diff options
| author | Christian Grothoff <christian@grothoff.org> | 2022-02-28 20:37:19 +0100 | 
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2022-02-28 20:37:19 +0100 | 
| commit | 23bc09fe3c2ca08ce209fffc0ad0ae3e51b06ef4 (patch) | |
| tree | 6a9dc253ce596c247a3aac6095205f195198b8d7 | |
| parent | 8f77bda2e0297185c98694edf0d752cc925bf9a2 (diff) | |
get test-auditor and #7181 to pass
| -rw-r--r-- | src/auditor/Makefile.am | 3 | ||||
| -rw-r--r-- | src/auditor/auditor-basedb.conf | 186 | ||||
| -rwxr-xr-x | src/auditor/generate-auditor-basedb.sh | 4 | ||||
| -rwxr-xr-x | src/auditor/generate-revoke-basedb.sh | 2 | ||||
| -rw-r--r-- | src/auditor/report-lib.c | 44 | ||||
| -rw-r--r-- | src/auditor/revoke-basedb.conf (renamed from src/auditor/test-auditor.conf) | 0 | ||||
| -rw-r--r-- | src/auditor/taler-helper-auditor-aggregation.c | 15 | ||||
| -rwxr-xr-x | src/auditor/test-auditor.sh | 122 | ||||
| -rwxr-xr-x | src/auditor/test-revocation.sh | 4 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_transfers_get.c | 2 | ||||
| -rw-r--r-- | src/exchangedb/exchange-0001.sql | 186 | ||||
| -rw-r--r-- | src/exchangedb/plugin_exchangedb_postgres.c | 5 | ||||
| -rw-r--r-- | src/exchangedb/test_exchangedb.c | 2 | ||||
| -rw-r--r-- | src/include/taler_exchangedb_plugin.h | 2 | ||||
| -rw-r--r-- | src/pq/pq_result_helper.c | 14 | ||||
| -rw-r--r-- | src/testing/test_auditor_api-cs.conf | 2 | ||||
| -rw-r--r-- | src/testing/test_auditor_api-rsa.conf | 1 | 
17 files changed, 427 insertions, 167 deletions
| diff --git a/src/auditor/Makefile.am b/src/auditor/Makefile.am index 49f4030e..cdf644d1 100644 --- a/src/auditor/Makefile.am +++ b/src/auditor/Makefile.am @@ -200,7 +200,6 @@ EXTRA_DIST = \    taler-auditor.in \    taler-helper-auditor-render.py \    auditor.conf \ -  test-auditor.conf \    test-sync-in.conf \    test-sync-out.conf \    generate-auditor-basedb.sh \ @@ -209,8 +208,10 @@ EXTRA_DIST = \    generate-auditor-basedb-template.conf \    $(check_SCRIPTS) \    auditor-basedb.age \ +  auditor-basedb.conf \    auditor-basedb.sql \    auditor-basedb.mpub \    revoke-basedb.age \ +  revoke-basedb.conf \    revoke-basedb.sql \    revoke-basedb.mpub diff --git a/src/auditor/auditor-basedb.conf b/src/auditor/auditor-basedb.conf new file mode 100644 index 00000000..b224684e --- /dev/null +++ b/src/auditor/auditor-basedb.conf @@ -0,0 +1,186 @@ +[arm] +CONFIG = /research/taler/exchange/src/auditor/auditor-basedb.conf + +[benchmark] +MERCHANT_DETAILS = merchant_details.json +BANK_DETAILS = bank_details.json + +[coin_kudos_10] +rsa_keysize = 1024 +CIPHER = RSA +fee_refund = TESTKUDOS:0.01 +fee_refresh = TESTKUDOS:0.03 +fee_deposit = TESTKUDOS:0.01 +fee_withdraw = TESTKUDOS:0.01 +duration_legal = 3 years +duration_spend = 2 years +duration_withdraw = 7 days +value = TESTKUDOS:10 + +[coin_kudos_8] +rsa_keysize = 1024 +CIPHER = RSA +fee_refund = TESTKUDOS:0.04 +fee_refresh = TESTKUDOS:0.03 +fee_deposit = TESTKUDOS:0.02 +fee_withdraw = TESTKUDOS:0.05 +duration_legal = 3 years +duration_spend = 2 years +duration_withdraw = 7 days +value = TESTKUDOS:8 + +[coin_kudos_5] +rsa_keysize = 1024 +CIPHER = RSA +fee_refund = TESTKUDOS:0.01 +fee_refresh = TESTKUDOS:0.03 +fee_deposit = TESTKUDOS:0.01 +fee_withdraw = TESTKUDOS:0.01 +duration_legal = 3 years +duration_spend = 2 years +duration_withdraw = 7 days +value = TESTKUDOS:5 + +[coin_kudos_4] +rsa_keysize = 1024 +CIPHER = RSA +fee_refund = TESTKUDOS:0.02 +fee_refresh = TESTKUDOS:0.04 +fee_deposit = TESTKUDOS:0.03 +fee_withdraw = TESTKUDOS:0.03 +duration_legal = 3 years +duration_spend = 2 years +duration_withdraw = 7 days +value = TESTKUDOS:4 + +[coin_kudos_2] +rsa_keysize = 1024 +CIPHER = RSA +fee_refund = TESTKUDOS:0.02 +fee_refresh = TESTKUDOS:0.04 +fee_deposit = TESTKUDOS:0.03 +fee_withdraw = TESTKUDOS:0.03 +duration_legal = 3 years +duration_spend = 2 years +duration_withdraw = 7 days +value = TESTKUDOS:2 + +[coin_kudos_1] +rsa_keysize = 1024 +CIPHER = RSA +fee_refund = TESTKUDOS:0.01 +fee_refresh = TESTKUDOS:0.03 +fee_deposit = TESTKUDOS:0.02 +fee_withdraw = TESTKUDOS:0.02 +duration_legal = 3 years +duration_spend = 2 years +duration_withdraw = 7 days +value = TESTKUDOS:1 + +[coin_kudos_ct_10] +rsa_keysize = 1024 +CIPHER = RSA +fee_refund = TESTKUDOS:0.01 +fee_refresh = TESTKUDOS:0.03 +fee_deposit = TESTKUDOS:0.01 +fee_withdraw = TESTKUDOS:0.01 +duration_legal = 3 years +duration_spend = 2 years +duration_withdraw = 7 days +value = TESTKUDOS:0.10 + +[coin_kudos_ct_1] +rsa_keysize = 1024 +CIPHER = RSA +fee_refund = TESTKUDOS:0.01 +fee_refresh = TESTKUDOS:0.01 +fee_deposit = TESTKUDOS:0.01 +fee_withdraw = TESTKUDOS:0.01 +duration_legal = 3 years +duration_spend = 2 years +duration_withdraw = 7 days +value = TESTKUDOS:0.01 + +[payments-generator] +exchange = http://localhost:8081/ +exchange-admin = http://localhost:18080/ +exchange_admin = http://localhost:18080/ +merchant = http://localhost:9966/ +bank = http://localhost:8082/ +instance = default +currency = TESTKUDOS + +[merchant-exchange-default] +CURRENCY = TESTKUDOS +EXCHANGE_BASE_URL = http://localhost:8081/ +MASTER_KEY = TMQ09D9G18Z8TFEABD833SDJ6JQWRYKFHPTWT6DMPQS54ZC66RDG + +[merchant-account-merchant] +ACTIVE_default = YES +HONOR_default = YES +PAYTO_URI = payto://x-taler-bank/localhost/42 + +[exchange-accountcredentials-1] +PASSWORD = x +USERNAME = Exchange +WIRE_GATEWAY_AUTH_METHOD = basic +WIRE_GATEWAY_URL = http://localhost:8082/taler-wire-gateway/Exchange/ + +[exchange-account-1] +enable_credit = yes +enable_debit = yes +PAYTO_URI = payto://x-taler-bank/localhost/Exchange + +[instance-default] +NAME = Merchant Inc. +KEYFILE = ${TALER_DATA_HOME}/merchant/default.priv + +[taler] +CURRENCY_ROUND_UNIT = TESTKUDOS:0.01 +CURRENCY = TESTKUDOS + +[merchantdb-postgres] +CONFIG = postgres:///auditor-basedb + +[merchant] +DEFAULT_MAX_WIRE_FEE = TESTKUDOS:0.10 +KEYFILE = ${TALER_DATA_HOME}/merchant/merchant.priv +DEFAULT_MAX_DEPOSIT_FEE = TESTKUDOS:0.1 +WIREFORMAT = default +WIRE_TRANSFER_DELAY = 1 minute +FORCE_AUDIT = YES +UNIXPATH = ${TALER_RUNTIME_DIR}/merchant.http + +[exchangedb-postgres] +CONFIG = postgres:///auditor-basedb + +[exchange] +LOOKAHEAD_SIGN = 32 weeks 1 day +SIGNKEY_DURATION = 4 weeks +MASTER_PUBLIC_KEY = TMQ09D9G18Z8TFEABD833SDJ6JQWRYKFHPTWT6DMPQS54ZC66RDG +SIGNKEY_LEGAL_DURATION = 4 weeks +UNIXPATH = ${TALER_RUNTIME_DIR}/exchange.http + +[bank] +SERVE = http +ALLOW_REGISTRATIONS = YES +SUGGESTED_EXCHANGE_PAYTO = payto://x-taler-bank/localhost/2 +SUGGESTED_EXCHANGE = http://localhost:8081/ +HTTP_PORT = 8082 +MAX_DEBT_BANK = TESTKUDOS:100000.0 +MAX_DEBT = TESTKUDOS:50.0 +DATABASE = postgres:///taler-auditor-basedb + +[auditordb-postgres] +CONFIG = postgres:///taler-auditor-basedb + +[auditor] +PUBLIC_KEY = 95FVPHMW4110HTPVSGMT2YMDE2BSGXZEV5WSV0TD1DXMF2RQ5HN0 +TINY_AMOUNT = TESTKUDOS:0.01 +BASE_URL = http://localhost:8083/ + +[PATHS] +TALER_CACHE_HOME = $TALER_HOME/.cache/taler/ +TALER_CONFIG_HOME = $TALER_HOME/.config/taler/ +TALER_DATA_HOME = $TALER_HOME/.local/share/taler/ +TALER_HOME = ${PWD}/generate_auditordb_home/ diff --git a/src/auditor/generate-auditor-basedb.sh b/src/auditor/generate-auditor-basedb.sh index 41c91d32..d05ceb52 100755 --- a/src/auditor/generate-auditor-basedb.sh +++ b/src/auditor/generate-auditor-basedb.sh @@ -41,9 +41,9 @@ BASEDB=${1:-"auditor-basedb"}  # Name of the Postgres database we will use for the script.  # Will be dropped, do NOT use anything that might be used  # elsewhere -TARGET_DB=taler-auditor-basedb +export TARGET_DB=${BASEDB} -WALLET_DB=${BASEDB:-"wallet"}.wdb +export WALLET_DB=${BASEDB:-"wallet"}.wdb  # delete existing wallet database  rm -f $WALLET_DB diff --git a/src/auditor/generate-revoke-basedb.sh b/src/auditor/generate-revoke-basedb.sh index 09d18b0b..e3795c72 100755 --- a/src/auditor/generate-revoke-basedb.sh +++ b/src/auditor/generate-revoke-basedb.sh @@ -32,7 +32,7 @@ export BASEDB=${1:-"revoke-basedb"}  # Name of the Postgres database we will use for the script.  # Will be dropped, do NOT use anything that might be used  # elsewhere -export TARGET_DB=taler-auditor-revokedb +export TARGET_DB=${BASEDB}  TMP_DIR=`mktemp -d revocation-tmp-XXXXXX`  export WALLET_DB=wallet-revocation.json  rm -f $WALLET_DB diff --git a/src/auditor/report-lib.c b/src/auditor/report-lib.c index 0888f47a..5337b17b 100644 --- a/src/auditor/report-lib.c +++ b/src/auditor/report-lib.c @@ -186,6 +186,7 @@ TALER_ARL_get_denomination_info_by_hash (                                                     NULL);      if (0 > qs)      { +      GNUNET_break (0);        *issue = NULL;        return qs;      } @@ -211,6 +212,7 @@ TALER_ARL_get_denomination_info_by_hash (                                                 &issue);      if (qs <= 0)      { +      GNUNET_break (qs >= 0);        if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs)          GNUNET_log (GNUNET_ERROR_TYPE_INFO,                      "Denomination %s not found\n", @@ -598,38 +600,34 @@ TALER_ARL_init (const struct GNUNET_CONFIGURATION_Handle *c)    if (GNUNET_is_zero (&TALER_ARL_auditor_pub))    { -    /* private key not available, try configuration for public key */      char *auditor_public_key_str; -    if (GNUNET_OK != +    if (GNUNET_OK ==          GNUNET_CONFIGURATION_get_value_string (c,                                                 "auditor",                                                 "PUBLIC_KEY",                                                 &auditor_public_key_str))      { -      GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, -                                 "auditor", -                                 "PUBLIC_KEY"); -      return GNUNET_SYSERR; -    } -    if (GNUNET_OK != -        GNUNET_CRYPTO_eddsa_public_key_from_string ( -          