LCOV - code coverage report
Current view: top level - backend - taler-merchant-httpd.c (source / functions) Hit Total Coverage
Test: coverage.info Lines: 537 716 75.0 %
Date: 2025-07-10 12:24:40 Functions: 29 30 96.7 %

          Line data    Source code
       1             : /*
       2             :   This file is part of TALER
       3             :   (C) 2014-2025 Taler Systems SA
       4             : 
       5             :   TALER is free software; you can redistribute it and/or modify it under the
       6             :   terms of the GNU Affero General Public License as published by the Free Software
       7             :   Foundation; either version 3, or (at your option) any later version.
       8             : 
       9             :   TALER is distributed in the hope that it will be useful, but WITHOUT ANY
      10             :   WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
      11             :   A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
      12             : 
      13             :   You should have received a copy of the GNU General Public License along with
      14             :   TALER; see the file COPYING.  If not, see <http://www.gnu.org/licenses/>
      15             : */
      16             : /**
      17             :  * @file taler-merchant-httpd.c
      18             :  * @brief HTTP serving layer intended to perform crypto-work and
      19             :  * communication with the exchange
      20             :  * @author Marcello Stanisci
      21             :  * @author Christian Grothoff
      22             :  * @author Florian Dold
      23             :  * @author Priscilla HUANG
      24             :  */
      25             : #include "platform.h"
      26             : #include <taler/taler_dbevents.h>
      27             : #include <taler/taler_bank_service.h>
      28             : #include <taler/taler_mhd_lib.h>
      29             : #include <taler/taler_templating_lib.h>
      30             : #include <taler/taler_exchange_service.h>
      31             : #include "taler_merchant_util.h"
      32             : #include "taler-merchant-httpd_config.h"
      33             : #include "taler-merchant-httpd_exchanges.h"
      34             : #include "taler-merchant-httpd_get-orders-ID.h"
      35             : #include "taler-merchant-httpd_get-templates-ID.h"
      36             : #include "taler-merchant-httpd_helper.h"
      37             : #include "taler-merchant-httpd_mhd.h"
      38             : #include "taler-merchant-httpd_private-delete-account-ID.h"
      39             : #include "taler-merchant-httpd_private-delete-categories-ID.h"
      40             : #include "taler-merchant-httpd_private-delete-instances-ID.h"
      41             : #include "taler-merchant-httpd_private-delete-instances-ID-token.h"
      42             : #include "taler-merchant-httpd_private-delete-products-ID.h"
      43             : #include "taler-merchant-httpd_private-delete-orders-ID.h"
      44             : #include "taler-merchant-httpd_private-delete-otp-devices-ID.h"
      45             : #include "taler-merchant-httpd_private-delete-templates-ID.h"
      46             : #include "taler-merchant-httpd_private-delete-token-families-SLUG.h"
      47             : #include "taler-merchant-httpd_private-delete-transfers-ID.h"
      48             : #include "taler-merchant-httpd_private-delete-webhooks-ID.h"
      49             : #include "taler-merchant-httpd_private-get-accounts.h"
      50             : #include "taler-merchant-httpd_private-get-accounts-ID.h"
      51             : #include "taler-merchant-httpd_private-get-categories.h"
      52             : #include "taler-merchant-httpd_private-get-categories-ID.h"
      53             : #include "taler-merchant-httpd_private-get-instances.h"
      54             : #include "taler-merchant-httpd_private-get-instances-ID.h"
      55             : #include "taler-merchant-httpd_private-get-instances-ID-kyc.h"
      56             : #include "taler-merchant-httpd_private-get-instances-ID-tokens.h"
      57             : #include "taler-merchant-httpd_private-get-pos.h"
      58             : #include "taler-merchant-httpd_private-get-products.h"
      59             : #include "taler-merchant-httpd_private-get-products-ID.h"
      60             : #include "taler-merchant-httpd_private-get-orders.h"
      61             : #include "taler-merchant-httpd_private-get-orders-ID.h"
      62             : #include "taler-merchant-httpd_private-get-otp-devices.h"
      63             : #include "taler-merchant-httpd_private-get-otp-devices-ID.h"
      64             : #include "taler-merchant-httpd_private-get-statistics-amount-SLUG.h"
      65             : #include "taler-merchant-httpd_private-get-statistics-counter-SLUG.h"
      66             : #include "taler-merchant-httpd_private-get-templates.h"
      67             : #include "taler-merchant-httpd_private-get-templates-ID.h"
      68             : #include "taler-merchant-httpd_private-get-token-families.h"
      69             : #include "taler-merchant-httpd_private-get-token-families-SLUG.h"
      70             : #include "taler-merchant-httpd_private-get-transfers.h"
      71             : #include "taler-merchant-httpd_private-get-webhooks.h"
      72             : #include "taler-merchant-httpd_private-get-webhooks-ID.h"
      73             : #include "taler-merchant-httpd_private-patch-accounts-ID.h"
      74             : #include "taler-merchant-httpd_private-patch-categories-ID.h"
      75             : #include "taler-merchant-httpd_private-patch-instances-ID.h"
      76             : #include "taler-merchant-httpd_private-patch-orders-ID-forget.h"
      77             : #include "taler-merchant-httpd_private-patch-otp-devices-ID.h"
      78             : #include "taler-merchant-httpd_private-patch-products-ID.h"
      79             : #include "taler-merchant-httpd_private-patch-templates-ID.h"
      80             : #include "taler-merchant-httpd_private-patch-token-families-SLUG.h"
      81             : #include "taler-merchant-httpd_private-patch-webhooks-ID.h"
      82             : #include "taler-merchant-httpd_private-post-account.h"
      83             : #include "taler-merchant-httpd_private-post-categories.h"
      84             : #include "taler-merchant-httpd_private-post-instances.h"
      85             : #include "taler-merchant-httpd_private-post-instances-ID-auth.h"
      86             : #include "taler-merchant-httpd_private-post-instances-ID-token.h"
      87             : #include "taler-merchant-httpd_private-post-otp-devices.h"
      88             : #include "taler-merchant-httpd_private-post-orders.h"
      89             : #include "taler-merchant-httpd_private-post-orders-ID-refund.h"
      90             : #include "taler-merchant-httpd_private-post-products.h"
      91             : #include "taler-merchant-httpd_private-post-products-ID-lock.h"
      92             : #include "taler-merchant-httpd_private-post-templates.h"
      93             : #include "taler-merchant-httpd_private-post-token-families.h"
      94             : #include "taler-merchant-httpd_private-post-transfers.h"
      95             : #include "taler-merchant-httpd_private-post-webhooks.h"
      96             : #include "taler-merchant-httpd_post-orders-ID-abort.h"
      97             : #include "taler-merchant-httpd_post-orders-ID-claim.h"
      98             : #include "taler-merchant-httpd_post-orders-ID-paid.h"
      99             : #include "taler-merchant-httpd_post-orders-ID-pay.h"
     100             : #include "taler-merchant-httpd_post-using-templates.h"
     101             : #include "taler-merchant-httpd_post-orders-ID-refund.h"
     102             : #include "taler-merchant-httpd_spa.h"
     103             : #include "taler-merchant-httpd_statics.h"
     104             : 
     105             : 
     106             : /**
     107             :  * Fixme: document.
     108             :  */
     109             : #define INSTANCE_STALENESS GNUNET_TIME_UNIT_MINUTES
     110             : 
     111             : /**
     112             :  * Backlog for listen operation on unix-domain sockets.
     113             :  */
     114             : #define UNIX_BACKLOG 500
     115             : 
     116             : /**
     117             :  * Default maximum upload size permitted.  Can be overridden
     118             :  * per handler.
     119             :  */
     120             : #define DEFAULT_MAX_UPLOAD_SIZE (16 * 1024)
     121             : 
     122             : /**
     123             :  * Which currency do we use?
     124             :  */
     125             : char *TMH_currency;
     126             : 
     127             : /**
     128             :  * What is the base URL for this merchant backend?  NULL if it is not
     129             :  * configured and is to be determined from HTTP headers (X-Forwarded-Host and
     130             :  * X-Forwarded-Port and X-Forwarded-Prefix) of the reverse proxy.
     131             :  */
     132             : char *TMH_base_url;
     133             : 
     134             : /**
     135             :  * Inform the auditor for all deposit confirmations (global option)
     136             :  */
     137             : int TMH_force_audit;
     138             : 
     139             : /**
     140             :  * Connection handle to the our database
     141             :  */
     142             : struct TALER_MERCHANTDB_Plugin *TMH_db;
     143             : 
     144             : /**
     145             :  * Event handler for instance settings changes.
     146             :  */
     147             : static struct GNUNET_DB_EventHandler *instance_eh;
     148             : 
     149             : /**
     150             :  * Hashmap pointing at merchant instances by 'id'. An 'id' is
     151             :  * just a string that identifies a merchant instance. When a frontend
     152             :  * needs to specify an instance to the backend, it does so by 'id'
     153             :  */
     154             : struct GNUNET_CONTAINER_MultiHashMap *TMH_by_id_map;
     155             : 
     156             : /**
     157             :  * #GNUNET_YES if protocol version 19 is strictly enforced.
     158             :  * (Default is #GNUNET_NO)
     159             :  */
     160             : int TMH_strict_v19;
     161             : 
     162             : /**
     163             :  * #GNUNET_YES if authentication is disabled (For testing only!!).
     164             :  * (Default is #GNUNET_NO)
     165             :  */
     166             : int TMH_auth_disabled;
     167             : 
     168             : /**
     169             :  * How long do we need to keep information on paid contracts on file for tax
     170             :  * or other legal reasons?  Used to block deletions for younger transaction
     171             :  * data.
     172             :  */
     173             : struct GNUNET_TIME_Relative TMH_legal_expiration;
     174             : 
     175             : /**
     176             :  * Length of the TMH_cspecs array.
     177             :  */
     178             : unsigned int TMH_num_cspecs;
     179             : 
     180             : /**
     181             :  * Rendering specs for currencies.
     182             :  */
     183             : struct TALER_CurrencySpecification *TMH_cspecs;
     184             : 
     185             : /**
     186             :  * True if we started any HTTP daemon.
     187             :  */
     188             : static bool have_daemons;
     189             : 
     190             : /**
     191             :  * Should a "Connection: close" header be added to each HTTP response?
     192             :  */
     193             : static int merchant_connection_close;
     194             : 
     195             : /**
     196             :  * Context for all exchange operations (useful to the event loop).
     197             :  */
     198             : struct GNUNET_CURL_Context *TMH_curl_ctx;
     199             : 
     200             : /**
     201             :  * Context for integrating #TMH_curl_ctx with the
     202             :  * GNUnet event loop.
     203             :  */
     204             : static struct GNUNET_CURL_RescheduleContext *merchant_curl_rc;
     205             : 
     206             : /**
     207             :  * Global return code
     208             :  */
     209             : static int global_ret;
     210             : 
     211             : /**
     212             :  * Our configuration.
     213             :  */
     214             : static const struct GNUNET_CONFIGURATION_Handle *cfg;
     215             : 
     216             : /**
     217             :  * Maximum length of a permissions string of a scope
     218             :  */
     219             : #define TMH_MAX_SCOPE_PERMISSIONS_LEN 4096
     220             : 
     221             : /**
     222             :  * Maximum length of a name of a scope
     223             :  */
     224             : #define TMH_MAX_NAME_LEN 255
     225             : 
     226             : /**
     227             :  * Represents a hard-coded set of default scopes with their
     228             :  * permissions and names
     229             :  */
     230             : struct ScopePermissionMap
     231             : {
     232             :   /**
     233             :    * The scope enum value
     234             :    */
     235             :   enum TMH_AuthScope as;
     236             : 
     237             :   /**
     238             :    * The scope name
     239             :    */
     240             :   char name[TMH_MAX_NAME_LEN];
     241             : 
     242             :   /**
     243             :    * The scope permissions string.
     244             :    * Comma-separated.
     245             :    */
     246             :   char permissions[TMH_MAX_SCOPE_PERMISSIONS_LEN];
     247             : };
     248             : 
     249             : /**
     250             :  * The default scopes array for merchant
     251             :  */
     252             : struct ScopePermissionMap scope_permissions[] = {
     253             :   /* Deprecated since v19 */
     254             :   {
     255             :     .as = TMH_AS_ALL,
     256             :     .name = "write",
     257             :     .permissions = "*"
     258             :   },
     259             :   /* Full access for SPA */
     260             :   {
     261             :     .as = TMH_AS_ALL,
     262             :     .name = "all",
     263             :     .permissions = "*"
     264             :   },
     265             :   /* Full access for SPA */
     266             :   {
     267             :     .as = TMH_AS_SPA,
     268             :     .name = "spa",
     269             :     .permissions = "*"
     270             :   },
     271             :   /* Read-only access */
     272             :   {
     273             :     .as = TMH_AS_READ_ONLY,
     274             :     .name = "readonly",
     275             :     .permissions = "*-read"
     276             :   },
     277             :   /* Simple order management */
     278             :   {
     279             :     .as = TMH_AS_ORDER_SIMPLE,
     280             :     .name = "order-simple",
     281             :     .permissions = "orders-read,orders-write"
     282             :   },
     283             :   /* Simple order management for PoS, also allows inventory locking */
     284             :   {
     285             :     .as = TMH_AS_ORDER_POS,
     286             :     .name = "order-pos",
     287             :     .permissions = "orders-read,orders-write,inventory-lock"
     288             :   },
     289             :   /* Simple order management, also allows refunding */
     290             :   {
     291             :     .as = TMH_AS_ORDER_MGMT,
     292             :     .name = "order-mgmt",
     293             :     .permissions = "orders-read,orders-write,orders-refund"
     294             :   },
     295             :   /* Full order management, allows inventory locking and refunds */
     296             :   {
     297             :     .as = TMH_AS_ORDER_FULL,
     298             :     .name = "order-full",
     299             :     .permissions = "orders-read,orders-write,inventory-lock,orders-refund"
     300             :   },
     301             :   /* No permissions, dummy scope */
     302             :   {
     303             :     .as = TMH_AS_NONE,
     304             :   }
     305             : };
     306             : 
     307             : 
     308             : /**
     309             :  * Get permissions string for scope.
     310             :  * Also extracts the leftmost bit into the @a refreshable
     311             :  * output parameter.
     312             :  *
     313             :  * @param as the scope to get the permissions string from
     314             :  * @param[out] refreshable true if the token associated with this scope is refreshable.
     315             :  * @return the permissions string, or NULL if no such scope found
     316             :  */
     317             : static const char*
     318         512 : get_scope_permissions (enum TMH_AuthScope as,
     319             :                        bool *refreshable)
     320             : {
     321         512 :   *refreshable = as & TMH_AS_REFRESHABLE;
     322         713 :   for (unsigned int i = 0; TMH_AS_NONE != scope_permissions[i].as; i++)
     323             :   {
     324             :     /* We ignore the TMH_AS_REFRESHABLE bit */
     325         695 :     if ( (as & ~TMH_AS_REFRESHABLE)  ==
     326         695 :          (scope_permissions[i].as & ~TMH_AS_REFRESHABLE) )
     327         494 :       return scope_permissions[i].permissions;
     328             :   }
     329          18 :   return NULL;
     330             : }
     331             : 
     332             : 
     333             : /**
     334             :  * Checks if @a permission_required is in permissions of
     335             :  * @a scope.
     336             :  *
     337             :  * @param permission_required the permission to check.
     338             :  * @param scope the scope to check.
     339             :  * @return true if @a permission_required is in the permissions set of @a scope.
