From: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date: Fri, 1 Jul 2022 17:37:17 +0000 (-0700)
Subject: Merge pull request #1582 from TheBlueMatt/2022-06-0.0.109
X-Git-Tag: v0.0.109^0
X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=commitdiff_plain;h=f3d5b945c3c9d5b1d9abb3d1cd58f4159d1084e3;hp=d9ba7ce8bfe0d2bd074bde19d03f33bfd45a57bb;p=rust-lightning

Merge pull request #1582 from TheBlueMatt/2022-06-0.0.109

Cut 0.0.109
---

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 62b96df1..5d49d0ef 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,73 @@
+# 0.0.109 - 2022-06-30
+
+## API Updates
+ * `ChannelManager::update_channel_config` has been added to allow the fields
+   in `ChannelConfig` to be changed in a given channel after open (#1527).
+ * If we reconnect to a peer which proves we have a stale channel state, rather
+   than force-closing we will instead panic to provide an opportunity to switch
+   to the latest state and continue operating without channel loss (#1564).
+ * A `NodeAlias` struct has been added which handles string sanitization for
+   node aliases via the `Display` trait (#1544).
+ * `ProbabilisticScoringParameters` now has a `banned_nodes` set which we will
+    never route through during path finding (#1550).
+ * `ProbabilisticScoringParameters` now offers an `anti_probing_penalty_msat`
+   option to prefer channels which afford better privacy when routing (#1555).
+ * `ProbabilisticScorer` now provides access to its estimated liquidity range
+   for a given channel via `estimated_channel_liquidity_range` (#1549).
+ * Options which cannot be changed at runtime have been moved from
+   `ChannelConfig` to `ChannelHandshakeConfig` (#1529).
+ * `find_route` takes `&NetworkGraph` instead of `ReadOnlyNetworkGraph (#1583).
+ * `ChannelDetails` now contains a copy of the current `ChannelConfig` (#1527).
+ * The `lightning-invoice` crate now optionally depends on `serde`, with
+   `Invoice` implementing `serde::{Deserialize,Serialize}` if enabled (#1548).
+ * Several fields in `UserConfig` have been renamed for clarity (#1540).
+
+## Bug Fixes
+ * `find_route` no longer selects routes with more than
+   `PaymentParameters::max_mpp_path_count` paths, and
+   `ChannelManager::send_payment` no longer refuses to send along routes with
+   more than ten paths (#1526).
+ * Fixed two cases where HTLCs pending at the time a counterparty broadcasts a
+   revoked commitment transaction are considered resolved prior to their actual
+   resolution on-chain, possibly passing the update to another channel (#1486).
+ * HTLCs which are relayed through LDK may now have a total expiry time two
+   weeks in the future, up from one, reducing forwarding failures (#1532).
+
+## Serialization Compatibility
+ * All new fields are ignored by prior versions of LDK. All new fields are not
+   present when reading objects serialized by prior versions of LDK.
+ * `ChannelConfig`'s serialization format has changed and is not compatible
+   with any previous version of LDK. Attempts to read values written by a
+   previous version of LDK will fail and attempts to read newly written objects
+   using a previous version of LDK will fail. It is not expected that users are
+   serializing `ChannelConfig` using the LDK serialization API, however, if a
+   backward compatibility wrapper is required, please open an issue.
+
+## Security
+0.0.109 fixes a denial-of-service vulnerability which is reachable from
+untrusted input in some application deployments.
+
+ * Third parties which are allowed to open channels with an LDK-based node may
+   fund a channel with a bogus and maliciously-crafted transaction which, when
+   spent, can cause a panic in the channel's corresponding `ChannelMonitor`.
+   Such a channel is never usable as it cannot be funded with a funding
+   transaction which matches the required output script, allowing the
+   `ChannelMonitor` for such channels to be safely purged as a workaround on
+   previous versions of LDK. Thanks to Eugene Siegel for reporting this issue.
+
+In total, this release features 32 files changed, 1948 insertions, 532
+deletions in 33 commits from 9 authors, in alphabetical order:
+ * Antoine Riard
+ * Daniel Granhão
+ * Elias Rohrer
+ * Jeffrey Czyz
+ * Matt Corallo
+ * Matt Faltyn
+ * NicolaLS
+ * Valentine Wallace
+ * Wilmer Paulino
+
+
 # 0.0.108 - 2022-06-10
 