auditor_public_key_str, -          strlen (auditor_public_key_str), -          &TALER_ARL_auditor_pub.eddsa_pub)) -    { -      GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, -                                 "auditor", -                                 "PUBLIC_KEY", -                                 "invalid key"); +      if (GNUNET_OK != +          GNUNET_CRYPTO_eddsa_public_key_from_string ( +            auditor_public_key_str, +            strlen (auditor_public_key_str), +            &TALER_ARL_auditor_pub.eddsa_pub)) +      { +        GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, +                                   "auditor", +                                   "PUBLIC_KEY", +                                   "invalid key"); +        GNUNET_free (auditor_public_key_str); +        return GNUNET_SYSERR; +      }        GNUNET_free (auditor_public_key_str); -      return GNUNET_SYSERR;      } -    GNUNET_free (auditor_public_key_str);    }    if (GNUNET_is_zero (&TALER_ARL_auditor_pub))    { +    /* public key not configured */      /* try loading private key and deriving public key */      char *fn; @@ -656,6 +654,14 @@ TALER_ARL_init (const struct GNUNET_CONFIGURATION_Handle *c)      }    } +  if (GNUNET_is_zero (&TALER_ARL_auditor_pub)) +  { +    GNUNET_log_config_missing (GNUNET_ERROR_TYPE_INFO, +                               "auditor", +                               "PUBLIC_KEY/AUDITOR_PRIV_FILE"); +    return GNUNET_SYSERR; +  } +    if (GNUNET_OK !=        TALER_config_get_currency (TALER_ARL_cfg,                                   &TALER_ARL_currency)) diff --git a/src/auditor/test-auditor.conf b/src/auditor/revoke-basedb.conf index da440c60..da440c60 100644 --- a/src/auditor/test-auditor.conf +++ b/src/auditor/revoke-basedb.conf diff --git a/src/auditor/taler-helper-auditor-aggregation.c b/src/auditor/taler-helper-auditor-aggregation.c index b088b615..33c51731 100644 --- a/src/auditor/taler-helper-auditor-aggregation.c +++ b/src/auditor/taler-helper-auditor-aggregation.c @@ -390,7 +390,7 @@ struct WireCheckContext   * @param[out] deposit_gain amount the coin contributes excluding refunds   * @return #GNUNET_OK on success, #GNUNET_SYSERR if the transaction must fail (hard error)   */ -static int +static enum GNUNET_GenericReturnValue  check_transaction_history_for_deposit (    const struct TALER_CoinSpendPublicKeyP *coin_pub,    const struct TALER_PrivateContractHashP *h_contract_terms, @@ -683,6 +683,7 @@ check_transaction_history_for_deposit (   * @param rowid which row in the table is the information from (for diagnostics)   * @param merchant_pub public key of the merchant (should be same for all callbacks with the same @e cls)   * @param account_pay_uri where did we transfer the funds? + * @param h_payto hash over @a account_payto_uri as it is in the DB   * @param exec_time execution time of the wire transfer (should be same for all callbacks with the same @e cls)   * @param h_contract_terms which proposal was this payment about   * @param denom_pub denomination of @a coin_pub @@ -698,6 +699,7 @@ wire_transfer_information_cb (    uint64_t rowid,    const struct TALER_MerchantPublicKeyP *merchant_pub,    const char *account_pay_uri, +  const struct TALER_PaytoHashP *h_payto,    struct GNUNET_TIME_Timestamp exec_time,    const struct TALER_PrivateContractHashP *h_contract_terms,    const struct TALER_DenominationPublicKey *denom_pub, @@ -712,7 +714,18 @@ wire_transfer_information_cb (    struct TALER_EXCHANGEDB_TransactionList *tl;    struct TALER_CoinPublicInfo coin;    enum GNUNET_DB_QueryStatus qs; +  struct TALER_PaytoHashP hpt; +  TALER_payto_hash (account_pay_uri, +                    &hpt); +  if (0 != +      GNUNET_memcmp (&hpt, +                     h_payto)) +  { +    report_row_inconsistency ("wire_targets", +                              rowid, +                              "h-payto does not match payto URI"); +  }    /* Obtain coin's transaction history */    qs = TALER_ARL_edb->get_coin_transactions (TALER_ARL_edb->cls,                                               coin_pub, diff --git a/src/auditor/test-auditor.sh b/src/auditor/test-auditor.sh index 6138b3d3..2c0d2233 100755 --- a/src/auditor/test-auditor.sh +++ b/src/auditor/test-auditor.sh @@ -866,10 +866,10 @@ function test_13() {  echo "===========13: wrong melt signature ==========="  # Modify denom_sig, so it is wrong -COIN_ID=`echo "SELECT old_known_coin_id FROM refresh_commitments LIMIT 1;"  | psql $DB -Aqt` -OLD_SIG=`echo "SELECT old_coin_sig FROM refresh_commitments WHERE old_known_coin_id='$COIN_ID';" | psql $DB -Aqt` +COIN_PUB=`echo "SELECT old_coin_pub FROM refresh_commitments LIMIT 1;"  | psql $DB -Aqt` +OLD_SIG=`echo "SELECT old_coin_sig FROM refresh_commitments WHERE old_known_pub='$COIN_PUB';" | psql $DB -Aqt`  