nostrdb

an unfairly fast embedded nostr database backed by lmdb
git clone git://jb55.com/nostrdb
Log | Files | Refs | Submodules | README | LICENSE

commit 0d283558db991dc3a6b8e81f2d2d822cda4747d2
parent 4c4335fcd0f349916a880990cea59692827302ad
Author: William Casarin <jb55@jb55.com>
Date:   Fri, 22 Dec 2023 16:48:50 -0800

add supporting files for the bolt11 parser

A lot of this was pulled from core-lightning. Not sure what is actually
needed or not.

Diffstat:
MMakefile | 3++-
Dbech32.c | 217-------------------------------------------------------------------------------
Dbech32.h | 142-------------------------------------------------------------------------------
Abolt11/alignof.h | 20++++++++++++++++++++
Abolt11/amount.c | 566+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Abolt11/amount.h | 203+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Abolt11/array_size.h | 26++++++++++++++++++++++++++
Abolt11/bech32.c | 217+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Abolt11/bech32.h | 142+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Abolt11/bech32_util.c | 127+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Abolt11/bech32_util.h | 28++++++++++++++++++++++++++++
Abolt11/bolt11.c | 676+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Abolt11/bolt11.h | 104+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Abolt11/build_assert.h | 40++++++++++++++++++++++++++++++++++++++++
Abolt11/check_type.h | 64++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Abolt11/container_of.h | 145+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Abolt11/cppmagic.h | 191+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Abolt11/debug.h | 15+++++++++++++++
Abolt11/error.c | 34++++++++++++++++++++++++++++++++++
Abolt11/error.h | 33+++++++++++++++++++++++++++++++++
Abolt11/hash_u5.c | 48++++++++++++++++++++++++++++++++++++++++++++++++
Abolt11/hash_u5.h | 20++++++++++++++++++++
Abolt11/libnostrdb.a | 0
Abolt11/likely.h | 115+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Abolt11/list.c | 43+++++++++++++++++++++++++++++++++++++++++++
Abolt11/list.h | 842+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Abolt11/mem.c | 128+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Abolt11/mem.h | 295+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Abolt11/node_id.c | 64++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Abolt11/node_id.h | 38++++++++++++++++++++++++++++++++++++++
Abolt11/overflows.h | 43+++++++++++++++++++++++++++++++++++++++++++
Abolt11/short_types.h | 35+++++++++++++++++++++++++++++++++++
Abolt11/str.h | 228+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Abolt11/str_debug.h | 30++++++++++++++++++++++++++++++
Abolt11/structeq.h | 46++++++++++++++++++++++++++++++++++++++++++++++
Abolt11/take.c | 126+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Abolt11/take.h | 136+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Abolt11/tal.c | 972+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Abolt11/tal.h | 553+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Abolt11/talstr.c | 315+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Abolt11/talstr.h | 225+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Abolt11/typesafe_cb.h | 134+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Abolt11/utf8.c | 199+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Abolt11/utf8.h | 57+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Mcompiler.h | 342++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-------------
Mcursor.h | 4+---
Anostr_bech32.c | 306+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Anostr_bech32.h | 84+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Mnostrdb.c | 2++
Mtest.c | 2++
50 files changed, 8007 insertions(+), 418 deletions(-)

diff --git a/Makefile b/Makefile @@ -1,7 +1,8 @@ CFLAGS = -Wall -Wno-misleading-indentation -Wno-unused-function -Werror -O2 -g -Ideps/secp256k1/include -Ideps/lmdb -Ideps/flatcc/include HEADERS = sha256.h nostrdb.h cursor.h hex.h jsmn.h config.h sha256.h random.h memchr.h cpu.h $(C_BINDINGS) FLATCC_SRCS=deps/flatcc/src/runtime/json_parser.c deps/flatcc/src/runtime/verifier.c deps/flatcc/src/runtime/builder.c deps/flatcc/src/runtime/emitter.c deps/flatcc/src/runtime/refmap.c -SRCS = nostrdb.c sha256.c bech32.c $(FLATCC_SRCS) +BOLT11_SRCS = bolt11/bolt11.c bolt11/bech32.c bolt11/tal.c bolt11/talstr.c bolt11/take.c bolt11/list.c bolt11/utf8.c bolt11/amount.c bolt11/hash_u5.c +SRCS = nostrdb.c sha256.c $(BOLT11_SRCS) $(FLATCC_SRCS) LDS = $(OBJS) $(ARS) OBJS = $(SRCS:.c=.o) DEPS = $(OBJS) $(HEADERS) $(ARS) diff --git a/bech32.c b/bech32.c @@ -1,217 +0,0 @@ -/* Stolen from https://github.com/sipa/bech32/blob/master/ref/c/segwit_addr.c, - * with only the two ' > 90' checks hoisted, and more internals exposed */ - -/* Copyright (c) 2017, 2021 Pieter Wuille - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - */ -#include "config.h" -#include <assert.h> -#include "bech32.h" -#include <string.h> - -static uint32_t bech32_polymod_step(uint32_t pre) { - uint8_t b = pre >> 25; - return ((pre & 0x1FFFFFF) << 5) ^ - (-((b >> 0) & 1) & 0x3b6a57b2UL) ^ - (-((b >> 1) & 1) & 0x26508e6dUL) ^ - (-((b >> 2) & 1) & 0x1ea119faUL) ^ - (-((b >> 3) & 1) & 0x3d4233ddUL) ^ - (-((b >> 4) & 1) & 0x2a1462b3UL); -} - -static uint32_t bech32_final_constant(bech32_encoding enc) { - if (enc == BECH32_ENCODING_BECH32) return 1; - if (enc == BECH32_ENCODING_BECH32M) return 0x2bc830a3; - assert(0); -} - -const char bech32_charset[] = "qpzry9x8gf2tvdw0s3jn54khce6mua7l"; - -const int8_t bech32_charset_rev[128] = { - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - 15, -1, 10, 17, 21, 20, 26, 30, 7, 5, -1, -1, -1, -1, -1, -1, - -1, 29, -1, 24, 13, 25, 9, 8, 23, -1, 18, 22, 31, 27, 19, -1, - 1, 0, 3, 16, 11, 28, 12, 14, 6, 4, 2, -1, -1, -1, -1, -1, - -1, 29, -1, 24, 13, 25, 9, 8, 23, -1, 18, 22, 31, 27, 19, -1, - 1, 0, 3, 16, 11, 28, 12, 14, 6, 4, 2, -1, -1, -1, -1, -1 -}; - -int bech32_encode(char *output, const char *hrp, const uint8_t *data, size_t data_len, size_t max_input_len, bech32_encoding enc) { - uint32_t chk = 1; - size_t i = 0; - while (hrp[i] != 0) { - int ch = hrp[i]; - if (ch < 33 || ch > 126) { - return 0; - } - - if (ch >= 'A' && ch <= 'Z') return 0; - chk = bech32_polymod_step(chk) ^ (ch >> 5); - ++i; - } - if (i + 7 + data_len > max_input_len) return 0; - chk = bech32_polymod_step(chk); - while (*hrp != 0) { - chk = bech32_polymod_step(chk) ^ (*hrp & 0x1f); - *(output++) = *(hrp++); - } - *(output++) = '1'; - for (i = 0; i < data_len; ++i) { - if (*data >> 5) return 0; - chk = bech32_polymod_step(chk) ^ (*data); - *(output++) = bech32_charset[*(data++)]; - } - for (i = 0; i < 6; ++i) { - chk = bech32_polymod_step(chk); - } - chk ^= bech32_final_constant(enc); - for (i = 0; i < 6; ++i) { - *(output++) = bech32_charset[(chk >> ((5 - i) * 5)) & 0x1f]; - } - *output = 0; - return 1; -} - -bech32_encoding bech32_decode_len(char* hrp, uint8_t *data, size_t *data_len, const char *input, size_t input_len) { - uint32_t chk = 1; - size_t i; - size_t hrp_len; - int have_lower = 0, have_upper = 0; - if (input_len < 8) { - return BECH32_ENCODING_NONE; - } - *data_len = 0; - while (*data_len < input_len && input[(input_len - 1) - *data_len] != '1') { - ++(*data_len); - } - hrp_len = input_len - (1 + *data_len); - if (1 + *data_len >= input_len || *data_len < 6) { - return BECH32_ENCODING_NONE; - } - *(data_len) -= 6; - for (i = 0; i < hrp_len; ++i) { - int ch = input[i]; - if (ch < 33 || ch > 126) { - return BECH32_ENCODING_NONE; - } - if (ch >= 'a' && ch <= 'z') { - have_lower = 1; - } else if (ch >= 'A' && ch <= 'Z') { - have_upper = 1; - ch = (ch - 'A') + 'a'; - } - hrp[i] = ch; - chk = bech32_polymod_step(chk) ^ (ch >> 5); - } - hrp[i] = 0; - chk = bech32_polymod_step(chk); - for (i = 0; i < hrp_len; ++i) { - chk = bech32_polymod_step(chk) ^ (input[i] & 0x1f); - } - ++i; - while (i < input_len) { - int v = (input[i] & 0x80) ? -1 : bech32_charset_rev[(int)input[i]]; - if (input[i] >= 'a' && input[i] <= 'z') have_lower = 1; - if (input[i] >= 'A' && input[i] <= 'Z') have_upper = 1; - if (v == -1) { - return BECH32_ENCODING_NONE; - } - chk = bech32_polymod_step(chk) ^ v; - if (i + 6 < input_len) { - data[i - (1 + hrp_len)] = v; - } - ++i; - } - if (have_lower && have_upper) { - return BECH32_ENCODING_NONE; - } - if (chk == bech32_final_constant(BECH32_ENCODING_BECH32)) { - return BECH32_ENCODING_BECH32; - } else if (chk == bech32_final_constant(BECH32_ENCODING_BECH32M)) { - return BECH32_ENCODING_BECH32M; - } else { - return BECH32_ENCODING_NONE; - } -} - -bech32_encoding bech32_decode(char* hrp, uint8_t *data, size_t *data_len, const char *input, size_t max_input_len) { - size_t len = strlen(input); - if (len > max_input_len) { - return BECH32_ENCODING_NONE; - } - return bech32_decode_len(hrp, data, data_len, input, len); -} - -int bech32_convert_bits(uint8_t* out, size_t* outlen, int outbits, const uint8_t* in, size_t inlen, int inbits, int pad) { - uint32_t val = 0; - int bits = 0; - uint32_t maxv = (((uint32_t)1) << outbits) - 1; - while (inlen--) { - val = (val << inbits) | *(in++); - bits += inbits; - while (bits >= outbits) { - bits -= outbits; - out[(*outlen)++] = (val >> bits) & maxv; - } - } - if (pad) { - if (bits) { - out[(*outlen)++] = (val << (outbits - bits)) & maxv; - } - } else if (((val << (outbits - bits)) & maxv) || bits >= inbits) { - return 0; - } - return 1; -} - -int segwit_addr_encode(char *output, const char *hrp, int witver, const uint8_t *witprog, size_t witprog_len) { - uint8_t data[65]; - size_t datalen = 0; - bech32_encoding enc = BECH32_ENCODING_BECH32; - if (witver > 16) return 0; - if (witver == 0 && witprog_len != 20 && witprog_len != 32) return 0; - if (witprog_len < 2 || witprog_len > 40) return 0; - if (witver > 0) enc = BECH32_ENCODING_BECH32M; - data[0] = witver; - bech32_convert_bits(data + 1, &datalen, 5, witprog, witprog_len, 8, 1); - ++datalen; - return bech32_encode(output, hrp, data, datalen, 90, enc); -} - -int segwit_addr_decode(int* witver, uint8_t* witdata, size_t* witdata_len, const char* hrp, const char* addr) { - uint8_t data[84]; - char hrp_actual[84]; - size_t data_len; - bech32_encoding enc = bech32_decode(hrp_actual, data, &data_len, addr, 90); - if (enc == BECH32_ENCODING_NONE) return 0; - if (data_len == 0 || data_len > 65) return 0; - if (strncmp(hrp, hrp_actual, 84) != 0) return 0; - if (data[0] > 16) return 0; - if (data[0] == 0 && enc != BECH32_ENCODING_BECH32) return 0; - if (data[0] > 0 && enc != BECH32_ENCODING_BECH32M) return 0; - *witdata_len = 0; - if (!bech32_convert_bits(witdata, witdata_len, 8, data + 1, data_len - 1, 5, 0)) return 0; - if (*witdata_len < 2 || *witdata_len > 40) return 0; - if (data[0] == 0 && *witdata_len != 20 && *witdata_len != 32) return 0; - *witver = data[0]; - return 1; -} diff --git a/bech32.h b/bech32.h @@ -1,142 +0,0 @@ -/* Stolen from https://github.com/sipa/bech32/blob/master/ref/c/segwit_addr.h, - * with only the two ' > 90' checks hoisted */ - -/* Copyright (c) 2017, 2021 Pieter Wuille - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - */ - -#ifndef LIGHTNING_COMMON_BECH32_H -#define LIGHTNING_COMMON_BECH32_H -#include "config.h" - -#include <stdint.h> -#include <stdlib.h> - -/** Encode a SegWit address - * - * Out: output: Pointer to a buffer of size 73 + strlen(hrp) that will be - * updated to contain the null-terminated address. - * In: hrp: Pointer to the null-terminated human readable part to use - * (chain/network specific). - * ver: Version of the witness program (between 0 and 16 inclusive). - * prog: Data bytes for the witness program (between 2 and 40 bytes). - * prog_len: Number of data bytes in prog. - * Returns 1 if successful. - */ -int segwit_addr_encode( - char *output, - const char *hrp, - int ver, - const uint8_t *prog, - size_t prog_len -); - -/** Decode a SegWit address - * - * Out: ver: Pointer to an int that will be updated to contain the witness - * program version (between 0 and 16 inclusive). - * prog: Pointer to a buffer of size 40 that will be updated to - * contain the witness program bytes. - * prog_len: Pointer to a size_t that will be updated to contain the length - * of bytes in prog. - * hrp: Pointer to the null-terminated human readable part that is - * expected (chain/network specific). - * addr: Pointer to the null-terminated address. - * Returns 1 if successful. - */ -int segwit_addr_decode( - int* ver, - uint8_t* prog, - size_t* prog_len, - const char* hrp, - const char* addr -); - -/** Supported encodings. */ -typedef enum { - BECH32_ENCODING_NONE, - BECH32_ENCODING_BECH32, - BECH32_ENCODING_BECH32M -} bech32_encoding; - -/** Encode a Bech32 or Bech32m string - * - * Out: output: Pointer to a buffer of size strlen(hrp) + data_len + 8 that - * will be updated to contain the null-terminated Bech32 string. - * In: hrp : Pointer to the null-terminated human readable part. - * data : Pointer to an array of 5-bit values. - * data_len: Length of the data array. - * max_input_len: Maximum valid length of input (90 for segwit usage). - * enc: Which encoding to use (BECH32_ENCODING_BECH32{,M}). - * Returns 1 if successful. - */ -int bech32_encode( - char *output, - const char *hrp, - const uint8_t *data, - size_t data_len, - size_t max_input_len, - bech32_encoding enc -); - -/** Decode a Bech32 or Bech32m string - * - * Out: hrp: Pointer to a buffer of size strlen(input) - 6. Will be - * updated to contain the null-terminated human readable part. - * data: Pointer to a buffer of size strlen(input) - 8 that will - * hold the encoded 5-bit data values. - * data_len: Pointer to a size_t that will be updated to be the number - * of entries in data. - * In: input: Pointer to a null-terminated Bech32 string. - * max_input_len: Maximum valid length of input (90 for segwit usage). - * Returns BECH32_ENCODING_BECH32{,M} to indicate decoding was successful - * with the specified encoding standard. BECH32_ENCODING_NONE is returned if - * decoding failed. - */ -bech32_encoding bech32_decode( - char *hrp, - uint8_t *data, - size_t *data_len, - const char *input, - size_t max_input_len -); - -bech32_encoding bech32_decode_len( - char *hrp, - uint8_t *data, - size_t *data_len, - const char *input, - size_t input_len -); - -/* Helper from bech32: translates inbits-bit bytes to outbits-bit bytes. - * @outlen is incremented as bytes are added. - * @pad is true if we're to pad, otherwise truncate last byte if necessary - */ -int bech32_convert_bits(uint8_t* out, size_t* outlen, int outbits, - const uint8_t* in, size_t inlen, int inbits, - int pad); - -/* The charset, and reverse mapping */ -extern const char bech32_charset[32]; -extern const int8_t bech32_charset_rev[128]; - -#endif /* LIGHTNING_COMMON_BECH32_H */ - diff --git a/bolt11/alignof.h b/bolt11/alignof.h @@ -0,0 +1,20 @@ +/* CC0 (Public domain) - see LICENSE file for details */ +#ifndef CCAN_ALIGNOF_H +#define CCAN_ALIGNOF_H +#include "../config.h" + +/** + * ALIGNOF - get the alignment of a type + * @t: the type to test + * + * This returns a safe alignment for the given type. + */ +#if HAVE_ALIGNOF +/* A GCC extension. */ +#define ALIGNOF(t) __alignof__(t) +#else +/* Alignment by measuring structure padding. */ +#define ALIGNOF(t) ((char *)(&((struct { char c; t _h; } *)0)->_h) - (char *)0) +#endif + +#endif /* CCAN_ALIGNOF_H */ diff --git a/bolt11/amount.c b/bolt11/amount.c @@ -0,0 +1,566 @@ +#include "../config.h" +#include <assert.h> +#include "mem.h" +#include "talstr.h" +#include "amount.h" +#include "overflows.h" +#include <inttypes.h> + +bool amount_sat_to_msat(struct amount_msat *msat, + struct amount_sat sat) +{ + if (mul_overflows_u64(sat.satoshis, MSAT_PER_SAT)) + return false; + msat->millisatoshis = sat.satoshis * MSAT_PER_SAT; + return true; +} + +bool amount_msat_to_sat(struct amount_sat *sat, + struct amount_msat msat) +{ + if (msat.millisatoshis % MSAT_PER_SAT) + return false; + sat->satoshis = msat.millisatoshis / MSAT_PER_SAT; + return true; +} + + +/* You can always truncate millisatoshis->satoshis. */ +struct amount_sat amount_msat_to_sat_round_down(struct amount_msat msat) +{ + struct amount_sat sat; + + sat.satoshis = msat.millisatoshis / MSAT_PER_SAT; + return sat; +} + +/* Different formatting by amounts: btc, sat and msat */ +const char *fmt_amount_msat_btc(const tal_t *ctx, + struct amount_msat msat, + bool append_unit) +{ + if (msat.millisatoshis == 0) + return tal_fmt(ctx, append_unit ? "0btc" : "0"); + + return tal_fmt(ctx, "%"PRIu64".%011"PRIu64"%s", + msat.millisatoshis / MSAT_PER_BTC, + msat.millisatoshis % MSAT_PER_BTC, + append_unit ? "btc" : ""); +} + +const char *fmt_amount_msat(const tal_t *ctx, struct amount_msat msat) +{ + return tal_fmt(ctx, "%"PRIu64"msat", msat.millisatoshis); +} + +const char *fmt_amount_sat_btc(const tal_t *ctx, + struct amount_sat sat, + bool append_unit) +{ + if (sat.satoshis == 0) + return tal_fmt(ctx, append_unit ? "0btc" : "0"); + + return tal_fmt(ctx, "%"PRIu64".%08"PRIu64"%s", + sat.satoshis / SAT_PER_BTC, + sat.satoshis % SAT_PER_BTC, + append_unit ? "btc" : ""); +} + +const char *fmt_amount_sat(const tal_t *ctx, struct amount_sat sat) +{ + return tal_fmt(ctx, "%"PRIu64"sat", sat.satoshis); +} + +static bool breakup(const char *str, size_t slen, + /* Length of first numeric part. */ + size_t *whole_number_len, + /* Pointer to post-decimal part, or NULL */ + const char **post_decimal_ptr, + size_t *post_decimal_len, + /* Pointer to suffix, or NULL */ + const char **suffix_ptr, + size_t *suffix_len) +{ + size_t i; + + *whole_number_len = 0; + *post_decimal_len = 0; + *post_decimal_ptr = NULL; + *suffix_ptr = NULL; + *suffix_len = 0; + + for (i = 0;; i++) { + /* The string may be null-terminated. */ + if (i >= slen || str[i] == '\0') + return i != 0; + if (cisdigit(str[i])) + (*whole_number_len)++; + else + break; + } + + if (str[i] == '.') { + i++; + *post_decimal_ptr = str + i; + for (;; i++) { + /* True if > 0 decimals. */ + if (i >= slen || str[i] == '\0') + return str + i != *post_decimal_ptr; + if (cisdigit(str[i])) + (*post_decimal_len)++; + else + break; + } + } + + *suffix_ptr = str + i; + *suffix_len = slen - i; + return true; +} + +static bool from_number(u64 *res, const char *s, size_t len, int tens_factor) +{ + if (len == 0) + return false; + + *res = 0; + for (size_t i = 0; i < len; i++) { + if (mul_overflows_u64(*res, 10)) + return false; + *res *= 10; + assert(cisdigit(s[i])); + if (add_overflows_u64(*res, s[i] - '0')) + return false; + *res += s[i] - '0'; + } + while (tens_factor > 0) { + if (mul_overflows_u64(*res, 10)) + return false; + *res *= 10; + tens_factor--; + } + return true; +} + +static bool from_numbers(u64 *res, + const char *s1, size_t len1, int tens_factor, + const char *s2, size_t len2) +{ + u64 p1, p2; + if (len2 > tens_factor) + return false; + + if (!from_number(&p1, s1, len1, tens_factor) + || !from_number(&p2, s2, len2, tens_factor - (int)len2)) + return false; + + if (add_overflows_u64(p1, p2)) + return false; + + *res = p1 + p2; + return true; +} + +/* Valid strings: + * [0-9]+ => millisatoshi. + * [0-9]+msat => millisatoshi. + * [0-9]+sat => *1000 -> millisatoshi. + * [0-9]+.[0-9]{1,11}btc => millisatoshi. + */ +bool parse_amount_msat(struct amount_msat *msat, const char *s, size_t slen) +{ + size_t whole_number_len, post_decimal_len, suffix_len; + const char *post_decimal_ptr, *suffix_ptr; + + if (!breakup(s, slen, &whole_number_len, + &post_decimal_ptr, &post_decimal_len, + &suffix_ptr, &suffix_len)) + return false; + + if (!post_decimal_ptr && !suffix_ptr) + return from_number(&msat->millisatoshis, s, whole_number_len, 0); + if (!post_decimal_ptr && memstarts_str(suffix_ptr, suffix_len, "msat")) + return from_number(&msat->millisatoshis, s, whole_number_len, 0); + if (!post_decimal_ptr && memstarts_str(suffix_ptr, suffix_len, "sat")) + return from_number(&msat->millisatoshis, s, whole_number_len, 3); + if (memstarts_str(suffix_ptr, suffix_len, "btc")) { + if (post_decimal_len > 0) + return from_numbers(&msat->millisatoshis, + s, whole_number_len, 11, + post_decimal_ptr, post_decimal_len); + return from_number(&msat->millisatoshis, s, whole_number_len, 11); + } + + return false; +} + +/* Valid strings: + * [0-9]+ => satoshi. + * [0-9]+sat => satoshi. + * [0-9]+000msat => satoshi. + * 0msat => 0 satoshi + * [0-9]+.[0-9]{1,8}btc => satoshi. + */ +bool parse_amount_sat(struct amount_sat *sat, const char *s, size_t slen) +{ + size_t whole_number_len, post_decimal_len, suffix_len; + const char *post_decimal_ptr, *suffix_ptr; + + if (!breakup(s, slen, &whole_number_len, + &post_decimal_ptr, &post_decimal_len, + &suffix_ptr, &suffix_len)) + return false; + + if (!post_decimal_ptr && !suffix_ptr) + return from_number(&sat->satoshis, s, whole_number_len, 0); + if (!post_decimal_ptr && memstarts_str(suffix_ptr, suffix_len, "sat")) + return from_number(&sat->satoshis, s, whole_number_len, 0); + if (!post_decimal_ptr && memstarts_str(suffix_ptr, suffix_len, "msat")) { + if (!memends(s, whole_number_len, "000", strlen("000"))) { + if (memstarts_str(s, whole_number_len, "0")) + return from_number(&sat->satoshis, s, + whole_number_len, 0); + return false; + } + return from_number(&sat->satoshis, s, whole_number_len - 3, 0); + } + if (memstarts_str(suffix_ptr, suffix_len, "btc")) { + if (post_decimal_len > 0) + return from_numbers(&sat->satoshis, + s, whole_number_len, 8, + post_decimal_ptr, post_decimal_len); + return from_number(&sat->satoshis, s, whole_number_len, 8); + } + + return false; +} + +WARN_UNUSED_RESULT bool amount_msat_add(struct amount_msat *val, + struct amount_msat a, + struct amount_msat b) +{ + if (add_overflows_u64(a.millisatoshis, b.millisatoshis)) + return false; + + val->millisatoshis = a.millisatoshis + b.millisatoshis; + return true; +} + +WARN_UNUSED_RESULT bool amount_msat_sub(struct amount_msat *val, + struct amount_msat a, + struct amount_msat b) +{ + if (a.millisatoshis < b.millisatoshis) + return false; + + val->millisatoshis = a.millisatoshis - b.millisatoshis; + return true; +} + +WARN_UNUSED_RESULT bool amount_sat_add(struct amount_sat *val, + struct amount_sat a, + struct amount_sat b) +{ + if (add_overflows_u64(a.satoshis, b.satoshis)) + return false; + + val->satoshis = a.satoshis + b.satoshis; + return true; +} + +WARN_UNUSED_RESULT bool amount_sat_sub(struct amount_sat *val, + struct amount_sat a, + struct amount_sat b) +{ + if (a.satoshis < b.satoshis) + return false; + + val->satoshis = a.satoshis - b.satoshis; + return true; +} + +WARN_UNUSED_RESULT bool amount_msat_sub_sat(struct amount_msat *val, + struct amount_msat a, + struct amount_sat b) +{ + struct amount_msat msatb; + + if (!amount_sat_to_msat(&msatb, b)) + return false; + + return amount_msat_sub(val, a, msatb); +} + +WARN_UNUSED_RESULT bool amount_sat_sub_msat(struct amount_msat *val, + struct amount_sat a, + struct amount_msat b) +{ + struct amount_msat msata; + + if (!amount_sat_to_msat(&msata, a)) + return false; + + return amount_msat_sub(val, msata, b); +} + +WARN_UNUSED_RESULT bool amount_msat_add_sat(struct amount_msat *val, + struct amount_msat a, + struct amount_sat b) +{ + struct amount_msat msatb; + + if (!amount_sat_to_msat(&msatb, b)) + return false; + + return amount_msat_add(val, a, msatb); +} + +WARN_UNUSED_RESULT bool amount_msat_scale(struct amount_msat *val, + struct amount_msat msat, + double scale) +{ + double scaled = msat.millisatoshis * scale; + + /* If mantissa is < 64 bits, a naive "if (scaled > + * UINT64_MAX)" doesn't work. Stick to powers of 2. */ + if (scaled >= (double)((u64)1 << 63) * 2) + return false; + val->millisatoshis = scaled; + return true; +} + +WARN_UNUSED_RESULT bool amount_sat_scale(struct amount_sat *val, + struct amount_sat sat, + double scale) +{ + double scaled = sat.satoshis * scale; + + /* If mantissa is < 64 bits, a naive "if (scaled > + * UINT64_MAX)" doesn't work. Stick to powers of 2. */ + if (scaled >= (double)((u64)1 << 63) * 2) + return false; + val->satoshis = scaled; + return true; +} + +bool amount_sat_eq(struct amount_sat a, struct amount_sat b) +{ + return a.satoshis == b.satoshis; +} + +bool amount_sat_zero(struct amount_sat a) +{ + return a.satoshis == 0; +} + +bool amount_msat_zero(struct amount_msat a) +{ + return a.millisatoshis == 0; +} + +bool amount_msat_eq(struct amount_msat a, struct amount_msat b) +{ + return a.millisatoshis == b.millisatoshis; +} + +bool amount_sat_greater(struct amount_sat a, struct amount_sat b) +{ + return a.satoshis > b.satoshis; +} + +bool amount_msat_greater(struct amount_msat a, struct amount_msat b) +{ + return a.millisatoshis > b.millisatoshis; +} + +bool amount_sat_greater_eq(struct amount_sat a, struct amount_sat b) +{ + return a.satoshis >= b.satoshis; +} + +bool amount_msat_greater_eq(struct amount_msat a, struct amount_msat b) +{ + return a.millisatoshis >= b.millisatoshis; +} + +bool amount_sat_less(struct amount_sat a, struct amount_sat b) +{ + return a.satoshis < b.satoshis; +} + +bool amount_msat_less(struct amount_msat a, struct amount_msat b) +{ + return a.millisatoshis < b.millisatoshis; +} + +bool amount_sat_less_eq(struct amount_sat a, struct amount_sat b) +{ + return a.satoshis <= b.satoshis; +} + +bool amount_msat_less_eq(struct amount_msat a, struct amount_msat b) +{ + return a.millisatoshis <= b.millisatoshis; +} + +bool amount_msat_greater_sat(struct amount_msat msat, struct amount_sat sat) +{ + struct amount_msat msat_from_sat; + + if (!amount_sat_to_msat(&msat_from_sat, sat)) + return false; + return msat.millisatoshis > msat_from_sat.millisatoshis; +} + +bool amount_msat_greater_eq_sat(struct amount_msat msat, struct amount_sat sat) +{ + struct amount_msat msat_from_sat; + + if (!amount_sat_to_msat(&msat_from_sat, sat)) + return false; + return msat.millisatoshis >= msat_from_sat.millisatoshis; +} + +bool amount_msat_less_sat(struct amount_msat msat, struct amount_sat sat) +{ + struct amount_msat msat_from_sat; + + if (!amount_sat_to_msat(&msat_from_sat, sat)) + return false; + return msat.millisatoshis < msat_from_sat.millisatoshis; +} + +bool amount_msat_less_eq_sat(struct amount_msat msat, struct amount_sat sat) +{ + struct amount_msat msat_from_sat; + + if (!amount_sat_to_msat(&msat_from_sat, sat)) + return false; + return msat.millisatoshis <= msat_from_sat.millisatoshis; +} + +bool amount_msat_eq_sat(struct amount_msat msat, struct amount_sat sat) +{ + struct amount_msat msat_from_sat; + + if (!amount_sat_to_msat(&msat_from_sat, sat)) + return false; + + return msat.millisatoshis == msat_from_sat.millisatoshis; +} + +bool amount_msat_to_u32(struct amount_msat msat, u32 *millisatoshis) +{ + if (amount_msat_greater_eq(msat, AMOUNT_MSAT(0x100000000))) + return false; + *millisatoshis = (u32)msat.millisatoshis; + return true; +} + +struct amount_msat amount_msat(u64 millisatoshis) +{ + struct amount_msat msat; + + msat.millisatoshis = millisatoshis; + return msat; +} + +struct amount_sat amount_sat(u64 satoshis) +{ + struct amount_sat sat; + + sat.satoshis = satoshis; + return sat; +} + +double amount_msat_ratio(struct amount_msat a, struct amount_msat b) +{ + return (double)a.millisatoshis / b.millisatoshis; +} + +struct amount_msat amount_msat_div(struct amount_msat msat, u64 div) +{ + msat.millisatoshis /= div; + return msat; +} + +struct amount_sat amount_sat_div(struct amount_sat sat, u64 div) +{ + sat.satoshis /= div; + return sat; +} + +bool amount_msat_fee(struct amount_msat *fee, + struct amount_msat amt, + u32 fee_base_msat, + u32 fee_proportional_millionths) +{ + struct amount_msat fee_base, fee_prop; + + /* BOLT #7: + * + * - SHOULD accept HTLCs that pay a fee equal to or greater than: + * - fee_base_msat + ( amount_to_forward * fee_proportional_millionths / 1000000 ) + */ + fee_base.millisatoshis = fee_base_msat; + + if (mul_overflows_u64(amt.millisatoshis, fee_proportional_millionths)) + return false; + fee_prop.millisatoshis = amt.millisatoshis * fee_proportional_millionths + / 1000000; + + return amount_msat_add(fee, fee_base, fee_prop); +} + +bool amount_msat_add_fee(struct amount_msat *amt, + u32 fee_base_msat, + u32 fee_proportional_millionths) +{ + struct amount_msat fee; + + if (!amount_msat_fee(&fee, *amt, + fee_base_msat, fee_proportional_millionths)) + return false; + return amount_msat_add(amt, *amt, fee); +} + +struct amount_sat amount_tx_fee(u32 fee_per_kw, size_t weight) +{ + struct amount_sat fee; + + /* If this overflows, weight must be > 2^32, which is not a real tx */ + assert(!mul_overflows_u64(fee_per_kw, weight)); + fee.satoshis = (u64)fee_per_kw * weight / 1000; + + return fee; +} + +/* +struct amount_msat fromwire_amount_msat(const u8 **cursor, size_t *max) +{ + struct amount_msat msat; + + msat.millisatoshis = fromwire_u64(cursor, max); + return msat; +} + +struct amount_sat fromwire_amount_sat(const u8 **cursor, size_t *max) +{ + struct amount_sat sat; + + sat.satoshis = fromwire_u64(cursor, max); + return sat; +} + +void towire_amount_msat(u8 **pptr, const struct amount_msat msat) +{ + towire_u64(pptr, msat.millisatoshis); +} + +void towire_amount_sat(u8 **pptr, const struct amount_sat sat) +{ + towire_u64(pptr, sat.satoshis); +} + + +*/ diff --git a/bolt11/amount.h b/bolt11/amount.h @@ -0,0 +1,203 @@ +#ifndef LIGHTNING_COMMON_AMOUNT_H +#define LIGHTNING_COMMON_AMOUNT_H +#include "../config.h" +#include "short_types.h" +#include "tal.h" + +#define MSAT_PER_SAT ((u64)1000) +#define SAT_PER_BTC ((u64)100000000) +#define MSAT_PER_BTC (MSAT_PER_SAT * SAT_PER_BTC) + +/* Use these to wrap amounts, for typesafety. Please use ops where possible, + * rather than accessing the members directly. */ +struct amount_sat { + /* Amount in satoshis. */ + u64 satoshis; +}; + +struct amount_msat { + /* Amount in millisatoshis. */ + u64 millisatoshis; +}; + +struct amount_asset { + u64 value; + u8 asset[33]; /* 1 version byte + 32 byte asset_tag */ +}; + +/* For constants only: others must be built from primitives! */ +#if HAVE_BUILTIN_CONSTANT_P +#define AMOUNT_MUST_BE_CONST(c) BUILD_ASSERT_OR_ZERO(IS_COMPILE_CONSTANT(c)) +#else +#define AMOUNT_MUST_BE_CONST(c) 0 +#endif + +/* GCC 4.8.5 (Centos 7.6!) thinks struct casts are not constants, so we + * need to not use a cast for static initializations. */ +#define AMOUNT_MSAT_INIT(msat) \ + { .millisatoshis = (msat) } +#define AMOUNT_SAT_INIT(sat) \ + { .satoshis = (sat) } + +#define AMOUNT_MSAT(constant) \ + ((struct amount_msat){(constant) + AMOUNT_MUST_BE_CONST(constant)}) + +#define AMOUNT_SAT(constant) \ + ((struct amount_sat){(constant) + AMOUNT_MUST_BE_CONST(constant)}) + +/* We do sometimes need to import from raw types, eg. wally or wire fmt */ +struct amount_msat amount_msat(u64 millisatoshis); +struct amount_sat amount_sat(u64 satoshis); + +/* You may not always be able to convert satoshis->millisatoshis. */ + bool amount_sat_to_msat(struct amount_msat *msat, + struct amount_sat sat); + +/* You may not always be able to convert millisatoshis->satoshis without rounding. */ + bool amount_msat_to_sat(struct amount_sat *sat, + struct amount_msat msat); + +/* You can always truncate millisatoshis->satoshis. */ +struct amount_sat amount_msat_to_sat_round_down(struct amount_msat msat); + +/* Simple operations: val = a + b, val = a - b. */ + bool amount_msat_add(struct amount_msat *val, + struct amount_msat a, + struct amount_msat b); + bool amount_msat_sub(struct amount_msat *val, + struct amount_msat a, + struct amount_msat b); + bool amount_sat_add(struct amount_sat *val, + struct amount_sat a, + struct amount_sat b); + bool amount_sat_sub(struct amount_sat *val, + struct amount_sat a, + struct amount_sat b); + bool amount_msat_sub_sat(struct amount_msat *val, + struct amount_msat a, + struct amount_sat b); + bool amount_msat_add_sat(struct amount_msat *val, + struct amount_msat a, + struct amount_sat b); + bool amount_sat_sub_msat(struct amount_msat *val, + struct amount_sat a, + struct amount_msat b); + bool amount_msat_scale(struct amount_msat *val, + struct amount_msat msat, + double scale); + bool amount_sat_scale(struct amount_sat *val, + struct amount_sat sat, + double scale); + +struct amount_msat amount_msat_div(struct amount_msat msat, u64 div); +struct amount_sat amount_sat_div(struct amount_sat sat, u64 div); + +/* Is a == b? */ +bool amount_sat_eq(struct amount_sat a, struct amount_sat b); +bool amount_msat_eq(struct amount_msat a, struct amount_msat b); + +/* Is a zero? */ +bool amount_sat_zero(struct amount_sat a); +bool amount_msat_zero(struct amount_msat a); + +/* Is a > b? */ +bool amount_sat_greater(struct amount_sat a, struct amount_sat b); +bool amount_msat_greater(struct amount_msat a, struct amount_msat b); + +/* Is a >= b */ +bool amount_sat_greater_eq(struct amount_sat a, struct amount_sat b); +bool amount_msat_greater_eq(struct amount_msat a, struct amount_msat b); + +/* Is a < b? */ +bool amount_sat_less(struct amount_sat a, struct amount_sat b); +bool amount_msat_less(struct amount_msat a, struct amount_msat b); + +/* Is a <= b? */ +bool amount_sat_less_eq(struct amount_sat a, struct amount_sat b); +bool amount_msat_less_eq(struct amount_msat a, struct amount_msat b); + +/* Is msat > sat? */ +bool amount_msat_greater_sat(struct amount_msat msat, struct amount_sat sat); +/* Is msat >= sat? */ +bool amount_msat_greater_eq_sat(struct amount_msat msat, struct amount_sat sat); +/* Is msat < sat? */ +bool amount_msat_less_sat(struct amount_msat msat, struct amount_sat sat); +/* Is msat <= sat? */ +bool amount_msat_less_eq_sat(struct amount_msat msat, struct amount_sat sat); +/* Is msat == sat? */ +bool amount_msat_eq_sat(struct amount_msat msat, struct amount_sat sat); + +/* a / b */ +double amount_msat_ratio(struct amount_msat a, struct amount_msat b); + +/* Check whether this asset is actually the main / fee-paying asset of the + * current chain. */ +bool amount_asset_is_main(struct amount_asset *asset); + +/* Convert an amount_sat to an amount_asset */ +struct amount_asset amount_sat_to_asset(struct amount_sat *sat, const u8 *asset); + +/* amount_asset_extract_value -Prefix the amount_asset's value + * to have the 'explicit' marker. Returns NULL if the + * asset was originally blinded. + * FIXME: pass through blinded amounts */ +u8 *amount_asset_extract_value(const tal_t *ctx, struct amount_asset *asset); + +/* Convert from a generic asset to the fee-paying asset if possible. */ +struct amount_sat amount_asset_to_sat(struct amount_asset *asset); + +/* Returns true if msat fits in a u32 value. */ + bool amount_msat_to_u32(struct amount_msat msat, + u32 *millisatoshis); + +/* Common operation: what is the HTLC fee for given feerate? Can overflow! */ + bool amount_msat_fee(struct amount_msat *fee, + struct amount_msat amt, + u32 fee_base_msat, + u32 fee_proportional_millionths); + +/* Same, but add into amt. */ + bool amount_msat_add_fee(struct amount_msat *amt, + u32 fee_base_msat, + u32 fee_proportional_millionths); + +/* What is the fee for this tx weight? */ +struct amount_sat amount_tx_fee(u32 fee_per_kw, size_t weight); + +/* Different formatting by amounts: btc, sat and msat */ +/* => 1.23456789012btc (11 decimals!) */ +const char *fmt_amount_msat_btc(const tal_t *ctx, + struct amount_msat msat, + bool append_unit); +/* => 1234msat */ +const char *fmt_amount_msat(const tal_t *ctx, struct amount_msat msat); + +/* => 1.23456789btc (8 decimals!) */ +const char *fmt_amount_sat_btc(const tal_t *ctx, + struct amount_sat sat, + bool append_unit); +/* => 1234sat */ +const char *fmt_amount_sat(const tal_t *ctx, struct amount_sat sat); + +/* Valid strings: + * [0-9]+ => millisatoshi. + * [0-9]+msat => millisatoshi. + * [0-9]+sat => *1000 -> millisatopshi. + * [0-9]+.[0-9]{1,11}btc => millisatoshi. + */ +bool parse_amount_msat(struct amount_msat *msat, const char *s, size_t slen); + +/* Valid strings: + * [0-9]+ => satoshi. + * [0-9]+sat => satoshi. + * [0-9]+000msat => satoshi. + * [0-9]+.[0-9]{1,8}btc => satoshi. + */ +bool parse_amount_sat(struct amount_sat *sat, const char *s, size_t slen); + +/* Marshal/unmarshal functions */ +struct amount_msat fromwire_amount_msat(const u8 **cursor, size_t *max); +struct amount_sat fromwire_amount_sat(const u8 **cursor, size_t *max); +void towire_amount_msat(u8 **pptr, const struct amount_msat msat); +void towire_amount_sat(u8 **pptr, const struct amount_sat sat); +#endif /* LIGHTNING_COMMON_AMOUNT_H */ diff --git a/bolt11/array_size.h b/bolt11/array_size.h @@ -0,0 +1,26 @@ +/* CC0 (Public domain) - see LICENSE file for details */ +#ifndef CCAN_ARRAY_SIZE_H +#define CCAN_ARRAY_SIZE_H +#include "../config.h" +#include "build_assert.h" + +/** + * ARRAY_SIZE - get the number of elements in a visible array + * @arr: the array whose size you want. + * + * This does not work on pointers, or arrays declared as [], or + * function parameters. With correct compiler support, such usage + * will cause a build error (see build_assert). + */ +#define ARRAY_SIZE(arr) (sizeof(arr) / sizeof((arr)[0]) + _array_size_chk(arr)) + +#if HAVE_BUILTIN_TYPES_COMPATIBLE_P && HAVE_TYPEOF +/* Two gcc extensions. + * &a[0] degrades to a pointer: a different type from an array */ +#define _array_size_chk(arr) \ + BUILD_ASSERT_OR_ZERO(!__builtin_types_compatible_p(typeof(arr), \ + typeof(&(arr)[0]))) +#else +#define _array_size_chk(arr) 0 +#endif +#endif /* CCAN_ALIGNOF_H */ diff --git a/bolt11/bech32.c b/bolt11/bech32.c @@ -0,0 +1,217 @@ +/* Stolen from https://github.com/sipa/bech32/blob/master/ref/c/segwit_addr.c, + * with only the two ' > 90' checks hoisted, and more internals exposed */ + +/* Copyright (c) 2017, 2021 Pieter Wuille + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ +#include "../config.h" +#include <assert.h> +#include "bech32.h" +#include <string.h> + +static uint32_t bech32_polymod_step(uint32_t pre) { + uint8_t b = pre >> 25; + return ((pre & 0x1FFFFFF) << 5) ^ + (-((b >> 0) & 1) & 0x3b6a57b2UL) ^ + (-((b >> 1) & 1) & 0x26508e6dUL) ^ + (-((b >> 2) & 1) & 0x1ea119faUL) ^ + (-((b >> 3) & 1) & 0x3d4233ddUL) ^ + (-((b >> 4) & 1) & 0x2a1462b3UL); +} + +static uint32_t bech32_final_constant(bech32_encoding enc) { + if (enc == BECH32_ENCODING_BECH32) return 1; + if (enc == BECH32_ENCODING_BECH32M) return 0x2bc830a3; + assert(0); +} + +const char bech32_charset[] = "qpzry9x8gf2tvdw0s3jn54khce6mua7l"; + +const int8_t bech32_charset_rev[128] = { + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + 15, -1, 10, 17, 21, 20, 26, 30, 7, 5, -1, -1, -1, -1, -1, -1, + -1, 29, -1, 24, 13, 25, 9, 8, 23, -1, 18, 22, 31, 27, 19, -1, + 1, 0, 3, 16, 11, 28, 12, 14, 6, 4, 2, -1, -1, -1, -1, -1, + -1, 29, -1, 24, 13, 25, 9, 8, 23, -1, 18, 22, 31, 27, 19, -1, + 1, 0, 3, 16, 11, 28, 12, 14, 6, 4, 2, -1, -1, -1, -1, -1 +}; + +int bech32_encode(char *output, const char *hrp, const uint8_t *data, size_t data_len, size_t max_input_len, bech32_encoding enc) { + uint32_t chk = 1; + size_t i = 0; + while (hrp[i] != 0) { + int ch = hrp[i]; + if (ch < 33 || ch > 126) { + return 0; + } + + if (ch >= 'A' && ch <= 'Z') return 0; + chk = bech32_polymod_step(chk) ^ (ch >> 5); + ++i; + } + if (i + 7 + data_len > max_input_len) return 0; + chk = bech32_polymod_step(chk); + while (*hrp != 0) { + chk = bech32_polymod_step(chk) ^ (*hrp & 0x1f); + *(output++) = *(hrp++); + } + *(output++) = '1'; + for (i = 0; i < data_len; ++i) { + if (*data >> 5) return 0; + chk = bech32_polymod_step(chk) ^ (*data); + *(output++) = bech32_charset[*(data++)]; + } + for (i = 0; i < 6; ++i) { + chk = bech32_polymod_step(chk); + } + chk ^= bech32_final_constant(enc); + for (i = 0; i < 6; ++i) { + *(output++) = bech32_charset[(chk >> ((5 - i) * 5)) & 0x1f]; + } + *output = 0; + return 1; +} + +bech32_encoding bech32_decode_len(char* hrp, uint8_t *data, size_t *data_len, const char *input, size_t input_len) { + uint32_t chk = 1; + size_t i; + size_t hrp_len; + int have_lower = 0, have_upper = 0; + if (input_len < 8) { + return BECH32_ENCODING_NONE; + } + *data_len = 0; + while (*data_len < input_len && input[(input_len - 1) - *data_len] != '1') { + ++(*data_len); + } + hrp_len = input_len - (1 + *data_len); + if (1 + *data_len >= input_len || *data_len < 6) { + return BECH32_ENCODING_NONE; + } + *(data_len) -= 6; + for (i = 0; i < hrp_len; ++i) { + int ch = input[i]; + if (ch < 33 || ch > 126) { + return BECH32_ENCODING_NONE; + } + if (ch >= 'a' && ch <= 'z') { + have_lower = 1; + } else if (ch >= 'A' && ch <= 'Z') { + have_upper = 1; + ch = (ch - 'A') + 'a'; + } + hrp[i] = ch; + chk = bech32_polymod_step(chk) ^ (ch >> 5); + } + hrp[i] = 0; + chk = bech32_polymod_step(chk); + for (i = 0; i < hrp_len; ++i) { + chk = bech32_polymod_step(chk) ^ (input[i] & 0x1f); + } + ++i; + while (i < input_len) { + int v = (input[i] & 0x80) ? -1 : bech32_charset_rev[(int)input[i]]; + if (input[i] >= 'a' && input[i] <= 'z') have_lower = 1; + if (input[i] >= 'A' && input[i] <= 'Z') have_upper = 1; + if (v == -1) { + return BECH32_ENCODING_NONE; + } + chk = bech32_polymod_step(chk) ^ v; + if (i + 6 < input_len) { + data[i - (1 + hrp_len)] = v; + } + ++i; + } + if (have_lower && have_upper) { + return BECH32_ENCODING_NONE; + } + if (chk == bech32_final_constant(BECH32_ENCODING_BECH32)) { + return BECH32_ENCODING_BECH32; + } else if (chk == bech32_final_constant(BECH32_ENCODING_BECH32M)) { + return BECH32_ENCODING_BECH32M; + } else { + return BECH32_ENCODING_NONE; + } +} + +bech32_encoding bech32_decode(char* hrp, uint8_t *data, size_t *data_len, const char *input, size_t max_input_len) { + size_t len = strlen(input); + if (len > max_input_len) { + return BECH32_ENCODING_NONE; + } + return bech32_decode_len(hrp, data, data_len, input, len); +} + +int bech32_convert_bits(uint8_t* out, size_t* outlen, int outbits, const uint8_t* in, size_t inlen, int inbits, int pad) { + uint32_t val = 0; + int bits = 0; + uint32_t maxv = (((uint32_t)1) << outbits) - 1; + while (inlen--) { + val = (val << inbits) | *(in++); + bits += inbits; + while (bits >= outbits) { + bits -= outbits; + out[(*outlen)++] = (val >> bits) & maxv; + } + } + if (pad) { + if (bits) { + out[(*outlen)++] = (val << (outbits - bits)) & maxv; + } + } else if (((val << (outbits - bits)) & maxv) || bits >= inbits) { + return 0; + } + return 1; +} + +int segwit_addr_encode(char *output, const char *hrp, int witver, const uint8_t *witprog, size_t witprog_len) { + uint8_t data[65]; + size_t datalen = 0; + bech32_encoding enc = BECH32_ENCODING_BECH32; + if (witver > 16) return 0; + if (witver == 0 && witprog_len != 20 && witprog_len != 32) return 0; + if (witprog_len < 2 || witprog_len > 40) return 0; + if (witver > 0) enc = BECH32_ENCODING_BECH32M; + data[0] = witver; + bech32_convert_bits(data + 1, &datalen, 5, witprog, witprog_len, 8, 1); + ++datalen; + return bech32_encode(output, hrp, data, datalen, 90, enc); +} + +int segwit_addr_decode(int* witver, uint8_t* witdata, size_t* witdata_len, const char* hrp, const char* addr) { + uint8_t data[84]; + char hrp_actual[84]; + size_t data_len; + bech32_encoding enc = bech32_decode(hrp_actual, data, &data_len, addr, 90); + if (enc == BECH32_ENCODING_NONE) return 0; + if (data_len == 0 || data_len > 65) return 0; + if (strncmp(hrp, hrp_actual, 84) != 0) return 0; + if (data[0] > 16) return 0; + if (data[0] == 0 && enc != BECH32_ENCODING_BECH32) return 0; + if (data[0] > 0 && enc != BECH32_ENCODING_BECH32M) return 0; + *witdata_len = 0; + if (!bech32_convert_bits(witdata, witdata_len, 8, data + 1, data_len - 1, 5, 0)) return 0; + if (*witdata_len < 2 || *witdata_len > 40) return 0; + if (data[0] == 0 && *witdata_len != 20 && *witdata_len != 32) return 0; + *witver = data[0]; + return 1; +} diff --git a/bolt11/bech32.h b/bolt11/bech32.h @@ -0,0 +1,142 @@ +/* Stolen from https://github.com/sipa/bech32/blob/master/ref/c/segwit_addr.h, + * with only the two ' > 90' checks hoisted */ + +/* Copyright (c) 2017, 2021 Pieter Wuille + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + +#ifndef LIGHTNING_COMMON_BECH32_H +#define LIGHTNING_COMMON_BECH32_H +#include "../config.h" + +#include <stdint.h> +#include <stdlib.h> + +/** Encode a SegWit address + * + * Out: output: Pointer to a buffer of size 73 + strlen(hrp) that will be + * updated to contain the null-terminated address. + * In: hrp: Pointer to the null-terminated human readable part to use + * (chain/network specific). + * ver: Version of the witness program (between 0 and 16 inclusive). + * prog: Data bytes for the witness program (between 2 and 40 bytes). + * prog_len: Number of data bytes in prog. + * Returns 1 if successful. + */ +int segwit_addr_encode( + char *output, + const char *hrp, + int ver, + const uint8_t *prog, + size_t prog_len +); + +/** Decode a SegWit address + * + * Out: ver: Pointer to an int that will be updated to contain the witness + * program version (between 0 and 16 inclusive). + * prog: Pointer to a buffer of size 40 that will be updated to + * contain the witness program bytes. + * prog_len: Pointer to a size_t that will be updated to contain the length + * of bytes in prog. + * hrp: Pointer to the null-terminated human readable part that is + * expected (chain/network specific). + * addr: Pointer to the null-terminated address. + * Returns 1 if successful. + */ +int segwit_addr_decode( + int* ver, + uint8_t* prog, + size_t* prog_len, + const char* hrp, + const char* addr +); + +/** Supported encodings. */ +typedef enum { + BECH32_ENCODING_NONE, + BECH32_ENCODING_BECH32, + BECH32_ENCODING_BECH32M +} bech32_encoding; + +/** Encode a Bech32 or Bech32m string + * + * Out: output: Pointer to a buffer of size strlen(hrp) + data_len + 8 that + * will be updated to contain the null-terminated Bech32 string. + * In: hrp : Pointer to the null-terminated human readable part. + * data : Pointer to an array of 5-bit values. + * data_len: Length of the data array. + * max_input_len: Maximum valid length of input (90 for segwit usage). + * enc: Which encoding to use (BECH32_ENCODING_BECH32{,M}). + * Returns 1 if successful. + */ +int bech32_encode( + char *output, + const char *hrp, + const uint8_t *data, + size_t data_len, + size_t max_input_len, + bech32_encoding enc +); + +/** Decode a Bech32 or Bech32m string + * + * Out: hrp: Pointer to a buffer of size strlen(input) - 6. Will be + * updated to contain the null-terminated human readable part. + * data: Pointer to a buffer of size strlen(input) - 8 that will + * hold the encoded 5-bit data values. + * data_len: Pointer to a size_t that will be updated to be the number + * of entries in data. + * In: input: Pointer to a null-terminated Bech32 string. + * max_input_len: Maximum valid length of input (90 for segwit usage). + * Returns BECH32_ENCODING_BECH32{,M} to indicate decoding was successful + * with the specified encoding standard. BECH32_ENCODING_NONE is returned if + * decoding failed. + */ +bech32_encoding bech32_decode( + char *hrp, + uint8_t *data, + size_t *data_len, + const char *input, + size_t max_input_len +); + +bech32_encoding bech32_decode_len( + char *hrp, + uint8_t *data, + size_t *data_len, + const char *input, + size_t input_len +); + +/* Helper from bech32: translates inbits-bit bytes to outbits-bit bytes. + * @outlen is incremented as bytes are added. + * @pad is true if we're to pad, otherwise truncate last byte if necessary + */ +int bech32_convert_bits(uint8_t* out, size_t* outlen, int outbits, + const uint8_t* in, size_t inlen, int inbits, + int pad); + +/* The charset, and reverse mapping */ +extern const char bech32_charset[32]; +extern const int8_t bech32_charset_rev[128]; + +#endif /* LIGHTNING_COMMON_BECH32_H */ + diff --git a/bolt11/bech32_util.c b/bolt11/bech32_util.c @@ -0,0 +1,127 @@ +#include "config.h" +#include "bech32.h" +#include "bech32_util.h" +#include "hash_u5.h" +#include "talstr.h" +#include "tal.h" +#include "short_types.h" +#include <stdbool.h> + +static u8 get_bit(const u8 *src, size_t bitoff) +{ + return ((src[bitoff / 8] >> (7 - (bitoff % 8))) & 1); +} + +void bech32_push_bits(u5 **data, const void *src, size_t nbits) +{ + size_t i, b; + size_t data_len = tal_count(*data); + + for (i = 0; i < nbits; i += b) { + tal_resize(data, data_len+1); + (*data)[data_len] = 0; + for (b = 0; b < 5; b++) { + (*data)[data_len] <<= 1; + /* If we need bits we don't have, zero */ + if (i+b < nbits) + (*data)[data_len] |= get_bit(src, i+b); + } + data_len++; + } +} + +static u8 get_u5_bit(const u5 *src, size_t bitoff) +{ + return ((src[bitoff / 5] >> (4 - (bitoff % 5))) & 1); +} + +void bech32_pull_bits(u8 **data, const u5 *src, size_t nbits) +{ + size_t i; + size_t data_len = tal_count(*data); + + /* We discard trailing bits. */ + for (i = 0; i + 8 <= nbits; i += 8) { + tal_resize(data, data_len+1); + (*data)[data_len] = 0; + for (size_t b = 0; b < 8; b++) { + (*data)[data_len] <<= 1; + (*data)[data_len] |= get_u5_bit(src, i+b); + } + data_len++; + } +} + +/* Returns a char, tracks case. */ +static int fixup_char(int c, bool *upper, bool *lower) +{ + if (c >= 'A' && c <= 'Z') { + *upper = true; + return c + ('a' - 'A'); + } else if (c >= 'a' && c <= 'z') { + *lower = true; + } + return c; +} + +bool from_bech32_charset(const tal_t *ctx, + const char *bech32, + size_t bech32_len, + char **hrp, u8 **data) +{ + u5 *u5data; + const char *sep; + bool upper = false, lower = false; + size_t datalen; + + sep = memchr(bech32, '1', bech32_len); + if (!sep) + return false; + + *hrp = tal_strndup(ctx, bech32, sep - bech32); + for (size_t i = 0; i < strlen(*hrp); i++) + (*hrp)[i] = fixup_char((*hrp)[i], &upper, &lower); + + datalen = bech32_len - (sep + 1 - bech32); + u5data = tal_arr(NULL, u5, datalen); + for (size_t i = 0; i < datalen; i++) { + int c = sep[1+i]; + if (c < 0 || c > 128) + goto fail; + c = fixup_char(c, &upper, &lower); + if (bech32_charset_rev[c] == -1) + goto fail; + u5data[i] = bech32_charset_rev[c]; + } + + /* Check case consistency */ + if (upper && lower) + goto fail; + + *data = tal_arr(ctx, u8, 0); + bech32_pull_bits(data, u5data, tal_bytelen(u5data) * 5); + tal_free(u5data); + return true; + +fail: + *hrp = tal_free(*hrp); + tal_free(u5data); + return false; +} + +char *to_bech32_charset(const tal_t *ctx, + const char *hrp, const u8 *data) +{ + u5 *u5data = tal_arr(NULL, u5, 0); + char *ret; + + bech32_push_bits(&u5data, data, tal_bytelen(data) * 8); + ret = tal_dup_arr(ctx, char, hrp, strlen(hrp), + 1 + tal_bytelen(u5data) + 1); + ret[strlen(hrp)] = '1'; + for (size_t i = 0; i < tal_bytelen(u5data); i++) + ret[strlen(hrp) + 1 + i] = bech32_charset[u5data[i]]; + ret[strlen(hrp) + 1 + tal_bytelen(u5data)] = '\0'; + tal_free(u5data); + return ret; +} diff --git a/bolt11/bech32_util.h b/bolt11/bech32_util.h @@ -0,0 +1,28 @@ +#ifndef LIGHTNING_COMMON_BECH32_UTIL_H +#define LIGHTNING_COMMON_BECH32_UTIL_H +#include "../config.h" + +#include "tal.h" +#include "hash_u5.h" + +/** + * Push the bytes in src in 5 bit format onto the end of data. + */ +void bech32_push_bits(u5 **data, const void *src, size_t nbits); + +/** + * Push the bytes in src in 8 bit format onto the end of data. + */ +void bech32_pull_bits(u8 **data, const u5 *src, size_t nbits); + +/** + * Checksumless bech32 routines. + */ +bool from_bech32_charset(const tal_t *ctx, + const char *bech32, size_t bech32_len, + char **hrp, u8 **data); + +char *to_bech32_charset(const tal_t *ctx, + const char *hrp, const u8 *data); + +#endif /* LIGHTNING_COMMON_BECH32_UTIL_H */ diff --git a/bolt11/bolt11.c b/bolt11/bolt11.c @@ -0,0 +1,676 @@ +// +// bolt11.c +// damus +// +// Created by William Casarin on 2022-10-18. +// + +#include "bolt11.h" + +//#include "address.h" +//#include "script.h" +#include "bech32.h" +#include "utf8.h" +#include "../compiler.h" +#include "../endian.h" +#include "list.h" +#include "talstr.h" +#include "tal.h" +#include "node_id.h" +#include "bech32_util.h" +#include "bolt11.h" +#include "amount.h" +#include "array_size.h" +#include "structeq.h" + +//#include "features.h" +#include <errno.h> +#include <inttypes.h> +#include <assert.h> + +#define MSAT_PER_SAT ((u64)1000) +#define SAT_PER_BTC ((u64)100000000) +#define MSAT_PER_BTC (MSAT_PER_SAT * SAT_PER_BTC) + +struct multiplier { + const char letter; + /* We can't represent p postfix to msat, so we multiply this by 10 */ + u64 m10; +}; + +/* BOLT #11: + * + * The following `multiplier` letters are defined: + * + * * `m` (milli): multiply by 0.001 + * * `u` (micro): multiply by 0.000001 + * * `n` (nano): multiply by 0.000000001 + * * `p` (pico): multiply by 0.000000000001 + */ +static struct multiplier multipliers[] = { + { 'm', 10 * MSAT_PER_BTC / 1000 }, + { 'u', 10 * MSAT_PER_BTC / 1000000 }, + { 'n', 10 * MSAT_PER_BTC / 1000000000 }, + { 'p', 10 * MSAT_PER_BTC / 1000000000000ULL } +}; + +/* If pad is false, we discard any bits which don't fit in the last byte. + * Otherwise we add an extra byte */ +static bool pull_bits(struct hash_u5 *hu5, + u5 **data, size_t *data_len, void *dst, size_t nbits, + bool pad) +{ + size_t n5 = nbits / 5; + size_t len = 0; + + if (nbits % 5) + n5++; + + if (*data_len < n5) + return false; + if (!bech32_convert_bits(dst, &len, 8, *data, n5, 5, pad)) + return false; + if (hu5) + hash_u5(hu5, *data, n5); + *data += n5; + *data_len -= n5; + + return true; +} + +/* For pulling fields where we should have checked it will succeed already. */ +#ifndef NDEBUG +#define pull_bits_certain(hu5, data, data_len, dst, nbits, pad) \ + assert(pull_bits((hu5), (data), (data_len), (dst), (nbits), (pad))) +#else +#define pull_bits_certain pull_bits +#endif + +/* Helper for pulling a variable-length big-endian int. */ +static bool pull_uint(struct hash_u5 *hu5, + u5 **data, size_t *data_len, + u64 *val, size_t databits) +{ + be64 be_val; + + /* Too big. */ + if (databits > sizeof(be_val) * CHAR_BIT) + return false; + if (!pull_bits(hu5, data, data_len, &be_val, databits, true)) + return false; + *val = be64_to_cpu(be_val) >> (sizeof(be_val) * CHAR_BIT - databits); + return true; +} + +static size_t num_u8(size_t num_u5) +{ + return (num_u5 * 5 + 4) / 8; +} + +/* Frees bolt11, returns NULL. */ +static struct bolt11 *decode_fail(struct bolt11 *b11, char **fail, + const char *fmt, ...) + PRINTF_FMT(3,4); + +static struct bolt11 *decode_fail(struct bolt11 *b11, char **fail, + const char *fmt, ...) +{ + va_list ap; + + va_start(ap, fmt); + *fail = tal_vfmt(tal_parent(b11), fmt, ap); + va_end(ap); + return tal_free(b11); +} + +/* + * These handle specific fields in the payment request; returning the problem + * if any, or NULL. + */ +static char *unknown_field(struct bolt11 *b11, + struct hash_u5 *hu5, + u5 **data, size_t *data_len, + u5 type, size_t length) +{ + struct bolt11_field *extra = tal(b11, struct bolt11_field); + u8 u8data[num_u8(length)]; + + extra->tag = type; + extra->data = tal_dup_arr(extra, u5, *data, length, 0); + list_add_tail(&b11->extra_fields, &extra->list); + + pull_bits_certain(hu5, data, data_len, u8data, length * 5, true); + return NULL; +} + +/* BOLT #11: + * + * `p` (1): `data_length` 52. 256-bit SHA256 payment_hash. Preimage of this + * provides proof of payment + */ +static void decode_p(struct bolt11 *b11, + struct hash_u5 *hu5, + u5 **data, size_t *data_len, + size_t data_length, bool *have_p) +{ + /* BOLT #11: + * + * A payer... SHOULD use the first `p` field that it did NOT + * skip as the payment hash. + */ + if (*have_p) { + unknown_field(b11, hu5, data, data_len, 'p', data_length); + return; + } + + /* BOLT #11: + * + * A reader... MUST skip over unknown fields, OR an `f` field + * with unknown `version`, OR `p`, `h`, `s` or `n` fields that do + * NOT have `data_length`s of 52, 52, 52 or 53, respectively. + */ + if (data_length != 52) { + unknown_field(b11, hu5, data, data_len, 'p', data_length); + return; + } + + pull_bits_certain(hu5, data, data_len, &b11->payment_hash, 256, false); + *have_p = true; +} + + +static char *utf8_str(const tal_t *ctx, const u8 *buf TAKES, size_t buflen) +{ + char *ret; + + if (!utf8_check(buf, buflen)) { + if (taken(buf)) + tal_free(buf); + return NULL; + } + + /* Add one for nul term */ + ret = tal_dup_arr(ctx, char, (const char *)buf, buflen, 1); + ret[buflen] = '\0'; + return ret; +} + + +/* BOLT #11: + * + * `d` (13): `data_length` variable. Short description of purpose of payment + * (UTF-8), e.g. '1 cup of coffee' or 'ナンセンス 1杯' + */ +static char *decode_d(struct bolt11 *b11, + struct hash_u5 *hu5, + u5 **data, size_t *data_len, + size_t data_length, bool *have_d) +{ + u8 *desc; + if (*have_d) + return unknown_field(b11, hu5, data, data_len, 'd', data_length); + + desc = tal_arr(NULL, u8, data_length * 5 / 8); + pull_bits_certain(hu5, data, data_len, desc, data_length*5, false); + + *have_d = true; + b11->description = utf8_str(b11, take(desc), tal_bytelen(desc)); + if (b11->description) + return NULL; + + return tal_fmt(b11, "d: invalid utf8"); +} + +/* BOLT #11: + * + * `h` (23): `data_length` 52. 