Fix Password for lnd instance.

btcpayserver · Oct 2, 2024 · c8cdbfd · c8cdbfd
1 parent d946972
commit c8cdbfd
Showing 1 changed file with 28 additions and 15 deletions.
diff --git a/docker-initunlocklnd.sh b/docker-initunlocklnd.sh
@@ -15,13 +15,13 @@ while
     fi
 
     STATUS_CODE=$(curl -s --cacert "$CA_CERT" -H $MACAROON_HEADER -o /dev/null -w "%{http_code}" $LND_REST_LISTEN_HOST/v1/getinfo)
-    # if lnd is running it'll either return 200 if unlocked (noseedbackup=1) or 404 if it needs initialization/unlock 
-    if [ "$STATUS_CODE" == "200" ] || [ "$STATUS_CODE" == "404" ] ; then
+    # if lnd is running it'll either return 200 if unlocked (noseedbackup=1) or 404 if it needs initialization/unlock
+    if [ "$STATUS_CODE" == "200" ] || [ "$STATUS_CODE" == "404" ]; then
         break
     # or 500 from version 0.13.1 onwards because it breaks with `wallet not created, create one to enable full RPC access` error
-    elif [ "$STATUS_CODE" == "500" ] ; then
+    elif [ "$STATUS_CODE" == "500" ]; then
         STATUS_CODE=$(curl -s --cacert "$CA_CERT" -H $MACAROON_HEADER $LND_REST_LISTEN_HOST/v1/state)
-        if [ "$STATUS_CODE" == "{\"state\":\"NON_EXISTING\"}" ] || [ "$STATUS_CODE" == "{\"state\":\"LOCKED\"}" ] ; then
+        if [ "$STATUS_CODE" == "{\"state\":\"NON_EXISTING\"}" ] || [ "$STATUS_CODE" == "{\"state\":\"LOCKED\"}" ]; then
             break # wallet ready to be either created or unlocked
         fi
         # for {\"state\":\"UNLOCKED\"}" we will depend on that previous condition with STATUS_CODE 200 or 404
@@ -56,16 +56,29 @@ if [ -f "$WALLET_FILE" ]; then
         WALLETPASS=$(jq -c -r '.wallet_password' $LNDUNLOCK_FILE)
         # Nicolas deleted default password in some wallet unlock files, so we initializing default if password is empty
         [ "$WALLETPASS" == "" ] && WALLETPASS="hellorockstar"
-        WALLETPASS_BASE64=$(echo $WALLETPASS|base64|tr -d '\n\r')
-
-        # execute unlockwallet call
-        curl -s --cacert "$CA_CERT" -X POST -H "$MACAROON_HEADER" -d '{ "wallet_password":"'$WALLETPASS_BASE64'" }' $LND_REST_LISTEN_HOST/v1/unlockwallet
+        # Corrected password (removing newlines before encoding).
+        # previous versions will have a default wallet password including a line feed at the end "hellorockstar\n"
+        # line feed hex code 0x0A. So we first try the password without the line feed if it fails we try it with
+        # the older version.
+        WALLETPASS_BASE64=$(echo $WALLETPASS | tr -d '\n\r' | base64)
+
+        response=$(curl -s --cacert "$CA_CERT" -X POST -H "$MACAROON_HEADER" \
+            -d '{ "wallet_password":"'$WALLETPASS_BASE64'" }' $LND_REST_LISTEN_HOST/v1/unlockwallet)
+
+        # Check for failure (e.g., incorrect password)
+        if [[ "$response" == *"invalid"* ]]; then
+            # If it fails, try the original password with linefeed
+            WALLETPASS_BASE64=$(echo $WALLETPASS | base64)
+            curl -s --cacert "$CA_CERT" -X POST -H "$MACAROON_HEADER" \
+                -d '{ "wallet_password":"'$WALLETPASS_BASE64'" }' $LND_REST_LISTEN_HOST/v1/unlockwallet
+        else
+            exit 1
+        fi
     fi
-
 else
     echo "[initunlocklnd] Wallet file doesn't exist. Initializing LND instance with new autogenerated password and seed"
 
-    # generate seed mnemonic   
+    # generate seed mnemonic
     GENSEED_RESP=$(curl -s --cacert "$CA_CERT" -X GET -H $MACAROON_HEADER $LND_REST_LISTEN_HOST/v1/genseed)
     CIPHER_ARRAY_EXTRACTED=$(echo $GENSEED_RESP | jq -c -r '.cipher_seed_mnemonic')
 
@@ -75,17 +88,17 @@ else
     # save all the the data to unlock file we'll use for future unlocks
     RESULTJSON='{"wallet_password":"'$WALLETPASS'", "cipher_seed_mnemonic":'$CIPHER_ARRAY_EXTRACTED'}'
     mkdir -p $LND_WALLET_DIR
-    echo $RESULTJSON > $LNDUNLOCK_FILE
+    echo $RESULTJSON >$LNDUNLOCK_FILE
 
-    # prepare initwallet call json with wallet password and chipher seed mnemonic
-    WALLETPASS_BASE64=$(echo $WALLETPASS|base64|tr -d '\n\r')
+    # previous versions will have a default wallet password including a line feed at the end "hellorockstar\n"
+    # line feed hex code 0x0A.
+    WALLETPASS_BASE64=$(echo $WALLETPASS | base64 | tr -d '\n\r')
     INITWALLET_REQ='{"wallet_password":"'$WALLETPASS_BASE64'", "cipher_seed_mnemonic":'$CIPHER_ARRAY_EXTRACTED'}'
 
     # execute initwallet call
     curl -s --cacert "$CA_CERT" -X POST -H "$MACAROON_HEADER" -d "$INITWALLET_REQ" $LND_REST_LISTEN_HOST/v1/initwallet
 fi
 
-
 # LND unlocked, now run Loop
 
 if [ ! -z "$LND_HOST_FOR_LOOP" ]; then
@@ -101,4 +114,4 @@ if [ ! -z "$LND_HOST_FOR_LOOP" ]; then
     else
         echo "[initunlocklnd] Loop can't be started without MACAROON"
     fi
-fi
+fi