Commit Graph

630 Commits

Author SHA1 Message Date
Rusty Russell
5a06b665bd channeld: don't consider shutdown complete if feechange pending.
Travis gave an error:

```
DEBUG:root:lightningd(16333): lightning_closingd(8004): STATUS_FAIL_PEER_BAD: Expected closing_signed:
0085b679bd79b836b05c649cad9af31156cb1d50de448a59c6359ab7c85f4b63913d2e3bc8ad4a80ab698558e5b4949b78dc36acc90dde4f5ac006fd6ca1d109feea03aef9c718e9ce09bbb52dc8308ba8f46b43808ea1a551d41aee72af7af77628d1
```

Which is caused by us not waiting for the revoke-and-ack from a feechange
when we're shutting down.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-01-19 16:11:55 +01:00
Rusty Russell
6ba1bc5c93 channeld: repopulate HTLC shared secrets on reinitialization.
We could do this lazily, if HTLC errors out, but we do it as HTLCs
come in in the normal case, so this is slightly simpler.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-01-17 23:55:35 +01:00
Rusty Russell
79dc44713b channeld: --ignore-fee-limits as a hack for fee disparities.
This, of course, should never be used.  But it helps maintain connections
for the moment while we dig deeper into feerates.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-01-16 12:22:06 +01:00
Rusty Russell
4c45afafdc channeld: handle ping instead of crashing when expecting reestablish.
Fixes: #592
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-01-15 04:18:44 +00:00
Rusty Russell
71f13ab6b0 channeld: ignore spurious open_channel packets.
Currently we peer_failed() which fails the existing channel too!

Fixes: #494
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-01-12 09:43:01 +01:00
Rusty Russell
bc631166f0 channeld: ensure channel_update timestamps always increment.
Covers a possible source of subtle bugs.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-01-11 23:13:23 +01:00
Rusty Russell
9a8eca4fee Remove obsolete FIXME messages.
1. htlc->fail has been changed to a u8 *.
2. wallet_get_newindex saves to the db.
3. peer->next_htlc_id is saved to the db in peer_save_commitsig_sent() below.
4. We do store commit in peer_save_commitsig_received(peer, commitnum),
   and the fixme below talks about HTLC sigs.
5. We do commit shachain and next_per_commit_point in wallet_shachain_add_hash
   and update_per_commit_point respectively.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-01-11 21:39:13 +01:00
Rusty Russell
cc60735aee channeld: check short_channel_ids match before announcing channel.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-01-11 21:39:13 +01:00
Rusty Russell
b1e93c8838 channeld: remove redundant funding_locked assignment.
This makes no sense here, and yet it was in the original HTLC patch
791927936.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-01-11 21:39:13 +01:00
Rusty Russell
0f97b8cf36 subdaemon.c: subdaemon_setup() routine for all daemons.
Our handling of SIGPIPE was incoherent and inconsistent, and we had much
cut & paste between the daemons.  They should *ALL* ignore SIGPIPE, and
much of the rest of the boilerplate can be shared, so should be.

Reported-by: @ZmnSCPxj
Fixes: #528
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-01-08 18:16:39 +01:00
Rusty Russell
810abb6b21 bitcoin: create new wrapper type bitcoin_blkid, log backward endianness.
It's just a sha256_double, but importantly when we convert it to a
string (in type_to_string, which is used in logging) we use
bitcoin_blkid_to_hex() so it's reversed as people expect.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-21 11:05:38 +00:00
Rusty Russell
0237e0b28c bitcoin: create new wrapper type bitcoin_txid, log backward endianness.
It's just a sha256_double, but importantly when we convert it to a
string (in type_to_string, which is used in logging) we use
bitcoin_txid_to_hex() so it's reversed as people expect.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-21 11:05:38 +00:00
Rusty Russell
425143646c channeld: fix dev_disconnect.
I noted a spurious failure on test_reconnect_sender_add1: we
actually sent an update_commit, which should have been suppressed.

