aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2024-08-07 00:06:09 +0200
committerChristian Grothoff <christian@grothoff.org>2024-08-07 00:06:09 +0200
commit93c5ae8e9e3497b16ff52c50bb9d3cd3cc4d35d6 (patch)
treedd3303426e010466e675dcd14dc874494fe74935 /src
parentd2babb0ff1118c39ccf153523ad8ccb0f4f45d1b (diff)
major async transformation for skip-check AML program helper execution; breaks p2p tests (reserve not found); not sure why
Diffstat (limited to 'src')
-rw-r--r--src/exchange/Makefile.am3
-rw-r--r--src/exchange/taler-exchange-httpd.c12
-rw-r--r--src/exchange/taler-exchange-httpd_age-withdraw.c1571
-rw-r--r--src/exchange/taler-exchange-httpd_age-withdraw.h14
-rw-r--r--src/exchange/taler-exchange-httpd_batch-withdraw.c1024
-rw-r--r--src/exchange/taler-exchange-httpd_batch-withdraw.h6
-rw-r--r--src/exchange/taler-exchange-httpd_common_kyc.c500
-rw-r--r--src/exchange/taler-exchange-httpd_common_kyc.h74
-rw-r--r--src/exchange/taler-exchange-httpd_kyc-wallet.c267
-rw-r--r--src/exchange/taler-exchange-httpd_kyc-wallet.h7
-rw-r--r--src/exchange/taler-exchange-httpd_purses_create.c3
-rw-r--r--src/exchange/taler-exchange-httpd_purses_create.h4
-rw-r--r--src/exchange/taler-exchange-httpd_purses_deposit.c3
-rw-r--r--src/exchange/taler-exchange-httpd_purses_deposit.h4
-rw-r--r--src/exchange/taler-exchange-httpd_purses_merge.c650
-rw-r--r--src/exchange/taler-exchange-httpd_purses_merge.h16
-rw-r--r--src/exchange/taler-exchange-httpd_reserves_close.c396
-rw-r--r--src/exchange/taler-exchange-httpd_reserves_close.h13
-rw-r--r--src/exchange/taler-exchange-httpd_reserves_purse.c684
-rw-r--r--src/exchange/taler-exchange-httpd_reserves_purse.h7
-rw-r--r--src/exchangedb/pg_select_reserve_close_info.c15
-rw-r--r--src/include/taler_kyclogic_lib.h38
-rw-r--r--src/kyclogic/kyclogic_api.c49
23 files changed, 3482 insertions, 1878 deletions
diff --git a/src/exchange/Makefile.am b/src/exchange/Makefile.am
index 9edbbc914..ee85bab1f 100644
--- a/src/exchange/Makefile.am
+++ b/src/exchange/Makefile.am
@@ -188,8 +188,7 @@ taler_exchange_httpd_SOURCES = \
taler-exchange-httpd_responses.c taler-exchange-httpd_responses.h \
taler-exchange-httpd_spa.c taler-exchange-httpd_spa.h \
taler-exchange-httpd_terms.c taler-exchange-httpd_terms.h \
- taler-exchange-httpd_transfers_get.c taler-exchange-httpd_transfers_get.h \
- taler-exchange-httpd_withdraw.c taler-exchange-httpd_withdraw.h
+ taler-exchange-httpd_transfers_get.c taler-exchange-httpd_transfers_get.h
taler_exchange_httpd_LDADD = \
diff --git a/src/exchange/taler-exchange-httpd.c b/src/exchange/taler-exchange-httpd.c
index bec6cc87b..b04a56429 100644
--- a/src/exchange/taler-exchange-httpd.c
+++ b/src/exchange/taler-exchange-httpd.c
@@ -877,13 +877,13 @@ handle_get_reserves (struct TEH_RequestContext *rc,
/**
* Signature of functions that handle operations on purses.
*
- * @param connection HTTP request handle
+ * @param rc request handle
* @param purse_pub the public key of the purse
* @param root uploaded JSON data
* @return MHD result code
*/
typedef MHD_RESULT
-(*PurseOpHandler)(struct MHD_Connection *connection,
+(*PurseOpHandler)(struct TEH_RequestContext *rc,
const struct TALER_PurseContractPublicKeyP *purse_pub,
const json_t *root);
@@ -949,7 +949,7 @@ handle_post_purses (struct TEH_RequestContext *rc,
for (unsigned int i = 0; NULL != h[i].op; i++)
if (0 == strcmp (h[i].op,
args[1]))
- return h[i].handler (rc->connection,
+ return h[i].handler (rc,
&purse_pub,
root);
return r404 (rc->connection,
@@ -2570,6 +2570,12 @@ do_shutdown (void *cls)
mhd = TALER_MHD_daemon_stop ();
TEH_resume_keys_requests (true);
+ TEH_age_withdraw_cleanup ();
+ TEH_batch_withdraw_cleanup ();
+ TEH_reserves_close_cleanup ();
+ TEH_reserves_purse_cleanup ();
+ TEH_purses_merge_cleanup ();
+ TEH_kyc_wallet_cleanup ();
TEH_kyc_upload_cleanup ();
TEH_deposits_get_cleanup ();
TEH_reserves_get_cleanup ();
diff --git a/src/exchange/taler-exchange-httpd_age-withdraw.c b/src/exchange/taler-exchange-httpd_age-withdraw.c
index dba4b9bef..1d692a2d7 100644
--- a/src/exchange/taler-exchange-httpd_age-withdraw.c
+++ b/src/exchange/taler-exchange-httpd_age-withdraw.c
@@ -20,6 +20,7 @@
* @file taler-exchange-httpd_age-withdraw.c
* @brief Handle /reserves/$RESERVE_PUB/age-withdraw requests
* @author Özgür Kesim
+ * @author Christian Grothoff
*/
#include "platform.h"
#include <gnunet/gnunet_common.h>
@@ -33,7 +34,7 @@
#include "taler_kyclogic_lib.h"
#include "taler_mhd_lib.h"
#include "taler-exchange-httpd_age-withdraw.h"
-#include "taler-exchange-httpd_withdraw.h"
+#include "taler-exchange-httpd_common_kyc.h"
#include "taler-exchange-httpd_responses.h"
#include "taler-exchange-httpd_keys.h"
#include "taler_util.h"
@@ -44,6 +45,37 @@
*/
struct AgeWithdrawContext
{
+
+ /**
+ * Kept in a DLL.
+ */
+ struct AgeWithdrawContext *next;
+
+ /**
+ * Kept in a DLL.
+ */
+ struct AgeWithdrawContext *prev;
+
+ /**
+ * Handle for the legitimization check.
+ */
+ struct TEH_LegitimizationCheckHandle *lch;
+
+ /**
+ * request context
+ */
+ const struct TEH_RequestContext *rc;
+
+ /**
+ * Response to return, if set.
+ */
+ struct MHD_Response *response;
+
+ /**
+ * Public key of the reserve.
+ */
+ struct TALER_ReservePublicKeyP reserve_pub;
+
/**
* KYC status for the operation.
*/
@@ -56,6 +88,11 @@ struct AgeWithdrawContext
struct TALER_PaytoHashP h_payto;
/**
+ * value the client committed to
+ */
+ struct TALER_AgeWithdrawCommitmentHashP ach;
+
+ /**
* Timestamp
*/
struct GNUNET_TIME_Timestamp now;
@@ -66,9 +103,14 @@ struct AgeWithdrawContext
struct TALER_EXCHANGEDB_AgeWithdraw commitment;
/**
+ * HTTP status to return with @e response, or 0.
+ */
+ unsigned int http_status;
+
+ /**
* Number of coins/denonations in the reveal
*/
- uint32_t num_coins;
+ unsigned int num_coins;
/**
* #num_coins * #kappa hashes of blinded coin planchets.
@@ -81,465 +123,67 @@ struct AgeWithdrawContext
*/
struct TALER_DenominationHashP *denom_hs;
-};
-
-/*
- * @brief Free the resources within a AgeWithdrawContext
- *
- * @param awc the context to free
- */
-static void
-free_age_withdraw_context_resources (struct AgeWithdrawContext *awc)
-{
- GNUNET_free (awc->denom_hs);
- for (unsigned int i = 0; i<awc->num_coins; i++)
- {
- for (unsigned int kappa = 0; kappa<TALER_CNC_KAPPA; kappa++)
- {
- TALER_blinded_planchet_free (&awc->coin_evs[i][kappa]);
- }
- }
- GNUNET_free (awc->coin_evs);
- GNUNET_free (awc->commitment.denom_serials);
- /*
- * Note:
- * awc->commitment.denom_sigs and .h_coin_evs were stack allocated and
- * .denom_pub_hashes is NULL for this context.
+ /**
+ * Current processing phase we are in.
*/
-}
-
-
-/**
- * Parse the denominations and blinded coin data of an '/age-withdraw' request.
- *
- * @param connection The MHD connection to handle
- * @param j_denom_hs Array of n hashes of the denominations for the withdrawal, in JSON format
- * @param j_blinded_coin_evs Array of n arrays of kappa blinded envelopes of in JSON format for the coins.
- * @param[out] awc The context of the operation, only partially built at call time
- * @param[out] mhd_ret The result if a reply is queued for MHD
- * @return true on success, false on failure, with a reply already queued for MHD
- */
-static enum GNUNET_GenericReturnValue
-parse_age_withdraw_json (
- struct MHD_Connection *connection,
- const json_t *j_denom_hs,
- const json_t *j_blinded_coin_evs,
- struct AgeWithdrawContext *awc,
- MHD_RESULT *mhd_ret)
-{
- char buf[256] = {0};
- const char *error = NULL;
- unsigned int idx = 0;
- json_t *value = NULL;
- struct GNUNET_HashContext *hash_context;
-
-
- /* The age value MUST be on the beginning of an age group */
- if (awc->commitment.max_age !=
- TALER_get_lowest_age (&TEH_age_restriction_config.mask,
- awc->commitment.max_age))
+ enum
{
- error = "max_age must be the lower edge of an age group";
- goto EXIT;
- }
-
- /* Verify JSON-structure consistency */
- {
- uint32_t num_coins = json_array_size (j_denom_hs);
-
- if (! json_is_array (j_denom_hs))
- error = "denoms_h must be an array";
- else if (! json_is_array (j_blinded_coin_evs))
- error = "coin_evs must be an array";
- else if (num_coins == 0)
- error = "denoms_h must not be empty";
- else if (num_coins != json_array_size (j_blinded_coin_evs))
- error = "denoms_h and coins_evs must be arrays of the same size";
- else if (num_coins > TALER_MAX_FRESH_COINS)
- /**
- * The wallet had committed to more than the maximum coins allowed, the
- * reserve has been charged, but now the user can not withdraw any money
- * from it. Note that the user can't get their money back in this case!
- **/
- error = "maximum number of coins that can be withdrawn has been exceeded";
-
- _Static_assert ((TALER_MAX_FRESH_COINS < INT_MAX / TALER_CNC_KAPPA),
- "TALER_MAX_FRESH_COINS too large");
-
- if (NULL != error)
- goto EXIT;
-
- awc->num_coins = num_coins;
- awc->commitment.num_coins = num_coins;
- }
+ AWC_PHASE_CHECK_KEYS = 1,
+ AWC_PHASE_CHECK_RESERVE_SIGNATURE,
+ AWC_PHASE_RUN_LEGI_CHECK,
+ AWC_PHASE_SUSPENDED,
+ AWC_PHASE_CHECK_KYC_RESULT,
+ AWC_PHASE_PREPARE_TRANSACTION,
+ AWC_PHASE_RUN_TRANSACTION,
+ AWC_PHASE_GENERATE_REPLY_SUCCESS,
+ AWC_PHASE_GENERATE_REPLY_FAILURE,
+ AWC_PHASE_RETURN_YES,
+ AWC_PHASE_RETURN_NO
+ } phase;
- /* Continue parsing the parts */
-
- /* Parse denomination keys */
- awc->denom_hs = GNUNET_new_array (awc->num_coins,
- struct TALER_DenominationHashP);
-
- json_array_foreach (j_denom_hs, idx, value) {
- struct GNUNET_JSON_Specification spec[] = {
- GNUNET_JSON_spec_fixed_auto (NULL, &awc->denom_hs[idx]),
- GNUNET_JSON_spec_end ()
- };
-
- if (GNUNET_OK !=
- GNUNET_JSON_parse (value, spec, NULL, NULL))
- {
- GNUNET_snprintf (buf,
- sizeof(buf),
- "couldn't parse entry no. %d in array denoms_h",
- idx + 1);
- error = buf;
- goto EXIT;
- }
- };
-
- {
- typedef struct TALER_BlindedPlanchet
- _array_of_kappa_planchets[TALER_CNC_KAPPA];
-
- awc->coin_evs = GNUNET_new_array (awc->num_coins,
- _array_of_kappa_planchets);
- }
-
- hash_context = GNUNET_CRYPTO_hash_context_start ();
- GNUNET_assert (NULL != hash_context);
-
- /* Parse blinded envelopes. */
- json_array_foreach (j_blinded_coin_evs, idx, value) {
- const json_t *j_kappa_coin_evs = value;
-
- if (! json_is_array (j_kappa_coin_evs))
- {
- GNUNET_snprintf (buf,
- sizeof(buf),
- "enxtry %d in array blinded_coin_evs is not an array",
- idx + 1);
- error = buf;
- goto EXIT;
- }
- else if (TALER_CNC_KAPPA != json_array_size (j_kappa_coin_evs))
- {
- GNUNET_snprintf (buf,
- sizeof(buf),
- "array no. %d in coin_evs not of correct size",
- idx + 1);
- error = buf;
- goto EXIT;
- }
-
- /* Now parse the individual kappa envelopes and calculate the hash of
- * the commitment along the way. */
- {
- unsigned int kappa = 0;
-
- json_array_foreach (j_kappa_coin_evs, kappa, value) {
- struct GNUNET_JSON_Specification spec[] = {
- TALER_JSON_spec_blinded_planchet (NULL,
- &awc->coin_evs[idx][kappa]),
- GNUNET_JSON_spec_end ()
- };
-
- if (GNUNET_OK !=
- GNUNET_JSON_parse (value,
- spec,
- NULL,
- NULL))
- {
- GNUNET_snprintf (buf,
- sizeof(buf),
- "couldn't parse array no. %d in blinded_coin_evs[%d]",
- kappa + 1,
- idx + 1);
- error = buf;
- goto EXIT;
- }
-
- /* Continue to hash of the coin candidates */
- {
- struct TALER_BlindedCoinHashP bch;
-
- TALER_coin_ev_hash (&awc->coin_evs[idx][kappa],
- &awc->denom_hs[idx],
- &bch);
- GNUNET_CRYPTO_hash_context_read (hash_context,
- &bch,
- sizeof(bch));
- }
-
- /* Check for duplicate planchets. Technically a bug on
- * the client side that is harmless for us, but still
- * not allowed per protocol */
- for (unsigned int i = 0; i < idx; i++)
- {
- if (0 == TALER_blinded_planchet_cmp (&awc->coin_evs[idx][kappa],
- &awc->coin_evs[i][kappa]))
- {
- GNUNET_JSON_parse_free (spec);
- error = "duplicate planchet";
- goto EXIT;
- }
- }
- }
- }
- }; /* json_array_foreach over j_blinded_coin_evs */
-
- /* Finally, calculate the h_commitment from all blinded envelopes */
- GNUNET_CRYPTO_hash_context_finish (hash_context,
- &awc->commitment.h_commitment.hash);
-
- GNUNET_assert (NULL == error);
-
-
-EXIT:
- if (NULL != error)
- {
- /* Note: resources are freed in caller */
-
- *mhd_ret = TALER_MHD_reply_with_ec (
- connection,
- TALER_EC_GENERIC_PARAMETER_MALFORMED,
- error);
- return GNUNET_SYSERR;
- }
-
- return GNUNET_OK;
-}
+};
/**
- * Check if the given denomination is still or already valid, has not been
- * revoked and supports age restriction.
- *
- * @param connection HTTP-connection to the client
- * @param ksh The handle to the current state of (denomination) keys in the exchange
- * @param denom_h Hash of the denomination key to check
- * @param[out] pdk On success, will contain the denomination key details
- * @param[out] result On failure, an MHD-response will be queued and result will be set to accordingly
- * @return true on success (denomination valid), false otherwise
+ * Kept in a DLL.
*/
-static bool
-denomination_is_valid (
- struct MHD_Connection *connection,
- struct TEH_KeyStateHandle *ksh,
- const struct TALER_DenominationHashP *denom_h,
- struct TEH_DenominationKey **pdk,
- MHD_RESULT *result)
-{
- struct TEH_DenominationKey *dk;
- dk = TEH_keys_denomination_by_hash_from_state (ksh,
- denom_h,
- connection,
- result);
- if (NULL == dk)
- {
- /* The denomination doesn't exist */
- /* Note: a HTTP-response has been queued and result has been set by
- * TEH_keys_denominations_by_hash_from_state */
- return false;
- }
-
- if (GNUNET_TIME_absolute_is_past (dk->meta.expire_withdraw.abs_time))
- {
- /* This denomination is past the expiration time for withdraws */
- /* FIXME[oec]: add idempotency check */
- *result = TEH_RESPONSE_reply_expired_denom_pub_hash (
- connection,
- denom_h,
- TALER_EC_EXCHANGE_GENERIC_DENOMINATION_EXPIRED,
- "age-withdraw_reveal");
- return false;
- }
-
- if (GNUNET_TIME_absolute_is_future (dk->meta.start.abs_time))
- {
- /* This denomination is not yet valid */
- *result = TEH_RESPONSE_reply_expired_denom_pub_hash (
- connection,
- denom_h,
- TALER_EC_EXCHANGE_GENERIC_DENOMINATION_VALIDITY_IN_FUTURE,
- "age-withdraw_reveal");
- return false;
- }
-
- if (dk->recoup_possible)
- {
- /* This denomination has been revoked */
- *result = TALER_MHD_reply_with_ec (
- connection,
- TALER_EC_EXCHANGE_GENERIC_DENOMINATION_REVOKED,
- NULL);
- return false;
- }
-
- if (0 == dk->denom_pub.age_mask.bits)
- {
- /* This denomation does not support age restriction */
- char msg[256] = {0};
- GNUNET_snprintf (msg,
- sizeof(msg),
- "denomination %s does not support age restriction",
- GNUNET_h2s (&denom_h->hash));
-
- *result = TALER_MHD_reply_with_ec (
- connection,
- TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN,
- msg);
- return false;
- }
-
- *pdk = dk;
- return true;
-}
-
+static struct AgeWithdrawContext *awc_head;
/**
- * Check if the given array of hashes of denomination_keys a) belong
- * to valid denominations and b) those are marked as age restricted.
- * Also, calculate the total amount of the denominations including fees
- * for withdraw.
- *
- * @param connection The HTTP connection to the client
- * @param len The lengths of the array @a denoms_h
- * @param denom_hs array of hashes of denomination public keys
- * @param coin_evs array of blinded coin planchet candidates
- * @param[out] denom_serials On success, will be filled with the serial-id's of the denomination keys. Caller must deallocate.
- * @param[out] amount_with_fee On success, will contain the committed amount including fees
- * @param[out] result In the error cases, a response will be queued with MHD and this will be the result.
- * @return #GNUNET_OK if the denominations are valid and support age-restriction
- * #GNUNET_SYSERR otherwise
+ * Kept in a DLL.
*/
-static enum GNUNET_GenericReturnValue
-are_denominations_valid (
- struct MHD_Connection *connection,
- uint32_t len,
- const struct TALER_DenominationHashP *denom_hs,
- const struct TALER_BlindedPlanchet (*coin_evs) [ TALER_CNC_KAPPA],
- uint64_t **denom_serials,
- struct TALER_Amount *amount_with_fee,
- MHD_RESULT *result)
-{
- struct TALER_Amount total_amount;
- struct TALER_Amount total_fee;
- struct TEH_KeyStateHandle *ksh;
- uint64_t *serials;
+static struct AgeWithdrawContext *awc_tail;
- ksh = TEH_keys_get_state ();
- if (NULL == ksh)
- {
- *result = TALER_MHD_reply_with_ec (connection,
- TALER_EC_EXCHANGE_GENERIC_KEYS_MISSING,
- NULL);
- return GNUNET_SYSERR;
- }
- *denom_serials =
- serials = GNUNET_new_array (len, uint64_t);
-
- GNUNET_assert (GNUNET_OK ==
- TALER_amount_set_zero (TEH_currency,
- &total_amount));
- GNUNET_assert (GNUNET_OK ==
- TALER_amount_set_zero (TEH_currency,
- &total_fee));
+void
+TEH_age_withdraw_cleanup ()
+{
+ struct AgeWithdrawContext *awc;
- for (uint32_t i = 0; i < len; i++)
+ while (NULL != (awc = awc_head))
{
- struct TEH_DenominationKey *dk;
- if (! denomination_is_valid (connection,
- ksh,
- &denom_hs[i],
- &dk,
- result))
- /* FIXME[oec]: add idempotency check */
- return GNUNET_SYSERR;
-
- /* Ensure the ciphers from the planchets match the denominations' */
- for (uint8_t k = 0; k < TALER_CNC_KAPPA; k++)
- {
- if (dk->denom_pub.bsign_pub_key->cipher !=
- coin_evs[i][k].blinded_message->cipher)
- {
- GNUNET_break_op (0);
- *result = TALER_MHD_reply_with_ec (connection,
- TALER_EC_EXCHANGE_GENERIC_CIPHER_MISMATCH,
- NULL);
- return GNUNET_SYSERR;
- }
- }
-
- /* Accumulate the values */
- if (0 > TALER_amount_add (&total_amount,
- &total_amount,
- &dk->meta.value))
- {
- GNUNET_break_op (0);
- *result = TALER_MHD_reply_with_error (connection,
- MHD_HTTP_BAD_REQUEST,
- TALER_EC_EXCHANGE_AGE_WITHDRAW_AMOUNT_OVERFLOW,
- "amount");
- return GNUNET_SYSERR;
- }
-
- /* Accumulate the withdraw fees */
- if (0 > TALER_amount_add (&total_fee,
- &total_fee,
- &dk->meta.fees.withdraw))
- {
- GNUNET_break_op (0);
- *result = TALER_MHD_reply_with_error (connection,
- MHD_HTTP_BAD_REQUEST,
- TALER_EC_EXCHANGE_AGE_WITHDRAW_AMOUNT_OVERFLOW,
- "fee");
- return GNUNET_SYSERR;
- }
-
- serials[i] = dk->meta.serial;
+ GNUNET_CONTAINER_DLL_remove (awc_head,
+ awc_tail,
+ awc);
+ MHD_resume_connection (awc->rc->connection);
}
-
- /* Save the total amount including fees */
- GNUNET_assert (0 < TALER_amount_add (amount_with_fee,
- &total_amount,
- &total_fee));
-
- return GNUNET_OK;
}
/**
- * @brief Verify the signature of the request body with the reserve key
+ * Terminate the main loop by returning the final
+ * result.
*
- * @param connection the connection to the client
- * @param commitment the age withdraw commitment
- * @param mhd_ret the response to fill in the error case
- * @return GNUNET_OK on success
+ * @param[in,out] awc context to update phase for
+ * @param mres MHD status to return
*/
-static enum GNUNET_GenericReturnValue
-verify_reserve_signature (
- struct MHD_Connection *connection,
- const struct TALER_EXCHANGEDB_AgeWithdraw *commitment,
- enum MHD_Result *mhd_ret)
+static void
+finish_loop (struct AgeWithdrawContext *awc,
+ MHD_RESULT mres)
{
- TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
- if (GNUNET_OK !=
- TALER_wallet_age_withdraw_verify (&commitment->h_commitment,
- &commitment->amount_with_fee,
- &TEH_age_restriction_config.mask,
- commitment->max_age,
- &commitment->reserve_pub,
- &commitment->reserve_sig))
- {
- GNUNET_break_op (0);
- *mhd_ret = TALER_MHD_reply_with_ec (connection,
- TALER_EC_EXCHANGE_WITHDRAW_RESERVE_SIGNATURE_INVALID,
- NULL);
- return GNUNET_SYSERR;
- }
-
- return GNUNET_OK;
+ awc->phase = (MHD_YES == mres)
+ ? AWC_PHASE_RETURN_YES
+ : AWC_PHASE_RETURN_NO;
}
@@ -549,14 +193,17 @@ verify_reserve_signature (
* @param connection the connection to send the response to
* @param ach value the client committed to
* @param noreveal_index which index will the client not have to reveal
- * @return a MHD status code
*/
-static MHD_RESULT
+static void
reply_age_withdraw_success (
- struct MHD_Connection *connection,
- const struct TALER_AgeWithdrawCommitmentHashP *ach,
- uint32_t noreveal_index)
+ struct AgeWithdrawContext *awc)
{
+ struct MHD_Connection *connection
+ = awc->rc->connection;
+ const struct TALER_AgeWithdrawCommitmentHashP *ach
+ = &awc->commitment.h_commitment;
+ uint32_t noreveal_index
+ = awc->commitment.noreveal_index;
struct TALER_ExchangePublicKeyP pub;
struct TALER_ExchangeSignatureP sig;
enum TALER_ErrorCode ec;
@@ -568,17 +215,23 @@ reply_age_withdraw_success (
&pub,
&sig);
if (TALER_EC_NONE != ec)
- return TALER_MHD_reply_with_ec (connection,
- ec,
- NULL);
- return TALER_MHD_REPLY_JSON_PACK (connection,
- MHD_HTTP_OK,
- GNUNET_JSON_pack_uint64 ("noreveal_index",
- noreveal_index),
- GNUNET_JSON_pack_data_auto ("exchange_sig",
- &sig),
- GNUNET_JSON_pack_data_auto ("exchange_pub",
- &pub));
+ {
+ finish_loop (awc,
+ TALER_MHD_reply_with_ec (connection,
+ ec,
+ NULL));
+ return;
+ }
+ finish_loop (awc,
+ TALER_MHD_REPLY_JSON_PACK (
+ connection,
+ MHD_HTTP_OK,
+ GNUNET_JSON_pack_uint64 ("noreveal_index",
+ noreveal_index),
+ GNUNET_JSON_pack_data_auto ("exchange_sig",
+ &sig),
+ GNUNET_JSON_pack_data_auto ("exchange_pub",
+ &pub)));
}
@@ -587,42 +240,40 @@ reply_age_withdraw_success (
* answer. If so, replay the existing answer and return the
* HTTP response.