     340             :  */
     341             : static bool
     342         482 : permission_in_scope (const char *permission_required,
     343             :                      enum TMH_AuthScope scope)
     344             : {
     345             :   char *permissions;
     346             :   const char *perms_tmp;
     347         482 :   bool is_read_perm = false;
     348         482 :   bool is_write_perm = false;
     349             :   bool refreshable;
     350             :   const char *last_dash;
     351             : 
     352         482 :   perms_tmp = get_scope_permissions (scope,
     353             :                                      &refreshable);
     354         482 :   if (NULL == perms_tmp)
     355             :   {
     356          18 :     GNUNET_break_op (0);
     357          18 :     return false;
     358             :   }
     359         464 :   last_dash = strrchr (permission_required,
     360             :                        '-');
     361         464 :   if (NULL != last_dash)
     362             :   {
     363         463 :     is_write_perm = (0 == strcmp (last_dash,
     364             :                                   "-write"));
     365         463 :     is_read_perm = (0 == strcmp (last_dash,
     366             :                                  "-read"));
     367             :   }
     368             : 
     369         464 :   if (0 == strcmp ("token-refresh",
     370             :                    permission_required))
     371          16 :     return refreshable;
     372         448 :   permissions = GNUNET_strdup (perms_tmp);
     373             :   {
     374         448 :     const char *perm = strtok (permissions,
     375             :                                ",");
     376             : 
     377         448 :     if (NULL == perm)
     378             :     {
     379           0 :       GNUNET_free (permissions);
     380           0 :       return false;
     381             :     }
     382         449 :     while (NULL != perm)
     383             :     {
     384         448 :       if (0 == strcmp ("*",
     385             :                        perm))
     386             :       {
     387         446 :         GNUNET_free (permissions);
     388         446 :         return true;
     389             :       }
     390           2 :       if ( (0 == strcmp ("*-write",
     391           0 :                          perm)) &&
     392             :            (is_write_perm) )
     393             :       {
     394           0 :         GNUNET_free (permissions);
     395           0 :         return true;
     396             :       }
     397           2 :       if ( (0 == strcmp ("*-read",
     398           2 :                          perm)) &&
     399             :            (is_read_perm) )
     400             :       {
     401           1 :         GNUNET_free (permissions);
     402           1 :         return true;
     403             :       }
     404           1 :       if (0 == strcmp (permission_required,
     405             :                        perm))
     406             :       {
     407           0 :         GNUNET_free (permissions);
     408           0 :         return true;
     409             :       }
     410           1 :       perm = strtok (NULL,
     411             :                      ",");
     412             :     }
     413             :   }
     414           1 :   GNUNET_free (permissions);
     415           1 :   return false;
     416             : }
     417             : 
     418             : 
     419             : bool
     420          15 : TMH_scope_is_subset (enum TMH_AuthScope as,
     421             :                      enum TMH_AuthScope candidate)
     422             : {
     423             :   const char *as_perms;
     424             :   const char *candidate_perms;
     425             :   char *permissions;
     426             :   bool as_refreshable;
     427             :   bool cand_refreshable;
     428             : 
     429          15 :   as_perms = get_scope_permissions (as,
     430             :                                     &as_refreshable);
     431          15 :   candidate_perms = get_scope_permissions (candidate,
     432             :                                            &cand_refreshable);
     433          15 :   if (! as_refreshable && cand_refreshable)
     434           0 :     return false;
     435          15 :   if ( (NULL == as_perms) &&
     436             :        (NULL != candidate_perms) )
     437           0 :     return false;
     438          15 :   if ( (NULL == candidate_perms) ||
     439          15 :        (0 == strcmp ("*",
     440             :                      as_perms)))
     441          14 :     return true;
     442           1 :   permissions = GNUNET_strdup (candidate_perms);
     443             :   {
     444             :     const char *perm;
     445             : 
     446           1 :     perm = strtok (permissions,
     447             :                    ",");
     448           1 :     if (NULL == perm)
     449             :     {
     450           0 :       GNUNET_free (permissions);
     451           0 :       return true;
     452             :     }
     453           1 :     while (NULL != perm)
     454             :     {
     455           1 :       if (! permission_in_scope (perm,
     456             :                                  as))
     457             :       {
     458           1 :         GNUNET_free (permissions);
     459           1 :         return false;
     460             :       }
     461           0 :       perm = strtok (NULL,
     462             :                      ",");
     463             :     }
     464             :   }
     465           0 :   GNUNET_free (permissions);
     466           0 :   return true;
     467             : }
     468             : 
     469             : 
     470             : enum TMH_AuthScope
     471          15 : TMH_get_scope_by_name (const char *name)
     472             : {
     473          36 :   for (unsigned int i = 0; TMH_AS_NONE != scope_permissions[i].as; i++)
     474             :   {
     475          36 :     if (0 == strcasecmp (scope_permissions[i].name,
     476             :                          name))
     477          15 :       return scope_permissions[i].as;
     478             :   }
     479           0 :   return TMH_AS_NONE;
     480             : }
     481             : 
     482             : 
     483             : const char*
     484           2 : TMH_get_name_by_scope (enum TMH_AuthScope scope, bool *refreshable)
     485             : {
     486           2 :   *refreshable = scope & TMH_AS_REFRESHABLE;
     487           8 :   for (unsigned int i = 0; TMH_AS_NONE != scope_permissions[i].as; i++)
     488             :   {
     489             :     /* We ignore the TMH_AS_REFRESHABLE bit */
     490           8 :     if ( (scope & ~TMH_AS_REFRESHABLE)  ==
     491           8 :          (scope_permissions[i].as & ~TMH_AS_REFRESHABLE) )
     492           2 :       return scope_permissions[i].name;
     493             :   }
     494           0 :   return NULL;
     495             : }
     496             : 
     497             : 
     498             : enum GNUNET_GenericReturnValue
     499          23 : TMH_check_auth (const char *password,
     500             :                 struct TALER_MerchantAuthenticationSaltP *salt,
     501             :                 struct TALER_MerchantAuthenticationHashP *hash)
     502             : {
     503             :   struct TALER_MerchantAuthenticationHashP val;
     504             : 
     505          23 :   if (GNUNET_is_zero (hash))
     506           0 :     return GNUNET_OK;
     507          23 :   if (NULL == password)
     508           0 :     return GNUNET_SYSERR;
     509          23 :   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
     510             :               "Checking against token with salt %s\n",
     511             :               TALER_B2S (salt));
     512          23 :   TALER_merchant_instance_auth_hash_with_salt (&val,
     513             :                                                salt,
     514             :                                                password);
     515             :   return (0 ==
     516          23 :           GNUNET_memcmp (&val,
     517             :                          hash))
     518             :     ? GNUNET_OK
     519          23 :     : GNUNET_SYSERR;
     520             : }
     521             : 
     522             : 
     523             : /**
     524             :  * Check if @a userpass grants access to @a instance.
     525             :  *
     526             :  * @param userpass base64 encoded "$USERNAME:$PASSWORD" value
     527             :  *        from HTTP Basic "Authentication" header
     528             :  * @param instances the access controlled instance
     529             :  */
     530             : static enum GNUNET_GenericReturnValue
     531          14 : check_auth_instance (const char *userpass,
     532             :                      struct TMH_MerchantInstance *instance)
     533             : {
     534             :   char *tmp;
     535             :   char *colon;
     536             :   const char *instance_name;
     537             :   const char *password;
     538          14 :   const char *target_instance = "admin";
     539             :   enum GNUNET_GenericReturnValue ret;
     540             : 
     541             :   /* implicitly a zeroed out hash means no authentication */
     542          14 :   if (GNUNET_is_zero (&instance->auth.auth_hash))
     543           0 :     return GNUNET_OK;
     544          14 :   if (NULL == userpass)
     545           0 :     return GNUNET_SYSERR;
     546          14 :   if (0 ==
     547          14 :       GNUNET_STRINGS_base64_decode (userpass,
     548             :                                     strlen (userpass),
     549             :                                     (void**) &tmp))
     550             :   {
     551           0 :     return GNUNET_SYSERR;
     552             :   }
     553          14 :   colon = strchr (tmp,
     554             :                   ':');
     555          14 :   if (NULL == colon)
     556             :   {
     557           0 :     GNUNET_free (tmp);
     558           0 :     return GNUNET_SYSERR;
     559             :   }
     560          14 :   *colon = '\0';
     561          14 :   instance_name = tmp;
     562          14 :   password = colon + 1;
     563             :   /* instance->settings.id can be NULL if there is no instance yet */
     564          14 :   if (NULL != instance->settings.id)
     565          14 :     target_instance = instance->settings.id;
     566          14 :   if (0 != strcmp (instance_name,
     567             :                    target_instance))
     568             :   {
     569           0 :     GNUNET_free (tmp);
     570           0 :     return GNUNET_SYSERR;
     571             :   }
     572          14 :   ret = TMH_check_auth (password,
     573             :                         &instance->auth.auth_salt,
     574             :                         &instance->auth.auth_hash);
     575          14 :   GNUNET_free (tmp);
     576          14 :   return ret;
     577             : }
     578             : 
     579             : 
     580             : void
     581          13 : TMH_compute_auth (const char *token,
     582             :                   struct TALER_MerchantAuthenticationSaltP *salt,
     583             :                   struct TALER_MerchantAuthenticationHashP *hash)
     584             : {
     585          13 :   GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
     586             :                               salt,
     587             :                               sizeof (*salt));
     588          13 :   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
     589             :               "Computing initial auth using token with salt %s\n",
     590             :               TALER_B2S (salt));
     591          13 :   TALER_merchant_instance_auth_hash_with_salt (hash,
     592             :                                                salt,
     593             :                                                token);
     594          13 : }
     595             : 
     596             : 
     597             : void
     598          52 : TMH_wire_method_free (struct TMH_WireMethod *wm)
     599             : {
     600          52 :   GNUNET_free (wm->payto_uri.full_payto);
     601          52 :   GNUNET_free (wm->wire_method);
     602          52 :   GNUNET_free (wm->credit_facade_url);
     603          52 :   json_decref (wm->credit_facade_credentials);
     604          52 :   GNUNET_free (wm);
     605          52 : }
     606             : 
     607             : 
     608             : void
     609         722 : TMH_instance_decref (struct TMH_MerchantInstance *mi)
     610             : {
     611             :   struct TMH_WireMethod *wm;
     612             : 
     613         722 :   mi->rc--;
     614         722 :   if (0 != mi->rc)
     615         625 :     return;
     616          97 :   TMH_force_get_orders_resume (mi);
     617         149 :   while (NULL != (wm = (mi->wm_head)))
     618             :   {
     619          52 :     GNUNET_CONTAINER_DLL_remove (mi->wm_head,
     620             :                                  mi->wm_tail,
     621             :                                  wm);
     622          52 :     TMH_wire_method_free (wm);
     623             :   }
     624             : 
     625          97 :   GNUNET_free (mi->settings.id);
     626          97 :   GNUNET_free (mi->settings.name);
     627          97 :   GNUNET_free (mi->settings.email);
     628          97 :   GNUNET_free (mi->settings.website);
     629          97 :   GNUNET_free (mi->settings.logo);
     630          97 :   json_decref (mi->settings.address);
     631          97 :   json_decref (mi->settings.jurisdiction);
     632          97 :   GNUNET_free (mi);
     633             : }
     634             : 
     635             : 
     636             : enum GNUNET_GenericReturnValue
     637          97 : TMH_instance_free_cb (void *cls,
     638             :                       const struct GNUNET_HashCode *key,
     639             :                       void *value)
     640             : {
     641          97 :   struct TMH_MerchantInstance *mi = value;
     642             : 
     643             :   (void) cls;
     644             :   (void) key;
     645          97 :   GNUNET_assert (GNUNET_OK ==
     646             :                  GNUNET_CONTAINER_multihashmap_remove (TMH_by_id_map,
     647             :                                                        &mi->h_instance,
     648             :                                                        mi));
     649          97 :   TMH_instance_decref (mi);
     650          97 :   return GNUNET_YES;
     651             : }
     652             : 
     653             : 
     654             : /**
     655             :  * Shutdown task (invoked when the application is being
     656             :  * terminated for any reason)
     657             :  *
     658             :  * @param cls NULL
     659             :  */
     660             : static void
     661          14 : do_shutdown (void *cls)
     662             : {
     663             :   (void) cls;
     664          14 :   TALER_MHD_daemons_halt ();
     665          14 :   TMH_force_orders_resume ();
     666          14 :   TMH_force_ac_resume ();
     667          14 :   TMH_force_pc_resume ();
     668          14 :   TMH_force_kyc_resume ();
     669          14 :   TMH_force_gorc_resume ();
     670          14 :   TMH_force_wallet_get_order_resume ();
     671          14 :   TMH_force_wallet_refund_order_resume ();
     672          14 :   TALER_MHD_daemons_destroy ();
     673          14 :   if (NULL != instance_eh)
     674             :   {
     675          14 :     TMH_db->event_listen_cancel (instance_eh);
     676          14 :     instance_eh = NULL;
     677             :   }
     678          14 :   TMH_EXCHANGES_done ();
     679          14 :   if (NULL != TMH_db)
     680             :   {
     681          14 :     TALER_MERCHANTDB_plugin_unload (TMH_db);
     682          14 :     TMH_db = NULL;
     683             :   }
     684          14 :   if (NULL != TMH_by_id_map)
     685             :   {
     686          14 :     GNUNET_CONTAINER_multihashmap_iterate (TMH_by_id_map,
     687             :                                            &TMH_instance_free_cb,
     688             :                                            NULL);
     689          14 :     GNUNET_CONTAINER_multihashmap_destroy (TMH_by_id_map);
     690          14 :     TMH_by_id_map = NULL;
     691             :   }
     692          14 :   TALER_TEMPLATING_done ();
     693          14 :   if (NULL != TMH_curl_ctx)
     694             :   {
     695          14 :     GNUNET_CURL_fini (TMH_curl_ctx);
     696          14 :     TMH_curl_ctx = NULL;
     697             :   }
     698          14 :   if (NULL != merchant_curl_rc)
     699             :   {
     700          14 :     GNUNET_CURL_gnunet_rc_destroy (merchant_curl_rc);
     701          14 :     merchant_curl_rc = NULL;
     702             :   }
     703          14 : }
     704             : 
     705             : 
     706             : /**
     707             :  * Function called whenever MHD is done with a request.  If the
     708             :  * request was a POST, we may have stored a `struct Buffer *` in the
     709             :  * @a con_cls that might still need to be cleaned up.  Call the
     710             :  * respective function to free the memory.
     711             :  *
     712             :  * @param cls client-defined closure
     713             :  * @param connection connection handle
     714             :  * @param con_cls value as set by the last call to
     715             :  *        the #MHD_AccessHandlerCallback
     716             :  * @param toe reason for request termination
     717             :  * @see #MHD_OPTION_NOTIFY_COMPLETED
     718             :  * @ingroup request
     719             :  */
     720             : static void
     721         665 : handle_mhd_completion_callback (void *cls,
     722             :                                 struct MHD_Connection *connection,
     723             :                                 void **con_cls,
     724             :                                 enum MHD_RequestTerminationCode toe)
     725             : {
     726         665 :   struct TMH_HandlerContext *hc = *con_cls;
     727             : 
     728             :   (void) cls;
     729         665 :   if (NULL == hc)
     730           0 :     return;
     731         665 :   GNUNET_SCHEDULER_begin_async_scope (&hc->async_scope_id);
     732             :   {
     733             : #if MHD_VERSION >= 0x00097304
     734             :     const union MHD_ConnectionInfo *ci;
     735         665 :     unsigned int http_status = 0;
     736             : 
     737         665 :     ci = MHD_get_connection_info (connection,
     738             :                                   MHD_CONNECTION_INFO_HTTP_STATUS);
     739         665 :     if (NULL != ci)
     740         665 :       http_status = ci->http_status;
     741         665 :     GNUNET_log (GNUNET_ERROR_TYPE_INFO,
     742             :                 "Request for `%s' completed with HTTP status %u (%d)\n",
     743             :                 hc->url,
     744             :                 http_status,
     745             :                 toe);
     746             : #else
     747             :     (void) connection;
     748             :     GNUNET_log (GNUNET_ERROR_TYPE_INFO,
     749             :                 "Finished handling request for `%s' with MHD termination code %d\n",
     750             :                 hc->url,
     751             :                 (int) toe);
     752             : #endif
     753             :   }
     754         665 :   if (NULL != hc->cc)
     755         242 :     hc->cc (hc->ctx);
     756         665 :   TALER_MHD_parse_post_cleanup_callback (hc->json_parse_context);
     757         665 :   GNUNET_free (hc->infix);
     758         665 :   if (NULL != hc->request_body)
     759         384 :     json_decref (hc->request_body);
     760         665 :   if (NULL != hc->instance)
     761         625 :     TMH_instance_decref (hc->instance);
     762         665 :   TMH_db->preflight (TMH_db->cls);
     763         665 :   GNUNET_free (hc->full_url);
     764         665 :   GNUNET_free (hc);
     765         665 :   *con_cls = NULL;
     766             : }
     767             : 
     768             : 
     769             : struct TMH_MerchantInstance *
     770         919 : TMH_lookup_instance (const char *instance_id)
     771             : {
     772             :   struct GNUNET_HashCode h_instance;
     773             : 
     774         919 :   if (NULL == instance_id)
     775         580 :     instance_id = "admin";
     776         919 :   GNUNET_CRYPTO_hash (instance_id,
     777             :                       strlen (instance_id),
     778             :                       &h_instance);
     779         919 :   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
     780             :               "Looking for by-id key %s of '%s' in hashmap\n",
     781             :               GNUNET_h2s (&h_instance),
     782             :               instance_id);
     783             :   /* We're fine if that returns NULL, the calling routine knows how
     784             :      to handle that */
     785         919 :   return GNUNET_CONTAINER_multihashmap_get (TMH_by_id_map,
     786             :                                             &h_instance);
     787             : }
     788             : 
     789             : 
     790             : /**
     791             :  * Add instance definition to our active set of instances.
