diff options
Diffstat (limited to 'src/auditor')
-rw-r--r-- | src/auditor/report-lib.c | 163 | ||||
-rw-r--r-- | src/auditor/taler-auditor-dbinit.c | 19 | ||||
-rw-r--r-- | src/auditor/taler-auditor-httpd.c | 151 | ||||
-rw-r--r-- | src/auditor/taler-auditor-httpd.h | 9 | ||||
-rw-r--r-- | src/auditor/taler-auditor-httpd_deposit-confirmation.c | 133 | ||||
-rw-r--r-- | src/auditor/taler-auditor-httpd_exchanges.c | 9 | ||||
-rw-r--r-- | src/auditor/taler-auditor-httpd_mhd.c | 67 | ||||
-rw-r--r-- | src/auditor/taler-auditor-httpd_mhd.h | 42 |
8 files changed, 266 insertions, 327 deletions
diff --git a/src/auditor/report-lib.c b/src/auditor/report-lib.c index d6db597ec..53e4f1320 100644 --- a/src/auditor/report-lib.c +++ b/src/auditor/report-lib.c @@ -130,13 +130,12 @@ static int add_denomination (void *cls, const struct TALER_DenominationKeyValidityPS *issue) { - struct TALER_DenominationKeyValidityPS *i; - (void) cls; if (NULL != GNUNET_CONTAINER_multihashmap_get (denominations, &issue->denom_hash)) return GNUNET_OK; /* value already known */ +#if GNUNET_EXTRA_LOGGING >= 1 { struct TALER_Amount value; @@ -148,25 +147,30 @@ add_denomination (void *cls, TALER_amount2s (&value)); TALER_amount_ntoh (&value, &issue->fee_withdraw); - GNUNET_log (GNUNET_ERROR_TYPE_INFO, + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Withdraw fee is %s\n", TALER_amount2s (&value)); - GNUNET_log (GNUNET_ERROR_TYPE_INFO, + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Start time is %s\n", GNUNET_STRINGS_absolute_time_to_string (GNUNET_TIME_absolute_ntoh (issue->start))); - GNUNET_log (GNUNET_ERROR_TYPE_INFO, + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Expire deposit time is %s\n", GNUNET_STRINGS_absolute_time_to_string (GNUNET_TIME_absolute_ntoh (issue->expire_deposit))); } - i = GNUNET_new (struct TALER_DenominationKeyValidityPS); - *i = *issue; - GNUNET_assert (GNUNET_OK == - GNUNET_CONTAINER_multihashmap_put (denominations, - &issue->denom_hash, - i, - GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY)); +#endif + { + struct TALER_DenominationKeyValidityPS *i; + + i = GNUNET_new (struct TALER_DenominationKeyValidityPS); + *i = *issue; + GNUNET_assert (GNUNET_OK == + GNUNET_CONTAINER_multihashmap_put (denominations, + &issue->denom_hash, + i, + GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY)); + } return GNUNET_OK; } @@ -184,7 +188,6 @@ TALER_ARL_get_denomination_info_by_hash (const struct GNUNET_HashCode *dh, const struct TALER_DenominationKeyValidityPS **issue) { - const struct TALER_DenominationKeyValidityPS *i; enum GNUNET_DB_QueryStatus qs; if (NULL == denominations) @@ -202,13 +205,17 @@ TALER_ARL_get_denomination_info_by_hash (const struct GNUNET_HashCode *dh, return qs; } } - i = GNUNET_CONTAINER_multihashmap_get (denominations, - dh); - if (NULL != i) { - /* cache hit */ - *issue = i; - return GNUNET_DB_STATUS_SUCCESS_ONE_RESULT; + const struct TALER_DenominationKeyValidityPS *i; + + i = GNUNET_CONTAINER_multihashmap_get (denominations, + dh); + if (NULL != i) + { + /* cache hit */ + *issue = i; + return GNUNET_DB_STATUS_SUCCESS_ONE_RESULT; + } } /* maybe database changed since we last iterated, give it one more shot */ qs = TALER_ARL_adb->select_denomination_info (TALER_ARL_adb->cls, @@ -224,13 +231,17 @@ TALER_ARL_get_denomination_info_by_hash (const struct GNUNET_HashCode *dh, TALER_B2S (dh)); return qs; } - i = GNUNET_CONTAINER_multihashmap_get (denominations, - dh); - if (NULL != i) { - /* cache hit */ - *issue = i; - return GNUNET_DB_STATUS_SUCCESS_ONE_RESULT; + const struct TALER_DenominationKeyValidityPS *i; + + i = GNUNET_CONTAINER_multihashmap_get (denominations, + dh); + if (NULL != i) + { + /* cache hit */ + *issue = i; + return GNUNET_DB_STATUS_SUCCESS_ONE_RESULT; + } } /* We found more keys, but not the denomination we are looking for :-( */ GNUNET_log (GNUNET_ERROR_TYPE_INFO, @@ -250,11 +261,10 @@ TALER_ARL_get_denomination_info_by_hash (const struct GNUNET_HashCode *dh, * @return transaction status code */ enum GNUNET_DB_QueryStatus -TALER_ARL_get_denomination_info (const struct - TALER_DenominationPublicKey *denom_pub, - const struct - TALER_DenominationKeyValidityPS **issue, - struct GNUNET_HashCode *dh) +TALER_ARL_get_denomination_info ( + const struct TALER_DenominationPublicKey *denom_pub, + const struct TALER_DenominationKeyValidityPS **issue, + struct GNUNET_HashCode *dh) { struct GNUNET_HashCode hc; @@ -299,6 +309,8 @@ transact (TALER_ARL_Analysis analysis, if (GNUNET_OK != ret) { GNUNET_break (0); + TALER_ARL_edb->rollback (TALER_ARL_edb->cls, + TALER_ARL_esession); return GNUNET_SYSERR; } qs = analysis (analysis_cls); @@ -364,15 +376,15 @@ TALER_ARL_setup_sessions_and_run (TALER_ARL_Analysis ana, TALER_ARL_esession = TALER_ARL_edb->get_session (TALER_ARL_edb->cls); if (NULL == TALER_ARL_esession) { - fprintf (stderr, - "Failed to initialize exchange session.\n"); + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Failed to initialize exchange session.\n"); return GNUNET_SYSERR; } TALER_ARL_asession = TALER_ARL_adb->get_session (TALER_ARL_adb->cls); if (NULL == TALER_ARL_asession) { - fprintf (stderr, - "Failed to initialize auditor session.\n"); + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Failed to initialize auditor session.\n"); return GNUNET_SYSERR; } @@ -414,9 +426,6 @@ test_master_present (void *cls, int TALER_ARL_init (const struct GNUNET_CONFIGURATION_Handle *c) { - int found; - struct TALER_AUDITORDB_Session *as; - TALER_ARL_cfg = c; start_time = GNUNET_TIME_absolute_get (); if (0 == GNUNET_is_zero (&TALER_ARL_master_pub)) @@ -430,8 +439,8 @@ TALER_ARL_init (const struct GNUNET_CONFIGURATION_Handle *c) "MASTER_PUBLIC_KEY", &TALER_ARL_master_public_key_str)) { - fprintf (stderr, - "Pass option -m or set it in the configuration!\n"); + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Pass option -m or set MASTER_PUBLIC_KEY in the configuration!\n"); GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, "exchange", "MASTER_PUBLIC_KEY"); @@ -445,8 +454,8 @@ TALER_ARL_init (const struct GNUNET_CONFIGURATION_Handle *c) &TALER_ARL_master_pub. eddsa_pub)) { - fprintf (stderr, - "Invalid master public key given in configuration file."); + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Malformed master public key given in configuration file."); GNUNET_free (TALER_ARL_master_public_key_str); return GNUNET_SYSERR; } @@ -478,40 +487,43 @@ TALER_ARL_init (const struct GNUNET_CONFIGURATION_Handle *c) if (NULL == (TALER_ARL_edb = TALER_EXCHANGEDB_plugin_load (TALER_ARL_cfg))) { - fprintf (stderr, - "Failed to initialize exchange database plugin.\n"); + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Failed to initialize exchange database plugin.\n"); return GNUNET_SYSERR; } if (NULL == (TALER_ARL_adb = TALER_AUDITORDB_plugin_load (TALER_ARL_cfg))) { - fprintf (stderr, - "Failed to initialize auditor database plugin.\n"); - TALER_EXCHANGEDB_plugin_unload (TALER_ARL_edb); + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Failed to initialize auditor database plugin.\n"); + TALER_ARL_done (NULL); return GNUNET_SYSERR; } - found = GNUNET_NO; - as = TALER_ARL_adb->get_session (TALER_ARL_adb->cls); - if (NULL == as) { - fprintf (stderr, - "Failed to start session with auditor database.