diff options
Diffstat (limited to 'src/auditor')
-rw-r--r-- | src/auditor/Makefile.am | 3 | ||||
-rw-r--r-- | src/auditor/auditor-basedb.conf | 186 | ||||
-rwxr-xr-x | src/auditor/generate-auditor-basedb.sh | 4 | ||||
-rwxr-xr-x | src/auditor/generate-revoke-basedb.sh | 2 | ||||
-rw-r--r-- | src/auditor/report-lib.c | 44 | ||||
-rw-r--r-- | src/auditor/revoke-basedb.conf (renamed from src/auditor/test-auditor.conf) | 0 | ||||
-rw-r--r-- | src/auditor/taler-helper-auditor-aggregation.c | 15 | ||||
-rwxr-xr-x | src/auditor/test-auditor.sh | 122 | ||||
-rwxr-xr-x | src/auditor/test-revocation.sh | 4 |
9 files changed, 307 insertions, 73 deletions
diff --git a/src/auditor/Makefile.am b/src/auditor/Makefile.am index 49f4030ea..cdf644d14 100644 --- a/src/auditor/Makefile.am +++ b/src/auditor/Makefile.am @@ -200,7 +200,6 @@ EXTRA_DIST = \ taler-auditor.in \ taler-helper-auditor-render.py \ auditor.conf \ - test-auditor.conf \ test-sync-in.conf \ test-sync-out.conf \ generate-auditor-basedb.sh \ @@ -209,8 +208,10 @@ EXTRA_DIST = \ generate-auditor-basedb-template.conf \ $(check_SCRIPTS) \ auditor-basedb.age \ + auditor-basedb.conf \ auditor-basedb.sql \ auditor-basedb.mpub \ revoke-basedb.age \ + revoke-basedb.conf \ revoke-basedb.sql \ revoke-basedb.mpub diff --git a/src/auditor/auditor-basedb.conf b/src/auditor/auditor-basedb.conf new file mode 100644 index 000000000..b224684e6 --- /dev/null +++ b/src/auditor/auditor-basedb.conf @@ -0,0 +1,186 @@ +[arm] +CONFIG = /research/taler/exchange/src/auditor/auditor-basedb.conf + +[benchmark] +MERCHANT_DETAILS = merchant_details.json +BANK_DETAILS = bank_details.json + +[coin_kudos_10] +rsa_keysize = 1024 +CIPHER = RSA +fee_refund = TESTKUDOS:0.01 +fee_refresh = TESTKUDOS:0.03 +fee_deposit = TESTKUDOS:0.01 +fee_withdraw = TESTKUDOS:0.01 +duration_legal = 3 years +duration_spend = 2 years +duration_withdraw = 7 days +value = TESTKUDOS:10 + +[coin_kudos_8] +rsa_keysize = 1024 +CIPHER = RSA +fee_refund = TESTKUDOS:0.04 +fee_refresh = TESTKUDOS:0.03 +fee_deposit = TESTKUDOS:0.02 +fee_withdraw = TESTKUDOS:0.05 +duration_legal = 3 years +duration_spend = 2 years +duration_withdraw = 7 days +value = TESTKUDOS:8 + +[coin_kudos_5] +rsa_keysize = 1024 +CIPHER = RSA +fee_refund = TESTKUDOS:0.01 +fee_refresh = TESTKUDOS:0.03 +fee_deposit = TESTKUDOS:0.01 +fee_withdraw = TESTKUDOS:0.01 +duration_legal = 3 years +duration_spend = 2 years +duration_withdraw = 7 days +value = TESTKUDOS:5 + +[coin_kudos_4] +rsa_keysize = 1024 +CIPHER = RSA +fee_refund = TESTKUDOS:0.02 +fee_refresh = TESTKUDOS:0.04 +fee_deposit = TESTKUDOS:0.03 +fee_withdraw = TESTKUDOS:0.03 +duration_legal = 3 years +duration_spend = 2 years +duration_withdraw = 7 days +value = TESTKUDOS:4 + +[coin_kudos_2] +rsa_keysize = 1024 +CIPHER = RSA +fee_refund = TESTKUDOS:0.02 +fee_refresh = TESTKUDOS:0.04 +fee_deposit = TESTKUDOS:0.03 +fee_withdraw = TESTKUDOS:0.03 +duration_legal = 3 years +duration_spend = 2 years +duration_withdraw = 7 days +value = TESTKUDOS:2 + +[coin_kudos_1] +rsa_keysize = 1024 +CIPHER = RSA +fee_refund = TESTKUDOS:0.01 +fee_refresh = TESTKUDOS:0.03 +fee_deposit = TESTKUDOS:0.02 +fee_withdraw = TESTKUDOS:0.02 +duration_legal = 3 years +duration_spend = 2 years +duration_withdraw = 7 days +value = TESTKUDOS:1 + +[coin_kudos_ct_10] +rsa_keysize = 1024 +CIPHER = RSA +fee_refund = TESTKUDOS:0.01 +fee_refresh = TESTKUDOS:0.03 +fee_deposit = TESTKUDOS:0.01 +fee_withdraw = TESTKUDOS:0.01 +duration_legal = 3 years +duration_spend = 2 years +duration_withdraw = 7 days +value = TESTKUDOS:0.10 + +[coin_kudos_ct_1] +rsa_keysize = 1024 +CIPHER = RSA +fee_refund = TESTKUDOS:0.01 +fee_refresh = TESTKUDOS:0.01 +fee_deposit = TESTKUDOS:0.01 +fee_withdraw = TESTKUDOS:0.01 +duration_legal = 3 years +duration_spend = 2 years +duration_withdraw = 7 days +value = TESTKUDOS:0.01 + +[payments-generator] +exchange = http://localhost:8081/ +exchange-admin = http://localhost:18080/ +exchange_admin = http://localhost:18080/ +merchant = http://localhost:9966/ +bank = http://localhost:8082/ +instance = default +currency = TESTKUDOS + +[merchant-exchange-default] +CURRENCY = TESTKUDOS +EXCHANGE_BASE_URL = http://localhost:8081/ +MASTER_KEY = TMQ09D9G18Z8TFEABD833SDJ6JQWRYKFHPTWT6DMPQS54ZC66RDG + +[merchant-account-merchant] +ACTIVE_default = YES +HONOR_default = YES +PAYTO_URI = payto://x-taler-bank/localhost/42 + +[exchange-accountcredentials-1] +PASSWORD = x +USERNAME = Exchange +WIRE_GATEWAY_AUTH_METHOD = basic +WIRE_GATEWAY_URL = http://localhost:8082/taler-wire-gateway/Exchange/ + +[exchange-account-1] +enable_credit = yes +enable_debit = yes +PAYTO_URI = payto://x-taler-bank/localhost/Exchange + +[instance-default] +NAME = Merchant Inc. +KEYFILE = ${TALER_DATA_HOME}/merchant/default.priv + +[taler] +CURRENCY_ROUND_UNIT = TESTKUDOS:0.01 +CURRENCY = TESTKUDOS + +[merchantdb-postgres] +CONFIG = postgres:///auditor-basedb + +[merchant] +DEFAULT_MAX_WIRE_FEE = TESTKUDOS:0.10 +KEYFILE = ${TALER_DATA_HOME}/merchant/merchant.priv +DEFAULT_MAX_DEPOSIT_FEE = TESTKUDOS:0.1 +WIREFORMAT = default +WIRE_TRANSFER_DELAY = 1 minute +FORCE_AUDIT = YES +UNIXPATH = ${TALER_RUNTIME_DIR}/merchant.http + +[exchangedb-postgres] +CONFIG = postgres:///auditor-basedb + +[exchange] +LOOKAHEAD_SIGN = 32 weeks 1 day +SIGNKEY_DURATION = 4 weeks +MASTER_PUBLIC_KEY = TMQ09D9G18Z8TFEABD833SDJ6JQWRYKFHPTWT6DMPQS54ZC66RDG +SIGNKEY_LEGAL_DURATION = 4 weeks +UNIXPATH = ${TALER_RUNTIME_DIR}/exchange.http + +[bank] +SERVE = http +ALLOW_REGISTRATIONS = YES +SUGGESTED_EXCHANGE_PAYTO = payto://x-taler-bank/localhost/2 +SUGGESTED_EXCHANGE = http://localhost:8081/ +HTTP_PORT = 8082 +MAX_DEBT_BANK = TESTKUDOS:100000.0 +MAX_DEBT = TESTKUDOS:50.0 +DATABASE = postgres:///taler-auditor-basedb + +[auditordb-postgres] +CONFIG = postgres:///taler-auditor-basedb + +[auditor] +PUBLIC_KEY = 95FVPHMW4110HTPVSGMT2YMDE2BSGXZEV5WSV0TD1DXMF2RQ5HN0 +TINY_AMOUNT = TESTKUDOS:0.01 +BASE_URL = http://localhost:8083/ + +[PATHS] +TALER_CACHE_HOME = $TALER_HOME/.cache/taler/ +TALER_CONFIG_HOME = $TALER_HOME/.config/taler/ +TALER_DATA_HOME = $TALER_HOME/.local/share/taler/ +TALER_HOME = ${PWD}/generate_auditordb_home/ diff --git a/src/auditor/generate-auditor-basedb.sh b/src/auditor/generate-auditor-basedb.sh index 41c91d32d..d05ceb526 100755 --- a/src/auditor/generate-auditor-basedb.sh +++ b/src/auditor/generate-auditor-basedb.sh @@ -41,9 +41,9 @@ BASEDB=${1:-"auditor-basedb"} # Name of the Postgres database we will use