Commando: "Somewhere, somehow, someone's going to pay."

.gitignore

@@ -10,6 +10,7 @@
 *.rej
 *.pyc
 *.tmp
+libccan.a
 .cppcheck-suppress
 .mypy_cache
 TAGS

Makefile

@@ -92,6 +92,7 @@ FEATURES :=
 
 CCAN_OBJS :=					\
 	ccan-asort.o				\
+	ccan-base64.o				\
 	ccan-bitmap.o				\
 	ccan-bitops.o				\
 	ccan-breakpoint.o			\
@@ -127,6 +128,8 @@ CCAN_OBJS :=					\
 	ccan-ptr_valid.o			\
 	ccan-rbuf.o				\
 	ccan-read_write_all.o			\
+	ccan-rune-coding.o			\
+	ccan-rune-rune.o			\
 	ccan-str-base32.o			\
 	ccan-str-hex.o				\
 	ccan-str.o				\
@@ -195,6 +198,8 @@ CCAN_HEADERS :=						\
 	$(CCANDIR)/ccan/ptrint/ptrint.h			\
 	$(CCANDIR)/ccan/rbuf/rbuf.h			\
 	$(CCANDIR)/ccan/read_write_all/read_write_all.h	\
+	$(CCANDIR)/ccan/rune/internal.h			\
+	$(CCANDIR)/ccan/rune/rune.h			\
 	$(CCANDIR)/ccan/short_types/short_types.h	\
 	$(CCANDIR)/ccan/str/base32/base32.h		\
 	$(CCANDIR)/ccan/str/hex/hex.h			\
@@ -627,8 +632,12 @@ endif
 header_versions_gen.h: tools/headerversions
 	@tools/headerversions $@
 
+# We make a static library, this way linker can discard unused parts.
+libccan.a: $(CCAN_OBJS)
+	@$(call VERBOSE, "ar $@", $(AR) r $@ $(CCAN_OBJS))
+
 # All binaries require the external libs, ccan and system library versions.
-$(ALL_PROGRAMS) $(ALL_TEST_PROGRAMS) $(ALL_FUZZ_TARGETS): $(EXTERNAL_LIBS) $(CCAN_OBJS)
+$(ALL_PROGRAMS) $(ALL_TEST_PROGRAMS) $(ALL_FUZZ_TARGETS): $(EXTERNAL_LIBS) libccan.a
 
 # Each test program depends on its own object.
 $(ALL_TEST_PROGRAMS) $(ALL_FUZZ_TARGETS): %: %.o
@@ -638,7 +647,7 @@ $(ALL_TEST_PROGRAMS) $(ALL_FUZZ_TARGETS): %: %.o
 # uses some ccan modules internally).  We want to rely on -lwallycore etc.
 # (as per EXTERNAL_LDLIBS) so we filter them out here.
 $(ALL_PROGRAMS) $(ALL_TEST_PROGRAMS):
-	@$(call VERBOSE, "ld $@", $(LINK.o) $(filter-out %.a,$^) $(LOADLIBES) $(EXTERNAL_LDLIBS) $(LDLIBS) -o $@)
+	@$(call VERBOSE, "ld $@", $(LINK.o) $(filter-out %.a,$^) $(LOADLIBES) $(EXTERNAL_LDLIBS) $(LDLIBS) libccan.a -o $@)
 
 # We special case the fuzzing target binaries, as they need to link against libfuzzer,
 # which brings its own main().
@@ -684,7 +693,7 @@ obsclean:
 	$(RM) gen_*.h */gen_*.[ch] */*/gen_*.[ch]
 
 clean: obsclean
-	$(RM) $(CCAN_OBJS) $(CDUMP_OBJS) $(ALL_OBJS)
+	$(RM) libccan.a $(CCAN_OBJS) $(CDUMP_OBJS) $(ALL_OBJS)
 	$(RM) $(ALL_GEN_HEADERS) $(ALL_GEN_SOURCES)
 	$(RM) $(ALL_PROGRAMS)
 	$(RM) $(ALL_TEST_PROGRAMS)
@@ -704,7 +713,7 @@ update-mocks:
 	@echo Need DEVELOPER=1 and EXPERIMENTAL_FEATURES=1 to regenerate mocks >&2; exit 1
 endif
 
