Commit Graph

295 Commits

Author SHA1 Message Date
Rusty Russell
4dbfce6057 wire: move towire/fromwire_preimage out to bitcoin/preimage.c.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-05-18 14:51:12 +02:00
Rusty Russell
27220646c3 common/wire: move bitcoin-specific marshalling functions into bitcoin files.
We did this originally because these types are referred to in the bolts, and we
had no way of injecting the correct include lines into those.  Now we do, so
there's less excuse for this.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-05-18 14:51:12 +02:00
Rusty Russell
f77d70d546 common/json: move rest of bitcoin/lightning-specific json functions to json_helpers.
This dramatically reduces the linking requirements of lightning-cli.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-05-18 14:51:12 +02:00
Rusty Russell
6635fe12e4 common/test/run-features.c: fix cppcheck 1.90 false positive.
We only use sizeof(f1->bits).

```
common/test/run-features.c:84:36: error: Uninitialized variable: f1 [uninitvar]
 for (size_t i = 0; i < ARRAY_SIZE(f1->bits); i++) {
                                   ^
```

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-05-18 14:51:12 +02:00
lisa neigut
39d5117210 utxo: add scriptSig + scriptPubkey field
Allow the utxo object to bear the scriptSig and scriptPubKey
2020-05-07 08:43:00 +09:30
Rusty Russell
3b4a06f52b common: generalize ecdh function.
common/onion is going to need to use this for the case where it finds a blinding
seed inside the TLV.  But how it does ecdh is daemon-specific.

We already had this problem for devtools/gossipwith, which supplied a
special hsm_do_ecdh().  This just makes it more general.

So we create a generic ecdh() interface, with a specific implementation
which subdaemons and lightningd can use.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-04-04 16:08:49 +10:30
Rusty Russell
cf43e44378 common/features: don't use internal global.
Turns out that unnecessary: all callers can access the feature_set,
so make it much more like a normal primitive.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-04-03 13:13:21 +10:30
darosior
13fbce90ca common/amount: accept 0msat in parse_amount_sat()
Changelog-fixed: bcli now handles 0msat outputs in gettxout.

Co-authored-by: Rusty Russell <rusty@rustcorp.com.au>
2020-04-01 10:20:03 +10:30
Rusty Russell
c95e58ad4b subdaemons: initialize feature routines with explicit feature_set.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-03-31 13:36:02 +02:00
Rusty Russell
afb76392e4 common/features: use bitmaps internally, have explicit init function.
This is to prepare for dynamic features, including making plugins first
class citizens at setting them.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-03-31 13:36:02 +02:00
Rusty Russell
8c984fbf1d common: make sphinx.c use hmac.c.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-03-25 14:26:28 +10:30
Christian Decker
59b6159e56 sphinx: Functions to enable RV mode and serialize compressed onions
We will later use these to generate RV compressed onions and to opt into the
rendezvous style generation.
2020-03-12 10:25:01 +10:30
Rusty Russell
2aad3ffcf8 common: tal_dup_talarr() helper.
This is a common thing to do, so create a macro.

Unfortunately, it still needs the type arg, because the paramter may
be const, and the return cannot be, and C doesn't have a general
"(-const)" cast.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-27 14:16:16 +10:30
Rusty Russell
73ad9b5c0a common: avoid locale dependent strtod(3)
Replace `json_to_double()` (which uses `strtod(3)`) with our own
floating-point parsing function `json_to_millionths()` that
specifically expects to receive such a number that can fit in a
64 bit integer after being multiplied by 1 million.

The main piece of the code in this patch comes from
https://github.com/ElementsProject/lightning/pull/3535#discussion_r381041419

Changelog-None
2020-02-27 09:07:04 +10:30
Vasil Dimov
89ceb273f5 wire: remove towire_double()
Before this patch we used to send `double`s over the wire by just
copying them. This is not portable because the internal represenation
of a `double` is implementation specific.

Instead of this, multiply any floating-point numbers that come from
the outside (e.g. JSONs) by 1 million and round them to integers when
handling them.

* Introduce a new param_millionths() that expects a floating-point
  number and returns it multipled by 1000000 as an integer.

* Replace param_double() and param_percent() with param_millionths()

* Previously the riskfactor would be allowed to be negative, which must
  have been unintentional. This patch changes that to require a
  non-negative number.

Changelog-None
2020-02-27 09:07:04 +10:30
Christian Decker
9b976da3bc features: Add featurebits_or helper to combine two featurebitstrings
We will be doing this when collecting featurebits from the plugins, so make
this a reusable function.
2020-02-11 13:53:31 +10:30
Rusty Russell
5d2fdfe66b common: add check that pico-valued invoices are round numbers.
Otherwise you can ask for a sub-millisatoshi amount, which is dumb and
violates the spec.

