taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge branch 'master' of ssh://git.taler.net/exchange

Browse Source
This commit is contained in:
Özgür Kesim 2023-07-26 04:05:39 +02:00
commit 0f17931b10
Signed by: oec
GPG Key ID: 3D76A56D79EDD9D7
9 changed files with 1272 additions and 364 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/auditor/Makefile.am
View File

@ -207,12 +207,12 @@ taler_auditor_sync_CPPFLAGS = \
check_SCRIPTS = \
test-auditor.sh \
test-kyc.sh \
test-revocation.sh \
test-sync.sh
.NOTPARALLEL:
# revocation test disabled for now: need working wallet first!
TESTS = $(check_SCRIPTS)
# TESTS = $(check_SCRIPTS)
EXTRA_DIST = \
taler-auditor.in \
@ -223,5 +223,6 @@ EXTRA_DIST = \
test-sync-out.conf \
generate-auditor-basedb.sh \
generate-auditor-basedb.conf \
generate-kyc-basedb.conf \
generate-revoke-basedb.sh \
$(check_SCRIPTS)

33
src/auditor/generate-auditor-basedb.sh
View File

@ -12,16 +12,41 @@
#
set -eu
# Where do we write the result?
BASEDB="$1"
. setup.sh
CONF="generate-auditor-basedb.conf"
# Parse command-line options
while getopts ':c:d:h' OPTION; do
case "$OPTION" in
c)
CONF="$OPTARG"
;;
d)
BASEDB="$OPTARG"
;;
h)
echo 'Supported options:'
# shellcheck disable=SC2016
echo ' -c $CONF -- set configuration'
# shellcheck disable=SC2016
echo ' -d $DB -- set database name'
;;
?)
exit_fail "Unrecognized command line option"
;;
esac
done
# Where do we write the result?
if [ ! -v BASEDB ]
then
exit_fail "-d option required"
fi
echo -n "Testing for curl ..."
curl --help >/dev/null </dev/null || exit_skip " MISSING"
echo " FOUND"
CONF="generate-auditor-basedb.conf"
# reset database
echo -n "Reset 'auditor-basedb' database at $PGHOST ..."

4
src/auditor/generate-kyc-basedb.conf Normal file
View File

@ -0,0 +1,4 @@
# This file is in the public domain.
@INLINE@ generate-auditor-basedb.conf
# FIXME: add options for KYC here!

77
src/auditor/setup.sh
View File

@ -1,4 +1,4 @@
#!/bin/sh
#!/bin/bash
# This file is in the public domain
# Script to be inlined into the main test scripts. Defines function 'setup()'
@ -70,3 +70,78 @@ function get_bankaccount_transactions() {
export LIBEUFIN_SANDBOX_URL="http://localhost:18082"
libeufin-cli sandbox demobank list-transactions --bank-account $1
}
# Stop libeufin sandbox and nexus (if running)
function stop_libeufin()
{
echo -n "Stopping libeufin... "
if [ -f "${MY_TMP_DIR:-/}/libeufin-sandbox.pid" ]
then
PID=$(cat "${MY_TMP_DIR}/libeufin-sandbox.pid" 2> /dev/null)
echo "Killing libeufin sandbox $PID"
rm "${MY_TMP_DIR}/libeufin-sandbox.pid"
kill "$PID" 2> /dev/null || true
wait "$PID" || true
fi
if [ -f "${MY_TMP_DIR:-/}/libeufin-nexus.pid" ]
then
PID=$(cat "${MY_TMP_DIR}/libeufin-nexus.pid" 2> /dev/null)
echo "Killing libeufin nexus $PID"
rm "${MY_TMP_DIR}/libeufin-nexus.pid"
kill "$PID" 2> /dev/null || true
wait "$PID" || true
fi
echo "DONE"
}
function launch_libeufin () {
# shellcheck disable=SC2016
export LIBEUFIN_SANDBOX_DB_CONNECTION='jdbc:postgresql://localhost/'"${DB}"'?socketFactory=org.newsclub.net.unix.AFUNIXSocketFactory$FactoryArg&socketFactoryArg='"$SOCKETDIR"'/.s.PGSQL.5432'
libeufin-sandbox serve \
--no-auth \
--port 18082 \
> "${MY_TMP_DIR}/libeufin-sandbox-stdout.log" \
2> "${MY_TMP_DIR}/libeufin-sandbox-stderr.log" &
echo $! > "${MY_TMP_DIR}/libeufin-sandbox.pid"
# shellcheck disable=SC2016
export LIBEUFIN_NEXUS_DB_CONNECTION='jdbc:postgresql://localhost/'"${DB}"'?socketFactory=org.newsclub.net.unix.AFUNIXSocketFactory$FactoryArg&socketFactoryArg='"$SOCKETDIR"'/.s.PGSQL.5432'
libeufin-nexus serve \
--port 8082 \
2> "${MY_TMP_DIR}/libeufin-nexus-stderr.log" \
> "${MY_TMP_DIR}/libeufin-nexus-stdout.log" &
echo $! > "${MY_TMP_DIR}/libeufin-nexus.pid"
}
# Downloads new transactions from the bank.
function nexus_fetch_transactions () {
export LIBEUFIN_NEXUS_USERNAME="exchange"
export LIBEUFIN_NEXUS_PASSWORD="x"
export LIBEUFIN_NEXUS_URL="http://localhost:8082/"
libeufin-cli accounts \
fetch-transactions \
--range-type since-last \
--level report \
exchange-nexus > /dev/null
unset LIBEUFIN_NEXUS_USERNAME
unset LIBEUFIN_NEXUS_PASSWORD
unset LIBEUFIN_NEXUS_URL
}
# Instruct Nexus to all the prepared payments (= those
# POSTed to /transfer by the exchange).
function nexus_submit_to_sandbox () {
export LIBEUFIN_NEXUS_USERNAME="exchange"
export LIBEUFIN_NEXUS_PASSWORD="x"
export LIBEUFIN_NEXUS_URL="http://localhost:8082/"
libeufin-cli accounts \
submit-payments\
exchange-nexus
unset LIBEUFIN_NEXUS_USERNAME
unset LIBEUFIN_NEXUS_PASSWORD
unset LIBEUFIN_NEXUS_URL
}

71
src/auditor/test-auditor.sh
View File

@ -55,28 +55,6 @@ LIBEUFIN_SETTLE_TIME=1
. setup.sh
# Stop libeufin sandbox and nexus (if running)
function stop_libeufin()
{
echo -n "Stopping libeufin... "
if test -f ${MY_TMP_DIR:-/}/libeufin-sandbox.pid
then
PID=$(cat ${MY_TMP_DIR}/libeufin-sandbox.pid 2> /dev/null)
echo "Killing libeufin sandbox $PID"
rm "${MY_TMP_DIR}/libeufin-sandbox.pid"
kill "$PID" 2> /dev/null || true
wait "$PID" || true
fi
if test -f ${MY_TMP_DIR:-/}/libeufin-nexus.pid
then
PID=$(cat ${MY_TMP_DIR}/libeufin-nexus.pid 2> /dev/null)
echo "Killing libeufin nexus $PID"
rm "${MY_TMP_DIR}/libeufin-nexus.pid"
kill "$PID" 2> /dev/null || true
wait "$PID" || true
fi
echo "DONE"
}
# Cleanup exchange and libeufin between runs.
function cleanup()
@ -118,52 +96,6 @@ function exit_cleanup()
# Install cleanup handler (except for kill -9)
trap exit_cleanup EXIT
function launch_libeufin () {
# shellcheck disable=SC2016
export LIBEUFIN_SANDBOX_DB_CONNECTION='jdbc:postgresql://localhost/'"${DB}"'?socketFactory=org.newsclub.net.unix.AFUNIXSocketFactory$FactoryArg&socketFactoryArg='"$SOCKETDIR"'/.s.PGSQL.5432'
export MY_TMP_DIR
libeufin-sandbox serve --no-auth --port 18082 \
> "${MY_TMP_DIR}/libeufin-sandbox-stdout.log" \
2> "${MY_TMP_DIR}/libeufin-sandbox-stderr.log" &
echo $! > "${MY_TMP_DIR}/libeufin-sandbox.pid"
# shellcheck disable=SC2016
export LIBEUFIN_NEXUS_DB_CONNECTION='jdbc:postgresql://localhost/'"${DB}"'?socketFactory=org.newsclub.net.unix.AFUNIXSocketFactory$FactoryArg&socketFactoryArg='"$SOCKETDIR"'/.s.PGSQL.5432'
libeufin-nexus serve --port 8082 \
2> "${MY_TMP_DIR}/libeufin-nexus-stderr.log" \
> "${MY_TMP_DIR}/libeufin-nexus-stdout.log" &
echo $! > "${MY_TMP_DIR}/libeufin-nexus.pid"
}
# Downloads new transactions from the bank.
function nexus_fetch_transactions () {
export LIBEUFIN_NEXUS_USERNAME="exchange"
export LIBEUFIN_NEXUS_PASSWORD="x"
export LIBEUFIN_NEXUS_URL="http://localhost:8082/"
libeufin-cli accounts \
fetch-transactions \
--range-type since-last \
--level report \
exchange-nexus > /dev/null
unset LIBEUFIN_NEXUS_USERNAME
unset LIBEUFIN_NEXUS_PASSWORD
unset LIBEUFIN_NEXUS_URL
}
# Instruct Nexus to all the prepared payments (= those
# POSTed to /transfer by the exchange).
function nexus_submit_to_sandbox () {
export LIBEUFIN_NEXUS_USERNAME="exchange"
export LIBEUFIN_NEXUS_PASSWORD="x"
export LIBEUFIN_NEXUS_URL="http://localhost:8082/"
libeufin-cli accounts \
submit-payments\
exchange-nexus
unset LIBEUFIN_NEXUS_USERNAME
unset LIBEUFIN_NEXUS_PASSWORD
unset LIBEUFIN_NEXUS_URL
}
# Operations to run before the actual audit
function pre_audit () {
@ -2238,7 +2170,6 @@ function check_with_database()
{
BASEDB="$1"
CONF="$1.conf"
ORIGIN=$(pwd)
echo "Running test suite with database $BASEDB using configuration $CONF"
MASTER_PRIV_FILE="${BASEDB}.mpriv"
taler-config \
@ -2344,7 +2275,7 @@ export PGHOST
MYDIR="${MY_TMP_DIR}/basedb"
mkdir -p "${MYDIR}"
echo "Generating fresh database at $MYDIR"
if faketime -f '-1 d' ./generate-auditor-basedb.sh "$MYDIR/$DB"
if faketime -f '-1 d' ./generate-auditor-basedb.sh -d "$MYDIR/$DB"
then
echo -n "Reset 'auditor-basedb' database at $PGHOST ..."
dropdb "auditor-basedb" >/dev/null 2>/dev/null || true

