Commit Graph

7500 Commits

Author SHA1 Message Date
Rusty Russell
447730e70f wallet: only store BADONION codes in db for incoming htlcs: rest are all onionreplyies.
This completes the conversion; any in-flight HTLC failures get turned into temporary_node_failures.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-25 11:12:12 +10:30
Rusty Russell
bbc7a79542 lightningd: always use an onionreply for locally generated incoming HTLC errors (unless BADONION).
This cleans up the "local failure" callers for incoming HTLCs to hand
an onionreply instead of making us generate it from the code inside
make_failmsg.

(The db path still needs make_failmsg, so that's next).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-deprecated: Plugins: htlc_accepted_hook "failure_code" only handles simple cases now, use "failure_message".
2020-02-25 11:12:12 +10:30
Rusty Russell
590b2db88e lightningd: make local htlc failures pass a wiremsg for errors, not a failcode.
Unfortunately the invoice_payment_hook can give us a failcode, so I simply
restrict it to the two sensible ones.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-deprecated: plugins: invoice_payment_hook "failure_code" only handles simple cases now, use "failure_message".
2020-02-25 11:12:12 +10:30
Rusty Russell
5af3a135be lightningd: separate path for failed_htlc when an onion is bad.
We tell channeld that an htlc is bad by sending it a 'struct
failed_htlc'.  This usually contains an onionreply to forward, but for
the case where the onion itself was bad, it contains a failure code
instead.

This makes the "send a failed_htlc for a bad onion" a completely
separate code path, then we can work on removing failcodes from the
other path.

In several places 'failcode' is now changed to 'badonion' to reflect
that it can only be a BADONION failcode.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-25 11:12:12 +10:30
Rusty Russell
72d55d3e3b lightningd: store raw msg rather than code for locally-failed outgoing HTLCs
At the moment, we store e.g. WIRE_TEMPORARY_CHANNEL_FAILURE, and then
lightningd has a large demux function which turns that into the correct
error message.

Such an enum demuxer is an anti-pattern.

Instead, store the message directly for output HTLCs; channeld now
sends us an error message rather than an error code.

For input HTLCs we will still need the failure code if the onion was
bad (since we need to prompt channeld to send a completely different
message than normal), though we can (and will!) eliminate its use in
non-BADONION failure cases.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-25 11:12:12 +10:30
Rusty Russell
1a3ed18959 channeld: add routing to get our own channel's channel_update.
We'll use this in the next patch for when we need to create errors to
send back to lightningd; most commonly when the channel doesn't have
capacity for the HTLC.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-25 11:12:12 +10:30
Rusty Russell
a150b09665 wallet: Add new htlc column "localfailmsg" for outgoing htlcs.
We're going to change our internal structure next, so this is preparation.
We populate existing errors with temporary node failures, for simplicity.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-25 11:12:12 +10:30
Rusty Russell
cec18dfd6e lightningd: remove always-NULL argument to add_fail.
It's only called from the db code, and failing_channel is always NULL.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-25 11:12:12 +10:30
Rusty Russell
ed839bfda0 channeld: get the onionreply back from lightningd for failed htlcs.
Instead of making it ourselves, lightningd does it.  Now we only have
two cases of failed htlcs: completely malformed (BADONION), and with
an already-wrapped onion reply to send.

This makes channeld's job much simpler.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-25 11:12:12 +10:30
Rusty Russell
7ab5c424b6 gossipd: provide (stripped) channel_update when resolving a channel.
I hadn't realized that lightningd asks gossipd every time we forward
a payment.  But I'm going to abuse it here to get the latest channel_update,
otherwise (as lightningd takes over error message generation) lightningd
needs to do an async request at various painful points.

So have gossipd tell us the lastest update (stripped so compatible with
the strange in-onion-error format).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-25 11:12:12 +10:30
Rusty Russell
c7bbdd76d3 lightningd: handle fail_htlc_in with no known outgoing channel.
Turn it into temporary node failure: this only happens if we restart
with a failed htlc in, but it's clearer and more robust to handle it
generically.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-25 11:12:12 +10:30
Rusty Russell
bb9b761dda channeld: don't get details of our own failed htlcs at init.
For incoming htlcs, we need failure details in case we need to
re-xmit them.  But for outgoing htlcs, lightningd is telling us it
already knows they've failed, so we just need to flag them failed
and don't need the details.