NEW_SIG="\xba588af7c13c477dca1ac458f65cc484db8fba53b969b873f4353ecbd815e6b4c03f42c0cb63a2b609c2d726e612fd8e0c084906a41f409b6a23a08a83c89a02" -echo "UPDATE refresh_commitments SET old_coin_sig='$NEW_SIG' WHERE old_known_coin_id='$COIN_ID'" | psql -Aqt $DB +echo "UPDATE refresh_commitments SET old_coin_sig='$NEW_SIG' WHERE old_coin_pub='$COIN_PUB'" | psql -Aqt $DB  run_audit @@ -943,42 +943,27 @@ fi  } - -# Test where h_wire in the deposit table is wrong +# Test where salt in the deposit table is wrong  function test_15() { -echo "===========15: deposit wire hash wrong=================" +echo "===========15: deposit wire salt wrong=================" -# Check wire transfer lag reported (no aggregator!) +# Modify wire_salt hash, so it is inconsistent +SALT=`echo "SELECT wire_salt FROM deposits WHERE deposit_serial_id=1;" | psql -Aqt $DB` +echo "UPDATE deposits SET wire_salt='\x1197cd7f7b0e13ab1905fedb36c536a2' WHERE deposit_serial_id=1;" | psql -Aqt $DB -# NOTE: This test is EXPECTED to fail for ~1h after -# re-generating the test database as we do not -# report lag of less than 1h (see GRACE_PERIOD in -# taler-helper-auditor-wire.c) -if [ $DATABASE_AGE -gt 3600 ] -then - -    # Modify h_wire hash, so it is inconsistent with 'wire' -    echo "UPDATE deposits SET h_wire='\x973e52d193a357940be9ef2939c19b0575ee1101f52188c3c01d9005b7d755c397e92624f09cfa709104b3b65605fe5130c90d7e1b7ee30f8fc570f39c16b853' WHERE deposit_serial_id=1" | psql -Aqt $DB - -    # The auditor checks h_wire consistency only for -    # coins where the wire transfer has happened, hence -    # run aggregator first to get this test to work. -    run_audit aggregator +run_audit -    echo -n "Testing inconsistency detection... " -    TABLE=`jq -r .row_inconsistencies[0].table < test-audit-aggregation.json` -    if test "x$TABLE" != "xaggregation" -a "x$TABLE" != "xdeposits" -    then -        exit_fail "Reported table wrong: $TABLE" -    fi -    echo PASS +echo -n "Testing inconsistency detection... " +OP=`jq -r .bad_sig_losses[0].operation < test-audit-coins.json` +if test "x$OP" != "xdeposit" +then +    exit_fail "Reported operation wrong: $OP" +fi +echo PASS -    # cannot easily undo aggregator, hence full reload -    full_reload +# Restore DB +echo "UPDATE deposits SET wire_salt='$SALT' WHERE deposit_serial_id=1;" | psql -Aqt $DB -else -    echo "Test skipped (database too new)" -fi  } @@ -1181,14 +1166,14 @@ then      OLD_TIME=`echo "SELECT execution_date FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt`      OLD_VAL=`echo "SELECT credit_val FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` -    RES_UUID=`echo "SELECT reserve_uuid FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` -    OLD_EXP=`echo "SELECT expiration_date FROM reserves WHERE reserve_uuid='${RES_UUID}';" | psql $DB -Aqt` +    RES_PUB=`echo "SELECT reserve_pub FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` +    OLD_EXP=`echo "SELECT expiration_date FROM reserves WHERE reserve_pub='${RES_PUB}';" | psql $DB -Aqt`      VAL_DELTA=1      NEW_TIME=`expr $OLD_TIME - 3024000000000 || true`  # 5 weeks      NEW_EXP=`expr $OLD_EXP - 3024000000000 || true`  # 5 weeks      NEW_CREDIT=`expr $OLD_VAL + $VAL_DELTA || true`      echo "UPDATE reserves_in SET execution_date='${NEW_TIME}',credit_val=${NEW_CREDIT} WHERE reserve_in_serial_id=1;" | psql -Aqt $DB -    echo "UPDATE reserves SET current_balance_val=${VAL_DELTA}+current_balance_val,expiration_date='${NEW_EXP}' WHERE reserve_uuid='${RES_UUID}';" | psql -Aqt $DB +    echo "UPDATE reserves SET current_balance_val=${VAL_DELTA}+current_balance_val,expiration_date='${NEW_EXP}' WHERE reserve_pub='${RES_PUB}';" | psql -Aqt $DB      # Need to run with the aggregator so the reserve closure happens      run_audit aggregator @@ -1219,11 +1204,11 @@ echo "===========20: reserve closure missing ================="  OLD_TIME=`echo "SELECT execution_date FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt`  OLD_VAL=`echo "SELECT credit_val FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` -RES_UUID=`echo "SELECT reserve_uuid FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` +RES_PUB=`echo "SELECT reserve_pub FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt`  NEW_TIME=`expr $OLD_TIME - 3024000000000 || true`  # 5 weeks  NEW_CREDIT=`expr $OLD_VAL + 100 || true`  echo "UPDATE reserves_in SET execution_date='${NEW_TIME}',credit_val=${NEW_CREDIT} WHERE reserve_in_serial_id=1;" | psql -Aqt $DB -echo "UPDATE reserves SET current_balance_val=100+current_balance_val WHERE reserve_uuid='${RES_UUID}';" | psql -Aqt $DB +echo "UPDATE reserves SET current_balance_val=100+current_balance_val WHERE reserve_pub='${RES_PUB}';" | psql -Aqt $DB  # This time, run without the aggregator so the reserve closure is skipped!  