X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=blobdiff_plain;f=src%2Fln%2Fchannelmanager.rs;h=27f470d40f8a0e6182b677ac925dd20687cd21ca;hb=6ab31a0d501db9fd96436deff190da8801ac73b7;hp=c884f8a1adb9bec87afcd301d170afe0729268d9;hpb=f476a19bde05ea01d0c99a5dad4915d8e835aad2;p=rust-lightning

diff --git a/src/ln/channelmanager.rs b/src/ln/channelmanager.rs
index c884f8a1..27f470d4 100644
--- a/src/ln/channelmanager.rs
+++ b/src/ln/channelmanager.rs
@@ -1633,8 +1633,6 @@ impl ChannelMessageHandler for ChannelManager {
 					hmac: next_hop_data.hmac.clone(),
 				};
 
-				//TODO: Check amt_to_forward and outgoing_cltv_value are within acceptable ranges!
-
 				PendingForwardHTLCInfo {
 					onion_packet: Some(outgoing_packet),
 					payment_hash: msg.payment_hash.clone(),
@@ -1656,6 +1654,17 @@ impl ChannelMessageHandler for ChannelManager {
 				Some(id) => id.clone(),
 			};
 			let chan = channel_state.by_id.get_mut(&forwarding_id).unwrap();
+			let fee = chan.get_our_fee_base_msat(&*self.fee_estimator) + (pending_forward_info.amt_to_forward * self.fee_proportional_millionths as u64 / 1000000) as u32;
+			if msg.amount_msat < fee as u64 || (msg.amount_msat - fee as u64) < pending_forward_info.amt_to_forward {
+				log_debug!(self, "HTLC {} incorrect amount: in {} out {} fee required {}", msg.htlc_id, msg.amount_msat, pending_forward_info.amt_to_forward, fee);
+				let chan_update = self.get_channel_update(chan).unwrap();
+				return_err!("Prior hop has deviated from specified fees parameters or origin node has obsolete ones", 0x1000 | 12, &chan_update.encode_with_len()[..]);
+			}
+			if (msg.cltv_expiry as u64) < pending_forward_info.outgoing_cltv_value as u64 + CLTV_EXPIRY_DELTA as u64 {
+				log_debug!(self, "HTLC {} incorrect CLTV: in {} out {} delta required {}", msg.htlc_id, msg.cltv_expiry, pending_forward_info.outgoing_cltv_value, CLTV_EXPIRY_DELTA);
+				let chan_update = self.get_channel_update(chan).unwrap();
+				return_err!("Forwarding node has tampered with the intended HTLC values or origin node has an obsolete cltv_expiry_delta", 0x1000 | 13, &chan_update.encode_with_len()[..]);
+			}
 			if !chan.is_live() {
 				let chan_update = self.get_channel_update(chan).unwrap();
 				return_err!("Forwarding channel is not in a ready state.", 0x1000 | 7, &chan_update.encode_with_len()[..]);