256-bit description of purpose of payment + * (SHA256). This is used to commit to an associated description that is over + * 639 bytes, but the transport mechanism for the description in that case is + * transport specific and not defined here. + */ +static void decode_h(struct bolt11 *b11, + struct hash_u5 *hu5, + u5 **data, size_t *data_len, + size_t data_length, bool *have_h) +{ + if (*have_h) { + unknown_field(b11, hu5, data, data_len, 'h', data_length); + return; + } + + /* BOLT #11: + * + * A reader... MUST skip over unknown fields, OR an `f` field + * with unknown `version`, OR `p`, `h`, `s` or `n` fields that do + * NOT have `data_length`s of 52, 52, 52 or 53, respectively. */ + if (data_length != 52) { + unknown_field(b11, hu5, data, data_len, 'h', data_length); + return; + } + + b11->description_hash = tal(b11, struct sha256); + pull_bits_certain(hu5, data, data_len, b11->description_hash, 256, + false); + *have_h = true; +} + +/* BOLT #11: + * + * `x` (6): `data_length` variable. `expiry` time in seconds + * (big-endian). Default is 3600 (1 hour) if not specified. + */ +#define DEFAULT_X 3600 +static char *decode_x(struct bolt11 *b11, + struct hash_u5 *hu5, + u5 **data, size_t *data_len, + size_t data_length, bool *have_x) +{ + if (*have_x) + return unknown_field(b11, hu5, data, data_len, 'x', + data_length); + + /* FIXME: Put upper limit in bolt 11 */ + if (!pull_uint(hu5, data, data_len, &b11->expiry, data_length * 5)) + return tal_fmt(b11, "x: length %zu chars is excessive", + *data_len); + + *have_x = true; + return NULL; +} + +/* BOLT #11: + * + * `c` (24): `data_length` variable. `min_final_cltv_expiry` to use for the + * last HTLC in the route. Default is 18 if not specified. + */ +static char *decode_c(struct bolt11 *b11, + struct hash_u5 *hu5, + u5 **data, size_t *data_len, + size_t data_length, bool *have_c) +{ + u64 c; + if (*have_c) + return unknown_field(b11, hu5, data, data_len, 'c', + data_length); + + /* FIXME: Put upper limit in bolt 11 */ + if (!pull_uint(hu5, data, data_len, &c, data_length * 5)) + return tal_fmt(b11, "c: length %zu chars is excessive", + *data_len); + b11->min_final_cltv_expiry = (u32)c; + /* Can overflow, since c is 64 bits but value must be < 32 bits */ + if (b11->min_final_cltv_expiry != c) + return tal_fmt(b11, "c: %"PRIu64" is too large", c); + + *have_c = true; + return NULL; +} + +static char *decode_n(struct bolt11 *b11, + struct hash_u5 *hu5, + u5 **data, size_t *data_len, + size_t data_length, bool *have_n) +{ + if (*have_n) + return unknown_field(b11, hu5, data, data_len, 'n', + data_length); + + /* BOLT #11: + * + * A reader... MUST skip over unknown fields, OR an `f` field + * with unknown `version`, OR `p`, `h`, `s` or `n` fields that do + * NOT have `data_length`s of 52, 52, 52 or 53, respectively. */ + if (data_length != 53) + return unknown_field(b11, hu5, data, data_len, 'n', + data_length); + + pull_bits_certain(hu5, data, data_len, &b11->receiver_id.k, + data_length * 5, false); + /* + if (!node_id_valid(&b11->receiver_id)) + return tal_fmt(b11, "n: invalid pubkey %s", + node_id_to_hexstr(b11, &b11->receiver_id)); + */ + + *have_n = true; + return NULL; +} + +/* BOLT #11: + * + * `m` (27): `data_length` variable. Additional metadata to attach to + * the payment. Note that the size of this field is limited by the + * maximum hop payload size. Long metadata fields reduce the maximum + * route length. + */ +static char *decode_m(struct bolt11 *b11, + struct hash_u5 *hu5, + u5 **data, size_t *data_len, + size_t data_length, + bool *have_m) +{ + size_t mlen = (data_length * 5) / 8; + + if (*have_m) + return unknown_field(b11, hu5, data, data_len, 'm', + data_length); + + b11->metadata = tal_arr(b11, u8, mlen); + pull_bits_certain(hu5, data, data_len, b11->metadata, + data_length * 5, false); + + *have_m = true; + return NULL; +} + +struct bolt11 *new_bolt11(const tal_t *ctx) +{ + struct bolt11 *b11 = tal(ctx, struct bolt11); + + list_head_init(&b11->extra_fields); + b11->description = NULL; + b11->description_hash = NULL; + b11->fallbacks = NULL; + b11->msat = NULL; + b11->expiry = DEFAULT_X; + b11->features = tal_arr(b11, u8, 0); + /* BOLT #11: + * - if the `c` field (`min_final_cltv_expiry`) is not provided: + * - MUST use an expiry delta of at least 18 when making the payment + */ + b11->min_final_cltv_expiry = 18; + //b11->payment_secret = NULL; + b11->metadata = NULL; + + //if (msat) + //b11->msat = tal_dup(b11, struct amount_msat, msat); + return b11; +} + +/* Define sha256_eq. */ +//STRUCTEQ_DEF(sha256, 0, u); + +/* Extracts signature but does not check it. */ +struct bolt11 *bolt11_decode_nosig(const tal_t *ctx, const char *str, u5 **sig, char **fail) +{ + char *hrp, *amountstr, *prefix; + u5 *data; + size_t data_len; + struct bolt11 *b11 = new_bolt11(ctx); + struct hash_u5 hu5; + bool have_p = false, have_d = false, have_h = false, have_n = false, + have_x = false, have_c = false, have_m = false; + + /* BOLT #11: + * + * If a URI scheme is desired, the current recommendation is to either + * use 'lightning:' as a prefix before the BOLT-11 encoding + */ + if (strstarts(str, "lightning:") || strstarts(str, "LIGHTNING:")) + str += strlen("lightning:"); + + if (strlen(str) < 8) + return decode_fail(b11, fail, "Bad bech32 string"); + + hrp = tal_arr(b11, char, strlen(str) - 6); + data = tal_arr(b11, u5, strlen(str) - 8); + + if (bech32_decode(hrp, data, &data_len, str, (size_t)-1) + != BECH32_ENCODING_BECH32) + return decode_fail(b11, fail, "Bad bech32 string"); + + /* For signature checking at the end. */ + hash_u5_init(&hu5, hrp); + + /* BOLT #11: + * + * The human-readable part of a Lightning invoice consists of two sections: + * 1. `prefix`: `ln` + BIP-0173 currency prefix (e.g. `lnbc` for Bitcoin mainnet, + * `lntb` for Bitcoin testnet, `lntbs` for Bitcoin signet, and `lnbcrt` for Bitcoin regtest) + * 1. `amount`: optional number in that currency, followed by an optional + * `multiplier` letter. The unit encoded here is the 'social' convention of a payment unit -- in the case of Bitcoin the unit is 'bitcoin' NOT satoshis. + */ + prefix = tal_strndup(b11, hrp, strcspn(hrp, "0123456789")); + + /* BOLT #11: + * + * A reader...if it does NOT understand the `prefix`... MUST fail the payment. + */ + if (!strstarts(prefix, "ln")) + return decode_fail(b11, fail, + "Prefix '%s' does not start with ln", prefix); + + /* BOLT #11: + * + * - if the `amount` is empty: + * */ + amountstr = tal_strdup(b11, hrp + strlen(prefix)); + if (streq(amountstr, "")) { + /* BOLT #11: + * + * - SHOULD indicate to the payer that amount is unspecified. + */ + b11->msat = NULL; + } else { + u64 m10 = 10 * MSAT_PER_BTC; /* Pico satoshis in a Bitcoin */ + u64 amount; + char *end; + + /* Gather and trim multiplier */ + end = amountstr + strlen(amountstr)-1; + for (size_t i = 0; i < ARRAY_SIZE(multipliers); i++) { + if (*end == multipliers[i].letter) { + m10 = multipliers[i].m10; + *end = '\0'; + break; + } + } + + /* BOLT #11: + * + * if `amount` contains a non-digit OR is followed by + * anything except a `multiplier` (see table above)... MUST fail the + * payment. + **/ + amount = strtoull(amountstr, &end, 10); + if (amount == ULLONG_MAX && errno == ERANGE) + return decode_fail(b11, fail, + "Invalid amount '%s'", amountstr); + if (!*amountstr || *end) + return decode_fail(b11, fail, + "Invalid amount postfix '%s'", end); + + /* BOLT #11: + * + * if the `multiplier` is present... MUST multiply + * `amount` by the `multiplier` value to derive the + * amount required for payment. + */ + b11->msat = tal(b11, struct amount_msat); + /* BOLT #11: + * + * - if multiplier is `p` and the last decimal of `amount` is + * not 0: + * - MUST fail the payment. + */ + if (amount * m10 % 10 != 0) + return decode_fail(b11, fail, + "Invalid sub-millisatoshi amount" + " '%sp'", amountstr); + + *b11->msat = amount_msat(amount * m10 / 10); + } + + /* BOLT #11: + * + * The data part of a Lightning invoice consists of multiple sections: + * + * 1. `timestamp`: seconds-since-1970 (35 bits, big-endian) + * 1. zero or more tagged parts + * 1. `signature`: Bitcoin-style signature of above (520 bits) + */ + if (!pull_uint(&hu5, &data, &data_len, &b11->timestamp, 35)) + return decode_fail(b11, fail, "Can't get 35-bit timestamp"); + + while (data_len > 520 / 5) { + const char *problem = NULL; + u64 type, data_length; + + /* BOLT #11: + * + * Each Tagged Field is of the form: + * + * 1. `type` (5 bits) + * 1. `data_length` (10 bits, big-endian) + * 1. `data` (`data_length` x 5 bits) + */ + if (!pull_uint(&hu5, &data, &data_len, &type, 5) + || !pull_uint(&hu5, &data, &data_len, &data_length, 10)) + return decode_fail(b11, fail, + "Can't get tag and length"); + + /* Can't exceed total data remaining. */ + if (data_length > data_len) + return decode_fail(b11, fail, "%c: truncated", + bech32_charset[type]); + + switch (bech32_charset[type]) { + case 'p': + decode_p(b11, &hu5, &data, &data_len, data_length, + &have_p); + break; + + case 'd': + problem = decode_d(b11, &hu5, &data, &data_len, + data_length, &have_d); + break; + + case 'h': + decode_h(b11, &hu5, &data, &data_len, data_length, + &have_h); + break; + + case 'n': + problem = decode_n(b11, &hu5, &data, + &data_len, data_length, + &have_n); + break; + + case 'x': + problem = decode_x(b11, &hu5, &data, + &data_len, data_length, + &have_x); + break; + + case 'c': + problem = decode_c(b11, &hu5, &data, + &data_len, data_length, + &have_c); + break; + + /* + case 'f': + problem = decode_f(b11, &hu5, &data, + &data_len, data_length); + break; + case 'r': + problem = decode_r(b11, &hu5, &data, &data_len, + data_length); + break; + case '9': + problem = decode_9(b11, our_features, &hu5, + &data, &data_len, + data_length); + break; + case 's': + problem = decode_s(b11, &hu5, &data, &data_len, + data_length, &have_s); + break; + */ + case 'm': + problem = decode_m(b11, &hu5, &data, &data_len, + data_length, &have_m); + break; + default: + unknown_field(b11, &hu5, &data, &data_len, + bech32_charset[type], data_length); + } + if (problem) + return decode_fail(b11, fail, "%s", problem); + } + + if (!have_p) + return decode_fail(b11, fail, "No valid 'p' field found"); + + *sig = tal_dup_arr(ctx, u5, data, data_len, 0); + return b11; +} + +/* Decodes and checks signature; returns NULL on error. */ +struct bolt11 *bolt11_decode(const tal_t *ctx, const char *str, char **fail) +{ + u5 *sigdata; + size_t data_len; + u8 sig_and_recid[65]; + //secp256k1_ecdsa_recoverable_signature sig; + struct bolt11 *b11; + + b11 = bolt11_decode_nosig(ctx, str, &sigdata, fail); + if (!b11) + return NULL; + + /* BOLT #11: + * + * A writer...MUST set `signature` to a valid 512-bit + * secp256k1 signature of the SHA2 256-bit hash of the + * human-readable part, represented as UTF-8 bytes, + * concatenated with the data part (excluding the signature) + * with 0 bits appended to pad the data to the next byte + * boundary, with a trailing byte containing the recovery ID + * (0, 1, 2, or 3). + */ + data_len = tal_count(sigdata); + if (!pull_bits(NULL, &sigdata, &data_len, sig_and_recid, 520, false)) + return decode_fail(b11, fail, "signature truncated"); + + assert(data_len == 0); + + /* + if (!secp256k1_ecdsa_recoverable_signature_parse_compact + (secp256k1_ctx, &sig, sig_and_recid, sig_and_recid[64])) + return decode_fail(b11, fail, "signature invalid"); + + secp256k1_ecdsa_recoverable_signature_convert(secp256k1_ctx, + &b11->sig, &sig); + */ + + /* BOLT #11: + * + * A reader... MUST check that the `signature` is valid (see + * the `n` tagged field specified below). ... A reader... + * MUST use the `n` field to validate the signature instead of + * performing signature recovery. + */ + /* + if (!have_n) { + struct pubkey k; + if (!secp256k1_ecdsa_recover(secp256k1_ctx, + &k.pubkey, + &sig, + (const u8 *)&hash)) + return decode_fail(b11, fail, + "signature recovery failed"); + node_id_from_pubkey(&b11->receiver_id, &k); + } else { + struct pubkey k; + if (!pubkey_from_node_id(&k, &b11->receiver_id)) + abort(); + if (!secp256k1_ecdsa_verify(secp256k1_ctx, &b11->sig, + (const u8 *)&hash, + &k.pubkey)) + return decode_fail(b11, fail, "invalid signature"); + } + */ + + return b11; +} diff --git a/bolt11/bolt11.h b/bolt11/bolt11.h @@ -0,0 +1,104 @@ +#ifndef LIGHTNING_COMMON_BOLT11_H +#define LIGHTNING_COMMON_BOLT11_H + +#include "short_types.h" +#include "hash_u5.h" +#include "list.h" +#include "node_id.h" +//#include <secp256k1_recovery.h> + +/* We only have 10 bits for the field length, meaning < 640 bytes */ +#define BOLT11_FIELD_BYTE_LIMIT ((1 << 10) * 5 / 8) + +/* BOLT #11: + * * `c` (24): `data_length` variable. + * `min_final_cltv_expiry` to use for the last HTLC in the route. + * Default is 18 if not specified. + */ +#define DEFAULT_FINAL_CLTV_DELTA 18 + +struct feature_set; + +struct bolt11_field { + struct list_node list; + + char tag; + u5 *data; +}; + +/* BOLT #11: + * * `pubkey` (264 bits) + * * `short_channel_id` (64 bits) + * * `fee_base_msat` (32 bits, big-endian) + * * `fee_proportional_millionths` (32 bits, big-endian) + * * `cltv_expiry_delta` (16 bits, big-endian) + */ + +/* +struct route_info { + struct node_id pubkey; + u16 cltv_expiry_delta; + struct short_channel_id short_channel_id; + u32 fee_base_msat, fee_proportional_millionths; +}; + */ + +struct bolt11 { + const struct chainparams *chain; + u64 timestamp; + struct amount_msat *msat; /* NULL if not specified. */ + + struct sha256 payment_hash; + struct node_id receiver_id; + + /* description_hash valid if and only if description is NULL. */ + const char *description; + struct sha256 *description_hash; + + /* How many seconds to pay from @timestamp above. */ + u64 expiry; + + /* How many blocks final hop requires. */ + u32 min_final_cltv_expiry; + + /* If non-NULL, indicates fallback addresses to pay to. */ + const u8 **fallbacks; + + /* If non-NULL: array of route arrays */ + //struct route_info **routes; + + /* signature of sha256 of entire thing. */ + //secp256k1_ecdsa_signature sig; + + /* payment secret, if any. */ + //struct secret *payment_secret; + + /* Features bitmap, if any. */ + u8 *features; + + /* Optional metadata to send with payment. */ + u8 *metadata; + + struct list_head extra_fields; +}; + +/* Decodes and checks signature; returns NULL on error; description is + * (optional) out-of-band description of payment, for `h` field. + * fset is NULL to accept any features (usually not desirable!). + * + * if @must_be_chain is not NULL, fails unless it's this chain. + */ +struct bolt11 *bolt11_decode(const tal_t *ctx, const char *str, char **fail); + +/* Extracts signature but does not check it. */ +struct bolt11 *bolt11_decode_nosig(const tal_t *ctx, const char *str, u5 **sigdata, char **fail); + +/* Initialize an empty bolt11 struct with optional amount */ +struct bolt11 *new_bolt11(const tal_t *ctx); + +#if DEVELOPER +/* Flag for tests to suppress `min_final_cltv_expiry` field generation, to match test vectors */ +extern bool dev_bolt11_no_c_generation; +#endif + +#endif /* LIGHTNING_COMMON_BOLT11_H */ diff --git a/bolt11/build_assert.h b/bolt11/build_assert.h @@ -0,0 +1,40 @@ +/* CC0 (Public domain) - see LICENSE file for details */ +#ifndef CCAN_BUILD_ASSERT_H +#define CCAN_BUILD_ASSERT_H + +/** + * BUILD_ASSERT - assert a build-time dependency. + * @cond: the compile-time condition which must be true. + * + * Your compile will fail if the condition isn't true, or can't be evaluated + * by the compiler. This can only be used within a function. + * + * Example: + * #include <stddef.h> + * ... + * static char *foo_to_char(struct foo *foo) + * { + * // This code needs string to be at start of foo. + * BUILD_ASSERT(offsetof(struct foo, string) == 0); + * return (char *)foo; + * } + */ +#define BUILD_ASSERT(cond) \ + do { (void) sizeof(char [1 - 2*!(cond)]); } while(0) + +/** + * BUILD_ASSERT_OR_ZERO - assert a build-time dependency, as an expression. + * @cond: the compile-time condition which must be true. + * + * Your compile will fail if the condition isn't true, or can't be evaluated + * by the compiler. This can be used in an expression: its value is "0". + * + * Example: + * #define foo_to_char(foo) \ + * ((char *)(foo) \ + * + BUILD_ASSERT_OR_ZERO(offsetof(struct foo, string) == 0)) + */ +#define BUILD_ASSERT_OR_ZERO(cond) \ + (sizeof(char [1 - 2*!(cond)]) - 1) + +#endif /* CCAN_BUILD_ASSERT_H */ diff --git a/bolt11/check_type.h b/bolt11/check_type.h @@ -0,0 +1,64 @@ +/* CC0 (Public domain) - see LICENSE file for details */ +#ifndef CCAN_CHECK_TYPE_H +#define CCAN_CHECK_TYPE_H +#include "../config.h" + +/** + * check_type - issue a warning or build failure if type is not correct. + * @expr: the expression whose type we should check (not evaluated). + * @type: the exact type we expect the expression to be. + * + * This macro is usually used within other macros to try to ensure that a macro + * argument is of the expected type. No type promotion of the expression is + * done: an unsigned int is not the same as an int! + * + * check_type() always evaluates to 0. + * + * If your compiler does not support typeof, then the best we can do is fail + * to compile if the sizes of the types are unequal (a less complete check). + * + * Example: + * // They should always pass a 64-bit value to _set_some_value! + * #define set_some_value(expr) \ + * _set_some_value((check_type((expr), uint64_t), (expr))) + */ + +/** + * check_types_match - issue a warning or build failure if types are not same. + * @expr1: the first expression (not evaluated). + * @expr2: the second expression (not evaluated). + * + * This macro is usually used within other macros to try to ensure that + * arguments are of identical types. No type promotion of the expressions is + * done: an unsigned int is not the same as an int! + * + * check_types_match() always evaluates to 0. + * + * If your compiler does not support typeof, then the best we can do is fail + * to compile if the sizes of the types are unequal (a less complete check). + * + * Example: + * // Do subtraction to get to enclosing type, but make sure that + * // pointer is of correct type for that member. + * #define container_of(mbr_ptr, encl_type, mbr) \ + * (check_types_match((mbr_ptr), &((encl_type *)0)->mbr), \ + * ((encl_type *) \ + * ((char *)(mbr_ptr) - offsetof(encl_type, mbr)))) + */ +#if HAVE_TYPEOF +#define check_type(expr, type) \ + ((typeof(expr) *)0 != (type *)0) + +#define check_types_match(expr1, expr2) \ + ((typeof(expr1) *)0 != (typeof(expr2) *)0) +#else +#include <ccan/build_assert/build_assert.h> +/* Without typeof, we can only test the sizes. */ +#define check_type(expr, type) \ + BUILD_ASSERT_OR_ZERO(sizeof(expr) == sizeof(type)) + +#define check_types_match(expr1, expr2) \ + BUILD_ASSERT_OR_ZERO(sizeof(expr1) == sizeof(expr2)) +#endif /* HAVE_TYPEOF */ + +#endif /* CCAN_CHECK_TYPE_H */ diff --git a/bolt11/container_of.h b/bolt11/container_of.h @@ -0,0 +1,145 @@ +/* CC0 (Public domain) - see LICENSE file for details */ +#ifndef CCAN_CONTAINER_OF_H +#define CCAN_CONTAINER_OF_H +#include <stddef.h> + +#include "../config.h" +#include "check_type.h" + +/** + * container_of - get pointer to enclosing structure + * @member_ptr: pointer to the structure member + * @containing_type: the type this member is within + * @member: the name of this member within the structure. + * + * Given a pointer to a member of a structure, this macro does pointer + * subtraction to return the pointer to the enclosing type. + * + * Example: + * struct foo { + * int fielda, fieldb; + * // ... + * }; + * struct info { + * int some_other_field; + * struct foo my_foo; + * }; + * + * static struct info *foo_to_info(struct foo *foo) + * { + * return container_of(foo, struct info, my_foo); + * } + */ +#define container_of(member_ptr, containing_type, member) \ + ((containing_type *) \ + ((char *)(member_ptr) \ + - container_off(containing_type, member)) \ + + check_types_match(*(member_ptr), ((containing_type *)0)->member)) + + +/** + * container_of_or_null - get pointer to enclosing structure, or NULL + * @member_ptr: pointer to the structure member + * @containing_type: the type this member is within + * @member: the name of this member within the structure. + * + * Given a pointer to a member of a structure, this macro does pointer + * subtraction to return the pointer to the enclosing type, unless it + * is given NULL, in which case it also returns NULL. + * + * Example: + * struct foo { + * int fielda, fieldb; + * // ... + * }; + * struct info { + * int some_other_field; + * struct foo my_foo; + * }; + * + * static struct info *foo_to_info_allowing_null(struct foo *foo) + * { + * return container_of_or_null(foo, struct info, my_foo); + * } + */ +static inline char *container_of_or_null_(void *member_ptr, size_t offset) +{ + return member_ptr ? (char *)member_ptr - offset : NULL; +} +#define container_of_or_null(member_ptr, containing_type, member) \ + ((containing_type *) \ + container_of_or_null_(member_ptr, \ + container_off(containing_type, member)) \ + + check_types_match(*(member_ptr), ((containing_type *)0)->member)) + +/** + * container_off - get offset to enclosing structure + * @containing_type: the type this member is within + * @member: the name of this member within the structure. + * + * Given a pointer to a member of a structure, this macro does + * typechecking and figures out the offset to the enclosing type. + * + * Example: + * struct foo { + * int fielda, fieldb; + * // ... + * }; + * struct info { + * int some_other_field; + * struct foo my_foo; + * }; + * + * static struct info *foo_to_info(struct foo *foo) + * { + * size_t off = container_off(struct info, my_foo); + * return (void *)((char *)foo - off); + * } + */ +#define container_off(containing_type, member) \ + offsetof(containing_type, member) + +/** + * container_of_var - get pointer to enclosing structure using a variable + * @member_ptr: pointer to the structure member + * @container_var: a pointer of same type as this member's container + * @member: the name of this member within the structure. + * + * Given a pointer to a member of a structure, this macro does pointer + * subtraction to return the pointer to the enclosing type. + * + * Example: + * static struct info *foo_to_i(struct foo *foo) + * { + * struct info *i = container_of_var(foo, i, my_foo); + * return i; + * } + */ +#if HAVE_TYPEOF +#define container_of_var(member_ptr, container_var, member) \ + container_of(member_ptr, typeof(*container_var), member) +#else +#define container_of_var(member_ptr, container_var, member) \ + ((void *)((char *)(member_ptr) - \ + container_off_var(container_var, member))) +#endif + +/** + * container_off_var - get offset of a field in enclosing structure + * @container_var: a pointer to a container structure + * @member: the name of a member within the structure. + * + * Given (any) pointer to a structure and a its member name, this + * macro does pointer subtraction to return offset of member in a + * structure memory layout. + * + */ +#if HAVE_TYPEOF +#define container_off_var(var, member) \ + container_off(typeof(*var), member) +#else +#define container_off_var(var, member) \ + ((const char *)&(var)->member - (const char *)(var)) +#endif + +#endif /* CCAN_CONTAINER_OF_H */ diff --git a/bolt11/cppmagic.h b/bolt11/cppmagic.h @@ -0,0 +1,191 @@ +/* MIT (BSD) license - see LICENSE file for details */ +#ifndef CCAN_CPPMAGIC_H +#define CCAN_CPPMAGIC_H + +/** + * CPPMAGIC_NOTHING - expands to nothing + */ +#define CPPMAGIC_NOTHING() + +/** + * CPPMAGIC_STRINGIFY - convert arguments to a string literal + */ +#define _CPPMAGIC_STRINGIFY(...) #__VA_ARGS__ +#define CPPMAGIC_STRINGIFY(...) _CPPMAGIC_STRINGIFY(__VA_ARGS__) + +/** + * CPPMAGIC_GLUE2 - glue arguments together + * + * CPPMAGIC_GLUE2(@a_, @b_) + * expands to the expansion of @a_ followed immediately + * (combining tokens) by the expansion of @b_ + */ +#define _CPPMAGIC_GLUE2(a_, b_) a_##b_ +#define CPPMAGIC_GLUE2(a_, b_) _CPPMAGIC_GLUE2(a_, b_) + +/** + * CPPMAGIC_1ST - return 1st argument + * + * CPPMAGIC_1ST(@a_, ...) + * expands to the expansion of @a_ + */ +#define CPPMAGIC_1ST(a_, ...) a_ + +/** + * CPPMAGIC_2ND - return 2nd argument + * + * CPPMAGIC_2ST(@a_, @b_, ...) + * expands to the expansion of @b_ + */ +#define CPPMAGIC_2ND(a_, b_, ...) b_ + +/** + * CPPMAGIC_ISZERO - is argument '0' + * + * CPPMAGIC_ISZERO(@a) + * expands to '1' if @a is '0', otherwise expands to '0'. + */ +#define _CPPMAGIC_ISPROBE(...) CPPMAGIC_2ND(__VA_ARGS__, 0) +#define _CPPMAGIC_PROBE() $, 1 +#define _CPPMAGIC_ISZERO_0 _CPPMAGIC_PROBE() +#define CPPMAGIC_ISZERO(a_) \ + _CPPMAGIC_ISPROBE(CPPMAGIC_GLUE2(_CPPMAGIC_ISZERO_, a_)) + +/** + * CPPMAGIC_NONZERO - is argument not '0' + * + * CPPMAGIC_NONZERO(@a) + * expands to '0' if @a is '0', otherwise expands to '1'. + */ +#define CPPMAGIC_NONZERO(a_) CPPMAGIC_ISZERO(CPPMAGIC_ISZERO(a_)) + +/** + * CPPMAGIC_NONEMPTY - does the macro have any arguments? + * + * CPPMAGIC_NONEMPTY() + * expands to '0' + * CPPMAGIC_NONEMPTY(@a) + * CPPMAGIC_NONEMPTY(@a, ...) + * expand to '1' + */ +#define _CPPMAGIC_EOA() 0 +#define CPPMAGIC_NONEMPTY(...) \ + CPPMAGIC_NONZERO(CPPMAGIC_1ST(_CPPMAGIC_EOA __VA_ARGS__)()) + +/** + * CPPMAGIC_ISEMPTY - does the macro have no arguments? + * + * CPPMAGIC_ISEMPTY() + * expands to '1' + * CPPMAGIC_ISEMPTY(@a) + * CPPMAGIC_ISEMPTY(@a, ...) + * expand to '0' + */ +#define CPPMAGIC_ISEMPTY(...) \ + CPPMAGIC_ISZERO(CPPMAGIC_NONEMPTY(__VA_ARGS__)) + +/* + * CPPMAGIC_IFELSE - preprocessor conditional + * + * CPPMAGIC_IFELSE(@cond)(@if)(@else) + * expands to @else if @cond is '0', otherwise expands to @if + */ +#define _CPPMAGIC_IF_0(...) _CPPMAGIC_IF_0_ELSE +#define _CPPMAGIC_IF_1(...) __VA_ARGS__ _CPPMAGIC_IF_1_ELSE +#define _CPPMAGIC_IF_0_ELSE(...) __VA_ARGS__ +#define _CPPMAGIC_IF_1_ELSE(...) +#define _CPPMAGIC_IFELSE(cond_) CPPMAGIC_GLUE2(_CPPMAGIC_IF_, cond_) +#define CPPMAGIC_IFELSE(cond_) \ + _CPPMAGIC_IFELSE(CPPMAGIC_NONZERO(cond_)) + +/** + * CPPMAGIC_EVAL - force multiple expansion passes + * + * Forces macros in the arguments to be expanded repeatedly (up to + * 1024 times) even when CPP would usually stop expanding. + */ +#define CPPMAGIC_EVAL1(...) __VA_ARGS__ +#define CPPMAGIC_EVAL2(...) \ + CPPMAGIC_EVAL1(CPPMAGIC_EVAL1(__VA_ARGS__)) +#define CPPMAGIC_EVAL4(...) \ + CPPMAGIC_EVAL2(CPPMAGIC_EVAL2(__VA_ARGS__)) +#define CPPMAGIC_EVAL8(...) \ + CPPMAGIC_EVAL4(CPPMAGIC_EVAL4(__VA_ARGS__)) +#define CPPMAGIC_EVAL16(...) \ + CPPMAGIC_EVAL8(CPPMAGIC_EVAL8(__VA_ARGS__)) +#define CPPMAGIC_EVAL32(...) \ + CPPMAGIC_EVAL16(CPPMAGIC_EVAL16(__VA_ARGS__)) +#define CPPMAGIC_EVAL64(...) \ + CPPMAGIC_EVAL32(CPPMAGIC_EVAL32(__VA_ARGS__)) +#define CPPMAGIC_EVAL128(...) \ + CPPMAGIC_EVAL64(CPPMAGIC_EVAL64(__VA_ARGS__)) +#define CPPMAGIC_EVAL256(...) \ + CPPMAGIC_EVAL128(CPPMAGIC_EVAL128(__VA_ARGS__)) +#define CPPMAGIC_EVAL512(...) \ + CPPMAGIC_EVAL256(CPPMAGIC_EVAL256(__VA_ARGS__)) +#define CPPMAGIC_EVAL1024(...) \ + CPPMAGIC_EVAL512(CPPMAGIC_EVAL512(__VA_ARGS__)) +#define CPPMAGIC_EVAL(...) CPPMAGIC_EVAL1024(__VA_ARGS__) + +/** + * CPPMAGIC_DEFER1, CPPMAGIC_DEFER2 - defer expansion + */ +#define CPPMAGIC_DEFER1(a_) a_ CPPMAGIC_NOTHING() +#define CPPMAGIC_DEFER2(a_) a_ CPPMAGIC_NOTHING CPPMAGIC_NOTHING()() + +/** + * CPPMAGIC_MAP - iterate another macro across arguments + * @m: name of a one argument macro + * + * CPPMAGIC_MAP(@m, @a1, @a2, ... @an) + * expands to the expansion of @m(@a1) , @m(@a2) , ... , @m(@an) + */ +#define _CPPMAGIC_MAP_() _CPPMAGIC_MAP +#define _CPPMAGIC_MAP(m_, a_, ...) \ + m_(a_) \ + CPPMAGIC_IFELSE(CPPMAGIC_NONEMPTY(__VA_ARGS__)) \ + (, CPPMAGIC_DEFER2(_CPPMAGIC_MAP_)()(m_, __VA_ARGS__)) \ + () +#define CPPMAGIC_MAP(m_, ...) \ + CPPMAGIC_IFELSE(CPPMAGIC_NONEMPTY(__VA_ARGS__)) \ + (CPPMAGIC_EVAL(_CPPMAGIC_MAP(m_, __VA_ARGS__))) \ + () + +/** + * CPPMAGIC_2MAP - iterate another macro across pairs of arguments + * @m: name of a two argument macro + * + * CPPMAGIC_2MAP(@m, @a1, @b1, @a2, @b2, ..., @an, @bn) + * expands to the expansion of + * @m(@a1, @b1) , @m(@a2, @b2) , ... , @m(@an, @bn) + */ +#define _CPPMAGIC_2MAP_() _CPPMAGIC_2MAP +#define _CPPMAGIC_2MAP(m_, a_, b_, ...) \ + m_(a_, b_) \ + CPPMAGIC_IFELSE(CPPMAGIC_NONEMPTY(__VA_ARGS__)) \ + (, CPPMAGIC_DEFER2(_CPPMAGIC_2MAP_)()(m_, __VA_ARGS__)) \ + () +#define CPPMAGIC_2MAP(m_, ...) \ + CPPMAGIC_IFELSE(CPPMAGIC_NONEMPTY(__VA_ARGS__)) \ + (CPPMAGIC_EVAL(_CPPMAGIC_2MAP(m_, __VA_ARGS__))) \ + () + +/** + * CPPMAGIC_JOIN - separate arguments with given delimiter + * @d: delimiter + * + * CPPMAGIC_JOIN(@d, @a1, @a2, ..., @an) + * expands to the expansion of @a1 @d @a2 @d ... @d @an + */ +#define _CPPMAGIC_JOIN_() _CPPMAGIC_JOIN +#define _CPPMAGIC_JOIN(d_, a_, ...) \ + a_ \ + CPPMAGIC_IFELSE(CPPMAGIC_NONEMPTY(__VA_ARGS__)) \ + (d_ CPPMAGIC_DEFER2(_CPPMAGIC_JOIN_)()(d_, __VA_ARGS__)) \ + () +#define CPPMAGIC_JOIN(d_, ...) \ + CPPMAGIC_IFELSE(CPPMAGIC_NONEMPTY(__VA_ARGS__)) \ + (CPPMAGIC_EVAL(_CPPMAGIC_JOIN(d_, __VA_ARGS__))) \ + () + +#endif /* CCAN_CPPMAGIC_H */ diff --git a/bolt11/debug.h b/bolt11/debug.h @@ -0,0 +1,15 @@ + +#ifndef PROTOVERSE_DEBUG_H +#define PROTOVERSE_DEBUG_H + +#include <stdio.h> + +#define unusual(...) fprintf(stderr, "UNUSUAL: " __VA_ARGS__) + +#ifdef DEBUG +#define debug(...) printf(__VA_ARGS__) +#else +#define debug(...) +#endif + +#endif /* PROTOVERSE_DEBUG_H */ diff --git a/bolt11/error.c b/bolt11/error.c @@ -0,0 +1,34 @@ + +#include "error.h" + +#include <stdlib.h> +#include <stdarg.h> + +int note_error_(struct errors *errs_, struct cursor *p, const char *fmt, ...) +{ + static char buf[512]; + struct error err; + struct cursor *errs; + va_list ap; + + errs = &errs_->cur; + + if (errs_->enabled == 0) + return 0; + + va_start(ap, fmt); + vsprintf(buf, fmt, ap); + va_end(ap); + + err.msg = buf; + err.pos = p ? (int)(p->p - p->start) : 0; + + if (!cursor_push_error(errs, &err)) { + fprintf(stderr, "arena OOM when recording error, "); + fprintf(stderr, "errs->p at %ld, remaining %ld, strlen %ld\n", + errs->p - errs->start, errs->end - errs->p, strlen(buf)); + } + + return 0; +} + diff --git a/bolt11/error.h b/bolt11/error.h @@ -0,0 +1,33 @@ + +#ifndef PROTOVERSE_ERROR_H +#define PROTOVERSE_ERROR_H + +#include "cursor.h" + +struct error { + int pos; + const char *msg; +}; + +struct errors { + struct cursor cur; + int enabled; +}; + +#define note_error(errs, p, fmt, ...) note_error_(errs, p, "%s: " fmt, __FUNCTION__, ##__VA_ARGS__) + +static inline int cursor_push_error(struct cursor *cur, struct error *err) +{ + return cursor_push_int(cur, err->pos) && + cursor_push_c_str(cur, err->msg); +} + +static inline int cursor_pull_error(struct cursor *cur, struct error *err) +{ + return cursor_pull_int(cur, &err->pos) && + cursor_pull_c_str(cur, &err->msg); +} + +int note_error_(struct errors *errs, struct cursor *p, const char *fmt, ...); + +#endif /* PROTOVERSE_ERROR_H */ diff --git a/bolt11/hash_u5.c b/bolt11/hash_u5.c @@ -0,0 +1,48 @@ +#include "../config.h" +#include "../endian.h" +#include "hash_u5.h" +#include <string.h> + +void hash_u5_init(struct hash_u5 *hu5, const char *hrp) +{ + hu5->buf = 0; + hu5->num_bits = 0; + sha256_init(&hu5->hash); + sha256_update(&hu5->hash, hrp, strlen(hrp)); +} + +void hash_u5(struct hash_u5 *hu5, const u8 *u5, size_t len) +{ + size_t bits = len * 5; + + while (bits) { + size_t n = 5; + + if (bits < n) + n = bits; + + hu5->buf <<= n; + hu5->buf |= (*u5 >> (5-n)); + bits -= n; + hu5->num_bits += n; + + if (n == 5) + u5++; + + if (hu5->num_bits >= 32) { + be32 be32 = cpu_to_be32((u32)(hu5->buf >> (hu5->num_bits-32))); + sha256_update(&hu5->hash, &be32, sizeof(be32)); + hu5->num_bits -= 32; + } + } +} + +void hash_u5_done(struct hash_u5 *hu5, struct sha256 *res) +{ + if (hu5->num_bits) { + be32 be32 = cpu_to_be32((u32)(hu5->buf << (32 - hu5->num_bits))); + + sha256_update(&hu5->hash, &be32, (hu5->num_bits + 7) / 8); + } + sha256_done(&hu5->hash, res); +} diff --git a/bolt11/hash_u5.h b/bolt11/hash_u5.h @@ -0,0 +1,20 @@ +/* bech32 (thus bolt11) deal in 5-bit values */ +#ifndef LIGHTNING_COMMON_HASH_U5_H +#define LIGHTNING_COMMON_HASH_U5_H +#include "../sha256.h" +#include "short_types.h" + +/* Type to annotate a 5 bit value. */ +typedef unsigned char u5; + +struct hash_u5 { + u64 buf; + unsigned int num_bits; + struct sha256_ctx hash; +}; + +void hash_u5_init(struct hash_u5 *hu5, const char *hrp); +void hash_u5(struct hash_u5 *hu5, const u5 *u5, size_t len); +void hash_u5_done(struct hash_u5 *hu5, struct sha256 *res); + +#endif /* LIGHTNING_COMMON_HASH_U5_H */ diff --git a/bolt11/libnostrdb.a b/bolt11/libnostrdb.a Binary files differ. diff --git a/bolt11/likely.h b/bolt11/likely.h @@ -0,0 +1,115 @@ +/* CC0 (Public domain) - see LICENSE file for details */ +#ifndef CCAN_LIKELY_H +#define CCAN_LIKELY_H +#include "../config.h" +#include <stdbool.h> + +#ifndef CCAN_LIKELY_DEBUG +#if HAVE_BUILTIN_EXPECT +/** + * likely - indicate that a condition is likely to be true. + * @cond: the condition + * + * This uses a compiler extension where available to indicate a likely + * code path and optimize appropriately; it's also useful for readers + * to quickly identify exceptional paths through functions. The + * threshold for "likely" is usually considered to be between 90 and + * 99%; marginal cases should not be marked either way. + * + * See Also: + * unlikely(), likely_stats() + * + * Example: + * // Returns false if we overflow. + * static inline bool inc_int(unsigned int *val) + * { + * (*val)++; + * if (likely(*val)) + * return true; + * return false; + * } + */ +#define likely(cond) __builtin_expect(!!