784
src/auditor/test-kyc.sh Executable file
View File

@ -0,0 +1,784 @@
#!/bin/bash
#
# This file is part of TALER
# Copyright (C) 2014-2023 Taler Systems SA
#
# TALER is free software; you can redistribute it and/or modify it under the
# terms of the GNU General Public License as published by the Free Software
# Foundation; either version 3, or (at your option) any later version.
#
# TALER is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along with
# TALER; see the file COPYING. If not, If not, see <http://www.gnu.org/license>
#
#
# shellcheck disable=SC2317
# shellcheck disable=SC1091
#
#
# Setup database which was generated from a perfectly normal
# exchange-wallet interaction with KYC enabled and transactions
# blocked due to KYC and run the auditor against it.
#
# Check that the auditor report is as expected.
#
# Requires 'jq' tool and Postgres superuser rights!
#
set -eu
#set -x
# Set of numbers for all the testcases.
# When adding new tests, increase the last number:
ALL_TESTS=$(seq 0 1)
# $TESTS determines which tests we should run.
# This construction is used to make it easy to
# only run a subset of the tests. To only run a subset,
# pass the numbers of the tests to run as the FIRST
# argument to test-kyc.sh, i.e.:
#
# $ test-kyc.sh "1 3"
#
# to run tests 1 and 3 only. By default, all tests are run.
#
TESTS=${1:-$ALL_TESTS}
# Global variable to run the auditor processes under valgrind
# VALGRIND=valgrind
VALGRIND=""
# Number of seconds to let libeuifn background
# tasks apply a cycle of payment submission and
# history request.
LIBEUFIN_SETTLE_TIME=1
. setup.sh
# Cleanup exchange and libeufin between runs.
function cleanup()
{
if test ! -z "${EPID:-}"
then
echo -n "Stopping exchange $EPID..."
kill -TERM "$EPID"
wait "$EPID" || true
echo "DONE"
unset EPID
fi
stop_libeufin
}
# Cleanup to run whenever we exit
function exit_cleanup()
{
echo "Running exit-cleanup"
if test ! -z "${POSTGRES_PATH:-}"
then
echo "Stopping Postgres at ${POSTGRES_PATH}"
"${POSTGRES_PATH}/pg_ctl" \
-D "$TMPDIR" \
-l /dev/null \
stop \
&> /dev/null \
|| true
fi
cleanup
for n in $(jobs -p)
do
kill "$n" 2> /dev/null || true
done
wait || true
echo "DONE"
}
# Install cleanup handler (except for kill -9)
trap exit_cleanup EXIT
# Operations to run before the actual audit
function pre_audit () {
# Launch bank
echo -n "Launching bank"
launch_libeufin
for n in $(seq 1 80)
do
echo -n "."
sleep 0.1
OK=1
wget http://localhost:18082/ \
-o /dev/null \
-O /dev/null \
>/dev/null \
&& break
OK=0
done
if [ 1 != "$OK" ]
then
exit_skip "Failed to launch Sandbox"
fi
sleep "$LIBEUFIN_SETTLE_TIME"
for n in $(seq 1 80)
do
echo -n "."
sleep 0.1
OK=1
wget http://localhost:8082/ \
-o /dev/null \
-O /dev/null \
>/dev/null \
&& break
OK=0
done
if [ 1 != "$OK" ]
then
exit_skip "Failed to launch Nexus"
fi
echo " DONE"
if test "${1:-no}" = "aggregator"
then
echo -n "Running exchange aggregator ..."
taler-exchange-aggregator \
-y \
-L "INFO" \
-t \
-c "$CONF" \
2> "${MY_TMP_DIR}/aggregator.log" \
|| exit_fail "FAIL"
echo " DONE"
echo -n "Running exchange closer ..."
taler-exchange-closer \
-L "INFO" \
-t \
-c "$CONF" \
2> "${MY_TMP_DIR}/closer.log" \
|| exit_fail "FAIL"
echo " DONE"
echo -n "Running exchange transfer ..."
taler-exchange-transfer \
-L "INFO" \
-t \
-c "$CONF" \
2> "${MY_TMP_DIR}/transfer.log" \
|| exit_fail "FAIL"
echo " DONE"
echo -n "Running Nexus payment submitter ..."
nexus_submit_to_sandbox
echo " DONE"
# Make outgoing transactions appear in the TWG:
echo -n "Download bank transactions ..."
nexus_fetch_transactions
echo " DONE"
fi
}
# actual audit run
function audit_only () {
# Run the auditor!
echo -n "Running audit(s) ..."
# Restart so that first run is always fresh, and second one is incremental
taler-auditor-dbinit \
-r \
-c "$CONF"
$VALGRIND taler-helper-auditor-aggregation \
-L DEBUG \
-c "$CONF" \
-m "$MASTER_PUB" \
> test-audit-aggregation.json \
2> "${MY_TMP_DIR}/test-audit-aggregation.log" \
|| exit_fail "aggregation audit failed"
echo -n "."
$VALGRIND taler-helper-auditor-aggregation \
-L DEBUG \
-c "$CONF" \
-m "$MASTER_PUB" \
> test-audit-aggregation-inc.json \
2> "${MY_TMP_DIR}/test-audit-aggregation-inc.log" \
|| exit_fail "incremental aggregation audit failed"
echo -n "."
$VALGRIND taler-helper-auditor-coins \
-L DEBUG \
-c "$CONF" \
-m "$MASTER_PUB" \
> test-audit-coins.json \
2> "${MY_TMP_DIR}/test-audit-coins.log" \
|| exit_fail "coin audit failed"
echo -n "."
$VALGRIND taler-helper-auditor-coins \
-L DEBUG \
-c "$CONF" \
-m "$MASTER_PUB" \
> test-audit-coins-inc.json \
2> "${MY_TMP_DIR}/test-audit-coins-inc.log" \
|| exit_fail "incremental coin audit failed"
echo -n "."
$VALGRIND taler-helper-auditor-deposits \
-L DEBUG \
-c "$CONF" \
-m "$MASTER_PUB" \
> test-audit-deposits.json \
2> "${MY_TMP_DIR}/test-audit-deposits.log" \
|| exit_fail "deposits audit failed"
echo -n "."
$VALGRIND taler-helper-auditor-deposits \
-L DEBUG \
-c "$CONF" \
-m "$MASTER_PUB" \
> test-audit-deposits-inc.json \
2> "${MY_TMP_DIR}/test-audit-deposits-inc.log" \
|| exit_fail "incremental deposits audit failed"
echo -n "."
$VALGRIND taler-helper-auditor-reserves \
-i \
-L DEBUG \
-c "$CONF" \
-m "$MASTER_PUB" \
> test-audit-reserves.json \
2> "${MY_TMP_DIR}/test-audit-reserves.log" \
|| exit_fail "reserves audit failed"
echo -n "."
$VALGRIND taler-helper-auditor-reserves \
-i \
-L DEBUG \
-c "$CONF" \
-m "$MASTER_PUB" \
> test-audit-reserves-inc.json \
2> "${MY_TMP_DIR}/test-audit-reserves-inc.log" \
|| exit_fail "incremental reserves audit failed"
echo -n "."
rm -f "${MY_TMP_DIR}/test-wire-audit.log"
thaw() {
$VALGRIND taler-helper-auditor-wire \
-i \
-L DEBUG \
-c "$CONF" \
-m "$MASTER_PUB" \
> test-audit-wire.json \
2>> "${MY_TMP_DIR}/test-wire-audit.log"
}
thaw || ( echo -e " FIRST CALL TO taler-helper-auditor-wire FAILED,\nRETRY AFTER TWO SECONDS..." | tee -a "${MY_TMP_DIR}/test-wire-audit.log"
sleep 2
thaw || exit_fail "wire audit failed" )
echo -n "."
$VALGRIND taler-helper-auditor-wire \
-i \
-L DEBUG \
-c "$CONF" \
-m "$MASTER_PUB" \
> test-audit-wire-inc.json \
2> "${MY_TMP_DIR}/test-wire-audit-inc.log" \
|| exit_fail "wire audit inc failed"
echo -n "."
echo " DONE"
}
# Cleanup to run after the auditor
function post_audit () {
taler-exchange-dbinit \
-c "$CONF" \
-g \
|| exit_fail "exchange DB GC failed"
cleanup
echo -n "TeXing ."
taler-helper-auditor-render.py \
test-audit-aggregation.json \
test-audit-coins.json \
test-audit-deposits.json \
test-audit-reserves.json \
test-audit-wire.json \
< ../../contrib/auditor-report.tex.j2 \
> test-report.tex \
|| exit_fail "Renderer failed"
echo -n "."
timeout 10 pdflatex test-report.tex \
>/dev/null \
|| exit_fail "pdflatex failed"
echo -n "."
timeout 10 pdflatex test-report.tex \
>/dev/null
echo " DONE"
}
# Run audit process on current database, including report
# generation. Pass "aggregator" as $1 to run
# $ taler-exchange-aggregator
# before auditor (to trigger pending wire transfers).
# Pass "drain" as $2 to run a drain operation as well.
function run_audit () {
pre_audit "${1:-no}"
if test "${2:-no}" = "drain"
then
echo -n "Starting exchange..."
taler-exchange-httpd \
-c "${CONF}" \
-L INFO \
2> "${MY_TMP_DIR}/exchange-httpd-drain.err" &
EPID=$!
# Wait for all services to be available
for n in $(seq 1 50)
do
echo -n "."
sleep 0.1
OK=0
# exchange
wget "http://localhost:8081/seed" \
-o /dev/null \
-O /dev/null \
>/dev/null \
|| continue
OK=1
break
done
echo "... DONE."
export CONF
echo -n "Running taler-exchange-offline drain "
taler-exchange-offline \
-L DEBUG \
-c "${CONF}" \
drain TESTKUDOS:0.1 \
exchange-account-1 payto://iban/SANDBOXX/DE360679?receiver-name=Exchange+Drain \
upload \
2> "${MY_TMP_DIR}/taler-exchange-offline-drain.log" \
|| exit_fail "offline draining failed"
kill -TERM "$EPID"
wait "$EPID" || true
unset EPID
echo -n "Running taler-exchange-drain ..."
printf "\n" | taler-exchange-drain \
-L DEBUG \
-c "$CONF" \
2> "${MY_TMP_DIR}/taler-exchange-drain.log" \
|| exit_fail "FAIL"
echo " DONE"
echo -n "Running taler-exchange-transfer ..."
taler-exchange-transfer \
-L INFO \
-t \
-c "$CONF" \
2> "${MY_TMP_DIR}/drain-transfer.log" \
|| exit_fail "FAIL"
echo " DONE"
export LIBEUFIN_NEXUS_USERNAME="exchange"
export LIBEUFIN_NEXUS_PASSWORD="x"
export LIBEUFIN_NEXUS_URL="http://localhost:8082/"
PAIN_UUID=$(libeufin-cli accounts list-payments exchange-nexus | jq .initiatedPayments[] | jq 'select(.submitted==false)' | jq -r .paymentInitiationId)
if test -z "${PAIN_UUID}"
then
echo -n "Payment likely already submitted, running submit-payments without UUID anyway ..."
libeufin-cli accounts \
submit-payments \
exchange-nexus
else
echo -n "Running payment submission for transaction ${PAIN_UUID} ..."
libeufin-cli accounts \
submit-payments \
--payment-uuid "${PAIN_UUID}" \
exchange-nexus
fi
echo " DONE"
echo -n "Import outgoing transactions..."
libeufin-cli accounts \
fetch-transactions \
--range-type since-last \
--level report \
exchange-nexus
echo " DONE"
fi
audit_only
post_audit
}
# Do a full reload of the (original) database
function full_reload()
{
echo -n "Doing full reload of the database (loading ${BASEDB}.sql into $DB at $PGHOST)... "
dropdb "$DB" 2> /dev/null || true
createdb -T template0 "$DB" \
|| exit_skip "could not create database $DB (at $PGHOST)"
# Import pre-generated database, -q(ietly) using single (-1) transaction
psql -Aqt "$DB" \
-q \
-1 \
-f "${BASEDB}.sql" \
> /dev/null \
|| exit_skip "Failed to load database $DB from ${BASEDB}.sql"
echo "DONE"
# Technically, this call shouldn't be needed as libeufin should already be stopped here...
stop_libeufin
}
function test_0() {
echo "===========0: normal run with aggregator==========="
run_audit aggregator
echo "Checking output"
# if an emergency was detected, that is a bug and we should fail
echo -n "Test for emergencies... "
jq -e .emergencies[0] < test-audit-coins.json > /dev/null && exit_fail "Unexpected emergency detected in ordinary run" || echo PASS
echo -n "Test for deposit confirmation emergencies... "
jq -e .deposit_confirmation_inconsistencies[0] < test-audit-deposits.json > /dev/null && exit_fail "Unexpected deposit confirmation inconsistency detected" || echo PASS
echo -n "Test for emergencies by count... "
jq -e .emergencies_by_count[0] < test-audit-coins.json > /dev/null && exit_fail "Unexpected emergency by count detected in ordinary run" || echo PASS
echo -n "Test for wire inconsistencies... "
jq -e .wire_out_amount_inconsistencies[0] < test-audit-wire.json > /dev/null && exit_fail "Unexpected wire out inconsistency detected in ordinary run"
jq -e .reserve_in_amount_inconsistencies[0] < test-audit-wire.json > /dev/null && exit_fail "Unexpected reserve in inconsistency detected in ordinary run"
jq -e .misattribution_inconsistencies[0] < test-audit-wire.json > /dev/null && exit_fail "Unexpected misattribution inconsistency detected in ordinary run"
jq -e .row_inconsistencies[0] < test-audit-wire.json > /dev/null && exit_fail "Unexpected row inconsistency detected in ordinary run"
