Skip to content

Commit 9444927

Browse files
guggeroellemouton
guggero
authored and
ellemouton
committed
terminal: tag and detect super macaroon
Because we're now potentially baking more than just one internal supermacaroon, we can't compare it with that single macaroon anymore. Instead we mark the super macaroons with a specific ID that we can then later use to detect it again.
1 parent 1ff2411 commit 9444927

File tree

1 file changed

+8
-15
lines changed

1 file changed

+8
-15
lines changed

terminal.go

Lines changed: 8 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -218,11 +218,7 @@ func (g *LightningTerminal) Run() error {
218218
),
219219
}
220220
allOpts = append(allOpts, opts...)
221-
mailboxGrpcServer := grpc.NewServer(allOpts...)
222-
223-
_ = g.RegisterGrpcSubserver(mailboxGrpcServer)
224-
225-
return mailboxGrpcServer
221+
return grpc.NewServer(allOpts...)
226222
},
227223
)
228224
g.sessionRpcServer = &sessionRpcServer{
@@ -509,7 +505,10 @@ func (g *LightningTerminal) startSubservers() error {
509505
// faraday, loop, and pool, all at the same time.
510506
ctx := context.Background()
511507
superMacaroon, err := bakeSuperMacaroon(
512-
ctx, g.basicClient, 0, getAllPermissions(false), nil,
508+
ctx, g.basicClient, session.NewSuperMacaroonRootKeyID(
509+
[4]byte{},
510+
),
511+
getAllPermissions(false), nil,
513512
)
514513
if err != nil {
515514
return err
@@ -654,8 +653,7 @@ func (g *LightningTerminal) ValidateMacaroon(ctx context.Context,
654653
// which we can just pass straight to lnd for validation. But the user
655654
// might still be using a specific macaroon, which should be handled the
656655
// same as before.
657-
isSuperMacaroon := macHex == g.rpcProxy.superMacaroon
658-
if g.cfg.LndMode == ModeIntegrated && isSuperMacaroon {
656+
if g.cfg.LndMode == ModeIntegrated && session.IsSuperMacaroon(macHex) {
659657
macBytes, err := hex.DecodeString(macHex)
660658
if err != nil {
661659
return err
@@ -1160,23 +1158,18 @@ func bakeSuperMacaroon(ctx context.Context, lnd lnrpc.LightningClient,
11601158
return "", err
11611159
}
11621160

1163-
macBytes, err := hex.DecodeString(res.Macaroon)
1161+
mac, err := session.ParseMacaroon(res.Macaroon)
11641162
if err != nil {
11651163
return "", err
11661164
}
11671165

1168-
var mac macaroon.Macaroon
1169-
if err := mac.UnmarshalBinary(macBytes); err != nil {
1170-
return "", err
1171-
}
1172-
11731166
for _, caveat := range caveats {
11741167
if err := mac.AddFirstPartyCaveat(caveat.Id); err != nil {
11751168
return "", err
11761169
}
11771170
}
11781171

1179-
macBytes, err = mac.MarshalBinary()
1172+
macBytes, err := mac.MarshalBinary()
11801173
if err != nil {
11811174
return "", err
11821175
}

0 commit comments

Comments
 (0)