(cond), 1) + +/** + * unlikely - indicate that a condition is unlikely to be true. + * @cond: the condition + * + * This uses a compiler extension where available to indicate an unlikely + * code path and optimize appropriately; see likely() above. + * + * See Also: + * likely(), likely_stats(), COLD (compiler.h) + * + * Example: + * // Prints a warning if we overflow. + * static inline void inc_int(unsigned int *val) + * { + * (*val)++; + * if (unlikely(*val == 0)) + * fprintf(stderr, "Overflow!"); + * } + */ +#define unlikely(cond) __builtin_expect(!!(cond), 0) +#else +#ifndef likely +#define likely(cond) (!!(cond)) +#endif +#ifndef unlikely +#define unlikely(cond) (!!(cond)) +#endif +#endif +#else /* CCAN_LIKELY_DEBUG versions */ +#include <ccan/str/str.h> + +#define likely(cond) \ + (_likely_trace(!!(cond), 1, stringify(cond), __FILE__, __LINE__)) +#define unlikely(cond) \ + (_likely_trace(!!(cond), 0, stringify(cond), __FILE__, __LINE__)) + +long _likely_trace(bool cond, bool expect, + const char *condstr, + const char *file, unsigned int line); +/** + * likely_stats - return description of abused likely()/unlikely() + * @min_hits: minimum number of hits + * @percent: maximum percentage correct + * + * When CCAN_LIKELY_DEBUG is defined, likely() and unlikely() trace their + * results: this causes a significant slowdown, but allows analysis of + * whether the branches are labelled correctly. + * + * This function returns a malloc'ed description of the least-correct + * usage of likely() or unlikely(). It ignores places which have been + * called less than @min_hits times, and those which were predicted + * correctly more than @percent of the time. It returns NULL when + * nothing meets those criteria. + * + * Note that this call is destructive; the returned offender is + * removed from the trace so that the next call to likely_stats() will + * return the next-worst likely()/unlikely() usage. + * + * Example: + * // Print every place hit more than twice which was wrong > 5%. + * static void report_stats(void) + * { + * #ifdef CCAN_LIKELY_DEBUG + * const char *bad; + * + * while ((bad = likely_stats(2, 95)) != NULL) { + * printf("Suspicious likely: %s", bad); + * free(bad); + * } + * #endif + * } + */ +char *likely_stats(unsigned int min_hits, unsigned int percent); + +/** + * likely_stats_reset - free up memory of likely()/unlikely() branches. + * + * This can also plug memory leaks. + */ +void likely_stats_reset(void); +#endif /* CCAN_LIKELY_DEBUG */ +#endif /* CCAN_LIKELY_H */ diff --git a/bolt11/list.c b/bolt11/list.c @@ -0,0 +1,43 @@ +/* Licensed under BSD-MIT - see LICENSE file for details */ +#include <stdio.h> +#include <stdlib.h> +#include "list.h" + +static void *corrupt(const char *abortstr, + const struct list_node *head, + const struct list_node *node, + unsigned int count) +{ + if (abortstr) { + fprintf(stderr, + "%s: prev corrupt in node %p (%u) of %p\n", + abortstr, node, count, head); + abort(); + } + return NULL; +} + +struct list_node *list_check_node(const struct list_node *node, + const char *abortstr) +{ + const struct list_node *p, *n; + int count = 0; + + for (p = node, n = node->next; n != node; p = n, n = n->next) { + count++; + if (n->prev != p) + return corrupt(abortstr, node, n, count); + } + /* Check prev on head node. */ + if (node->prev != p) + return corrupt(abortstr, node, node, 0); + + return (struct list_node *)node; +} + +struct list_head *list_check(const struct list_head *h, const char *abortstr) +{ + if (!list_check_node(&h->n, abortstr)) + return NULL; + return (struct list_head *)h; +} diff --git a/bolt11/list.h b/bolt11/list.h @@ -0,0 +1,842 @@ +/* Licensed under BSD-MIT - see LICENSE file for details */ +#ifndef CCAN_LIST_H +#define CCAN_LIST_H +//#define CCAN_LIST_DEBUG 1 +#include <stdbool.h> +#include <assert.h> +#include "str.h" +#include "container_of.h" +#include "check_type.h" + +/** + * struct list_node - an entry in a doubly-linked list + * @next: next entry (self if empty) + * @prev: previous entry (self if empty) + * + * This is used as an entry in a linked list. + * Example: + * struct child { + * const char *name; + * // Linked list of all us children. + * struct list_node list; + * }; + */ +struct list_node +{ + struct list_node *next, *prev; +}; + +/** + * struct list_head - the head of a doubly-linked list + * @h: the list_head (containing next and prev pointers) + * + * This is used as the head of a linked list. + * Example: + * struct parent { + * const char *name; + * struct list_head children; + * unsigned int num_children; + * }; + */ +struct list_head +{ + struct list_node n; +}; + +/** + * list_check - check head of a list for consistency + * @h: the list_head + * @abortstr: the location to print on aborting, or NULL. + * + * Because list_nodes have redundant information, consistency checking between + * the back and forward links can be done. This is useful as a debugging check. + * If @abortstr is non-NULL, that will be printed in a diagnostic if the list + * is inconsistent, and the function will abort. + * + * Returns the list head if the list is consistent, NULL if not (it + * can never return NULL if @abortstr is set). + * + * See also: list_check_node() + * + * Example: + * static void dump_parent(struct parent *p) + * { + * struct child *c; + * + * printf("%s (%u children):\n", p->name, p->num_children); + * list_check(&p->children, "bad child list"); + * list_for_each(&p->children, c, list) + * printf(" -> %s\n", c->name); + * } + */ +struct list_head *list_check(const struct list_head *h, const char *abortstr); + +/** + * list_check_node - check node of a list for consistency + * @n: the list_node + * @abortstr: the location to print on aborting, or NULL. + * + * Check consistency of the list node is in (it must be in one). + * + * See also: list_check() + * + * Example: + * static void dump_child(const struct child *c) + * { + * list_check_node(&c->list, "bad child list"); + * printf("%s\n", c->name); + * } + */ +struct list_node *list_check_node(const struct list_node *n, + const char *abortstr); + +#define LIST_LOC __FILE__ ":" stringify(__LINE__) +#ifdef CCAN_LIST_DEBUG +#define list_debug(h, loc) list_check((h), loc) +#define list_debug_node(n, loc) list_check_node((n), loc) +#else +#define list_debug(h, loc) ((void)loc, h) +#define list_debug_node(n, loc) ((void)loc, n) +#endif + +/** + * LIST_HEAD_INIT - initializer for an empty list_head + * @name: the name of the list. + * + * Explicit initializer for an empty list. + * + * See also: + * LIST_HEAD, list_head_init() + * + * Example: + * static struct list_head my_list = LIST_HEAD_INIT(my_list); + */ +#define LIST_HEAD_INIT(name) { { &(name).n, &(name).n } } + +/** + * LIST_HEAD - define and initialize an empty list_head + * @name: the name of the list. + * + * The LIST_HEAD macro defines a list_head and initializes it to an empty + * list. It can be prepended by "static" to define a static list_head. + * + * See also: + * LIST_HEAD_INIT, list_head_init() + * + * Example: + * static LIST_HEAD(my_global_list); + */ +#define LIST_HEAD(name) \ + struct list_head name = LIST_HEAD_INIT(name) + +/** + * list_head_init - initialize a list_head + * @h: the list_head to set to the empty list + * + * Example: + * ... + * struct parent *parent = malloc(sizeof(*parent)); + * + * list_head_init(&parent->children); + * parent->num_children = 0; + */ +static inline void list_head_init(struct list_head *h) +{ + h->n.next = h->n.prev = &h->n; +} + +/** + * list_node_init - initialize a list_node + * @n: the list_node to link to itself. + * + * You don't need to use this normally! But it lets you list_del(@n) + * safely. + */ +static inline void list_node_init(struct list_node *n) +{ + n->next = n->prev = n; +} + +/** + * list_add_after - add an entry after an existing node in a linked list + * @h: the list_head to add the node to (for debugging) + * @p: the existing list_node to add the node after + * @n: the new list_node to add to the list. + * + * The existing list_node must already be a member of the list. + * The new list_node does not need to be initialized; it will be overwritten. + * + * Example: + * struct child c1, c2, c3; + * LIST_HEAD(h); + * + * list_add_tail(&h, &c1.list); + * list_add_tail(&h, &c3.list); + * list_add_after(&h, &c1.list, &c2.list); + */ +#define list_add_after(h, p, n) list_add_after_(h, p, n, LIST_LOC) +static inline void list_add_after_(struct list_head *h, + struct list_node *p, + struct list_node *n, + const char *abortstr) +{ + n->next = p->next; + n->prev = p; + p->next->prev = n; + p->next = n; + (void)list_debug(h, abortstr); +} + +/** + * list_add - add an entry at the start of a linked list. + * @h: the list_head to add the node to + * @n: the list_node to add to the list. + * + * The list_node does not need to be initialized; it will be overwritten. + * Example: + * struct child *child = malloc(sizeof(*child)); + * + * child->name = "marvin"; + * list_add(&parent->children, &child->list); + * parent->num_children++; + */ +#define list_add(h, n) list_add_(h, n, LIST_LOC) +static inline void list_add_(struct list_head *h, + struct list_node *n, + const char *abortstr) +{ + list_add_after_(h, &h->n, n, abortstr); +} + +/** + * list_add_before - add an entry before an existing node in a linked list + * @h: the list_head to add the node to (for debugging) + * @p: the existing list_node to add the node before + * @n: the new list_node to add to the list. + * + * The existing list_node must already be a member of the list. + * The new list_node does not need to be initialized; it will be overwritten. + * + * Example: + * list_head_init(&h); + * list_add_tail(&h, &c1.list); + * list_add_tail(&h, &c3.list); + * list_add_before(&h, &c3.list, &c2.list); + */ +#define list_add_before(h, p, n) list_add_before_(h, p, n, LIST_LOC) +static inline void list_add_before_(struct list_head *h, + struct list_node *p, + struct list_node *n, + const char *abortstr) +{ + n->next = p; + n->prev = p->prev; + p->prev->next = n; + p->prev = n; + (void)list_debug(h, abortstr); +} + +/** + * list_add_tail - add an entry at the end of a linked list. + * @h: the list_head to add the node to + * @n: the list_node to add to the list. + * + * The list_node does not need to be initialized; it will be overwritten. + * Example: + * list_add_tail(&parent->children, &child->list); + * parent->num_children++; + */ +#define list_add_tail(h, n) list_add_tail_(h, n, LIST_LOC) +static inline void list_add_tail_(struct list_head *h, + struct list_node *n, + const char *abortstr) +{ + list_add_before_(h, &h->n, n, abortstr); +} + +/** + * list_empty - is a list empty? + * @h: the list_head + * + * If the list is empty, returns true. + * + * Example: + * assert(list_empty(&parent->children) == (parent->num_children == 0)); + */ +#define list_empty(h) list_empty_(h, LIST_LOC) +static inline bool list_empty_(const struct list_head *h, const char* abortstr) +{ + (void)list_debug(h, abortstr); + return h->n.next == &h->n; +} + +/** + * list_empty_nodebug - is a list empty (and don't perform debug checks)? + * @h: the list_head + * + * If the list is empty, returns true. + * This differs from list_empty() in that if CCAN_LIST_DEBUG is set it + * will NOT perform debug checks. Only use this function if you REALLY + * know what you're doing. + * + * Example: + * assert(list_empty_nodebug(&parent->children) == (parent->num_children == 0)); + */ +#ifndef CCAN_LIST_DEBUG +#define list_empty_nodebug(h) list_empty(h) +#else +static inline bool list_empty_nodebug(const struct list_head *h) +{ + return h->n.next == &h->n; +} +#endif + +/** + * list_empty_nocheck - is a list empty? + * @h: the list_head + * + * If the list is empty, returns true. This doesn't perform any + * debug check for list consistency, so it can be called without + * locks, racing with the list being modified. This is ok for + * checks where an incorrect result is not an issue (optimized + * bail out path for example). + */ +static inline bool list_empty_nocheck(const struct list_head *h) +{ + return h->n.next == &h->n; +} + +/** + * list_del - delete an entry from an (unknown) linked list. + * @n: the list_node to delete from the list. + * + * Note that this leaves @n in an undefined state; it can be added to + * another list, but not deleted again. + * + * See also: + * list_del_from(), list_del_init() + * + * Example: + * list_del(&child->list); + * parent->num_children--; + */ +#define list_del(n) list_del_(n, LIST_LOC) +static inline void list_del_(struct list_node *n, const char* abortstr) +{ + (void)list_debug_node(n, abortstr); + n->next->prev = n->prev; + n->prev->next = n->next; +#ifdef CCAN_LIST_DEBUG + /* Catch use-after-del. */ + n->next = n->prev = NULL; +#endif +} + +/** + * list_del_init - delete a node, and reset it so it can be deleted again. + * @n: the list_node to be deleted. + * + * list_del(@n) or list_del_init() again after this will be safe, + * which can be useful in some cases. + * + * See also: + * list_del_from(), list_del() + * + * Example: + * list_del_init(&child->list); + * parent->num_children--; + */ +#define list_del_init(n) list_del_init_(n, LIST_LOC) +static inline void list_del_init_(struct list_node *n, const char *abortstr) +{ + list_del_(n, abortstr); + list_node_init(n); +} + +/** + * list_del_from - delete an entry from a known linked list. + * @h: the list_head the node is in. + * @n: the list_node to delete from the list. + * + * This explicitly indicates which list a node is expected to be in, + * which is better documentation and can catch more bugs. + * + * See also: list_del() + * + * Example: + * list_del_from(&parent->children, &child->list); + * parent->num_children--; + */ +static inline void list_del_from(struct list_head *h, struct list_node *n) +{ +#ifdef CCAN_LIST_DEBUG + { + /* Thorough check: make sure it was in list! */ + struct list_node *i; + for (i = h->n.next; i != n; i = i->next) + assert(i != &h->n); + } +#endif /* CCAN_LIST_DEBUG */ + + /* Quick test that catches a surprising number of bugs. */ + assert(!list_empty(h)); + list_del(n); +} + +/** + * list_swap - swap out an entry from an (unknown) linked list for a new one. + * @o: the list_node to replace from the list. + * @n: the list_node to insert in place of the old one. + * + * Note that this leaves @o in an undefined state; it can be added to + * another list, but not deleted/swapped again. + * + * See also: + * list_del() + * + * Example: + * struct child x1, x2; + * LIST_HEAD(xh); + * + * list_add(&xh, &x1.list); + * list_swap(&x1.list, &x2.list); + */ +#define list_swap(o, n) list_swap_(o, n, LIST_LOC) +static inline void list_swap_(struct list_node *o, + struct list_node *n, + const char* abortstr) +{ + (void)list_debug_node(o, abortstr); + *n = *o; + n->next->prev = n; + n->prev->next = n; +#ifdef CCAN_LIST_DEBUG + /* Catch use-after-del. */ + o->next = o->prev = NULL; +#endif +} + +/** + * list_entry - convert a list_node back into the structure containing it. + * @n: the list_node + * @type: the type of the entry + * @member: the list_node member of the type + * + * Example: + * // First list entry is children.next; convert back to child. + * child = list_entry(parent->children.n.next, struct child, list); + * + * See Also: + * list_top(), list_for_each() + */ +#define list_entry(n, type, member) container_of(n, type, member) + +/** + * list_top - get the first entry in a list + * @h: the list_head + * @type: the type of the entry + * @member: the list_node member of the type + * + * If the list is empty, returns NULL. + * + * Example: + * struct child *first; + * first = list_top(&parent->children, struct child, list); + * if (!first) + * printf("Empty list!\n"); + */ +#define list_top(h, type, member) \ + ((type *)list_top_((h), list_off_(type, member))) + +static inline const void *list_top_(const struct list_head *h, size_t off) +{ + if (list_empty(h)) + return NULL; + return (const char *)h->n.next - off; +} + +/** + * list_pop - remove the first entry in a list + * @h: the list_head + * @type: the type of the entry + * @member: the list_node member of the type + * + * If the list is empty, returns NULL. + * + * Example: + * struct child *one; + * one = list_pop(&parent->children, struct child, list); + * if (!one) + * printf("Empty list!\n"); + */ +#define list_pop(h, type, member) \ + ((type *)list_pop_((h), list_off_(type, member))) + +static inline const void *list_pop_(const struct list_head *h, size_t off) +{ + struct list_node *n; + + if (list_empty(h)) + return NULL; + n = h->n.next; + list_del(n); + return (const char *)n - off; +} + +/** + * list_tail - get the last entry in a list + * @h: the list_head + * @type: the type of the entry + * @member: the list_node member of the type + * + * If the list is empty, returns NULL. + * + * Example: + * struct child *last; + * last = list_tail(&parent->children, struct child, list); + * if (!last) + * printf("Empty list!\n"); + */ +#define list_tail(h, type, member) \ + ((type *)list_tail_((h), list_off_(type, member))) + +static inline const void *list_tail_(const struct list_head *h, size_t off) +{ + if (list_empty(h)) + return NULL; + return (const char *)h->n.prev - off; +} + +/** + * list_for_each - iterate through a list. + * @h: the list_head (warning: evaluated multiple times!) + * @i: the structure containing the list_node + * @member: the list_node member of the structure + * + * This is a convenient wrapper to iterate @i over the entire list. It's + * a for loop, so you can break and continue as normal. + * + * Example: + * list_for_each(&parent->children, child, list) + * printf("Name: %s\n", child->name); + */ +#define list_for_each(h, i, member) \ + list_for_each_off(h, i, list_off_var_(i, member)) + +/** + * list_for_each_rev - iterate through a list backwards. + * @h: the list_head + * @i: the structure containing the list_node + * @member: the list_node member of the structure + * + * This is a convenient wrapper to iterate @i over the entire list. It's + * a for loop, so you can break and continue as normal. + * + * Example: + * list_for_each_rev(&parent->children, child, list) + * printf("Name: %s\n", child->name); + */ +#define list_for_each_rev(h, i, member) \ + list_for_each_rev_off(h, i, list_off_var_(i, member)) + +/** + * list_for_each_rev_safe - iterate through a list backwards, + * maybe during deletion + * @h: the list_head + * @i: the structure containing the list_node + * @nxt: the structure containing the list_node + * @member: the list_node member of the structure + * + * This is a convenient wrapper to iterate @i over the entire list backwards. + * It's a for loop, so you can break and continue as normal. The extra + * variable * @nxt is used to hold the next element, so you can delete @i + * from the list. + * + * Example: + * struct child *next; + * list_for_each_rev_safe(&parent->children, child, next, list) { + * printf("Name: %s\n", child->name); + * } + */ +#define list_for_each_rev_safe(h, i, nxt, member) \ + list_for_each_rev_safe_off(h, i, nxt, list_off_var_(i, member)) + +/** + * list_for_each_safe - iterate through a list, maybe during deletion + * @h: the list_head + * @i: the structure containing the list_node + * @nxt: the structure containing the list_node + * @member: the list_node member of the structure + * + * This is a convenient wrapper to iterate @i over the entire list. It's + * a for loop, so you can break and continue as normal. The extra variable + * @nxt is used to hold the next element, so you can delete @i from the list. + * + * Example: + * list_for_each_safe(&parent->children, child, next, list) { + * list_del(&child->list); + * parent->num_children--; + * } + */ +#define list_for_each_safe(h, i, nxt, member) \ + list_for_each_safe_off(h, i, nxt, list_off_var_(i, member)) + +/** + * list_next - get the next entry in a list + * @h: the list_head + * @i: a pointer to an entry in the list. + * @member: the list_node member of the structure + * + * If @i was the last entry in the list, returns NULL. + * + * Example: + * struct child *second; + * second = list_next(&parent->children, first, list); + * if (!second) + * printf("No second child!\n"); + */ +#define list_next(h, i, member) \ + ((list_typeof(i))list_entry_or_null(list_debug(h, \ + __FILE__ ":" stringify(__LINE__)), \ + (i)->member.next, \ + list_off_var_((i), member))) + +/** + * list_prev - get the previous entry in a list + * @h: the list_head + * @i: a pointer to an entry in the list. + * @member: the list_node member of the structure + * + * If @i was the first entry in the list, returns NULL. + * + * Example: + * first = list_prev(&parent->children, second, list); + * if (!first) + * printf("Can't go back to first child?!\n"); + */ +#define list_prev(h, i, member) \ + ((list_typeof(i))list_entry_or_null(list_debug(h, \ + __FILE__ ":" stringify(__LINE__)), \ + (i)->member.prev, \ + list_off_var_((i), member))) + +/** + * list_append_list - empty one list onto the end of another. + * @to: the list to append into + * @from: the list to empty. + * + * This takes the entire contents of @from and moves it to the end of + * @to. After this @from will be empty. + * + * Example: + * struct list_head adopter; + * + * list_append_list(&adopter, &parent->children); + * assert(list_empty(&parent->children)); + * parent->num_children = 0; + */ +#define list_append_list(t, f) list_append_list_(t, f, \ + __FILE__ ":" stringify(__LINE__)) +static inline void list_append_list_(struct list_head *to, + struct list_head *from, + const char *abortstr) +{ + struct list_node *from_tail = list_debug(from, abortstr)->n.prev; + struct list_node *to_tail = list_debug(to, abortstr)->n.prev; + + /* Sew in head and entire list. */ + to->n.prev = from_tail; + from_tail->next = &to->n; + to_tail->next = &from->n; + from->n.prev = to_tail; + + /* Now remove head. */ + list_del(&from->n); + list_head_init(from); +} + +/** + * list_prepend_list - empty one list into the start of another. + * @to: the list to prepend into + * @from: the list to empty. + * + * This takes the entire contents of @from and moves it to the start + * of @to. After this @from will be empty. + * + * Example: + * list_prepend_list(&adopter, &parent->children); + * assert(list_empty(&parent->children)); + * parent->num_children = 0; + */ +#define list_prepend_list(t, f) list_prepend_list_(t, f, LIST_LOC) +static inline void list_prepend_list_(struct list_head *to, + struct list_head *from, + const char *abortstr) +{ + struct list_node *from_tail = list_debug(from, abortstr)->n.prev; + struct list_node *to_head = list_debug(to, abortstr)->n.next; + + /* Sew in head and entire list. */ + to->n.next = &from->n; + from->n.prev = &to->n; + to_head->prev = from_tail; + from_tail->next = to_head; + + /* Now remove head. */ + list_del(&from->n); + list_head_init(from); +} + +/* internal macros, do not use directly */ +#define list_for_each_off_dir_(h, i, off, dir) \ + for (i = list_node_to_off_(list_debug(h, LIST_LOC)->n.dir, \ + (off)); \ + list_node_from_off_((void *)i, (off)) != &(h)->n; \ + i = list_node_to_off_(list_node_from_off_((void *)i, (off))->dir, \ + (off))) + +#define list_for_each_safe_off_dir_(h, i, nxt, off, dir) \ + for (i = list_node_to_off_(list_debug(h, LIST_LOC)->n.dir, \ + (off)), \ + nxt = list_node_to_off_(list_node_from_off_(i, (off))->dir, \ + (off)); \ + list_node_from_off_(i, (off)) != &(h)->n; \ + i = nxt, \ + nxt = list_node_to_off_(list_node_from_off_(i, (off))->dir, \ + (off))) + +/** + * list_for_each_off - iterate through a list of memory regions. + * @h: the list_head + * @i: the pointer to a memory region which contains list node data. + * @off: offset(relative to @i) at which list node data resides. + * + * This is a low-level wrapper to iterate @i over the entire list, used to + * implement all oher, more high-level, for-each constructs. It's a for loop, + * so you can break and continue as normal. + * + * WARNING! Being the low-level macro that it is, this wrapper doesn't know + * nor care about the type of @i. The only assumption made is that @i points + * to a chunk of memory that at some @offset, relative to @i, contains a + * properly filled `struct list_node' which in turn contains pointers to + * memory chunks and it's turtles all the way down. With all that in mind + * remember that given the wrong pointer/offset couple this macro will + * happily churn all you memory until SEGFAULT stops it, in other words + * caveat emptor. + * + * It is worth mentioning that one of legitimate use-cases for that wrapper + * is operation on opaque types with known offset for `struct list_node' + * member(preferably 0), because it allows you not to disclose the type of + * @i. + * + * Example: + * list_for_each_off(&parent->children, child, + * offsetof(struct child, list)) + * printf("Name: %s\n", child->name); + */ +#define list_for_each_off(h, i, off) \ + list_for_each_off_dir_((h),(i),(off),next) + +/** + * list_for_each_rev_off - iterate through a list of memory regions backwards + * @h: the list_head + * @i: the pointer to a memory region which contains list node data. + * @off: offset(relative to @i) at which list node data resides. + * + * See list_for_each_off for details + */ +#define list_for_each_rev_off(h, i, off) \ + list_for_each_off_dir_((h),(i),(off),prev) + +/** + * list_for_each_safe_off - iterate through a list of memory regions, maybe + * during deletion + * @h: the list_head + * @i: the pointer to a memory region which contains list node data. + * @nxt: the structure containing the list_node + * @off: offset(relative to @i) at which list node data resides. + * + * For details see `list_for_each_off' and `list_for_each_safe' + * descriptions. + * + * Example: + * list_for_each_safe_off(&parent->children, child, + * next, offsetof(struct child, list)) + * printf("Name: %s\n", child->name); + */ +#define list_for_each_safe_off(h, i, nxt, off) \ + list_for_each_safe_off_dir_((h),(i),(nxt),(off),next) + +/** + * list_for_each_rev_safe_off - iterate backwards through a list of + * memory regions, maybe during deletion + * @h: the list_head + * @i: the pointer to a memory region which contains list node data. + * @nxt: the structure containing the list_node + * @off: offset(relative to @i) at which list node data resides. + * + * For details see `list_for_each_rev_off' and `list_for_each_rev_safe' + * descriptions. + * + * Example: + * list_for_each_rev_safe_off(&parent->children, child, + * next, offsetof(struct