From a613d8d1fb983edd49cdccf1ea6dee0459adb331 Mon Sep 17 00:00:00 2001
From: Rusty Russell <rusty@rustcorp.com.au>
Date: Fri, 1 Jul 2016 11:27:57 +0930
Subject: [PATCH] peer: make id a pointer, NULL until we know peer's ID.

Much better than undefined, and testing for NULL is better than
testing for STATE_INIT.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
---
 daemon/cryptopkt.c | 14 ++++++++++++--
 daemon/log.c       |  2 +-
 daemon/peer.c      | 15 ++++++++-------
 daemon/peer.h      |  2 +-
 daemon/routing.c   |  2 +-
 5 files changed, 23 insertions(+), 12 deletions(-)

diff --git a/daemon/cryptopkt.c b/daemon/cryptopkt.c
index 687810192..1b088fea1 100644
--- a/daemon/cryptopkt.c
+++ b/daemon/cryptopkt.c
@@ -13,6 +13,7 @@
 #include <ccan/endian/endian.h>
 #include <ccan/mem/mem.h>
 #include <ccan/short_types/short_types.h>
+#include <ccan/structeq/structeq.h>
 #include <inttypes.h>
 #include <secp256k1.h>
 #include <secp256k1_ecdh.h>
@@ -351,6 +352,7 @@ static struct io_plan *check_proof(struct io_conn *conn, struct peer *peer)
 	struct signature sig;
 	struct io_plan *(*cb)(struct io_conn *, struct peer *);
 	Authenticate *auth;
+	struct pubkey id;
 
 	auth = pkt_unwrap(peer, PKT__PKT_AUTH);
 	if (!auth)
@@ -362,16 +364,24 @@ static struct io_plan *check_proof(struct io_conn *conn, struct peer *peer)
 		return io_close(conn);
 	}
 
-	if (!proto_to_pubkey(peer->dstate->secpctx, auth->node_id, &peer->id)) {
+	if (!proto_to_pubkey(peer->dstate->secpctx, auth->node_id, &id)) {
 		log_unusual(peer->log, "Invalid auth id");
 		return io_close(conn);
 	}
 
+	/* Did we expect a specific ID? */
+	if (!peer->id)
+		peer->id = tal_dup(peer, struct pubkey, &id);
+	else if (!structeq(&id, peer->id)) {
+		log_unusual(peer->log, "Incorrect auth id");
+		return io_close(conn);
+	}
+	
 	/* Signature covers *our* session key. */
 	sha256_double(&sha,
 		      neg->our_sessionpubkey, sizeof(neg->our_sessionpubkey));
 
-	if (!check_signed_hash(peer->dstate->secpctx, &sha, &sig, &peer->id)) {
+	if (!check_signed_hash(peer->dstate->secpctx, &sha, &sig, peer->id)) {
 		log_unusual(peer->log, "Bad auth signature");
 		return io_close(conn);
 	}
diff --git a/daemon/log.c b/daemon/log.c
index 2be6a2d42..54dd371e4 100644
--- a/daemon/log.c
+++ b/daemon/log.c
@@ -324,7 +324,7 @@ static char *to_string_(const tal_t *ctx,
 			    h->r ? tal_hexstr(ctx, h->r, sizeof(*h->r))
 			    : "UNKNOWN",
 			    h->src ? to_string(ctx, lr, struct pubkey,
-					       &h->src->peer->id)
+					       h->src->peer->id)
 			    : "local");
 	}
 
diff --git a/daemon/peer.c b/daemon/peer.c
index d5a2bdff8..45520c60e 100644
--- a/daemon/peer.c
+++ b/daemon/peer.c
@@ -56,7 +56,7 @@ struct peer *find_peer(struct lightningd_state *dstate, const struct pubkey *id)
 	struct peer *peer;
 
 	list_for_each(&dstate->peers, peer, list) {
-		if (peer->state != STATE_INIT && pubkey_eq(&peer->id, id))
+		if (peer->id && pubkey_eq(peer->id, id))
 			return peer;
 	}
 	return NULL;
@@ -115,9 +115,9 @@ void peer_open_complete(struct peer *peer, const char *problem)
 
 		log_debug(peer->log, "peer open complete");
 		assert(!peer->nc);
-		n = get_node(dstate, &peer->id);
+		n = get_node(dstate, peer->id);
 		if (!n)
-			n = new_node(dstate, &peer->id);
+			n = new_node(dstate, peer->id);
 		peer->nc = add_connection(dstate,
 					  get_node(dstate, &dstate->id), n,
 					  dstate->config.fee_base,
@@ -939,6 +939,7 @@ static struct peer *new_peer(struct lightningd_state *dstate,
 	list_add(&dstate->peers, &peer->list);
 
 	peer->state = STATE_INIT;
+	peer->id = NULL;
 	peer->dstate = dstate;
 	peer->addr.type = addr_type;
 	peer->addr.protocol = addr_protocol;
@@ -2611,7 +2612,8 @@ static void route_htlc_onwards(struct peer *peer,
 		return;
 	}
 
-	log_debug_struct(peer->log, "HTLC forward to %s", struct pubkey, &next->id);
+	log_debug_struct(peer->log, "HTLC forward to %s",
+			 struct pubkey, next->id);
 
 	/* This checks the HTLC itself is possible. */
 	if (!command_htlc_add(next, msatoshis,
@@ -2898,10 +2900,9 @@ static void json_getpeers(struct command *cmd,
 		json_add_string(response, "name", log_prefix(p->log));
 		json_add_string(response, "state", state_name(p->state));
 
-		/* This is only valid after crypto setup. */
-		if (p->state != STATE_INIT)
+		if (p->id)
 			json_add_pubkey(response, cmd->dstate->secpctx,
-					"peerid", &p->id);
+					"peerid", p->id);
 
 		json_add_bool(response, "connected", p->conn && !p->fake_close);
 
diff --git a/daemon/peer.h b/daemon/peer.h
index 08056c242..4c332651c 100644
--- a/daemon/peer.h
+++ b/daemon/peer.h
@@ -137,7 +137,7 @@ struct peer {
 	struct netaddr addr;
 
 	/* Their ID. */
-	struct pubkey id;
+	struct pubkey *id;
 
 	/* Current received packet. */
 	Pkt *inpkt;
diff --git a/daemon/routing.c b/daemon/routing.c
index 16b702dbe..c6b45293c 100644
--- a/daemon/routing.c
+++ b/daemon/routing.c
@@ -218,7 +218,7 @@ struct peer *find_route(struct lightningd_state *dstate,
 
 	msatoshi += *fee;
 	log_info(dstate->base_log, "find_route:");
-	log_add_struct(dstate->base_log, "via %s", struct pubkey, &first->id);
+	log_add_struct(dstate->base_log, "via %s", struct pubkey, first->id);
 	for (i = 0; i < best; i++) {
 		log_add_struct(dstate->base_log, " %s",
 			       struct pubkey, &(*route)[i]->dst->id);