-$(ALL_TEST_PROGRAMS:%=update-mocks/%.c): $(ALL_GEN_HEADERS) $(EXTERNAL_LIBS) $(CCAN_OBJS) ccan/ccan/cdump/tools/cdump-enumstr config.vars
+$(ALL_TEST_PROGRAMS:%=update-mocks/%.c): $(ALL_GEN_HEADERS) $(EXTERNAL_LIBS) libccan.a ccan/ccan/cdump/tools/cdump-enumstr config.vars
 
 update-mocks/%: %
 	@MAKE=$(MAKE) tools/update-mocks.sh "$*" $(SUPPRESS_OUTPUT)
@@ -836,6 +845,8 @@ endif
 
 ccan-breakpoint.o: $(CCANDIR)/ccan/breakpoint/breakpoint.c
 	@$(call VERBOSE, "cc $<", $(CC) $(CFLAGS) -c -o $@ $<)
+ccan-base64.o: $(CCANDIR)/ccan/base64/base64.c
+	@$(call VERBOSE, "cc $<", $(CC) $(CFLAGS) -c -o $@ $<)
 ccan-tal.o: $(CCANDIR)/ccan/tal/tal.c
 	@$(call VERBOSE, "cc $<", $(CC) $(CFLAGS) -c -o $@ $<)
 ccan-tal-str.o: $(CCANDIR)/ccan/tal/str/str.c
@@ -936,3 +947,7 @@ ccan-json_out.o: $(CCANDIR)/ccan/json_out/json_out.c
 	@$(call VERBOSE, "cc $<", $(CC) $(CFLAGS) -c -o $@ $<)
 ccan-closefrom.o: $(CCANDIR)/ccan/closefrom/closefrom.c
 	@$(call VERBOSE, "cc $<", $(CC) $(CFLAGS) -c -o $@ $<)
+ccan-rune-rune.o: $(CCANDIR)/ccan/rune/rune.c
+	@$(call VERBOSE, "cc $<", $(CC) $(CFLAGS) -c -o $@ $<)
+ccan-rune-coding.o: $(CCANDIR)/ccan/rune/coding.c
+	@$(call VERBOSE, "cc $<", $(CC) $(CFLAGS) -c -o $@ $<)

bitcoin/test/Makefile

@@ -4,7 +4,7 @@ BITCOIN_TEST_PROGRAMS := $(BITCOIN_TEST_OBJS:.o=)
 
 BITCOIN_TEST_COMMON_OBJS := common/utils.o common/setup.o common/autodata.o
 
-$(BITCOIN_TEST_PROGRAMS): $(CCAN_OBJS) $(BITCOIN_TEST_COMMON_OBJS) bitcoin/chainparams.o
+$(BITCOIN_TEST_PROGRAMS): $(BITCOIN_TEST_COMMON_OBJS) bitcoin/chainparams.o
 $(BITCOIN_TEST_OBJS): $(CCAN_HEADERS) $(BITCOIN_HEADERS) $(BITCOIN_SRC)
 
 ALL_TEST_PROGRAMS += $(BITCOIN_TEST_PROGRAMS)

ccan/README

@@ -1,3 +1,3 @@
 CCAN imported from http://ccodearchive.net.
 
-CCAN version: init-2540-g8448fd28
+CCAN version: init-2541-g52b86922

ccan/ccan/base64/base64.h

@@ -116,7 +116,7 @@ ssize_t base64_decode_quartet_using_maps(const base64_maps_t *maps,
  * @note sets errno = EDOM if src contains invalid characters
  * @note sets errno = EINVAL if src is an invalid base64 tail
  */
-ssize_t base64_decode_tail_using_maps(const base64_maps_t *maps, char *dest,
+ssize_t base64_decode_tail_using_maps(const base64_maps_t *maps, char dest[3],
 				      const char *src, size_t srclen);
 
 

