[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] branch master updated: -preparations for sepa auth plu
|
From: |
gnunet |
|
Subject: |
[taler-anastasis] branch master updated: -preparations for sepa auth plugin |
|
Date: |
Mon, 16 Aug 2021 11:01:40 +0200 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository anastasis.
The following commit(s) were added to refs/heads/master by this push:
new c1c40ea -preparations for sepa auth plugin
c1c40ea is described below
commit c1c40eaa24926273a6aa688e92e99d832aa1501e
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Mon Aug 16 11:01:38 2021 +0200
-preparations for sepa auth plugin
---
src/authorization/anastasis_authorization_plugin.c | 17 +++++----------
.../anastasis_authorization_plugin_iban.c | 1 +
src/backend/anastasis-httpd_config.c | 6 ++----
src/backend/anastasis-httpd_truth.c | 14 ++++++++----
src/backend/anastasis-httpd_truth_upload.c | 25 +++++++++-------------
src/include/anastasis_authorization_lib.h | 6 ++----
src/include/anastasis_authorization_plugin.h | 12 +++++++++++
src/include/anastasis_database_plugin.h | 4 +++-
src/stasis/plugin_anastasis_postgres.c | 18 +++++++++++++++-
9 files changed, 62 insertions(+), 41 deletions(-)
diff --git a/src/authorization/anastasis_authorization_plugin.c
b/src/authorization/anastasis_authorization_plugin.c
index adb1c5b..da28f40 100644
--- a/src/authorization/anastasis_authorization_plugin.c
+++ b/src/authorization/anastasis_authorization_plugin.c
@@ -66,32 +66,25 @@ struct AuthPlugin
*/
char *lib_name;
- /**
- * Cost of using this plugin.
- */
- struct TALER_Amount cost;
};
struct ANASTASIS_AuthorizationPlugin *
ANASTASIS_authorization_plugin_load (
const char *method,
- const struct GNUNET_CONFIGURATION_Handle *AH_cfg,
- struct TALER_Amount *cost)
+ const struct GNUNET_CONFIGURATION_Handle *AH_cfg)
{
struct ANASTASIS_AuthorizationPlugin *authorization;
char *lib_name;
char *sec_name;
struct AuthPlugin *ap;
char *currency;
+ struct TALER_Amount cost;
for (ap = ap_head; NULL != ap; ap = ap->next)
if (0 == strcmp (method,
ap->name))
- {
- *cost = ap->cost;
return ap->authorization;
- }
if (GNUNET_OK !=
TALER_config_get_currency (AH_cfg,
¤cy))
@@ -104,7 +97,7 @@ ANASTASIS_authorization_plugin_load (
TALER_config_get_amount (AH_cfg,
sec_name,
"COST",
- &ap->cost))
+ &cost))
{
GNUNET_log_config_missing (GNUNET_ERROR_TYPE_WARNING,
sec_name,
@@ -117,7 +110,7 @@ ANASTASIS_authorization_plugin_load (
if (0 !=
strcasecmp (currency,
- ap->cost.currency))
+ cost.currency))
{
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
sec_name,
@@ -144,13 +137,13 @@ ANASTASIS_authorization_plugin_load (
GNUNET_free (ap);
return NULL;
}
+ authorization->cost = cost;
ap->name = GNUNET_strdup (method);
ap->lib_name = lib_name;
ap->authorization = authorization;
GNUNET_CONTAINER_DLL_insert (ap_head,
ap_tail,
ap);
- *cost = ap->cost;
return authorization;
}
diff --git a/src/authorization/anastasis_authorization_plugin_iban.c
b/src/authorization/anastasis_authorization_plugin_iban.c
index 61e7f59..d1a71f9 100644
--- a/src/authorization/anastasis_authorization_plugin_iban.c
+++ b/src/authorization/anastasis_authorization_plugin_iban.c
@@ -553,6 +553,7 @@ libanastasis_plugin_authorization_iban_init (void *cls)
return NULL;
}
plugin = GNUNET_new (struct ANASTASIS_AuthorizationPlugin);
+ plugin->payment_plugin_managed = true;
plugin->code_validity_period = GNUNET_TIME_UNIT_MONTHS;
plugin->code_rotation_period = GNUNET_TIME_UNIT_WEEKS;
plugin->code_retransmission_frequency = GNUNET_TIME_UNIT_FOREVER_REL;
diff --git a/src/backend/anastasis-httpd_config.c
b/src/backend/anastasis-httpd_config.c
index 89b82d0..d265f99 100644
--- a/src/backend/anastasis-httpd_config.c
+++ b/src/backend/anastasis-httpd_config.c
@@ -40,7 +40,6 @@ add_methods (void *cls,
{
json_t *method_arr = cls;
struct ANASTASIS_AuthorizationPlugin *p;
- struct TALER_Amount cost;
json_t *method;
if (0 != strncasecmp (section,
@@ -54,8 +53,7 @@ add_methods (void *cls,
return;
section += strlen ("authorization-");
p = ANASTASIS_authorization_plugin_load (section,
- AH_cfg,
- &cost);
+ AH_cfg);
