\n\n"), + _("Resuming audit at %llu/%llu/%llu/%llu/%llu/%llu\n"), (unsigned long long) pp.last_reserve_in_serial_id, (unsigned long long) pp.last_reserve_out_serial_id, (unsigned long long) pp.last_deposit_serial_id, @@ -2603,17 +2776,23 @@ incremental_processing (Analysis analysis, "Analysis phase failed, not recording progress\n"); return GNUNET_SYSERR; } - ret = adb->update_auditor_progress (adb->cls, - asession, - &master_pub, - &pp); + if (GNUNET_YES == have_pp) + ret = adb->update_auditor_progress (adb->cls, + asession, + &master_pub, + &pp); + else + ret = adb->insert_auditor_progress (adb->cls, + asession, + &master_pub, + &pp); if (GNUNET_OK != ret) { GNUNET_break (0); return GNUNET_SYSERR; } GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE, - _("Resuming audit at %llu/%llu/%llu/%llu/%llu/%llu\n\n"), + _("Concluded audit step at %llu/%llu/%llu/%llu/%llu/%llu\n\n"), (unsigned long long) pp.last_reserve_in_serial_id, (unsigned long long) pp.last_reserve_out_serial_id, (unsigned long long) pp.last_deposit_serial_id, @@ -2717,10 +2896,10 @@ setup_sessions_and_run () transact (&analyze_reserves, NULL); - transact (&analyze_coins, - NULL); transact (&analyze_aggregations, NULL); + transact (&analyze_coins, + NULL); } @@ -2738,6 +2917,8 @@ run (void *cls, const char *cfgfile, const struct GNUNET_CONFIGURATION_Handle *c) { + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Launching auditor\n"); cfg = c; if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_string (cfg, @@ -2768,7 +2949,31 @@ run (void *cls, TALER_EXCHANGEDB_plugin_unload (edb); return; } + if (restart) + { + GNUNET_log (GNUNET_ERROR_TYPE_WARNING, + "Full audit restart requested, dropping old audit data.\n"); + GNUNET_break (GNUNET_OK == + adb->drop_tables (adb->cls)); + TALER_AUDITORDB_plugin_unload (adb); + if (NULL == + (adb = TALER_AUDITORDB_plugin_load (cfg))) + { + fprintf (stderr, + "Failed to initialize auditor database plugin after drop.\n"); + global_ret = 1; + TALER_EXCHANGEDB_plugin_unload (edb); + return; + } + GNUNET_break (GNUNET_OK == + adb->create_tables (adb->cls)); + } + + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Starting audit\n"); setup_sessions_and_run (); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Audit complete\n"); TALER_AUDITORDB_plugin_unload (adb); TALER_EXCHANGEDB_plugin_unload (edb); } |