lnd+walletunlocker: remove macaroon dependency from UnlockerService

This commit is contained in:
Wilmer Paulino 2018-04-20 03:06:06 -04:00
parent e73b457e1f
commit b32e0ced45
No known key found for this signature in database
GPG Key ID: 6DF57B9F9514972F
3 changed files with 26 additions and 54 deletions

44
lnd.go

@ -195,18 +195,6 @@ func lndMain() error {
} }
proxyOpts := []grpc.DialOption{grpc.WithTransportCredentials(cCreds)} proxyOpts := []grpc.DialOption{grpc.WithTransportCredentials(cCreds)}
var macaroonService *macaroons.Service
if !cfg.NoMacaroons {
// Create the macaroon authentication/authorization service.
macaroonService, err = macaroons.NewService(macaroonDatabaseDir,
macaroons.IPLockChecker)
if err != nil {
srvrLog.Errorf("unable to create macaroon service: %v", err)
return err
}
defer macaroonService.Close()
}
var ( var (
privateWalletPw = []byte("hello") privateWalletPw = []byte("hello")
publicWalletPw = []byte("public") publicWalletPw = []byte("public")
@ -216,11 +204,11 @@ func lndMain() error {
// We wait until the user provides a password over RPC. In case lnd is // We wait until the user provides a password over RPC. In case lnd is
// started with the --noencryptwallet flag, we use the default password // started with the --noencryptwallet flag, we use the default password
// "hello" for wallet encryption. // for wallet encryption.
if !cfg.NoEncryptWallet { if !cfg.NoEncryptWallet {
walletInitParams, err := waitForWalletPassword( walletInitParams, err := waitForWalletPassword(
cfg.RPCListeners, cfg.RESTListeners, serverOpts, cfg.RPCListeners, cfg.RESTListeners, serverOpts,
proxyOpts, tlsConf, macaroonService, proxyOpts, tlsConf,
) )
if err != nil { if err != nil {
return err return err
@ -238,12 +226,20 @@ func lndMain() error {
} }
} }
var macaroonService *macaroons.Service
if !cfg.NoMacaroons { if !cfg.NoMacaroons {
// Create the macaroon authentication/authorization service.
macaroonService, err = macaroons.NewService(macaroonDatabaseDir,
macaroons.IPLockChecker)
if err != nil {
srvrLog.Errorf("unable to create macaroon service: %v", err)
return err
}
defer macaroonService.Close()
// Try to unlock the macaroon store with the private password. // Try to unlock the macaroon store with the private password.
// Ignore ErrAlreadyUnlocked since it could be unlocked by the
// wallet unlocker.
err = macaroonService.CreateUnlock(&privateWalletPw) err = macaroonService.CreateUnlock(&privateWalletPw)
if err != nil && err != macaroons.ErrAlreadyUnlocked { if err != nil {
srvrLog.Error(err) srvrLog.Error(err)
return err return err
} }
@ -879,12 +875,9 @@ type WalletUnlockParams struct {
// waitForWalletPassword will spin up gRPC and REST endpoints for the // waitForWalletPassword will spin up gRPC and REST endpoints for the
// WalletUnlocker server, and block until a password is provided by // WalletUnlocker server, and block until a password is provided by
// the user to this RPC server. // the user to this RPC server.
func waitForWalletPassword( func waitForWalletPassword(grpcEndpoints, restEndpoints []string,
grpcEndpoints, restEndpoints []string, serverOpts []grpc.ServerOption, proxyOpts []grpc.DialOption,
serverOpts []grpc.ServerOption, tlsConf *tls.Config) (*WalletUnlockParams, error) {
proxyOpts []grpc.DialOption,
tlsConf *tls.Config,
macaroonService *macaroons.Service) (*WalletUnlockParams, error) {
// Set up a new PasswordService, which will listen // Set up a new PasswordService, which will listen
// for passwords provided over RPC. // for passwords provided over RPC.
@ -894,8 +887,9 @@ func waitForWalletPassword(
if registeredChains.PrimaryChain() == litecoinChain { if registeredChains.PrimaryChain() == litecoinChain {
chainConfig = cfg.Litecoin chainConfig = cfg.Litecoin
} }
pwService := walletunlocker.New(macaroonService, pwService := walletunlocker.New(
chainConfig.ChainDir, activeNetParams.Params) chainConfig.ChainDir, activeNetParams.Params,
)
lnrpc.RegisterWalletUnlockerServer(grpcServer, pwService) lnrpc.RegisterWalletUnlockerServer(grpcServer, pwService)
// Use a WaitGroup so we can be sure the instructions on how to input the // Use a WaitGroup so we can be sure the instructions on how to input the

