taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge branch 'master' of ssh://taler.net:/var/git/exchange into HEAD

Browse Source
This commit is contained in:
Christian Grothoff 2016-04-28 22:07:04 +02:00
commit 2c3dc44a20
4 changed files with 218 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/exchange/exchange.conf
View File

@ -11,6 +11,14 @@ KEYDIR = ${TALER_DATA_HOME}/exchange/live-keys/
# the actual coin operations. # the actual coin operations.
# WIREFORMAT = test # WIREFORMAT = test
# serve via tcp socket (on PORT)
SERVE = tcp
# Unix domain socket to listen on,
# only effective with "SERVE = unix"
UNIXPATH = ${TALER_RUNTIME_DIR}/exchange.http
UNIXPATH_MODE = 660
# HTTP port the exchange listens to # HTTP port the exchange listens to
# PORT = 8081 # PORT = 8081
@ -25,3 +33,4 @@ DB = postgres
# Where do we store the offline master private key of the exchange? # Where do we store the offline master private key of the exchange?
MASTER_PRIV_FILE = ${TALER_DATA_HOME}/exchange/offline-keys/master.priv MASTER_PRIV_FILE = ${TALER_DATA_HOME}/exchange/offline-keys/master.priv

235
src/exchange/taler-exchange-httpd.c
View File

@ -42,6 +42,13 @@
#include "taler_exchangedb_plugin.h" #include "taler_exchangedb_plugin.h"
#include "taler-exchange-httpd_validation.h" #include "taler-exchange-httpd_validation.h"
/**
* Backlog for listen operation on unix
* domain sockets.
*/
#define UNIX_BACKLOG 500
/** /**
* Which currency is used by this exchange? * Which currency is used by this exchange?
*/ */
@ -93,6 +100,17 @@ static struct MHD_Daemon *mydaemon;
*/ */
static uint16_t serve_port; static uint16_t serve_port;
/**
* Path for the unix domain-socket
* to run the daemon on.
*/
static char *serve_unixpath;
/**
* File mode for unix-domain socket.
*/
static mode_t unixpath_mode;
/** /**
* Function called whenever MHD is done with a request. If the * Function called whenever MHD is done with a request. If the
@ -453,30 +471,114 @@ exchange_serve_process_config ()
GNUNET_YES); GNUNET_YES);
} }
if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_number (cfg,
"exchange",
"port",
&port))
{ {
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, const char *choices[] = {"tcp", "unix"};
"exchange", const char *serve_type;
"port",
"port number required"); if (GNUNET_OK !=
TMH_VALIDATION_done (); GNUNET_CONFIGURATION_get_value_choice (cfg,
return GNUNET_SYSERR; "exchange",
"serve",
choices,
&serve_type))
{
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
"exchange",
"serve",
"serve type required");
TMH_VALIDATION_done ();
return GNUNET_SYSERR;
}
if (0 == strcmp (serve_type, "tcp"))
{
if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_number (cfg,
"exchange",
"port",
&port))
{
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
"exchange",
"port",
"port number required");
TMH_VALIDATION_done ();
return GNUNET_SYSERR;
}
if ( (0 == port) ||
(port > UINT16_MAX) )
{
fprintf (stderr,
"Invalid configuration (value out of range): %llu is not a valid port\n",
port);
TMH_VALIDATION_done ();
return GNUNET_SYSERR;
}
serve_port = (uint16_t) port;
}
else if (0 == strcmp (serve_type, "unix"))
{
struct sockaddr_un s_un;
char *modestring;
if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_filename (cfg,
"exchange",
"unixpath",
&serve_unixpath))
{
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
"exchange",
"unixpath",
"unixpath required");
TMH_VALIDATION_done ();
return GNUNET_SYSERR;
}
if (strlen (serve_unixpath) >= sizeof (s_un.sun_path))
{
fprintf (stderr,
"Invalid configuration: unix path too long\n");
TMH_VALIDATION_done ();
return GNUNET_SYSERR;
}
if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_string (cfg,
"exchange",
"unixpath_mode",
&modestring))
{
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
"exchange",
"unixpath_mode",
"unixpath_mode required");
TMH_VALIDATION_done ();
return GNUNET_SYSERR;
}
errno = 0;
unixpath_mode = (mode_t) strtoul (modestring, NULL, 8);
if (0 != errno)
{
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
"exchange",
"unixpath_mode",
"unixpath_mode required");
TMH_VALIDATION_done ();