See-also: https://github.com/lightningnetwork/lightning-rfc/pull/736
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Changed: We now reject invoices which ask for sub-millisatoshi amounts
2020-02-05 14:19:12 +01:00
Rusty Russell
3e9d4de02e common: add testing for proposed bolt11 additional tests.
See-also: https://github.com/lightningnetwork/lightning-rfc/pull/736
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-05 14:19:12 +01:00
Rusty Russell
d8e933aac7 common: add pico-BTC parsing test from proposed BOLT.
See-also: https://github.com/lightningnetwork/lightning-rfc/pull/699
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-05 14:19:12 +01:00
Rusty Russell
7028493d01 common: implement route comparison in run-bolt11.
This next test will have route hints.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-02-05 14:19:12 +01:00
darosior
3510c29e5d common: move json_stream helpers to common/json
Now that we have json_stream in common/, we can move all the related
helpers from lightningd/json to common/json. This way everyone can
benefit of them (including libplugin, the plugins themselves,
potentially lightning-cli), not lightningd alone!

Note that the Makefile of the common/test/ had to be modified, because
the new helpers make use of common/wireaddr... Which turns out to
\#include <lightingd/lightningd.h> ! So we couldnt just include the .c
and add mocks if we redefined some structs (hello run-param).
2020-02-04 13:24:32 +10:30
Wladimir J. van der Laan
e4c6fd89b7 Add missing extern qualifiers for gcc 10
GCC 10 defaults to `-fno-common`. no longer automatically sharing
global variable definitions, which makes it important to define
them in only one place (otherwise there will be duplicate definition
errors). Add `extern` qualifiers where (I think) is the best place for
them.
2020-02-02 12:59:17 +10:30
Rusty Russell
8055389b90 common: remove version qualifiers from BOLT11 now changes are merged.
We also update since the merged version sets feature bit 9 (as it's
supposed to now that we tied that to payment_secret).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-01-31 06:07:56 +00:00
Vasil Dimov
55173a56b7 Use dedicated type for error codes
Before this patch we used `int` for error codes. The problem with
`int` is that we try to pass it to/from wire and the size of `int` is
not defined by the standard. So a sender with 4-byte `int` would write
4 bytes to the wire and a receiver with 2-byte `int` (for example) would
read just 2 bytes from the wire.

To resolve this:

* Introduce an error code type with a known size:
  `typedef s32 errcode_t`.

* Change all error code macros to constants of type `errcode_t`.
  Constants also play better with gdb - it would visualize the name of
  the constant instead of the numeric value.

* Change all functions that take error codes to take the new type
  `errcode_t` instead of `int`.

* Introduce towire / fromwire functions to send / receive the newly added
  type `errcode_t` and use it instead of `towire_int()`.

In addition:

* Remove the now unneeded `towire_int()`.

* Replace a hardcoded error code `-2` with a new constant
  `INVOICE_EXPIRED_DURING_WAIT` (903).

Changelog-Changed: The waitinvoice command would now return error code 903 to designate that the invoice expired during wait, instead of the previous -2
2020-01-31 06:02:47 +00:00
Rusty Russell
1099f6a5e1 common: use struct onionreply.
This makes it clear we're dealing with a message which is a wrapped error
reply (needing unwrap_onionreply), not an already-wrapped one.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-01-23 16:17:42 +10:30
Rusty Russell
aae5148206 common: remove onionreply type from sphinx.c
It's only mildly used, and I really to use onionreply in a more
generic sense in the next patch.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-01-23 16:17:42 +10:30
Vasil Dimov
2ea91f834c Add the missing space between "if" and "("
Changelog-None
2020-01-06 12:57:59 +01:00
Rusty Russell
f7ebbb2ec5 common: make sphinx code ignorant of payload format.
Now "raw_payload" is always the complete string (including realm or length
bytes at the front).

This has several effects:
1. We can receive an decrypt an onion which is grossly malformed.
2. We can still hand this to the htlc_accepted hook.
3. We then fail it unless the htlc_accepted accepts it manually.
4. The createonion API now takes the raw payload, and does not know
   anything about "style".

The only caveat is that the sphinx code needs to know the payload
length: we have a call for that, which simply tells it to copy the
entire onion (and treat us as the final node) if it's invalid.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-12-09 14:33:31 +01:00
Christian Decker
626675c83c tlv: Migrate tlv serialization to typesafe function 2019-12-03 00:37:15 +00:00
Christian Decker
55d8dcc907 param: Encapsulate hops parsing in a param_hops_array helper
Suggested-by: Rusty Russell <@rustyrussell>
Signed-off-by: Christian Decker <@cdecker>
2019-12-01 15:40:47 +01:00
gorazdko
a3961c4e06 unit test: run sphinx unit test by default 2019-11-26 21:25:25 +01:00
gorazdko
d5a6072642 unit test: fix test vectors in run-sphinx 2019-11-26 21:25:25 +01:00
gorazdko
e8ce9d0327 unit test: fix run-sphinx dependencies and update mocks 2019-11-26 21:25:25 +01:00
Rusty Russell
3b37c9d426 common/features: clean up feature handling for different cases.
The spec is (RSN!) going to explicitly denote where each feature should
be presented, so create that infrastructure.