*
- * @param con connection to the client
* @param[in,out] awc parsed request data
- * @param[out] mret HTTP status, set if we return true
* @return true if the request is idempotent with an existing request
* false if we did not find the request in the DB and did not set @a mret
*/
static bool
-request_is_idempotent (struct MHD_Connection *con,
- struct AgeWithdrawContext *awc,
- MHD_RESULT *mret)
+check_request_idempotent (
+ struct AgeWithdrawContext *awc)
{
enum GNUNET_DB_QueryStatus qs;
struct TALER_EXCHANGEDB_AgeWithdraw commitment;
- qs = TEH_plugin->get_age_withdraw (TEH_plugin->cls,
- &awc->commitment.reserve_pub,
- &awc->commitment.h_commitment,
- &commitment);
+ qs = TEH_plugin->get_age_withdraw (
+ TEH_plugin->cls,
+ &awc->commitment.reserve_pub,
+ &awc->commitment.h_commitment,
+ &commitment);
if (0 > qs)
{
+ /* FIXME: soft error not handled correctly! */
GNUNET_break (GNUNET_DB_STATUS_SOFT_ERROR == qs);
if (GNUNET_DB_STATUS_HARD_ERROR == qs)
- *mret = TALER_MHD_reply_with_ec (con,
- TALER_EC_GENERIC_DB_FETCH_FAILED,
- "get_age_withdraw");
- return true; /* Well, kind-of. At least we have set mret. */
+ finish_loop (awc,
+ TALER_MHD_reply_with_ec (
+ awc->rc->connection,
+ TALER_EC_GENERIC_DB_FETCH_FAILED,
+ "get_age_withdraw"));
+ return true; /* Well, kind-of. */
}
-
if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs)
return false;
/* Generate idempotent reply */
TEH_METRICS_num_requests[TEH_MT_REQUEST_IDEMPOTENT_AGE_WITHDRAW]++;
- *mret = reply_age_withdraw_success (con,
- &commitment.h_commitment,
- commitment.noreveal_index);
+ awc->phase = AWC_PHASE_GENERATE_REPLY_SUCCESS;
return true;
}
@@ -642,9 +293,10 @@ request_is_idempotent (struct MHD_Connection *con,
* @return transaction status
*/
static enum GNUNET_DB_QueryStatus
-age_withdraw_transaction (void *cls,
- struct MHD_Connection *connection,
- MHD_RESULT *mhd_ret)
+age_withdraw_transaction (
+ void *cls,
+ struct MHD_Connection *connection,
+ MHD_RESULT *mhd_ret)
{
struct AgeWithdrawContext *awc = cls;
enum GNUNET_DB_QueryStatus qs;
@@ -656,82 +308,73 @@ age_withdraw_transaction (void *cls,
uint32_t reserve_birthday = 0;
struct TALER_Amount reserve_balance;
- qs = TEH_withdraw_kyc_check (&awc->kyc,
- &awc->h_payto,
- connection,
- mhd_ret,
- &awc->commitment.reserve_pub,
- &awc->commitment.amount_with_fee,
- awc->now);
- if ( (qs < 0) ||
- (! awc->kyc.ok) )
- return qs;
- qs = TEH_plugin->do_age_withdraw (TEH_plugin->cls,
- &awc->commitment,
- awc->now,
- &found,
- &balance_ok,
- &reserve_balance,
- &age_ok,
- &allowed_maximum_age,
- &reserve_birthday,
- &conflict);
+ qs = TEH_plugin->do_age_withdraw (
+ TEH_plugin->cls,
+ &awc->commitment,
+ awc->now,
+ &found,
+ &balance_ok,
+ &reserve_balance,
+ &age_ok,
+ &allowed_maximum_age,
+ &reserve_birthday,
+ &conflict);
if (0 > qs)
{
if (GNUNET_DB_STATUS_HARD_ERROR == qs)
- *mhd_ret = TALER_MHD_reply_with_ec (connection,
- TALER_EC_GENERIC_DB_FETCH_FAILED,
- "do_age_withdraw");
+ finish_loop (awc,
+ TALER_MHD_reply_with_ec (
+ awc->rc->connection,
+ TALER_EC_GENERIC_DB_FETCH_FAILED,
+ "do_age_withdraw"));
return qs;
}
if (! found)
{
- *mhd_ret = TALER_MHD_reply_with_ec (connection,
- TALER_EC_EXCHANGE_GENERIC_RESERVE_UNKNOWN,
- NULL);
+ finish_loop (awc,
+ TALER_MHD_reply_with_ec (
+ awc->rc->connection,
+ TALER_EC_EXCHANGE_GENERIC_RESERVE_UNKNOWN,
+ NULL));
return GNUNET_DB_STATUS_HARD_ERROR;
}
if (! age_ok)
{
- enum TALER_ErrorCode ec =
- TALER_EC_EXCHANGE_AGE_WITHDRAW_MAXIMUM_AGE_TOO_LARGE;
-
- *mhd_ret =
- TALER_MHD_REPLY_JSON_PACK (
- connection,
- MHD_HTTP_CONFLICT,
- TALER_MHD_PACK_EC (ec),
- GNUNET_JSON_pack_uint64 ("allowed_maximum_age",
- allowed_maximum_age),
- GNUNET_JSON_pack_uint64 ("reserve_birthday",
- reserve_birthday));
-
+ finish_loop (awc,
+ TALER_MHD_REPLY_JSON_PACK (
+ awc->rc->connection,
+ MHD_HTTP_CONFLICT,
+ TALER_MHD_PACK_EC (
+ TALER_EC_EXCHANGE_AGE_WITHDRAW_MAXIMUM_AGE_TOO_LARGE),
+ GNUNET_JSON_pack_uint64 (
+ "allowed_maximum_age",
+ allowed_maximum_age),
+ GNUNET_JSON_pack_uint64 (
+ "reserve_birthday",
+ reserve_birthday)));
return GNUNET_DB_STATUS_HARD_ERROR;
}
if (! balance_ok)
{
TEH_plugin->rollback (TEH_plugin->cls);
-
- *mhd_ret = TEH_RESPONSE_reply_reserve_insufficient_balance (
- connection,
- TALER_EC_EXCHANGE_AGE_WITHDRAW_INSUFFICIENT_FUNDS,
- &reserve_balance,
- &awc->commitment.amount_with_fee,
- &awc->commitment.reserve_pub);
-
+ finish_loop (awc,
+ TEH_RESPONSE_reply_reserve_insufficient_balance (
+ awc->rc->connection,
+ TALER_EC_EXCHANGE_AGE_WITHDRAW_INSUFFICIENT_FUNDS,
+ &reserve_balance,
+ &awc->commitment.amount_with_fee,
+ &awc->commitment.reserve_pub));
return GNUNET_DB_STATUS_HARD_ERROR;
}
if (conflict)
{
/* do_age_withdraw signaled a conflict, so there MUST be an entry
* in the DB. Put that into the response */
- bool ok = request_is_idempotent (connection,
- awc,
- mhd_ret);
- GNUNET_assert (ok);
+ if (check_request_idempotent (awc))
+ return GNUNET_DB_STATUS_HARD_ERROR;
+ GNUNET_break (0);
return GNUNET_DB_STATUS_SUCCESS_ONE_RESULT;
}
- *mhd_ret = -1;
if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT == qs)
TEH_METRICS_num_success[TEH_MT_SUCCESS_AGE_WITHDRAW]++;
return qs;
@@ -739,39 +382,63 @@ age_withdraw_transaction (void *cls,
/**
- * @brief Sign the chosen blinded coins, debit the reserve and persist
- * the commitment.
+ * @brief Persist the commitment.
*
* On conflict, the noreveal_index from the previous, existing
* commitment is returned to the client, returning success.
*
* On error (like, insufficient funds), the client is notified.
*
- * Note that on success, there are two possible states:
- * 1.) KYC is required (awc.kyc.ok == false) or
- * 2.) age withdraw was successful.
+ * @param awc The context for the current age withdraw request
+ */
+static void
+run_transaction (
+ struct AgeWithdrawContext *awc)
+{
+ MHD_RESULT mhd_ret;
+
+ GNUNET_assert (AWC_PHASE_RUN_TRANSACTION ==
+ awc->phase);
+ if (GNUNET_OK !=
+ TEH_DB_run_transaction (awc->rc->connection,
+ "run age withdraw",
+ TEH_MT_REQUEST_AGE_WITHDRAW,
+ &mhd_ret,
+ &age_withdraw_transaction,
+ awc))
+ {
+ if (AWC_PHASE_RUN_TRANSACTION == awc->phase)
+ finish_loop (awc,
+ mhd_ret);
+ return;
+ }
+ awc->phase++;
+}
+
+
+/**
+ * @brief Sign the chosen blinded coins.
*
- * @param connection HTTP-connection to the client
* @param awc The context for the current age withdraw request
- * @param[out] result On error, a HTTP-response will be queued and result set accordingly
- * @return #GNUNET_OK on success, #GNUNET_SYSERR otherwise
*/
-static enum GNUNET_GenericReturnValue
-sign_and_do_age_withdraw (
- struct MHD_Connection *connection,
- struct AgeWithdrawContext *awc,
- MHD_RESULT *result)
+static void
+prepare_transaction (
+ struct AgeWithdrawContext *awc)
{
- enum GNUNET_GenericReturnValue ret = GNUNET_SYSERR;
- struct TALER_BlindedCoinHashP h_coin_evs[awc->num_coins];
- struct TALER_BlindedDenominationSignature denom_sigs[awc->num_coins];
uint8_t noreveal_index;
+ awc->commitment.denom_sigs
+ = GNUNET_new_array (
+ awc->num_coins,
+ struct TALER_BlindedDenominationSignature);
+ awc->commitment.h_coin_evs
+ = GNUNET_new_array (
+ awc->num_coins,
+ struct TALER_BlindedCoinHashP);
/* Pick the challenge */
noreveal_index =
GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_STRONG,
TALER_CNC_KAPPA);
-
awc->commitment.noreveal_index = noreveal_index;
/* Choose and sign the coins */
@@ -782,157 +449,727 @@ sign_and_do_age_withdraw (
/* Pick the chosen blinded coins */
for (uint32_t i = 0; i<awc->num_coins; i++)
{
- csds[i].bp = &awc->coin_evs[i][noreveal_index];
- csds[i].h_denom_pub = &awc->denom_hs[i];
+ struct TEH_CoinSignData *csdsi = &csds[i];
+
+ csdsi->bp = &awc->coin_evs[i][noreveal_index];
+ csdsi->h_denom_pub = &awc->denom_hs[i];
}
- ec = TEH_keys_denomination_batch_sign (awc->num_coins,
- csds,
- false,
- denom_sigs);
+ ec = TEH_keys_denomination_batch_sign (
+ awc->num_coins,
+ csds,
+ false,
+ awc->commitment.denom_sigs);
if (TALER_EC_NONE != ec)
{
GNUNET_break (0);
- *result = TALER_MHD_reply_with_ec (connection,
- ec,
- NULL);
- return GNUNET_SYSERR;
+ finish_loop (awc,
+ TALER_MHD_reply_with_ec (
+ awc->rc->connection,
+ ec,
+ NULL));
+ return;
}
}
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "Signatures ready, starting DB interaction\n");
-
/* Prepare the hashes of the coins for insertion */
for (uint32_t i = 0; i<awc->num_coins; i++)
{
TALER_coin_ev_hash (&awc->coin_evs[i][noreveal_index],
&awc->denom_hs[i],
- &h_coin_evs[i]);
+ &awc->commitment.h_coin_evs[i]);
+ }
+ awc->phase++;
+}
+
+
+/**
+ * Check the KYC result.
+ *
+ * @param awc storage for request processing
+ */
+static void
+check_kyc_result (struct AgeWithdrawContext *awc)
+{
+ /* return final positive response */
+ if (! awc->kyc.ok)
+ {
+ if (check_request_idempotent (awc))
+ return;
+ /* KYC required */
+ finish_loop (awc,
+ TEH_RESPONSE_reply_kyc_required (
+ awc->rc->connection,
+ &awc->h_payto,
+ &awc->kyc));
+ return;
+ }
+ awc->phase++;
+}
+
+
+/**
+ * Function called with the result of a legitimization
+ * check.
+ *
+ * @param cls closure
+ * @param lcr legitimization check result
+ */
+static void
+withdraw_legi_cb (
+ void *cls,
+ const struct TEH_LegitimizationCheckResult *lcr)
+{
+ struct AgeWithdrawContext *awc = cls;
+
+ awc->lch = NULL;
+ GNUNET_assert (AWC_PHASE_SUSPENDED ==
+ awc->phase);
+ MHD_resume_connection (awc->rc->connection);
+ GNUNET_CONTAINER_DLL_remove (awc_head,
+ awc_tail,
+ awc);
+ TALER_MHD_daemon_trigger ();
+ if (NULL != lcr->response)
+ {
+ awc->response = lcr->response;
+ awc->http_status = lcr->http_status;
+ awc->phase = AWC_PHASE_GENERATE_REPLY_FAILURE;
+ return;
}
+ awc->kyc = lcr->kyc;
+ awc->phase = AWC_PHASE_CHECK_KYC_RESULT;
+}
+
+
+/**
+ * Function called to iterate over KYC-relevant transaction amounts for a
+ * particular time range. Called within a database transaction, so must
+ * not start a new one.
+ *
+ * @param cls closure, identifies the event type and account to iterate
+ * over events for
+ * @param limit maximum time-range for which events should be fetched
+ * (timestamp in the past)
+ * @param cb function to call on each event found, events must be returned
+ * in reverse chronological order
+ * @param cb_cls closure for @a cb, of type struct AgeWithdrawContext
+ * @return transaction status
+ */
+static enum GNUNET_DB_QueryStatus
+withdraw_amount_cb (
+ void *cls,
+ struct GNUNET_TIME_Absolute limit,
+ TALER_EXCHANGEDB_KycAmountCallback cb,
+ void *cb_cls)
+{
+ struct AgeWithdrawContext *awc = cls;
+ enum GNUNET_GenericReturnValue ret;
+ enum GNUNET_DB_QueryStatus qs;
+
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ "Signaling amount %s for KYC check during age-withdrawal\n",
+ TALER_amount2s (&awc->commitment.amount_with_fee));
+ ret = cb (cb_cls,
+ &awc->commitment.amount_with_fee,
+ awc->now.abs_time);
+ GNUNET_break (GNUNET_SYSERR != ret);
+ if (GNUNET_OK != ret)
+ return GNUNET_DB_STATUS_SUCCESS_NO_RESULTS;
+ qs = TEH_plugin->select_withdraw_amounts_for_kyc_check (
+ TEH_plugin->cls,
+ &awc->h_payto,
+ limit,
+ cb,
+ cb_cls);
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ "Got %d additional transactions for this age-withdrawal and limit %llu\n",
+ qs,
+ (unsigned long long) limit.abs_value_us);
+ GNUNET_break (qs >= 0);
+ return qs;
+}
+
+
+/**
+ * Do legitimization check.
+ *
+ * @param awc operation context
+ */
+static void
+run_legi_check (struct AgeWithdrawContext *awc)
+{
+ enum GNUNET_DB_QueryStatus qs;
+ char *payto_uri;
+
+ /* Check if the money came from a wire transfer */
+ qs = TEH_plugin->reserves_get_origin (
+ TEH_plugin->cls,
+ &awc->commitment.reserve_pub,
+ &awc->h_payto,
+ &payto_uri);
+ if (qs < 0)
+ {
+ finish_loop (awc,
+ TALER_MHD_reply_with_error (
+ awc->rc->connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_GENERIC_DB_FETCH_FAILED,
+ "reserves_get_origin"));
+ return;
+ }
+ /* If _no_ results, reserve was created by merge,
+ in which case no KYC check is required as the
+ merge already did that. */
+ if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs)
+ {
+ awc->phase = AWC_PHASE_PREPARE_TRANSACTION;
+ return;
+ }
+
+ awc->lch = TEH_legitimization_check (
+ &awc->rc->async_scope_id,
+ TALER_KYCLOGIC_KYC_TRIGGER_WITHDRAW,
+ payto_uri,
+ &awc->h_payto,
+ NULL,
+ &withdraw_amount_cb,
+ awc,
+ &withdraw_legi_cb,
+ awc);
+ GNUNET_assert (NULL != awc->lch);
+ GNUNET_free (payto_uri);
+ GNUNET_CONTAINER_DLL_insert (awc_head,
+ awc_tail,
+ awc);
+ MHD_suspend_connection (awc->rc->connection);
+ awc->phase = AWC_PHASE_SUSPENDED;
+}
+
+
+/**
+ * Check that the client signature authorizing the
+ * withdrawal is valid.
+ *
+ * @param[in,out] awc request context to check
+ */
+static void
+check_reserve_signature (
+ struct AgeWithdrawContext *awc)
+{
+ TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
+ if (GNUNET_OK !=
+ TALER_wallet_age_withdraw_verify (
+ &awc->commitment.h_commitment,
+ &awc->commitment.amount_with_fee,
+ &TEH_age_restriction_config.mask,
+ awc->commitment.max_age,
+ &awc->commitment.reserve_pub,
+ &awc->commitment.reserve_sig))
+ {
+ GNUNET_break_op (0);
+ finish_loop (awc,
+ TALER_MHD_reply_with_ec (
+ awc->rc->connection,
+ TALER_EC_EXCHANGE_WITHDRAW_RESERVE_SIGNATURE_INVALID,
+ NULL));
+ return;
+ }
+ awc->phase++;
+}
+
+
+/**
+ * Check if the given denomination is still or already valid, has not been
+ * revoked and supports age restriction.
+ *
+ * @param connection HTTP-connection to the client
+ * @param ksh The handle to the current state of (denomination) keys in the exchange
+ * @param denom_h Hash of the denomination key to check
+ * @return NULL on failure (denomination invalid)
+ */
+static struct TEH_DenominationKey *
+denomination_is_valid (
+ struct AgeWithdrawContext *awc,
+ struct TEH_KeyStateHandle *ksh,
+ const struct TALER_DenominationHashP *denom_h)
+{
+ struct MHD_Connection *connection = awc->rc->connection;
+ struct TEH_DenominationKey *dk;
+ MHD_RESULT result;
+
+ dk = TEH_keys_denomination_by_hash_from_state (
+ ksh,
+ denom_h,
+ connection,
+ &result);
+ if (NULL == dk)
+ {
+ /* The denomination doesn't exist */
+ /* Note: a HTTP-response has been queued and result has been set by
+ * TEH_keys_denominations_by_hash_from_state */
+ /* FIXME-Oec: lacks idempotency check... */
+ finish_loop (awc,
+ result);
+ return NULL;
+ }
+
+ if (GNUNET_TIME_absolute_is_past (dk->meta.expire_withdraw.abs_time))
+ {
+ /* This denomination is past the expiration time for withdrawc */
+ /* FIXME[oec]: add idempotency check */
+ finish_loop (awc,
+ TEH_RESPONSE_reply_expired_denom_pub_hash (
+ connection,
+ denom_h,
+ TALER_EC_EXCHANGE_GENERIC_DENOMINATION_EXPIRED,
+ "age-withdraw_reveal"));
+ return NULL;
+ }
+
+ if (GNUNET_TIME_absolute_is_future (dk->meta.start.abs_time))
+ {
+ /* This denomination is not yet valid */
+ finish_loop (awc,
+ TEH_RESPONSE_reply_expired_denom_pub_hash (
+ connection,
+ denom_h,
+ TALER_EC_EXCHANGE_GENERIC_DENOMINATION_VALIDITY_IN_FUTURE,
+ "age-withdraw_reveal"));
+ return NULL;
+ }
+
+ if (dk->recoup_possible)
+ {
+ /* This denomination has been revoked */
+ finish_loop (awc,
+ TALER_MHD_reply_with_ec (
+ connection,
+ TALER_EC_EXCHANGE_GENERIC_DENOMINATION_REVOKED,
+ NULL));
+ return NULL;
+ }
+
+ if (0 == dk->denom_pub.age_mask.bits)
+ {
+ /* This denomation does not support age restriction */
+ char msg[256];
+
+ GNUNET_snprintf (msg,
+ sizeof(msg),
+ "denomination %s does not support age restriction",
+ GNUNET_h2s (&denom_h->hash));
+
+ finish_loop (awc,
+ TALER_MHD_reply_with_ec (
+ connection,
+ TALER_EC_EXCHANGE_GENERIC_DENOMINATION_KEY_UNKNOWN,
+ msg));
+ return NULL;
+ }
+
+ return dk;
+}
+
+
+/**
+ * Check if the given array of hashes of denomination_keys a) belong
+ * to valid denominations and b) those are marked as age restricted.
+ * Also, calculate the total amount of the denominations including fees
+ * for withdraw.
+ *
+ * @param awc context to check keys for
+ */
+static void
+check_keys (
+ struct AgeWithdrawContext *awc)
+{
+ struct MHD_Connection *connection
+ = awc->rc->connection;
+ unsigned int len
+ = awc->num_coins;
+ struct TALER_Amount total_amount;
+ struct TALER_Amount total_fee;
+ struct TEH_KeyStateHandle *ksh;
+
+ ksh = TEH_keys_get_state ();
+ if (NULL == ksh)
+ {
+ finish_loop (awc,
+ TALER_MHD_reply_with_ec (
+ connection,
+ TALER_EC_EXCHANGE_GENERIC_KEYS_MISSING,
+ NULL));
+ return;
+ }
+
+ awc->commitment.denom_serials
+ = GNUNET_new_array (len,
+ uint64_t);
+ GNUNET_assert (GNUNET_OK ==
+ TALER_amount_set_zero (TEH_currency,
+ &total_amount));
+ GNUNET_assert (GNUNET_OK ==
+ TALER_amount_set_zero (TEH_currency,
+ &total_fee));
+ for (unsigned int i = 0; i < len; i++)
+ {
+ struct TEH_DenominationKey *dk;
+
+ dk = denomination_is_valid (awc,
+ ksh,
+ &awc->denom_hs[i]);
+ if (NULL == dk)
+ /* FIXME[oec]: add idempotency check */
+ return;
+
+ /* Ensure the ciphers from the planchets match the denominations' */
+ for (uint8_t k = 0; k < TALER_CNC_KAPPA; k++)
+ {
+ if (dk->denom_pub.bsign_pub_key->cipher !=
+ awc->coin_evs[i][k].blinded_message->cipher)
+ {
+ GNUNET_break_op (0);
+ finish_loop (awc,
+ TALER_MHD_reply_with_ec (
+ connection,
+ TALER_EC_EXCHANGE_GENERIC_CIPHER_MISMATCH,
+ NULL));
+ return;
+ }
+ }
+
+ /* Accumulate the values */
+ if (0 > TALER_amount_add (&total_amount,
+ &total_amount,
+ &dk->meta.value))
+ {
+ GNUNET_break_op (0);
+ finish_loop (awc,
+ TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_BAD_REQUEST,
+ TALER_EC_EXCHANGE_AGE_WITHDRAW_AMOUNT_OVERFLOW,
+ "amount"));
+ return;
+ }
+
+ /* Accumulate the withdraw fees */
+ if (0 > TALER_amount_add (&total_fee,
+ &total_fee,
+ &dk->meta.fees.withdraw))
+ {
+ GNUNET_break_op (0);
+ finish_loop (awc,
+ TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_BAD_REQUEST,
+ TALER_EC_EXCHANGE_AGE_WITHDRAW_AMOUNT_OVERFLOW,
+ "fee"));
+ return;
+ }
+ awc->commitment.denom_serials[i] = dk->meta.serial;
+ }
+
+ /* Save the total amount including fees */
+ GNUNET_assert (0 <
+ TALER_amount_add (
+ &awc->commitment.amount_with_fee,
+ &total_amount,
+ &total_fee));
+ awc->phase++;
+}
+
+
+/**
+ * Age-withdraw-specific cleanup routine. Function called
+ * upon completion of the request that should
+ * clean up @a rh_ctx. Can be NULL.
+ *
+ * @param rc request context to clean up
+ */
+static void
+clean_age_withdraw_rc (struct TEH_RequestContext *rc)
+{
+ struct AgeWithdrawContext *awc = rc->rh_ctx;
- /* Run the transaction */
- awc->commitment.h_coin_evs = h_coin_evs;
- awc->commitment.denom_sigs = denom_sigs;
- ret = TEH_DB_run_transaction (connection,
- "run age withdraw",
- TEH_MT_REQUEST_AGE_WITHDRAW,
- result,
- &age_withdraw_transaction,
- awc);
- /* Free resources */
for (unsigned int i = 0; i<awc->num_coins; i++)
- TALER_blinded_denom_sig_free (&denom_sigs[i]);
- awc->commitment.h_coin_evs = NULL;
- awc->commitment.denom_sigs = NULL;
- return ret;
+ {
+ for (unsigned int kappa = 0; kappa<TALER_CNC_KAPPA; kappa++)
+ {
+ TALER_blinded_planchet_free (&awc->coin_evs[i][kappa]);
+ }
+ }
+ for (unsigned int i = 0; i<awc->num_coins; i++)
+ {
+ TALER_blinded_denom_sig_free (&awc->commitment.denom_sigs[i]);
+ }
+ GNUNET_free (awc->commitment.h_coin_evs);
+ GNUNET_free (awc->commitment.denom_sigs);
+ GNUNET_free (awc->denom_hs);
+ GNUNET_free (awc->coin_evs);
+ GNUNET_free (awc->commitment.denom_serials);
+ GNUNET_free (awc);
}
MHD_RESULT
-TEH_handler_age_withdraw (struct TEH_RequestContext *rc,
- const struct TALER_ReservePublicKeyP *reserve_pub,
- const json_t *root)
+TEH_handler_age_withdraw (
+ struct TEH_RequestContext *rc,
+ const struct TALER_ReservePublicKeyP *reserve_pub,
+ const json_t *root)
{
- MHD_RESULT mhd_ret;
- const json_t *j_denom_hs;
- const json_t *j_blinded_coin_evs;
- struct AgeWithdrawContext awc = {
- .commitment.reserve_pub = *reserve_pub,
- .now = GNUNET_TIME_timestamp_get ()
- };
- struct GNUNET_JSON_Specification spec[] = {
- GNUNET_JSON_spec_array_const ("denom_hs",
- &j_denom_hs),
- GNUNET_JSON_spec_array_const ("blinded_coin_evs",
- &j_blinded_coin_evs),
- GNUNET_JSON_spec_uint16 ("max_age",
- &awc.commitment.max_age),
- GNUNET_JSON_spec_fixed_auto ("reserve_sig",
- &awc.commitment.reserve_sig),
- GNUNET_JSON_spec_end ()
- };
-
- /* Parse the JSON body */
+ struct AgeWithdrawContext *awc = rc->rh_ctx;
+
+ if (NULL == awc)
{
- enum GNUNET_GenericReturnValue res;
+ awc = GNUNET_new (struct AgeWithdrawContext);
+ rc->rh_ctx = awc;
+ rc->rh_cleaner = &clean_age_withdraw_rc;
+ awc->rc = rc;
+ awc->commitment.reserve_pub = *reserve_pub;
+ awc->now = GNUNET_TIME_timestamp_get ();
- res = TALER_MHD_parse_json_data (rc->connection,
- root,
- spec);
- if (GNUNET_OK != res)
- return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES;
- }
+ {
+ const json_t *j_denom_hs;
+ const json_t *j_blinded_coin_evs;
+ struct GNUNET_JSON_Specification spec[] = {
+ GNUNET_JSON_spec_array_const ("denom_hs",
+ &j_denom_hs),
+ GNUNET_JSON_spec_array_const ("blinded_coin_evs",
+ &j_blinded_coin_evs),
+ GNUNET_JSON_spec_uint16 ("max_age",
+ &awc->commitment.max_age),
+ GNUNET_JSON_spec_fixed_auto ("reserve_sig",
+ &awc->commitment.reserve_sig),
+ GNUNET_JSON_spec_end ()
+ };
+ enum GNUNET_GenericReturnValue res;
+
+ res = TALER_MHD_parse_json_data (rc->connection,
+ root,
+ spec);
+ if (GNUNET_OK != res)
+ return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES;
+
+ /* The age value MUST be on the beginning of an age group */
+ if (awc->commitment.max_age !=
+ TALER_get_lowest_age (&TEH_age_restriction_config.mask,
+ awc->commitment.max_age))
+ {
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_ec (
+ rc->connection,
+ TALER_EC_GENERIC_PARAMETER_MALFORMED,
+ "max_age must be the lower edge of an age group");
+ }
- do {
- /* Note: If we break the statement here at any point,
- * a response to the client MUST have been populated
- * with an appropriate answer and mhd_ret MUST have
- * been set accordingly.
- */
-
- /* Parse denoms_h and blinded_coins_evs, partially fill awc */
- if (GNUNET_OK !=
- parse_age_withdraw_json (rc->connection,
- j_denom_hs,
- j_blinded_coin_evs,
- &awc,
- &mhd_ret))
- break;
+ {
+ size_t num_coins = json_array_size (j_denom_hs);
+ const char *error = NULL;
+
+ if (0 == num_coins)
+ error = "denoms_h must not be empty";
+ else if (num_coins != json_array_size (j_blinded_coin_evs))
+ error = "denoms_h and coins_evs must be arrays of the same size";
+ else if (num_coins > TALER_MAX_FRESH_COINS)
+ /**
+ * The wallet had committed to more than the maximum coins allowed, the
+ * reserve has been charged, but now the user can not withdraw any money
+ * from it. Note that the user can't get their money back in this case!
+ */
+ error =
+ "maximum number of coins that can be withdrawn has been exceeded";
+
+ _Static_assert ((TALER_MAX_FRESH_COINS < INT_MAX / TALER_CNC_KAPPA),
+ "TALER_MAX_FRESH_COINS too large");
+
+ if (NULL != error)
+ {
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_ec (
+ rc->connection,
+ TALER_EC_GENERIC_PARAMETER_MALFORMED,
+ error);
+ }
+ awc->num_coins = (unsigned int) num_coins;
+ awc->commitment.num_coins = (unsigned int) num_coins;
+ }
- /* Ensure validity of denoms and calculate amounts and fees */
- if (GNUNET_OK !=
- are_denominations_valid (rc->connection,
- awc.num_coins,
- awc.denom_hs,
- awc.coin_evs,
- &awc.commitment.denom_serials,
- &awc.commitment.amount_with_fee,
- &mhd_ret))
- break;
+ awc->denom_hs
+ = GNUNET_new_array (awc->num_coins,
+ struct TALER_DenominationHashP);
+ {
+ size_t idx;
+ json_t *value;
+
+ json_array_foreach (j_denom_hs, idx, value) {
+ struct GNUNET_JSON_Specification ispec[] = {
+ GNUNET_JSON_spec_fixed_auto (NULL,
+ &awc->denom_hs[idx]),
+ GNUNET_JSON_spec_end ()
+ };
+
+ res = TALER_MHD_parse_json_data (rc->connection,
+ value,
+ ispec);
+ if (GNUNET_OK != res)
+ return (GNUNET_SYSERR == res)
+ ? MHD_NO
+ : MHD_YES;
+ }
+ }
+ {
+ typedef struct TALER_BlindedPlanchet
+ _array_of_kappa_planchets[TALER_CNC_KAPPA];
- /* Now that amount_with_fee is calculated, verify the signature of
- * the request body with the reserve key.