Internally, we set the ->fail to a dummy non-NULL value; this is
cleaned up next.

This matters for the next patch, which moves onion handling into
lightningd.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-25 11:12:12 +10:30
Rusty Russell
ad3c7f3a1f lightningd: clean up weird call to send_htlc_out.
1. forward_htlc sets hout to NULL.
2. forward_htlc passes &hout to send_htlc_out.
3. forward_htlc checks the failcode and frees(NULL) and sets hout to NULL
   (again).  This in fact covers every failcode which send_htlc_out returns.

We should ensure send_htlc_out sets *houtp to NULL on failure; in fact,
both callers pass houtp, so we can make it unconditional.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-25 11:12:12 +10:30
Rusty Russell
b84b4b4695 lightningd: rename htlc_in and htlc_out failuremsg fields to failonion.
This is clearer, especially when we also deal with raw not-yet-onion-wrapped
failure messages.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-25 11:12:12 +10:30
Vasil Dimov
79ba4866ec build: unbreak if CFLAGS is defined in make's env
Don't let make pollute subprojects' environment with our own `CFLAGS`,
which are quite strict because that breaks at least libwally-core:

```sh
$ ./configure ...
$ CFLAGS=whatever_this_is_irrelevant make
...
cd external/libwally-core-build && ../libwally-core/configure ...
...
  CFLAGS                  = -DBINTOPKGLIBEXECDIR="\"../libexec/c-lightning\"" -Wall -Wundef -Wmissing-prototypes -Wmissing-declarations -Wstrict-prototypes -Wold-style-definition -Werror -std=gnu11 -g -fstack-protector  -I ccan -I external/libwally-core/include/ -I external/libwally-core/src/secp256k1/include/ -I external/jsmn/ -I external/libbacktrace/ -I external/libbacktrace-build -I . -I/usr/local/include   -DCCAN_TAKE_DEBUG=1 -DCCAN_TAL_DEBUG=1 -DCCAN_JSON_OUT_DEBUG=1 -DSHACHAIN_BITS=48 -DJSMN_PARENT_LINKS   -DBUILD_ELEMENTS=1 -W -std=c89 -pedantic -Wall -Wextra -Wcast-align -Wnested-externs -Wshadow -Wstrict-prototypes -Wno-unused-function -Wno-long-long -Wno-overlength-strings -fvisibility=hidden -O3
...
In file included from ../../libwally-core/src/base58.c:4:
../../libwally-core/src/ccan/ccan/endian/endian.h:71:24: error: unused function 'bswap_16'
      [-Werror,-Wunused-function]
static inline uint16_t bswap_16(uint16_t val)
                       ^

```

If `CFLAGS` is set in its environment, then `make` would export our own
`CFLAGS` to any subprocesses it starts, which means subprojects would
inherit our `CFLAGS="-Wall -Werror"` in their environments.

GNU Make's documentation:
https://www.gnu.org/software/make/manual/html_node/Variables_002fRecursion.html#Variables_002fRecursion
> make exports a variable only if it is either defined in the environment initially...

Example:
```make
A = x
default:
	echo $$A
```

then:

```sh
$ make # prints nothing, A is not exported to the subprocess
$ A=y make # prints "x", our A=x is exported to the subprocess
```

Changelog-None
2020-02-22 08:49:57 +10:30
darosior
230cebfb35 doc: clarify txprepare usage 2020-02-21 17:52:02 +01:00
darosior
cd15cec2f3 txprepare: don't crash if we are passed unconfirmed utxos
Changelog-added: `txprepare` doesn't crash lightningd anymore if you pass unconfirmed utxos
2020-02-21 17:52:02 +01:00
darosior
9e9e23c81a pytest: test txprepare with unconfirmed utxos 2020-02-21 17:52:02 +01:00
Vasil Dimov
a754e4c6aa gitignore: extend with recently added build products
Changelog-None
2020-02-21 09:44:41 +01:00
Rusty Russell
d478dc0e59 wallet: fix null column access for pre-0.7.3 dbs.
Added in d901304120, this column is null in old dbs like mine:

2020-02-15T00:08:41.444Z **BROKEN** database: Accessing a null column 12 in query SELECT  id, channel_htlc_id, msatoshi, cltv_expiry, hstate, payment_hash, payment_key, routing_onion, failuremsg, malformed_onion, origin_htlc, shared_secret, received_time FROM channel_htlcs WHERE direction= ? AND channel_id= ? AND hstate != ?

