ElementsProject · ZmnSCPxj · Jan 13, 2020 · Jan 7, 2020 · Jan 7, 2020 · Jan 9, 2020
diff --git a/tests/test_db.py b/tests/test_db.py
@@ -1,7 +1,7 @@
 from fixtures import * # noqa: F401,F403
 from fixtures import TEST_NETWORK
 from pyln.client import RpcError
-from utils import wait_for, sync_blockheight, COMPAT
+from utils import wait_for, sync_blockheight, COMPAT, VALGRIND, DEVELOPER
 import os
 import pytest
 import time
@@ -140,6 +140,7 @@ def test_scid_upgrade(node_factory, bitcoind):
  assert l1.db_query('SELECT failchannel from payments;') == [{'failchannel': '103x1x1'}]
 
 
+@unittest.skipIf(VALGRIND and not DEVELOPER, "Without developer valgrind will complain about debug symbols missing")
 def test_optimistic_locking(node_factory, bitcoind):
  """Have a node run against a DB, then change it under its feet, crashing it.
 

diff --git a/tests/test_gossip.py b/tests/test_gossip.py
@@ -1,4 +1,5 @@
 from collections import Counter
+from ephemeral_port_reserve import reserve
 from fixtures import * # noqa: F401,F403
 from fixtures import TEST_NETWORK
 from lightning import RpcError
@@ -1600,21 +1601,28 @@ def test_statictor_onions(node_factory):
  """
  # please define your values
  torip = '127.0.0.1'
- toripps = '127.0.0.1:9051'
+ torips = '127.0.0.1:9051'
  torport = 9050
  torserviceport = 9051
+ portA, portB = reserve(), reserve()
 
  if not check_socket(format(torip), torserviceport):
  return
 
  if not check_socket(format(torip), torport):
  return
 
- l1 = node_factory.get_node(may_fail=True, options={'addr': ['statictor:'.format(toripps)]})
- l2 = node_factory.get_node(may_fail=True, options={'addr': ['statictor:'.format(toripps, '/torblob=11234567890123456789012345678901')]})
+ l1 = node_factory.get_node(may_fail=True, options={
+ 'bind-addr': '127.0.0.1:{}'.format(portA),
+ 'addr': ['statictor:{}'.format(torips)]
+ })
+ l2 = node_factory.get_node(may_fail=True, options={
+ 'bind-addr': '127.0.0.1:{}'.format(portB),
+ 'addr': ['statictor:{}/torblob=11234567890123456789012345678901'.format(torips)]
+ })
 
- assert l1.daemon.is_in_log('127.0.0.1:'.format(l1.port))
- assert l2.daemon.is_in_log('x2y4zvh4fn5q3eouuh7nxnc7zeawrqoutljrup2xjtiyxgx3emgkemad.onion:9735,127.0.0.1:'.format(l2.port))
+ assert l1.daemon.is_in_log('127.0.0.1:{}'.format(l1.port))
+ assert l2.daemon.is_in_log('x2y4zvh4fn5q3eouuh7nxnc7zeawrqoutljrup2xjtiyxgx3emgkemad.onion:9735,127.0.0.1:{}'.format(l2.port))
 
 
 @unittest.skipIf(not DEVELOPER, "needs a running Tor service instance at port 9151 or 9051")
@@ -1626,18 +1634,20 @@ def test_torport_onions(node_factory):
  """
  # please define your values
  torip = '127.0.0.1'
- toripps = '127.0.0.1:9051'
+ torips = '127.0.0.1:9051'
  torport = 9050
  torserviceport = 9051
 
- if not check_socket(format(torip), torserviceport):
+ if not check_socket(torip, torserviceport):
  return
 
- if not check_socket(format(torip), torport):
+ if not check_socket(torip, torport):
  return
 
- l1 = node_factory.get_node(may_fail=True, options={'addr': ['statictor:'.format(toripps, '/torport=45321')]})
- l2 = node_factory.get_node(may_fail=True, options={'addr': ['statictor:'.format(toripps, '/torport=45321:torblob=11234567890123456789012345678901')]})
+ portA, portB = reserve(), reserve()
+
+ l1 = node_factory.get_node(may_fail=True, options={'bind-addr': '127.0.0.1:{}'.format(portA), 'addr': ['statictor:{}/torport=45321'.format(torips)]})
+ l2 = node_factory.get_node(may_fail=True, options={'bind-addr': '127.0.0.1:{}'.format(portB), 'addr': ['statictor:{}/torport=45321/torblob=11234567890123456789012345678901'.format(torips)]})
 
