channeld: don't send splice TLV fields unless negotiated.

This make ACINQ seize up, and not send revoke_and_ack.  Eventually,
this can cause a bad signature error, should payments go in both
directions, which is a separate bug, but this is the trigger.

See: #6500
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
This commit is contained in:
Rusty Russell 2023-08-07 13:11:56 +09:30
parent 0bf5ee6bba
commit 91a58a0bdc

View file

@ -1486,15 +1486,21 @@ static u8 *send_commit_part(struct peer *peer,
const struct htlc **htlc_map;
struct wally_tx_output *direct_outputs[NUM_SIDES];
struct penalty_base *pbase;
status_debug("send_commit_part(splice: %d, remote_splice: %d)",
(int)splice_amnt, (int)remote_splice_amnt);
struct tlv_commitment_signed_tlvs *cs_tlv
= tlv_commitment_signed_tlvs_new(tmpctx);
cs_tlv->splice_info = tal(cs_tlv, struct channel_id);
derive_channel_id(cs_tlv->splice_info, funding);
/* In theory, peer will ignore TLV 1 as unknown, but while
* spec is in flux this is dangerous, as it may change: so don't
* send unless negotiated */
if (feature_negotiated(peer->our_features,
peer->their_features,
OPT_SPLICE)) {
status_debug("send_commit_part(splice: %d, remote_splice: %d)",
(int)splice_amnt, (int)remote_splice_amnt);
cs_tlv->splice_info = tal(cs_tlv, struct channel_id);
derive_channel_id(cs_tlv->splice_info, funding);
}
txs = channel_splice_txs(tmpctx, funding, funding_sats, &htlc_map,
direct_outputs, &funding_wscript,