From 33508380e791c089f1239f560324e737541cb425 Mon Sep 17 00:00:00 2001 From: ziggie Date: Sun, 13 Oct 2024 14:58:02 +0200 Subject: [PATCH] Fix Password for lnd instance --- docker-initunlocklnd.sh | 44 ++++++++++++++++++++++++++++++++--------- 1 file changed, 35 insertions(+), 9 deletions(-) diff --git a/docker-initunlocklnd.sh b/docker-initunlocklnd.sh index 7e61a37691..ab8ea2d4e3 100755 --- a/docker-initunlocklnd.sh +++ b/docker-initunlocklnd.sh @@ -56,16 +56,42 @@ if [ -f "$WALLET_FILE" ]; then WALLETPASS=$(jq -c -r '.wallet_password' $LNDUNLOCK_FILE) # Nicolas deleted default password in some wallet unlock files, so we initializing default if password is empty [ "$WALLETPASS" == "" ] && WALLETPASS="hellorockstar" - WALLETPASS_BASE64=$(echo $WALLETPASS|base64|tr -d '\n\r') - - # execute unlockwallet call - curl -s --cacert "$CA_CERT" -X POST -H "$MACAROON_HEADER" -d '{ "wallet_password":"'$WALLETPASS_BASE64'" }' $LND_REST_LISTEN_HOST/v1/unlockwallet + # Corrected password (removing newlines before encoding). + # previous versions will have a default wallet password including a line feed at the end "hellorockstar\n" + # line feed hex code 0x0A. So we first try the password without the line feed if it fails we try it with + # the older version. + WALLETPASS_BASE64=$(echo $WALLETPASS | tr -d '\n\r' | base64) + + response=$(curl -s --cacert "$CA_CERT" -X POST -H "$MACAROON_HEADER" \ + -d '{ "wallet_password":"'$WALLETPASS_BASE64'" }' $LND_REST_LISTEN_HOST/v1/unlockwallet) + + # Check for failure (e.g., incorrect password) + if [[ "$response" == *"invalid"* ]]; then + # If it fails, try the original password with linefeed + WALLETPASS_BASE64_CURRENT=$(echo $WALLETPASS | base64) + + # Now we change the password so that the line feed is removed. + # The correct password is already written to the unlock file so we don't need + # to change that. Moreover the changepassword call will change + unlock the wallet + # there is no need to call unlockwallet after this call. + change_password_response=$(curl -s --cacert "$CA_CERT" -X POST -H "$MACAROON_HEADER" \ + -d '{ "current_password":"'$WALLETPASS_BASE64_CURRENT'", "new_password":"'$WALLETPASS_BASE64'" }' \ + $LND_REST_LISTEN_HOST/v1/changepassword) + + # make sure the log end with a newline. + echo $change_password_response + + echo -n "[initunlocklnd] Changed wallet password removing the \"line feed\" character at the end. " + echo "The password can be found in $LNDUNLOCK_FILE" + else + echo "[initunlocklnd] Wallet unlocking failed, lnd returned: $response" + exit 1 + fi fi - else echo "[initunlocklnd] Wallet file doesn't exist. Initializing LND instance with new autogenerated password and seed" - # generate seed mnemonic + # generate seed mnemonic GENSEED_RESP=$(curl -s --cacert "$CA_CERT" -X GET -H $MACAROON_HEADER $LND_REST_LISTEN_HOST/v1/genseed) CIPHER_ARRAY_EXTRACTED=$(echo $GENSEED_RESP | jq -c -r '.cipher_seed_mnemonic') @@ -77,15 +103,15 @@ else mkdir -p $LND_WALLET_DIR echo $RESULTJSON > $LNDUNLOCK_FILE - # prepare initwallet call json with wallet password and chipher seed mnemonic - WALLETPASS_BASE64=$(echo $WALLETPASS|base64|tr -d '\n\r') + # previous versions will have a default wallet password including a line feed at the end "hellorockstar\n" + # line feed hex code 0x0A. + WALLETPASS_BASE64=$(echo $WALLETPASS | tr -d '\n\r' | base64) INITWALLET_REQ='{"wallet_password":"'$WALLETPASS_BASE64'", "cipher_seed_mnemonic":'$CIPHER_ARRAY_EXTRACTED'}' # execute initwallet call curl -s --cacert "$CA_CERT" -X POST -H "$MACAROON_HEADER" -d "$INITWALLET_REQ" $LND_REST_LISTEN_HOST/v1/initwallet fi - # LND unlocked, now run Loop if [ ! -z "$LND_HOST_FOR_LOOP" ]; then