pre-pull merging

2019-03-11 02:56:05 +01:00 · 2019-03-11 02:56:05 +01:00 · 82ce84fe67
commit 82ce84fe67
parent c3b9ebc1ef 4405438d9c
2 changed files with 29 additions and 11 deletions
--- a/doc/taler-exchange.texi
+++ b/doc/taler-exchange.texi
@ -472,14 +472,17 @@ ENABLE for each account whether it should be used, and for what
 [account-1]
 URL = "payto://sepa/CH9300762011623852957"
 WIRE_RESPONSE = $@{TALER_CONFIG_HOME@}/account-1.json
-PLUGIN = ebics
+
+# Currently, only the 'taler_bank' plugin is implemented.
+PLUGIN = <plugin_name_here>

 # Use for exchange-aggregator (outgoing transfers)
 ENABLE_DEBIT = YES
 # Use for exchange-wirewatch (and listed in /wire)
 ENABLE_CREDIT = YES

-# ... add authentication options here
+# Authentication options for the chosen plugin go here.
+# (Next sections have examples of authentication mechanisms)
@end example

 The command line tool @cite{taler-exchange-wire} is used to create
@ -509,9 +512,7 @@ requests.

 The @code{taler_bank} plugin implements the wire method ``x-taler-bank''.

-The format of the @code{payto://} URL is @code{payto://x-taler-bank/HOSTNAME:PORT},
-possibly followed by other parameters like the amount and wire transfer subject
-as per the @code{payto://} standard.
+The format of the @code{payto://} URL is @code{payto://x-taler-bank/HOSTNAME[:PORT]}.

 For basic authentication, the @code{taler_bank} plugin only supports
 simple password-based authentication.  For this, the configuration
@ -520,8 +521,14 @@ account at the bank.

@setsyntax ini
@example
-[account-2]
-URL = "payto://test/localhost:8080"
+[account-1]
+
+# Bank account details here..
+# ..
+
+# Authentication options for the taler_bank plugin below:
+
+TALER_BANK_AUTH_METHOD = basic
 USERNAME = exchange
 PASSWORD = super-secure
@end example
--- a/src/exchange/taler-exchange-httpd_keystate.c
+++ b/src/exchange/taler-exchange-httpd_keystate.c
@ -783,16 +783,27 @@ revocations_iter (void *cls,
 	      GNUNET_h2s (denom_hash));
  dki = GNUNET_CONTAINER_multihashmap_get (key_state->denomkey_map,
 					   denom_hash);
-  if (NULL == dki)
+  // FIXME: what do we do if dki is not known?
+  // especially what if we have neither private key NOR
+  // DB entry? (maybe ancient revocation? should we ignore it?)
+  if (NULL != dki)
  {
    GNUNET_assert (GNUNET_YES ==
 		   GNUNET_CONTAINER_multihashmap_remove (key_state->denomkey_map,
 							 denom_hash,
 							 dki));
-    res = store_in_map (key_state->revoked_map,
-			dki);
-    if (GNUNET_NO == res)
+    if (GNUNET_NO ==
+	GNUNET_CONTAINER_multihashmap_put (key_state->revoked_map,
+                                           &dki->issue.properties.denom_hash,
+                                           dki,
+                                           GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY))
+    {
+      /* revocation file must exist twice, keep only one of the dkis */
+      GNUNET_CRYPTO_rsa_private_key_free (dki->denom_priv.rsa_private_key);
+      GNUNET_CRYPTO_rsa_public_key_free (dki->denom_pub.rsa_public_key);
+      GNUNET_free (dki);
      return GNUNET_OK;
+    }
  }
  /* Try to insert DKI into DB until we succeed; note that if the DB
     failure is persistent, we need to die, as we cannot continue