Incorporate the new proposed bolt11 features, which need this.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-11-24 23:33:17 +00:00
Rusty Russell
854c64ffee common/bolt11: add secret support.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-11-24 23:33:17 +00:00
Rusty Russell
09cdbb70eb common: make BOLT11 use the normal feature array.
This was decided at a recent spec meeting: in particular, mpp and
var_onion_optin options will be used here.

We enhanced "features_supported" into "features_unsupported" so it
can return the first un-handlable bit number.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-11-24 23:33:17 +00:00
Rusty Russell
ebac3d2a85 spec: update to experimental BOLTs with secret/total_amount.
Also pulls in a new onion error (mpp_timeout).  We change our
route_step_decode_end() to always return the total_msat and optional
secret.

We check total_amount (to prohibit mpp), but we do nothing with
secret for now other than hand it to the htlc_accepted hook.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-11-24 23:33:17 +00:00
Christian Decker
baffa84291 sphinx: Decode payload and place shortcuts in the route-step
We'll need to pass them around anyway, so just make them easier to access by
doing a bit more to `process_onionpacket`.
2019-11-22 04:40:25 +00:00
Christian Decker
d69a43780c sphinx: Use the new fromwire_tlv_payload function
We wire in the code-generated function, which removes the upfront validation
and add the validation back after the `htlc_accepted` hook returns. If a
plugin wanted to handle the onion in a special way it'll not have told us to
just continue.
2019-11-22 04:40:25 +00:00
Rusty Russell
00cb5adfe6 common: allow subdaemons to specify the node_id in status messages.
This is ignored in subdaemons which are per-peer, but very useful for
multi-peer daemons like connectd and gossipd.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-11-18 04:50:22 +00:00
Rusty Russell
0211712f5e sphinx: separate nonfinal from final interface, add tlv option.
For legacy, they were the same, but for TLV we care whether it's the
final hop or not.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-11-14 10:15:33 +01:00
Rusty Russell
b7bbccd6fa common/sphinx: handle decoding of TLV payload.
We add routines to decode the expected fields from both legacy and tlv
hop formats.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-11-14 10:15:33 +01:00
Rusty Russell
bd55f6d940
common/features: only support a single feature bitset.
This is mainly an internal-only change, especially since we don't
offer any globalfeatures.

However, LND (as of next release) will offer global features, and also
expect option_static_remotekey to be a *global* feature.  So we send
our (merged) feature bitset as both global and local in init, and fold
those bitsets together when we get an init msg.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-10-11 02:52:04 +00:00
Rusty Russell
d5eca470dc utils: add set_softref() / clear_softref().
We often want a pointer which will turn to NULL if the pointed-to thing is
freed.  This is possible with tal objects, so create it.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-10-10 21:48:52 -05:00
lisa neigut
af4ffe5fcd dev-forget-channel: accept passing in channel_id
This patch adds a channel_id parameter to allow for specifying
channels that are lacking a short_channel_id.

Useful in the case where a peer has 1) multiple channels (ONCHAIN etc)
and 2) a channel where the funding transaction hasn't been
broadcast/mined.
2019-10-10 05:57:45 +00:00
Christian Decker
7283efa5b5 elements: Add amount_asset to support more than just plain satoshis
Currently the only source for amount_asset is the value getter on a tx output,
and we don't hand it too far around (mainly ignoring it if it isn't the
chain's main currency). Eventually we could bubble them up to the wallet, use
them to select outputs or actually support assets in the channels.

Since we don't hand them around too widely I thought it was ok for them to be
pass-by-value rather than having to allocate them and pass them around by
reference. They're just 41 bytes currently so the overhead should be ok.

Signed-off-by: Christian Decker <@cdecker>
2019-10-03 04:32:57 +00:00
Christian Decker
c38afc5512 tx: Switch to amount_sat for fee computations
Suggested-by: Rusty Russell <@rustyrussell>
2019-10-03 04:32:57 +00:00
Christian Decker
d5f0c08a88 elements: Remove global is_elements variable in favor of chainparams
No need to keep duplicate globals.
2019-10-03 04:32:57 +00:00
darosior
a4204226b4 Tidy up parse_wireaddr_from_hostname 2019-09-28 02:49:24 +00:00
Rusty Russell
0da074cad3 BOLT: update bolt quotes now that TLVs are not experimental.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-09-22 01:17:11 +00:00
darosior
48fde4f0a5 wireaddr: correct the onion case in wireaddr_from_hostname
And, this time, add tests !
2019-09-16 05:05:24 +00:00
lisa neigut
19e65068a9 json: move param node_id parser to common
Going to need this for a plugin that's external
2019-09-11 23:56:27 +00:00
Rusty Russell
1e7b1276a9 common/gossip_rcvd_filter: cache for received gossip.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-09-06 14:35:01 +02:00
Rusty Russell
a134062f98 bolt11: handle 9 fields for new features.
This implements https://github.com/lightningnetwork/lightning-rfc/pull/656

