diff --git a/channeld/channel.c b/channeld/channel.c index 2a1b03414..966c71c08 100644 --- a/channeld/channel.c +++ b/channeld/channel.c @@ -160,8 +160,9 @@ static struct io_plan *gossip_client_recv(struct io_conn *conn, type == WIRE_NODE_ANNOUNCEMENT) msg_enqueue(&peer->peer_out, msg); else - status_failed(WIRE_CHANNEL_GOSSIP_BAD_MESSAGE, - "Got bad message from gossipd: %d", type); + status_failed(STATUS_FAIL_GOSSIP_IO, + "Got bad message from gossipd: %s", + tal_hex(msg, msg)); return daemon_conn_read_next(conn, dc); } @@ -191,14 +192,16 @@ static void send_announcement_signatures(struct peer *peer) if (!wire_sync_write(HSM_FD, req)) - status_failed(WIRE_CHANNEL_HSM_FAILED, - "Writing cannouncement_sig_req"); + status_failed(STATUS_FAIL_HSM_IO, + "Writing cannouncement_sig_req: %s", + strerror(errno)); msg = wire_sync_read(tmpctx, HSM_FD); if (!msg || !fromwire_hsm_cannouncement_sig_reply(msg, NULL, &peer->announcement_node_sigs[LOCAL])) - status_failed(WIRE_CHANNEL_HSM_FAILED, - "Reading cannouncement_sig_resp"); + status_failed(STATUS_FAIL_HSM_IO, + "Reading cannouncement_sig_resp: %s", + strerror(errno)); /* Double-check that HSM gave a valid signature. */ sha256_double(&hash, ca + offset, tal_len(ca) - offset); @@ -207,7 +210,7 @@ static void send_announcement_signatures(struct peer *peer) /* It's ok to fail here, the channel announcement is * unique, unlike the channel update which may have * been replaced in the meantime. */ - status_failed(WIRE_CHANNEL_HSM_FAILED, + status_failed(STATUS_FAIL_HSM_IO, "HSM returned an invalid signature"); } @@ -247,13 +250,15 @@ static void send_channel_update(struct peer *peer, bool disabled) msg = towire_hsm_cupdate_sig_req(tmpctx, cupdate); if (!wire_sync_write(HSM_FD, msg)) - status_failed(WIRE_CHANNEL_HSM_FAILED, - "Writing cupdate_sig_req"); + status_failed(STATUS_FAIL_HSM_IO, + "Writing cupdate_sig_req: %s", + strerror(errno)); msg = wire_sync_read(tmpctx, HSM_FD); if (!msg || !fromwire_hsm_cupdate_sig_reply(tmpctx, msg, NULL, &cupdate)) - status_failed(WIRE_CHANNEL_HSM_FAILED, - "Reading cupdate_sig_req"); + status_failed(STATUS_FAIL_HSM_IO, + "Reading cupdate_sig_req: %s", + strerror(errno)); daemon_conn_send(&peer->gossip_client, cupdate); msg_enqueue(&peer->peer_out, cupdate); @@ -328,12 +333,15 @@ static struct io_plan *handle_peer_funding_locked(struct io_conn *conn, peer->old_remote_per_commit = peer->remote_per_commit; if (!fromwire_funding_locked(msg, NULL, &chanid, &peer->remote_per_commit)) - status_failed(WIRE_CHANNEL_PEER_BAD_MESSAGE, - "Bad funding_locked %s", tal_hex(msg, msg)); + peer_failed(PEER_FD, &peer->pcs.cs, &peer->channel_id, + "Bad funding_locked %s", tal_hex(msg, msg)); if (!structeq(&chanid, &peer->channel_id)) - status_failed(WIRE_CHANNEL_PEER_BAD_MESSAGE, - "Wrong channel id in %s", tal_hex(trc, msg)); + peer_failed(PEER_FD, &peer->pcs.cs, &peer->channel_id, + "Wrong channel id in %s (expected %s)", + tal_hex(trc, msg), + type_to_string(msg, struct channel_id, + &peer->channel_id)); peer->funding_locked[REMOTE] = true; wire_sync_write(MASTER_FD, @@ -370,18 +378,18 @@ static struct io_plan *handle_peer_announcement_signatures(struct io_conn *conn, &peer->short_channel_ids[REMOTE], &peer->announcement_node_sigs[REMOTE], &peer->announcement_bitcoin_sigs[REMOTE])) - status_failed(WIRE_CHANNEL_PEER_BAD_MESSAGE, - "Bad announcement_signatures %s", - tal_hex(msg, msg)); + peer_failed(PEER_FD, &peer->pcs.cs, &peer->channel_id, + "Bad announcement_signatures %s", + tal_hex(msg, msg)); /* Make sure we agree on the channel ids */ /* FIXME: Check short_channel_id */ if (!structeq(&chanid, &peer->channel_id)) { - status_failed(WIRE_CHANNEL_PEER_BAD_MESSAGE, - "Wrong channel_id or short_channel_id in %s or %s", - tal_hexstr(trc, &chanid, sizeof(struct channel_id)), - tal_hexstr(trc, &peer->short_channel_ids[REMOTE], - sizeof(struct short_channel_id))); + peer_failed(PEER_FD, &peer->pcs.cs, &peer->channel_id, + "Wrong channel_id or short_channel_id in %s or %s", + tal_hexstr(trc, &chanid, sizeof(struct channel_id)), + tal_hexstr(trc, &peer->short_channel_ids[REMOTE], + sizeof(struct short_channel_id))); } peer->have_sigs[REMOTE] = true; @@ -410,7 +418,6 @@ static struct io_plan *handle_peer_add_htlc(struct io_conn *conn, peer_failed(io_conn_fd(peer->peer_conn), &peer->pcs.cs, &peer->channel_id, - WIRE_CHANNEL_PEER_BAD_MESSAGE, "Bad peer_add_htlc %s", tal_hex(msg, msg)); add_err = channel_add_htlc(peer->channel, REMOTE, id, amount_msat, @@ -420,7 +427,6 @@ static struct io_plan *handle_peer_add_htlc(struct io_conn *conn, peer_failed(io_conn_fd(peer->peer_conn), &peer->pcs.cs, &peer->channel_id, - WIRE_CHANNEL_PEER_BAD_MESSAGE, "Bad peer_add_htlc: %u", add_err); return peer_read_message(conn, &peer->pcs, peer_in); } @@ -497,7 +503,7 @@ static u8 *master_wait_sync_reply(const tal_t *ctx, channel_wire_type_name(fromwire_peektype(msg))); if (!wire_sync_write(MASTER_FD, msg)) - status_failed(WIRE_CHANNEL_INTERNAL_ERROR, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "Could not set sync write to master: %s", strerror(errno)); @@ -507,7 +513,7 @@ static u8 *master_wait_sync_reply(const tal_t *ctx, for (;;) { reply = wire_sync_read(ctx, MASTER_FD); if (!reply) - status_failed(WIRE_CHANNEL_INTERNAL_ERROR, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "Could not set sync read from master: %s", strerror(errno)); if (fromwire_peektype(reply) == replytype) { @@ -540,13 +546,13 @@ static struct commit_sigs *calc_commitsigs(const tal_t *ctx, &peer->channel->basepoints[LOCAL].payment, &peer->remote_per_commit, &local_secretkey)) - status_failed(WIRE_CHANNEL_CRYPTO_FAILED, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "Deriving local_secretkey"); if (!derive_simple_key(&peer->channel->basepoints[LOCAL].payment, &peer->remote_per_commit, &localkey)) - status_failed(WIRE_CHANNEL_CRYPTO_FAILED, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "Deriving localkey"); status_trace("Derived key %s from basepoint %s, point %s", @@ -703,7 +709,7 @@ static u8 *make_revocation_msg(const struct peer *peer, u64 revoke_index) /* Sanity check that it corresponds to the point we sent. */ pubkey_from_privkey((struct privkey *)&old_commit_secret, &point); if (!per_commit_point(&peer->shaseed, &oldpoint, revoke_index)) - status_failed(WIRE_CHANNEL_CRYPTO_FAILED, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "Invalid point %"PRIu64" for commit_point", revoke_index); @@ -712,14 +718,14 @@ static u8 *make_revocation_msg(const struct peer *peer, u64 revoke_index) type_to_string(trc, struct pubkey, &oldpoint)); if (!pubkey_eq(&point, &oldpoint)) - status_failed(WIRE_CHANNEL_CRYPTO_FAILED, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "Invalid secret %s for commit_point", tal_hexstr(trc, &old_commit_secret, sizeof(old_commit_secret))); /* We're revoking N-1th commit, sending N+1th point. */ if (!per_commit_point(&peer->shaseed, &point, revoke_index+2)) - status_failed(WIRE_CHANNEL_CRYPTO_FAILED, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "Deriving next commit_point"); return towire_revoke_and_ack(peer, &peer->channel_id, &old_commit_secret, @@ -772,11 +778,11 @@ static void get_shared_secret(const struct htlc *htlc, ephemeral.pubkey = op->ephemeralkey; msg = towire_hsm_ecdh_req(tmpctx, &ephemeral); if (!wire_sync_write(HSM_FD, msg)) - status_failed(WIRE_CHANNEL_HSM_FAILED, "Writing ecdh req"); + status_failed(STATUS_FAIL_HSM_IO, "Writing ecdh req"); msg = wire_sync_read(tmpctx, HSM_FD); /* Gives all-zero shares_secret if it was invalid. */ if (!msg || !fromwire_hsm_ecdh_resp(msg, NULL, shared_secret)) - status_failed(WIRE_CHANNEL_HSM_FAILED, "Reading ecdh response"); + status_failed(STATUS_FAIL_HSM_IO, "Reading ecdh response"); tal_free(tmpctx); } @@ -874,7 +880,6 @@ static struct io_plan *handle_peer_commit_sig(struct io_conn *conn, peer_failed(io_conn_fd(peer->peer_conn), &peer->pcs.cs, &peer->channel_id, - WIRE_CHANNEL_PEER_BAD_MESSAGE, "commit_sig with no changes"); } @@ -883,12 +888,11 @@ static struct io_plan *handle_peer_commit_sig(struct io_conn *conn, peer_failed(io_conn_fd(peer->peer_conn), &peer->pcs.cs, &peer->channel_id, - WIRE_CHANNEL_PEER_BAD_MESSAGE, "Bad commit_sig %s", tal_hex(msg, msg)); if (!per_commit_point(&peer->shaseed, &point, peer->next_index[LOCAL])) - status_failed(WIRE_CHANNEL_CRYPTO_FAILED, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "Deriving per_commit_point for %"PRIu64, peer->next_index[LOCAL]); @@ -897,7 +901,7 @@ static struct io_plan *handle_peer_commit_sig(struct io_conn *conn, if (!derive_simple_key(&peer->channel->basepoints[REMOTE].payment, &point, &remotekey)) - status_failed(WIRE_CHANNEL_CRYPTO_FAILED, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "Deriving remotekey"); status_trace("Derived key %s from basepoint %s, point %s", type_to_string(trc, struct pubkey, &remotekey), @@ -916,7 +920,6 @@ static struct io_plan *handle_peer_commit_sig(struct io_conn *conn, peer_failed(io_conn_fd(peer->peer_conn), &peer->pcs.cs, &peer->channel_id, - WIRE_CHANNEL_PEER_BAD_MESSAGE, "Bad commit_sig signature %"PRIu64" %s for tx %s wscript %s key %s", peer->next_index[LOCAL], type_to_string(msg, secp256k1_ecdsa_signature, @@ -938,7 +941,6 @@ static struct io_plan *handle_peer_commit_sig(struct io_conn *conn, peer_failed(io_conn_fd(peer->peer_conn), &peer->pcs.cs, &peer->channel_id, - WIRE_CHANNEL_PEER_BAD_MESSAGE, "Expected %zu htlc sigs, not %zu", tal_count(txs) - 1, tal_count(htlc_sigs)); @@ -954,7 +956,6 @@ static struct io_plan *handle_peer_commit_sig(struct io_conn *conn, peer_failed(io_conn_fd(peer->peer_conn), &peer->pcs.cs, &peer->channel_id, - WIRE_CHANNEL_PEER_BAD_MESSAGE, "Bad commit_sig signature %s for htlc %s wscript %s key %s", type_to_string(msg, secp256k1_ecdsa_signature, &htlc_sigs[i]), type_to_string(msg, struct bitcoin_tx, txs[1+i]), @@ -1031,7 +1032,6 @@ static struct io_plan *handle_peer_revoke_and_ack(struct io_conn *conn, peer_failed(io_conn_fd(peer->peer_conn), &peer->pcs.cs, &peer->channel_id, - WIRE_CHANNEL_PEER_BAD_MESSAGE, "Bad revoke_and_ack %s", tal_hex(msg, msg)); } @@ -1046,7 +1046,6 @@ static struct io_plan *handle_peer_revoke_and_ack(struct io_conn *conn, peer_failed(io_conn_fd(peer->peer_conn), &peer->pcs.cs, &peer->channel_id, - WIRE_CHANNEL_PEER_BAD_MESSAGE, "Bad privkey %s", type_to_string(msg, struct privkey, &privkey)); } @@ -1054,7 +1053,6 @@ static struct io_plan *handle_peer_revoke_and_ack(struct io_conn *conn, peer_failed(io_conn_fd(peer->peer_conn), &peer->pcs.cs, &peer->channel_id, - WIRE_CHANNEL_PEER_BAD_MESSAGE, "Wrong privkey %s for %"PRIu64" %s", type_to_string(msg, struct privkey, &privkey), peer->next_index[LOCAL]-2, @@ -1102,7 +1100,6 @@ static struct io_plan *handle_peer_fulfill_htlc(struct io_conn *conn, peer_failed(io_conn_fd(peer->peer_conn), &peer->pcs.cs, &peer->channel_id, - WIRE_CHANNEL_PEER_BAD_MESSAGE, "Bad update_fulfill_htlc %s", tal_hex(msg, msg)); } @@ -1123,7 +1120,6 @@ static struct io_plan *handle_peer_fulfill_htlc(struct io_conn *conn, peer_failed(io_conn_fd(peer->peer_conn), &peer->pcs.cs, &peer->channel_id, - WIRE_CHANNEL_PEER_BAD_MESSAGE, "Bad update_fulfill_htlc: failed to fulfill %" PRIu64 " error %u", id, e); } @@ -1144,7 +1140,6 @@ static struct io_plan *handle_peer_fail_htlc(struct io_conn *conn, peer_failed(io_conn_fd(peer->peer_conn), &peer->pcs.cs, &peer->channel_id, - WIRE_CHANNEL_PEER_BAD_MESSAGE, "Bad update_fulfill_htlc %s", tal_hex(msg, msg)); } @@ -1164,7 +1159,6 @@ static struct io_plan *handle_peer_fail_htlc(struct io_conn *conn, peer_failed(io_conn_fd(peer->peer_conn), &peer->pcs.cs, &peer->channel_id, - WIRE_CHANNEL_PEER_BAD_MESSAGE, "Bad update_fail_htlc: failed to remove %" PRIu64 " error %u", id, e); } @@ -1189,7 +1183,6 @@ static struct io_plan *handle_peer_fail_malformed_htlc(struct io_conn *conn, peer_failed(io_conn_fd(peer->peer_conn), &peer->pcs.cs, &peer->channel_id, - WIRE_CHANNEL_PEER_BAD_MESSAGE, "Bad update_fail_malformed_htlc %s", tal_hex(msg, msg)); } @@ -1203,7 +1196,6 @@ static struct io_plan *handle_peer_fail_malformed_htlc(struct io_conn *conn, peer_failed(io_conn_fd(peer->peer_conn), &peer->pcs.cs, &peer->channel_id, - WIRE_CHANNEL_PEER_BAD_MESSAGE, "Bad update_fail_malformed_htlc failure code %u", failure_code); } @@ -1244,7 +1236,6 @@ static struct io_plan *handle_peer_fail_malformed_htlc(struct io_conn *conn, peer_failed(io_conn_fd(peer->peer_conn), &peer->pcs.cs, &peer->channel_id, - WIRE_CHANNEL_PEER_BAD_MESSAGE, "Bad update_fail_malformed_htlc: failed to remove %" PRIu64 " error %u", id, e); } @@ -1260,7 +1251,6 @@ static struct io_plan *handle_ping(struct io_conn *conn, peer_failed(io_conn_fd(peer->peer_conn), &peer->pcs.cs, &peer->channel_id, - WIRE_CHANNEL_PEER_BAD_MESSAGE, "Bad ping"); status_trace("Got ping, sending %s", pong ? @@ -1279,10 +1269,16 @@ static struct io_plan *handle_pong(struct io_conn *conn, status_trace("Got pong!"); if (!fromwire_pong(pong, pong, NULL, &ignored)) - status_failed(WIRE_CHANNEL_PEER_READ_FAILED, "Bad pong"); + peer_failed(io_conn_fd(peer->peer_conn), + &peer->pcs.cs, + &peer->channel_id, + "Bad pong %s", tal_hex(pong, pong)); if (!peer->num_pings_outstanding) - status_failed(WIRE_CHANNEL_PEER_READ_FAILED, "Unexpected pong"); + peer_failed(io_conn_fd(peer->peer_conn), + &peer->pcs.cs, + &peer->channel_id, + "Unexpected pong"); peer->num_pings_outstanding--; wire_sync_write(MASTER_FD, @@ -1298,7 +1294,10 @@ static struct io_plan *handle_peer_shutdown(struct io_conn *conn, u8 *scriptpubkey; if (!fromwire_shutdown(peer, shutdown, NULL, &channel_id, &scriptpubkey)) - status_failed(WIRE_CHANNEL_PEER_READ_FAILED, "Bad shutdown"); + peer_failed(io_conn_fd(peer->peer_conn), + &peer->pcs.cs, + &peer->channel_id, + "Bad shutdown %s", tal_hex(peer, shutdown)); /* Tell master, it will tell us what to send (if any). */ wire_sync_write(MASTER_FD, @@ -1327,7 +1326,6 @@ static struct io_plan *peer_in(struct io_conn *conn, struct peer *peer, u8 *msg) peer_failed(io_conn_fd(peer->peer_conn), &peer->pcs.cs, &peer->channel_id, - WIRE_CHANNEL_PEER_BAD_MESSAGE, "%s (%u) before funding locked", wire_type_name(type), type); } @@ -1377,7 +1375,6 @@ static struct io_plan *peer_in(struct io_conn *conn, struct peer *peer, u8 *msg) peer_failed(io_conn_fd(peer->peer_conn), &peer->pcs.cs, &peer->channel_id, - WIRE_CHANNEL_PEER_BAD_MESSAGE, "Unimplemented message %u (%s)", type, wire_type_name(type)); } @@ -1386,7 +1383,6 @@ badmessage: peer_failed(io_conn_fd(peer->peer_conn), &peer->pcs.cs, &peer->channel_id, - WIRE_CHANNEL_PEER_BAD_MESSAGE, "Peer sent unknown message %u (%s)", type, wire_type_name(type)); } @@ -1406,7 +1402,7 @@ static void peer_conn_broken(struct io_conn *conn, struct peer *peer) /* Make sure gossipd actually gets this message before dying */ daemon_conn_sync_flush(&peer->gossip_client); } - status_failed(WIRE_CHANNEL_PEER_READ_FAILED, + status_failed(STATUS_FAIL_PEER_IO, "peer connection broken: %s", strerror(errno)); } @@ -1437,7 +1433,6 @@ static void send_fail_or_fulfill(struct peer *peer, const struct htlc *h) peer_failed(io_conn_fd(peer->peer_conn), &peer->pcs.cs, &peer->channel_id, - WIRE_CHANNEL_PEER_BAD_MESSAGE, "HTLC %"PRIu64" state %s not failed/fulfilled", h->id, htlc_state_name(h->state)); msg_enqueue(&peer->peer_out, take(msg)); @@ -1471,7 +1466,6 @@ static void resend_commitment(struct peer *peer, const struct changed_htlc *last peer_failed(io_conn_fd(peer->peer_conn), &peer->pcs.cs, &peer->channel_id, - WIRE_CHANNEL_PEER_BAD_MESSAGE, "Can't find HTLC %"PRIu64" to resend", last[i].id); @@ -1524,13 +1518,13 @@ static void peer_reconnect(struct peer *peer) peer->next_index[LOCAL], peer->revocations_received); if (!sync_crypto_write(&peer->pcs.cs, PEER_FD, take(msg))) - status_failed(WIRE_CHANNEL_PEER_WRITE_FAILED, + status_failed(STATUS_FAIL_PEER_IO, "Failed writing reestablish: %s", strerror(errno)); again: msg = sync_crypto_read(peer, &peer->pcs.cs, PEER_FD); if (!msg) - status_failed(WIRE_CHANNEL_PEER_READ_FAILED, + status_failed(STATUS_FAIL_PEER_IO, "Failed reading reestablish: %s", strerror(errno)); if (is_gossip_msg(msg)) { @@ -1542,7 +1536,7 @@ again: if (!fromwire_channel_reestablish(msg, NULL, &channel_id, &next_local_commitment_number, &next_remote_revocation_number)) { - status_failed(WIRE_CHANNEL_PEER_READ_FAILED, + status_failed(STATUS_FAIL_PEER_IO, "bad reestablish msg: %s %s", wire_type_name(fromwire_peektype(msg)), tal_hex(msg, msg)); @@ -1589,14 +1583,14 @@ again: if (next_remote_revocation_number == peer->next_index[LOCAL] - 2) { /* Don't try to retransmit revocation index -1! */ if (peer->next_index[LOCAL] < 2) { - status_failed(WIRE_CHANNEL_PEER_READ_FAILED, + status_failed(STATUS_FAIL_PEER_IO, "bad reestablish revocation_number: %" PRIu64, next_remote_revocation_number); } retransmit_revoke_and_ack = true; } else if (next_remote_revocation_number != peer->next_index[LOCAL] - 1) { - status_failed(WIRE_CHANNEL_PEER_READ_FAILED, + status_failed(STATUS_FAIL_PEER_IO, "bad reestablish revocation_number: %"PRIu64 " vs %"PRIu64, next_remote_revocation_number, @@ -1619,7 +1613,7 @@ again: if (next_local_commitment_number == peer->next_index[REMOTE] - 1) { /* We completed opening, we don't re-transmit that one! */ if (next_local_commitment_number == 0) - status_failed(WIRE_CHANNEL_PEER_READ_FAILED, + status_failed(STATUS_FAIL_PEER_IO, "bad reestablish commitment_number: %" PRIu64, next_local_commitment_number); @@ -1636,7 +1630,6 @@ again: peer_failed(PEER_FD, &peer->pcs.cs, &peer->channel_id, - WIRE_CHANNEL_PEER_BAD_MESSAGE, "bad reestablish commitment_number: %"PRIu64 " vs %"PRIu64, next_local_commitment_number, @@ -1677,7 +1670,7 @@ static void handle_funding_locked(struct peer *peer, const u8 *msg) if (!fromwire_channel_funding_locked(msg, NULL, &peer->short_channel_ids[LOCAL])) - status_failed(WIRE_CHANNEL_BAD_COMMAND, "%s", tal_hex(msg, msg)); + master_badmsg(WIRE_CHANNEL_FUNDING_LOCKED, msg); per_commit_point(&peer->shaseed, &next_per_commit_point, peer->next_index[LOCAL]); @@ -1720,14 +1713,13 @@ static void handle_offer_htlc(struct peer *peer, const u8 *inmsg) const char *failmsg; if (!peer->funding_locked[LOCAL] || !peer->funding_locked[REMOTE]) - status_failed(WIRE_CHANNEL_BAD_COMMAND, "funding not locked"); + status_failed(STATUS_FAIL_MASTER_IO, + "funding not locked for offer_htlc"); if (!fromwire_channel_offer_htlc(inmsg, NULL, &amount_msat, &cltv_expiry, &payment_hash, onion_routing_packet)) - status_failed(WIRE_CHANNEL_BAD_COMMAND, - "bad offer_htlc message %s", - tal_hex(inmsg, inmsg)); + master_badmsg(WIRE_CHANNEL_OFFER_HTLC, inmsg); e = channel_add_htlc(peer->channel, LOCAL, peer->htlc_id, amount_msat, cltv_expiry, &payment_hash, @@ -1756,7 +1748,7 @@ static void handle_offer_htlc(struct peer *peer, const u8 *inmsg) goto failed; case CHANNEL_ERR_DUPLICATE: case CHANNEL_ERR_DUPLICATE_ID_DIFFERENT: - status_failed(WIRE_CHANNEL_BAD_COMMAND, + status_failed(STATUS_FAIL_MASTER_IO, "Duplicate HTLC %"PRIu64, peer->htlc_id); /* FIXME: Fuzz the boundaries a bit to avoid probing? */ @@ -1796,8 +1788,7 @@ static void handle_preimage(struct peer *peer, const u8 *inmsg) struct preimage preimage; if (!fromwire_channel_fulfill_htlc(inmsg, NULL, &id, &preimage)) - status_failed(WIRE_CHANNEL_BAD_COMMAND, - "Invalid channel_fulfill_htlc"); + master_badmsg(WIRE_CHANNEL_FULFILL_HTLC, inmsg); switch (channel_fulfill_htlc(peer->channel, REMOTE, id, &preimage)) { case CHANNEL_ERR_REMOVE_OK: @@ -1814,7 +1805,7 @@ static void handle_preimage(struct peer *peer, const u8 *inmsg) case CHANNEL_ERR_HTLC_UNCOMMITTED: case CHANNEL_ERR_HTLC_NOT_IRREVOCABLE: case CHANNEL_ERR_BAD_PREIMAGE: - status_failed(WIRE_CHANNEL_BAD_COMMAND, + status_failed(STATUS_FAIL_MASTER_IO, "HTLC %"PRIu64" preimage failed", id); } abort(); @@ -1830,11 +1821,10 @@ static void handle_fail(struct peer *peer, const u8 *inmsg) if (!fromwire_channel_fail_htlc(inmsg, inmsg, NULL, &id, &malformed, &errpkt)) - status_failed(WIRE_CHANNEL_BAD_COMMAND, - "Invalid channel_fail_htlc"); + master_badmsg(WIRE_CHANNEL_FAIL_HTLC, inmsg); if (malformed && !(malformed & BADONION)) - status_failed(WIRE_CHANNEL_BAD_COMMAND, + status_failed(STATUS_FAIL_MASTER_IO, "Invalid channel_fail_htlc: bad malformed 0x%x", malformed); @@ -1865,7 +1855,7 @@ static void handle_fail(struct peer *peer, const u8 *inmsg) case CHANNEL_ERR_HTLC_UNCOMMITTED: case CHANNEL_ERR_HTLC_NOT_IRREVOCABLE: case CHANNEL_ERR_BAD_PREIMAGE: - status_failed(WIRE_CHANNEL_BAD_COMMAND, + status_failed(STATUS_FAIL_MASTER_IO, "HTLC %"PRIu64" removal failed: %i", id, e); } abort(); @@ -1877,11 +1867,11 @@ static void handle_ping_cmd(struct peer *peer, const u8 *inmsg) u8 *ping; if (!fromwire_channel_ping(inmsg, NULL, &num_pong_bytes, &ping_len)) - status_failed(WIRE_CHANNEL_BAD_COMMAND, "Bad channel_ping"); + master_badmsg(WIRE_CHANNEL_PING, inmsg); ping = make_ping(peer, num_pong_bytes, ping_len); if (tal_len(ping) > 65535) - status_failed(WIRE_CHANNEL_BAD_COMMAND, "Oversize channel_ping"); + status_failed(STATUS_FAIL_MASTER_IO, "Oversize channel_ping"); msg_enqueue(&peer->peer_out, take(ping)); @@ -1906,7 +1896,7 @@ static void handle_shutdown_cmd(struct peer *peer, const u8 *inmsg) u8 *scriptpubkey; if (!fromwire_channel_send_shutdown(peer, inmsg, NULL, &scriptpubkey)) - status_failed(WIRE_CHANNEL_BAD_COMMAND, "Bad send_shutdown"); + master_badmsg(WIRE_CHANNEL_SEND_SHUTDOWN, inmsg); /* We can't send this until commit (if any) is done, so start timer<. */ peer->unsent_shutdown_scriptpubkey = scriptpubkey; @@ -1940,18 +1930,10 @@ static void req_in(struct peer *peer, const u8 *msg) handle_shutdown_cmd(peer, msg); goto out; - case WIRE_CHANNEL_BAD_COMMAND: - case WIRE_CHANNEL_HSM_FAILED: - case WIRE_CHANNEL_CRYPTO_FAILED: - case WIRE_CHANNEL_GOSSIP_BAD_MESSAGE: - case WIRE_CHANNEL_INTERNAL_ERROR: - case WIRE_CHANNEL_PEER_WRITE_FAILED: - case WIRE_CHANNEL_PEER_READ_FAILED: case WIRE_CHANNEL_NORMAL_OPERATION: case WIRE_CHANNEL_INIT: case WIRE_CHANNEL_OFFER_HTLC_REPLY: case WIRE_CHANNEL_PING_REPLY: - case WIRE_CHANNEL_PEER_BAD_MESSAGE: case WIRE_CHANNEL_ANNOUNCED: case WIRE_CHANNEL_SENDING_COMMITSIG: case WIRE_CHANNEL_GOT_COMMITSIG: @@ -1964,8 +1946,7 @@ static void req_in(struct peer *peer, const u8 *msg) case WIRE_CHANNEL_SHUTDOWN_COMPLETE: break; } - status_failed(WIRE_CHANNEL_BAD_COMMAND, "%u %s", t, - channel_wire_type_name(t)); + master_badmsg(-1, msg); out: tal_free(msg); @@ -2041,8 +2022,7 @@ static void init_channel(struct peer *peer) &peer->shutdown_sent[REMOTE], &peer->channel_flags, &funding_signed)) - status_failed(WIRE_CHANNEL_BAD_COMMAND, "Init: %s", - tal_hex(msg, msg)); + master_badmsg(WIRE_CHANNEL_INIT, msg); status_trace("init %s: remote_per_commit = %s, old_remote_per_commit = %s" " next_idx_local = %"PRIu64 @@ -2081,7 +2061,7 @@ static void init_channel(struct peer *peer) if (!channel_force_htlcs(peer->channel, htlcs, hstates, fulfilled, fulfilled_sides, failed, failed_sides)) - status_failed(WIRE_CHANNEL_BAD_COMMAND, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "Could not restore HTLCs"); peer->channel_direction = get_channel_direction( @@ -2104,7 +2084,7 @@ static void init_channel(struct peer *peer) #ifndef TESTING static void gossip_gone(struct io_conn *unused, struct daemon_conn *dc) { - status_failed(WIRE_CHANNEL_GOSSIP_BAD_MESSAGE, + status_failed(STATUS_FAIL_GOSSIP_IO, "Gossip connection closed"); } @@ -2114,14 +2094,14 @@ static void send_shutdown_complete(struct peer *peer) /* Push out any outstanding messages to peer. */ if (!io_flush_sync(peer->peer_conn)) - status_failed(WIRE_CHANNEL_PEER_WRITE_FAILED, "Syncing conn"); + status_failed(STATUS_FAIL_PEER_IO, "Syncing conn"); /* Set FD blocking to flush it */ io_fd_block(PEER_FD, true); while ((msg = msg_dequeue(&peer->peer_out)) != NULL) { if (!sync_crypto_write(&peer->pcs.cs, PEER_FD, take(msg))) - status_failed(WIRE_CHANNEL_PEER_WRITE_FAILED, + status_failed(STATUS_FAIL_PEER_IO, "Flushing msgs"); } @@ -2174,7 +2154,7 @@ static int poll_with_masterfd(struct pollfd *fds, nfds_t nfds, int timeout) u8 *msg = wire_sync_read(peer, MASTER_FD); if (!msg) - status_failed(WIRE_CHANNEL_BAD_COMMAND, + status_failed(STATUS_FAIL_MASTER_IO, "Can't read command: %s", strerror(errno)); msg_enqueue(&peer->from_master, take(msg)); diff --git a/channeld/channel_wire.csv b/channeld/channel_wire.csv index b4ba95362..895628696 100644 --- a/channeld/channel_wire.csv +++ b/channeld/channel_wire.csv @@ -1,19 +1,3 @@ -# Shouldn't happen -channel_bad_command,0x8000 -# Also shouldn't happen -channel_hsm_failed,0x8001 -channel_crypto_failed,0x8002 -channel_internal_error,0x8003 -channel_gossip_bad_message,0x8004 - -# These are due to peer. -channel_peer_write_failed,0x8010 -channel_peer_read_failed,0x8011 - -channel_peer_bad_message,0x8012 -channel_peer_bad_message,,len,u16 -channel_peer_bad_message,,msg,len*u8 - # Received and sent funding_locked channel_normal_operation,1001 diff --git a/closingd/Makefile b/closingd/Makefile index 3631c9f13..632ad2c2f 100644 --- a/closingd/Makefile +++ b/closingd/Makefile @@ -51,6 +51,7 @@ CLOSINGD_COMMON_OBJS := \ common/derive_basepoints.o \ common/htlc_wire.o \ common/msg_queue.o \ + common/peer_failed.o \ common/permute_tx.o \ common/status.o \ common/type_to_string.o \ diff --git a/closingd/closing.c b/closingd/closing.c index 06114db79..0a1b5df3c 100644 --- a/closingd/closing.c +++ b/closingd/closing.c @@ -5,6 +5,7 @@ #include #include #include +#include #include #include #include @@ -23,6 +24,8 @@ #define GOSSIP_FD 4 static struct bitcoin_tx *close_tx(const tal_t *ctx, + struct crypto_state *cs, + const struct channel_id *channel_id, u8 *scriptpubkey[NUM_SIDES], const struct sha256_double *funding_txid, unsigned int funding_txout, @@ -35,7 +38,7 @@ static struct bitcoin_tx *close_tx(const tal_t *ctx, struct bitcoin_tx *tx; if (satoshi_out[funder] < fee) - status_failed(WIRE_CLOSING_NEGOTIATION_ERROR, + peer_failed(PEER_FD, cs, channel_id, "Funder cannot afford fee %"PRIu64 " (%"PRIu64" and %"PRIu64")", fee, satoshi_out[LOCAL], @@ -44,7 +47,9 @@ static struct bitcoin_tx *close_tx(const tal_t *ctx, status_trace("Making close tx at = %"PRIu64"/%"PRIu64" fee %"PRIu64, satoshi_out[LOCAL], satoshi_out[REMOTE], fee); - tx = create_close_tx(ctx, scriptpubkey[LOCAL], scriptpubkey[REMOTE], + /* FIXME: We need to allow this! */ + tx = create_close_tx(ctx, + scriptpubkey[LOCAL], scriptpubkey[REMOTE], funding_txid, funding_txout, funding_satoshi, @@ -52,18 +57,18 @@ static struct bitcoin_tx *close_tx(const tal_t *ctx, satoshi_out[REMOTE] - (funder == REMOTE ? fee : 0), dust_limit); if (!tx) - status_failed(WIRE_CLOSING_NEGOTIATION_ERROR, - "Both outputs below dust limit:" - " funding = %"PRIu64 - " fee = %"PRIu64 - " dust_limit = %"PRIu64 - " LOCAL = %"PRIu64 - " REMOTE = %"PRIu64, - funding_satoshi, - fee, - dust_limit, - satoshi_out[LOCAL], - satoshi_out[REMOTE]); + peer_failed(PEER_FD, cs, channel_id, + "Both outputs below dust limit:" + " funding = %"PRIu64 + " fee = %"PRIu64 + " dust_limit = %"PRIu64 + " LOCAL = %"PRIu64 + " REMOTE = %"PRIu64, + funding_satoshi, + fee, + dust_limit, + satoshi_out[LOCAL], + satoshi_out[REMOTE]); return tx; } @@ -101,29 +106,28 @@ static void do_reconnect(struct crypto_state *cs, next_index[LOCAL], revocations_received); if (!sync_crypto_write(cs, PEER_FD, take(msg))) - status_failed(WIRE_CLOSING_PEER_WRITE_FAILED, + status_failed(STATUS_FAIL_PEER_IO, "Failed writing reestablish: %s", strerror(errno)); again: msg = sync_crypto_read(tmpctx, cs, PEER_FD); if (!msg) - status_failed(WIRE_CLOSING_PEER_READ_FAILED, + status_failed(STATUS_FAIL_PEER_IO, "Failed reading reestablish: %s", strerror(errno)); if (is_gossip_msg(msg)) { if (!wire_sync_write(GOSSIP_FD, take(msg))) - status_failed(WIRE_CLOSING_GOSSIP_FAILED, - "Writing gossip"); + status_failed(STATUS_FAIL_GOSSIP_IO, "Writing gossip"); goto again; } if (!fromwire_channel_reestablish(msg, NULL, &their_channel_id, &next_local_commitment_number, &next_remote_revocation_number)) { - status_failed(WIRE_CLOSING_PEER_READ_FAILED, - "bad reestablish msg: %s %s", - wire_type_name(fromwire_peektype(msg)), - tal_hex(tmpctx, msg)); + peer_failed(PEER_FD, cs, channel_id, + "bad reestablish msg: %s %s", + wire_type_name(fromwire_peektype(msg)), + tal_hex(tmpctx, msg)); } status_trace("Got reestablish commit=%"PRIu64" revoke=%"PRIu64, next_local_commitment_number, @@ -194,10 +198,9 @@ int main(int argc, char *argv[]) &reconnected, &next_index[LOCAL], &next_index[REMOTE], - &revocations_received)) { - status_failed(WIRE_CLOSING_PEER_BAD_MESSAGE, - "Bad init message %s", tal_hex(ctx, msg)); - } + &revocations_received)) + master_badmsg(WIRE_CLOSING_INIT, msg); + status_trace("satoshi_out = %"PRIu64"/%"PRIu64, satoshi_out[LOCAL], satoshi_out[REMOTE]); status_trace("dustlimit = %"PRIu64, our_dust_limit); @@ -236,7 +239,8 @@ int main(int argc, char *argv[]) * the close transaction as specified in [BOLT * #3](03-transactions.md#closing-transaction). */ - tx = close_tx(tmpctx, scriptpubkey, + tx = close_tx(tmpctx, &cs, &channel_id, + scriptpubkey, &funding_txid, funding_txout, funding_satoshi, @@ -260,7 +264,7 @@ int main(int argc, char *argv[]) /* Now send closing offer */ msg = towire_closing_signed(tmpctx, &channel_id, sent_fee, &sig); if (!sync_crypto_write(&cs, PEER_FD, take(msg))) - status_failed(WIRE_CLOSING_PEER_WRITE_FAILED, + status_failed(STATUS_FAIL_PEER_IO, "Writing closing_signed"); /* Did we just agree with them? If so, we're done. */ @@ -270,13 +274,12 @@ int main(int argc, char *argv[]) again: msg = sync_crypto_read(tmpctx, &cs, PEER_FD); if (!msg) - status_failed(WIRE_CLOSING_PEER_READ_FAILED, - "Reading input"); + status_failed(STATUS_FAIL_PEER_IO, "Reading input"); /* We don't send gossip at this stage, but we can recv it */ if (is_gossip_msg(msg)) { if (!wire_sync_write(GOSSIP_FD, take(msg))) - status_failed(WIRE_CLOSING_GOSSIP_FAILED, + status_failed(STATUS_FAIL_GOSSIP_IO, "Writing gossip"); goto again; } @@ -305,9 +308,9 @@ int main(int argc, char *argv[]) if (!fromwire_closing_signed(msg, NULL, &channel_id, &received_fee, &sig)) - status_failed(WIRE_CLOSING_PEER_BAD_MESSAGE, - "Expected closing_signed: %s", - tal_hex(trc, msg)); + peer_failed(PEER_FD, &cs, &channel_id, + "Expected closing_signed: %s", + tal_hex(trc, msg)); /* BOLT #2: * @@ -316,7 +319,8 @@ int main(int argc, char *argv[]) * #3](03-transactions.md#closing-transaction), and MUST fail * the connection if it is not. */ - tx = close_tx(tmpctx, scriptpubkey, + tx = close_tx(tmpctx, &cs, &channel_id, + scriptpubkey, &funding_txid, funding_txout, funding_satoshi, @@ -342,7 +346,8 @@ int main(int argc, char *argv[]) * own `dust_limit_satoshis`, and MAY also eliminate * its own output. */ - trimmed = close_tx(tmpctx, scriptpubkey, + trimmed = close_tx(tmpctx, &cs, &channel_id, + scriptpubkey, &funding_txid, funding_txout, funding_satoshi, @@ -351,7 +356,7 @@ int main(int argc, char *argv[]) if (!trimmed || !check_tx_sig(trimmed, 0, NULL, funding_wscript, &funding_pubkey[REMOTE], &sig)) { - status_failed(WIRE_CLOSING_PEER_BAD_MESSAGE, + peer_failed(PEER_FD, &cs, &channel_id, "Bad closing_signed signature for" " %s (and trimmed version %s)", type_to_string(tmpctx, @@ -374,10 +379,9 @@ int main(int argc, char *argv[]) * `fee_satoshis` is greater than the base fee of the final * commitment transaction as calculated in [BOLT #3] */ if (received_fee > maxfee) - status_failed(WIRE_CLOSING_PEER_BAD_MESSAGE, - "Bad closing_signed fee %"PRIu64 - " > %"PRIu64, - received_fee, maxfee); + peer_failed(PEER_FD, &cs, &channel_id, + "Bad closing_signed fee %"PRIu64" > %"PRIu64, + received_fee, maxfee); /* Is fee reasonable? Tell master. */ if (received_fee < minfee) { @@ -388,13 +392,13 @@ int main(int argc, char *argv[]) msg = towire_closing_received_signature(tmpctx, &sig, tx); if (!wire_sync_write(REQ_FD, take(msg))) - status_failed(WIRE_CLOSING_INTERNAL_ERROR, + status_failed(STATUS_FAIL_MASTER_IO, "Writing received to master: %s", strerror(errno)); msg = wire_sync_read(tmpctx, REQ_FD); if (!fromwire_closing_received_signature_reply(msg,NULL)) - status_failed(WIRE_CLOSING_INTERNAL_ERROR, - "Bad received reply from master"); + master_badmsg(WIRE_CLOSING_RECEIVED_SIGNATURE_REPLY, + msg); limit_fee = received_fee; } @@ -420,23 +424,23 @@ int main(int argc, char *argv[]) /* They went away from our offer? */ if (dir != previous_dir) - status_failed(WIRE_CLOSING_NEGOTIATION_ERROR, - "Their fee went %" - PRIu64" to %"PRIu64 - " when ours was %"PRIu64, - last_received_fee, - received_fee, - sent_fee); + peer_failed(PEER_FD, &cs, &channel_id, + "Their fee went %" + PRIu64" to %"PRIu64 + " when ours was %"PRIu64, + last_received_fee, + received_fee, + sent_fee); /* They jumped over our offer? */ if (next_dir != previous_dir) - status_failed(WIRE_CLOSING_NEGOTIATION_ERROR, - "Their fee jumped %" - PRIu64" to %"PRIu64 - " when ours was %"PRIu64, - last_received_fee, - received_fee, - sent_fee); + peer_failed(PEER_FD, &cs, &channel_id, + "Their fee jumped %" + PRIu64" to %"PRIu64 + " when ours was %"PRIu64, + last_received_fee, + received_fee, + sent_fee); } /* BOLT #2: @@ -457,7 +461,7 @@ int main(int argc, char *argv[]) /* If we didn't move, give up (we're ~ at min/max). */ if (new_fee == sent_fee) - status_failed(WIRE_CLOSING_NEGOTIATION_ERROR, + peer_failed(PEER_FD, &cs, &channel_id, "Final fee %"PRIu64" vs %"PRIu64 " at limits %"PRIu64"-%"PRIu64, sent_fee, received_fee, diff --git a/closingd/closing_wire.csv b/closingd/closing_wire.csv index dae40f911..66efa9be2 100644 --- a/closingd/closing_wire.csv +++ b/closingd/closing_wire.csv @@ -1,19 +1,3 @@ -# Shouldn't happen -closing_bad_command,0x8000 -# Also shouldn't happen -closing_gossip_failed,0x8001 -closing_internal_error,0x8003 - -# These are due to peer. -closing_peer_write_failed,0x8010 -closing_peer_read_failed,0x8011 -closing_peer_bad_message,0x8012 -closing_peer_bad_message,,len,u16 -closing_peer_bad_message,,msg,len*u8 -closing_negotiation_error,0x8013 -closing_negotiation_error,,len,u16 -closing_negotiation_error,,msg,len*u8 - #include #include # Begin! (passes peer fd, gossipd-client fd) diff --git a/common/peer_failed.c b/common/peer_failed.c index 686ae565b..5ee61bf6c 100644 --- a/common/peer_failed.c +++ b/common/peer_failed.c @@ -11,7 +11,7 @@ /* We only support one channel per peer anyway */ void peer_failed(int peer_fd, struct crypto_state *cs, const struct channel_id *channel_id, - u16 error_code, const char *fmt, ...) + const char *fmt, ...) { va_list ap; const char *errmsg; @@ -39,5 +39,5 @@ void peer_failed(int peer_fd, struct crypto_state *cs, io_fd_block(peer_fd, false); sync_crypto_write(cs, peer_fd, take(msg)); - status_failed(error_code, "%s", errmsg); + status_failed(STATUS_FAIL_PEER_BAD, "%s", errmsg); } diff --git a/common/peer_failed.h b/common/peer_failed.h index ebe0e4f67..0d9d8eef0 100644 --- a/common/peer_failed.h +++ b/common/peer_failed.h @@ -11,11 +11,10 @@ struct channel_id; * @peer_fd: file descriptor for peer. * @cs: the peer's current crypto state. * @channel_id: channel with error, or NULL for all. - * @error_code: error code as per status_failed - * @fmt: format as per status_failed + * @fmt: format as per status_failed(STATUS_FAIL_PEER_BAD, */ void peer_failed(int peer_fd, struct crypto_state *cs, const struct channel_id *channel_id, - u16 error_code, const char *fmt, ...) - PRINTF_FMT(5,6) NORETURN; + const char *fmt, ...) + PRINTF_FMT(4,5) NORETURN; #endif /* LIGHTNING_COMMON_PEER_FAILED_H */ diff --git a/common/status.c b/common/status.c index 728df6bd8..9f1ab6df4 