Commit Graph

68 Commits

Author SHA1 Message Date
Rusty Russell
425143646c channeld: fix dev_disconnect.
I noted a spurious failure on test_reconnect_sender_add1: we
actually sent an update_commit, which should have been suppressed.

This was because we call dev_disconnect() when we *dequeue* the packet,
which might be too late to suppress the timer.  So instead, call it
when the packet in enqueued, and flush synchronously to make sure
we get the right packet.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-21 09:13:28 +01:00
Rusty Russell
795a03e8c4 fromwire_bitcoin_tx: quieten leak reporting.
We create a temporary tx which is a child of the real tx, for simplicity of
marshalling.  That's OK.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-20 12:43:10 +01:00
Christian Decker
ecde138071 channel: Send local_add_channel to gossip on funding_locked
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2017-12-20 06:14:53 +00:00
Rusty Russell
db1b9ffb61 channeld: print out error msg if we receive one.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-19 14:40:26 +01:00
Christian Decker
a8a6d1d669 channel: Directly send announcements and updates to gossipd
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2017-12-17 02:44:20 +00:00
Rusty Russell
94711969f9 gossipd: hand out gossip_index to other daemons.
When gossipd sends a message, have a gossip_index.  When it gets back a
peer, the current gossip_index is included, so it can know exactly where
it's up to.

Most of this is mechanical plumbing through openingd, channeld and closingd,
even though openingd and closingd don't (currently) read gossip, so their
gossip_index will be unchanged.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-17 02:44:20 +00:00
practicalswift
4452e3f3f1 Remove redundant code 2017-12-11 03:38:37 +00:00
practicalswift
307e8c0180 Avoid NULL pointer dereference when new_initial_channel(...) fails 2017-12-09 16:25:57 +01:00
practicalswift
61c47c09d0 Fix typos 2017-12-08 13:07:20 +01:00
Christian Decker
2d9cd4759e hsm: Make the master simply a client with special capabilities 2017-12-03 17:06:13 +01:00
Christian Decker
70bbc46304 Un-break master after merging #389
The #389 introduced some changes that conflicted with
9de3827199 so this ports those changes
into #389 and fixes the `master` branch again.

Lesson learned: always rebase a PR before merging.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2017-12-02 13:00:29 +01:00
Rusty Russell
40516941af channeld: fill in channel_update field in errors by asking gossipd.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-02 12:54:12 +01:00
Rusty Russell
0a596fb043 channel: infrastructure for gossipd request/response.
The same as master request/response: we queue up incoming replies we
don't want for later processing.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-02 12:54:12 +01:00
Rusty Russell
9de3827199 channeld: don't use ccan/io, go sync.
We revert to a simple select() loop.  This makes things simpler, and fixes
the problem where we want to exit but we've partially read a peer packet.

We still queue up outgoing peer packets for non-blocking send: if we
went full sync there, we'd risk deadlock if both sides wrote a huge
number of packets and neither was reading.

This also greatly simplifies the next patches, where we want to make
our first get/response from gossipd.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-02 12:54:12 +01:00
Rusty Russell
ed8d65c8d7 channeld: refer to PEER_FD directly instead of using io_conn_fd(peer->peer_conn)
A no-op change, but reduces the following patch.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-02 12:54:12 +01:00
Rusty Russell
2bed246e10 channeld: generate error messages instead of having master do it.
The master now hands channeld either an error code, and channeld
generates the error message, or an error message relayed from another
node to pass through.