- */
- if (GNUNET_OK !=
- verify_reserve_signature (rc->connection,
- &awc.commitment,
- &mhd_ret))
- break;
+ awc->coin_evs = GNUNET_new_array (awc->num_coins,
+ _array_of_kappa_planchets);
+ }
+ {
+ struct GNUNET_HashContext *hash_context;
- /* Sign the chosen blinded coins, persist the commitment and
- * charge the reserve.
- * On error (like, insufficient funds), the client is notified.
- * On conflict, the noreveal_index from the previous, existing
- * commitment is returned to the client, returning success.
- * Note that on success, there are two possible states:
- * KYC is required (awc.kyc.ok == false) or
- * age withdraw was successful.
- */
- if (GNUNET_OK !=
- sign_and_do_age_withdraw (rc->connection,
- &awc,
- &mhd_ret))
- break;
+ hash_context = GNUNET_CRYPTO_hash_context_start ();
+ GNUNET_assert (NULL != hash_context);
- /* Send back final response, depending on the outcome of
- * the DB-transaction */
- if (! awc.kyc.ok)
- mhd_ret = TEH_RESPONSE_reply_kyc_required (
- rc->connection,
- &awc.h_payto,
- &awc.kyc);
- else
- mhd_ret = reply_age_withdraw_success (
- rc->connection,
- &awc.commitment.h_commitment,
- awc.commitment.noreveal_index);
-
- } while (0);
-
- GNUNET_JSON_parse_free (spec);
- free_age_withdraw_context_resources (&awc);
- return mhd_ret;
+ /* Parse blinded envelopes. */
+ {
+ json_t *j_kappa_coin_evs;
+ size_t idx;
+
+ json_array_foreach (j_blinded_coin_evs, idx, j_kappa_coin_evs) {
+ if (! json_is_array (j_kappa_coin_evs))
+ {
+ char buf[256];
+
+ GNUNET_snprintf (
+ buf,
+ sizeof(buf),
+ "entry %u in array blinded_coin_evs must be an array",
+ (unsigned int) (idx + 1));
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_ec (
+ rc->connection,
+ TALER_EC_GENERIC_PARAMETER_MALFORMED,
+ buf);
+ }
+ if (TALER_CNC_KAPPA != json_array_size (j_kappa_coin_evs))
+ {
+ char buf[256];
+
+ GNUNET_snprintf (buf,
+ sizeof(buf),
+ "array no. %u in coin_evs must have length %u",
+ (unsigned int) (idx + 1),
+ (unsigned int) TALER_CNC_KAPPA);
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_ec (
+ rc->connection,
+ TALER_EC_GENERIC_PARAMETER_MALFORMED,
+ buf);
+ }
+
+ /* Now parse the individual kappa envelopes and calculate the hash of
+ * the commitment along the way. */
+ {
+ size_t kappa;
+ json_t *kvalue;
+
+ json_array_foreach (j_kappa_coin_evs, kappa, kvalue) {
+ struct GNUNET_JSON_Specification kspec[] = {
+ TALER_JSON_spec_blinded_planchet (NULL,
+ &awc->coin_evs[idx][kappa]),
+ GNUNET_JSON_spec_end ()
+ };
+
+ res = TALER_MHD_parse_json_data (rc->connection,
+ kvalue,
+ kspec);
+ if (GNUNET_OK != res)
+ return (GNUNET_SYSERR == res)
+ ? MHD_NO
+ : MHD_YES;
+ /* Continue to hash of the coin candidates */
+ {
+ struct TALER_BlindedCoinHashP bch;
+
+ TALER_coin_ev_hash (&awc->coin_evs[idx][kappa],
+ &awc->denom_hs[idx],
+ &bch);
+ GNUNET_CRYPTO_hash_context_read (hash_context,
+ &bch,
+ sizeof(bch));
+ }
+
+ /* Check for duplicate planchets. Technically a bug on
+ * the client side that is harmless for us, but still
+ * not allowed per protocol */
+ for (unsigned int i = 0; i < idx; i++)
+ {
+ if (0 ==
+ TALER_blinded_planchet_cmp (
+ &awc->coin_evs[idx][kappa],
+ &awc->coin_evs[i][kappa]))
+ {
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_ec (
+ rc->connection,
+ TALER_EC_GENERIC_PARAMETER_MALFORMED,
+ "duplicate planchet");
+ }
+ } /* end duplicate check */
+ } /* json_array_foreach over j_kappa_coin_evs */
+ } /* scope of kappa/kvalue */
+ } /* json_array_foreach over j_blinded_coin_evs */
+ } /* scope of j_kappa_coin_evs, idx */
+
+ /* Finally, calculate the h_commitment from all blinded envelopes */
+ GNUNET_CRYPTO_hash_context_finish (hash_context,
+ &awc->commitment.h_commitment.hash);
+
+ } /* scope of hash_context */
+ } /* scope of j_denom_hs, j_blinded_coin_evs */
+
+ awc->phase = AWC_PHASE_CHECK_KEYS;
+ } /* end of if NULL == awc */
+
+ while (true)
+ {
+ switch (awc->phase)
+ {
+ case AWC_PHASE_CHECK_KEYS:
+ check_keys (awc);
+ break;
+ case AWC_PHASE_CHECK_RESERVE_SIGNATURE:
+ check_reserve_signature (awc);
+ break;
+ case AWC_PHASE_RUN_LEGI_CHECK:
+ run_legi_check (awc);
+ break;
+ case AWC_PHASE_SUSPENDED:
+ return MHD_YES;
+ case AWC_PHASE_CHECK_KYC_RESULT:
+ check_kyc_result (awc);
+ break;
+ case AWC_PHASE_PREPARE_TRANSACTION:
+ prepare_transaction (awc);
+ break;
+ case AWC_PHASE_RUN_TRANSACTION:
+ run_transaction (awc);
+ break;
+ case AWC_PHASE_GENERATE_REPLY_SUCCESS:
+ reply_age_withdraw_success (awc);
+ break;
+ case AWC_PHASE_GENERATE_REPLY_FAILURE:
+ return MHD_queue_response (rc->connection,
+ awc->http_status,
+ awc->response);
+ case AWC_PHASE_RETURN_YES:
+ return MHD_YES;
+ case AWC_PHASE_RETURN_NO:
+ return MHD_NO;
+ }
+ }
}
diff --git a/src/exchange/taler-exchange-httpd_age-withdraw.h b/src/exchange/taler-exchange-httpd_age-withdraw.h
index a76779190..23d09d298 100644
--- a/src/exchange/taler-exchange-httpd_age-withdraw.h
+++ b/src/exchange/taler-exchange-httpd_age-withdraw.h
@@ -26,6 +26,13 @@
/**
+ * Resume suspended connections, we are shutting down.
+ */
+void
+TEH_age_withdraw_cleanup (void);
+
+
+/**
* Handle a "/reserves/$RESERVE_PUB/age-withdraw" request.
*
* Parses the batch of commitments to withdraw age restricted coins, and checks
@@ -40,8 +47,9 @@
* @return MHD result code
*/
MHD_RESULT
-TEH_handler_age_withdraw (struct TEH_RequestContext *rc,
- const struct TALER_ReservePublicKeyP *reserve_pub,
- const json_t *root);
+TEH_handler_age_withdraw (
+ struct TEH_RequestContext *rc,
+ const struct TALER_ReservePublicKeyP *reserve_pub,
+ const json_t *root);
#endif
diff --git a/src/exchange/taler-exchange-httpd_batch-withdraw.c b/src/exchange/taler-exchange-httpd_batch-withdraw.c
index 4cb847832..6fb3c5447 100644
--- a/src/exchange/taler-exchange-httpd_batch-withdraw.c
+++ b/src/exchange/taler-exchange-httpd_batch-withdraw.c
@@ -31,7 +31,7 @@
#include "taler_kyclogic_lib.h"
#include "taler_mhd_lib.h"
#include "taler-exchange-httpd_batch-withdraw.h"
-#include "taler-exchange-httpd_withdraw.h"
+#include "taler-exchange-httpd_common_kyc.h"
#include "taler-exchange-httpd_responses.h"
#include "taler-exchange-httpd_keys.h"
#include "taler_util.h"
@@ -71,9 +71,19 @@ struct BatchWithdrawContext
{
/**
- * Public key of the reserve.
+ * Kept in a DLL.
+ */
+ struct BatchWithdrawContext *prev;
+
+ /**
+ * Kept in a DLL.
+ */
+ struct BatchWithdrawContext *next;
+
+ /**
+ * Handle for the legitimization check.
*/
- const struct TALER_ReservePublicKeyP *reserve_pub;
+ struct TEH_LegitimizationCheckHandle *lch;
/**
* request context
@@ -81,6 +91,16 @@ struct BatchWithdrawContext
const struct TEH_RequestContext *rc;
/**
+ * Response to return, if set.
+ */
+ struct MHD_Response *response;
+
+ /**
+ * Public key of the reserve.
+ */
+ struct TALER_ReservePublicKeyP reserve_pub;
+
+ /**
* KYC status of the reserve used for the operation.
*/
struct TALER_EXCHANGEDB_KycStatus kyc;
@@ -112,27 +132,90 @@ struct BatchWithdrawContext
*/
unsigned int planchets_length;
+ /**
+ * HTTP status to return with @e response, or 0.
+ */
+ unsigned int http_status;
+
+ /**
+ * Processing phase we are in.
+ */
+ enum
+ {
+ BWC_PHASE_CHECK_KEYS,
+ BWC_PHASE_RUN_LEGI_CHECK,
+ BWC_PHASE_SUSPENDED,
+ BWC_PHASE_CHECK_KYC_RESULT,
+ BWC_PHASE_PREPARE_TRANSACTION,
+ BWC_PHASE_RUN_TRANSACTION,
+ BWC_PHASE_GENERATE_REPLY_SUCCESS,
+ BWC_PHASE_GENERATE_REPLY_FAILURE,
+ BWC_PHASE_RETURN_YES,
+ BWC_PHASE_RETURN_NO
+ } phase;
+
};
/**
+ * Kept in a DLL.
+ */
+static struct BatchWithdrawContext *bwc_head;
+
+/**
+ * Kept in a DLL.
+ */
+static struct BatchWithdrawContext *bwc_tail;
+
+
+void
+TEH_batch_withdraw_cleanup ()
+{
+ struct BatchWithdrawContext *bwc;
+
+ while (NULL != (bwc = bwc_head))
+ {
+ GNUNET_CONTAINER_DLL_remove (bwc_head,
+ bwc_tail,
+ bwc);
+ MHD_resume_connection (bwc->rc->connection);
+ }
+}
+
+
+/**
+ * Terminate the main loop by returning the final
+ * result.
+ *
+ * @param[in,out] bwc context to update phase for
+ * @param mres MHD status to return
+ */
+static void
+finish_loop (struct BatchWithdrawContext *bwc,
+ MHD_RESULT mres)
+{
+ bwc->phase = (MHD_YES == mres)
+ ? BWC_PHASE_RETURN_YES
+ : BWC_PHASE_RETURN_NO;
+}
+
+
+/**
* Generates our final (successful) response.
*
- * @param rc request context
- * @param wc operation context
- * @return MHD queue status
+ * @param bwc operation context
*/
-static MHD_RESULT
-generate_reply_success (const struct TEH_RequestContext *rc,
- const struct BatchWithdrawContext *wc)
+static void
+generate_reply_success (struct BatchWithdrawContext *bwc)
{
+ const struct TEH_RequestContext *rc = bwc->rc;
json_t *sigs;
sigs = json_array ();
GNUNET_assert (NULL != sigs);
- for (unsigned int i = 0; i<wc->planchets_length; i++)
+ for (unsigned int i = 0; i<bwc->planchets_length; i++)
{
- struct PlanchetContext *pc = &wc->planchets[i];
+ struct PlanchetContext *pc = &bwc->planchets[i];
GNUNET_assert (
0 ==
@@ -143,48 +226,52 @@ generate_reply_success (const struct TEH_RequestContext *rc,
"ev_sig",
&pc->collectable.sig))));
}
- TEH_METRICS_batch_withdraw_num_coins += wc->planchets_length;
- return TALER_MHD_REPLY_JSON_PACK (
- rc->connection,
- MHD_HTTP_OK,
- GNUNET_JSON_pack_array_steal ("ev_sigs",
- sigs));
+ TEH_METRICS_batch_withdraw_num_coins += bwc->planchets_length;
+ finish_loop (bwc,
+ TALER_MHD_REPLY_JSON_PACK (
+ rc->connection,
+ MHD_HTTP_OK,
+ GNUNET_JSON_pack_array_steal ("ev_sigs",
+ sigs)));
}
/**
- * Check if the @a wc is replayed and we already have an
+ * Check if the @a bwc is replayed and we already have an
* answer. If so, replay the existing answer and return the
* HTTP response.
*
- * @param wc parsed request data
- * @param[out] mret HTTP status, set if we return true
+ * @param bwc parsed request data
* @return true if the request is idempotent with an existing request
* false if we did not find the request in the DB and did not set @a mret
*/
static bool
-check_request_idempotent (const struct BatchWithdrawContext *wc,
- MHD_RESULT *mret)
+check_request_idempotent (
+ struct BatchWithdrawContext *bwc)
{
- const struct TEH_RequestContext *rc = wc->rc;
+ const struct TEH_RequestContext *rc = bwc->rc;
- for (unsigned int i = 0; i<wc->planchets_length; i++)
+ for (unsigned int i = 0; i<bwc->planchets_length; i++)
{
- struct PlanchetContext *pc = &wc->planchets[i];
+ struct PlanchetContext *pc = &bwc->planchets[i];
enum GNUNET_DB_QueryStatus qs;
struct TALER_EXCHANGEDB_CollectableBlindcoin collectable;
- qs = TEH_plugin->get_withdraw_info (TEH_plugin->cls,
- &pc->collectable.h_coin_envelope,
- &collectable);
+ qs = TEH_plugin->get_withdraw_info (
+ TEH_plugin->cls,
+ &pc->collectable.h_coin_envelope,
+ &collectable);
if (0 > qs)
{
+ /* FIXME: soft error not handled correctly! */
GNUNET_break (GNUNET_DB_STATUS_SOFT_ERROR == qs);
- *mret = TALER_MHD_reply_with_error (rc->connection,
- MHD_HTTP_INTERNAL_SERVER_ERROR,
- TALER_EC_GENERIC_DB_FETCH_FAILED,
- "get_withdraw_info");
- return true; /* well, kind-of */
+ finish_loop (bwc,
+ TALER_MHD_reply_with_error (
+ rc->connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_GENERIC_DB_FETCH_FAILED,
+ "get_withdraw_info"));
+ return true;
}
if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs)
return false;
@@ -192,8 +279,7 @@ check_request_idempotent (const struct BatchWithdrawContext *wc,
}
/* generate idempotent reply */
TEH_METRICS_num_requests[TEH_MT_REQUEST_IDEMPOTENT_BATCH_WITHDRAW]++;
- *mret = generate_reply_success (rc,
- wc);
+ bwc->phase = BWC_PHASE_GENERATE_REPLY_SUCCESS;
return true;
}
@@ -206,7 +292,7 @@ check_request_idempotent (const struct BatchWithdrawContext *wc,
* IF it returns the soft error code, the function MAY be called again
* to retry and MUST not queue a MHD response.
*
- * Note that "wc->collectable.sig" is set before entering this function as we
+ * Note that "bwc->collectable.sig" is set before entering this function as we
* signed before entering the transaction.
*
* @param cls a `struct BatchWithdrawContext *`
@@ -216,11 +302,12 @@ check_request_idempotent (const struct BatchWithdrawContext *wc,
* @return transaction status
*/
static enum GNUNET_DB_QueryStatus
-batch_withdraw_transaction (void *cls,
- struct MHD_Connection *connection,
- MHD_RESULT *mhd_ret)
+batch_withdraw_transaction (
+ void *cls,
+ struct MHD_Connection *connection,
+ MHD_RESULT *mhd_ret)
{
- struct BatchWithdrawContext *wc = cls;
+ struct BatchWithdrawContext *bwc = cls;
uint64_t ruuid;
enum GNUNET_DB_QueryStatus qs;
bool found = false;
@@ -229,45 +316,41 @@ batch_withdraw_transaction (void *cls,
uint16_t allowed_maximum_age = 0;
struct TALER_Amount reserve_balance;
- qs = TEH_withdraw_kyc_check (&wc->kyc,
- &wc->h_payto,
- connection,
- mhd_ret,
- wc->reserve_pub,
- &wc->batch_total,
- wc->now);
- if ( (qs < 0) ||
- (! wc->kyc.ok) )
- return qs;
- qs = TEH_plugin->do_batch_withdraw (TEH_plugin->cls,
- wc->now,
- wc->reserve_pub,
- &wc->batch_total,
- TEH_age_restriction_enabled,
- &found,
- &balance_ok,
- &reserve_balance,
- &age_ok,
- &allowed_maximum_age,
- &ruuid);
+ qs = TEH_plugin->do_batch_withdraw (
+ TEH_plugin->cls,
+ bwc->now,
+ &bwc->reserve_pub,
+ &bwc->batch_total,
+ TEH_age_restriction_enabled,
+ &found,
+ &balance_ok,
+ &reserve_balance,
+ &age_ok,
+ &allowed_maximum_age,
+ &ruuid);
if (0 > qs)
{
if (GNUNET_DB_STATUS_HARD_ERROR == qs)
{
GNUNET_break (0);
- *mhd_ret = TALER_MHD_reply_with_error (connection,
- MHD_HTTP_INTERNAL_SERVER_ERROR,
- TALER_EC_GENERIC_DB_FETCH_FAILED,
- "update_reserve_batch_withdraw");
+ finish_loop (bwc,
+ TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_GENERIC_DB_FETCH_FAILED,
+ "update_reserve_batch_withdraw"));
+ return qs;
}
return qs;
}
if (! found)
{
- *mhd_ret = TALER_MHD_reply_with_error (connection,
- MHD_HTTP_NOT_FOUND,
- TALER_EC_EXCHANGE_GENERIC_RESERVE_UNKNOWN,
- NULL);
+ finish_loop (bwc,
+ TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_NOT_FOUND,
+ TALER_EC_EXCHANGE_GENERIC_RESERVE_UNKNOWN,
+ NULL));
return GNUNET_DB_STATUS_HARD_ERROR;
}
@@ -279,33 +362,31 @@ batch_withdraw_transaction (void *cls,
&TEH_age_restriction_config.mask,
allowed_maximum_age);
- *mhd_ret = TEH_RESPONSE_reply_reserve_age_restriction_required (
- connection,
- lowest_age);
+ finish_loop (bwc,
+ TEH_RESPONSE_reply_reserve_age_restriction_required (
+ connection,
+ lowest_age));
return GNUNET_DB_STATUS_HARD_ERROR;
}
if (! balance_ok)
{
- if (check_request_idempotent (wc,
- mhd_ret))
- {
+ if (check_request_idempotent (bwc))
return GNUNET_DB_STATUS_HARD_ERROR;
- }
-
- *mhd_ret = TEH_RESPONSE_reply_reserve_insufficient_balance (
- connection,
- TALER_EC_EXCHANGE_WITHDRAW_INSUFFICIENT_FUNDS,
- &reserve_balance,
- &wc->batch_total,
- wc->reserve_pub);
+ finish_loop (bwc,
+ TEH_RESPONSE_reply_reserve_insufficient_balance (
+ connection,
+ TALER_EC_EXCHANGE_WITHDRAW_INSUFFICIENT_FUNDS,
+ &reserve_balance,
+ &bwc->batch_total,
+ &bwc->reserve_pub));
return GNUNET_DB_STATUS_HARD_ERROR;
}
/* Add information about each planchet in the batch */
- for (unsigned int i = 0; i<wc->planchets_length; i++)
+ for (unsigned int i = 0; i<bwc->planchets_length; i++)
{
- struct PlanchetContext *pc = &wc->planchets[i];
+ struct PlanchetContext *pc = &bwc->planchets[i];
const struct TALER_BlindedPlanchet *bp = &pc->blinded_planchet;
const union GNUNET_CRYPTO_BlindSessionNonce *nonce = NULL;
bool denom_unknown = true;
@@ -323,56 +404,63 @@ batch_withdraw_transaction (void *cls,
&bp->blinded_message->details.cs_blinded_message.nonce;
break;
}
- qs = TEH_plugin->do_batch_withdraw_insert (TEH_plugin->cls,
- nonce,
- &pc->collectable,
- wc->now,
- ruuid,
- &denom_unknown,
- &conflict,
- &nonce_reuse);
+ qs = TEH_plugin->do_batch_withdraw_insert (
+ TEH_plugin->cls,
+ nonce,
+ &pc->collectable,
+ bwc->now,
+ ruuid,
+ &denom_unknown,
+ &conflict,
+ &nonce_reuse);
if (0 > qs)
{
if (GNUNET_DB_STATUS_HARD_ERROR == qs)
- *mhd_ret = TALER_MHD_reply_with_error (connection,
- MHD_HTTP_INTERNAL_SERVER_ERROR,
- TALER_EC_GENERIC_DB_FETCH_FAILED,
- "do_batch_withdraw_insert");
+ finish_loop (bwc,
+ TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_GENERIC_DB_FETCH_FAILED,
+ "do_batch_withdraw_insert"));
return qs;
}
if (denom_unknown)
{
GNUNET_break (0);
- *mhd_ret = TALER_MHD_reply_with_error (connection,
- MHD_HTTP_INTERNAL_SERVER_ERROR,
- TALER_EC_GENERIC_DB_INVARIANT_FAILURE,
- NULL);
+ finish_loop (bwc,
+ TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_GENERIC_DB_INVARIANT_FAILURE,
+ NULL));
return GNUNET_DB_STATUS_HARD_ERROR;
}
if ( (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs) ||
(conflict) )
{
- if (! check_request_idempotent (wc,
- mhd_ret))
- {
- /* We do not support *some* of the coins of the request being
+ if (check_request_idempotent (bwc))
+ return GNUNET_DB_STATUS_HARD_ERROR;
+ /* We do not support *some* of the coins of the request being
idempotent while others being fresh. */
- GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
- "Idempotent coin in batch, not allowed. Aborting.\n");
- *mhd_ret = TALER_MHD_reply_with_error (connection,
- MHD_HTTP_CONFLICT,
- TALER_EC_EXCHANGE_WITHDRAW_BATCH_IDEMPOTENT_PLANCHET,
- NULL);
- }
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ "Idempotent coin in batch, not allowed. Aborting.\n");
+ finish_loop (bwc,
+ TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_CONFLICT,
+ TALER_EC_EXCHANGE_WITHDRAW_BATCH_IDEMPOTENT_PLANCHET,
+ NULL));
return GNUNET_DB_STATUS_HARD_ERROR;
}
if (nonce_reuse)
{
GNUNET_break_op (0);
- *mhd_ret = TALER_MHD_reply_with_error (connection,
- MHD_HTTP_BAD_REQUEST,
- TALER_EC_EXCHANGE_WITHDRAW_NONCE_REUSE,
- NULL);
+ finish_loop (bwc,
+ TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_BAD_REQUEST,
+ TALER_EC_EXCHANGE_WITHDRAW_NONCE_REUSE,
+ NULL));
return GNUNET_DB_STATUS_HARD_ERROR;
}
}
@@ -382,162 +470,285 @@ batch_withdraw_transaction (void *cls,
/**
+ * The request was prepared successfully. Run
+ * the main DB transaction.
+ *
+ * @param bwc storage for request processing
+ */
+static void
+run_transaction (struct BatchWithdrawContext *bwc)
+{
+ MHD_RESULT mhd_ret;
+
+ GNUNET_assert (BWC_PHASE_RUN_TRANSACTION ==
+ bwc->phase);
+ if (GNUNET_OK !=
+ TEH_DB_run_transaction (bwc->rc->connection,
+ "run batch withdraw",
+ TEH_MT_REQUEST_WITHDRAW,
+ &mhd_ret,
+ &batch_withdraw_transaction,
+ bwc))
+ {
+ if (BWC_PHASE_RUN_TRANSACTION == bwc->phase)
+ finish_loop (bwc,
+ mhd_ret);
+ return;
+ }
+ bwc->phase++;
+}
+
+
+/**
* The request was parsed successfully. Prepare
* our side for the main DB transaction.
*
- * @param rc request details
- * @param wc storage for request processing
- * @return MHD result for the @a rc
+ * @param bwc storage for request processing
*/
-static MHD_RESULT
-prepare_transaction (const struct TEH_RequestContext *rc,
- struct BatchWithdrawContext *wc)
+static void
+prepare_transaction (struct BatchWithdrawContext *bwc)
{
- struct TEH_CoinSignData csds[wc->planchets_length];
- struct TALER_BlindedDenominationSignature bss[wc->planchets_length];
+ const struct TEH_RequestContext *rc = bwc->rc;
+ struct TALER_BlindedDenominationSignature bss[bwc->planchets_length];
+ struct TEH_CoinSignData csds[bwc->planchets_length];
- for (unsigned int i = 0; i<wc->planchets_length; i++)
+ for (unsigned int i = 0; i<bwc->planchets_length; i++)
{
- struct PlanchetContext *pc = &wc->planchets[i];
+ struct PlanchetContext *pc = &bwc->planchets[i];
+ struct TEH_CoinSignData *csdsi = &csds[i];
- csds[i].h_denom_pub = &pc->collectable.denom_pub_hash;
- csds[i].bp = &pc->blinded_planchet;
+ csdsi->h_denom_pub = &pc->collectable.denom_pub_hash;
+ csdsi->bp = &pc->blinded_planchet;
}
{
enum TALER_ErrorCode ec;
ec = TEH_keys_denomination_batch_sign (
- wc->planchets_length,
+ bwc->planchets_length,
csds,
false,
bss);
if (TALER_EC_NONE != ec)
{
GNUNET_break (0);
- return TALER_MHD_reply_with_ec (rc->connection,
- ec,
- NULL);
+ finish_loop (bwc,
+ TALER_MHD_reply_with_ec (
+ rc->connection,
+ ec,
+ NULL));
+ return;
}
}
- for (unsigned int i = 0; i<wc->planchets_length; i++)
+ for (unsigned int i = 0; i<bwc->planchets_length; i++)
{
- struct PlanchetContext *pc = &wc->planchets[i];
+ struct PlanchetContext *pc = &bwc->planchets[i];
pc->collectable.sig = bss[i];
}
+ bwc->phase++;
+}
- /* run transaction */
- {
- MHD_RESULT mhd_ret;
- if (GNUNET_OK !=
- TEH_DB_run_transaction (rc->connection,
- "run batch withdraw",
- TEH_MT_REQUEST_WITHDRAW,
- &mhd_ret,
- &batch_withdraw_transaction,
- wc))
+/**
+ * Check the KYC result.
+ *
+ * @param bwc storage for request processing
+ */
+static void
+check_kyc_result (struct BatchWithdrawContext *bwc)
+{
+ /* return final positive response */
+ if (! bwc->kyc.ok)
+ {
+ if (check_request_idempotent (bwc))
{
- return mhd_ret;
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ "Request is idempotent!\n");
+ return;
}
+ /* KYC required */
+ finish_loop (bwc,
+ TEH_RESPONSE_reply_kyc_required (
+ bwc->rc->connection,
+ &bwc->h_payto,
+ &bwc->kyc));
+ return;
}
- /* return final positive response */
- if (! wc->kyc.ok)
- {
- MHD_RESULT mhd_ret;
+ bwc->phase++;
+}
- if (check_request_idempotent (wc,
- &mhd_ret))
- return mhd_ret;
- /* KYC required */
- return TEH_RESPONSE_reply_kyc_required (
- rc->connection,
- &wc->h_payto,
- &wc->kyc);
+
+/**
+ * Function called with the result of a legitimization
+ * check.