jq -e .denomination_key_validity_withdraw_inconsistencies[0] < test-audit-reserves.json > /dev/null && exit_fail "Unexpected denomination key withdraw inconsistency detected in ordinary run"
jq -e .row_minor_inconsistencies[0] < test-audit-wire.json > /dev/null && exit_fail "Unexpected minor row inconsistency detected in ordinary run"
jq -e .lag_details[0] < test-audit-wire.json > /dev/null && exit_fail "Unexpected lag detected in ordinary run"
jq -e .wire_format_inconsistencies[0] < test-audit-wire.json > /dev/null && exit_fail "Unexpected wire format inconsistencies detected in ordinary run"
# TODO: check operation balances are correct (once we have all transaction types and wallet is deterministic)
# TODO: check revenue summaries are correct (once we have all transaction types and wallet is deterministic)
echo PASS
LOSS=$(jq -r .total_bad_sig_loss < test-audit-aggregation.json)
if [ "$LOSS" != "TESTKUDOS:0" ]
then
exit_fail "Wrong total bad sig loss from aggregation, got unexpected loss of $LOSS"
fi
LOSS=$(jq -r .irregular_loss < test-audit-coins.json)
if [ "$LOSS" != "TESTKUDOS:0" ]
then
exit_fail "Wrong total bad sig loss from coins, got unexpected loss of $LOSS"
fi
LOSS=$(jq -r .total_bad_sig_loss < test-audit-reserves.json)
if [ "$LOSS" != "TESTKUDOS:0" ]
then
exit_fail "Wrong total bad sig loss from reserves, got unexpected loss of $LOSS"
fi
echo -n "Test for wire amounts... "
WIRED=$(jq -r .total_wire_in_delta_plus < test-audit-wire.json)
if [ "$WIRED" != "TESTKUDOS:0" ]
then
exit_fail "Expected total wire delta plus wrong, got $WIRED"
fi
WIRED=$(jq -r .total_wire_in_delta_minus < test-audit-wire.json)
if [ "$WIRED" != "TESTKUDOS:0" ]
then
exit_fail "Expected total wire delta minus wrong, got $WIRED"
fi
WIRED=$(jq -r .total_wire_out_delta_plus < test-audit-wire.json)
if [ "$WIRED" != "TESTKUDOS:0" ]
then
exit_fail "Expected total wire delta plus wrong, got $WIRED"
fi
WIRED=$(jq -r .total_wire_out_delta_minus < test-audit-wire.json)
if [ "$WIRED" != "TESTKUDOS:0" ]
then
exit_fail "Expected total wire delta minus wrong, got $WIRED"
fi
WIRED=$(jq -r .total_misattribution_in < test-audit-wire.json)
if [ "$WIRED" != "TESTKUDOS:0" ]
then
exit_fail "Expected total misattribution in wrong, got $WIRED"
fi
echo "PASS"
echo -n "Checking for unexpected arithmetic differences "
LOSS=$(jq -r .total_arithmetic_delta_plus < test-audit-aggregation.json)
if [ "$LOSS" != "TESTKUDOS:0" ]
then
exit_fail "Wrong arithmetic delta from aggregations, got unexpected plus of $LOSS"
fi
LOSS=$(jq -r .total_arithmetic_delta_minus < test-audit-aggregation.json)
if [ "$LOSS" != "TESTKUDOS:0" ]
then
exit_fail "Wrong arithmetic delta from aggregation, got unexpected minus of $LOSS"
fi
LOSS=$(jq -r .total_arithmetic_delta_plus < test-audit-coins.json)
if [ "$LOSS" != "TESTKUDOS:0" ]
then
exit_fail "Wrong arithmetic delta from coins, got unexpected plus of $LOSS"
fi
LOSS=$(jq -r .total_arithmetic_delta_minus < test-audit-coins.json)
if [ "$LOSS" != "TESTKUDOS:0" ]
then
exit_fail "Wrong arithmetic delta from coins, got unexpected minus of $LOSS"
fi
LOSS=$(jq -r .total_arithmetic_delta_plus < test-audit-reserves.json)
if [ "$LOSS" != "TESTKUDOS:0" ]
then
exit_fail "Wrong arithmetic delta from reserves, got unexpected plus of $LOSS"
fi
LOSS=$(jq -r .total_arithmetic_delta_minus < test-audit-reserves.json)
if [ "$LOSS" != "TESTKUDOS:0" ]
then
exit_fail "Wrong arithmetic delta from reserves, got unexpected minus of $LOSS"
fi
jq -e .amount_arithmetic_inconsistencies[0] < test-audit-aggregation.json > /dev/null && exit_fail "Unexpected arithmetic inconsistencies from aggregations detected in ordinary run"
jq -e .amount_arithmetic_inconsistencies[0] < test-audit-coins.json > /dev/null && exit_fail "Unexpected arithmetic inconsistencies from coins detected in ordinary run"
jq -e .amount_arithmetic_inconsistencies[0] < test-audit-reserves.json > /dev/null && exit_fail "Unexpected arithmetic inconsistencies from reserves detected in ordinary run"
echo "PASS"
echo -n "Checking for unexpected wire out differences "
jq -e .wire_out_inconsistencies[0] < test-audit-aggregation.json > /dev/null && exit_fail "Unexpected wire out inconsistencies detected in ordinary run"
echo "PASS"
# cannot easily undo aggregator, hence full reload
full_reload
}
# Run without aggregator, hence auditor should detect wire
# transfer lag!
function test_1() {
echo "===========1: normal run==========="
run_audit
echo "Checking output"
# if an emergency was detected, that is a bug and we should fail
echo -n "Test for emergencies... "
jq -e .emergencies[0] \
< test-audit-coins.json \
> /dev/null \
&& exit_fail "Unexpected emergency detected in ordinary run";
echo "PASS"
echo -n "Test for emergencies by count... "
jq -e .emergencies_by_count[0] \
< test-audit-coins.json \
> /dev/null \
&& exit_fail "Unexpected emergency by count detected in ordinary run"
echo "PASS"
echo -n "Test for wire inconsistencies... "
jq -e .wire_out_amount_inconsistencies[0] \
< test-audit-wire.json \
> /dev/null \
&& exit_fail "Unexpected wire out inconsistency detected in ordinary run"
jq -e .reserve_in_amount_inconsistencies[0] \
< test-audit-wire.json \
> /dev/null \
&& exit_fail "Unexpected reserve in inconsistency detected in ordinary run"
jq -e .misattribution_inconsistencies[0] \
< test-audit-wire.json \
> /dev/null \
&& exit_fail "Unexpected misattribution inconsistency detected in ordinary run"
jq -e .row_inconsistencies[0] \
< test-audit-wire.json \
> /dev/null \
&& exit_fail "Unexpected row inconsistency detected in ordinary run"
jq -e .row_minor_inconsistencies[0] \
< test-audit-wire.json \
> /dev/null \
&& exit_fail "Unexpected minor row inconsistency detected in ordinary run"
jq -e .wire_format_inconsistencies[0] \
< test-audit-wire.json \
> /dev/null \
&& exit_fail "Unexpected wire format inconsistencies detected in ordinary run"
# TODO: check operation balances are correct (once we have all transaction types and wallet is deterministic)
# TODO: check revenue summaries are correct (once we have all transaction types and wallet is deterministic)
echo "PASS"
echo -n "Check for lag detection... "
# Check wire transfer lag reported (no aggregator!)
# NOTE: This test is EXPECTED to fail for ~1h after
# re-generating the test database as we do not
# report lag of less than 1h (see GRACE_PERIOD in
# taler-helper-auditor-wire.c)
jq -e .lag_details[0] \
< test-audit-wire.json \
> /dev/null \
|| exit_fail "Lag not detected in run without aggregator"
LAG=$(jq -r .total_amount_lag < test-audit-wire.json)
if [ "$LAG" = "TESTKUDOS:0" ]
then
exit_fail "Expected total lag to be non-zero"
fi
echo "PASS"
echo -n "Test for wire amounts... "
WIRED=$(jq -r .total_wire_in_delta_plus < test-audit-wire.json)
if [ "$WIRED" != "TESTKUDOS:0" ]
then
exit_fail "Expected total wire delta plus wrong, got $WIRED"
fi
WIRED=$(jq -r .total_wire_in_delta_minus < test-audit-wire.json)
if [ "$WIRED" != "TESTKUDOS:0" ]
then
exit_fail "Expected total wire delta minus wrong, got $WIRED"
fi
WIRED=$(jq -r .total_wire_out_delta_plus < test-audit-wire.json)
if [ "$WIRED" != "TESTKUDOS:0" ]
then
exit_fail "Expected total wire delta plus wrong, got $WIRED"
fi
WIRED=$(jq -r .total_wire_out_delta_minus < test-audit-wire.json)
if [ "$WIRED" != "TESTKUDOS:0" ]
then
exit_fail "Expected total wire delta minus wrong, got $WIRED"
fi
WIRED=$(jq -r .total_misattribution_in < test-audit-wire.json)
if [ "$WIRED" != "TESTKUDOS:0" ]
then
exit_fail "Expected total misattribution in wrong, got $WIRED"
fi
# Database was unmodified, no need to undo
echo "OK"
}
# *************** Main test loop starts here **************
# Run all the tests against the database given in $1.
# Sets $fail to 0 on success, non-zero on failure.
function check_with_database()
{
BASEDB="$1"
CONF="$1.conf"
echo "Running test suite with database $BASEDB using configuration $CONF"
MASTER_PRIV_FILE="${BASEDB}.mpriv"
taler-config \
-f \
-c "${CONF}" \
-s exchange-offline \
-o MASTER_PRIV_FILE \
-V "${MASTER_PRIV_FILE}"
MASTER_PUB=$(gnunet-ecc -p "$MASTER_PRIV_FILE")
echo "MASTER PUB is ${MASTER_PUB} using file ${MASTER_PRIV_FILE}"
# Load database
full_reload
# Run test suite
fail=0
for i in $TESTS
do
"test_$i"
if test 0 != $fail
then
break
fi
done
echo "Cleanup (disabled, leaving database $DB behind)"
# dropdb $DB
}
# *************** Main logic starts here **************
# ####### Setup globals ######
# Postgres database to use (must match configuration file)
export DB="auditor-basedb"
# test required commands exist
echo "Testing for jq"
jq -h > /dev/null || exit_skip "jq required"
echo "Testing for faketime"
faketime -h > /dev/null || exit_skip "faketime required"
# NOTE: really check for all three libeufin commands?
echo "Testing for libeufin"
libeufin-cli --help >/dev/null 2> /dev/null </dev/null || exit_skip "libeufin required"
echo "Testing for pdflatex"
which pdflatex > /dev/null </dev/null || exit_skip "pdflatex required"
echo "Testing for taler-wallet-cli"
taler-wallet-cli -h >/dev/null </dev/null 2>/dev/null || exit_skip "taler-wallet-cli required"
echo -n "Testing for Postgres"
# Available directly in path?
INITDB_BIN=$(command -v initdb) || true
if [[ -n "$INITDB_BIN" ]]; then
echo " FOUND (in path) at $INITDB_BIN"
else
HAVE_INITDB=$(find /usr -name "initdb" | head -1 2> /dev/null | grep postgres) \
|| exit_skip " MISSING"
echo " FOUND at $(dirname "$HAVE_INITDB")"
INITDB_BIN=$(echo "$HAVE_INITDB" | grep bin/initdb | grep postgres | sort -n | tail -n1)
fi
POSTGRES_PATH=$(dirname "$INITDB_BIN")
MY_TMP_DIR=$(mktemp -d /tmp/taler-auditor-basedbXXXXXX)
echo "Using $MY_TMP_DIR for logging and temporary data"
TMPDIR="$MY_TMP_DIR/postgres"
mkdir -p "$TMPDIR"
echo -n "Setting up Postgres DB at $TMPDIR ..."
$INITDB_BIN \
--no-sync \
--auth=trust \
-D "${TMPDIR}" \
> "${MY_TMP_DIR}/postgres-dbinit.log" \
2> "${MY_TMP_DIR}/postgres-dbinit.err"
echo "DONE"
SOCKETDIR="${TMPDIR}/sockets"
mkdir "${SOCKETDIR}"
echo -n "Launching Postgres service"
cat - >> "$TMPDIR/postgresql.conf" <<EOF
unix_socket_directories='${TMPDIR}/sockets'
fsync=off
max_wal_senders=0
synchronous_commit=off
wal_level=minimal
listen_addresses=''
EOF
grep -v host \
< "$TMPDIR/pg_hba.conf" \
> "$TMPDIR/pg_hba.conf.new"
mv "$TMPDIR/pg_hba.conf.new" "$TMPDIR/pg_hba.conf"
"${POSTGRES_PATH}/pg_ctl" \
-D "$TMPDIR" \
-l /dev/null \
start \
> "${MY_TMP_DIR}/postgres-start.log" \
2> "${MY_TMP_DIR}/postgres-start.err"
echo " DONE"
PGHOST="$TMPDIR/sockets"
export PGHOST
MYDIR="${MY_TMP_DIR}/basedb"
mkdir -p "${MYDIR}"
echo "Generating fresh database at $MYDIR"
if faketime -f '-1 d' ./generate-auditor-basedb.sh \
-c generate-kyc-basedb.conf \
-d "$MYDIR/$DB"
then
echo -n "Reset 'auditor-basedb' database at $PGHOST ..."
dropdb "auditor-basedb" >/dev/null 2>/dev/null || true
createdb "auditor-basedb" || exit_skip "Could not create database '$BASEDB' at $PGHOST"
echo " DONE"
check_with_database "$MYDIR/$DB"
if [ "$fail" != "0" ]
then
exit "$fail"
fi
else
echo "Generation failed"
exit 1
fi
exit 0