This doesn't fill in the channel_update yet: we need to wire up gossipd
to give us that.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-02 12:54:12 +01:00
Rusty Russell
ee8274b7a1 channeld: handle wrapping error messages messages.
Currently lightningd does this, but channeld is perfectly capable of doing it.
channeld is also in a far better position to add channel_updates to it.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-02 12:54:12 +01:00
Rusty Russell
db372211c0 channeld: save shared secret for incoming htlc when it comes in.
The bulk of this patch is actually hoisting the get_shared_secret()
function (unchanged) so we can call it earlier.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-02 12:54:12 +01:00
Rusty Russell
fc4a7cf103 channeld: return htlc from channel_add_htlc and channel_fail_htlc.
Callers often want to know, and it saves them doing another lookup.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-02 12:54:12 +01:00
Rusty Russell
02411b04e4 channel: remove awaiting_revoke_and_ack flag.
We can tell this more generically because the count of revocations
received != count of commitments sent.  This is the correct condition
which allows us to restore the test we had to eliminate in
c3cb7f1c85.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-02 12:52:18 +01:00
Rusty Russell
a03fe8dc75 channeld: update acceptable feerate ranges.
master was telling us the ranges, but we weren't updating them.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-01 18:30:57 +01:00
Rusty Russell
2329820460 channeld: make sure we wait for revoke_and_ack after rexmit of commitment_signed
We got horribly out-of-sync by sending a feechange and commitment after
we'd re-xmitted the commitment_signed:

