aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/exchange/taler-exchange-aggregator.c12
-rw-r--r--src/exchangedb/exchange-0001.sql2
-rw-r--r--src/exchangedb/plugin_exchangedb_postgres.c22
-rw-r--r--src/exchangedb/test_exchangedb.c3
-rw-r--r--src/include/taler_exchangedb_plugin.h6
-rw-r--r--src/testing/testing_api_cmd_exec_aggregator.c1
-rw-r--r--src/util/exchange_signatures.c69
7 files changed, 105 insertions, 10 deletions
diff --git a/src/exchange/taler-exchange-aggregator.c b/src/exchange/taler-exchange-aggregator.c
index 94efe28f3..73bbcc594 100644
--- a/src/exchange/taler-exchange-aggregator.c
+++ b/src/exchange/taler-exchange-aggregator.c
@@ -150,6 +150,13 @@ static struct TALER_Amount currency_round_unit;
static char *exchange_base_url;
/**
+ * Set to #GNUNET_YES if this exchange does not support KYC checks
+ * and thus deposits are to be aggregated regardless of the
+ * KYC status of the target account.
+ */
+static int kyc_off;
+
+/**
* The exchange's configuration.
*/
static const struct GNUNET_CONFIGURATION_Handle *cfg;
@@ -706,6 +713,7 @@ run_aggregation (void *cls)
db_plugin->cls,
s->shard_start,
s->shard_end,
+ kyc_off ? true : false,
&deposit_cb,
&au_active);
switch (qs)
@@ -1106,6 +1114,10 @@ main (int argc,
"test",
"run in test mode and exit when idle",
&test_mode),
+ GNUNET_GETOPT_option_flag ('y',
+ "kyc-off",
+ "perform wire transfers without KYC checks",
+ &kyc_off),
GNUNET_GETOPT_OPTION_END
};
enum GNUNET_GenericReturnValue ret;
diff --git a/src/exchangedb/exchange-0001.sql b/src/exchangedb/exchange-0001.sql
index 379d4c1f7..439521a72 100644
--- a/src/exchangedb/exchange-0001.sql
+++ b/src/exchangedb/exchange-0001.sql
@@ -70,7 +70,7 @@ CREATE TABLE IF NOT EXISTS wire_targets
(wire_target_serial_id BIGSERIAL UNIQUE
,h_payto BYTEA NOT NULL CHECK (LENGTH(h_payto)=64)
,payto_uri VARCHAR NOT NULL
-,kyc_ok BOOLEAN NOT NULL DEFAULT (false)
+,kyc_ok BOOLEAN NOT NULL DEFAULT (FALSE)
,oauth_username VARCHAR
,PRIMARY KEY (h_payto)
);
diff --git a/src/exchangedb/plugin_exchangedb_postgres.c b/src/exchangedb/plugin_exchangedb_postgres.c
index 237084ae3..d7cfd8718 100644
--- a/src/exchangedb/plugin_exchangedb_postgres.c
+++ b/src/exchangedb/plugin_exchangedb_postgres.c
@@ -1045,7 +1045,7 @@ prepare_statements (struct PostgresClosure *pg)
/* Fetch an existing deposit request.
Used in #postgres_lookup_transfer_by_deposit(). */
GNUNET_PQ_make_prepare (
- "get_deposit_for_wtid",
+ "get_deposit_without_wtid",
"SELECT"
" kyc_ok"
",wire_target_serial_id AS payment_target_uuid"
@@ -1091,13 +1091,14 @@ prepare_statements (struct PostgresClosure *pg)
" AND shard <= $3"
" AND tiny=FALSE"
" AND done=FALSE"
+ " AND (kyc_ok OR $4)"
" AND wire_deadline<=$1"
" AND refund_deadline<$1"
" ORDER BY "
" shard ASC"
" ,wire_deadline ASC"
" LIMIT 1;",
- 3),
+ 4),
/* Used in #postgres_iterate_matching_deposits() */
GNUNET_PQ_make_prepare (
"deposits_iterate_matching",
@@ -5257,13 +5258,15 @@ postgres_mark_deposit_done (void *cls,
/**
- * Obtain information about deposits that are ready to be executed.
