Commit Graph

7110 Commits

Author SHA1 Message Date
lisa neigut
0cee553ed7 remove reverted feature desc 2019-10-28 15:23:37 -05:00
Rusty Russell
21d2cc663b lightningd: apply feerate changes correctly.
Feerate changes are asymmetric, as they can only be sent by the funder.

For FUNDER, the remote feerate is set when upon send of
commitment_signed, and the local feerate is set on receipt of
revoke_and_ack.

For non-funder, the local feerate is set on receipt of
commitment_signed, and the remote feerate set on send of
revoke_and_ack.  In our code, these two happen together.

channeld gets this right, but lightningd ignored the funder/fundee
distinction, and as a result, receipt of a commitment_signed by the
funder altered fees in the database.  If there was a reconnection
event or restart, then these (incorrect) values would be used, causing
us to complain about a 'Bad commit_sig signature' and close the
channel.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-10-28 13:07:41 -05:00
Rusty Russell
61e1d6431c pytest: stress fee_update code, trigger bug.
A 'Bad commit_sig signature' was reported by @Javier on Telegram and
@DarthCoin.  This was between two c-lightning peers, so definitely our fault.

Analysis of this message revealed the signature was using the wrong
feerate.  I finally managed to make a test case which triggered this.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-10-28 13:07:41 -05:00
Rusty Russell
f6571460ff configure: fix FreeBSD which has sqlite3 in /usr/local
Fixes: #3080
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-10-27 21:42:54 -05:00
arowser
0985c6e219 Fix build fail on 32bit OS. 2019-10-23 07:23:33 +11:00
Rusty Russell
4d0c2e93bf common: remove spammy debug msg.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-10-22 07:05:47 -07:00
lisa neigut
d5706b80c0 rc3 2019-10-21 15:29:43 +02:00
Rusty Russell
35bbba68a5 Revert "gossipd: query_messages: fail the connection if peer says it does not have up-to-date infos"
This reverts commit 7fd2f6db6d.

We want to set 'complete' to false in future if we don't know
everything!
2019-10-21 15:28:42 +02:00
Rusty Russell
2801d98e34 pytest: allow bad gossip in test_pay_direct.
Whenever we have multi-connected nodes, out-of-order gossip is possible.
In particular, if a node_announcement is 1 second fresher than the
channel_announcement, a timestamp_filter might get one and not the
other.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-10-21 14:08:05 +02:00
Rusty Russell
bc430cced3 gossipd: fix false-positive memleak detection in pending_node_map.
lightning_gossipd(17421): MEMLEAK: 0x564b4b17b5a8
    ligtning_gossipd(17421):   label=gossipd/routing.c:1490:struct pending_node_announce
    lightning_gossipd(17421):   backtrace:
    lightning_gossipd(17421):     ccan/ccan/tal/tal.c:437 (tal_alloc_)
    lightning_gossipd(17421):     gossipd/routing.c:1490 (catch_node_announcement)
    lightning_gossipd(17421):     gossipd/routing.c:1837 (handle_channel_announcement)
    lightning_gossipd(17421):     gossipd/gossipd.c:238 (handle_channel_announcement_msg)
    lightning_gossipd(17421):     gossipd/gossipd.c:461 (peer_msg_in)
    lightning_gossipd(17421):     common/daemon_conn.c:31 (handle_read)
    lightning_gossipd(17421):     ccan/ccan/io/io.c:59 (next_plan)
    lightning_gossipd(17421):     ccan/ccan/io/io.c:407 (do_plan)
    lightning_gossipd(17421):     ccan/ccan/io/io.c:417 (io_ready)
    lightning_gossipd(17421):     ccan/ccan/io/poll.c:445 (io_loop)
    lightning_gossipd(17421):     gossipd/gossipd.c:1700 (main)
    lightning_gossipd(17421):   parents:
    lightning_gossipd(17421):     gossipd/routing.c:294:struct routing_state

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-10-21 14:08:05 +02:00
Kristaps Kaupe
e16ac08f6f Change order of paragraphs in manpage of fundchannel 2019-10-21 14:01:49 +02:00
Christian Decker
21c8eaf105 pytest: Check for null access warnings in tests 2019-10-21 13:56:10 +02:00
Christian Decker
396e8224fa db: Add a migration to set received_time on forwards in rare cases
The case where this is needed is when the wallet had a forwarded payment
somewhere between commits 66a47d2 (which started tracking forwardings) and
d901304 (which added the `received_time` column). This just emulates the
behavior of sqlite3 for postgres as well.

