lightningd: fail too-large txs *before* opening channel.

rustyrussell · rustyrussell · commit 27b98892f745 · 2025-05-06T12:27:53.000+09:30
Due to a bug elsewhere I actually triggered this path, and it
broadcast the tx anyway, *then* closed the channel.  We should abandon
the channel if we can, instead.

Signed-off-by: Rusty Russell &lt;rusty@rustcorp.com.au&gt;
diff --git a/lightningd/dual_open_control.c b/lightningd/dual_open_control.c
@@ -1825,7 +1825,7 @@ static void handle_peer_tx_sigs_sent(struct subd *dualopend,
 	    !inflight->tx_broadcast) {
 		inflight->tx_broadcast = true;
 
-		wtx = psbt_final_tx(NULL, inflight->funding_psbt);
+		wtx = psbt_final_tx(tmpctx, inflight->funding_psbt);
 		if (!wtx) {
 			channel_internal_error(channel,
 					       "Unable to extract final tx"
@@ -1835,29 +1835,6 @@ static void handle_peer_tx_sigs_sent(struct subd *dualopend,
 			return;
 		}
 
-		/* Saves the now finalized version of the psbt */
-		wallet_inflight_save(dualopend->ld->wallet, inflight);
-		send_funding_tx(channel, take(wtx));
-
-		/* Must be in an "init" state */
-		assert(channel->state == DUALOPEND_OPEN_COMMITTED
-		       || channel->state == DUALOPEND_AWAITING_LOCKIN);
-
-		channel_set_state(channel, channel->state,
-				  DUALOPEND_AWAITING_LOCKIN,
-				  REASON_UNKNOWN,
-				  "Sigs exchanged, waiting for lock-in");
-
-		/* Mimic the old behavior, notify a channel has been opened,
-		 * for the accepter side */
-		if (channel->opener == REMOTE)
-			/* Tell plugins about the success */
-			notify_channel_opened(dualopend->ld,
-					      &channel->peer->id,
-					      &channel->funding_sats,
-					      &channel->funding.txid,
-					      channel->remote_channel_ready);
-
 		/* BOLT #2
 		 * The receiving node:  ...
 		 * - MUST fail the channel if:
@@ -1879,7 +1856,31 @@ static void handle_peer_tx_sigs_sent(struct subd *dualopend,
 			/* Notify the peer we're failing */
 			subd_send_msg(dualopend,
 				      take(towire_dualopend_fail(NULL, errmsg)));
+			return;
 		}
+
+		/* Saves the now finalized version of the psbt */
+		wallet_inflight_save(dualopend->ld->wallet, inflight);
+		send_funding_tx(channel, take(wtx));
+
+		/* Must be in an "init" state */
+		assert(channel->state == DUALOPEND_OPEN_COMMITTED
+		       || channel->state == DUALOPEND_AWAITING_LOCKIN);
+
+		channel_set_state(channel, channel->state,
+				  DUALOPEND_AWAITING_LOCKIN,
+				  REASON_UNKNOWN,
+				  "Sigs exchanged, waiting for lock-in");
+
+		/* Mimic the old behavior, notify a channel has been opened,
+		 * for the accepter side */
+		if (channel->opener == REMOTE)
+			/* Tell plugins about the success */
+			notify_channel_opened(dualopend->ld,
+					      &channel->peer->id,
+					      &channel->funding_sats,
+					      &channel->funding.txid,
+					      channel->remote_channel_ready);
 	}
 }
 
@@ -2170,7 +2171,7 @@ static void handle_peer_tx_sigs_msg(struct subd *dualopend,
 
 		/* Saves the now finalized version of the psbt */
 		wallet_inflight_save(ld->wallet, inflight);
-		wtx = psbt_final_tx(NULL, inflight->funding_psbt);
+		wtx = psbt_final_tx(tmpctx, inflight->funding_psbt);
 		if (!wtx) {
 			channel_internal_error(channel,
 					       "Unable to extract final tx"
@@ -2180,26 +2181,6 @@ static void handle_peer_tx_sigs_msg(struct subd *dualopend,
 			return;
 		}
 
-		send_funding_tx(channel, take(wtx));
-
-		assert(channel->state == DUALOPEND_OPEN_COMMITTED
-		       /* We might be reconnecting */
-		       || channel->state == DUALOPEND_AWAITING_LOCKIN);
-		channel_set_state(channel, channel->state,
-				  DUALOPEND_AWAITING_LOCKIN,
-				  REASON_UNKNOWN,
-				  "Sigs exchanged, waiting for lock-in");
-
-		/* Mimic the old behavior, notify a channel has been opened,
-		 * for the accepter side */
-		if (channel->opener == REMOTE)
-			/* Tell plugins about the success */
-			notify_channel_opened(dualopend->ld,
-					      &channel->peer->id,
-					      &channel->funding_sats,
-					      &channel->funding.txid,
-					      channel->remote_channel_ready);
-
 		/* BOLT #2
 		 * The receiving node:  ...
 		 * - MUST fail the channel if:
@@ -2221,7 +2202,28 @@ static void handle_peer_tx_sigs_msg(struct subd *dualopend,
 			/* Notify the peer we're failing */
 			subd_send_msg(dualopend,
 				      take(towire_dualopend_fail(NULL, errmsg)));
+			return;
 		}
+		send_funding_tx(channel, take(wtx));
+
+		assert(channel->state == DUALOPEND_OPEN_COMMITTED
+		       /* We might be reconnecting */
+		       || channel->state == DUALOPEND_AWAITING_LOCKIN);
+		channel_set_state(channel, channel->state,
+				  DUALOPEND_AWAITING_LOCKIN,
+				  REASON_UNKNOWN,
+				  "Sigs exchanged, waiting for lock-in");
+
+		/* Mimic the old behavior, notify a channel has been opened,
+		 * for the accepter side */
+		if (channel->opener == REMOTE)
+			/* Tell plugins about the success */
+			notify_channel_opened(dualopend->ld,
+					      &channel->peer->id,
+					      &channel->funding_sats,
+					      &channel->funding.txid,
+					      channel->remote_channel_ready);
+
 	}
 
 	/* Send notification with peer's signed PSBT */