run_audit @@ -1240,7 +1225,7 @@ fi  # Undo  echo "UPDATE reserves_in SET execution_date='${OLD_TIME}',credit_val=${OLD_VAL} WHERE reserve_in_serial_id=1;" | psql -Aqt $DB -echo "UPDATE reserves SET current_balance_val=current_balance_val-100 WHERE reserve_uuid='${RES_UUID}';" | psql -Aqt $DB +echo "UPDATE reserves SET current_balance_val=current_balance_val-100 WHERE reserve_pub='${RES_PUB}';" | psql -Aqt $DB  } @@ -1259,19 +1244,18 @@ then      OLD_TIME=`echo "SELECT execution_date FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt`      OLD_VAL=`echo "SELECT credit_val FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` -    RES_UUID=`echo "SELECT reserve_uuid FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` -    OLD_EXP=`echo "SELECT expiration_date FROM reserves WHERE reserve_uuid='${RES_UUID}';" | psql $DB -Aqt` +    RES_PUB=`echo "SELECT reserve_pub FROM reserves_in WHERE reserve_in_serial_id=1;" | psql $DB -Aqt` +    OLD_EXP=`echo "SELECT expiration_date FROM reserves WHERE reserve_pub='${RES_PUB}';" | psql $DB -Aqt`      VAL_DELTA=1      NEW_TIME=`expr $OLD_TIME - 3024000000000 || true`  # 5 weeks      NEW_EXP=`expr $OLD_EXP - 3024000000000 || true`  # 5 weeks      NEW_CREDIT=`expr $OLD_VAL + $VAL_DELTA || true`      echo "UPDATE reserves_in SET execution_date='${NEW_TIME}',credit_val=${NEW_CREDIT} WHERE reserve_in_serial_id=1;" | psql -Aqt $DB -    echo "UPDATE reserves SET current_balance_val=${VAL_DELTA}+current_balance_val,expiration_date='${NEW_EXP}' WHERE reserve_uuid='${RES_UUID}';" | psql -Aqt $DB +    echo "UPDATE reserves SET current_balance_val=${VAL_DELTA}+current_balance_val,expiration_date='${NEW_EXP}' WHERE reserve_pub='${RES_PUB}';" | psql -Aqt $DB      # Need to first run the aggregator so the transfer is marked as done exists      pre_audit aggregator -      # remove transaction from bank DB      echo "DELETE FROM app_banktransaction WHERE debit_account_id=2 AND amount='TESTKUDOS:${VAL_DELTA}';" | psql -Aqt $DB @@ -1312,7 +1296,7 @@ S_DENOM=`echo 'SELECT denominations_serial FROM reserves_out LIMIT 1;' | psql $D  OLD_START=`echo "SELECT valid_from FROM denominations WHERE denominations_serial='${S_DENOM}';" | psql $DB -Aqt`  OLD_WEXP=`echo "SELECT expire_withdraw FROM denominations WHERE denominations_serial='${S_DENOM}';" | psql $DB -Aqt`  # Basically expires 'immediately', so that the withdraw must have been 'invalid' -NEW_WEXP=`expr $OLD_START + 1 || true` +NEW_WEXP=$OLD_START  echo "UPDATE denominations SET expire_withdraw=${NEW_WEXP} WHERE denominations_serial='${S_DENOM}';" | psql -Aqt $DB @@ -1320,7 +1304,7 @@ echo "UPDATE denominations SET expire_withdraw=${NEW_WEXP} WHERE denominations_s  run_audit  echo -n "Testing inconsistency detection... " -jq -e .denomination_key_validity_withdraw_inconsistencies[0] < test-audit-reserves.json > /dev/null || exit_fail "Denomination key withdraw inconsistency not detected" +jq -e .denomination_key_validity_withdraw_inconsistencies[0] < test-audit-reserves.json > /dev/null || exit_fail "Denomination key withdraw inconsistency for $S_DENOM not detected"  echo PASS @@ -1793,6 +1777,50 @@ fi +# Test where h_payto in the wire_targets table is wrong +function test_33() { +echo "===========33: h_payto wrong=================" + +# Check wire transfer lag reported (no aggregator!) +# NOTE: this test is BRAND NEW and expected +# to fail until we implement the check in the auditor! + +# NOTE: This test is EXPECTED to fail for ~1h after +# re-generating the test database as we do not +# report lag of less than 1h (see GRACE_PERIOD in +# taler-helper-auditor-wire.c) +if [ $DATABASE_AGE -gt 3600 ] +then + +    # Modify h_payto hash, so it is inconsistent with 'wire' +    WTSID=`echo "SELECT wire_target_serial_id FROM deposits WHERE deposit_serial_id=1;" | psql -Aqt $DB` +    echo "UPDATE wire_targets SET h_payto='\x973e52d193a357940be9ef2939c19b0575ee1101f52188c3c01d9005b7d755c397e92624f09cfa709104b3b65605fe5130c90d7e1b7ee30f8fc570f39c16b853' WHERE wire_target_serial_id=$WTSID" | psql -Aqt $DB + +    # The auditor checks h_wire consistency only for +    # coins where the wire transfer has happened, hence +    # run aggregator first to get this test to work. +    run_audit aggregator + +    echo -n "Testing inconsistency detection... " +    TABLE=`jq -r .row_inconsistencies[0].table < test-audit-aggregation.json` +    if test "x$TABLE" != "xwire_targets" +    then +        exit_fail "Reported table wrong: $TABLE" +    fi +    echo PASS + +    # cannot easily undo aggregator, hence full reload +    full_reload + +else +    echo "Test skipped (database too new)" +fi +} + + + + +  # *************** Main test loop starts here ************** @@ -1840,10 +1868,10 @@ check_with_database()  # ####### Setup globals ######  # Postgres database to use -DB=taler-auditor-test +DB=auditor-basedb  # Configuration file to use -CONF=test-auditor.conf +CONF=${DB}.conf  # test required commands exist  echo "Testing for jq" diff --git a/src/auditor/test-revocation.sh