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-18 10:22:58 +10:30
ZmnSCPxj jxPCSnmZ
541472b77c doc/lightning-listpeers.7.md: Clarify spendable_msat.
Fixes: #3524

ChangeLog-none
2020-02-18 10:22:26 +10:30
darosior
e7b0c24db2 libplugin: use a typesafe_cb for plugin_timer 2020-02-18 10:21:48 +10:30
Rusty Russell
11149ef5a1 lightningd, openingd: remove active code inside assert().
We don't compile with NDEBUG defined, but if we did, this code would
vanish.  I did a quick audit, inspired by @ZmnSCPxj.

I actually hacked up something to compile with NDEBUG (many unused vars
resulted, and of course unit tests are allowed to rely on assert()), and
after this the testsuite still passes.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-18 10:21:29 +10:30
Michael Schmoock
dd334df80d fix: makes testutils ln.pay assert status complete
`waitsendpay` in `lightningd/pay.c` can also return 'pending' and 'failed',
we should check that.
2020-02-18 10:10:17 +10:30
Michael Schmoock
ba36dfeba3 doc: all requirements.txt are needed for testing
the tests are not possible only by having tests/requirements.txt .
Running the whole testsuite also runs contrib/pyln-proto/tests/test_invoice.py
which needs requiremnets of pyln-proto and so on.

Also requirement coincurve requires libsecp256k1-dev headers.
As most developers need all requiremtents and we should tell them.
2020-02-18 10:10:17 +10:30
Michael Schmoock
3e2607bf2d chore: updates coincurve requirement to v13
Update to v13 as v12 started to raise undefined symbol exceptions agains latest
libsecp256k1.

Note: any version of `pip install coincurve` fails if no libsecp256k1 headers
are installed, should we point this out somewhere/somehow?

Changelog-None
2020-02-18 10:10:17 +10:30
Rusty Russell
9d9480f17e ccan: update to latest version which allows destructors to self-delete.
Also, a fix for compiling with NDEBUG.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-17 19:55:13 +10:30
Rusty Russell
7de03e990f CHANGELOG.md: 0.8.1: "Channel to the Moon"
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-17 19:07:09 +10:30
Rusty Russell
73f760342b doc: remove two more references to the '[Unreleased]' in CHANGELOG.md
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-17 19:07:09 +10:30
Rusty Russell
0b123a3cec CHANGELOG.md: 0.8.1rc3
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-15 09:04:50 +10:30
Rusty Russell
df50faba6a lightningd: fix crash when plugin has been unloaded and we abort cmd.
I reproduced this by putting a sleep(60) in the pay plugin, then
'lightning-cli pay', 'lightning-cli plugin stop pay' and then ^C
the `lightning-cli pay`:

