Commit Graph

9076 Commits

Author SHA1 Message Date
Rusty Russell
094889f50f common/json_tok: minor cleanup to bitcoin_outpoint array parsing.
No reason to use a temp var here.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-09 06:56:21 +10:30
Rusty Russell
6f205896aa bitcoin/tx: fix type of outpoint (n is a u32), simplify json_to_outpoint
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-09 06:56:21 +10:30
Christian Decker
ad2f6cdabb cli: Add a JSON parsing sanity check before sending request
If some parameter is malformed on the command line we could end up
with a malformed JSON-RPC request, which would then result in very
unhelpful error messages.

Fixes #4238
Changelog-Changed: cli: `lightning-cli` now performs better sanity checks on the JSON-RPC requests it sends.
2020-12-09 06:56:21 +10:30
Christian Decker
b2a5cf422f jsonrpc: Forward errors on malformed requests to cli
We were masquerading errors when parsing the request by reporting only
a bogus malformed `id` field in the response, when the real issue was
that we were unable to parse the request in the first place (which
caused the null-id error to be returned).

Fixes #4238
2020-12-09 06:56:21 +10:30
Christian Decker
71fafd23fd pytest: Add a test to reproduce #4258 2020-12-09 06:56:21 +10:30
Christian Decker
e186b2620a txprepare: Verify that outputs arg is an array
We were not checking that outputs is indeed an array, and just going
ahead creating the array of outputs. Since `tok->size` for a string is
0 we ended up ignoring the argument altogether and thus the created
transaction would end up only with a single change output.

Fixes #4258
2020-12-09 06:56:21 +10:30
Christian Decker
47b8b46d54 cleanup: Remove stdio header from param.c 2020-12-09 06:56:21 +10:30
Christian Decker
55d9492d9e txprepare: Use param_outpoint_arr helper to validate input 2020-12-09 06:56:21 +10:30
Christian Decker
32000b6660 json: Add two param functions to parse string arrs and outpoint arrs
In a couple of places we accept arrays of strings and don't validate
them. If we forward them, e.g., call a JSON-RPC method from the
plugin, we end up embedding the unverified string in the JSON-RPC
call without escaping, which then leads to invalid JSON being passed
on.

This at least partially causes #4238
2020-12-09 06:56:21 +10:30
Christian Decker
eacc54646f pyln: Remove deprecated txprepare variant
We promised to deprecate the old "destination satoshi feerate utxos"
variant some time on mid-2020 so let's do just that. `txprepare`
doesn't parse it either anymore.

Changelog-Changed: pyln: `txprepare` no longer supports the deprecated `destination satoshi feerate utxos` call format.
2020-12-09 06:56:21 +10:30
Michael Schmoock
362284981d plyn: use math.floor for msat mul and div 2020-12-08 13:48:14 +01:00
Michael Schmoock
565dc95a8e pyln: fix msat float multiplication 2020-12-08 13:48:14 +01:00
Michael Schmoock
2678cfb364 pyln: extend msat floating testcases
This adds two more xfail'ing testcases to show that the current way of
parsing Millisatoshi decimals is not yet optimal.

Changelog-None
2020-12-08 13:48:14 +01:00
Christian Decker
c656cfe38d channeld: Fix the shutdown_sent billboard direction
While debugging a hanging channel with a user I noticed that they
called `close` on a channel, resulting in the channel showing
`CHANNELD_SHUTTING_DOWN`, but the billboard seemed to show the
information the wrong way around:

```json
{
   "peers": [
      {
         "connected": true,
	 // ...
         "channels": [
            {
               "state": "CHANNELD_SHUTTING_DOWN",
	       // ...
               "status": [
                  "CHANNELD_SHUTTING_DOWN:Reconnected, and reestablished.",
                  "CHANNELD_SHUTTING_DOWN:Funding transaction locked. They need our announcement signatures. They've sent shutdown, waiting for ours"
               ],
	       // ...
            }
         ]
      }
   ]
}
```

Aside from the hung channel, the switch in direction of the status
seemed weird. Checking the billboard code seems to have the status
switched as well:

ff8830876d/channeld/channeld.c (L223-L226)

We set `shutdown_sent[LOCAL]` when we send the shutdown:

ff8830876d/channeld/channeld.c (L823-L839)

And we set `shutdown_sent[REMOTE]` when we receive the shutdown:

ff8830876d/channeld/channeld.c (L1730-L1781)

So I think the billboard code just needs to be switched around.