GNUNET_free (modestring);
return GNUNET_SYSERR;
}
GNUNET_free (modestring);
}
else
{
// not reached
GNUNET_assert (0);
}
} }
if ( (0 == port) ||
(port > UINT16_MAX) )
{
fprintf (stderr,
"Invalid configuration (value out of range): %llu is not a valid port\n",
port);
TMH_VALIDATION_done ();
return GNUNET_SYSERR;
}
serve_port = (uint16_t) port;
return GNUNET_OK; return GNUNET_OK;
} }
@ -673,17 +775,90 @@ main (int argc,
exchange_serve_process_config ()) exchange_serve_process_config ())
return 1; return 1;
mydaemon = MHD_start_daemon (MHD_USE_SELECT_INTERNALLY | MHD_USE_DEBUG, if (NULL != serve_unixpath)
serve_port, {
NULL, NULL, struct GNUNET_NETWORK_Handle *nh;
&handle_mhd_request, NULL, struct sockaddr_un *un;
MHD_OPTION_EXTERNAL_LOGGER, &handle_mhd_logs, NULL, int fh;
MHD_OPTION_NOTIFY_COMPLETED, &handle_mhd_completion_callback, NULL,
MHD_OPTION_CONNECTION_TIMEOUT, connection_timeout, if (sizeof (un->sun_path) <= strlen (serve_unixpath))
{
fprintf (stderr, "unixpath too long\n");
return 1;
}
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Creating listen socket '%s' with mode %o\n",
serve_unixpath, unixpath_mode);
if (GNUNET_OK != GNUNET_DISK_directory_create_for_file (serve_unixpath))
{
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
"mkdir",
serve_unixpath);
}
un = GNUNET_new (struct sockaddr_un);
un->sun_family = AF_UNIX;
strncpy (un->sun_path, serve_unixpath, sizeof (un->sun_path) - 1);
GNUNET_NETWORK_unix_precheck (un);
if (NULL == (nh = GNUNET_NETWORK_socket_create (AF_UNIX, SOCK_STREAM, 0)))
{
fprintf (stderr, "create failed for AF_UNIX\n");
return 1;
}
if (GNUNET_OK != GNUNET_NETWORK_socket_bind (nh, (void *) un, sizeof (struct sockaddr_un)))
{
fprintf (stderr, "bind failed for AF_UNIX\n");
return 1;
}
if (GNUNET_OK != GNUNET_NETWORK_socket_listen (nh, UNIX_BACKLOG))
{
fprintf (stderr, "listen failed for AF_UNIX\n");
return 1;
}
fh = GNUNET_NETWORK_get_fd (nh);
if (0 != chmod (serve_unixpath, unixpath_mode))
{
fprintf (stderr, "chmod failed: %s\n", strerror (errno));
return 1;
}
GNUNET_log (GNUNET_ERROR_TYPE_INFO, "set socket '%s' to mode %o\n", serve_unixpath, unixpath_mode);
mydaemon = MHD_start_daemon (MHD_USE_SELECT_INTERNALLY | MHD_USE_DEBUG,
0,
NULL, NULL,
&handle_mhd_request, NULL,
MHD_OPTION_LISTEN_SOCKET, fh,
MHD_OPTION_EXTERNAL_LOGGER, &handle_mhd_logs, NULL,
MHD_OPTION_NOTIFY_COMPLETED, &handle_mhd_completion_callback, NULL,
MHD_OPTION_CONNECTION_TIMEOUT, connection_timeout,
#if HAVE_DEVELOPER #if HAVE_DEVELOPER
MHD_OPTION_NOTIFY_CONNECTION, &connection_done, NULL, MHD_OPTION_NOTIFY_CONNECTION, &connection_done, NULL,
#endif #endif
MHD_OPTION_END); MHD_OPTION_END);
GNUNET_NETWORK_socket_free_memory_only_ (nh);
}
else
{
// FIXME: refactor two calls to MHD_start_daemon
// into one, using an options array instead of varags
mydaemon = MHD_start_daemon (MHD_USE_SELECT_INTERNALLY | MHD_USE_DEBUG,
serve_port,
NULL, NULL,
&handle_mhd_request, NULL,
MHD_OPTION_EXTERNAL_LOGGER, &handle_mhd_logs, NULL,
MHD_OPTION_NOTIFY_COMPLETED, &handle_mhd_completion_callback, NULL,
MHD_OPTION_CONNECTION_TIMEOUT, connection_timeout,
#if HAVE_DEVELOPER
MHD_OPTION_NOTIFY_CONNECTION, &connection_done, NULL,
#endif
MHD_OPTION_END);
}
if (NULL == mydaemon) if (NULL == mydaemon)
{ {

3
src/exchange/taler-exchange-httpd_admin.c
View File

@ -54,6 +54,9 @@ check_permissions (struct MHD_Connection *connection)
addr = ci->client_addr; addr = ci->client_addr;
switch (addr->sa_family) switch (addr->sa_family)
{ {
case AF_UNIX:
/* We rely on file system permissions here */
return GNUNET_YES;
case AF_INET: case AF_INET:
{ {
const struct sockaddr_in *sin = (const struct sockaddr_in *) addr; const struct sockaddr_in *sin = (const struct sockaddr_in *) addr;

2
src/wire/test_sepa_wireformat.c
View File

@ -77,7 +77,7 @@ main(int argc,
NULL); NULL);
cfg = GNUNET_CONFIGURATION_create (); cfg = GNUNET_CONFIGURATION_create ();
GNUNET_CONFIGURATION_set_value_string (cfg, GNUNET_CONFIGURATION_set_value_string (cfg,
"exchange", "taler",
"currency", "currency",
"EUR"); "EUR");
plugin = TALER_WIRE_plugin_load (cfg, plugin = TALER_WIRE_plugin_load (cfg,