for the script. # Will be dropped, do NOT use anything that might be used # elsewhere -TARGET_DB=taler-auditor-basedb +export TARGET_DB=${BASEDB} -WALLET_DB=${BASEDB:-"wallet"}.wdb +export WALLET_DB=${BASEDB:-"wallet"}.wdb # delete existing wallet database rm -f $WALLET_DB diff --git a/src/auditor/generate-revoke-basedb.sh b/src/auditor/generate-revoke-basedb.sh index 09d18b0b7..e3795c72e 100755 --- a/src/auditor/generate-revoke-basedb.sh +++ b/src/auditor/generate-revoke-basedb.sh @@ -32,7 +32,7 @@ export BASEDB=${1:-"revoke-basedb"} # Name of the Postgres database we will use for the script. # Will be dropped, do NOT use anything that might be used # elsewhere -export TARGET_DB=taler-auditor-revokedb +export TARGET_DB=${BASEDB} TMP_DIR=`mktemp -d revocation-tmp-XXXXXX` export WALLET_DB=wallet-revocation.json rm -f $WALLET_DB diff --git a/src/auditor/report-lib.c b/src/auditor/report-lib.c index 0888f47ae..5337b17b4 100644 --- a/src/auditor/report-lib.c +++ b/src/auditor/report-lib.c @@ -186,6 +186,7 @@ TALER_ARL_get_denomination_info_by_hash ( NULL); if (0 > qs) { + GNUNET_break (0); *issue = NULL; return qs; } @@ -211,6 +212,7 @@ TALER_ARL_get_denomination_info_by_hash ( &issue); if (qs <= 0) { + GNUNET_break (qs >= 0); if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs) GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Denomination %s not found\n", @@ -598,38 +600,34 @@ TALER_ARL_init (const struct GNUNET_CONFIGURATION_Handle *c) if (GNUNET_is_zero (&TALER_ARL_auditor_pub)) { - /* private key not available, try configuration for public key */ char *auditor_public_key_str; - if (GNUNET_OK != + if (GNUNET_OK == GNUNET_CONFIGURATION_get_value_string (c, "auditor", "PUBLIC_KEY", &auditor_public_key_str)) { - GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, - "auditor", - "PUBLIC_KEY"); - return GNUNET_SYSERR; - } - if (GNUNET_OK != - GNUNET_CRYPTO_eddsa_public_key_from_string ( - auditor_public_key_str, - strlen (auditor_public_key_str), - &TALER_ARL_auditor_pub.eddsa_pub)) - { - GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, - "auditor", - "PUBLIC_KEY", - "invalid key"); + if (GNUNET_OK != + GNUNET_CRYPTO_eddsa_public_key_from_string ( + auditor_public_key_str, + strlen (auditor_public_key_str), + &TALER_ARL_auditor_pub.eddsa_pub)) + { + GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, + "auditor", + "PUBLIC_KEY", + "invalid key"); + GNUNET_free (auditor_public_key_str); + return GNUNET_SYSERR; + } GNUNET_free (auditor_public_key_str); - return GNUNET_SYSERR; } - GNUNET_free (auditor_public_key_str); } if (GNUNET_is_zero (&TALER_ARL_auditor_pub)) { + /* public key not configured */ /* try loading private key and deriving public key */ char *fn; @@ -656,6 +654,14 @@ TALER_ARL_init (const struct GNUNET_CONFIGURATION_Handle *c) } } + if (GNUNET_is_zero (&TALER_ARL_auditor_pub)) + { + GNUNET_log_config_missing (GNUNET_ERROR_TYPE_INFO, + "auditor", + "PUBLIC_KEY/AUDITOR_PRIV_FILE"); + return GNUNET_SYSERR; + } + if (GNUNET_OK != TALER_config_get_currency (TALER_ARL_cfg, &TALER_ARL_currency)) diff --git a/src/auditor/test-auditor.conf b/src/auditor/revoke-basedb.conf index da440c60a..da440c60a 100644 --- a/src/auditor/test-auditor.conf +++ b/src/auditor/revoke-basedb.conf diff --git a/src/auditor/taler-helper-auditor-aggregation.c b/src/auditor/taler-helper-auditor-aggregation.c index b088b615d..33c51731d 100644 --- a/src/auditor/taler-helper-auditor-aggregation.c +++ b/src/auditor/taler-helper-auditor-aggregation.c @@ -390,7 +390,7 @@ struct WireCheckContext * @param[out] deposit_gain amount the coin contributes excluding refunds * @return #GNUNET_OK on success, #GNUNET_SYSERR if the transaction must fail (hard error) */ -static int +static enum GNUNET_GenericReturnValue check_transaction_history_for_deposit ( const struct TALER_CoinSpendPublicKeyP *coin_pub, const struct TALER_PrivateContractHashP *h_contract_terms, @@ -683,6 +683,7 @@ check_transaction_history_for_deposit ( * @param rowid which row in the table is the information from (for diagnostics) * @param merchant_pub public key of the merchant (should be same for all callbacks with the same @e cls) * @param account_pay_uri where did we transfer the funds? + * @param h_payto hash over @a account_payto_uri as it is in the DB * @param exec_time execution time of the wire transfer (should be same for all callbacks with the same @e cls) * @param h_contract_terms which proposal was this payment about * @param denom_pub denomination of @a coin_pub @@ -698,6 +699,7 @@ wire_transfer_information_cb ( uint64_t rowid, const struct TALER_MerchantPublicKeyP *merchant_pub, const char *account_pay_uri, + const struct TALER_PaytoHashP *h_payto, struct GNUNET_TIME_Timestamp exec_time, const struct TALER_PrivateContractHashP *h_contract_terms, const struct TALER_DenominationPublicKey *denom_pub, @@ -712,7 +714,18 @@ wire_transfer_information_cb ( struct TALER_EXCHANGEDB_TransactionList *tl; struct TALER_CoinPublicInfo coin; enum GNUNET_DB_QueryStatus qs; + struct TALER_PaytoHashP hpt; + TALER_payto_hash (account_pay_uri, + &hpt); + if (0 != + GNUNET_memcmp (&hpt, + h_payto)) + { + report_row_inconsistency ("wire_targets", + rowid, + "h-payto does not match payto URI"); + } /* Obtain coin's transaction history */ qs = TALER_ARL_edb->get_coin_transactions (TALER_ARL_edb->cls, coin_pub, diff --git a/src/auditor/test-auditor.sh b/src/auditor/test-auditor.sh index 6138b3d35..2c0d2233b 100755 --- a/src/auditor/test-auditor.sh +++ b/src/auditor/test-auditor.sh @@ -866,10 +866,10 @@ function test_13() { echo "===========13: wrong melt signature ===========" # Modify denom_sig, so it is wrong -COIN_ID=`echo "SELECT old_known_coin_id FROM refresh_commitments LIMIT 1;" | psql $DB -Aqt` -OLD_SIG=`echo "SELECT old_coin_sig FROM refresh_commitments WHERE old_known_coin_id='$COIN_ID';" | psql $DB -Aqt` +COIN_PUB=`echo "SELECT old_coin_pub FROM refresh_commitments LIMIT 1;" | psql $DB -Aqt` +OLD_SIG=`echo "SELECT old_coin_sig FROM refresh_commitments WHERE old_known_pub='$COIN_PUB';" | psql $DB -Aqt` NEW_SIG="\xba588af7c13c477dca1ac458f65cc484db8fba53b969b873f4353ecbd815e6b4c03f42c0cb63a2b609c2d726e612fd8e0c084906a41f409b6a23a08a83c89a02" -echo "UPDATE refresh_commitments SET old_coin_sig='$NEW_SIG' WHERE old_known_coin_id='$COIN_ID'" | psql -Aqt $DB +echo "UPDATE refresh_commitments SET old_coin_sig='$NEW_SIG' WHERE old_coin_pub='$COIN_PUB'" | psql -Aqt $DB run_audit @@ -943,42 +943,27 @@ fi } - -# Test where h_wire in the deposit table is wrong +# Test where salt in the deposit table is wrong function test_15() { -echo "===========15: deposit wire hash wrong=================" +echo "===========15: deposit wire salt wrong=================" -# Check wire transfer lag reported (no aggregator!) +# Modify wire_salt hash, so it is inconsistent +SALT=`echo "SELECT wire_salt FROM deposits WHERE deposit_serial_id=1;" | psql -Aqt $DB` +echo "UPDATE deposits SET wire_salt='\x1197cd7f7b0e13ab1905fedb36c536a2' WHERE deposit_serial_id=1;" | psql -Aqt $DB -# NOTE: This test is EXPECTED to fail for ~1h after -# re-generating the test database as we do not -# report lag of less than 1h (see GRACE_PERIOD in -# taler-helper-auditor-wire.c) -if [ $DATABASE_AGE -gt 3600 ] -then - - # Modify h_wire hash, so it is inconsistent with 'wire' - echo "UPDATE deposits SET h_wire='\x973e52d193a357940be9ef2939c19b0575ee1101f52188c3c01d9005b7d755c397e92624f09cfa709104b3b65605fe5130c90d7e1b7ee30f8fc570f39c16b853' WHERE deposit_serial_id=1" | psql -Aqt $DB - - # The auditor checks h_wire consistency only for - # coins where the wire transfer has happened, hence - # run aggregator first to get this test to work. - run_audit aggregator +run_audit - echo -n "Testing inconsistency detection... " - TABLE=`jq -r .row_inconsistencies[0].table < test-audit-aggregation.json` - if test "x$TABLE" != "xaggregation" -a "x$TABLE" != "xdeposits" - then - exit_fail "Reported table wrong: $TABLE" - fi - echo PASS +echo -n "Testing inconsistency detection... " +OP=`jq -r .bad_sig_losses[0].operation < test-audit-coins.json` +if test "x$OP" != "xdeposit" +then + exit_fail "Reported operation wrong: $OP" +fi +echo PASS - # cannot easily undo aggregator, hence full reload - full_reload +# Restore DB +echo "UPDATE deposits SET wire_salt='$SALT' WHERE deposit_serial_id=1;" | psql -Aqt $DB -else - echo "Test skipped (database too new)" -fi } @@ -1181,14 +1166,14 @@ then OLD_TIME=`echo "SELECT execution_date FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` OLD_VAL=`echo "SELECT credit_val FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` - RES_UUID=`echo "SELECT reserve_uuid FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` - OLD_EXP=`echo "SELECT expiration_date FROM reserves WHERE reserve_uuid='${RES_UUID}';" | psql $DB -Aqt` + RES_PUB=`echo "SELECT reserve_pub FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` + OLD_EXP=`echo "SELECT expiration_date FROM reserves WHERE reserve_pub='${RES_PUB}';" | psql $DB -Aqt` VAL_DELTA=1 NEW_TIME=`expr $OLD_TIME - 3024000000000 || true` # 5 weeks NEW_EXP=`expr $OLD_EXP - 3024000000000 || true` # 5 weeks NEW_CREDIT=`expr $OLD_VAL + $VAL_DELTA || true` echo "UPDATE reserves_in SET execution_date='${NEW_TIME}',credit_val=${NEW_CREDIT} WHERE reserve_in_serial_id=1;" | psql -Aqt $DB - echo "UPDATE reserves SET current_balance_val=${VAL_DELTA}+current_balance_val,expiration_date='${NEW_EXP}' WHERE reserve_uuid='${RES_UUID}';" | psql -Aqt $DB + echo "UPDATE reserves SET current_balance_val=${VAL_DELTA}+current_balance_val,expiration_date='${NEW_EXP}' WHERE reserve_pub='${RES_PUB}';" | psql -Aqt $DB # Need to run with the aggregator so the