Signed-off-by: Christian Decker <@cdecker>
2019-10-21 13:56:10 +02:00
Christian Decker
1ecad0cc53 db: Maybe a bit too pedantic?
Checking on whether we access a null field is ok, but should we crash right
away? Probably not. This reduces the access to a warning on sqlite3 and let's
it continue. We can look for occurences and fix them as they come up and then
re-arm the asserts once we addressed all cases.
2019-10-21 13:56:10 +02:00
Christian Decker
712595f0d2 db: Wire in the logs into the database so we can give feedback 2019-10-21 13:56:10 +02:00
lisa neigut
f5e4a30c8d add gettext to build release script
new dependency for this build means we need it
2019-10-20 22:33:23 +02:00
Rusty Russell
78c9d69111 gossipd: makes probe larger.
These are fairly cheap, and it's important to make sure we're not
missing gossip.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-10-18 16:12:42 +02:00
Rusty Russell
4b33b50625 gossipd: ask a peer for *every* channel it knows on startup.
Asking for the last few blocks was logical, but my node is missing
most gossip in practice.

For the moment, simply ask a peer for every channel it knows, once
we're started up.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-10-18 16:12:42 +02:00
Rusty Russell
79df507442 gossipd: exclude early blocks from random probes.
When probing, no point probing for before lightning became cool.  Current
logic means we often probe below block 500,000, and think things are OK
because there are no short_channel_ids.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-10-18 16:12:42 +02:00
Christian Decker
be49a599bc elements: Do not get upset if we see a confidential asset or value
I made some assumptions that turn out not to be true, mea culpa.
2019-10-18 16:10:17 +02:00
Christian Decker
d35ec902f4 elements: Work around libwally getting upset with helpful flags
libwally really is pedantic about the kind of hints it will accept.

Signed-off-by: Christian Decker <@cdecker>
2019-10-18 16:10:17 +02:00
Christian Decker
3c3d7e2df4 connectd: Do not clobber the for-variable when resolving over DNS
We were using `i` as index variable in two nested loops. This works as long as
the DNS seed resolves to a single address, but will crash if the node has both
an A as well as an AAAA entry, at which point we'll try to index the hostname
without a matching entry.

Signed-off-by: Christian Decker <@cdecker>
2019-10-18 14:34:49 +02:00
lisa neigut
6b1b99d7de release 0.7.3 2019-10-18 08:32:15 +02:00
Christian Decker
0a641c9443 pytest: Don't assume UTXO ordering when selecting coins
This was failing because the internal coin-selection doesn't go by insertion
order when using postgres.
2019-10-18 08:29:46 +02:00
Christian Decker
ec8d774b29 db: Make column access way more pedantic
We should never access a nulled field, so add an assert to that effect.
2019-10-18 08:29:46 +02:00
Christian Decker
12f40f2227 db: Add _or_default variants for column accesses
We were implicitly relying on sqlite3 behavior that returns the zero-value for
nulled fields when accessing them. This adds the same behavior explicitly to
the DB abstraction in order to reduce `db_column_is_null` checks in the logic,
but still make it evident what is happening here.

Fixes https://github.com/fiatjaf/mcldsp/issues/1

Signed-off-by: Christian Decker <@cdecker>
2019-10-18 08:29:46 +02:00
Christian Decker
894627a287 db: Fix report and commit order for DB transactions
Reported-by: Simon Vrouwe <@SimonVrouwe>
Signed-off-by: Christian Decker <@cdecker>
2019-10-18 08:29:46 +02:00
Christian Decker
2ab56214ca json-rpc: Fix spacing issue in error report
There was a non-breakable space and a missing space in the error message for
missing utxo params.
2019-10-18 08:29:46 +02:00
darosior
4083e077a4 configure: test XChaCha20Poly1305 stream state for HAVE_GOOD_LIBSODIUM
author: @rustyrussell
2019-10-17 23:42:15 +02:00
Rusty Russell
79e2c3f89a gossipd: don't crash if we're forced to discard corrupt gossip store.
When we're in remove_all_gossip, we *don't* call free_chan, but free it
manually.  This trips over the developer-mode check that we called free_chan!
Make it also insert the magic so that destroy_chan_check passes:

lightning_gossipd: gossipd/routing.c:496: destroy_chan_check: Assertion `chan->sat.satoshis == (u64)chan' failed.
lightning_gossipd: FATAL SIGNAL 6 (version v0.7.3rc2-2-gf89d7c1)
0x5632436a4544 send_backtrace
	common/daemon.c:41
0x5632436a45ea crashdump
	common/daemon.c:54
0x7f053c3c7f5f ???
	???:0
0x7f053c3c7ed7 ???
	???:0
0x7f053c3a9534 ???
	???:0
0x7f053c3a940e ???
	???:0
0x7f053c3b9011 ???
	???:0
0x563243698b9d destroy_chan_check
	gossipd/routing.c:496
0x5632436dca46 notify
	ccan/ccan/tal/tal.c:235
0x5632436dcf35 del_tree
	ccan/ccan/tal/tal.c:397
0x5632436dd2c1 tal_free
	ccan/ccan/tal/tal.c:481
0x56324369f004 remove_all_gossip
	gossipd/routing.c:2981
0x563243692f5d gossip_store_load
	gossipd/gossip_store.c:772
0x56324368eff4 gossip_init
	gossipd/gossipd.c:872
0x563243690cbb recv_req
	gossipd/gossipd.c:1580
0x5632436a4a69 handle_read
	common/daemon_conn.c:31
0x5632436cc7ae next_plan
	ccan/ccan/io/io.c:59
0x5632436cd32b do_plan
	ccan/ccan/io/io.c:407
0x5632436cd369 io_ready
	ccan/ccan/io/io.c:417
0x5632436cf52f io_loop
	ccan/ccan/io/poll.c:445
0x56324369102f main
	gossipd/gossipd.c:1700