Changelog-Fixed: JSON-RPC: The status of the shutdown meesages being exchanged is now displayed correctly.
2020-12-08 11:47:13 +10:30
Christian Decker
eae49727b1 pytest: Disable flaky test_fundchannel_start_alternate
This test has been causing most CI runs to fail. See tracking issue #4265
for discussion on fixing and re-enabling it.

Changelog-None
2020-12-08 09:14:25 +10:30
Rusty Russell
23d4e53246 connectd: add annotation and fix up formatting on connectd/netaddress.c
This is stolen from the bitcoind source, so we use their style
(no tabs, 4-wide spaces).  Clean it up and add the emacs magic to
maintain it in future.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-07 14:26:52 +01:00
Rusty Russell
089ecfe418 connectd: fix valgrind complaint on FreeBSD
As reported by Wladimir J. van der Laan.  Valgrind will complain
about padding and unset fields, so memset the structs.

```
==42653== Syscall param socketcall.connect(serv_addr..sa_len) points to uninitialised byte(s)
==42653==    at 0x4C7D19A: _connect (in /lib/libc.so.7)
==42653==    by 0x4EE1F35: ??? (in /lib/libthr.so.3)
==42653==    by 0x249D57: get_local_sockname (netaddress.c:212)
==42653==    by 0x249CDB: guess_address (netaddress.c:242)
==42653==    by 0x2473D0: public_address (connectd.c:1003)
==42653==    by 0x246CE4: setup_listeners (connectd.c:0)
==42653==    by 0x246566: connect_init (connectd.c:1311)
==42653==    by 0x270CEB: next_plan (io.c:59)
==42653==    by 0x2713EE: io_ready (io.c:417)
==42653==    by 0x2726B1: io_loop (poll.c:445)
==42653==    by 0x24618A: main (connectd.c:1703)
==42653==  Address 0x7fc000690 is on thread 1's stack
==42653==  in frame #3, created by guess_address (netaddress.c:231)
```

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-07 14:26:52 +01:00
Michael Schmoock
4507203a48 doc: fees on listpeers 2020-12-07 14:26:36 +01:00
Michael Schmoock
ce1a2f134a pytest: tests fee_base and fee_ppm on listpeers 2020-12-07 14:26:36 +01:00
Michael Schmoock
c4b7f4d9d2 feat: adds local halfchan fees to listpeers
This will add `fee_base` (msat) and `fee_ppm` (u32 num) to the RPC
`listpeers` output.

Changelog-Added: fee_base and fee_ppm to listpeers
2020-12-07 14:26:36 +01:00
Rusty Russell
e13e3e90ec onchaind: cap max_possible_feerate using commitment transaction.
The commitment tx uses the same feerate as the HTLC txs (which we have
to grind to find), but we can't use it directly since the fee could be
increased by the presence of dust HTLCs.  We can still use it to cap
the maximum though.

Time before: 1m6.984s
Time after:  0m15.794s

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Fixed: onchaind is much faster when unilaterally closing old channels.
2020-12-07 14:23:59 +01:00
Rusty Russell
5bc61e77cb onchaind: speed up HTLC matching by skipping identical CLTVs.
We try signatures to see which HTLC (we can have many) is the right one;
we can trivially match htlcs against commitment tx outputs, but the CTLV
can vary, and that's inside the htlc tx itself.

By sorting them, it's easy to skip comparing duplicates:

Time before: 2m32.547s
Time after: 1m6.984s

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-07 14:23:59 +01:00
Rusty Russell
e9e6f72d7c bitcoin_tx_check: don't rely on tmpctx.
We assert() this in onchaind while grinding fees; better to free newtx.

Before this we hit 530MB, after a mere 2.5MB.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Fixed: onchaind uses much less memory on unilateral closes for old channels.
2020-12-07 14:23:59 +01:00
Rusty Russell
f22d719d2c onchaind: test stressful input.
In particular, this made valgrind OOM, and chewed much CPU.  I dumped the
input and output into a file to allow easy replay.

This will break as soon as we change onchaind's wire format, but it will
serve its purpose until then!

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-07 14:23:59 +01:00
Rusty Russell
af8eabb9a7 common/daemon: remove notifiers on root at cleanup.
Under some circumstances, valgrind complains.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-07 14:23:59 +01:00
Rusty Russell
ff8830876d wire/tlvstream: add tlv_make_fields helper to populate ->fields array.
This is vital for calculating merkle trees; I previously used
towire+fromwire to get this!