100644 --- a/common/status.c +++ b/common/status.c @@ -9,6 +9,7 @@ #include #include #include +#include #include #include #include @@ -88,7 +89,7 @@ void status_trace(const char *fmt, ...) trc = tal_tmpctx(NULL); } -void status_failed(u16 code, const char *fmt, ...) +void status_failed(enum status_fail code, const char *fmt, ...) { va_list ap; char *str; @@ -107,3 +108,14 @@ void status_failed(u16 code, const char *fmt, ...) exit(0x80 | (code & 0xFF)); } + +void master_badmsg(u32 type_expected, const u8 *msg) +{ + if (!msg) + status_failed(STATUS_FAIL_MASTER_IO, + "failed reading msg %u: %s", + type_expected, strerror(errno)); + status_failed(STATUS_FAIL_MASTER_IO, + "Error parsing %u: %s", + type_expected, tal_hex(trc, msg)); +} diff --git a/common/status.h b/common/status.h index b8a2e911f..65f631c14 100644 --- a/common/status.h +++ b/common/status.h @@ -20,11 +20,41 @@ extern const void *trc; /* Failure codes always have high bit set. */ #define STATUS_FAIL 0x8000 +/* These are always followed by an ASCII string. */ +enum status_fail { + /* + * These errors shouldn't happen: + */ + /* Master daemon sent unknown/malformed command, or fd failed */ + STATUS_FAIL_MASTER_IO = STATUS_FAIL, + + /* Hsmd sent unknown/malformed command, or fd failed */ + STATUS_FAIL_HSM_IO, + + /* Gossipd sent unknown/malformed command, or fd failed */ + STATUS_FAIL_GOSSIP_IO, + + /* Other internal error. */ + STATUS_FAIL_INTERNAL_ERROR, + + /* + * These errors happen when the other peer misbehaves: + */ + /* I/O failure (probably they closed the socket) */ + STATUS_FAIL_PEER_IO, + /* Peer did something else wrong */ + STATUS_FAIL_PEER_BAD +}; + /* Send a message (frees the message). */ void status_send_sync(const u8 *msg); /* Send a printf-style debugging trace. */ void status_trace(const char *fmt, ...) PRINTF_FMT(1,2); /* Send a failure status code with printf-style msg, and exit. */ -void status_failed(u16 code, const char *fmt, ...) PRINTF_FMT(2,3) NORETURN; +void status_failed(enum status_fail, const char *fmt, ...) PRINTF_FMT(2,3) NORETURN; + +/* Helper for master failures: sends STATUS_FAIL_MASTER_IO. + * msg NULL == read failure. */ +void master_badmsg(u32 type_expected, const u8 *msg); #endif /* LIGHTNING_COMMON_STATUS_H */ diff --git a/gossipd/gossip.c b/gossipd/gossip.c index 75e80e5bc..cd097e335 100644 --- a/gossipd/gossip.c +++ b/gossipd/gossip.c @@ -417,8 +417,8 @@ static struct io_plan *new_peer(struct io_conn *conn, struct daemon *daemon, { struct peer *peer = setup_new_peer(daemon, msg); if (!peer) - status_failed(WIRE_GOSSIPSTATUS_BAD_NEW_PEER_REQUEST, - "%s", tal_hex(trc, msg)); + status_failed(STATUS_FAIL_MASTER_IO, + "bad gossipctl_new_peer: %s", tal_hex(trc, msg)); return io_recv_fd(conn, &peer->fd, new_peer_got_fd, peer); } @@ -439,8 +439,7 @@ static struct io_plan *release_peer(struct io_conn *conn, struct daemon *daemon, struct peer *peer; if (!fromwire_gossipctl_release_peer(msg, NULL, &unique_id)) - status_failed(WIRE_GOSSIPSTATUS_BAD_RELEASE_REQUEST, - "%s", tal_hex(trc, msg)); + master_badmsg(WIRE_GOSSIPCTL_RELEASE_PEER, msg); peer = find_peer(daemon, unique_id); if (!peer || !peer->local) { @@ -466,8 +465,7 @@ static struct io_plan *fail_peer(struct io_conn *conn, struct daemon *daemon, struct peer *peer; if (!fromwire_gossipctl_fail_peer(msg, NULL, &unique_id)) - status_failed(WIRE_GOSSIPSTATUS_BAD_FAIL_REQUEST, - "%s", tal_hex(trc, msg)); + master_badmsg(WIRE_GOSSIPCTL_FAIL_PEER, msg); /* This may not find the peer, if we fail beforehand. */ peer = find_peer(daemon, unique_id); @@ -502,8 +500,7 @@ static struct io_plan *new_peer_fd(struct io_conn *conn, struct daemon *daemon, if (!fromwire_gossipctl_get_peer_gossipfd(msg, NULL, &unique_id, &sync)) - status_failed(WIRE_GOSSIPSTATUS_BAD_FAIL_REQUEST, - "%s", tal_hex(trc, msg)); + master_badmsg(WIRE_GOSSIPCTL_GET_PEER_GOSSIPFD, msg); peer = setup_new_remote_peer(daemon, unique_id, sync); @@ -621,17 +618,17 @@ static struct io_plan *ping_req(struct io_conn *conn, struct daemon *daemon, u8 *ping; if (!fromwire_gossip_ping(msg, NULL, &unique_id, &num_pong_bytes, &len)) - status_failed(WIRE_GOSSIPSTATUS_BAD_REQUEST, - "%s", tal_hex(trc, msg)); + master_badmsg(WIRE_GOSSIP_PING, msg); + /* FIXME: This is racy, but this op only for testing anywat. */ peer = find_peer(daemon, unique_id); if (!peer) - status_failed(WIRE_GOSSIPSTATUS_BAD_REQUEST, - "Unknown peer %"PRIu64, unique_id); + status_failed(STATUS_FAIL_MASTER_IO, + "gossip_ping: unknown peer %"PRIu64, unique_id); ping = make_ping(peer, num_pong_bytes, len); if (tal_len(ping) > 65535) - status_failed(WIRE_GOSSIPSTATUS_BAD_REQUEST, "Oversize ping"); + status_failed(STATUS_FAIL_MASTER_IO, "Oversize ping"); msg_enqueue(&peer->peer_out, take(ping)); status_trace("sending ping expecting %sresponse", @@ -661,8 +658,7 @@ static struct io_plan *gossip_init(struct daemon_conn *master, if (!fromwire_gossipctl_init(msg, NULL, &daemon->broadcast_interval, &chain_hash)) { - status_failed(WIRE_GOSSIPSTATUS_INIT_FAILED, - "Unable to parse init message"); + master_badmsg(WIRE_GOSSIPCTL_INIT, msg); } daemon->rstate = new_routing_state(daemon, &chain_hash); return daemon_conn_read_next(master->conn, master); @@ -676,8 +672,7 @@ static struct io_plan *resolve_channel_req(struct io_conn *conn, struct pubkey *keys; if (!fromwire_gossip_resolve_channel_request(msg, NULL, &scid)) - status_failed(WIRE_GOSSIPSTATUS_BAD_REQUEST, - "Unable to parse resolver request"); + master_badmsg(WIRE_GOSSIP_RESOLVE_CHANNEL_REQUEST, msg); nc = get_connection_by_scid(daemon->rstate, &scid, 0); if (!nc) { @@ -701,12 +696,12 @@ static struct io_plan *resolve_channel_req(struct io_conn *conn, static void handle_forwarded_msg(struct io_conn *conn, struct daemon *daemon, const u8 *msg) { u8 *payload; - if (!fromwire_gossip_forwarded_msg(msg, msg, NULL, &payload)) { - status_trace("Malformed forwarded message: %s", tal_hex(trc, msg)); - return; - } + if (!fromwire_gossip_forwarded_msg(msg, msg, NULL, &payload)) + master_badmsg(WIRE_GOSSIP_FORWARDED_MSG, msg); + handle_gossip_msg(daemon->rstate, payload); } + static struct io_plan *recv_req(struct io_conn *conn, struct daemon_conn *master) { struct daemon *daemon = container_of(master, struct daemon, master); @@ -755,20 +750,15 @@ static struct io_plan *recv_req(struct io_conn *conn, struct daemon_conn *master case WIRE_GOSSIP_GETCHANNELS_REPLY: case WIRE_GOSSIP_PING_REPLY: case WIRE_GOSSIP_RESOLVE_CHANNEL_REPLY: - case WIRE_GOSSIPSTATUS_INIT_FAILED: - case WIRE_GOSSIPSTATUS_BAD_NEW_PEER_REQUEST: - case WIRE_GOSSIPSTATUS_BAD_RELEASE_REQUEST: - case WIRE_GOSSIPSTATUS_BAD_FAIL_REQUEST: - case WIRE_GOSSIPSTATUS_BAD_REQUEST: - case WIRE_GOSSIPSTATUS_FDPASS_FAILED: case WIRE_GOSSIPSTATUS_PEER_BAD_MSG: case WIRE_GOSSIPSTATUS_PEER_FAILED: case WIRE_GOSSIPSTATUS_PEER_NONGOSSIP: break; } - /* Control shouldn't give bad requests. */ - status_failed(WIRE_GOSSIPSTATUS_BAD_REQUEST, "%i", t); + /* Master shouldn't give bad requests. */ + status_failed(STATUS_FAIL_MASTER_IO, "%i: %s", + t, tal_hex(trc, master->msg_in)); } #ifndef TESTING diff --git a/gossipd/gossip_wire.csv b/gossipd/gossip_wire.csv index 27e1788d6..23a021d99 100644 --- a/gossipd/gossip_wire.csv +++ b/gossipd/gossip_wire.csv @@ -1,11 +1,3 @@ -# These are fatal. -gossipstatus_init_failed,0x8000 -gossipstatus_bad_new_peer_request,0x8001 -gossipstatus_bad_release_request,0x8002 -gossipstatus_bad_fail_request,0x8003 -gossipstatus_bad_request,0x8004 -gossipstatus_fdpass_failed,0x8005 - # Peers can give a bad message, we close their fd, but no harm done. gossipstatus_peer_bad_msg,1000 gossipstatus_peer_bad_msg,,unique_id,8 diff --git a/handshaked/handshake.c b/handshaked/handshake.c index 43e5bd917..15f1ef4e9 100644 --- a/handshaked/handshake.c +++ b/handshaked/handshake.c @@ -335,7 +335,8 @@ static void act_one_initiator(struct handshake *h, int fd, */ if (!secp256k1_ecdh(secp256k1_ctx, h->ss.data, &their_id->pubkey, h->e.priv.secret.data)) - status_failed(WIRE_INITR_ACT1_BAD_ECDH_FOR_SS, "%s", ""); + status_failed(STATUS_FAIL_PEER_BAD, + "WIRE_INITR_ACT1_BAD_ECDH_FOR_SS: %s", ""); status_trace("# ss=0x%s", tal_hexstr(trc, h->ss.data, sizeof(h->ss.data))); /* BOLT #8: @@ -378,8 +379,9 @@ static void act_one_initiator(struct handshake *h, int fd, SECP256K1_EC_COMPRESSED); status_trace("output: 0x%s", tal_hexstr(trc, &act1, ACT_ONE_SIZE)); if (!write_all(fd, &act1, ACT_ONE_SIZE)) - status_failed(WIRE_INITR_ACT1_WRITE_FAILED, - "%s", strerror(errno)); + status_failed(STATUS_FAIL_PEER_IO, + "WIRE_INITR_ACT1_WRITE_FAILED: %s", + strerror(errno)); } static void act_one_responder(struct handshake *h, int fd, struct pubkey *re) @@ -399,8 +401,9 @@ static void act_one_responder(struct handshake *h, int fd, struct pubkey *re) * `m` */ if (!read_all(fd, &act1, ACT_ONE_SIZE)) - status_failed(WIRE_RESPR_ACT1_READ_FAILED, - "%s", strerror(errno)); + status_failed(STATUS_FAIL_PEER_IO, + "WIRE_RESPR_ACT1_READ_FAILED: %s", + strerror(errno)); status_trace("input: 0x%s", tal_hexstr(trc, &act1, ACT_ONE_SIZE)); /* BOLT #8: @@ -409,7 +412,8 @@ static void act_one_responder(struct handshake *h, int fd, struct pubkey *re) * MUST abort the connection attempt. */ if (act1.v != 0) - status_failed(WIRE_RESPR_ACT1_BAD_VERSION, "%u", act1.v); + status_failed(STATUS_FAIL_PEER_BAD, + "WIRE_RESPR_ACT1_BAD_VERSION: %u", act1.v); /* BOLT #8: * * The raw bytes of the remote party's ephemeral public key @@ -419,7 +423,8 @@ static void act_one_responder(struct handshake *h, int fd, struct pubkey *re) */ if (secp256k1_ec_pubkey_parse(secp256k1_ctx, &re->pubkey, act1.pubkey, sizeof(act1.pubkey)) != 1) - status_failed(WIRE_RESPR_ACT1_BAD_PUBKEY, "%s", + status_failed(STATUS_FAIL_PEER_BAD, + "WIRE_RESPR_ACT1_BAD_PUBKEY: %s", tal_hexstr(trc, &act1.pubkey, sizeof(act1.pubkey))); status_trace("# re=0x%s", type_to_string(trc, struct pubkey, re)); @@ -439,8 +444,8 @@ static void act_one_responder(struct handshake *h, int fd, struct pubkey *re) * key and the initiator's ephemeral public key. */ if (!hsm_do_ecdh(&h->ss, re)) - status_failed(WIRE_RESPR_ACT1_BAD_HSM_ECDH, - "re=%s", + status_failed(STATUS_FAIL_PEER_BAD, + "WIRE_RESPR_ACT1_BAD_HSM_ECDH: re=%s", type_to_string(trc, struct pubkey, re)); status_trace("# ss=0x%s", tal_hexstr(trc, &h->ss, sizeof(h->ss))); @@ -466,7 +471,8 @@ static void act_one_responder(struct handshake *h, int fd, struct pubkey *re) */ if (!decrypt(&h->temp_k, 0, &h->h, sizeof(h->h), act1.tag, sizeof(act1.tag), NULL, 0)) - status_failed(WIRE_RESPR_ACT1_BAD_TAG, "re=%s ss=%s tag=%s", + status_failed(STATUS_FAIL_PEER_BAD, + "WIRE_RESPR_ACT1_BAD_TAG: re=%s ss=%s tag=%s", type_to_string(trc, struct pubkey, re), tal_hexstr(trc, &h->ss, sizeof(h->ss)), tal_hexstr(trc, act1.tag, sizeof(act1.tag))); @@ -545,7 +551,8 @@ static void act_two_responder(struct handshake *h, int fd, */ if (!secp256k1_ecdh(secp256k1_ctx, h->ss.data, &re->pubkey, h->e.priv.secret.data)) - status_failed(WIRE_RESPR_ACT2_BAD_ECDH_FOR_SS, "re=%s e.priv=%s", + status_failed(STATUS_FAIL_PEER_BAD, + "WIRE_RESPR_ACT2_BAD_ECDH_FOR_SS: re=%s e.priv=%s", type_to_string(trc, struct pubkey, re), tal_hexstr(trc, &h->e.priv, sizeof(h->e.priv))); status_trace("# ss=0x%s", tal_hexstr(trc, &h->ss, sizeof(h->ss))); @@ -590,8 +597,9 @@ static void act_two_responder(struct handshake *h, int fd, SECP256K1_EC_COMPRESSED); status_trace("output: 0x%s", tal_hexstr(trc, &act2, ACT_TWO_SIZE)); if (!write_all(fd, &act2, ACT_TWO_SIZE)) - status_failed(WIRE_RESPR_ACT2_WRITE_FAILED, - "%s", strerror(errno)); + status_failed(STATUS_FAIL_PEER_IO, + "WIRE_RESPR_ACT2_WRITE_FAILED: %s", + strerror(errno)); } static void act_two_initiator(struct handshake *h, int fd, struct pubkey *re) @@ -611,8 +619,9 @@ static void act_two_initiator(struct handshake *h, int fd, struct pubkey *re) * `m` */ if (!read_all(fd, &act2, ACT_TWO_SIZE)) - status_failed(WIRE_INITR_ACT2_READ_FAILED, - "%s", strerror(errno)); + status_failed(STATUS_FAIL_PEER_IO, + "WIRE_INITR_ACT2_READ_FAILED: %s", + strerror(errno)); status_trace("input: 0x%s", tal_hexstr(trc, &act2, ACT_TWO_SIZE)); /* BOLT #8: @@ -621,7 +630,8 @@ static void act_two_initiator(struct handshake *h, int fd, struct pubkey *re) * MUST abort the connection attempt. */ if (act2.v != 0) - status_failed(WIRE_INITR_ACT2_BAD_VERSION, "%u", act2.v); + status_failed(STATUS_FAIL_PEER_BAD, + "WIRE_INITR_ACT2_BAD_VERSION: %u", act2.v); /* BOLT #8: * @@ -632,7 +642,8 @@ static void act_two_initiator(struct handshake *h, int fd, struct pubkey *re) */ if (secp256k1_ec_pubkey_parse(secp256k1_ctx, &re->pubkey, act2.pubkey, sizeof(act2.pubkey)) != 1) - status_failed(WIRE_INITR_ACT2_BAD_PUBKEY, "%s", + status_failed(STATUS_FAIL_PEER_BAD, + "WIRE_INITR_ACT2_BAD_PUBKEY: %s", tal_hexstr(trc, &act2.pubkey, sizeof(act2.pubkey))); status_trace("# re=0x%s", type_to_string(trc, struct pubkey, re)); @@ -650,7 +661,8 @@ static void act_two_initiator(struct handshake *h, int fd, struct pubkey *re) */ if (!secp256k1_ecdh(secp256k1_ctx, h->ss.data, &re->pubkey, h->e.priv.secret.data)) - status_failed(WIRE_INITR_ACT2_BAD_ECDH_FOR_SS, "re=%s e.priv=%s", + status_failed(STATUS_FAIL_PEER_BAD, + "WIRE_INITR_ACT2_BAD_ECDH_FOR_SS: re=%s e.priv=%s", type_to_string(trc, struct pubkey, re), tal_hexstr(trc, &h->e.priv, sizeof(h->e.priv))); status_trace("# ss=0x%s", tal_hexstr(trc, &h->ss, sizeof(h->ss))); @@ -674,7 +686,8 @@ static void act_two_initiator(struct handshake *h, int fd, struct pubkey *re) */ if (!decrypt(&h->temp_k, 0, &h->h, sizeof(h->h), act2.tag, sizeof(act2.tag), NULL, 0)) - status_failed(WIRE_INITR_ACT2_BAD_TAG, "c=%s", + status_failed(STATUS_FAIL_PEER_BAD, + "WIRE_INITR_ACT2_BAD_TAG: c=%s", tal_hexstr(trc, act2.tag, sizeof(act2.tag))); /* BOLT #8: @@ -754,8 +767,8 @@ static void act_three_initiator(struct handshake *h, int fd, * */ if (!hsm_do_ecdh(&h->ss, re)) - status_failed(WIRE_INITR_ACT3_BAD_HSM_ECDH, - "re=%s", + status_failed(STATUS_FAIL_PEER_BAD, + "WIRE_INITR_ACT3_BAD_HSM_ECDH: re=%s", type_to_string(trc, struct pubkey, re)); status_trace("# ss=0x%s", tal_hexstr(trc, &h->ss, sizeof(h->ss))); @@ -789,8 +802,9 @@ static void act_three_initiator(struct handshake *h, int fd, status_trace("output: 0x%s", tal_hexstr(trc, &act3, ACT_THREE_SIZE)); if (!write_all(fd, &act3, ACT_THREE_SIZE)) - status_failed(WIRE_INITR_ACT3_WRITE_FAILED, - "%s", strerror(errno)); + status_failed(STATUS_FAIL_PEER_IO, + "WIRE_INITR_ACT3_WRITE_FAILED: %s", + strerror(errno)); } static void act_three_responder(struct handshake *h, int fd, @@ -808,8 +822,9 @@ static void act_three_responder(struct handshake *h, int fd, * * Read _exactly_ `66-bytes` from the network buffer. */ if (!read_all(fd, &act3, ACT_THREE_SIZE)) - status_failed(WIRE_RESPR_ACT3_READ_FAILED, - "%s", strerror(errno)); + status_failed(STATUS_FAIL_PEER_IO, + "WIRE_RESPR_ACT3_READ_FAILED: %s", + strerror(errno)); status_trace("input: 0x%s", tal_hexstr(trc, &act3, ACT_THREE_SIZE)); /* BOLT #8: @@ -823,7 +838,8 @@ static void act_three_responder(struct handshake *h, int fd, * abort the connection attempt. */ if (act3.v != 0) - status_failed(WIRE_RESPR_ACT3_BAD_VERSION, "%u", act3.v); + status_failed(STATUS_FAIL_PEER_BAD, + "WIRE_RESPR_ACT3_BAD_VERSION: %u", act3.v); /* BOLT #8: * @@ -834,15 +850,16 @@ static void act_three_responder(struct handshake *h, int fd, if (!decrypt(&h->temp_k, 1, &h->h, sizeof(h->h), act3.ciphertext, sizeof(act3.ciphertext), der, sizeof(der))) - status_failed(WIRE_RESPR_ACT3_BAD_CIPHERTEXT, - "ciphertext=%s", + status_failed(STATUS_FAIL_PEER_BAD, + "WIRE_RESPR_ACT3_BAD_CIPHERTEXT: ciphertext=%s", tal_hexstr(trc, act3.ciphertext, sizeof(act3.ciphertext))); status_trace("# rs=0x%s", tal_hexstr(trc, der, sizeof(der))); if (secp256k1_ec_pubkey_parse(secp256k1_ctx, &their_id->pubkey, der, sizeof(der)) != 1) - status_failed(WIRE_RESPR_ACT3_BAD_PUBKEY, "%s", + status_failed(STATUS_FAIL_PEER_BAD, + "WIRE_RESPR_ACT3_BAD_PUBKEY: %s", tal_hexstr(trc, &der, sizeof(der))); /* BOLT #8: @@ -860,7 +877,8 @@ static void act_three_responder(struct handshake *h, int fd, */ if (!secp256k1_ecdh(secp256k1_ctx, h->ss.data, &their_id->pubkey, h->e.priv.secret.data)) - status_failed(WIRE_RESPR_ACT3_BAD_ECDH_FOR_SS, "rs=%s e.priv=%s", + status_failed(STATUS_FAIL_PEER_BAD, + "WIRE_RESPR_ACT3_BAD_ECDH_FOR_SS: rs=%s e.priv=%s", type_to_string(trc, struct pubkey, their_id), tal_hexstr(trc, &h->e.priv, sizeof(h->e.priv))); status_trace("# ss=0x%s", tal_hexstr(trc, &h->ss, sizeof(h->ss))); @@ -881,7 +899,8 @@ static void act_three_responder(struct handshake *h, int fd, */ if (!decrypt(&h->temp_k, 0, &h->h, sizeof(h->h), act3.tag, sizeof(act3.tag), NULL, 0)) - status_failed(WIRE_RESPR_ACT3_BAD_TAG, "temp_k3=%s h=%s t=%s", + status_failed(STATUS_FAIL_PEER_BAD, + "WIRE_RESPR_ACT3_BAD_TAG: temp_k3=%s h=%s t=%s", tal_hexstr(trc, &h->temp_k, sizeof(h->temp_k)), tal_hexstr(trc, &h->h, sizeof(h->h)), tal_hexstr(trc, act3.tag, sizeof(act3.tag))); @@ -976,7 +995,8 @@ static void exchange_init(int fd, struct crypto_state *cs, localfeatures = tal_free(localfeatures); if (!sync_crypto_write(cs, fd, msg)) - status_failed(WIRE_INITMSG_WRITE_FAILED, "%s", strerror(errno)); + status_failed(STATUS_FAIL_PEER_IO, + "PEER_WRITE_FAILED: %s", strerror(errno)); /* BOLT #1: * @@ -985,10 +1005,11 @@ static void exchange_init(int fd, struct crypto_state *cs, */ msg = sync_crypto_read(NULL, cs, fd); if (!msg) - status_failed(WIRE_INITMSG_READ_FAILED, "%s", strerror(errno)); + status_failed(STATUS_FAIL_PEER_IO, + "INITMSG_READ_FAILED: %s", strerror(errno)); if (!fromwire_init(msg, msg, NULL, gfeatures, lfeatures)) - status_failed(WIRE_INITMSG_READ_FAILED, "bad init: %s", + status_failed(STATUS_FAIL_PEER_BAD, "bad init: %s", tal_hex(msg, msg)); } @@ -1015,8 +1036,6 @@ int main(int argc, char *argv[]) hsm_setup(hsmfd); msg = wire_sync_read(NULL, REQ_FD); - if (!msg) - status_failed(WIRE_HANDSHAKE_BAD_COMMAND, "%s", strerror(errno)); if (fromwire_handshake_responder(msg, NULL, &my_id)) { responder(clientfd, &my_id, &their_id, &ck, &sk, &rk); @@ -1045,8 +1064,7 @@ int main(int argc, char *argv[]) gfeatures, lfeatures)); } else - status_failed(WIRE_HANDSHAKE_BAD_COMMAND, "%i", - fromwire_peektype(msg)); + master_badmsg(WIRE_HANDSHAKE_INITIATOR, msg); /* Hand back the fd. */ fdpass_send(REQ_FD, clientfd); diff --git a/handshaked/handshake_wire.csv b/handshaked/handshake_wire.csv index 7c0e19a24..1452ca5c6 100644 --- a/handshaked/handshake_wire.csv +++ b/handshaked/handshake_wire.csv @@ -1,29 +1,4 @@ #include -handshake_bad_command,0x8000 -initr_act1_bad_ecdh_for_ss,0x8011 -initr_act1_write_failed,0x8012 -initr_act2_read_failed,0x8013 -initr_act2_bad_version,0x8014 -initr_act2_bad_pubkey,0x8015 -initr_act2_bad_ecdh_for_ss,0x8016 -initr_act2_bad_tag,0x8017 -initr_act3_bad_hsm_ecdh,0x8018 -initr_act3_write_failed,0x8019 -respr_act1_read_failed,0x801A -respr_act1_bad_version,0x801B -respr_act1_bad_pubkey,0x801C -respr_act1_bad_hsm_ecdh,0x801D -respr_act1_bad_tag,0x801E -respr_act2_bad_ecdh_for_ss,0x801F -respr_act2_write_failed,0x8020 -respr_act3_read_failed,0x8021 -respr_act3_bad_version,0x8022 -respr_act3_bad_ciphertext,0x8023 -respr_act3_bad_pubkey,0x8024 -respr_act3_bad_ecdh_for_ss,0x8025 -respr_act3_bad_tag,0x8026 -initmsg_write_failed,0x8030 -initmsg_read_failed,0x8031 # FIXME: This is probably too finegrained. initr_act_one,1001 diff --git a/hsmd/hsm.c b/hsmd/hsm.c index 243ebf64c..63c8eea84 100644 --- a/hsmd/hsm.c +++ b/hsmd/hsm.c @@ -297,12 +297,12 @@ static void populate_secretstuff(void) /* Hence child 0, then child 0 again to get extkey to derive from. */ if (bip32_key_from_parent(&master_extkey, 0, BIP32_FLAG_KEY_PRIVATE, &child_extkey) != WALLY_OK) - status_failed(WIRE_HSMSTATUS_KEY_FAILED, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "Can't derive child bip32 key"); if (bip32_key_from_parent(&child_extkey, 0, BIP32_FLAG_KEY_PRIVATE, &secretstuff.bip32) != WALLY_OK) - status_failed(WIRE_HSMSTATUS_KEY_FAILED, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "Can't derive private bip32 key"); } @@ -311,17 +311,17 @@ static void bitcoin_pubkey(struct pubkey *pubkey, u32 index) struct ext_key ext; if (index >= BIP32_INITIAL_HARDENED_CHILD) - status_failed(WIRE_HSMSTATUS_KEY_FAILED, + status_failed(STATUS_FAIL_MASTER_IO, "Index %u too great", index); if (bip32_key_from_parent(&secretstuff.bip32, index, BIP32_FLAG_KEY_PUBLIC, &ext) != WALLY_OK) - status_failed(WIRE_HSMSTATUS_KEY_FAILED, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "BIP32 of %u failed", index); if (!secp256k1_ec_pubkey_parse(secp256k1_ctx, &pubkey->pubkey, ext.pub_key, sizeof(ext.pub_key))) - status_failed(WIRE_HSMSTATUS_KEY_FAILED, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "Parse of BIP32 child %u pubkey failed", index); } @@ -332,19 +332,19 @@ static void bitcoin_keypair(struct privkey *privkey, struct ext_key ext; if (index >= BIP32_INITIAL_HARDENED_CHILD) - status_failed(WIRE_HSMSTATUS_KEY_FAILED, + status_failed(STATUS_FAIL_MASTER_IO, "Index %u too great", index); if (bip32_key_from_parent(&secretstuff.bip32, index, BIP32_FLAG_KEY_PRIVATE, &ext) != WALLY_OK) - status_failed(WIRE_HSMSTATUS_KEY_FAILED, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "BIP32 of %u failed", index); /* libwally says: The private key with prefix byte 0 */ memcpy(privkey->secret.data, ext.priv_key+1, 32); if (!secp256k1_ec_pubkey_create(secp256k1_ctx, &pubkey->pubkey, privkey->secret.data)) - status_failed(WIRE_HSMSTATUS_KEY_FAILED, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "BIP32 pubkey %u create failed", index); } @@ -352,29 +352,29 @@ static void create_new_hsm(struct daemon_conn *master) { int fd = open("hsm_secret", O_CREAT|O_EXCL|O_WRONLY, 0400); if (fd < 0) - status_failed(WIRE_HSMSTATUS_INIT_FAILED, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "creating: %s", strerror(errno)); randombytes_buf(&secretstuff.hsm_secret, sizeof(secretstuff.hsm_secret)); if (!write_all(fd, &secretstuff.hsm_secret, sizeof(secretstuff.hsm_secret))) { unlink_noerr("hsm_secret"); - status_failed(WIRE_HSMSTATUS_INIT_FAILED, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "writing: %s", strerror(errno)); } if (fsync(fd) != 0) { unlink_noerr("hsm_secret"); - status_failed(WIRE_HSMSTATUS_INIT_FAILED, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "fsync: %s", strerror(errno)); } if (close(fd) != 0) { unlink_noerr("hsm_secret"); - status_failed(WIRE_HSMSTATUS_INIT_FAILED, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "closing: %s", strerror(errno)); } fd = open(".", O_RDONLY); if (fsync(fd) != 0) { unlink_noerr("hsm_secret"); - status_failed(WIRE_HSMSTATUS_INIT_FAILED, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "fsyncdir: %s", strerror(errno)); } close(fd); @@ -386,10 +386,10 @@ static void load_hsm(struct daemon_conn *master) { int fd = open("hsm_secret", O_RDONLY); if (fd < 0) - status_failed(WIRE_HSMSTATUS_INIT_FAILED, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "opening: %s", strerror(errno)); if (!read_all(fd, &secretstuff.hsm_secret, sizeof(secretstuff.hsm_secret))) - status_failed(WIRE_HSMSTATUS_INIT_FAILED, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "reading: %s", strerror(errno)); close(fd); @@ -401,8 +401,8 @@ static void init_hsm(struct daemon_conn *master, const u8 *msg) bool new; if (!fromwire_hsmctl_init(msg, NULL, &new)) - status_failed(WIRE_HSMSTATUS_BAD_REQUEST, "hsmctl_init: %s", - tal_hex(msg, msg)); + master_badmsg(WIRE_HSMCTL_INIT, msg); + if (new) create_new_hsm(master); else @@ -417,10 +417,10 @@ static void pass_hsmfd_ecdh(struct daemon_conn *master, const u8 *msg) u64 id; if (!fromwire_hsmctl_hsmfd_ecdh(msg, NULL, &id)) - status_failed(WIRE_HSMSTATUS_BAD_REQUEST, "bad HSMFD_ECDH"); + master_badmsg(WIRE_HSMCTL_HSMFD_ECDH, msg); if (socketpair(AF_UNIX, SOCK_STREAM, 0, fds) != 0) - status_failed(WIRE_HSMSTATUS_FD_FAILED, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "creating fds: %s", strerror(errno)); new_client(master, id, handle_ecdh, fds[0]); @@ -436,10 +436,10 @@ static void pass_hsmfd_channeld(struct daemon_conn *master, const u8 *msg) u64 id; if (!fromwire_hsmctl_hsmfd_channeld(msg, NULL, &id)) - status_failed(WIRE_HSMSTATUS_BAD_REQUEST, "bad HSMFD_CHANNELD"); + master_badmsg(WIRE_HSMCTL_HSMFD_CHANNELD, msg); if (socketpair(AF_UNIX, SOCK_STREAM, 0, fds) != 0) - status_failed(WIRE_HSMSTATUS_FD_FAILED, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "creating fds: %s", strerror(errno)); new_client(master, id, handle_channeld, fds[0]); @@ -470,7 +470,7 @@ static void sign_funding_tx(struct daemon_conn *master, const u8 *msg) &satoshi_out, &change_out, &change_keyindex, &local_pubkey, &remote_pubkey, &inputs)) - status_failed(WIRE_HSMSTATUS_BAD_REQUEST, "Bad SIGN_FUNDING"); + master_badmsg(WIRE_HSMCTL_SIGN_FUNDING, msg); utxomap = to_utxoptr_arr(tmpctx, inputs); @@ -630,18 +630,13 @@ static struct io_plan *control_received_req(struct io_conn *conn, case WIRE_HSMCTL_HSMFD_CHANNELD_REPLY: case WIRE_HSMCTL_SIGN_FUNDING_REPLY: case WIRE_HSMCTL_SIGN_WITHDRAWAL_REPLY: - case WIRE_HSMSTATUS_INIT_FAILED: - case WIRE_HSMSTATUS_WRITEMSG_FAILED: - case WIRE_HSMSTATUS_BAD_REQUEST: - case WIRE_HSMSTATUS_FD_FAILED: - case WIRE_HSMSTATUS_KEY_FAILED: case WIRE_HSMSTATUS_CLIENT_BAD_REQUEST: case WIRE_HSMCTL_NODE_ANNOUNCEMENT_SIG_REPLY: break; } - /* Control shouldn't give bad requests. */ - status_failed(WIRE_HSMSTATUS_BAD_REQUEST, "%i", t); + /* Master shouldn't give bad requests. */ + status_failed(STATUS_FAIL_MASTER_IO, "%i", t); } #ifndef TESTING diff --git a/hsmd/hsm_wire.csv b/hsmd/hsm_wire.csv index 228e90521..e6b4b680c 100644 --- a/hsmd/hsm_wire.csv +++ b/hsmd/hsm_wire.csv @@ -1,10 +1,3 @@ -# These are fatal. -hsmstatus_init_failed,0x8000 -hsmstatus_writemsg_failed,0x8001 -hsmstatus_bad_request,0x8002 -hsmstatus_fd_failed,0x8003 -hsmstatus_key_failed,0x8004 - # Clients should not give a bad request but not the HSM's decision to crash. hsmstatus_client_bad_request,1000 hsmstatus_client_bad_request,,unique_id,8 diff --git a/lightningd/gossip_control.c b/lightningd/gossip_control.c index b72036eb8..069691c8b 100644 --- a/lightningd/gossip_control.c +++ b/lightningd/gossip_control.c @@ -92,14 +92,6 @@ static int gossip_msg(struct subd *gossip, const u8 *msg, const int *fds) enum gossip_wire_type t = fromwire_peektype(msg); switch (t) { - /* subd already logs fatal errors. */ - case WIRE_GOSSIPSTATUS_INIT_FAILED: - case WIRE_GOSSIPSTATUS_BAD_NEW_PEER_REQUEST: - case WIRE_GOSSIPSTATUS_BAD_REQUEST: - case WIRE_GOSSIPSTATUS_FDPASS_FAILED: - case WIRE_GOSSIPSTATUS_BAD_RELEASE_REQUEST: - case WIRE_GOSSIPSTATUS_BAD_FAIL_REQUEST: - break; /* These are messages we send, not them. */ case WIRE_GOSSIPCTL_INIT: case WIRE_GOSSIPCTL_NEW_PEER: @@ -146,7 +138,7 @@ void gossip_init(struct lightningd *ld) u8 *init; ld->gossip = new_subd(ld, ld, "lightning_gossipd", NULL, gossip_wire_type_name, - gossip_msg, gossip_finished, NULL); + gossip_msg, NULL, gossip_finished, NULL); if (!ld->gossip) err(1, "Could not subdaemon gossip"); diff --git a/lightningd/new_connection.c b/lightningd/new_connection.c index 956c10116..5cb79f860 100644 --- a/lightningd/new_connection.c +++ b/lightningd/new_connection.c @@ -223,7 +223,7 @@ static struct io_plan *hsm_then_handshake(struct io_conn *conn, handshaked = new_subd(ld, ld, "lightning_handshaked", NULL, handshake_wire_type_name, - NULL, NULL, + NULL, NULL, NULL, take(&hsmfd), take(&connfd), NULL); if (!handshaked) { log_unusual(ld->log, "Could not subdaemon handshake: %s", diff --git a/lightningd/peer_control.c b/lightningd/peer_control.c index b52eb8a0c..70e94a3f4 100644 --- a/lightningd/peer_control.c +++ b/lightningd/peer_control.c @@ -219,6 +219,12 @@ void peer_fail_transient(struct peer *peer, const char *fmt, ...) } } +/* When daemon reports a STATUS_FAIL_PEER_BAD, it goes here. */ +static void bad_peer(struct subd *subd, const char *msg) +{ + peer_fail_permanent_str(subd->peer, msg); +} + void peer_set_condition(struct peer *peer, enum peer_state old_state, enum peer_state state) { @@ -1177,12 +1183,6 @@ static int onchain_msg(struct subd *sd, const u8 *msg, const int *fds) enum onchain_wire_type t = fromwire_peektype(msg); switch (t) { - /* We let peer_onchain_finished handle these. */ - case WIRE_ONCHAIN_BAD_COMMAND: - case WIRE_ONCHAIN_INTERNAL_ERROR: - case WIRE_ONCHAIN_CRYPTO_FAILED: - break; - case WIRE_ONCHAIN_INIT_REPLY: return handle_onchain_init_reply(sd->peer, msg); @@ -1235,7 +1235,7 @@ static enum watch_result funding_spent(struct peer *peer, "lightning_onchaind", peer, onchain_wire_type_name, onchain_msg, - peer_onchain_finished, + NULL, peer_onchain_finished, NULL, NULL); if (!peer->owner) { @@ -1598,52 +1598,6 @@ static int peer_got_shutdown(struct peer *peer, const u8 *msg) return 0; } -static int channeld_got_bad_message(struct peer *peer, const u8 *msg) -{ - u8 *err; - - /* Don't try to fail this (again!) when owner dies. */ - peer->owner = NULL; - if (!fromwire_channel_peer_bad_message(peer, NULL, NULL, &err)) - peer_fail_permanent_str(peer, - "Internal error after bad message"); - else - peer_fail_permanent(peer, take(err)); - - /* Kill daemon (though it's dying anyway) */ - return -1; -} - -static int closingd_got_bad_message(struct peer *peer, const u8 *msg) -{ - u8 *err; - - /* Don't try to fail this (again!) when owner dies. */ - peer->owner = NULL; - if (!fromwire_closing_peer_bad_message(peer, NULL, NULL, &err)) - peer_fail_permanent_str(peer, - "Internal error after bad message"); - else - peer_fail_permanent(peer, take(err)); - - /* Kill daemon (though it's dying anyway) */ - return -1; -} - -static int closingd_got_negotiation_error(struct peer *peer, const u8 *msg) -{ - u8 *err; - - if (!fromwire_closing_negotiation_error(peer, NULL, NULL, &err)) - peer_internal_error(peer, "Bad closing_negotiation %s", - tal_hex(peer, msg)); - else - peer_internal_error(peer, "%s", err); - - /* Kill daemon (though it's dying anyway) */ - return -1; -} - void peer_last_tx(struct peer *peer, struct bitcoin_tx *tx, const secp256k1_ecdsa_signature *sig) { @@ -1739,20 +1693,6 @@ static int closing_msg(struct subd *sd, const u8 *msg, const int *fds) enum closing_wire_type t = fromwire_peektype(msg); switch (t) { - /* We let peer_owner_finished handle these as transient errors. */ - case WIRE_CLOSING_BAD_COMMAND: - case WIRE_CLOSING_GOSSIP_FAILED: - case WIRE_CLOSING_INTERNAL_ERROR: - case WIRE_CLOSING_PEER_READ_FAILED: - case WIRE_CLOSING_PEER_WRITE_FAILED: - return -1; - - /* These are permanent errors. */ - case WIRE_CLOSING_PEER_BAD_MESSAGE: - return closingd_got_bad_message(sd->peer, msg); - case WIRE_CLOSING_NEGOTIATION_ERROR: - return closingd_got_negotiation_error(sd->peer, msg); - case WIRE_CLOSING_RECEIVED_SIGNATURE: return peer_received_closing_signature(sd->peer, msg); @@ -1794,6 +1734,7 @@ static void peer_start_closingd(struct peer *peer, "lightning_closingd", peer, closing_wire_type_name, closing_msg, + bad_peer, peer_owner_finished, take(&peer_fd), take(&gossip_fd), NULL); @@ -1898,20 +1839,6 @@ static int channel_msg(struct subd *sd, const u8 *msg, const int *fds) case WIRE_CHANNEL_SHUTDOWN_COMPLETE: return peer_start_closingd_after_shutdown(sd->peer, msg, fds); - /* We let peer_owner_finished handle these as transient errors. */ - case WIRE_CHANNEL_BAD_COMMAND: - case WIRE_CHANNEL_HSM_FAILED: - case WIRE_CHANNEL_CRYPTO_FAILED: - case WIRE_CHANNEL_GOSSIP_BAD_MESSAGE: - case WIRE_CHANNEL_INTERNAL_ERROR: - case WIRE_CHANNEL_PEER_WRITE_FAILED: - case WIRE_CHANNEL_PEER_READ_FAILED: - return -1; - - /* This is a permanent error. */ - case WIRE_CHANNEL_PEER_BAD_MESSAGE: - return channeld_got_bad_message(sd->peer, msg); - /* And we never get these from channeld. */ case WIRE_CHANNEL_INIT: case WIRE_CHANNEL_FUNDING_LOCKED: @@ -1981,6 +1908,7 @@ static bool peer_start_channeld(struct peer *peer, "lightning_channeld", peer, channel_wire_type_name, channel_msg, + bad_peer, peer_owner_finished, take(&peer_fd), take(&gossip_fd), @@ -2330,7 +2258,7 @@ void peer_fundee_open(struct peer *peer, const u8 *from_peer, peer_set_condition(peer, GOSSIPD, OPENINGD); peer->owner = new_subd(ld, ld, "lightning_openingd", peer, opening_wire_type_name, - NULL, peer_owner_finished, + NULL, bad_peer, peer_owner_finished, take(&peer_fd), take(&gossip_fd), NULL); if (!peer->owner) { @@ -2414,7 +2342,7 @@ static bool gossip_peer_released(struct subd *gossip, opening = new_subd(fc->peer->ld, ld, "lightning_openingd", fc->peer, opening_wire_type_name, - NULL, peer_owner_finished, + NULL, bad_peer, peer_owner_finished, take(&fds[0]), take(&fds[1]), NULL); if (!opening) { peer_fail_transient(fc->peer, "Failed to subdaemon opening: %s", diff --git a/lightningd/subd.c b/lightningd/subd.c index a5e1aa21c..695938658 100644 --- a/lightningd/subd.c +++ b/lightningd/subd.c @@ -2,6 +2,7 @@ #include #include #include +#include #include #include #include @@ -295,16 +296,82 @@ static struct io_plan *sd_collect_fds(struct io_conn *conn, struct subd *sd, return read_fds(conn, sd); } +/* Don't trust, verify. Returns NULL if contains weird stuff. */ +static const char *string_from_msg(const u8 *msg, int *str_len) +{ + size_t len = tal_count(msg) - sizeof(be16), i; + + for (i = 0; i < len; i++) { + if (!cisprint((char)msg[sizeof(be16) + i])) { + *str_len = 0; + return NULL; + } + } + *str_len = len; + return (const char *)(msg + sizeof(be16)); +} + +static void subdaemon_malformed_msg(struct subd *sd, const u8 *msg) +{ + log_broken(sd->log, "%i: malformed string '%.s'", + fromwire_peektype(msg), + tal_hexstr(msg, + msg + sizeof(be16), + tal_count(msg) - sizeof(be16))); +} + +/* Returns true if logged, false if malformed. */ +static bool log_status_fail(struct subd *sd, + enum status_fail type, const char *str, int str_len) +{ + const char *name; + + /* No 'default:' here so gcc gives warning if a new type added */ + switch (type) { + case STATUS_FAIL_MASTER_IO: + name = "STATUS_FAIL_MASTER_IO"; + goto log_str_broken; + case STATUS_FAIL_HSM_IO: + name = "STATUS_FAIL_HSM_IO"; + goto log_str_broken; + case STATUS_FAIL_GOSSIP_IO: + name = "STATUS_FAIL_GOSSIP_IO"; + goto log_str_broken; + case STATUS_FAIL_INTERNAL_ERROR: + name = "STATUS_FAIL_INTERNAL_ERROR"; + goto log_str_broken; + + /* + * These errors happen when the other peer misbehaves: + */ + case STATUS_FAIL_PEER_IO: + name = "STATUS_FAIL_PEER_IO"; + goto log_str_peer; + case STATUS_FAIL_PEER_BAD: + name = "STATUS_FAIL_PEER_BAD"; + goto log_str_peer; + } + return false; + + /* Peers misbehaving is expected. */ +log_str_peer: + log_info(sd->log, "%s: %.*s", name, str_len, str); + return true; + +/* Shouldn't happen. */ +log_str_broken: + log_broken(sd->log, "%s: %.*s", name, str_len, str); + return true; +} + static struct io_plan *sd_msg_read(struct io_conn *conn, struct subd *sd) { int type = fromwire_peektype(sd->msg_in); - const char *str; - int str_len; const tal_t *tmpctx; struct subd_req *sr; if (type == -1) { - log_unusual(sd->log, "ERROR: Invalid msg output"); + subdaemon_malformed_msg(sd, sd->msg_in); return io_close(conn); } @@ -322,33 +389,52 @@ static struct io_plan *sd_msg_read(struct io_conn *conn, struct subd *sd) tmpctx = tal_tmpctx(sd); tal_steal(tmpctx, sd->msg_in); - /* If it's a string. */ - str_len = tal_count(sd->msg_in) - sizeof(be16); - str = (const char *)sd->msg_in + sizeof(be16); - - if (type == STATUS_TRACE) + if (type == STATUS_TRACE) { + int str_len; + const char *str = string_from_msg(sd->msg_in, &str_len); + if (!str) { + subdaemon_malformed_msg(sd, sd->msg_in); + return io_close(conn); + } log_debug(sd->log, "TRACE: %.