htlcswitch+lnwire: invalid onion payload #3470
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
Previously we would not mark a success for the first hop if the fail source index was 2. We also add a test to assert this behavior.
This commit adds a hop.PayloadViolation enum which encompasses the cases where the sender omits, includes, or requires a type that causes an ErrInvalidPayload faiulre. The existing Omitted bool is converted to this PayloadViolation, and NewPayloadFromReader is updated to return such a failure with a RequiredViolation when an unknown required type is detected. The unit tests are updated to cover the three possible cases of RequiredViolations, as well as included valid intermediate and final hop tests.
This commit modifies the link return an InvalidOnionPayload failure when it cannot parse a TLV payload. The offset is left at zero, since its unclear how useful it will be in practice and would require some significant reworkings of the abstractions in the tlv package. TODO: add unit tests. currently none of the test unit infrastructure is setup to handle TLV payloads, so this would require implementing a separate mock iterator for TLV payloads that also supports injecting invalid payloads. Deferring this non-trival effor till a later date
An InvalidOnionPayload implies that the onion was successfully received by the reporting node, but that they were unable to extract the contents. Since we assume our own behavior is correct, this mostly likely poins to an error in the reporter's implementation or that we sent an unknown required type. Therefore we only penalize that single hop, and consider the failure terminal if the receiver reported it.
This commit modifies the NewPayloadFromReader to apply known presence/omission contraints in the event that the tlv parser returns an unknown required type failure. Now that the parser has been modified to finished parsing the stream to obtain a proper parsed type set, we can accurately apply these higher level validation checks. This overrides required type failures, such that they are only returned if the sender properly abided by the constraints on fields for which we know. The unit tests are updated to create otherwise valid payloads that then return unknown required type failures. In one case, a test which previously returned an unknown required type failure is made to return an included failure for the sid, indicating the unknown required type 0 is being overruled.
Add this suggestion to a batch that can be applied as a single commit. This suggestion is invalid because no changes were made to the code. Suggestions cannot be applied while the pull request is closed. Suggestions cannot be applied while viewing a subset of changes. Only one suggestion per line can be applied in a batch. Add this suggestion to a batch that can be applied as a single commit. Applying suggestions on deleted lines is not supported. You must change the existing code in this line in order to create a valid suggestion. Outdated suggestions cannot be applied. This suggestion has been applied or marked resolved. Suggestions cannot be applied from pending reviews. Suggestions cannot be applied on multi-line comments. Suggestions cannot be applied while the pull request is queued to merge.