575
src/auditor/test-revocation.sh
View File

@ -19,13 +19,15 @@
#
# Check that the auditor report is as expected.
#
# shellcheck disable=SC2317
#
# Requires 'jq' tool and Postgres superuser rights!
set -eu
# set -x
# Set of numbers for all the testcases.
# When adding new tests, increase the last number:
ALL_TESTS=`seq 0 4`
ALL_TESTS=$(seq 0 4)
# $TESTS determines which tests we should run.
# This construction is used to make it easy to
@ -42,50 +44,18 @@ TESTS=${1:-$ALL_TESTS}
# Global variable to run the auditor processes under valgrind
# VALGRIND=valgrind
VALGRIND=""
LOGLEVEL="INFO"
# Exit, with status code "skip" (no 'real' failure)
function exit_skip() {
echo "SKIPPING test: $1"
exit 77
}
# Exit, with error message (hard failure)
function exit_fail() {
echo "FAILING test: $1"
exit 1
}
function stop_libeufin()
{
echo "killing libeufin..."
if test -f ${MYDIR:-/}/libeufin-sandbox.pid
then
echo "Killing libeufin sandbox"
PID=`cat ${MYDIR}/libeufin-sandbox.pid 2> /dev/null`
rm ${MYDIR}/libeufin-sandbox.pid
kill $PID 2> /dev/null || true
wait $PID || true
fi
if test -f ${MYDIR:-/}/libeufin-nexus.pid
then
echo "Killing libeufin nexus"
PID=`cat ${MYDIR}/libeufin-nexus.pid 2> /dev/null`
rm ${MYDIR}/libeufin-nexus.pid
kill $PID 2> /dev/null || true
wait $PID || true
fi
echo "killing libeufin DONE"
}
. setup.sh
# Cleanup to run whenever we exit
function cleanup()
{
if test ! -z "${EPID:-}"
if [ ! -z "${EPID:-}" ]
then
echo -n "Stopping exchange $EPID..."
kill -TERM $EPID
wait $EPID
kill -TERM "$EPID"
wait "$EPID"
echo " DONE"
unset EPID
fi
@ -96,15 +66,20 @@ function cleanup()
function exit_cleanup()
{
echo "Running exit-cleanup"
if test ! -z "${POSTGRES_PATH:-}"
if [ ! -z "${POSTGRES_PATH:-}" ]
then
echo "Stopping Postgres at ${POSTGRES_PATH}"
${POSTGRES_PATH}/pg_ctl -D $TMPDIR -l /dev/null stop &> /dev/null || true
"${POSTGRES_PATH}/pg_ctl" \
-D "$TMPDIR" \
-l /dev/null \
stop \
&> /dev/null \
|| true
fi
cleanup
for n in `jobs -p`
for n in $(jobs -p)
do
kill $n 2> /dev/null || true
kill "$n" 2> /dev/null || true
done
wait
echo "DONE"
@ -113,94 +88,80 @@ function exit_cleanup()
# Install cleanup handler (except for kill -9)
trap exit_cleanup EXIT
# Downloads new transactions from the bank.
function nexus_fetch_transactions () {
export LIBEUFIN_NEXUS_USERNAME=exchange
export LIBEUFIN_NEXUS_PASSWORD=x
export LIBEUFIN_NEXUS_URL=http://localhost:8082/
libeufin-cli accounts fetch-transactions \
--range-type since-last --level report exchange-nexus > /dev/null
unset LIBEUFIN_NEXUS_USERNAME
unset LIBEUFIN_NEXUS_PASSWORD
unset LIBEUFIN_NEXUS_URL
}
# Instruct Nexus to all the prepared payments (= those
# POSTed to /transfer by the exchange).
function nexus_submit_to_sandbox () {
export LIBEUFIN_NEXUS_USERNAME=exchange
export LIBEUFIN_NEXUS_PASSWORD=x
export LIBEUFIN_NEXUS_URL=http://localhost:8082/
libeufin-cli accounts submit-payments exchange-nexus
unset LIBEUFIN_NEXUS_USERNAME
unset LIBEUFIN_NEXUS_PASSWORD
unset LIBEUFIN_NEXUS_URL
}
function get_payto_uri() {
export LIBEUFIN_SANDBOX_USERNAME=$1
export LIBEUFIN_SANDBOX_PASSWORD=$2
export LIBEUFIN_SANDBOX_URL=http://localhost:18082
libeufin-cli sandbox demobank info --bank-account $1 | jq --raw-output '.paytoUri'
libeufin-cli sandbox demobank info \
--bank-account "$1" \
| jq --raw-output '.paytoUri'
}
function launch_libeufin () {
export LIBEUFIN_NEXUS_DB_CONNECTION="jdbc:sqlite:${DB}-nexus.sqlite3"
cd $MYDIR
libeufin-nexus serve --port 8082 \
2> ${MYDIR}/libeufin-nexus-stderr.log \
> ${MYDIR}/libeufin-nexus-stdout.log &
echo $! > ${MYDIR}/libeufin-nexus.pid
export LIBEUFIN_SANDBOX_DB_CONNECTION="jdbc:sqlite:${DB}-sandbox.sqlite3"
libeufin-sandbox serve --no-auth --port 18082 \
> ${MYDIR}/libeufin-sandbox-stdout.log \
2> ${MYDIR}/libeufin-sandbox-stderr.log &
echo $! > ${MYDIR}/libeufin-sandbox.pid
cd $ORIGIN
}
# Operations to run before the actual audit
function pre_audit () {
# Launch bank
echo -n "Launching bank "
EXCHANGE_URL=`taler-config -c $CONF -s EXCHANGE -o BASE_URL`
launch_libeufin
for n in `seq 1 80`
for n in $(seq 1 80)
do
echo -n "."
sleep 0.1
OK=1
wget http://localhost:18082/ -o /dev/null -O /dev/null >/dev/null && break
wget http://localhost:18082/ \
-o /dev/null \
-O /dev/null \
>/dev/null && break
OK=0
done
if [ 1 != $OK ]
if [ 1 != "$OK" ]
then
exit_skip "Failed to launch Sandbox"
fi
for n in `seq 1 80`
for n in $(seq 1 80)
do
echo -n "."
sleep 0.1
OK=1
wget http://localhost:8082/ -o /dev/null -O /dev/null >/dev/null && break
wget http://localhost:8082/ \
-o /dev/null \
-O /dev/null \
>/dev/null && break
OK=0
done
if [ 1 != $OK ]
if [ 1 != "$OK" ]
then
exit_skip "Failed to launch Nexus"
fi
echo " DONE"
if test ${1:-no} = "aggregator"
if [ "${1:-no}" = "aggregator" ]
then
export CONF
echo -n "Running exchange aggregator ... (config: $CONF)"
taler-exchange-aggregator -L INFO -t -c $CONF -y 2> ${MYDIR}/aggregator.log || exit_fail "FAIL"
taler-exchange-aggregator \
-L "$LOGLEVEL" \
-t \
-c "$CONF" \
-y \
2> "${MY_TMP_DIR}/aggregator.log" \
|| exit_fail "FAIL"
echo " DONE"
echo -n "Running exchange closer ..."
taler-exchange-closer -L INFO -t -c $CONF 2> ${MYDIR}/closer.log || exit_fail "FAIL"
taler-exchange-closer \
-L "$LOGLEVEL" \
-t \
-c "$CONF" \
2> "${MY_TMP_DIR}/closer.log" \
|| exit_fail "FAIL"
echo " DONE"
echo -n "Running exchange transfer ..."
taler-exchange-transfer -L INFO -t -c $CONF 2> ${MYDIR}/transfer.log || exit_fail "FAIL"
taler-exchange-transfer \
-L "$LOGLEVEL" \
-t \
-c "$CONF" \
2> "${MY_TMP_DIR}/transfer.log" \
|| exit_fail "FAIL"
echo " DONE"
echo -n "Running Nexus payment submitter ..."
nexus_submit_to_sandbox
@ -218,28 +179,93 @@ function audit_only () {
echo -n "Running audit(s) ... (conf is $CONF)"
# Restart so that first run is always fresh, and second one is incremental
taler-auditor-dbinit -r -c $CONF
$VALGRIND taler-helper-auditor-aggregation -L DEBUG -c $CONF -m $MASTER_PUB > test-audit-aggregation.json 2> test-audit-aggregation.log || exit_fail "aggregation audit failed"
taler-auditor-dbinit \
-r \
-c "$CONF"
$VALGRIND taler-helper-auditor-aggregation \
-L "$LOGLEVEL" \
-c "$CONF" \
-m "$MASTER_PUB" \
> test-audit-aggregation.json \
2> test-audit-aggregation.log \
|| exit_fail "aggregation audit failed"
echo -n "."
$VALGRIND taler-helper-auditor-aggregation -L DEBUG -c $CONF -m $MASTER_PUB > test-audit-aggregation-inc.json 2> test-audit-aggregation-inc.log || exit_fail "incremental aggregation audit failed"
$VALGRIND taler-helper-auditor-aggregation \
-L "$LOGLEVEL" \
-c "$CONF" \
-m "$MASTER_PUB" \
> test-audit-aggregation-inc.json \
2> test-audit-aggregation-inc.log \
|| exit_fail "incremental aggregation audit failed"
echo -n "."
$VALGRIND taler-helper-auditor-coins -L DEBUG -c $CONF -m $MASTER_PUB > test-audit-coins.json 2> test-audit-coins.log || exit_fail "coin audit failed"
$VALGRIND taler-helper-auditor-coins \
-L "$LOGLEVEL" \
-c "$CONF" \
-m "$MASTER_PUB" \
> test-audit-coins.json \
2> test-audit-coins.log \
|| exit_fail "coin audit failed"
echo -n "."
$VALGRIND taler-helper-auditor-coins -L DEBUG -c $CONF -m $MASTER_PUB > test-audit-coins-inc.json 2> test-audit-coins-inc.log || exit_fail "incremental coin audit failed"
$VALGRIND taler-helper-auditor-coins \
-L "$LOGLEVEL" \
-c "$CONF" \
-m "$MASTER_PUB" \
> test-audit-coins-inc.json \
2> test-audit-coins-inc.log \
|| exit_fail "incremental coin audit failed"
echo -n "."
$VALGRIND taler-helper-auditor-deposits -L DEBUG -c $CONF -m $MASTER_PUB > test-audit-deposits.json 2> test-audit-deposits.log || exit_fail "deposits audit failed"
$VALGRIND taler-helper-auditor-deposits \
-L "$LOGLEVEL" \
-c "$CONF" \
-m "$MASTER_PUB" \
> test-audit-deposits.json \
2> test-audit-deposits.log \
|| exit_fail "deposits audit failed"
echo -n "."
