diff --git a/config.go b/config.go index 0539fb0f..8c2e0a15 100644 --- a/config.go +++ b/config.go @@ -172,20 +172,20 @@ type torConfig struct { type config struct { ShowVersion bool `short:"V" long:"version" description:"Display version information and exit"` - LndDir string `long:"lnddir" description:"The base directory that contains lnd's data, logs, configuration file, etc."` - ConfigFile string `long:"C" long:"configfile" description:"Path to configuration file"` - DataDir string `short:"b" long:"datadir" description:"The directory to store lnd's data within"` - TLSCertPath string `long:"tlscertpath" description:"Path to write the TLS certificate for lnd's RPC and REST services"` - TLSKeyPath string `long:"tlskeypath" description:"Path to write the TLS private key for lnd's RPC and REST services"` - TLSExtraIP string `long:"tlsextraip" description:"Adds an extra ip to the generated certificate"` - TLSExtraDomain string `long:"tlsextradomain" description:"Adds an extra domain to the generated certificate"` - NoMacaroons bool `long:"no-macaroons" description:"Disable macaroon authentication"` - AdminMacPath string `long:"adminmacaroonpath" description:"Path to write the admin macaroon for lnd's RPC and REST services if it doesn't exist"` - ReadMacPath string `long:"readonlymacaroonpath" description:"Path to write the read-only macaroon for lnd's RPC and REST services if it doesn't exist"` - InvoiceMacPath string `long:"invoicemacaroonpath" description:"Path to the invoice-only macaroon for lnd's RPC and REST services if it doesn't exist"` - LogDir string `long:"logdir" description:"Directory to log output."` - MaxLogFiles int `long:"maxlogfiles" description:"Maximum logfiles to keep (0 for no rotation)"` - MaxLogFileSize int `long:"maxlogfilesize" description:"Maximum logfile size in MB"` + LndDir string `long:"lnddir" description:"The base directory that contains lnd's data, logs, configuration file, etc."` + ConfigFile string `long:"C" long:"configfile" description:"Path to configuration file"` + DataDir string `short:"b" long:"datadir" description:"The directory to store lnd's data within"` + TLSCertPath string `long:"tlscertpath" description:"Path to write the TLS certificate for lnd's RPC and REST services"` + TLSKeyPath string `long:"tlskeypath" description:"Path to write the TLS private key for lnd's RPC and REST services"` + TLSExtraIPs []string `long:"tlsextraip" description:"Adds an extra ip to the generated certificate"` + TLSExtraDomains []string `long:"tlsextradomain" description:"Adds an extra domain to the generated certificate"` + NoMacaroons bool `long:"no-macaroons" description:"Disable macaroon authentication"` + AdminMacPath string `long:"adminmacaroonpath" description:"Path to write the admin macaroon for lnd's RPC and REST services if it doesn't exist"` + ReadMacPath string `long:"readonlymacaroonpath" description:"Path to write the read-only macaroon for lnd's RPC and REST services if it doesn't exist"` + InvoiceMacPath string `long:"invoicemacaroonpath" description:"Path to the invoice-only macaroon for lnd's RPC and REST services if it doesn't exist"` + LogDir string `long:"logdir" description:"Directory to log output."` + MaxLogFiles int `long:"maxlogfiles" description:"Maximum logfiles to keep (0 for no rotation)"` + MaxLogFileSize int `long:"maxlogfilesize" description:"Maximum logfile size in MB"` // We'll parse these 'raw' string arguments into real net.Addrs in the // loadConfig function. We need to expose the 'raw' strings so the diff --git a/lnd.go b/lnd.go index 96e5b9d6..6556de45 100644 --- a/lnd.go +++ b/lnd.go @@ -486,10 +486,12 @@ func genCertPair(certFile, keyFile string) error { } } - // Add extra IP to the slice. - ipAddr := net.ParseIP(cfg.TLSExtraIP) - if ipAddr != nil { - addIP(ipAddr) + // Add extra IPs to the slice. + for _, ip := range cfg.TLSExtraIPs { + ipAddr := net.ParseIP(ip) + if ipAddr != nil { + addIP(ipAddr) + } } // Collect the host's names into a slice. @@ -501,9 +503,7 @@ func genCertPair(certFile, keyFile string) error { if host != "localhost" { dnsNames = append(dnsNames, "localhost") } - if cfg.TLSExtraDomain != "" { - dnsNames = append(dnsNames, cfg.TLSExtraDomain) - } + dnsNames = append(dnsNames, cfg.TLSExtraDomains...) // Also add fake hostnames for unix sockets, otherwise hostname // verification will fail in the client.