 ## Bug Fixes
@@ -148,7 +218,7 @@ deletions in 153 commits from 18 authors, in alphabetical order:
  * Jurvis Tan
  * Justin Moon
  * KaFai Choi
- * Mateusz Faltyn
+ * Matt Faltyn
  * Matt Corallo
  * Valentine Wallace
  * Viktor Tigerström
diff --git a/lightning-background-processor/Cargo.toml b/lightning-background-processor/Cargo.toml
index 4833822f..7b2a26f7 100644
--- a/lightning-background-processor/Cargo.toml
+++ b/lightning-background-processor/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "lightning-background-processor"
-version = "0.0.108"
+version = "0.0.109"
 authors = ["Valentine Wallace <vwallace@protonmail.com>"]
 license = "MIT OR Apache-2.0"
 repository = "http://github.com/lightningdevkit/rust-lightning"
@@ -15,10 +15,10 @@ rustdoc-args = ["--cfg", "docsrs"]
 
 [dependencies]
 bitcoin = "0.28.1"
-lightning = { version = "0.0.108", path = "../lightning", features = ["std"] }
-lightning-rapid-gossip-sync = { version = "0.0.108", path = "../lightning-rapid-gossip-sync" }
+lightning = { version = "0.0.109", path = "../lightning", features = ["std"] }
+lightning-rapid-gossip-sync = { version = "0.0.109", path = "../lightning-rapid-gossip-sync" }
 
 [dev-dependencies]
-lightning = { version = "0.0.108", path = "../lightning", features = ["_test_utils"] }
-lightning-invoice = { version = "0.16.0", path = "../lightning-invoice" }
-lightning-persister = { version = "0.0.108", path = "../lightning-persister" }
+lightning = { version = "0.0.109", path = "../lightning", features = ["_test_utils"] }
+lightning-invoice = { version = "0.17.0", path = "../lightning-invoice" }
+lightning-persister = { version = "0.0.109", path = "../lightning-persister" }
diff --git a/lightning-block-sync/Cargo.toml b/lightning-block-sync/Cargo.toml
index 1358370d..d24953f5 100644
--- a/lightning-block-sync/Cargo.toml
+++ b/lightning-block-sync/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "lightning-block-sync"
-version = "0.0.108"
+version = "0.0.109"
 authors = ["Jeffrey Czyz", "Matt Corallo"]
 license = "MIT OR Apache-2.0"
 repository = "http://github.com/lightningdevkit/rust-lightning"
@@ -19,7 +19,7 @@ rpc-client = [ "serde", "serde_json", "chunked_transfer" ]
 
 [dependencies]
 bitcoin = "0.28.1"
-lightning = { version = "0.0.108", path = "../lightning" }
+lightning = { version = "0.0.109", path = "../lightning" }
 futures = { version = "0.3" }
 tokio = { version = "1.0", features = [ "io-util", "net", "time" ], optional = true }
 serde = { version = "1.0", features = ["derive"], optional = true }
diff --git a/lightning-invoice/Cargo.toml b/lightning-invoice/Cargo.toml
index 98282d0d..cae1d9f9 100644
--- a/lightning-invoice/Cargo.toml
+++ b/lightning-invoice/Cargo.toml
@@ -1,7 +1,7 @@
 [package]
 name = "lightning-invoice"
 description = "Data structures to parse and serialize BOLT11 lightning invoices"
-version = "0.16.0"
+version = "0.17.0"
 authors = ["Sebastian Geisler <sgeisler@wh2.tu-dresden.de>"]
 documentation = "https://docs.rs/lightning-invoice/"
 license = "MIT OR Apache-2.0"
@@ -20,7 +20,7 @@ std = ["bitcoin_hashes/std", "num-traits/std", "lightning/std", "bech32/std"]
 
