In particular, we got a segv because we were measuring the wrong
wscript, then we miswired the inputs. It only worked because our
current steal tests don't have a to_us_idx output.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
db_forget_peer() was harmless, but we haven't been entered into the
database yet anyway, and it asserted that we should have been STATE_CLOSED.
Closes: #67
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
We don't need it for testing at the moment, and if we do it'll have
to change to relative anyway now we're going to use time_mono().
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
It's possible that we won't have sent the anchor, but state is
committed in db. And our current philosophy is that we retransmit all
the txs dumbly, all the time.
Our --restart --timeout-anchor test trigger this case, too, so
re-enable that now.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Instead of using wall-clock time, we use blocks. This is simpler and
better for database restores. And both sides will time out.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Re-enabling the next test revealed bugs: if we need to retransmit the
initial open_commit_sig packet, we currently tried to send it as an
UPDATE_COMMIT, which isn't allowed. Fixing that revealed that if
we have to retransmit the initial open, we didn't do that either.
Thus the initial open should count towards the ack count, and we should
special case transmissions of 0 (pkt_open) and 1
(pkt_open_commit_sig).
We also save those early state changes to the database.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
The simplest way is to always use peer_received_unexpected_pkt() which
sends the error packet, and ensure it doesn't do so in response to
pkt_err.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
It doesn't actually help here; we only did it because we differentiate
the states later, and with refactoring we do that via the explicit
offer_anchor flag.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
This means we can now do all database changes, including db_set_visible_state,
within a single transaction (ie. atomically).
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Since we no longer feed it into state.c, we can just us a bool.
And that's the last of the CMD_* in the enum state_input, so remove them
all.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Pierre points out that we don't handle this, and it can happen due
to race; the spec says we are not supposed to send PKT_CLOSE with
uncommitted changes.
Closes: #29
Reported-by: Pierre-Marie Padiou
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Otherwise if they reconnect, we hit the assert in recv_body:
assert(!peer->inpkt);
Found by testing on my build box *without* valgrind (so it was fast
enough to do this).
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Now broadcast_tx() doesn't take ownership of the tx, make sure callers
free; a bit of refactoring to make it clear when we're making a new tx
vs. accessing an existing one, to make this clearer.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Testnet fees are all over the place: don't close a connection due to
that.
Closes: #59
Reported-by: Thomas Daede <daede003@umn.edu>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
This fixes half of #59 (the part which crashes). It doesn't fix the
fact that we should never be doing this for testnet.
Reported-by: Thomas Daede <daede003@umn.edu>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Generally, the pattern is: everything returned is allocated off the return
value, which is the only thing allocated off the context. And it's always
freed.
Also, tal_free() returns NULL, so it's useful for one-line error
cleanups.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
We've seen intermittant failures on testnet, so disable sending feechanges
for now: we're completely changing it for 0.6 anyway, due to Milan Spec.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Make this always the first packet after auth. That means there's no
reliance on whether a node remembers an aborted connection.
It also gives us a place to put version bits.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
This gives much better errors, and allows us to return the peer id.
Closes: #37
Reported-by: Glenn Willen
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Firstly, we need to update the staging fee amount when we queue a change.
Secondly we need to remove completed fee updates, otherwise we hit a
database constraint that peer & state are unique.
Reported-by: Christian Decker
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
We were out by 1000, and also derived it from the previous, not current
state.
Reported-by: Christian Decker
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>