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-09-05 23:39:05 -05:00
Rusty Russell
2e3eadbe91 common/features: expose feature bitmap low-level functions.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-09-05 23:39:05 -05:00
Rusty Russell
2241e25cb4 test: move run-bigsize into common to match common/bigsize.
And make it use bigsize accessors directly, not via fromwire/towire.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-07-31 23:25:59 +00:00
Rusty Russell
3fa375881a bigsize: make it a proper first-class type.
It doesn't belong in bitcoin, and should not be confused with varint_t.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-07-31 23:25:59 +00:00
Christian Decker
9288a7906b tx: Add chainparams to struct bitcoin_tx as context
The way we build transactions, serialize them, and compute fees depends on the
chain we are working on, so let's add some context to the transactions.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-07-31 23:22:54 +00:00
Christian Decker
660921a9dd sphinx: Introduce a runtest command to the onion tool
The `runtest` command takes a JSON onion spec, creates the onion and decodes
it with the provided private keys. It is fully configurable and can be used
for the test-vectors in the spec.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-07-30 02:14:49 +00:00
Christian Decker
a0a1a1f752 sphinx: Add function to add a new v0 hop to a sphinx_path
This is just taking the existing serialization code and repackaging it in a
more useful form.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-07-30 02:14:49 +00:00
Rusty Russell
b03369ea2d common: generalize json_tok_remove.
It assumes the head of the array is the object/array we want to remove from,
but that's not true if we're trying to remove from a sub-object.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-07-28 06:09:56 +00:00
Rusty Russell
1e6eabf018 developer: add --dev-force-channel-secrets.
We don't have this on a per-channel basis (yet), but it's sufficient for testing
now.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-07-17 12:55:37 -05:00
lisa neigut
7046d0220c makefiles: move all unit tests under make check-units
Isolate unit tests under their own make directive.
2019-06-30 16:41:30 +09:30
Rusty Russell
f1b57063f7 bitcoin/tx: use fromwire_fail in pull_bitcoin_tx.
This is the correct way to mark failure: it also sets *max to 0.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-06-21 03:56:59 +00:00
Rusty Russell
220449e1cd ccan: import ccan/json_out and ccan/json_escape.
These are generalized from our internal implementations.

The main difference is that 'struct json_escaped' is now 'struct
json_escape', so we replace that immediately.

The difference between lightningd's json-writing ringbuffer and the
more generic ccan/json_out is that the latter has a better API and
handles escaping transparently if something slips through (though
it does offer direct accessors so you can mess things up yourself!).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-06-12 02:00:15 +00:00
Rusty Russell
2a2341c56c bolt11: fix decoding and encoding of unknown fields.
Fixes: #2527
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-05-10 11:25:36 +00:00
Lawrence Nahum
a9e71d76b5 update libwally to latest version 0.6.9
Also removes a workaround caused by bug in libwally (!95) which has
been fixed.

Signed-off-by: Lawrence Nahum <lawrence@greenaddress.it>
2019-04-23 15:18:57 +02:00
Rusty Russell
e0ec9ac521 libwally: update to 0.6.8.
This fixes block parsing on testnet; specifically, non-standard tx versions.

We hit a type bug in libwally (wallt_get_secp_context()) which I had to
work around for the moment, and the updated libsecp adds an optional hash
function arg to the ECDH function.

Fixes: #2563
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-04-13 18:55:15 +02:00
Rusty Russell
a2fa699e0e Use node_id everywhere for nodes.
I tried to just do gossipd, but it was uncontainable, so this ended up being
a complete sweep.

We didn't get much space saving in gossipd, even though we should save
24 bytes per node.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-04-09 12:37:16 -07:00
Rusty Russell
b4455d517c common/node_id: new type.
Node ids are pubkeys, but we only use them as pubkeys for routing and checking
gossip messages.  So we're packing and unpacking them constantly, and wasting
some space and time.

This introduces a new type, explicitly the SEC1 compressed encoding
(33 bytes).  We ensure its validity when we load from the db, or get it
from JSON.  We still use 'struct pubkey' for peer messages, which checks
validity.

