taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge branch 'master' of ssh://taler.net:/var/git/exchange into HEAD

Browse Source
This commit is contained in:
Christian Grothoff 2016-04-28 22:07:04 +02:00
commit 2c3dc44a20
4 changed files with 218 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/exchange/exchange.conf
View File

@ -11,6 +11,14 @@ KEYDIR = ${TALER_DATA_HOME}/exchange/live-keys/
# the actual coin operations.
# WIREFORMAT = test
# serve via tcp socket (on PORT)
SERVE = tcp
# Unix domain socket to listen on,
# only effective with "SERVE = unix"
UNIXPATH = ${TALER_RUNTIME_DIR}/exchange.http
UNIXPATH_MODE = 660
# HTTP port the exchange listens to
# PORT = 8081
@ -25,3 +33,4 @@ DB = postgres
# Where do we store the offline master private key of the exchange?
MASTER_PRIV_FILE = ${TALER_DATA_HOME}/exchange/offline-keys/master.priv

235
src/exchange/taler-exchange-httpd.c
View File

@ -42,6 +42,13 @@
#include "taler_exchangedb_plugin.h"
#include "taler-exchange-httpd_validation.h"
/**
* Backlog for listen operation on unix
* domain sockets.
*/
#define UNIX_BACKLOG 500
/**
* Which currency is used by this exchange?
*/
@ -93,6 +100,17 @@ static struct MHD_Daemon *mydaemon;
*/
static uint16_t serve_port;
/**
* Path for the unix domain-socket
* to run the daemon on.
*/
static char *serve_unixpath;
/**
* File mode for unix-domain socket.
*/
static mode_t unixpath_mode;
/**
* Function called whenever MHD is done with a request. If the
@ -453,30 +471,114 @@ exchange_serve_process_config ()
GNUNET_YES);
}
if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_number (cfg,
"exchange",
"port",
&port))
{
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
"exchange",
"port",
"port number required");
TMH_VALIDATION_done ();
return GNUNET_SYSERR;
const char *choices[] = {"tcp", "unix"};
const char *serve_type;
if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_choice (cfg,
"exchange",
"serve",
choices,
&serve_type))
{
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
"exchange",
"serve",
"serve type required");
TMH_VALIDATION_done ();
return GNUNET_SYSERR;
}
if (0 == strcmp (serve_type, "tcp"))
{
if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_number (cfg,
"exchange",
"port",
&port))
{
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
"exchange",
"port",
"port number required");
TMH_VALIDATION_done ();
return GNUNET_SYSERR;
}
if ( (0 == port) ||
(port > UINT16_MAX) )
{
fprintf (stderr,
"Invalid configuration (value out of range): %llu is not a valid port\n",
port);
TMH_VALIDATION_done ();
return GNUNET_SYSERR;
}
serve_port = (uint16_t) port;
}
else if (0 == strcmp (serve_type, "unix"))
{
struct sockaddr_un s_un;
char *modestring;
if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_filename (cfg,
"exchange",
"unixpath",
&serve_unixpath))
{
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
"exchange",
"unixpath",
"unixpath required");
TMH_VALIDATION_done ();
return GNUNET_SYSERR;
}
if (strlen (serve_unixpath) >= sizeof (s_un.sun_path))
{
fprintf (stderr,
"Invalid configuration: unix path too long\n");
TMH_VALIDATION_done ();
return GNUNET_SYSERR;
}
if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_string (cfg,
"exchange",
"unixpath_mode",
&modestring))
{
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
"exchange",
"unixpath_mode",
"unixpath_mode required");
TMH_VALIDATION_done ();
return GNUNET_SYSERR;
}
errno = 0;
unixpath_mode = (mode_t) strtoul (modestring, NULL, 8);
if (0 != errno)
{
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
"exchange",
"unixpath_mode",
"unixpath_mode required");
TMH_VALIDATION_done ();
GNUNET_free (modestring);
return GNUNET_SYSERR;