reserve closure happens run_audit aggregator @@ -1219,11 +1204,11 @@ echo "===========20: reserve closure missing =================" OLD_TIME=`echo "SELECT execution_date FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` OLD_VAL=`echo "SELECT credit_val FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` -RES_UUID=`echo "SELECT reserve_uuid FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` +RES_PUB=`echo "SELECT reserve_pub FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` NEW_TIME=`expr $OLD_TIME - 3024000000000 || true` # 5 weeks NEW_CREDIT=`expr $OLD_VAL + 100 || true` echo "UPDATE reserves_in SET execution_date='${NEW_TIME}',credit_val=${NEW_CREDIT} WHERE reserve_in_serial_id=1;" | psql -Aqt $DB -echo "UPDATE reserves SET current_balance_val=100+current_balance_val WHERE reserve_uuid='${RES_UUID}';" | psql -Aqt $DB +echo "UPDATE reserves SET current_balance_val=100+current_balance_val WHERE reserve_pub='${RES_PUB}';" | psql -Aqt $DB # This time, run without the aggregator so the reserve closure is skipped! run_audit @@ -1240,7 +1225,7 @@ fi # Undo echo "UPDATE reserves_in SET execution_date='${OLD_TIME}',credit_val=${OLD_VAL} WHERE reserve_in_serial_id=1;" | psql -Aqt $DB -echo "UPDATE reserves SET current_balance_val=current_balance_val-100 WHERE reserve_uuid='${RES_UUID}';" | psql -Aqt $DB +echo "UPDATE reserves SET current_balance_val=current_balance_val-100 WHERE reserve_pub='${RES_PUB}';" | psql -Aqt $DB } @@ -1259,19 +1244,18 @@ then OLD_TIME=`echo "SELECT execution_date FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` OLD_VAL=`echo "SELECT credit_val FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` - RES_UUID=`echo "SELECT reserve_uuid FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` - OLD_EXP=`echo "SELECT expiration_date FROM reserves WHERE reserve_uuid='${RES_UUID}';" | psql $DB -Aqt` + RES_PUB=`echo "SELECT reserve_pub FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` + OLD_EXP=`echo "SELECT expiration_date FROM reserves WHERE reserve_pub='${RES_PUB}';" | psql $DB -Aqt` VAL_DELTA=1 NEW_TIME=`expr $OLD_TIME - 3024000000000 || true` # 5 weeks NEW_EXP=`expr $OLD_EXP - 3024000000000 || true` # 5 weeks NEW_CREDIT=`expr $OLD_VAL + $VAL_DELTA || true` echo "UPDATE reserves_in SET execution_date='${NEW_TIME}',credit_val=${NEW_CREDIT} WHERE reserve_in_serial_id=1;" | psql -Aqt $DB - echo "UPDATE reserves SET current_balance_val=${VAL_DELTA}+current_balance_val,expiration_date='${NEW_EXP}' WHERE reserve_uuid='${RES_UUID}';" | psql -Aqt $DB + echo "UPDATE reserves SET current_balance_val=${VAL_DELTA}+current_balance_val,expiration_date='${NEW_EXP}' WHERE reserve_pub='${RES_PUB}';" | psql -Aqt $DB # Need to first run the aggregator so the transfer is marked as done exists pre_audit aggregator - # remove transaction from bank DB echo "DELETE FROM app_banktransaction WHERE debit_account_id=2 AND amount='TESTKUDOS:${VAL_DELTA}';" | psql -Aqt $DB @@ -1312,7 +1296,7 @@ S_DENOM=`echo 'SELECT denominations_serial FROM reserves_out LIMIT 1;' | psql $D OLD_START=`echo "SELECT valid_from FROM denominations WHERE denominations_serial='${S_DENOM}';" | psql $DB -Aqt` OLD_WEXP=`echo "SELECT expire_withdraw FROM denominations WHERE