Results from 5 runs, min-max(mean +/- stddev):
	store_load_msec,vsz_kb,store_rewrite_sec,listnodes_sec,listchannels_sec,routing_sec,peer_write_all_sec
	39475-39572(39518+/-36),2880732,41.150000-41.390000(41.298+/-0.085),2.260000-2.550000(2.336+/-0.11),44.390000-65.150000(58.648+/-7.5),32.740000-33.020000(32.89+/-0.093),44.130000-45.090000(44.566+/-0.32)

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-04-09 12:37:16 -07:00
Christian Decker
d651ce6f3b wally: Migrate main daemon to use wally transactions
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-04-08 00:00:00 +00:00
Christian Decker
369a85e289 wally: Use output and input setters when signing / grinding feerate
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-04-08 00:00:00 +00:00
Rusty Russell
f5dc8b9d52 JSON: allow any number of decimal points when parsing 'btc' suffix.
I tried to fundchannel 0.01btc, and of course it wanted 8 decimals exactly.
If I can't get this right, it's probably a bad idea.

I still don't allow whole number of btc though, since that's probably a mistake
and you're not supposed to put that much in c-lightning yet :)

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-02-23 03:09:37 +00:00
Rusty Russell
948ca470ad bitcoin: use amount_sat/amount_msat.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-02-21 08:01:37 +00:00
Rusty Russell
3ac0e814d0 daemons: use amount_msat/amount_sat in all internal wire transfers.
As a side-effect of using amount_msat in gossipd/routing.c, we explicitly
handle overflows and don't need to pre-prune ridiculous-fee channels.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-02-21 08:01:37 +00:00
Rusty Russell
b5dcb93e5f wallet: use amount_msat / amount_sat.
We change struct utxo to use amount_sat, and paper over the JSON APIs.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-02-21 03:44:44 +00:00
Rusty Russell
3ba544bfde common/bolt11: use struct amount_msat
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-02-21 03:44:44 +00:00
Rusty Russell
177cfd9edc common: json_to_msat and json_to_sat helpers.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-02-21 03:44:44 +00:00
Rusty Russell
a25e22737c common/json_tok: add param_msat / param_sat.
The current param_sat accepts "any": rename and move that to invoice.c
where it's called.  We rename it to param_msat_or_any and invoice.c
is our first (trivial) amount_msat user.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-02-21 03:44:44 +00:00
Rusty Russell
023923e6a8 amount: minor comment and text improvements and remove unused function.
Reported-by: @niftynei
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-02-21 00:44:57 +00:00
Rusty Russell
7fad7bccba common/amount: new types struct amount_msat and struct amount_sat.
They're generally used pass-by-copy (unusual for C structs, but
convenient they're basically u64) and all possibly problematic
operations return WARN_UNUSED_RESULT bool to make you handle the
over/underflow cases.

The new #include in json.h means we bolt11.c sees the amount.h definition
of MSAT_PER_BTC, so delete its local version.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-02-21 00:44:57 +00:00
Rusty Russell
7b59e26dd7 jsmn: upgrade so JSMN_OBJECT's size parameter is usable.
jsmn would accept invalid JSON objects.  This is bad because it would
set ->size incorrectly: we expect to have at least size * 2 tokens (in
pairs).  We want to rely on ->size, but this would create an exploitable
buffer overflow!

Fortunately, this is fixed upstream, so we add a test and upgrade to v1.0.0.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-01-17 16:22:32 +01:00
Rusty Russell
be8006a4fc common/test/run-param: fix parsing test.
Wasn't using valid JSON, but worked anyway.  This is actually OK
because we don't rely on tok->size, but we want to, so another fix
coming.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-01-17 16:22:32 +01:00
Rusty Russell
774973263c common/test/run-json: check tok->size is as expected.
The external/jsmn/README.md only says:
		int size;        // Number of child (nested) tokens

But it only counts *direct* children, or *direct* members for an object.

This test verifies this (the bug proved to be elsewhere: see next patch!).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-01-17 16:22:32 +01:00
Rusty Russell
e65b680807 json: move bitcoin/lightning specific helpers into common/json_helpers.
We don't need them in common/json, since lightning-cli doesn't need these,
but plugins want them.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-01-15 12:01:38 +01:00
Christian Decker
94eb2620dc bolt: Updated the BOLT specification to the latest version
This is mainly just copying over the copy-editing from the
lightning-rfc repository.

[ Split to just perform changes after the UNKNOWN_PAYMENT_HASH change --RR ]

Signed-off-by: Christian Decker <decker.christian@gmail.com>
Reported-by: Rusty Russell <@rustyrussell>
2019-01-15 02:19:56 +00:00
Rusty Russell
7b7a1b7040 test/run-param: fix malformed JSON.
jsmn seems happy with this, but it's Not Right!

Reported-by: @niftynei
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-12-20 03:22:32 +00:00
Rusty Russell
bc41ab2cb9 param: make json_tok_ handlers all return command_result, rename to param_
Handers of a specific form are both designed to be used as callbacks
for param(), and also dispose of the command if something goes wrong.

Make them return the 'struct command_result *' from command_failed(),
or NULL.  

