[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-merchant] branch master updated: -indent
|
From: |
gnunet |
|
Subject: |
[taler-merchant] branch master updated: -indent |
|
Date: |
Wed, 14 Apr 2021 13:43:48 +0200 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository merchant.
The following commit(s) were added to refs/heads/master by this push:
new 9fe33185 -indent
9fe33185 is described below
commit 9fe3318563f3ca02147b80d66f8f49e1f7d04353
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Wed Apr 14 13:43:45 2021 +0200
-indent
---
src/backend/taler-merchant-httpd_exchanges.c | 6 +-
src/testing/test_key_rotation.conf | 197 ++++++++++++++++++
src/testing/test_key_rotation.sh | 294 +++++++++++++++++++++++++++
3 files changed, 495 insertions(+), 2 deletions(-)
diff --git a/src/backend/taler-merchant-httpd_exchanges.c
b/src/backend/taler-merchant-httpd_exchanges.c
index 06c4ab91..b4bc1b63 100644
--- a/src/backend/taler-merchant-httpd_exchanges.c
+++ b/src/backend/taler-merchant-httpd_exchanges.c
@@ -364,10 +364,12 @@ process_wire_fees (struct Exchange *exchange,
while ( (NULL != endp) &&
(NULL != endp->next) )
endp = endp->next;
- while ( (NULL != endp) && (NULL != fees) &&
+ while ( (NULL != endp) &&
+ (NULL != fees) &&
(fees->start_date.abs_value_us < endp->end_date.abs_value_us) )
fees = fees->next;
- if ( (NULL != endp) && (NULL != fees) &&
+ if ( (NULL != endp) &&
+ (NULL != fees) &&
(fees->start_date.abs_value_us != endp->end_date.abs_value_us) )
{
/* Hole in the fee structure, not allowed! */
diff --git a/src/testing/test_key_rotation.conf
b/src/testing/test_key_rotation.conf
new file mode 100644
index 00000000..d6eaaad4
--- /dev/null
+++ b/src/testing/test_key_rotation.conf
@@ -0,0 +1,197 @@
+[PATHS]
+TALER_HOME = ${PWD}/test_rotation_home/
+TALER_DATA_HOME = $TALER_HOME/.local/share/taler/
+TALER_CONFIG_HOME = $TALER_HOME/.config/taler/
+TALER_CACHE_HOME = $TALER_HOME/.cache/taler/
+TALER_RUNTIME_DIR = ${TMPDIR:-${TMP:-/tmp}}/taler-system-runtime/
+
+[taler]
+CURRENCY = TESTKUDOS
+CURRENCY_ROUND_UNIT = TESTKUDOS:0.01
+
+[exchange]
+MAX_KEYS_CACHING = forever
+DB = postgres
+MASTER_PRIV_FILE = ${TALER_DATA_HOME}/exchange/offline-keys/master.priv
+SERVE = tcp
+UNIXPATH = ${TALER_RUNTIME_DIR}/exchange.http
+UNIXPATH_MODE = 660
+PORT = 8081
+BASE_URL = http://localhost:8081/
+SIGNKEY_DURATION = 2 s
+SIGNKEY_LEGAL_DURATION = 15 m
+KEYDIR = ${TALER_DATA_HOME}/exchange/live-keys/
+REVOCATION_DIR = ${TALER_DATA_HOME}/exchange/revocations/
+TERMS_ETAG = 0
+PRIVACY_ETAG = 0
+
+[taler-exchange-secmod-eddsa]
+OVERLAP_DURATION = 1 s
+KEY_DIR = ${TALER_DATA_HOME}/crypto-eddsa/
+UNIXPATH = $TALER_RUNTIME_DIR/taler-exchange-secmod-eddsa.sock
+SM_PRIV_KEY = ${TALER_DATA_HOME}/taler-exchange-secmod-eddsa/.private-key
+LOOKAHEAD_SIGN = 15 s
+DURATION = 2 s
+
+[taler-exchange-secmod-rsa]
+OVERLAP_DURATION = 1 s
+KEY_DIR = ${TALER_DATA_HOME}/crypto-rsa/
+UNIXPATH = $TALER_RUNTIME_DIR/taler-exchange-secmod-rsa.sock
+SM_PRIV_KEY = ${TALER_DATA_HOME}/taler-exchange-secmod-rsa/.private-key
+LOOKAHEAD_SIGN = 15 s
+
+
+[merchant]
+SERVE = tcp
+PORT = 9966
+UNIXPATH = ${TALER_RUNTIME_DIR}/merchant.http
+UNIXPATH_MODE = 660
+DEFAULT_WIRE_FEE_AMORTIZATION = 1
+DB = postgres
+WIREFORMAT = default
+# Set very low, so we can be sure that the database generated
+# will contain wire transfers "ready" for the aggregator.
