Handle monitor update failures in msg-recv functions

[rust-lightning] / src / ln / channel.rs

diff --git a/src/ln/channel.rs b/src/ln/channel.rs
index 296d97c164ea967839fa2f6ec93ab66f215f56fe..c2ec53fb353d8fad52d1e6d8d5074ed361546752 100644 (file)
--- a/src/ln/channel.rs
+++ b/src/ln/channel.rs
@@ -2154,7 +2154,7 @@ impl Channel {
        /// commitment update or a revoke_and_ack generation). The messages which were generated from
        /// that original call must *not* have been sent to the remote end, and must instead have been
        /// dropped. They will be regenerated when monitor_updating_restored is called.
-       pub fn monitor_update_failed(&mut self, order: RAACommitmentOrder) {
+       pub fn monitor_update_failed(&mut self, order: RAACommitmentOrder, mut pending_forwards: Vec<(PendingForwardHTLCInfo, u64)>, mut pending_fails: Vec<(HTLCSource, [u8; 32], HTLCFailReason)>, raa_first_dropped_cs: bool) {
                assert_eq!(self.channel_state & ChannelState::MonitorUpdateFailed as u32, 0);
                match order {
                        RAACommitmentOrder::CommitmentFirst => {
@@ -2163,9 +2163,13 @@ impl Channel {
                        },
                        RAACommitmentOrder::RevokeAndACKFirst => {
                                self.monitor_pending_revoke_and_ack = true;
-                               self.monitor_pending_commitment_signed = false;
+                               self.monitor_pending_commitment_signed = raa_first_dropped_cs;
                        },
                }
+               assert!(self.monitor_pending_forwards.is_empty());
+               mem::swap(&mut pending_forwards, &mut self.monitor_pending_forwards);
+               assert!(self.monitor_pending_failures.is_empty());
+               mem::swap(&mut pending_fails, &mut self.monitor_pending_failures);
                self.monitor_pending_order = Some(order);
                self.channel_state |= ChannelState::MonitorUpdateFailed as u32;
        }