     792             :  *
     793             :  * @param[in,out] mi merchant instance details to define
     794             :  * @return #GNUNET_OK on success, #GNUNET_NO if the same ID is in use already
     795             :  */
     796             : enum GNUNET_GenericReturnValue
     797          97 : TMH_add_instance (struct TMH_MerchantInstance *mi)
     798             : {
     799             :   const char *id;
     800             :   int ret;
     801             : 
     802          97 :   id = mi->settings.id;
     803          97 :   if (NULL == id)
     804           0 :     id = "admin";
     805          97 :   GNUNET_CRYPTO_hash (id,
     806             :                       strlen (id),
     807             :                       &mi->h_instance);
     808          97 :   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
     809             :               "Looking for by-id key %s of `%s' in hashmap\n",
     810             :               GNUNET_h2s (&mi->h_instance),
     811             :               id);
     812          97 :   ret = GNUNET_CONTAINER_multihashmap_put (TMH_by_id_map,
     813          97 :                                            &mi->h_instance,
     814             :                                            mi,
     815             :                                            GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY);
     816          97 :   if (GNUNET_OK == ret)
     817             :   {
     818          97 :     GNUNET_assert (mi->rc < UINT_MAX);
     819          97 :     mi->rc++;
     820             :   }
     821          97 :   return ret;
     822             : }
     823             : 
     824             : 
     825             : /**
     826             :  * Handle a OPTIONS "*" request.
     827             :  *
     828             :  * @param rh context of the handler
     829             :  * @param connection the MHD connection to handle
     830             :  * @param[in,out] hc context with further information about the request
     831             :  * @return MHD result code
     832             :  */
     833             : static MHD_RESULT
     834           0 : handle_server_options (const struct TMH_RequestHandler *rh,
     835             :                        struct MHD_Connection *connection,
     836             :                        struct TMH_HandlerContext *hc)
     837             : {
     838             :   (void) rh;
     839             :   (void) hc;
     840           0 :   return TALER_MHD_reply_cors_preflight (connection);
     841             : }
     842             : 
     843             : 
     844             : /**
     845             :  * Generates the response for "/", redirecting the
     846             :  * client to the "/webui/" from where we serve the SPA.
     847             :  *
     848             :  * @param rh request handler
     849             :  * @param connection MHD connection
     850             :  * @param hc handler context
     851             :  * @return MHD result code
     852             :  */
     853             : static MHD_RESULT
     854           1 : spa_redirect (const struct TMH_RequestHandler *rh,
     855             :               struct MHD_Connection *connection,
     856             :               struct TMH_HandlerContext *hc)
     857             : {
     858           1 :   const char *text = "Redirecting to /webui/";
     859             :   struct MHD_Response *response;
     860             :   char *dst;
     861             : 
     862           1 :   response = MHD_create_response_from_buffer (strlen (text),
     863             :                                               (void *) text,
     864             :                                               MHD_RESPMEM_PERSISTENT);
     865           1 :   if (NULL == response)
     866             :   {
     867           0 :     GNUNET_break (0);
     868           0 :     return MHD_NO;
     869             :   }
     870           1 :   TALER_MHD_add_global_headers (response,
     871             :                                 true);
     872           1 :   GNUNET_break (MHD_YES ==
     873             :                 MHD_add_response_header (response,
     874             :                                          MHD_HTTP_HEADER_CONTENT_TYPE,
     875             :                                          "text/plain"));
     876           1 :   if ( (NULL == hc->instance) ||
     877           1 :        (0 == strcmp ("admin",
     878           1 :                      hc->instance->settings.id)) )
     879           1 :     dst = GNUNET_strdup ("/webui/");
     880             :   else
     881           0 :     GNUNET_asprintf (&dst,
     882             :                      "/instances/%s/webui/",
     883           0 :                      hc->instance->settings.id);
     884           1 :   if (MHD_NO ==
     885           1 :       MHD_add_response_header (response,
     886             :                                MHD_HTTP_HEADER_LOCATION,
     887             :                                dst))
     888             :   {
     889           0 :     GNUNET_break (0);
     890           0 :     MHD_destroy_response (response);
     891           0 :     GNUNET_free (dst);
     892           0 :     return MHD_NO;
     893             :   }
     894           1 :   GNUNET_free (dst);
     895             : 
     896             :   {
     897             :     MHD_RESULT ret;
     898             : 
     899           1 :     ret = MHD_queue_response (connection,
     900             :                               MHD_HTTP_FOUND,
     901             :                               response);
     902           1 :     MHD_destroy_response (response);
     903           1 :     return ret;
     904             :   }
     905             : }
     906             : 
     907             : 
     908             : /**
     909             :  * Extract the token from authorization header value @a auth.
     910             :  * The @a auth value can be a bearer token or a Basic
     911             :  * authentication header. In both cases, this function
     912             :  * updates @a auth to point to the actual credential,
     913             :  * skipping spaces.
     914             :  *
     915             :  * NOTE: We probably want to replace this function with MHD2
     916             :  * API calls in the future that are more robust.
     917             :  *
     918             :  * @param[in,out] auth pointer to authorization header value,
     919             :  *        will be updated to point to the start of the token
     920             :  *        or set to NULL if header value is invalid
     921             :  * @param[out] is_basic_auth will be set to true if the
     922             :  *        authorization header uses basic authentication,
     923             :  *        otherwise to false
     924             :  */
     925             : static void
     926          71 : extract_auth (const char **auth,
     927             :               bool *is_basic_auth)
     928             : {
     929          71 :   const char *bearer = "Bearer ";
     930          71 :   const char *basic = "Basic ";
     931          71 :   const char *tok = *auth;
     932          71 :   size_t offset = 0;
     933          71 :   bool is_bearer = false;
     934             : 
     935          71 :   *is_basic_auth = false;
     936          71 :   if (0 == strncmp (tok,
     937             :                     bearer,
     938             :                     strlen (bearer)))
     939             :   {
     940          57 :     offset = strlen (bearer);
     941          57 :     is_bearer = true;
     942             :   }
     943          14 :   else if (0 == strncmp (tok,
     944             :                          basic,
     945             :                          strlen (basic)))
     946             :   {
     947          14 :     offset = strlen (basic);
     948          14 :     *is_basic_auth = true;
     949             :   }
     950             :   else
     951             :   {
     952           0 :     *auth = NULL;
     953           0 :     return;
     954             :   }
     955          71 :   tok += offset;
     956          71 :   while (' ' == *tok)
     957           0 :     tok++;
     958          71 :   if ( (is_bearer) &&
     959          57 :        (0 != strncasecmp (tok,
     960             :                           RFC_8959_PREFIX,
     961             :                           strlen (RFC_8959_PREFIX))) )
     962             :   {
     963           0 :     *auth = NULL;
     964           0 :     return;
     965             :   }
     966          71 :   *auth = tok;
     967             : }
     968             : 
     969             : 
     970             : /**
     971             :  * Checks if the @a rh matches the given (parsed) URL.
     972             :  *
     973             :  * @param rh handler to compare against
     974             :  * @param url the main URL (without "/private/" prefix, if any)
     975             :  * @param prefix_strlen length of the prefix, i.e. 8 for '/orders/' or 7 for '/config'
     976             :  * @param infix_url infix text, i.e. "$ORDER_ID".
     977             :  * @param infix_strlen length of the string in @a infix_url
     978             :  * @param suffix_url suffix, i.e. "/refund", including the "/"
     979             :  * @param suffix_strlen number of characters in @a suffix_url
     980             :  * @return true if @a rh matches this request
     981             :  */
     982             : static bool
     983       11879 : prefix_match (const struct TMH_RequestHandler *rh,
     984             :               const char *url,
     985             :               size_t prefix_strlen,
     986             :               const char *infix_url,
     987             :               size_t infix_strlen,
     988             :               const char *suffix_url,
     989             :               size_t suffix_strlen)
     990             : {
     991       11879 :   if ( (prefix_strlen != strlen (rh->url_prefix)) ||
     992        1812 :        (0 != memcmp (url,
     993        1812 :                      rh->url_prefix,
     994             :                      prefix_strlen)) )
     995       10597 :     return false;
     996        1282 :   if (! rh->have_id_segment)
     997             :   {
     998             :     /* Require /$PREFIX/$SUFFIX or /$PREFIX */
     999         417 :     if (NULL != suffix_url)
    1000           0 :       return false;       /* too many segments to match */
    1001         417 :     if ( (NULL == infix_url)   /* either or */
    1002         417 :          ^ (NULL == rh->url_suffix) )
    1003           0 :       return false;       /* suffix existence mismatch */
    1004             :     /* If /$PREFIX/$SUFFIX, check $SUFFIX matches */
    1005         417 :     if ( (NULL != infix_url) &&
    1006           0 :          ( (infix_strlen != strlen (rh->url_suffix)) ||
    1007           0 :            (0 != memcmp (infix_url,
    1008           0 :                          rh->url_suffix,
    1009             :                          infix_strlen)) ) )
    1010           0 :       return false;       /* cannot use infix as suffix: content mismatch */
    1011             :   }
    1012             :   else
    1013             :   {
    1014             :     /* Require /$PREFIX/$ID or /$PREFIX/$ID/$SUFFIX */
    1015         865 :     if (NULL == infix_url)
    1016           0 :       return false;       /* infix existence mismatch */
    1017         865 :     if ( ( (NULL == suffix_url)
    1018         865 :            ^ (NULL == rh->url_suffix) ) )
    1019         236 :       return false;       /* suffix existence mismatch */
    1020         629 :     if ( (NULL != suffix_url) &&
    1021         330 :          ( (suffix_strlen != strlen (rh->url_suffix)) ||
    1022         226 :            (0 != memcmp (suffix_url,
    1023         226 :                          rh->url_suffix,
    1024             :                          suffix_strlen)) ) )
    1025         180 :       return false;       /* suffix content mismatch */
    1026             :   }
    1027         866 :   return true;
    1028             : }
    1029             : 
    1030             : 
    1031             : /**
    1032             :  * Function called first by MHD with the full URL.
    1033             :  *
    1034             :  * @param cls NULL
    1035             :  * @param full_url the full URL
    1036             :  * @param con MHD connection object
    1037             :  * @return our handler context
    1038             :  */
    1039             : static void *
    1040         665 : full_url_track_callback (void *cls,
    1041             :                          const char *full_url,
    1042             :                          struct MHD_Connection *con)
    1043             : {
    1044             :   struct TMH_HandlerContext *hc;
    1045             : 
    1046         665 :   hc = GNUNET_new (struct TMH_HandlerContext);
    1047         665 :   GNUNET_async_scope_fresh (&hc->async_scope_id);
    1048         665 :   GNUNET_SCHEDULER_begin_async_scope (&hc->async_scope_id);
    1049         665 :   hc->full_url = GNUNET_strdup (full_url);
    1050         665 :   return hc;
    1051             : }
    1052             : 
    1053             : 
    1054             : /**
    1055             :  * Function used to process Basic authorization header value.
    1056             :  * Sets correct scope in the auth_scope parameter of the
    1057             :  * #TMH_HandlerContext.
    1058             :  *
    1059             :  * @param hc the handler context
    1060             :  * @param authn_s the value of the authorization header
    1061             :  */
    1062             : static void
    1063          14 : process_basic_auth (struct TMH_HandlerContext *hc, const char*authn_s)
    1064             : {
    1065             :   /* Handle token endpoint slightly differently: Only allow
    1066             :    * instance password (Basic auth) to retrieve access token.
    1067             :    * We need to handle authorization with Basic auth here first
    1068             :    * The only time we need to handle authentication like this is
    1069             :    * for the token endpoint!
    1070             :    */
    1071          14 :   if ( (0 != strncmp (hc->rh->url_prefix,
    1072             :                       "/token",
    1073          14 :                       strlen ("/token"))) ||
    1074          14 :        (0 != strncmp (MHD_HTTP_METHOD_POST,
    1075          14 :                       hc->rh->method,
    1076          14 :                       strlen (MHD_HTTP_METHOD_POST))) ||
    1077          14 :        (NULL == hc->instance))
    1078             :   {
    1079           0 :     GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
    1080             :                 "Called endpoint `%s' with Basic authentication. Rejecting...\n",
    1081             :                 hc->rh->url_prefix);
    1082           0 :     hc->auth_scope = TMH_AS_NONE;
    1083           0 :     return;
    1084             :   }
    1085          14 :   if (GNUNET_OK ==
    1086          14 :       check_auth_instance (authn_s,
    1087             :                            hc->instance))
    1088          13 :     hc->auth_scope = TMH_AS_ALL;
    1089             :   else
    1090           1 :     hc->auth_scope = TMH_AS_NONE;
    1091             : }
    1092             : 
    1093             : 
    1094             : /**
    1095             :  * Function used to process Bearer authorization header value.
    1096             :  * Sets correct scope in the auth_scope parameter of the
    1097             :  * #TMH_HandlerContext..
    1098             :  *
    1099             :  * @param hc the handler context
    1100             :  * @param authn_s the value of the authorization header
    1101             :  * @return TALER_EC_NONE on success.
    1102             :  */
    1103             : static enum TALER_ErrorCode
    1104         451 : process_bearer_auth (struct TMH_HandlerContext *hc, const char*authn_s)
    1105             : {
    1106         451 :   if (NULL == hc->instance)
    1107             :   {
    1108           2 :     hc->auth_scope = TMH_AS_NONE;
    1109           2 :     return TALER_EC_NONE;
    1110             :   }
    1111         449 :   if (GNUNET_is_zero (&hc->instance->auth.auth_hash))
    1112             :   {
    1113             :     /* hash zero means no authentication for instance */
    1114         406 :     hc->auth_scope = TMH_AS_ALL;
    1115         406 :     return TALER_EC_NONE;
    1116             :   }
    1117             :   {
    1118             :     enum TALER_ErrorCode ec;
    1119             : 
    1120          43 :     ec = TMH_check_token (authn_s,
    1121          43 :                           hc->instance->settings.id,
    1122             :                           &hc->auth_scope);
    1123          43 :     if (TALER_EC_NONE != ec)
    1124             :     {
    1125             :       char *dec;
    1126             :       size_t dec_len;
    1127             :       const char *token;
    1128             : 
    1129             :       /* NOTE: Deprecated, remove sometime after v1.1 */
    1130           9 :       if (0 != strncasecmp (authn_s,
    1131             :                             RFC_8959_PREFIX,
    1132             :                             strlen (RFC_8959_PREFIX)))
    1133             :       {
    1134           0 :         GNUNET_break_op (0);
    1135           0 :         hc->auth_scope = TMH_AS_NONE;
    1136           9 :         return ec;
    1137             :       }
    1138           9 :       GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
    1139             :                   "Trying deprecated secret-token:password API authN\n");
    1140           9 :       token = authn_s + strlen (RFC_8959_PREFIX);
    1141           9 :       dec_len = GNUNET_STRINGS_urldecode (token,
    1142             :                                           strlen (token),
    1143             :                                           &dec);
    1144          18 :       if ( (0 == dec_len) ||
    1145             :            (GNUNET_OK !=
    1146           9 :             TMH_check_auth (dec,
    1147           9 :                             &hc->instance->auth.auth_salt,
    1148           9 :                             &hc->instance->auth.auth_hash)) )
    1149             :       {
    1150           9 :         GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
    1151             :                     "Login failed\n");
    1152           9 :         hc->auth_scope = TMH_AS_NONE;
    1153           9 :         GNUNET_free (dec);
    1154           9 :         return TALER_EC_NONE;
    1155             :       }
    1156           0 :       hc->auth_scope = TMH_AS_ALL;
    1157           0 :       GNUNET_free (dec);
    1158             :     }
    1159             :   }
    1160          34 :   return TALER_EC_NONE;
    1161             : }
    1162             : 
    1163             : 
    1164             : /**
    1165             :  * A client has requested the given url using the given method
    1166             :  * (#MHD_HTTP_METHOD_GET, #MHD_HTTP_METHOD_PUT,
    1167             :  * #MHD_HTTP_METHOD_DELETE, #MHD_HTTP_METHOD_POST, etc).  The callback
    1168             :  * must call MHD callbacks to provide content to give back to the
    1169             :  * client and return an HTTP status code (i.e. #MHD_HTTP_OK,
    1170             :  * #MHD_HTTP_NOT_FOUND, etc.).