 [dependencies]
 bech32 = { version = "0.8", default-features = false }
-lightning = { version = "0.0.108", path = "../lightning", default-features = false }
+lightning = { version = "0.0.109", path = "../lightning", default-features = false }
 secp256k1 = { version = "0.22", default-features = false, features = ["recovery", "alloc"] }
 num-traits = { version = "0.2.8", default-features = false }
 bitcoin_hashes = { version = "0.10", default-features = false }
@@ -29,6 +29,6 @@ core2 = { version = "0.3.0", default-features = false, optional = true }
 serde = { version = "1.0.118", optional = true }
 
 [dev-dependencies]
-lightning = { version = "0.0.108", path = "../lightning", default-features = false, features = ["_test_utils"] }
+lightning = { version = "0.0.109", path = "../lightning", default-features = false, features = ["_test_utils"] }
 hex = "0.4"
 serde_json = { version = "1"}
diff --git a/lightning-net-tokio/Cargo.toml b/lightning-net-tokio/Cargo.toml
index 9f22e611..050ad4d0 100644
--- a/lightning-net-tokio/Cargo.toml
+++ b/lightning-net-tokio/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "lightning-net-tokio"
-version = "0.0.108"
+version = "0.0.109"
 authors = ["Matt Corallo"]
 license = "MIT OR Apache-2.0"
 repository = "https://github.com/lightningdevkit/rust-lightning/"
@@ -16,7 +16,7 @@ rustdoc-args = ["--cfg", "docsrs"]
 
 [dependencies]
 bitcoin = "0.28.1"
-lightning = { version = "0.0.108", path = "../lightning" }
+lightning = { version = "0.0.109", path = "../lightning" }
 tokio = { version = "1.0", features = [ "io-util", "macros", "rt", "sync", "net", "time" ] }
 
 [dev-dependencies]
diff --git a/lightning-persister/Cargo.toml b/lightning-persister/Cargo.toml
index 4b455118..c13dcb16 100644
--- a/lightning-persister/Cargo.toml
+++ b/lightning-persister/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "lightning-persister"
-version = "0.0.108"
+version = "0.0.109"
 authors = ["Valentine Wallace", "Matt Corallo"]
 license = "MIT OR Apache-2.0"
 repository = "https://github.com/lightningdevkit/rust-lightning/"
@@ -17,11 +17,11 @@ _bench_unstable = ["lightning/_bench_unstable"]
 
 [dependencies]
 bitcoin = "0.28.1"
-lightning = { version = "0.0.108", path = "../lightning" }
+lightning = { version = "0.0.109", path = "../lightning" }
 libc = "0.2"
 
 [target.'cfg(windows)'.dependencies]
 winapi = { version = "0.3", features = ["winbase"] }
 
 [dev-dependencies]
-lightning = { version = "0.0.108", path = "../lightning", features = ["_test_utils"] }
+lightning = { version = "0.0.109", path = "../lightning", features = ["_test_utils"] }
diff --git a/lightning-rapid-gossip-sync/Cargo.toml b/lightning-rapid-gossip-sync/Cargo.toml
index a65e2853..568e399f 100644
--- a/lightning-rapid-gossip-sync/Cargo.toml
+++ b/lightning-rapid-gossip-sync/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "lightning-rapid-gossip-sync"
-version = "0.0.108"
+version = "0.0.109"
 authors = ["Arik Sosman <git@arik.io>"]
 license = "MIT OR Apache-2.0"
 repository = "https://github.com/lightningdevkit/rust-lightning"
@@ -13,8 +13,8 @@ Utility to process gossip routing data from Rapid Gossip Sync Server.
 _bench_unstable = []
 
 [dependencies]
-lightning = { version = "0.0.108", path = "../lightning" }
+lightning = { version = "0.0.109", path = "../lightning" }
 bitcoin = { version = "0.28.1", default-features = false }
 
 [dev-dependencies]
-lightning = { version = "0.0.108", path = "../lightning", features = ["_test_utils"] }
+lightning = { version = "0.0.109", path = "../lightning", features = ["_test_utils"] }
diff --git a/lightning/Cargo.toml b/lightning/Cargo.toml
index b3e2af8c..3162a0ac 100644
--- a/lightning/Cargo.toml
+++ b/lightning/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "lightning"
-version = "0.0.108"
+version = "0.0.109"
 authors = ["Matt Corallo"]
 license = "MIT OR Apache-2.0"
 repository = "https://github.com/lightningdevkit/rust-lightning/"