-
Notifications
You must be signed in to change notification settings - Fork 889
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Non-plugin version of hsmtool #3186
Non-plugin version of hsmtool #3186
Conversation
tools/hsmtools.c
Outdated
close(fd); | ||
|
||
/* Create a backup file, "just in case". */ | ||
rename(hsm_secret_path, "hsm_secret.backup"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
does rename
update just the file name, or the entire path?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
entire path
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
a bit of a stretch goal, but it'd be nice if it's in the same directory as the original hsm file, so that it's easy to find/recover in case of a problem
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actually it was in plugin version (we chdir in libplugin.c at init
) but I kept it although we don"t run it from the same directory.
In case of a not-already handled problem, the backup is still in the running directory.. And it would be quite hacky, just for a tool : recovering the path to the lightning-dir from the hsm_secret path, then prefixing the rename..
Thanks for the review, I am about to push the polish and the |
af297fe
to
5301ce3
Compare
Nice! I prefer Can you add a (optional) node public key argument to |
Sure, will do
😂 |
5301ce3
to
e2d72dd
Compare
Great, Github even takes it into account. |
8744f16
to
04a42b5
Compare
Yes, you right this should be the default I think. |
04a42b5
to
26bf34e
Compare
I'm able to produce the same commitment point with this PR as with my original tool. However it's a bit confusing that index 0 is referred to as depth 1. |
Polished, corrected, and rebased on master. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good, minor updates only...
tools/hsmtools.c
Outdated
if (close(fd) != 0) | ||
return false; | ||
|
||
fd = open(".", O_RDONLY); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is fsyncing the wrong dir? You want dirname(hsm_secret_path) here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Bad copy/paste!
tools/hsmtools.c
Outdated
@@ -19,6 +19,7 @@ static void show_usage(void) | |||
printf("./hsmtools <method> [arguments]\n"); | |||
printf("methods:\n"); | |||
printf(" - decrypthsm <path/to/hsm_secret> <password>\n"); | |||
printf(" - encrypthsm <path/to/hsm_secret> <password>\n"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since the tool is call htmtools, we could just call these commands "decrypt" and "encrypt" perhaps? And maybe "hsmtool" is better than "hsmtools" though that's marginal.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah I wanted to add more tools (#3217) but I can make it singular ^^
tools/hsmtools.c
Outdated
|
||
fd = open(hsm_secret_path, O_RDONLY); | ||
if (fd < 0) | ||
errx(ERROR_HSM_FILE, "Could not open hsm_secret"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Use err() not errx() here, which will tell them what the error was?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
err.. I confused the err functions
tools/hsmtools.c
Outdated
if (fd < 0) | ||
errx(ERROR_HSM_FILE, "Could not open hsm_secret"); | ||
if (!read_all(fd, hsm_secret, sizeof(*hsm_secret))) | ||
errx(ERROR_HSM_FILE, "Could not read hsm_secret"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Here too...
A general one, for all things hsm_secret.
And tell about decryption/encryption with hsmtool
This takes a dbid, a "depth" (how many points to dump), the hsm_secret path, and a potential password to dump informations about all commitments until the depth. Co-Authored-By: Sjors Provoost <sjors@sprovoost.nl>
26bf34e
to
aacb721
Compare
Corrected the |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ack aacb721
Nice work!
This closes #3177 as it is a concurrent version of the
hsmtools
functionalities.Changelog-None