gnunet-svn
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[taler-merchant] branch master updated: extend merchant backend DB to su

From: gnunet
Subject: [taler-merchant] branch master updated: extend merchant backend DB to support storing authentication data for #6731
Date: Sun, 31 Jan 2021 12:52:07 +0100 
This is an automated email from the git hooks/post-receive script.

grothoff pushed a commit to branch master
in repository merchant.

The following commit(s) were added to refs/heads/master by this push:
     new 9dded1ae extend merchant backend DB to support storing authentication 
data for #6731
9dded1ae is described below

commit 9dded1aec4e5e62dce29ac86bc486112c7bff60d
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Sun Jan 31 12:52:04 2021 +0100

    extend merchant backend DB to support storing authentication data for #6731
---
 src/backenddb/Makefile.am                  |  4 +++-
 src/backenddb/drop0002.sql                 | 32 +++++++++++++++++++++++++++
 src/backenddb/merchant-0002.sql            | 35 ++++++++++++++++++++++++++++++
 src/backenddb/plugin_merchantdb_postgres.c | 32 ++++++++++++++++++++++++---
 src/include/taler_merchantdb_plugin.h      | 13 ++++++++++-
 5 files changed, 111 insertions(+), 5 deletions(-)

diff --git a/src/backenddb/Makefile.am b/src/backenddb/Makefile.am
index f808e150..6c428fdc 100644
--- a/src/backenddb/Makefile.am
+++ b/src/backenddb/Makefile.am
@@ -13,7 +13,9 @@ sqldir = $(prefix)/share/taler/sql/merchant/
 sql_DATA = \
   merchant-0000.sql \
   merchant-0001.sql \
-  drop0001.sql
+  merchant-0002.sql \
+  drop0001.sql \
+  drop0002.sql
 
 if HAVE_POSTGRESQL
 if HAVE_GNUNETPQ
diff --git a/src/backenddb/drop0002.sql b/src/backenddb/drop0002.sql
new file mode 100644
index 00000000..a90a4304
--- /dev/null
+++ b/src/backenddb/drop0002.sql
@@ -0,0 +1,32 @@
+--
+-- This file is part of TALER
+-- Copyright (C) 2021 Taler Systems SA
+--
+-- TALER is free software; you can redistribute it and/or modify it under the
+-- terms of the GNU General Public License as published by the Free Software
+-- Foundation; either version 3, or (at your option) any later version.
+--
+-- TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+-- WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS 
FOR
+-- A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
+--
+-- You should have received a copy of the GNU General Public License along with
+-- TALER; see the file COPYING.  If not, see <http://www.gnu.org/licenses/>
+--
+
+-- Everything in one big transaction
+BEGIN;
+
+-- This script DROPs all of the tables we create, including the
+-- versioning schema!
+--
+-- Unlike the other SQL files, it SHOULD be updated to reflect the
+-- latest requirements for dropping tables.
+
+-- Drops for 0002.sql
+
+-- Unregister patch (0002.sql)
+SELECT _v.unregister_patch('merchant-0002');
+
+-- And we're out of here...
+COMMIT;
diff --git a/src/backenddb/merchant-0002.sql b/src/backenddb/merchant-0002.sql
new file mode 100644
index 00000000..528b5f6d
--- /dev/null
+++ b/src/backenddb/merchant-0002.sql
@@ -0,0 +1,35 @@
+--
+-- This file is part of TALER
+-- Copyright (C) 2021 Taler Systems SA
+--
+-- TALER is free software; you can redistribute it and/or modify it under the
+-- terms of the GNU General Public License as published by the Free Software
+-- Foundation; either version 3, or (at your option) any later version.
+--
+-- TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+-- WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS 
FOR
+-- A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
+--
+-- You should have received a copy of the GNU General Public License along with
+-- TALER; see the file COPYING.  If not, see <http://www.gnu.org/licenses/>
+--
+
+-- Everything in one big transaction
+BEGIN;
+
+-- Check patch versioning is in place.
+SELECT _v.register_patch('merchant-0002', NULL, NULL);
+
+
+-- need serial IDs on various tables for exchange-auditor replication
+ALTER TABLE merchant_instances
+  ADD COLUMN auth_hash BYTEA CHECK(LENGTH(auth_hash)=64),
+  ADD COLUMN auth_salt BYTEA CHECK(LENGTH(auth_salt)=32);
+COMMENT ON COLUMN merchant_instances.auth_hash
+  IS 'hash used for merchant back office Authorization, NULL for no check';
+COMMENT ON COLUMN merchant_instances.auth_salt
+  IS 'salt to use when hashing Authorization header before comparing with 
auth_hash';
+
+
+-- Complete transaction
+COMMIT;
diff --git a/src/backenddb/plugin_merchantdb_postgres.c 
b/src/backenddb/plugin_merchantdb_postgres.c
index babc47ca..4506c57e 100644
--- a/src/backenddb/plugin_merchantdb_postgres.c
+++ b/src/backenddb/plugin_merchantdb_postgres.c
@@ -484,11 +484,21 @@ lookup_instances_cb (void *cls,
 