child, list)) + * printf("Name: %s\n", child->name); + */ +#define list_for_each_rev_safe_off(h, i, nxt, off) \ + list_for_each_safe_off_dir_((h),(i),(nxt),(off),prev) + +/* Other -off variants. */ +#define list_entry_off(n, type, off) \ + ((type *)list_node_from_off_((n), (off))) + +#define list_head_off(h, type, off) \ + ((type *)list_head_off((h), (off))) + +#define list_tail_off(h, type, off) \ + ((type *)list_tail_((h), (off))) + +#define list_add_off(h, n, off) \ + list_add((h), list_node_from_off_((n), (off))) + +#define list_del_off(n, off) \ + list_del(list_node_from_off_((n), (off))) + +#define list_del_from_off(h, n, off) \ + list_del_from(h, list_node_from_off_((n), (off))) + +/* Offset helper functions so we only single-evaluate. */ +static inline void *list_node_to_off_(struct list_node *node, size_t off) +{ + return (void *)((char *)node - off); +} +static inline struct list_node *list_node_from_off_(void *ptr, size_t off) +{ + return (struct list_node *)((char *)ptr + off); +} + +/* Get the offset of the member, but make sure it's a list_node. */ +#define list_off_(type, member) \ + (container_off(type, member) + \ + check_type(((type *)0)->member, struct list_node)) + +#define list_off_var_(var, member) \ + (container_off_var(var, member) + \ + check_type(var->member, struct list_node)) + +#if HAVE_TYPEOF +#define list_typeof(var) typeof(var) +#else +#define list_typeof(var) void * +#endif + +/* Returns member, or NULL if at end of list. */ +static inline void *list_entry_or_null(const struct list_head *h, + const struct list_node *n, + size_t off) +{ + if (n == &h->n) + return NULL; + return (char *)n - off; +} +#endif /* CCAN_LIST_H */ diff --git a/bolt11/mem.c b/bolt11/mem.c @@ -0,0 +1,128 @@ +/* CC0 (Public domain) - see LICENSE file for details */ + +#include "config.h" + +#include <assert.h> +#include <string.h> +#include "mem.h" + +#if !HAVE_MEMMEM +void *memmem(const void *haystack, size_t haystacklen, + const void *needle, size_t needlelen) +{ + const char *p; + + if (needlelen > haystacklen) + return NULL; + + p = haystack; + + for (p = haystack; + (p + needlelen) <= ((const char *)haystack + haystacklen); + p++) + if (memcmp(p, needle, needlelen) == 0) + return (void *)p; + + return NULL; +} +#endif + +#if !HAVE_MEMRCHR +void *memrchr(const void *s, int c, size_t n) +{ + unsigned char *p = (unsigned char *)s; + + while (n) { + if (p[n-1] == c) + return p + n - 1; + n--; + } + + return NULL; +} +#endif + +void *mempbrkm(const void *data_, size_t len, const void *accept_, size_t accept_len) +{ + const char *data = data_, *accept = accept_; + size_t i, j; + + for (i = 0; i < len; i++) + for (j = 0; j < accept_len; j++) + if (accept[j] == data[i]) + return (void *)&data[i]; + return NULL; +} + +void *memcchr(void const *data, int c, size_t data_len) +{ + char const *p = data; + size_t i; + + for (i = 0; i < data_len; i++) + if (p[i] != c) + return (void *)&p[i]; + + return NULL; +} + +#define MEMSWAP_TMP_SIZE 256 + +void memswap(void *a, void *b, size_t n) +{ + char *ap = a; + char *bp = b; + char tmp[MEMSWAP_TMP_SIZE]; + + assert(!memoverlaps(a, n, b, n)); + + while (n) { + size_t m = n > MEMSWAP_TMP_SIZE ? MEMSWAP_TMP_SIZE : n; + + memcpy(tmp, bp, m); + memcpy(bp, ap, m); + memcpy(ap, tmp, m); + + ap += m; + bp += m; + n -= m; + } +} + +bool memeqzero(const void *data, size_t length) +{ + const unsigned char *p = data; + size_t len; + + /* Check first 16 bytes manually */ + for (len = 0; len < 16; len++) { + if (!length) + return true; + if (*p) + return false; + p++; + length--; + } + + /* Now we know that's zero, memcmp with self. */ + return memcmp(data, p, length) == 0; +} + +void memtaint(void *data, size_t len) +{ + /* Using 16 bytes is a bit quicker than 4 */ + const unsigned tainter[] + = { 0xdeadbeef, 0xdeadbeef, 0xdeadbeef, 0xdeadbeef }; + char *p = data; + + while (len >= sizeof(tainter)) { + memcpy(p, tainter, sizeof(tainter)); + p += sizeof(tainter); + len -= sizeof(tainter); + } + memcpy(p, tainter, len); + +#if HAVE_VALGRIND_MEMCHECK_H + VALGRIND_MAKE_MEM_UNDEFINED(data, len); +#endif +} diff --git a/bolt11/mem.h b/bolt11/mem.h @@ -0,0 +1,295 @@ +/* CC0 (Public domain) - see LICENSE file for details */ +#ifndef CCAN_MEM_H +#define CCAN_MEM_H + +#include "../config.h" +#include "../compiler.h" + +#include <string.h> +#include <stdbool.h> + +#if !HAVE_MEMMEM +PURE_FUNCTION +void *memmem(const void *haystack, size_t haystacklen, + const void *needle, size_t needlelen); +#endif + +#if !HAVE_MEMRCHR +PURE_FUNCTION +void *memrchr(const void *s, int c, size_t n); +#endif + +/** + * mempbrkm - locates the first occurrence in @data of any bytes in @accept + * @data: where we search + * @len: length of data in bytes + * @accept: array of bytes we search for + * @accept_len: # of bytes in accept + * + * Returns a pointer to the byte in @data that matches one of the bytes in + * @accept, or NULL if no such byte is found. + * + * Example: + * char otherbytes[] = "Hello \0world"; + * size_t otherbytes_len = sizeof(otherbytes) - 1; + * char *r = mempbrkm(otherbytes, otherbytes_len, "\0b", 2); + * if (r) { + * printf("Found %c\n", *r); + * } else { + * printf("Nada\n"); + * } + * + */ +PURE_FUNCTION +void *mempbrkm(const void *data, size_t len, const void *accept, size_t accept_len); + +/** + * mempbrk - locates the first occurrence in @data of any bytes in @accept + * @data: where we search + * @len: length of data in bytes + * @accept: NUL terminated string containing the bytes we search for + * + * Returns a pointer to the byte in @data that matches one of the bytes in + * @accept, or NULL if no such byte is found. + * + * Example: + * + * r = mempbrk(otherbytes, otherbytes_len, "abcde"); + * if (r) { + * printf("Found %c\n", *r); + * } else { + * printf("Nada\n"); + * } + */ +PURE_FUNCTION +static inline char *mempbrk(const void *data, size_t len, const char *accept) +{ + return mempbrkm(data, len, accept, strlen(accept)); +} + +/** + * memcchr - scan memory until a character does _not_ match + * @data: pointer to memory to scan + * @data_len: length of data + * @c: character to scan for + * + * The complement of memchr(). + * + * Returns a pointer to the first character which is _not_ @c. If all memory in + * @data is @c, returns NULL. + * + * Example: + * char somebytes[] = "HI By\0e"; + * size_t bytes_len = sizeof(somebytes) - 1; + * r = memcchr(somebytes, ' ', bytes_len); + * if (r) { + * printf("Found %c after trimming spaces\n", *r); + * } + */ +PURE_FUNCTION +void *memcchr(void const *data, int c, size_t data_len); + +/** + * memeq - Are two byte arrays equal? + * @a: first array + * @al: bytes in first array + * @b: second array + * @bl: bytes in second array + * + * Example: + * if (memeq(somebytes, bytes_len, otherbytes, otherbytes_len)) { + * printf("memory blocks are the same!\n"); + * } + */ +PURE_FUNCTION +static inline bool memeq(const void *a, size_t al, const void *b, size_t bl) +{ + return al == bl && !memcmp(a, b, bl); +} + +/** + * memstarts - determine if @data starts with @prefix + * @data: does this begin with @prefix? + * @data_len: bytes in @data + * @prefix: does @data begin with these bytes? + * @prefix_len: bytes in @prefix + * + * Returns true if @data starts with @prefix, otherwise return false. + * + * Example: + * if (memstarts(somebytes, bytes_len, otherbytes, otherbytes_len)) { + * printf("somebytes starts with otherbytes!\n"); + * } + */ +PURE_FUNCTION +static inline bool memstarts(void const *data, size_t data_len, + void const *prefix, size_t prefix_len) +{ + if (prefix_len > data_len) + return false; + return memeq(data, prefix_len, prefix, prefix_len); +} + +/** + * memeqstr - Is a byte array equal to a NUL terminated string? + * @data: byte array + * @length: length of @data in bytes + * @string: NUL terminated string + * + * The '\0' byte is ignored when checking if @bytes == @string. + * + * Example: + * if (memeqstr(somebytes, bytes_len, "foo")) { + * printf("somebytes == 'foo'!\n"); + * } + */ +PURE_FUNCTION +static inline bool memeqstr(const void *data, size_t length, const char *string) +{ + return memeq(data, length, string, strlen(string)); +} + +/** + * memeqzero - Is a byte array all zeroes? + * @data: byte array + * @length: length of @data in bytes + * + * Example: + * if (memeqzero(somebytes, bytes_len)) { + * printf("somebytes == 0!\n"); + * } + */ +PURE_FUNCTION +bool memeqzero(const void *data, size_t length); + +/** + * memstarts_str - Does this byte array start with a string prefix? + * @a: byte array + * @al: length in bytes + * @s: string prefix + * + * Example: + * if (memstarts_str(somebytes, bytes_len, "It")) { + * printf("somebytes starts with 'It'\n"); + * } + */ +PURE_FUNCTION +static inline bool memstarts_str(const void *a, size_t al, const char *s) +{ + return memstarts(a, al, s, strlen(s)); +} + +/** + * memends - Does this byte array end with a given byte-array suffix? + * @s: byte array + * @s_len: length in bytes + * @suffix: byte array suffix + * @suffix_len: length of suffix in bytes + * + * Returns true if @suffix appears as a substring at the end of @s, + * false otherwise. + */ +PURE_FUNCTION +static inline bool memends(const void *s, size_t s_len, const void *suffix, size_t suffix_len) +{ + return (s_len >= suffix_len) && (memcmp((const char *)s + s_len - suffix_len, + suffix, suffix_len) == 0); +} + +/** + * memends_str - Does this byte array end with a string suffix? + * @a: byte array + * @al: length in bytes + * @s: string suffix + * + * Example: + * if (memends_str(somebytes, bytes_len, "It")) { + * printf("somebytes ends with with 'It'\n"); + * } + */ +PURE_FUNCTION +static inline bool memends_str(const void *a, size_t al, const char *s) +{ + return memends(a, al, s, strlen(s)); +} + +/** + * memoverlaps - Do two memory ranges overlap? + * @a: pointer to first memory range + * @al: length of first memory range + * @b: pointer to second memory range + * @al: length of second memory range + */ +CONST_FUNCTION +static inline bool memoverlaps(const void *a_, size_t al, + const void *b_, size_t bl) +{ + const char *a = a_; + const char *b = b_; + + return (a < (b + bl)) && (b < (a + al)); +} + +/* + * memswap - Exchange two memory regions + * @a: first region + * @b: second region + * @n: length of the regions + * + * Undefined results if the two memory regions overlap. + */ +void memswap(void *a, void *b, size_t n); + +#if HAVE_VALGRIND_MEMCHECK_H +#include <valgrind/memcheck.h> +static inline void *memcheck_(const void *data, size_t len) +{ + VALGRIND_CHECK_MEM_IS_DEFINED(data, len); + return (void *)data; +} +#else +static inline void *memcheck_(const void *data, size_t len) +{ + (void)len; + return (void *)data; +} +#endif + +#if HAVE_TYPEOF +/** + * memcheck - check that a memory region is initialized + * @data: start of region + * @len: length in bytes + * + * When running under valgrind, this causes an error to be printed + * if the entire region is not defined. Otherwise valgrind only + * reports an error when an undefined value is used for a branch, or + * written out. + * + * Example: + * // Search for space, but make sure it's all initialized. + * if (memchr(memcheck(somebytes, bytes_len), ' ', bytes_len)) { + * printf("space was found!\n"); + * } + */ +#define memcheck(data, len) ((__typeof__((data)+0))memcheck_((data), (len))) +#else +#define memcheck(data, len) memcheck_((data), (len)) +#endif + +/** + * memtaint - mark a memory region unused + * @data: start of region + * @len: length in bytes + * + * This writes an "0xdeadbeef" eyecatcher repeatedly to the memory. + * When running under valgrind, it also tells valgrind that the memory is + * uninitialized, triggering valgrind errors if it is used for branches + * or written out (or passed to memcheck!) in future. + * + * Example: + * // We'll reuse this buffer later, but be sure we don't access it. + * memtaint(somebytes, bytes_len); + */ +void memtaint(void *data, size_t len); +#endif /* CCAN_MEM_H */ diff --git a/bolt11/node_id.c b/bolt11/node_id.c @@ -0,0 +1,64 @@ +#include "config.h" +#include <assert.h> +#include "array_size.h" +#include "mem.h" +#include "hex.h" +#include "talstr.h" +#include "node_id.h" + +/* Convert from pubkey to compressed pubkey. */ +/* +void node_id_from_pubkey(struct node_id *id, const struct pubkey *key) +{ + size_t outlen = ARRAY_SIZE(id->k); + if (!secp256k1_ec_pubkey_serialize(secp256k1_ctx, id->k, &outlen, + &key->pubkey, + SECP256K1_EC_COMPRESSED)) + abort(); +} + +WARN_UNUSED_RESULT +bool pubkey_from_node_id(struct pubkey *key, const struct node_id *id) +{ + return secp256k1_ec_pubkey_parse(secp256k1_ctx, &key->pubkey, + memcheck(id->k, sizeof(id->k)), + sizeof(id->k)); +} + +WARN_UNUSED_RESULT +bool point32_from_node_id(struct point32 *key, const struct node_id *id) +{ + struct pubkey k; + if (!pubkey_from_node_id(&k, id)) + return false; + return secp256k1_xonly_pubkey_from_pubkey(secp256k1_ctx, &key->pubkey, + NULL, &k.pubkey) == 1; +} +*/ + +char *tal_hexstr(const tal_t *ctx, const void *data, size_t len) +{ + char *str = tal_arr(ctx, char, hex_str_size(len)); + hex_encode(data, len, str, hex_str_size(len)); + return str; +} + + +/* Convert to hex string of SEC1 encoding */ +char *node_id_to_hexstr(const tal_t *ctx, const struct node_id *id) +{ + return tal_hexstr(ctx, id->k, sizeof(id->k)); +} + +/* Convert from hex string of SEC1 encoding */ + +bool node_id_from_hexstr(const char *str, size_t slen, struct node_id *id) +{ + return hex_decode(str, slen, id->k, sizeof(id->k)); + /* && node_id_valid(id);*/ +} + +int node_id_cmp(const struct node_id *a, const struct node_id *b) +{ + return memcmp(a->k, b->k, sizeof(a->k)); +} diff --git a/bolt11/node_id.h b/bolt11/node_id.h @@ -0,0 +1,38 @@ +/* Encapsulation for pubkeys used as node ids: more compact, more dangerous. */ +#ifndef LIGHTNING_COMMON_NODE_ID_H +#define LIGHTNING_COMMON_NODE_ID_H +#include "../config.h" +#include "short_types.h" +#include "tal.h" + +struct node_id { + u8 k[33]; +}; + +static inline bool node_id_eq(const struct node_id *a, + const struct node_id *b) +{ + return memcmp(a->k, b->k, sizeof(a->k)) == 0; +} + +/* Is this actually a valid pubkey? Relatively expensive. */ +//bool node_id_valid(const struct node_id *id); + +/* Convert to hex string of SEC1 encoding. */ +char *node_id_to_hexstr(const tal_t *ctx, const struct node_id *id); + +/* Convert from hex string of SEC1 encoding: checks validity! */ +bool node_id_from_hexstr(const char *str, size_t slen, struct node_id *id); + +/* Compare the keys `a` and `b`. Return <0 if `a`<`b`, 0 if equal and >0 otherwise */ +int node_id_cmp(const struct node_id *a, const struct node_id *b); + +/* If the two nodes[] are id1 and id2, which index would id1 be? */ +static inline int node_id_idx(const struct node_id *id1, + const struct node_id *id2) +{ + return node_id_cmp(id1, id2) > 0; +} + +/* marshal/unmarshal functions */ +#endif /* LIGHTNING_COMMON_NODE_ID_H */ diff --git a/bolt11/overflows.h b/bolt11/overflows.h @@ -0,0 +1,43 @@ +#ifndef LIGHTNING_COMMON_OVERFLOWS_H +#define LIGHTNING_COMMON_OVERFLOWS_H +#include "../config.h" +#include "short_types.h" + +static inline bool add_overflows_size_t(uint64_t a, uint64_t b) +{ + return (size_t)a != a || (size_t)b != b || (a + b) < (size_t)a; +} + +static inline bool add_overflows_u64(uint64_t a, uint64_t b) +{ + return (a + b) < a; +} + +static inline bool mul_overflows_u64(uint64_t a, uint64_t b) +{ + uint64_t ret; + + if (a == 0) + return false; + ret = a * b; + return (ret / a != b); +} + +static inline bool assign_overflow_u8(u8 *dst, uint64_t v) +{ + *dst = v; + return *dst == v; +} + +static inline bool assign_overflow_u16(u16 *dst, uint64_t v) +{ + *dst = v; + return *dst == v; +} + +static inline bool assign_overflow_u32(u32 *dst, uint64_t v) +{ + *dst = (u32)v; + return *dst == v; +} +#endif /* LIGHTNING_COMMON_OVERFLOWS_H */ diff --git a/bolt11/short_types.h b/bolt11/short_types.h @@ -0,0 +1,35 @@ +/* CC0 (Public domain) - see LICENSE file for details */ +#ifndef CCAN_SHORT_TYPES_H +#define CCAN_SHORT_TYPES_H +#include <stdint.h> + +/** + * u64/s64/u32/s32/u16/s16/u8/s8 - short names for explicitly-sized types. + */ +typedef uint64_t u64; +typedef int64_t s64; +typedef uint32_t u32; +typedef int32_t s32; +typedef uint16_t u16; +typedef int16_t s16; +typedef uint8_t u8; +typedef int8_t s8; + +/* Whichever they include first, they get these definitions. */ +#ifdef CCAN_ENDIAN_H +/** + * be64/be32/be16 - 64/32/16 bit big-endian representation. + */ +typedef beint64_t be64; +typedef beint32_t be32; +typedef beint16_t be16; + +/** + * le64/le32/le16 - 64/32/16 bit little-endian representation. + */ +typedef leint64_t le64; +typedef leint32_t le32; +typedef leint16_t le16; +#endif + +#endif /* CCAN_SHORT_TYPES_H */ diff --git a/bolt11/str.h b/bolt11/str.h @@ -0,0 +1,228 @@ +/* CC0 (Public domain) - see LICENSE file for details */ +#ifndef CCAN_STR_H +#define CCAN_STR_H +#include "../config.h" +#include <string.h> +#include <stdbool.h> +#include <limits.h> +#include <ctype.h> + +/** + * streq - Are two strings equal? + * @a: first string + * @b: first string + * + * This macro is arguably more readable than "!strcmp(a, b)". + * + * Example: + * if (streq(somestring, "")) + * printf("String is empty!\n"); + */ +#define streq(a,b) (strcmp((a),(b)) == 0) + +/** + * strstarts - Does this string start with this prefix? + * @str: string to test + * @prefix: prefix to look for at start of str + * + * Example: + * if (strstarts(somestring, "foo")) + * printf("String %s begins with 'foo'!\n", somestring); + */ +#define strstarts(str,prefix) (strncmp((str),(prefix),strlen(prefix)) == 0) + +/** + * strends - Does this string end with this postfix? + * @str: string to test + * @postfix: postfix to look for at end of str + * + * Example: + * if (strends(somestring, "foo")) + * printf("String %s end with 'foo'!\n", somestring); + */ +static inline bool strends(const char *str, const char *postfix) +{ + if (strlen(str) < strlen(postfix)) + return false; + + return streq(str + strlen(str) - strlen(postfix), postfix); +} + +/** + * stringify - Turn expression into a string literal + * @expr: any C expression + * + * Example: + * #define PRINT_COND_IF_FALSE(cond) \ + * ((cond) || printf("%s is false!", stringify(cond))) + */ +#define stringify(expr) stringify_1(expr) +/* Double-indirection required to stringify expansions */ +#define stringify_1(expr) #expr + +/** + * strcount - Count number of (non-overlapping) occurrences of a substring. + * @haystack: a C string + * @needle: a substring + * + * Example: + * assert(strcount("aaa aaa", "a") == 6); + * assert(strcount("aaa aaa", "ab") == 0); + * assert(strcount("aaa aaa", "aa") == 2); + */ +size_t strcount(const char *haystack, const char *needle); + +/** + * STR_MAX_CHARS - Maximum possible size of numeric string for this type. + * @type_or_expr: a pointer or integer type or expression. + * + * This provides enough space for a nul-terminated string which represents the + * largest possible value for the type or expression. + * + * Note: The implementation adds extra space so hex values or negative + * values will fit (eg. sprintf(... "%p"). ) + * + * Example: + * char str[STR_MAX_CHARS(int)]; + * + * sprintf(str, "%i", 7); + */ +#define STR_MAX_CHARS(type_or_expr) \ + ((sizeof(type_or_expr) * CHAR_BIT + 8) / 9 * 3 + 2 \ + + STR_MAX_CHARS_TCHECK_(type_or_expr)) + +#if HAVE_TYPEOF +/* Only a simple type can have 0 assigned, so test that. */ +#define STR_MAX_CHARS_TCHECK_(type_or_expr) \ + (sizeof(({ typeof(type_or_expr) x = 0; x; }))*0) +#else +#define STR_MAX_CHARS_TCHECK_(type_or_expr) 0 +#endif + +/** + * cisalnum - isalnum() which takes a char (and doesn't accept EOF) + * @c: a character + * + * Surprisingly, the standard ctype.h isalnum() takes an int, which + * must have the value of EOF (-1) or an unsigned char. This variant + * takes a real char, and doesn't accept EOF. + */ +static inline bool cisalnum(char c) +{ + return isalnum((unsigned char)c); +} +static inline bool cisalpha(char c) +{ + return isalpha((unsigned char)c); +} +static inline bool cisascii(char c) +{ + return isascii((unsigned char)c); +} +#if HAVE_ISBLANK +static inline bool cisblank(char c) +{ + return isblank((unsigned char)c); +} +#endif +static inline bool ciscntrl(char c) +{ + return iscntrl((unsigned char)c); +} +static inline bool cisdigit(char c) +{ + return isdigit((unsigned char)c); +} +static inline bool cisgraph(char c) +{ + return isgraph((unsigned char)c); +} +static inline bool cislower(char c) +{ + return islower((unsigned char)c); +} +static inline bool cisprint(char c) +{ + return isprint((unsigned char)c); +} +static inline bool cispunct(char c) +{ + return ispunct((unsigned char)c); +} +static inline bool cisspace(char c) +{ + return isspace((unsigned char)c); +} +static inline bool cisupper(char c) +{ + return isupper((unsigned char)c); +} +static inline bool cisxdigit(char c) +{ + return isxdigit((unsigned char)c); +} + +#include "str_debug.h" + +/* These checks force things out of line, hence they are under DEBUG. */ +#ifdef CCAN_STR_DEBUG +#include <ccan/build_assert/build_assert.h> + +/* These are commonly misused: they take -1 or an *unsigned* char value. */ +#undef isalnum +#undef isalpha +#undef isascii +#undef isblank +#undef iscntrl +#undef isdigit +#undef isgraph +#undef islower +#undef isprint +#undef ispunct +#undef isspace +#undef isupper +#undef isxdigit + +/* You can use a char if char is unsigned. */ +#if HAVE_BUILTIN_TYPES_COMPATIBLE_P && HAVE_TYPEOF +#define str_check_arg_(i) \ + ((i) + BUILD_ASSERT_OR_ZERO(!__builtin_types_compatible_p(typeof(i), \ + char) \ + || (char)255 > 0)) +#else +#define str_check_arg_(i) (i) +#endif + +#define isalnum(i) str_isalnum(str_check_arg_(i)) +#define isalpha(i) str_isalpha(str_check_arg_(i)) +#define isascii(i) str_isascii(str_check_arg_(i)) +#if HAVE_ISBLANK +#define isblank(i) str_isblank(str_check_arg_(i)) +#endif +#define iscntrl(i) str_iscntrl(str_check_arg_(i)) +#define isdigit(i) str_isdigit(str_check_arg_(i)) +#define isgraph(i) str_isgraph(str_check_arg_(i)) +#define islower(i) str_islower(str_check_arg_(i)) +#define isprint(i) str_isprint(str_check_arg_(i)) +#define ispunct(i) str_ispunct(str_check_arg_(i)) +#define isspace(i) str_isspace(str_check_arg_(i)) +#define isupper(i) str_isupper(str_check_arg_(i)) +#define isxdigit(i) str_isxdigit(str_check_arg_(i)) + +#if HAVE_TYPEOF +/* With GNU magic, we can make const-respecting standard string functions. */ +#undef strstr +#undef strchr +#undef strrchr + +/* + 0 is needed to decay array into pointer. */ +#define strstr(haystack, needle) \ + ((typeof((haystack) + 0))str_strstr((haystack), (needle))) +#define strchr(haystack, c) \ + ((typeof((haystack) + 0))str_strchr((haystack), (c))) +#define strrchr(haystack, c) \ + ((typeof((haystack) + 0))str_strrchr((haystack), (c))) +#endif +#endif /* CCAN_STR_DEBUG */ + +#endif /* CCAN_STR_H */ diff --git a/bolt11/str_debug.h b/bolt11/str_debug.h @@ -0,0 +1,30 @@ +/* CC0 (Public domain) - see LICENSE file for details */ +#ifndef CCAN_STR_DEBUG_H +#define CCAN_STR_DEBUG_H + +/* #define CCAN_STR_DEBUG 1 */ + +#ifdef CCAN_STR_DEBUG +/* Because we mug the real ones with macros, we need our own wrappers. */ +int str_isalnum(int i); +int str_isalpha(int i); +int str_isascii(int i); +#if HAVE_ISBLANK +int str_isblank(int i); +#endif +int str_iscntrl(int i); +int str_isdigit(int i); +int str_isgraph(int i); +int str_islower(int i); +int str_isprint(int i); +int str_ispunct(int i); +int str_isspace(int i); +int str_isupper(int i); +int str_isxdigit(int i); + +char *str_strstr(const char *haystack, const char *needle); +char *str_strchr(const char *s, int c); +char *str_strrchr(const char *s, int c); +#endif /* CCAN_STR_DEBUG */ + +#endif /* CCAN_STR_DEBUG_H */ diff --git a/bolt11/structeq.h b/bolt11/structeq.h @@ -0,0 +1,46 @@ +/* MIT (BSD) license - see LICENSE file for details */ +#ifndef CCAN_STRUCTEQ_H +#define CCAN_STRUCTEQ_H +#include "build_assert.h" +#include "cppmagic.h" +#include <string.h> +#include <stdbool.h> + +/** + * STRUCTEQ_DEF - define an ..._eq function to compare two structures. + * @sname: name of the structure, and function (<sname>_eq) to define. + * @padbytes: number of bytes of expected padding, or negative "max". + * @...: name of every member of the structure. + * + * This generates a single memcmp() call in the common case where the + * structure contains no padding. Since it can't tell the difference between + * padding and a missing member, @padbytes can be used to assert that + * there isn't any, or how many we expect. A negative number means + * "up to or equal to that amount of padding", as padding can be + * platform dependent. + */ +#define STRUCTEQ_DEF(sname, padbytes, ...) \ +static inline bool CPPMAGIC_GLUE2(sname, _eq)(const struct sname *_a, \ + const struct sname *_b) \ +{ \ + BUILD_ASSERT(((padbytes) < 0 && \ + CPPMAGIC_JOIN(+, CPPMAGIC_MAP(STRUCTEQ_MEMBER_SIZE_, \ + __VA_ARGS__)) \ + - (padbytes) >= sizeof(*_a)) \ + || CPPMAGIC_JOIN(+, CPPMAGIC_MAP(STRUCTEQ_MEMBER_SIZE_, \ + __VA_ARGS__)) \ + + (padbytes) == sizeof(*_a)); \ + if (CPPMAGIC_JOIN(+, CPPMAGIC_MAP(STRUCTEQ_MEMBER_SIZE_, __VA_ARGS__)) \ + == sizeof(*_a)) \ + return memcmp(_a, _b, sizeof(*_a)) == 0; \ + else \ + return CPPMAGIC_JOIN(&&, \ + CPPMAGIC_MAP(STRUCTEQ_MEMBER_CMP_, \ + __VA_ARGS__)); \ +} + +/* Helpers */ +#define STRUCTEQ_MEMBER_SIZE_(m) sizeof((_a)->m) +#define STRUCTEQ_MEMBER_CMP_(m) memcmp(&_a->m, &_b->m, sizeof(_a->m)) == 0 + +#endif /* CCAN_STRUCTEQ_H */ diff --git a/bolt11/take.c b/bolt11/take.c @@ -0,0 +1,126 @@ +/* CC0 (Public domain) - see LICENSE file for details */ +#include "take.h" +#include "likely.h" +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +static const void **takenarr; +static const char **labelarr; +static size_t max_taken, num_taken; +static size_t allocfail; +static void (*allocfailfn)(const void *p); + +void *take_(const void *p, const char *label) +{ + /* Overallocate: it's better than risking calloc returning NULL! */ + if (unlikely(label && !labelarr)) + labelarr = calloc(max_taken+1, sizeof(*labelarr)); + + if (unlikely(num_taken == max_taken)) { + const void **new; + + new = realloc(takenarr, sizeof(*takenarr) * (max_taken+1)); + if (unlikely(!new)) { + if (allocfailfn) { + allocfail++; + allocfailfn(p); + return NULL; + } + /* Otherwise we leak p. */ + return (void *)p; + } + takenarr = new; + /* Once labelarr is set, we maintain it. */ + if (labelarr) { + const char **labelarr_new; + labelarr_new = realloc(labelarr, + sizeof(*labelarr) * (max_taken+1)); + if (labelarr_new) { + labelarr = labelarr_new; + } else { + /* num_taken will be out of sync with the size of + * labelarr after realloc failure. + * Just pretend that we never had labelarr allocated. */ + free(labelarr); + labelarr = NULL; + } + } + max_taken++; + } + if (unlikely(labelarr)) + labelarr[num_taken] = label; + takenarr[num_taken++] = p; + + return (void *)p; +} + +static size_t find_taken(const void *p) +{ + size_t i; + + for (i = 0; i < num_taken; i++) { + if (takenarr[i] == p) + return i+1; + } + return 0; +} + +bool taken(const void *p) +{ + size_t i; + + if (!p && unlikely(allocfail)) { + allocfail--; + return true; + } + + i = find_taken(p); + if (!i) + return false; + + memmove(&takenarr[i-1], &takenarr[i], + (--num_taken - (i - 1))*sizeof(takenarr[0])); + return true; +} + +bool is_taken(const void *p) +{ + if (!p && unlikely(allocfail)) + return true; + + return find_taken(p) > 0; +} + +const char *taken_any(void) +{ + static char pointer_buf[32]; + + if (num_taken == 0) + return NULL; + + /* We're *allowed* to have some with labels, some without. */ + if (labelarr) { + size_t i; + for (i = 0; i < num_taken; i++) + if (labelarr[i]) + return labelarr[i]; + } + + sprintf(pointer_buf, "%p", takenarr[0]); + return pointer_buf; +} + +void take_cleanup(void) +{ + max_taken = num_taken = 0; + free(takenarr); + takenarr = NULL; + free(labelarr); + labelarr = NULL; +} + +void take_allocfail(void (*fn)(const void *p)) +{ + allocfailfn = fn; +} diff --git a/bolt11/take.h b/bolt11/take.h @@ -0,0 +1,136 @@ +/* CC0 (Public domain) - see LICENSE file for details */ +#ifndef CCAN_TAKE_H +#define CCAN_TAKE_H +#include "../config.h" +#include <stdbool.h> +#include "str.h" + +#ifdef CCAN_TAKE_DEBUG +#define TAKE_LABEL(p) __FILE__ ":" stringify(__LINE__) ":" stringify(p) +#else +#define TAKE_LABEL(p) NULL +#endif + +/** + * TAKES - annotate a formal parameter as being take()-able + * + * This doesn't do anything, but useful for documentation. + * + * Example: + * void print_string(const char *str TAKES); + * + */ +#define TAKES + +/** + * take - record a pointer to be consumed by the function its handed to. + * @p: the pointer to mark, or NULL. + * + * This marks a pointer object to be freed by the called function, + * which is extremely useful for chaining functions. It works on + * NULL, for pass-through error handling. + */ +#define take(p) (take_typeof(p) take_((p), TAKE_LABEL(p))) + +/** + * taken - check (and un-take) a pointer was passed with take() + * @p: the pointer to check. + * + * A function which accepts