From 596972366d244a39b1f3b668312aac0d7e75a35c Mon Sep 17 00:00:00 2001 From: Rusty Russell Date: Mon, 5 Aug 2019 14:18:05 +0930 Subject: [PATCH] wire: always ignore unknown odd messages. Signed-off-by: Rusty Russell --- CHANGELOG.md | 1 + common/read_peer_msg.c | 9 ++++++++ openingd/openingd.c | 52 ++++++++++++------------------------------ 3 files changed, 25 insertions(+), 37 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 24152de37..f9944d5e0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -41,6 +41,7 @@ changes. - Plugin: `pay` no longer crashes on timeout. - Plugin: `disconnect` notifier now called if remote side disconnects. - channeld: ignore, and simply try reconnecting if lnd sends "sync error". +- Protocol: we now correctly ignore unknown odd messages. ### Security diff --git a/common/read_peer_msg.c b/common/read_peer_msg.c index 043d7142f..53355ff77 100644 --- a/common/read_peer_msg.c +++ b/common/read_peer_msg.c @@ -154,6 +154,15 @@ bool handle_peer_gossip_or_error(struct per_peer_state *pps, bool all_channels; struct channel_id actual; + /* BOLT #1: + * + * A receiving node: + * - upon receiving a message of _odd_, unknown type: + * - MUST ignore the received message. + */ + if (is_unknown_msg_discardable(msg)) + goto handled; + if (handle_timestamp_filter(pps, msg)) return true; else if (is_msg_for_gossipd(msg)) { diff --git a/openingd/openingd.c b/openingd/openingd.c index bb32c630a..d53910681 100644 --- a/openingd/openingd.c +++ b/openingd/openingd.c @@ -367,6 +367,7 @@ static u8 *opening_negotiate_msg(const tal_t *ctx, struct state *state, /* This helper routine polls both the peer and gossipd. */ msg = peer_or_gossip_sync_read(ctx, state->pps, &from_gossipd); + /* Use standard helper for gossip msgs (forwards, if it's an * error, exits). */ if (from_gossipd) { @@ -380,6 +381,15 @@ static u8 *opening_negotiate_msg(const tal_t *ctx, struct state *state, continue; } + /* BOLT #1: + * + * A receiving node: + * - upon receiving a message of _odd_, unknown type: + * - MUST ignore the received message. + */ + if (is_unknown_msg_discardable(msg)) + continue; + /* Might be a timestamp filter request: handle. */ if (handle_timestamp_filter(state->pps, msg)) continue; @@ -1521,45 +1531,13 @@ static u8 *handle_peer_in(struct state *state) enum wire_type t = fromwire_peektype(msg); struct channel_id channel_id; - switch (t) { - case WIRE_OPEN_CHANNEL: + if (t == WIRE_OPEN_CHANNEL) return fundee_channel(state, msg); - /* These are handled by handle_peer_gossip_or_error. */ - case WIRE_PING: - case WIRE_PONG: - case WIRE_CHANNEL_ANNOUNCEMENT: - case WIRE_NODE_ANNOUNCEMENT: - case WIRE_CHANNEL_UPDATE: - case WIRE_QUERY_SHORT_CHANNEL_IDS: - case WIRE_REPLY_SHORT_CHANNEL_IDS_END: - case WIRE_QUERY_CHANNEL_RANGE: - case WIRE_REPLY_CHANNEL_RANGE: - case WIRE_GOSSIP_TIMESTAMP_FILTER: - case WIRE_ERROR: - case WIRE_CHANNEL_REESTABLISH: - /* These are all protocol violations at this stage. */ - case WIRE_INIT: - case WIRE_ACCEPT_CHANNEL: - case WIRE_FUNDING_CREATED: - case WIRE_FUNDING_SIGNED: - case WIRE_FUNDING_LOCKED: - case WIRE_SHUTDOWN: - case WIRE_CLOSING_SIGNED: - case WIRE_UPDATE_ADD_HTLC: - case WIRE_UPDATE_FULFILL_HTLC: - case WIRE_UPDATE_FAIL_HTLC: - case WIRE_UPDATE_FAIL_MALFORMED_HTLC: - case WIRE_COMMITMENT_SIGNED: - case WIRE_REVOKE_AND_ACK: - case WIRE_UPDATE_FEE: - case WIRE_ANNOUNCEMENT_SIGNATURES: - /* Standard cases */ - if (handle_peer_gossip_or_error(state->pps, - &state->channel_id, msg)) - return NULL; - break; - } + /* Handles standard cases, and legal unknown ones. */ + if (handle_peer_gossip_or_error(state->pps, + &state->channel_id, msg)) + return NULL; sync_crypto_write(state->pps, take(towire_errorfmt(NULL,