From 6d8be70c6f761ccc58dd84b3abbb35d4c57c06d0 Mon Sep 17 00:00:00 2001 From: Elias Rohrer Date: Fri, 6 May 2022 19:46:49 +0200 Subject: [PATCH] Encode channel update type in failure messages. --- lightning/src/ln/channelmanager.rs | 11 +++++---- lightning/src/ln/onion_route_tests.rs | 29 +++++++++++++++++++---- lightning/src/ln/onion_utils.rs | 23 +++++++++++++++--- lightning/src/ln/priv_short_conf_tests.rs | 14 ++++++++--- 4 files changed, 63 insertions(+), 14 deletions(-) diff --git a/lightning/src/ln/channelmanager.rs b/lightning/src/ln/channelmanager.rs index 3aab92ad0..2ce466c9a 100644 --- a/lightning/src/ln/channelmanager.rs +++ b/lightning/src/ln/channelmanager.rs @@ -48,6 +48,7 @@ use ln::msgs; use ln::msgs::NetAddress; use ln::onion_utils; use ln::msgs::{ChannelMessageHandler, DecodeError, LightningError, MAX_VALUE_MSAT, OptionalField}; +use ln::wire::Encode; use chain::keysinterface::{Sign, KeysInterface, KeysManager, InMemorySigner, Recipient}; use util::config::UserConfig; use util::events::{EventHandler, EventsProvider, MessageSendEvent, MessageSendEventsProvider, ClosureReason}; @@ -2249,7 +2250,7 @@ impl ChannelMana break None; } { - let mut res = VecWriter(Vec::with_capacity(chan_update.serialized_length() + 8 + 2)); + let mut res = VecWriter(Vec::with_capacity(chan_update.serialized_length() + 2 + 8 + 2)); if let Some(chan_update) = chan_update { if code == 0x1000 | 11 || code == 0x1000 | 12 { msg.amount_msat.write(&mut res).expect("Writes cannot fail"); @@ -2261,7 +2262,8 @@ impl ChannelMana // TODO: underspecified, follow https://github.com/lightningnetwork/lightning-rfc/issues/791 0u16.write(&mut res).expect("Writes cannot fail"); } - (chan_update.serialized_length() as u16).write(&mut res).expect("Writes cannot fail"); + (chan_update.serialized_length() as u16 + 2).write(&mut res).expect("Writes cannot fail"); + msgs::ChannelUpdate::TYPE.write(&mut res).expect("Writes cannot fail"); chan_update.write(&mut res).expect("Writes cannot fail"); } return_err!(err, code, &res.0[..]); @@ -3543,12 +3545,13 @@ impl ChannelMana fn get_htlc_temp_fail_err_and_data(&self, desired_err_code: u16, scid: u64, chan: &Channel) -> (u16, Vec) { debug_assert_eq!(desired_err_code & 0x1000, 0x1000); if let Ok(upd) = self.get_channel_update_for_onion(scid, chan) { - let mut enc = VecWriter(Vec::with_capacity(upd.serialized_length() + 4)); + let mut enc = VecWriter(Vec::with_capacity(upd.serialized_length() + 6)); if desired_err_code == 0x1000 | 20 { // TODO: underspecified, follow https://github.com/lightning/bolts/issues/791 0u16.write(&mut enc).expect("Writes cannot fail"); } - (upd.serialized_length() as u16).write(&mut enc).expect("Writes cannot fail"); + (upd.serialized_length() as u16 + 2).write(&mut enc).expect("Writes cannot fail"); + msgs::ChannelUpdate::TYPE.write(&mut enc).expect("Writes cannot fail"); upd.write(&mut enc).expect("Writes cannot fail"); (desired_err_code, enc.0) } else { diff --git a/lightning/src/ln/onion_route_tests.rs b/lightning/src/ln/onion_route_tests.rs index cf74fa863..9a07603fa 100644 --- a/lightning/src/ln/onion_route_tests.rs +++ b/lightning/src/ln/onion_route_tests.rs @@ -21,6 +21,7 @@ use routing::router::{get_route, PaymentParameters, Route, RouteHint, RouteHintH use ln::features::{InitFeatures, InvoiceFeatures, NodeFeatures}; use ln::msgs; use ln::msgs::{ChannelMessageHandler, ChannelUpdate, OptionalField}; +use ln::wire::Encode; use util::events::{Event, MessageSendEvent, MessageSendEventsProvider}; use util::ser::{Writeable, Writer}; use util::{byte_utils, test_utils}; @@ -438,13 +439,29 @@ fn test_onion_failure() { Some(BADONION|PERM|6), None, Some(short_channel_id)); let short_channel_id = channels[1].0.contents.short_channel_id; + let chan_update = ChannelUpdate::dummy(short_channel_id); + + let mut err_data = Vec::new(); + err_data.extend_from_slice(&(chan_update.serialized_length() as u16 + 2).to_be_bytes()); + err_data.extend_from_slice(&ChannelUpdate::TYPE.to_be_bytes()); + err_data.extend_from_slice(&chan_update.encode()); + run_onion_failure_test_with_fail_intercept("temporary_channel_failure", 