lukechilds
/
lightning
mirror of https://github.com/lukechilds/lightning.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

hsm: Stabilize the hsm encryption and decryption tests 

We were using sleeps to hope we catch the password prompt. This makes the test
flaky. So I added a help text followed by a `fflush` to make sure we catcht he
right moment, instead of guessing. The `fflush` is also useful for debugging
if a user ever pipes the output to a file it'd get buffered and the user would
wait forever. The same applies for automated systems such as `expect` or
`pexpect` based scripts that enter the password on prompt.
travis-debug
Christian Decker 5 years ago
parent
9e59740268
commit
c84473f82c
2 changed files with 29 additions and 24 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 7
      lightningd/options.c
  2. 46
      tests/test_wallet.py

7
lightningd/options.c
View File

@ -331,7 +331,12 @@ static char *opt_set_hsm_password(struct lightningd *ld)
temp_term.c_lflag &= ~ECHO;
if (tcsetattr(fileno(stdin), TCSAFLUSH, &temp_term) != 0)
return "Could not disable password echoing.";
printf("Enter hsm_secret password : ");
printf("The hsm_secret is encrypted with a password. In order to "
"decrypt it and start the node you must provide the password.\n");
printf("Enter hsm_secret password: ");
/* If we don't flush we might end up being buffered and we might seem
* to hang while we wait for the password. */
fflush(stdout);
if (getline(&passwd, &passwd_size, stdin) < 0)
return "Could not read password from stdin.";
if(passwd[strlen(passwd) - 1] == '\n')

46
tests/test_wallet.py
View File

@ -3,7 +3,7 @@ from fixtures import * # noqa: F401,F403
from fixtures import TEST_NETWORK
from flaky import flaky # noqa: F401
from lightning import RpcError, Millisatoshi
from utils import only_one, wait_for, sync_blockheight, EXPERIMENTAL_FEATURES, COMPAT, VALGRIND, SLOW_MACHINE
from utils import only_one, wait_for, sync_blockheight, EXPERIMENTAL_FEATURES, COMPAT, VALGRIND
import os
import pytest
@ -574,34 +574,32 @@ def test_hsm_secret_encryption(node_factory):
master_fd, slave_fd = os.openpty()
# Test we can encrypt an already-existing and not encrypted hsm_secret
l1.rpc.stop()
l1.stop()
l1.daemon.opts.update({"encrypted-hsm": None})
l1.daemon.start(stdin=slave_fd, wait_for_initialized=False)
time.sleep(3 if SLOW_MACHINE else 1)
l1.daemon.wait_for_log(r'The hsm_secret is encrypted')
os.write(master_fd, password.encode("utf-8"))
l1.daemon.wait_for_log("Server started with public key")
id = l1.rpc.getinfo()["id"]
l1.stop()
# Test we cannot start the same wallet without specifying --encrypted-hsm
l1.stop()
l1.daemon.opts.pop("encrypted-hsm")
l1.daemon.start(stdin=slave_fd, stderr=subprocess.STDOUT,
wait_for_initialized=False)
time.sleep(3 if SLOW_MACHINE else 1)
err = "hsm_secret is encrypted, you need to pass the --encrypted-hsm startup option."
assert l1.daemon.is_in_log(err)
with pytest.raises(subprocess.CalledProcessError, match=r'returned non-zero exit status 1'):
subprocess.check_call(l1.daemon.cmd_line)
# Test we cannot restore the same wallet with another password
l1.daemon.opts.update({"encrypted-hsm": None})
l1.daemon.start(stdin=slave_fd, stderr=subprocess.STDOUT,
wait_for_initialized=False)
time.sleep(3 if SLOW_MACHINE else 1)
l1.daemon.wait_for_log(r'The hsm_secret is encrypted')
os.write(master_fd, password[2:].encode("utf-8"))
l1.daemon.wait_for_log("Wrong password for encrypted hsm_secret.")
# Test we can restore the same wallet with the same password
l1.daemon.start(stdin=slave_fd, wait_for_initialized=False)
time.sleep(3 if SLOW_MACHINE else 1)
l1.daemon.wait_for_log(r'The hsm_secret is encrypted')
os.write(master_fd, password.encode("utf-8"))
l1.daemon.wait_for_log("Server started with public key")
assert id == l1.rpc.getinfo()["id"]
@ -616,10 +614,10 @@ def test_hsmtool_secret_decryption(node_factory):
master_fd, slave_fd = os.openpty()
# Encrypt the master seed
l1.rpc.stop()
l1.stop()
l1.daemon.opts.update({"encrypted-hsm": None})
l1.daemon.start(stdin=slave_fd, wait_for_initialized=False)
time.sleep(3 if SLOW_MACHINE else 1)
l1.daemon.wait_for_log(r'The hsm_secret is encrypted')
os.write(master_fd, password.encode("utf-8"))
l1.daemon.wait_for_log("Server started with public key")
node_id = l1.rpc.getinfo()["id"]
@ -627,11 +625,12 @@ def test_hsmtool_secret_decryption(node_factory):
# We can't use a wrong password !
cmd_line = ["tools/hsmtool", "decrypt", hsm_path, "A wrong pass"]
assert subprocess.Popen(cmd_line).wait() != 0
with pytest.raises(subprocess.CalledProcessError):
subprocess.check_call(cmd_line)
# Decrypt it with hsmtool
cmd_line[3] = password[:-1]
assert subprocess.Popen(cmd_line).wait() == 0
subprocess.check_call(cmd_line)
# Then test we can now start it without password
l1.daemon.opts.pop("encrypted-hsm")
l1.daemon.start(stdin=slave_fd, wait_for_initialized=True)
@ -640,18 +639,19 @@ def test_hsmtool_secret_decryption(node_factory):
# Test we can encrypt it offline
cmd_line[1] = "encrypt"
assert subprocess.Popen(cmd_line).wait() == 0
subprocess.check_call(cmd_line)
# Now we need to pass the encrypted-hsm startup option
l1.stop()
l1.daemon.start(stdin=slave_fd, stderr=subprocess.STDOUT,
wait_for_initialized=False)
time.sleep(3 if SLOW_MACHINE else 1)
err = "hsm_secret is encrypted, you need to pass the --encrypted-hsm startup option."
assert l1.daemon.is_in_log(err)
with pytest.raises(subprocess.CalledProcessError, match=r'returned non-zero exit status 1'):
subprocess.check_call(l1.daemon.cmd_line)
l1.daemon.opts.update({"encrypted-hsm": None})
master_fd, slave_fd = os.openpty()
l1.daemon.start(stdin=slave_fd, stderr=subprocess.STDOUT,
wait_for_initialized=False)
time.sleep(3 if SLOW_MACHINE else 1)
l1.daemon.wait_for_log(r'The hsm_secret is encrypted')
os.write(master_fd, password.encode("utf-8"))
l1.daemon.wait_for_log("Server started with public key")
assert node_id == l1.rpc.getinfo()["id"]
@ -659,7 +659,7 @@ def test_hsmtool_secret_decryption(node_factory):
# And finally test that we can also decrypt if encrypted with hsmtool
cmd_line[1] = "decrypt"
assert subprocess.Popen(cmd_line).wait() == 0
subprocess.check_call(cmd_line)
l1.daemon.opts.pop("encrypted-hsm")
l1.daemon.start(stdin=slave_fd, wait_for_initialized=True)
assert node_id == l1.rpc.getinfo()["id"]

Write Preview
Loading…
Cancel
Save