- * Such deposits must not be marked as "tiny" or "done", and the
- * execution time must be in the past.
+ * Obtain information about deposits that are ready to be executed. Such
+ * deposits must not be marked as "tiny" or "done", the execution time must be
+ * in the past, and the KYC status must be 'ok'.
*
* @param cls the @e cls of this struct with the plugin-specific state
* @param start_shard_row minimum shard row to select
* @param end_shard_row maximum shard row to select (inclusive)
+ * @param kyc_off true if we should not check the KYC status because
+ * this exchange does not need/support KYC checks.
* @param deposit_cb function to call for ONE such deposit
* @param deposit_cb_cls closure for @a deposit_cb
* @return transaction status code
@@ -5272,15 +5275,18 @@ static enum GNUNET_DB_QueryStatus
postgres_get_ready_deposit (void *cls,
uint64_t start_shard_row,
uint64_t end_shard_row,
+ bool kyc_off,
TALER_EXCHANGEDB_DepositIterator deposit_cb,
void *deposit_cb_cls)
{
struct PostgresClosure *pg = cls;
+ uint8_t kyc_override = (kyc_off) ? 1 : 0;
struct GNUNET_TIME_Absolute now = GNUNET_TIME_absolute_get ();
struct GNUNET_PQ_QueryParam params[] = {
TALER_PQ_query_param_absolute_time (&now),
GNUNET_PQ_query_param_uint64 (&start_shard_row),
GNUNET_PQ_query_param_uint64 (&end_shard_row),
+ GNUNET_PQ_query_param_auto_from_type (&kyc_override),
GNUNET_PQ_query_param_end
};
struct TALER_Amount amount_with_fee;
@@ -7298,8 +7304,8 @@ postgres_lookup_transfer_by_deposit (
"lookup_deposit_wtid returned 0 matching rows\n");
{
/* Check if transaction exists in deposits, so that we just
- do not have a WTID yet, if so, do call the CB with a NULL wtid
- and return #GNUNET_YES! */
+ do not have a WTID yet. In that case, return without wtid
+ (by setting 'pending' true). */
uint8_t ok8 = 0;
struct GNUNET_PQ_ResultSpec rs2[] = {
GNUNET_PQ_result_spec_auto_from_type ("wire_salt",
@@ -7320,7 +7326,7 @@ postgres_lookup_transfer_by_deposit (
};
qs = GNUNET_PQ_eval_prepared_singleton_select (pg->conn,
- "get_deposit_for_wtid",
+ "get_deposit_without_wtid",
params,
rs2);
if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT == qs)
diff --git a/src/exchangedb/test_exchangedb.c b/src/exchangedb/test_exchangedb.c
index 691639b21..fb32aa0b6 100644
--- a/src/exchangedb/test_exchangedb.c
+++ b/src/exchangedb/test_exchangedb.c
@@ -1907,6 +1907,7 @@ run (void *cls)
plugin->get_ready_deposit (plugin->cls,
0,
INT32_MAX,
+ true,
&deposit_cb,
&deposit));
FAILIF (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT !=
@@ -1928,6 +1929,7 @@ run (void *cls)
plugin->get_ready_deposit (plugin->cls,
0,
INT32_MAX,
+ true,
&deposit_cb,
&deposit));
plugin->rollback (plugin->cls);
@@ -1935,6 +1937,7 @@ run (void *cls)
plugin->get_ready_deposit (plugin->cls,
0,
INT32_MAX,
+ true,
&deposit_cb,
&deposit));
FAILIF (GNUNET_OK !=
diff --git a/src/include/taler_exchangedb_plugin.h b/src/include/taler_exchangedb_plugin.h
index 075024e73..7520779e3 100644
--- a/src/include/taler_exchangedb_plugin.h
+++ b/src/include/taler_exchangedb_plugin.h
@@ -2731,11 +2731,14 @@ struct TALER_EXCHANGEDB_Plugin
/**
* Obtain information about deposits that are ready to be executed.
* Such deposits must not be marked as "tiny" or "done", and the
- * execution time and refund deadlines must both be in the past.
+ * execution time, the refund deadlines must both be in the past and
+ * the KYC status must be 'ok'.
