core-lightning/lightningd/lightningd.h
Rusty Russell 0b79538b18 lightningd: hang up on clients if they make us run out of memory.
This happened with the 800M JSON for the MCP listchannels on the raspberry
pi, and tal calls abort() by default.

We switch to raw malloc here; we could override the error hook for
tal, but this is neater since we're doing low-level things anyway,

I tested it manually with this patch:

   diff --git a/lightningd/json_stream.c b/lightningd/json_stream.c
   index cec9f5771..206ba37c0 100644
   --- a/lightningd/json_stream.c
   +++ b/lightningd/json_stream.c
   @@ -43,6 +43,14 @@ static void free_json_stream_membuf(struct json_stream *js)
    	free(membuf_cleanup(&js->outbuf));
    }
    
   +static void *membuf_realloc_hack(struct membuf *mb, void *rawelems,
   +				 size_t newsize)
   +{
   +	if (newsize > 1000000000)
   +		return NULL;
   +	return realloc(rawelems, newsize);
   +}
   +
    struct json_stream *new_json_stream(const tal_t *ctx,
    				    struct command *writer,
    				    struct log *log)
   @@ -53,7 +61,7 @@ struct json_stream *new_json_stream(const tal_t *ctx,
    	js->reader = NULL;
    	/* We don't use tal here, because we handle failure externally (tal
    	 * helpfully aborts with a msg, which is usually right) */
   -	membuf_init(&js->outbuf, malloc(64), 64, membuf_realloc);
   +	membuf_init(&js->outbuf, malloc(64), 64, membuf_realloc_hack);
    	tal_add_destructor(js, free_json_stream_membuf);
    #if DEVELOPER
    	js->wrapping = tal_arr(js, jsmntype_t, 0);