\n"); - TALER_AUDITORDB_plugin_unload (TALER_ARL_adb); - TALER_EXCHANGEDB_plugin_unload (TALER_ARL_edb); - return GNUNET_SYSERR; - } - (void) TALER_ARL_adb->list_exchanges (TALER_ARL_adb->cls, - as, - &test_master_present, - &found); - if (GNUNET_NO == found) - { - fprintf (stderr, - "Exchange's master public key `%s' not known to auditor DB. Did you forget to run `taler-auditor-exchange`?\n", - GNUNET_p2s (&TALER_ARL_master_pub.eddsa_pub)); - TALER_AUDITORDB_plugin_unload (TALER_ARL_adb); - TALER_EXCHANGEDB_plugin_unload (TALER_ARL_edb); - return GNUNET_SYSERR; + struct TALER_AUDITORDB_Session *as; + int found; + + as = TALER_ARL_adb->get_session (TALER_ARL_adb->cls); + if (NULL == as) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Failed to start session with auditor database.\n"); + TALER_ARL_done (NULL); + return GNUNET_SYSERR; + } + found = GNUNET_NO; + (void) TALER_ARL_adb->list_exchanges (TALER_ARL_adb->cls, + as, + &test_master_present, + &found); + if (GNUNET_NO == found) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Exchange's master public key `%s' not known to auditor DB. Did you forget to run `taler-auditor-exchange`?\n", + GNUNET_p2s (&TALER_ARL_master_pub.eddsa_pub)); + TALER_ARL_done (NULL); + return GNUNET_SYSERR; + } } return GNUNET_OK; } @@ -527,10 +539,16 @@ TALER_ARL_done (json_t *report) { GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Audit complete\n"); - TALER_AUDITORDB_plugin_unload (TALER_ARL_adb); - TALER_ARL_adb = NULL; - TALER_EXCHANGEDB_plugin_unload (TALER_ARL_edb); - TALER_ARL_edb = NULL; + if (NULL != TALER_ARL_adb) + { + TALER_AUDITORDB_plugin_unload (TALER_ARL_adb); + TALER_ARL_adb = NULL; + } + if (NULL != TALER_ARL_edb) + { + TALER_EXCHANGEDB_plugin_unload (TALER_ARL_edb); + TALER_ARL_edb = NULL; + } if (NULL != report) { json_dumpf (report, @@ -539,3 +557,6 @@ TALER_ARL_done (json_t *report) json_decref (report); } } + + +/* end of report-lib.c */ diff --git a/src/auditor/taler-auditor-dbinit.c b/src/auditor/taler-auditor-dbinit.c index bbf3b14b6..99ef96f8d 100644 --- a/src/auditor/taler-auditor-dbinit.c +++ b/src/auditor/taler-auditor-dbinit.c @@ -1,6 +1,6 @@ /* This file is part of TALER - Copyright (C) 2014, 2015 Taler Systems SA + Copyright (C) 2014, 2015, 2020 Taler Systems SA TALER is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software @@ -44,6 +44,7 @@ static int reset_db; */ static int gc_db; + /** * Main function that will be run. * @@ -73,13 +74,19 @@ run (void *cls, } if (reset_db) { - (void) plugin->drop_tables (plugin->cls, - GNUNET_YES); + if (GNUNET_OK != + plugin->drop_tables (plugin->cls, + GNUNET_YES)) + GNUNET_log (GNUNET_ERROR_TYPE_WARNING, + "Failed to reset database\n"); } else if (restart_db) { - (void) plugin->drop_tables (plugin->cls, - GNUNET_NO); + if (GNUNET_OK != + plugin->drop_tables (plugin->cls, + GNUNET_NO)) + GNUNET_log (GNUNET_ERROR_TYPE_WARNING, + "Failed to restart audits\n"); } if (GNUNET_OK != plugin->create_tables (plugin->cls)) @@ -102,7 +109,7 @@ run (void *cls, /** * The main function of the database initialization tool. - * Used to initialize the Taler Exchange's database. + * Used to initialize the Taler auditor's database. * * @param argc number of arguments from the command line * @param argv command line arguments diff --git a/src/auditor/taler-auditor-httpd.c b/src/auditor/taler-auditor-httpd.c index d7d8c4e5f..d6b601573 100644 --- a/src/auditor/taler-auditor-httpd.c +++ b/src/auditor/taler-auditor-httpd.c @@ -57,12 +57,12 @@ /** * Should we return "Connection: close" in each response? */ -int TAH_auditor_connection_close; +static int auditor_connection_close; /** * The auditor's configuration (global) */ -struct GNUNET_CONFIGURATION_Handle *cfg; +static struct