    1171             :  *
    1172             :  * @param cls argument given together with the function
    1173             :  *        pointer when the handler was registered with MHD
    1174             :  * @param connection the MHD connection to handle
    1175             :  * @param url the requested url
    1176             :  * @param method the HTTP method used (#MHD_HTTP_METHOD_GET,
    1177             :  *        #MHD_HTTP_METHOD_PUT, etc.)
    1178             :  * @param version the HTTP version string (i.e.
    1179             :  *        #MHD_HTTP_VERSION_1_1)
    1180             :  * @param upload_data the data being uploaded (excluding HEADERS,
    1181             :  *        for a POST that fits into memory and that is encoded
    1182             :  *        with a supported encoding, the POST data will NOT be
    1183             :  *        given in upload_data and is instead available as
    1184             :  *        part of #MHD_get_connection_values; very large POST
    1185             :  *        data *will* be made available incrementally in
    1186             :  *        @a upload_data)
    1187             :  * @param upload_data_size set initially to the size of the
    1188             :  *        @a upload_data provided; the method must update this
    1189             :  *        value to the number of bytes NOT processed;
    1190             :  * @param con_cls pointer that the callback can set to some
    1191             :  *        address and that will be preserved by MHD for future
    1192             :  *        calls for this request; since the access handler may
    1193             :  *        be called many times (i.e., for a PUT/POST operation
    1194             :  *        with plenty of upload data) this allows the application
    1195             :  *        to easily associate some request-specific state.
    1196             :  *        If necessary, this state can be cleaned up in the
    1197             :  *        global #MHD_RequestCompletedCallback (which
    1198             :  *        can be set with the #MHD_OPTION_NOTIFY_COMPLETED).
    1199             :  *        Initially, `*con_cls` will be set up by the
    1200             :  *        full_url_track_callback().
    1201             :  * @return #MHD_YES if the connection was handled successfully,
    1202             :  *         #MHD_NO if the socket must be closed due to a serious
    1203             :  *         error while handling the request
    1204             :  */
    1205             : static MHD_RESULT
    1206        1806 : url_handler (void *cls,
    1207             :              struct MHD_Connection *connection,
    1208             :              const char *url,
    1209             :              const char *method,
    1210             :              const char *version,
    1211             :              const char *upload_data,
    1212             :              size_t *upload_data_size,
    1213             :              void **con_cls)
    1214             : {
    1215             :   static struct TMH_RequestHandler management_handlers[] = {
    1216             :     /* GET /instances */
    1217             :     {
    1218             :       .url_prefix = "/instances",
    1219             :       .method = MHD_HTTP_METHOD_GET,
    1220             :       .permission = "instances-write",
    1221             :       .skip_instance = true,
    1222             :       .default_only = true,
    1223             :       .handler = &TMH_private_get_instances
    1224             :     },
    1225             :     /* POST /instances */
    1226             :     {
    1227             :       .url_prefix = "/instances",
    1228             :       .method = MHD_HTTP_METHOD_POST,
    1229             :       .permission = "instances-write",
    1230             :       .skip_instance = true,
    1231             :       .default_only = true,
    1232             :       .handler = &TMH_private_post_instances,
    1233             :       /* allow instance data of up to 8 MB, that should be plenty;
    1234             :          note that exceeding #GNUNET_MAX_MALLOC_CHECKED (40 MB)
    1235             :          would require further changes to the allocation logic
    1236             :          in the code... */
    1237             :       .max_upload = 1024 * 1024 * 8
    1238             :     },
    1239             :     /* GET /instances/$ID/ */
    1240             :     {
    1241             :       .url_prefix = "/instances/",
    1242             :       .method = MHD_HTTP_METHOD_GET,
    1243             :       .permission = "instances-write",
    1244             :       .skip_instance = true,
    1245             :       .default_only = true,
    1246             :       .have_id_segment = true,
    1247             :       .handler = &TMH_private_get_instances_default_ID
    1248             :     },
    1249             :     /* DELETE /instances/$ID */
    1250             :     {
    1251             :       .url_prefix = "/instances/",
    1252             :       .method = MHD_HTTP_METHOD_DELETE,
    1253             :       .permission = "instances-write",
    1254             :       .skip_instance = true,
    1255             :       .default_only = true,
    1256             :       .have_id_segment = true,
    1257             :       .handler = &TMH_private_delete_instances_default_ID
    1258             :     },
    1259             :     /* PATCH /instances/$ID */
    1260             :     {
    1261             :       .url_prefix = "/instances/",
    1262             :       .method = MHD_HTTP_METHOD_PATCH,
    1263             :       .permission = "instances-write",
    1264             :       .skip_instance = true,
    1265             :       .default_only = true,
    1266             :       .have_id_segment = true,
    1267             :       .handler = &TMH_private_patch_instances_default_ID,
    1268             :       /* allow instance data of up to 8 MB, that should be plenty;
    1269             :          note that exceeding #GNUNET_MAX_MALLOC_CHECKED (40 MB)
    1270             :          would require further changes to the allocation logic
    1271             :          in the code... */
    1272             :       .max_upload = 1024 * 1024 * 8
    1273             :     },
    1274             :     /* POST /auth: */
    1275             :     {
    1276             :       .url_prefix = "/instances/",
    1277             :       .url_suffix = "auth",
    1278             :       .method = MHD_HTTP_METHOD_POST,
    1279             :       .permission = "instances-auth-write",
    1280             :       .skip_instance = true,
    1281             :       .default_only = true,
    1282             :       .have_id_segment = true,
    1283             :       .handler = &TMH_private_post_instances_default_ID_auth,
    1284             :       /* Body should be pretty small. */
    1285             :       .max_upload = 1024 * 1024
    1286             :     },
    1287             :     /* GET /kyc: */
    1288             :     {
    1289             :       .url_prefix = "/instances/",
    1290             :       .url_suffix = "kyc",
    1291             :       .method = MHD_HTTP_METHOD_GET,
    1292             :       .permission = "instances-kyc-read",
    1293             :       .skip_instance = true,
    1294             :       .default_only = true,
    1295             :       .have_id_segment = true,
    1296             :       .handler = &TMH_private_get_instances_default_ID_kyc,
    1297             :     },
    1298             :     {
    1299             :       .url_prefix = NULL
    1300             :     }
    1301             :   };
    1302             : 
    1303             :   static struct TMH_RequestHandler private_handlers[] = {
    1304             :     /* GET /instances/$ID/: */
    1305             :     {
    1306             :       .url_prefix = "/",
    1307             :       .method = MHD_HTTP_METHOD_GET,
    1308             :       .permission = "instances-read",
    1309             :       .handler = &TMH_private_get_instances_ID
    1310             :     },
    1311             :     /* DELETE /instances/$ID/: */
    1312             :     {
    1313             :       .url_prefix = "/",
    1314             :       .method = MHD_HTTP_METHOD_DELETE,
    1315             :       .permission = "instances-write",
    1316             :       .allow_deleted_instance = true,
    1317             :       .handler = &TMH_private_delete_instances_ID
    1318             :     },
    1319             :     /* PATCH /instances/$ID/: */
    1320             :     {
    1321             :       .url_prefix = "/",
    1322             :       .method = MHD_HTTP_METHOD_PATCH,
    1323             :       .handler = &TMH_private_patch_instances_ID,
    1324             :       .permission = "instances-write",
    1325             :       .allow_deleted_instance = true,
    1326             :       /* allow instance data of up to 8 MB, that should be plenty;
    1327             :          note that exceeding #GNUNET_MAX_MALLOC_CHECKED (40 MB)
    1328             :          would require further changes to the allocation logic
    1329             :          in the code... */
    1330             :       .max_upload = 1024 * 1024 * 8
    1331             :     },
    1332             :     /* POST /auth: */
    1333             :     {
    1334             :       .url_prefix = "/auth",
    1335             :       .method = MHD_HTTP_METHOD_POST,
    1336             :       .handler = &TMH_private_post_instances_ID_auth,
    1337             :       .permission = "auth-write",
    1338             :       /* Body should be pretty small. */
    1339             :       .max_upload = 1024 * 1024,
    1340             :     },
    1341             :     /* GET /kyc: */
    1342             :     {
    1343             :       .url_prefix = "/kyc",
    1344             :       .method = MHD_HTTP_METHOD_GET,
    1345             :       .permission = "kyc-read",
    1346             :       .handler = &TMH_private_get_instances_ID_kyc,
    1347             :     },
    1348             :     /* GET /pos: */
    1349             :     {
    1350             :       .url_prefix = "/pos",
    1351             :       .method = MHD_HTTP_METHOD_GET,
    1352             :       .permission = "pos-read",
    1353             :       .handler = &TMH_private_get_pos
    1354             :     },
    1355             :     /* GET /categories: */
    1356             :     {
    1357             :       .url_prefix = "/categories",
    1358             :       .method = MHD_HTTP_METHOD_GET,
    1359             :       .permission = "categories-read",
    1360             :       .handler = &TMH_private_get_categories
    1361             :     },
    1362             :     /* POST /categories: */
    1363             :     {
    1364             :       .url_prefix = "/categories",
    1365             :       .method = MHD_HTTP_METHOD_POST,
    1366             :       .permission = "categories-write",
    1367             :       .handler = &TMH_private_post_categories,
    1368             :       /* allow category data of up to 8 kb, that should be plenty */
    1369             :       .max_upload = 1024 * 8
    1370             :     },
    1371             :     /* GET /categories/$ID: */
    1372             :     {
    1373             :       .url_prefix = "/categories/",
    1374             :       .method = MHD_HTTP_METHOD_GET,
    1375             :       .permission = "categories-read",
    1376             :       .have_id_segment = true,
    1377             :       .allow_deleted_instance = true,
    1378             :       .handler = &TMH_private_get_categories_ID
    1379             :     },
    1380             :     /* DELETE /categories/$ID: */
    1381             :     {
    1382             :       .url_prefix = "/categories/",
    1383             :       .method = MHD_HTTP_METHOD_DELETE,
    1384             :       .permission = "categories-write",
    1385             :       .have_id_segment = true,
    1386             :       .allow_deleted_instance = true,
    1387             :       .handler = &TMH_private_delete_categories_ID
    1388             :     },
    1389             :     /* PATCH /categories/$ID/: */
    1390             :     {
    1391             :       .url_prefix = "/categories/",
    1392             :       .method = MHD_HTTP_METHOD_PATCH,
    1393             :       .permission = "categories-write",
    1394             :       .have_id_segment = true,
    1395             :       .allow_deleted_instance = true,
    1396             :       .handler = &TMH_private_patch_categories_ID,
    1397             :       /* allow category data of up to 8 kb, that should be plenty */
    1398             :       .max_upload = 1024 * 8
    1399             :     },
    1400             :     /* GET /products: */
    1401             :     {
    1402             :       .url_prefix = "/products",
    1403             :       .permission = "products-read",
    1404             :       .method = MHD_HTTP_METHOD_GET,
    1405             :       .handler = &TMH_private_get_products
    1406             :     },
    1407             :     /* POST /products: */
    1408             :     {
    1409             :       .url_prefix = "/products",
    1410             :       .method = MHD_HTTP_METHOD_POST,
    1411             :       .permission = "products-write",
    1412             :       .handler = &TMH_private_post_products,
    1413             :       /* allow product data of up to 8 MB, that should be plenty;
    1414             :          note that exceeding #GNUNET_MAX_MALLOC_CHECKED (40 MB)
    1415             :          would require further changes to the allocation logic
    1416             :          in the code... */
    1417             :       .max_upload = 1024 * 1024 * 8
    1418             :     },
    1419             :     /* GET /products/$ID: */
    1420             :     {
    1421             :       .url_prefix = "/products/",
    1422             :       .method = MHD_HTTP_METHOD_GET,
    1423             :       .have_id_segment = true,
    1424             :       .permission = "products-read",
    1425             :       .allow_deleted_instance = true,
    1426             :       .handler = &TMH_private_get_products_ID
    1427             :     },
    1428             :     /* DELETE /products/$ID/: */
    1429             :     {
    1430             :       .url_prefix = "/products/",
    1431             :       .method = MHD_HTTP_METHOD_DELETE,
    1432             :       .have_id_segment = true,
    1433             :       .permission = "products-write",
    1434             :       .allow_deleted_instance = true,
    1435             :       .handler = &TMH_private_delete_products_ID
    1436             :     },
    1437             :     /* PATCH /products/$ID/: */
    1438             :     {
    1439             :       .url_prefix = "/products/",
    1440             :       .method = MHD_HTTP_METHOD_PATCH,
    1441             :       .have_id_segment = true,
    1442             :       .allow_deleted_instance = true,
    1443             :       .permission = "products-write",
    1444             :       .handler = &TMH_private_patch_products_ID,
    1445             :       /* allow product data of up to 8 MB, that should be plenty;
    1446             :          note that exceeding #GNUNET_MAX_MALLOC_CHECKED (40 MB)
    1447             :          would require further changes to the allocation logic
    1448             :          in the code... */
    1449             :       .max_upload = 1024 * 1024 * 8
    1450             :     },
    1451             :     /* POST /products/$ID/lock: */
    1452             :     {
    1453             :       .url_prefix = "/products/",
    1454             :       .url_suffix = "lock",
    1455             :       .method = MHD_HTTP_METHOD_POST,
    1456             :       .have_id_segment = true,
    1457             :       .permission = "products-lock",
    1458             :       .handler = &TMH_private_post_products_ID_lock,
    1459             :       /* the body should be pretty small, allow 1 MB of upload
    1460             :          to set a conservative bound for sane wallets */
    1461             :       .max_upload = 1024 * 1024
    1462             :     },
    1463             :     /* POST /orders: */
    1464             :     {
    1465             :       .url_prefix = "/orders",
    1466             :       .method = MHD_HTTP_METHOD_POST,
    1467             :       .permission = "orders-write",
    1468             :       .handler = &TMH_private_post_orders,
    1469             :       /* allow contracts of up to 8 MB, that should be plenty;
    1470             :          note that exceeding #GNUNET_MAX_MALLOC_CHECKED (40 MB)
    1471             :          would require further changes to the allocation logic
    1472             :          in the code... */
    1473             :       .max_upload = 1024 * 1024 * 8
    1474             :     },
    1475             :     /* GET /orders/$ID: */
    1476             :     {
    1477             :       .url_prefix = "/orders/",
    1478             :       .method = MHD_HTTP_METHOD_GET,
    1479             :       .permission = "orders-read",
    1480             :       .have_id_segment = true,
    1481             :       .allow_deleted_instance = true,
    1482             :       .handler = &TMH_private_get_orders_ID
    1483             :     },
    1484             :     /* GET /orders: */
    1485             :     {
    1486             :       .url_prefix = "/orders",
    1487             :       .method = MHD_HTTP_METHOD_GET,
    1488             :       .permission = "orders-read",
    1489             :       .allow_deleted_instance = true,
    1490             :       .handler = &TMH_private_get_orders
    1491             :     },
    1492             :     /* POST /orders/$ID/refund: */
    1493             :     {
    1494             :       .url_prefix = "/orders/",
    1495             :       .url_suffix = "refund",
    1496             :       .method = MHD_HTTP_METHOD_POST,
    1497             :       .have_id_segment = true,
    1498             :       .permission = "orders-refund",
    1499             :       .handler = &TMH_private_post_orders_ID_refund,
    1500             :       /* the body should be pretty small, allow 1 MB of upload
    1501             :          to set a conservative bound for sane wallets */
    1502             :       .max_upload = 1024 * 1024
    1503             :     },
    1504             :     /* PATCH /orders/$ID/forget: */
    1505             :     {
    1506             :       .url_prefix = "/orders/",
    1507             :       .url_suffix = "forget",
    1508             :       .method = MHD_HTTP_METHOD_PATCH,
    1509             :       .permission = "orders-write",
    1510             :       .have_id_segment = true,