b/src/auditor/test-revocation.sh index 76682572..06d54dc9 100755 --- a/src/auditor/test-revocation.sh +++ b/src/auditor/test-revocation.sh @@ -482,11 +482,11 @@ check_with_database()  # *************** Main logic starts here **************  # ####### Setup globals ###### -# Postgres database to use (must match test-auditor.conf) +# Postgres database to use (must match revoke-basedb.conf)  DB=taler-auditor-test  # Configuration file to use -CONF=test-auditor.conf +CONF=revoke-basedb.conf  # test required commands exist  echo "Testing for jq" diff --git a/src/exchange/taler-exchange-httpd_transfers_get.c b/src/exchange/taler-exchange-httpd_transfers_get.c index 99946a32..5b914c41 100644 --- a/src/exchange/taler-exchange-httpd_transfers_get.c +++ b/src/exchange/taler-exchange-httpd_transfers_get.c @@ -260,6 +260,7 @@ struct WtidTransactionContext   * @param rowid which row in the DB is the information from (for diagnostics), ignored   * @param merchant_pub public key of the merchant (should be same for all callbacks with the same @e cls)   * @param account_payto_uri where the funds were sent + * @param h_payto hash over @a account_payto_uri as it is in the DB   * @param exec_time execution time of the wire transfer (should be same for all callbacks with the same @e cls)   * @param h_contract_terms which proposal was this payment about   * @param denom_pub denomination public key of the @a coin_pub (ignored) @@ -272,6 +273,7 @@ handle_deposit_data (void *cls,                       uint64_t rowid,                       const struct TALER_MerchantPublicKeyP *merchant_pub,                       const char *account_payto_uri, +                     const struct TALER_PaytoHashP *h_payto,                       struct GNUNET_TIME_Timestamp exec_time,                       const struct TALER_PrivateContractHashP *h_contract_terms,                       const struct TALER_DenominationPublicKey *denom_pub, diff --git a/src/exchangedb/exchange-0001.sql b/src/exchangedb/exchange-0001.sql index baf0056b..272ee84b 100644 --- a/src/exchangedb/exchange-0001.sql +++ b/src/exchangedb/exchange-0001.sql @@ -88,7 +88,7 @@ CREATE TABLE IF NOT EXISTS wire_targets_default    PARTITION OF wire_targets    FOR VALUES WITH (MODULUS 1, REMAINDER 0); --- FIXME partition by serial_id rather than h_payto,  +-- FIXME partition by serial_id rather than h_payto,  -- it is used more in join conditions - crucial for sharding to select this.  -- Author: (Boss Marco)  CREATE INDEX IF NOT EXISTS wire_targets_serial_id_index @@ -108,19 +108,19 @@ DECLARE    partition_str VARCHAR;  BEGIN -  table_name = CASE  +  table_name = CASE    shard_suffix -  WHEN '' THEN  +  WHEN '' THEN      'reserves' -  ELSE  +  ELSE      'reserves_' || shard_suffix    END; -  partition_str = CASE  +  partition_str = CASE    shard_suffix -  WHEN '' THEN  +  WHEN '' THEN      'PARTITION BY HASH (reserve_pub);' -  ELSE  +  ELSE      ';'    END; @@ -189,19 +189,19 @@ DECLARE    partition_str VARCHAR;  BEGIN -  table_name = CASE  +  table_name = CASE    shard_suffix -  WHEN '' THEN  +  WHEN '' THEN      'reserves_in' -  ELSE  +  ELSE      'reserves_in_' || shard_suffix    END; -  partition_str = CASE  +  partition_str = CASE    shard_suffix -  WHEN '' THEN  +  WHEN '' THEN      'PARTITION BY HASH (reserve_pub);' -  ELSE  +  ELSE      ';'    END; @@ -267,19 +267,19 @@ DECLARE    partition_str VARCHAR;  BEGIN -  table_name = CASE  +  table_name = CASE    shard_suffix -  WHEN '' THEN  +  WHEN '' THEN      'reserves_close' -  ELSE  +  ELSE      'reserves_close_' || shard_suffix    END; -  partition_str = CASE  +  partition_str = CASE    shard_suffix -  WHEN '' THEN  +  WHEN '' THEN      'PARTITION BY HASH (reserve_pub);' -  ELSE  +  ELSE      ';'    END; @@ -335,19 +335,19 @@ DECLARE    partition_str VARCHAR;  BEGIN -  table_name = CASE  +  table_name = CASE    shard_suffix -  WHEN '' THEN  +  WHEN '' THEN      'reserves_out' -  ELSE  +  ELSE      'reserves_out_' || shard_suffix    END; -  partition_str = CASE  +  partition_str = CASE    shard_suffix -  WHEN '' THEN  +  WHEN '' THEN      'PARTITION BY HASH (h_blind_ev);' -  ELSE  +  ELSE      ';'    END; @@ -488,19 +488,19 @@ DECLARE    partition_str VARCHAR;  BEGIN -  table_name = CASE  +  table_name = CASE    shard_suffix -  WHEN '' THEN  +  WHEN '' THEN      'known_coins' -  ELSE  +  ELSE      'known_coins_' || shard_suffix    END; -  partition_str = CASE  +  partition_str = CASE    shard_suffix -  WHEN '' THEN  +  WHEN '' THEN      'PARTITION BY HASH (coin_pub);' -- FIXME: or include denominations_serial? or multi-level partitioning? -  ELSE  +  ELSE      ';'    END; @@ -559,19 +559,19 @@ DECLARE    partition_str VARCHAR;  BEGIN -  table_name = CASE  +  table_name = CASE    shard_suffix -  WHEN '' THEN  +  WHEN '' THEN      'refresh_commitments' -  ELSE  +  ELSE      'refresh_commitments_' || shard_suffix    END; -  