lncli unlock --stdin uses newline instead of EOF as a terminator

[ProofOfKeags]

Background

lncli unlock --stdin will stop reading when it encounters its first newline, meaning that if your password has a newline in it, it will not be able to read it.

My suggestion is to read until EOF if it is coming in over stdin. The alternative is that we need a way to escape newlines so that lncli will propagate them instead of terminate on them.

Your environment

• LND 0.13.0
• Raspbian Buster
• bitcoind 0.21.0

Steps to reproduce

1. use REST or GRPC to create a wallet password with a newline in it.
2. try and unlock wallet with cat pwd.txt | lncli unlock --stdin
3. observe incorrect password error
4. verify that password works by confirming over REST or GRPC

Expected behaviour

I'd expect that any password that can be created via any of the 3 interfaces would be usable on any of the 3 interfaces.

My recommendation is that if --stdin is set on lncli unlock that the stream is read until EOF rather than terminating on a newline as it does in the interactive mode.

Actual behaviour

Password is rejected because only a subset of it is read.

[Crypt-iQ]

why do you have a newline in the password ?

[ProofOfKeags]

We generated random byte passwords and used those.

[DarthBenro008]

Looks like a very simple and sensible fix, I would like to work on this!

[Kixunil]

random byte passwords

This is quite a footgun from my experience. I almost permanently lost access to my sats once because of having non-ascii chars in password. Here's a oneliner that generates secure password easily: head -c 18 /dev/urandom | base64