config: allow adding multiple tls ips and domains

This commit is contained in:
Matt Drollette 2019-02-25 22:21:46 -06:00
parent 3895a4f276
commit 261558aad6
2 changed files with 21 additions and 21 deletions

@ -172,20 +172,20 @@ type torConfig struct {
type config struct { type config struct {
ShowVersion bool `short:"V" long:"version" description:"Display version information and exit"` ShowVersion bool `short:"V" long:"version" description:"Display version information and exit"`
LndDir string `long:"lnddir" description:"The base directory that contains lnd's data, logs, configuration file, etc."` LndDir string `long:"lnddir" description:"The base directory that contains lnd's data, logs, configuration file, etc."`
ConfigFile string `long:"C" long:"configfile" description:"Path to configuration file"` ConfigFile string `long:"C" long:"configfile" description:"Path to configuration file"`
DataDir string `short:"b" long:"datadir" description:"The directory to store lnd's data within"` DataDir string `short:"b" long:"datadir" description:"The directory to store lnd's data within"`
TLSCertPath string `long:"tlscertpath" description:"Path to write the TLS certificate for lnd's RPC and REST services"` TLSCertPath string `long:"tlscertpath" description:"Path to write the TLS certificate for lnd's RPC and REST services"`
TLSKeyPath string `long:"tlskeypath" description:"Path to write the TLS private key for lnd's RPC and REST services"` TLSKeyPath string `long:"tlskeypath" description:"Path to write the TLS private key for lnd's RPC and REST services"`
TLSExtraIP string `long:"tlsextraip" description:"Adds an extra ip to the generated certificate"` TLSExtraIPs []string `long:"tlsextraip" description:"Adds an extra ip to the generated certificate"`
TLSExtraDomain string `long:"tlsextradomain" description:"Adds an extra domain to the generated certificate"` TLSExtraDomains []string `long:"tlsextradomain" description:"Adds an extra domain to the generated certificate"`
NoMacaroons bool `long:"no-macaroons" description:"Disable macaroon authentication"` NoMacaroons bool `long:"no-macaroons" description:"Disable macaroon authentication"`
AdminMacPath string `long:"adminmacaroonpath" description:"Path to write the admin macaroon for lnd's RPC and REST services if it doesn't exist"` AdminMacPath string `long:"adminmacaroonpath" description:"Path to write the admin macaroon for lnd's RPC and REST services if it doesn't exist"`
ReadMacPath string `long:"readonlymacaroonpath" description:"Path to write the read-only macaroon for lnd's RPC and REST services if it doesn't exist"` ReadMacPath string `long:"readonlymacaroonpath" description:"Path to write the read-only macaroon for lnd's RPC and REST services if it doesn't exist"`
InvoiceMacPath string `long:"invoicemacaroonpath" description:"Path to the invoice-only macaroon for lnd's RPC and REST services if it doesn't exist"` InvoiceMacPath string `long:"invoicemacaroonpath" description:"Path to the invoice-only macaroon for lnd's RPC and REST services if it doesn't exist"`
LogDir string `long:"logdir" description:"Directory to log output."` LogDir string `long:"logdir" description:"Directory to log output."`
MaxLogFiles int `long:"maxlogfiles" description:"Maximum logfiles to keep (0 for no rotation)"` MaxLogFiles int `long:"maxlogfiles" description:"Maximum logfiles to keep (0 for no rotation)"`
MaxLogFileSize int `long:"maxlogfilesize" description:"Maximum logfile size in MB"` MaxLogFileSize int `long:"maxlogfilesize" description:"Maximum logfile size in MB"`
// We'll parse these 'raw' string arguments into real net.Addrs in the // We'll parse these 'raw' string arguments into real net.Addrs in the
// loadConfig function. We need to expose the 'raw' strings so the // loadConfig function. We need to expose the 'raw' strings so the

14
lnd.go

@ -486,10 +486,12 @@ func genCertPair(certFile, keyFile string) error {
} }
} }
// Add extra IP to the slice. // Add extra IPs to the slice.
ipAddr := net.ParseIP(cfg.TLSExtraIP) for _, ip := range cfg.TLSExtraIPs {
if ipAddr != nil { ipAddr := net.ParseIP(ip)
addIP(ipAddr) if ipAddr != nil {
addIP(ipAddr)
}
} }
// Collect the host's names into a slice. // Collect the host's names into a slice.
@ -501,9 +503,7 @@ func genCertPair(certFile, keyFile string) error {
if host != "localhost" { if host != "localhost" {
dnsNames = append(dnsNames, "localhost") dnsNames = append(dnsNames, "localhost")
} }
if cfg.TLSExtraDomain != "" { dnsNames = append(dnsNames, cfg.TLSExtraDomains...)
dnsNames = append(dnsNames, cfg.TLSExtraDomain)
}
// Also add fake hostnames for unix sockets, otherwise hostname // Also add fake hostnames for unix sockets, otherwise hostname
// verification will fail in the client. // verification will fail in the client.