+ *
+ * @param cls closure
+ * @param lcr legitimization check result
+ */
+static void
+withdraw_legi_cb (
+ void *cls,
+ const struct TEH_LegitimizationCheckResult *lcr)
+{
+ struct BatchWithdrawContext *bwc = cls;
+
+ bwc->lch = NULL;
+ GNUNET_assert (BWC_PHASE_SUSPENDED ==
+ bwc->phase);
+ MHD_resume_connection (bwc->rc->connection);
+ GNUNET_CONTAINER_DLL_remove (bwc_head,
+ bwc_tail,
+ bwc);
+ TALER_MHD_daemon_trigger ();
+ if (NULL != lcr->response)
+ {
+ bwc->response = lcr->response;
+ bwc->http_status = lcr->http_status;
+ bwc->phase = BWC_PHASE_GENERATE_REPLY_FAILURE;
+ return;
}
- return generate_reply_success (rc,
- wc);
+ bwc->kyc = lcr->kyc;
+ bwc->phase = BWC_PHASE_CHECK_KYC_RESULT;
}
/**
- * Continue processing the request @a rc by parsing the
- * @a planchets and then running the transaction.
+ * Function called to iterate over KYC-relevant transaction amounts for a
+ * particular time range. Called within a database transaction, so must
+ * not start a new one.
*
- * @param rc request details
- * @param wc storage for request processing
- * @param planchets array of planchets to parse
- * @return MHD result for the @a rc
+ * @param cls closure, identifies the event type and account to iterate
+ * over events for
+ * @param limit maximum time-range for which events should be fetched
+ * (timestamp in the past)
+ * @param cb function to call on each event found, events must be returned
+ * in reverse chronological order
+ * @param cb_cls closure for @a cb, of type struct AgeWithdrawContext
+ * @return transaction status
*/
-static MHD_RESULT
-parse_planchets (const struct TEH_RequestContext *rc,
- struct BatchWithdrawContext *wc,
- const json_t *planchets)
+static enum GNUNET_DB_QueryStatus
+withdraw_amount_cb (
+ void *cls,
+ struct GNUNET_TIME_Absolute limit,
+ TALER_EXCHANGEDB_KycAmountCallback cb,
+ void *cb_cls)
{
- struct TEH_KeyStateHandle *ksh;
+ struct BatchWithdrawContext *bwc = cls;
+ enum GNUNET_GenericReturnValue ret;
+ enum GNUNET_DB_QueryStatus qs;
- for (unsigned int i = 0; i<wc->planchets_length; i++)
- {
- struct PlanchetContext *pc = &wc->planchets[i];
- struct GNUNET_JSON_Specification ispec[] = {
- GNUNET_JSON_spec_fixed_auto ("reserve_sig",
- &pc->collectable.reserve_sig),
- GNUNET_JSON_spec_fixed_auto ("denom_pub_hash",
- &pc->collectable.denom_pub_hash),
- TALER_JSON_spec_blinded_planchet ("coin_ev",
- &pc->blinded_planchet),
- GNUNET_JSON_spec_end ()
- };
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ "Signaling amount %s for KYC check during age-withdrawal\n",
+ TALER_amount2s (&bwc->batch_total));
+ ret = cb (cb_cls,
+ &bwc->batch_total,
+ bwc->now.abs_time);
+ GNUNET_break (GNUNET_SYSERR != ret);
+ if (GNUNET_OK != ret)
+ return GNUNET_DB_STATUS_SUCCESS_NO_RESULTS;
+ qs = TEH_plugin->select_withdraw_amounts_for_kyc_check (
+ TEH_plugin->cls,
+ &bwc->h_payto,
+ limit,
+ cb,
+ cb_cls);
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ "Got %d additional transactions for this age-withdrawal and limit %llu\n",
+ qs,
+ (unsigned long long) limit.abs_value_us);
+ GNUNET_break (qs >= 0);
+ return qs;
+}
- {
- enum GNUNET_GenericReturnValue res;
-
- res = TALER_MHD_parse_json_data (rc->connection,
- json_array_get (planchets,
- i),
- ispec);
- if (GNUNET_OK != res)
- return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES;
- }
- pc->collectable.reserve_pub = *wc->reserve_pub;
- for (unsigned int k = 0; k<i; k++)
- {
- const struct PlanchetContext *kpc = &wc->planchets[k];
- if (0 ==
- TALER_blinded_planchet_cmp (&kpc->blinded_planchet,
- &pc->blinded_planchet))
- {
- GNUNET_break_op (0);
- return TALER_MHD_reply_with_error (rc->connection,
- MHD_HTTP_BAD_REQUEST,
- TALER_EC_GENERIC_PARAMETER_MALFORMED,
- "duplicate planchet");
- }
- }
+/**
+ * Do legitimization check.
+ *
+ * @param bwc operation context
+ */
+static void
+run_legi_check (struct BatchWithdrawContext *bwc)
+{
+ enum GNUNET_DB_QueryStatus qs;
+ char *payto_uri;
+
+ /* Check if the money came from a wire transfer */
+ qs = TEH_plugin->reserves_get_origin (
+ TEH_plugin->cls,
+ &bwc->reserve_pub,
+ &bwc->h_payto,
+ &payto_uri);
+ if (qs < 0)
+ {
+ finish_loop (bwc,
+ TALER_MHD_reply_with_error (
+ bwc->rc->connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_GENERIC_DB_FETCH_FAILED,
+ "reserves_get_origin"));
+ return;
}
+ /* If _no_ results, reserve was created by merge,
+ in which case no KYC check is required as the
+ merge already did that. */
+ if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs)
+ {
+ bwc->phase = BWC_PHASE_PREPARE_TRANSACTION;
+ return;
+ }
+
+ bwc->lch = TEH_legitimization_check (
+ &bwc->rc->async_scope_id,
+ TALER_KYCLOGIC_KYC_TRIGGER_WITHDRAW,
+ payto_uri,
+ &bwc->h_payto,
+ NULL,
+ &withdraw_amount_cb,
+ bwc,
+ &withdraw_legi_cb,
+ bwc);
+ GNUNET_assert (NULL != bwc->lch);
+ GNUNET_free (payto_uri);
+ GNUNET_CONTAINER_DLL_insert (bwc_head,
+ bwc_tail,
+ bwc);
+ MHD_suspend_connection (bwc->rc->connection);
+ bwc->phase = BWC_PHASE_SUSPENDED;
+}
+
+
+/**
+ * Check if the keys in the request are valid for
+ * withdrawing.
+ *
+ * @param[in,out] bwc storage for request processing
+ */
+static void
+check_keys (struct BatchWithdrawContext *bwc)
+{
+ const struct TEH_RequestContext *rc = bwc->rc;
+ struct TEH_KeyStateHandle *ksh;
ksh = TEH_keys_get_state ();
if (NULL == ksh)
{
- MHD_RESULT mret;
-
- if (! check_request_idempotent (wc,
- &mret))
- {
- GNUNET_break (0);
- return TALER_MHD_reply_with_error (rc->connection,
- MHD_HTTP_INTERNAL_SERVER_ERROR,
- TALER_EC_EXCHANGE_GENERIC_KEYS_MISSING,
- NULL);
- }
- return mret;
+ if (check_request_idempotent (bwc))
+ return;
+ GNUNET_break (0);
+ finish_loop (bwc,
+ TALER_MHD_reply_with_error (
+ rc->connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_EXCHANGE_GENERIC_KEYS_MISSING,
+ NULL));
+ return;
}
- for (unsigned int i = 0; i<wc->planchets_length; i++)
+ for (unsigned int i = 0; i<bwc->planchets_length; i++)
{
- struct PlanchetContext *pc = &wc->planchets[i];
+ struct PlanchetContext *pc = &bwc->planchets[i];
struct TEH_DenominationKey *dk;
+
dk = TEH_keys_denomination_by_hash_from_state (
ksh,
&pc->collectable.denom_pub_hash,
@@ -545,72 +756,68 @@ parse_planchets (const struct TEH_RequestContext *rc,
NULL);
if (NULL == dk)
{
- MHD_RESULT mret;
-
- if (! check_request_idempotent (wc,
- &mret))
- {
- GNUNET_break_op (0);
- return TEH_RESPONSE_reply_unknown_denom_pub_hash (
- rc->connection,
- &pc->collectable.denom_pub_hash);
- }
- return mret;
+ if (check_request_idempotent (bwc))
+ return;
+ GNUNET_break_op (0);
+ finish_loop (bwc,
+ TEH_RESPONSE_reply_unknown_denom_pub_hash (
+ rc->connection,
+ &pc->collectable.denom_pub_hash));
+ return;
}
- if (GNUNET_TIME_absolute_is_past (dk->meta.expire_withdraw.abs_time))
+ if (GNUNET_TIME_absolute_is_past (
+ dk->meta.expire_withdraw.abs_time))
{
- MHD_RESULT mret;
-
/* This denomination is past the expiration time for withdraws */
- if (! check_request_idempotent (wc,
- &mret))
- {
- GNUNET_break_op (0);
- return TEH_RESPONSE_reply_expired_denom_pub_hash (
- rc->connection,
- &pc->collectable.denom_pub_hash,
- TALER_EC_EXCHANGE_GENERIC_DENOMINATION_EXPIRED,
- "WITHDRAW");
- }
- return mret;
+ if (check_request_idempotent (bwc))
+ return;
+ GNUNET_break_op (0);
+ finish_loop (bwc,
+ TEH_RESPONSE_reply_expired_denom_pub_hash (
+ rc->connection,
+ &pc->collectable.denom_pub_hash,
+ TALER_EC_EXCHANGE_GENERIC_DENOMINATION_EXPIRED,
+ "WITHDRAW"));
+ return;
}
- if (GNUNET_TIME_absolute_is_future (dk->meta.start.abs_time))
+ if (GNUNET_TIME_absolute_is_future (
+ dk->meta.start.abs_time))
{
/* This denomination is not yet valid, no need to check
for idempotency! */
GNUNET_break_op (0);
- return TEH_RESPONSE_reply_expired_denom_pub_hash (
- rc->connection,
- &pc->collectable.denom_pub_hash,
- TALER_EC_EXCHANGE_GENERIC_DENOMINATION_VALIDITY_IN_FUTURE,
- "WITHDRAW");
+ finish_loop (bwc,
+ TEH_RESPONSE_reply_expired_denom_pub_hash (
+ rc->connection,
+ &pc->collectable.denom_pub_hash,
+ TALER_EC_EXCHANGE_GENERIC_DENOMINATION_VALIDITY_IN_FUTURE,
+ "WITHDRAW"));
}
if (dk->recoup_possible)
{
- MHD_RESULT mret;
-
/* This denomination has been revoked */
- if (! check_request_idempotent (wc,
- &mret))
- {
- GNUNET_break_op (0);
- return TEH_RESPONSE_reply_expired_denom_pub_hash (
- rc->connection,
- &pc->collectable.denom_pub_hash,
- TALER_EC_EXCHANGE_GENERIC_DENOMINATION_REVOKED,
- "WITHDRAW");
- }
- return mret;
+ if (check_request_idempotent (bwc))
+ return;
+ GNUNET_break_op (0);
+ finish_loop (bwc,
+ TEH_RESPONSE_reply_expired_denom_pub_hash (
+ rc->connection,
+ &pc->collectable.denom_pub_hash,
+ TALER_EC_EXCHANGE_GENERIC_DENOMINATION_REVOKED,
+ "WITHDRAW"));
+ return;
}
if (dk->denom_pub.bsign_pub_key->cipher !=
pc->blinded_planchet.blinded_message->cipher)
{
/* denomination cipher and blinded planchet cipher not the same */
GNUNET_break_op (0);
- return TALER_MHD_reply_with_error (rc->connection,
- MHD_HTTP_BAD_REQUEST,
- TALER_EC_EXCHANGE_GENERIC_CIPHER_MISMATCH,
- NULL);
+ finish_loop (bwc,
+ TALER_MHD_reply_with_error (
+ rc->connection,
+ MHD_HTTP_BAD_REQUEST,
+ TALER_EC_EXCHANGE_GENERIC_CIPHER_MISMATCH,
+ NULL));
}
if (0 >
TALER_amount_add (&pc->collectable.amount_with_fee,
@@ -618,21 +825,26 @@ parse_planchets (const struct TEH_RequestContext *rc,
&dk->meta.fees.withdraw))
{
GNUNET_break (0);
- return TALER_MHD_reply_with_error (rc->connection,
- MHD_HTTP_INTERNAL_SERVER_ERROR,
- TALER_EC_EXCHANGE_WITHDRAW_AMOUNT_FEE_OVERFLOW,
- NULL);
+ finish_loop (bwc,
+ TALER_MHD_reply_with_error (rc->connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_EXCHANGE_WITHDRAW_AMOUNT_FEE_OVERFLOW,
+ NULL));
+ return;
}
if (0 >
- TALER_amount_add (&wc->batch_total,
- &wc->batch_total,
+ TALER_amount_add (&bwc->batch_total,
+ &bwc->batch_total,
&pc->collectable.amount_with_fee))
{
GNUNET_break (0);
- return TALER_MHD_reply_with_error (rc->connection,
- MHD_HTTP_INTERNAL_SERVER_ERROR,
- TALER_EC_EXCHANGE_WITHDRAW_AMOUNT_FEE_OVERFLOW,
- NULL);
+ finish_loop (bwc,
+ TALER_MHD_reply_with_error (
+ rc->connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_EXCHANGE_WITHDRAW_AMOUNT_FEE_OVERFLOW,
+ NULL));
+ return;
}
TALER_coin_ev_hash (&pc->blinded_planchet,
@@ -641,91 +853,213 @@ parse_planchets (const struct TEH_RequestContext *rc,
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
if (GNUNET_OK !=
- TALER_wallet_withdraw_verify (&pc->collectable.denom_pub_hash,
- &pc->collectable.amount_with_fee,
- &pc->collectable.h_coin_envelope,
- &pc->collectable.reserve_pub,
- &pc->collectable.reserve_sig))
+ TALER_wallet_withdraw_verify (
+ &pc->collectable.denom_pub_hash,
+ &pc->collectable.amount_with_fee,
+ &pc->collectable.h_coin_envelope,
+ &pc->collectable.reserve_pub,
+ &pc->collectable.reserve_sig))
{
GNUNET_break_op (0);
- return TALER_MHD_reply_with_error (rc->connection,
- MHD_HTTP_FORBIDDEN,
- TALER_EC_EXCHANGE_WITHDRAW_RESERVE_SIGNATURE_INVALID,
- NULL);
+ finish_loop (bwc,
+ TALER_MHD_reply_with_error (
+ rc->connection,
+ MHD_HTTP_FORBIDDEN,
+ TALER_EC_EXCHANGE_WITHDRAW_RESERVE_SIGNATURE_INVALID,
+ NULL));
+ return;
}
}
+ bwc->phase++;
/* everything parsed */
- return prepare_transaction (rc,
- wc);
}
-MHD_RESULT
-TEH_handler_batch_withdraw (struct TEH_RequestContext *rc,
- const struct TALER_ReservePublicKeyP *reserve_pub,
- const json_t *root)
+/**
+ * Batch-withdraw-specific cleanup routine. Function called
+ * upon completion of the request that should
+ * clean up @a rh_ctx. Can be NULL.
+ *
+ * @param rc request context to clean up
+ */
+static void
+clean_batch_withdraw_rc (struct TEH_RequestContext *rc)
{
- struct BatchWithdrawContext wc = {
- .reserve_pub = reserve_pub,
- .rc = rc,
- .now = GNUNET_TIME_timestamp_get ()
- };
- const json_t *planchets;
- struct GNUNET_JSON_Specification spec[] = {
- GNUNET_JSON_spec_array_const ("planchets",
- &planchets),
- GNUNET_JSON_spec_end ()
- };
-
- GNUNET_assert (GNUNET_OK ==
- TALER_amount_set_zero (TEH_currency,
- &wc.batch_total));
- {
- enum GNUNET_GenericReturnValue res;
+ struct BatchWithdrawContext *bwc = rc->rh_ctx;
- res = TALER_MHD_parse_json_data (rc->connection,
- root,
- spec);
- if (GNUNET_OK != res)
- return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES;
+ if (NULL != bwc->lch)
+ {
+ TEH_legitimization_check_cancel (bwc->lch);
+ bwc->lch = NULL;
}
- wc.planchets_length = json_array_size (planchets);
- if (0 == wc.planchets_length)
+ for (unsigned int i = 0; i<bwc->planchets_length; i++)
{
- GNUNET_break_op (0);
- return TALER_MHD_reply_with_error (rc->connection,
- MHD_HTTP_BAD_REQUEST,
- TALER_EC_GENERIC_PARAMETER_MALFORMED,
- "planchets");
+ struct PlanchetContext *pc = &bwc->planchets[i];
+
+ TALER_blinded_planchet_free (&pc->blinded_planchet);
+ TALER_blinded_denom_sig_free (&pc->collectable.sig);
}
- if (wc.planchets_length > TALER_MAX_FRESH_COINS)
+ GNUNET_free (bwc->planchets);
+ if (NULL != bwc->response)
{
- GNUNET_break_op (0);
- return TALER_MHD_reply_with_error (rc->connection,
- MHD_HTTP_BAD_REQUEST,
- TALER_EC_GENERIC_PARAMETER_MALFORMED,
- "too many planchets");
+ MHD_destroy_response (bwc->response);
+ bwc->response = NULL;
}
+ GNUNET_free (bwc);
+}
+
+
+MHD_RESULT
+TEH_handler_batch_withdraw (
+ struct TEH_RequestContext *rc,
+ const struct TALER_ReservePublicKeyP *reserve_pub,
+ const json_t *root)
+{
+ struct BatchWithdrawContext *bwc = rc->rh_ctx;
+
+ if (NULL == bwc)
{
- struct PlanchetContext splanchets[wc.planchets_length];
- MHD_RESULT ret;
-
- memset (splanchets,
- 0,
- sizeof (splanchets));
- wc.planchets = splanchets;
- ret = parse_planchets (rc,
- &wc,
- planchets);
- /* Clean up */
- for (unsigned int i = 0; i<wc.planchets_length; i++)
+ const json_t *planchets;
+
+ bwc = GNUNET_new (struct BatchWithdrawContext);
+ rc->rh_ctx = bwc;
+ rc->rh_cleaner = &clean_batch_withdraw_rc;
+ bwc->rc = rc;
+ bwc->reserve_pub = *reserve_pub;
+ bwc->now = GNUNET_TIME_timestamp_get ();
+ GNUNET_assert (GNUNET_OK ==
+ TALER_amount_set_zero (TEH_currency,
+ &bwc->batch_total));
+
{
- struct PlanchetContext *pc = &wc.planchets[i];
+ struct GNUNET_JSON_Specification spec[] = {
+ GNUNET_JSON_spec_array_const ("planchets",
+ &planchets),
+ GNUNET_JSON_spec_end ()
+ };
- TALER_blinded_planchet_free (&pc->blinded_planchet);
- TALER_blinded_denom_sig_free (&pc->collectable.sig);
+ {
+ enum GNUNET_GenericReturnValue res;
+
+ res = TALER_MHD_parse_json_data (rc->connection,
+ root,
+ spec);
+ if (GNUNET_OK != res)
+ return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES;
+ }
+ }
+
+ bwc->planchets_length = json_array_size (planchets);
+ if (0 == bwc->planchets_length)
+ {
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_error (
+ rc->connection,
+ MHD_HTTP_BAD_REQUEST,
+ TALER_EC_GENERIC_PARAMETER_MALFORMED,
+ "planchets");
+ }
+ if (bwc->planchets_length > TALER_MAX_FRESH_COINS)
+ {
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_error (
+ rc->connection,
+ MHD_HTTP_BAD_REQUEST,
+ TALER_EC_GENERIC_PARAMETER_MALFORMED,
+ "too many planchets");
+ }
+
+ bwc->planchets
+ = GNUNET_new_array (bwc->planchets_length,
+ struct PlanchetContext);
+
+ for (unsigned int i = 0; i<bwc->planchets_length; i++)
+ {
+ struct PlanchetContext *pc = &bwc->planchets[i];
+ struct GNUNET_JSON_Specification ispec[] = {
+ GNUNET_JSON_spec_fixed_auto (
+ "reserve_sig",
+ &pc->collectable.reserve_sig),
+ GNUNET_JSON_spec_fixed_auto (
+ "denom_pub_hash",
+ &pc->collectable.denom_pub_hash),
+ TALER_JSON_spec_blinded_planchet (
+ "coin_ev",
+ &pc->blinded_planchet),
+ GNUNET_JSON_spec_end ()
+ };
+
+ {
+ enum GNUNET_GenericReturnValue res;
+
+ res = TALER_MHD_parse_json_data (
+ rc->connection,
+ json_array_get (planchets,
+ i),
+ ispec);
+ if (GNUNET_OK != res)
+ return (GNUNET_SYSERR == res)
+ ? MHD_NO
+ : MHD_YES;
+ }
+ pc->collectable.reserve_pub = bwc->reserve_pub;
+ for (unsigned int k = 0; k<i; k++)
+ {
+ const struct PlanchetContext *kpc = &bwc->planchets[k];
+
+ if (0 ==
+ TALER_blinded_planchet_cmp (
+ &kpc->blinded_planchet,
+ &pc->blinded_planchet))
+ {
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_error (
+ rc->connection,
+ MHD_HTTP_BAD_REQUEST,
+ TALER_EC_GENERIC_PARAMETER_MALFORMED,
+ "duplicate planchet");
+ }
+ }
+ }
+ bwc->phase = BWC_PHASE_CHECK_KEYS;
+ }
+
+ while (true)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ "Batch withdraw processing in phase %d\n",
+ bwc->phase);
+ switch (bwc->phase)
+ {
+ case BWC_PHASE_CHECK_KEYS:
+ check_keys (bwc);
+ break;
+ case BWC_PHASE_RUN_LEGI_CHECK:
+ run_legi_check (bwc);
+ break;
+ case BWC_PHASE_SUSPENDED:
+ return MHD_YES;
+ case BWC_PHASE_CHECK_KYC_RESULT:
+ check_kyc_result (bwc);
+ break;
+ case BWC_PHASE_PREPARE_TRANSACTION:
+ prepare_transaction (bwc);
+ break;
+ case BWC_PHASE_RUN_TRANSACTION:
+ run_transaction (bwc);
+ break;
+ case BWC_PHASE_GENERATE_REPLY_SUCCESS:
+ generate_reply_success (bwc);
+ break;
+ case BWC_PHASE_GENERATE_REPLY_FAILURE:
+ return MHD_queue_response (rc->connection,
+ bwc->http_status,
+ bwc->response);
+ case BWC_PHASE_RETURN_YES:
+ return MHD_YES;
+ case BWC_PHASE_RETURN_NO:
+ return MHD_NO;
}
- return ret;
}
}
diff --git a/src/exchange/taler-exchange-httpd_batch-withdraw.h b/src/exchange/taler-exchange-httpd_batch-withdraw.h
index dfc6e5ad8..913f77f27 100644
--- a/src/exchange/taler-exchange-httpd_batch-withdraw.h
+++ b/src/exchange/taler-exchange-httpd_batch-withdraw.h
@@ -28,6 +28,12 @@
/**
+ * Resume suspended connections, we are shutting down.
+ */
+void
+TEH_batch_withdraw_cleanup (void);
+
+/**
* Handle a "/reserves/$RESERVE_PUB/batch-withdraw" request. Parses the batch of
* requested "denom_pub" which specifies the key/value of the coin to be
* withdrawn, and checks that the signature "reserve_sig" makes this a valid
diff --git a/src/exchange/taler-exchange-httpd_common_kyc.c b/src/exchange/taler-exchange-httpd_common_kyc.c
index aea27f261..a3239fdea 100644
--- a/src/exchange/taler-exchange-httpd_common_kyc.c
+++ b/src/exchange/taler-exchange-httpd_common_kyc.c
@@ -27,6 +27,14 @@
#include "taler_exchangedb_plugin.h"
#include <gnunet/gnunet_common.h>
+/**
+ * How often do we allow a legitimization rule to
+ * automatically trigger the next rule before bailing
+ * out?
+ */
+#define MAX_LEGI_LOOPS 5
+
+
struct TEH_KycAmlTrigger
{
@@ -320,9 +328,12 @@ kyc_aml_finished (
GNUNET_break (0);
if (NULL != kat->response)
MHD_destroy_response (kat->response);
- kat->http_status = MHD_HTTP_INTERNAL_SERVER_ERROR;
- kat->response = TALER_MHD_make_error (TALER_EC_GENERIC_DB_STORE_FAILED,
- "do_insert_kyc_attributes");
+ kat->http_status
+ = MHD_HTTP_INTERNAL_SERVER_ERROR;
+ kat->response
+ = TALER_MHD_make_error (
+ TALER_EC_GENERIC_DB_STORE_FAILED,
+ "do_insert_kyc_attributes");
/* Continued below to return the response */
}
RETURN_RESULT:
@@ -467,10 +478,37 @@ add_kyc_history_entry (
}
+/**
+ * We have finished a KYC process and obtained new
+ * @a attributes for a given @a account_id.
+ * Check with the KYC-AML trigger to see if we need
+ * to initiate an AML process, and store the attributes
+ * in the database. Then call @a cb.
+ *
+ * @param scope the HTTP request logging scope
+ * @param process_row legitimization process the data provided is about,
+ * or must be 0 if instant_ms is given
+ * @param instant_ms instant measure to run, used if @a process_row is 0,
+ * otherwise must be NULL
+ * @param account_id account the webhook was about
+ * @param provider_name name of the provider with the logic that was run
+ * @param provider_user_id set to user ID at the provider, or
+ * NULL if not supported or unknown
+ * @param provider_legitimization_id set to legitimization process ID at the provider,
+ * or NULL if not supported or unknown
+ * @param expiration until when is the KYC check valid
+ * @param attributes user attributes returned by the provider
+ * @param http_status HTTP status code of @a response
+ * @param[in] response to return to the HTTP client, can be NULL
+ * @param cb function to call with the result
+ * @param cb_cls closure for @a cb
+ * @return handle to cancel the operation
+ */
struct TEH_KycAmlTrigger *
-TEH_kyc_finished (
+TEH_kyc_finished2 (
const struct GNUNET_AsyncScopeId *scope,
uint64_t process_row,
+ const struct TALER_KYCLOGIC_Measure *instant_ms,
const struct TALER_PaytoHashP *account_id,
const char *provider_name,
const char *provider_user_id,
@@ -503,24 +541,27 @@ TEH_kyc_finished (
kat->response = response;
kat->cb = cb;
kat->cb_cls = cb_cls;
- qs = TEH_plugin->lookup_active_legitimization (
- TEH_plugin->cls,
- process_row,
- &kat->measure_index,
- &kat->jmeasures);
- switch (qs)
+ if (NULL == instant_ms)
{
- case GNUNET_DB_STATUS_HARD_ERROR:
- case GNUNET_DB_STATUS_SOFT_ERROR:
- GNUNET_break (0);
- TEH_kyc_finished_cancel (kat);
- return NULL;
- case GNUNET_DB_STATUS_SUCCESS_NO_RESULTS:
- GNUNET_break (0);
- TEH_kyc_finished_cancel (kat);
- return NULL;
- case GNUNET_DB_STATUS_SUCCESS_ONE_RESULT:
- break;
+ qs = TEH_plugin->lookup_active_legitimization (
+ TEH_plugin->cls,
+ process_row,
+ &kat->measure_index,
+ &kat->jmeasures);
+ switch (qs)
+ {
+ case GNUNET_DB_STATUS_HARD_ERROR:
+ case GNUNET_DB_STATUS_SOFT_ERROR:
+ GNUNET_break (0);
+ TEH_kyc_finished_cancel (kat);
+ return NULL;
+ case GNUNET_DB_STATUS_SUCCESS_NO_RESULTS:
+ GNUNET_break (0);
+ TEH_kyc_finished_cancel (kat);
+ return NULL;
+ case GNUNET_DB_STATUS_SUCCESS_ONE_RESULT:
+ break;
+ }
}
kat->aml_history = json_array ();
kat->kyc_history = json_array ();
@@ -560,14 +601,29 @@ TEH_kyc_finished (
case GNUNET_DB_STATUS_SUCCESS_ONE_RESULT:
break;
}
- kat->kyc_aml
- = TALER_KYCLOGIC_run_aml_program (kat->attributes,
- kat->aml_history,
- kat->kyc_history,
- kat->jmeasures,
- kat->measure_index,
- &kyc_aml_finished,
- kat);
+ if (NULL == instant_ms)
+ {
+ kat->kyc_aml
+ = TALER_KYCLOGIC_run_aml_program (
+ kat->attributes,
+ kat->aml_history,
+ kat->kyc_history,
+ kat->jmeasures,
+ kat->measure_index,
+ &kyc_aml_finished,
+ kat);
+ }
+ else
+ {
+ kat->kyc_aml
+ = TALER_KYCLOGIC_run_aml_program3 (
+ instant_ms,
+ kat->attributes,
+ kat->aml_history,
+ kat->kyc_history,
+ &kyc_aml_finished,
+ kat);
+ }
if (NULL == kat->kyc_aml)
{
GNUNET_break (0);
@@ -578,6 +634,37 @@ TEH_kyc_finished (
}
+struct TEH_KycAmlTrigger *
+TEH_kyc_finished (
+ const struct GNUNET_AsyncScopeId *scope,
+ uint64_t process_row,
+ const struct TALER_PaytoHashP *account_id,
+ const char *provider_name,
+ const char *provider_user_id,
+ const char *provider_legitimization_id,
+ struct GNUNET_TIME_Absolute expiration,
+ const json_t *attributes,
+ unsigned int http_status,
+ struct MHD_Response *response,
+ TEH_KycAmlTriggerCallback cb,
+ void *cb_cls)
+{
+ return TEH_kyc_finished2 (scope,
+ process_row,
+ NULL,
+ account_id,
+ provider_name,
+ provider_user_id,
+ provider_legitimization_id,
+ expiration,
+ attributes,
+ http_status,
+ response,
+ cb,
+ cb_cls);
+}
+
+
void
TEH_kyc_finished_cancel (struct TEH_KycAmlTrigger *kat)
{
@@ -903,38 +990,236 @@ TEH_kyc_failed (
}
-enum GNUNET_DB_QueryStatus
+struct TEH_LegitimizationCheckHandle
+{
+ /**
+ * Function to call with the result.