*s", str_len, str); - else { - if (type & STATUS_FAIL) - log_unusual(sd->log, "FAILURE %s: %.*s", - sd->msgname(type), str_len, str); - else - log_info(sd->log, "UPDATE %s", sd->msgname(type)); + goto next; + } else if (type & STATUS_FAIL) { + int str_len; + const char *str = string_from_msg(sd->msg_in, &str_len); + if (!str) { + subdaemon_malformed_msg(sd, sd->msg_in); + return io_close(conn); + } - if (sd->msgcb) { - int i = sd->msgcb(sd, sd->msg_in, sd->fds_in); - if (i < 0) - return io_close(conn); - if (i != 0) { - /* Don't ask for fds twice! */ - assert(!sd->fds_in); - /* Don't free msg_in: we go around again. */ - tal_steal(sd, sd->msg_in); - tal_free(tmpctx); - return sd_collect_fds(conn, sd, i); - } + if (!log_status_fail(sd, type, str, str_len)) { + subdaemon_malformed_msg(sd, sd->msg_in); + return io_close(conn); + } + + /* If they care, tell them about invalid peer behavior */ + if (sd->peerbadcb && type == STATUS_FAIL_PEER_BAD) { + const char *errmsg = tal_fmt(sd, "%.*s", str_len, str); + sd->peerbadcb(sd, errmsg); + } + return io_close(conn); + } + + log_info(sd->log, "UPDATE %s", sd->msgname(type)); + if (sd->msgcb) { + int i = sd->msgcb(sd, sd->msg_in, sd->fds_in); + if (i < 0) + return io_close(conn); + if (i != 0) { + /* Don't ask for fds twice! */ + assert(!sd->fds_in); + /* Don't free msg_in: we go around again. */ + tal_steal(sd, sd->msg_in); + tal_free(tmpctx); + return sd_collect_fds(conn, sd, i); } } + +next: sd->msg_in = NULL; sd->fds_in = tal_free(sd->fds_in); tal_free(tmpctx); @@ -406,14 +492,14 @@ static struct io_plan *msg_setup(struct io_conn *conn, struct subd *sd) } struct subd *new_subd(const tal_t *ctx, - struct lightningd *ld, - const char *name, - struct peer *peer, - const char *(*msgname)(int msgtype), - int (*msgcb)(struct subd *, const u8 *, - const int *fds), - void (*finished)(struct subd *, int), - ...) + struct lightningd *ld, + const char *name, + struct peer *peer, + const char *(*msgname)(int msgtype), + int (*msgcb)(struct subd *, const u8 *, const int *fds), + void (*peerbadcb)(struct subd *, const char *), + void (*finished)(struct subd *, int), + ...) { va_list ap; struct subd *sd = tal(ctx, struct subd); @@ -434,6 +520,7 @@ struct subd *new_subd(const tal_t *ctx, sd->finished = finished; sd->msgname = msgname; sd->msgcb = msgcb; + sd->peerbadcb = peerbadcb; sd->fds_in = NULL; msg_queue_init(&sd->outq, sd); tal_add_destructor(sd, destroy_subd); diff --git a/lightningd/subd.h b/lightningd/subd.h index 77a27a9dc..38813c5fb 100644 --- a/lightningd/subd.h +++ b/lightningd/subd.h @@ -36,6 +36,9 @@ struct subd { const char *(*msgname)(int msgtype); void (*finished)(struct subd *sd, int status); + /* Callback when the peer misbehaves. */ + void (*peerbadcb)(struct subd *, const char *what); + /* Buffer for input. */ u8 *msg_in; @@ -58,6 +61,7 @@ struct subd { * @peer: peer to associate (if any). * @msgname: function to get name from messages * @msgcb: function to call when non-fatal message received (or NULL) + * @peerbadcb: function to call for STATUS_FAIL_PEER_BAD (or NULL for none) * @finished: function to call when it's finished (with exit status). * @...: NULL-terminated list of pointers to fds to hand as fd 3, 4... * (can be take, if so, set to -1) @@ -72,6 +76,7 @@ struct subd *new_subd(const tal_t *ctx, struct peer *peer, const char *(*msgname)(int msgtype), int (*msgcb)(struct subd *, const u8 *, const int *fds), + void (*peerbadcb)(struct subd *, const char *), void (*finished)(struct subd *, int), ...); /** diff --git a/onchaind/onchain.c b/onchaind/onchain.c index 2d4914c22..5ed0094e4 100644 --- a/onchaind/onchain.c +++ b/onchaind/onchain.c @@ -389,7 +389,7 @@ static void unwatch_tx(const struct bitcoin_tx *tx) static void handle_their_htlc_fulfill(struct tracked_output *out, const struct bitcoin_tx *tx) { - status_failed(WIRE_ONCHAIN_INTERNAL_ERROR, "FIXME: %s", __func__); + status_failed(STATUS_FAIL_INTERNAL_ERROR, "FIXME: %s", __func__); } /* An output has been spent: see if it resolves something we care about. */ @@ -434,13 +434,13 @@ static void output_spent(struct tracked_output **outs, case FUNDING_OUTPUT: /* Master should be restarting us, as this implies * that our old tx was unspent. */ - status_failed(WIRE_ONCHAIN_INTERNAL_ERROR, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "Funding output spent again!"); /* Um, we don't track these! */ case OUTPUT_TO_THEM: case DELAYED_OUTPUT_TO_THEM: - status_failed(WIRE_ONCHAIN_INTERNAL_ERROR, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "Tracked spend of %s/%s?", tx_type_name(outs[i]->tx_type), output_type_name(outs[i]->output_type)); @@ -486,7 +486,7 @@ static void tx_new_depth(struct tracked_output **outs, static void handle_preimage(struct tracked_output **outs, const struct preimage *preimage) { - status_failed(WIRE_ONCHAIN_INTERNAL_ERROR, "FIXME: %s", __func__); + status_failed(STATUS_FAIL_INTERNAL_ERROR, "FIXME: %s", __func__); } /* BOLT #5: @@ -517,8 +517,7 @@ static void wait_for_resolved(struct tracked_output **outs) else if (fromwire_onchain_known_preimage(msg, NULL, &preimage)) handle_preimage(outs, &preimage); else - status_failed(WIRE_ONCHAIN_BAD_COMMAND, - "Bad message %s", tal_hex(msg, msg)); + master_badmsg(-1, msg); tal_free(msg); } } @@ -562,7 +561,7 @@ static u8 **derive_htlc_scripts(const struct htlc_stub *htlcs, enum side side, struct abs_locktime ltime; if (!blocks_to_abs_locktime(htlcs[i].cltv_expiry, <ime)) - status_failed(WIRE_ONCHAIN_INTERNAL_ERROR, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "Could not convert cltv_expiry %u to locktime", htlcs[i].cltv_expiry); htlc_scripts[i] = htlc_received_wscript(htlc_scripts, @@ -696,7 +695,7 @@ static void resolve_our_htlc_ourcommit(struct tracked_output *out, tal_free(wscript); return; } - status_failed(WIRE_ONCHAIN_INTERNAL_ERROR, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "Could not find feerate for signature on HTLC timeout" " between %u and %u", feerate_range->min, feerate_range->max); @@ -825,7 +824,7 @@ static void handle_our_unilateral(const struct bitcoin_tx *tx, /* Figure out what delayed to-us output looks like */ if (!per_commit_point(shaseed, &local_per_commitment_point, commit_num)) - status_failed(WIRE_ONCHAIN_CRYPTO_FAILED, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "Deriving local_per_commit_point for %"PRIu64, commit_num); @@ -835,7 +834,7 @@ static void handle_our_unilateral(const struct bitcoin_tx *tx, local_delayed_payment_basepoint, remote_revocation_basepoint, &keyset)) - status_failed(WIRE_ONCHAIN_CRYPTO_FAILED, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "Deriving keyset for %"PRIu64, commit_num); status_trace("Deconstructing unilateral tx: %"PRIu64 @@ -858,7 +857,7 @@ static void handle_our_unilateral(const struct bitcoin_tx *tx, local_delayed_payment_basepoint, &local_per_commitment_point, &local_delayedprivkey)) - status_failed(WIRE_ONCHAIN_CRYPTO_FAILED, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "Deriving local_delayeprivkey for %"PRIu64, commit_num); @@ -866,7 +865,7 @@ static void handle_our_unilateral(const struct bitcoin_tx *tx, local_payment_basepoint, &local_per_commitment_point, &local_payment_privkey)) - status_failed(WIRE_ONCHAIN_CRYPTO_FAILED, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "Deriving local_delayeprivkey for %"PRIu64, commit_num); @@ -959,9 +958,10 @@ static void handle_our_unilateral(const struct bitcoin_tx *tx, continue; } + /* FIXME: limp along when this happens! */ j = match_htlc_output(tx, i, htlc_scripts); if (j == -1) - status_failed(WIRE_ONCHAIN_INTERNAL_ERROR, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "Could not find resolution for output %zu", i); @@ -1008,7 +1008,7 @@ static void handle_their_cheat(const struct bitcoin_tx *tx, const struct htlc_stub *htlcs, struct tracked_output **outs) { - status_failed(WIRE_ONCHAIN_INTERNAL_ERROR, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "FIXME: Implement penalty transaction"); } @@ -1076,7 +1076,7 @@ static void handle_their_unilateral(const struct bitcoin_tx *tx, remote_delayed_payment_basepoint, local_revocation_basepoint, &keyset)) - status_failed(WIRE_ONCHAIN_CRYPTO_FAILED, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "Deriving keyset for %"PRIu64, commit_num); status_trace("Deconstructing unilateral tx: %"PRIu64 @@ -1099,7 +1099,7 @@ static void handle_their_unilateral(const struct bitcoin_tx *tx, local_payment_basepoint, remote_per_commitment_point, &local_payment_privkey)) - status_failed(WIRE_ONCHAIN_CRYPTO_FAILED, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "Deriving local_delayeprivkey for %"PRIu64, commit_num); @@ -1173,7 +1173,7 @@ static void handle_their_unilateral(const struct bitcoin_tx *tx, j = match_htlc_output(tx, i, htlc_scripts); if (j == -1) - status_failed(WIRE_ONCHAIN_INTERNAL_ERROR, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "Could not find resolution for output %zu", i); if (htlcs[j].owner == LOCAL) { @@ -1274,8 +1274,7 @@ int main(int argc, char *argv[]) &tx_blockheight, &remote_htlc_sigs, &num_htlcs)) { - status_failed(WIRE_ONCHAIN_BAD_COMMAND, - "Bad init message %s", tal_hex(ctx, msg)); + master_badmsg(WIRE_ONCHAIN_INIT, msg); } derive_basepoints(&seed, NULL, &basepoints, &secrets, &shaseed); bitcoin_txid(tx, &txid); @@ -1283,15 +1282,13 @@ int main(int argc, char *argv[]) /* FIXME: Filter as we go, don't load them all into mem! */ htlcs = tal_arr(ctx, struct htlc_stub, num_htlcs); if (!htlcs) - status_failed(WIRE_ONCHAIN_BAD_COMMAND, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "Can't allocate %"PRIu64" htlcs", num_htlcs); for (u64 i = 0; i < num_htlcs; i++) { msg = wire_sync_read(ctx, REQ_FD); - if (!msg || !fromwire_onchain_htlc(msg, NULL, &htlcs[i])) - status_failed(WIRE_ONCHAIN_BAD_COMMAND, - "Can't read %"PRIu64"/%"PRIu64" htlc", - i, num_htlcs); + if (!fromwire_onchain_htlc(msg, NULL, &htlcs[i])) + master_badmsg(WIRE_ONCHAIN_HTLC, msg); } outs = tal_arr(ctx, struct tracked_output *, 0); @@ -1407,7 +1404,7 @@ int main(int argc, char *argv[]) local_dust_limit_satoshi, htlcs, outs); } else - status_failed(WIRE_ONCHAIN_INTERNAL_ERROR, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "Unknown commitment index %"PRIu64 " for tx %s", commit_num, diff --git a/onchaind/onchain_wire.csv b/onchaind/onchain_wire.csv index e786bae9a..33c141821 100644 --- a/onchaind/onchain_wire.csv +++ b/onchaind/onchain_wire.csv @@ -1,8 +1,3 @@ -# Shouldn't happen -onchain_bad_command,0x8000 -onchain_internal_error,0x8003 -onchain_crypto_failed,0x8004 - #include # Begin! Here's the onchain tx which spends funding tx, followed by all HTLCs. onchain_init,1 diff --git a/openingd/opening.c b/openingd/opening.c index 978b36583..291e222a0 100644 --- a/openingd/opening.c +++ b/openingd/opening.c @@ -75,8 +75,7 @@ static void check_config_bounds(struct state *state, * unreasonably large. */ if (remoteconf->to_self_delay > state->max_to_self_delay) - peer_failed(PEER_FD, &state->cs, NULL, - WIRE_OPENING_PEER_BAD_CONFIG, + peer_failed(PEER_FD, &state->cs, &state->channel_id, "to_self_delay %u larger than %u", remoteconf->to_self_delay, state->max_to_self_delay); @@ -93,8 +92,7 @@ static void check_config_bounds(struct state *state, /* Overflow check before capacity calc. */ if (remoteconf->channel_reserve_satoshis > state->funding_satoshis) - peer_failed(PEER_FD, &state->cs, NULL, - WIRE_OPENING_PEER_BAD_CONFIG, + peer_failed(PEER_FD, &state->cs, &state->channel_id, "Invalid channel_reserve_satoshis %"PRIu64 " for funding_satoshis %"PRIu64, remoteconf->channel_reserve_satoshis, @@ -111,8 +109,7 @@ static void check_config_bounds(struct state *state, capacity_msat = remoteconf->max_htlc_value_in_flight_msat; if (remoteconf->htlc_minimum_msat * (u64)1000 > capacity_msat) - peer_failed(PEER_FD, &state->cs, NULL, - WIRE_OPENING_PEER_BAD_CONFIG, + peer_failed(PEER_FD, &state->cs, &state->channel_id, "Invalid