From 975a5b20416f5544f7eaa338777567e91c9d3a24 Mon Sep 17 00:00:00 2001
From: Rusty Russell <rusty@rustcorp.com.au>
Date: Wed, 10 Jun 2015 21:36:37 +0930
Subject: [PATCH] scriptsig_p2sh_2of2: fix sig order.

Must match key order, which we permute.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
---
 bitcoin_script.c | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/bitcoin_script.c b/bitcoin_script.c
index 509fb88b0..51282531c 100644
--- a/bitcoin_script.c
+++ b/bitcoin_script.c
@@ -293,9 +293,14 @@ u8 *scriptsig_p2sh_2of2(const tal_t *ctx,
 
 	/* OP_CHECKMULTISIG has an out-by-one bug, which MBZ */
 	add_number(&script, 0);
-	add_push_sig(&script, sig1);
-	add_push_sig(&script, sig2);
-
+	/* sig order should match key order. */
+	if (key_less(key1, key2)) {
+		add_push_sig(&script, sig1);
+		add_push_sig(&script, sig2);
+	} else {
+		add_push_sig(&script, sig2);
+		add_push_sig(&script, sig1);
+	}
 	redeemscript = bitcoin_redeem_2of2(script, key1, key2);
 	add_push_bytes(&script, redeemscript, tal_count(redeemscript));
 	return script;