100, &nodes, &route, &payment_hash, &payment_secret, |msg| { + msg.amount_msat -= 1; + }, |msg| { + let session_priv = SecretKey::from_slice(&[3; 32]).unwrap(); + let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route.paths[0], &session_priv).unwrap(); + msg.reason = onion_utils::build_first_hop_failure_packet(onion_keys[0].shared_secret.as_ref(), UPDATE|7, &err_data); + }, ||{}, true, Some(UPDATE|7), Some(NetworkUpdate::ChannelUpdateMessage{msg: chan_update.clone()}), Some(short_channel_id)); + + // Check we can still handle onion failures that include channel updates without a type prefix + let err_data_without_type = chan_update.encode_with_len(); run_onion_failure_test_with_fail_intercept("temporary_channel_failure", 100, &nodes, &route, &payment_hash, &payment_secret, |msg| { msg.amount_msat -= 1; }, |msg| { let session_priv = SecretKey::from_slice(&[3; 32]).unwrap(); let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route.paths[0], &session_priv).unwrap(); - msg.reason = onion_utils::build_first_hop_failure_packet(onion_keys[0].shared_secret.as_ref(), UPDATE|7, &ChannelUpdate::dummy(short_channel_id).encode_with_len()[..]); - }, ||{}, true, Some(UPDATE|7), Some(NetworkUpdate::ChannelUpdateMessage{msg: ChannelUpdate::dummy(short_channel_id)}), Some(short_channel_id)); + msg.reason = onion_utils::build_first_hop_failure_packet(onion_keys[0].shared_secret.as_ref(), UPDATE|7, &err_data_without_type); + }, ||{}, true, Some(UPDATE|7), Some(NetworkUpdate::ChannelUpdateMessage{msg: chan_update}), Some(short_channel_id)); let short_channel_id = channels[1].0.contents.short_channel_id; run_onion_failure_test_with_fail_intercept("permanent_channel_failure", 100, &nodes, &route, &payment_hash, &payment_secret, |msg| { @@ -1097,11 +1114,15 @@ fn test_phantom_dust_exposure_failure() { commitment_signed_dance!(nodes[0], nodes[1], update_1.commitment_signed, false); // Ensure the payment fails with the expected error. - let mut error_data = channel.1.encode_with_len(); + let mut err_data = Vec::new(); + err_data.extend_from_slice(&(channel.1.serialized_length() as u16 + 2).to_be_bytes()); + err_data.extend_from_slice(&ChannelUpdate::TYPE.to_be_bytes()); + err_data.extend_from_slice(&channel.1.encode()); + let mut fail_conditions = PaymentFailedConditions::new() .blamed_scid(channel.0.contents.short_channel_id) .blamed_chan_closed(false) - .expected_htlc_error_data(0x1000 | 7, &error_data); + .expected_htlc_error_data(0x1000 | 7, &err_data); expect_payment_failed_conditions!(nodes[0], payment_hash, false, fail_conditions); } diff --git a/lightning/src/ln/onion_utils.rs b/lightning/src/ln/onion_utils.rs index e9e64491c..9e4ae058f 100644 --- a/lightning/src/ln/onion_utils.rs +++ b/lightning/src/ln/onion_utils.rs @@ -10,6 +10,7 @@ use ln::{PaymentHash, PaymentPreimage, PaymentSecret}; use ln::channelmanager::HTLCSource; use ln::msgs; +use ln::wire::Encode; use routing::network_graph::NetworkUpdate; use routing::router::RouteHop; use util::chacha20::{ChaCha20, ChaChaReader}; @@ -404,7 +405,21 @@ pub(super) fn process_onion_failure(secp_ctx: & else if error_code & UPDATE == UPDATE { if let Some(update_len_slice) = err_packet.failuremsg.get(debug_field_size+2..debug_field_size+4) { let update_len = u16::from_be_bytes(update_len_slice.try_into().expect("len is 2")) as usize; - if let Some(update_slice) = err_packet.failuremsg.get(debug_field_size + 4..debug_field_size + 4 + update_len) { + if let Some(mut update_slice) = err_packet.failuremsg.get(debug_field_size + 4..debug_field_size + 4 + update_len) { + // Historically, the BOLTs were unclear if the message type + // bytes should be included here or not. The BOLTs have now + // been updated to indicate that they *are* included, but many + // nodes still send messages without the type bytes, so we + // support both here. + // TODO: Switch to hard require the type prefix, as the current + // permissiveness introduces the (although small) possibility + // that we fail to decode legitimate channel updates that + // happen to start with ChannelUpdate::TYPE, i.e., [0x01, 0x02]. + if update_slice.len() > 2 && update_slice[0..2] == msgs::ChannelUpdate::TYPE.to_be_bytes() { + update_slice = &update_slice[2..]; + } else { + log_trace!