lnd: remove global cfg variable

chainregistry.go

@@ -719,7 +719,9 @@ func (c *chainRegistry) NumActiveChains() uint32 {
 
 // initNeutrinoBackend inits a new instance of the neutrino light client
 // backend given a target chain directory to store the chain state.
-func initNeutrinoBackend(chainDir string) (*neutrino.ChainService, func(), error) {
+func initNeutrinoBackend(cfg *Config, chainDir string) (*neutrino.ChainService,
+	func(), error) {
+
 	// First we'll open the database file for neutrino, creating the
 	// database if needed. We append the normalized network name here to
 	// match the behavior of btcwallet.

lnd.go

@@ -51,16 +51,12 @@ import (
 	"github.com/lightningnetwork/lnd/watchtower/wtdb"
 )
 
-var (
-	cfg *Config
-)
-
 // WalletUnlockerAuthOptions returns a list of DialOptions that can be used to
 // authenticate with the wallet unlocker service.
 //
 // NOTE: This should only be called after the WalletUnlocker listener has
 // signaled it is ready.
-func WalletUnlockerAuthOptions() ([]grpc.DialOption, error) {
+func WalletUnlockerAuthOptions(cfg *Config) ([]grpc.DialOption, error) {
 	creds, err := credentials.NewClientTLSFromFile(cfg.TLSCertPath, "")
 	if err != nil {
 		return nil, fmt.Errorf("unable to read TLS cert: %v", err)
@@ -79,7 +75,7 @@ func WalletUnlockerAuthOptions() ([]grpc.DialOption, error) {
 //
 // NOTE: This should only be called after the RPCListener has signaled it is
 // ready.
-func AdminAuthOptions() ([]grpc.DialOption, error) {
+func AdminAuthOptions(cfg *Config) ([]grpc.DialOption, error) {
 	creds, err := credentials.NewClientTLSFromFile(cfg.TLSCertPath, "")
 	if err != nil {
 		return nil, fmt.Errorf("unable to read TLS cert: %v", err)
@@ -192,8 +188,7 @@ type rpcListeners func() ([]*ListenerWithSignal, func(), error)
 // validated main configuration struct and an optional listener config struct.
 // This function starts all main system components then blocks until a signal
 // is received on the shutdownChan at which point everything is shut down again.
-func Main(config *Config, lisCfg ListenerCfg, shutdownChan <-chan struct{}) error {
+func Main(cfg *Config, lisCfg ListenerCfg, shutdownChan <-chan struct{}) error {
-	cfg = config
 	defer func() {
 		ltndLog.Info("Shutdown complete")
 		err := RootLogWriter.Close()
@@ -289,10 +284,7 @@ func Main(config *Config, lisCfg ListenerCfg, shutdownChan <-chan struct{}) erro
 	ctx, cancel := context.WithCancel(ctx)
 	defer cancel()
 
-	tlsCfg, restCreds, restProxyDest, err := getTLSConfig(
+	tlsCfg, restCreds, restProxyDest, err := getTLSConfig(cfg)
-		cfg.TLSCertPath, cfg.TLSKeyPath, cfg.TLSExtraIPs,
-		cfg.TLSExtraDomains, cfg.RPCListeners,
-	)
 	if err != nil {
 		err := fmt.Errorf("unable to load TLS credentials: %v", err)
 		ltndLog.Error(err)
@@ -324,7 +316,7 @@ func Main(config *Config, lisCfg ListenerCfg, shutdownChan <-chan struct{}) erro
 	var neutrinoCS *neutrino.ChainService
 	if mainChain.Node == "neutrino" {
 		neutrinoBackend, neutrinoCleanUp, err := initNeutrinoBackend(
-			mainChain.ChainDir,
+			cfg, mainChain.ChainDir,
 		)
 		if err != nil {
 			err := fmt.Errorf("unable to initialize neutrino "+
@@ -398,7 +390,7 @@ func Main(config *Config, lisCfg ListenerCfg, shutdownChan <-chan struct{}) erro
 	// for wallet encryption.
 	if !cfg.NoSeedBackup {
 		params, err := waitForWalletPassword(
-			cfg.RESTListeners, serverOpts, restDialOpts,
+			cfg, cfg.RESTListeners, serverOpts, restDialOpts,
 			restProxyDest, tlsCfg, walletUnlockerListeners,
 		)
 		if err != nil {
@@ -773,16 +765,15 @@ func Main(config *Config, lisCfg ListenerCfg, shutdownChan <-chan struct{}) erro
 
 // getTLSConfig returns a TLS configuration for the gRPC server and credentials
 // and a proxy destination for the REST reverse proxy.
-func getTLSConfig(tlsCertPath string, tlsKeyPath string, tlsExtraIPs,
+func getTLSConfig(cfg *Config) (*tls.Config, *credentials.TransportCredentials,
-	tlsExtraDomains []string, rpcListeners []net.Addr) (*tls.Config,
+	string, error) {
-	*credentials.TransportCredentials, string, error) {
 
