diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/exchange/taler-exchange-aggregator.c | 12 | ||||
-rw-r--r-- | src/exchangedb/exchange-0001.sql | 2 | ||||
-rw-r--r-- | src/exchangedb/plugin_exchangedb_postgres.c | 22 | ||||
-rw-r--r-- | src/exchangedb/test_exchangedb.c | 3 | ||||
-rw-r--r-- | src/include/taler_exchangedb_plugin.h | 6 | ||||
-rw-r--r-- | src/testing/testing_api_cmd_exec_aggregator.c | 1 | ||||
-rw-r--r-- | src/util/exchange_signatures.c | 69 |
7 files changed, 105 insertions, 10 deletions
diff --git a/src/exchange/taler-exchange-aggregator.c b/src/exchange/taler-exchange-aggregator.c index 94efe28f3..73bbcc594 100644 --- a/src/exchange/taler-exchange-aggregator.c +++ b/src/exchange/taler-exchange-aggregator.c @@ -150,6 +150,13 @@ static struct TALER_Amount currency_round_unit; static char *exchange_base_url; /** + * Set to #GNUNET_YES if this exchange does not support KYC checks + * and thus deposits are to be aggregated regardless of the + * KYC status of the target account. + */ +static int kyc_off; + +/** * The exchange's configuration. */ static const struct GNUNET_CONFIGURATION_Handle *cfg; @@ -706,6 +713,7 @@ run_aggregation (void *cls) db_plugin->cls, s->shard_start, s->shard_end, + kyc_off ? true : false, &deposit_cb, &au_active); switch (qs) @@ -1106,6 +1114,10 @@ main (int argc, "test", "run in test mode and exit when idle", &test_mode), + GNUNET_GETOPT_option_flag ('y', + "kyc-off", + "perform wire transfers without KYC checks", + &kyc_off), GNUNET_GETOPT_OPTION_END }; enum GNUNET_GenericReturnValue ret; diff --git a/src/exchangedb/exchange-0001.sql b/src/exchangedb/exchange-0001.sql index 379d4c1f7..439521a72 100644 --- a/src/exchangedb/exchange-0001.sql +++ b/src/exchangedb/exchange-0001.sql @@ -70,7 +70,7 @@ CREATE TABLE IF NOT EXISTS wire_targets (wire_target_serial_id BIGSERIAL UNIQUE ,h_payto BYTEA NOT NULL CHECK (LENGTH(h_payto)=64) ,payto_uri VARCHAR NOT NULL -,kyc_ok BOOLEAN NOT NULL DEFAULT (false) +,kyc_ok BOOLEAN NOT NULL DEFAULT (FALSE) ,oauth_username VARCHAR ,PRIMARY KEY (h_payto) ); diff --git a/src/exchangedb/plugin_exchangedb_postgres.c b/src/exchangedb/plugin_exchangedb_postgres.c index 237084ae3..d7cfd8718 100644 --- a/src/exchangedb/plugin_exchangedb_postgres.c +++ b/src/exchangedb/plugin_exchangedb_postgres.c @@ -1045,7 +1045,7 @@ prepare_statements (struct PostgresClosure *pg) /* Fetch an existing deposit request. Used in #postgres_lookup_transfer_by_deposit(). */ GNUNET_PQ_make_prepare ( - "get_deposit_for_wtid", + "get_deposit_without_wtid", "SELECT" " kyc_ok" ",wire_target_serial_id AS payment_target_uuid" @@ -1091,13 +1091,14 @@ prepare_statements (struct PostgresClosure *pg) " AND shard <= $3" " AND tiny=FALSE" " AND done=FALSE" + " AND (kyc_ok OR $4)" " AND wire_deadline<=$1" " AND refund_deadline<$1" " ORDER BY " " shard ASC" " ,wire_deadline ASC" " LIMIT 1;", - 3), + 4), /* Used in #postgres_iterate_matching_deposits() */ GNUNET_PQ_make_prepare ( "deposits_iterate_matching", @@ -5257,13 +5258,15 @@ postgres_mark_deposit_done (void *cls, /** - * Obtain information about deposits that are ready to be executed. - * Such deposits must not be marked as "tiny" or "done", and the - * execution time must be in the past. + * Obtain information about deposits that are ready to be executed. Such + * deposits must not be marked as "tiny" or "done", the execution time must be + * in the past, and the