+WIRE_TRANSFER_DELAY = 1 minute
+DEFAULT_PAY_DEADLINE = 1 day
+DEFAULT_MAX_DEPOSIT_FEE = TESTKUDOS:0.1
+KEYFILE = ${TALER_DATA_HOME}/merchant/merchant.priv
+DEFAULT_MAX_WIRE_FEE = TESTKUDOS:0.10
+
+# Ensure that merchant reports EVERY deposit confirmation to auditor
+FORCE_AUDIT = YES
+
+[auditor]
+DB = postgres
+AUDITOR_PRIV_FILE = ${TALER_DATA_HOME}/auditor/offline-keys/auditor.priv
+SERVE = tcp
+UNIXPATH = ${TALER_RUNTIME_DIR}/exchange.http
+UNIXPATH_MODE = 660
+PORT = 8083
+AUDITOR_URL = http://localhost:8083/
+TINY_AMOUNT = TESTKUDOS:0.01
+AUDITOR_PRIV_FILE = ${TALER_DATA_HOME}/auditor/offline-keys/auditor.priv
+BASE_URL = "http://localhost:8083/";
+
+[bank]
+DATABASE = postgres:///taler-auditor-basedb
+MAX_DEBT = TESTKUDOS:50.0
+MAX_DEBT_BANK = TESTKUDOS:100000.0
+HTTP_PORT = 8082
+SUGGESTED_EXCHANGE = http://localhost:8081/
+SUGGESTED_EXCHANGE_PAYTO = payto://x-taler-bank/localhost/2
+ALLOW_REGISTRATIONS = YES
+SERVE = http
+
+[exchangedb]
+IDLE_RESERVE_EXPIRATION_TIME = 4 weeks
+LEGAL_RESERVE_EXPIRATION_TIME = 7 years
+
+[exchange-account-1]
+PAYTO_URI = payto://x-taler-bank/localhost/Exchange
+enable_debit = yes
+enable_credit = yes
+WIRE_GATEWAY_URL = "http://localhost:8082/taler-wire-gateway/Exchange/";
+WIRE_GATEWAY_AUTH_METHOD = basic
+USERNAME = Exchange
+PASSWORD = x
+
+[merchant-exchange-default]
+EXCHANGE_BASE_URL = http://localhost:8081/
+CURRENCY = TESTKUDOS
+
+[payments-generator]
+currency = TESTKUDOS
+instance = default
+bank = http://localhost:8082/
+merchant = http://localhost:9966/
+exchange_admin = http://localhost:18080/
+exchange-admin = http://localhost:18080/
+exchange = http://localhost:8081/
+
+[coin_kudos_ct_1]
+value = TESTKUDOS:0.01
+duration_withdraw = 2 s
+duration_spend = 5 m
+duration_legal = 15 m
+fee_withdraw = TESTKUDOS:0.01
+fee_deposit = TESTKUDOS:0.01
+fee_refresh = TESTKUDOS:0.01
+fee_refund = TESTKUDOS:0.01
+rsa_keysize = 1024
+
+[coin_kudos_ct_10]
+value = TESTKUDOS:0.10
+duration_withdraw = 2 s
+duration_spend = 5 m
+duration_legal = 15 m
+fee_withdraw = TESTKUDOS:0.01
+fee_deposit = TESTKUDOS:0.01
+fee_refresh = TESTKUDOS:0.03
+fee_refund = TESTKUDOS:0.01
+rsa_keysize = 1024
+
+[coin_kudos_1]
+value = TESTKUDOS:1
+duration_withdraw = 2 s
+duration_spend = 5 m