GNUNET_CONFIGURATION_Handle *cfg; /** * Our DB plugin. @@ -107,7 +107,7 @@ static char *currency; /** * Pipe used for signaling reloading of our key state. */ -static int reload_pipe[2]; +static int reload_pipe[2] = { -1, -1 }; /** @@ -118,23 +118,15 @@ static int reload_pipe[2]; static void handle_signal (int signal_number) { - ssize_t res; char c = signal_number; - res = write (reload_pipe[1], - &c, - 1); - if ( (res < 0) && - (EINTR != errno) ) - { - GNUNET_break (0); - return; - } - if (0 == res) - { - GNUNET_break (0); - return; - } + (void) ! write (reload_pipe[1], + &c, + 1); + /* While one might like to "handle errors" here, even logging via fprintf() + isn't safe inside of a signal handler. So there is nothing we safely CAN + do. OTOH, also very little that can go wrong in pratice. Calling _exit() + on errors might be a possibility, but that might do more harm than good. */// } @@ -143,7 +135,7 @@ handle_signal (int signal_number) * the control pipe. */ static void -handle_sigint () +handle_sigint (void) { handle_signal (SIGINT); } @@ -154,7 +146,7 @@ handle_sigint () * the control pipe. */ static void -handle_sigterm () +handle_sigterm (void) { handle_signal (SIGTERM); } @@ -165,7 +157,7 @@ handle_sigterm () * the control pipe. */ static void -handle_sighup () +handle_sighup (void) { handle_signal (SIGHUP); } @@ -176,7 +168,7 @@ handle_sighup () * the control pipe. */ static void -handle_sigchld () +handle_sigchld (void) { handle_signal (SIGCHLD); } @@ -199,8 +191,6 @@ signal_loop (void) struct GNUNET_SIGNAL_Context *sighup; struct GNUNET_SIGNAL_Context *sigchld; int ret; - char c; - ssize_t res; if (0 != pipe (reload_pipe)) { @@ -220,11 +210,15 @@ signal_loop (void) ret = 2; while (2 == ret) { + char c; + ssize_t res; + errno = 0; res = read (reload_pipe[0], &c, 1); - if ((res < 0) && (EINTR != errno)) + if ( (res < 0) && + (EINTR != errno)) { GNUNET_break (0); ret = GNUNET_SYSERR; @@ -393,7 +387,6 @@ handle_mhd_request (void *cls, &TAH_MHD_handler_agpl_redirect, MHD_HTTP_FOUND }, { NULL, NULL, NULL, NULL, 0, NULL, 0 } }; - struct TAH_RequestHandler *rh; (void) cls; (void) version; @@ -405,7 +398,8 @@ handle_mhd_request (void *cls, method = MHD_HTTP_METHOD_GET; /* treat HEAD as GET here, MHD will do the rest */ for (unsigned int i = 0; NULL != handlers[i].url; i++) { - rh = &handlers[i]; + struct TAH_RequestHandler *rh = &handlers[i]; + if ( (0 == strcasecmp (url, rh->url)) && ( (NULL == rh->method) || @@ -434,15 +428,13 @@ handle_mhd_request (void *cls, * @return #GNUNET_OK on success */ static int -auditor_serve_process_config () +auditor_serve_process_config (void) { - char *pub; - if (NULL == (TAH_plugin = TALER_AUDITORDB_plugin_load (cfg))) { - fprintf (stderr, - "Failed to initialize DB subsystem\n"); + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Failed to initialize DB subsystem\n"); return GNUNET_SYSERR; } if (GNUNET_OK != @@ -460,11 +452,30 @@ auditor_serve_process_config () { return GNUNET_SYSERR; } - if (GNUNET_OK != - GNUNET_CONFIGURATION_get_value_string (cfg, - "AUDITOR", - "PUBLIC_KEY", - &pub)) + { + char *pub; + + if (GNUNET_OK == + GNUNET_CONFIGURATION_get_value_string (cfg, + "AUDITOR", + "PUBLIC_KEY", + &pub)) + { + if (GNUNET_OK != + GNUNET_CRYPTO_eddsa_public_key_from_string (pub, + strlen (pub), + &auditor_pub.eddsa_pub)) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Invalid public key given in auditor configuration."); + GNUNET_free (pub); + return GNUNET_SYSERR; + } + GNUNET_free (pub); + return GNUNET_OK; + } + } + { /* Fall back to trying to read private key */ char *auditor_key_file; @@ -491,9 +502,9 @@ auditor_serve_process_config () GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, "AUDITOR", "PUBLIC_KEY"); - fprintf (stderr, - "Failed to initialize auditor key from file `%s'\n", - auditor_key_file); + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Failed to initialize auditor key from file `%s'\n", + auditor_key_file); GNUNET_free (auditor_key_file); return 1; } @@ -502,20 +513,6 @@ auditor_serve_process_config () &auditor_pub.eddsa_pub); GNUNET_free (eddsa_priv); } - else - { - if (GNUNET_OK != - GNUNET_CRYPTO_eddsa_public_key_from_string (pub, - strlen (pub), - &auditor_pub.eddsa_pub)) - { - fprintf (stderr, - "Invalid public key given in auditor configuration."); - GNUNET_free (pub); - return GNUNET_SYSERR; - } - GNUNET_free (pub); - } return GNUNET_OK; } @@ -538,7 +535,7 @@ main (int argc, GNUNET_GETOPT_option_flag ('C', "connection-close", "force HTTP connections to be closed after each request", - &TAH_auditor_connection_close), + &auditor_connection_close), GNUNET_GETOPT_option_cfgfile (&cfgfile), GNUNET_GETOPT_option_uint ('t', "timeout", @@ -564,7 +561,7 @@ main (int argc, argc, argv)) return 1; go = TALER_MHD_GO_NONE; - if (TAH_auditor_connection_close) + if (auditor_connection_close) go |= TALER_MHD_GO_FORCE_CONNECTION_CLOSE; TALER_MHD_setup (go); GNUNET_assert (GNUNET_OK == @@ -610,8 +607,8 @@ main (int argc, if ( (-1 == flags) && (EBADF == errno) ) { - fprintf (stderr, - "Bad listen socket passed, ignored\n"); + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Bad listen socket passed, ignored\n"); fh = -1; } flags |= FD_CLOEXEC; @@ -636,27 +633,26 @@ main (int argc, } } - mhd - = MHD_start_daemon (MHD_USE_SELECT_INTERNALLY | MHD_USE_PIPE_FOR_SHUTDOWN - | MHD_USE_DEBUG | MHD_USE_DUAL_STACK - | MHD_USE_INTERNAL_POLLING_THREAD - | MHD_USE_TCP_FASTOPEN, - (-1 == fh) ? serve_port : 0, - NULL, NULL, - &handle_mhd_request, NULL, - MHD_OPTION_THREAD_POOL_SIZE, (unsigned int) 32, - MHD_OPTION_LISTEN_BACKLOG_SIZE, (unsigned int) 1024, - MHD_OPTION_LISTEN_SOCKET, fh, - MHD_OPTION_EXTERNAL_LOGGER, &TALER_MHD_handle_logs, - NULL, - MHD_OPTION_NOTIFY_COMPLETED, - &handle_mhd_completion_callback, NULL, - MHD_OPTION_CONNECTION_TIMEOUT, connection_timeout, - MHD_OPTION_END); + mhd = MHD_start_daemon (MHD_USE_SELECT_INTERNALLY | MHD_USE_PIPE_FOR_SHUTDOWN + | MHD_USE_DEBUG | MHD_USE_DUAL_STACK + | MHD_USE_INTERNAL_POLLING_THREAD + | MHD_USE_TCP_FASTOPEN, + (-1 == fh) ? serve_port : 0, + NULL, NULL, + &handle_mhd_request, NULL, + MHD_OPTION_THREAD_POOL_SIZE, (unsigned int) 32, + MHD_OPTION_LISTEN_BACKLOG_SIZE, (unsigned int) 1024, + MHD_OPTION_LISTEN_SOCKET, fh, + MHD_OPTION_EXTERNAL_LOGGER, &TALER_MHD_handle_logs, + NULL, + MHD_OPTION_NOTIFY_COMPLETED, + &handle_mhd_completion_callback, NULL, + MHD_OPTION_CONNECTION_TIMEOUT, connection_timeout, + MHD_OPTION_END); if (NULL == mhd) { - fprintf (stderr, - "Failed to start HTTP server.\n"); + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Failed to start HTTP server.\n"); TEAH_DEPOSIT_CONFIRMATION_done (); return 1; } @@ -731,6 +727,7 @@ main (int argc, break; } TALER_AUDITORDB_plugin_unload (TAH_plugin); + TAH_plugin = NULL; TEAH_DEPOSIT_CONFIRMATION_done (); return (GNUNET_SYSERR == ret) ? 