btcpayserver · rockstardev · Oct 15, 2024 · Oct 13, 2024
diff --git a/docker-initunlocklnd.sh b/docker-initunlocklnd.sh
@@ -56,16 +56,42 @@ if [ -f "$WALLET_FILE" ]; then
         WALLETPASS=$(jq -c -r '.wallet_password' $LNDUNLOCK_FILE)
         # Nicolas deleted default password in some wallet unlock files, so we initializing default if password is empty
         [ "$WALLETPASS" == "" ] && WALLETPASS="hellorockstar"
-        WALLETPASS_BASE64=$(echo $WALLETPASS|base64|tr -d '\n\r')
-
-        # execute unlockwallet call
-        curl -s --cacert "$CA_CERT" -X POST -H "$MACAROON_HEADER" -d '{ "wallet_password":"'$WALLETPASS_BASE64'" }' $LND_REST_LISTEN_HOST/v1/unlockwallet
+        # Corrected password (removing newlines before encoding).
+        # previous versions will have a default wallet password including a line feed at the end "hellorockstar\n"
+        # line feed hex code 0x0A. So we first try the password without the line feed if it fails we try it with
+        # the older version.
+        WALLETPASS_BASE64=$(echo $WALLETPASS | tr -d '\n\r' | base64)
+
+        response=$(curl -s --cacert "$CA_CERT" -X POST -H "$MACAROON_HEADER" \
+            -d '{ "wallet_password":"'$WALLETPASS_BASE64'" }' $LND_REST_LISTEN_HOST/v1/unlockwallet)
+
+        # Check for failure (e.g., incorrect password)
+        if [[ "$response" == *"invalid"* ]]; then
+            # If it fails, try the original password with linefeed
+            WALLETPASS_BASE64_CURRENT=$(echo $WALLETPASS | base64)
+
+            # Now we change the password so that the line feed is removed.
+            # The correct password is already written to the unlock file so we don't need
+            # to change that. Moreover the changepassword call will change + unlock the wallet
+            # there is no need to call unlockwallet after this call.
+            change_password_response=$(curl -s --cacert "$CA_CERT" -X POST -H "$MACAROON_HEADER" \
+                -d '{ "current_password":"'$WALLETPASS_BASE64_CURRENT'", "new_password":"'$WALLETPASS_BASE64'" }' \
+                $LND_REST_LISTEN_HOST/v1/changepassword)
+
+            # make sure the log end with a newline.
+            echo $change_password_response
+
+            echo -n "[initunlocklnd] Changed wallet password removing the \"line feed\" character at the end. "
+            echo "The password can be found in $LNDUNLOCK_FILE"
+        else
+            echo "[initunlocklnd] Wallet unlocking failed, lnd returned: $response"
+            exit 1
+        fi
     fi
-
 else
     echo "[initunlocklnd] Wallet file doesn't exist. Initializing LND instance with new autogenerated password and seed"
 
-    # generate seed mnemonic   
+    # generate seed mnemonic
     GENSEED_RESP=$(curl -s --cacert "$CA_CERT" -X GET -H $MACAROON_HEADER $LND_REST_LISTEN_HOST/v1/genseed)
     CIPHER_ARRAY_EXTRACTED=$(echo $GENSEED_RESP | jq -c -r '.cipher_seed_mnemonic')
 
@@ -77,15 +103,15 @@ else
     mkdir -p $LND_WALLET_DIR
     echo $RESULTJSON > $LNDUNLOCK_FILE
 
-    # prepare initwallet call json with wallet password and chipher seed mnemonic
-    WALLETPASS_BASE64=$(echo $WALLETPASS|base64|tr -d '\n\r')
+    # previous versions will have a default wallet password including a line feed at the end "hellorockstar\n"
+    # line feed hex code 0x0A.
+    WALLETPASS_BASE64=$(echo $WALLETPASS | tr -d '\n\r' | base64)
     INITWALLET_REQ='{"wallet_password":"'$WALLETPASS_BASE64'", "cipher_seed_mnemonic":'$CIPHER_ARRAY_EXTRACTED'}'
 
     # execute initwallet call
     curl -s --cacert "$CA_CERT" -X POST -H "$MACAROON_HEADER" -d "$INITWALLET_REQ" $LND_REST_LISTEN_HOST/v1/initwallet
 fi
 
-
 # LND unlocked, now run Loop
 
 if [ ! -z "$LND_HOST_FOR_LOOP" ]; then