taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

switching /withdraw/sign from GET to POST

Browse Source
This commit is contained in:
Christian Grothoff 2015-03-29 14:17:52 +02:00
parent 3991cd1763
commit 42147c2501
6 changed files with 125 additions and 134 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
src/mint/taler-mint-httpd.c
View File

@ -137,54 +137,63 @@ handle_mhd_request (void *cls,
{ "/agpl", MHD_HTTP_METHOD_GET, "text/plain",
NULL, 0,
&TMH_MHD_handler_agpl_redirect, MHD_HTTP_FOUND },
{ "/keys", MHD_HTTP_METHOD_GET, "application/json",
NULL, 0,
&TMH_KS_handler_keys, MHD_HTTP_OK },
{ "/keys", NULL, "text/plain",
"Only GET is allowed", 0,
&TMH_MHD_handler_send_json_pack_error, MHD_HTTP_METHOD_NOT_ALLOWED },
{ "/withdraw/status", MHD_HTTP_METHOD_GET, "application/json",
NULL, 0,
&TMH_WITHDRAW_handler_withdraw_status, MHD_HTTP_OK },
{ "/withdraw/status", NULL, "text/plain",
"Only GET is allowed", 0,
&TMH_MHD_handler_send_json_pack_error, MHD_HTTP_METHOD_NOT_ALLOWED },
{ "/withdraw/sign", MHD_HTTP_METHOD_GET, "application/json",
{ "/withdraw/sign", MHD_HTTP_METHOD_POST, "application/json",
NULL, 0,
&TMH_WITHDRAW_handler_withdraw_sign, MHD_HTTP_OK },
{ "/withdraw/sign", NULL, "text/plain",
"Only GET is allowed", 0,
&TMH_MHD_handler_send_json_pack_error, MHD_HTTP_METHOD_NOT_ALLOWED },
{ "/refresh/melt", MHD_HTTP_METHOD_POST, "application/json",
NULL, 0,
&TMH_REFRESH_handler_refresh_melt, MHD_HTTP_OK },
{ "/refresh/melt", NULL, "text/plain",
"Only POST is allowed", 0,
&TMH_MHD_handler_send_json_pack_error, MHD_HTTP_METHOD_NOT_ALLOWED },
{ "/refresh/reveal", MHD_HTTP_METHOD_POST, "application/json",
NULL, 0,
&TMH_REFRESH_handler_refresh_melt, MHD_HTTP_OK },
{ "/refresh/reveal", NULL, "text/plain",
"Only POST is allowed", 0,
&TMH_MHD_handler_send_json_pack_error, MHD_HTTP_METHOD_NOT_ALLOWED },
{ "/refresh/link", MHD_HTTP_METHOD_GET, "application/json",
NULL, 0,
&TMH_REFRESH_handler_refresh_link, MHD_HTTP_OK },
{ "/refresh/link", NULL, "text/plain",
"Only GET is allowed", 0,
&TMH_MHD_handler_send_json_pack_error, MHD_HTTP_METHOD_NOT_ALLOWED },
{ "/refresh/reveal", MHD_HTTP_METHOD_GET, "application/json",
NULL, 0,
&TMH_REFRESH_handler_refresh_reveal, MHD_HTTP_OK },
{ "/refresh/reveal", NULL, "text/plain",
"Only GET is allowed", 0,
&TMH_MHD_handler_send_json_pack_error, MHD_HTTP_METHOD_NOT_ALLOWED },
{ "/deposit", MHD_HTTP_METHOD_POST, "application/json",
NULL, 0,
&TMH_DEPOSIT_handler_deposit, MHD_HTTP_OK },
{ "/deposit", NULL, "text/plain",
"Only POST is allowed", 0,
&TMH_MHD_handler_send_json_pack_error, MHD_HTTP_METHOD_NOT_ALLOWED },
{ "/refresh/melt", MHD_HTTP_METHOD_POST, "application/json",
NULL, 0,
&TMH_REFRESH_handler_refresh_melt, MHD_HTTP_OK },
{ "/refresh/melt", NULL, "text/plain",
"Only POST is allowed", 0,
&TMH_MHD_handler_send_json_pack_error, MHD_HTTP_METHOD_NOT_ALLOWED },
{ "/refresh/reveal", MHD_HTTP_METHOD_POST, "application/json",
NULL, 0,
&TMH_REFRESH_handler_refresh_melt, MHD_HTTP_OK },
{ "/refresh/reveal", NULL, "text/plain",
"Only POST is allowed", 0,
&TMH_MHD_handler_send_json_pack_error, MHD_HTTP_METHOD_NOT_ALLOWED },
{ "/refresh/reveal", MHD_HTTP_METHOD_POST, "application/json",
NULL, 0,
&TMH_REFRESH_handler_refresh_reveal, MHD_HTTP_OK },
{ "/refresh/reveal", NULL, "text/plain",
"Only POST is allowed", 0,
&TMH_MHD_handler_send_json_pack_error, MHD_HTTP_METHOD_NOT_ALLOWED },
{ "/refresh/link", MHD_HTTP_METHOD_GET, "application/json",
NULL, 0,
&TMH_REFRESH_handler_refresh_link, MHD_HTTP_OK },
{ "/refresh/link", NULL, "text/plain",
"Only GET is allowed", 0,
&TMH_MHD_handler_send_json_pack_error, MHD_HTTP_METHOD_NOT_ALLOWED },
{ NULL, NULL, NULL, NULL, 0, 0 }
};
static struct TMH_RequestHandler h404 =