lightning_channeld(16003): pid 16003, msgfd 19
lightning_channeld(16003): TRACE: init LOCAL: remote_per_commit = 03e40b239118ab37bd94fe48de0dbc7565a38f7f1028a20f045b4e5fcd6bbb6172, old_remote_per_commit = 03117de1f3de183697e0393e71dc3a04b04d5bec03a23e7371212bb93a67bcce7a next_idx_local = 1 next_idx_remote = 2 revocations_received = 0 feerates 39251/40838 (range 35398-204190)
lightning_channeld(16003): TRACE: Read decrypt 01003b6fdc3ce9edc8524c943ebd833ae02b0fbdbb871f9bdce1c58c8637ebacfaa60a5e4dd8df4046852d783194bc3eeef10388f5a5d8983fbefe9bd0ff24b2a548282dd2eb3bc28015e039f8debf18077904342cd0146622df371c408db3fbe4eb2eb959aac6fd0771cc6a47ce270ec31042b235a2198696656c52c56d42219e4d8bd1f6d3c3b6c108c3cc0ee692d0449a4f4969eb227a9949cb8ab7229fc64f8a5d01b89ff779ac56f085d8a11942f8b5d702b2eba6d19ded7b69baf58bdfaf9443d162751dbab9f9d55e2a467cb1450bc19b832a60e0949bcd253ddc29e7b52922c009df541d8db761b04ad9862bc82ee2d86cfa0f3e730f3d01885b9977ab4200006fe28c0ab6f1b372c1a6a246ae63f74f931e8365e15a089c68d619000000000007905c000581000103aaa47d8296a795110154fa5fca7075d59a10d5914622a6d09ffe20a2ffbd5bb703bc4b957d5ad27b797d6fffa863d74e7946723e67b9084842622fe5e6357475690342423c8dab471815487b40a6ef7f06270c8343e1bbd0bfb80d22096e0ff1f15002d6cda71dde0903fde1939d7afa4f62ffed50c550d9f31f7d8b78955384473f46
lightning_channeld(16003): TRACE: Read decrypt 008854e83a6fa081ae34ddefc9ea3462689732fa3b4c5a4ea571d8d3a109f037e5a400000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000003117de1f3de183697e0393e71dc3a04b04d5bec03a23e7371212bb93a67bcce7a
lightning_channeld(16003): TRACE: Got reestablish commit=1 revoke=0
lightning_channeld(16003): TRACE: Derived key 029cd90c564384a612ea608933bd63aee72543f3b3998a7cbc5ca77ca41c9cb6bc from basepoint 038401ee88c0f7dc9ada0c37a9ce5265ccabce18686649f632bc244fae71bf840d, point 03e40b239118ab37bd94fe48de0dbc7565a38f7f1028a20f045b4e5fcd6bbb6172
lightning_channeld(16003): TRACE: Creating commit_sig signature 1 30440220152767c3ea9d42b19d44ea781f07d5411de918935b674927e43d5f537769376602206cdf2b557207b02bf9ee9805017856462e53fde619d2e3d75476b5c567ea3e14 for tx 020000000154e83a6fa081ae34ddefc9ea3462689732fa3b4c5a4ea571d8d3a109f037e5a5010000000058e9fe8001a22d070000000000160014d0898dc01e4061f7c6b01dba14d1d00a4319c78c81b92f20 wscript 5221022fe5495e572f8f58cbc745e3475427ff6ff51e44dfa8586366b15d1524dbe9ca2103bfd10b2265b5ca1362eba4e7664c250e0d937717e50ec0f14cd47ff25bd6203b52ae key 022fe5495e572f8f58cbc745e3475427ff6ff51e44dfa8586366b15d1524dbe9ca
lightning_channeld(16003): TRACE: peer_out WIRE_FUNDING_LOCKED
lightning_channeld(16003): TRACE: peer_out WIRE_UPDATE_FEE
lightning_channeld(16003): TRACE: peer_in WIRE_FUNDING_LOCKED
lightning_channeld(16003): TRACE: peer_out WIRE_COMMITMENT_SIGNED
lightning_channeld(16003): TRACE: peer_out WIRE_CHANNEL_UPDATE
lightning_channeld(16003): TRACE: peer_in WIRE_CHANNEL_UPDATE
lightning_channeld(16003): TRACE: peer_out WIRE_CHANNEL_ANNOUNCEMENT
lightning_channeld(16003): TRACE: peer_out WIRE_CHANNEL_UPDATE
lightning_channeld(16003): TRACE: peer_in WIRE_CHANNEL_UPDATE
lightning_channeld(16003): TRACE: peer_out WIRE_CHANNEL_UPDATE
lightning_channeld(16003): TRACE: peer_out WIRE_CHANNEL_ANNOUNCEMENT
lightning_channeld(16003): TRACE: peer_out WIRE_CHANNEL_UPDATE
lightning_channeld(16003): TRACE: peer_out WIRE_CHANNEL_ANNOUNCEMENT
lightning_channeld(16003): TRACE: peer_out WIRE_CHANNEL_UPDATE
lightning_channeld(16003): TRACE: peer_out WIRE_CHANNEL_UPDATE
lightning_channeld(16003): TRACE: peer_out WIRE_NODE_ANNOUNCEMENT
lightning_channeld(16003): TRACE: peer_out WIRE_NODE_ANNOUNCEMENT
lightning_channeld(16003): TRACE: Trying commit
lightning_channeld(16003): TRACE: Can't send commit: nothing to send
lightning_channeld(16003): TRACE: Now dealing with deferred WIRE_CHANNEL_FEERATES
lightning_channeld(16003): TRACE: Setting REMOTE feerate to 40840
lightning_channeld(16003): TRACE: Trying commit
lightning_channeld(16003): TRACE: Derived key 029cd90c564384a612ea608933bd63aee72543f3b3998a7cbc5ca77ca41c9cb6bc from basepoint 038401ee88c0f7dc9ada0c37a9ce5265ccabce18686649f632bc244fae71bf840d, point 03e40b239118ab37bd94fe48de0dbc7565a38f7f1028a20f045b4e5fcd6bbb6172
lightning_channeld(16003): TRACE: Creating commit_sig signature 2 304402204f0a041f8626fd28d001cb813c1094f40ebd4b5f99bdd7a06bebaee0de35db200220702c5c62544e512e422fdc141444fddc76410cbda4bbd512d88dc864bd979780 for tx 020000000154e83a6fa081ae34ddefc9ea3462689732fa3b4c5a4ea571d8d3a109f037e5a5010000000058e9fe8001a02d070000000000160014d0898dc01e4061f7c6b01dba14d1d00a4319c78c82b92f20 wscript 5221022fe5495e572f8f58cbc745e3475427ff6ff51e44dfa8586366b15d1524dbe9ca2103bfd10b2265b5ca1362eba4e7664c250e0d937717e50ec0f14cd47ff25bd6203b52ae key 022fe5495e572f8f58cbc745e3475427ff6ff51e44dfa8586366b15d1524dbe9ca
lightning_channeld(16003): TRACE: Telling master we're about to commit...
lightning_channeld(16003): TRACE: Sending master WIRE_CHANNEL_SENDING_COMMITSIG
lightning_channeld(16003): UPDATE WIRE_CHANNEL_SENDING_COMMITSIG
lightning_channeld(16003): TRACE: ... , awaiting WIRE_CHANNEL_SENDING_COMMITSIG_REPLY
lightning_channeld(16003): TRACE: Got it!
lightning_channeld(16003): TRACE: Sending commit_sig with 0 htlc sigs
lightning_channeld(16003): TRACE: peer_out WIRE_UPDATE_FEE
lightning_channeld(16003): STATUS_FAIL_PEER_IO: peer connection broken: Connection reset by peer
lightning_channeld(16003): Status closed, but not exited. Killing