$VALGRIND taler-helper-auditor-deposits -L DEBUG -c $CONF -m $MASTER_PUB > test-audit-deposits-inc.json 2> test-audit-deposits-inc.log || exit_fail "incremental deposits audit failed"
$VALGRIND taler-helper-auditor-deposits \
-L "$LOGLEVEL" \
-c "$CONF" \
-m "$MASTER_PUB" \
> test-audit-deposits-inc.json \
2> test-audit-deposits-inc.log \
|| exit_fail "incremental deposits audit failed"
echo -n "."
$VALGRIND taler-helper-auditor-reserves -i -L DEBUG -c $CONF -m $MASTER_PUB > test-audit-reserves.json 2> test-audit-reserves.log || exit_fail "reserves audit failed"
$VALGRIND taler-helper-auditor-reserves \
-i \
-L "$LOGLEVEL" \
-c "$CONF" \
-m "$MASTER_PUB" \
> test-audit-reserves.json \
2> test-audit-reserves.log \
|| exit_fail "reserves audit failed"
echo -n "."
$VALGRIND taler-helper-auditor-reserves -i -L DEBUG -c $CONF -m $MASTER_PUB > test-audit-reserves-inc.json 2> test-audit-reserves-inc.log || exit_fail "incremental reserves audit failed"
$VALGRIND taler-helper-auditor-reserves \
-i \
-L "$LOGLEVEL" \
-c "$CONF" \
-m "$MASTER_PUB" \
> test-audit-reserves-inc.json \
2> test-audit-reserves-inc.log \
|| exit_fail "incremental reserves audit failed"
echo -n "."
$VALGRIND taler-helper-auditor-wire -i -L DEBUG -c $CONF -m $MASTER_PUB > test-audit-wire.json 2> test-wire-audit.log || exit_fail "wire audit failed"
$VALGRIND taler-helper-auditor-wire \
-i \
-L "$LOGLEVEL" \
-c "$CONF" \
-m "$MASTER_PUB" \
> test-audit-wire.json \
2> test-wire-audit.log \
|| exit_fail "wire audit failed"
echo -n "."
$VALGRIND taler-helper-auditor-wire -i -L DEBUG -c $CONF -m $MASTER_PUB > test-audit-wire-inc.json 2> test-wire-audit-inc.log || exit_fail "wire audit failed"
$VALGRIND taler-helper-auditor-wire \
-i \
-L "$LOGLEVEL" \
-c "$CONF" \
-m "$MASTER_PUB" \
> test-audit-wire-inc.json \
2> test-wire-audit-inc.log \
|| exit_fail "wire audit failed"
echo -n "."
echo " DONE"
}
@ -248,12 +274,22 @@ function audit_only () {
function post_audit () {
cleanup
echo -n "TeXing ."
taler-helper-auditor-render.py test-audit-aggregation.json test-audit-coins.json test-audit-deposits.json test-audit-reserves.json test-audit-wire.json < ../../contrib/auditor-report.tex.j2 > test-report.tex || exit_fail "Renderer failed"
taler-helper-auditor-render.py \
test-audit-aggregation.json \
test-audit-coins.json \
test-audit-deposits.json \
test-audit-reserves.json \
test-audit-wire.json \
< ../../contrib/auditor-report.tex.j2 \
> test-report.tex \
|| exit_fail "Renderer failed"
echo -n "."
timeout 10 pdflatex test-report.tex >/dev/null || exit_fail "pdflatex failed"
timeout 10 pdflatex test-report.tex \
>/dev/null \
|| exit_fail "pdflatex failed"
echo -n "."
timeout 10 pdflatex test-report.tex >/dev/null
timeout 10 pdflatex test-report.tex \
>/dev/null
echo " DONE"
}
@ -263,10 +299,9 @@ function post_audit () {
# $ taler-exchange-aggregator
# before auditor (to trigger pending wire transfers).
function run_audit () {
pre_audit ${1:-no}
pre_audit "${1:-no}"
audit_only
post_audit
}
@ -274,35 +309,21 @@ function run_audit () {
function full_reload()
{
echo -n "Doing full reload of the database... "
dropdb $DB 2> /dev/null || true
createdb -T template0 $DB || exit_skip "could not create database $DB (at $PGHOST)"
dropdb "$DB" 2> /dev/null || true
createdb -T template0 "$DB" \
|| exit_skip "could not create database $DB (at $PGHOST)"
# Import pre-generated database, -q(ietly) using single (-1) transaction
psql -Aqt $DB -q -1 -f ${BASEDB}.sql > /dev/null || exit_skip "Failed to load database $DB from ${BASEDB}.sql"
psql -Aqt "$DB" \
-q \
-1 \
-f "${BASEDB}.sql" \
> /dev/null \
|| exit_skip "Failed to load database $DB from ${BASEDB}.sql"
echo "DONE"
cd $MYDIR
rm -f ${DB}-nexus.sqlite3 ${DB}-sandbox.sqlite3 || true # libeufin
echo "Loading libeufin Nexus basedb: ${BASEDB}-libeufin-nexus.sql"
sqlite3 ${DB}-nexus.sqlite3 < ${BASEDB}-libeufin-nexus.sql || exit_skip "Failed to load Nexus database"
echo "DONE"
echo "Loading libeufin Sandbox basedb: ${BASEDB}-libeufin-nexus.sql"
sqlite3 ${DB}-sandbox.sqlite3 < ${BASEDB}-libeufin-sandbox.sql || exit_skip "Failed to load Sandbox database"
echo "DONE"
# Exchange payto URI contains the (dynamically generated)
# IBAN, that can only be written in CONF after libeufin is
# setup.
taler-config -c $CONF -s exchange-account-1 -o PAYTO_URI &> /dev/null || (
echo -n "Specifying exchange payto URI in the configuration ($CONF) (grab IBAN from ${DB}-sandbox.sqlite3)...";
EXCHANGE_IBAN=`echo "SELECT iban FROM BankAccounts WHERE label='exchange'" | sqlite3 ${DB}-sandbox.sqlite3`;
taler-config -c $CONF -s exchange-account-1 -o PAYTO_URI \
-V "payto://iban/SANDBOXX/$EXCHANGE_IBAN?receiver-name=Exchange+Company"
echo " DONE"
)
cd $ORIGIN
}
function test_0() {
echo "===========0: normal run with aggregator==========="
run_audit aggregator
@ -331,94 +352,105 @@ function test_0() {
echo PASS
LOSS=`jq -r .total_bad_sig_loss < test-audit-aggregation.json`
if test $LOSS != "TESTKUDOS:0"
LOSS=$(jq -r .total_bad_sig_loss < test-audit-aggregation.json)
if [ "$LOSS" != "TESTKUDOS:0" ]
then
exit_fail "Wrong total bad sig loss from aggregation, got unexpected loss of $LOSS"
fi
LOSS=`jq -r .irregular_loss < test-audit-coins.json`
if test $LOSS != "TESTKUDOS:0"
LOSS=$(jq -r .irregular_loss < test-audit-coins.json)
if [ "$LOSS" != "TESTKUDOS:0" ]
then
exit_fail "Wrong total bad sig loss from coins, got unexpected loss of $LOSS"
fi
LOSS=`jq -r .total_bad_sig_loss < test-audit-reserves.json`
if test $LOSS != "TESTKUDOS:0"
LOSS=$(jq -r .total_bad_sig_loss < test-audit-reserves.json)
if [ "$LOSS" != "TESTKUDOS:0" ]
then
exit_fail "Wrong total bad sig loss from reserves, got unexpected loss of $LOSS"
fi
echo -n "Test for wire amounts... "
WIRED=`jq -r .total_wire_in_delta_plus < test-audit-wire.json`
if test $WIRED != "TESTKUDOS:0"
WIRED=$(jq -r .total_wire_in_delta_plus < test-audit-wire.json)
if [ "$WIRED" != "TESTKUDOS:0" ]
then
exit_fail "Expected total wire delta plus wrong, got $WIRED"
fi
WIRED=`jq -r .total_wire_in_delta_minus < test-audit-wire.json`
if test $WIRED != "TESTKUDOS:0"
WIRED=$(jq -r .total_wire_in_delta_minus < test-audit-wire.json)
if [ "$WIRED" != "TESTKUDOS:0" ]
then
exit_fail "Expected total wire delta minus wrong, got $WIRED"
fi
WIRED=`jq -r .total_wire_out_delta_plus < test-audit-wire.json`
if test $WIRED != "TESTKUDOS:0"
WIRED=$(jq -r .total_wire_out_delta_plus < test-audit-wire.json)
if [ "$WIRED" != "TESTKUDOS:0" ]
then
exit_fail "Expected total wire delta plus wrong, got $WIRED"
fi
WIRED=`jq -r .total_wire_out_delta_minus < test-audit-wire.json`
if test $WIRED != "TESTKUDOS:0"
WIRED=$(jq -r .total_wire_out_delta_minus < test-audit-wire.json)
if [ "$WIRED" != "TESTKUDOS:0" ]
then
exit_fail "Expected total wire delta minus wrong, got $WIRED"
fi
WIRED=`jq -r .total_misattribution_in < test-audit-wire.json`
if test $WIRED != "TESTKUDOS:0"
WIRED=$(jq -r .total_misattribution_in < test-audit-wire.json)
if [ "$WIRED" != "TESTKUDOS:0" ]
then
exit_fail "Expected total misattribution in wrong, got $WIRED"
fi
echo PASS
echo "PASS"
echo -n "Checking for unexpected arithmetic differences "
LOSS=`jq -r .total_arithmetic_delta_plus < test-audit-aggregation.json`
if test $LOSS != "TESTKUDOS:0"
LOSS=$(jq -r .total_arithmetic_delta_plus < test-audit-aggregation.json)
if [ "$LOSS" != "TESTKUDOS:0" ]
then
exit_fail "Wrong arithmetic delta from aggregations, got unexpected plus of $LOSS"
fi
LOSS=`jq -r .total_arithmetic_delta_minus < test-audit-aggregation.json`
if test $LOSS != "TESTKUDOS:0"
LOSS=$(jq -r .total_arithmetic_delta_minus < test-audit-aggregation.json)
if [ "$LOSS" != "TESTKUDOS:0" ]
then
exit_fail "Wrong arithmetic delta from aggregation, got unexpected minus of $LOSS"
fi
LOSS=`jq -r .total_arithmetic_delta_plus < test-audit-coins.json`
if test $LOSS != "TESTKUDOS:0"
LOSS=$(jq -r .total_arithmetic_delta_plus < test-audit-coins.json)