KYC status must be 'ok'. * * @param cls the @e cls of this struct with the plugin-specific state * @param start_shard_row minimum shard row to select * @param end_shard_row maximum shard row to select (inclusive) + * @param kyc_off true if we should not check the KYC status because + * this exchange does not need/support KYC checks. * @param deposit_cb function to call for ONE such deposit * @param deposit_cb_cls closure for @a deposit_cb * @return transaction status code @@ -5272,15 +5275,18 @@ static enum GNUNET_DB_QueryStatus postgres_get_ready_deposit (void *cls, uint64_t start_shard_row, uint64_t end_shard_row, + bool kyc_off, TALER_EXCHANGEDB_DepositIterator deposit_cb, void *deposit_cb_cls) { struct PostgresClosure *pg = cls; + uint8_t kyc_override = (kyc_off) ? 1 : 0; struct GNUNET_TIME_Absolute now = GNUNET_TIME_absolute_get (); struct GNUNET_PQ_QueryParam params[] = { TALER_PQ_query_param_absolute_time (&now), GNUNET_PQ_query_param_uint64 (&start_shard_row), GNUNET_PQ_query_param_uint64 (&end_shard_row), + GNUNET_PQ_query_param_auto_from_type (&kyc_override), GNUNET_PQ_query_param_end }; struct TALER_Amount amount_with_fee; @@ -7298,8 +7304,8 @@ postgres_lookup_transfer_by_deposit ( "lookup_deposit_wtid returned 0 matching rows\n"); { /* Check if transaction exists in deposits, so that we just - do not have a WTID yet, if so, do call the CB with a NULL wtid - and return #GNUNET_YES! */ + do not have a WTID yet. In that case, return without wtid + (by setting 'pending' true). */ uint8_t ok8 = 0; struct GNUNET_PQ_ResultSpec rs2[] = { GNUNET_PQ_result_spec_auto_from_type ("wire_salt", @@ -7320,7 +7326,7 @@ postgres_lookup_transfer_by_deposit ( }; qs = GNUNET_PQ_eval_prepared_singleton_select (pg->conn, - "get_deposit_for_wtid", + "get_deposit_without_wtid", params, rs2); if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT == qs) diff --git a/src/exchangedb/test_exchangedb.c b/src/exchangedb/test_exchangedb.c index 691639b21..fb32aa0b6 100644 --- a/src/exchangedb/test_exchangedb.c +++ b/src/exchangedb/test_exchangedb.c @@ -1907,6 +1907,7 @@ run (void *cls) plugin->get_ready_deposit (plugin->cls, 0, INT32_MAX, + true, &deposit_cb, &deposit)); FAILIF (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT != @@ -1928,6 +1929,7 @@ run (void *cls) plugin->get_ready_deposit (plugin->cls, 0, INT32_MAX, + true, &deposit_cb, &deposit)); plugin->rollback (plugin->cls); @@ -1935,6 +1937,7 @@ run (void *cls) plugin->get_ready_deposit (plugin->cls, 0, INT32_MAX, + true, &deposit_cb, &deposit)); FAILIF (GNUNET_OK != diff --git a/src/include/taler_exchangedb_plugin.h b/src/include/taler_exchangedb_plugin.h index 075024e73..7520779e3 100644 --- a/src/include/taler_exchangedb_plugin.h +++ b/src/include/taler_exchangedb_plugin.h @@ -2731,11 +2731,14 @@ struct TALER_EXCHANGEDB_Plugin /** * Obtain information about deposits that are ready to be executed. * Such deposits must not be marked as "tiny" or "done", and the - * execution time and refund deadlines must both be in the past. + * execution time, the refund deadlines must both be in the past and + * the KYC status must be 'ok'. * * @param cls the @e cls of this struct with the plugin-specific state * @param start_shard_row minimum shard row to select * @param end_shard_row maximum shard row to select (inclusive) + * @param kyc_off true if we should not check the KYC status because + * this exchange does not