This was because we call dev_disconnect() when we *dequeue* the packet,
which might be too late to suppress the timer.  So instead, call it
when the packet in enqueued, and flush synchronously to make sure
we get the right packet.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-21 09:13:28 +01:00
Rusty Russell
795a03e8c4 fromwire_bitcoin_tx: quieten leak reporting.
We create a temporary tx which is a child of the real tx, for simplicity of
marshalling.  That's OK.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-20 12:43:10 +01:00
Christian Decker
ecde138071 channel: Send local_add_channel to gossip on funding_locked
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2017-12-20 06:14:53 +00:00
Rusty Russell
db1b9ffb61 channeld: print out error msg if we receive one.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-19 14:40:26 +01:00
Christian Decker
a8a6d1d669 channel: Directly send announcements and updates to gossipd
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2017-12-17 02:44:20 +00:00
Rusty Russell
94711969f9 gossipd: hand out gossip_index to other daemons.
When gossipd sends a message, have a gossip_index.  When it gets back a
peer, the current gossip_index is included, so it can know exactly where
it's up to.

Most of this is mechanical plumbing through openingd, channeld and closingd,
even though openingd and closingd don't (currently) read gossip, so their
gossip_index will be unchanged.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-17 02:44:20 +00:00
practicalswift
4452e3f3f1 Remove redundant code 2017-12-11 03:38:37 +00:00
practicalswift
307e8c0180 Avoid NULL pointer dereference when new_initial_channel(...) fails 2017-12-09 16:25:57 +01:00
practicalswift
61c47c09d0 Fix typos 2017-12-08 13:07:20 +01:00
Christian Decker
2d9cd4759e hsm: Make the master simply a client with special capabilities 2017-12-03 17:06:13 +01:00
Christian Decker
70bbc46304 Un-break master after merging #389
The #389 introduced some changes that conflicted with
9de3827199 so this ports those changes
into #389 and fixes the `master` branch again.

Lesson learned: always rebase a PR before merging.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2017-12-02 13:00:29 +01:00
Rusty Russell
40516941af channeld: fill in channel_update field in errors by asking gossipd.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-02 12:54:12 +01:00
Rusty Russell
0a596fb043 channel: infrastructure for gossipd request/response.
The same as master request/response: we queue up incoming replies we
don't want for later processing.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-02 12:54:12 +01:00
Rusty Russell
9de3827199 channeld: don't use ccan/io, go sync.
We revert to a simple select() loop.  This makes things simpler, and fixes
the problem where we want to exit but we've partially read a peer packet.

We still queue up outgoing peer packets for non-blocking send: if we
went full sync there, we'd risk deadlock if both sides wrote a huge
number of packets and neither was reading.

This also greatly simplifies the next patches, where we want to make
our first get/response from gossipd.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-02 12:54:12 +01:00
Rusty Russell
ed8d65c8d7 channeld: refer to PEER_FD directly instead of using io_conn_fd(peer->peer_conn)
A no-op change, but reduces the following patch.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-02 12:54:12 +01:00
Rusty Russell
2bed246e10 channeld: generate error messages instead of having master do it.
The master now hands channeld either an error code, and channeld
generates the error message, or an error message relayed from another
node to pass through.

This doesn't fill in the channel_update yet: we need to wire up gossipd
to give us that.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-02 12:54:12 +01:00
Rusty Russell
ee8274b7a1 channeld: handle wrapping error messages messages.
Currently lightningd does this, but channeld is perfectly capable of doing it.
channeld is also in a far better position to add channel_updates to it.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-02 12:54:12 +01:00
Rusty Russell
db372211c0 channeld: save shared secret for incoming htlc when it comes in.
The bulk of this patch is actually hoisting the get_shared_secret()
function (unchanged) so we can call it earlier.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-02 12:54:12 +01:00
Rusty Russell
fc4a7cf103 channeld: return htlc from channel_add_htlc and channel_fail_htlc.
Callers often want to know, and it saves them doing another lookup.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-02 12:54:12 +01:00
Rusty Russell
02411b04e4 channel: remove awaiting_revoke_and_ack flag.
We can tell this more generically because the count of revocations
received != count of commitments sent.  This is the correct condition
which allows us to restore the test we had to eliminate in
c3cb7f1c85.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-02 12:52:18 +01:00
Rusty Russell
a03fe8dc75 channeld: update acceptable feerate ranges.
master was telling us the ranges, but we weren't updating them.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-01 18:30:57 +01:00
Rusty Russell
2329820460 channeld: make sure we wait for revoke_and_ack after rexmit of commitment_signed
We got horribly out-of-sync by sending a feechange and commitment after
we'd re-xmitted the commitment_signed:

lightning_channeld(16003): pid 16003, msgfd 19
lightning_channeld(16003): TRACE: init LOCAL: remote_per_commit = 03e40b239118ab37bd94fe48de0dbc7565a38f7f1028a20f045b4e5fcd6bbb6172, old_remote_per_commit = 03117de1f3de183697e0393e71dc3a04b04d5bec03a23e7371212bb93a67bcce7a next_idx_local = 1 next_idx_remote = 2 revocations_received = 0 feerates 39251/40838 (range 35398-204190)
lightning_channeld(16003): TRACE: Read decrypt 01003b6fdc3ce9edc8524c943ebd833ae02b0fbdbb871f9bdce1c58c8637ebacfaa60a5e4dd8df4046852d783194bc3eeef10388f5a5d8983fbefe9bd0ff24b2a548282dd2eb3bc28015e039f8debf18077904342cd0146622df371c408db3fbe4eb2eb959aac6fd0771cc6a47ce270ec31042b235a2198696656c52c56d42219e4d8bd1f6d3c3b6c108c3cc0ee692d0449a4f4969eb227a9949cb8ab7229fc64f8a5d01b89ff779ac56f085d8a11942f8b5d702b2eba6d19ded7b69baf58bdfaf9443d162751dbab9f9d55e2a467cb1450bc19b832a60e0949bcd253ddc29e7b52922c009df541d8db761b04ad9862bc82ee2d86cfa0f3e730f3d01885b9977ab4200006fe28c0ab6f1b372c1a6a246ae63f74f931e8365e15a089c68d619000000000007905c000581000103aaa47d8296a795110154fa5fca7075d59a10d5914622a6d09ffe20a2ffbd5bb703bc4b957d5ad27b797d6fffa863d74e7946723e67b9084842622fe5e6357475690342423c8dab471815487b40a6ef7f06270c8343e1bbd0bfb80d22096e0ff1f15002d6cda71dde0903fde1939d7afa4f62ffed50c550d9f31f7d8b78955384473f46
lightning_channeld(16003): TRACE: Read decrypt 008854e83a6fa081ae34ddefc9ea3462689732fa3b4c5a4ea571d8d3a109f037e5a400000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000003117de1f3de183697e0393e71dc3a04b04d5bec03a23e7371212bb93a67bcce7a
lightning_channeld(16003): TRACE: Got reestablish commit=1 revoke=0
lightning_channeld(16003): TRACE: Derived key 029cd90c564384a612ea608933bd63aee72543f3b3998a7cbc5ca77ca41c9cb6bc from basepoint 038401ee88c0f7dc9ada0c37a9ce5265ccabce18686649f632bc244fae71bf840d, point 03e40b239118ab37bd94fe48de0dbc7565a38f7f1028a20f045b4e5fcd6bbb6172
lightning_channeld(16003): TRACE: Creating commit_sig signature 1 30440220152767c3ea9d42b19d44ea781f07d5411de918935b674927e43d5f537769376602206cdf2b557207b02bf9ee9805017856462e53fde619d2e3d75476b5c567ea3e14 for tx 020000000154e83a6fa081ae34ddefc9ea3462689732fa3b4c5a4ea571d8d3a109f037e5a5010000000058e9fe8001a22d070000000000160014d0898dc01e4061f7c6b01dba14d1d00a4319c78c81b92f20 wscript 5221022fe5495e572f8f58cbc745e3475427ff6ff51e44dfa8586366b15d1524dbe9ca2103bfd10b2265b5ca1362eba4e7664c250e0d937717e50ec0f14cd47ff25bd6203b52ae key 022fe5495e572f8f58cbc745e3475427ff6ff51e44dfa8586366b15d1524dbe9ca
lightning_channeld(16003): TRACE: peer_out WIRE_FUNDING_LOCKED
lightning_channeld(16003): TRACE: peer_out WIRE_UPDATE_FEE
lightning_channeld(16003): TRACE: peer_in WIRE_FUNDING_LOCKED
lightning_channeld(16003): TRACE: peer_out WIRE_COMMITMENT_SIGNED