    1511             :       .allow_deleted_instance = true,
    1512             :       .handler = &TMH_private_patch_orders_ID_forget,
    1513             :       /* the body should be pretty small, allow 1 MB of upload
    1514             :          to set a conservative bound for sane wallets */
    1515             :       .max_upload = 1024 * 1024
    1516             :     },
    1517             :     /* DELETE /orders/$ID: */
    1518             :     {
    1519             :       .url_prefix = "/orders/",
    1520             :       .method = MHD_HTTP_METHOD_DELETE,
    1521             :       .permission = "orders-write",
    1522             :       .have_id_segment = true,
    1523             :       .allow_deleted_instance = true,
    1524             :       .handler = &TMH_private_delete_orders_ID
    1525             :     },
    1526             :     /* POST /transfers: */
    1527             :     {
    1528             :       .url_prefix = "/transfers",
    1529             :       .method = MHD_HTTP_METHOD_POST,
    1530             :       .allow_deleted_instance = true,
    1531             :       .handler = &TMH_private_post_transfers,
    1532             :       .permission = "transfers-write",
    1533             :       /* the body should be pretty small, allow 1 MB of upload
    1534             :          to set a conservative bound for sane wallets */
    1535             :       .max_upload = 1024 * 1024
    1536             :     },
    1537             :     /* DELETE /transfers/$ID: */
    1538             :     {
    1539             :       .url_prefix = "/transfers/",
    1540             :       .method = MHD_HTTP_METHOD_DELETE,
    1541             :       .permission = "transfers-write",
    1542             :       .allow_deleted_instance = true,
    1543             :       .handler = &TMH_private_delete_transfers_ID,
    1544             :       .have_id_segment = true,
    1545             :       /* the body should be pretty small, allow 1 MB of upload
    1546             :          to set a conservative bound for sane wallets */
    1547             :       .max_upload = 1024 * 1024
    1548             :     },
    1549             :     /* GET /transfers: */
    1550             :     {
    1551             :       .url_prefix = "/transfers",
    1552             :       .permission = "transfers-read",
    1553             :       .method = MHD_HTTP_METHOD_GET,
    1554             :       .allow_deleted_instance = true,
    1555             :       .handler = &TMH_private_get_transfers
    1556             :     },
    1557             :     /* POST /otp-devices: */
    1558             :     {
    1559             :       .url_prefix = "/otp-devices",
    1560             :       .permission = "otp-devices-write",
    1561             :       .method = MHD_HTTP_METHOD_POST,
    1562             :       .handler = &TMH_private_post_otp_devices
    1563             :     },
    1564             :     /* GET /otp-devices: */
    1565             :     {
    1566             :       .url_prefix = "/otp-devices",
    1567             :       .permission = "opt-devices-read",
    1568             :       .method = MHD_HTTP_METHOD_GET,
    1569             :       .handler = &TMH_private_get_otp_devices
    1570             :     },
    1571             :     /* GET /otp-devices/$ID/: */
    1572             :     {
    1573             :       .url_prefix = "/otp-devices/",
    1574             :       .method = MHD_HTTP_METHOD_GET,
    1575             :       .permission = "otp-devices-read",
    1576             :       .have_id_segment = true,
    1577             :       .handler = &TMH_private_get_otp_devices_ID
    1578             :     },
    1579             :     /* DELETE /otp-devices/$ID/: */
    1580             :     {
    1581             :       .url_prefix = "/otp-devices/",
    1582             :       .method = MHD_HTTP_METHOD_DELETE,
    1583             :       .permission = "otp-devices-write",
    1584             :       .have_id_segment = true,
    1585             :       .handler = &TMH_private_delete_otp_devices_ID
    1586             :     },
    1587             :     /* PATCH /otp-devices/$ID/: */
    1588             :     {
    1589             :       .url_prefix = "/otp-devices/",
    1590             :       .method = MHD_HTTP_METHOD_PATCH,
    1591             :       .permission = "otp-devices-write",
    1592             :       .have_id_segment = true,
    1593             :       .handler = &TMH_private_patch_otp_devices_ID
    1594             :     },
    1595             :     /* POST /templates: */
    1596             :     {
    1597             :       .url_prefix = "/templates",
    1598             :       .method = MHD_HTTP_METHOD_POST,
    1599             :       .permission = "templates-write",
    1600             :       .handler = &TMH_private_post_templates,
    1601             :       /* allow template data of up to 8 MB, that should be plenty;
    1602             :          note that exceeding #GNUNET_MAX_MALLOC_CHECKED (40 MB)
    1603             :          would require further changes to the allocation logic
    1604             :          in the code... */
    1605             :       .max_upload = 1024 * 1024 * 8
    1606             :     },
    1607             :     /* GET /templates: */
    1608             :     {
    1609             :       .url_prefix = "/templates",
    1610             :       .permission = "templates-read",
    1611             :       .method = MHD_HTTP_METHOD_GET,
    1612             :       .handler = &TMH_private_get_templates
    1613             :     },
    1614             :     /* GET /templates/$ID/: */
    1615             :     {
    1616             :       .url_prefix = "/templates/",
    1617             :       .method = MHD_HTTP_METHOD_GET,
    1618             :       .permission = "templates-read",
    1619             :       .have_id_segment = true,
    1620             :       .allow_deleted_instance = true,
    1621             :       .handler = &TMH_private_get_templates_ID
    1622             :     },
    1623             :     /* DELETE /templates/$ID/: */
    1624             :     {
    1625             :       .url_prefix = "/templates/",
    1626             :       .method = MHD_HTTP_METHOD_DELETE,
    1627             :       .permission = "templates-write",
    1628             :       .have_id_segment = true,
    1629             :       .allow_deleted_instance = true,
    1630             :       .handler = &TMH_private_delete_templates_ID
    1631             :     },
    1632             :     /* PATCH /templates/$ID/: */
    1633             :     {
    1634             :       .url_prefix = "/templates/",
    1635             :       .method = MHD_HTTP_METHOD_PATCH,
    1636             :       .permission = "templates-write",
    1637             :       .have_id_segment = true,
    1638             :       .allow_deleted_instance = true,
    1639             :       .handler = &TMH_private_patch_templates_ID,
    1640             :       /* allow template data of up to 8 MB, that should be plenty;
    1641             :          note that exceeding #GNUNET_MAX_MALLOC_CHECKED (40 MB)
    1642             :          would require further changes to the allocation logic
    1643             :          in the code... */
    1644             :       .max_upload = 1024 * 1024 * 8
    1645             :     },
    1646             :     /* GET /webhooks: */
    1647             :     {
    1648             :       .url_prefix = "/webhooks",
    1649             :       .permission = "webhooks-read",
    1650             :       .method = MHD_HTTP_METHOD_GET,
    1651             :       .handler = &TMH_private_get_webhooks
    1652             :     },
    1653             :     /* POST /webhooks: */
    1654             :     {
    1655             :       .url_prefix = "/webhooks",
    1656             :       .method = MHD_HTTP_METHOD_POST,
    1657             :       .permission = "webhooks-write",
    1658             :       .handler = &TMH_private_post_webhooks,
    1659             :       /* allow webhook data of up to 8 MB, that should be plenty;
    1660             :          note that exceeding #GNUNET_MAX_MALLOC_CHECKED (40 MB)
    1661             :          would require further changes to the allocation logic
    1662             :          in the code... */
    1663             :       .max_upload = 1024 * 1024 * 8
    1664             :     },
    1665             :     /* GET /webhooks/$ID/: */
    1666             :     {
    1667             :       .url_prefix = "/webhooks/",
    1668             :       .method = MHD_HTTP_METHOD_GET,
    1669             :       .permission = "webhooks-read",
    1670             :       .have_id_segment = true,
    1671             :       .allow_deleted_instance = true,
    1672             :       .handler = &TMH_private_get_webhooks_ID
    1673             :     },
    1674             :     /* DELETE /webhooks/$ID/: */
    1675             :     {
    1676             :       .url_prefix = "/webhooks/",
    1677             :       .permission = "webhooks-write",
    1678             :       .method = MHD_HTTP_METHOD_DELETE,
    1679             :       .have_id_segment = true,
    1680             :       .allow_deleted_instance = true,
    1681             :       .handler = &TMH_private_delete_webhooks_ID
    1682             :     },
    1683             :     /* PATCH /webhooks/$ID/: */
    1684             :     {
    1685             :       .url_prefix = "/webhooks/",
    1686             :       .method = MHD_HTTP_METHOD_PATCH,
    1687             :       .permission = "webhooks-write",
    1688             :       .have_id_segment = true,
    1689             :       .allow_deleted_instance = true,
    1690             :       .handler = &TMH_private_patch_webhooks_ID,
    1691             :       /* allow webhook data of up to 8 MB, that should be plenty;
    1692             :          note that exceeding #GNUNET_MAX_MALLOC_CHECKED (40 MB)
    1693             :          would require further changes to the allocation logic
    1694             :          in the code... */
    1695             :       .max_upload = 1024 * 1024 * 8
    1696             :     },
    1697             :     /* POST /accounts: */
    1698             :     {
    1699             :       .url_prefix = "/accounts",
    1700             :       .method = MHD_HTTP_METHOD_POST,
    1701             :       .permission = "accounts-write",
    1702             :       .handler = &TMH_private_post_account,
    1703             :       /* allow account details of up to 8 kb, that should be plenty */
    1704             :       .max_upload = 1024 * 8
    1705             :     },
    1706             :     /* PATCH /accounts/$H_WIRE: */
    1707             :     {
    1708             :       .url_prefix = "/accounts/",
    1709             :       .method = MHD_HTTP_METHOD_PATCH,
    1710             :       .permission = "accounts-write",
    1711             :       .handler = &TMH_private_patch_accounts_ID,
    1712             :       .have_id_segment = true,
    1713             :       /* allow account details of up to 8 kb, that should be plenty */
    1714             :       .max_upload = 1024 * 8
    1715             :     },
    1716             :     /* GET /accounts: */
    1717             :     {
    1718             :       .url_prefix = "/accounts",
    1719             :       .permission = "accounts-read",
    1720             :       .method = MHD_HTTP_METHOD_GET,
    1721             :       .handler = &TMH_private_get_accounts
    1722             :     },
    1723             :     /* GET /accounts/$H_WIRE: */
    1724             :     {
    1725             :       .url_prefix = "/accounts/",
    1726             :       .permission = "accounts-read",
    1727             :       .method = MHD_HTTP_METHOD_GET,
    1728             :       .have_id_segment = true,
    1729             :       .handler = &TMH_private_get_accounts_ID
    1730             :     },
    1731             :     /* DELETE /accounts/$H_WIRE: */
    1732             :     {
    1733             :       .url_prefix = "/accounts/",
    1734             :       .permission = "accounts-write",
    1735             :       .method = MHD_HTTP_METHOD_DELETE,
    1736             :       .handler = &TMH_private_delete_account_ID,
    1737             :       .have_id_segment = true
    1738             :     },
    1739             :     /* GET /tokens: */
    1740             :     {
    1741             :       .url_prefix = "/tokens",
    1742             :       .permission = "tokens-read",
    1743             :       .method = MHD_HTTP_METHOD_GET,
    1744             :       .handler = &TMH_private_get_instances_ID_tokens,
    1745             :     },
    1746             :     /* POST /token: */
    1747             :     {
    1748             :       .url_prefix = "/token",
    1749             :       .permission = "token-refresh",
    1750             :       .method = MHD_HTTP_METHOD_POST,
    1751             :       .handler = &TMH_private_post_instances_ID_token,
    1752             :       /* Body should be tiny. */
    1753             :       .max_upload = 1024
    1754             :     },
    1755             :     /* DELETE /tokens/$SERIAL: */
    1756             :     {
    1757             :       .url_prefix = "/tokens/",
    1758             :       .permission = "tokens-write",
    1759             :       .method = MHD_HTTP_METHOD_DELETE,
    1760             :       .handler = &TMH_private_delete_instances_ID_token_SERIAL,
    1761             :       .have_id_segment = true
    1762             :     },
    1763             :     /* DELETE /token: */
    1764             :     {
    1765             :       .url_prefix = "/token",
    1766             :       .method = MHD_HTTP_METHOD_DELETE,
    1767             :       .handler = &TMH_private_delete_instances_ID_token,
    1768             :     },
    1769             :     /* GET /tokenfamilies: */
    1770             :     {
    1771             :       .url_prefix = "/tokenfamilies",
    1772             :       .permission = "tokenfamilies-read",
    1773             :       .method = MHD_HTTP_METHOD_GET,
    1774             :       .handler = &TMH_private_get_tokenfamilies
    1775             :     },
    1776             :     /* POST /tokenfamilies: */
    1777             :     {
    1778             :       .url_prefix = "/tokenfamilies",
    1779             :       .permission = "tokenfamilies-write",
    1780             :       .method = MHD_HTTP_METHOD_POST,
    1781             :       .handler = &TMH_private_post_token_families
    1782             :     },
    1783             :     /* GET /tokenfamilies/$SLUG/: */
    1784             :     {
    1785             :       .url_prefix = "/tokenfamilies/",
    1786             :       .method = MHD_HTTP_METHOD_GET,
    1787             :       .permission = "tokenfamilies-read",
    1788             :       .have_id_segment = true,
    1789             :       .handler = &TMH_private_get_tokenfamilies_SLUG
    1790             :     },
    1791             :     /* DELETE /tokenfamilies/$SLUG/: */
    1792             :     {
    1793             :       .url_prefix = "/tokenfamilies/",
    1794             :       .method = MHD_HTTP_METHOD_DELETE,
    1795             :       .permission = "tokenfamilies-write",
    1796             :       .have_id_segment = true,
    1797             :       .handler = &TMH_private_delete_token_families_SLUG
    1798             :     },
    1799             :     /* PATCH /tokenfamilies/$SLUG/: */
    1800             :     {
    1801             :       .url_prefix = "/tokenfamilies/",
    1802             :       .method = MHD_HTTP_METHOD_PATCH,
    1803             :       .permission = "tokenfamilies-write",
    1804             :       .have_id_segment = true,
    1805             :       .handler = &TMH_private_patch_token_family_SLUG,
    1806             :     },
    1807             :     /* GET /statistics-counter/$SLUG: */
    1808             :     {
    1809             :       .url_prefix = "/statistics-counter/",
    1810             :       .method = MHD_HTTP_METHOD_GET,
    1811             :       .permission = "statistics-read",
    1812             :       .have_id_segment = true,
    1813             :       .handler = &TMH_private_get_statistics_counter_SLUG,
    1814             :     },
    1815             :     /* GET /statistics-amount/$SLUG: */
    1816             :     {
    1817             :       .url_prefix = "/statistics-amount/",
    1818             :       .method = MHD_HTTP_METHOD_GET,
    1819             :       .permission = "statistics-read",
    1820             :       .have_id_segment = true,
    1821             :       .handler = &TMH_private_get_statistics_amount_SLUG,
    1822             :     },
    1823             :     {
    1824             :       .url_prefix = NULL
    1825             :     }
    1826             :   };
    1827             :   static struct TMH_RequestHandler public_handlers[] = {
    1828             :     {
    1829             :       /* for "admin" instance, it does not even
    1830             :          have to exist before we give the WebUI */
    1831             :       .url_prefix = "/",
    1832             :       .method = MHD_HTTP_METHOD_GET,
    1833             :       .mime_type = "text/html",
    1834             :       .skip_instance = true,
    1835             :       .default_only = true,
    1836             :       .handler = &spa_redirect,
    1837             :       .response_code = MHD_HTTP_FOUND
    1838             :     },
    1839             :     {
    1840             :       /* for "normal" instance,s they must exist
    1841             :          before we give the WebUI */
    1842             :       .url_prefix = "/",
    1843             :       .method = MHD_HTTP_METHOD_GET,
    1844             :       .mime_type = "text/html",
    1845             :       .handler = &spa_redirect,
    1846             :       .response_code = MHD_HTTP_FOUND
    1847             :     },
    1848             :     {
    1849             :       .url_prefix = "/webui/",
    1850             :       .method = MHD_HTTP_METHOD_GET,
    1851             :       .mime_type = "text/html",
    1852             :       .skip_instance = true,
    1853             :       .have_id_segment = true,
    1854             :       .handler = &TMH_return_spa,
    1855             :       .response_code = MHD_HTTP_OK
    1856             :     },
    1857             :     {
    1858             :       .url_prefix = "/agpl",
    1859             :       .method = MHD_HTTP_METHOD_GET,
    1860             :       .skip_instance = true,
    1861             :       .handler = &TMH_MHD_handler_agpl_redirect
    1862             :     },
    1863             :     {
    1864             :       .url_prefix = "/config",
    1865             :       .method = MHD_HTTP_METHOD_GET,
    1866             :       .skip_instance = true,