partition_str = CASE  +  partition_str = CASE    shard_suffix -  WHEN '' THEN  +  WHEN '' THEN      'PARTITION BY HASH (rc);' -  ELSE  +  ELSE      ';'    END; @@ -632,19 +632,19 @@ DECLARE    partition_str VARCHAR;  BEGIN -  table_name = CASE  +  table_name = CASE    shard_suffix -  WHEN '' THEN  +  WHEN '' THEN      'refresh_revealed_coins' -  ELSE  +  ELSE      'refresh_revealed_coins_' || shard_suffix    END; -  partition_str = CASE  +  partition_str = CASE    shard_suffix -  WHEN '' THEN  +  WHEN '' THEN      'PARTITION BY HASH (melt_serial_id);' -  ELSE  +  ELSE      ';'    END; @@ -715,19 +715,19 @@ DECLARE    partition_str VARCHAR;  BEGIN -  table_name = CASE  +  table_name = CASE    shard_suffix -  WHEN '' THEN  +  WHEN '' THEN      'refresh_transfer_keys' -  ELSE  +  ELSE      'refresh_transfer_keys_' || shard_suffix    END; -  partition_str = CASE  +  partition_str = CASE    shard_suffix -  WHEN '' THEN  +  WHEN '' THEN      'PARTITION BY HASH (melt_serial_id);' -  ELSE  +  ELSE      ';'    END; @@ -790,19 +790,19 @@ DECLARE    partition_str VARCHAR;  BEGIN -  table_name = CASE  +  table_name = CASE    shard_suffix -  WHEN '' THEN  +  WHEN '' THEN      'deposits' -  ELSE  +  ELSE      'deposits_' || shard_suffix    END; -  partition_str = CASE  +  partition_str = CASE    shard_suffix -  WHEN '' THEN  +  WHEN '' THEN      'PARTITION BY HASH (shard);' -  ELSE  +  ELSE      ';'    END; @@ -902,19 +902,19 @@ DECLARE    partition_str VARCHAR;  BEGIN -  table_name = CASE  +  table_name = CASE    shard_suffix -  WHEN '' THEN  +  WHEN '' THEN      'refunds' -  ELSE  +  ELSE      'refunds_' || shard_suffix    END; -  partition_str = CASE  +  partition_str = CASE    shard_suffix -  WHEN '' THEN  +  WHEN '' THEN      'PARTITION BY HASH (deposit_serial_id);' -  ELSE  +  ELSE      ';'    END; @@ -969,19 +969,19 @@ DECLARE    partition_str VARCHAR;  BEGIN -  table_name = CASE  +  table_name = CASE    shard_suffix -  WHEN '' THEN  +  WHEN '' THEN      'wire_out' -  ELSE  +  ELSE      'wire_out_' || shard_suffix    END; -  partition_str = CASE  +  partition_str = CASE    shard_suffix -  WHEN '' THEN  +  WHEN '' THEN      'PARTITION BY HASH (wtid_raw);' -  ELSE  +  ELSE      ';'    END; @@ -1037,19 +1037,19 @@ DECLARE    partition_str VARCHAR;  BEGIN -  table_name = CASE  +  table_name = CASE    shard_suffix -  WHEN '' THEN  +  WHEN '' THEN      'aggregation_tracking' -  ELSE  +  ELSE      'aggregation_tracking_' || shard_suffix    END; -  partition_str = CASE  +  partition_str = CASE    shard_suffix -  WHEN '' THEN  +  WHEN '' THEN      'PARTITION BY HASH (deposit_serial_id);' -  ELSE  +  ELSE      ';'    END; @@ -1123,19 +1123,19 @@ DECLARE    partition_str VARCHAR;  BEGIN -  table_name = CASE  +  table_name = CASE    shard_suffix -  WHEN '' THEN  +  WHEN '' THEN      'recoup' -  ELSE  +  ELSE      'recoup_' || shard_suffix    END; -  partition_str = CASE  +  partition_str = CASE    shard_suffix -  WHEN '' THEN  +  WHEN '' THEN      'PARTITION BY HASH (known_coin_id);' -  ELSE  +  ELSE      ';'    END; @@ -1199,19 +1199,19 @@ DECLARE    partition_str VARCHAR;  BEGIN -  table_name = CASE  +  table_name = CASE    shard_suffix -  WHEN '' THEN  +  WHEN '' THEN      'recoup_refresh' -  ELSE  +  ELSE      'recoup_refresh_' || shard_suffix    END; -  partition_str = CASE  +  partition_str = CASE    shard_suffix -  WHEN '' THEN  +  WHEN '' THEN      'PARTITION BY HASH (known_coin_id);' -  ELSE  +  ELSE      ';'    END; @@ -1273,19 +1273,19 @@ DECLARE    partition_str VARCHAR;  BEGIN -  table_name = CASE  +  table_name = CASE    shard_suffix -  WHEN '' THEN  +  WHEN '' THEN      'prewire' -  ELSE  +  ELSE      'prewire_' || shard_suffix    END; -  partition_str = CASE  +  partition_str = CASE    shard_suffix -  WHEN '' THEN  +  WHEN '' THEN      'PARTITION BY HASH (prewire_uuid);' -  ELSE  +  ELSE      ';'    END; @@ -1697,8 +1697,8 @@ IF EXISTS (    SELECT 1      FROM information_Schema.constraint_column_usage     WHERE table_name='wire_out' -     AND constraint_name='wire_out_ref')  -THEN  +     AND constraint_name='wire_out_ref') +THEN    SET CONSTRAINTS wire_out_ref DEFERRED;  END IF; diff --git a/src/exchangedb/plugin_exchangedb_postgres.c b/src/exchangedb/plugin_exchangedb_postgres.c index 2476fcfd..1ee401bc 100644 --- a/src/exchangedb/plugin_exchangedb_postgres.c +++ b/src/exchangedb/plugin_exchangedb_postgres.c @@ -1240,6 +1240,7 @@ prepare_statements (struct PostgresClosure *pg)        " aggregation_serial_id"        ",deposits.h_contract_terms"        ",payto_uri" +      ",h_payto"        ",kc.coin_pub"        ",deposits.merchant_pub"        ",wire_out.execution_date" @@ -7160,6 +7161,7 @@ handle_wt_result (void *cls,      uint64_t rowid;      struct TALER_PrivateContractHashP h_contract_terms;      struct TALER_CoinSpendPublicKeyP coin_pub; +    struct TALER_PaytoHashP h_payto;      