ccan/ccan/rune/LICENSE

@@ -0,0 +1 @@
+../../licenses/BSD-MIT

ccan/ccan/rune/_info

@@ -0,0 +1,130 @@
+#include "config.h"
+#include <stdio.h>
+#include <string.h>
+
+/**
+ * rune - Simple cookies you can extend (a-la Python runes class).
+ *
+ * This code is a form of cookies, but they are user-extensible, and
+ * contain a simple language to define what the cookie allows.
+ *
+ * A "rune" contains the hash of a secret (so the server can
+ * validate), such that you can add, but not subtract, conditions.
+ * This is a simplified form of Macaroons, See
+ * https://research.google/pubs/pub41892/ "Macaroons: Cookies with
+ * Contextual Caveats for Decentralized Authorization in the Cloud".
+ * It has one good idea, some extended ideas nobody implements, and
+ * lots and lots of words.
+ *
+ * License: BSD-MIT
+ * Author: Rusty Russell <[email protected]>
+ * Example:
+ * // Given "generate secret 1" outputs kr7AW-eJ2Munhv5ftu4rHqAnhxUpPQM8aOyWOmqiytk9MQ==
+ * // Given "add kr7AW-eJ2Munhv5ftu4rHqAnhxUpPQM8aOyWOmqiytk9MQ== uid=rusty" outputs Xyt5S6FKUnA2ppGB62c6HTPGojt2S7k2n7Cf7Tjj6zM9MSZ1aWQ9cnVzdHk=
+ * // Given "test secret Xyt5S6FKUnA2ppGB62c6HTPGojt2S7k2n7Cf7Tjj6zM9MSZ1aWQ9cnVzdHk= rusty" outputs PASSED
+ * // Given "test secret Xyt5S6FKUnA2ppGB62c6HTPGojt2S7k2n7Cf7Tjj6zM9MSZ1aWQ9cnVzdHk= notrusty" outputs FAILED: uid is not equal to rusty
+ * // Given "add Xyt5S6FKUnA2ppGB62c6HTPGojt2S7k2n7Cf7Tjj6zM9MSZ1aWQ9cnVzdHk= t\<1655958616" outputs _YBFmeAedqlLigWHAmvyyGGHRrnI40BRQGh2hWdSZ9E9MSZ1aWQ9cnVzdHkmdDwxNjU1OTU4NjE2
+ * // Given "test secret _YBFmeAedqlLigWHAmvyyGGHRrnI40BRQGh2hWdSZ9E9MSZ1aWQ9cnVzdHkmdDwxNjU1OTU4NjE2 rusty" outputs FAILED: t is greater or equal to 1655958616
+ * #include <ccan/err/err.h>
+ * #include <ccan/rune/rune.h>
+ * #include <ccan/str/str.h>
+ * #include <stdio.h>
+ * #include <sys/time.h>
+ * 
+ * // We support two values: current time (t), and user id (uid).
+ * static const char *check(const tal_t *ctx,
+ * 			    const struct rune *rune,
+ * 			    const struct rune_altern *alt,
+ * 			    char *uid)
+ * {
+ * 	// t= means current time, in seconds, as integer
+ * 	if (streq(alt->fieldname, "t")) {
+ * 		struct timeval now;
+ * 		gettimeofday(&now, NULL);
+ * 		return rune_alt_single_int(ctx, alt, now.tv_sec);
+ * 	}
+ * 	if (streq(alt->fieldname, "uid")) {
+ * 		return rune_alt_single_str(ctx, alt, uid, strlen(uid));
+ * 	}
+ * 	// Otherwise, field is missing
+ * 	return rune_alt_single_missing(ctx, alt);
+ * }
+ * 
+ * int main(int argc, char *argv[])
+ * {
+ * 	struct rune *master, *rune;
+ * 
+ * 	if (argc < 3)
+ * 		goto usage;
+ * 
+ * 	if (streq(argv[1], "generate")) {
+ * 		// Make master, derive a unique_id'd rune.
+ * 		if (argc != 3 && argc != 4)
+ * 			goto usage;
+ * 		master = rune_new(NULL, (u8 *)argv[2], strlen(argv[2]), NULL);
+ * 		rune = rune_derive_start(NULL, master, argv[3]);
+ * 	} else if (streq(argv[1], "add")) {
+ * 		// Add a restriction
+ * 		struct rune_restr *restr;
+ * 		if (argc != 4)
+ * 			goto usage;
+ * 		rune = rune_from_base64(NULL, argv[2]);
+ * 		if (!rune)
+ * 			errx(1, "Bad rune");
+ * 		restr = rune_restr_from_string(NULL, argv[3], strlen(argv[3]));
+ * 		if (!restr)
+ * 			errx(1, "Bad restriction string");
+ * 		rune_add_restr(rune, restr);
+ * 	} else if (streq(argv[1], "test")) {
+ * 		const char *err;
+ * 		if (argc != 5)
+ * 			goto usage;
+ * 		master = rune_new(NULL, (u8 *)argv[2], strlen(argv[2]), NULL);
+ * 		if (!master)
+ * 			errx(1, "Bad master rune");
+ * 		rune = rune_from_base64(NULL, argv[3]);
+ * 		if (!rune)
+ * 			errx(1, "Bad rune");
+ * 		err = rune_test(NULL, master, rune, check, argv[4]);
+ * 		if (err)
+ * 			printf("FAILED: %s\n", err);
+ * 		else
+ * 			printf("PASSED\n");
+ * 		return 0;
+ * 	} else
+ * 		goto usage;
+ * 
+ * 	printf("%s\n", rune_to_base64(NULL, rune));
+ * 	return 0;
+ * 
+ * usage:
+ * 	errx(1, "Usage: %s generate <secret> <uniqueid> OR\n"
+ * 	     "%s add <rune> <restriction> OR\n"
+ * 	     "%s test <secret> <rune> <uid>", argv[0], argv[0], argv[0]);
+ * }
+ */
+int main(int argc, char *argv[])
+{
+	/* Expect exactly one argument */
+	if (argc != 2)
+		return 1;
+
+	if (strcmp(argv[1], "depends") == 0) {
+		printf("ccan/base64\n");
+		printf("ccan/crypto/sha256\n");
+		printf("ccan/endian\n");
+		printf("ccan/mem\n");
+		printf("ccan/short_types\n");
+		printf("ccan/str/hex\n");
+		printf("ccan/tal/str\n");
+		printf("ccan/tal\n");
+		printf("ccan/typesafe_cb\n");
+		return 0;
+	}
+	if (strcmp(argv[1], "testdepends") == 0) {
+		printf("ccan/tal/grab_file\n");
+		return 0;
+	}
+
+	return 1;
+}