From f6b36b9be3c372b85b452e1a13562514552b659c Mon Sep 17 00:00:00 2001 From: Rusty Russell Date: Wed, 4 May 2016 16:13:50 +0930 Subject: [PATCH] Revert: 064309df1ab0 "peer: signature in commit_info is always valid." It's not quite true: if we offer the anchor, we have a commitinfo without their signature yet. So make it a pointer again. Since we always allocate struct commit_info with talz, it starts as a NULL pointer. Signed-off-by: Rusty Russell --- daemon/packets.c | 33 ++++++++++++++++++++------------- daemon/peer.c | 2 +- daemon/peer.h | 4 ++-- 3 files changed, 23 insertions(+), 16 deletions(-) diff --git a/daemon/packets.c b/daemon/packets.c index 690eec534..4b68e3866 100644 --- a/daemon/packets.c +++ b/daemon/packets.c @@ -141,10 +141,12 @@ void queue_pkt_anchor(struct peer *peer) } /* Sign their commit sig */ - peer->them.commit->sig.stype = SIGHASH_ALL; + peer->them.commit->sig = tal(peer->them.commit, + struct bitcoin_signature); + peer->them.commit->sig->stype = SIGHASH_ALL; peer_sign_theircommit(peer, peer->them.commit->tx, - &peer->them.commit->sig.sig); - a->commit_sig = signature_to_proto(a, &peer->them.commit->sig.sig); + &peer->them.commit->sig->sig); + a->commit_sig = signature_to_proto(a, &peer->them.commit->sig->sig); queue_pkt(peer, PKT__PKT_OPEN_ANCHOR, a); } @@ -158,10 +160,12 @@ void queue_pkt_open_commit_sig(struct peer *peer) dump_tx("Creating sig for:", peer->them.commit->tx); dump_key("Using key:", &peer->us.commitkey); - peer->them.commit->sig.stype = SIGHASH_ALL; + peer->them.commit->sig = tal(peer->them.commit, + struct bitcoin_signature); + peer->them.commit->sig->stype = SIGHASH_ALL; peer_sign_theircommit(peer, peer->them.commit->tx, - &peer->them.commit->sig.sig); - s->sig = signature_to_proto(s, &peer->them.commit->sig.sig); + &peer->them.commit->sig->sig); + s->sig = signature_to_proto(s, &peer->them.commit->sig->sig); queue_pkt(peer, PKT__PKT_OPEN_COMMIT_SIG, s); } @@ -314,8 +318,9 @@ void queue_pkt_commit(struct peer *peer) */ assert(ci->prev->cstate->changes != ci->cstate->changes); - ci->sig.stype = SIGHASH_ALL; - peer_sign_theircommit(peer, ci->tx, &ci->sig.sig); + ci->sig = tal(ci, struct bitcoin_signature); + ci->sig->stype = SIGHASH_ALL; + peer_sign_theircommit(peer, ci->tx, &ci->sig->sig); /* Switch to the new commitment. */ peer->them.commit = ci; @@ -324,7 +329,7 @@ void queue_pkt_commit(struct peer *peer) /* Now send message */ update_commit__init(u); - u->sig = signature_to_proto(u, &ci->sig.sig); + u->sig = signature_to_proto(u, &ci->sig->sig); u->ack = peer_outgoing_ack(peer); queue_pkt(peer, PKT__PKT_UPDATE_COMMIT, u); @@ -344,7 +349,7 @@ void queue_pkt_revocation(struct peer *peer) assert(!peer->us.commit->prev->revocation_preimage); /* We have their signature on the current one, right? */ - memcheck(&peer->us.commit->sig, sizeof(peer->us.commit->sig)); + assert(peer->us.commit->sig); peer->us.commit->prev->revocation_preimage = tal(peer->us.commit->prev, struct sha256); @@ -477,8 +482,10 @@ static Pkt *check_and_save_commit_sig(struct peer *peer, struct commit_info *ci, const Signature *pb) { - ci->sig.stype = SIGHASH_ALL; - if (!proto_to_signature(pb, &ci->sig.sig)) + assert(!ci->sig); + ci->sig = tal(ci, struct bitcoin_signature); + ci->sig->stype = SIGHASH_ALL; + if (!proto_to_signature(pb, &ci->sig->sig)) return pkt_err(peer, "Malformed signature"); /* Their sig should sign our commit tx. */ @@ -487,7 +494,7 @@ static Pkt *check_and_save_commit_sig(struct peer *peer, NULL, 0, peer->anchor.witnessscript, &peer->them.commitkey, - &ci->sig)) + ci->sig)) return pkt_err(peer, "Bad signature"); return NULL; diff --git a/daemon/peer.c b/daemon/peer.c index 91e72bf74..fb4eb5611 100644 --- a/daemon/peer.c +++ b/daemon/peer.c @@ -1294,7 +1294,7 @@ const struct bitcoin_tx *bitcoin_commit(struct peer *peer) peer->us.commit->tx->input[0].witness = bitcoin_witness_2of2(peer->us.commit->tx->input, - &peer->us.commit->sig, + peer->us.commit->sig, &sig, &peer->them.commitkey, &peer->us.commitkey); diff --git a/daemon/peer.h b/daemon/peer.h index 0f3f2f2d1..921ff9784 100644 --- a/daemon/peer.h +++ b/daemon/peer.h @@ -61,8 +61,8 @@ struct commit_info { struct bitcoin_tx *tx; /* Channel state for this tx. */ struct channel_state *cstate; - /* Other side's signature for this commit tx. */ - struct bitcoin_signature sig; + /* Other side's signature for last commit tx (if known) */ + struct bitcoin_signature *sig; /* Map for permutation: see commit_tx.c */ int *map; /* Revocation preimage (if known). */