mirrors/core-lightning
1
0
Fork 0
mirror of https://github.com/ElementsProject/lightning.git synced 2025-02-22 06:41:44 +01:00
Code Issues Projects Releases Wiki Activity

hsm: decouple hsm from wallet; init before wallet

Browse source 
We're going to use the hsm for a migration, so we need to set up the HSM
before we get to the wallet migration code.

All that this requires is removing the places in HSM init that we touch
the database struct -- easy enough to accomplish by passing the required
field back out from init, and then associating it onto the wallet after
it's been initialized.
This commit is contained in:
niftynei 2020-05-26 16:06:13 -05:00 committed by Christian Decker
parent 8fa04a710a
commit 57488cde13
4 changed files with 20 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
lightningd/hsm_control.c
View file

@ -84,10 +84,11 @@ static unsigned int hsm_msg(struct subd *hsmd,
return 0; return 0;
} }
void hsm_init(struct lightningd *ld) struct ext_key *hsm_init(struct lightningd *ld)
{ {
u8 *msg; u8 *msg;
int fds[2]; int fds[2];
struct ext_key *bip32_base;
/* We actually send requests synchronously: only status is async. */ /* We actually send requests synchronously: only status is async. */
if (socketpair(AF_LOCAL, SOCK_STREAM, 0, fds) != 0) if (socketpair(AF_LOCAL, SOCK_STREAM, 0, fds) != 0)
@ -121,14 +122,16 @@ void hsm_init(struct lightningd *ld)
IFDEV(ld->dev_force_channel_secrets_shaseed, NULL)))) IFDEV(ld->dev_force_channel_secrets_shaseed, NULL))))
err(1, "Writing init msg to hsm"); err(1, "Writing init msg to hsm");
ld->wallet->bip32_base = tal(ld->wallet, struct ext_key); bip32_base = tal(ld, struct ext_key);
msg = wire_sync_read(tmpctx, ld->hsm_fd); msg = wire_sync_read(tmpctx, ld->hsm_fd);
if (!fromwire_hsm_init_reply(msg, if (!fromwire_hsm_init_reply(msg,
&ld->id, ld->wallet->bip32_base)) { &ld->id, bip32_base)) {
if (ld->config.keypass) if (ld->config.keypass)
errx(1, "Wrong password for encrypted hsm_secret."); errx(1, "Wrong password for encrypted hsm_secret.");
errx(1, "HSM did not give init reply"); errx(1, "HSM did not give init reply");
} }
return bip32_base;
} }
static struct command_result *json_getsharedsecret(struct command *cmd, static struct command_result *json_getsharedsecret(struct command *cmd,

3
lightningd/hsm_control.h
View file

@ -8,6 +8,7 @@
struct lightningd; struct lightningd;
struct node_id; struct node_id;
struct ext_key;
/* Ask HSM for a new fd for a subdaemon to use. */ /* Ask HSM for a new fd for a subdaemon to use. */
int hsm_get_client_fd(struct lightningd *ld, int hsm_get_client_fd(struct lightningd *ld,
@ -18,5 +19,5 @@ int hsm_get_client_fd(struct lightningd *ld,
/* Ask HSM for an fd for a global subdaemon to use (gossipd, connectd) */ /* Ask HSM for an fd for a global subdaemon to use (gossipd, connectd) */
int hsm_get_global_fd(struct lightningd *ld, int capabilities); int hsm_get_global_fd(struct lightningd *ld, int capabilities);
void hsm_init(struct lightningd *ld); struct ext_key *hsm_init(struct lightningd *ld);
#endif /* LIGHTNING_LIGHTNINGD_HSM_CONTROL_H */ #endif /* LIGHTNING_LIGHTNINGD_HSM_CONTROL_H */