 	// Ensure we create TLS key and certificate if they don't exist.
-	if !fileExists(tlsCertPath) && !fileExists(tlsKeyPath) {
+	if !fileExists(cfg.TLSCertPath) && !fileExists(cfg.TLSKeyPath) {
 		rpcsLog.Infof("Generating TLS certificates...")
 		err := cert.GenCertPair(
-			"lnd autogenerated cert", tlsCertPath, tlsKeyPath,
+			"lnd autogenerated cert", cfg.TLSCertPath,
-			tlsExtraIPs, tlsExtraDomains,
+			cfg.TLSKeyPath, cfg.TLSExtraIPs, cfg.TLSExtraDomains,
 			cert.DefaultAutogenValidity,
 		)
 		if err != nil {
@@ -791,7 +782,9 @@ func getTLSConfig(tlsCertPath string, tlsKeyPath string, tlsExtraIPs,
 		rpcsLog.Infof("Done generating TLS certificates")
 	}
 
-	certData, parsedCert, err := cert.LoadCert(tlsCertPath, tlsKeyPath)
+	certData, parsedCert, err := cert.LoadCert(
+		cfg.TLSCertPath, cfg.TLSKeyPath,
+	)
 	if err != nil {
 		return nil, nil, "", err
 	}
@@ -803,7 +796,7 @@ func getTLSConfig(tlsCertPath string, tlsKeyPath string, tlsExtraIPs,
 	refresh := false
 	if cfg.TLSAutoRefresh {
 		refresh, err = cert.IsOutdated(
-			parsedCert, tlsExtraIPs, tlsExtraDomains,
+			parsedCert, cfg.TLSExtraIPs, cfg.TLSExtraDomains,
 		)
 		if err != nil {
 			return nil, nil, "", err
@@ -816,20 +809,20 @@ func getTLSConfig(tlsCertPath string, tlsKeyPath string, tlsExtraIPs,
 		ltndLog.Info("TLS certificate is expired or outdated, " +
 			"generating a new one")
 
-		err := os.Remove(tlsCertPath)
+		err := os.Remove(cfg.TLSCertPath)
 		if err != nil {
 			return nil, nil, "", err
 		}
 
-		err = os.Remove(tlsKeyPath)
+		err = os.Remove(cfg.TLSKeyPath)
 		if err != nil {
 			return nil, nil, "", err
 		}
 
 		rpcsLog.Infof("Renewing TLS certificates...")
 		err = cert.GenCertPair(
-			"lnd autogenerated cert", tlsCertPath, tlsKeyPath,
+			"lnd autogenerated cert", cfg.TLSCertPath,
-			tlsExtraIPs, tlsExtraDomains,
+			cfg.TLSKeyPath, cfg.TLSExtraIPs, cfg.TLSExtraDomains,
 			cert.DefaultAutogenValidity,
 		)
 		if err != nil {
@@ -838,19 +831,21 @@ func getTLSConfig(tlsCertPath string, tlsKeyPath string, tlsExtraIPs,
 		rpcsLog.Infof("Done renewing TLS certificates")
 
 		// Reload the certificate data.
-		certData, _, err = cert.LoadCert(tlsCertPath, tlsKeyPath)
+		certData, _, err = cert.LoadCert(
+			cfg.TLSCertPath, cfg.TLSKeyPath,
+		)
 		if err != nil {
 			return nil, nil, "", err
 		}
 	}
 
 	tlsCfg := cert.TLSConfFromCert(certData)
-	restCreds, err := credentials.NewClientTLSFromFile(tlsCertPath, "")
+	restCreds, err := credentials.NewClientTLSFromFile(cfg.TLSCertPath, "")
 	if err != nil {
 		return nil, nil, "", err
 	}
 
-	restProxyDest := rpcListeners[0].String()
+	restProxyDest := cfg.RPCListeners[0].String()
 	switch {
 	case strings.Contains(restProxyDest, "0.0.0.0"):
 		restProxyDest = strings.Replace(
@@ -967,7 +962,7 @@ type WalletUnlockParams struct {
 // waitForWalletPassword will spin up gRPC and REST endpoints for the
 // WalletUnlocker server, and block until a password is provided by
 // the user to this RPC server.
-func waitForWalletPassword(restEndpoints []net.Addr,
+func waitForWalletPassword(cfg *Config, restEndpoints []net.Addr,
 	serverOpts []grpc.ServerOption, restDialOpts []grpc.DialOption,
 	restProxyDest string, tlsConf *tls.Config,
 	getListeners rpcListeners) (*WalletUnlockParams, error) {

server_test.go

@@ -114,7 +114,12 @@ func TestTLSAutoRegeneration(t *testing.T) {
 
 	// Now let's run getTLSConfig. If it works properly, it should delete
 	// the cert and create a new one.
-	_, _, _, err = getTLSConfig(certPath, keyPath, nil, nil, rpcListeners)
+	cfg := &Config{
+		TLSCertPath:  certPath,
+		TLSKeyPath:   keyPath,
+		RPCListeners: rpcListeners,
+	}
+	_, _, _, err = getTLSConfig(cfg)
 	if err != nil {
 		t.Fatalf("couldn't retrieve TLS config")
 	}