lnd+rpcserver: use same serverOpts for custom listeners

Earlier we used emtpy grpc server options if custom listeners were set.
This was done to disable TLS. Now, we reuse the same server options as
for the regular listeners, in a move towards enabling TLS also here.
This commit is contained in:
Johan T. Halseth 2019-11-29 12:17:47 +01:00
parent 7ecbe22531
commit 27337dc973
No known key found for this signature in database
GPG Key ID: 15BAADA29DA20D26
2 changed files with 29 additions and 39 deletions

57
lnd.go

@ -81,12 +81,11 @@ type ListenerCfg struct {
}
// rpcListeners is a function type used for closures that fetches a set of RPC
// listeners for the current configuration, and the GRPC server options to use
// with these listeners. If no custom listeners are present, this should return
// normal listeners from the RPC endpoints defined in the config, and server
// options specifying TLS.
type rpcListeners func() ([]*ListenerWithSignal, func(), []grpc.ServerOption,
error)
// listeners for the current configuration. If no custom listeners are present,
// this should return normal listeners from the RPC endpoints defined in the
// config. The second return value us a closure that will close the fetched
// listeners.
type rpcListeners func() ([]*ListenerWithSignal, func(), error)
// Main is the true entry point for lnd. This function is required since defers
// created in the top-level scope of a main method aren't executed if os.Exit()
@ -245,9 +244,7 @@ func Main(lisCfg ListenerCfg) error {
// getListeners is a closure that creates listeners from the
// RPCListeners defined in the config. It also returns a cleanup
// closure and the server options to use for the GRPC server.
getListeners := func() ([]*ListenerWithSignal, func(),
[]grpc.ServerOption, error) {
getListeners := func() ([]*ListenerWithSignal, func(), error) {
var grpcListeners []*ListenerWithSignal
for _, grpcEndpoint := range cfg.RPCListeners {
// Start a gRPC server listening for HTTP/2
@ -256,7 +253,7 @@ func Main(lisCfg ListenerCfg) error {
if err != nil {
ltndLog.Errorf("unable to listen on %s",
grpcEndpoint)
return nil, nil, nil, err
return nil, nil, err
}
grpcListeners = append(
grpcListeners, &ListenerWithSignal{
@ -270,23 +267,20 @@ func Main(lisCfg ListenerCfg) error {
lis.Close()
}
}
return grpcListeners, cleanup, serverOpts, nil
return grpcListeners, cleanup, nil
}
// walletUnlockerListeners is a closure we'll hand to the wallet
// unlocker, that will be called when it needs listeners for its GPRC
// server.
walletUnlockerListeners := func() ([]*ListenerWithSignal, func(),
[]grpc.ServerOption, error) {
error) {
// If we have chosen to start with a dedicated listener for the
// wallet unlocker, we return it directly, and empty server
// options to deactivate TLS.
// TODO(halseth): any point in adding TLS support for custom
// listeners?
// wallet unlocker, we return it directly.
if lisCfg.WalletUnlocker != nil {
return []*ListenerWithSignal{lisCfg.WalletUnlocker},
func() {}, []grpc.ServerOption{}, nil
func() {}, nil
}
// Otherwise we'll return the regular listeners.
@ -298,8 +292,8 @@ func Main(lisCfg ListenerCfg) error {
// for wallet encryption.
if !cfg.NoSeedBackup {
params, err := waitForWalletPassword(
cfg.RESTListeners, restDialOpts, restProxyDest, tlsCfg,
walletUnlockerListeners,
cfg.RESTListeners, serverOpts, restDialOpts,
restProxyDest, tlsCfg, walletUnlockerListeners,
)
if err != nil {
err := fmt.Errorf("Unable to set up wallet password "+
@ -515,17 +509,12 @@ func Main(lisCfg ListenerCfg) error {
// rpcListeners is a closure we'll hand to the rpc server, that will be
// called when it needs listeners for its GPRC server.
rpcListeners := func() ([]*ListenerWithSignal, func(),
[]grpc.ServerOption, error) {
rpcListeners := func() ([]*ListenerWithSignal, func(), error) {
// If we have chosen to start with a dedicated listener for the
// rpc server, we return it directly, and empty server options
// to deactivate TLS.
// TODO(halseth): any point in adding TLS support for custom
// listeners?
// rpc server, we return it directly.
if lisCfg.RPCListener != nil {
return []*ListenerWithSignal{lisCfg.RPCListener},
func() {}, []grpc.ServerOption{}, nil
func() {}, nil
}
// Otherwise we'll return the regular listeners.
@ -535,9 +524,9 @@ func Main(lisCfg ListenerCfg) error {
// Initialize, and register our implementation of the gRPC interface
// exported by the rpcServer.
rpcServer, err := newRPCServer(
server, macaroonService, cfg.SubRPCServers, restDialOpts,
restProxyDest, atplManager, server.invoices, tower, tlsCfg,
rpcListeners, chainedAcceptor,
server, macaroonService, cfg.SubRPCServers, serverOpts,
restDialOpts, restProxyDest, atplManager, server.invoices,
tower, tlsCfg, rpcListeners, chainedAcceptor,
)
if err != nil {
err := fmt.Errorf("Unable to create RPC server: %v", err)
@ -813,13 +802,13 @@ type WalletUnlockParams struct {
// WalletUnlocker server, and block until a password is provided by
// the user to this RPC server.
func waitForWalletPassword(restEndpoints []net.Addr,
restDialOpts []grpc.DialOption, restProxyDest string,
tlsConf *tls.Config, getListeners rpcListeners) (
*WalletUnlockParams, error) {
serverOpts []grpc.ServerOption, restDialOpts []grpc.DialOption,
restProxyDest string, tlsConf *tls.Config,
getListeners rpcListeners) (*WalletUnlockParams, error) {
// Start a gRPC server listening for HTTP/2 connections, solely used
// for getting the encryption password from the client.
listeners, cleanup, serverOpts, err := getListeners()
listeners, cleanup, err := getListeners()
if err != nil {
return nil, err
}

@ -508,10 +508,11 @@ var _ lnrpc.LightningServer = (*rpcServer)(nil)
// base level options passed to the grPC server. This typically includes things
// like requiring TLS, etc.
func newRPCServer(s *server, macService *macaroons.Service,
subServerCgs *subRPCServerConfigs, restDialOpts []grpc.DialOption,
restProxyDest string, atpl *autopilot.Manager,
invoiceRegistry *invoices.InvoiceRegistry, tower *watchtower.Standalone,
tlsCfg *tls.Config, getListeners rpcListeners,
subServerCgs *subRPCServerConfigs, serverOpts []grpc.ServerOption,
restDialOpts []grpc.DialOption, restProxyDest string,
atpl *autopilot.Manager, invoiceRegistry *invoices.InvoiceRegistry,
tower *watchtower.Standalone, tlsCfg *tls.Config,
getListeners rpcListeners,
chanPredicate *chanacceptor.ChainedAcceptor) (*rpcServer, error) {
// Set up router rpc backend.
@ -643,7 +644,7 @@ func newRPCServer(s *server, macService *macaroons.Service,
)
// Get the listeners and server options to use for this rpc server.
listeners, cleanup, serverOpts, err := getListeners()
listeners, cleanup, err := getListeners()
if err != nil {
return nil, err
}