1 : 0; } diff --git a/src/auditor/taler-auditor-httpd.h b/src/auditor/taler-auditor-httpd.h index 67e7830d8..3e7e79a10 100644 --- a/src/auditor/taler-auditor-httpd.h +++ b/src/auditor/taler-auditor-httpd.h @@ -26,15 +26,6 @@ #include <microhttpd.h> #include "taler_auditordb_plugin.h" -/** - * Should we return "Connection: close" in each response? - */ -extern int TAH_auditor_connection_close; - -/** - * The exchange's configuration. - */ -extern struct GNUNET_CONFIGURATION_Handle *cfg; /** * Our DB plugin. diff --git a/src/auditor/taler-auditor-httpd_deposit-confirmation.c b/src/auditor/taler-auditor-httpd_deposit-confirmation.c index ab233ebc3..45be222af 100644 --- a/src/auditor/taler-auditor-httpd_deposit-confirmation.c +++ b/src/auditor/taler-auditor-httpd_deposit-confirmation.c @@ -57,19 +57,25 @@ static pthread_mutex_t lock; * @return MHD result code */ static int -verify_and_execute_deposit_confirmation (struct MHD_Connection *connection, - const struct - TALER_AUDITORDB_DepositConfirmation *dc, - const struct - TALER_AUDITORDB_ExchangeSigningKey *es) +verify_and_execute_deposit_confirmation ( + struct MHD_Connection *connection, + const struct TALER_AUDITORDB_DepositConfirmation *dc, + const struct TALER_AUDITORDB_ExchangeSigningKey *es) { - struct TALER_ExchangeSigningKeyValidityPS skv; - struct TALER_DepositConfirmationPS dcs; struct TALER_AUDITORDB_Session *session; enum GNUNET_DB_QueryStatus qs; struct GNUNET_TIME_Absolute now; struct GNUNET_HashCode h; int cached; + struct TALER_ExchangeSigningKeyValidityPS skv = { + .purpose.purpose = htonl (TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY), + .purpose.size = htonl (sizeof (struct TALER_ExchangeSigningKeyValidityPS)), + .master_public_key = es->master_public_key, + .start = GNUNET_TIME_absolute_hton (es->ep_start), + .expire = GNUNET_TIME_absolute_hton (es->ep_expire), + .end = GNUNET_TIME_absolute_hton (es->ep_end), + .signkey_pub = es->exchange_pub + }; now = GNUNET_TIME_absolute_get (); if ( (es->ep_start.abs_value_us > now.abs_value_us) || @@ -83,15 +89,6 @@ verify_and_execute_deposit_confirmation (struct MHD_Connection *connection, "master_sig (expired)"); } - /* check exchange signing key signature */ - skv.purpose.purpose = htonl (TALER_SIGNATURE_MASTER_SIGNING_KEY_VALIDITY); - skv.purpose.size = htonl (sizeof (struct TALER_ExchangeSigningKeyValidityPS)); - skv.master_public_key = es->master_public_key; - skv.start = GNUNET_TIME_absolute_hton (es->ep_start); - skv.expire = GNUNET_TIME_absolute_hton (es->ep_expire); - skv.end = GNUNET_TIME_absolute_hton (es->ep_end); - skv.signkey_pub = es->exchange_pub; - /* check our cache */ GNUNET_CRYPTO_hash (&skv, sizeof (skv), @@ -152,27 +149,33 @@ verify_and_execute_deposit_confirmation (struct MHD_Connection *connection, } /* check deposit confirmation signature */ - dcs.purpose.purpose = htonl (TALER_SIGNATURE_EXCHANGE_CONFIRM_DEPOSIT); - dcs.purpose.size = htonl (sizeof (struct TALER_DepositConfirmationPS)); - dcs.h_contract_terms = dc->h_contract_terms; - dcs.h_wire = dc->h_wire; - dcs.timestamp = GNUNET_TIME_absolute_hton (dc->timestamp); - dcs.refund_deadline = GNUNET_TIME_absolute_hton (dc->refund_deadline); - TALER_amount_hton (&dcs.amount_without_fee, - &dc->amount_without_fee); - dcs.coin_pub = dc->coin_pub; - dcs.merchant = dc->merchant; - if (GNUNET_OK != - GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_EXCHANGE_CONFIRM_DEPOSIT, - &dcs.purpose, - &dc->exchange_sig.eddsa_signature, - &dc->exchange_pub.eddsa_pub)) { - TALER_LOG_WARNING ("Invalid signature on /deposit-confirmation request\n"); - return TALER_MHD_reply_with_error (connection, - MHD_HTTP_FORBIDDEN, - TALER_EC_DEPOSIT_CONFIRMATION_SIGNATURE_INVALID, - "exchange_sig"); + struct TALER_DepositConfirmationPS dcs = { + .purpose.purpose = htonl (TALER_SIGNATURE_EXCHANGE_CONFIRM_DEPOSIT), + .purpose.size = htonl (sizeof (struct TALER_DepositConfirmationPS)), + .h_contract_terms = dc->h_contract_terms, + .h_wire = dc->h_wire, + .timestamp = GNUNET_TIME_absolute_hton (dc->timestamp), + .refund_deadline = GNUNET_TIME_absolute_hton (dc->refund_deadline), + .coin_pub = dc->coin_pub, + .merchant = dc->merchant + }; + + TALER_amount_hton (&dcs.amount_without_fee, + &dc->amount_without_fee); + if (GNUNET_OK != + GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_EXCHANGE_CONFIRM_DEPOSIT, + &dcs.purpose, + &dc->exchange_sig.eddsa_signature, + &dc->exchange_pub.eddsa_pub)) + { + TALER_LOG_WARNING ( + "Invalid signature on /deposit-confirmation request\n"); + return TALER_MHD_reply_with_error (connection, + MHD_HTTP_FORBIDDEN, + TALER_EC_DEPOSIT_CONFIRMATION_SIGNATURE_INVALID, + "exchange_sig"); + } } /* execute transaction */ @@ -216,8 +219,6 @@ TAH_DEPOSIT_CONFIRMATION_handler (struct TAH_RequestHandler *rh, const char *upload_data, size_t *upload_data_size) { - json_t *json; - int res; struct TALER_AUDITORDB_DepositConfirmation dc; struct TALER_AUDITORDB_ExchangeSigningKey es; struct GNUNET_JSON_Specification spec[] = { @@ -242,33 +243,41 @@ TAH_DEPOSIT_CONFIRMATION_handler (struct TAH_RequestHandler *rh, (void) connection_cls; (void) upload_data; (void) upload_data_size; - res = TALER_MHD_parse_post_json (connection, - connection_cls, - upload_data, - upload_data_size, - &json); - if (GNUNET_SYSERR == res) - return MHD_NO; - if ( (GNUNET_NO == res) || - (NULL == json) ) - return MHD_YES; - res = TALER_MHD_parse_json_data (connection, - json, - spec); - json_decref (json); + { + json_t *json; + int res; + + res = TALER_MHD_parse_post_json (connection, + connection_cls, + upload_data, + upload_data_size, + &json); + if (GNUNET_SYSERR == res) + return MHD_NO; + if ( (GNUNET_NO == res) || + (NULL == json) ) + return MHD_YES; + res = TALER_MHD_parse_json_data (connection, + json, + spec); + json_decref (json); + if (GNUNET_SYSERR == res) + return MHD_NO; /* hard failure */ + if (GNUNET_NO == res) + return MHD_YES; /* failure */ + } + es.exchange_pub = dc.exchange_pub; /* used twice! */ dc.master_public_key = es.master_public_key; + { + int res; - if (GNUNET_SYSERR == res) - return MHD_NO; /* hard failure */ - if (GNUNET_NO == res) - return MHD_YES; /* failure */ - - res = verify_and_execute_deposit_confirmation (connection, - &dc, - &es); - GNUNET_JSON_parse_free (spec); - return res; + res = verify_and_execute_deposit_confirmation (connection, + &dc, + &es); + GNUNET_JSON_parse_free (spec); + return res; + } } diff --git a/src/auditor/taler-auditor-httpd_exchanges.c b/src/auditor/taler-auditor-httpd_exchanges.c index ef5c9b025..237b973f8 100644 --- a/src/auditor/taler-auditor-httpd_exchanges.c +++ b/src/auditor/taler-auditor-httpd_exchanges.c @@ -50,10 +50,10 @@ add_exchange (void *cls, GNUNET_JSON_from_data_auto (master_pub), "exchange_url", exchange_url); - GNUNET_assert (NULL != obj); - GNUNET_assert (0 == - json_array_append_new (list, - obj)); + GNUNET_break (NULL != obj); + GNUNET_break (0 == + json_array_append_new (list, + obj)); } @@ -93,6 +93,7 @@ TAH_EXCHANGES_handler (struct TAH_RequestHandler *rh, "failed to establish session with database"); } ja = json_array (); + GNUNET_break (NULL != ja); qs = TAH_plugin->list_exchanges (TAH_plugin->cls, session, &add_exchange, diff --git a/src/auditor/taler-auditor-httpd_mhd.c b/src/auditor/taler-auditor-httpd_mhd.c index 8d0496645..2a350fd09 100644 --- a/src/auditor/taler-auditor-httpd_mhd.c +++ b/src/auditor/taler-auditor-httpd_mhd.c @@ -1,6 +1,6 @@ /* This file is part of TALER - Copyright (C) 2014-2019 Taler Systems SA + Copyright (C) 2014-2020 Taler Systems SA TALER is free software; you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software @@ -16,7 +16,7 @@ /** * @file taler-auditor-httpd_mhd.c - * @brief helpers for MHD interaction; these are TALER_AUDITOR_handler_ functions + * @brief helpers for MHD interaction; these are TALER_MHD_handler_ functions * that generate simple