lightningd: support hsm error code

Suggested-by: Rusty Russell Signed-off-by: Vincenzo Palazzo <vincenzopalazzodev@gmail.com> Changelog-Changed: Support hsm specific error error code in lightning-cli
2025-12-19 23:24:27 +01:00 · 2021-12-14 22:57:21 +01:00
parent 9a85b02c6f
commit 43ff949ea7
7 changed files with 109 additions and 59 deletions
--- a/lightningd/hsm_control.c
+++ b/lightningd/hsm_control.c
@@ -2,6 +2,7 @@
 #include <ccan/err/err.h>
 #include <ccan/fdpass/fdpass.h>
 #include <common/ecdh.h>
+#include <common/errcode.h>
 #include <common/hsm_encryption.h>
 #include <common/json_helpers.h>
 #include <common/param.h>
@@ -82,14 +83,14 @@ struct ext_key *hsm_init(struct lightningd *ld)

 	/* We actually send requests synchronously: only status is async. */
 	if (socketpair(AF_LOCAL, SOCK_STREAM, 0, fds) != 0)
-		err(1, "Could not create hsm socketpair");
+		err(HSM_GENERIC_ERROR, "Could not create hsm socketpair");

 	ld->hsm = new_global_subd(ld, "lightning_hsmd",
 				  hsmd_wire_name,
 				  hsm_msg,
 				  take(&fds[1]), NULL);
 	if (!ld->hsm)
-		err(1, "Could not subd hsm");
+		err(HSM_GENERIC_ERROR, "Could not subd hsm");

 	/* If hsm_secret is encrypted and the --encrypted-hsm startup option is
 	 * not passed, don't let hsmd use the first 32 bytes of the cypher as the
@@ -98,7 +99,7 @@ struct ext_key *hsm_init(struct lightningd *ld)
 		struct stat st;
 		if (stat("hsm_secret", &st) == 0 &&
 			 st.st_size == ENCRYPTED_HSM_SECRET_LEN)
-			errx(1, "hsm_secret is encrypted, you need to pass the "
+			errx(HSM_ERROR_IS_ENCRYPT, "hsm_secret is encrypted, you need to pass the "
 			        "--encrypted-hsm startup option.");
 	}

@@ -111,7 +112,7 @@ struct ext_key *hsm_init(struct lightningd *ld)
 							 IFDEV(ld->dev_force_bip32_seed, NULL),
 							 IFDEV(ld->dev_force_channel_secrets, NULL),
 							 IFDEV(ld->dev_force_channel_secrets_shaseed, NULL))))
-		err(1, "Writing init msg to hsm");
+		err(HSM_GENERIC_ERROR, "Writing init msg to hsm");

 	bip32_base = tal(ld, struct ext_key);
 	msg = wire_sync_read(tmpctx, ld->hsm_fd);
@@ -120,8 +121,8 @@ struct ext_key *hsm_init(struct lightningd *ld)
 				      &ld->bolt12_base,
 				      &ld->onion_reply_secret)) {
 		if (ld->config.keypass)
-			errx(1, "Wrong password for encrypted hsm_secret.");
-		errx(1, "HSM did not give init reply");
+			errx(HSM_BAD_PASSWORD, "Wrong password for encrypted hsm_secret.");
+		errx(HSM_GENERIC_ERROR, "HSM did not give init reply");
 	}

 	return bip32_base;
--- a/lightningd/options.c
+++ b/lightningd/options.c
@@ -26,6 +26,20 @@
 #include <sys/stat.h>
 #include <sys/wait.h>

+/* Unless overridden, we exit with status 1 when option parsing fails */
+static int opt_exitcode = 1;
+
+static void opt_log_stderr_exitcode(const char *fmt, ...)
+{
+	va_list ap;
+
+	va_start(ap, fmt);
+	vfprintf(stderr, fmt, ap);
+	fprintf(stderr, "\n");
+	va_end(ap);
+	exit(opt_exitcode);
+}
+
 /* Declare opt_add_addr here, because we we call opt_add_addr
 * and opt_announce_addr vice versa
 */
@@ -461,7 +475,7 @@ static char *opt_important_plugin(const char *arg, struct lightningd *ld)
 */
 static char *opt_set_hsm_password(struct lightningd *ld)
 {
-	char *passwd, *passwd_confirmation, *err;
+	char *passwd, *passwd_confirmation, *err_msg;

 	printf("The hsm_secret is encrypted with a password. In order to "
 	       "decrypt it and start the node you must provide the password.\n");
@@ -469,20 +483,23 @@ static char *opt_set_hsm_password(struct lightningd *ld)
 	/* If we don't flush we might end up being buffered and we might seem
 	 * to hang while we wait for the password. */
 	fflush(stdout);
-	passwd = read_stdin_pass(&err);
+
+	passwd = read_stdin_pass_with_exit_code(&err_msg, &opt_exitcode);
 	if (!passwd)
-		return err;
+		return err_msg;
 	printf("Confirm hsm_secret password:\n");
 	fflush(stdout);
-	passwd_confirmation = read_stdin_pass(&err);
+	passwd_confirmation = read_stdin_pass_with_exit_code(&err_msg, &opt_exitcode);
 	if (!passwd_confirmation)
-		return err;
+		return err_msg;
 	printf("\n");

 	ld->config.keypass = tal(NULL, struct secret);
-	err = hsm_secret_encryption_key(passwd, ld->config.keypass);
-	if (err)
-		return err;
+
+	opt_exitcode = hsm_secret_encryption_key_with_exitcode(passwd, ld->config.keypass, &err_msg);
+	if (opt_exitcode > 0)
+		return err_msg;
+
 	ld->encrypted_hsm = true;
 	free(passwd);
 	free(passwd_confirmation);
@@ -1087,8 +1104,8 @@ static void register_opts(struct lightningd *ld)
 				   opt_hidden);

 	opt_register_noarg("--encrypted-hsm", opt_set_hsm_password, ld,
-	                   "Set the password to encrypt hsm_secret with. If no password is passed through command line, "
-	                   "you will be prompted to enter it.");
+					  "Set the password to encrypt hsm_secret with. If no password is passed through command line, "
+					  "you will be prompted to enter it.");

 	opt_register_arg("--rpc-file-mode", &opt_set_mode, &opt_show_mode,
 			 &ld->rpc_filemode,
@@ -1315,10 +1332,9 @@ void handle_opts(struct lightningd *ld, int argc, char *argv[])
 	parse_config_files(ld->config_filename, ld->config_basedir, false);

 	/* Now parse cmdline, which overrides config. */
-	opt_parse(&argc, argv, opt_log_stderr_exit);
+	opt_parse(&argc, argv, opt_log_stderr_exitcode);
 	if (argc != 1)
 		errx(1, "no arguments accepted");
-
 	/* We keep a separate variable rather than overriding always_use_proxy,
 	 * so listconfigs shows the correct thing. */
 	if (tal_count(ld->proposed_wireaddr) != 0