From 5844bb04778eb172d4ff65b185b260518f4a6e28 Mon Sep 17 00:00:00 2001
From: Elle Mouton <elle.mouton@gmail.com>
Date: Wed, 6 Aug 2025 13:42:47 +0200
Subject: [PATCH] discovery+gossip: make sure we dont advertise node anns with
 bad DNS

We may have already persisted node announcements that have multiple DNS
addresses since we may have received them before updating our code to
check for this. So here we just make sure not to send these on to our
peers.
---
 discovery/chan_series.go | 21 +++++++++++++++++----
 discovery/gossiper.go    |  7 ++++++-
 2 files changed, 23 insertions(+), 5 deletions(-)

diff --git a/discovery/chan_series.go b/discovery/chan_series.go
index a6787edf9..8f5cc0acc 100644
--- a/discovery/chan_series.go
+++ b/discovery/chan_series.go
@@ -192,6 +192,13 @@ func (c *ChanSeries) UpdatesInHorizon(chain chainhash.Hash,
 			return nil, err
 		}
 
+		if err := netann.ValidateNodeAnnFields(nodeUpdate); err != nil {
+			log.Debugf("Skipping forwarding invalid node "+
+				"announcement %x: %v", nodeAnn.PubKeyBytes, err)
+
+			continue
+		}
+
 		updates = append(updates, nodeUpdate)
 	}
 
@@ -296,8 +303,11 @@ func (c *ChanSeries) FetchChanAnns(chain chainhash.Hash,
 					return nil, err
 				}
 
-				chanAnns = append(chanAnns, nodeAnn)
-				nodePubsSent[nodePub] = struct{}{}
+				err = netann.ValidateNodeAnnFields(nodeAnn)
+				if err == nil {
+					chanAnns = append(chanAnns, nodeAnn)
+					nodePubsSent[nodePub] = struct{}{}
+				}
 			}
 		}
 		if edge2 != nil {
@@ -315,8 +325,11 @@ func (c *ChanSeries) FetchChanAnns(chain chainhash.Hash,
 					return nil, err
 				}
 
-				chanAnns = append(chanAnns, nodeAnn)
-				nodePubsSent[nodePub] = struct{}{}
+				err = netann.ValidateNodeAnnFields(nodeAnn)
+				if err == nil {
+					chanAnns = append(chanAnns, nodeAnn)
+					nodePubsSent[nodePub] = struct{}{}
+				}
 			}
 		}
 	}
diff --git a/discovery/gossiper.go b/discovery/gossiper.go
index 2473eda24..bfb35304e 100644
--- a/discovery/gossiper.go
+++ b/discovery/gossiper.go
@@ -2229,7 +2229,12 @@ func (d *AuthenticatedGossiper) fetchNodeAnn(ctx context.Context,
 		return nil, err
 	}
 
-	return node.NodeAnnouncement(true)
+	nodeAnn, err := node.NodeAnnouncement(true)
+	if err != nil {
+		return nil, err
+	}
+
+	return nodeAnn, netann.ValidateNodeAnnFields(nodeAnn)
 }
 
 // isMsgStale determines whether a message retrieved from the backing