(logger, "Failure provided features a channel update without type prefix. Deprecated, but allowing for now."); + } if let Ok(chan_update) = msgs::ChannelUpdate::read(&mut Cursor::new(&update_slice)) { // if channel_update should NOT have caused the failure: // MAY treat the channel_update as invalid. @@ -434,6 +449,8 @@ pub(super) fn process_onion_failure(secp_ctx: & // short channel id. if failing_route_hop.short_channel_id == chan_update.contents.short_channel_id { short_channel_id = Some(failing_route_hop.short_channel_id); + } else { + log_info!(logger, "Node provided a channel_update for which it was not authoritative, ignoring."); } network_update = Some(NetworkUpdate::ChannelUpdateMessage { msg: chan_update, @@ -478,10 +495,10 @@ pub(super) fn process_onion_failure(secp_ctx: & let (description, title) = errors::get_onion_error_description(error_code); if debug_field_size > 0 && err_packet.failuremsg.len() >= 4 + debug_field_size { - log_warn!(logger, "Onion Error[from {}: {}({:#x}) {}({})] {}", route_hop.pubkey, title, error_code, debug_field, log_bytes!(&err_packet.failuremsg[4..4+debug_field_size]), description); + log_info!(logger, "Onion Error[from {}: {}({:#x}) {}({})] {}", route_hop.pubkey, title, error_code, debug_field, log_bytes!(&err_packet.failuremsg[4..4+debug_field_size]), description); } else { - log_warn!(logger, "Onion Error[from {}: {}({:#x})] {}", route_hop.pubkey, title, error_code, description); + log_info!(logger, "Onion Error[from {}: {}({:#x})] {}", route_hop.pubkey, title, error_code, description); } } else { // Useless packet that we can't use but it passed HMAC, so it diff --git a/lightning/src/ln/priv_short_conf_tests.rs b/lightning/src/ln/priv_short_conf_tests.rs index 4fce2bb1b..d7b940eb9 100644 --- a/lightning/src/ln/priv_short_conf_tests.rs +++ b/lightning/src/ln/priv_short_conf_tests.rs @@ -19,7 +19,8 @@ use routing::network_graph::RoutingFees; use routing::router::{PaymentParameters, RouteHint, RouteHintHop}; use ln::features::{InitFeatures, InvoiceFeatures}; use ln::msgs; -use ln::msgs::{ChannelMessageHandler, RoutingMessageHandler, OptionalField}; +use ln::msgs::{ChannelMessageHandler, RoutingMessageHandler, OptionalField, ChannelUpdate}; +use ln::wire::Encode; use util::enforcing_trait_impls::EnforcingSigner; use util::events::{Event, MessageSendEvent, MessageSendEventsProvider}; use util::config::UserConfig; @@ -531,9 +532,14 @@ fn test_scid_alias_returned() { let signature = Secp256k1::new().sign_ecdsa(&hash_to_message!(&msg_hash[..]), &nodes[1].keys_manager.get_node_secret(Recipient::Node).unwrap()); let msg = msgs::ChannelUpdate { signature, contents }; + let mut err_data = Vec::new(); + err_data.extend_from_slice(&(msg.serialized_length() as u16 + 2).to_be_bytes()); + err_data.extend_from_slice(&ChannelUpdate::TYPE.to_be_bytes()); + err_data.extend_from_slice(&msg.encode()); + expect_payment_failed_conditions!(nodes[0], payment_hash, false, PaymentFailedConditions::new().blamed_scid(last_hop[0].inbound_scid_alias.unwrap()) - .blamed_chan_closed(false).expected_htlc_error_data(0x1000|7, &msg.encode_with_len())); + .blamed_chan_closed(false).expected_htlc_error_data(0x1000|7, &err_data)); route.paths[0][1].fee_msat = 10_000; // Reset to the correct payment amount route.paths[0][0].fee_msat = 0; // But set fee paid to the middle hop to 0 @@ -551,7 +557,9 @@ fn test_scid_alias_returned() { let mut err_data = Vec::new(); err_data.extend_from_slice(&10_000u64.to_be_bytes()); - err_data.extend_from_slice(&msg.encode_with_len()); + err_data.extend_from_slice(&(msg.serialized_length() as u16 + 2).to_be_bytes()); + err_data.extend_from_slice(&ChannelUpdate::TYPE.to_be_bytes()); + err_data.extend_from_slice(&msg.encode()); expect_payment_failed_conditions!(nodes[0], payment_hash, false, PaymentFailedConditions::new().blamed_scid(last_hop[0].inbound_scid_alias.unwrap()) .blamed_chan_closed(false).expected_htlc_error_data(0x1000|12, &err_data)); -- 2.39.5