*
* @param cls the @e cls of this struct with the plugin-specific state
* @param start_shard_row minimum shard row to select
* @param end_shard_row maximum shard row to select (inclusive)
+ * @param kyc_off true if we should not check the KYC status because
+ * this exchange does not need/support KYC checks.
* @param deposit_cb function to call for ONE such deposit
* @param deposit_cb_cls closure for @a deposit_cb
* @return transaction status code
@@ -2744,6 +2747,7 @@ struct TALER_EXCHANGEDB_Plugin
(*get_ready_deposit)(void *cls,
uint64_t start_shard_row,
uint64_t end_shard_row,
+ bool kyc_off,
TALER_EXCHANGEDB_DepositIterator deposit_cb,
void *deposit_cb_cls);
diff --git a/src/testing/testing_api_cmd_exec_aggregator.c b/src/testing/testing_api_cmd_exec_aggregator.c
index 38875db94..20e99c141 100644
--- a/src/testing/testing_api_cmd_exec_aggregator.c
+++ b/src/testing/testing_api_cmd_exec_aggregator.c
@@ -68,6 +68,7 @@ aggregator_run (void *cls,
"taler-exchange-aggregator",
"-c", as->config_filename,
"-t", /* exit when done */
+ "-y", /* skip KYC */
NULL);
if (NULL == as->aggregator_proc)
{
diff --git a/src/util/exchange_signatures.c b/src/util/exchange_signatures.c
new file mode 100644
index 000000000..2e71a33c1
--- /dev/null
+++ b/src/util/exchange_signatures.c
@@ -0,0 +1,69 @@
+/*
+ This file is part of TALER
+ Copyright (C) 2021 Taler Systems SA
+
+ TALER is free software; you can redistribute it and/or modify it under the
+ terms of the GNU General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+*/
+/**
+ * @file exchange_signatures.c
+ * @brief Utility functions for Taler security module signatures
+ * @author Christian Grothoff
+ */
+#include "platform.h"
+#include "taler_util.h"
+#include "taler_signatures.h"
+
+
+enum GNUNET_GenericReturnValue
+TALER_exchange_deposit_confirm_verify (
+ const struct TALER_PrivateContractHash *h_contract_terms,
+ const struct TALER_MerchantWireHash *h_wire,
+ const struct TALER_ExtensionContractHash *h_extensions,
+ struct GNUNET_TIME_Absolute exchange_timestamp,
+ struct GNUNET_TIME_Absolute wire_deadline,
+ struct GNUNET_TIME_Absolute refund_deadline,
+ const struct TALER_Amount *amount_without_fee,
+ const struct TALER_CoinSpendPublicKeyP *coin_pub,
+ const struct TALER_MerchantPublicKeyP *merchant_pub,
+ const struct TALER_ExchangePublicKeyP *exchange_pub,
+ const struct TALER_ExchangeSignatureP *exchange_sig)
+{
+ struct TALER_DepositConfirmationPS dcs = {
+ .purpose.purpose = htonl (TALER_SIGNATURE_EXCHANGE_CONFIRM_DEPOSIT),
+ .purpose.size = htonl (sizeof (struct TALER_DepositConfirmationPS)),
+ .h_contract_terms = *h_contract_terms,
+ .h_wire = *h_wire,
+ .exchange_timestamp = GNUNET_TIME_absolute_hton (exchange_timestamp),
+ .wire_deadline = GNUNET_TIME_absolute_hton (wire_deadline),
+ .refund_deadline = GNUNET_TIME_absolute_hton (refund_deadline),
+ .coin_pub = *coin_pub,
+ .merchant_pub = *merchant_pub
+ };
+
+ if (NULL != h_extensions)
+ dcs.h_extensions = *h_extensions;
+ TALER_amount_hton (&dcs.amount_without_fee,
+ amount_without_fee);
+ if (GNUNET_OK !=
+ GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_EXCHANGE_CONFIRM_DEPOSIT,
+ &dcs,
+ &exchange_sig->eddsa_signature,
+ &exchange_pub->eddsa_pub))
+ {
+ GNUNET_break_op (0);
+ return GNUNET_SYSERR;
+ }
+ return GNUNET_OK;
+}
+
+
+/* end of exchange_signatures.c */