Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

hsmtool rune #6097

Merged
merged 3 commits into from
Apr 11, 2023
Merged

hsmtool rune #6097

merged 3 commits into from
Apr 11, 2023

Conversation

rustyrussell
Copy link
Contributor

This allows creation of a master rune before the node starts. You will still need to create a rune once the node starts, if you want commando to work (as it is only activated once it has generated one), but creating a default rune will give the identical results to the tool anyway.

Requested-by: @ShahanaFarooqui

@rustyrussell rustyrussell added this to the v23.05 milestone Mar 16, 2023
@rustyrussell
hsmtool: rework common hsm_secret fetch/decode.
f495192 
1. Rename get_hsm_secret to get_unencrypted_hsm_secret.
2. Create a common helper for fetching full file contents.
3. Create new routine to decrypt if necessary: get_hsm_secret().

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
@rustyrussell
hsmtool: move sodium_init() to top level.
4088572 
This way we always call it (we weren't for some paths!).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
vincenzopalazzo
vincenzopalazzo approved these changes Apr 10, 2023
View reviewed changes
Copy link
Contributor

@vincenzopalazzo vincenzopalazzo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ACK 6d4e942

tools/hsmtool.c Show resolved Hide resolved
ShahanaFarooqui
ShahanaFarooqui approved these changes Apr 10, 2023
View reviewed changes
Copy link
Collaborator

@ShahanaFarooqui ShahanaFarooqui left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The tool works as expected but the cli hangs if commando is used with this master rune without calling commando-rune first. For posterity, can we add the message You will still need to create a rune once the node starts, if you want commando to work (as it is only activated once it has generated one) somewhere in this command usage?

@rustyrussell
hsmtool: makerune command.
a914288 
You still need to actually make a rune when lightningd starts, as
commando (for safety) won't work unless you actually generate a rune
(that it knows of!).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Added: hsmtool: `makerune` command to make a master rune for a node.
@rustyrussell
Copy link
Contributor Author

OK, I added this to the documentation. There's no really great place to add it in the tool, unfortunately: the usage message is all single lines, and the output is simply the rune: if we add a warning there it gets harder to parse.

@ShahanaFarooqui
Copy link
Collaborator

ShahanaFarooqui commented Apr 11, 2023
edited
Loading

ACK a914288

@ShahanaFarooqui ShahanaFarooqui merged commit 62d9ecb into ElementsProject:master Apr 11, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ShahanaFarooqui ShahanaFarooqui ShahanaFarooqui approved these changes

@vincenzopalazzo vincenzopalazzo vincenzopalazzo approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v23.05
Development

Successfully merging this pull request may close these issues.
3 participants
@rustyrussell @ShahanaFarooqui @vincenzopalazzo