+ */
+ TEH_LegitimizationCheckCallback result_cb;
+
+ /**
+ * Closure for @e result_cb.
+ */
+ void *result_cb_cls;
+
+ /**
+ * Task scheduled to return a result asynchronously.
+ */
+ struct GNUNET_SCHEDULER_Task *async_task;
+
+ /**
+ * Handle to asynchronously running instant measure.
+ */
+ struct TEH_KycAmlTrigger *kat;
+
+ /**
+ * Our request scope for logging.
+ */
+ struct GNUNET_AsyncScopeId scope;
+
+ /**
+ * Legitimization result we have been building and
+ * should return.
+ */
+ struct TEH_LegitimizationCheckResult lcr;
+
+ /**
+ * Event we were triggered for.
+ */
+ enum TALER_KYCLOGIC_KycTriggerEvent et;
+
+ /**
+ * Payto-URI of the account.
+ */
+ char *payto_uri;
+
+ /**
+ * Hash of @e payto_uri.
+ */
+ struct TALER_PaytoHashP h_payto;
+
+ /**
+ * Public key of the account.
+ */
+ union TALER_AccountPublicKeyP account_pub;
+
+ /**
+ * Amount iterator to call to check for amounts.
+ */
+ TALER_KYCLOGIC_KycAmountIterator ai;
+
+ /**
+ * Closure for @e ai.
+ */
+ void *ai_cls;
+
+ /**
+ * Number of instant rule triggers we have experienced
+ * in this check already.
+ */
+ unsigned int rerun;
+
+ /**
+ * Do we have @e account_pub?
+ */
+ bool have_account_pub;
+};
+
+
+/**
+ * Helper task that asynchronously calls the result
+ * callback and then cleans up.
+ *
+ * @param[in] cls a `struct TEH_LegitimizationCheckHandle *`
+ */
+static void
+async_return_legi_result (void *cls)
+{
+ struct TEH_LegitimizationCheckHandle *lch = cls;
+
+ lch->async_task = NULL;
+ // FIXME: enter (+exit) lch->scope...
+ lch->result_cb (lch->result_cb_cls,
+ &lch->lcr);
+ lch->lcr.response = NULL;
+ TEH_legitimization_check_cancel (lch);
+}
+
+
+/**
+ * The legitimization process failed, return an error
+ * response.
+ *
+ * @param[in,out] lch legitimization check that failed
+ * @param ec error code to return
+ * @param details error details to return (can be NULL)
+ */
+static void
+legi_fail (struct TEH_LegitimizationCheckHandle *lch,
+ enum TALER_ErrorCode ec,
+ const char *details)
+{
+ lch->lcr.http_status
+ = TALER_ErrorCode_get_http_status (ec);
+ lch->lcr.response
+ = TALER_MHD_make_error (
+ ec,
+ details);
+ lch->async_task
+ = GNUNET_SCHEDULER_add_now (
+ &async_return_legi_result,
+ lch);
+}
+
+
+/**
+ * Actually (re)-run the legitimization check @a lch.
+ *
+ * @param[in,out] lch legitimization check to run
+ */
+static void
+legitimization_check_run (
+ struct TEH_LegitimizationCheckHandle *lch);
+
+
+/**
+ * Function called after the KYC-AML trigger is done.
+ *
+ * @param cls must be a `struct TEH_LegitimizationCheckHandle *`
+ * @param http_status final HTTP status to return
+ * @param[in] response final HTTP ro return
+ */
+static void
+legi_check_aml_trigger_cb (
+ void *cls,
+ unsigned int http_status,
+ struct MHD_Response *response)
+{
+ struct TEH_LegitimizationCheckHandle *lch = cls;
+
+ lch->kat = NULL;
+ if (NULL != response)
+ {
+ lch->lcr.http_status = http_status;
+ lch->lcr.response = response;
+ lch->async_task
+ = GNUNET_SCHEDULER_add_now (
+ &async_return_legi_result,
+ lch);
+ return;
+ }
+ /* re-run the check, we got new rules! */
+ if (lch->rerun > MAX_LEGI_LOOPS)
+ {
+ /* deep recursion not allowed, abort! */
+ GNUNET_break (0);
+ legi_fail (lch,
+ TALER_EC_EXCHANGE_KYC_RECURSIVE_RULE_DETECTED,
+ NULL);
+ return;
+ }
+ lch->rerun++;
+ legitimization_check_run (lch);
+}
+
+
+struct TEH_LegitimizationCheckHandle *
TEH_legitimization_check (
- struct TALER_EXCHANGEDB_KycStatus *kyc,
- struct MHD_Connection *connection,
- MHD_RESULT *mhd_ret,
+ const struct GNUNET_AsyncScopeId *scope,
enum TALER_KYCLOGIC_KycTriggerEvent et,
const char *payto_uri,
const struct TALER_PaytoHashP *h_payto,
const union TALER_AccountPublicKeyP *account_pub,
TALER_KYCLOGIC_KycAmountIterator ai,
- void *ai_cls)
+ void *ai_cls,
+ TEH_LegitimizationCheckCallback result_cb,
+ void *result_cb_cls)
+{
+ struct TEH_LegitimizationCheckHandle *lch;
+
+ lch = GNUNET_new (struct TEH_LegitimizationCheckHandle);
+ lch->scope = *scope;
+ lch->et = et;
+ lch->payto_uri = GNUNET_strdup (payto_uri);
+ lch->h_payto = *h_payto;
+ if (NULL != account_pub)
+ {
+ lch->account_pub = *account_pub;
+ lch->have_account_pub = true;
+ }
+ lch->ai = ai;
+ lch->ai_cls = ai_cls;
+ lch->result_cb = result_cb;
+ lch->result_cb_cls = result_cb_cls;
+ legitimization_check_run (lch);
+ return lch;
+}
+
+
+static void
+legitimization_check_run (
+ struct TEH_LegitimizationCheckHandle *lch)
{
struct TALER_KYCLOGIC_LegitimizationRuleSet *lrs = NULL;
const struct TALER_KYCLOGIC_KycRule *requirement;
enum GNUNET_DB_QueryStatus qs;
+ const struct TALER_KYCLOGIC_Measure *instant_ms;
+ // FIXME: add global flag to disable legitimizations!
+ // FIXME: enter (+exit) lch->scope!
{
json_t *jrules;
qs = TEH_plugin->get_kyc_rules (TEH_plugin->cls,
- h_payto,
+ &lch->h_payto,
&jrules);
if (qs < 0)
{
- if (GNUNET_DB_STATUS_HARD_ERROR == qs)
- {
- GNUNET_break (0);
- *mhd_ret = TALER_MHD_reply_with_ec (connection,
- TALER_EC_GENERIC_DB_FETCH_FAILED,
- "get_kyc_rules");
- }
- return qs;
+ GNUNET_break (0);
+ legi_fail (lch,
+ TALER_EC_GENERIC_DB_FETCH_FAILED,
+ "get_kyc_rules");
+ return;
}
if (qs > 0)
{
@@ -946,66 +1231,137 @@ TEH_legitimization_check (
}
qs = TALER_KYCLOGIC_kyc_test_required (
- et,
+ lch->et,
lrs,
- ai,
- ai_cls,
+ lch->ai,
+ lch->ai_cls,
&requirement);
if (qs < 0)
{
TALER_KYCLOGIC_rules_free (lrs);
- if (GNUNET_DB_STATUS_HARD_ERROR == qs)
- {
- GNUNET_break (0);
- *mhd_ret = TALER_MHD_reply_with_ec (
- connection,
- TALER_EC_GENERIC_DB_FETCH_FAILED,
- "kyc_test_required");
- }
- return qs;
+ legi_fail (lch,
+ TALER_EC_GENERIC_DB_FETCH_FAILED,
+ "kyc_test_required");
+ return;
}
if (NULL == requirement)
{
TALER_KYCLOGIC_rules_free (lrs);
- kyc->ok = true;
- return qs;
+ lch->lcr.kyc.ok = true;
+ /* return success! */
+ lch->async_task
+ = GNUNET_SCHEDULER_add_now (
+ &async_return_legi_result,
+ lch);
+ return;
}
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"KYC requirement is %s\n",
TALER_KYCLOGIC_rule2s (requirement));
- kyc->ok = false;
+
+ instant_ms
+ = TALER_KYCLOGIC_rule_get_instant_measure (
+ requirement);
+ if (NULL != instant_ms)
+ {
+ /* We have an 'instant' measure which means we must run the
+ AML program immediately instead of waiting for the account owner
+ to select some measure and contribute their KYC data. */
+ json_t *attributes
+ = json_object (); /* instant: empty attributes */
+
+ GNUNET_assert (NULL != attributes);
+ lch->kat
+ = TEH_kyc_finished2 (
+ &lch->scope,
+ 0LL,
+ instant_ms,
+ &lch->h_payto,
+ "SKIP", /* provider */
+ NULL,
+ NULL,
+ GNUNET_TIME_UNIT_FOREVER_ABS,
+ attributes,
+ 0, /* http status */
+ NULL, /* MHD_Response */
+ &legi_check_aml_trigger_cb,
+ lch);
+ json_decref (attributes);
+ if (NULL == lch->kat)
+ {
+ GNUNET_break (0);
+ legi_fail (lch,
+ TALER_EC_EXCHANGE_KYC_AML_PROGRAM_FAILURE,
+ NULL);
+ return;
+ }
+ return;
+ }
+
+ /* No instant measure, store all measures in the database and
+ wait for the user to select one (via /kyc-info) and to then
+ provide the data. */
+ lch->lcr.kyc.ok = false;
{
json_t *jmeasures;
jmeasures = TALER_KYCLOGIC_rule_to_measures (requirement);
qs = TEH_plugin->trigger_kyc_rule_for_account (
TEH_plugin->cls,
- payto_uri,
- h_payto,
- account_pub,
+ lch->payto_uri,
+ &lch->h_payto,
+ lch->have_account_pub ? &lch->account_pub : NULL,
jmeasures,
TALER_KYCLOGIC_rule2priority (requirement),
- &kyc->requirement_row);
+ &lch->lcr.kyc.requirement_row);
json_decref (jmeasures);
}
if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs)
{
GNUNET_break (0);
- *mhd_ret = TALER_MHD_reply_with_ec (
- connection,
- TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE,
- "trigger_kyc_rule_for_account");
- return GNUNET_DB_STATUS_HARD_ERROR;
+ legi_fail (lch,
+ TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE,
+ "trigger_kyc_rule_for_account");
+ return;
}
+ TALER_KYCLOGIC_rules_free (lrs);
if (GNUNET_DB_STATUS_HARD_ERROR == qs)
{
GNUNET_break (0);
- *mhd_ret = TALER_MHD_reply_with_ec (connection,
- TALER_EC_GENERIC_DB_STORE_FAILED,
- "trigger_kyc_rule_for_account");
+ legi_fail (lch,
+ TALER_EC_GENERIC_DB_STORE_FAILED,
+ "trigger_kyc_rule_for_account");
+ return;
}
- TALER_KYCLOGIC_rules_free (lrs);
- return qs;
+ /* return success! */
+ lch->async_task
+ = GNUNET_SCHEDULER_add_now (
+ &async_return_legi_result,
+ lch);
+}
+
+
+void
+TEH_legitimization_check_cancel (
+ struct TEH_LegitimizationCheckHandle *lch)
+{
+ if (NULL != lch->async_task)
+ {
+ GNUNET_SCHEDULER_cancel (lch->async_task);
+ lch->async_task = NULL;
+ }
+ if (NULL != lch->kat)
+ {
+ TEH_kyc_finished_cancel (lch->kat);
+ lch->kat = NULL;
+ }
+ if (NULL != lch->lcr.response)
+ {
+ MHD_destroy_response (lch->lcr.response);
+ lch->lcr.response = NULL;
+ }
+ GNUNET_free (lch->payto_uri);
+ GNUNET_free (lch);
}
diff --git a/src/exchange/taler-exchange-httpd_common_kyc.h b/src/exchange/taler-exchange-httpd_common_kyc.h
index b866e867e..68fc31768 100644
--- a/src/exchange/taler-exchange-httpd_common_kyc.h
+++ b/src/exchange/taler-exchange-httpd_common_kyc.h
@@ -1,6 +1,6 @@
/*
This file is part of TALER
- Copyright (C) 2023 Taler Systems SA
+ Copyright (C) 2023, 2024 Taler Systems SA
TALER is free software; you can redistribute it and/or modify it under the
terms of the GNU Affero General Public License as published by the Free Software
@@ -185,12 +185,52 @@ TEH_kyc_failed (
/**
+ * Result from a legitimization check.
+ */
+struct TEH_LegitimizationCheckResult
+{
+ /**
+ * KYC status for the account
+ */
+ struct TALER_EXCHANGEDB_KycStatus kyc;
+
+ /**
+ * HTTP status code for @a response, or 0
+ */
+ unsigned int http_status;
+
+ /**
+ * Response to return. Note that the response must
+ * be queued or destroyed by the callee. NULL
+ * if the legitimization check was successful and the handler should return
+ * a handler-specific result.
+ */
+ struct MHD_Response *response;
+};
+
+
+/**
+ * Function called with the result of a legitimization
+ * check.
+ *
+ * @param cls closure
+ * @param lcr legitimization check result
+ */
+typedef void
+(*TEH_LegitimizationCheckCallback)(
+ void *cls,
+ const struct TEH_LegitimizationCheckResult *lcr);
+
+/**
+ * Handle for a legitimization check.
+ */
+struct TEH_LegitimizationCheckHandle;
+
+
+/**
* Do legitimization check.
*
- * @param[out] kyc set to kyc status
- * @param[in,out] connection used to return hard errors
- * @param[out] mhd_ret set if errors were returned
- * (only on hard error)
+ * @param scope scope for logging
* @param et type of event we are checking
* @param payto_uri account we are checking for
* @param h_payto hash of @a payto_uri
@@ -198,20 +238,30 @@ TEH_kyc_failed (
* KYC authorization, NULL if not known
* @param ai callback to get amounts involved historically
* @param ai_cls closure for @a ai
- * @return transaction status, error will have been
- * queued if transaction status is set to hard error
+ * @param result_cb function to call with the result
+ * @param result_cb_cls closure for @a result_cb
+ * @return handle for the operation
*/
-enum GNUNET_DB_QueryStatus
+struct TEH_LegitimizationCheckHandle *
TEH_legitimization_check (
- struct TALER_EXCHANGEDB_KycStatus *kyc,
- struct MHD_Connection *connection,
- MHD_RESULT *mhd_ret,
+ const struct GNUNET_AsyncScopeId *scope,
enum TALER_KYCLOGIC_KycTriggerEvent et,
const char *payto_uri,
const struct TALER_PaytoHashP *h_payto,
const union TALER_AccountPublicKeyP *account_pub,
TALER_KYCLOGIC_KycAmountIterator ai,
- void *ai_cls);
+ void *ai_cls,
+ TEH_LegitimizationCheckCallback result_cb,
+ void *result_cb_cls);
+/**
+ * Cancel legitimization check.
+ *
+ * @param[in] lch handle of the check to cancel
+ */
+void
+TEH_legitimization_check_cancel (
+ struct TEH_LegitimizationCheckHandle *lch);
+
#endif
diff --git a/src/exchange/taler-exchange-httpd_kyc-wallet.c b/src/exchange/taler-exchange-httpd_kyc-wallet.c
index 21730b5ed..a74f6eca6 100644
--- a/src/exchange/taler-exchange-httpd_kyc-wallet.c
+++ b/src/exchange/taler-exchange-httpd_kyc-wallet.c
@@ -27,6 +27,7 @@
#include "taler_json_lib.h"
#include "taler_mhd_lib.h"
#include "taler_kyclogic_lib.h"
+#include "taler-exchange-httpd_common_kyc.h"
#include "taler-exchange-httpd_kyc-wallet.h"
#include "taler-exchange-httpd_responses.h"
#include "taler-exchange-httpd_withdraw.h"
@@ -37,6 +38,40 @@
*/
struct KycRequestContext
{
+
+ /**
+ * Kept in a DLL.
+ */
+ struct KycRequestContext *next;
+
+ /**
+ * Kept in a DLL.
+ */
+ struct KycRequestContext *prev;
+
+ /**
+ * Handle for legitimization check.
+ */
+ struct TEH_LegitimizationCheckHandle *lch;
+
+ /**
+ * Payto URI of the reserve.
+ */
+ char *payto_uri;
+
+ /**
+ * Request context.
+ */
+ struct TEH_RequestContext *rc;
+
+ /**
+ * Response to return. Note that the response must
+ * be queued or destroyed by the callee. NULL
+ * if the legitimization check was successful and the handler should return
+ * a handler-specific result.
+ */
+ struct MHD_Response *response;
+
/**
* Public key of the reserve/wallet this is about.
*/
@@ -48,24 +83,50 @@ struct KycRequestContext
union TALER_AccountPublicKeyP wallet_pub;
/**
- * KYC status, with row with the legitimization requirement.
+ * Balance threshold crossed by the wallet.
*/
- struct TALER_EXCHANGEDB_KycStatus kyc;
+ struct TALER_Amount balance;
/**
- * Balance threshold crossed by the wallet.
+ * KYC status, with row with the legitimization requirement.
*/
- struct TALER_Amount balance;
+ struct TALER_EXCHANGEDB_KycStatus kyc;
/**
- * Payto URI of the reserve.
+ * HTTP status code for @a response, or 0
*/
- char *payto_uri;
+ unsigned int http_status;
};
/**
+ * Kept in a DLL.
+ */
+static struct KycRequestContext *krc_head;
+
+/**
+ * Kept in a DLL.
+ */
+static struct KycRequestContext *krc_tail;
+
+
+void
+TEH_kyc_wallet_cleanup ()
+{
+ struct KycRequestContext *krc;
+
+ while (NULL != (krc = krc_head))
+ {
+ GNUNET_CONTAINER_DLL_remove (krc_head,
+ krc_tail,
+ krc);
+ MHD_resume_connection (krc->rc->connection);
+ }
+}
+
+
+/**
* Function called to iterate over KYC-relevant
* transaction amounts for a particular time range.
* Returns the wallet balance.
@@ -99,36 +160,48 @@ balance_iterator (void *cls,
/**
- * Function implementing database transaction to check wallet's KYC status.
- * Runs the transaction logic; IF it returns a non-error code, the transaction
- * logic MUST NOT queue a MHD response. IF it returns an hard error, the
- * transaction logic MUST queue a MHD response and set @a mhd_ret. IF it
- * returns the soft error code, the function MAY be called again to retry and
- * MUST not queue a MHD response.
+ * Function called with the result of a legitimization
+ * check.
*
- * @param cls closure with a `struct KycRequestContext *`
- * @param connection MHD request which triggered the transaction
- * @param[out] mhd_ret set to MHD response status for @a connection,
- * if transaction failed (!)
- * @return transaction status
+ * @param cls must be a `struct KycRequestContext *`
+ * @param lcr legitimization check result
*/
-static enum GNUNET_DB_QueryStatus
-wallet_kyc_check (void *cls,
- struct MHD_Connection *connection,
- MHD_RESULT *mhd_ret)
+static void
+legi_result_cb (
+ void *cls,
+ const struct TEH_LegitimizationCheckResult *lcr)
{
struct KycRequestContext *krc = cls;
- return TEH_legitimization_check (
- &krc->kyc,
- connection,
- mhd_ret,
- TALER_KYCLOGIC_KYC_TRIGGER_WALLET_BALANCE,
- krc->payto_uri,
- &krc->h_payto,
- &krc->wallet_pub,
- &balance_iterator,
- krc);
+ krc->lch = NULL;
+ krc->http_status = lcr->http_status;
+ krc->response = lcr->response;
+ krc->kyc = lcr->kyc;
+ GNUNET_CONTAINER_DLL_remove (krc_head,
+ krc_tail,
+ krc);
+ MHD_resume_connection (krc->rc->connection);
+ TALER_MHD_daemon_trigger ();
+}
+
+
+/**
+ * Function to clean up our rh_ctx in @a rc
+ *
+ * @param[in,out] rc context to clean up
+ */
+static void
+krc_cleaner (struct TEH_RequestContext *rc)
+{
+ struct KycRequestContext *krc = rc->rh_ctx;
+
+ if (NULL != krc->lch)
+ {
+ TEH_legitimization_check_cancel (krc->lch);
+ krc->lch = NULL;
+ }
+ GNUNET_free (krc->payto_uri);
+ GNUNET_free (krc);
}
@@ -138,63 +211,83 @@ TEH_handler_kyc_wallet (
const json_t *root,
const char *const args[])
{
- struct TALER_ReserveSignatureP reserve_sig;
- struct KycRequestContext krc;
- struct GNUNET_JSON_Specification spec[] = {
- GNUNET_JSON_spec_fixed_auto ("reserve_sig",
- &reserve_sig),
- GNUNET_JSON_spec_fixed_auto ("reserve_pub",
- &krc.wallet_pub.reserve_pub),
- TALER_JSON_spec_amount ("balance",
- TEH_currency,
- &krc.balance),
- GNUNET_JSON_spec_end ()
- };
- MHD_RESULT res;
- enum GNUNET_GenericReturnValue ret;
+ struct KycRequestContext *krc = rc->rh_ctx;
- (void) args;
- ret = TALER_MHD_parse_json_data (rc->connection,
- root,
- spec);
- if (GNUNET_SYSERR == ret)
- return MHD_NO; /* hard failure */
- if (GNUNET_NO == ret)
- return MHD_YES; /* failure */
-
- TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
- if (GNUNET_OK !=
- TALER_wallet_account_setup_verify (
- &krc.wallet_pub.reserve_pub,
- &krc.balance,
- &reserve_sig))
+ if (NULL == krc)
{
- GNUNET_break_op (0);
- return TALER_MHD_reply_with_error (
- rc->connection,
- MHD_HTTP_FORBIDDEN,
- TALER_EC_EXCHANGE_KYC_WALLET_SIGNATURE_INVALID,
- NULL);
+ krc = GNUNET_new (struct KycRequestContext);
+ krc->rc = rc;
+ rc->rh_ctx = krc;
+ rc->rh_cleaner = &krc_cleaner;
+ {
+ struct TALER_ReserveSignatureP reserve_sig;
+ struct GNUNET_JSON_Specification spec[] = {
+ GNUNET_JSON_spec_fixed_auto ("reserve_sig",
+ &reserve_sig),
+ GNUNET_JSON_spec_fixed_auto ("reserve_pub",
+ &krc->wallet_pub.reserve_pub),
+ TALER_JSON_spec_amount ("balance",
+ TEH_currency,
+ &krc->balance),
+ GNUNET_JSON_spec_end ()
+ };
+ enum GNUNET_GenericReturnValue ret;
+
+ (void) args;
+ ret = TALER_MHD_parse_json_data (rc->connection,
+ root,
+ spec);
+ if (GNUNET_SYSERR == ret)
+ return MHD_NO; /* hard failure */
+ if (GNUNET_NO == ret)
+ return MHD_YES; /* failure */
+
+ TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
+ if (GNUNET_OK !=
+ TALER_wallet_account_setup_verify (
+ &krc->wallet_pub.reserve_pub,
+ &krc->balance,
+ &reserve_sig))
+ {
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_error (
+ rc->connection,
+ MHD_HTTP_FORBIDDEN,
+ TALER_EC_EXCHANGE_KYC_WALLET_SIGNATURE_INVALID,
+ NULL);
+ }
+ }
+ krc->payto_uri
+ = TALER_reserve_make_payto (TEH_base_url,
+ &krc->wallet_pub.reserve_pub);
+ TALER_payto_hash (krc->payto_uri,
+ &krc->h_payto);
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ "h_payto of wallet %s is %s\n",
+ krc->payto_uri,
+ TALER_B2S (&krc->h_payto));
+ krc->lch = TEH_legitimization_check (
+ &rc->async_scope_id,
+ TALER_KYCLOGIC_KYC_TRIGGER_WALLET_BALANCE,
+ krc->payto_uri,
+ &krc->h_payto,
+ &krc->wallet_pub,
+ &balance_iterator,
+ krc,
+ &legi_result_cb,
+ krc);
+ GNUNET_assert (NULL != krc->lch);
+ MHD_suspend_connection (rc->connection);
+ GNUNET_CONTAINER_DLL_insert (krc_head,
+ krc_tail,
+ krc);
+ return MHD_YES;
}
- krc.payto_uri
- = TALER_reserve_make_payto (TEH_base_url,
- &krc.wallet_pub.reserve_pub);
- TALER_payto_hash (krc.payto_uri,
- &krc.h_payto);
- GNUNET_log (GNUNET_ERROR_TYPE_INFO,
- "h_payto of wallet %s is %s\n",
- krc.payto_uri,
- TALER_B2S (&krc.h_payto));
- ret = TEH_DB_run_transaction (rc->connection,
- "check wallet kyc",
- TEH_MT_REQUEST_OTHER,
- &res,
- &wallet_kyc_check,
- &krc);
- GNUNET_free (krc.payto_uri);
- if (GNUNET_SYSERR == ret)
- return res;
- if (krc.kyc.ok)
+ if (NULL != krc->response)
+ return MHD_queue_response (rc->connection,
+ krc->http_status,
+ krc->response);
+ if (krc->kyc.ok)
{
/* KYC not required or already satisfied */
return TALER_MHD_reply_static (
@@ -205,8 +298,8 @@ TEH_handler_kyc_wallet (
0);
}
return TEH_RESPONSE_reply_kyc_required (rc->connection,
- &krc.h_payto,
- &krc.kyc);
+ &krc->h_payto,
+ &krc->kyc);
}
diff --git a/src/exchange/taler-exchange-httpd_kyc-wallet.h b/src/exchange/taler-exchange-httpd_kyc-wallet.h
index bd8ae1b08..6539358e8 100644
--- a/src/exchange/taler-exchange-httpd_kyc-wallet.h
+++ b/src/exchange/taler-exchange-httpd_kyc-wallet.h
@@ -26,6 +26,13 @@
/**
+ * Resume suspended connections, we are shutting down.
+ */
+void
+TEH_kyc_wallet_cleanup (void);
+
+
+/**
* Handle a "/kyc-wallet" request. Parses the "reserve_pub" EdDSA key of the
* reserve and the signature "reserve_sig" which affirms the operation. If OK,
* a KYC record is created (if missing) and the KYC status returned.
diff --git a/src/exchange/taler-exchange-httpd_purses_create.c b/src/exchange/taler-exchange-httpd_purses_create.c
index f6db221ec..dae5ea600 100644
--- a/src/exchange/taler-exchange-httpd_purses_create.c
+++ b/src/exchange/taler-exchange-httpd_purses_create.c
@@ -422,10 +422,11 @@ parse_coin (struct MHD_Connection *connection,
MHD_RESULT
TEH_handler_purses_create (
- struct MHD_Connection *connection,
+ struct TEH_RequestContext *rc,
const struct TALER_PurseContractPublicKeyP *purse_pub,
const json_t *root)
{
+ struct MHD_Connection *connection = rc->connection;
struct PurseCreateContext pcc = {
.pd.purse_pub = *purse_pub,
.exchange_timestamp = GNUNET_TIME_timestamp_get ()
diff --git a/src/exchange/taler-exchange-httpd_purses_create.h b/src/exchange/taler-exchange-httpd_purses_create.h
index 7ccba1446..bec4c5c64 100644
--- a/src/exchange/taler-exchange-httpd_purses_create.h
+++ b/src/exchange/taler-exchange-httpd_purses_create.h
@@ -32,14 +32,14 @@
* the details of the operation specified. If everything checks out, this
* will ultimately lead to the "purses create" being executed, or rejected.