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-01 18:30:57 +01:00
Rusty Russell
daf12e4a4d channeld: channel_update must use peer's htlc_minimum_msat.
As per the spec fix: lightningnetwork/lightning-rfc#287

Reported-by: Pierre-Marie Padiou
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-29 16:56:34 +01:00
Rusty Russell
af7e6158af Makefile: clean needs to do more, distclean should remove everything.
I checked this with git status --ignored after a full build and 'make distclean'.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-24 13:29:03 +01:00
Rusty Russell
552e56d002 channeld: send update_fee messages.
We only send them when we're not awaiting revoke_and_ack: our
simplified handling can't deal with multiple in flights.

Closes: #244
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-23 12:40:32 +01:00
Rusty Russell
c3cb7f1c85 channeld: don't assert that we're expecting revoke_and_ack.
We can have it happen on reconnect due to fee changes; we should really
detect this case, but it's harmless to let it happen as a noop.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-23 12:40:32 +01:00
Rusty Russell
d28ee02cbf channeld: handle feerate on reconnect.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-23 12:40:32 +01:00
Rusty Russell
062f18127d channeld: handle incoming feerate changes.
We allow from the 100-confirm economical rate to 5x the immediate rate.

Closes: #243
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-23 12:40:32 +01:00
Rusty Russell
6fac3438dd channeld: track feerates.
Handling feerates for the fundee (who only receives fee_update) is
simple: it's practically atomic since we accept commitment and send
revocation, thus they're applied to both sides at once.

Handling feerates for the funder is more complex: in theory we could
have multiple in flight.  However, if we avoid this using the same
logic as we use to suppress multiple commitments in flight, it's
simple again.

We fix the test code to use real feerate manipulation, thus have to
remove an assert about feerate being non-zero.  And now we have
feechanges, we need to rely on the changes_pending flags, as we can
have changes without an HTLCs changing.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-23 12:40:32 +01:00
Rusty Russell
8999e2293a channeld: implement approx_max_feerate.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-23 12:40:32 +01:00
Rusty Russell
f45d962a14 channeld: implement and refine fee-related functions.
We had some in the header, now implement them, and add a channel_feerate()
accessor.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-23 12:40:32 +01:00
Rusty Russell
b836b452dc feerate: keep feerates separately for each side.
When we support changing them, they can be different during the transition.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-23 12:40:32 +01:00
Rusty Russell
f1e4cad9d4 feerate: use u32 everywhere.
The wire protocol uses this, in the assumption that we'll never see feerates
in excess of 4294967 satoshi per kiloweight.

So let's use that consistently internally as well.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-23 12:40:32 +01:00
Rusty Russell
40315bfb91 test: fix dependencies.
Test objects must be added to $(ALL_OBJS) so they correctly depend on
CCAN headers etc.

Also, each test in a subdir must depend on headers and src in the parent
directory, as it will often #include them directly.

