diff --git a/lightningd/peer_htlcs.c b/lightningd/peer_htlcs.c index 89863a772..20db3bce4 100644 --- a/lightningd/peer_htlcs.c +++ b/lightningd/peer_htlcs.c @@ -103,7 +103,9 @@ static struct failed_htlc *mk_failed_htlc_badonion(const tal_t *ctx, * - MUST return `invalid_onion_blinding` for any local error or * other downstream errors. */ - if (hin->blinding) + /* FIXME: That's not enough! Don't leak information about forward + * failures either! */ + if (hin->blinding || (hin->payload && hin->payload->blinding)) badonion = WIRE_INVALID_ONION_BLINDING; f->id = hin->key.id; @@ -130,6 +132,17 @@ static struct failed_htlc *mk_failed_htlc(const tal_t *ctx, return mk_failed_htlc_badonion(ctx, hin, WIRE_INVALID_ONION_BLINDING); } + + /* Also, at head of the blinded path, return "normal" invalid + * onion blinding. */ + if (hin->payload && hin->payload->blinding) { + struct sha256 sha; + sha256(&sha, hin->onion_routing_packet, + sizeof(hin->onion_routing_packet)); + failonion = create_onionreply(tmpctx, hin->shared_secret, + towire_invalid_onion_blinding(tmpctx, &sha)); + } + f->id = hin->key.id; f->sha256_of_onion = NULL; f->badonion = 0; diff --git a/wallet/test/run-wallet.c b/wallet/test/run-wallet.c index e6826e98f..9836974e5 100644 --- a/wallet/test/run-wallet.c +++ b/wallet/test/run-wallet.c @@ -806,6 +806,9 @@ u8 *towire_incorrect_cltv_expiry(const tal_t *ctx UNNEEDED, u32 cltv_expiry UNNE /* Generated stub for towire_incorrect_or_unknown_payment_details */ u8 *towire_incorrect_or_unknown_payment_details(const tal_t *ctx UNNEEDED, struct amount_msat htlc_msat UNNEEDED, u32 height UNNEEDED) { fprintf(stderr, "towire_incorrect_or_unknown_payment_details called!\n"); abort(); } +/* Generated stub for towire_invalid_onion_blinding */ +u8 *towire_invalid_onion_blinding(const tal_t *ctx UNNEEDED, const struct sha256 *sha256_of_onion UNNEEDED) +{ fprintf(stderr, "towire_invalid_onion_blinding called!\n"); abort(); } /* Generated stub for towire_invalid_onion_payload */ u8 *towire_invalid_onion_payload(const tal_t *ctx UNNEEDED, bigsize type UNNEEDED, u16 offset UNNEEDED) { fprintf(stderr, "towire_invalid_onion_payload called!\n"); abort(); }