struct TALER_MerchantPublicKeyP merchant_pub;      struct GNUNET_TIME_Timestamp exec_time;      struct TALER_Amount amount_with_fee; @@ -7172,6 +7174,8 @@ handle_wt_result (void *cls,                                              &h_contract_terms),        GNUNET_PQ_result_spec_string ("payto_uri",                                      &payto_uri), +      GNUNET_PQ_result_spec_auto_from_type ("h_payto", +                                            &h_payto),        TALER_PQ_result_spec_denom_pub ("denom_pub",                                        &denom_pub),        GNUNET_PQ_result_spec_auto_from_type ("coin_pub", @@ -7200,6 +7204,7 @@ handle_wt_result (void *cls,               rowid,               &merchant_pub,               payto_uri, +             &h_payto,               exec_time,               &h_contract_terms,               &denom_pub, diff --git a/src/exchangedb/test_exchangedb.c b/src/exchangedb/test_exchangedb.c index a3652a50..497d6140 100644 --- a/src/exchangedb/test_exchangedb.c +++ b/src/exchangedb/test_exchangedb.c @@ -536,6 +536,7 @@ cb_wt_never (void *cls,               uint64_t serial_id,               const struct TALER_MerchantPublicKeyP *merchant_pub,               const char *account_payto_uri, +             const struct TALER_PaytoHashP *h_payto,               struct GNUNET_TIME_Timestamp exec_time,               const struct TALER_PrivateContractHashP *h_contract_terms,               const struct TALER_DenominationPublicKey *denom_pub, @@ -576,6 +577,7 @@ cb_wt_check (void *cls,               uint64_t rowid,               const struct TALER_MerchantPublicKeyP *merchant_pub,               const char *account_payto_uri, +             const struct TALER_PaytoHashP *h_payto,               struct GNUNET_TIME_Timestamp exec_time,               const struct TALER_PrivateContractHashP *h_contract_terms,               const struct TALER_DenominationPublicKey *denom_pub, diff --git a/src/include/taler_exchangedb_plugin.h b/src/include/taler_exchangedb_plugin.h index dfe9ab7f..80cab782 100644 --- a/src/include/taler_exchangedb_plugin.h +++ b/src/include/taler_exchangedb_plugin.h @@ -1950,6 +1950,7 @@ typedef void   * @param rowid which row in the table is the information from (for diagnostics)   * @param merchant_pub public key of the merchant (should be same for all callbacks with the same @e cls)   * @param account_payto_uri which account did the transfer go to? + * @param h_payto hash over @a account_payto_uri as it is in the DB   * @param exec_time execution time of the wire transfer (should be same for all callbacks with the same @e cls)   * @param h_contract_terms which proposal was this payment about   * @param denom_pub denomination of @a coin_pub @@ -1963,6 +1964,7 @@ typedef void    uint64_t rowid,    const struct TALER_MerchantPublicKeyP *merchant_pub,    const char *account_payto_uri, +  const struct TALER_PaytoHashP *h_payto,    struct GNUNET_TIME_Timestamp exec_time,    const struct TALER_PrivateContractHashP *h_contract_terms,    const struct TALER_DenominationPublicKey *denom_pub, diff --git a/src/pq/pq_result_helper.c b/src/pq/pq_result_helper.c index 1115a130..68cbbcd4 100644 --- a/src/pq/pq_result_helper.c +++ b/src/pq/pq_result_helper.c @@ -97,6 +97,20 @@ extract_amount_nbo_helper (PGresult *result,    r_amount_nbo->fraction = *(uint32_t *) PQgetvalue (result,                                                       row,                                                       frac_num); +  if (GNUNET_ntohll (r_amount_nbo->value) >= TALER_AMOUNT_MAX_VALUE) +  { +    GNUNET_log (GNUNET_ERROR_TYPE_ERROR, +                "Field `%s' exceeds legal range\n", +                val_name); +    return GNUNET_SYSERR; +  } +  if (ntohl (r_amount_nbo->fraction) >= TALER_AMOUNT_FRAC_BASE) +  { +    GNUNET_log (GNUNET_ERROR_TYPE_ERROR, +                "Field `%s' exceeds legal range\n", +                frac_name); +    return GNUNET_SYSERR; +  }    len = GNUNET_MIN (TALER_CURRENCY_LEN - 1,                      strlen (currency));    memcpy (r_amount_nbo->currency, diff --git a/src/testing/test_auditor_api-cs.conf b/src/testing/test_auditor_api-cs.conf index fbd84461..3a909245 100644 --- a/src/testing/test_auditor_api-cs.conf +++ b/src/testing/test_auditor_api-cs.conf @@ -27,7 +27,7 @@ BASE_URL = "http://localhost:8083/"  # HTTP port the auditor listens to  PORT = 8083 - +PUBLIC_KEY = XNYZPJJ6YPSQ4C6QPW120ACG9B5E5GBTTSYWXDMDB6G4X74TDBPG  TINY_AMOUNT = EUR:0.01  [exchange] diff --git a/src/testing/test_auditor_api-rsa.conf b/src/testing/test_auditor_api-rsa.conf index 95eb47b3..e226abb2 100644 --- a/src/testing/test_auditor_api-rsa.conf +++ b/src/testing/test_auditor_api-rsa.conf @@ -27,6 +27,7 @@ BASE_URL = "http://localhost:8083/"  # HTTP port the auditor listens to  PORT = 8083 +PUBLIC_KEY = XNYZPJJ6YPSQ4C6QPW120ACG9B5E5GBTTSYWXDMDB6G4X74TDBPG  TINY_AMOUNT = EUR:0.01 | 