+duration_legal = 15 m
+fee_withdraw = TESTKUDOS:0.02
+fee_deposit = TESTKUDOS:0.02
+fee_refresh = TESTKUDOS:0.03
+fee_refund = TESTKUDOS:0.01
+rsa_keysize = 1024
+
+[coin_kudos_2]
+value = TESTKUDOS:2
+duration_withdraw = 2 s
+duration_spend = 5 m
+duration_legal = 15 m
+fee_withdraw = TESTKUDOS:0.03
+fee_deposit = TESTKUDOS:0.03
+fee_refresh = TESTKUDOS:0.04
+fee_refund = TESTKUDOS:0.02
+rsa_keysize = 1024
+
+[coin_kudos_4]
+value = TESTKUDOS:4
+duration_withdraw = 2 s
+duration_spend = 5 m
+duration_legal = 15 m
+fee_withdraw = TESTKUDOS:0.03
+fee_deposit = TESTKUDOS:0.03
+fee_refresh = TESTKUDOS:0.04
+fee_refund = TESTKUDOS:0.02
+rsa_keysize = 1024
+
+[coin_kudos_5]
+value = TESTKUDOS:5
+duration_withdraw = 2 s
+duration_spend = 5 m
+duration_legal = 15 m
+fee_withdraw = TESTKUDOS:0.01
+fee_deposit = TESTKUDOS:0.01
+fee_refresh = TESTKUDOS:0.03
+fee_refund = TESTKUDOS:0.01
+rsa_keysize = 1024
+
+[coin_kudos_8]
+value = TESTKUDOS:8
+duration_withdraw = 2 s
+duration_spend = 5 m
+duration_legal = 15 m
+fee_withdraw = TESTKUDOS:0.05
+fee_deposit = TESTKUDOS:0.02
+fee_refresh = TESTKUDOS:0.03
+fee_refund = TESTKUDOS:0.04
+rsa_keysize = 1024
+
+[coin_kudos_10]
+value = TESTKUDOS:10
+duration_withdraw = 2 s
+duration_spend = 5 m
+duration_legal = 15 m
+fee_withdraw = TESTKUDOS:0.01
+fee_deposit = TESTKUDOS:0.01
+fee_refresh = TESTKUDOS:0.03
+fee_refund = TESTKUDOS:0.01
+rsa_keysize = 1024
diff --git a/src/testing/test_key_rotation.sh b/src/testing/test_key_rotation.sh
new file mode 100755
index 00000000..73e55120
--- /dev/null
+++ b/src/testing/test_key_rotation.sh
@@ -0,0 +1,294 @@
+#!/bin/bash
+# This file is in the public domain.
+## Coloring style Text shell script
+COLOR='\033[0;35m'
+NOCOLOR='\033[0m'
+BOLD="$(tput bold)"
+NORM="$(tput sgr0)"
+
+set -eu
+
+# Exit, with status code "skip" (no 'real' failure)
+function exit_skip() {
+ echo " SKIP: $1"
+ exit 77
+}
+
+# Exit, with error message (hard failure)
+function exit_fail() {
+ echo " FAIL: $1"
+ exit 1
+}
+
+# Cleanup to run whenever we exit
+function cleanup()
+{
+ for n in `jobs -p`
+ do
+ kill $n 2> /dev/null || true
+ done
+ rm -rf $CONF $WALLET_DB $TMP_DIR
+ wait
+}
+
+# Exchange configuration file will be edited, so we create one
+# from the template.