*
- * @param connection the MHD connection to handle
+ * @param rc connection to handle
* @param purse_pub public key of the purse
* @param root uploaded JSON data
* @return MHD result code
*/
MHD_RESULT
TEH_handler_purses_create (
- struct MHD_Connection *connection,
+ struct TEH_RequestContext *rc,
const struct TALER_PurseContractPublicKeyP *purse_pub,
const json_t *root);
diff --git a/src/exchange/taler-exchange-httpd_purses_deposit.c b/src/exchange/taler-exchange-httpd_purses_deposit.c
index 8e4d5e41a..d518e6250 100644
--- a/src/exchange/taler-exchange-httpd_purses_deposit.c
+++ b/src/exchange/taler-exchange-httpd_purses_deposit.c
@@ -321,10 +321,11 @@ parse_coin (struct MHD_Connection *connection,
MHD_RESULT
TEH_handler_purses_deposit (
- struct MHD_Connection *connection,
+ struct TEH_RequestContext *rc,
const struct TALER_PurseContractPublicKeyP *purse_pub,
const json_t *root)
{
+ struct MHD_Connection *connection = rc->connection;
struct PurseDepositContext pcc = {
.purse_pub = purse_pub,
.exchange_timestamp = GNUNET_TIME_timestamp_get ()
diff --git a/src/exchange/taler-exchange-httpd_purses_deposit.h b/src/exchange/taler-exchange-httpd_purses_deposit.h
index fa587e977..9e300c3c0 100644
--- a/src/exchange/taler-exchange-httpd_purses_deposit.h
+++ b/src/exchange/taler-exchange-httpd_purses_deposit.h
@@ -32,14 +32,14 @@
* the details of the operation specified. If everything checks out, this
* will ultimately lead to the "purses deposit" being executed, or rejected.
*
- * @param connection the MHD connection to handle
+ * @param rc request to handle
* @param purse_pub public key of the purse
* @param root uploaded JSON data
* @return MHD result code
*/
MHD_RESULT
TEH_handler_purses_deposit (
- struct MHD_Connection *connection,
+ struct TEH_RequestContext *rc,
const struct TALER_PurseContractPublicKeyP *purse_pub,
const json_t *root);
diff --git a/src/exchange/taler-exchange-httpd_purses_merge.c b/src/exchange/taler-exchange-httpd_purses_merge.c
index d6b0348ba..5a62b7a7d 100644
--- a/src/exchange/taler-exchange-httpd_purses_merge.c
+++ b/src/exchange/taler-exchange-httpd_purses_merge.c
@@ -30,6 +30,7 @@
#include "taler_json_lib.h"
#include "taler_kyclogic_lib.h"
#include "taler_mhd_lib.h"
+#include "taler-exchange-httpd_common_kyc.h"
#include "taler-exchange-httpd_purses_merge.h"
#include "taler-exchange-httpd_responses.h"
#include "taler-exchange-httpd_withdraw.h"
@@ -42,10 +43,52 @@
*/
struct PurseMergeContext
{
+
+ /**
+ * Kept in a DLL.
+ */
+ struct PurseMergeContext *next;
+
+ /**
+ * Kept in a DLL.
+ */
+ struct PurseMergeContext *prev;
+
+ /**
+ * Our request.
+ */
+ struct TEH_RequestContext *rc;
+
+ /**
+ * Handle for the legitimization check.
+ */
+ struct TEH_LegitimizationCheckHandle *lch;
+
+ /**
+ * Fees that apply to this operation.
+ */
+ const struct TALER_WireFeeSet *wf;
+
+ /**
+ * Base URL of the exchange provider hosting the reserve.
+ */
+ char *provider_url;
+
+ /**
+ * URI of the account the purse is to be merged into.
+ * Must be of the form 'payto://taler-reserve/$EXCHANGE_URL/RESERVE_PUB'.
+ */
+ const char *payto_uri;
+
+ /**
+ * Response to return, if set.
+ */
+ struct MHD_Response *response;
+
/**
* Public key of the purse we are creating.
*/
- const struct TALER_PurseContractPublicKeyP *purse_pub;
+ struct TALER_PurseContractPublicKeyP purse_pub;
/**
* Total amount to be put into the purse.
@@ -98,17 +141,6 @@ struct PurseMergeContext
struct TALER_PrivateContractHashP h_contract_terms;
/**
- * Fees that apply to this operation.
- */
- const struct TALER_WireFeeSet *wf;
-
- /**
- * URI of the account the purse is to be merged into.
- * Must be of the form 'payto://taler-reserve/$EXCHANGE_URL/RESERVE_PUB'.
- */
- const char *payto_uri;
-
- /**
* Hash of the @e payto_uri.
*/
struct TALER_PaytoHashP h_payto;
@@ -119,52 +151,112 @@ struct PurseMergeContext
struct TALER_EXCHANGEDB_KycStatus kyc;
/**
- * Base URL of the exchange provider hosting the reserve.
+ * HTTP status to return with @e response, or 0.
*/
- char *provider_url;
+ unsigned int http_status;
/**
* Minimum age for deposits into this purse.
*/
uint32_t min_age;
+
+ /**
+ * Set to true if this request was suspended.
+ */
+ bool suspended;
};
/**
+ * Kept in a DLL.
+ */
+static struct PurseMergeContext *pmc_head;
+
+/**
+ * Kept in a DLL.
+ */
+static struct PurseMergeContext *pmc_tail;
+
+
+void
+TEH_purses_merge_cleanup ()
+{
+ struct PurseMergeContext *pmc;
+
+ while (NULL != (pmc = pmc_head))
+ {
+ GNUNET_CONTAINER_DLL_remove (pmc_head,
+ pmc_tail,
+ pmc);
+ MHD_resume_connection (pmc->rc->connection);
+ }
+}
+
+
+/**
+ * Function called with the result of a legitimization
+ * check.
+ *
+ * @param cls closure
+ * @param lcr legitimization check result
+ */
+static void
+legi_result_cb (
+ void *cls,
+ const struct TEH_LegitimizationCheckResult *lcr)
+{
+ struct PurseMergeContext *pmc = cls;
+
+ pmc->lch = NULL;
+ MHD_resume_connection (pmc->rc->connection);
+ GNUNET_CONTAINER_DLL_remove (pmc_head,
+ pmc_tail,
+ pmc);
+ TALER_MHD_daemon_trigger ();
+ if (NULL != lcr->response)
+ {
+ pmc->response = lcr->response;
+ pmc->http_status = lcr->http_status;
+ return;
+ }
+ pmc->kyc = lcr->kyc;
+}
+
+
+/**
* Send confirmation of purse creation success to client.
*
- * @param connection connection to the client
* @param pcc details about the request that succeeded
* @return MHD result code
*/
static MHD_RESULT
-reply_merge_success (struct MHD_Connection *connection,
- const struct PurseMergeContext *pcc)
+reply_merge_success (const struct PurseMergeContext *pmc)
{
+ struct MHD_Connection *connection = pmc->rc->connection;
struct TALER_ExchangePublicKeyP pub;
struct TALER_ExchangeSignatureP sig;
enum TALER_ErrorCode ec;
struct TALER_Amount merge_amount;
if (0 <
- TALER_amount_cmp (&pcc->balance,
- &pcc->target_amount))
+ TALER_amount_cmp (&pmc->balance,
+ &pmc->target_amount))
{
GNUNET_break (0);
return TALER_MHD_REPLY_JSON_PACK (
connection,
MHD_HTTP_INTERNAL_SERVER_ERROR,
TALER_JSON_pack_amount ("balance",
- &pcc->balance),
+ &pmc->balance),
TALER_JSON_pack_amount ("target_amount",
- &pcc->target_amount));
+ &pmc->target_amount));
}
- if ( (NULL == pcc->provider_url) ||
- (0 == strcmp (pcc->provider_url,
+ if ( (NULL == pmc->provider_url) ||
+ (0 == strcmp (pmc->provider_url,
TEH_base_url)) )
{
/* wad fee is always zero if we stay at our own exchange */
- merge_amount = pcc->target_amount;
+ merge_amount = pmc->target_amount;
}
else
{
@@ -172,7 +264,7 @@ reply_merge_success (struct MHD_Connection *connection,
/* FIXME: figure out partner, lookup wad fee by partner! #7271 */
if (0 >
TALER_amount_subtract (&merge_amount,
- &pcc->target_amount,
+ &pmc->target_amount,
&wad_fee))
{
GNUNET_assert (GNUNET_OK ==
@@ -180,20 +272,20 @@ reply_merge_success (struct MHD_Connection *connection,
&merge_amount));
}
#else
- merge_amount = pcc->target_amount;
+ merge_amount = pmc->target_amount;
#endif
}
if (TALER_EC_NONE !=
(ec = TALER_exchange_online_purse_merged_sign (
&TEH_keys_exchange_sign_,
- pcc->exchange_timestamp,
- pcc->purse_expiration,
+ pmc->exchange_timestamp,
+ pmc->purse_expiration,
&merge_amount,
- pcc->purse_pub,
- &pcc->h_contract_terms,
- &pcc->account_pub.reserve_pub,
- (NULL != pcc->provider_url)
- ? pcc->provider_url
+ &pmc->purse_pub,
+ &pmc->h_contract_terms,
+ &pmc->account_pub.reserve_pub,
+ (NULL != pmc->provider_url)
+ ? pmc->provider_url
: TEH_base_url,
&pub,
&sig)))
@@ -209,7 +301,7 @@ reply_merge_success (struct MHD_Connection *connection,
TALER_JSON_pack_amount ("merge_amount",
&merge_amount),
GNUNET_JSON_pack_timestamp ("exchange_timestamp",
- pcc->exchange_timestamp),
+ pmc->exchange_timestamp),
GNUNET_JSON_pack_data_auto ("exchange_sig",
&sig),
GNUNET_JSON_pack_data_auto ("exchange_pub",
@@ -238,19 +330,19 @@ amount_iterator (void *cls,
TALER_EXCHANGEDB_KycAmountCallback cb,
void *cb_cls)
{
- struct PurseMergeContext *pcc = cls;
+ struct PurseMergeContext *pmc = cls;
enum GNUNET_GenericReturnValue ret;
enum GNUNET_DB_QueryStatus qs;
ret = cb (cb_cls,
- &pcc->target_amount,
+ &pmc->target_amount,
GNUNET_TIME_absolute_get ());
GNUNET_break (GNUNET_SYSERR != ret);
if (GNUNET_OK != ret)
return GNUNET_DB_STATUS_SUCCESS_NO_RESULTS;
qs = TEH_plugin->select_merge_amounts_for_kyc_check (
TEH_plugin->cls,
- &pcc->h_payto,
+ &pmc->h_payto,
limit,
cb,
cb_cls);
@@ -281,33 +373,20 @@ merge_transaction (void *cls,
struct MHD_Connection *connection,
MHD_RESULT *mhd_ret)
{
- struct PurseMergeContext *pcc = cls;
+ struct PurseMergeContext *pmc = cls;
enum GNUNET_DB_QueryStatus qs;
bool in_conflict = true;
bool no_balance = true;
bool no_partner = true;
- qs = TEH_legitimization_check (
- &pcc->kyc,
- connection,
- mhd_ret,
- TALER_KYCLOGIC_KYC_TRIGGER_P2P_RECEIVE,
- pcc->payto_uri,
- &pcc->h_payto,
- &pcc->account_pub,
- &amount_iterator,
- pcc);
- if ( (qs < 0) ||
- (! pcc->kyc.ok) )
- return qs;
qs = TEH_plugin->do_purse_merge (
TEH_plugin->cls,
- pcc->purse_pub,
- &pcc->merge_sig,
- pcc->merge_timestamp,
- &pcc->reserve_sig,
- pcc->provider_url,
- &pcc->account_pub.reserve_pub,
+ &pmc->purse_pub,
+ &pmc->merge_sig,
+ pmc->merge_timestamp,
+ &pmc->reserve_sig,
+ pmc->provider_url,
+ &pmc->account_pub.reserve_pub,
&no_partner,
&no_balance,
&in_conflict);
@@ -329,7 +408,7 @@ merge_transaction (void *cls,
TALER_MHD_reply_with_error (connection,
MHD_HTTP_NOT_FOUND,
TALER_EC_EXCHANGE_MERGE_PURSE_PARTNER_UNKNOWN,
- pcc->provider_url);
+ pmc->provider_url);
return GNUNET_DB_STATUS_HARD_ERROR;
}
if (no_balance)
@@ -350,7 +429,7 @@ merge_transaction (void *cls,
bool refunded;
qs = TEH_plugin->select_purse_merge (TEH_plugin->cls,
- pcc->purse_pub,
+ &pmc->purse_pub,
&merge_sig,
&merge_timestamp,
&partner_url,
@@ -382,7 +461,7 @@ merge_transaction (void *cls,
}
if (0 !=
GNUNET_memcmp (&merge_sig,
- &pcc->merge_sig))
+ &pmc->merge_sig))
{
*mhd_ret = TALER_MHD_REPLY_JSON_PACK (
connection,
@@ -400,8 +479,7 @@ merge_transaction (void *cls,
return GNUNET_DB_STATUS_HARD_ERROR;
}
/* idempotent! */
- *mhd_ret = reply_merge_success (connection,
- pcc);
+ *mhd_ret = reply_merge_success (pmc);
GNUNET_free (partner_url);
return GNUNET_DB_STATUS_HARD_ERROR;
}
@@ -410,251 +488,306 @@ merge_transaction (void *cls,
}
+/**
+ * Purse-merge-specific cleanup routine. Function called
+ * upon completion of the request that should
+ * clean up @a rh_ctx. Can be NULL.
+ *
+ * @param rc request context to clean up
+ */
+static void
+clean_purse_merge_rc (struct TEH_RequestContext *rc)
+{
+ struct PurseMergeContext *pmc = rc->rh_ctx;
+
+ if (NULL != pmc->lch)
+ {
+ TEH_legitimization_check_cancel (pmc->lch);
+ pmc->lch = NULL;
+ }
+ GNUNET_free (pmc->provider_url);
+ GNUNET_free (pmc);
+}
+
+
MHD_RESULT
TEH_handler_purses_merge (
- struct MHD_Connection *connection,
+ struct TEH_RequestContext *rc,
const struct TALER_PurseContractPublicKeyP *purse_pub,
const json_t *root)
{
- struct PurseMergeContext pcc = {
- .purse_pub = purse_pub,
- .exchange_timestamp = GNUNET_TIME_timestamp_get ()
- };
- struct GNUNET_JSON_Specification spec[] = {
- TALER_JSON_spec_payto_uri ("payto_uri",
- &pcc.payto_uri),
- GNUNET_JSON_spec_fixed_auto ("reserve_sig",
- &pcc.reserve_sig),
- GNUNET_JSON_spec_fixed_auto ("merge_sig",
- &pcc.merge_sig),
- GNUNET_JSON_spec_timestamp ("merge_timestamp",
- &pcc.merge_timestamp),
- GNUNET_JSON_spec_end ()
- };
- struct TALER_PurseContractSignatureP purse_sig;
- enum GNUNET_DB_QueryStatus qs;
- bool http;
+ struct PurseMergeContext *pmc = rc->rh_ctx;
+ if (NULL == pmc)
{
- enum GNUNET_GenericReturnValue res;
+ pmc = GNUNET_new (struct PurseMergeContext);
+ rc->rh_ctx = pmc;
+ rc->rh_cleaner = &clean_purse_merge_rc;
+ pmc->rc = rc;
+ pmc->purse_pub = *purse_pub;
+ pmc->exchange_timestamp
+ = GNUNET_TIME_timestamp_get ();
- res = TALER_MHD_parse_json_data (connection,
- root,
- spec);
- if (GNUNET_SYSERR == res)
{
- GNUNET_break (0);
- return MHD_NO; /* hard failure */
+ struct GNUNET_JSON_Specification spec[] = {
+ TALER_JSON_spec_payto_uri ("payto_uri",
+ &pmc->payto_uri),
+ GNUNET_JSON_spec_fixed_auto ("reserve_sig",
+ &pmc->reserve_sig),
+ GNUNET_JSON_spec_fixed_auto ("merge_sig",
+ &pmc->merge_sig),
+ GNUNET_JSON_spec_timestamp ("merge_timestamp",
+ &pmc->merge_timestamp),
+ GNUNET_JSON_spec_end ()
+ };
+ enum GNUNET_GenericReturnValue res;
+
+ res = TALER_MHD_parse_json_data (rc->connection,
+ root,
+ spec);
+ if (GNUNET_SYSERR == res)
+ {
+ GNUNET_break (0);
+ return MHD_NO; /* hard failure */
+ }
+ if (GNUNET_NO == res)
+ {
+ GNUNET_break_op (0);
+ return MHD_YES; /* failure */
+ }
}
- if (GNUNET_NO == res)
+
{
- GNUNET_break_op (0);
- return MHD_YES; /* failure */
+ struct TALER_PurseContractSignatureP purse_sig;
+ enum GNUNET_DB_QueryStatus qs;
+
+ /* Fetch purse details */
+ qs = TEH_plugin->get_purse_request (
+ TEH_plugin->cls,
+ &pmc->purse_pub,
+ &pmc->merge_pub,
+ &pmc->purse_expiration,
+ &pmc->h_contract_terms,
+ &pmc->min_age,
+ &pmc->target_amount,
+ &pmc->balance,
+ &purse_sig);
+ switch (qs)
+ {
+ case GNUNET_DB_STATUS_HARD_ERROR:
+ GNUNET_break (0);
+ return TALER_MHD_reply_with_error (
+ rc->connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_GENERIC_DB_FETCH_FAILED,
+ "select purse request");
+ case GNUNET_DB_STATUS_SOFT_ERROR:
+ GNUNET_break (0);
+ return TALER_MHD_reply_with_error (
+ rc->connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_GENERIC_DB_FETCH_FAILED,
+ "select purse request");
+ case GNUNET_DB_STATUS_SUCCESS_NO_RESULTS:
+ return TALER_MHD_reply_with_error (
+ rc->connection,
+ MHD_HTTP_NOT_FOUND,
+ TALER_EC_EXCHANGE_GENERIC_PURSE_UNKNOWN,
+ NULL);
+ case GNUNET_DB_STATUS_SUCCESS_ONE_RESULT:
+ /* continued below */
+ break;
+ }
}
- }
-
- /* Fetch purse details */
- qs = TEH_plugin->get_purse_request (TEH_plugin->cls,
- pcc.purse_pub,
- &pcc.merge_pub,
- &pcc.purse_expiration,
- &pcc.h_contract_terms,
- &pcc.min_age,
- &pcc.target_amount,
- &pcc.balance,
- &purse_sig);
- switch (qs)
- {
- case GNUNET_DB_STATUS_HARD_ERROR:
- GNUNET_break (0);
- return TALER_MHD_reply_with_error (
- connection,
- MHD_HTTP_INTERNAL_SERVER_ERROR,
- TALER_EC_GENERIC_DB_FETCH_FAILED,
- "select purse request");
- case GNUNET_DB_STATUS_SOFT_ERROR:
- GNUNET_break (0);
- return TALER_MHD_reply_with_error (
- connection,
- MHD_HTTP_INTERNAL_SERVER_ERROR,
- TALER_EC_GENERIC_DB_FETCH_FAILED,
- "select purse request");
- case GNUNET_DB_STATUS_SUCCESS_NO_RESULTS:
- return TALER_MHD_reply_with_error (
- connection,
- MHD_HTTP_NOT_FOUND,
- TALER_EC_EXCHANGE_GENERIC_PURSE_UNKNOWN,
- NULL);
- case GNUNET_DB_STATUS_SUCCESS_ONE_RESULT:
- /* continued below */
- break;
- }
- /* parse 'payto_uri' into pcc.account_pub and provider_url */
- GNUNET_log (GNUNET_ERROR_TYPE_INFO,
- "Received payto: `%s'\n",
- pcc.payto_uri);
- if ( (0 != strncmp (pcc.payto_uri,
- "payto://taler-reserve/",
- strlen ("payto://taler-reserve/"))) &&
- (0 != strncmp (pcc.payto_uri,
- "payto://taler-reserve-http/",
- strlen ("payto://taler-reserve+http/"))) )
- {
- GNUNET_break_op (0);
- return TALER_MHD_reply_with_error (
- connection,
- MHD_HTTP_BAD_REQUEST,
- TALER_EC_GENERIC_PARAMETER_MALFORMED,
- "payto_uri");
- }
- http = (0 == strncmp (pcc.payto_uri,
- "payto://taler-reserve-http/",
- strlen ("payto://taler-reserve-http/")));
- {
- const char *host = &pcc.payto_uri[http
- ? strlen ("payto://taler-reserve-http/")
- : strlen ("payto://taler-reserve/")];
- const char *slash = strchr (host,
- '/');
-
- if (NULL == slash)
+ /* check signatures */
+ if (GNUNET_OK !=
+ TALER_wallet_purse_merge_verify (
+ pmc->payto_uri,
+ pmc->merge_timestamp,
+ &pmc->purse_pub,
+ &pmc->merge_pub,
+ &pmc->merge_sig))
{
GNUNET_break_op (0);
return TALER_MHD_reply_with_error (
- connection,
- MHD_HTTP_BAD_REQUEST,
- TALER_EC_GENERIC_PARAMETER_MALFORMED,
- "payto_uri");
+ rc->connection,
+ MHD_HTTP_FORBIDDEN,
+ TALER_EC_EXCHANGE_PURSE_MERGE_INVALID_MERGE_SIGNATURE,
+ NULL);
}
- GNUNET_asprintf (&pcc.provider_url,
- "%s://%.*s/",
- http ? "http" : "https",
- (int) (slash - host),
- host);
- slash++;
- if (GNUNET_OK !=
- GNUNET_STRINGS_string_to_data (
- slash,
- strlen (slash),
- &pcc.account_pub.reserve_pub,
- sizeof (pcc.account_pub.reserve_pub)))
+
+ /* parse 'payto_uri' into pmc->account_pub and provider_url */
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ "Received payto: `%s'\n",
+ pmc->payto_uri);
+ if ( (0 != strncmp (pmc->payto_uri,
+ "payto://taler-reserve/",
+ strlen ("payto://taler-reserve/"))) &&
+ (0 != strncmp (pmc->payto_uri,
+ "payto://taler-reserve-http/",
+ strlen ("payto://taler-reserve+http/"))) )
{
GNUNET_break_op (0);
- GNUNET_free (pcc.provider_url);
return TALER_MHD_reply_with_error (
- connection,
+ rc->connection,
MHD_HTTP_BAD_REQUEST,
TALER_EC_GENERIC_PARAMETER_MALFORMED,
"payto_uri");
}
- slash++;
- }
- TALER_payto_hash (pcc.payto_uri,
- &pcc.h_payto);
- if (0 == strcmp (pcc.provider_url,
- TEH_base_url))
- {
- /* we use NULL to represent 'self' as the provider */
- GNUNET_free (pcc.provider_url);
- }
- else
- {
- char *method = GNUNET_strdup ("FIXME-WAD #7271");
- /* FIXME-#7271: lookup wire method by pcc.provider_url! */
- pcc.wf = TEH_wire_fees_by_time (pcc.exchange_timestamp,
- method);
- if (NULL == pcc.wf)
{
- MHD_RESULT res;
-
- GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
- "Cannot merge purse: wire fees not configured!\n");
- res = TALER_MHD_reply_with_error (connection,
- MHD_HTTP_INTERNAL_SERVER_ERROR,
- TALER_EC_EXCHANGE_GENERIC_WIRE_FEES_MISSING,
- method);
+ bool http;
+ const char *host;
+ const char *slash;
+
+ http = (0 == strncmp (pmc->payto_uri,
+ "payto://taler-reserve-http/",
+ strlen ("payto://taler-reserve-http/")));
+ host = &pmc->payto_uri[http
+ ? strlen ("payto://taler-reserve-http/")
+ : strlen ("payto://taler-reserve/")];
+ slash = strchr (host,
+ '/');
+ if (NULL == slash)
+ {
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_error (
+ rc->connection,
+ MHD_HTTP_BAD_REQUEST,
+ TALER_EC_GENERIC_PARAMETER_MALFORMED,
+ "payto_uri");
+ }
+ GNUNET_asprintf (&pmc->provider_url,
+ "%s://%.*s/",
+ http ? "http" : "https",
+ (int) (slash - host),
+ host);
+ slash++;
+ if (GNUNET_OK !=
+ GNUNET_STRINGS_string_to_data (
+ slash,
+ strlen (slash),
+ &pmc->account_pub.reserve_pub,
+ sizeof (pmc->account_pub.reserve_pub)))
+ {
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_error (
+ rc->connection,
+ MHD_HTTP_BAD_REQUEST,
+ TALER_EC_GENERIC_PARAMETER_MALFORMED,
+ "payto_uri");
+ }
+ }
+ TALER_payto_hash (pmc->payto_uri,
+ &pmc->h_payto);
+ if (0 == strcmp (pmc->provider_url,
+ TEH_base_url))
+ {
+ /* we use NULL to represent 'self' as the provider */
+ GNUNET_free (pmc->provider_url);
+ }
+ else
+ {
+ char *method = GNUNET_strdup ("FIXME-WAD #7271");
+
+ /* FIXME-#7271: lookup wire method by pmc.provider_url! */
+ pmc->wf = TEH_wire_fees_by_time (pmc->exchange_timestamp,
+ method);
+ if (NULL == pmc->wf)
+ {
+ MHD_RESULT res;
+
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ "Cannot merge purse: wire fees not configured!\n");
+ res = TALER_MHD_reply_with_error (
+ rc->connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_EXCHANGE_GENERIC_WIRE_FEES_MISSING,
+ method);
+ GNUNET_free (method);
+ return res;
+ }
GNUNET_free (method);
- return res;
}
- GNUNET_free (method);
- }
- /* check signatures */
- if (GNUNET_OK !=
- TALER_wallet_purse_merge_verify (
- pcc.payto_uri,
- pcc.merge_timestamp,
- pcc.purse_pub,
- &pcc.merge_pub,
- &pcc.merge_sig))
- {
- GNUNET_break_op (0);
- GNUNET_free (pcc.provider_url);
- return TALER_MHD_reply_with_error (
- connection,
- MHD_HTTP_FORBIDDEN,
- TALER_EC_EXCHANGE_PURSE_MERGE_INVALID_MERGE_SIGNATURE,
- NULL);
- }
- {
- struct TALER_Amount zero_purse_fee;
- GNUNET_assert (GNUNET_OK ==
- TALER_amount_set_zero (pcc.target_amount.currency,
- &zero_purse_fee));
- if (GNUNET_OK !=
- TALER_wallet_account_merge_verify (
- pcc.merge_timestamp,
- pcc.purse_pub,
- pcc.purse_expiration,
- &pcc.h_contract_terms,
- &pcc.target_amount,
- &zero_purse_fee,
- pcc.min_age,
- TALER_WAMF_MODE_MERGE_FULLY_PAID_PURSE,
- &pcc.account_pub.reserve_pub,
- &pcc.reserve_sig))
{
- GNUNET_break_op (0);
- GNUNET_free (pcc.provider_url);
- return TALER_MHD_reply_with_error (
- connection,
- MHD_HTTP_FORBIDDEN,
- TALER_EC_EXCHANGE_PURSE_MERGE_INVALID_RESERVE_SIGNATURE,
- NULL);
+ struct TALER_Amount zero_purse_fee;
+
+ GNUNET_assert (GNUNET_OK ==
+ TALER_amount_set_zero (
+ pmc->target_amount.currency,
+ &zero_purse_fee));
+ if (GNUNET_OK !=
+ TALER_wallet_account_merge_verify (
+ pmc->merge_timestamp,
+ &pmc->purse_pub,
+ pmc->purse_expiration,
+ &pmc->h_contract_terms,
+ &pmc->target_amount,
+ &zero_purse_fee,
+ pmc->min_age,
+ TALER_WAMF_MODE_MERGE_FULLY_PAID_PURSE,
+ &pmc->account_pub.reserve_pub,
+ &pmc->reserve_sig))
+ {
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_error (
+ rc->connection,
+ MHD_HTTP_FORBIDDEN,
+ TALER_EC_EXCHANGE_PURSE_MERGE_INVALID_RESERVE_SIGNATURE,
+ NULL);
+ }
}
+ pmc->lch = TEH_legitimization_check (
+ &rc->async_scope_id,
+ TALER_KYCLOGIC_KYC_TRIGGER_P2P_RECEIVE,
+ pmc->payto_uri,
+ &pmc->h_payto,
+ &pmc->account_pub,
+ &amount_iterator,
+ pmc,
+ &legi_result_cb,
+ pmc);
+ GNUNET_assert (NULL != pmc->lch);
+ MHD_suspend_connection (rc->connection);
+ GNUNET_CONTAINER_DLL_insert (pmc_head,
+ pmc_tail,
+ pmc);
+ return MHD_YES;
}
+ if (NULL != pmc->response)
+ {
+ return MHD_queue_response (rc->connection,
+ pmc->http_status,
+ pmc->response);
+ }
+ if (! pmc->kyc.ok)
+ return TEH_RESPONSE_reply_kyc_required (rc->connection,
+ &pmc->h_payto,
+ &pmc->kyc);
- /* execute transaction */
+ /* execute merge transaction */
{
MHD_RESULT mhd_ret;
if (GNUNET_OK !=
- TEH_DB_run_transaction (connection,
+ TEH_DB_run_transaction (rc->connection,
"execute purse merge",
TEH_MT_REQUEST_PURSE_MERGE,
&mhd_ret,
&merge_transaction,
- &pcc))
+ pmc))
{
- GNUNET_free (pcc.provider_url);
return mhd_ret;
}
}
-
- GNUNET_free (pcc.provider_url);
- if (! pcc.kyc.ok)
- return TEH_RESPONSE_reply_kyc_required (connection,
- &pcc.h_payto,
- &pcc.kyc);
-
{
struct TALER_PurseEventP rep = {
.header.size = htons (sizeof (rep)),
.header.type = htons (TALER_DBEVENT_EXCHANGE_PURSE_MERGED),
- .purse_pub = *pcc.purse_pub
+ .purse_pub = pmc->purse_pub
};
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
@@ -666,8 +799,7 @@ TEH_handler_purses_merge (
}
/* generate regular response */
- return reply_merge_success (connection,
- &pcc);
+ return reply_merge_success (pmc);
}
diff --git a/src/exchange/taler-exchange-httpd_purses_merge.h b/src/exchange/taler-exchange-httpd_purses_merge.h
index 3bc6e1696..9355ae1e4 100644
--- a/src/exchange/taler-exchange-httpd_purses_merge.h
+++ b/src/exchange/taler-exchange-httpd_purses_merge.h
@@ -27,20 +27,28 @@
/**
+ * Resume suspended connections, we are shutting down.