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-10-17 23:40:05 +02:00
darosior
f89d7c1d74 hsm encryption: correct salt length 2019-10-17 15:51:55 +02:00
darosior
3c038e4171 hsm encryption: don't include '\n' when deriving the encryption key 2019-10-17 15:51:55 +02:00
lisa neigut
f278416708 changelog: update to rc2 2019-10-15 22:38:34 +02:00
lisa neigut
49d5a36751 funding: integration tests for close_to
Check behavior for user supplied upfront_shutdown_script via close_to


Header from folded patch 'fix__return__not__iff_well_close_to_the_provided_addr.patch':

fix: return  not  iff we'll close to the provided addr
2019-10-15 19:10:05 +02:00
lisa neigut
422b4502d3 funding: add RPC arg to specify a 'close_to' address
Takes advantage of upfront-shutdown-script to permit users to
specify the close-to address for a channel at open, by adding
a `close_to` field to `fundchannel_start`.

Note that this only is in effect if `fundchannel_start` returns
with `close_to` set -- otherwise, peer doesn't
support `option_upfront_shutdown_script`.
2019-10-15 19:10:05 +02:00
Rusty Russell
624b76e32e gossipd: fix stale scid query.
We always ended up sending an empty query when we had stale scids!
And it turns out we consider such a query invalid:

    Bad query_short_channel_ids query_flags 010506226e46111a0b59caaf126043eb5bbf28c34f3a5e332a1fc7b2b73cf188910f000100010100

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-10-15 18:05:54 +02:00
Rusty Russell
e462bd4de0 gossipd: increase number of gossiping peers.
We only chose 3 peers to gossip with us (down from 8 last release).
There's no justification for this number, or reason to believe that
it is sufficient to keep us in sync.

Be more conservative for now; we can always decrease it later once
we have more data.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-10-15 18:05:54 +02:00
Rusty Russell
41d8308b68 seeker: be more random with node_announcement probes.
polling the last 32 is fairly useless in practice, since they tend to
be recent nodes; it won't detect long-forgotten ones.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-10-15 18:05:54 +02:00
Rusty Russell
1e59d2a738 gossipd: count channel_updates on new channels correctly.
If we get a channel_update while we're still verifying the channel_announcement
we didn't set the peer pointer, so it didn't get credit.  As a result, the
seeker tended to think we were done gossiping sooner than we were.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-10-15 18:05:54 +02:00
Rusty Russell
3702f0f17b pylightning: bump version number.
We should add this to the release checklist!  It was last changed
for version 0.7.1.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-10-15 17:15:23 +02:00
Rusty Russell
ab48ecf07c pylightning: wrap signmessage/checkmessage.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-10-15 17:15:23 +02:00
Rusty Russell
ad48814746 doc: man pages for checkmessage and signmessage.
They're a little subtle, so let's spell out exactly what checkmessage
means.  In particular, we avoid discussing key derivation from a
signature, as it tends to get people (like me!) into trouble: we
describe it instead as iterating through every known node.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-10-14 18:58:44 -05:00
Rusty Russell
e5d9c7effc lightningd: checkmessage can intuit pubkey in some cases.
*If* we know the key has signed something else (as is the case for
channel_announcement) then we can effectively trust the key derivation.

This matches how LND's VerifyMessage works, though in the next patch
we will document it exactly.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-10-14 18:58:44 -05:00
Rusty Russell
034ed1711c gossipd: fix memleak when we getnodes has no nodes.
In this case, node_arr is NULL.  Triggered by the next test.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-10-14 18:58:44 -05:00
Rusty Russell
150598e061 tests: add test for signmessage and lightning-checkmessage.
Thanks Twitter helpers @duck1123 and @jochemin for tests!
And @bitconner for the initial test vector.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-10-14 18:58:44 -05:00
Rusty Russell
1f0b86e575 lightningd: add checkmessage JSON command.
I wanted to call it verifymessage, but then I read the LND API for that
and wanted nothing to do with it!

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-10-14 18:58:44 -05:00
Rusty Russell
b81ed5be86 devtools: lightning-lightning-checkmessage to validate zbase32 node sigs
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-10-14 18:58:44 -05:00
Rusty Russell
3955ddfce6 lightningd: add zbase32 encoding to signmessage
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-10-14 18:58:44 -05:00
Rusty Russell
fc9a2a5dba lightningd: add signmessage JSON command.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-10-14 18:58:44 -05:00
Rusty Russell
889216e0a9 hsmd: add support for signing a lightning msg from nodeid.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-10-14 18:58:44 -05:00