need/support KYC checks. * @param deposit_cb function to call for ONE such deposit * @param deposit_cb_cls closure for @a deposit_cb * @return transaction status code @@ -2744,6 +2747,7 @@ struct TALER_EXCHANGEDB_Plugin (*get_ready_deposit)(void *cls, uint64_t start_shard_row, uint64_t end_shard_row, + bool kyc_off, TALER_EXCHANGEDB_DepositIterator deposit_cb, void *deposit_cb_cls); diff --git a/src/testing/testing_api_cmd_exec_aggregator.c b/src/testing/testing_api_cmd_exec_aggregator.c index 38875db94..20e99c141 100644 --- a/src/testing/testing_api_cmd_exec_aggregator.c +++ b/src/testing/testing_api_cmd_exec_aggregator.c @@ -68,6 +68,7 @@ aggregator_run (void *cls, "taler-exchange-aggregator", "-c", as->config_filename, "-t", /* exit when done */ + "-y", /* skip KYC */ NULL); if (NULL == as->aggregator_proc) { diff --git a/src/util/exchange_signatures.c b/src/util/exchange_signatures.c new file mode 100644 index 000000000..2e71a33c1 --- /dev/null +++ b/src/util/exchange_signatures.c @@ -0,0 +1,69 @@ +/* + This file is part of TALER + Copyright (C) 2021 Taler Systems SA + + TALER is free software; you can redistribute it and/or modify it under the + terms of the GNU General Public License as published by the Free Software + Foundation; either version 3, or (at your option) any later version. + + TALER is distributed in the hope that it will be useful, but WITHOUT ANY + WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + A PARTICULAR PURPOSE. See the GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along with + TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/> +*/ +/** + * @file exchange_signatures.c + * @brief Utility functions for Taler security module signatures + * @author Christian Grothoff + */ +#include "platform.h" +#include "taler_util.h" +#include "taler_signatures.h" + + +enum GNUNET_GenericReturnValue +TALER_exchange_deposit_confirm_verify ( + const struct TALER_PrivateContractHash *h_contract_terms, + const struct TALER_MerchantWireHash *h_wire, + const struct TALER_ExtensionContractHash *h_extensions, + struct GNUNET_TIME_Absolute exchange_timestamp, + struct GNUNET_TIME_Absolute wire_deadline, + struct GNUNET_TIME_Absolute refund_deadline, + const struct TALER_Amount *amount_without_fee, + const struct TALER_CoinSpendPublicKeyP *coin_pub, + const struct TALER_MerchantPublicKeyP *merchant_pub, + const struct TALER_ExchangePublicKeyP *exchange_pub, + const struct TALER_ExchangeSignatureP *exchange_sig) +{ + struct TALER_DepositConfirmationPS dcs = { + .purpose.purpose = htonl (TALER_SIGNATURE_EXCHANGE_CONFIRM_DEPOSIT), + .purpose.size = htonl (sizeof (struct TALER_DepositConfirmationPS)), + .h_contract_terms = *h_contract_terms, + .h_wire = *h_wire, + .exchange_timestamp = GNUNET_TIME_absolute_hton (exchange_timestamp), + .wire_deadline = GNUNET_TIME_absolute_hton (wire_deadline), + .refund_deadline = GNUNET_TIME_absolute_hton (refund_deadline), + .coin_pub = *coin_pub, + .merchant_pub = *merchant_pub + }; + + if (NULL != h_extensions) + dcs.h_extensions = *h_extensions; + TALER_amount_hton (&dcs.amount_without_fee, + amount_without_fee); + if (GNUNET_OK != + GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_EXCHANGE_CONFIRM_DEPOSIT, + &dcs, + &exchange_sig->eddsa_signature, + &exchange_pub->eddsa_pub)) + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } + return GNUNET_OK; +} + + +/* end of exchange_signatures.c */ |