if [ "$LOSS" != "TESTKUDOS:0" ]
then
exit_fail "Wrong arithmetic delta from coins, got unexpected plus of $LOSS"
fi
LOSS=`jq -r .total_arithmetic_delta_minus < test-audit-coins.json`
if test $LOSS != "TESTKUDOS:0"
LOSS=$(jq -r .total_arithmetic_delta_minus < test-audit-coins.json)
if [ "$LOSS" != "TESTKUDOS:0" ]
then
exit_fail "Wrong arithmetic delta from coins, got unexpected minus of $LOSS"
fi
LOSS=`jq -r .total_arithmetic_delta_plus < test-audit-reserves.json`
if test $LOSS != "TESTKUDOS:0"
LOSS=$(jq -r .total_arithmetic_delta_plus < test-audit-reserves.json)
if [ "$LOSS" != "TESTKUDOS:0" ]
then
exit_fail "Wrong arithmetic delta from reserves, got unexpected plus of $LOSS"
fi
LOSS=`jq -r .total_arithmetic_delta_minus < test-audit-reserves.json`
if test $LOSS != "TESTKUDOS:0"
LOSS=$(jq -r .total_arithmetic_delta_minus < test-audit-reserves.json)
if [ "$LOSS" != "TESTKUDOS:0" ]
then
exit_fail "Wrong arithmetic delta from reserves, got unexpected minus of $LOSS"
fi
jq -e .amount_arithmetic_inconsistencies[0] < test-audit-aggregation.json > /dev/null && exit_fail "Unexpected arithmetic inconsistencies from aggregations detected in ordinary run"
jq -e .amount_arithmetic_inconsistencies[0] < test-audit-coins.json > /dev/null && exit_fail "Unexpected arithmetic inconsistencies from coins detected in ordinary run"
jq -e .amount_arithmetic_inconsistencies[0] < test-audit-reserves.json > /dev/null && exit_fail "Unexpected arithmetic inconsistencies from reserves detected in ordinary run"
echo PASS
jq -e .amount_arithmetic_inconsistencies[0] \
< test-audit-aggregation.json \
> /dev/null \
&& exit_fail "Unexpected arithmetic inconsistencies from aggregations detected in ordinary run"
jq -e .amount_arithmetic_inconsistencies[0] \
< test-audit-coins.json \
> /dev/null \
&& exit_fail "Unexpected arithmetic inconsistencies from coins detected in ordinary run"
jq -e .amount_arithmetic_inconsistencies[0] \
< test-audit-reserves.json \
> /dev/null \
&& exit_fail "Unexpected arithmetic inconsistencies from reserves detected in ordinary run"
echo "PASS"
echo -n "Checking for unexpected wire out differences "
jq -e .wire_out_inconsistencies[0] < test-audit-aggregation.json > /dev/null && exit_fail "Unexpected wire out inconsistencies detected in ordinary run"
echo PASS
jq -e .wire_out_inconsistencies[0] \
< test-audit-aggregation.json \
> /dev/null \
&& exit_fail "Unexpected wire out inconsistencies detected in ordinary run"
echo "PASS"
# cannot easily undo aggregator, hence full reload
full_reload
}
@ -432,46 +464,72 @@ function test_1() {
echo "Checking output"
# if an emergency was detected, that is a bug and we should fail
echo -n "Test for emergencies... "
jq -e .emergencies[0] < test-audit-coins.json > /dev/null && exit_fail "Unexpected emergency detected in ordinary run" || echo PASS
jq -e .emergencies[0] \
< test-audit-coins.json \
> /dev/null \
&& exit_fail "Unexpected emergency detected in ordinary run" \
|| echo "PASS"
echo -n "Test for emergencies by count... "
jq -e .emergencies_by_count[0] < test-audit-coins.json > /dev/null && exit_fail "Unexpected emergency by count detected in ordinary run" || echo PASS
jq -e .emergencies_by_count[0] \
< test-audit-coins.json \
> /dev/null \
&& exit_fail "Unexpected emergency by count detected in ordinary run" \
|| echo "PASS"
echo -n "Test for wire inconsistencies... "
jq -e .wire_out_amount_inconsistencies[0] < test-audit-wire.json > /dev/null && exit_fail "Unexpected wire out inconsistency detected in ordinary run"
jq -e .reserve_in_amount_inconsistencies[0] < test-audit-wire.json > /dev/null && exit_fail "Unexpected reserve in inconsistency detected in ordinary run"
jq -e .misattribution_inconsistencies[0] < test-audit-wire.json > /dev/null && exit_fail "Unexpected misattribution inconsistency detected in ordinary run"
jq -e .row_inconsistencies[0] < test-audit-wire.json > /dev/null && exit_fail "Unexpected row inconsistency detected in ordinary run"
jq -e .row_minor_inconsistencies[0] < test-audit-wire.json > /dev/null && exit_fail "Unexpected minor row inconsistency detected in ordinary run"
jq -e .wire_format_inconsistencies[0] < test-audit-wire.json > /dev/null && exit_fail "Unexpected wire format inconsistencies detected in ordinary run"
jq -e .wire_out_amount_inconsistencies[0] \
< test-audit-wire.json \
> /dev/null \
&& exit_fail "Unexpected wire out inconsistency detected in ordinary run"
jq -e .reserve_in_amount_inconsistencies[0] \
< test-audit-wire.json \
> /dev/null \
&& exit_fail "Unexpected reserve in inconsistency detected in ordinary run"
jq -e .misattribution_inconsistencies[0] \
< test-audit-wire.json \
> /dev/null \
&& exit_fail "Unexpected misattribution inconsistency detected in ordinary run"
jq -e .row_inconsistencies[0] \
< test-audit-wire.json \
> /dev/null \
&& exit_fail "Unexpected row inconsistency detected in ordinary run"
jq -e .row_minor_inconsistencies[0] \
< test-audit-wire.json \
> /dev/null \
&& exit_fail "Unexpected minor row inconsistency detected in ordinary run"
jq -e .wire_format_inconsistencies[0] \
< test-audit-wire.json \
> /dev/null \
&& exit_fail "Unexpected wire format inconsistencies detected in ordinary run"
# TODO: check operation balances are correct (once we have all transaction types and wallet is deterministic)
# TODO: check revenue summaries are correct (once we have all transaction types and wallet is deterministic)
echo PASS
echo "PASS"
echo -n "Test for wire amounts... "
WIRED=`jq -r .total_wire_in_delta_plus < test-audit-wire.json`
if test $WIRED != "TESTKUDOS:0"
WIRED=$(jq -r .total_wire_in_delta_plus < test-audit-wire.json)
if [ "$WIRED" != "TESTKUDOS:0" ]
then
exit_fail "Expected total wire delta plus wrong, got $WIRED"
fi
WIRED=`jq -r .total_wire_in_delta_minus < test-audit-wire.json`
if test $WIRED != "TESTKUDOS:0"
WIRED=$(jq -r .total_wire_in_delta_minus < test-audit-wire.json)
if [ "$WIRED" != "TESTKUDOS:0" ]
then
exit_fail "Expected total wire delta minus wrong, got $WIRED"
fi
WIRED=`jq -r .total_wire_out_delta_plus < test-audit-wire.json`
if test $WIRED != "TESTKUDOS:0"
WIRED=$(jq -r .total_wire_out_delta_plus < test-audit-wire.json)
if [ "$WIRED" != "TESTKUDOS:0" ]
then
exit_fail "Expected total wire delta plus wrong, got $WIRED"
fi
WIRED=`jq -r .total_wire_out_delta_minus < test-audit-wire.json`
if test $WIRED != "TESTKUDOS:0"
WIRED=$(jq -r .total_wire_out_delta_minus < test-audit-wire.json)
if [ "$WIRED" != "TESTKUDOS:0" ]
then
exit_fail "Expected total wire delta minus wrong, got $WIRED"
fi
WIRED=`jq -r .total_misattribution_in < test-audit-wire.json`
if test $WIRED != "TESTKUDOS:0"
WIRED=$(jq -r .total_misattribution_in < test-audit-wire.json)
if [ "$WIRED" != "TESTKUDOS:0" ]
then
exit_fail "Expected total misattribution in wrong, got $WIRED"
fi
@ -486,37 +544,37 @@ function test_1() {
function test_2() {
echo "===========2: recoup amount inconsistency==========="
echo "UPDATE exchange.recoup SET amount_val=5 WHERE recoup_uuid=1" | psql -Aqt $DB
echo "UPDATE exchange.recoup SET amount_val=5 WHERE recoup_uuid=1" | psql -Aqt "$DB"
run_audit
# Reserve balance is now wrong
echo -n "Testing inconsistency detection... "
AMOUNT=`jq -r .reserve_balance_summary_wrong_inconsistencies[0].auditor < test-audit-reserves.json`
if test $AMOUNT != "TESTKUDOS:3"
AMOUNT=$(jq -r .reserve_balance_summary_wrong_inconsistencies[0].auditor < test-audit-reserves.json)
if [ "$AMOUNT" != "TESTKUDOS:3" ]
then
exit_fail "Reserve auditor amount $AMOUNT is wrong"
fi
AMOUNT=`jq -r .reserve_balance_summary_wrong_inconsistencies[0].exchange < test-audit-reserves.json`
if test $AMOUNT != "TESTKUDOS:0"
AMOUNT=$(jq -r .reserve_balance_summary_wrong_inconsistencies[0].exchange < test-audit-reserves.json)
if [ "$AMOUNT" != "TESTKUDOS:0" ]
then
exit_fail "Reserve exchange amount $AMOUNT is wrong"