htlc_minimum_msat %"PRIu64 " for funding_satoshis %"PRIu64 " capacity_msat %"PRIu64, @@ -121,8 +118,7 @@ static void check_config_bounds(struct state *state, capacity_msat); if (capacity_msat < state->min_effective_htlc_capacity_msat) - peer_failed(PEER_FD, &state->cs, NULL, - WIRE_OPENING_PEER_BAD_CONFIG, + peer_failed(PEER_FD, &state->cs, &state->channel_id, "Channel capacity with funding %"PRIu64" msat," " reserves %"PRIu64"/%"PRIu64" msat," " max_htlc_value_in_flight_msat %"PRIu64 @@ -136,8 +132,7 @@ static void check_config_bounds(struct state *state, /* We don't worry about how many HTLCs they accept, as long as > 0! */ if (remoteconf->max_accepted_htlcs == 0) - peer_failed(PEER_FD, &state->cs, NULL, - WIRE_OPENING_PEER_BAD_CONFIG, + peer_failed(PEER_FD, &state->cs, &state->channel_id, "max_accepted_htlcs %u invalid", remoteconf->max_accepted_htlcs); @@ -147,8 +142,7 @@ static void check_config_bounds(struct state *state, * than 483. */ if (remoteconf->max_accepted_htlcs > 483) - peer_failed(PEER_FD, &state->cs, NULL, - WIRE_OPENING_PEER_BAD_CONFIG, + peer_failed(PEER_FD, &state->cs, &state->channel_id, "max_accepted_htlcs %u too large", remoteconf->max_accepted_htlcs); } @@ -188,15 +182,13 @@ static u8 *read_next_peer_msg(struct state *state, const tal_t *ctx) } if (pong && !sync_crypto_write(&state->cs, PEER_FD, take(pong))) - peer_failed(PEER_FD, &state->cs, NULL, - WIRE_OPENING_PEER_WRITE_FAILED, - "Sending pong"); + status_failed(STATUS_FAIL_PEER_IO, + "Sending pong"); } else if (is_gossip_msg(msg)) { /* We relay gossip to gossipd, but don't relay from */ if (!wire_sync_write(GOSSIP_FD, take(msg))) - peer_failed(PEER_FD, &state->cs, NULL, - WIRE_OPENING_PEER_WRITE_FAILED, - "Relaying gossip message"); + status_failed(STATUS_FAIL_PEER_IO, + "Relaying gossip message"); } else { return msg; } @@ -232,7 +224,7 @@ static u8 *funder_channel(struct state *state, * * The sender MUST set `funding_satoshis` to less than 2^24 satoshi. */ if (state->funding_satoshis >= 1 << 24) - status_failed(WIRE_OPENING_BAD_PARAM, + status_failed(STATUS_FAIL_MASTER_IO, "funding_satoshis must be < 2^24, not %"PRIu64, state->funding_satoshis); @@ -242,7 +234,7 @@ static u8 *funder_channel(struct state *state, * `funding_satoshis`. */ if (state->push_msat > 1000 * state->funding_satoshis) - status_failed(WIRE_OPENING_BAD_PARAM, + status_failed(STATUS_FAIL_MASTER_IO, "push-msat must be < %"PRIu64, 1000 * state->funding_satoshis); @@ -264,16 +256,15 @@ static u8 *funder_channel(struct state *state, &state->next_per_commit[LOCAL], channel_flags); if (!sync_crypto_write(&state->cs, PEER_FD, msg)) - status_failed(WIRE_OPENING_PEER_WRITE_FAILED, + status_failed(STATUS_FAIL_PEER_IO, "Writing open_channel: %s", strerror(errno)); state->remoteconf = tal(state, struct channel_config); msg = read_next_peer_msg(state, state); if (!msg) - peer_failed(PEER_FD, &state->cs, &state->channel_id, - WIRE_OPENING_PEER_READ_FAILED, - "Reading accept_channel"); + status_failed(STATUS_FAIL_PEER_IO, + "Reading accept_channel: %s", strerror(errno)); /* BOLT #2: * @@ -298,7 +289,6 @@ static u8 *funder_channel(struct state *state, &theirs.delayed_payment, &state->next_per_commit[REMOTE])) peer_failed(PEER_FD, &state->cs, &state->channel_id, - WIRE_OPENING_PEER_READ_FAILED, "Parsing accept_channel %s", tal_hex(msg, msg)); /* BOLT #2: @@ -307,7 +297,6 @@ static u8 *funder_channel(struct state *state, * `temporary_channel_id` in the `open_channel` message. */ if (!structeq(&id_in, &state->channel_id)) peer_failed(PEER_FD, &state->cs, &id_in, - WIRE_OPENING_PEER_READ_FAILED, "accept_channel ids don't match: sent %s got %s", type_to_string(msg, struct channel_id, &id_in), type_to_string(msg, struct channel_id, @@ -323,7 +312,6 @@ static u8 *funder_channel(struct state *state, */ if (minimum_depth > max_minimum_depth) peer_failed(PEER_FD, &state->cs, &state->channel_id, - WIRE_OPENING_BAD_PARAM, "minimum_depth %u larger than %u", minimum_depth, max_minimum_depth); check_config_bounds(state, state->remoteconf); @@ -331,7 +319,7 @@ static u8 *funder_channel(struct state *state, /* Now, ask create funding transaction to pay those two addresses. */ if (change_satoshis) { if (!bip32_pubkey(bip32_base, &changekey, change_keyindex)) - status_failed(WIRE_OPENING_BAD_PARAM, + status_failed(STATUS_FAIL_MASTER_IO, "Bad change key %u", change_keyindex); } @@ -359,7 +347,6 @@ static u8 *funder_channel(struct state *state, LOCAL); if (!state->channel) peer_failed(PEER_FD, &state->cs, &state->channel_id, - WIRE_OPENING_BAD_PARAM, "could not create channel with given config"); /* BOLT #2: @@ -386,9 +373,8 @@ static u8 *funder_channel(struct state *state, state->funding_txout, &sig); if (!sync_crypto_write(&state->cs, PEER_FD, msg)) - peer_failed(PEER_FD, &state->cs, &state->channel_id, - WIRE_OPENING_PEER_WRITE_FAILED, - "Writing funding_created"); + status_failed(STATUS_FAIL_PEER_IO, + "Writing funding_created: %s", strerror(errno)); /* BOLT #2: * @@ -400,15 +386,12 @@ static u8 *funder_channel(struct state *state, */ msg = read_next_peer_msg(state, state); if (!msg) - peer_failed(PEER_FD, &state->cs, &state->channel_id, - WIRE_OPENING_PEER_READ_FAILED, - "Reading funding_signed"); + status_failed(STATUS_FAIL_PEER_IO, + "Writing funding_signed: %s", strerror(errno)); if (!fromwire_funding_signed(msg, NULL, &id_in, &sig)) peer_failed(PEER_FD, &state->cs, &state->channel_id, - WIRE_OPENING_PEER_READ_FAILED, - "Parsing funding_signed (%s)", - wire_type_name(fromwire_peektype(msg))); + "Parsing funding_signed: %s", tal_hex(msg, msg)); /* BOLT #2: * @@ -423,7 +406,6 @@ static u8 *funder_channel(struct state *state, if (!structeq(&id_in, &state->channel_id)) peer_failed(PEER_FD, &state->cs, &id_in, - WIRE_OPENING_PEER_READ_FAILED, "funding_signed ids don't match: expceted %s got %s", type_to_string(msg, struct channel_id, &state->channel_id), @@ -438,7 +420,6 @@ static u8 *funder_channel(struct state *state, if (!check_tx_sig(tx, 0, NULL, wscript, &their_funding_pubkey, &sig)) { peer_failed(PEER_FD, &state->cs, &state->channel_id, - WIRE_OPENING_PEER_READ_FAILED, "Bad signature %s on tx %s using key %s", type_to_string(trc, secp256k1_ecdsa_signature, &sig), @@ -511,8 +492,7 @@ static u8 *fundee_channel(struct state *state, &state->next_per_commit[REMOTE], &channel_flags)) peer_failed(PEER_FD, &state->cs, NULL, - WIRE_OPENING_PEER_BAD_INITIAL_MESSAGE, - "Parsing open_channel %s", + "Bad open_channel %s", tal_hex(peer_msg, peer_msg)); /* BOLT #2: @@ -523,7 +503,6 @@ static u8 *fundee_channel(struct state *state, */ if (!structeq(&chain_hash, &state->chainparams->genesis_blockhash)) { peer_failed(PEER_FD, &state->cs, &state->channel_id, - WIRE_OPENING_PEER_BAD_INITIAL_MESSAGE, "Unknown chain-hash %s", type_to_string(peer_msg, struct sha256_double, &chain_hash)); @@ -535,7 +514,6 @@ static u8 *fundee_channel(struct state *state, * is greater than or equal to 2^24 */ if (state->funding_satoshis >= 1 << 24) peer_failed(PEER_FD, &state->cs, &state->channel_id, - WIRE_OPENING_PEER_BAD_FUNDING, "funding_satoshis %"PRIu64" too large", state->funding_satoshis); @@ -546,7 +524,6 @@ static u8 *fundee_channel(struct state *state, */ if (state->push_msat > state->funding_satoshis * 1000) peer_failed(PEER_FD, &state->cs, &state->channel_id, - WIRE_OPENING_PEER_BAD_FUNDING, "push_msat %"PRIu64 " too large for funding_satoshis %"PRIu64, state->push_msat, state->funding_satoshis); @@ -558,13 +535,11 @@ static u8 *fundee_channel(struct state *state, */ if (state->feerate_per_kw < min_feerate) peer_failed(PEER_FD, &state->cs, &state->channel_id, - WIRE_OPENING_PEER_BAD_FUNDING, "feerate_per_kw %u below minimum %u", state->feerate_per_kw, min_feerate); if (state->feerate_per_kw > max_feerate) peer_failed(PEER_FD, &state->cs, &state->channel_id, - WIRE_OPENING_PEER_BAD_FUNDING, "feerate_per_kw %u above maximum %u", state->feerate_per_kw, max_feerate); @@ -588,22 +563,19 @@ static u8 *fundee_channel(struct state *state, &state->next_per_commit[LOCAL]); if (!sync_crypto_write(&state->cs, PEER_FD, take(msg))) - peer_failed(PEER_FD, &state->cs, &state->channel_id, - WIRE_OPENING_PEER_WRITE_FAILED, - "Writing accept_channel"); + status_failed(STATUS_FAIL_PEER_IO, + "Writing accept_channel: %s", strerror(errno)); msg = read_next_peer_msg(state, state); if (!msg) - peer_failed(PEER_FD, &state->cs, &state->channel_id, - WIRE_OPENING_PEER_READ_FAILED, - "Reading funding_created"); + status_failed(STATUS_FAIL_PEER_IO, + "Reading funding_created: %s", strerror(errno)); if (!fromwire_funding_created(msg, NULL, &id_in, &state->funding_txid.sha, &state->funding_txout, &theirsig)) peer_failed(PEER_FD, &state->cs, &state->channel_id, - WIRE_OPENING_PEER_READ_FAILED, "Parsing funding_created"); /* BOLT #2: @@ -612,7 +584,6 @@ static u8 *fundee_channel(struct state *state, * `temporary_channel_id` in the `open_channel` message. */ if (!structeq(&id_in, &state->channel_id)) peer_failed(PEER_FD, &state->cs, &id_in, - WIRE_OPENING_PEER_READ_FAILED, "funding_created ids don't match: sent %s got %s", type_to_string(msg, struct channel_id, &state->channel_id), @@ -632,7 +603,6 @@ static u8 *fundee_channel(struct state *state, REMOTE); if (!state->channel) peer_failed(PEER_FD, &state->cs, &state->channel_id, - WIRE_OPENING_BAD_PARAM, "could not create channel with given config"); /* BOLT #2: @@ -645,7 +615,6 @@ static u8 *fundee_channel(struct state *state, if (!check_tx_sig(tx, 0, NULL, wscript, &their_funding_pubkey, &theirsig)) { peer_failed(PEER_FD, &state->cs, &state->channel_id, - WIRE_OPENING_PEER_READ_FAILED, "Bad signature %s on tx %s using key %s", type_to_string(trc, secp256k1_ecdsa_signature, &theirsig), @@ -733,9 +702,6 @@ int main(int argc, char *argv[]) status_setup_sync(REQ_FD); msg = wire_sync_read(state, REQ_FD); - if (!msg) - status_failed(WIRE_OPENING_BAD_COMMAND, "%s", strerror(errno)); - if (!fromwire_opening_init(msg, NULL, &network_index, &state->localconf, @@ -743,7 +709,8 @@ int main(int argc, char *argv[]) &state->min_effective_htlc_capacity_msat, &state->cs, &seed)) - status_failed(WIRE_OPENING_BAD_COMMAND, "%s", strerror(errno)); + master_badmsg(WIRE_OPENING_INIT, msg); + tal_free(msg); state->chainparams = chainparams_by_index(network_index); @@ -752,13 +719,13 @@ int main(int argc, char *argv[]) if (!derive_basepoints(&seed, &our_funding_pubkey, &our_points, &state->our_secrets, &state->shaseed)) - status_failed(WIRE_OPENING_KEY_DERIVATION_FAILED, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "Secret derivation failed, secret = %s", type_to_string(trc, struct privkey, &seed)); if (!per_commit_point(&state->shaseed, &state->next_per_commit[LOCAL], 0)) - status_failed(WIRE_OPENING_KEY_DERIVATION_FAILED, + status_failed(STATUS_FAIL_INTERNAL_ERROR, "First per_commitment_point derivation failed," " secret = %s", type_to_string(trc, struct privkey, &seed)); @@ -782,6 +749,10 @@ int main(int argc, char *argv[]) msg = fundee_channel(state, &our_funding_pubkey, &our_points, minimum_depth, min_feerate, max_feerate, peer_msg); + else + status_failed(STATUS_FAIL_MASTER_IO, + "neither funder nor fundee: %s", + tal_hex(msg, msg)); /* Write message and hand back the fd. */ wire_sync_write(REQ_FD, msg); diff --git a/openingd/opening_wire.csv b/openingd/opening_wire.csv index 4fa291eee..e7c2de3dd 100644 --- a/openingd/opening_wire.csv +++ b/openingd/opening_wire.csv @@ -1,16 +1,3 @@ -# These shouldn't happen -opening_bad_command,0x8000 -opening_key_derivation_failed,0x8001 -opening_bad_param,0x8002 -opening_hsm_failed,0x8003 - -# These are due to peer. -opening_peer_write_failed,0x8010 -opening_peer_read_failed,0x8011 -opening_peer_bad_funding,0x8012 -opening_peer_bad_config,0x8013 -opening_peer_bad_initial_message,0x8014 - #include #include opening_init,0