20
lightningd/lightningd.c
View file

@ -759,6 +759,7 @@ int main(int argc, char *argv[])
struct timers *timers; struct timers *timers;
const char *stop_response; const char *stop_response;
struct htlc_in_map *unconnected_htlcs_in; struct htlc_in_map *unconnected_htlcs_in;
struct ext_key *bip32_base;
struct rlimit nofile = {1024, 1024}; struct rlimit nofile = {1024, 1024};
/*~ Make sure that we limit ourselves to something reasonable. Modesty /*~ Make sure that we limit ourselves to something reasonable. Modesty
@ -822,10 +823,20 @@ int main(int argc, char *argv[])
/*~ Make sure we can reach the subdaemons, and versions match. */ /*~ Make sure we can reach the subdaemons, and versions match. */
test_subdaemons(ld); test_subdaemons(ld);
/*~ Set up the HSM daemon, which knows our node secret key, so tells
* us who we are.
*
* HSM stands for Hardware Security Module, which is the industry
* standard of key storage; ours is in software for now, so the name
* doesn't really make sense, but we can't call it the Badly-named
* Daemon Software Module. */
bip32_base = hsm_init(ld);
/*~ Our "wallet" code really wraps the db, which is more than a simple /*~ Our "wallet" code really wraps the db, which is more than a simple
* bitcoin wallet (though it's that too). It also stores channel * bitcoin wallet (though it's that too). It also stores channel
* states, invoices, payments, blocks and bitcoin transactions. */ * states, invoices, payments, blocks and bitcoin transactions. */
ld->wallet = wallet_new(ld, ld->timers); ld->wallet = wallet_new(ld, ld->timers);
ld->wallet->bip32_base = tal_steal(ld->wallet, bip32_base);
/*~ We keep track of how many 'coin moves' we've ever made. /*~ We keep track of how many 'coin moves' we've ever made.
* Initialize the starting value from the database here. */ * Initialize the starting value from the database here. */
@ -837,15 +848,6 @@ int main(int argc, char *argv[])
/*~ This is the ccan/io central poll override from above. */ /*~ This is the ccan/io central poll override from above. */
io_poll_override(io_poll_lightningd); io_poll_override(io_poll_lightningd);
/*~ Set up the HSM daemon, which knows our node secret key, so tells
* us who we are.
*
* HSM stands for Hardware Security Module, which is the industry
* standard of key storage; ours is in software for now, so the name
* doesn't really make sense, but we can't call it the Badly-named
* Daemon Software Module. */
hsm_init(ld);
/*~ If hsm_secret is encrypted, we don't need its encryption key /*~ If hsm_secret is encrypted, we don't need its encryption key
* anymore. Note that sodium_munlock() also zeroes the memory.*/ * anymore. Note that sodium_munlock() also zeroes the memory.*/
if (ld->config.keypass) if (ld->config.keypass)

2
lightningd/test/run-find_my_abspath.c
View file

@ -110,7 +110,7 @@ void handle_opts(struct lightningd *ld UNNEEDED, int argc UNNEEDED, char *argv[]
size_t hash_htlc_key(const struct htlc_key *htlc_key UNNEEDED) size_t hash_htlc_key(const struct htlc_key *htlc_key UNNEEDED)
{ fprintf(stderr, "hash_htlc_key called!\n"); abort(); } { fprintf(stderr, "hash_htlc_key called!\n"); abort(); }
/* Generated stub for hsm_init */ /* Generated stub for hsm_init */
void hsm_init(struct lightningd *ld UNNEEDED) struct ext_key *hsm_init(struct lightningd *ld UNNEEDED)
{ fprintf(stderr, "hsm_init called!\n"); abort(); } { fprintf(stderr, "hsm_init called!\n"); abort(); }
/* Generated stub for htlcs_notify_new_block */ /* Generated stub for htlcs_notify_new_block */
void htlcs_notify_new_block(struct lightningd *ld UNNEEDED, u32 height UNNEEDED) void htlcs_notify_new_block(struct lightningd *ld UNNEEDED, u32 height UNNEEDED)