lightning_channeld(16003): TRACE: peer_out WIRE_CHANNEL_UPDATE
lightning_channeld(16003): TRACE: peer_in WIRE_CHANNEL_UPDATE
lightning_channeld(16003): TRACE: peer_out WIRE_CHANNEL_ANNOUNCEMENT
lightning_channeld(16003): TRACE: peer_out WIRE_CHANNEL_UPDATE
lightning_channeld(16003): TRACE: peer_in WIRE_CHANNEL_UPDATE
lightning_channeld(16003): TRACE: peer_out WIRE_CHANNEL_UPDATE
lightning_channeld(16003): TRACE: peer_out WIRE_CHANNEL_ANNOUNCEMENT
lightning_channeld(16003): TRACE: peer_out WIRE_CHANNEL_UPDATE
lightning_channeld(16003): TRACE: peer_out WIRE_CHANNEL_ANNOUNCEMENT
lightning_channeld(16003): TRACE: peer_out WIRE_CHANNEL_UPDATE
lightning_channeld(16003): TRACE: peer_out WIRE_CHANNEL_UPDATE
lightning_channeld(16003): TRACE: peer_out WIRE_NODE_ANNOUNCEMENT
lightning_channeld(16003): TRACE: peer_out WIRE_NODE_ANNOUNCEMENT
lightning_channeld(16003): TRACE: Trying commit
lightning_channeld(16003): TRACE: Can't send commit: nothing to send
lightning_channeld(16003): TRACE: Now dealing with deferred WIRE_CHANNEL_FEERATES
lightning_channeld(16003): TRACE: Setting REMOTE feerate to 40840
lightning_channeld(16003): TRACE: Trying commit
lightning_channeld(16003): TRACE: Derived key 029cd90c564384a612ea608933bd63aee72543f3b3998a7cbc5ca77ca41c9cb6bc from basepoint 038401ee88c0f7dc9ada0c37a9ce5265ccabce18686649f632bc244fae71bf840d, point 03e40b239118ab37bd94fe48de0dbc7565a38f7f1028a20f045b4e5fcd6bbb6172
lightning_channeld(16003): TRACE: Creating commit_sig signature 2 304402204f0a041f8626fd28d001cb813c1094f40ebd4b5f99bdd7a06bebaee0de35db200220702c5c62544e512e422fdc141444fddc76410cbda4bbd512d88dc864bd979780 for tx 020000000154e83a6fa081ae34ddefc9ea3462689732fa3b4c5a4ea571d8d3a109f037e5a5010000000058e9fe8001a02d070000000000160014d0898dc01e4061f7c6b01dba14d1d00a4319c78c82b92f20 wscript 5221022fe5495e572f8f58cbc745e3475427ff6ff51e44dfa8586366b15d1524dbe9ca2103bfd10b2265b5ca1362eba4e7664c250e0d937717e50ec0f14cd47ff25bd6203b52ae key 022fe5495e572f8f58cbc745e3475427ff6ff51e44dfa8586366b15d1524dbe9ca
lightning_channeld(16003): TRACE: Telling master we're about to commit...
lightning_channeld(16003): TRACE: Sending master WIRE_CHANNEL_SENDING_COMMITSIG
lightning_channeld(16003): UPDATE WIRE_CHANNEL_SENDING_COMMITSIG
lightning_channeld(16003): TRACE: ... , awaiting WIRE_CHANNEL_SENDING_COMMITSIG_REPLY
lightning_channeld(16003): TRACE: Got it!
lightning_channeld(16003): TRACE: Sending commit_sig with 0 htlc sigs
lightning_channeld(16003): TRACE: peer_out WIRE_UPDATE_FEE
lightning_channeld(16003): STATUS_FAIL_PEER_IO: peer connection broken: Connection reset by peer
lightning_channeld(16003): Status closed, but not exited. Killing

