Skip to content

Commit a49422f

Browse files
accounts: disallow requests after critical errors
1 parent bd8993e commit a49422f

File tree

6 files changed

+201
-20
lines changed

6 files changed

+201
-20
lines changed

accounts/checkers_test.go

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -85,6 +85,10 @@ func (m *mockService) RemovePayment(hash lntypes.Hash) error {
8585
return nil
8686
}
8787

88+
func (*mockService) IsRunning() bool {
89+
return true
90+
}
91+
8892
var _ Service = (*mockService)(nil)
8993

9094
// TestAccountChecker makes sure all round trip checkers can be instantiated

accounts/interceptor.go

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -52,6 +52,17 @@ func (s *InterceptorService) Intercept(ctx context.Context,
5252
s.requestMtx.Lock()
5353
defer s.requestMtx.Unlock()
5454

55+
// If the account service is not running, we reject all requests.
56+
// Note that this is by no means a guarantee that the account service
57+
// will be running throughout processing the request, but at least we
58+
// can stop requests early if the service was already disabled when the
59+
// request came in.
60+
if !s.IsRunning() {
61+
return mid.RPCErrString(
62+
req, "the account service has been stopped",
63+
)
64+
}
65+
5566
mac := &macaroon.Macaroon{}
5667
err := mac.UnmarshalBinary(req.RawMacaroon)
5768
if err != nil {

accounts/interface.go

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -160,6 +160,12 @@ var (
160160
ErrNotSupportedWithAccounts = errors.New("this RPC call is not " +
161161
"supported with restricted account macaroons")
162162

163+
// ErrAccountServiceDisabled is the error that is returned when the
164+
// account service has been disabled due to an error being thrown
165+
// in the service that cannot be recovered from.
166+
ErrAccountServiceDisabled = errors.New("the account service has been " +
167+
"stopped")
168+
163169
// MacaroonPermissions are the permissions required for an account
164170
// macaroon.
165171
MacaroonPermissions = []bakery.Op{{
@@ -240,4 +246,7 @@ type Service interface {
240246
// longer needs to be tracked. The payment is certain to never succeed,
241247
// so we never need to debit the amount from the account.
242248
RemovePayment(hash lntypes.Hash) error
249+
250+
// IsRunning returns true if the service can be used.
251+
IsRunning() bool
243252
}

accounts/rpcserver.go

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -53,6 +53,10 @@ func (s *RPCServer) CreateAccount(ctx context.Context,
5353
log.Infof("[createaccount] label=%v, balance=%d, expiration=%d",
5454
req.Label, req.AccountBalance, req.ExpirationDate)
5555

56+
if !s.service.IsRunning() {
57+
return nil, ErrAccountServiceDisabled
58+
}
59+
5660
var (
5761
balanceMsat lnwire.MilliSatoshi
5862
expirationDate time.Time
@@ -115,6 +119,10 @@ func (s *RPCServer) UpdateAccount(_ context.Context,
115119
log.Infof("[updateaccount] id=%s, label=%v, balance=%d, expiration=%d",
116120
req.Id, req.Label, req.AccountBalance, req.ExpirationDate)
117121

122+
if !s.service.IsRunning() {
123+
return nil, ErrAccountServiceDisabled
124+
}
125+
118126
accountID, err := s.findAccount(req.Id, req.Label)
119127
if err != nil {
120128
return nil, err
@@ -138,6 +146,10 @@ func (s *RPCServer) ListAccounts(context.Context,
138146

139147
log.Info("[listaccounts]")
140148

149+
if !s.service.IsRunning() {
150+
return nil, ErrAccountServiceDisabled
151+
}
152+
141153
// Retrieve all accounts from the macaroon account store.
142154
accts, err := s.service.Accounts()
143155
if err != nil {
@@ -163,6 +175,10 @@ func (s *RPCServer) AccountInfo(_ context.Context,
163175

164176
log.Infof("[accountinfo] id=%v, label=%v", req.Id, req.Label)
165177

178+
if !s.service.IsRunning() {
179+
return nil, ErrAccountServiceDisabled
180+
}
181+
166182
accountID, err := s.findAccount(req.Id, req.Label)
167183
if err != nil {
168184
return nil, err
@@ -183,6 +199,10 @@ func (s *RPCServer) RemoveAccount(_ context.Context,
183199

184200
log.Infof("[removeaccount] id=%v, label=%v", req.Id, req.Label)
185201

202+
if !s.service.IsRunning() {
203+
return nil, ErrAccountServiceDisabled
204+
}
205+
186206
accountID, err := s.findAccount(req.Id, req.Label)
187207
if err != nil {
188208
return nil, err

0 commit comments

Comments
 (0)