take() arguments uses this to see if it + * should own the pointer; it will be removed from the take list, so + * this only returns true once. + * + * Example: + * // Silly routine to add 1 + * static int *add_one(const int *num TAKES) + * { + * int *ret; + * if (taken(num)) + * ret = (int *)num; + * else + * ret = malloc(sizeof(int)); + * if (ret) + * *ret = (*num) + 1; + * return ret; + * } + */ +bool taken(const void *p); + +/** + * is_taken - check if a pointer was passed with take() + * @p: the pointer to check. + * + * This is like the above, but doesn't remove it from the taken list. + * + * Example: + * // Silly routine to add 1: doesn't handle taken args! + * static int *add_one_notake(const int *num) + * { + * int *ret = malloc(sizeof(int)); + * assert(!is_taken(num)); + * if (ret) + * *ret = (*num) + 1; + * return ret; + * } + */ +bool is_taken(const void *p); + +/** + * taken_any - are there any taken pointers? + * + * Mainly useful for debugging take() leaks. With CCAN_TAKE_DEBUG, returns + * the label where the pointer was passed to take(), otherwise returns + * a static char buffer with the pointer value in it. NULL if none are taken. + * + * Example: + * static void cleanup(void) + * { + * assert(!taken_any()); + * } + */ +const char *taken_any(void); + +/** + * take_cleanup - remove all taken pointers from list. + * + * This is useful in atexit() handlers for valgrind-style leak detection. + * + * Example: + * static void cleanup2(void) + * { + * take_cleanup(); + * } + */ +void take_cleanup(void); + +/** + * take_allocfail - set function to call if we can't reallocated taken array. + * @fn: the function. + * + * If this is not set, then if the array reallocation fails, the + * pointer won't be marked taken(). If @fn returns, it is expected to + * free the pointer; we return NULL from take() and the function handles + * it like any allocation failure. + * + * Example: + * static void free_on_fail(const void *p) + * { + * free((void *)p); + * } + * + * static void init(void) + * { + * take_allocfail(free_on_fail); + * } + */ +void take_allocfail(void (*fn)(const void *p)); + +/* Private functions */ +#if HAVE_TYPEOF +#define take_typeof(ptr) (__typeof__(ptr)) +#else +#define take_typeof(ptr) +#endif + +void *take_(const void *p, const char *label); +#endif /* CCAN_TAKE_H */ diff --git a/bolt11/tal.c b/bolt11/tal.c @@ -0,0 +1,972 @@ +/* Licensed under BSD-MIT - see LICENSE file for details */ +#include "tal.h" +#include "../compiler.h" +#include "list.h" +#include "alignof.h" + +#include <assert.h> +#include <stdio.h> +#include <stddef.h> +#include <string.h> +#include <limits.h> +#include <stdint.h> +#include <errno.h> + +//#define TAL_DEBUG 1 + +#define NOTIFY_IS_DESTRUCTOR 512 +#define NOTIFY_EXTRA_ARG 1024 + +/* This makes our parent_child ptr stand out for to_tal_hdr checks */ +#define TAL_PTR_OBFUSTICATOR ((intptr_t)0x1984200820142016ULL) + +/* 32-bit type field, first byte 0 in either endianness. */ +enum prop_type { + CHILDREN = 0x00c1d500, + NAME = 0x00111100, + NOTIFIER = 0x00071f00, +}; + +struct tal_hdr { + struct list_node list; + struct prop_hdr *prop; + /* XOR with TAL_PTR_OBFUSTICATOR */ + intptr_t parent_child; + size_t bytelen; +}; + +struct prop_hdr { + enum prop_type type; + struct prop_hdr *next; +}; + +struct children { + struct prop_hdr hdr; /* CHILDREN */ + struct tal_hdr *parent; + struct list_head children; /* Head of siblings. */ +}; + +struct name { + struct prop_hdr hdr; /* NAME */ + char name[]; +}; + +struct notifier { + struct prop_hdr hdr; /* NOTIFIER */ + enum tal_notify_type types; + union notifier_cb { + void (*notifyfn)(tal_t *, enum tal_notify_type, void *); + void (*destroy)(tal_t *); /* If NOTIFY_IS_DESTRUCTOR set */ + void (*destroy2)(tal_t *, void *); /* If NOTIFY_EXTRA_ARG */ + } u; +}; + +/* Extra arg */ +struct notifier_extra_arg { + struct notifier n; + void *arg; +}; + +#define EXTRA_ARG(n) (((struct notifier_extra_arg *)(n))->arg) + +static struct { + struct tal_hdr hdr; + struct children c; +} null_parent = { { { &null_parent.hdr.list, &null_parent.hdr.list }, + &null_parent.c.hdr, TAL_PTR_OBFUSTICATOR, 0 }, + { { CHILDREN, NULL }, + &null_parent.hdr, + { { &null_parent.c.children.n, + &null_parent.c.children.n } } + } +}; + + +static void *(*allocfn)(size_t size) = malloc; +static void *(*resizefn)(void *, size_t size) = realloc; +static void (*freefn)(void *) = free; +static void (*errorfn)(const char *msg) = (void *)abort; +/* Count on non-destrutor notifiers; often stays zero. */ +static size_t notifiers = 0; + +static inline void COLD call_error(const char *msg) +{ + errorfn(msg); +} + +static bool get_destroying_bit(intptr_t parent_child) +{ + return parent_child & 1; +} + +static void set_destroying_bit(intptr_t *parent_child) +{ + *parent_child |= 1; +} + +static struct children *ignore_destroying_bit(intptr_t parent_child) +{ + return (void *)((parent_child ^ TAL_PTR_OBFUSTICATOR) & ~(intptr_t)1); +} + +/* This means valgrind can see leaks. */ +void tal_cleanup(void) +{ + struct tal_hdr *i; + + while ((i = list_top(&null_parent.c.children, struct tal_hdr, list))) { + list_del(&i->list); + memset(i, 0, sizeof(*i)); + } + + /* Cleanup any taken pointers. */ + take_cleanup(); +} + +/* We carefully start all real properties with a zero byte. */ +static bool is_literal(const struct prop_hdr *prop) +{ + return ((char *)prop)[0] != 0; +} + +#ifndef NDEBUG +static const void *bounds_start, *bounds_end; + +static void update_bounds(const void *new, size_t size) +{ + if (unlikely(!bounds_start)) { + bounds_start = new; + bounds_end = (char *)new + size; + } else if (new < bounds_start) + bounds_start = new; + else if ((char *)new + size > (char *)bounds_end) + bounds_end = (char *)new + size; +} + +static bool in_bounds(const void *p) +{ + return !p + || (p >= (void *)&null_parent && p <= (void *)(&null_parent + 1)) + || (p >= bounds_start && p <= bounds_end); +} +#else +static void update_bounds(const void *new, size_t size) +{ +} + +static bool in_bounds(const void *p) +{ + return true; +} +#endif + +static void check_bounds(const void *p) +{ + if (!in_bounds(p)) + call_error("Not a valid header"); +} + +static struct tal_hdr *to_tal_hdr(const void *ctx) +{ + struct tal_hdr *t; + + t = (struct tal_hdr *)((char *)ctx - sizeof(struct tal_hdr)); + check_bounds(t); + check_bounds(ignore_destroying_bit(t->parent_child)); + check_bounds(t->list.next); + check_bounds(t->list.prev); + if (t->prop && !is_literal(t->prop)) + check_bounds(t->prop); + return t; +} + +static struct tal_hdr *to_tal_hdr_or_null(const void *ctx) +{ + if (!ctx) + return &null_parent.hdr; + return to_tal_hdr(ctx); +} + +static void *from_tal_hdr(const struct tal_hdr *hdr) +{ + return (void *)(hdr + 1); +} + +static void *from_tal_hdr_or_null(const struct tal_hdr *hdr) +{ + if (hdr == &null_parent.hdr) + return NULL; + return from_tal_hdr(hdr); +} + +#ifdef TAL_DEBUG +static struct tal_hdr *debug_tal(struct tal_hdr *tal) +{ + tal_check(from_tal_hdr_or_null(tal), "TAL_DEBUG "); + return tal; +} +#else +static struct tal_hdr *debug_tal(struct tal_hdr *tal) +{ + return tal; +} +#endif + +static void notify(const struct tal_hdr *ctx, + enum tal_notify_type type, const void *info, + int saved_errno) +{ + const struct prop_hdr *p; + + for (p = ctx->prop; p; p = p->next) { + struct notifier *n; + + if (is_literal(p)) + break; + if (p->type != NOTIFIER) + continue; + n = (struct notifier *)p; + if (n->types & type) { + errno = saved_errno; + if (n->types & NOTIFY_IS_DESTRUCTOR) { + /* Blatt this notifier in case it tries to + * tal_del_destructor() from inside */ + union notifier_cb cb = n->u; + /* It's a union, so this NULLs destroy2 too! */ + n->u.destroy = NULL; + if (n->types & NOTIFY_EXTRA_ARG) + cb.destroy2(from_tal_hdr(ctx), + EXTRA_ARG(n)); + else + cb.destroy(from_tal_hdr(ctx)); + } else + n->u.notifyfn(from_tal_hdr_or_null(ctx), type, + (void *)info); + } + } +} + +static void *allocate(size_t size) +{ + void *ret = allocfn(size); + if (!ret) + call_error("allocation failed"); + else + update_bounds(ret, size); + return ret; +} + +static struct prop_hdr **find_property_ptr(const struct tal_hdr *t, + enum prop_type type) +{ + struct prop_hdr **p; + + for (p = (struct prop_hdr **)&t->prop; *p; p = &(*p)->next) { + if (is_literal(*p)) { + if (type == NAME) + return p; + break; + } + if ((*p)->type == type) + return p; + } + return NULL; +} + +static void *find_property(const struct tal_hdr *parent, enum prop_type type) +{ + struct prop_hdr **p = find_property_ptr(parent, type); + + if (p) + return *p; + return NULL; +} + +static void init_property(struct prop_hdr *hdr, + struct tal_hdr *parent, + enum prop_type type) +{ + hdr->type = type; + hdr->next = parent->prop; + parent->prop = hdr; +} + +static struct notifier *add_notifier_property(struct tal_hdr *t, + enum tal_notify_type types, + void (*fn)(void *, + enum tal_notify_type, + void *), + void *extra_arg) +{ + struct notifier *prop; + + if (types & NOTIFY_EXTRA_ARG) + prop = allocate(sizeof(struct notifier_extra_arg)); + else + prop = allocate(sizeof(struct notifier)); + + if (prop) { + init_property(&prop->hdr, t, NOTIFIER); + prop->types = types; + prop->u.notifyfn = fn; + if (types & NOTIFY_EXTRA_ARG) + EXTRA_ARG(prop) = extra_arg; + } + return prop; +} + +static enum tal_notify_type del_notifier_property(struct tal_hdr *t, + void (*fn)(tal_t *, + enum tal_notify_type, + void *), + bool match_extra_arg, + void *extra_arg) +{ + struct prop_hdr **p; + + for (p = (struct prop_hdr **)&t->prop; *p; p = &(*p)->next) { + struct notifier *n; + enum tal_notify_type types; + + if (is_literal(*p)) + break; + if ((*p)->type != NOTIFIER) + continue; + n = (struct notifier *)*p; + if (n->u.notifyfn != fn) + continue; + + types = n->types; + if ((types & NOTIFY_EXTRA_ARG) + && match_extra_arg + && extra_arg != EXTRA_ARG(n)) + continue; + + *p = (*p)->next; + freefn(n); + return types & ~(NOTIFY_IS_DESTRUCTOR|NOTIFY_EXTRA_ARG); + } + return 0; +} + +static struct name *add_name_property(struct tal_hdr *t, const char *name) +{ + struct name *prop; + + prop = allocate(sizeof(*prop) + strlen(name) + 1); + if (prop) { + init_property(&prop->hdr, t, NAME); + strcpy(prop->name, name); + } + return prop; +} + +static struct children *add_child_property(struct tal_hdr *parent, + struct tal_hdr *child UNNEEDED) +{ + struct children *prop = allocate(sizeof(*prop)); + if (prop) { + init_property(&prop->hdr, parent, CHILDREN); + prop->parent = parent; + list_head_init(&prop->children); + } + return prop; +} + +static bool add_child(struct tal_hdr *parent, struct tal_hdr *child) +{ + struct children *children = find_property(parent, CHILDREN); + + if (!children) { + children = add_child_property(parent, child); + if (!children) + return false; + } + list_add(&children->children, &child->list); + child->parent_child = (intptr_t)children ^ TAL_PTR_OBFUSTICATOR; + return true; +} + +static void del_tree(struct tal_hdr *t, const tal_t *orig, int saved_errno) +{ + struct prop_hdr **prop, *p, *next; + + assert(!taken(from_tal_hdr(t))); + + /* Already being destroyed? Don't loop. */ + if (unlikely(get_destroying_bit(t->parent_child))) + return; + + set_destroying_bit(&t->parent_child); + + /* Call free notifiers. */ + notify(t, TAL_NOTIFY_FREE, (tal_t *)orig, saved_errno); + + /* Now free children and groups. */ + prop = find_property_ptr(t, CHILDREN); + if (prop) { + struct tal_hdr *i; + struct children *c = (struct children *)*prop; + + while ((i = list_top(&c->children, struct tal_hdr, list))) { + list_del(&i->list); + del_tree(i, orig, saved_errno); + } + } + + /* Finally free our properties. */ + for (p = t->prop; p && !is_literal(p); p = next) { + next = p->next; + freefn(p); + } + freefn(t); +} + +void *tal_alloc_(const tal_t *ctx, size_t size, bool clear, const char *label) +{ + struct tal_hdr *child, *parent = debug_tal(to_tal_hdr_or_null(ctx)); + + child = allocate(sizeof(struct tal_hdr) + size); + if (!child) + return NULL; + if (clear) + memset(from_tal_hdr(child), 0, size); + child->prop = (void *)label; + child->bytelen = size; + + if (!add_child(parent, child)) { + freefn(child); + return NULL; + } + debug_tal(parent); + if (notifiers) + notify(parent, TAL_NOTIFY_ADD_CHILD, from_tal_hdr(child), 0); + return from_tal_hdr(debug_tal(child)); +} + +static bool adjust_size(size_t *size, size_t count) +{ + const size_t extra = sizeof(struct tal_hdr); + + /* Multiplication wrap */ + if (count && unlikely(*size * count / *size != count)) + goto overflow; + + *size *= count; + + /* Make sure we don't wrap adding header. */ + if (*size + extra < extra) + goto overflow; + return true; +overflow: + call_error("allocation size overflow"); + return false; +} + +void *tal_alloc_arr_(const tal_t *ctx, size_t size, size_t count, bool clear, + const char *label) +{ + if (!adjust_size(&size, count)) + return NULL; + + return tal_alloc_(ctx, size, clear, label); +} + +void *tal_free(const tal_t *ctx) +{ + if (ctx) { + struct tal_hdr *t; + int saved_errno = errno; + t = debug_tal(to_tal_hdr(ctx)); + if (unlikely(get_destroying_bit(t->parent_child))) + return NULL; + if (notifiers) + notify(ignore_destroying_bit(t->parent_child)->parent, + TAL_NOTIFY_DEL_CHILD, ctx, saved_errno); + list_del(&t->list); + del_tree(t, ctx, saved_errno); + errno = saved_errno; + } + return NULL; +} + +void *tal_steal_(const tal_t *new_parent, const tal_t *ctx) +{ + if (ctx) { + struct tal_hdr *newpar, *t, *old_parent; + + newpar = debug_tal(to_tal_hdr_or_null(new_parent)); + t = debug_tal(to_tal_hdr(ctx)); + + /* Unlink it from old parent. */ + list_del(&t->list); + old_parent = ignore_destroying_bit(t->parent_child)->parent; + + if (unlikely(!add_child(newpar, t))) { + /* We can always add to old parent, because it has a + * children property already. */ + if (!add_child(old_parent, t)) + abort(); + return NULL; + } + debug_tal(newpar); + if (notifiers) + notify(t, TAL_NOTIFY_STEAL, new_parent, 0); + } + return (void *)ctx; +} + +bool tal_add_destructor_(const tal_t *ctx, void (*destroy)(void *me)) +{ + tal_t *t = debug_tal(to_tal_hdr(ctx)); + return add_notifier_property(t, TAL_NOTIFY_FREE|NOTIFY_IS_DESTRUCTOR, + (void *)destroy, NULL); +} + +bool tal_add_destructor2_(const tal_t *ctx, void (*destroy)(void *me, void *arg), + void *arg) +{ + tal_t *t = debug_tal(to_tal_hdr(ctx)); + return add_notifier_property(t, TAL_NOTIFY_FREE|NOTIFY_IS_DESTRUCTOR + |NOTIFY_EXTRA_ARG, + (void *)destroy, arg); +} + +/* We could support notifiers with an extra arg, but we didn't add to API */ +bool tal_add_notifier_(const tal_t *ctx, enum tal_notify_type types, + void (*callback)(tal_t *, enum tal_notify_type, void *)) +{ + struct tal_hdr *t = debug_tal(to_tal_hdr_or_null(ctx)); + struct notifier *n; + + assert(types); + assert((types & ~(TAL_NOTIFY_FREE | TAL_NOTIFY_STEAL | TAL_NOTIFY_MOVE + | TAL_NOTIFY_RESIZE | TAL_NOTIFY_RENAME + | TAL_NOTIFY_ADD_CHILD | TAL_NOTIFY_DEL_CHILD + | TAL_NOTIFY_ADD_NOTIFIER + | TAL_NOTIFY_DEL_NOTIFIER)) == 0); + + /* Don't call notifier about itself: set types after! */ + n = add_notifier_property(t, 0, callback, NULL); + if (unlikely(!n)) + return false; + + if (notifiers) + notify(t, TAL_NOTIFY_ADD_NOTIFIER, callback, 0); + + n->types = types; + if (types != TAL_NOTIFY_FREE) + notifiers++; + return true; +} + +bool tal_del_notifier_(const tal_t *ctx, + void (*callback)(tal_t *, enum tal_notify_type, void *), + bool match_extra_arg, void *extra_arg) +{ + struct tal_hdr *t = debug_tal(to_tal_hdr_or_null(ctx)); + enum tal_notify_type types; + + types = del_notifier_property(t, callback, match_extra_arg, extra_arg); + if (types) { + notify(t, TAL_NOTIFY_DEL_NOTIFIER, callback, 0); + if (types != TAL_NOTIFY_FREE) + notifiers--; + return true; + } + return false; +} + +bool tal_del_destructor_(const tal_t *ctx, void (*destroy)(void *me)) +{ + return tal_del_notifier_(ctx, (void *)destroy, false, NULL); +} + +bool tal_del_destructor2_(const tal_t *ctx, void (*destroy)(void *me, void *arg), + void *arg) +{ + return tal_del_notifier_(ctx, (void *)destroy, true, arg); +} + +bool tal_set_name_(tal_t *ctx, const char *name, bool literal) +{ + struct tal_hdr *t = debug_tal(to_tal_hdr(ctx)); + struct prop_hdr **prop = find_property_ptr(t, NAME); + + /* Get rid of any old name */ + if (prop) { + struct name *name = (struct name *)*prop; + if (is_literal(&name->hdr)) + *prop = NULL; + else { + *prop = name->hdr.next; + freefn(name); + } + } + + if (literal && name[0]) { + struct prop_hdr **p; + + /* Append literal. */ + for (p = &t->prop; *p && !is_literal(*p); p = &(*p)->next); + *p = (struct prop_hdr *)name; + } else if (!add_name_property(t, name)) + return false; + + debug_tal(t); + if (notifiers) + notify(t, TAL_NOTIFY_RENAME, name, 0); + return true; +} + +const char *tal_name(const tal_t *t) +{ + struct name *n; + + n = find_property(debug_tal(to_tal_hdr(t)), NAME); + if (!n) + return NULL; + + if (is_literal(&n->hdr)) + return (const char *)n; + return n->name; +} + +size_t tal_bytelen(const tal_t *ptr) +{ + /* NULL -> null_parent which has bytelen 0 */ + struct tal_hdr *t = debug_tal(to_tal_hdr_or_null(ptr)); + + return t->bytelen; +} + +/* Start one past first child: make stopping natural in circ. list. */ +static struct tal_hdr *first_child(struct tal_hdr *parent) +{ + struct children *child; + + child = find_property(parent, CHILDREN); + if (!child) + return NULL; + + return list_top(&child->children, struct tal_hdr, list); +} + +tal_t *tal_first(const tal_t *root) +{ + struct tal_hdr *c, *t = debug_tal(to_tal_hdr_or_null(root)); + + c = first_child(t); + if (!c) + return NULL; + return from_tal_hdr(c); +} + +tal_t *tal_next(const tal_t *prev) +{ + struct tal_hdr *next, *prevhdr = debug_tal(to_tal_hdr(prev)); + struct list_head *head; + + head = &ignore_destroying_bit(prevhdr->parent_child)->children; + next = list_next(head, prevhdr, list); + if (!next) + return NULL; + return from_tal_hdr(next); +} + +tal_t *tal_parent(const tal_t *ctx) +{ + struct tal_hdr *t; + + if (!ctx) + return NULL; + + t = debug_tal(to_tal_hdr(ctx)); + if (ignore_destroying_bit(t->parent_child)->parent == &null_parent.hdr) + return NULL; + return from_tal_hdr(ignore_destroying_bit(t->parent_child)->parent); +} + +bool tal_resize_(tal_t **ctxp, size_t size, size_t count, bool clear) +{ + struct tal_hdr *old_t, *t; + struct children *child; + + old_t = debug_tal(to_tal_hdr(*ctxp)); + + if (!adjust_size(&size, count)) + return false; + + t = resizefn(old_t, sizeof(struct tal_hdr) + size); + if (!t) { + call_error("Reallocation failure"); + return false; + } + + /* Clear between old end and new end. */ + if (clear && size > t->bytelen) { + char *old_end = (char *)(t + 1) + t->bytelen; + memset(old_end, 0, size - t->bytelen); + } + + /* Update length. */ + t->bytelen = size; + update_bounds(t, sizeof(struct tal_hdr) + size); + + /* If it didn't move, we're done! */ + if (t != old_t) { + /* Fix up linked list pointers. */ + t->list.next->prev = t->list.prev->next = &t->list; + + /* Copy take() property. */ + if (taken(from_tal_hdr(old_t))) + take(from_tal_hdr(t)); + + /* Fix up child property's parent pointer. */ + child = find_property(t, CHILDREN); + if (child) { + assert(child->parent == old_t); + child->parent = t; + } + *ctxp = from_tal_hdr(debug_tal(t)); + if (notifiers) + notify(t, TAL_NOTIFY_MOVE, from_tal_hdr(old_t), 0); + } + if (notifiers) + notify(t, TAL_NOTIFY_RESIZE, (void *)size, 0); + + return true; +} + +bool tal_expand_(tal_t **ctxp, const void *src, size_t size, size_t count) +{ + size_t old_len; + bool ret = false; + + old_len = debug_tal(to_tal_hdr(*ctxp))->bytelen; + + /* Check for additive overflow */ + if (old_len + count * size < old_len) { + call_error("dup size overflow"); + goto out; + } + + /* Don't point src inside thing we're expanding! */ + assert(src < *ctxp + || (char *)src >= (char *)(*ctxp) + old_len); + + if (!tal_resize_(ctxp, size, old_len/size + count, false)) + goto out; + + memcpy((char *)*ctxp + old_len, src, count * size); + ret = true; + +out: + if (taken(src)) + tal_free(src); + return ret; +} + +void *tal_dup_(const tal_t *ctx, const void *p, size_t size, + size_t n, size_t extra, bool nullok, const char *label) +{ + void *ret; + size_t nbytes = size; + + if (nullok && p == NULL) { + /* take(NULL) works. */ + (void)taken(p); + return NULL; + } + + if (!adjust_size(&nbytes, n)) { + if (taken(p)) + tal_free(p); + return NULL; + } + + /* Beware addition overflow! */ + if (n + extra < n) { + call_error("dup size overflow"); + if (taken(p)) + tal_free(p); + return NULL; + } + + if (taken(p)) { + if (unlikely(!p)) + return NULL; + if (unlikely(!tal_resize_((void **)&p, size, n + extra, false))) + return tal_free(p); + if (unlikely(!tal_steal(ctx, p))) + return tal_free(p); + return (void *)p; + } + + ret = tal_alloc_arr_(ctx, size, n + extra, false, label); + if (ret) + memcpy(ret, p, nbytes); + return ret; +} + +void *tal_dup_talarr_(const tal_t *ctx, const tal_t *src TAKES, const char *label) +{ + return tal_dup_(ctx, src, 1, tal_bytelen(src), 0, true, label); +} + +void tal_set_backend(void *(*alloc_fn)(size_t size), + void *(*resize_fn)(void *, size_t size), + void (*free_fn)(void *), + void (*error_fn)(const char *msg)) +{ + if (alloc_fn) + allocfn = alloc_fn; + if (resize_fn) + resizefn = resize_fn; + if (free_fn) + freefn = free_fn; + if (error_fn) + errorfn = error_fn; +} + +#ifdef CCAN_TAL_DEBUG +static void dump_node(unsigned int indent, const struct tal_hdr *t) +{ + unsigned int i; + const struct prop_hdr *p; + + for (i = 0; i < indent; i++) + fprintf(stderr, " "); + fprintf(stderr, "%p len=%zu", t, t->bytelen); + for (p = t->prop; p; p = p->next) { + struct children *c; + struct name *n; + struct notifier *no; + if (is_literal(p)) { + fprintf(stderr, " \"%s\"", (const char *)p); + break; + } + switch (p->type) { + case CHILDREN: + c = (struct children *)p; + fprintf(stderr, " CHILDREN(%p):parent=%p,children={%p,%p}", + p, c->parent, + c->children.n.prev, c->children.n.next); + break; + case NAME: + n = (struct name *)p; + fprintf(stderr, " NAME(%p):%s", p, n->name); + break; + case NOTIFIER: + no = (struct notifier *)p; + fprintf(stderr, " NOTIFIER(%p):fn=%p", p, no->u.notifyfn); + break; + default: + fprintf(stderr, " **UNKNOWN(%p):%i**", p, p->type); + } + } + fprintf(stderr, "\n"); +} + +static void tal_dump_(unsigned int level, const struct tal_hdr *t) +{ + struct children *children; + + dump_node(level, t); + + children = find_property(t, CHILDREN); + if (children) { + struct tal_hdr *i; + + list_for_each(&children->children, i, list) + tal_dump_(level + 1, i); + } +} + +void tal_dump(void) +{ + tal_dump_(0, &null_parent.hdr); +} +#endif /* CCAN_TAL_DEBUG */ + +#ifndef NDEBUG +static bool check_err(struct tal_hdr *t, const char *errorstr, + const char *errmsg) +{ + if (errorstr) { + /* Try not to malloc: it may be corrupted. */ + char msg[strlen(errorstr) + 20 + strlen(errmsg) + 1]; + sprintf(msg, "%s:%p %s", errorstr, from_tal_hdr(t), errmsg); + call_error(msg); + } + return false; +} + +static bool check_node(struct children *parent_child, + struct tal_hdr *t, const char *errorstr) +{ + struct prop_hdr *p; + struct name *name = NULL; + struct children *children = NULL; + + if (!in_bounds(t)) + return check_err(t, errorstr, "invalid pointer"); + + if (ignore_destroying_bit(t->parent_child) != parent_child) + return check_err(t, errorstr, "incorrect parent"); + + for (p = t->prop; p; p = p->next) { + if (is_literal(p)) { + if (name) + return check_err(t, errorstr, + "has extra literal"); + break; + } + if (!in_bounds(p)) + return check_err(t, errorstr, + "has bad property pointer"); + + switch (p->type) { + case CHILDREN: + if (children) + return check_err(t, errorstr, + "has two child nodes"); + children = (struct children *)p; + break; + case NOTIFIER: + break; + case NAME: + if (name) + return check_err(t, errorstr, + "has two names"); + name = (struct name *)p; + break; + default: + return check_err(t, errorstr, "has unknown property"); + } + } + if (children) { + struct tal_hdr *i; + + if (!list_check(&children->children, errorstr)) + return false; + list_for_each(&children->children, i, list) { + if (!check_node(children, i, errorstr)) + return false; + } + } + return true; +} + +bool tal_check(const tal_t *ctx, const char *errorstr) +{ + struct tal_hdr *t = to_tal_hdr_or_null(ctx); + + return check_node(ignore_destroying_bit(t->parent_child), t, errorstr); +} +#else /* NDEBUG */ +bool tal_check(const tal_t *ctx, const char *errorstr) +{ + return true; +} +#endif diff --git a/bolt11/tal.h b/bolt11/tal.h @@ -0,0 +1,553 @@ +/* Licensed under BSD-MIT - see LICENSE file for details */ +#ifndef CCAN_TAL_H +#define CCAN_TAL_H +#include "../config.h" +#include "../compiler.h" +#include "likely.h" +#include "typesafe_cb.h" +#include "str.h" +#include "take.h" + +#include <stdlib.h> +#include <stdbool.h> +#include <stdarg.h> + +/** + * tal_t - convenient alias for void to mark tal pointers. + * + * Since any pointer can be a tal-allocated pointer, it's often + * useful to use this typedef to mark them explicitly. + */ +typedef void tal_t; + +/** + * tal - basic allocator function + * @ctx: NULL, or tal allocated object to be parent. + * @type: the type to allocate. + * + * Allocates a specific type, with a given parent context. The name + * of the object is a string of the type, but if CCAN_TAL_DEBUG is + * defined it also contains the file and line which allocated it. + * + * tal_count() of the return will be 1. + * + * Example: + * int *p = tal(NULL, int); + * *p = 1; + */ +#define tal(ctx, type) \ + tal_label(ctx, type, TAL_LABEL(type, "")) + +/** + * talz - zeroing allocator function + * @ctx: NULL, or tal allocated object to be parent. + * @type: the type to allocate. + * + * Equivalent to tal() followed by memset() to zero. + * + * Example: + * p = talz(NULL, int); + * assert(*p == 0); + */ +#define talz(ctx, type) \ + talz_label(ctx, type, TAL_LABEL(type, "")) + +/** + * tal_free - free a tal-allocated pointer. + * @p: NULL, or tal allocated object to free. + * + * This calls the destructors for p (if any), then does the same for all its + * children (recursively) before finally freeing the memory. It returns + * NULL, for convenience. + * + * Note: errno is preserved by this call, and also saved and restored + * for any destructors or notifiers. + * + * Example: + * p = tal_free(p); + */ +void *tal_free(const tal_t *p); + +/** + * tal_arr - allocate an array of objects. + * @ctx: NULL, or tal allocated object to be parent. + * @type: the type to allocate. + * @count: the number to allocate. + * + * tal_count() of the returned pointer will be @count. + * + * Example: + * p = tal_arr(NULL, int, 2); + * p[0] = 0; + * p[1] = 1; + */ +#define tal_arr(ctx, type, count) \ + tal_arr_label(ctx, type, count, TAL_LABEL(type, "[]")) + +/** + * tal_arrz - allocate an array of zeroed objects. + * @ctx: NULL, or tal allocated object to be parent. + * @type: the type to allocate. + * @count: the number to allocate. + * + * Equivalent to tal_arr() followed by memset() to zero. + * + * Example: + * p = tal_arrz(NULL, int, 2); + * assert(p[0] == 0 && p[1] == 0); + */ +#define tal_arrz(ctx, type, count) \ + tal_arrz_label(ctx, type, count, TAL_LABEL(type, "[]")) + +/** + * tal_resize - enlarge or reduce a tal object. + * @p: A pointer to the tal allocated array to resize. + * @count: the number to allocate. + * + * This returns true on success (and may move *@p), or false on failure. + * On success, tal_count() of *@p will be @count. + * + * Note: if *p is take(), it will still be take() upon return, even if it + * has been moved. + * + * Example: + * tal_resize(&p, 100); + */ +#define tal_resize(p, count) \ + tal_resize_((void **)(p), sizeof**(p), (count), false) + +/** + * tal_resizez - enlarge or reduce a tal object; zero out extra. + * @p: A pointer to the tal allocated array to resize. + * @count: the number to allocate. + * + * This returns true on success (and may move *@p), or false on failure. + * + * Example: + * tal_resizez(&p, 200); + */ +#define tal_resizez(p, count) \ + tal_resize_((void **)(p), sizeof**(p), (count), true) + +/** + * tal_steal - change the parent of a tal-allocated pointer. + * @ctx: The new parent. + * @ptr: The tal allocated object to move, or NULL. + * + * This may need to perform an allocation, in which case it may fail; thus + * it can return NULL, otherwise returns @ptr. If @ptr is NULL, this function does + * nothing. + */ +#if HAVE_STATEMENT_EXPR +/* Weird macro avoids gcc's 'warning: value computed is not used'. */ +#define tal_steal(ctx, ptr) \ + ({ (tal_typeof(ptr) tal_steal_((ctx),(ptr))); }) +#else +#define tal_steal(ctx, ptr) \ + (tal_typeof(ptr) tal_steal_((ctx),(ptr))) +#endif + +/** + * tal_add_destructor - add a callback function when this context is destroyed. + * @ptr: The tal allocated object. + * @function: the function to call before it's freed. + * + * This is a more convenient form of tal_add_notifier(@ptr, + * TAL_NOTIFY_FREE, ...), in that the function prototype takes only @ptr. + * + * Note that this can only fail if your allocfn fails and your errorfn returns. + */ +#define tal_add_destructor(ptr, function) \ + tal_add_destructor_((ptr), typesafe_cb(void, void *, (function), (ptr))) + +/** + * tal_del_destructor - remove a destructor callback function. + * @ptr: The tal allocated object. + * @function: the function to call before it's freed. + * + * If @function has not been successfully added as a destructor, this returns + * false. Note that if we're inside the destructor call itself, this will + * return false. + */ +#define tal_del_destructor(ptr, function) \ + tal_del_destructor_((ptr), typesafe_cb(void, void *, (function), (ptr))) + +/** + * tal_add_destructor2 - add a 2-arg callback function when context is destroyed. + * @ptr: The tal allocated object. + * @function: the function to call before it's freed. + * @arg: the extra argument to the function. + * + * Sometimes an extra argument is required for a destructor; this + * saves the extra argument internally to avoid the caller having to + * do an extra allocation. + * + * Note that this can only fail if your allocfn fails and your errorfn returns. + */ +#define tal_add_destructor2(ptr, function, arg) \ + tal_add_destructor2_((ptr), \ + typesafe_cb_cast(void (*)(tal_t *, void *), \ + void (*)(__typeof__(ptr), \ + __typeof__(arg)), \ + (function)), \ + (arg)) + +/** + * tal_del_destructor - remove a destructor callback function. + * @ptr: The tal allocated object. + * @function: the function to call before it's freed. + * + * If @function has not been successfully added as a destructor, this returns + * false. Note that if we're inside the destructor call itself, this will + * return false. + */ +#define tal_del_destructor(ptr, function) \ + tal_del_destructor_((ptr), typesafe_cb(void, void *, (function), (ptr))) + +/** + * tal_del_destructor2 - remove 2-arg callback function. + * @ptr: The tal allocated object. + * @function: the function to call before it's freed. + * @arg: the extra argument to the function. + * + * If @function has not been successfully added as a destructor with + * @arg, this returns false. + */ +#define tal_del_destructor2(ptr, function, arg) \ + tal_del_destructor2_((ptr), \ + typesafe_cb_cast(void (*)(tal_t *, void *), \ + void (*)(__typeof__(ptr), \ + __typeof__(arg)), \ + (function)), \ + (arg)) +enum tal_notify_type { + TAL_NOTIFY_FREE = 1, + TAL_NOTIFY_STEAL = 2, + TAL_NOTIFY_MOVE = 4, + TAL_NOTIFY_RESIZE = 8, + TAL_NOTIFY_RENAME = 16, + TAL_NOTIFY_ADD_CHILD = 32, + TAL_NOTIFY_DEL_CHILD = 64, + TAL_NOTIFY_ADD_NOTIFIER = 128, + TAL_NOTIFY_DEL_NOTIFIER = 256 +}; + +/** + * tal_add_notifier - add a callback function when this context changes. + * @ptr: The tal allocated object, or NULL. + * @types: Bitwise OR of the types the callback is interested in. + * @callback: the function to call. + * + * Note that this can only fail if your allocfn fails and your errorfn + * returns. Also note that notifiers are not reliable in the case + * where an allocation fails, as they may be called before any + * allocation is actually done. + * + * TAL_NOTIFY_FREE is called when @ptr is freed, either directly or + * because an ancestor is freed: @info is the argument to tal_free(). + * It is exactly equivalent to a destructor, with more information. + * errno is set to the value it was at the call of tal_free(). + * + * TAL_NOTIFY_STEAL is called when @ptr's parent changes: @info is the + * new parent. + * + * TAL_NOTIFY_MOVE is called when @ptr is realloced (via tal_resize) + * and moved. In this case, @ptr arg here is the new memory, and + * @info is the old pointer. + * + * TAL_NOTIFY_RESIZE is called when @ptr is realloced via tal_resize: + * @info is the new size, in bytes. If the pointer has moved, + * TAL_NOTIFY_MOVE callbacks are called first. + * + * TAL_NOTIFY_ADD_CHILD/TAL_NOTIFY_DEL_CHILD are called when @ptr is + * the context for a tal() allocating call, or a direct child is + * tal_free()d: @info is the child. Note that TAL_NOTIFY_DEL_CHILD is + * not called when this context is tal_free()d: TAL_NOTIFY_FREE is + * considered sufficient for that case. + * + * TAL_NOTIFY_ADD_NOTIFIER/TAL_NOTIFIER_DEL_NOTIFIER are called when a + * notifier is added or removed (not for this notifier): @info is the + * callback. This is also called for tal_add_destructor and + * tal_del_destructor. + */ +#define tal_add_notifier(ptr, types, callback) \ + tal_add_notifier_((ptr), (types), \ + typesafe_cb_postargs(void, tal_t *, (callback), \ + (ptr), \ + enum tal_notify_type, void *)) + +/** + * tal_del_notifier - remove a notifier callback function. + * @ptr: The tal allocated object. + * @callback: the function to call. + */ +#define tal_del_notifier(ptr, callback) \ + tal_del_notifier_((ptr), \ + typesafe_cb_postargs(void, void *, (callback), \ + (ptr), \ + enum tal_notify_type, void *), \ + false, NULL) + +/** + * tal_set_name - attach a name to a tal pointer. + * @ptr: The tal allocated object. + * @name: The name to use. + * + * The name is copied, unless we're certain it's a string literal. + */ +#define tal_set_name(ptr, name) \ + tal_set_name_((ptr), (name), TAL_IS_LITERAL(name)) + +/** + * tal_name - get the name for a tal pointer. + * @ptr: The tal allocated object. + * + * Returns NULL if no name has been set. + */ +const char *tal_name(const tal_t *ptr); + +/** + * tal_count - get the count of objects in a tal object. + * @ptr: The tal allocated object (or NULL) + * + * Returns 0 if @ptr is NULL. Note that if the allocation was done as a + * different type to @ptr, the result may not match the @count argument + * (or implied 1) of that allocation! + */ +#define tal_count(p) (tal_bytelen(p) / sizeof(*p)) + +/** + * tal_bytelen - get the count of bytes in a tal object. + * @ptr: The tal allocated object (or NULL) + * + * Returns 0 if @ptr is NULL. + */ +size_t tal_bytelen(const tal_t *ptr); + +/** + * tal_first - get the first immediate tal object child. + * @root: The tal allocated object to start with, or NULL. + * + * Returns NULL if there are no children. + */ +tal_t *tal_first(const tal_t *root); + +/** + * tal_next - get the next immediate tal object child. + * @prev: The return value from tal_first or tal_next. + * + * Returns NULL if there are no more immediate children. This should be safe to + * call on an altering tree unless @prev is no longer valid. + */ +tal_t *tal_next(const tal_t *prev); + +/** + * tal_parent - get the parent of a tal object. + * @ctx: The tal allocated object. + * + * Returns the parent, which may be NULL. Returns NULL if @ctx is NULL. + */ +tal_t *tal_parent(const tal_t *ctx); + +/** + * tal_dup - duplicate an object. + * @ctx: The tal allocated object to be parent of the result (may be NULL). + * @type: the type (should match type of @p!) + * @p: the object to copy (or reparented if take()). Must not be NULL. + */ +#define tal_dup(ctx, type, p) \ + tal_dup_label(ctx, type, p, TAL_LABEL(type, ""), false) + +/** + * tal_dup_or_null - duplicate an object, or just pass NULL. + * @ctx: The tal allocated object to be parent of the result (may be NULL). + * @type: the type (should match type of @p!) + * @p: the object to copy (or reparented if take()) + * + * if @p is NULL, just return NULL, otherwise to tal_dup(). + */ +#define tal_dup_or_null(ctx, type, p) \ + tal_dup_label(ctx, type, p, TAL_LABEL(type, ""), true) + +/** + * tal_dup_arr - duplicate an array. + * @ctx: The tal allocated object to be parent of the result (may be NULL). + * @type: the type (should match type of @p!) + * @p: the array to copy (or resized & reparented if take()) + * @n: the number of sizeof(type) entries to copy. + * @extra: the number of extra sizeof(type) entries to allocate. + */ +#define tal_dup_arr(ctx, type, p, n, extra) \ + tal_dup_arr_label(ctx, type, p, n, extra, TAL_LABEL(type, "[]")) + + +/** + * tal_dup_arr - duplicate a tal array. + * @ctx: The tal allocated object to be parent of the result (may be NULL). + * @type: the type (should match type of @p!) + * @p: the tal array to copy (or resized & reparented if take()) + * + * The comon case of duplicating an entire tal array. + */ +#define tal_dup_talarr(ctx, type, p) \ + ((type *)tal_dup_talarr_((ctx), tal_typechk_(p, type *), \ + TAL_LABEL(type, "[]"))) +/* Lower-level interfaces, where you want to supply your own label string. */ +#define tal_label(ctx, type, label) \ + ((type *)tal_alloc_((ctx), sizeof(type), false, label)) +#define talz_label(ctx, type, label) \ + ((type *)tal_alloc_((ctx), sizeof(type), true, label)) +#define tal_arr_label(ctx, type, count, label) \ + ((type *)tal_alloc_arr_((ctx), sizeof(type), (count), false, label)) +#define tal_arrz_label(ctx, type, count, label) \ + ((type *)tal_alloc_arr_((ctx), sizeof(type), (count), true, label)) +#define tal_dup_label(ctx, type, p, label, nullok) \ + ((type *)tal_dup_((ctx), tal_typechk_(p, type *), \ + sizeof(type), 1, 0, nullok, \ + label)) +#define tal_dup_arr_label(ctx, type, p, n, extra, label) \ + ((type *)tal_dup_((ctx), tal_typechk_(p, type *), \ + sizeof(type), (n), (extra), false, \ + label)) + +/** + * tal_set_backend - set the allocation or error functions to use + * @alloc_fn: allocator or NULL (default is malloc) + * @resize_fn: re-allocator or NULL (default is realloc) + * @free_fn: free function or NULL (default is free) + * @error_fn: called on errors or NULL (default is abort) + * + * The defaults are set up so tal functions never return NULL, but you + * can override erorr_fn to change that. error_fn can return, and is + * called if alloc_fn or resize_fn fail. + * + * If any parameter is NULL, that function is unchanged. + */ +void tal_set_backend(void *(*alloc_fn)(size_t size), + void *(*resize_fn)(void *, size_t size), + void (*free_fn)(void *), + void (*error_fn)(const char *msg)); + +/** + * tal_expand - expand a tal array with contents. + * @a1p: a pointer to the tal array to expand. + * @a2: the second array (can be take()). + * @num2: the number of elements in the second array. + * + * Note that *@a1 and @a2 should be the same type. tal_count(@a1) will + * be increased by @num2. + * + * Example: + * int *arr1 = tal_arrz(NULL, int, 2); + * int arr2[2] = { 1, 3 }; + * + * tal_expand(&arr1, arr2, 2); + * assert(tal_count(arr1) == 4); + * assert(arr1[2] == 1); + * assert(arr1[3] == 3); + */ +#define tal_expand(a1p, a2, num2) \ + tal_expand_((void **)(a1p), (a2), sizeof**(a1p), \ + (num2) + 0*sizeof(*(a1p) == (a2))) + +/** + * tal_cleanup - remove pointers from NULL node + * + * Internally, tal keeps a list of nodes allocated from @ctx NULL; this + * prevents valgrind from noticing memory leaks. This re-initializes + * that list to empty. + * + * It also calls take_cleanup() for you. + */ +void tal_cleanup(void); + + +/** + * tal_check - sanity check a tal context and its children. + * @ctx: a tal context, or NULL. + * @errorstr: a string to prepend calls to error_fn, or NULL. + * + * This sanity-checks a tal tree (unless NDEBUG is defined, in which case + * it simply returns true). If errorstr is not null, error_fn is called + * when a problem is found, otherwise it is not. + * + * See also: + * tal_set_backend() + */ +bool tal_check(const tal_t *ctx, const char *errorstr); + +#ifdef CCAN_TAL_DEBUG +/** + * tal_dump - dump entire tal tree to stderr. + * + * This is a helper for debugging tal itself, which dumps all the tal internal + * state. + */ +void tal_dump(void); +#endif + +/* Internal support functions */ +#ifndef TAL_LABEL +#ifdef CCAN_TAL_NO_LABELS +#define TAL_LABEL(type, arr) NULL +#else +#ifdef CCAN_TAL_DEBUG +#define TAL_LABEL(type, arr) \ + __FILE__ ":" stringify(__LINE__) ":" stringify(type) arr +#else +#define TAL_LABEL(type, arr) stringify(type) arr +#endif /* CCAN_TAL_DEBUG */ +#endif +#endif + +#if HAVE_BUILTIN_CONSTANT_P +#define TAL_IS_LITERAL(str) __builtin_constant_p(str) +#else +#define TAL_IS_LITERAL(str) (sizeof(&*(str)) != sizeof(char *)) +#endif + +bool tal_set_name_(tal_t *ctx, const char *name, bool literal); + +#if HAVE_TYPEOF +#define tal_typeof(ptr) (__typeof__(ptr)) +#if HAVE_STATEMENT_EXPR +/* Careful: ptr can be const foo *, ptype is foo *. Also, ptr could + * be an array, eg "hello". */ +#define tal_typechk_(ptr, ptype) ({ __typeof__((ptr)+0) _p = (ptype)(ptr); _p; }) +#else +#define tal_typechk_(ptr, ptype) (ptr) +#endif +#else /* !HAVE_TYPEOF */ +#define tal_typeof(ptr) +#define tal_typechk_(ptr, ptype) (ptr) +#endif + +void *tal_alloc_(const tal_t *ctx, size_t bytes, bool clear, const char *label); +void *tal_alloc_arr_(const tal_t *ctx, size_t bytes, size_t count, bool clear, + const char *label); + +void *tal_dup_(const tal_t *ctx, const void *p TAKES, size_t size, + size_t n, size_t extra, bool nullok, const char *label); +void *tal_dup_talarr_(const tal_t *ctx, const tal_t *src TAKES, + const char *label); + +tal_t *tal_steal_(const tal_t *new_parent, const tal_t *t); + +bool tal_resize_(tal_t **ctxp, size_t size, size_t count, bool clear); +bool tal_expand_(tal_t **ctxp, const void *src TAKES, size_t size, size_t count); + +bool tal_add_destructor_(const tal_t *ctx, void (*destroy)(void *me)); +bool tal_add_destructor2_(const tal_t *ctx, void (*destroy)(void *me, void *arg), + void *arg); +bool tal_del_destructor_(const tal_t *ctx, void (*destroy)(void *me)); +bool tal_del_destructor2_(const tal_t *ctx, void (*destroy)(void *me, void *arg), + void *arg); + +bool tal_add_notifier_(const tal_t *ctx, enum tal_notify_type types, + void (*notify)(tal_t *ctx, enum tal_notify_type, + void *info)); +bool tal_del_notifier_(const tal_t *ctx, + void (*notify)(tal_t *ctx, enum tal_notify_type, + void *info), + bool match_extra_arg, void *arg); +#endif /* CCAN_TAL_H */ diff --git a/bolt11/talstr.c b/bolt11/talstr.c @@ -0,0 +1,315 @@ +/* Licensed under BSD-MIT - see LICENSE file for details */ +#include <unistd.h> +#include <stdint.h> +#include <string.h> +#include <limits.h> +#include <stdlib.h> +#include "talstr.h" +#include <sys/types.h> +#include <regex.h> +#include <stdarg.h> +#include <unistd.h> +#include <stdio.h> +#include "str.h" + +char *tal_strdup_(const tal_t *ctx, const char *p, const char *label) +{ + /* We have to let through NULL for take(). */ + return tal_dup_arr_label(ctx, char, p, p ? strlen(p) + 1: 1, 0, label); +} + +char *tal_strndup_(const tal_t *ctx, const char *p, size_t n, const char *label) +{ + size_t len; + char *ret; + + /* We have to let through NULL for take(). */ + if (likely(p)) + len = strnlen(p, n); + else + len = n; + + ret = tal_dup_arr_label(ctx, char, p, len, 1, label); + if (ret) + ret[len] = '\0'; + return ret; +} + +char *tal_fmt_(const tal_t *ctx, const char *label, const char *fmt, ...) +{ + va_list ap; + char *ret; + + va_start(ap, fmt); + ret = tal_vfmt_(ctx, fmt, ap, label); + va_end(ap); + + return ret; +} + +static bool do_vfmt(char **buf, size_t off, const char *fmt, va_list ap) +{ + /* A decent guess to start. */ + size_t max = strlen(fmt) * 2 + 1; + bool ok; + + for (;;) { + va_list ap2; + int ret; + + if (!tal_resize(buf, off + max)) { + ok = false; + break; + } + + va_copy(ap2, ap); + ret = vsnprintf(*buf + off, max, fmt, ap2); + va_end(ap2); + + if (ret < max) { + ok = true; + /* Make sure tal_count() is correct! */ + tal_resize(buf, off + ret + 1); + break; + } + max *= 2; + } + + if (taken(fmt)) + tal_free(fmt); + return ok; +} + +char *tal_vfmt_(const tal_t *ctx, const char *fmt, va_list ap, const char *label) +{ + char *buf; + + if (!fmt && taken(fmt)) + return NULL; + + /* A decent guess to start. */ + buf = tal_arr_label(ctx, char, strlen(fmt) * 2, label); + if (!do_vfmt(&buf, 0, fmt, ap)) + buf = tal_free(buf); + return buf; +} + +bool tal_append_vfmt(char **baseptr, const char *fmt, va_list ap) +{ + if (!fmt && taken(fmt)) + return false; + + return do_vfmt(baseptr, strlen(*baseptr), fmt, ap); +} + +bool tal_append_fmt(char **baseptr, const char *fmt, ...) +{ + va_list ap; + bool ret; + + va_start(ap, fmt); + ret = tal_append_vfmt(baseptr, fmt, ap); + va_end(ap); + + return ret; +} + +char *tal_strcat_(const tal_t *ctx, const char *s1, const char *s2, + const char *label) +{ + size_t len1, len2; + char *ret; + + if (unlikely(!s2) && taken(s2)) { + if (taken(s1)) + tal_free(s1); + return NULL; + } + /* We have to let through NULL for take(). */ + len1 = s1 ? strlen(s1) : 0; + len2 = strlen(s2); + + ret = tal_dup_arr_label(ctx, char, s1, len1, len2 + 1, label); + if (likely(ret)) + memcpy(ret + len1, s2, len2 + 1); + + if (taken(s2)) + tal_free(s2); + return ret; +} + +char **tal_strsplit_(const tal_t *ctx, + const char *string, const char *delims, enum strsplit flags, + const char *label) +{ + char **parts, *str; + size_t max = 64, num = 0; + + parts = tal_arr(ctx, char *, max + 1); + if (unlikely(!parts)) { + if (taken(string)) + tal_free(string); + if (taken(delims)) + tal_free(delims); + return NULL; + } + str = tal_strdup(parts, string); + if (unlikely(!str)) + goto fail; + if (unlikely(!delims) && is_taken(delims)) + goto fail; + + if (flags == STR_NO_EMPTY) + str += strspn(str, delims); + + while (*str != '\0') { + size_t len = strcspn(str, delims), dlen; + + parts[num] = str; + dlen = strspn(str + len, delims); + parts[num][len] = '\0'; + if (flags == STR_EMPTY_OK && dlen) + dlen = 1; + str += len + dlen; + if (++num == max && !tal_resize(&parts, max*=2 + 1)) + goto fail; + } + parts[num] = NULL; + + /* Ensure that tal_count() is correct. */ + if (unlikely(!tal_resize(&parts, num+1))) + goto fail; + + if (taken(delims)) + tal_free(delims); + return parts; + +fail: + tal_free(parts); + if (taken(delims)) + tal_free(delims); + return NULL; +} + +char *tal_strjoin_(const tal_t *ctx, + char *strings[], const char *delim, enum strjoin flags, + const char *label) +{ + unsigned int i; + char *ret = NULL; + size_t totlen = 0, dlen; + + if (unlikely(!strings) && is_taken(strings)) + goto fail; + + if (unlikely(!delim) && is_taken(delim)) + goto fail; + + dlen = strlen(delim); + ret = tal_arr_label(ctx, char, dlen*2+1, label); + if (!ret) + goto fail; + + ret[0] = '\0'; + for (i = 0; strings[i]; i++) { + size_t len = strlen(strings[i]); + + if (flags == STR_NO_TRAIL && !strings[i+1]) + dlen = 0; + if (!tal_resize(&ret, totlen + len + dlen + 1)) + goto fail; + memcpy(ret + totlen, strings[i], len); + totlen += len; + memcpy(ret + totlen, delim, dlen); + totlen += dlen; + } + ret[totlen] = '\0'; + /* Make sure tal_count() is correct! */ + tal_resize(&ret, totlen+1); +out: + if (taken(strings)) + tal_free(strings); + if (taken(delim)) + tal_free(delim); + return ret; +fail: + ret = tal_free(ret); + goto out; +} + +static size_t count_open_braces(const char *string) +{ +#if 1 + size_t num = 0, esc = 0; + + while (*string) { + if (*string == '\\') + esc++; + else { + /* An odd number of \ means it's escaped. */ + if (*string == '(' && (esc & 1) == 0) + num++; + esc = 0; + } + string++; + } + return num; +#else + return strcount(string, "("); +#endif +} + +bool tal_strreg_(const tal_t *ctx, const char *string, const char *label, + const char *regex, ...) +{ + size_t nmatch = 1 + count_open_braces(regex); + regmatch_t matches[nmatch]; + regex_t r; + bool ret = false; + unsigned int i; + va_list ap; + + if (unlikely(!regex) && is_taken(regex)) + goto fail_no_re; + + if (regcomp(&r, regex, REG_EXTENDED) != 0) + goto fail_no_re; + + if (unlikely(!string) && is_taken(string)) + goto fail; + + if (regexec(&r, string, nmatch, matches, 0) != 0) + goto fail; + + ret = true; + va_start(ap, regex); + for (i = 1; i < nmatch; i++) { + char **arg = va_arg(ap, char **); + if (arg) { + /* eg. ([a-z])? can give "no match". */ + if (matches[i].rm_so == -1) + *arg = NULL; + else { + *arg = tal_strndup_(ctx, + string + matches[i].rm_so, + matches[i].rm_eo + - matches[i].rm_so, + label); + /* FIXME: If we fail, we set some and leak! */ + if (!*arg) { + ret = false; + break; + } + } + } + } + va_end(ap); +fail: + regfree(&r); +fail_no_re: + if (taken(regex)) + tal_free(regex); + if (taken(string)) + tal_free(string); + return ret; +} diff --git a/bolt11/talstr.h b/bolt11/talstr.h @@ -0,0 +1,225 @@ +/* Licensed under BSD-MIT - see LICENSE file for details */ +#ifndef CCAN_STR_TAL_H +#define CCAN_STR_TAL_H +#ifdef TAL_USE_TALLOC +#include <ccan/tal/talloc/talloc.h> +#else +#include "tal.h" +#endif +#include <string.h> +#include <stdbool.h> + +/** + * tal_strdup - duplicate a string + * @ctx: NULL, or tal allocated object to be parent. + * @p: the string to copy (can be take()). + * + * The returned string will have tal_count() == strlen() + 1. + */ +#define tal_strdup(ctx, p) tal_strdup_(ctx, p, TAL_LABEL(char, "[]")) +char *tal_strdup_(const tal_t *ctx, const char *p TAKES, const char *label); + +/** + * tal_strndup - duplicate a limited amount of a string. + * @ctx: NULL, or tal allocated object to be parent. + * @p: the string to copy (can be take()). + * @n: the maximum length to copy. + * + * Always gives a nul-terminated string, with strlen() <= @n. + * The returned string will have tal_count() == strlen() + 1. + */ +#define tal_strndup(ctx, p, n) tal_strndup_(ctx, p, n, TAL_LABEL(char, "[]")) +char *tal_strndup_(const tal_t *ctx, const char *p TAKES, size_t n, + const char *label); + +/** + * tal_fmt - allocate a formatted string + * @ctx: NULL, or tal allocated object to be parent. + * @fmt: the printf-style format (can be take()). + * + * The returned string will have tal_count() == strlen() + 1. + */ +#define tal_fmt(ctx, ...) \ + tal_fmt_(ctx, TAL_LABEL(char, "[]"), __VA_ARGS__) +char *tal_fmt_(const tal_t *ctx, const char *label, const char *fmt TAKES, + ...) PRINTF_FMT(3,4); + +/** + * tal_vfmt - allocate a formatted string (va_list version) + * @ctx: NULL, or tal allocated object to be parent. + * @fmt: the printf-style format (can be take()). + * @va: the va_list containing the format args. + * + * The returned string will have tal_count() == strlen() + 1. + */ +#define tal_vfmt(ctx, fmt, va) \ + tal_vfmt_(ctx, fmt, va, TAL_LABEL(char, "[]")) +char *tal_vfmt_(const tal_t *ctx, const char *fmt TAKES, va_list ap, + const char *label) + PRINTF_FMT(2,0); + +/** + * tal_append_fmt - append a formatted string to a talloc string. + * @baseptr: a pointer to the tal string to be appended to. + * @fmt: the printf-style format (can be take()). + * + * Returns false on allocation failure. + * Otherwise tal_count(*@baseptr) == strlen(*@baseptr) + 1. + */ +bool tal_append_fmt(char **baseptr, const char *fmt TAKES, ...) PRINTF_FMT(2,3); + +/** + * tal_append_vfmt - append a formatted string to a talloc string (va_list) + * @baseptr: a pointer to the tal string to be appended to. + * @fmt: the printf-style format (can be take()). + * @va: the va_list containing the format args. + * + * Returns false on allocation failure. + * Otherwise tal_count(*@baseptr) == strlen(*@baseptr) + 1. + */ +bool tal_append_vfmt(char **baseptr, const char *fmt TAKES, va_list ap); + +/** + * tal_strcat - join two strings together + * @ctx: NULL, or tal allocated object to be parent. + * @s1: the first string (can be take()). + * @s2: the second string (can be take()). + * + * The returned string will have tal_count() == strlen() + 1. + */ +#define tal_strcat(ctx, s1, s2) tal_strcat_(ctx, s1, s2, TAL_LABEL(char, "[]")) +char *tal_strcat_(const tal_t *ctx, const char *s1 TAKES, const char *s2 TAKES, + const char *label); + +enum strsplit { + STR_EMPTY_OK, + STR_NO_EMPTY +}; + +/** + * tal_strsplit - Split string into an array of substrings + * @ctx: the context to tal from (often NULL). + * @string: the string to split (can be take()). + * @delims: delimiters where lines should be split (can be take()). + * @flags: whether to include empty substrings. + * + * This function splits a single string into multiple strings. + * + * If @string is take(), the returned array will point into the + * mangled @string. + * + * Multiple delimiters result in empty substrings. By definition, no + * delimiters will appear in the substrings. + * + * The final char * in the array will be NULL, and tal_count() will + * return the number of elements plus 1 (for that NULL). + * + * Example: + * #include <ccan/tal/str/str.h> + * ... + * static unsigned int count_long_lines(const char *string) + * { + * char **lines; + * unsigned int i, long_lines = 0; + * + * // Can only fail on out-of-memory. + * lines = tal_strsplit(NULL, string, "\n", STR_NO_EMPTY); + * for (i = 0; lines[i] != NULL; i++) + * if (strlen(lines[i]) > 80) + * long_lines++; + * tal_free(lines); + * return long_lines; + * } + */ +#define tal_strsplit(ctx, string, delims, flag) \ + tal_strsplit_(ctx, string, delims, flag, TAL_LABEL(char *, "[]")) +char **tal_strsplit_(const tal_t *ctx, + const char *string TAKES, + const char *delims TAKES, + enum strsplit flag, + const char *label); + +enum strjoin { + STR_TRAIL, + STR_NO_TRAIL +}; + +/** + * tal_strjoin - Join an array of substrings into one long string + * @ctx: the context to tal from (often NULL). + * @strings: the NULL-terminated array of strings to join (can be take()) + * @delim: the delimiter to insert between the strings (can be take()) + * @flags: whether to add a delimieter to the end + * + * This function joins an array of strings into a single string. The + * return value is allocated using tal. Each string in @strings is + * followed by a copy of @delim. + * + * The returned string will have tal_count() == strlen() + 1. + * + * Example: + * // Append the string "--EOL" to each line. + * static char *append_to_all_lines(const char *string) + * { + * char **lines, *ret; + * + * lines = tal_strsplit(NULL, string, "\n", STR_EMPTY_OK); + * ret = tal_strjoin(NULL, lines, "-- EOL\n", STR_TRAIL); + * tal_free(lines); + * return ret; + * } + */ +#define tal_strjoin(ctx, strings, delim, flags) \ + tal_strjoin_(ctx, strings, delim, flags, TAL_LABEL(char, "[]")) +char *tal_strjoin_(const void *ctx, + char *strings[] TAKES, + const char *delim TAKES, + enum strjoin flags, + const char *label); + +/** + * tal_strreg - match/extract from a string via (extended) regular expressions. + * @ctx: the context to tal from (often NULL) + * @string: the string to try to match (can be take()) + * @regex: the regular expression to match (can be take()) + * ...: pointers to strings to allocate for subexpressions. + * + * Returns true if we matched, in which case any parenthesized + * expressions in @regex are allocated and placed in the char ** + * arguments following @regex. NULL arguments mean the match is not + * saved. The order of the strings is the order + * of opening braces in the expression: in the case of repeated + * expressions (eg "([a-z])*") the last one is saved, in the case of + * non-existent matches (eg "([a-z]*)?") the pointer is set to NULL. + * + * Allocation failures or malformed regular expressions return false. + * The allocated strings will have tal_count() == strlen() + 1. + * + * See Also: + * regcomp(3), regex(3). + * + * Example: + * // Given "My name is Rusty" outputs "Hello Rusty!\n" + * // Given "my first name is Rusty Russell" outputs "Hello Rusty Russell!\n" + * // Given "My name isnt Rusty Russell" outputs "Hello there!\n" + * int main(int argc, char *argv[]) + * { + * char *person, *input; + * + * (void)argc; + * // Join args and trim trailing space. + * input = tal_strjoin(NULL, argv+1, " ", STR_NO_TRAIL); + * if (tal_strreg(NULL, input, + * "[Mm]y (first )?name is ([A-Za-z ]+)", + * NULL, &person)) + * printf("Hello %s!\n", person); + * else + * printf("Hello there!\n"); + * return 0; + * } + */ +#define tal_strreg(ctx, string, ...) \ + tal_strreg_(ctx, string, TAL_LABEL(char, "[]"), __VA_ARGS__) +bool tal_strreg_(const void *ctx, const char *string TAKES, + const char *label, const char *regex, ...); +#endif /* CCAN_STR_TAL_H */ diff --git a/bolt11/typesafe_cb.h b/bolt11/typesafe_cb.h @@ -0,0 +1,134 @@ +/* CC0 (Public domain) - see LICENSE file for details */ +#ifndef CCAN_TYPESAFE_CB_H +#define CCAN_TYPESAFE_CB_H +#include "../config.h" + +#if HAVE_TYPEOF && HAVE_BUILTIN_CHOOSE_EXPR && HAVE_BUILTIN_TYPES_COMPATIBLE_P +/** + * typesafe_cb_cast - only cast an expression if it matches a given type + * @desttype: the type to cast to + * @oktype: the type we allow + * @expr: the expression to cast + * + * This macro is used to create functions which allow multiple types. + * The result of this macro is used somewhere that a @desttype type is + * expected: if @expr is exactly of type @oktype, then it will be + * cast to @desttype type, otherwise left alone. + * + * This macro can be used in static initializers. + * + * This is merely useful for warnings: if the compiler does not + * support the primitives required for typesafe_cb_cast(), it becomes an + * unconditional cast, and the @oktype argument is not used. In + * particular, this means that @oktype can be a type which uses the + * "typeof": it will not be evaluated if typeof is not supported. + * + * Example: + * // We can take either an unsigned long or a void *. + * void _set_some_value(void *val); + * #define set_some_value(e) \ + * _set_some_value(typesafe_cb_cast(void *, unsigned long, (e))) + */ +#define typesafe_cb_cast(desttype, oktype, expr) \ + __builtin_choose_expr( \ + __builtin_types_compatible_p(__typeof__(0?