+CONF=`mktemp test_templateXXXXXX.conf`
+cp test_key_rotation.conf $CONF
+
+TMP_DIR=`mktemp -d keys-tmp-XXXXXX`
+WALLET_DB=`mktemp test_walletXXXXXX.json`
+
+# Install cleanup handler (except for kill -9)
+trap cleanup EXIT
+
+# Check we can actually run
+echo -n "Testing for jq"
+jq -h > /dev/null || exit_skip "jq required"
+echo " FOUND"
+echo -n "Testing for anastasis-reducer ..."
+anastasis-reducer -h > /dev/null || exit_skip "anastasis-reducer required"
+echo " FOUND"
+
+echo -n "Testing for taler"
+taler-exchange-httpd -h > /dev/null || exit_skip " taler-exchange required"
+taler-merchant-httpd -h > /dev/null || exit_skip " taler-merchant required"
+echo " FOUND"
+
+echo -n "Testing for taler-bank-manage"
+taler-bank-manage --help >/dev/null </dev/null || exit_skip " MISSING"
+echo " FOUND"
+echo -n "Testing for taler-wallet-cli"
+taler-wallet-cli -v >/dev/null </dev/null || exit_skip " MISSING"
+echo " FOUND"
+
+echo -n "Generating Taler auditor, exchange and merchant configurations ..."
+
+DATA_DIR=`taler-config -f -c $CONF -s PATHS -o TALER_HOME`
+rm -rf $DATA_DIR
+
+# obtain key configuration data
+MASTER_PRIV_FILE=`taler-config -f -c $CONF -s EXCHANGE -o MASTER_PRIV_FILE`
+MASTER_PRIV_DIR=`dirname $MASTER_PRIV_FILE`
+mkdir -p $MASTER_PRIV_DIR
+gnunet-ecc -g1 $MASTER_PRIV_FILE > /dev/null 2> /dev/null
+MASTER_PUB=`gnunet-ecc -p $MASTER_PRIV_FILE`
+EXCHANGE_URL=`taler-config -c $CONF -s EXCHANGE -o BASE_URL`
+MERCHANT_PORT=`taler-config -c $CONF -s MERCHANT -o PORT`
+MERCHANT_URL=http://localhost:${MERCHANT_PORT}/
+BANK_PORT=`taler-config -c $CONF -s BANK -o HTTP_PORT`
+BANK_URL=http://localhost:${BANK_PORT}/
+AUDITOR_URL=http://localhost:8083/
+AUDITOR_PRIV_FILE=`taler-config -f -c $CONF -s AUDITOR -o AUDITOR_PRIV_FILE`
+AUDITOR_PRIV_DIR=`dirname $AUDITOR_PRIV_FILE`
+mkdir -p $AUDITOR_PRIV_DIR
+gnunet-ecc -g1 $AUDITOR_PRIV_FILE > /dev/null 2> /dev/null
+AUDITOR_PUB=`gnunet-ecc -p $AUDITOR_PRIV_FILE`
+
+# patch configuration
+TALER_DB=talercheck
+taler-config -c $CONF -s exchange -o MASTER_PUBLIC_KEY -V $MASTER_PUB
+taler-config -c $CONF -s merchant-exchange-default -o MASTER_KEY -V $MASTER_PUB
+taler-config -c $CONF -s exchangedb-postgres -o CONFIG -V postgres:///$TALER_DB
+taler-config -c $CONF -s auditordb-postgres -o CONFIG -V postgres:///$TALER_DB
+taler-config -c $CONF -s merchantdb-postgres -o CONFIG -V postgres:///$TALER_DB
+taler-config -c $CONF -s bank -o database -V postgres:///$TALER_DB
+taler-config -c $CONF -s exchange -o KEYDIR -V "${TMP_DIR}/keydir/"
+taler-config -c $CONF -s exchange -o REVOCATION_DIR -V "${TMP_DIR}/revdir/"
+
+echo " OK"
+
+echo -n "Setting up exchange ..."