2020-02-14T00:33:11.217Z INFO plugin-pay: Killing plugin: pay stopped by lightningd via RPC
2020-02-14T00:33:15.250Z DEBUG lightningd: Still waiting for initial block download
==5157== Invalid read of size 8
==5157==    at 0x12A29C: destroy_jcon (jsonrpc.c:149)
==5157==    by 0x1C6F2A: notify (tal.c:235)
==5157==    by 0x1C7441: del_tree (tal.c:397)
==5157==    by 0x1C7493: del_tree (tal.c:407)
==5157==    by 0x1C77DD: tal_free (tal.c:481)
==5157==    by 0x1B7380: io_close (io.c:450)
==5157==    by 0x1B71A7: do_plan (io.c:401)
==5157==    by 0x1B7214: io_ready (io.c:417)
==5157==    by 0x1B94AC: io_loop (poll.c:445)
==5157==    by 0x1291C9: io_loop_with_timers (io_loop_with_timers.c:24)
==5157==    by 0x12EC7E: main (lightningd.c:928)
==5157==  Address 0x4ebab98 is 40 bytes inside a block of size 88 free'd
==5157==    at 0x483BA3F: free (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==5157==    by 0x1C750F: del_tree (tal.c:416)
==5157==    by 0x1C7493: del_tree (tal.c:407)
==5157==    by 0x1C77DD: tal_free (tal.c:481)
==5157==    by 0x153856: clear_plugin (plugin_control.c:209)
==5157==    by 0x1538FF: plugin_dynamic_stop (plugin_control.c:225)
==5157==    by 0x153C51: json_plugin_control (plugin_control.c:295)
==5157==    by 0x12B4EC: command_exec (jsonrpc.c:588)
==5157==    by 0x12B8AB: rpc_command_hook_callback (jsonrpc.c:679)
==5157==    by 0x154575: plugin_hook_call_ (plugin_hook.c:170)
==5157==    by 0x12BCD3: plugin_hook_call_rpc_command (jsonrpc.c:756)
==5157==    by 0x12BD04: call_rpc_command_hook (jsonrpc.c:764)
==5157==  Block was alloc'd at
==5157==    at 0x483A7F3: malloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==5157==    by 0x1C6F98: allocate (tal.c:245)
==5157==    by 0x1C7559: tal_alloc_ (tal.c:423)
==5157==    by 0x15135A: plugin_rpcmethod_add (plugin.c:706)
==5157==    by 0x151600: plugin_rpcmethods_add (plugin.c:756)
==5157==    by 0x151BDD: plugin_parse_getmanifest_response (plugin.c:893)
==5157==    by 0x151C9C: plugin_manifest_cb (plugin.c:915)
==5157==    by 0x14FFB9: plugin_response_handle (plugin.c:258)
==5157==    by 0x150165: plugin_read_json_one (plugin.c:356)
==5157==    by 0x1502BC: plugin_read_json (plugin.c:388)
==5157==    by 0x1B65ED: next_plan (io.c:59)
==5157==    by 0x1B71D2: do_plan (io.c:407)

Fixes: #3509
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-15 08:49:18 +10:30
Rusty Russell
77e3df0a29 gossipd: remove assert which can trigger.
We can actually fail to find a shorter route, but it's a fairly obscure case.

Fixes: #3517
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-15 08:48:04 +10:30
Rusty Russell
243078ac0c CHANGELOG.md: fix extra 'v' in version.
Breaks `tools/build-release.sh`

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-15 08:48:04 +10:30
Rusty Russell
e7a1cf137a CHANGELOG.md: v0.8.1rc2
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-13 16:10:26 +10:30
Rusty Russell
fc4d01cd9d db: put scids in forwards even if we didn't actually send.
If the peer is not connected, or other error which means we don't
actually create an outgoing HTLC, we don't record the
short_channel_id.  This is unhelpful!

Pass the scid down to the wallet code, and explicitly hand the
scid and amount down to the notification code rather than handing it
the htlc_out (which it doesn't need).

Changelog-Changed: JSON API: `listforwards` now shows `out_channel` even if we couldn't forward.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-12 22:27:57 -06:00
Rusty Russell
5e2053feea pay: fix crash when we paystatus too soon.
If the attempt hasn't started yet, we can have an empty 'attempts' array
(while it's in listpeers, for example):

```
pay: plugins/pay.c:1457: json_paystatus: Assertion `tal_count(ps->attempts)' failed.
pay: FATAL SIGNAL 6 (version v0.8.1rc1-1-g946af3f)
0x55e895110543 send_backtrace
	common/daemon.c:39
0x55e8951105e9 crashdump
	common/daemon.c:52
0x7f92b0928f1f ???
	???:0
0x7f92b0928e97 ???
	???:0
0x7f92b092a800 ???
	???:0
0x7f92b091a399 ???
	???:0
0x7f92b091a411 ???
	???:0
0x55e895100012 json_paystatus
	plugins/pay.c:1457
0x55e895103aaa ld_command_handle
	plugins/libplugin.c:968
0x55e895103bd4 ld_read_json_one
	plugins/libplugin.c:1011
0x55e895103cd2 ld_read_json
	plugins/libplugin.c:1030
0x55e895124cbd next_plan
	ccan/ccan/io/io.c:59
0x55e89512583a do_plan
	ccan/ccan/io/io.c:407
0x55e895125878 io_ready
	ccan/ccan/io/io.c:417
0x55e895127a3e io_loop
	ccan/ccan/io/poll.c:445
0x55e895104593 plugin_main
	plugins/libplugin.c:1194
0x55e895100cbc main
	plugins/pay.c:1697
```