+ */
+void
+TEH_purses_merge_cleanup (void);
+
+
+/**
* Handle a "/purses/$PURSE_PUB/merge" request. Parses the JSON, and, if
* successful, passes the JSON data to #merge_transaction() to further check
* the details of the operation specified. If everything checks out, this
* will ultimately lead to the "purses merge" being executed, or rejected.
*
- * @param connection the MHD connection to handle
+ * @param rc request to handle
* @param purse_pub public key of the purse
* @param root uploaded JSON data
* @return MHD result code
*/
MHD_RESULT
-TEH_handler_purses_merge (struct MHD_Connection *connection,
- const struct TALER_PurseContractPublicKeyP *purse_pub,
- const json_t *root);
+TEH_handler_purses_merge (
+ struct TEH_RequestContext *rc,
+ const struct TALER_PurseContractPublicKeyP *purse_pub,
+ const json_t *root);
#endif
diff --git a/src/exchange/taler-exchange-httpd_reserves_close.c b/src/exchange/taler-exchange-httpd_reserves_close.c
index 7b5f14c13..bd048e0c2 100644
--- a/src/exchange/taler-exchange-httpd_reserves_close.c
+++ b/src/exchange/taler-exchange-httpd_reserves_close.c
@@ -27,6 +27,7 @@
#include "taler_mhd_lib.h"
#include "taler_json_lib.h"
#include "taler_dbevents.h"
+#include "taler-exchange-httpd_common_kyc.h"
#include "taler-exchange-httpd_keys.h"
#include "taler-exchange-httpd_reserves_close.h"
#include "taler-exchange-httpd_withdraw.h"
@@ -46,10 +47,44 @@
*/
struct ReserveCloseContext
{
+
+ /**
+ * Kept in a DLL.
+ */
+ struct ReserveCloseContext *next;
+
+ /**
+ * Kept in a DLL.
+ */
+ struct ReserveCloseContext *prev;
+
+ /**
+ * Our request context.
+ */
+ struct TEH_RequestContext *rc;
+
+ /**
+ * Handle for legitimization check.
+ */
+ struct TEH_LegitimizationCheckHandle *lch;
+
+ /**
+ * Where to wire the funds, may be NULL.
+ */
+ const char *payto_uri;
+
+ /**
+ * Response to return. Note that the response must
+ * be queued or destroyed by the callee. NULL
+ * if the legitimization check was successful and the handler should return
+ * a handler-specific result.
+ */
+ struct MHD_Response *response;
+
/**
* Public key of the reserve the inquiry is about.
*/
- const struct TALER_ReservePublicKeyP *reserve_pub;
+ struct TALER_ReservePublicKeyP reserve_pub;
/**
* Timestamp of the request.
@@ -72,11 +107,6 @@ struct ReserveCloseContext
struct TALER_Amount balance;
/**
- * Where to wire the funds, may be NULL.
- */
- const char *payto_uri;
-
- /**
* Hash of the @e payto_uri, if given (otherwise zero).
*/
struct TALER_PaytoHashP h_payto;
@@ -95,20 +125,61 @@ struct ReserveCloseContext
* Query status from the amount_it() helper function.
*/
enum GNUNET_DB_QueryStatus qs;
+
+ /**
+ * HTTP status code for @a response, or 0
+ */
+ unsigned int http_status;
+
+ /**
+ * Set to true if the request was suspended.
+ */
+ bool suspended;
+
+ /**
+ * Set to true if the request was suspended.
+ */
+ bool resumed;
};
/**
+ * Kept in a DLL.
+ */
+static struct ReserveCloseContext *rcc_head;
+
+/**
+ * Kept in a DLL.
+ */
+static struct ReserveCloseContext *rcc_tail;
+
+
+void
+TEH_reserves_close_cleanup ()
+{
+ struct ReserveCloseContext *rcc;
+
+ while (NULL != (rcc = rcc_head))
+ {
+ GNUNET_CONTAINER_DLL_remove (rcc_head,
+ rcc_tail,
+ rcc);
+ MHD_resume_connection (rcc->rc->connection);
+ }
+}
+
+
+/**
* Send reserve close to client.
*
- * @param connection connection to the client
* @param rhc reserve close to return
* @return MHD result code
*/
static MHD_RESULT
-reply_reserve_close_success (struct MHD_Connection *connection,
- const struct ReserveCloseContext *rhc)
+reply_reserve_close_success (
+ const struct ReserveCloseContext *rhc)
{
+ struct MHD_Connection *connection = rhc->rc->connection;
return TALER_MHD_REPLY_JSON_PACK (
connection,
MHD_HTTP_OK,
@@ -118,6 +189,34 @@ reply_reserve_close_success (struct MHD_Connection *connection,
/**
+ * Function called with the result of a legitimization
+ * check.
+ *
+ * @param cls closure
+ * @param lcr legitimization check result
+ */
+static void
+reserve_close_legi_cb (
+ void *cls,
+ const struct TEH_LegitimizationCheckResult *lcr)
+{
+ struct ReserveCloseContext *rcc = cls;
+
+ rcc->lch = NULL;
+ rcc->http_status = lcr->http_status;
+ rcc->response = lcr->response;
+ rcc->kyc = lcr->kyc;
+ GNUNET_CONTAINER_DLL_remove (rcc_head,
+ rcc_tail,
+ rcc);
+ MHD_resume_connection (rcc->rc->connection);
+ rcc->resumed = true;
+ rcc->suspended = false;
+ TALER_MHD_daemon_trigger ();
+}
+
+
+/**
* Function called to iterate over KYC-relevant
* transaction amounts for a particular time range.
* Called within a database transaction, so must
@@ -175,9 +274,10 @@ amount_it (void *cls,
* @return transaction status
*/
static enum GNUNET_DB_QueryStatus
-reserve_close_transaction (void *cls,
- struct MHD_Connection *connection,
- MHD_RESULT *mhd_ret)
+reserve_close_transaction (
+ void *cls,
+ struct MHD_Connection *connection,
+ MHD_RESULT *mhd_ret)
{
struct ReserveCloseContext *rcc = cls;
enum GNUNET_DB_QueryStatus qs;
@@ -186,7 +286,7 @@ reserve_close_transaction (void *cls,
qs = TEH_plugin->select_reserve_close_info (
TEH_plugin->cls,
- rcc->reserve_pub,
+ &rcc->reserve_pub,
&rcc->balance,
&payto_uri);
switch (qs)
@@ -194,19 +294,21 @@ reserve_close_transaction (void *cls,
case GNUNET_DB_STATUS_HARD_ERROR:
GNUNET_break (0);
*mhd_ret
- = TALER_MHD_reply_with_error (connection,
- MHD_HTTP_INTERNAL_SERVER_ERROR,
- TALER_EC_GENERIC_DB_FETCH_FAILED,
- "select_reserve_close_info");
+ = TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_GENERIC_DB_FETCH_FAILED,
+ "select_reserve_close_info");
return qs;
case GNUNET_DB_STATUS_SOFT_ERROR:
return qs;
case GNUNET_DB_STATUS_SUCCESS_NO_RESULTS:
*mhd_ret
- = TALER_MHD_reply_with_error (connection,
- MHD_HTTP_NOT_FOUND,
- TALER_EC_EXCHANGE_GENERIC_RESERVE_UNKNOWN,
- NULL);
+ = TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_NOT_FOUND,
+ TALER_EC_EXCHANGE_GENERIC_RESERVE_UNKNOWN,
+ NULL);
return GNUNET_DB_STATUS_HARD_ERROR;
case GNUNET_DB_STATUS_SUCCESS_ONE_RESULT:
break;
@@ -216,14 +318,16 @@ reserve_close_transaction (void *cls,
(NULL == payto_uri) )
{
*mhd_ret
- = TALER_MHD_reply_with_error (connection,
- MHD_HTTP_CONFLICT,
- TALER_EC_EXCHANGE_RESERVES_CLOSE_NO_TARGET_ACCOUNT,
- NULL);
+ = TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_CONFLICT,
+ TALER_EC_EXCHANGE_RESERVES_CLOSE_NO_TARGET_ACCOUNT,
+ NULL);
return GNUNET_DB_STATUS_HARD_ERROR;
}
- if ( (NULL != rcc->payto_uri) &&
+ if ( (! rcc->resumed) &&
+ (NULL != rcc->payto_uri) &&
( (NULL == payto_uri) ||
(0 != strcmp (payto_uri,
rcc->payto_uri)) ) )
@@ -234,28 +338,25 @@ reserve_close_transaction (void *cls,
TALER_payto_hash (rcc->payto_uri,
&rcc->kyc_payto);
- rcc->qs = GNUNET_DB_STATUS_SUCCESS_NO_RESULTS;
- qs = TEH_legitimization_check (
- &rcc->kyc,
- connection,
- mhd_ret,
+ rcc->lch = TEH_legitimization_check (
+ &rcc->rc->async_scope_id,
TALER_KYCLOGIC_KYC_TRIGGER_RESERVE_CLOSE,
rcc->payto_uri,
&rcc->kyc_payto,
- NULL,
+ NULL, /* no account_pub */
&amount_it,
+ rcc,
+ &reserve_close_legi_cb,
rcc);
- if ( (qs < 0) ||
- (! rcc->kyc.ok) )
- {
- GNUNET_free (payto_uri);
- return qs;
- }
- }
- else
- {
- rcc->kyc.ok = true;
+ GNUNET_assert (NULL != rcc->lch);
+ GNUNET_CONTAINER_DLL_insert (rcc_head,
+ rcc_tail,
+ rcc);
+ MHD_suspend_connection (rcc->rc->connection);
+ rcc->suspended = true;
+ return GNUNET_DB_STATUS_SUCCESS_NO_RESULTS;
}
+ rcc->kyc.ok = true;
if (NULL == rcc->payto_uri)
rcc->payto_uri = payto_uri;
@@ -268,10 +369,11 @@ reserve_close_transaction (void *cls,
if (NULL == wf)
{
GNUNET_break (0);
- *mhd_ret = TALER_MHD_reply_with_error (connection,
- MHD_HTTP_INTERNAL_SERVER_ERROR,
- TALER_EC_EXCHANGE_WIRE_FEES_NOT_CONFIGURED,
- method);
+ *mhd_ret = TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_EXCHANGE_WIRE_FEES_NOT_CONFIGURED,
+ method);
GNUNET_free (method);
return GNUNET_DB_STATUS_HARD_ERROR;
}
@@ -288,18 +390,18 @@ reserve_close_transaction (void *cls,
GNUNET_assert (GNUNET_OK ==
TALER_amount_set_zero (TEH_currency,
&rcc->wire_amount));
- *mhd_ret = reply_reserve_close_success (connection,
- rcc);
+ *mhd_ret = reply_reserve_close_success (rcc);
return GNUNET_DB_STATUS_HARD_ERROR;
}
- qs = TEH_plugin->insert_close_request (TEH_plugin->cls,
- rcc->reserve_pub,
- payto_uri,
- &rcc->reserve_sig,
- rcc->timestamp,
- &rcc->balance,
- &wf->closing);
+ qs = TEH_plugin->insert_close_request (
+ TEH_plugin->cls,
+ &rcc->reserve_pub,
+ payto_uri,
+ &rcc->reserve_sig,
+ rcc->timestamp,
+ &rcc->balance,
+ &wf->closing);
GNUNET_free (payto_uri);
rcc->payto_uri = NULL;
if (GNUNET_DB_STATUS_HARD_ERROR == qs)
@@ -321,76 +423,131 @@ reserve_close_transaction (void *cls,
}
+/**
+ * Cleanup routine. Function called
+ * upon completion of the request that should
+ * clean up @a rh_ctx. Can be NULL.
+ *
+ * @param rc request to clean up context for
+ */
+static void
+reserve_close_cleanup (struct TEH_RequestContext *rc)
+{
+ struct ReserveCloseContext *rcc = rc->rh_ctx;
+
+ if (NULL != rcc->lch)
+ {
+ TEH_legitimization_check_cancel (rcc->lch);
+ rcc->lch = NULL;
+ }
+ GNUNET_free (rcc);
+}
+
+
MHD_RESULT
-TEH_handler_reserves_close (struct TEH_RequestContext *rc,
- const struct TALER_ReservePublicKeyP *reserve_pub,
- const json_t *root)
+TEH_handler_reserves_close (
+ struct TEH_RequestContext *rc,
+ const struct TALER_ReservePublicKeyP *reserve_pub,
+ const json_t *root)
{
- struct ReserveCloseContext rcc = {
- .payto_uri = NULL,
- .reserve_pub = reserve_pub
- };
+ struct ReserveCloseContext *rcc = rc->rh_ctx;
MHD_RESULT mhd_ret;
- struct GNUNET_JSON_Specification spec[] = {
- GNUNET_JSON_spec_timestamp ("request_timestamp",
- &rcc.timestamp),
- GNUNET_JSON_spec_mark_optional (
- TALER_JSON_spec_payto_uri ("payto_uri",
- &rcc.payto_uri),
- NULL),
- GNUNET_JSON_spec_fixed_auto ("reserve_sig",
- &rcc.reserve_sig),
- GNUNET_JSON_spec_end ()
- };
+ if (NULL == rcc)
{
- enum GNUNET_GenericReturnValue res;
+ rcc = GNUNET_new (struct ReserveCloseContext);
+ rc->rh_ctx = rcc;
+ rc->rh_cleaner = &reserve_close_cleanup;
+ rcc->reserve_pub = *reserve_pub;
- res = TALER_MHD_parse_json_data (rc->connection,
- root,
- spec);
- if (GNUNET_SYSERR == res)
{
- GNUNET_break (0);
- return MHD_NO; /* hard failure */
+ struct GNUNET_JSON_Specification spec[] = {
+ GNUNET_JSON_spec_timestamp ("request_timestamp",
+ &rcc->timestamp),
+ GNUNET_JSON_spec_mark_optional (
+ TALER_JSON_spec_payto_uri ("payto_uri",
+ &rcc->payto_uri),
+ NULL),
+ GNUNET_JSON_spec_fixed_auto ("reserve_sig",
+ &rcc->reserve_sig),
+ GNUNET_JSON_spec_end ()
+ };
+
+ {
+ enum GNUNET_GenericReturnValue res;
+
+ res = TALER_MHD_parse_json_data (rc->connection,
+ root,
+ spec);
+ if (GNUNET_SYSERR == res)
+ {
+ GNUNET_break (0);
+ return MHD_NO; /* hard failure */
+ }
+ if (GNUNET_NO == res)
+ {
+ GNUNET_break_op (0);
+ return MHD_YES; /* failure */
+ }
+ }
}
- if (GNUNET_NO == res)
+
{
- GNUNET_break_op (0);
- return MHD_YES; /* failure */
+ struct GNUNET_TIME_Timestamp now;
+
+ now = GNUNET_TIME_timestamp_get ();
+ if (! GNUNET_TIME_absolute_approx_eq (
+ now.abs_time,
+ rcc->timestamp.abs_time,
+ TIMESTAMP_TOLERANCE))
+ {
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_error (
+ rc->connection,
+ MHD_HTTP_BAD_REQUEST,
+ TALER_EC_EXCHANGE_GENERIC_CLOCK_SKEW,
+ NULL);
+ }
}
- }
- {
- struct GNUNET_TIME_Timestamp now;
-
- now = GNUNET_TIME_timestamp_get ();
- if (! GNUNET_TIME_absolute_approx_eq (now.abs_time,
- rcc.timestamp.abs_time,
- TIMESTAMP_TOLERANCE))
+ if (NULL != rcc->payto_uri)
+ TALER_payto_hash (rcc->payto_uri,
+ &rcc->h_payto);
+ if (GNUNET_OK !=
+ TALER_wallet_reserve_close_verify (
+ rcc->timestamp,
+ &rcc->h_payto,
+ &rcc->reserve_pub,
+ &rcc->reserve_sig))
{
GNUNET_break_op (0);
- return TALER_MHD_reply_with_error (rc->connection,
- MHD_HTTP_BAD_REQUEST,
- TALER_EC_EXCHANGE_GENERIC_CLOCK_SKEW,
- NULL);
+ return TALER_MHD_reply_with_error (
+ rc->connection,
+ MHD_HTTP_FORBIDDEN,
+ TALER_EC_EXCHANGE_RESERVES_CLOSE_BAD_SIGNATURE,
+ NULL);
}
}
-
- if (NULL != rcc.payto_uri)
- TALER_payto_hash (rcc.payto_uri,
- &rcc.h_payto);
- if (GNUNET_OK !=
- TALER_wallet_reserve_close_verify (rcc.timestamp,
- &rcc.h_payto,
- reserve_pub,
- &rcc.reserve_sig))
+ if (NULL != rcc->response)
+ return MHD_queue_response (rc->connection,
+ rcc->http_status,
+ rcc->response);
+ if (rcc->resumed &&
+ (! rcc->kyc.ok) )
{
- GNUNET_break_op (0);
- return TALER_MHD_reply_with_error (rc->connection,
- MHD_HTTP_FORBIDDEN,
- TALER_EC_EXCHANGE_RESERVES_CLOSE_BAD_SIGNATURE,
- NULL);
+ if (0 == rcc->kyc.requirement_row)
+ {
+ GNUNET_break (0);
+ return TALER_MHD_reply_with_error (
+ rc->connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE,
+ "requirement row not set");
+ }
+ return TEH_RESPONSE_reply_kyc_required (
+ rc->connection,
+ &rcc->kyc_payto,
+ &rcc->kyc);
}
if (GNUNET_OK !=
@@ -403,24 +560,9 @@ TEH_handler_reserves_close (struct TEH_RequestContext *rc,
{
return mhd_ret;
}
- if (! rcc.kyc.ok)
- {
- if (0 == rcc.kyc.requirement_row)
- {
- GNUNET_break (0);
- return TALER_MHD_reply_with_error (
- rc->connection,
- MHD_HTTP_INTERNAL_SERVER_ERROR,
- TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE,
- "requirement row not set");
- }
- return TEH_RESPONSE_reply_kyc_required (
- rc->connection,
- &rcc.kyc_payto,
- &rcc.kyc);
- }
- return reply_reserve_close_success (rc->connection,
- &rcc);
+ if (rcc->suspended)
+ return MHD_YES;
+ return reply_reserve_close_success (rcc);
}
diff --git a/src/exchange/taler-exchange-httpd_reserves_close.h b/src/exchange/taler-exchange-httpd_reserves_close.h
index 4c70b17cb..f4ca07c4f 100644
--- a/src/exchange/taler-exchange-httpd_reserves_close.h
+++ b/src/exchange/taler-exchange-httpd_reserves_close.h
@@ -26,6 +26,12 @@
/**
+ * Resume suspended connections, we are shutting down.
+ */
+void
+TEH_reserves_close_cleanup (void);
+
+/**
* Handle a POST "/reserves/$RID/close" request.
*
* @param rc request context
@@ -34,8 +40,9 @@
* @return MHD result code
*/
MHD_RESULT
-TEH_handler_reserves_close (struct TEH_RequestContext *rc,
- const struct TALER_ReservePublicKeyP *reserve_pub,
- const json_t *root);
+TEH_handler_reserves_close (
+ struct TEH_RequestContext *rc,
+ const struct TALER_ReservePublicKeyP *reserve_pub,
+ const json_t *root);
#endif
diff --git a/src/exchange/taler-exchange-httpd_reserves_purse.c b/src/exchange/taler-exchange-httpd_reserves_purse.c
index 6186afe4e..5774e10ea 100644
--- a/src/exchange/taler-exchange-httpd_reserves_purse.c
+++ b/src/exchange/taler-exchange-httpd_reserves_purse.c
@@ -1,6 +1,6 @@
/*
This file is part of TALER
- Copyright (C) 2022 Taler Systems SA
+ Copyright (C) 2022-2024 Taler Systems SA
TALER is free software; you can redistribute it and/or modify it under the
terms of the GNU Affero General Public License as published by the Free Software
@@ -29,6 +29,7 @@
#include "taler_json_lib.h"
#include "taler_kyclogic_lib.h"
#include "taler_mhd_lib.h"
+#include "taler-exchange-httpd_common_kyc.h"
#include "taler-exchange-httpd_reserves_purse.h"
#include "taler-exchange-httpd_responses.h"
#include "taler-exchange-httpd_withdraw.h"
@@ -43,14 +44,42 @@ struct ReservePurseContext
{
/**
- * Public key of the account (reserve) we are creating a purse for.
+ * Kept in a DLL.
+ */
+ struct ReservePurseContext *next;
+
+ /**
+ * Kept in a DLL.
+ */
+ struct ReservePurseContext *prev;
+
+ /**
+ * Our request context.
+ */
+ struct TEH_RequestContext *rc;
+
+ /**
+ * Handle for legitimization check.
*/
- const union TALER_AccountPublicKeyP account_pub;
+ struct TEH_LegitimizationCheckHandle *lch;
/**
- * Fees for the operation.
+ * Response to return. Note that the response must
+ * be queued or destroyed by the callee. NULL
+ * if the legitimization check was successful and the handler should return
+ * a handler-specific result.
*/
- const struct TEH_GlobalFee *gf;
+ struct MHD_Response *response;
+
+ /**
+ * Payto URI for the reserve.
+ */
+ char *payto_uri;
+
+ /**
+ * Public key of the account (reserve) we are creating a purse for.
+ */
+ union TALER_AccountPublicKeyP account_pub;
/**
* Signature of the reserve affirming the merge.
@@ -108,11 +137,6 @@ struct ReservePurseContext
struct TALER_PaytoHashP h_payto;
/**
- * Payto URI for the reserve.
- */
- char *payto_uri;
-
- /**
* KYC status of the operation.
*/
struct TALER_EXCHANGEDB_KycStatus kyc;
@@ -128,12 +152,47 @@ struct ReservePurseContext
enum TALER_WalletAccountMergeFlags flags;
/**
+ * HTTP status code for @a response, or 0
+ */
+ unsigned int http_status;
+
+ /**
* Do we lack an @e econtract?
*/
bool no_econtract;
+ /**
+ * Set to true if the purse_fee was not given in the REST request.
+ */
+ bool no_purse_fee;
+
};
+/**
+ * Kept in a DLL.
+ */
+static struct ReservePurseContext *rpc_head;
+
+/**
+ * Kept in a DLL.
+ */
+static struct ReservePurseContext *rpc_tail;
+
+
+void
+TEH_reserves_purse_cleanup ()
+{
+ struct ReservePurseContext *rpc;
+
+ while (NULL != (rpc = rpc_head))
+ {
+ GNUNET_CONTAINER_DLL_remove (rpc_head,
+ rpc_tail,
+ rpc);
+ MHD_resume_connection (rpc->rc->connection);
+ }
+}
+
/**
* Function called to iterate over KYC-relevant
@@ -182,6 +241,32 @@ amount_iterator (void *cls,
/**
+ * Function called with the result of a legitimization
+ * check.