if (NULL == p)
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
@@ -67,7 +65,7 @@ add_methods (void *cls,
GNUNET_JSON_pack_string ("type",
section),
TALER_JSON_pack_amount ("cost",
- &cost));
+ &p->cost));
GNUNET_assert (
0 ==
json_array_append_new (method_arr,
diff --git a/src/backend/anastasis-httpd_truth.c
b/src/backend/anastasis-httpd_truth.c
index f69ff7b..ee0f2bf 100644
--- a/src/backend/anastasis-httpd_truth.c
+++ b/src/backend/anastasis-httpd_truth.c
@@ -1168,8 +1168,7 @@ AH_handler_truth_get (
{
gc->authorization
= ANASTASIS_authorization_plugin_load (method,
- AH_cfg,
- &gc->challenge_cost);
+ AH_cfg);
if (NULL == gc->authorization)
{
MHD_RESULT ret;
@@ -1184,6 +1183,7 @@ AH_handler_truth_get (
GNUNET_free (method);
return ret;
}
+ gc->challenge_cost = gc->authorization->cost;
}
else
{
@@ -1192,6 +1192,7 @@ AH_handler_truth_get (
GNUNET_free (method);
}
+ if (! gc->authorization->payment_plugin_managed)
{
struct TALER_Amount zero_amount;
@@ -1294,6 +1295,7 @@ AH_handler_truth_get (
uint64_t code;
enum ANASTASIS_DB_CodeStatus cs;
struct GNUNET_HashCode hc;
+ bool satisfied;
rt = GNUNET_TIME_UNIT_FOREVER_ABS;
qs = db->create_challenge_code (db->cls,
@@ -1327,7 +1329,8 @@ AH_handler_truth_get (
&hc);
cs = db->verify_challenge_code (db->cls,
&gc->truth_uuid,
- &hc);
+ &hc,
+ &satisfied);
switch (cs)
{
case ANASTASIS_DB_CODE_STATUS_CHALLENGE_CODE_MISMATCH:
@@ -1376,12 +1379,14 @@ AH_handler_truth_get (
if (gc->have_response)
{
enum ANASTASIS_DB_CodeStatus cs;
+ bool satisfied;
GNUNET_free (decrypted_truth);
GNUNET_free (truth_mime);
cs = db->verify_challenge_code (db->cls,
&gc->truth_uuid,
- &challenge_response);
+ &challenge_response,
+ &satisfied);
switch (cs)
{
case ANASTASIS_DB_CODE_STATUS_CHALLENGE_CODE_MISMATCH:
@@ -1407,6 +1412,7 @@ AH_handler_truth_get (
TALER_EC_ANASTASIS_TRUTH_RATE_LIMITED,
NULL);
case ANASTASIS_DB_CODE_STATUS_VALID_CODE_STORED:
+ // FIXME: if ! satisfied don't do this...
return return_key_share (&gc->truth_uuid,
connection);
}
diff --git a/src/backend/anastasis-httpd_truth_upload.c
b/src/backend/anastasis-httpd_truth_upload.c
index 0fb9017..0781f73 100644
--- a/src/backend/anastasis-httpd_truth_upload.c
+++ b/src/backend/anastasis-httpd_truth_upload.c
@@ -670,22 +670,17 @@ AH_handler_truth_post (
}
/* check method is supported */
+ if ( (0 != strcmp ("question",
+ type)) &&
+ (NULL ==
+ ANASTASIS_authorization_plugin_load (type,
+ AH_cfg)) )
{
- struct TALER_Amount dummy;
-
- if ( (0 != strcmp ("question",
- type)) &&
- (NULL ==
- ANASTASIS_authorization_plugin_load (type,
- AH_cfg,
- &dummy)) )
- {
- GNUNET_JSON_parse_free (spec);
- return TALER_MHD_reply_with_error (connection,
- MHD_HTTP_BAD_REQUEST,
-
TALER_EC_ANASTASIS_TRUTH_UPLOAD_METHOD_NOT_SUPPORTED,
- type);
- }
+ GNUNET_JSON_parse_free (spec);
+ return TALER_MHD_reply_with_error (connection,
+ MHD_HTTP_BAD_REQUEST,
+
TALER_EC_ANASTASIS_TRUTH_UPLOAD_METHOD_NOT_SUPPORTED,
+ type);
}
if (storage_years > ANASTASIS_MAX_YEARS_STORAGE)
diff --git a/src/include/anastasis_authorization_lib.h
b/src/include/anastasis_authorization_lib.h
index 9bebe1a..e8eaf74 100644
--- a/src/include/anastasis_authorization_lib.h
+++ b/src/include/anastasis_authorization_lib.h
@@ -30,14 +30,12 @@
*
* @param method name of the method to load
* @param AH_cfg configuration to use
- * @param[out] cost set to the cost for using the plugin during recovery
- * @return #GNUNET_OK on success
+ * @return plugin handle on success
*/
struct ANASTASIS_AuthorizationPlugin *
ANASTASIS_authorization_plugin_load (
const char *method,
- const struct GNUNET_CONFIGURATION_Handle *AH_cfg,
- struct TALER_Amount *cost);
+ const struct GNUNET_CONFIGURATION_Handle *AH_cfg);
/**
diff --git a/src/include/anastasis_authorization_plugin.h
b/src/include/anastasis_authorization_plugin.h
index b159aaa..a1006a7 100644
--- a/src/include/anastasis_authorization_plugin.h
+++ b/src/include/anastasis_authorization_plugin.h
@@ -96,6 +96,18 @@ struct ANASTASIS_AuthorizationPlugin
*/
void *cls;
+ /**
+ * Cost to GET the /truth using this method. Set by the plugin's
+ * loader, not by the plugin itself.