}
GNUNET_free (modestring);
}
else
{
// not reached
GNUNET_assert (0);
}
}
if ( (0 == port) ||
(port > UINT16_MAX) )
{
fprintf (stderr,
"Invalid configuration (value out of range): %llu is not a valid port\n",
port);
TMH_VALIDATION_done ();
return GNUNET_SYSERR;
}
serve_port = (uint16_t) port;
return GNUNET_OK;
}
@ -673,17 +775,90 @@ main (int argc,
exchange_serve_process_config ())
return 1;
mydaemon = MHD_start_daemon (MHD_USE_SELECT_INTERNALLY | MHD_USE_DEBUG,
serve_port,
NULL, NULL,
&handle_mhd_request, NULL,
MHD_OPTION_EXTERNAL_LOGGER, &handle_mhd_logs, NULL,
MHD_OPTION_NOTIFY_COMPLETED, &handle_mhd_completion_callback, NULL,
MHD_OPTION_CONNECTION_TIMEOUT, connection_timeout,
if (NULL != serve_unixpath)
{
struct GNUNET_NETWORK_Handle *nh;
struct sockaddr_un *un;
int fh;
if (sizeof (un->sun_path) <= strlen (serve_unixpath))
{
fprintf (stderr, "unixpath too long\n");
return 1;
}
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Creating listen socket '%s' with mode %o\n",
serve_unixpath, unixpath_mode);
if (GNUNET_OK != GNUNET_DISK_directory_create_for_file (serve_unixpath))
{
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
"mkdir",
serve_unixpath);
}
un = GNUNET_new (struct sockaddr_un);
un->sun_family = AF_UNIX;
strncpy (un->sun_path, serve_unixpath, sizeof (un->sun_path) - 1);
GNUNET_NETWORK_unix_precheck (un);
if (NULL == (nh = GNUNET_NETWORK_socket_create (AF_UNIX, SOCK_STREAM, 0)))
{
fprintf (stderr, "create failed for AF_UNIX\n");
return 1;
}
if (GNUNET_OK != GNUNET_NETWORK_socket_bind (nh, (void *) un, sizeof (struct sockaddr_un)))
{
fprintf (stderr, "bind failed for AF_UNIX\n");
return 1;
}
if (GNUNET_OK != GNUNET_NETWORK_socket_listen (nh, UNIX_BACKLOG))
{
fprintf (stderr, "listen failed for AF_UNIX\n");
return 1;
}
fh = GNUNET_NETWORK_get_fd (nh);
if (0 != chmod (serve_unixpath, unixpath_mode))
{
fprintf (stderr, "chmod failed: %s\n", strerror (errno));
return 1;
}
GNUNET_log (GNUNET_ERROR_TYPE_INFO, "set socket '%s' to mode %o\n", serve_unixpath, unixpath_mode);
mydaemon = MHD_start_daemon (MHD_USE_SELECT_INTERNALLY | MHD_USE_DEBUG,
0,
NULL, NULL,
&handle_mhd_request, NULL,
MHD_OPTION_LISTEN_SOCKET, fh,
MHD_OPTION_EXTERNAL_LOGGER, &handle_mhd_logs, NULL,
MHD_OPTION_NOTIFY_COMPLETED, &handle_mhd_completion_callback, NULL,
MHD_OPTION_CONNECTION_TIMEOUT, connection_timeout,
#if HAVE_DEVELOPER
MHD_OPTION_NOTIFY_CONNECTION, &connection_done, NULL,
MHD_OPTION_NOTIFY_CONNECTION, &connection_done, NULL,
#endif
MHD_OPTION_END);
MHD_OPTION_END);
GNUNET_NETWORK_socket_free_memory_only_ (nh);
}
else
{
// FIXME: refactor two calls to MHD_start_daemon
// into one, using an options array instead of varags
mydaemon = MHD_start_daemon (MHD_USE_SELECT_INTERNALLY | MHD_USE_DEBUG,
serve_port,
NULL, NULL,
&handle_mhd_request, NULL,
MHD_OPTION_EXTERNAL_LOGGER, &handle_mhd_logs, NULL,
MHD_OPTION_NOTIFY_COMPLETED, &handle_mhd_completion_callback, NULL,
MHD_OPTION_CONNECTION_TIMEOUT, connection_timeout,
#if HAVE_DEVELOPER
MHD_OPTION_NOTIFY_CONNECTION, &connection_done, NULL,
#endif
MHD_OPTION_END);
}
if (NULL == mydaemon)
{

3
src/exchange/taler-exchange-httpd_admin.c
View File

@ -54,6 +54,9 @@ check_permissions (struct MHD_Connection *connection)
addr = ci->client_addr;
switch (addr->sa_family)
{
case AF_UNIX:
/* We rely on file system permissions here */
return GNUNET_YES;
case AF_INET:
{
const struct sockaddr_in *sin = (const struct sockaddr_in *) addr;

2
src/wire/test_sepa_wireformat.c
View File

@ -77,7 +77,7 @@ main(int argc,
NULL);
cfg = GNUNET_CONFIGURATION_create ();
GNUNET_CONFIGURATION_set_value_string (cfg,
"exchange",
"taler",
"currency",
"EUR");
plugin = TALER_WIRE_plugin_load (cfg,