4
src/mint/taler-mint-httpd_deposit.c
View File

@ -144,8 +144,8 @@ parse_and_handle_deposit_request (struct MHD_Connection *connection,
struct TALER_MINTDB_DenominationKeyIssueInformation *dki;
struct TMH_KS_StateHandle *ks;
struct TMH_PARSE_FieldSpecification spec[] = {
TMH_PARSE_MEMBER_RSA_PUBLIC_KEY ("denom_pub", &deposit.coin.denom_pub),
TMH_PARSE_MEMBER_RSA_SIGNATURE ("ubsig", &deposit.coin.denom_sig),
TMH_PARSE_MEMBER_DENOMINATION_PUBLIC_KEY ("denom_pub", &deposit.coin.denom_pub),
TMH_PARSE_MEMBER_DENOMINATION_SIGNATURE ("ubsig", &deposit.coin.denom_sig),
TMH_PARSE_MEMBER_FIXED ("coin_pub", &deposit.coin.coin_pub),
TMH_PARSE_MEMBER_FIXED ("merchant_pub", &deposit.merchant_pub),
TMH_PARSE_MEMBER_FIXED ("H_a", &deposit.h_contract),

52
src/mint/taler-mint-httpd_parsing.c
View File

@ -189,7 +189,7 @@ TMH_PARSE_post_json (struct MHD_Connection *connection,
GNUNET_free (r);
return (MHD_NO ==
TMH_RESPONSE_reply_internal_error (connection,
"out of memory"))
"out of memory"))
? GNUNET_SYSERR : GNUNET_NO;
}
/* everything OK, wait for more POST data */
@ -376,8 +376,8 @@ TMH_PARSE_mhd_request_var_arg_data (struct MHD_Connection *connection,
*/
int
TMH_PARSE_navigate_json (struct MHD_Connection *connection,
const json_t *root,
...)
const json_t *root,
...)
{
va_list argp;
int ret;
@ -555,13 +555,14 @@ TMH_PARSE_navigate_json (struct MHD_Connection *connection,
case TMH_PARSE_JNC_RET_RSA_PUBLIC_KEY:
{
void **where = va_arg (argp, void **);
struct TALER_DenominationPublicKey *where;
size_t len;
const char *str;
int res;
void *buf;
// FIXME: avoidable code duplication here...
where = va_arg (argp,
struct TALER_DenominationPublicKey *);
str = json_string_value (root);
if (NULL == str)
{
@ -596,10 +597,10 @@ TMH_PARSE_navigate_json (struct MHD_Connection *connection,
? GNUNET_NO : GNUNET_SYSERR;
break;
}
*where = GNUNET_CRYPTO_rsa_public_key_decode (buf,
len);
where->rsa_public_key = GNUNET_CRYPTO_rsa_public_key_decode (buf,
len);
GNUNET_free (buf);
if (NULL == *where)
if (NULL == where->rsa_public_key)
{
ret = (MHD_YES ==
TMH_RESPONSE_reply_json_pack (connection,
@ -618,13 +619,14 @@ TMH_PARSE_navigate_json (struct MHD_Connection *connection,
case TMH_PARSE_JNC_RET_RSA_SIGNATURE:
{
void **where = va_arg (argp, void **);
struct TALER_DenominationSignature *where;
size_t len;
const char *str;
int res;
void *buf;
// FIXME: avoidable code duplication here...
where = va_arg (argp,
struct TALER_DenominationSignature *);
str = json_string_value (root);
if (NULL == str)
{
@ -659,10 +661,10 @@ TMH_PARSE_navigate_json (struct MHD_Connection *connection,
? GNUNET_NO : GNUNET_SYSERR;
break;
}
*where = GNUNET_CRYPTO_rsa_signature_decode (buf,
len);
where->rsa_signature = GNUNET_CRYPTO_rsa_signature_decode (buf,
len);
GNUNET_free (buf);
if (NULL == *where)
if (NULL == where->rsa_signature)
{
ret = (MHD_YES ==
TMH_RESPONSE_reply_json_pack (connection,
@ -874,19 +876,27 @@ TMH_PARSE_release_data (struct TMH_PARSE_FieldSpecification *spec)
}
break;
case TMH_PARSE_JNC_RET_RSA_PUBLIC_KEY:
ptr = *(void **) spec[i].destination;
if (NULL != ptr)
{
GNUNET_CRYPTO_rsa_public_key_free (ptr);
*(void**) spec[i].destination = NULL;
struct TALER_DenominationPublicKey pk;
pk = *(struct TALER_DenominationPublicKey *) spec[i].destination;
if (NULL != pk.rsa_public_key)
{
GNUNET_CRYPTO_rsa_public_key_free (pk.rsa_public_key);
pk.rsa_public_key = NULL;
}
}
break;
case TMH_PARSE_JNC_RET_RSA_SIGNATURE:
ptr = *(void **) spec[i].destination;
if (NULL != ptr)
{
GNUNET_CRYPTO_rsa_signature_free (ptr);
*(void**) spec[i].destination = NULL;
struct TALER_DenominationSignature sig;
sig = *(struct TALER_DenominationSignature *) spec[i].destination;
if (NULL != sig.rsa_signature)
{
GNUNET_CRYPTO_rsa_signature_free (sig.rsa_signature);
sig.rsa_signature = NULL;
}
}
break;
case TMH_PARSE_JNC_RET_AMOUNT:

