Non-plugin version of hsmtool#3186
Conversation
| close(fd); | ||
|
|
||
| /* Create a backup file, "just in case". */ | ||
| rename(hsm_secret_path, "hsm_secret.backup"); |
There was a problem hiding this comment.
does rename update just the file name, or the entire path?
There was a problem hiding this comment.
a bit of a stretch goal, but it'd be nice if it's in the same directory as the original hsm file, so that it's easy to find/recover in case of a problem
There was a problem hiding this comment.
Actually it was in plugin version (we chdir in libplugin.c at init) but I kept it although we don"t run it from the same directory.
In case of a not-already handled problem, the backup is still in the running directory.. And it would be quite hacky, just for a tool : recovering the path to the lightning-dir from the hsm_secret path, then prefixing the rename..
|
Thanks for the review, I am about to push the polish and the |
darosior
force-pushed
the
hsm_tools_rework
branch
from
af297fe to
5301ce3
Compare
|
Nice! I prefer Can you add a (optional) node public key argument to |
Sure, will do
😂 |
darosior
force-pushed
the
hsm_tools_rework
branch
from
5301ce3 to
e2d72dd
Compare
|
Great, Github even takes it into account. |
darosior
force-pushed
the
hsm_tools_rework
branch
3 times, most recently
from
8744f16 to
04a42b5
Compare
Yes, you right this should be the default I think. |
darosior
force-pushed
the
hsm_tools_rework
branch
from
04a42b5 to
26bf34e
Compare
|
I'm able to produce the same commitment point with this PR as with my original tool. However it's a bit confusing that index 0 is referred to as depth 1. |
|
Polished, corrected, and rebased on master. |
rustyrussell
left a comment
rustyrussell
left a comment
There was a problem hiding this comment.
Looks good, minor updates only...
| if (close(fd) != 0) | ||
| return false; | ||
|
|
||
| fd = open(".", O_RDONLY); |
There was a problem hiding this comment.
This is fsyncing the wrong dir? You want dirname(hsm_secret_path) here.
| printf("./hsmtools <method> [arguments]\n"); | ||
| printf("methods:\n"); | ||
| printf(" - decrypthsm <path/to/hsm_secret> <password>\n"); | ||
| printf(" - encrypthsm <path/to/hsm_secret> <password>\n"); |
There was a problem hiding this comment.
Since the tool is call htmtools, we could just call these commands "decrypt" and "encrypt" perhaps? And maybe "hsmtool" is better than "hsmtools" though that's marginal.
There was a problem hiding this comment.
Yeah I wanted to add more tools (#3217) but I can make it singular ^^
|
|
||
| fd = open(hsm_secret_path, O_RDONLY); | ||
| if (fd < 0) | ||
| errx(ERROR_HSM_FILE, "Could not open hsm_secret"); |
There was a problem hiding this comment.
Use err() not errx() here, which will tell them what the error was?
There was a problem hiding this comment.
err.. I confused the err functions
| if (fd < 0) | ||
| errx(ERROR_HSM_FILE, "Could not open hsm_secret"); | ||
| if (!read_all(fd, hsm_secret, sizeof(*hsm_secret))) | ||
| errx(ERROR_HSM_FILE, "Could not read hsm_secret"); |
A general one, for all things hsm_secret.
And tell about decryption/encryption with hsmtool
This takes a dbid, a "depth" (how many points to dump), the hsm_secret path, and a potential password to dump informations about all commitments until the depth. Co-Authored-By: Sjors Provoost <sjors@sprovoost.nl>
darosior
force-pushed
the
hsm_tools_rework
branch
from
26bf34e to
aacb721
Compare
|
Corrected the |
darosior
changed the title
rustyrussell
left a comment
rustyrussell
left a comment
There was a problem hiding this comment.
Ack aacb721
Nice work!
4 participants
This closes #3177 as it is a concurrent version of the
hsmtoolsfunctionalities.Changelog-None