+ */
+ struct TALER_Amount cost;
+
+ /**
+ * True if the payment is managed internally by the
+ * authorization plugin.
+ */
+ bool payment_plugin_managed;
+
/**
* How long should a generated challenge be valid for this type of method.
*/
diff --git a/src/include/anastasis_database_plugin.h
b/src/include/anastasis_database_plugin.h
index 7ad47ca..069d0d9 100644
--- a/src/include/anastasis_database_plugin.h
+++ b/src/include/anastasis_database_plugin.h
@@ -584,13 +584,15 @@ struct ANASTASIS_DatabasePlugin
* @param cls closure
* @param truth_uuid identification of the challenge which the code
corresponds to
* @param hashed_code code which the user provided and wants to verify
+ * @param[out] satisfied set to true if the challenge is set to satisfied
* @return transaction status
*/
enum ANASTASIS_DB_CodeStatus
(*verify_challenge_code)(
void *cls,
const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_uuid,
- const struct GNUNET_HashCode *hashed_code);
+ const struct GNUNET_HashCode *hashed_code,
+ bool *satisfied);
/**
diff --git a/src/stasis/plugin_anastasis_postgres.c
b/src/stasis/plugin_anastasis_postgres.c
index 9d206c7..325bae8 100644
--- a/src/stasis/plugin_anastasis_postgres.c
+++ b/src/stasis/plugin_anastasis_postgres.c
@@ -1758,6 +1758,11 @@ struct CheckValidityContext
*/
bool valid;
+ /**
+ * Set to true if a code matching @e hashed_code was set to 'satisfied' by
the plugin.
+ */
+ bool satisfied;
+
/**
* Set to true if we had a database failure.
*/
@@ -1786,9 +1791,12 @@ check_valid_code (void *cls,
for (unsigned int i = 0; i < num_results; i++)
{
uint64_t server_code;
+ uint8_t sat;
struct GNUNET_PQ_ResultSpec rs[] = {
GNUNET_PQ_result_spec_uint64 ("code",
&server_code),
+ GNUNET_PQ_result_spec_auto_from_type ("satisfied",
+ &sat),
GNUNET_PQ_result_spec_end
};
@@ -1811,6 +1819,7 @@ check_valid_code (void *cls,
cvc->hashed_code))
{
cvc->valid = true;
+ cvc->satisfied = (0 != sat);
}
else
{
@@ -1844,13 +1853,15 @@ check_valid_code (void *cls,
* @param cls closure
* @param truth_uuid identification of the challenge which the code
corresponds to
* @param hashed_code code which the user provided and wants to verify
+ * @param[out] satisfied set to true if the challenge is set to satisfied
* @return code validity status
*/
enum ANASTASIS_DB_CodeStatus
postgres_verify_challenge_code (
void *cls,
const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_uuid,
- const struct GNUNET_HashCode *hashed_code)
+ const struct GNUNET_HashCode *hashed_code,
+ bool *satisfied)
{
struct PostgresClosure *pg = cls;
struct CheckValidityContext cvc = {
@@ -1866,6 +1877,7 @@ postgres_verify_challenge_code (
};
enum GNUNET_DB_QueryStatus qs;
+ *satisfied = false;
check_connection (pg);
GNUNET_TIME_round_abs (&now);
qs = GNUNET_PQ_eval_prepared_multi_select (pg->conn,
@@ -1877,7 +1889,10 @@ postgres_verify_challenge_code (
(cvc.db_failure) )
return ANASTASIS_DB_CODE_STATUS_HARD_ERROR;
if (cvc.valid)
+ {
+ *satisfied = cvc.satisfied;
return ANASTASIS_DB_CODE_STATUS_VALID_CODE_STORED;
+ }
if (0 == qs)
return ANASTASIS_DB_CODE_STATUS_NO_RESULTS;
return ANASTASIS_DB_CODE_STATUS_CHALLENGE_CODE_MISMATCH;
@@ -2523,6 +2538,7 @@ libanastasis_plugin_db_postgres_init (void *cls)
GNUNET_PQ_make_prepare ("challengecode_select",
"SELECT "
" code"
+ ",satisfied"
" FROM anastasis_challengecode"
" WHERE truth_uuid=$1"
" AND expiration_date > $2"
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-anastasis] branch master updated: -preparations for sepa auth plugin,
gnunet <=