Requires generation change so we can magic the ARRAY_SIZE var (the C
pre-processor can't uppercase things).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-04 20:16:54 -06:00
Rusty Russell
5c167d16ab tools/generate-wire.py: use helpers.
This was terrible cut & paste.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-04 20:16:54 -06:00
Rusty Russell
dc83e64003 tools/generate-wire: don't use void * pointers for tlv fromwire.
And fix up the one place which got it wrong.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-04 20:16:54 -06:00
Rusty Russell
c5a2e64fd4 plugins/libplugin-pay: expose gossmap for plugin special effects.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-04 20:16:54 -06:00
Rusty Russell
695a8bd868 lightningd: split onion_message hook.
Only way to be sure that plugins don't accidentally respond to onion_message
sent via reply path from another message (which would potentially leak our
identity!).

To quote BOLT #7 (Onion Messages) in the offers PR:

```markdown
The reader:
- MUST ignore any message which contains a `blinding` which it did not expect, or does not contain
  a `blinding` when one is expected.
...
`blinding` is critical to the use of blinded paths: there are various
means by which a blinded path is passed to a node.  The receipt of an
expected `blinding` indicates that blinded path has been used: it is
important that a node not accept unblinded messages when it is expecting
a blinded message, as this implies the sender is probing to detect if
the recipient is the terminus of the blinded path.

Similarly, since blinded paths don't expire, a node could try to use
a blinded path to send an unexpected message hoping for a response.
```

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-04 20:16:54 -06:00
Rusty Russell
61422193d9 channeld: hand input blinding to lightningd.
Required to determine if this msg used expected reply path.

Also remove FIXME (om->enctlv is handled above).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-04 20:16:54 -06:00
Rusty Russell
54c57e7495 libplugin-pay: don't expose bolt11 details.
When we support bolt12, this won't exist.  We only need min_final_cltv_expiry,
routes and features, so put them into struct payment explicitly.

We move the default final ctlv out to the caller, too, which is clearer.
e.g. keysend was using this value, but it was hard to tell.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-04 20:16:54 -06:00
Christian Decker
76124eb800 pyln: Replace undecodeable symbols when tailing logs
Logs may contain non-ASCII and non-UTF8 symbols, which crashes the
tailer. It's better to replace them with a glyph representing
undecodeable symbols instead, and handle the issue further up the
call-chain.
2020-12-04 18:34:12 -06:00
Christian Decker
bb0910999e pytest: Use datetime.strptime instead of datetime.fromisoformat
The latter is available only starting with Python 3.7, and it's the
only test that fails with <3.7. This allows us to keep on testing with
older versions.
2020-12-04 18:34:12 -06:00
Christian Decker
c9d24b1de2 pyln: Set the prefix in TailableProc
We rely on it when logging, but didn't set it in the class, rather we
did in the sub-classes. This proved to be rather annoying to search
since it'd just fail silently and not log any output.
2020-12-04 18:34:12 -06:00
João Paulo
7514d7fb48 plugins: add txprepare to .gitignore
Changelog-None
2020-12-04 11:30:58 +10:30
Rusty Russell
dc745cdf2f peer_htlcs.c: close taken() leak.
Found in tests/test_connection.py::test_restart_many_payments:

`lightningd: outstanding taken(): lightningd/peer_htlcs.c:532:towire_temporary_channel_failure(((void *)0), ((void *)0))`

