6 files changed, 26 insertions, 11 deletions

diff --git a/src/exchange/taler-exchange-httpd_kyc-check.c b/src/exchange/taler-exchange-httpd_kyc-check.c
index 22447ebac..150a68243 100644
--- a/src/exchange/taler-exchange-httpd_kyc-check.c
+++ b/src/exchange/taler-exchange-httpd_kyc-check.c
@@ -356,6 +356,11 @@ TEH_handler_kyc_check (
     return MHD_YES;
   }
 
+  GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+              "Returning KYC %s for row %llu\n",
+              kyc_required ? "required" : "optional",
+              (unsigned long long) kyp->requirement_row);
+
   return TALER_MHD_REPLY_JSON_PACK (
     rc->connection,
     kyc_required
diff --git a/src/exchange/taler-exchange-httpd_reserves_close.c b/src/exchange/taler-exchange-httpd_reserves_close.c
index 00c89f146..48c183690 100644
--- a/src/exchange/taler-exchange-httpd_reserves_close.c
+++ b/src/exchange/taler-exchange-httpd_reserves_close.c
@@ -246,7 +246,10 @@ reserve_close_transaction (void *cls,
       rcc);
     if ( (qs < 0) ||
          (! rcc->kyc.ok) )
+    {
+      GNUNET_free (payto_uri);
       return qs;
+    }
   }
   else
   {
@@ -297,6 +300,7 @@ reserve_close_transaction (void *cls,
                                          &rcc->balance,
                                          &wf->closing);
   GNUNET_free (payto_uri);
+  rcc->payto_uri = NULL;
   if (GNUNET_DB_STATUS_HARD_ERROR == qs)
   {
     GNUNET_break (0);
diff --git a/src/kyclogic/kyclogic_api.c b/src/kyclogic/kyclogic_api.c
index 10be161c2..836dd0c31 100644
--- a/src/kyclogic/kyclogic_api.c
+++ b/src/kyclogic/kyclogic_api.c
@@ -23,10 +23,10 @@
 #include "taler_kyclogic_lib.h"
 
 /**
- * Name of the KYC check that may never be passed. Useful if some
+ * Name of the KYC measure that may never be passed. Useful if some
  * operations/amounts are categorically forbidden.
  */
-#define KYC_CHECK_IMPOSSIBLE "verboten"
+#define KYC_MEASURE_IMPOSSIBLE "verboten"
 
 /**
  * Information about a KYC provider.
@@ -692,7 +692,7 @@ TALER_KYCLOGIC_rules_to_limits (const json_t *jrules)
         json_decref (limits);
         return NULL;
       }
-      if (0 == strcmp (KYC_CHECK_IMPOSSIBLE,
+      if (0 == strcmp (KYC_MEASURE_IMPOSSIBLE,
                        val))
         forbidden = true;
     }
@@ -706,10 +706,10 @@ TALER_KYCLOGIC_rules_to_limits (const json_t *jrules)
                               &threshold),
       GNUNET_JSON_pack_bool ("soft_limit",
                              ! forbidden));
+    GNUNET_assert (0 ==
+                   json_array_append_new (limits,
+                                          limit));
   }
-  GNUNET_assert (0 ==
-                 json_array_append_new (limits,
-                                        limit));
   return limits;
 }
 
@@ -1313,7 +1313,7 @@ add_check (const struct GNUNET_CONFIGURATION_Handle *cfg,
   {
     char *tmp;
 
-    if (GNUNET_OK !=
+    if (GNUNET_OK ==
         GNUNET_CONFIGURATION_get_value_string (cfg,
                                                section,
                                                "DESCRIPTION_I18N",
@@ -1633,10 +1633,15 @@ add_rule (const struct GNUNET_CONFIGURATION_Handle *cfg,
     kt.trigger = ot;
     kt.is_and_combinator = is_and;
     kt.exposed = exposed;
+    kt.verboten = false;
     add_tokens (measures,
                 " ",
                 &kt.next_measures,
                 &kt.num_measures);
+    for (unsigned int i=0; i<kt.num_measures; i++)
+      if (0 == strcasecmp (KYC_MEASURE_IMPOSSIBLE,
+                           kt.next_measures[i]))
+        kt.verboten = true;
     GNUNET_free (measures);
     GNUNET_array_append (default_rules.kyc_rules,
                          default_rules.num_kyc_rules,
diff --git a/src/lib/exchange_api_kyc_check.c b/src/lib/exchange_api_kyc_check.c
index 5ecc30d5c..26b4e75c1 100644
--- a/src/lib/exchange_api_kyc_check.c
+++ b/src/lib/exchange_api_kyc_check.c
@@ -296,7 +296,7 @@ TALER_EXCHANGE_kyc_check (
                      TALER_HTTP_HEADER_ACCOUNT_OWNER_SIGNATURE,
                      sig_hdr);
     GNUNET_free (sig_hdr);
-    job_headers = curl_slist_append (NULL,
+    job_headers = curl_slist_append (job_headers,
                                      hdr);
     GNUNET_free (hdr);
     if (NULL == job_headers)
diff --git a/src/testing/test_exchange_p2p.c b/src/testing/test_exchange_p2p.c
index cf31879ac..fe9a0e8bc 100644
--- a/src/testing/test_exchange_p2p.c
+++ b/src/testing/test_exchange_p2p.c
@@ -484,13 +484,13 @@ run (void *cls,
       "reserve-101-close-kyc",
       "create-reserve-101",
       /* 42b => not to origin */
-      "payto://x-taler-bank/localhost/42?receiver-name=42b",
+      "payto://x-taler-bank/localhost/42b?receiver-name=42b",
       MHD_HTTP_UNAVAILABLE_FOR_LEGAL_REASONS),
     TALER_TESTING_cmd_admin_add_kycauth (
       "setup-account-key",
       "EUR:0.01",
       &cred.ba,
-      "payto://x-taler-bank/localhost/42?receiver-name=42b",
+      "payto://x-taler-bank/localhost/42b?receiver-name=42b",
       NULL /* create new key */),
     CMD_EXEC_WIREWATCH (
       "import-kyc-account"),
@@ -515,7 +515,7 @@ run (void *cls,
       "reserve-101-close",
       "create-reserve-101",
       /* 42b => not to origin */
-      "payto://x-taler-bank/localhost/42?receiver-name=42b",
+      "payto://x-taler-bank/localhost/42b?receiver-name=42b",
       MHD_HTTP_OK),
     TALER_TESTING_cmd_exec_closer (
       "close-reserves-101",
diff --git a/src/testing/testing_api_cmd_reserve_open.c b/src/testing/testing_api_cmd_reserve_open.c
index 189d06b26..10c012f8f 100644
--- a/src/testing/testing_api_cmd_reserve_open.c
+++ b/src/testing/testing_api_cmd_reserve_open.c
@@ -286,6 +286,7 @@ open_cleanup (void *cls,
     TALER_EXCHANGE_reserves_open_cancel (ss->rsh);
     ss->rsh = NULL;
   }
+  GNUNET_free (ss->cd);
   GNUNET_free (ss);
 }