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-13 14:20:50 +10:30
Rusty Russell
7a178ebb7a plugins: libplugin don't insist on 'jsonrpc' field from lightningd.
Spark does this, for example:

{"method":"pay","params":["lnbc..."],"id":22}

Which doesn't have a jsonrpc field.  The result is that the command
doesn't terminate, there is nothing in the logs, stderr contains
"pay: JSON-RPC message does not contain "jsonrpc" field", and
from then on "Unknown command 'pay'".

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-13 12:34:31 +10:30
Rusty Russell
ff968e7730 CHANGELOG.md: Update for 0.8.1-rc1.
Normalized lines; split some where we've deprecated something (needs a
line each in Deprecated section).

Also, removed unused [Unreleased] footnote in favor of [0.8.0] footnote.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-12 16:23:28 +10:30
Rusty Russell
2c88ab53d4 doc: update MAKING-RELEASES.
1. GH_TOKEN is probably required to run the changelog script.
2. Note the footnotes need updating; we no longer have [Unreleased].

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-12 16:23:28 +10:30
darosior
a47fd8cf3e pytest: test Bitcoin plugin registration and the bcli plugin 2020-02-12 11:45:07 +10:30
darosior
4c5862eab1 pytest: fixup flaky test_closing_specified_destination 2020-02-12 11:45:07 +10:30
darosior
bbc5c10919 pytest: adjust mocks and logs for bitcoind
For bitcoind_fail_first:
We only ever send `getblock` if we got a successful block hash from
`getblockhash`, and if we can't get the block in that case it means
our Bitcoin backend is faulty and we shouldnt continue.

So, mock `getblockhash` instead, which is authorized to spuriously fail.

For both bitcoind_fail_first and bitcoind_failure:
Adapt the logs.
2020-02-12 11:45:07 +10:30
darosior
06d598efc1 lightningd: clean utxos after the topology is setup
We need our Bitcoin backend to be ready to get infos about some utxos
2020-02-12 11:45:07 +10:30
darosior
580556b1d0 lightningd/bitcoind: remove all bitcoin-cli specific code
Changelog-Added: pluggable backends for Bitcoin data queries, default still bitcoind (using bitcoin-cli).
2020-02-12 11:45:07 +10:30
darosior
ced444a605 lightningd/bitcoind: use the Bitcoin plugin for fee estimates
And remove bitcoin-cli interaction code, now unused.
2020-02-12 11:45:07 +10:30
darosior
c79ab0f1b0 lightningd/bitcoind: use the Bitcoin plugin for getutxout 2020-02-12 11:45:07 +10:30
darosior
78cb921b80 lightningd/bitcoind: use getrawblockatheight for getfilteredblock
This avoids the getblockhash+getblock, and more importantly that was the
last functionality making use of bitcoind_getrawblock() and bitcoin_getblockhash(),
so we can also get rid of them.
2020-02-12 11:45:07 +10:30
darosior
947f5ddde1 lightningd/bitcoind: use the Bitcoin plugin to send transactions
This restrains the informations we get about how the sending went to
an errmsg as we cant rely on bitcoin-cli specific output nor its exit code.
2020-02-12 11:45:07 +10:30
darosior
ca7c1f8bc8 lightningd/chaintopology: use plugin for tip polling 2020-02-12 11:45:07 +10:30
darosior
7b18b24e39 lightningd/chaintopology: use plugin backend to setup topology
This adds `getchaininfo` and `getrawblockbyheight` handling lightningd-side,
and use them in setup_topology().

We then remove legacy bitcoind_getblockcount() (we already get the count in
`getchaininfo`), bitcoind_getblockchaininfo() (it was only used in setup_topology()),
and wait_for_bitcoind() (this was specific to bitcoin-core and we assume our Bitcoin
backend to be functional if the plugin responds to `init`).
2020-02-12 11:45:07 +10:30