10
src/mint/taler-mint-httpd_parsing.h
View File

@ -1,6 +1,6 @@
/*
This file is part of TALER
Copyright (C) 2014 GNUnet e.V.
Copyright (C) 2014, 2015 GNUnet e.V.
TALER is free software; you can redistribute it and/or modify it under the
terms of the GNU Affero General Public License as published by the Free Software
@ -271,17 +271,17 @@ TMH_PARSE_release_data (struct TMH_PARSE_FieldSpecification *spec);
* Generate line in parser specification for RSA public key.
*
* @param field name of the field
* @param ptrpk address of `struct GNUNET_CRYPTO_rsa_PublicKey *` initialize
* @param ptrpk address of `struct TALER_DenominationPublicKey` initialize
*/
#define TMH_PARSE_MEMBER_RSA_PUBLIC_KEY(field,ptrpk) { field, ptrpk, 0, 0, TMH_PARSE_JNC_RET_RSA_PUBLIC_KEY, 0 }
#define TMH_PARSE_MEMBER_DENOMINATION_PUBLIC_KEY(field,ptrpk) { field, ptrpk, 0, 0, TMH_PARSE_JNC_RET_RSA_PUBLIC_KEY, 0 }
/**
* Generate line in parser specification for RSA public key.
*
* @param field name of the field
* @param ptrsig address of `struct GNUNET_CRYPTO_rsa_Signature *` initialize
* @param ptrsig address of `struct TALER_DenominationSignature *` initialize
*/
#define TMH_PARSE_MEMBER_RSA_SIGNATURE(field,ptrsig) { field, ptrsig, 0, 0, TMH_PARSE_JNC_RET_RSA_SIGNATURE, 0 }
#define TMH_PARSE_MEMBER_DENOMINATION_SIGNATURE(field,ptrsig) { field, ptrsig, 0, 0, TMH_PARSE_JNC_RET_RSA_SIGNATURE, 0 }
/**
* Generate line in parser specification for an amount.