MHD replies that do not require any real operations * to be performed (error handling, static pages, etc.) * @author Florian Dold @@ -50,32 +50,16 @@ TAH_MHD_handler_static_response (struct TAH_RequestHandler *rh, const char *upload_data, size_t *upload_data_size) { - struct MHD_Response *response; - int ret; + size_t dlen; - (void) connection_cls; - (void) upload_data; - (void) upload_data_size; - if (0 == rh->data_size) - rh->data_size = strlen ((const char *) rh->data); - response = MHD_create_response_from_buffer (rh->data_size, - (void *) rh->data, - MHD_RESPMEM_PERSISTENT); - if (NULL == response) - { - GNUNET_break (0); - return MHD_NO; - } - TALER_MHD_add_global_headers (response); - if (NULL != rh->mime_type) - (void) MHD_add_response_header (response, - MHD_HTTP_HEADER_CONTENT_TYPE, - rh->mime_type); - ret = MHD_queue_response (connection, - rh->response_code, - response); - MHD_destroy_response (response); - return ret; + dlen = (0 == rh->data_size) + ? strlen ((const char *) rh->data) + : rh->data_size; + return TALER_MHD_reply_static (connection, + rh->response_code, + rh->mime_type, + rh->data, + dlen); } @@ -106,33 +90,4 @@ TAH_MHD_handler_agpl_redirect (struct TAH_RequestHandler *rh, } -/** - * Function to call to handle the request by building a JSON - * reply with an error message from @a rh. - * - * @param rh context of the handler - * @param connection the MHD connection to handle - * @param[in,out] connection_cls the connection's closure (can be updated) - * @param upload_data upload data - * @param[in,out] upload_data_size number of bytes (left) in @a upload_data - * @return MHD result code - */ -int -TAH_MHD_handler_send_json_pack_error (struct TAH_RequestHandler *rh, - struct MHD_Connection *connection, - void **connection_cls, - const char *upload_data, - size_t *upload_data_size) -{ - (void) connection_cls; - (void) upload_data; - (void) upload_data_size; - return TALER_MHD_reply_json_pack (connection, - rh->response_code, - "{s:s}", - "error", - rh->data); -} - - /* end of taler-auditor-httpd_mhd.c */ diff --git a/src/auditor/taler-auditor-httpd_mhd.h b/src/auditor/taler-auditor-httpd_mhd.h index f92c53572..1096ee346 100644 --- a/src/auditor/taler-auditor-httpd_mhd.h +++ b/src/auditor/taler-auditor-httpd_mhd.h @@ -66,46 +66,4 @@ TAH_MHD_handler_agpl_redirect (struct TAH_RequestHandler *rh, size_t *upload_data_size); -/** - * Function to call to handle the request by building a JSON - * reply from varargs. - * - * @param rh context of the handler - * @param connection the MHD connection to handle - * @param[in,out] connection_cls the connection's closure (can be updated) - * @param response_code HTTP response code to use - * @param do_cache can the response be cached? (0: no, 1: yes) - * @param fmt format string for pack - * @param ... varargs - * @return MHD result code - */ -int -TAH_MHD_helper_send_json_pack (struct TAH_RequestHandler *rh, - struct MHD_Connection *connection, - void *connection_cls, - int response_code, - int do_cache, - const char *fmt, - ...); - - -/** - * Function to call to handle the request by building a JSON - * reply with an error message from @a rh. - * - * @param rh context of the handler - * @param connection the MHD connection to handle - * @param[in,out] connection_cls the connection's closure (can be updated) - * @param upload_data upload data - * @param[in,out] upload_data_size number of bytes (left) in @a upload_data - * @return MHD result code - */ -int -TAH_MHD_handler_send_json_pack_error (struct TAH_RequestHandler *rh, - struct MHD_Connection *connection, - void **connection_cls, - const char *upload_data, - size_t *upload_data_size); - - #endif |