Renaming them just makes sense: json_tok_XXX is used for non-command-freeing
parsers too.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-12-20 03:22:32 +00:00
Rusty Russell
93bf7c4839 param: make command sinks (fail/success) return a special type.
These routines free the 'struct command': a common coding error is not
to return immediately.

To catch this, we make them return a non-NULL 'struct command_result
*', and we're going to make the command handlers return the same (to
encourage 'return command_fail(...)'-style usage).

We also provide two sources for external use:
1. command_param_failed() when param() fails.
2. command_its_complicated() for some complex cases.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-12-20 03:22:32 +00:00
Rusty Russell
adf08f8914 common/json: restore json_delve() for simple plugin parsing.
This was removed (as unused) in 6269a4c55d592e8720b7f2a304c21f61f7931238;
now I've even added tests.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-12-20 03:22:32 +00:00
Rusty Russell
d7e233e47d Move json and param core functionality into common, for plugins.
json_escaped.[ch], param.[ch] and jsonrpc_errors.h move from lightningd/
to common/.  Tests moved too.

We add a new 'common/json_tok.[ch]' for the common parameter parsing
routines which a plugin might want, taking them out of
lightningd/json.c (which now only contains the lightningd-specific
ones).

The rest is mainly fixing up includes.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-12-10 00:00:50 +00:00
Rusty Russell
061938068f json: rename json_tok_bitcoin_amount.
json_tok* is used with 'struct command', so rename this to match the other
low-level json tok helpers.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-12-10 00:00:50 +00:00
Rusty Russell
86c517ac9b common/json: add context arg to json_parse_input.
All callers currently just hand the same arg twice, but plugins might
want this different.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-12-10 00:00:50 +00:00
Rusty Russell
dffe2f516a signature: wrap almost all signatures in struct bitcoin_signature.
This is prep work for when we sign htlc txs with
SIGHASH_SINGLE|SIGHASH_ANYONECANPAY.

We still deal with raw signatures for the htlc txs at the moment, since
we send them like that across the wire, and changing that was simply too
painful (for the moment?).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-12-06 23:11:51 +01:00
Rusty Russell
23540fe956 common: make funding_tx and withdraw_tx share UTXO code.
They both do the same thing: convert utxos into tx inputs.  Share code.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-12-06 23:11:51 +01:00
Rusty Russell
a046af4416 lightningd/test: move some tests to common/ and channeld/
These unit tests stayed under lightningd/ even though the units they test
are elsewhere.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-12-06 23:11:51 +01:00
Mark Beckwith
164c76454c test: add json_tok_remove unit tests
Signed-off-by: Mark Beckwith <wythe@intrig.com>
2018-12-06 02:06:03 +00:00
Jon Griffiths
087ef43a0d Call wally_init(0) on startup to enabled assembly-optimised SHA-256
We probably also want to call secp_randomise/wally_secp_randomize here
too, and since these calls all call setup_tmpctx, it probably makes
sense to have a helper function to do all that. Until thats done, I
modified the tests so grepping will show the places where the sequence
of calls is repeated.

Signed-off-by: Jon Griffiths <jon_p_griffiths@yahoo.com>
2018-11-21 01:18:24 +00:00
Rusty Russell
bc230c837e bolt11: make sure we handle uppercase invoices.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-11-02 05:58:01 +00:00
Rusty Russell
3d1005f83c common/bolt11: test for invoices without hrp separator.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-11-02 05:58:01 +00:00
Rusty Russell
305795b01e common/json: move JSON creation routines into lightningd/
It's the only user of them, and it's going to get optimized.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>

gossip.pydiff --git a/common/test/run-json.c b/common/test/run-json.c
index 956fdda35..db52d6b01 100644
2018-10-19 22:02:11 +00:00
Christian Decker
0ee0da0eb8 common: Add a test for io_lock
Totally forgot to add this test. It just shows how a writer can take
exclusive access of a socket over multiple `io_write` calls, and
queuing all others behind it.
2018-10-11 01:43:55 +00:00
Rusty Russell
41b0872f58 Use localfeatures and globalfeatures consistently.
That's what BOLT #1 calls them; make it easier for people to grep.

Reported-by: @niftynei
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-09-28 04:14:28 +00:00
Rusty Russell
a24ed20dee common/cryptomsg: remove unused async routines.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-09-28 04:14:28 +00:00
Rusty Russell
d1552bd1eb test/run-cryptomsg.c: move out of lightningd/ into common/
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-09-28 04:14:28 +00:00
Christian Decker
c3f433ec66 json: Support streaming JSON messages
It turns out we were heavily relying on the fact that after each message from
the client there'd be a flush, and that there would not be anything after the
JSON object we read. This will no longer be the case once we start streaming
things or we are very quick in issuing the JSON-RPC requests.