42
src/mint/taler-mint-httpd_refresh.c
View File

@ -176,8 +176,8 @@ get_coin_public_info (struct MHD_Connection *connection,
struct TALER_Amount amount;
struct TMH_PARSE_FieldSpecification spec[] = {
TMH_PARSE_MEMBER_FIXED ("coin_pub", &r_melt_detail->coin_info.coin_pub),
TMH_PARSE_MEMBER_RSA_SIGNATURE ("denom_sig", &sig.rsa_signature),
TMH_PARSE_MEMBER_RSA_PUBLIC_KEY ("denom_pub", &pk.rsa_public_key),
TMH_PARSE_MEMBER_DENOMINATION_SIGNATURE ("denom_sig", &sig.rsa_signature),
TMH_PARSE_MEMBER_DENOMINATION_PUBLIC_KEY ("denom_pub", &pk.rsa_public_key),
TMH_PARSE_MEMBER_FIXED ("confirm_sig", &melt_sig),
TMH_PARSE_MEMBER_AMOUNT ("value_with_fee", &amount),
TMH_PARSE_MEMBER_END
@ -396,10 +396,10 @@ handle_refresh_melt_json (struct MHD_Connection *connection,
size_t buf_size;
res = TMH_PARSE_navigate_json (connection,
new_denoms,
TMH_PARSE_JNC_INDEX, (int) i,
TMH_PARSE_JNC_RET_RSA_PUBLIC_KEY,
&denom_pubs[i].rsa_public_key);
new_denoms,
TMH_PARSE_JNC_INDEX, (int) i,
TMH_PARSE_JNC_RET_RSA_PUBLIC_KEY,
&denom_pubs[i].rsa_public_key);
if (GNUNET_OK != res)
{
for (j=0;j<i;j++)
@ -413,7 +413,7 @@ handle_refresh_melt_json (struct MHD_Connection *connection,
buf,
buf_size);
GNUNET_free (buf);
}
}
coin_count = json_array_size (melt_coins);
coin_melt_details = GNUNET_malloc (coin_count *
@ -674,10 +674,10 @@ TMH_REFRESH_handler_refresh_melt (struct TMH_RequestHandler *rh,
};
res = TMH_PARSE_post_json (connection,
connection_cls,
upload_data,
upload_data_size,
&root);
connection_cls,
upload_data,
upload_data_size,
&root);
if (GNUNET_SYSERR == res)
return MHD_NO;
if ( (GNUNET_NO == res) || (NULL == root) )
@ -838,10 +838,10 @@ TMH_REFRESH_handler_refresh_reveal (struct TMH_RequestHandler *rh,
};
res = TMH_PARSE_post_json (connection,
connection_cls,
upload_data,
upload_data_size,
&root);
connection_cls,
upload_data,
upload_data_size,
&root);
if (GNUNET_SYSERR == res)
return MHD_NO;
if ( (GNUNET_NO == res) || (NULL == root) )
@ -884,7 +884,8 @@ TMH_REFRESH_handler_refresh_reveal (struct TMH_RequestHandler *rh,
/**
* Handle a "/refresh/link" request
* Handle a "/refresh/link" request. Note that for "/refresh/link"
* we do use a simple HTTP GET, and a HTTP POST!
*
* @param rh context of the handler
* @param connection the MHD connection to handle
@ -904,16 +905,15 @@ TMH_REFRESH_handler_refresh_link (struct TMH_RequestHandler *rh,
int res;
res = TMH_PARSE_mhd_request_arg_data (connection,
"coin_pub",
&coin_pub,
sizeof (union TALER_CoinSpendPublicKeyP));
"coin_pub",
&coin_pub,
sizeof (union TALER_CoinSpendPublicKeyP));
if (GNUNET_SYSERR == res)
return MHD_NO;
if (GNUNET_OK != res)
return MHD_YES;
return TMH_DB_execute_refresh_link (connection,
&coin_pub);
&coin_pub);
}