   for (unsigned int i = 0; i < num_results; i++)
   {
+    bool no_auth;
+    bool no_salt;
     struct GNUNET_PQ_ResultSpec rs[] = {
       GNUNET_PQ_result_spec_uint64 ("merchant_serial",
                                     &lic->instance_serial),
       GNUNET_PQ_result_spec_auto_from_type ("merchant_pub",
                                             &lic->merchant_pub),
+      GNUNET_PQ_result_spec_allow_null (
+        GNUNET_PQ_result_spec_auto_from_type ("auth_hash",
+                                              &lic->is.auth_hash),
+        &no_auth),
+      GNUNET_PQ_result_spec_allow_null (
+        GNUNET_PQ_result_spec_auto_from_type ("auth_salt",
+                                              &lic->is.auth_salt),
+        &no_salt),
       GNUNET_PQ_result_spec_string ("merchant_id",
                                     &lic->is.id),
       GNUNET_PQ_result_spec_string ("merchant_name",
@@ -514,6 +524,12 @@ lookup_instances_cb (void *cls,
       GNUNET_PQ_query_param_end
     };
 
+    memset (&lic->is.auth_salt,
+            0,
+            sizeof (lic->is.auth_salt));
+    memset (&lic->is.auth_hash,
+            0,
+            sizeof (lic->is.auth_hash));
     if (GNUNET_OK !=
         GNUNET_PQ_extract_result (result,
                                   rs,
@@ -599,6 +615,8 @@ postgres_insert_instance (void *cls,
   struct PostgresClosure *pg = cls;
   struct GNUNET_PQ_QueryParam params[] = {
     GNUNET_PQ_query_param_auto_from_type (merchant_pub),
+    GNUNET_PQ_query_param_auto_from_type (&is->auth_hash),
+    GNUNET_PQ_query_param_auto_from_type (&is->auth_salt),
     GNUNET_PQ_query_param_string (is->id),
     GNUNET_PQ_query_param_string (is->name),
     TALER_PQ_query_param_json (is->address),
@@ -736,6 +754,8 @@ postgres_update_instance (void *cls,
     GNUNET_PQ_query_param_relative_time (
       &is->default_wire_transfer_delay),
     GNUNET_PQ_query_param_relative_time (&is->default_pay_delay),
+    GNUNET_PQ_query_param_auto_from_type (&is->auth_hash),
+    GNUNET_PQ_query_param_auto_from_type (&is->auth_salt),
     GNUNET_PQ_query_param_end
   };
 
@@ -6024,6 +6044,8 @@ postgres_connect (void *cls)
                             "SELECT"
                             " merchant_serial"
                             ",merchant_pub"
+                            ",auth_hash"
+                            ",auth_salt"
                             ",merchant_id"
                             ",merchant_name"
                             ",address"
@@ -6041,6 +6063,8 @@ postgres_connect (void *cls)
     GNUNET_PQ_make_prepare ("insert_instance",
                             "INSERT INTO merchant_instances"
                             "(merchant_pub"
+                            ",auth_hash"
+                            ",auth_salt"
                             ",merchant_id"
                             ",merchant_name"
                             ",address"
@@ -6053,8 +6077,8 @@ postgres_connect (void *cls)
                             ",default_wire_transfer_delay"
                             ",default_pay_delay)"
                             "VALUES"
-                            "($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, 
$12)",
-                            12),
+                            "($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, 
$12, $13, $14)",
+                            14),
     /* for postgres_insert_instance() */
     GNUNET_PQ_make_prepare ("insert_keys",
                             "INSERT INTO merchant_keys"
@@ -6102,8 +6126,10 @@ postgres_connect (void *cls)
                             ",default_wire_fee_amortization=$9"
                             ",default_wire_transfer_delay=$10"
                             ",default_pay_delay=$11"
+                            ",auth_hash=$12"
+                            ",auth_salt=$13"
                             " WHERE merchant_id = $1",
-                            11),
+                            13),
     /* for postgres_inactivate_account() */
     GNUNET_PQ_make_prepare ("inactivate_account",
                             "UPDATE merchant_accounts SET"
diff --git a/src/include/taler_merchantdb_plugin.h 
b/src/include/taler_merchantdb_plugin.h
index 2d64ce43..7d7bd9dc 100644
--- a/src/include/taler_merchantdb_plugin.h
+++ b/src/include/taler_merchantdb_plugin.h
@@ -1,6 +1,6 @@
 /*
   This file is part of TALER
-  Copyright (C) 2014-2020 Taler Systems SA
+  Copyright (C) 2014-2021 Taler Systems SA
 
   TALER is free software; you can redistribute it and/or modify it under the
   terms of the GNU Lesser General Public License as published by the Free 
Software
@@ -118,6 +118,17 @@ struct TALER_MERCHANTDB_InstanceSettings
    */
   struct GNUNET_TIME_Relative default_pay_delay;
 
+  /**
+   * Hash used for authentication.  All zero if authentication is off.
+   */
+  struct GNUNET_HashCode auth_hash;
+
+  /**
+   * Salt used to hash the "Authentication" header, the result must then
+   * match the @e auth_hash.
+   */
+  struct GNUNET_ShortHashCode auth_salt;
+
 };
 
 

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]