    1867             :       .default_only = true,
    1868             :       .handler = &MH_handler_config
    1869             :     },
    1870             :     /* Also serve the same /config per instance */
    1871             :     {
    1872             :       .url_prefix = "/config",
    1873             :       .method = MHD_HTTP_METHOD_GET,
    1874             :       .skip_instance = false,
    1875             :       .allow_deleted_instance = true,
    1876             :       .handler = &MH_handler_config
    1877             :     },
    1878             :     /* POST /orders/$ID/abort: */
    1879             :     {
    1880             :       .url_prefix = "/orders/",
    1881             :       .have_id_segment = true,
    1882             :       .url_suffix = "abort",
    1883             :       .method = MHD_HTTP_METHOD_POST,
    1884             :       .handler = &TMH_post_orders_ID_abort,
    1885             :       /* wallet may give us many coins to sign, allow 1 MB of upload
    1886             :          to set a conservative bound for sane wallets */
    1887             :       .max_upload = 1024 * 1024
    1888             :     },
    1889             :     /* POST /orders/$ID/claim: */
    1890             :     {
    1891             :       .url_prefix = "/orders/",
    1892             :       .have_id_segment = true,
    1893             :       .url_suffix = "claim",
    1894             :       .method = MHD_HTTP_METHOD_POST,
    1895             :       .handler = &TMH_post_orders_ID_claim,
    1896             :       /* the body should be pretty small, allow 1 MB of upload
    1897             :          to set a conservative bound for sane wallets */
    1898             :       .max_upload = 1024 * 1024
    1899             :     },
    1900             :     /* POST /orders/$ID/pay: */
    1901             :     {
    1902             :       .url_prefix = "/orders/",
    1903             :       .have_id_segment = true,
    1904             :       .url_suffix = "pay",
    1905             :       .method = MHD_HTTP_METHOD_POST,
    1906             :       .handler = &TMH_post_orders_ID_pay,
    1907             :       /* wallet may give us many coins to sign, allow 1 MB of upload
    1908             :          to set a conservative bound for sane wallets */
    1909             :       .max_upload = 1024 * 1024
    1910             :     },
    1911             :     /* POST /orders/$ID/paid: */
    1912             :     {
    1913             :       .url_prefix = "/orders/",
    1914             :       .have_id_segment = true,
    1915             :       .allow_deleted_instance = true,
    1916             :       .url_suffix = "paid",
    1917             :       .method = MHD_HTTP_METHOD_POST,
    1918             :       .handler = &TMH_post_orders_ID_paid,
    1919             :       /* the body should be pretty small, allow 1 MB of upload
    1920             :          to set a conservative bound for sane wallets */
    1921             :       .max_upload = 1024 * 1024
    1922             :     },
    1923             :     /* POST /orders/$ID/refund: */
    1924             :     {
    1925             :       .url_prefix = "/orders/",
    1926             :       .have_id_segment = true,
    1927             :       .allow_deleted_instance = true,
    1928             :       .url_suffix = "refund",
    1929             :       .method = MHD_HTTP_METHOD_POST,
    1930             :       .handler = &TMH_post_orders_ID_refund,
    1931             :       /* the body should be pretty small, allow 1 MB of upload
    1932             :          to set a conservative bound for sane wallets */
    1933             :       .max_upload = 1024 * 1024
    1934             :     },
    1935             :     /* GET /orders/$ID: */
    1936             :     {
    1937             :       .url_prefix = "/orders/",
    1938             :       .method = MHD_HTTP_METHOD_GET,
    1939             :       .allow_deleted_instance = true,
    1940             :       .have_id_segment = true,
    1941             :       .handler = &TMH_get_orders_ID
    1942             :     },
    1943             :     /* GET /static/ *: */
    1944             :     {
    1945             :       .url_prefix = "/static/",
    1946             :       .method = MHD_HTTP_METHOD_GET,
    1947             :       .have_id_segment = true,
    1948             :       .handler = &TMH_return_static
    1949             :     },
    1950             :     /* GET /templates/$ID/: */
    1951             :     {
    1952             :       .url_prefix = "/templates/",
    1953             :       .method = MHD_HTTP_METHOD_GET,
    1954             :       .have_id_segment = true,
    1955             :       .handler = &TMH_get_templates_ID
    1956             :     },
    1957             :     /* POST /templates/$ID: */
    1958             :     {
    1959             :       .url_prefix = "/templates/",
    1960             :       .method = MHD_HTTP_METHOD_POST,
    1961             :       .have_id_segment = true,
    1962             :       .handler = &TMH_post_using_templates_ID,
    1963             :       .max_upload = 1024 * 1024
    1964             :     },
    1965             :     {
    1966             :       .url_prefix = "*",
    1967             :       .method = MHD_HTTP_METHOD_OPTIONS,
    1968             :       .handler = &handle_server_options
    1969             :     },
    1970             :     {
    1971             :       .url_prefix = NULL
    1972             :     }
    1973             :   };
    1974        1806 :   struct TMH_HandlerContext *hc = *con_cls;
    1975             :   struct TMH_RequestHandler *handlers;
    1976        1806 :   bool use_default = false;
    1977             : 
    1978             :   (void) cls;
    1979             :   (void) version;
    1980        1806 :   if (NULL != hc->url)
    1981             :   {
    1982             :     /* MHD calls us again for a request, for first call
    1983             :        see 'else' case below */
    1984        1141 :     GNUNET_assert (NULL != hc->rh);
    1985        1141 :     GNUNET_SCHEDULER_begin_async_scope (&hc->async_scope_id);
    1986        1141 :     if ( (hc->has_body) &&
    1987         870 :          (NULL == hc->request_body) )
    1988             :     {
    1989         768 :       size_t mul = hc->rh->max_upload;
    1990             :       enum GNUNET_GenericReturnValue res;
    1991             : 
    1992         768 :       if (0 == mul)
    1993          20 :         mul = DEFAULT_MAX_UPLOAD_SIZE;
    1994         768 :       if ( (hc->total_upload + *upload_data_size < hc->total_upload) ||
    1995         768 :            (hc->total_upload + *upload_data_size > mul) )
    1996             :       {
    1997             :         /* Client exceeds upload limit. Should _usually_ be checked earlier
    1998             :            when we look at the MHD_HTTP_HEADER_CONTENT_LENGTH, alas with
    1999             :            chunked encoding an uploader MAY have omitted this, and thus
    2000             :            not permitted us to check on time. In this case, we just close
    2001             :            the connection once it exceeds our limit (instead of waiting
    2002             :            for the upload to complete and then fail). This could theoretically
    2003             :            cause some clients to retry, alas broken or malicious clients
    2004             :            are likely to retry anyway, so little we can do about it, and
    2005             :            failing earlier seems the best option here.  */
    2006           0 :         GNUNET_break_op (0);
    2007           0 :         return MHD_NO;
    2008             :       }
    2009         768 :       hc->total_upload += *upload_data_size;
    2010         768 :       res = TALER_MHD_parse_post_json (connection,
    2011             :                                        &hc->json_parse_context,
    2012             :                                        upload_data,
    2013             :                                        upload_data_size,
    2014             :                                        &hc->request_body);
    2015         768 :       if (GNUNET_SYSERR == res)
    2016           0 :         return MHD_NO;
    2017             :       /* A error response was already generated */
    2018         768 :       if ( (GNUNET_NO == res) ||
    2019             :            /* or, need more data to accomplish parsing */
    2020         768 :            (NULL == hc->request_body) )
    2021         384 :         return MHD_YES; /* let MHD call us *again* */
    2022             :     }
    2023             :     /* Upload complete (if any), call handler to generate reply */
    2024         757 :     return hc->rh->handler (hc->rh,
    2025             :                             connection,
    2026             :                             hc);
    2027             :   }
    2028         665 :   hc->url = url;
    2029             :   {
    2030             :     const char *correlation_id;
    2031             : 
    2032         665 :     correlation_id = MHD_lookup_connection_value (connection,
    2033             :                                                   MHD_HEADER_KIND,
    2034             :                                                   "Taler-Correlation-Id");
    2035         665 :     if ( (NULL != correlation_id) &&
    2036             :          (GNUNET_YES !=
    2037           0 :           GNUNET_CURL_is_valid_scope_id (correlation_id)) )
    2038             :     {
    2039           0 :       GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
    2040             :                   "Illegal incoming correlation ID\n");
    2041           0 :       correlation_id = NULL;
    2042             :     }
    2043         665 :     if (NULL != correlation_id)
    2044           0 :       GNUNET_log (GNUNET_ERROR_TYPE_INFO,
    2045             :                   "Handling request for (%s) URL '%s', correlation_id=%s\n",
    2046             :                   method,
    2047             :                   url,
    2048             :                   correlation_id);
    2049             :     else
    2050         665 :       GNUNET_log (GNUNET_ERROR_TYPE_INFO,
    2051             :                   "Handling request (%s) for URL '%s'\n",
    2052             :                   method,
    2053             :                   url);
    2054             :   }
    2055             : 
    2056         665 :   if (0 == strcasecmp (method,
    2057             :                        MHD_HTTP_METHOD_HEAD))
    2058           0 :     method = MHD_HTTP_METHOD_GET; /* MHD will deal with the rest */
    2059             : 
    2060             : 
    2061             :   /* Find out the merchant backend instance for the request.
    2062             :    * If there is an instance, remove the instance specification
    2063             :    * from the beginning of the request URL. */
    2064             :   {
    2065         665 :     const char *instance_prefix = "/instances/";
    2066             : 
    2067         665 :     if (0 == strncmp (url,
    2068             :                       instance_prefix,
    2069             :                       strlen (instance_prefix)))
    2070             :     {
    2071             :       /* url starts with "/instances/" */
    2072          85 :       const char *istart = url + strlen (instance_prefix);
    2073          85 :       const char *slash = strchr (istart, '/');
    2074             :       char *instance_id;
    2075             : 
    2076          85 :       if (NULL == slash)
    2077           0 :         instance_id = GNUNET_strdup (istart);
    2078             :       else
    2079          85 :         instance_id = GNUNET_strndup (istart,
    2080             :                                       slash - istart);
    2081          85 :       if (0 == strcmp (instance_id,
    2082             :                        "admin"))
    2083             :       {
    2084             :         MHD_RESULT ret;
    2085             :         struct MHD_Response *response;
    2086           0 :         const char *rstart = hc->full_url + strlen (instance_prefix);
    2087           0 :         const char *rslash = strchr (rstart, '/');
    2088             : 
    2089           0 :         GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
    2090             :                     "Client used deprecated '/instances/default/' path. Redirecting to modern path\n");
    2091             : 
    2092             :         response
    2093           0 :           = MHD_create_response_from_buffer (0,
    2094             :                                              NULL,
    2095             :                                              MHD_RESPMEM_PERSISTENT);
    2096           0 :         TALER_MHD_add_global_headers (response,
    2097             :                                       true);
    2098           0 :         if (MHD_NO ==
    2099           0 :             MHD_add_response_header (response,
    2100             :                                      MHD_HTTP_HEADER_LOCATION,
    2101             :                                      NULL == rslash
    2102             :                                      ? "/"
    2103             :                                      : rslash))
    2104             :         {
    2105           0 :           GNUNET_break (0);
    2106           0 :           MHD_destroy_response (response);
    2107           0 :           GNUNET_free (instance_id);
    2108           0 :           return MHD_NO;
    2109             :         }
    2110           0 :         ret = MHD_queue_response (connection,
    2111             :                                   MHD_HTTP_PERMANENT_REDIRECT,
    2112             :                                   response);
    2113           0 :         MHD_destroy_response (response);
    2114           0 :         GNUNET_free (instance_id);
    2115           0 :         return ret;
    2116             :       }
    2117          85 :       hc->instance = TMH_lookup_instance (instance_id);
    2118          85 :       if ( (NULL == hc->instance) &&
    2119           2 :            (0 == strcmp ("admin",
    2120             :                          instance_id)) )
    2121           0 :         hc->instance = TMH_lookup_instance (NULL);
    2122          85 :       GNUNET_free (instance_id);
    2123          85 :       if (NULL == slash)
    2124           0 :         url = "";
    2125             :       else
    2126          85 :         url = slash;
    2127             :     }
    2128             :     else
    2129             :     {
    2130             :       /* use 'default' */
    2131         580 :       use_default = true;
    2132         580 :       hc->instance = TMH_lookup_instance (NULL);
    2133             :     }
    2134         665 :     if (NULL != hc->instance)
    2135             :     {
    2136         625 :       GNUNET_assert (hc->instance->rc < UINT_MAX);
    2137         625 :       hc->instance->rc++;
    2138             :     }
    2139             :   }
    2140             : 
    2141             :   {
    2142         665 :     const char *management_prefix = "/management/";
    2143         665 :     const char *private_prefix = "/private/";
    2144             : 
    2145         665 :     if ( (0 == strncmp (url,
    2146             :                         management_prefix,
    2147             :                         strlen (management_prefix))) )
    2148             :     {
    2149          61 :       handlers = management_handlers;
    2150          61 :       url += strlen (management_prefix) - 1;
    2151             :     }
    2152         604 :     else if ( (0 == strncmp (url,
    2153             :                              private_prefix,
    2154         192 :                              strlen (private_prefix))) ||
    2155         192 :               (0 == strcmp (url,
    2156             :                             "/private")) )
    2157             :     {
    2158         427 :       handlers = private_handlers;
    2159         427 :       if (0 == strcmp (url,
    2160             :                        "/private"))
    2161          15 :         url = "/";
    2162             :       else
    2163         412 :         url += strlen (private_prefix) - 1;
    2164             :     }
    2165             :     else
    2166             :     {
    2167         177 :       handlers = public_handlers;
    2168             :     }
    2169             :   }
    2170             : 
    2171         665 :   if (0 == strcmp (url,
    2172             :                    ""))
    2173           0 :     url = "/"; /* code below does not like empty string */
    2174             : 
    2175             :   {
    2176             :     /* Matching URL found, but maybe method doesn't match */
    2177             :     size_t prefix_strlen; /* i.e. 8 for "/orders/", or 7 for "/config" */
    2178         665 :     const char *infix_url = NULL; /* i.e. "$ORDER_ID", no '/'-es */
    2179         665 :     size_t infix_strlen = 0; /* number of characters in infix_url */
    2180         665 :     const char *suffix_url = NULL; /* i.e. "refund", excludes '/' at the beginning */
    2181         665 :     size_t suffix_strlen = 0; /* number of characters in suffix_url */
    2182             : 
    2183             :     /* parse the URL into the three different components */
    2184             :     {
    2185             :       const char *slash;
    2186             : 
    2187         665 :       slash = strchr (&url[1], '/');
    2188         665 :       if (NULL == slash)
    2189             :       {
    2190             :         /* the prefix was everything */
    2191         310 :         prefix_strlen = strlen (url);
    2192             :       }
    2193             :       else
    2194             :       {
    2195         355 :         prefix_strlen = slash - url + 1; /* includes both '/'-es if present! */
    2196         355 :         infix_url = slash + 1;
    2197         355 :         slash = strchr (infix_url, '/');
    2198         355 :         if (NULL == slash)
    2199             :         {
    2200             :           /* the infix was the rest */
    2201         205 :           infix_strlen = strlen (infix_url);
    2202             :         }
    2203             :         else
    2204             :         {
    2205         150 :           infix_strlen = slash - infix_url; /* excludes both '/'-es */
    2206         150 :           suffix_url = slash + 1; /* skip the '/' */
    2207         150 :           suffix_strlen = strlen (suffix_url);
    2208             :         }
    2209         355 :         hc->infix = GNUNET_strndup (infix_url,
    2210             :                                     infix_strlen);
    2211             :       }
    2212             :     }
