View Issue Details

IDProjectCategoryView StatusLast Update
0004569Talerexchangepublic2016-10-11 17:28
ReporterFlorian DoldAssigned ToChristian Grothoff 
PrioritylowSeverityfeatureReproducibilityhave not tried
Status closedResolutionfixed 
Product Version0.0 
Target Version0.1Fixed in Version0.1 
Summary0004569: listen on different socket for administrative exchange interface
DescriptionOtherwise it's easy to accidentally expose the administrative interface. This is bad since the administrative APIs, by design, don't use authentication.

For the administrative interface, HTTP over unix domain socket seems especially handy.

For the exchange, the checks whether the request comes from localhost are essentially useless, since the exchange will often run behind a reverse proxy and all request will come from localhost.
TagsNo tags attached.


Christian Grothoff

2016-06-13 16:37

manager   ~0010898

Implemented in 738d0d0..62b7bba. Note that this implies changes in the deployment, as the bank now needs to talk to the exchange at :18080 (by default).

Issue History

Date Modified Username Field Change
2016-06-07 19:33 Florian Dold New Issue
2016-06-07 19:33 Florian Dold Status new => assigned
2016-06-07 19:33 Florian Dold Assigned To => Christian Grothoff
2016-06-08 22:10 Christian Grothoff Product Version => 0.0
2016-06-08 22:10 Christian Grothoff Target Version => 0.1
2016-06-13 16:37 Christian Grothoff Note Added: 0010898
2016-06-13 16:37 Christian Grothoff Status assigned => resolved
2016-06-13 16:37 Christian Grothoff Fixed in Version => 0.1
2016-06-13 16:37 Christian Grothoff Resolution open => fixed
2016-10-11 17:28 Christian Grothoff Status resolved => closed