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-01 18:30:57 +01:00
Rusty Russell
daf12e4a4d channeld: channel_update must use peer's htlc_minimum_msat.
As per the spec fix: lightningnetwork/lightning-rfc#287

Reported-by: Pierre-Marie Padiou
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-29 16:56:34 +01:00
Rusty Russell
af7e6158af Makefile: clean needs to do more, distclean should remove everything.
I checked this with git status --ignored after a full build and 'make distclean'.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-24 13:29:03 +01:00
Rusty Russell
552e56d002 channeld: send update_fee messages.
We only send them when we're not awaiting revoke_and_ack: our
simplified handling can't deal with multiple in flights.

Closes: #244
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-23 12:40:32 +01:00
Rusty Russell
c3cb7f1c85 channeld: don't assert that we're expecting revoke_and_ack.
We can have it happen on reconnect due to fee changes; we should really
detect this case, but it's harmless to let it happen as a noop.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-23 12:40:32 +01:00
Rusty Russell
d28ee02cbf channeld: handle feerate on reconnect.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-23 12:40:32 +01:00
Rusty Russell
062f18127d channeld: handle incoming feerate changes.
We allow from the 100-confirm economical rate to 5x the immediate rate.

Closes: #243
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-23 12:40:32 +01:00
Rusty Russell
6fac3438dd channeld: track feerates.
Handling feerates for the fundee (who only receives fee_update) is
simple: it's practically atomic since we accept commitment and send
revocation, thus they're applied to both sides at once.

Handling feerates for the funder is more complex: in theory we could
have multiple in flight.  However, if we avoid this using the same
logic as we use to suppress multiple commitments in flight, it's
simple again.

We fix the test code to use real feerate manipulation, thus have to
remove an assert about feerate being non-zero.  And now we have
feechanges, we need to rely on the changes_pending flags, as we can
have changes without an HTLCs changing.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-23 12:40:32 +01:00
Rusty Russell
8999e2293a channeld: implement approx_max_feerate.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-23 12:40:32 +01:00
Rusty Russell
f45d962a14 channeld: implement and refine fee-related functions.
We had some in the header, now implement them, and add a channel_feerate()
accessor.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-23 12:40:32 +01:00
Rusty Russell
b836b452dc feerate: keep feerates separately for each side.
When we support changing them, they can be different during the transition.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-23 12:40:32 +01:00
Rusty Russell
f1e4cad9d4 feerate: use u32 everywhere.
The wire protocol uses this, in the assumption that we'll never see feerates
in excess of 4294967 satoshi per kiloweight.

So let's use that consistently internally as well.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-23 12:40:32 +01:00
Rusty Russell
40315bfb91 test: fix dependencies.
Test objects must be added to $(ALL_OBJS) so they correctly depend on
CCAN headers etc.

Also, each test in a subdir must depend on headers and src in the parent
directory, as it will often #include them directly.

Reported-by: Christian Decker
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-22 19:40:46 +01:00
Rusty Russell
37b4ab306e run-channel.c: move under channeld/
This also fixes dependencies, since it actually depends on channeld objects.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-22 19:40:46 +01:00
Rusty Russell
0a131c6389 channel: use flag to indicate we're awaiting revoke_and_ack.
We currently scan through HTLCs: this isn't enough if we've only got a
feechange in the commitment, so use a flag (but keep both for now for
debugging).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-22 19:40:46 +01:00
Rusty Russell
c328a76438 channeld: use flags to track whether changes are pending.
This is required when we have non-HTLC changes (ie. fees).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-22 19:40:46 +01:00
Rusty Russell
5fb4577890 channeld/full_channel: fix incorrect reutrn from channel_rcvd_revoke_and_ack.
It was always returning false; it was supposed to return true if
we had added pending changes.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-22 19:40:46 +01:00
Christian Decker
aeeb0b7011 channel: Re-enable channel after reconnect
Simply done by sending an enabling update after reconnect.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2017-11-20 06:13:45 +00:00
Rusty Russell
fc05779f78 subdaemons: pass back and forth the htlc points.
Openingd sets it to the same as the payment point for the remote side.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-16 17:40:57 +01:00
Rusty Russell
3363bab6c9 channeld: use HTLC key for htlc signatures.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-16 17:40:57 +01:00
Rusty Russell
4db460903a htlc_tx: wire up the htlc points.
All the callers need to pass it in: currently channeld and openingd just
fake it by copying the payment point.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-16 17:40:57 +01:00
Rusty Russell
fe5614a489 basepoints/secrets: add htlc entry
Currently derive_basepoints just sets it to match the payment point/secret.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-16 17:40:57 +01:00
Christian Decker
71c090745b channel: Defer sending the announcement_signature until both lock
We were sending the announcement_signatures as soon as we locally
locked and got the announcement_depth, this doesn't make the channel
usable any sooner and forces the other side to stash the
signature. This defers the announcement_signature until the channel
really is usable.