fi
# Coin spent exceeded coin's value
AMOUNT=`jq -r .amount_arithmetic_inconsistencies[0].auditor < test-audit-coins.json`
if test $AMOUNT != "TESTKUDOS:2"
AMOUNT=$(jq -r .amount_arithmetic_inconsistencies[0].auditor < test-audit-coins.json)
if [ "$AMOUNT" != "TESTKUDOS:2" ]
then
exit_fail "Coin auditor amount $AMOUNT is wrong"
fi
AMOUNT=`jq -r .amount_arithmetic_inconsistencies[0].exchange < test-audit-coins.json`
if test $AMOUNT != "TESTKUDOS:5"
AMOUNT=$(jq -r .amount_arithmetic_inconsistencies[0].exchange < test-audit-coins.json)
if [ "$AMOUNT" != "TESTKUDOS:5" ]
then
exit_fail "Coin exchange amount $AMOUNT is wrong"
fi
echo OK
echo "OK"
# Undo database modification
echo "UPDATE exchange.recoup SET amount_val=2 WHERE recoup_uuid=1" | psql -Aqt $DB
echo "UPDATE exchange.recoup SET amount_val=2 WHERE recoup_uuid=1" | psql -Aqt "$DB"
}
@ -525,26 +583,26 @@ function test_2() {
function test_3() {
echo "===========3: recoup-refresh amount inconsistency==========="
echo "UPDATE exchange.recoup_refresh SET amount_val=5 WHERE recoup_refresh_uuid=1" | psql -Aqt $DB
echo "UPDATE exchange.recoup_refresh SET amount_val=5 WHERE recoup_refresh_uuid=1" | psql -Aqt "$DB"
run_audit
echo -n "Testing inconsistency detection... "
# Coin spent exceeded coin's value
AMOUNT=`jq -r .total_arithmetic_delta_minus < test-audit-coins.json`
if test $AMOUNT != "TESTKUDOS:5"
AMOUNT=$(jq -r .total_arithmetic_delta_minus < test-audit-coins.json)
if [ "$AMOUNT" != "TESTKUDOS:5" ]
then
exit_fail "Arithmetic delta minus amount $AMOUNT is wrong"
fi
AMOUNT=`jq -r .total_arithmetic_delta_plus < test-audit-coins.json`
if test $AMOUNT != "TESTKUDOS:0"
AMOUNT=$(jq -r .total_arithmetic_delta_plus < test-audit-coins.json)
if [ "$AMOUNT" != "TESTKUDOS:0" ]
then
exit_fail "Arithmetic delta plus amount $AMOUNT is wrong"
fi
echo OK
echo "OK"
# Undo database modification
echo "UPDATE exchange.recoup_refresh SET amount_val=0 WHERE recoup_refresh_uuid=1" | psql -Aqt $DB
echo "UPDATE exchange.recoup_refresh SET amount_val=0 WHERE recoup_refresh_uuid=1" | psql -Aqt "$DB"
}
@ -553,34 +611,35 @@ function test_3() {
function test_4() {
echo "===========4: invalid recoup==========="
echo "DELETE FROM exchange.denomination_revocations;" | psql -Aqt $DB
echo "DELETE FROM exchange.denomination_revocations;" | psql -Aqt "$DB"
run_audit
echo -n "Testing inconsistency detection... "
# Coin spent exceeded coin's value
jq -e .bad_sig_losses[0] < test-audit-coins.json > /dev/null || exit_fail "Bad recoup not detected"
AMOUNT=`jq -r .irregular_loss < test-audit-coins.json`
if test $AMOUNT == "TESTKUDOS:0"
jq -e .bad_sig_losses[0] \
< test-audit-coins.json \
> /dev/null \
|| exit_fail "Bad recoup not detected"
AMOUNT=$(jq -r .irregular_loss < test-audit-coins.json)
if [ "$AMOUNT" == "TESTKUDOS:0" ]
then
exit_fail "Total bad sig losses are wrong"
fi
TAB=`jq -r .row_inconsistencies[0].table < test-audit-reserves.json`
if test $TAB != "recoup"
TAB=$(jq -r .row_inconsistencies[0].table < test-audit-reserves.json)
if [ "$TAB" != "recoup" ]
then
exit_fail "Wrong table for row inconsistency, got $TAB"
fi
echo OK
echo "OK"
# Undo database modification (can't easily undo DELETE, so full reload)
full_reload
}
# *************** Main test loop starts here **************
@ -588,14 +647,14 @@ function test_4() {
# Sets $fail to 0 on success, non-zero on failure.
function check_with_database()
{
BASEDB=$1
BASEDB="$1"
# Configuration file to use
CONF=$1.conf
CONF="$1.conf"
echo "Running test suite with database $BASEDB using configuration $CONF"
MASTER_PRIV_FILE=${BASEDB}.mpriv
taler-config -f -c ${CONF} -s exchange-offline -o MASTER_PRIV_FILE -V ${MASTER_PRIV_FILE}
MASTER_PUB=`gnunet-ecc -p $MASTER_PRIV_FILE`
MASTER_PRIV_FILE="${BASEDB}.mpriv"
taler-config -f -c "${CONF}" -s exchange-offline -o MASTER_PRIV_FILE -V "${MASTER_PRIV_FILE}"
MASTER_PUB=$(gnunet-ecc -p "$MASTER_PRIV_FILE")
echo "MASTER PUB is ${MASTER_PUB} using file ${MASTER_PRIV_FILE}"
@ -605,14 +664,14 @@ function check_with_database()
fail=0
for i in $TESTS
do
test_$i
if test 0 != $fail
"test_$i"
if [ 0 != "$fail" ]
then
break
fi
done
# echo "Cleanup (disabled, leaving database $DB behind)"
dropdb $DB
dropdb "$DB"
}
@ -628,36 +687,49 @@ DB=revoke-basedb
echo "Testing for jq"
jq -h > /dev/null || exit_skip "jq required"
echo "Testing for faketime"
faketime -h > /dev/null || exit_skip "faketime required"
faketime -h > /dev/null \
|| exit_skip "faketime required"
echo "Testing for libeufin(-cli)"
libeufin-cli --help >/dev/null 2> /dev/null </dev/null || exit_skip "libeufin required"
libeufin-cli --help \
>/dev/null \
2> /dev/null \
</dev/null \
|| exit_skip "libeufin required"
echo "Testing for pdflatex"
which pdflatex > /dev/null </dev/null || exit_skip "pdflatex required"
echo "Testing for taler-wallet-cli"
taler-wallet-cli -h >/dev/null </dev/null 2>/dev/null || exit_skip "taler-wallet-cli required"
taler-wallet-cli -h \
>/dev/null \
</dev/null \
2>/dev/null \
|| exit_skip "taler-wallet-cli required"
echo -n "Testing for Postgres "
# Available directly in path?
INITDB_BIN=$(command -v initdb) || true
if [[ ! -z "$INITDB_BIN" ]]; then
echo " FOUND (in path) at" $INITDB_BIN
if [[ -n "$INITDB_BIN" ]]; then
echo "FOUND (in path) at $INITDB_BIN"
else
HAVE_INITDB=`find /usr -name "initdb" | head -1 2> /dev/null | grep postgres` || exit_skip " MISSING"
echo " FOUND at" `dirname $HAVE_INITDB`
INITDB_BIN=`echo $HAVE_INITDB | grep bin/initdb | grep postgres | sort -n | tail -n1`
HAVE_INITDB=$(find /usr -name "initdb" | head -1 2> /dev/null | grep postgres) || exit_skip " MISSING"
echo "FOUND at " "$(dirname "$HAVE_INITDB")"
INITDB_BIN=$(echo "$HAVE_INITDB" | grep bin/initdb | grep postgres | sort -n | tail -n1)
fi
echo -n "Setting up Postgres DB"
POSTGRES_PATH=`dirname $INITDB_BIN`
ORIGIN=`pwd`
MYDIR=`mktemp -d /tmp/taler-auditor-basedbXXXXXX`
TMPDIR="${MYDIR}/postgres/"
mkdir -p $TMPDIR
POSTGRES_PATH=$(dirname "$INITDB_BIN")
MY_TMP_DIR=$(mktemp -d /tmp/taler-auditor-basedbXXXXXX)
TMPDIR="${MY_TMP_DIR}/postgres/"
mkdir -p "$TMPDIR"
echo -n "Setting up Postgres DB at $TMPDIR ..."
$INITDB_BIN --no-sync --auth=trust -D ${TMPDIR} > ${MYDIR}/postgres-dbinit.log 2> ${MYDIR}/postgres-dbinit.err
"$INITDB_BIN" \
--no-sync \
--auth=trust \
-D "${TMPDIR}" \
> "${MY_TMP_DIR}/postgres-dbinit.log" \
2> "${MY_TMP_DIR}/postgres-dbinit.err"
echo " DONE"
mkdir ${TMPDIR}/sockets
mkdir "${TMPDIR}/sockets"
echo -n "Launching Postgres service at $POSTGRES_PATH"
cat - >> $TMPDIR/postgresql.conf <<EOF
cat - >> "$TMPDIR/postgresql.conf" <<EOF
unix_socket_directories='${TMPDIR}/sockets'
fsync=off
max_wal_senders=0
@ -665,23 +737,30 @@ synchronous_commit=off
wal_level=minimal
listen_addresses=''
EOF
cat $TMPDIR/pg_hba.conf | grep -v host > $TMPDIR/pg_hba.conf.new
mv $TMPDIR/pg_hba.conf.new $TMPDIR/pg_hba.conf
${POSTGRES_PATH}/pg_ctl -D $TMPDIR -l /dev/null start > ${MYDIR}/postgres-start.log 2> ${MYDIR}/postgres-start.err
grep -v host \
< "$TMPDIR/pg_hba.conf" \
> "$TMPDIR/pg_hba.conf.new"
mv "$TMPDIR/pg_hba.conf.new" "$TMPDIR/pg_hba.conf"
"${POSTGRES_PATH}/pg_ctl" \
-D "$TMPDIR" \
-l /dev/null \
start \
> "${MY_TMP_DIR}/postgres-start.log" \
2> "${MY_TMP_DIR}/postgres-start.err"
echo " DONE"
PGHOST="$TMPDIR/sockets"
export PGHOST
echo "Generating fresh database at $MYDIR"
if faketime -f '-1 d' ./generate-revoke-basedb.sh $MYDIR/$DB
echo "Generating fresh database at $MY_TMP_DIR"
if faketime -f '-1 d' ./generate-revoke-basedb.sh "$MY_TMP_DIR/$DB"
then
check_with_database $MYDIR/$DB
if test x$fail != x0
check_with_database "$MY_TMP_DIR/$DB"
if [ "x$fail" != "x0" ]
then
exit $fail
exit "$fail"
else
echo "Cleaning up $MYDIR..."
rm -rf $MYDIR || echo "Removing $MYDIR failed"
echo "Cleaning up $MY_TMP_DIR..."
rm -rf "$MY_TMP_DIR" || echo "Removing $MY_TMP_DIR failed"
fi
else
echo "Generation failed"