@ -8,7 +8,6 @@ import (
"github.com/lightningnetwork/lnd/aezeed" "github.com/lightningnetwork/lnd/aezeed"
"github.com/lightningnetwork/lnd/lnrpc" "github.com/lightningnetwork/lnd/lnrpc"
"github.com/lightningnetwork/lnd/lnwallet/btcwallet" "github.com/lightningnetwork/lnd/lnwallet/btcwallet"
"github.com/lightningnetwork/lnd/macaroons"
"github.com/roasbeef/btcd/chaincfg" "github.com/roasbeef/btcd/chaincfg"
"github.com/roasbeef/btcwallet/wallet" "github.com/roasbeef/btcwallet/wallet"
"golang.org/x/net/context" "golang.org/x/net/context"
@ -67,13 +66,10 @@ type UnlockerService struct {
chainDir string chainDir string
netParams *chaincfg.Params netParams *chaincfg.Params
authSvc *macaroons.Service
} }
// New creates and returns a new UnlockerService. // New creates and returns a new UnlockerService.
func New(authSvc *macaroons.Service, chainDir string, func New(chainDir string, params *chaincfg.Params) *UnlockerService {
params *chaincfg.Params) *UnlockerService {
return &UnlockerService{ return &UnlockerService{
InitMsgs: make(chan *WalletInitMsg, 1), InitMsgs: make(chan *WalletInitMsg, 1),
UnlockMsgs: make(chan *WalletUnlockMsg, 1), UnlockMsgs: make(chan *WalletUnlockMsg, 1),
@ -216,15 +212,6 @@ func (u *UnlockerService) InitWallet(ctx context.Context,
return nil, err return nil, err
} }
// Attempt to create a password for the macaroon service.
if u.authSvc != nil {
err = u.authSvc.CreateUnlock(&password)
if err != nil {
return nil, fmt.Errorf("unable to create/unlock "+
"macaroon store: %v", err)
}
}
// With the cipher seed deciphered, and the auth service created, we'll // With the cipher seed deciphered, and the auth service created, we'll
// now send over the wallet password and the seed. This will allow the // now send over the wallet password and the seed. This will allow the
// daemon to initialize itself and startup. // daemon to initialize itself and startup.
@ -277,15 +264,6 @@ func (u *UnlockerService) UnlockWallet(ctx context.Context,
return nil, err return nil, err
} }
// Attempt to create a password for the macaroon service.
if u.authSvc != nil {
err = u.authSvc.CreateUnlock(&password)
if err != nil {
return nil, fmt.Errorf("unable to create/unlock "+
"macaroon store: %v", err)
}
}
walletUnlockMsg := &WalletUnlockMsg{ walletUnlockMsg := &WalletUnlockMsg{
Passphrase: password, Passphrase: password,
RecoveryWindow: recoveryWindow, RecoveryWindow: recoveryWindow,

@ -67,7 +67,7 @@ func TestGenSeed(t *testing.T) {
defer func() { defer func() {
os.RemoveAll(testDir) os.RemoveAll(testDir)
}() }()
service := walletunlocker.New(nil, testDir, testNetParams) service := walletunlocker.New(testDir, testNetParams)
// Now that the service has been created, we'll ask it to generate a // Now that the service has been created, we'll ask it to generate a
// new seed for us given a test passphrase. // new seed for us given a test passphrase.
@ -108,7 +108,7 @@ func TestGenSeedGenerateEntropy(t *testing.T) {
defer func() { defer func() {
os.RemoveAll(testDir) os.RemoveAll(testDir)
}() }()
service := walletunlocker.New(nil, testDir, testNetParams) service := walletunlocker.New(testDir, testNetParams)
// Now that the service has been created, we'll ask it to generate a // Now that the service has been created, we'll ask it to generate a
// new seed for us given a test passphrase. Note that we don't actually // new seed for us given a test passphrase. Note that we don't actually
@ -148,7 +148,7 @@ func TestGenSeedInvalidEntropy(t *testing.T) {
defer func() { defer func() {
os.RemoveAll(testDir) os.RemoveAll(testDir)
}() }()
service := walletunlocker.New(nil, testDir, testNetParams) service := walletunlocker.New(testDir, testNetParams)
// Now that the service has been created, we'll ask it to generate a // Now that the service has been created, we'll ask it to generate a
// new seed for us given a test passphrase. However, we'll be using an // new seed for us given a test passphrase. However, we'll be using an
@ -186,7 +186,7 @@ func TestInitWallet(t *testing.T) {
}() }()
// Create new UnlockerService. // Create new UnlockerService.
service := walletunlocker.New(nil, testDir, testNetParams) service := walletunlocker.New(testDir, testNetParams)
// Once we have the unlocker service created, we'll now instantiate a // Once we have the unlocker service created, we'll now instantiate a
// new cipher seed instance. // new cipher seed instance.
@ -287,7 +287,7 @@ func TestCreateWalletInvalidEntropy(t *testing.T) {
}() }()
// Create new UnlockerService. // Create new UnlockerService.
service := walletunlocker.New(nil, testDir, testNetParams) service := walletunlocker.New(testDir, testNetParams)
// We'll attempt to init the wallet with an invalid cipher seed and // We'll attempt to init the wallet with an invalid cipher seed and
// passphrase. // passphrase.
@ -320,7 +320,7 @@ func TestUnlockWallet(t *testing.T) {
}() }()
// Create new UnlockerService. // Create new UnlockerService.
service := walletunlocker.New(nil, testDir, testNetParams) service := walletunlocker.New(testDir, testNetParams)
ctx := context.Background() ctx := context.Background()
req := &lnrpc.UnlockWalletRequest{ req := &lnrpc.UnlockWalletRequest{