This is done by adding an additional check for the remote locked
message and adding a trigger on remote lock.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2017-11-14 23:00:01 +00:00
Rusty Russell
71e794a046 lightningd: split ctlv_expiry and final_cltv.
These need to be different for testing the example in BOLT 11.

We also use the cltv_final instead of deadline_blocks in the final hop:
various tests assumed 5 was OK, so we tweak utils.py.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-10-31 14:36:50 +01:00
Rusty Russell
3c6eec87e3 Add DEVELOPER flag, set by default.
This is a bit messier than I'd like, but we want to clearly remove all
dev code (not just have it uncalled), so we remove fields and functions
altogether rather than stub them out.  This means we put #ifdefs in callers
in some places, but at least it's explicit.

We still run tests, but only a subset, and we run with NO_VALGRIND under
Travis to avoid increasing test times too much.

See-also: #176
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-10-26 12:53:09 +02:00
Rusty Russell
954a3990fa gossipd: don't send a peer to master with half-written or half-read packet.
In this case, it was a gossip message half-sent, when we asked the peer
to be released.  Fix the problem in general by making send_peer_with_fds()
wait until after the next packet.

test_routing_gossip/lightning-4/log:
	b'lightning_openingd(8738): TRACE: First per_commit_point = 02e2ff759ed70c71f154695eade1983664a72546ebc552861f844bff5ea5b933bf'
	b'lightning_openingd(8738): TRACE: Failed hdr decrypt with rn=11'
	b'lightning_openingd(8738): STATUS_FAIL_PEER_IO: Reading accept_channel: Success'

test_routing_gossip/lightning-5/log:

	b'lightning_gossipd(8461): UPDATE WIRE_GOSSIP_PEER_NONGOSSIP'
	b'lightning_gossipd(8461): UPDATE WIRE_GOSSIP_PEER_NONGOSSIP'
	b'lightningd(8308): Failed to get netaddr for outgoing: Transport endpoint is not connected'

The problem occurs here on release, but could be on any place where we hand
a peer over when using ccan/io.  Note the other case (channel.c).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-10-25 18:34:35 +02:00
Rusty Russell
ebdecebb1a channeld: send channel_announce and initial update to master, not gossipd.
There is a race we see sometimes under valgrind on Travis which shows
gossipd receiving the node_announce from master before it reads the
channel_announce from channeld, and thus fails.  The simplest solution
is to send the channel_announce and channel_update to master as well,
so it can ensure it sends them to gossipd in order

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-10-24 16:12:22 +02:00
Rusty Russell
2394c9a2e7 crypto_state: move to its own file.
In particular, the main daemon needs to pass it about (marshal/unmarshal)
but it won't need to actually use it after the next patch.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-10-20 18:31:32 +02:00
Rusty Russell
8f057f7fc7 Revert "gossip: send the *other* node's cltv_expiry_delta in channel_announce."
This reverts commit 297e278132.
2017-10-11 11:54:50 +02:00
Rusty Russell
297e278132 gossip: send the *other* node's cltv_expiry_delta in channel_announce.
Include tests from example doc.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-10-10 20:17:37 +02:00
Rusty Russell
2a28173891 Typo fix: CTLV -> CLTV.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-10-10 20:17:37 +02:00
Rusty Russell
e137e2527f Update BOLT references with typo fixes.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-10-10 20:17:37 +02:00
Rusty Russell
32631b4278 generate-wire.py: add --bolt arg, use size->type hacks only when that's specified.
For our own internal comms CSVs, we should always name explicit types.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-09-29 14:40:34 +02:00
Rusty Russell
8bb20d127d channeld: add debugging into io_loop.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-09-29 10:20:08 +09:30
Rusty Russell
72b215f6fe Make all internal message numbers unique.
We were sending a channeld message to onchaind, which was v. confusing
due to overlap.  We make all the numbers distinct, which means we can
also add an assert() that it's valid for that daemon, which catches
such errors immediately.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-09-28 13:07:05 +09:30
Rusty Russell
ab8251c214 lightningd: dev-reenable-commit RPC command to re-enable commit timer.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-09-28 13:07:05 +09:30
Rusty Russell
ce160d9b17 lightnind: _ dev-disconnect argument to suppress commit timer.
Required for catching daemon in exact state.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-09-28 13:07:05 +09:30
Rusty Russell
ef28b6112c status: use common status codes for all the failures.
This change is really to allow us to have a --dev-fail-on-subdaemon-fail option
so we can handle failures from subdaemons generically.