+ *
+ * @param cls closure
+ * @param lcr legitimization check result
+ */
+static void
+reserve_purse_legi_cb (
+ void *cls,
+ const struct TEH_LegitimizationCheckResult *lcr)
+{
+ struct ReservePurseContext *rpc = cls;
+
+ rpc->lch = NULL;
+ rpc->http_status = lcr->http_status;
+ rpc->response = lcr->response;
+ rpc->kyc = lcr->kyc;
+ GNUNET_CONTAINER_DLL_remove (rpc_head,
+ rpc_tail,
+ rpc);
+ MHD_resume_connection (rpc->rc->connection);
+ TALER_MHD_daemon_trigger ();
+}
+
+
+/**
* Execute database transaction for /reserves/$PID/purse. Runs the transaction
* logic; IF it returns a non-error code, the transaction logic MUST NOT queue
* a MHD response. IF it returns an hard error, the transaction logic MUST
@@ -202,20 +287,6 @@ purse_transaction (void *cls,
struct ReservePurseContext *rpc = cls;
enum GNUNET_DB_QueryStatus qs;
- qs = TEH_legitimization_check (
- &rpc->kyc,
- connection,
- mhd_ret,
- TALER_KYCLOGIC_KYC_TRIGGER_P2P_RECEIVE,
- rpc->payto_uri,
- &rpc->h_payto,
- &rpc->account_pub,
- &amount_iterator,
- rpc);
- if ( (qs < 0) ||
- (! rpc->kyc.ok) )
- return qs;
-
{
bool in_conflict = true;
@@ -238,10 +309,11 @@ purse_transaction (void *cls,
return qs;
GNUNET_break (0);
*mhd_ret =
- TALER_MHD_reply_with_error (connection,
- MHD_HTTP_INTERNAL_SERVER_ERROR,
- TALER_EC_GENERIC_DB_STORE_FAILED,
- "insert purse request");
+ TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_GENERIC_DB_STORE_FAILED,
+ "insert purse request");
return GNUNET_DB_STATUS_HARD_ERROR;
}
if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs)
@@ -272,10 +344,11 @@ purse_transaction (void *cls,
GNUNET_break (GNUNET_DB_STATUS_SOFT_ERROR != qs);
GNUNET_break (0 != qs);
TALER_LOG_WARNING ("Failed to fetch purse information from database\n");
- *mhd_ret = TALER_MHD_reply_with_error (connection,
- MHD_HTTP_INTERNAL_SERVER_ERROR,
- TALER_EC_GENERIC_DB_FETCH_FAILED,
- "select purse request");
+ *mhd_ret = TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_GENERIC_DB_FETCH_FAILED,
+ "select purse request");
return GNUNET_DB_STATUS_HARD_ERROR;
}
*mhd_ret
@@ -319,7 +392,7 @@ purse_transaction (void *cls,
(TALER_WAMF_MODE_CREATE_FROM_PURSE_QUOTA
== rpc->flags)
? NULL
- : &rpc->gf->fees.purse,
+ : &rpc->purse_fee,
&rpc->account_pub.reserve_pub,
&in_conflict,
&no_reserve,
@@ -331,10 +404,11 @@ purse_transaction (void *cls,
TALER_LOG_WARNING (
"Failed to store purse merge information in database\n");
*mhd_ret =
- TALER_MHD_reply_with_error (connection,
- MHD_HTTP_INTERNAL_SERVER_ERROR,
- TALER_EC_GENERIC_DB_STORE_FAILED,
- "do reserve purse");
+ TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_GENERIC_DB_STORE_FAILED,
+ "do reserve purse");
return GNUNET_DB_STATUS_HARD_ERROR;
}
if (in_conflict)
@@ -362,10 +436,11 @@ purse_transaction (void *cls,
GNUNET_break (0 != qs);
TALER_LOG_WARNING (
"Failed to fetch purse merge information from database\n");
- *mhd_ret = TALER_MHD_reply_with_error (connection,
- MHD_HTTP_INTERNAL_SERVER_ERROR,
- TALER_EC_GENERIC_DB_FETCH_FAILED,
- "select purse merge");
+ *mhd_ret = TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_GENERIC_DB_FETCH_FAILED,
+ "select purse merge");
return GNUNET_DB_STATUS_HARD_ERROR;
}
if (refunded)
@@ -373,10 +448,11 @@ purse_transaction (void *cls,
/* This is a bit of a strange case ... */
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Purse was already refunded\n");
- *mhd_ret = TALER_MHD_reply_with_error (connection,
- MHD_HTTP_GONE,
- TALER_EC_EXCHANGE_GENERIC_PURSE_EXPIRED,
- NULL);
+ *mhd_ret = TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_GONE,
+ TALER_EC_EXCHANGE_GENERIC_PURSE_EXPIRED,
+ NULL);
GNUNET_free (partner_url);
return GNUNET_DB_STATUS_HARD_ERROR;
}
@@ -402,7 +478,7 @@ purse_transaction (void *cls,
if ( (no_reserve) &&
( (TALER_WAMF_MODE_CREATE_FROM_PURSE_QUOTA
== rpc->flags) ||
- (! TALER_amount_is_zero (&rpc->gf->fees.purse)) ) )
+ (! TALER_amount_is_zero (&rpc->purse_fee)) ) )
{
*mhd_ret
= TALER_MHD_REPLY_JSON_PACK (
@@ -437,10 +513,11 @@ purse_transaction (void *cls,
if (GNUNET_DB_STATUS_SOFT_ERROR == qs)
return qs;
TALER_LOG_WARNING ("Failed to store purse information in database\n");
- *mhd_ret = TALER_MHD_reply_with_error (connection,
- MHD_HTTP_INTERNAL_SERVER_ERROR,
- TALER_EC_GENERIC_DB_STORE_FAILED,
- "purse purse contract");
+ *mhd_ret = TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_GENERIC_DB_STORE_FAILED,
+ "purse purse contract");
return GNUNET_DB_STATUS_HARD_ERROR;
}
if (in_conflict)
@@ -459,10 +536,11 @@ purse_transaction (void *cls,
GNUNET_break (0 != qs);
TALER_LOG_WARNING (
"Failed to store fetch contract information from database\n");
- *mhd_ret = TALER_MHD_reply_with_error (connection,
- MHD_HTTP_INTERNAL_SERVER_ERROR,
- TALER_EC_GENERIC_DB_FETCH_FAILED,
- "select contract");
+ *mhd_ret = TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_GENERIC_DB_FETCH_FAILED,
+ "select contract");
return GNUNET_DB_STATUS_HARD_ERROR;
}
GNUNET_CRYPTO_hash (econtract.econtract,
@@ -480,7 +558,6 @@ purse_transaction (void *cls,
&econtract.econtract_sig),
GNUNET_JSON_pack_data_auto ("contract_pub",
&econtract.contract_pub));
- GNUNET_free (econtract.econtract);
return GNUNET_DB_STATUS_HARD_ERROR;
}
}
@@ -488,277 +565,320 @@ purse_transaction (void *cls,
}
+/**
+ * Function to clean up our rh_ctx in @a rc
+ *
+ * @param[in,out] rc context to clean up
+ */
+static void
+rpc_cleaner (struct TEH_RequestContext *rc)
+{
+ struct ReservePurseContext *rpc = rc->rh_ctx;
+
+ if (NULL != rpc->lch)
+ {
+ TEH_legitimization_check_cancel (rpc->lch);
+ rpc->lch = NULL;
+ }
+ GNUNET_free (rpc->econtract.econtract);
+ GNUNET_free (rpc->payto_uri);
+ GNUNET_free (rpc);
+}
+
+
MHD_RESULT
TEH_handler_reserves_purse (
struct TEH_RequestContext *rc,
const struct TALER_ReservePublicKeyP *reserve_pub,
const json_t *root)
{
+ struct ReservePurseContext *rpc = rc->rh_ctx;
struct MHD_Connection *connection = rc->connection;
- struct ReservePurseContext rpc = {
- .account_pub.reserve_pub = *reserve_pub,
- .exchange_timestamp = GNUNET_TIME_timestamp_get ()
- };
- bool no_purse_fee = true;
- struct GNUNET_JSON_Specification spec[] = {
- TALER_JSON_spec_amount ("purse_value",
- TEH_currency,
- &rpc.pd.target_amount),
- GNUNET_JSON_spec_uint32 ("min_age",
- &rpc.min_age),
- GNUNET_JSON_spec_mark_optional (
- TALER_JSON_spec_amount ("purse_fee",
- TEH_currency,
- &rpc.purse_fee),
- &no_purse_fee),
- GNUNET_JSON_spec_mark_optional (
- TALER_JSON_spec_econtract ("econtract",
- &rpc.econtract),
- &rpc.no_econtract),
- GNUNET_JSON_spec_fixed_auto ("merge_pub",
- &rpc.merge_pub),
- GNUNET_JSON_spec_fixed_auto ("merge_sig",
- &rpc.merge_sig),
- GNUNET_JSON_spec_fixed_auto ("reserve_sig",
- &rpc.reserve_sig),
- GNUNET_JSON_spec_fixed_auto ("purse_pub",
- &rpc.pd.purse_pub),
- GNUNET_JSON_spec_fixed_auto ("purse_sig",
- &rpc.purse_sig),
- GNUNET_JSON_spec_fixed_auto ("h_contract_terms",
- &rpc.pd.h_contract_terms),
- GNUNET_JSON_spec_timestamp ("merge_timestamp",
- &rpc.merge_timestamp),
- GNUNET_JSON_spec_timestamp ("purse_expiration",
- &rpc.pd.purse_expiration),
- GNUNET_JSON_spec_end ()
- };
+ if (NULL == rpc)
{
- enum GNUNET_GenericReturnValue res;
+ rpc = GNUNET_new (struct ReservePurseContext);
+ rc->rh_ctx = rpc;
+ rc->rh_cleaner = &rpc_cleaner;
+ rpc->rc = rc;
+ rpc->account_pub.reserve_pub = *reserve_pub;
+ rpc->exchange_timestamp
+ = GNUNET_TIME_timestamp_get ();
+ rpc->no_purse_fee = true;
+
- res = TALER_MHD_parse_json_data (connection,
- root,
- spec);
- if (GNUNET_SYSERR == res)
{
- GNUNET_break (0);
- return MHD_NO; /* hard failure */
+ struct GNUNET_JSON_Specification spec[] = {
+ TALER_JSON_spec_amount ("purse_value",
+ TEH_currency,
+ &rpc->pd.target_amount),
+ GNUNET_JSON_spec_uint32 ("min_age",
+ &rpc->min_age),
+ GNUNET_JSON_spec_mark_optional (
+ TALER_JSON_spec_amount ("purse_fee",
+ TEH_currency,
+ &rpc->purse_fee),
+ &rpc->no_purse_fee),
+ GNUNET_JSON_spec_mark_optional (
+ TALER_JSON_spec_econtract ("econtract",
+ &rpc->econtract),
+ &rpc->no_econtract),
+ GNUNET_JSON_spec_fixed_auto ("merge_pub",
+ &rpc->merge_pub),
+ GNUNET_JSON_spec_fixed_auto ("merge_sig",
+ &rpc->merge_sig),
+ GNUNET_JSON_spec_fixed_auto ("reserve_sig",
+ &rpc->reserve_sig),
+ GNUNET_JSON_spec_fixed_auto ("purse_pub",
+ &rpc->pd.purse_pub),
+ GNUNET_JSON_spec_fixed_auto ("purse_sig",
+ &rpc->purse_sig),
+ GNUNET_JSON_spec_fixed_auto ("h_contract_terms",
+ &rpc->pd.h_contract_terms),
+ GNUNET_JSON_spec_timestamp ("merge_timestamp",
+ &rpc->merge_timestamp),
+ GNUNET_JSON_spec_timestamp ("purse_expiration",
+ &rpc->pd.purse_expiration),
+ GNUNET_JSON_spec_end ()
+ };
+
+ {
+ enum GNUNET_GenericReturnValue res;
+
+ res = TALER_MHD_parse_json_data (connection,
+ root,
+ spec);
+ if (GNUNET_SYSERR == res)
+ {
+ GNUNET_break (0);
+ return MHD_NO; /* hard failure */
+ }
+ if (GNUNET_NO == res)
+ {
+ GNUNET_break_op (0);
+ return MHD_YES; /* failure */
+ }
+ }
}
- if (GNUNET_NO == res)
+
+ rpc->payto_uri
+ = TALER_reserve_make_payto (TEH_base_url,
+ &rpc->account_pub.reserve_pub);
+ TALER_payto_hash (rpc->payto_uri,
+ &rpc->h_payto);
+ TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
+
+
+ if (GNUNET_OK !=
+ TALER_wallet_purse_merge_verify (rpc->payto_uri,
+ rpc->merge_timestamp,
+ &rpc->pd.purse_pub,
+ &rpc->merge_pub,
+ &rpc->merge_sig))
{
+ MHD_RESULT ret;
+
GNUNET_break_op (0);
- return MHD_YES; /* failure */
+ ret = TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_FORBIDDEN,
+ TALER_EC_EXCHANGE_RESERVES_PURSE_MERGE_SIGNATURE_INVALID,
+ rpc->payto_uri);
+ GNUNET_free (rpc->payto_uri);
+ return ret;
+ }
+ GNUNET_assert (GNUNET_OK ==
+ TALER_amount_set_zero (TEH_currency,
+ &rpc->deposit_total));
+ if (GNUNET_TIME_timestamp_cmp (rpc->pd.purse_expiration,
+ <,
+ rpc->exchange_timestamp))
+ {
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_BAD_REQUEST,
+ TALER_EC_EXCHANGE_RESERVES_PURSE_EXPIRATION_BEFORE_NOW,
+ NULL);
+ }
+ if (GNUNET_TIME_absolute_is_never (
+ rpc->pd.purse_expiration.abs_time))
+ {
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_BAD_REQUEST,
+ TALER_EC_EXCHANGE_RESERVES_PURSE_EXPIRATION_IS_NEVER,
+ NULL);
}
- }
- rpc.payto_uri
- = TALER_reserve_make_payto (TEH_base_url,
- &rpc.account_pub.reserve_pub);
- TALER_payto_hash (rpc.payto_uri,
- &rpc.h_payto);
- TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
- if (GNUNET_OK !=
- TALER_wallet_purse_merge_verify (rpc.payto_uri,
- rpc.merge_timestamp,
- &rpc.pd.purse_pub,
- &rpc.merge_pub,
- &rpc.merge_sig))
- {
- MHD_RESULT ret;
- GNUNET_break_op (0);
- GNUNET_JSON_parse_free (spec);
- ret = TALER_MHD_reply_with_error (
- connection,
- MHD_HTTP_FORBIDDEN,
- TALER_EC_EXCHANGE_RESERVES_PURSE_MERGE_SIGNATURE_INVALID,
- rpc.payto_uri);
- GNUNET_free (rpc.payto_uri);
- return ret;
- }
- GNUNET_assert (GNUNET_OK ==
- TALER_amount_set_zero (TEH_currency,
- &rpc.deposit_total));
- if (GNUNET_TIME_timestamp_cmp (rpc.pd.purse_expiration,
- <,
- rpc.exchange_timestamp))
- {
- GNUNET_break_op (0);
- GNUNET_JSON_parse_free (spec);
- GNUNET_free (rpc.payto_uri);
- return TALER_MHD_reply_with_error (connection,
- MHD_HTTP_BAD_REQUEST,
- TALER_EC_EXCHANGE_RESERVES_PURSE_EXPIRATION_BEFORE_NOW,
- NULL);
- }
- if (GNUNET_TIME_absolute_is_never (rpc.pd.purse_expiration.abs_time))
- {
- GNUNET_break_op (0);
- GNUNET_JSON_parse_free (spec);
- GNUNET_free (rpc.payto_uri);
- return TALER_MHD_reply_with_error (connection,
- MHD_HTTP_BAD_REQUEST,
- TALER_EC_EXCHANGE_RESERVES_PURSE_EXPIRATION_IS_NEVER,
- NULL);
- }
- {
- struct TEH_KeyStateHandle *keys;
+ {
+ struct TEH_KeyStateHandle *keys;
+ const struct TEH_GlobalFee *gf;
- keys = TEH_keys_get_state ();
- if (NULL == keys)
+ keys = TEH_keys_get_state ();
+ if (NULL == keys)
+ {
+ GNUNET_break (0);
+ return TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_EXCHANGE_GENERIC_KEYS_MISSING,
+ NULL);
+ }
+ gf = TEH_keys_global_fee_by_time (keys,
+ rpc->exchange_timestamp);
+ if (NULL == gf)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ "Cannot create purse: global fees not configured!\n");
+ return TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_EXCHANGE_GENERIC_GLOBAL_FEES_MISSING,
+ NULL);
+ }
+ if (rpc->no_purse_fee)
+ {
+ rpc->flags = TALER_WAMF_MODE_CREATE_FROM_PURSE_QUOTA;
+ GNUNET_assert (GNUNET_OK ==
+ TALER_amount_set_zero (TEH_currency,
+ &rpc->purse_fee));
+ }
+ else
+ {
+ rpc->flags = TALER_WAMF_MODE_CREATE_WITH_PURSE_FEE;
+ if (-1 ==
+ TALER_amount_cmp (&rpc->purse_fee,
+ &gf->fees.purse))
+ {
+ /* rpc->purse_fee is below gf.fees.purse! */
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_BAD_REQUEST,
+ TALER_EC_EXCHANGE_RESERVES_PURSE_FEE_TOO_LOW,
+ TALER_amount2s (&gf->fees.purse));
+ }
+ }
+ }
+
+ TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
+ if (GNUNET_OK !=
+ TALER_wallet_purse_create_verify (
+ rpc->pd.purse_expiration,
+ &rpc->pd.h_contract_terms,
+ &rpc->merge_pub,
+ rpc->min_age,
+ &rpc->pd.target_amount,
+ &rpc->pd.purse_pub,
+ &rpc->purse_sig))
{
- GNUNET_break (0);
- GNUNET_JSON_parse_free (spec);
- GNUNET_free (rpc.payto_uri);
- return TALER_MHD_reply_with_error (connection,
- MHD_HTTP_INTERNAL_SERVER_ERROR,
- TALER_EC_EXCHANGE_GENERIC_KEYS_MISSING,
- NULL);
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_FORBIDDEN,
+ TALER_EC_EXCHANGE_PURSE_CREATE_SIGNATURE_INVALID,
+ NULL);
}
- rpc.gf = TEH_keys_global_fee_by_time (keys,
- rpc.exchange_timestamp);
- }
- if (NULL == rpc.gf)
- {
- GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
- "Cannot purse purse: global fees not configured!\n");
- GNUNET_JSON_parse_free (spec);
- GNUNET_free (rpc.payto_uri);
- return TALER_MHD_reply_with_error (connection,
- MHD_HTTP_INTERNAL_SERVER_ERROR,
- TALER_EC_EXCHANGE_GENERIC_GLOBAL_FEES_MISSING,
- NULL);
- }
- if (no_purse_fee)
- {
- rpc.flags = TALER_WAMF_MODE_CREATE_FROM_PURSE_QUOTA;
- GNUNET_assert (GNUNET_OK ==
- TALER_amount_set_zero (TEH_currency,
- &rpc.purse_fee));
- }
- else
- {
- rpc.flags = TALER_WAMF_MODE_CREATE_WITH_PURSE_FEE;
- if (-1 ==
- TALER_amount_cmp (&rpc.purse_fee,
- &rpc.gf->fees.purse))
+ if (GNUNET_OK !=
+ TALER_wallet_account_merge_verify (
+ rpc->merge_timestamp,
+ &rpc->pd.purse_pub,
+ rpc->pd.purse_expiration,
+ &rpc->pd.h_contract_terms,
+ &rpc->pd.target_amount,
+ &rpc->purse_fee,
+ rpc->min_age,
+ rpc->flags,
+ &rpc->account_pub.reserve_pub,
+ &rpc->reserve_sig))
{
- /* rpc.purse_fee is below gf.fees.purse! */
GNUNET_break_op (0);
- GNUNET_JSON_parse_free (spec);
- GNUNET_free (rpc.payto_uri);
+ return TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_FORBIDDEN,
+ TALER_EC_EXCHANGE_RESERVES_RESERVE_MERGE_SIGNATURE_INVALID,
+ NULL);
+ }
+ if ( (! rpc->no_econtract) &&
+ (GNUNET_OK !=
+ TALER_wallet_econtract_upload_verify (
+ rpc->econtract.econtract,
+ rpc->econtract.econtract_size,
+ &rpc->econtract.contract_pub,
+ &rpc->pd.purse_pub,
+ &rpc->econtract.econtract_sig))
+ )
+ {
+ TALER_LOG_WARNING ("Invalid signature on /reserves/$PID/purse request\n");
return TALER_MHD_reply_with_error (connection,
- MHD_HTTP_BAD_REQUEST,
- TALER_EC_EXCHANGE_RESERVES_PURSE_FEE_TOO_LOW,
- TALER_amount2s (&rpc.gf->fees.purse));
+ MHD_HTTP_FORBIDDEN,
+ TALER_EC_EXCHANGE_PURSE_ECONTRACT_SIGNATURE_INVALID,
+ NULL);
}
- }
- TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
- if (GNUNET_OK !=
- TALER_wallet_purse_create_verify (rpc.pd.purse_expiration,
- &rpc.pd.h_contract_terms,
- &rpc.merge_pub,
- rpc.min_age,
- &rpc.pd.target_amount,
- &rpc.pd.purse_pub,
- &rpc.purse_sig))
- {
- GNUNET_break_op (0);
- GNUNET_JSON_parse_free (spec);
- GNUNET_free (rpc.payto_uri);
- return TALER_MHD_reply_with_error (
- connection,
- MHD_HTTP_FORBIDDEN,
- TALER_EC_EXCHANGE_PURSE_CREATE_SIGNATURE_INVALID,
- NULL);
- }
- if (GNUNET_OK !=
- TALER_wallet_account_merge_verify (
- rpc.merge_timestamp,
- &rpc.pd.purse_pub,
- rpc.pd.purse_expiration,
- &rpc.pd.h_contract_terms,
- &rpc.pd.target_amount,
- &rpc.purse_fee,
- rpc.min_age,
- rpc.flags,
- &rpc.account_pub.reserve_pub,
- &rpc.reserve_sig))
- {
- GNUNET_break_op (0);
- GNUNET_JSON_parse_free (spec);
- GNUNET_free (rpc.payto_uri);
- return TALER_MHD_reply_with_error (
- connection,
- MHD_HTTP_FORBIDDEN,
- TALER_EC_EXCHANGE_RESERVES_RESERVE_MERGE_SIGNATURE_INVALID,
- NULL);
- }
- if ( (! rpc.no_econtract) &&
- (GNUNET_OK !=
- TALER_wallet_econtract_upload_verify (rpc.econtract.econtract,
- rpc.econtract.econtract_size,
- &rpc.econtract.contract_pub,
- &rpc.pd.purse_pub,
- &rpc.econtract.econtract_sig)) )
- {
- TALER_LOG_WARNING ("Invalid signature on /reserves/$PID/purse request\n");
- GNUNET_JSON_parse_free (spec);
- GNUNET_free (rpc.payto_uri);
- return TALER_MHD_reply_with_error (connection,
- MHD_HTTP_FORBIDDEN,
- TALER_EC_EXCHANGE_PURSE_ECONTRACT_SIGNATURE_INVALID,
- NULL);
- }
-
- if (GNUNET_SYSERR ==
- TEH_plugin->preflight (TEH_plugin->cls))
+ rpc->lch = TEH_legitimization_check (
+ &rpc->rc->async_scope_id,
+ TALER_KYCLOGIC_KYC_TRIGGER_P2P_RECEIVE,
+ rpc->payto_uri,
+ &rpc->h_payto,
+ &rpc->account_pub,
+ &amount_iterator,
+ rpc,
+ &reserve_purse_legi_cb,
+ rpc);
+ GNUNET_assert (NULL != rpc->lch);
+ MHD_suspend_connection (rc->connection);
+ GNUNET_CONTAINER_DLL_insert (rpc_head,
+ rpc_tail,
+ rpc);
+ return MHD_YES;
+ }
+ if (NULL != rpc->response)
+ return MHD_queue_response (connection,
+ rpc->http_status,
+ rpc->response);
+ if (! rpc->kyc.ok)
{
- GNUNET_break (0);
- GNUNET_JSON_parse_free (spec);
- GNUNET_free (rpc.payto_uri);
- return TALER_MHD_reply_with_error (connection,
- MHD_HTTP_INTERNAL_SERVER_ERROR,
- TALER_EC_GENERIC_DB_START_FAILED,
- "preflight failure");
+ if (0 == rpc->kyc.requirement_row)
+ {
+ GNUNET_break (0);
+ return TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE,
+ "requirement row not set");
+ }
+ return TEH_RESPONSE_reply_kyc_required (connection,
+ &rpc->h_payto,
+ &rpc->kyc);
}
- /* execute transaction */
{
MHD_RESULT mhd_ret;
if (GNUNET_OK !=
TEH_DB_run_transaction (connection,
- "execute purse purse",
+ "execute reserve purse",
TEH_MT_REQUEST_RESERVE_PURSE,
&mhd_ret,
&purse_transaction,
- &rpc))
+ rpc))
{
- GNUNET_JSON_parse_free (spec);
- GNUNET_free (rpc.payto_uri);
return mhd_ret;
}
}
- GNUNET_free (rpc.payto_uri);
- if (! rpc.kyc.ok)
- {
- GNUNET_JSON_parse_free (spec);
- return TEH_RESPONSE_reply_kyc_required (connection,
- &rpc.h_payto,
- &rpc.kyc);
- }
/* generate regular response */
{
MHD_RESULT res;
- res = TEH_RESPONSE_reply_purse_created (connection,
- rpc.exchange_timestamp,
- &rpc.deposit_total,
- &rpc.pd);
- GNUNET_JSON_parse_free (spec);
+ res = TEH_RESPONSE_reply_purse_created (
+ connection,
+ rpc->exchange_timestamp,
+ &rpc->deposit_total,
+ &rpc->pd);
return res;
}
}
diff --git a/src/exchange/taler-exchange-httpd_reserves_purse.h b/src/exchange/taler-exchange-httpd_reserves_purse.h
index 017e357d2..1c19f5e51 100644
--- a/src/exchange/taler-exchange-httpd_reserves_purse.h
+++ b/src/exchange/taler-exchange-httpd_reserves_purse.h
@@ -27,6 +27,13 @@
/**
+ * Resume suspended connections, we are shutting down.
+ */
+void
+TEH_reserves_purse_cleanup (void);
+
+
+/**
* Handle a "/reserves/$RESERVE_PUB/purse" request. Parses the JSON, and, if
* successful, passes the JSON data to #create_transaction() to further check
* the details of the operation specified. If everything checks out, this
diff --git a/src/exchangedb/pg_select_reserve_close_info.c b/src/exchangedb/pg_select_reserve_close_info.c
index eccba8e4c..fff07944b 100644
--- a/src/exchangedb/pg_select_reserve_close_info.c
+++ b/src/exchangedb/pg_select_reserve_close_info.c
@@ -53,11 +53,14 @@ TEH_PG_select_reserve_close_info (
" r.current_balance"
",wt.payto_uri"
" FROM reserves r"
- " LEFT JOIN reserves_in ri USING (reserve_pub)"
- " LEFT JOIN wire_targets wt ON (ri.wire_source_h_payto = wt.wire_target_h_payto)"
+ " LEFT JOIN reserves_in ri"
+ " USING (reserve_pub)"
+ " LEFT JOIN wire_targets wt"
+ " ON (ri.wire_source_h_payto = wt.wire_target_h_payto)"
" WHERE reserve_pub=$1;");
- return GNUNET_PQ_eval_prepared_singleton_select (pg->conn,
- "select_reserve_close_info",
- params,
- rs);
+ return GNUNET_PQ_eval_prepared_singleton_select (
+ pg->conn,
+ "select_reserve_close_info",
+ params,
+ rs);
}
diff --git a/src/include/taler_kyclogic_lib.h b/src/include/taler_kyclogic_lib.h
index c04553ea5..987cee4e2 100644
--- a/src/include/taler_kyclogic_lib.h
+++ b/src/include/taler_kyclogic_lib.h
@@ -691,6 +691,20 @@ TALER_KYCLOGIC_get_measure_configuration (
/**
+ * Check if there is a measure triggered by the
+ * KYC rule @a r that has a check name of "SKIP" and
+ * thus should be immediately executed. If such a
+ * measure exists, return it.
+ *
+ * @param r rule to check for instant measures
+ * @return NULL if there is no instant measure
+ */
+const struct TALER_KYCLOGIC_Measure *
+TALER_KYCLOGIC_rule_get_instant_measure (
+ const struct TALER_KYCLOGIC_KycRule *r);
+
+
+/**
* Handle to manage a running AML program.
*/
struct TALER_KYCLOGIC_AmlProgramRunnerHandle;
@@ -847,6 +861,30 @@ TALER_KYCLOGIC_run_aml_program2 (
/**
+ * Run AML program specified by the given
+ * measure.
+ *
+ * @param measure measure with program name and context
+ * to run
+ * @param attributes attributes to run with
+ * @param aml_history AML history of the account
+ * @param kyc_history KYC history of the account
+ * @param aprc function to call with the result
+ * @param aprc_cls closure for @a aprc
+ * @return NULL if @a jmeasures is invalid for the
+ * selected @a measure_index or @a attributes
+ */
+struct TALER_KYCLOGIC_AmlProgramRunnerHandle *
+TALER_KYCLOGIC_run_aml_program3 (
+ const struct TALER_KYCLOGIC_Measure *measure,
+ const json_t *attributes,
+ const json_t *aml_history,
+ const json_t *kyc_history,
+ TALER_KYCLOGIC_AmlProgramResultCallback aprc,
+ void *aprc_cls);
+
+
+/**
* Cancel running AML program.
*
* @param[in] aprh handle of program to cancel
diff --git a/src/kyclogic/kyclogic_api.c b/src/kyclogic/kyclogic_api.c
index d29a6ac34..af801a55c 100644
--- a/src/kyclogic/kyclogic_api.c
+++ b/src/kyclogic/kyclogic_api.c
@@ -885,6 +885,35 @@ find_measure (const struct TALER_KYCLOGIC_LegitimizationRuleSet *lrs,
}
+const struct TALER_KYCLOGIC_Measure *
+TALER_KYCLOGIC_rule_get_instant_measure (
+ const struct TALER_KYCLOGIC_KycRule *r)
+{
+ const struct TALER_KYCLOGIC_LegitimizationRuleSet *lrs
+ = r->lrs;
+
+ if (r->verboten)
+ return NULL;
+ for (unsigned int i = 0; i<r->num_measures; i++)
+ {
+ const char *measure_name = r->next_measures[i];
+ const struct TALER_KYCLOGIC_Measure *ms;
+
+ ms = find_measure (lrs,
+ measure_name);
+ if (NULL == ms)
+ {
+ GNUNET_break (0);
+ return NULL;
+ }
+ if (0 == strcasecmp (ms->check_name,
+ "SKIP"))
+ return ms;
+ }
+ return NULL;
+}
+
+
json_t *
TALER_KYCLOGIC_rule_to_measures (const struct TALER_KYCLOGIC_KycRule *r)
{
@@ -3463,6 +3492,26 @@ TALER_KYCLOGIC_run_aml_program2 (
}
+struct TALER_KYCLOGIC_AmlProgramRunnerHandle *
+TALER_KYCLOGIC_run_aml_program3 (
+ const struct TALER_KYCLOGIC_Measure *measure,
+ const json_t *attributes,
+ const json_t *aml_history,
+ const json_t *kyc_history,
+ TALER_KYCLOGIC_AmlProgramResultCallback aprc,
+ void *aprc_cls)
+{
+ return TALER_KYCLOGIC_run_aml_program2 (
+ measure->prog_name,
+ attributes,
+ aml_history,
+ kyc_history,
+ measure->context,
+ aprc,
+ aprc_cls);
+}
+
+
void
TALER_KYCLOGIC_run_aml_program_cancel (
struct TALER_KYCLOGIC_AmlProgramRunnerHandle *aprh)