(expr):(expr)), \ + oktype), \ + (desttype)(expr), (expr)) +#else +#define typesafe_cb_cast(desttype, oktype, expr) ((desttype)(expr)) +#endif + +/** + * typesafe_cb_cast3 - only cast an expression if it matches given types + * @desttype: the type to cast to + * @ok1: the first type we allow + * @ok2: the second type we allow + * @ok3: the third type we allow + * @expr: the expression to cast + * + * This is a convenient wrapper for multiple typesafe_cb_cast() calls. + * You can chain them inside each other (ie. use typesafe_cb_cast() + * for expr) if you need more than 3 arguments. + * + * Example: + * // We can take either a long, unsigned long, void * or a const void *. + * void _set_some_value(void *val); + * #define set_some_value(expr) \ + * _set_some_value(typesafe_cb_cast3(void *,, \ + * long, unsigned long, const void *,\ + * (expr))) + */ +#define typesafe_cb_cast3(desttype, ok1, ok2, ok3, expr) \ + typesafe_cb_cast(desttype, ok1, \ + typesafe_cb_cast(desttype, ok2, \ + typesafe_cb_cast(desttype, ok3, \ + (expr)))) + +/** + * typesafe_cb - cast a callback function if it matches the arg + * @rtype: the return type of the callback function + * @atype: the (pointer) type which the callback function expects. + * @fn: the callback function to cast + * @arg: the (pointer) argument to hand to the callback function. + * + * If a callback function takes a single argument, this macro does + * appropriate casts to a function which takes a single atype argument if the + * callback provided matches the @arg. + * + * It is assumed that @arg is of pointer type: usually @arg is passed + * or assigned to a void * elsewhere anyway. + * + * Example: + * void _register_callback(void (*fn)(void *arg), void *arg); + * #define register_callback(fn, arg) \ + * _register_callback(typesafe_cb(void, (fn), void*, (arg)), (arg)) + */ +#define typesafe_cb(rtype, atype, fn, arg) \ + typesafe_cb_cast(rtype (*)(atype), \ + rtype (*)(__typeof__(arg)), \ + (fn)) + +/** + * typesafe_cb_preargs - cast a callback function if it matches the arg + * @rtype: the return type of the callback function + * @atype: the (pointer) type which the callback function expects. + * @fn: the callback function to cast + * @arg: the (pointer) argument to hand to the callback function. + * + * This is a version of typesafe_cb() for callbacks that take other arguments + * before the @arg. + * + * Example: + * void _register_callback(void (*fn)(int, void *arg), void *arg); + * #define register_callback(fn, arg) \ + * _register_callback(typesafe_cb_preargs(void, void *, \ + * (fn), (arg), int), \ + * (arg)) + */ +#define typesafe_cb_preargs(rtype, atype, fn, arg, ...) \ + typesafe_cb_cast(rtype (*)(__VA_ARGS__, atype), \ + rtype (*)(__VA_ARGS__, __typeof__(arg)), \ + (fn)) + +/** + * typesafe_cb_postargs - cast a callback function if it matches the arg + * @rtype: the return type of the callback function + * @atype: the (pointer) type which the callback function expects. + * @fn: the callback function to cast + * @arg: the (pointer) argument to hand to the callback function. + * + * This is a version of typesafe_cb() for callbacks that take other arguments + * after the @arg. + * + * Example: + * void _register_callback(void (*fn)(void *arg, int), void *arg); + * #define register_callback(fn, arg) \ + * _register_callback(typesafe_cb_postargs(void, (fn), void *, \ + * (arg), int), \ + * (arg)) + */ +#define typesafe_cb_postargs(rtype, atype, fn, arg, ...) \ + typesafe_cb_cast(rtype (*)(atype, __VA_ARGS__), \ + rtype (*)(__typeof__(arg), __VA_ARGS__), \ + (fn)) +#endif /* CCAN_CAST_IF_TYPE_H */ diff --git a/bolt11/utf8.c b/bolt11/utf8.c @@ -0,0 +1,199 @@ +/* MIT (BSD) license - see LICENSE file for details - taken from ccan. thanks rusty! */ + +#include "utf8.h" +#include <errno.h> +#include <stdlib.h> + +/* I loved this table, so I stole it: */ +/* + * Copyright (c) 2017 Christian Hansen <chansen@cpan.org> + * <https://github.com/chansen/c-utf8-valid> + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR + * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +/* + * UTF-8 Encoding Form + * + * U+0000..U+007F 0xxxxxxx <= 7 bits + * U+0080..U+07FF 110xxxxx 10xxxxxx <= 11 bits + * U+0800..U+FFFF 1110xxxx 10xxxxxx 10xxxxxx <= 16 bits + * U+10000..U+10FFFF 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx <= 21 bits + * + * + * U+0000..U+007F 00..7F + * N C0..C1 80..BF 1100000x 10xxxxxx + * U+0080..U+07FF C2..DF 80..BF + * N E0 80..9F 80..BF 11100000 100xxxxx + * U+0800..U+0FFF E0 A0..BF 80..BF + * U+1000..U+CFFF E1..EC 80..BF 80..BF + * U+D000..U+D7FF ED 80..9F 80..BF + * S ED A0..BF 80..BF 11101101 101xxxxx + * U+E000..U+FFFF EE..EF 80..BF 80..BF + * N F0 80..8F 80..BF 80..BF 11110000 1000xxxx + * U+10000..U+3FFFF F0 90..BF 80..BF 80..BF + * U+40000..U+FFFFF F1..F3 80..BF 80..BF 80..BF + * U+100000..U+10FFFF F4 80..8F 80..BF 80..BF 11110100 1000xxxx + * + * Legend: + * N = Non-shortest form + * S = Surrogates + */ +bool utf8_decode(struct utf8_state *utf8_state, char c) +{ + if (utf8_state->used_len == utf8_state->total_len) { + utf8_state->used_len = 1; + /* First character in sequence. */ + if (((unsigned char)c & 0x80) == 0) { + /* ASCII, easy. */ + if (c == 0) + goto bad_encoding; + utf8_state->total_len = 1; + utf8_state->c = c; + goto finished_decoding; + } else if (((unsigned char)c & 0xE0) == 0xC0) { + utf8_state->total_len = 2; + utf8_state->c = ((unsigned char)c & 0x1F); + return false; + } else if (((unsigned char)c & 0xF0) == 0xE0) { + utf8_state->total_len = 3; + utf8_state->c = ((unsigned char)c & 0x0F); + return false; + } else if (((unsigned char)c & 0xF8) == 0xF0) { + utf8_state->total_len = 4; + utf8_state->c = ((unsigned char)c & 0x07); + return false; + } + goto bad_encoding; + } + + if (((unsigned char)c & 0xC0) != 0x80) + goto bad_encoding; + + utf8_state->c <<= 6; + utf8_state->c |= ((unsigned char)c & 0x3F); + + utf8_state->used_len++; + if (utf8_state->used_len == utf8_state->total_len) + goto finished_decoding; + return false; + +finished_decoding: + if (utf8_state->c == 0 || utf8_state->c > 0x10FFFF) + errno = ERANGE; + /* The UTF-16 "surrogate range": illegal in UTF-8 */ + else if (utf8_state->total_len == 3 + && (utf8_state->c & 0xFFFFF800) == 0x0000D800) + errno = ERANGE; + else { + int min_bits; + switch (utf8_state->total_len) { + case 1: + min_bits = 0; + break; + case 2: + min_bits = 7; + break; + case 3: + min_bits = 11; + break; + case 4: + min_bits = 16; + break; + default: + abort(); + } + if ((utf8_state->c >> min_bits) == 0) + errno = EFBIG; + else + errno = 0; + } + return true; + +bad_encoding: + utf8_state->total_len = utf8_state->used_len; + errno = EINVAL; + return true; +} + +size_t utf8_encode(uint32_t point, char dest[UTF8_MAX_LEN]) +{ + if ((point >> 7) == 0) { + if (point == 0) { + errno = ERANGE; + return 0; + } + /* 0xxxxxxx */ + dest[0] = point; + return 1; + } + + if ((point >> 11) == 0) { + /* 110xxxxx 10xxxxxx */ + dest[1] = 0x80 | (point & 0x3F); + dest[0] = 0xC0 | (point >> 6); + return 2; + } + + if ((point >> 16) == 0) { + if (point >= 0xD800 && point <= 0xDFFF) { + errno = ERANGE; + return 0; + } + /* 1110xxxx 10xxxxxx 10xxxxxx */ + dest[2] = 0x80 | (point & 0x3F); + dest[1] = 0x80 | ((point >> 6) & 0x3F); + dest[0] = 0xE0 | (point >> 12); + return 3; + } + + if (point > 0x10FFFF) { + errno = ERANGE; + return 0; + } + + /* 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx */ + dest[3] = 0x80 | (point & 0x3F); + dest[2] = 0x80 | ((point >> 6) & 0x3F); + dest[1] = 0x80 | ((point >> 12) & 0x3F); + dest[0] = 0xF0 | (point >> 18); + return 4; +} + +/* Check for valid UTF-8 */ +bool utf8_check(const void *vbuf, size_t buflen) +{ + const unsigned char *buf = vbuf; + struct utf8_state utf8_state = UTF8_STATE_INIT; + bool need_more = false; + + for (size_t i = 0; i < buflen; i++) { + if (!utf8_decode(&utf8_state, buf[i])) { + need_more = true; + continue; + } + need_more = false; + if (errno != 0) + return false; + } + return !need_more; +} + diff --git a/bolt11/utf8.h b/bolt11/utf8.h @@ -0,0 +1,57 @@ +/* MIT (BSD) license - see LICENSE file for details */ +#ifndef CCAN_UTF8_H +#define CCAN_UTF8_H +#include <inttypes.h> +#include <stdbool.h> +#include <string.h> + +/* Unicode is limited to 21 bits. */ +#define UTF8_MAX_LEN 4 + +struct utf8_state { + /* How many characters we are expecting as part of this Unicode point */ + uint16_t total_len; + /* How many characters we've already seen. */ + uint16_t used_len; + /* Compound character, aka Unicode point. */ + uint32_t c; +}; + +#define UTF8_STATE_INIT { 0, 0, 0 } + +static inline void utf8_state_init(struct utf8_state *utf8_state) +{ + memset(utf8_state, 0, sizeof(*utf8_state)); +} + +/** + * utf8_decode - continue UTF8 decoding with this character. + * @utf8_state - initialized UTF8 state. + * @c - the character. + * + * Returns false if it needs another character to give results. + * Otherwise returns true, @utf8_state can be reused without initializeation, + * and sets errno: + * 0: success + * EINVAL: bad encoding (including a NUL character). + * EFBIG: not a minimal encoding. + * ERANGE: encoding of invalid character. + * + * You can extract the character from @utf8_state->c; @utf8_state->used_len + * indicates how many characters have been consumed. + */ +bool utf8_decode(struct utf8_state *utf8_state, char c); + +/** + * utf8_encode - encode a point into UTF8. + * @point - Unicode point to include. + * @dest - buffer to fill. + * + * Returns 0 if point was invalid, otherwise bytes of dest used. + * Sets errno to ERANGE if point was invalid. + */ +size_t utf8_encode(uint32_t point, char dest[UTF8_MAX_LEN]); + +/* Check for valid UTF-8 */ +bool utf8_check(const void *vbuf, size_t buflen); +#endif /* CCAN_UTF8_H */ diff --git a/compiler.h b/compiler.h @@ -1,85 +1,317 @@ +/* CC0 (Public domain) - see LICENSE file for details */ +#ifndef CCAN_COMPILER_H +#define CCAN_COMPILER_H +#include "config.h" -#ifndef COMPILER_H -#define COMPILER_H +#ifndef COLD +#if HAVE_ATTRIBUTE_COLD +/** + * COLD - a function is unlikely to be called. + * + * Used to mark an unlikely code path and optimize appropriately. + * It is usually used on logging or error routines. + * + * Example: + * static void COLD moan(const char *reason) + * { + * fprintf(stderr, "Error: %s (%s)\n", reason, strerror(errno)); + * } + */ +#define COLD __attribute__((__cold__)) +#else +#define COLD +#endif +#endif -#include <stdbool.h> -#include <stdlib.h> -#include <string.h> -#include "config.h" +#ifndef NORETURN +#if HAVE_ATTRIBUTE_NORETURN +/** + * NORETURN - a function does not return + * + * Used to mark a function which exits; useful for suppressing warnings. + * + * Example: + * static void NORETURN fail(const char *reason) + * { + * fprintf(stderr, "Error: %s (%s)\n", reason, strerror(errno)); + * exit(1); + * } + */ +#define NORETURN __attribute__((__noreturn__)) +#else +#define NORETURN +#endif +#endif -#if HAVE_UNALIGNED_ACCESS -#define alignment_ok(p, n) 1 +#ifndef PRINTF_FMT +#if HAVE_ATTRIBUTE_PRINTF +/** + * PRINTF_FMT - a function takes printf-style arguments + * @nfmt: the 1-based number of the function's format argument. + * @narg: the 1-based number of the function's first variable argument. + * + * This allows the compiler to check your parameters as it does for printf(). + * + * Example: + * void PRINTF_FMT(2,3) my_printf(const char *prefix, const char *fmt, ...); + */ +#define PRINTF_FMT(nfmt, narg) \ + __attribute__((format(__printf__, nfmt, narg))) #else -#define alignment_ok(p, n) ((size_t)(p) % (n) == 0) +#define PRINTF_FMT(nfmt, narg) +#endif #endif +#ifndef CONST_FUNCTION +#if HAVE_ATTRIBUTE_CONST +/** + * CONST_FUNCTION - a function's return depends only on its argument + * + * This allows the compiler to assume that the function will return the exact + * same value for the exact same arguments. This implies that the function + * must not use global variables, or dereference pointer arguments. + */ +#define CONST_FUNCTION __attribute__((__const__)) +#else +#define CONST_FUNCTION +#endif + +#ifndef PURE_FUNCTION +#if HAVE_ATTRIBUTE_PURE +/** + * PURE_FUNCTION - a function is pure + * + * A pure function is one that has no side effects other than it's return value + * and uses no inputs other than it's arguments and global variables. + */ +#define PURE_FUNCTION __attribute__((__pure__)) +#else +#define PURE_FUNCTION +#endif +#endif +#endif + +#if HAVE_ATTRIBUTE_UNUSED +#ifndef UNNEEDED +/** + * UNNEEDED - a variable/function may not be needed + * + * This suppresses warnings about unused variables or functions, but tells + * the compiler that if it is unused it need not emit it into the source code. + * + * Example: + * // With some preprocessor options, this is unnecessary. + * static UNNEEDED int counter; + * + * // With some preprocessor options, this is unnecessary. + * static UNNEEDED void add_to_counter(int add) + * { + * counter += add; + * } + */ +#define UNNEEDED __attribute__((__unused__)) +#endif + +#ifndef NEEDED +#if HAVE_ATTRIBUTE_USED +/** + * NEEDED - a variable/function is needed + * + * This suppresses warnings about unused variables or functions, but tells + * the compiler that it must exist even if it (seems) unused. + * + * Example: + * // Even if this is unused, these are vital for debugging. + * static NEEDED int counter; + * static NEEDED void dump_counter(void) + * { + * printf("Counter is %i\n", counter); + * } + */ +#define NEEDED __attribute__((__used__)) +#else +/* Before used, unused functions and vars were always emitted. */ +#define NEEDED __attribute__((__unused__)) +#endif +#endif + +#ifndef UNUSED +/** + * UNUSED - a parameter is unused + * + * Some compilers (eg. gcc with -W or -Wunused) warn about unused + * function parameters. This suppresses such warnings and indicates + * to the reader that it's deliberate. + * + * Example: + * // This is used as a callback, so needs to have this prototype. + * static int some_callback(void *unused UNUSED) + * { + * return 0; + * } + */ #define UNUSED __attribute__((__unused__)) +#endif +#else +#ifndef UNNEEDED +#define UNNEEDED +#endif +#ifndef NEEDED +#define NEEDED +#endif +#ifndef UNUSED +#define UNUSED +#endif +#endif + +#ifndef IS_COMPILE_CONSTANT +#if HAVE_BUILTIN_CONSTANT_P +/** + * IS_COMPILE_CONSTANT - does the compiler know the value of this expression? + * @expr: the expression to evaluate + * + * When an expression manipulation is complicated, it is usually better to + * implement it in a function. However, if the expression being manipulated is + * known at compile time, it is better to have the compiler see the entire + * expression so it can simply substitute the result. + * + * This can be done using the IS_COMPILE_CONSTANT() macro. + * + * Example: + * enum greek { ALPHA, BETA, GAMMA, DELTA, EPSILON }; + * + * // Out-of-line version. + * const char *greek_name(enum greek greek); + * + * // Inline version. + * static inline const char *_greek_name(enum greek greek) + * { + * switch (greek) { + * case ALPHA: return "alpha"; + * case BETA: return "beta"; + * case GAMMA: return "gamma"; + * case DELTA: return "delta"; + * case EPSILON: return "epsilon"; + * default: return "**INVALID**"; + * } + * } + * + * // Use inline if compiler knows answer. Otherwise call function + * // to avoid copies of the same code everywhere. + * #define greek_name(g) \ + * (IS_COMPILE_CONSTANT(greek) ? _greek_name(g) : greek_name(g)) + */ +#define IS_COMPILE_CONSTANT(expr) __builtin_constant_p(expr) +#else +/* If we don't know, assume it's not. */ +#define IS_COMPILE_CONSTANT(expr) 0 +#endif +#endif + +#ifndef WARN_UNUSED_RESULT +#if HAVE_WARN_UNUSED_RESULT +/** + * WARN_UNUSED_RESULT - warn if a function return value is unused. + * + * Used to mark a function where it is extremely unlikely that the caller + * can ignore the result, eg realloc(). + * + * Example: + * // buf param may be freed by this; need return value! + * static char *WARN_UNUSED_RESULT enlarge(char *buf, unsigned *size) + * { + * return realloc(buf, (*size) *= 2); + * } + */ +#define WARN_UNUSED_RESULT __attribute__((__warn_unused_result__)) +#else +#define WARN_UNUSED_RESULT +#endif +#endif + +#if HAVE_ATTRIBUTE_DEPRECATED /** - * BUILD_ASSERT - assert a build-time dependency. - * @cond: the compile-time condition which must be true. + * WARN_DEPRECATED - warn that a function/type/variable is deprecated when used. * - * Your compile will fail if the condition isn't true, or can't be evaluated - * by the compiler. This can only be used within a function. + * Used to mark a function, type or variable should not be used. * * Example: - * #include <stddef.h> - * ... - * static char *foo_to_char(struct foo *foo) - * { - * // This code needs string to be at start of foo. - * BUILD_ASSERT(offsetof(struct foo, string) == 0); - * return (char *)foo; - * } + * WARN_DEPRECATED char *oldfunc(char *buf); */ -#define BUILD_ASSERT(cond) \ - do { (void) sizeof(char [1 - 2*!(cond)]); } while(0) +#define WARN_DEPRECATED __attribute__((__deprecated__)) +#else +#define WARN_DEPRECATED +#endif + +#if HAVE_ATTRIBUTE_NONNULL /** - * BUILD_ASSERT_OR_ZERO - assert a build-time dependency, as an expression. - * @cond: the compile-time condition which must be true. + * NO_NULL_ARGS - specify that no arguments to this function can be NULL. * - * Your compile will fail if the condition isn't true, or can't be evaluated - * by the compiler. This can be used in an expression: its value is "0". + * The compiler will warn if any pointer args are NULL. * * Example: - * #define foo_to_char(foo) \ - * ((char *)(foo) \ - * + BUILD_ASSERT_OR_ZERO(offsetof(struct foo, string) == 0)) + * NO_NULL_ARGS char *my_copy(char *buf); */ -#define BUILD_ASSERT_OR_ZERO(cond) \ - (sizeof(char [1 - 2*!(cond)]) - 1) +#define NO_NULL_ARGS __attribute__((__nonnull__)) -#define memclear(mem, size) memset(mem, 0, size) -#define memclear_2(m1, s1, m2, s2) { memclear(m1, s1); memclear(m2, s2); } -#define memclear_3(m1, s1, m2, s2, m3, s3) { memclear(m1, s1); memclear(m2, s2); memclear(m3, s3); } +/** + * NON_NULL_ARGS - specify that some arguments to this function can't be NULL. + * @...: 1-based argument numbers for which args can't be NULL. + * + * The compiler will warn if any of the specified pointer args are NULL. + * + * Example: + * char *my_copy2(char *buf, char *maybenull) NON_NULL_ARGS(1); + */ +#define NON_NULL_ARGS(...) __attribute__((__nonnull__(__VA_ARGS__))) +#else +#define NO_NULL_ARGS +#define NON_NULL_ARGS(...) +#endif -static inline void *memcheck_(const void *data, size_t len) -{ - (void)len; - return (void *)data; -} +#if HAVE_ATTRIBUTE_RETURNS_NONNULL +/** + * RETURNS_NONNULL - specify that this function cannot return NULL. + * + * Mainly an optimization opportunity, but can also suppress warnings. + * + * Example: + * RETURNS_NONNULL char *my_copy(char *buf); + */ +#define RETURNS_NONNULL __attribute__((__returns_nonnull__)) +#else +#define RETURNS_NONNULL +#endif -#if HAVE_TYPEOF +#if HAVE_ATTRIBUTE_SENTINEL /** - * memcheck - check that a memory region is initialized - * @data: start of region - * @len: length in bytes + * LAST_ARG_NULL - specify the last argument of a variadic function must be NULL. * - * When running under valgrind, this causes an error to be printed - * if the entire region is not defined. Otherwise valgrind only - * reports an error when an undefined value is used for a branch, or - * written out. + * The compiler will warn if the last argument isn't NULL. * * Example: - * // Search for space, but make sure it's all initialized. - * if (memchr(memcheck(somebytes, bytes_len), ' ', bytes_len)) { - * printf("space was found!\n"); - * } + * char *join_string(char *buf, ...) LAST_ARG_NULL; */ -#define memcheck(data, len) ((__typeof__((data)+0))memcheck_((data), (len))) +#define LAST_ARG_NULL __attribute__((__sentinel__)) #else -#define memcheck(data, len) memcheck_((data), (len)) +#define LAST_ARG_NULL #endif -#endif /* COMPILER_H */ +#if HAVE_BUILTIN_CPU_SUPPORTS +/** + * cpu_supports - test if current CPU supports the named feature. + * + * This takes a literal string, and currently only works on glibc platforms. + * + * Example: + * if (cpu_supports("mmx")) + * printf("MMX support engaged!\n"); + */ +#define cpu_supports(x) __builtin_cpu_supports(x) +#else +#define cpu_supports(x) 0 +#endif /* HAVE_BUILTIN_CPU_SUPPORTS */ + +#endif /* CCAN_COMPILER_H */ diff --git a/cursor.h b/cursor.h @@ -3,15 +3,13 @@ #define JB55_CURSOR_H #include "typedefs.h" +#include "bolt11/likely.h" #include <stdio.h> #include <ctype.h> #include <assert.h> #include <string.h> -#define unlikely(x) __builtin_expect((x),0) -#define likely(x) __builtin_expect((x),1) - struct cursor { unsigned char *start; unsigned char *p; diff --git a/nostr_bech32.c b/nostr_bech32.c @@ -0,0 +1,306 @@ +// +// nostr_bech32.c +// damus +// +// Created by William Casarin on 2023-04-09. +// + +#include "nostr_bech32.h" +#include <stdlib.h> +#include "cursor.h" +#include "bech32.h" + +#define MAX_TLVS 16 + +#define TLV_SPECIAL 0 +#define TLV_RELAY 1 +#define TLV_AUTHOR 2 +#define TLV_KIND 3 +#define TLV_KNOWN_TLVS 4 + +struct nostr_tlv { + u8 type; + u8 len; + const u8 *value; +}; + +struct nostr_tlvs { + struct nostr_tlv tlvs[MAX_TLVS]; + int num_tlvs; +}; + +static int parse_nostr_tlv(struct cursor *cur, struct nostr_tlv *tlv) { + // get the tlv tag + if (!pull_byte(cur, &tlv->type)) + return 0; + + // unknown, fail! + if (tlv->type >= TLV_KNOWN_TLVS) + return 0; + + // get the length + if (!pull_byte(cur, &tlv->len)) + return 0; + + // is the reported length greater then our buffer? if so fail + if (cur->p + tlv->len > cur->end) + return 0; + + tlv->value = cur->p; + cur->p += tlv->len; + + return 1; +} + +static int parse_nostr_tlvs(struct cursor *cur, struct nostr_tlvs *tlvs) { + int i; + tlvs->num_tlvs = 0; + + for (i = 0; i < MAX_TLVS; i++) { + if (parse_nostr_tlv(cur, &tlvs->tlvs[i])) { + tlvs->num_tlvs++; + } else { + break; + } + } + + if (tlvs->num_tlvs == 0) + return 0; + + return 1; +} + +static int find_tlv(struct nostr_tlvs *tlvs, u8 type, struct nostr_tlv **tlv) { + *tlv = NULL; + + for (int i = 0; i < tlvs->num_tlvs; i++) { + if (tlvs->tlvs[i].type == type) { + *tlv = &tlvs->tlvs[i]; + return 1; + } + } + + return 0; +} + +static int parse_nostr_bech32_type(const char *prefix, enum nostr_bech32_type *type) { + // Parse type + if (strcmp(prefix, "note") == 0) { + *type = NOSTR_BECH32_NOTE; + return 1; + } else if (strcmp(prefix, "npub") == 0) { + *type = NOSTR_BECH32_NPUB; + return 1; + } else if (strcmp(prefix, "nsec") == 0) { + *type = NOSTR_BECH32_NSEC; + return 1; + } else if (strcmp(prefix, "nprofile") == 0) { + *type = NOSTR_BECH32_NPROFILE; + return 1; + } else if (strcmp(prefix, "nevent") == 0) { + *type = NOSTR_BECH32_NEVENT; + return 1; + } else if (strcmp(prefix, "nrelay") == 0) { + *type = NOSTR_BECH32_NRELAY; + return 1; + } else if (strcmp(prefix, "naddr") == 0) { + *type = NOSTR_BECH32_NADDR; + return 1; + } + + return 0; +} + +static int parse_nostr_bech32_note(struct cursor *cur, struct bech32_note *note) { + return pull_bytes(cur, 32, &note->event_id); +} + +static int parse_nostr_bech32_npub(struct cursor *cur, struct bech32_npub *npub) { + return pull_bytes(cur, 32, &npub->pubkey); +} + +static int parse_nostr_bech32_nsec(struct cursor *cur, struct bech32_nsec *nsec) { + return pull_bytes(cur, 32, &nsec->nsec); +} + +static int tlvs_to_relays(struct nostr_tlvs *tlvs, struct relays *relays) { + struct nostr_tlv *tlv; + struct str_block *str; + + relays->num_relays = 0; + + for (int i = 0; i < tlvs->num_tlvs; i++) { + tlv = &tlvs->tlvs[i]; + if (tlv->type != TLV_RELAY) + continue; + + if (relays->num_relays + 1 > MAX_RELAYS) + break; + + str = &relays->relays[relays->num_relays++]; + str->start = (const char*)tlv->value; + str->end = (const char*)(tlv->value + tlv->len); + } + + return 1; +} + +static int parse_nostr_bech32_nevent(struct cursor *cur, struct bech32_nevent *nevent) { + struct nostr_tlvs tlvs; + struct nostr_tlv *tlv; + + if (!parse_nostr_tlvs(cur, &tlvs)) + return 0; + + if (!find_tlv(&tlvs, TLV_SPECIAL, &tlv)) + return 0; + + if (tlv->len != 32) + return 0; + + nevent->event_id = tlv->value; + + if (find_tlv(&tlvs, TLV_AUTHOR, &tlv)) { + nevent->pubkey = tlv->value; + } else { + nevent->pubkey = NULL; + } + + return tlvs_to_relays(&tlvs, &nevent->relays); +} + +static int parse_nostr_bech32_naddr(struct cursor *cur, struct bech32_naddr *naddr) { + struct nostr_tlvs tlvs; + struct nostr_tlv *tlv; + + if (!parse_nostr_tlvs(cur, &tlvs)) + return 0; + + if (!find_tlv(&tlvs, TLV_SPECIAL, &tlv)) + return 0; + + naddr->identifier.start = (const char*)tlv->value; + naddr->identifier.end = (const char*)tlv->value + tlv->len; + + if (!find_tlv(&tlvs, TLV_AUTHOR, &tlv)) + return 0; + + naddr->pubkey = tlv->value; + + return tlvs_to_relays(&tlvs, &naddr->relays); +} + +static int parse_nostr_bech32_nprofile(struct cursor *cur, struct bech32_nprofile *nprofile) { + struct nostr_tlvs tlvs; + struct nostr_tlv *tlv; + + if (!parse_nostr_tlvs(cur, &tlvs)) + return 0; + + if (!find_tlv(&tlvs, TLV_SPECIAL, &tlv)) + return 0; + + if (tlv->len != 32) + return 0; + + nprofile->pubkey = tlv->value; + + return tlvs_to_relays(&tlvs, &nprofile->relays); +} + +static int parse_nostr_bech32_nrelay(struct cursor *cur, struct bech32_nrelay *nrelay) { + struct nostr_tlvs tlvs; + struct nostr_tlv *tlv; + + if (!parse_nostr_tlvs(cur, &tlvs)) + return 0; + + if (!find_tlv(&tlvs, TLV_SPECIAL, &tlv)) + return 0; + + nrelay->relay.start = (const char*)tlv->value; + nrelay->relay.end = (const char*)tlv->value + tlv->len; + + return 1; +} + +int parse_nostr_bech32(struct cursor *cur, struct nostr_bech32 *obj) { + u8 *start, *end; + + start = cur->p; + + if (!consume_until_non_alphanumeric(cur, 1)) { + cur->p = start; + return 0; + } + + end = cur->p; + + size_t data_len; + size_t input_len = end - start; + if (input_len < 10 || input_len > 10000) { + return 0; + } + + obj->buffer = malloc(input_len * 2); + if (!obj->buffer) + return 0; + + u8 data[input_len]; + char prefix[input_len]; + + if (bech32_decode_len(prefix, data, &data_len, (const char*)start, input_len) == BECH32_ENCODING_NONE) { + cur->p = start; + return 0; + } + + obj->buflen = 0; + if (!bech32_convert_bits(obj->buffer, &obj->buflen, 8, data, data_len, 5, 0)) { + goto fail; + } + + if (!parse_nostr_bech32_type(prefix, &obj->type)) { + goto fail; + } + + struct cursor bcur; + make_cursor(obj->buffer, obj->buffer + obj->buflen, &bcur); + + switch (obj->type) { + case NOSTR_BECH32_NOTE: + if (!parse_nostr_bech32_note(&bcur, &obj->data.note)) + goto fail; + break; + case NOSTR_BECH32_NPUB: + if (!parse_nostr_bech32_npub(&bcur, &obj->data.npub)) + goto fail; + break; + case NOSTR_BECH32_NSEC: + if (!parse_nostr_bech32_nsec(&bcur, &obj->data.nsec)) + goto fail; + break; + case NOSTR_BECH32_NEVENT: + if (!parse_nostr_bech32_nevent(&bcur, &obj->data.nevent)) + goto fail; + break; + case NOSTR_BECH32_NADDR: + if (!parse_nostr_bech32_naddr(&bcur, &obj->data.naddr)) + goto fail; + break; + case NOSTR_BECH32_NPROFILE: + if (!parse_nostr_bech32_nprofile(&bcur, &obj->data.nprofile)) + goto fail; + break; + case NOSTR_BECH32_NRELAY: + if (!parse_nostr_bech32_nrelay(&bcur, &obj->data.nrelay)) + goto fail; + break; + } + + return 1; + +fail: + free(obj->buffer); + cur->p = start; + return 0; +} diff --git a/nostr_bech32.h b/nostr_bech32.h @@ -0,0 +1,84 @@ +// +// nostr_bech32.h +// damus +// +// Created by William Casarin on 2023-04-09. +// + +#ifndef nostr_bech32_h +#define nostr_bech32_h + +#include <stdio.h> +#include "str_block.h" +#include "cursor.h" +typedef unsigned char u8; +#define MAX_RELAYS 10 + +struct relays { + struct str_block relays[MAX_RELAYS]; + int num_relays; +}; + +enum nostr_bech32_type { + NOSTR_BECH32_NOTE = 1, + NOSTR_BECH32_NPUB = 2, + NOSTR_BECH32_NPROFILE = 3, + NOSTR_BECH32_NEVENT = 4, + NOSTR_BECH32_NRELAY = 5, + NOSTR_BECH32_NADDR = 6, + NOSTR_BECH32_NSEC = 7, +}; + +struct bech32_note { + const u8 *event_id; +}; + +struct bech32_npub { + const u8 *pubkey; +}; + +struct bech32_nsec { + const u8 *nsec; +}; + +struct bech32_nevent { + struct relays relays; + const u8 *event_id; + const u8 *pubkey; // optional +}; + +struct bech32_nprofile { + struct relays relays; + const u8 *pubkey; +}; + +struct bech32_naddr { + struct relays relays; + struct str_block identifier; + const u8 *pubkey; +}; + +struct bech32_nrelay { + struct str_block relay; +}; + +typedef struct nostr_bech32 { + enum nostr_bech32_type type; + u8 *buffer; // holds strings and tlv stuff + size_t buflen; + + union { + struct bech32_note note; + struct bech32_npub npub; + struct bech32_nsec nsec; + struct bech32_nevent nevent; + struct bech32_nprofile nprofile; + struct bech32_naddr naddr; + struct bech32_nrelay nrelay; + } data; +} nostr_bech32_t; + + +int parse_nostr_bech32(struct cursor *cur, struct nostr_bech32 *obj); + +#endif /* nostr_bech32_h */ diff --git a/nostrdb.c b/nostrdb.c @@ -5,6 +5,8 @@ #include "cursor.h" #include "random.h" #include "sha256.h" +#include "bolt11/bolt11.h" +#include "bolt11/amount.h" #include "lmdb.h" #include "util.h" #include "cpu.h" diff --git a/test.c b/test.c @@ -2,6 +2,8 @@ #include "nostrdb.h" #include "hex.h" #include "io.h" +#include "bolt11/bolt11.h" +#include "bolt11/amount.h" #include "protected_queue.h" #include "memchr.h" #include "print_util.h"