83
src/auditor/test-sync.sh
View File

@ -1,8 +1,7 @@
#!/bin/bash
#
# This file is part of TALER
# Copyright (C) 2014-2021 Taler Systems SA
# Copyright (C) 2014-2023 Taler Systems SA
#
# TALER is free software; you can redistribute it and/or modify it under the
# terms of the GNU General Public License as published by the Free Software
@ -15,6 +14,7 @@
# You should have received a copy of the GNU General Public License along with
# TALER; see the file COPYING. If not, If not, see <http://www.gnu.org/license>
#
# shellcheck disable=SC2317
set -eu
@ -32,13 +32,13 @@ function exit_fail() {
# Cleanup to run whenever we exit
function cleanup() {
if test ! -z "${POSTGRES_PATH:-}"
if [ -n "${POSTGRES_PATH:-}" ]
then
${POSTGRES_PATH}/pg_ctl -D $TMPDIR stop &> /dev/null || true
"${POSTGRES_PATH}/pg_ctl" -D "$TMPDIR" stop &> /dev/null || true
fi
for n in `jobs -p`
for n in $(jobs -p)
do
kill $n 2> /dev/null || true
kill "$n" 2> /dev/null || true
done
wait
}
@ -59,19 +59,25 @@ function check_with_database()
taler-exchange-dbinit -c test-sync-out.conf
echo -n "."
psql -Aqt talercheck-in -q -1 -f $1.sql >/dev/null || exit_skip "Failed to load database"
psql -Aqt talercheck-in \
-q -1 \
-f "$1.sql" \
>/dev/null \
|| exit_skip "Failed to load database"
echo -n "."
taler-auditor-sync -s test-sync-in.conf -d test-sync-out.conf -t
taler-auditor-sync \
-s test-sync-in.conf \
-d test-sync-out.conf -t
# cs_nonce_locks excluded: no point
for table in denominations denomination_revocations wire_targets reserves reserves_in reserves_close reserves_out auditors auditor_denom_sigs exchange_sign_keys signkey_revocations extensions policy_details policy_fulfillments known_coins refresh_commitments refresh_revealed_coins refresh_transfer_keys deposits refunds wire_out aggregation_tracking wire_fee recoup recoup_refresh
do
echo -n "."
CIN=`echo "SELECT COUNT(*) FROM exchange.$table" | psql talercheck-in -Aqt`
COUT=`echo "SELECT COUNT(*) FROM exchange.$table" | psql talercheck-out -Aqt`
CIN=$(echo "SELECT COUNT(*) FROM exchange.$table" | psql talercheck-in -Aqt)
COUT=$(echo "SELECT COUNT(*) FROM exchange.$table" | psql talercheck-out -Aqt)
if test ${CIN} != ${COUT}
if [ "${CIN}" != "${COUT}" ]
then
dropdb talercheck-in
dropdb talercheck-out
@ -88,14 +94,6 @@ function check_with_database()
fail=0
}
# Postgres database to use
DB=auditor-basedb
# Configuration file to use
CONF=${DB}.conf
# test required commands exist
echo "Testing for jq"
jq -h > /dev/null || exit_skip "jq required"
@ -111,23 +109,25 @@ taler-wallet-cli -h >/dev/null </dev/null 2>/dev/null || exit_skip "taler-wallet
echo -n "Testing for Postgres"
# Available directly in path?
INITDB_BIN=$(command -v initdb) || true
if [[ ! -z "$INITDB_BIN" ]]; then
echo " FOUND (in path) at" $INITDB_BIN
if [[ -n "$INITDB_BIN" ]]; then
echo " FOUND (in path) at $INITDB_BIN"
else
HAVE_INITDB=`find /usr -name "initdb" | head -1 2> /dev/null | grep postgres` || exit_skip " MISSING"
echo " FOUND at" `dirname $HAVE_INITDB`
INITDB_BIN=`echo $HAVE_INITDB | grep bin/initdb | grep postgres | sort -n | tail -n1`
HAVE_INITDB=$(find /usr -name "initdb" | head -1 2> /dev/null | grep postgres) || exit_skip " MISSING"
echo " FOUND at " "$(dirname "$HAVE_INITDB")"
INITDB_BIN=$(echo "$HAVE_INITDB" | grep bin/initdb | grep postgres | sort -n | tail -n1)
fi
echo -n "Setting up Postgres DB"
POSTGRES_PATH=`dirname $INITDB_BIN`
MYDIR=`mktemp -d /tmp/taler-auditor-basedbXXXXXX`
POSTGRES_PATH=$(dirname "$INITDB_BIN")
MYDIR=$(mktemp -d /tmp/taler-auditor-basedbXXXXXX)
TMPDIR="$MYDIR/postgres/"
mkdir -p $TMPDIR
$INITDB_BIN --no-sync --auth=trust -D ${TMPDIR} > ${MYDIR}/postgres-dbinit.log 2> ${MYDIR}/postgres-dbinit.err
mkdir -p "$TMPDIR"
"$INITDB_BIN" --no-sync --auth=trust -D "${TMPDIR}" \
> "${MYDIR}/postgres-dbinit.log" \
2> "${MYDIR}/postgres-dbinit.err"
echo " DONE"
mkdir ${TMPDIR}/sockets
mkdir "${TMPDIR}/sockets"
echo -n "Launching Postgres service"
cat - >> $TMPDIR/postgresql.conf <<EOF
cat - >> "$TMPDIR/postgresql.conf" <<EOF
unix_socket_directories='${TMPDIR}/sockets'
fsync=off
max_wal_senders=0
@ -135,23 +135,30 @@ synchronous_commit=off
wal_level=minimal
listen_addresses=''
EOF
cat $TMPDIR/pg_hba.conf | grep -v host > $TMPDIR/pg_hba.conf.new
mv $TMPDIR/pg_hba.conf.new $TMPDIR/pg_hba.conf
${POSTGRES_PATH}/pg_ctl -D $TMPDIR -l /dev/null start > ${MYDIR}/postgres-start.log 2> ${MYDIR}/postgres-start.err
grep -v host \
< "$TMPDIR/pg_hba.conf" \
> "$TMPDIR/pg_hba.conf.new"
mv "$TMPDIR/pg_hba.conf.new" "$TMPDIR/pg_hba.conf"
"${POSTGRES_PATH}/pg_ctl" \
-D "$TMPDIR" \
-l /dev/null \
start \
> "${MYDIR}/postgres-start.log" \
2> "${MYDIR}/postgres-start.err"
echo " DONE"
PGHOST="$TMPDIR/sockets"
export PGHOST
echo "Generating fresh database at $MYDIR"
if faketime -f '-1 d' ./generate-auditor-basedb.sh $MYDIR/auditor-basedb
if faketime -f '-1 d' ./generate-auditor-basedb.sh -d "$MYDIR/auditor-basedb"
then
check_with_database $MYDIR/auditor-basedb
if test x$fail != x0
check_with_database "$MYDIR/auditor-basedb"
if [ x$fail != x0 ]
then
exit $fail
exit "$fail"
else
echo "Cleaning up $MYDIR..."
rm -rf $MYDIR || echo "Removing $MYDIR failed"
rm -rf "$MYDIR" || echo "Removing $MYDIR failed"
fi
else
echo "Generation failed"

2
src/exchange/taler-exchange-aggregator.c
View File

@ -499,6 +499,8 @@ kyc_satisfied (struct AggregationUnit *au_active)
char *requirement;
enum GNUNET_DB_QueryStatus qs;
if (kyc_off)
return true;
qs = TALER_KYCLOGIC_kyc_test_required (
TALER_KYCLOGIC_KYC_TRIGGER_DEPOSIT,
&au_active->h_payto,