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-05-22 11:28:44 +00:00

227 lines
5.6 KiB
C

#ifndef LIGHTNING_LIGHTNINGD_LIGHTNINGD_H
#define LIGHTNING_LIGHTNINGD_LIGHTNINGD_H
#include "config.h"
#include <bitcoin/chainparams.h>
#include <bitcoin/privkey.h>
#include <ccan/container_of/container_of.h>
#include <ccan/time/time.h>
#include <ccan/timer/timer.h>
#include <lightningd/htlc_end.h>
#include <lightningd/plugin.h>
#include <stdio.h>
#include <wallet/txfilter.h>
#include <wallet/wallet.h>
/* Various adjustable things. */
struct config {
/* How long do we want them to lock up their funds? (blocks) */
u32 locktime_blocks;
/* How long do we let them lock up our funds? (blocks) */
u32 locktime_max;
/* How many confirms until we consider an anchor "settled". */
u32 anchor_confirms;
/* Maximum percent of fee rate we'll accept. */
u32 commitment_fee_max_percent;
/* Minimum percent of fee rate we'll accept. */
u32 commitment_fee_min_percent;
/* Percent of fee rate we'll use. */
u32 commitment_fee_percent;
/* Minimum CLTV to subtract from incoming HTLCs to outgoing */
u32 cltv_expiry_delta;
/* Minimum CLTV if we're the final hop.*/
u32 cltv_final;
/* Fee rates. */
u32 fee_base;
u32 fee_per_satoshi;
/* How long between changing commit and sending COMMIT message. */
u32 commit_time_ms;
/* How often to broadcast gossip (msec) */
u32 broadcast_interval_msec;
/* Channel update interval */
u32 channel_update_interval;
/* Do we let the funder set any fee rate they want */
bool ignore_fee_limits;
/* Number of blocks to rescan from the current head, or absolute
* blockheight if rescan >= 500'000 */
s32 rescan;
/* ipv6 bind disable */
bool no_ipv6_bind;
/* Accept fee changes only if they are in the range our_fee -
* our_fee*multiplier */
u32 max_fee_multiplier;
/* Are we allowed to use DNS lookup for peers. */
bool use_dns;
/* Minimal amount of effective funding_satoshis for accepting channels */
u64 min_capacity_sat;
};
struct lightningd {
/* The directory to find all the subdaemons. */
const char *daemon_dir;
/* Are we told to run in the background. */
bool daemon;
int pid_fd;
/* Our config dir, and rpc file */
char *config_dir;
/* Location of the RPC socket. */
char *rpc_filename;
/* The root of the jsonrpc interface. Can be shut down
* separately from the rest of the daemon to allow a clean
* shutdown, which frees all pending cmds in a DB
* transaction. */
struct jsonrpc *jsonrpc;
/* Configuration file name */
char *config_filename;
/* Configuration settings. */
struct config config;
/* This log_book is owned by all the struct logs */
struct log_book *log_book;
/* Log for general stuff. */
struct log *log;
const char *logfile;
/* This is us. */
struct node_id id;
/* My name is... my favorite color is... */
u8 *alias; /* At least 32 bytes (zero-filled) */
u8 *rgb; /* tal_len() == 3. */
/* Any pending timers. */
struct timers timers;
/* Port we're listening on */
u16 portnum;
/* Do we want to reconnect to other peers? */
bool reconnect;
/* Do we want to listen for other peers? */
bool listen;
/* Do we want to guess addresses to listen and announce? */
bool autolisten;
/* Setup: Addresses to bind/announce to the network (tal_count()) */
struct wireaddr_internal *proposed_wireaddr;
/* Setup: And the bitset for each, whether to listen, announce or both */
enum addr_listen_announce *proposed_listen_announce;
/* Actual bindings and announcables from gossipd */
struct wireaddr_internal *binding;
struct wireaddr *announcable;
/* Bearer of all my secrets. */
int hsm_fd;
struct subd *hsm;
/* Daemon for routing */
struct subd *gossip;
/* Daemon looking after peers during init / before channel. */
struct subd *connectd;
/* All peers we're tracking. */
struct list_head peers;
/* Outstanding connect commands. */
struct list_head connects;
/* Our chain topology. */
struct chain_topology *topology;
/* HTLCs in flight. */
struct htlc_in_map htlcs_in;
struct htlc_out_map htlcs_out;
struct wallet *wallet;
/* Outstanding waitsendpay commands. */
struct list_head waitsendpay_commands;
/* Outstanding sendpay commands. */
struct list_head sendpay_commands;
/* Outstanding close commands. */
struct list_head close_commands;
/* Outstanding ping commands. */
struct list_head ping_commands;
/* Maintained by invoices.c */
struct invoices *invoices;
/* Transaction filter matching what we're interested in */
struct txfilter *owned_txfilter;
/* PID file */
char *pidfile;
/* Number of blocks we wait for a channel to get funded
* if we are the fundee. */
u32 max_funding_unconfirmed;
/* If we want to debug a subdaemon/plugin. */
const char *dev_debug_subprocess;
#if DEVELOPER
/* If we have a --dev-disconnect file */
int dev_disconnect_fd;
/* If we have --dev-fail-on-subdaemon-fail */
bool dev_subdaemon_fail;
/* Allow and accept localhost node_announcement addresses */
bool dev_allow_localhost;
/* Timestamp to use for gossipd, iff non-zero */
u32 dev_gossip_time;
/* Things we've marked as not leaking. */
const void **notleaks;
#endif /* DEVELOPER */
/* tor support */
struct wireaddr *proxyaddr;
bool use_proxy_always;
char *tor_service_password;
bool pure_tor_setup;
struct plugins *plugins;
};
/* Turning this on allows a tal allocation to return NULL, rather than aborting.
* Use only on carefully tested code! */
extern bool tal_oom_ok;
const struct chainparams *get_chainparams(const struct lightningd *ld);
/* Check we can run subdaemons, and check their versions */
void test_subdaemons(const struct lightningd *ld);
/* Notify lightningd about new blocks. */
void notify_new_block(struct lightningd *ld, u32 block_height);
#endif /* LIGHTNING_LIGHTNINGD_LIGHTNINGD_H */