    2213             : 
    2214             :     /* find matching handler */
    2215             :     {
    2216         665 :       bool url_found = false;
    2217             : 
    2218       11891 :       for (unsigned int i = 0; NULL != handlers[i].url_prefix; i++)
    2219             :       {
    2220       11891 :         struct TMH_RequestHandler *rh = &handlers[i];
    2221             : 
    2222       11891 :         if (rh->default_only && (! use_default))
    2223          12 :           continue;
    2224       11879 :         if (! prefix_match (rh,
    2225             :                             url,
    2226             :                             prefix_strlen,
    2227             :                             infix_url,
    2228             :                             infix_strlen,
    2229             :                             suffix_url,
    2230             :                             suffix_strlen))
    2231       11013 :           continue;
    2232         866 :         url_found = true;
    2233         866 :         if (0 == strcasecmp (method,
    2234             :                              MHD_HTTP_METHOD_OPTIONS))
    2235             :         {
    2236           1 :           return TALER_MHD_reply_cors_preflight (connection);
    2237             :         }
    2238         865 :         if ( (rh->method != NULL) &&
    2239         865 :              (0 != strcasecmp (method,
    2240             :                                rh->method)) )
    2241         201 :           continue;
    2242         664 :         hc->rh = rh;
    2243         664 :         break;
    2244             :       }
    2245             :       /* Handle HTTP 405: METHOD NOT ALLOWED case */
    2246         664 :       if ( (NULL == hc->rh) &&
    2247             :            (url_found) )
    2248             :       {
    2249             :         struct MHD_Response *reply;
    2250             :         MHD_RESULT ret;
    2251           0 :         char *allowed = NULL;
    2252             : 
    2253           0 :         GNUNET_break_op (0);
    2254             :         /* compute 'Allowed:' header (required by HTTP spec for 405 replies) */
    2255           0 :         for (unsigned int i = 0; NULL != handlers[i].url_prefix; i++)
    2256             :         {
    2257           0 :           struct TMH_RequestHandler *rh = &handlers[i];
    2258             : 
    2259           0 :           if (rh->default_only && (! use_default))
    2260           0 :             continue;
    2261           0 :           if (! prefix_match (rh,
    2262             :                               url,
    2263             :                               prefix_strlen,
    2264             :                               infix_url,
    2265             :                               infix_strlen,
    2266             :                               suffix_url,
    2267             :                               suffix_strlen))
    2268           0 :             continue;
    2269           0 :           if (NULL == allowed)
    2270             :           {
    2271           0 :             allowed = GNUNET_strdup (rh->method);
    2272             :           }
    2273             :           else
    2274             :           {
    2275             :             char *tmp;
    2276             : 
    2277           0 :             GNUNET_asprintf (&tmp,
    2278             :                              "%s, %s",
    2279             :                              allowed,
    2280             :                              rh->method);
    2281           0 :             GNUNET_free (allowed);
    2282           0 :             allowed = tmp;
    2283             :           }
    2284           0 :           if (0 == strcasecmp (rh->method,
    2285             :                                MHD_HTTP_METHOD_GET))
    2286             :           {
    2287             :             char *tmp;
    2288             : 
    2289           0 :             GNUNET_asprintf (&tmp,
    2290             :                              "%s, %s",
    2291             :                              allowed,
    2292             :                              MHD_HTTP_METHOD_HEAD);
    2293           0 :             GNUNET_free (allowed);
    2294           0 :             allowed = tmp;
    2295             :           }
    2296             :         }
    2297           0 :         reply = TALER_MHD_make_error (TALER_EC_GENERIC_METHOD_INVALID,
    2298             :                                       method);
    2299           0 :         GNUNET_break (MHD_YES ==
    2300             :                       MHD_add_response_header (reply,
    2301             :                                                MHD_HTTP_HEADER_ALLOW,
    2302             :                                                allowed));
    2303           0 :         GNUNET_free (allowed);
    2304           0 :         ret = MHD_queue_response (connection,
    2305             :                                   MHD_HTTP_METHOD_NOT_ALLOWED,
    2306             :                                   reply);
    2307           0 :         MHD_destroy_response (reply);
    2308           0 :         return ret;
    2309             :       }
    2310         664 :       if (NULL == hc->rh)
    2311             :       {
    2312           0 :         GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
    2313             :                     "Endpoint `%s' not known\n",
    2314             :                     hc->url);
    2315           0 :         return TALER_MHD_reply_with_error (connection,
    2316             :                                            MHD_HTTP_NOT_FOUND,
    2317             :                                            TALER_EC_GENERIC_ENDPOINT_UNKNOWN,
    2318             :                                            hc->url);
    2319             :       }
    2320             :     }
    2321             :   }
    2322             :   /* At this point, we must have found a handler */
    2323         664 :   GNUNET_assert (NULL != hc->rh);
    2324             : 
    2325             :   /* If an instance should be there, check one exists */
    2326         664 :   if ( (NULL == hc->instance) &&
    2327          39 :        (! hc->rh->skip_instance) )
    2328             :   {
    2329           3 :     GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
    2330             :                 "Instance for `%s' not known\n",
    2331             :                 hc->url);
    2332           3 :     return TALER_MHD_reply_with_error (connection,
    2333             :                                        MHD_HTTP_NOT_FOUND,
    2334             :                                        TALER_EC_MERCHANT_GENERIC_INSTANCE_UNKNOWN,
    2335           3 :                                        hc->infix);
    2336             :   }
    2337             : 
    2338             :   /* Access control for non-public handlers */
    2339         661 :   if (public_handlers != handlers)
    2340             :   {
    2341             :     const char *auth;
    2342         484 :     bool is_basic_auth = false;
    2343         484 :     bool auth_malformed = false;
    2344             : 
    2345         484 :     auth = MHD_lookup_connection_value (connection,
    2346             :                                         MHD_HEADER_KIND,
    2347             :                                         MHD_HTTP_HEADER_AUTHORIZATION);
    2348             : 
    2349         484 :     if (NULL != auth)
    2350             :     {
    2351          71 :       extract_auth (&auth,
    2352             :                     &is_basic_auth);
    2353          71 :       if (NULL == auth)
    2354           0 :         auth_malformed = true;
    2355          71 :       hc->auth_token = auth;
    2356             :     }
    2357             : 
    2358             :     /* If we have zero configured instances (not even ones that have been
    2359             :        purged) or explicitly disabled authentication, THEN we accept anything
    2360             :        (no access control), as we then also have no data to protect. */
    2361         484 :     if ((0 == GNUNET_CONTAINER_multihashmap_size (TMH_by_id_map)) ||
    2362         465 :         (GNUNET_YES == TMH_auth_disabled))
    2363             :     {
    2364          19 :       hc->auth_scope = TMH_AS_ALL;
    2365             :     }
    2366         465 :     else if (is_basic_auth)
    2367             :     {
    2368          14 :       process_basic_auth (hc, auth);
    2369             :     }
    2370             :     else /* Check bearer token */
    2371             :     {
    2372             :       enum TALER_ErrorCode ec;
    2373         451 :       ec = process_bearer_auth (hc, auth);
    2374         451 :       if (TALER_EC_NONE != ec)
    2375             :       {
    2376          19 :         return TALER_MHD_reply_with_ec (connection,
    2377             :                                         ec,
    2378             :                                         NULL);
    2379             :       }
    2380             :     }
    2381             :     /* We grant access if:
    2382             :        - Endpoint does not require permissions
    2383             :        - Authorization scope of bearer token contains permissions
    2384             :          required by endpoint.
    2385             :      */
    2386         484 :     if ( (NULL != hc->rh->permission) &&
    2387         481 :          (! permission_in_scope (hc->rh->permission,
    2388             :                                  hc->auth_scope)))
    2389             :     {
    2390          19 :       if (auth_malformed &&
    2391           0 :           (TMH_AS_NONE == hc->auth_scope) )
    2392             :       {
    2393           0 :         GNUNET_break_op (0);
    2394           0 :         return TALER_MHD_reply_with_error (
    2395             :           connection,
    2396             :           MHD_HTTP_UNAUTHORIZED,
    2397             :           TALER_EC_GENERIC_PARAMETER_MALFORMED,
    2398             :           "'" RFC_8959_PREFIX
    2399             :           "' prefix or 'Bearer' missing in 'Authorization' header");
    2400             :       }
    2401          19 :       GNUNET_break_op (0);
    2402          19 :       return TALER_MHD_reply_with_error (connection,
    2403             :                                          MHD_HTTP_UNAUTHORIZED,
    2404             :                                          TALER_EC_MERCHANT_GENERIC_UNAUTHORIZED,
    2405             :                                          "Check 'Authorization' header");
    2406             :     }
    2407             :   } /* if (use_private) */
    2408             : 
    2409             : 
    2410         642 :   if ( (NULL == hc->instance) &&
    2411          34 :        (! hc->rh->skip_instance) )
    2412             :   {
    2413           0 :     GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
    2414             :                 "Instance for URL `%s' not known\n",
    2415             :                 url);
    2416           0 :     return TALER_MHD_reply_with_error (connection,
    2417             :                                        MHD_HTTP_NOT_FOUND,
    2418             :                                        TALER_EC_MERCHANT_GENERIC_INSTANCE_UNKNOWN,
    2419             :                                        url);
    2420             :   }
    2421         642 :   if ( (NULL != hc->instance) && /* make static analysis happy */
    2422         608 :        (! hc->rh->skip_instance) &&
    2423         567 :        (hc->instance->deleted) &&
    2424           3 :        (! hc->rh->allow_deleted_instance) )
    2425             :   {
    2426           3 :     GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
    2427             :                 "Instance `%s' was deleted\n",
    2428             :                 hc->instance->settings.id);
    2429           3 :     return TALER_MHD_reply_with_error (connection,
    2430             :                                        MHD_HTTP_NOT_FOUND,
    2431             :                                        TALER_EC_MERCHANT_GENERIC_INSTANCE_DELETED,
    2432           3 :                                        hc->instance->settings.id);
    2433             :   }
    2434             :   /* parse request body */
    2435        1278 :   hc->has_body = ( (0 == strcasecmp (method,
    2436         926 :                                      MHD_HTTP_METHOD_POST)) ||
    2437             :                    /* PUT is not yet used */
    2438         287 :                    (0 == strcasecmp (method,
    2439             :                                      MHD_HTTP_METHOD_PATCH)) );
    2440         639 :   if (hc->has_body)
    2441             :   {
    2442         384 :     TALER_MHD_check_content_length (connection,
    2443             :                                     0 == hc->rh->max_upload
    2444             :                                     ? DEFAULT_MAX_UPLOAD_SIZE
    2445             :                                     : hc->rh->max_upload);
    2446         384 :     GNUNET_break (NULL == hc->request_body); /* can't have it already */
    2447             :   }
    2448         639 :   return MHD_YES; /* wait for MHD to call us again */
    2449             : }
    2450             : 
    2451             : 
    2452             : /**
    2453             :  * Callback invoked with information about a bank account.
    2454             :  *
    2455             :  * @param cls closure with a `struct TMH_MerchantInstance *`
    2456             :  * @param merchant_priv private key of the merchant instance
    2457             :  * @param acc details about the account
    2458             :  */
    2459             : static void
    2460          32 : add_account_cb (void *cls,
    2461             :                 const struct TALER_MerchantPrivateKeyP *merchant_priv,
    2462             :                 const struct TALER_MERCHANTDB_AccountDetails *acc)
    2463             : {
    2464          32 :   struct TMH_MerchantInstance *mi = cls;
    2465             :   struct TMH_WireMethod *wm;
    2466             : 
    2467             :   (void) merchant_priv;
    2468          32 :   wm = GNUNET_new (struct TMH_WireMethod);
    2469          32 :   wm->h_wire = acc->h_wire;
    2470             :   wm->payto_uri.full_payto
    2471          32 :     = GNUNET_strdup (acc->payto_uri.full_payto);
    2472          32 :   wm->wire_salt = acc->salt;
    2473             :   wm->wire_method
    2474          32 :     = TALER_payto_get_method (acc->payto_uri.full_payto);
    2475          32 :   wm->active = acc->active;
    2476          32 :   GNUNET_CONTAINER_DLL_insert (mi->wm_head,
    2477             :                                mi->wm_tail,
    2478             :                                wm);
    2479          32 : }
    2480             : 
    2481             : 
    2482             : /**
    2483             :  * Function called during startup to add all known instances to our
    2484             :  * hash map in memory for faster lookups when we receive requests.
    2485             :  *
    2486             :  * @param cls closure, NULL, unused
    2487             :  * @param merchant_pub public key of the instance
    2488             :  * @param merchant_priv private key of the instance, NULL if not available
    2489             :  * @param is detailed configuration settings for the instance
    2490             :  * @param ias authentication settings for the instance
    2491             :  */
    2492             : static void
    2493          68 : add_instance_cb (void *cls,
    2494             :                  const struct TALER_MerchantPublicKeyP *merchant_pub,
    2495             :                  const struct TALER_MerchantPrivateKeyP *merchant_priv,
    2496             :                  const struct TALER_MERCHANTDB_InstanceSettings *is,
    2497             :                  const struct TALER_MERCHANTDB_InstanceAuthSettings *ias)
    2498             : {
    2499             :   struct TMH_MerchantInstance *mi;
    2500             :   enum GNUNET_DB_QueryStatus qs;
    2501             : 
    2502             :   (void) cls;
    2503          68 :   mi = TMH_lookup_instance (is->id);
    2504          68 :   if (NULL != mi)
    2505             :   {
    2506             :     /* (outdated) entry exists, remove old entry */
    2507           0 :     (void) TMH_instance_free_cb (NULL,
    2508           0 :                                  &mi->h_instance,
    2509             :                                  mi);
    2510             :   }
    2511          68 :   mi = GNUNET_new (struct TMH_MerchantInstance);
    2512          68 :   mi->settings = *is;
    2513          68 :   mi->auth = *ias;
    2514          68 :   mi->settings.id = GNUNET_strdup (mi->settings.id);
    2515          68 :   mi->settings.name = GNUNET_strdup (mi->settings.name);
    2516          68 :   if (NULL != mi->settings.email)
    2517           0 :     mi->settings.email = GNUNET_strdup (mi->settings.email);
    2518          68 :   if (NULL != mi->settings.website)
    2519           0 :     mi->settings.website = GNUNET_strdup (mi->settings.website);
    2520          68 :   if (NULL != mi->settings.logo)
    2521           0 :     mi->settings.logo = GNUNET_strdup (mi->settings.logo);
    2522          68 :   mi->settings.address = json_incref (mi->settings.address);
    2523          68 :   mi->settings.jurisdiction = json_incref (mi->settings.jurisdiction);
    2524          68 :   if (NULL != merchant_priv)
    2525          64 :     mi->merchant_priv = *merchant_priv;
    2526             :   else
    2527           4 :     mi->deleted = true;
    2528          68 :   mi->merchant_pub = *merchant_pub;
    2529          68 :   qs = TMH_db->select_accounts (TMH_db->cls,
    2530          68 :                                 mi->settings.id,
    2531             :                                 &add_account_cb,
    2532             :                                 mi);
    2533          68 :   if (0 > qs)
    2534             :   {
    2535           0 :     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
    2536             :                 "Error loading accounts of `%s' from database\n",
    2537             :                 mi->settings.id);
    2538             :   }
    2539          68 :   GNUNET_assert (GNUNET_OK ==
    2540             :                  TMH_add_instance (mi));
    2541          68 : }
    2542             : 
    2543             : 
    2544             : /**
    2545             :  * Trigger (re)loading of instance settings from DB.
    2546             :  *
    2547             :  * @param cls NULL
    2548             :  * @param extra ID of the instance that changed, NULL
    2549             :  *              to load all instances (will not handle purges!)