denominations_serial='${S_DENOM}';" | psql $DB -Aqt` # Basically expires 'immediately', so that the withdraw must have been 'invalid' -NEW_WEXP=`expr $OLD_START + 1 || true` +NEW_WEXP=$OLD_START echo "UPDATE denominations SET expire_withdraw=${NEW_WEXP} WHERE denominations_serial='${S_DENOM}';" | psql -Aqt $DB @@ -1320,7 +1304,7 @@ echo "UPDATE denominations SET expire_withdraw=${NEW_WEXP} WHERE denominations_s run_audit echo -n "Testing inconsistency detection... " -jq -e .denomination_key_validity_withdraw_inconsistencies[0] < test-audit-reserves.json > /dev/null || exit_fail "Denomination key withdraw inconsistency not detected" +jq -e .denomination_key_validity_withdraw_inconsistencies[0] < test-audit-reserves.json > /dev/null || exit_fail "Denomination key withdraw inconsistency for $S_DENOM not detected" echo PASS @@ -1793,6 +1777,50 @@ fi +# Test where h_payto in the wire_targets table is wrong +function test_33() { +echo "===========33: h_payto wrong=================" + +# Check wire transfer lag reported (no aggregator!) +# NOTE: this test is BRAND NEW and expected +# to fail until we implement the check in the auditor! + +# NOTE: This test is EXPECTED to fail for ~1h after +# re-generating the test database as we do not +# report lag of less than 1h (see GRACE_PERIOD in +# taler-helper-auditor-wire.c) +if [ $DATABASE_AGE -gt 3600 ] +then + + # Modify h_payto hash, so it is inconsistent with 'wire' + WTSID=`echo "SELECT wire_target_serial_id FROM deposits WHERE deposit_serial_id=1;" | psql -Aqt $DB` + echo "UPDATE wire_targets SET h_payto='\x973e52d193a357940be9ef2939c19b0575ee1101f52188c3c01d9005b7d755c397e92624f09cfa709104b3b65605fe5130c90d7e1b7ee30f8fc570f39c16b853' WHERE wire_target_serial_id=$WTSID" | psql -Aqt $DB + + # The auditor checks h_wire consistency only for + # coins where the wire transfer has happened, hence + # run aggregator first to get this test to work. + run_audit aggregator + + echo -n "Testing inconsistency detection... " + TABLE=`jq -r .row_inconsistencies[0].table < test-audit-aggregation.json` + if test "x$TABLE" != "xwire_targets" + then + exit_fail "Reported table wrong: $TABLE" + fi + echo PASS + + # cannot easily undo aggregator, hence full reload + full_reload + +else + echo "Test skipped (database too new)" +fi +} + + + + + # *************** Main test loop starts here ************** @@ -1840,10 +1868,10 @@ check_with_database() # ####### Setup globals ###### # Postgres database to use -DB=taler-auditor-test +DB=auditor-basedb # Configuration file to use -CONF=test-auditor.conf +CONF=${DB}.conf # test required commands exist echo "Testing for jq" diff --git a/src/auditor/test-revocation.sh b/src/auditor/test-revocation.sh index 766825723..06d54dc9e 100755 --- a/src/auditor/test-revocation.sh +++ b/src/auditor/test-revocation.sh @@ -482,11 +482,11 @@ check_with_database() # *************** Main logic starts here ************** # ####### Setup globals ###### -# Postgres database to use (must match test-auditor.conf) +# Postgres database to use (must match revoke-basedb.conf) DB=taler-auditor-test # Configuration file to use -CONF=test-auditor.conf +CONF=revoke-basedb.conf # test required commands exist echo "Testing for jq" |