Reported-by: Christian Decker
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-22 19:40:46 +01:00
Rusty Russell
37b4ab306e run-channel.c: move under channeld/
This also fixes dependencies, since it actually depends on channeld objects.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-22 19:40:46 +01:00
Rusty Russell
0a131c6389 channel: use flag to indicate we're awaiting revoke_and_ack.
We currently scan through HTLCs: this isn't enough if we've only got a
feechange in the commitment, so use a flag (but keep both for now for
debugging).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-22 19:40:46 +01:00
Rusty Russell
c328a76438 channeld: use flags to track whether changes are pending.
This is required when we have non-HTLC changes (ie. fees).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-22 19:40:46 +01:00
Rusty Russell
5fb4577890 channeld/full_channel: fix incorrect reutrn from channel_rcvd_revoke_and_ack.
It was always returning false; it was supposed to return true if
we had added pending changes.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-22 19:40:46 +01:00
Christian Decker
aeeb0b7011 channel: Re-enable channel after reconnect
Simply done by sending an enabling update after reconnect.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2017-11-20 06:13:45 +00:00
Rusty Russell
fc05779f78 subdaemons: pass back and forth the htlc points.
Openingd sets it to the same as the payment point for the remote side.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-16 17:40:57 +01:00
Rusty Russell
3363bab6c9 channeld: use HTLC key for htlc signatures.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-16 17:40:57 +01:00
Rusty Russell
4db460903a htlc_tx: wire up the htlc points.
All the callers need to pass it in: currently channeld and openingd just
fake it by copying the payment point.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-16 17:40:57 +01:00
Rusty Russell
fe5614a489 basepoints/secrets: add htlc entry
Currently derive_basepoints just sets it to match the payment point/secret.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-16 17:40:57 +01:00
Christian Decker
71c090745b channel: Defer sending the announcement_signature until both lock
We were sending the announcement_signatures as soon as we locally
locked and got the announcement_depth, this doesn't make the channel
usable any sooner and forces the other side to stash the
signature. This defers the announcement_signature until the channel
really is usable.

This is done by adding an additional check for the remote locked
message and adding a trigger on remote lock.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2017-11-14 23:00:01 +00:00
Rusty Russell
71e794a046 lightningd: split ctlv_expiry and final_cltv.
These need to be different for testing the example in BOLT 11.

We also use the cltv_final instead of deadline_blocks in the final hop:
various tests assumed 5 was OK, so we tweak utils.py.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-10-31 14:36:50 +01:00
Rusty Russell
3c6eec87e3 Add DEVELOPER flag, set by default.
This is a bit messier than I'd like, but we want to clearly remove all
dev code (not just have it uncalled), so we remove fields and functions
altogether rather than stub them out.  This means we put #ifdefs in callers
in some places, but at least it's explicit.

We still run tests, but only a subset, and we run with NO_VALGRIND under
Travis to avoid increasing test times too much.

See-also: #176
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-10-26 12:53:09 +02:00
Rusty Russell
954a3990fa gossipd: don't send a peer to master with half-written or half-read packet.
In this case, it was a gossip message half-sent, when we asked the peer
to be released.  Fix the problem in general by making send_peer_with_fds()
wait until after the next packet.

test_routing_gossip/lightning-4/log:
	b'lightning_openingd(8738): TRACE: First per_commit_point = 02e2ff759ed70c71f154695eade1983664a72546ebc552861f844bff5ea5b933bf'
	b'lightning_openingd(8738): TRACE: Failed hdr decrypt with rn=11'
	b'lightning_openingd(8738): STATUS_FAIL_PEER_IO: Reading accept_channel: Success'

test_routing_gossip/lightning-5/log:

	b'lightning_gossipd(8461): UPDATE WIRE_GOSSIP_PEER_NONGOSSIP'
	b'lightning_gossipd(8461): UPDATE WIRE_GOSSIP_PEER_NONGOSSIP'
	b'lightningd(8308): Failed to get netaddr for outgoing: Transport endpoint is not connected'

The problem occurs here on release, but could be on any place where we hand
a peer over when using ccan/io.  Note the other case (channel.c).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-10-25 18:34:35 +02:00
Rusty Russell
ebdecebb1a channeld: send channel_announce and initial update to master, not gossipd.
There is a race we see sometimes under valgrind on Travis which shows
gossipd receiving the node_announce from master before it reads the
channel_announce from channeld, and thus fails.  The simplest solution
is to send the channel_announce and channel_update to master as well,
so it can ensure it sends them to gossipd in order

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-10-24 16:12:22 +02:00
Rusty Russell
2394c9a2e7 crypto_state: move to its own file.
In particular, the main daemon needs to pass it about (marshal/unmarshal)
but it won't need to actually use it after the next patch.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-10-20 18:31:32 +02:00
Rusty Russell
8f057f7fc7 Revert "gossip: send the *other* node's cltv_expiry_delta in channel_announce."
This reverts commit 297e278132.
2017-10-11 11:54:50 +02:00