    2550             :  * @param extra_len number of bytes in @a extra
    2551             :  */
    2552             : static void
    2553          94 : load_instances (void *cls,
    2554             :                 const void *extra,
    2555             :                 size_t extra_len)
    2556             : {
    2557             :   enum GNUNET_DB_QueryStatus qs;
    2558          94 :   const char *id = extra;
    2559             : 
    2560             :   (void) cls;
    2561          94 :   if ( (NULL != extra) &&
    2562          80 :        ( (0 == extra_len) ||
    2563          80 :          ('\0' != id[extra_len - 1]) ) )
    2564             :   {
    2565           0 :     GNUNET_break (0 == extra_len);
    2566           0 :     extra = NULL;
    2567             :   }
    2568          94 :   GNUNET_log (GNUNET_ERROR_TYPE_INFO,
    2569             :               "Received instance settings notification: reload `%s'\n",
    2570             :               id);
    2571          94 :   if (NULL == extra)
    2572             :   {
    2573          14 :     qs = TMH_db->lookup_instances (TMH_db->cls,
    2574             :                                    false,
    2575             :                                    &add_instance_cb,
    2576             :                                    NULL);
    2577             :   }
    2578             :   else
    2579             :   {
    2580             :     struct TMH_MerchantInstance *mi;
    2581             : 
    2582             :     /* This must be done here to handle instance
    2583             :        purging, as for purged instances, the DB
    2584             :        lookup below will otherwise do nothing */
    2585          80 :     mi = TMH_lookup_instance (id);
    2586          80 :     if (NULL != mi)
    2587             :     {
    2588          80 :       (void) TMH_instance_free_cb (NULL,
    2589          80 :                                    &mi->h_instance,
    2590             :                                    mi);
    2591             :     }
    2592          80 :     qs = TMH_db->lookup_instance (TMH_db->cls,
    2593             :                                   id,
    2594             :                                   false,
    2595             :                                   &add_instance_cb,
    2596             :                                   NULL);
    2597             :   }
    2598          94 :   if (0 > qs)
    2599             :   {
    2600           0 :     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
    2601             :                 "Failed initialization. Check database setup.\n");
    2602           0 :     global_ret = EXIT_NOPERMISSION;
    2603           0 :     GNUNET_SCHEDULER_shutdown ();
    2604           0 :     return;
    2605             :   }
    2606             : }
    2607             : 
    2608             : 
    2609             : /**
    2610             :  * A transaction modified an instance setting (or created/deleted/purged
    2611             :  * one). Notify all backends about the change.
    2612             :  *
    2613             :  * @param id ID of the instance that changed
    2614             :  */
    2615             : void
    2616          80 : TMH_reload_instances (const char *id)
    2617             : {
    2618          80 :   struct GNUNET_DB_EventHeaderP es = {
    2619          80 :     .size = ntohs (sizeof (es)),
    2620          80 :     .type = ntohs (TALER_DBEVENT_MERCHANT_INSTANCE_SETTINGS)
    2621             :   };
    2622             : 
    2623          80 :   GNUNET_log (GNUNET_ERROR_TYPE_INFO,
    2624             :               "Generating instance settings notification: reload `%s'\n",
    2625             :               id);
    2626         160 :   TMH_db->event_notify (TMH_db->cls,
    2627             :                         &es,
    2628             :                         id,
    2629             :                         (NULL == id)
    2630             :                         ? 0
    2631          80 :                         : strlen (id) + 1);
    2632          80 : }
    2633             : 
    2634             : 
    2635             : /**
    2636             :  * Callback invoked on every listen socket to start the
    2637             :  * respective MHD HTTP daemon.
    2638             :  *
    2639             :  * @param cls unused
    2640             :  * @param lsock the listen socket
    2641             :  */
    2642             : static void
    2643          28 : start_daemon (void *cls,
    2644             :               int lsock)
    2645             : {
    2646             :   struct MHD_Daemon *mhd;
    2647             : 
    2648             :   (void) cls;
    2649          28 :   GNUNET_assert (-1 != lsock);
    2650          28 :   mhd = MHD_start_daemon (MHD_USE_SUSPEND_RESUME | MHD_USE_DUAL_STACK
    2651             :                           | MHD_USE_AUTO,
    2652             :                           0 /* port */,
    2653             :                           NULL, NULL,
    2654             :                           &url_handler, NULL,
    2655             :                           MHD_OPTION_LISTEN_SOCKET, lsock,
    2656             :                           MHD_OPTION_URI_LOG_CALLBACK,
    2657             :                           &full_url_track_callback, NULL,
    2658             :                           MHD_OPTION_NOTIFY_COMPLETED,
    2659             :                           &handle_mhd_completion_callback, NULL,
    2660             :                           MHD_OPTION_CONNECTION_TIMEOUT,
    2661             :                           (unsigned int) 10 /* 10s */,
    2662             :                           MHD_OPTION_END);
    2663          28 :   if (NULL == mhd)
    2664             :   {
    2665           0 :     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
    2666             :                 "Failed to launch HTTP service.\n");
    2667           0 :     GNUNET_SCHEDULER_shutdown ();
    2668           0 :     return;
    2669             :   }
    2670          28 :   have_daemons = true;
    2671          28 :   TALER_MHD_daemon_start (mhd);
    2672             : }
    2673             : 
    2674             : 
    2675             : /**
    2676             :  * Main function that will be run by the scheduler.
    2677             :  *
    2678             :  * @param cls closure
    2679             :  * @param args remaining command-line arguments
    2680             :  * @param cfgfile name of the configuration file used (for saving, can be
    2681             :  *        NULL!)
    2682             :  * @param config configuration
    2683             :  */
    2684             : static void
    2685          14 : run (void *cls,
    2686             :      char *const *args,
    2687             :      const char *cfgfile,
    2688             :      const struct GNUNET_CONFIGURATION_Handle *config)
    2689             : {
    2690             :   enum TALER_MHD_GlobalOptions go;
    2691             :   int elen;
    2692             : 
    2693             :   (void) cls;
    2694             :   (void) args;
    2695             :   (void) cfgfile;
    2696          14 :   cfg = config;
    2697          14 :   GNUNET_log (GNUNET_ERROR_TYPE_INFO,
    2698             :               "Starting taler-merchant-httpd\n");
    2699          14 :   go = TALER_MHD_GO_NONE;
    2700          14 :   if (merchant_connection_close)
    2701           0 :     go |= TALER_MHD_GO_FORCE_CONNECTION_CLOSE;
    2702          14 :   TALER_MHD_setup (go);
    2703             : 
    2704          14 :   global_ret = EXIT_SUCCESS;
    2705          14 :   GNUNET_SCHEDULER_add_shutdown (&do_shutdown,
    2706             :                                  NULL);
    2707             : 
    2708             :   TMH_curl_ctx
    2709          14 :     = GNUNET_CURL_init (&GNUNET_CURL_gnunet_scheduler_reschedule,
    2710             :                         &merchant_curl_rc);
    2711          14 :   if (NULL == TMH_curl_ctx)
    2712             :   {
    2713           0 :     GNUNET_break (0);
    2714           0 :     global_ret = EXIT_NO_RESTART;
    2715           0 :     GNUNET_SCHEDULER_shutdown ();
    2716           0 :     return;
    2717             :   }
    2718          14 :   merchant_curl_rc = GNUNET_CURL_gnunet_rc_create (TMH_curl_ctx);
    2719             :   /* Disable 100 continue processing */
    2720          14 :   GNUNET_break (GNUNET_OK ==
    2721             :                 GNUNET_CURL_append_header (TMH_curl_ctx,
    2722             :                                            MHD_HTTP_HEADER_EXPECT ":"));
    2723          14 :   GNUNET_CURL_enable_async_scope_header (TMH_curl_ctx,
    2724             :                                          "Taler-Correlation-Id");
    2725             : 
    2726          14 :   if (GNUNET_SYSERR ==
    2727          14 :       TALER_config_get_currency (cfg,
    2728             :                                  "merchant",
    2729             :                                  &TMH_currency))
    2730             :   {
    2731             : 
    2732           0 :     GNUNET_SCHEDULER_shutdown ();
    2733           0 :     return;
    2734             :   }
    2735          14 :   if (GNUNET_OK !=
    2736          14 :       TALER_CONFIG_parse_currencies (cfg,
    2737             :                                      TMH_currency,
    2738             :                                      &TMH_num_cspecs,
    2739             :                                      &TMH_cspecs))
    2740             :   {
    2741           0 :     GNUNET_SCHEDULER_shutdown ();
    2742           0 :     return;
    2743             :   }
    2744             : 
    2745          14 :   if (GNUNET_SYSERR ==
    2746          14 :       (TMH_strict_v19 = GNUNET_CONFIGURATION_get_value_yesno (cfg,
    2747             :                                                               "merchant",
    2748             :                                                               "STRICT_PROTOCOL_V19")))
    2749             :   {
    2750           0 :     GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
    2751             :                                "merchant",
    2752             :                                "STRICT_PROTOCOL_V19");
    2753           0 :     TMH_strict_v19 = GNUNET_NO;
    2754             :   }
    2755          14 :   if (GNUNET_SYSERR ==
    2756          14 :       (TMH_auth_disabled = GNUNET_CONFIGURATION_get_value_yesno (cfg,
    2757             :                                                                  "merchant",
    2758             :                                                                  "DISABLE_AUTHENTICATION")))
    2759             :   {
    2760           0 :     TMH_auth_disabled = GNUNET_NO;
    2761             :   }
    2762          14 :   if (GNUNET_YES == TMH_auth_disabled)
    2763             :   {
    2764           0 :     GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
    2765             :                 "DANGEROUS: Endpoint Authentication disabled!");
    2766             :   }
    2767          14 :   if (GNUNET_OK !=
    2768          14 :       GNUNET_CONFIGURATION_get_value_time (cfg,
    2769             :                                            "merchant",
    2770             :                                            "LEGAL_PRESERVATION",
    2771             :                                            &TMH_legal_expiration))
    2772             :   {
    2773           0 :     GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
    2774             :                                "merchant",
    2775             :                                "LEGAL_PRESERVATION");
    2776           0 :     GNUNET_SCHEDULER_shutdown ();
    2777           0 :     return;
    2778             :   }
    2779          14 :   if (GNUNET_OK ==
    2780          14 :       GNUNET_CONFIGURATION_get_value_string (cfg,
    2781             :                                              "merchant",
    2782             :                                              "BASE_URL",
    2783             :                                              &TMH_base_url))
    2784             :   {
    2785           0 :     if (! TALER_is_web_url (TMH_base_url))
    2786             :     {
    2787           0 :       GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
    2788             :                                  "merchant",
    2789             :                                  "BASE_URL",
    2790             :                                  "Needs to start with 'http://' or 'https://'");
    2791           0 :       GNUNET_SCHEDULER_shutdown ();
    2792           0 :       return;
    2793             :     }
    2794             :   }
    2795          14 :   if (GNUNET_YES ==
    2796          14 :       GNUNET_CONFIGURATION_get_value_yesno (cfg,
    2797             :                                             "merchant",
    2798             :                                             "FORCE_AUDIT"))
    2799          11 :     TMH_force_audit = GNUNET_YES;
    2800          14 :   if (GNUNET_OK !=
    2801          14 :       TALER_TEMPLATING_init (TALER_MERCHANT_project_data ()))
    2802             :   {
    2803           0 :     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
    2804             :                 "Failed to setup templates\n");
    2805           0 :     GNUNET_SCHEDULER_shutdown ();
    2806           0 :     return;
    2807             :   }
    2808          14 :   if (GNUNET_OK !=
    2809          14 :       TMH_spa_init ())
    2810             :   {
    2811           0 :     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
    2812             :                 "Failed to load single page app\n");
    2813           0 :     GNUNET_SCHEDULER_shutdown ();
    2814           0 :     return;
    2815             :   }
    2816             :   /* /static/ is currently not used */
    2817             :   /* (void) TMH_statics_init (); */
    2818          14 :   if (NULL ==
    2819          14 :       (TMH_by_id_map = GNUNET_CONTAINER_multihashmap_create (4,
    2820             :                                                              GNUNET_YES)))
    2821             :   {
    2822           0 :     GNUNET_SCHEDULER_shutdown ();
    2823           0 :     return;
    2824             :   }
    2825          14 :   if (NULL ==
    2826          14 :       (TMH_db = TALER_MERCHANTDB_plugin_load (cfg)))
    2827             :   {
    2828           0 :     GNUNET_SCHEDULER_shutdown ();
    2829           0 :     return;
    2830             :   }
    2831          14 :   if (GNUNET_OK !=
    2832          14 :       TMH_db->connect (TMH_db->cls))
    2833             :   {
    2834           0 :     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
    2835             :                 "Failed to connect to database. Consider running taler-merchant-dbinit!\n");
    2836           0 :     GNUNET_SCHEDULER_shutdown ();
    2837           0 :     return;
    2838             :   }
    2839          14 :   elen = TMH_EXCHANGES_init (config);
    2840          14 :   if (GNUNET_SYSERR == elen)
    2841             :   {
    2842           0 :     GNUNET_SCHEDULER_shutdown ();
    2843           0 :     return;
    2844             :   }
    2845          14 :   if (0 == elen)
    2846             :   {
    2847           0 :     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
    2848             :                 "Fatal: no trusted exchanges configured. Exiting.\n");
    2849           0 :     GNUNET_SCHEDULER_shutdown ();
    2850           0 :     return;
    2851             :   }
    2852             : 
    2853             :   {
    2854          14 :     struct GNUNET_DB_EventHeaderP es = {
    2855          14 :       .size = ntohs (sizeof (es)),
    2856          14 :       .type = ntohs (TALER_DBEVENT_MERCHANT_INSTANCE_SETTINGS)
    2857             :     };
    2858             : 
    2859          28 :     instance_eh = TMH_db->event_listen (TMH_db->cls,
    2860             :                                         &es,
    2861          14 :                                         GNUNET_TIME_UNIT_FOREVER_REL,
    2862             :                                         &load_instances,
    2863             :                                         NULL);
    2864             :   }
    2865          14 :   load_instances (NULL,
    2866             :                   NULL,
    2867             :                   0);
    2868             :   {
    2869             :     enum GNUNET_GenericReturnValue ret;
    2870             : 
    2871          14 :     ret = TALER_MHD_listen_bind (cfg,
    2872             :                                  "merchant",
    2873             :                                  &start_daemon,
    2874             :                                  NULL);
    2875          14 :     switch (ret)
    2876             :     {
    2877           0 :     case GNUNET_SYSERR:
    2878           0 :       global_ret = EXIT_NOTCONFIGURED;
    2879           0 :       GNUNET_SCHEDULER_shutdown ();
    2880           0 :       return;
    2881           0 :     case GNUNET_NO:
    2882           0 :       if (! have_daemons)
    2883             :       {
    2884           0 :         global_ret = EXIT_NOTCONFIGURED;
    2885           0 :         GNUNET_SCHEDULER_shutdown ();
    2886           0 :         return;
    2887             :       }
    2888           0 :       GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
    2889             :                   "Could not open all configured listen sockets\n");
    2890           0 :       break;
    2891          14 :     case GNUNET_OK:
    2892          14 :       break;
    2893             :     }
    2894             :   }
    2895          14 :   global_ret = EXIT_SUCCESS;
    2896             : }
    2897             : 
    2898             : 
    2899             : /**
    2900             :  * The main function of the serve tool
    2901             :  *
    2902             :  * @param argc number of arguments from the command line
    2903             :  * @param argv command line arguments
    2904             :  * @return 0 ok, non-zero on error
    2905             :  */
    2906             : int
    2907          27 : main (int argc,
    2908             :       char *const *argv)
    2909             : {
    2910             :   enum GNUNET_GenericReturnValue res;
    2911          27 :   struct GNUNET_GETOPT_CommandLineOption options[] = {
    2912          27 :     GNUNET_GETOPT_option_flag ('C',
    2913             :                                "connection-close",
    2914             :                                "force HTTP connections to be closed after each request",
    2915             :                                &merchant_connection_close),
    2916          27 :     GNUNET_GETOPT_option_timetravel ('T',
    2917             :                                      "timetravel"),
    2918          27 :     GNUNET_GETOPT_option_version (PACKAGE_VERSION "-" VCS_VERSION),
    2919             :     GNUNET_GETOPT_OPTION_END
    2920             :   };
    2921             : 
    2922          27 :   res = GNUNET_PROGRAM_run (
    2923             :     TALER_MERCHANT_project_data (),
    2924             :     argc, argv,
    2925             :     "taler-merchant-httpd",
    2926             :     "Taler merchant's HTTP backend interface",
    2927             :     options,
    2928             :     &run, NULL);
    2929          27 :   if (GNUNET_SYSERR == res)
    2930           0 :     return EXIT_INVALIDARGUMENT;
    2931          27 :   if (GNUNET_NO == res)
    2932          13 :     return EXIT_SUCCESS;
    2933          14 :   return global_ret;
    2934             : }

Generated by: LCOV version 1.16