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-03 11:35:30 +01:00
Rusty Russell
e4950db9a3 pytest: recreate wallet on bitcoind restart.
Doesn't seem to stick in master.  Andy Chow suggested we
simply turn off wallet on older versions, and always create/load.

```
[gw8] [ 40%] FAILED tests/test_misc.py::test_bitcoind_goes_backwards

============================================================= FAILURES ==============================================================
___________________________________________________ test_bitcoind_goes_backwards ____________________________________________________
[gw8] linux -- Python 3.8.5 /usr/bin/python3

node_factory = <pyln.testing.utils.NodeFactory object at 0x7f931859a760>
bitcoind = <pyln.testing.utils.BitcoinD object at 0x7f931865eee0>

    def test_bitcoind_goes_backwards(node_factory, bitcoind):
        """Check that we refuse to acknowledge bitcoind giving a shorter chain without explicit rescan"""
        l1 = node_factory.get_node(may_fail=True, allow_broken_log=True)

        bitcoind.generate_block(10)
        sync_blockheight(bitcoind, [l1])
        l1.stop()

        # Now shrink chain (invalidateblock leaves 'headers' field until restart)
        bitcoind.rpc.invalidateblock(bitcoind.rpc.getblockhash(105))
        # Restart without killing proxies
        bitcoind.rpc.stop()
        TailableProc.stop(bitcoind)
        bitcoind.start()

        # Will simply refuse to start.
        with pytest.raises(ValueError):
            l1.start()

        # Nor will it start with if we ask for a reindex of fewer blocks.
        l1.daemon.opts['rescan'] = 3

        with pytest.raises(ValueError):
            l1.start()

        # This will force it, however.
        l1.daemon.opts['rescan'] = -100
        l1.start()

        # Now mess with bitcoind at runtime.
>       bitcoind.generate_block(6)

tests/test_misc.py:1307:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
contrib/pyln-testing/pyln/testing/utils.py:399: in generate_block
    return self.rpc.generatetoaddress(numblocks, self.rpc.getnewaddress())
contrib/pyln-testing/pyln/testing/utils.py:322: in f
    return proxy._call(name, *args)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <bitcoin.rpc.RawProxy object at 0x7f93184f6a30>, service_name = 'getnewaddress', args = ()
postdata = '{"version": "1.1", "method": "getnewaddress", "params": [], "id": 1}'
headers = {'Authorization': b'Basic cnBjdXNlcjpycGNwYXNz', 'Content-type': 'application/json', 'Host': 'localhost', 'User-Agent': 'AuthServiceProxy/0.1'}
response = {'error': {'code': -18, 'message': 'No wallet is loaded. Load a wallet using loadwallet or create a new one with createwallet. (Note: A default wallet is no longer automatically created)'}, 'id': 1, 'result': None}
```
2020-12-03 11:35:30 +01:00
Rusty Russell
4424b41c65 channeld: fix gcc warning on gcc 8.3.0 (Debian 8.3.0-6)
```
channeld/channeld.c:237:2: error: ‘shutdown_status’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
```

Reported-by: az0re on IRC
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-03 11:33:40 +01:00
Rusty Russell
1a3c0a0c0d invoice: fix potential race where invoice is paid/expired while we're calling hook.
There's actually a (very unlikely) race here: we would previously have
crashed with an assertion in invoices_resolve.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-02 16:50:12 +10:30
ZmnSCPxj jxPCSnmZ
a437936c78 lightningd/log.c: Fix up handling of SIGHUP.
Fixes: #4240

ChangeLog-Fixed: log: Do not terminate on the second received SIGHUP.
2020-12-02 16:48:48 +10:30
ZmnSCPxj jxPCSnmZ
67d8fdcc75 tests/test_misc.py: Add a test for issue #4240. 2020-12-02 16:48:48 +10:30
niftynei
4185a86d90 df-mfc: set the minimum input weight to 110 iif v2
We only need a bumped up input weight if we're talking to nodes that
require v2.
2020-12-02 14:19:08 +10:30
niftynei
b01734087d df-mfc: set protocol type when we know it
We'll use it for figuring out whether or not to set a utxo witness
minimum, which comes much before we were setting this field.

Now we set the protocol as soon as we can reasonably deduce it.
2020-12-02 14:19:08 +10:30
niftynei
e81d78ec4c fundpsbt/utxopsbt: new min_witness_weight param
Needed for v2 of channel opens, where the minimum weight is 110; a
'simple utxo' (sig + key) weighs in at 107, so we a need a way to
establish a floor for this case.

Changelog-Added: JSON-RPC: fundpsbt/utxopsbt have new param, `min_witness_utxo`, which sets a floor for the weight calculation of an added input
2020-12-02 14:19:08 +10:30
niftynei
b4aebc17a1 bitcoin: break out method to calculate input weight
We have a required minimum witness weight for dual funded opens.
2020-12-02 14:19:08 +10:30
niftynei
b23c6c50a0 df-tests: use multifundchannel pathways instead of custom plugin
Since fundchannel/multifundchannel now handles v2 opens, we use that
instead of this hacked together plugin.
2020-12-02 14:19:08 +10:30
niftynei
9f74dd9fb3 df: rename the dual_open wires to match other daemon wires 2020-12-02 14:19:08 +10:30
Rusty Russell
0ad269f5b6 invoice: make invoice_payment hook a multi-user hook.
We register on it for offers, and without this nobody else can.

Changelog-Changed: plugins: more than one plugin can now register invoice_payment hook.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-02 12:56:15 +10:30
Rusty Russell
ca2bd98082 unittest: use common_setup / common_shutdown almost everywhere.
Avoids much cut & paste.  Some tests don't need any of it, but most
want at least some of this infrastructure.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-02 12:55:09 +10:30