It also neatens handling so we can have an explicit callback for "peer
did something wrong" (which matters if we want to close the channel in
that case).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-09-12 23:00:53 +02:00
Christian Decker
006d664b59 channeld: Make sure status_setup_sync is called before status_failed
This was still happening if reading the `channel_init` message failed.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2017-09-10 10:48:53 +09:30
Rusty Russell
cc34f572ca channeld: fix sync write to master.
We hit:
	assert(!peer->handle_master_reply);

#4  0x000055bba3b030a0 in master_sync_reply (peer=0x55bba41c0030, 
    msg=0x55bba41c6a80 "", replytype=WIRE_CHANNEL_GOT_COMMITSIG_REPLY, 
    handle=0x55bba3b041cf <handle_reply_wake_peer>) at channeld/channel.c:518
#5  0x000055bba3b049bc in handle_peer_commit_sig (conn=0x55bba41c10d0, 
    peer=0x55bba41c0030, msg=0x55bba41c6a80 "") at channeld/channel.c:959
#6  0x000055bba3b05c69 in peer_in (conn=0x55bba41c10d0, peer=0x55bba41c0030, 
    msg=0x55bba41c67c0 "") at channeld/channel.c:1339
#7  0x000055bba3b123eb in peer_decrypt_body (conn=0x55bba41c10d0, 
    pcs=0x55bba41c0030) at common/cryptomsg.c:155
#8  0x000055bba3b2c63b in next_plan (conn=0x55bba41c10d0, plan=0x55bba41c1100)
    at ccan/ccan/io/io.c:59

We got a commit_sig from the peer while waiting for the master to
reply to acknowledge the commitsig we want to send
(handle_sending_commitsig_reply).

The fix is to go always talk to the master synchronous, and not try to
process anything but messages from the master daemon.  This avoids the
whole class of problems.

There's a fairly simple way to do this, as ccan/io lets you override
its poll call: we process any outstanding master requests there, or
add the master fd to the pollfds array.

Fixes: #266
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-09-09 10:31:31 +09:30
Rusty Russell
5acbc04ec8 channeld: assert we're not somehow nonblocking in init_channel.
Christian reported seeing a zero-length packet come in; this seems the
most likely possibility.  

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-09-09 10:31:31 +09:30
Christian Decker
b0c0e28a43 gossip: Simplify announce_signature exchange
The logic of dispatching the announcement_signatures message was
distributed over several places and daemons. This aims to simplify it
by moving it all into `channeld`, making peer_control only report
announcement depth to `channeld`, which then takes care of the
rest. We also do not reuse the funding_locked tx watcher since it is
easier to just fire off a new watcher with the specific purpose of
waiting for the announcement_depth.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2017-09-05 12:47:25 +09:30
Rusty Russell
4e81d2431b channeld: fix corruption when dealing with queued packets.
master is not actually a tal object!

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-09-04 20:46:26 +02:00
Rusty Russell
7e13e9e457 channeld: don't allow NULL htlcmap for full_channel
That was only for the initial state, which is now in initial_channel.c.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-09-03 02:01:54 +02:00
Rusty Russell
1cf33eefe2 lightningd: handle case where channeld fails locally-generated HTLC.
jl777 reported a crash when we try to pay past reserve.  Fix that (and
a whole class of related bugs) and add tests.

In test_lightning.py I had to make non-async path for sendpay() non-threaded
to get the exception passed through for testing.

Closes: #236
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-08-30 11:36:37 +02:00
Rusty Russell
52db7fd27b channeld: correctly send failure message on local HTLC failure.
valgrind was complaining about uninitialized bytes over the wire.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-08-30 11:36:37 +02:00
Rusty Russell
bbed5e3411 Rename subdaemons, move them into top level.
We leave the *build* results in lightningd/ for ease of in-place testing though.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-08-29 17:54:14 +02:00