92
src/mint/taler-mint-httpd_withdraw.c
View File

@ -88,12 +88,11 @@ TMH_WITHDRAW_handler_withdraw_sign (struct TMH_RequestHandler *rh,
const char *upload_data,
size_t *upload_data_size)
{
json_t *root;
struct TALER_WithdrawRequestPS wsrd;
int res;
struct TALER_DenominationPublicKey denomination_pub;
char *denomination_pub_data;
size_t denomination_pub_data_size;
char *blinded_msg;
const char *blinded_msg;
size_t blinded_msg_len;
struct TALER_Amount amount;
struct TALER_Amount amount_with_fee;
@ -102,53 +101,37 @@ TMH_WITHDRAW_handler_withdraw_sign (struct TMH_RequestHandler *rh,
struct TALER_MINTDB_DenominationKeyIssueInformation *dki;
struct TMH_KS_StateHandle *ks;
res = TMH_PARSE_mhd_request_arg_data (connection,
"reserve_pub",
&wsrd.reserve_pub,
sizeof (struct TALER_ReservePublicKeyP));
struct TMH_PARSE_FieldSpecification spec[] = {
TMH_PARSE_MEMBER_VARIABLE ("coin_ev"),
TMH_PARSE_MEMBER_FIXED ("reserve_pub", &wsrd.reserve_pub),
TMH_PARSE_MEMBER_FIXED ("reserve_sig", &signature),
TMH_PARSE_MEMBER_DENOMINATION_PUBLIC_KEY ("denom_pub", &denomination_pub),
TMH_PARSE_MEMBER_END
};
res = TMH_PARSE_post_json (connection,
connection_cls,
upload_data,
upload_data_size,
&root);
if (GNUNET_SYSERR == res)
return MHD_NO; /* internal error */
if (GNUNET_NO == res)
return MHD_YES; /* invalid request */
res = TMH_PARSE_mhd_request_arg_data (connection,
"reserve_sig",
&signature,
sizeof (struct TALER_ReserveSignatureP));
if (GNUNET_SYSERR == res)
return MHD_NO; /* internal error */
if (GNUNET_NO == res)
return MHD_YES; /* invalid request */
res = TMH_PARSE_mhd_request_var_arg_data (connection,
"denom_pub",
(void **) &denomination_pub_data,
&denomination_pub_data_size);
if (GNUNET_SYSERR == res)
return MHD_NO; /* internal error */
if (GNUNET_NO == res)
return MHD_YES; /* invalid request */
res = TMH_PARSE_mhd_request_var_arg_data (connection,
"coin_ev",
(void **) &blinded_msg,
&blinded_msg_len);
if (GNUNET_SYSERR == res)
{
GNUNET_free (denomination_pub_data);
return MHD_NO; /* internal error */
}
if (GNUNET_NO == res)
{
GNUNET_free (denomination_pub_data);
return MHD_YES; /* invalid request */
}
denomination_pub.rsa_public_key
= GNUNET_CRYPTO_rsa_public_key_decode (denomination_pub_data,
denomination_pub_data_size);
return MHD_NO;
if ( (GNUNET_NO == res) || (NULL == root) )
return MHD_YES;
res = TMH_PARSE_json_data (connection,
root,
spec);
json_decref (root);
if (GNUNET_OK != res)
return (GNUNET_SYSERR == res) ? MHD_NO : MHD_YES;
blinded_msg = spec[0].destination;
blinded_msg_len = spec[0].destination_size_out;
ks = TMH_KS_acquire ();
dki = TMH_KS_denomination_key_lookup (ks,
&denomination_pub);
if (NULL == dki)
{
GNUNET_free (denomination_pub_data);
TMH_PARSE_release_data (spec);
return TMH_RESPONSE_reply_arg_invalid (connection,
"denom_pub");
}
@ -168,9 +151,9 @@ TMH_WITHDRAW_handler_withdraw_sign (struct TMH_RequestHandler *rh,
/* verify signature! */
wsrd.purpose.size = htonl (sizeof (struct TALER_WithdrawRequestPS));
wsrd.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW);
GNUNET_CRYPTO_hash (denomination_pub_data,
denomination_pub_data_size,
&wsrd.h_denomination_pub);
GNUNET_CRYPTO_rsa_public_key_hash (denomination_pub.rsa_public_key,
&wsrd.h_denomination_pub);
GNUNET_CRYPTO_hash (blinded_msg,
blinded_msg_len,
&wsrd.h_coin_envelope);
@ -181,28 +164,17 @@ TMH_WITHDRAW_handler_withdraw_sign (struct TMH_RequestHandler *rh,
&wsrd.reserve_pub.eddsa_pub))
{
TALER_LOG_WARNING ("Client supplied invalid signature for /withdraw/sign request\n");
GNUNET_free (denomination_pub_data);
GNUNET_free (blinded_msg);
GNUNET_CRYPTO_rsa_public_key_free (denomination_pub.rsa_public_key);
TMH_PARSE_release_data (spec);
return TMH_RESPONSE_reply_arg_invalid (connection,
"reserve_sig");
}
GNUNET_free (denomination_pub_data);
if (NULL == denomination_pub.rsa_public_key)
{
TALER_LOG_WARNING ("Client supplied ill-formed denomination public key for /withdraw/sign request\n");
GNUNET_free (blinded_msg);
return TMH_RESPONSE_reply_arg_invalid (connection,
"denom_pub");
}
res = TMH_DB_execute_withdraw_sign (connection,
&wsrd.reserve_pub,
&denomination_pub,
blinded_msg,
blinded_msg_len,
&signature);
GNUNET_free (blinded_msg);
GNUNET_CRYPTO_rsa_public_key_free (denomination_pub.rsa_public_key);
TMH_PARSE_release_data (spec);
return res;
}