From cda97eaf34ba9ecae720aba52039fa5c225b00db Mon Sep 17 00:00:00 2001 From: ziggie Date: Wed, 2 Oct 2024 11:29:57 +0200 Subject: [PATCH] Fix Password for lnd instance. --- docker-initunlocklnd.sh | 43 +++++++++++++++++++++++++++-------------- 1 file changed, 28 insertions(+), 15 deletions(-) diff --git a/docker-initunlocklnd.sh b/docker-initunlocklnd.sh index 7e61a37691f..5b42d0f4cf6 100755 --- a/docker-initunlocklnd.sh +++ b/docker-initunlocklnd.sh @@ -15,13 +15,13 @@ while fi STATUS_CODE=$(curl -s --cacert "$CA_CERT" -H $MACAROON_HEADER -o /dev/null -w "%{http_code}" $LND_REST_LISTEN_HOST/v1/getinfo) - # if lnd is running it'll either return 200 if unlocked (noseedbackup=1) or 404 if it needs initialization/unlock - if [ "$STATUS_CODE" == "200" ] || [ "$STATUS_CODE" == "404" ] ; then + # if lnd is running it'll either return 200 if unlocked (noseedbackup=1) or 404 if it needs initialization/unlock + if [ "$STATUS_CODE" == "200" ] || [ "$STATUS_CODE" == "404" ]; then break # or 500 from version 0.13.1 onwards because it breaks with `wallet not created, create one to enable full RPC access` error - elif [ "$STATUS_CODE" == "500" ] ; then + elif [ "$STATUS_CODE" == "500" ]; then STATUS_CODE=$(curl -s --cacert "$CA_CERT" -H $MACAROON_HEADER $LND_REST_LISTEN_HOST/v1/state) - if [ "$STATUS_CODE" == "{\"state\":\"NON_EXISTING\"}" ] || [ "$STATUS_CODE" == "{\"state\":\"LOCKED\"}" ] ; then + if [ "$STATUS_CODE" == "{\"state\":\"NON_EXISTING\"}" ] || [ "$STATUS_CODE" == "{\"state\":\"LOCKED\"}" ]; then break # wallet ready to be either created or unlocked fi # for {\"state\":\"UNLOCKED\"}" we will depend on that previous condition with STATUS_CODE 200 or 404 @@ -56,16 +56,29 @@ if [ -f "$WALLET_FILE" ]; then WALLETPASS=$(jq -c -r '.wallet_password' $LNDUNLOCK_FILE) # Nicolas deleted default password in some wallet unlock files, so we initializing default if password is empty [ "$WALLETPASS" == "" ] && WALLETPASS="hellorockstar" - WALLETPASS_BASE64=$(echo $WALLETPASS|base64|tr -d '\n\r') - - # execute unlockwallet call - curl -s --cacert "$CA_CERT" -X POST -H "$MACAROON_HEADER" -d '{ "wallet_password":"'$WALLETPASS_BASE64'" }' $LND_REST_LISTEN_HOST/v1/unlockwallet + # Corrected password (removing newlines before encoding). + # previous versions will have a default wallet password including a line feed at the end "hellorockstar\n" + # line feed hex code 0x0A. So we first try the password without the line feed if it fails we try it with + # the older version. + WALLETPASS_BASE64=$(echo $WALLETPASS | tr -d '\n\r' | base64) + + response=$(curl -s --cacert "$CA_CERT" -X POST -H "$MACAROON_HEADER" \ + -d '{ "wallet_password":"'$WALLETPASS_BASE64'" }' $LND_REST_LISTEN_HOST/v1/unlockwallet) + + # Check for failure (e.g., incorrect password) + if [[ "$response" == *"invalid"* ]]; then + # If it fails, try the original password with linefeed + WALLETPASS_BASE64=$(echo $WALLETPASS | base64) + curl -s --cacert "$CA_CERT" -X POST -H "$MACAROON_HEADER" \ + -d '{ "wallet_password":"'$WALLETPASS_BASE64'" }' $LND_REST_LISTEN_HOST/v1/unlockwallet + else + exit 1 + fi fi - else echo "[initunlocklnd] Wallet file doesn't exist. Initializing LND instance with new autogenerated password and seed" - # generate seed mnemonic + # generate seed mnemonic GENSEED_RESP=$(curl -s --cacert "$CA_CERT" -X GET -H $MACAROON_HEADER $LND_REST_LISTEN_HOST/v1/genseed) CIPHER_ARRAY_EXTRACTED=$(echo $GENSEED_RESP | jq -c -r '.cipher_seed_mnemonic') @@ -75,17 +88,17 @@ else # save all the the data to unlock file we'll use for future unlocks RESULTJSON='{"wallet_password":"'$WALLETPASS'", "cipher_seed_mnemonic":'$CIPHER_ARRAY_EXTRACTED'}' mkdir -p $LND_WALLET_DIR - echo $RESULTJSON > $LNDUNLOCK_FILE + echo $RESULTJSON >$LNDUNLOCK_FILE - # prepare initwallet call json with wallet password and chipher seed mnemonic - WALLETPASS_BASE64=$(echo $WALLETPASS|base64|tr -d '\n\r') + # previous versions will have a default wallet password including a line feed at the end "hellorockstar\n" + # line feed hex code 0x0A. + WALLETPASS_BASE64=$(echo $WALLETPASS | tr -d '\n\r' | base64) INITWALLET_REQ='{"wallet_password":"'$WALLETPASS_BASE64'", "cipher_seed_mnemonic":'$CIPHER_ARRAY_EXTRACTED'}' # execute initwallet call curl -s --cacert "$CA_CERT" -X POST -H "$MACAROON_HEADER" -d "$INITWALLET_REQ" $LND_REST_LISTEN_HOST/v1/initwallet fi - # LND unlocked, now run Loop if [ ! -z "$LND_HOST_FOR_LOOP" ]; then @@ -101,4 +114,4 @@ if [ ! -z "$LND_HOST_FOR_LOOP" ]; then else echo "[initunlocklnd] Loop can't be started without MACAROON" fi -fi \ No newline at end of file +fi