+
+# reset database
+dropdb $TALER_DB >/dev/null 2>/dev/null || true
+createdb $TALER_DB || exit_skip "Could not create database $TALER_DB"
+taler-exchange-dbinit -c $CONF
+taler-merchant-dbinit -c $CONF
+taler-auditor-dbinit -c $CONF
+taler-auditor-exchange -c $CONF -m $MASTER_PUB -u $EXCHANGE_URL
+
+echo " OK"
+
+# Launch services
+echo -n "Launching taler services ..."
+taler-bank-manage-testing $CONF postgres:///$TALER_DB serve > taler-bank.log
2> taler-bank.err &
+taler-exchange-secmod-eddsa -c $CONF 2> taler-exchange-secmod-eddsa.log &
+taler-exchange-secmod-rsa -c $CONF 2> taler-exchange-secmod-rsa.log &
+taler-exchange-httpd -c $CONF 2> taler-exchange-httpd.log &
+taler-merchant-httpd -c $CONF -L INFO 2> taler-merchant-httpd.log &
+taler-exchange-wirewatch -c $CONF 2> taler-exchange-wirewatch.log &
+taler-auditor-httpd -L INFO -c $CONF 2> taler-auditor-httpd.log &
+
+echo " OK"
+
+# Wait for bank to be available (usually the slowest)
+for n in `seq 1 50`
+do
+ echo -n "."
+ sleep 0.2
+ OK=0
+ # bank
+ wget --tries=1 --timeout=1 http://localhost:8082/ -o /dev/null -O
/dev/null >/dev/null || continue
+ OK=1
+ break
+done
+
+if [ 1 != $OK ]
+then
+ exit_skip "Failed to launch services (bank)"
+fi
+
+# Wait for all other taler services to be available
+for n in `seq 1 50`
+do
+ echo -n "."
+ sleep 0.1
+ OK=0
+ # exchange
+ wget --tries=1 --timeout=1 http://localhost:8081/seed -o /dev/null -O
/dev/null >/dev/null || continue
+ # merchant
+ wget --tries=1 --timeout=1 http://localhost:9966/ -o /dev/null -O
/dev/null >/dev/null || continue
+ # auditor
+ wget --tries=1 --timeout=1 http://localhost:8083/ -o /dev/null -O
/dev/null >/dev/null || continue
+ OK=1
+ break
+done
+
+if [ 1 != $OK ]
+then
+ exit_skip "Failed to launch taler services"
+fi
+
+echo "OK"
+
+
+echo -n "Setting up merchant instance"
+STATUS=$(curl -H "Content-Type: application/json" -X POST \
+ http://localhost:9966/private/instances \
+ -d
'{"auth":{"method":"external"},"payto_uris":["payto://x-taler-bank/localhost/43"],"id":"default","name":"default","address":{},"jurisdiction":{},"default_max_wire_fee":"TESTKUDOS:1",
"default_max_deposit_fee":"TESTKUDOS:1","default_wire_fee_amortization":1,"default_wire_transfer_delay":{"d_ms"
: 3600000},"default_pay_delay":{"d_ms": 3600000}}' \
+ -w "%{http_code}" -s -o /dev/null)
+
+if [ "$STATUS" != "204" ]
+then
+ echo 'should respond ok, instance created. got:' $STATUS
+ exit 1
+fi
+echo " OK"
+
+echo -n "Setting up orders ..."