This just takes one of the error paths (incomplete read) and makes it into a
successful path if we have indeed read a full root element.
2018-09-25 05:47:23 +00:00
Rusty Russell
8340d8c070 secret_eq: remove in favor of constant time variant.
To be safe, we should never memcmp secrets.  We don't do this
currently outside tests, but we're about to.

The tests to prove this as constant time are the tricky bit.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-08-23 14:46:22 +02:00
practicalswift
ba4282f935 Don't advertise features we don't have in run-sphinx 2018-07-31 16:30:56 +02:00
Rusty Russell
5cf34d6618 Remove tal_len, use tal_count() or tal_bytelen().
tal_count() is used where there's a type, even if it's char or u8, and
tal_bytelen() is going to replace tal_len() for clarity: it's only needed
where a pointer is void.

We shim tal_bytelen() for now.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-07-30 11:31:17 +02:00
Rusty Russell
5d815238cf common/derive_basepoints: complete the set of single-value derive functions.
This helps make it explicit what we're deriving; these two were missing.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-07-24 00:40:01 +02:00
Rusty Russell
64008e275a common/derive_basepoints: add routines to get a specific secret.
Often we only need a single secret, so it's clearer to have routines
to do just that.  When we change to the lnd key scheme, there will be
no benefit in calculating them all together.

This also adds a test!

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-07-17 12:32:00 +02:00
Rusty Russell
fed5a117e7 Update ccan/structeq.
structeq() is too dangerous: if a structure has padding, it can fail
silently.

The new ccan/structeq instead provides a macro to define foo_eq(),
which does the right thing in case of padding (which none of our
structures currently have anyway).

Upgrade ccan, and use it everywhere.  Except run-peer-wire.c, which
is only testing code and can use raw memcmp(): valgrind will tell us
if padding exists.

Interestingly, we still declared short_channel_id_eq, even though
we didn't define it any more!

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-07-04 23:57:00 +02:00
Rusty Russell
0dc406c07a common/bolt11.c: fix up BOLT 11 references.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-06-18 12:31:09 +02:00
Rusty Russell
4359f46ffd features: fix features_supported() function.
1. We need to test all bits, not all bytes.
2. Both local and global features need to be supported.
3. Untested code is broken code.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-05-15 15:04:34 +02:00
Rusty Russell
5a0bc83b20 Tor: don't do seed queries if we're supposed to always use proxy.
Risks leakage.  We could do lookup via the proxy, but that's a TODO.

There's only one occurance of getaddrinfo (and no gethostbyname), so
we add a flag to the callers.

Note: the use of --always-use-proxy suppresses *all* DNS lookups, even
those from connect commands and the command line.

FIXME: An implicit setting of use_proxy_always is done in gossipd if it
determines that we are announcing nothing but Tor addresses, but that
does *not* suppress 'connect'.

This is fixed in a later patch.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-05-10 02:28:44 +00:00
Rusty Russell
d5e4d52563 common/base32: make this a simple tal-wrapper around ccan/base32.
And use it in wireaddr.

We fix up the double '.onion' in the test case, which seems like an error?

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-05-10 02:28:44 +00:00
Saibato
877f63e99e Initial TOR v2/v3 support.
This is a rebased and combined patch for Tor support.  It is extensively
reworked in the following patches, but the basis remains Saibato's work,
so it seemed fairest to begin with this.

Minor changes:
1. Use --announce-addr instead of --tor-external.
2. I also reverted some whitespace and unrelated changes from the patch.
3. Removed unnecessary ';' after } in functions.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-05-10 02:28:44 +00:00
Rusty Russell
d40d22b68e gossipd: don't try to connect to non-routable addresses.
Someone could try to announce an internal address, and we might probe
it.

This breaks tests, so we add '--dev-allow-localhost' for our tests, so
we don't eliminate that one.  Of course, now we need to skip some more
tests in non-developer mode.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-05-07 22:37:28 +02:00
Rusty Russell
6b2282fc1d wireaddr_internal: new type for where we can also use a local socket.
This was something @icota implemented, but it fits logically into this
cleanup series.  We create a new type which is the internal generalization
of a wireaddr (which is defined by the spec), and add a case here for
a socket name.