- assert l1.daemon.is_in_log('45321,127.0.0.1:'.format(l1.port))
- assert l2.daemon.is_in_log('x2y4zvh4fn5q3eouuh7nxnc7zeawrqoutljrup2xjtiyxgx3emgkemad.onion:45321,127.0.0.1:'.format(l2.port))
+ assert l1.daemon.is_in_log('45321,127.0.0.1:{}'.format(l1.port))
+ assert l2.daemon.is_in_log('x2y4zvh4fn5q3eouuh7nxnc7zeawrqoutljrup2xjtiyxgx3emgkemad.onion:45321,127.0.0.1:{}'.format(l2.port))
diff --git a/tools/hsmtool.c b/tools/hsmtool.c
@@ -152,19 +152,23 @@ static int decrypt_hsm(const char *hsm_secret_path, const char *passwd)
  int fd;
  struct stat st;
  struct secret hsm_secret;
+ const char *dir, *backup;
 
  if (sodium_init() == -1)
  err(ERROR_LIBSODIUM,
  "Could not initialize libsodium. Not enough entropy ?");
 
+ dir = path_dirname(NULL, hsm_secret_path);
+ backup = path_join(dir, dir, "hsm_secret.backup");
+
  if (stat(hsm_secret_path, &st) != 0)
  err(ERROR_HSM_FILE, "Could not stat hsm_secret");
  if (st.st_size <= 32)
  err(ERROR_HSM_FILE, "hsm_secret is not encrypted");
  get_encrypted_hsm_secret(&hsm_secret, hsm_secret_path, passwd);
 
  /* Create a backup file, "just in case". */
- rename(hsm_secret_path, "hsm_secret.backup");
+ rename(hsm_secret_path, backup);
  fd = open(hsm_secret_path, O_CREAT|O_EXCL|O_WRONLY, 0400);
  if (fd < 0)
  err(ERROR_HSM_FILE, "Could not open new hsm_secret");
@@ -180,11 +184,12 @@ static int decrypt_hsm(const char *hsm_secret_path, const char *passwd)
  /* Be as paranoïd as in hsmd with the file state on disk. */
  if (!ensure_hsm_secret_exists(fd, hsm_secret_path)) {
  unlink_noerr(hsm_secret_path);
- rename("hsm_secret.backup", hsm_secret_path);
+ rename(backup, hsm_secret_path);
  err(ERROR_HSM_FILE,
  "Could not ensure hsm_secret existence.");
  }
- unlink_noerr("hsm_secret.backup");
+ unlink_noerr(backup);
+ tal_free(dir);
 
  printf("Succesfully decrypted hsm_secret, be careful now :-).\n");
  return 0;
@@ -200,6 +205,10 @@ static int encrypt_hsm(const char *hsm_secret_path, const char *passwd)
  u8 header[crypto_secretstream_xchacha20poly1305_HEADERBYTES];
  /* The cipher size is static with xchacha20poly1305. */
  u8 cipher[sizeof(struct secret) + crypto_secretstream_xchacha20poly1305_ABYTES];
+ const char *dir, *backup;
+
+ dir = path_dirname(NULL, hsm_secret_path);
+ backup = path_join(dir, dir, "hsm_secret.backup");
 
  if (sodium_init() == -1)
  err(ERROR_LIBSODIUM,
@@ -228,7 +237,7 @@ static int encrypt_hsm(const char *hsm_secret_path, const char *passwd)
  err(ERROR_LIBSODIUM, "Could not encrypt the seed.");
 
  /* Create a backup file, "just in case". */
- rename(hsm_secret_path, "hsm_secret.backup");
+ rename(hsm_secret_path, backup);
  fd = open(hsm_secret_path, O_CREAT|O_EXCL|O_WRONLY, 0400);
  if (fd < 0)
  err(ERROR_HSM_FILE, "Could not open new hsm_secret");
@@ -238,17 +247,18 @@ static int encrypt_hsm(const char *hsm_secret_path, const char *passwd)
  || !write_all(fd, cipher, sizeof(cipher))) {
  unlink_noerr(hsm_secret_path);
  close(fd);
- rename("hsm_secret.backup", hsm_secret_path);
+ rename(backup, hsm_secret_path);
  err(ERROR_HSM_FILE, "Failure writing cipher to hsm_secret.");
  }
 
  /* Be as paranoïd as in hsmd with the file state on disk. */
  if (!ensure_hsm_secret_exists(fd, hsm_secret_path)) {
  unlink_noerr(hsm_secret_path);
- rename("hsm_secret.backup", hsm_secret_path);
+ rename(backup, hsm_secret_path);
  err(ERROR_HSM_FILE, "Could not ensure hsm_secret existence.");
  }
- unlink_noerr("hsm_secret.backup");
+ unlink_noerr(backup);
+ tal_free(dir);
 
  printf("Succesfully encrypted hsm_secret. You'll now have to pass the "
  "--encrypted-hsm startup option.\n");