+
+
+ORDER_1=`curl -s -H "Content-Type: application/json" -X POST \
+ http://localhost:9966/private/orders \
+ -d '{"create_token":false,
"order":{"amount":"TESTKUDOS:0.01","summary":"Minimal test order #1"}}' \
+ | jq -er '.order_id'`
+PAY1=taler+http://pay/localhost:9966/${ORDER_1}/
+
+ORDER_2=`curl -s -H "Content-Type: application/json" -X POST \
+ http://localhost:9966/private/orders \
+ -d '{"create_token":false,
"order":{"amount":"TESTKUDOS:0.01","summary":"Minimal test order #2"}}' \
+ | jq -er '.order_id'`
+PAY2=taler+http://pay/localhost:9966/${ORDER_1}/
+
+
+if [ "$STATUS" != "204" ]
+then
+ echo 'should respond ok, order created. got:' $STATUS
+ exit 1
+fi
+
+
+echo "OK"
+
+bash
+
+echo -n "Setting up keys ..."
+taler-exchange-offline -c $CONF \
+ download \
+ sign \
+ enable-account payto://x-taler-bank/localhost/Exchange \
+ enable-auditor $AUDITOR_PUB $AUDITOR_URL "TESTKUDOS Auditor" \
+ wire-fee now x-taler-bank TESTKUDOS:0.01 TESTKUDOS:0.01 \
+ upload &> taler-exchange-offline.log
+
+echo -n "."
+
+for n in `seq 1 30`
+do
+ echo -n "."
+ OK=0
+ wget --tries=1 http://localhost:8081/keys -o /dev/null -O /dev/null
>/dev/null || continue
+ OK=1
+ sleep 0.1
+ break
+done
+
+if [ 1 != $OK ]
+then
+ exit_skip "Failed to setup keys"
+fi
+
+echo " OK"
+
+echo -n "Setting up auditor signatures ..."
+taler-auditor-offline -c $CONF \
+ download sign upload &> taler-auditor-offline.log
+echo " OK"
+
+
+echo -n "First withdraw wallet"
+rm $WALLET_DB
+taler-wallet-cli --no-throttle --wallet-db=$WALLET_DB api
'withdrawTestBalance' \
+ "$(jq -n '
+ {
+ amount: "TESTKUDOS:1",
+ bankBaseUrl: $BANK_URL,
+ exchangeBaseUrl: $EXCHANGE_URL
+ }' \
+ --arg BANK_URL "$BANK_URL" \
+ --arg EXCHANGE_URL "$EXCHANGE_URL"
+ )" 2> /dev/null >/dev/null
+taler-wallet-cli --wallet-db=$WALLET_DB run-until-done 2>/dev/null >/dev/null
+echo " OK"
+
+echo -n "Pay first order ..."
+taler-wallet-cli --no-throttle --wallet-db=$WALLET_DB handle-uri ${PAY1} 2>
wallet-pay1.err > wallet-pay1.log
+echo " OK"
+
+echo -n "Wait for old keys to definitively expire..."
+sleep 15
+echo " OK"
+
+echo -n "Updating keys ..."
+taler-exchange-offline -c $CONF \
+ download \
+ sign \
+ upload &> taler-exchange-offline-2.log
+taler-auditor-offline -c $CONF \
+ download sign upload &> taler-auditor-offline-2.log
+echo " OK"
+
+echo -n "Second withdraw wallet"
+rm $WALLET_DB
+taler-wallet-cli --no-throttle --wallet-db=$WALLET_DB api
'withdrawTestBalance' \
+ "$(jq -n '
+ {
+ amount: "TESTKUDOS:1",
+ bankBaseUrl: $BANK_URL,
+ exchangeBaseUrl: $EXCHANGE_URL
+ }' \
+ --arg BANK_URL "$BANK_URL" \
+ --arg EXCHANGE_URL "$EXCHANGE_URL"
+ )" 2> /dev/null >/dev/null
+taler-wallet-cli --wallet-db=$WALLET_DB run-until-done 2>/dev/null >/dev/null
+echo " OK"
+
+echo -n "Pay second order ..."
+taler-wallet-cli --no-throttle --wallet-db=$WALLET_DB handle-uri ${PAY2} 2>
wallet-pay1.err > wallet-pay1.log
+echo " OK"
+
+
+
+
+exit 0
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-merchant] branch master updated: -indent,
gnunet <=