Based-on-the-true-story-by: @icota
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-05-07 22:37:28 +02:00
practicalswift
abf510740d Force the use of the POSIX C locale for all commands and their subprocesses 2018-04-27 14:02:59 +02:00
Christian Decker
c635396766 common: Moving some bech32 related utilities to bech32_util
These were so far only used for bolt11 construction, but we'll need them for the
DNS seed as well, so here we just pull them out into their own unit and prefix
them.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2018-04-25 12:34:55 +02:00
practicalswift
0eff28c80f Assert our parse_wireaddr assumptions in run-ip_port_parsing.c
We assume that the parse_wireaddr(...) calls return true.
Otherwise addr.port will be uninitialized.
2018-04-15 17:45:47 +02:00
Christian Decker
723b64036f jsonrpc: Pretty-print the json results
Just a small cleanup of the indentation code, so we don't have to reformat all
the issue reports to become readable. This is much closer to what `jq` or
`json_pp` spit out and doesn't have those infinitely long lines.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2018-04-08 08:26:00 +00:00
Rusty Russell
09c4203767 bolt11: allow multiple fallback addresses.
We can have more than one; eg we might offer both bech32 and a p2sh
address, and in future we might offer v1 segwit, etc.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-04-06 14:26:53 +02:00
Rusty Russell
8975fc2ceb libwally: use their secp context for all our daemons.
I didn't convert all tests: they can still use a standalone context.
It's just marginally more efficient to share the libwally one for all
our daemons which link against it anyway.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-04-03 14:03:28 +02:00
practicalswift
7e9750ffee Reduce variable scopes 2018-03-26 01:31:21 +00:00
Rusty Russell
7ae013202f json: make json_add_string do partial escapes.
This is useful when we log a JSON-escaped string, so we don't double-escape.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-03-26 00:20:53 +00:00
Rusty Russell
d92579f627 common/json_escaped: new type which explicitly notes a string is already JSON.
Trivial to use as a string, but it still means you should be careful
around it.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-03-26 00:20:53 +00:00
Rusty Russell
0a6e3d1e13 utils: remove tal_tmpctx altogether, use global.
In particular, we now only free tmpctx at the end of main().

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-03-16 00:16:10 +00:00
Christian Decker
08bfb740f5 onion: Move cli onion tool to devtools/onion
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2018-03-09 17:57:55 +01:00
ZmnSCPxj
f7f55edcdb wireaddr: Do hostname resolution in parse_wireaddr.
Fixes: #834
2018-02-26 03:13:55 +00:00
practicalswift
91a9c2923f Mark intentionally unused parameters as such (with "UNUSED") 2018-02-22 01:09:12 +00:00
Rusty Russell
eb0603bd13 wireaddr: rework port parsing for weird addresses.
We save wireaddr to databases as a string (which is pretty dumb) but
it turned out that my local node saved '[::ffff:127.0.0.1]:49150'
which our parser can't parse.

Thus I've reworked the parser to make fewer assumptions:
parse_ip_port() is renamed to separate_address_and_port() and is now
far more accepting of different forms, and returns failure only on
grossly malformed strings.  Otherwise it overwrites its *port arg only
if there's a port specified.  I also made it static.

Then fromwire_wireaddr() hands the resulting address to inet_pton to
figure out if it's actually valid.

Cc: William Casarin <jb55@jb55.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-02-08 19:14:21 +01:00
Rusty Russell
7f03e15e03 json_add_string_escape: for escaping internally-generated strings.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-02-02 00:05:00 +01:00
Björge Dijkstra
648e4feee2 Extend json unit test with tests for json_tok_bitcoin_amount() 2018-01-13 00:15:03 +01:00
William Casarin
ce1d709d44 wireaddr: fix ipv6 formatting with ports in fmt_wireaddr
Correctly format ipv6 address with ports. This will also make it more compatible
with the new parse_wireaddr, which has been updated to parse ports. They are
inverses now.

Also add some tests that check this.

Signed-off-by: William Casarin <jb55@jb55.com>
2017-12-21 09:56:20 +00:00
William Casarin
3e7aabe256 test: add tests for parse_ip_port
This tests the basic functionality of parse_ip_port, which is used in
parse_wireaddr.

Signed-off-by: William Casarin <jb55@jb55.com>
2017-12-21 09:56:20 +00:00
Rusty Russell
0610f66c34 bolt11: handle r value fee spec change.
We don't use it yet, but now we'll decode correctly.

See: https://github.com/lightningnetwork/lightning-rfc/pull/317
lightning-rfc commit: ef053c09431442697ab46e83f9d3f86e3510a18e

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-12 11:45:44 +01:00
Christian Decker
9bcb01e710 fixup! common/test: add spec tests for bolt11. 2017-11-24 13:22:18 +01:00
Rusty Russell
ae6faf7f9c common/test: add spec tests for bolt11.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-24 13:22:18 +01:00
Rusty Russell
112ae0d0f5 common/test/run-json: test JSON escaping.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-01 09:46:05 +01:00
Rusty Russell
ab634dfcdd common/test_sphinx: change to standard run- format.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-01 09:46:05 +01:00
Rusty Russell
7200002773 tests: detect and close leaks in unit tests.
Fixes: #288
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-09-29 10:20:08 +09:30
Rusty Russell
4f6ae3209b common/test/test_sphinx: build fixes.
It isn't currently included in make check, so fix it to build and do that.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-09-11 14:29:20 +02:00
Rusty Russell
739b163f8b Makefiles: simplify dependencies.
Gather all binaries and objects and make the depend on external
requirements and common headers.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-08-29 17:54:14 +02:00