rpcserver: forward gRPC proxy requests to localhost when listening on all interfaces
This prevents certificate issues when accessing the gRPC REST proxy externally.
This commit is contained in:
parent
375be936ce
commit
552b71c620
17
rpcserver.go
17
rpcserver.go
@ -530,14 +530,25 @@ func (r *rpcServer) Start() error {
|
||||
}()
|
||||
}
|
||||
|
||||
// Finally, start the REST proxy for our gRPC server above.
|
||||
// Finally, start the REST proxy for our gRPC server above. We'll ensure
|
||||
// we direct LND to connect to its loopback address rather than a
|
||||
// wildcard to prevent certificate issues when accessing the proxy
|
||||
// externally.
|
||||
//
|
||||
// TODO(roasbeef): eventually also allow the sub-servers to themselves
|
||||
// have a REST proxy.
|
||||
mux := proxy.NewServeMux()
|
||||
grpcEndpoint := cfg.RPCListeners[0].String()
|
||||
switch {
|
||||
case strings.Contains(grpcEndpoint, "0.0.0.0"):
|
||||
grpcEndpoint = strings.Replace(
|
||||
grpcEndpoint, "0.0.0.0", "127.0.0.1", 1,
|
||||
)
|
||||
case strings.Contains(grpcEndpoint, "[::]"):
|
||||
grpcEndpoint = strings.Replace(grpcEndpoint, "[::]", "[::1]", 1)
|
||||
}
|
||||
err := lnrpc.RegisterLightningHandlerFromEndpoint(
|
||||
context.Background(), mux, cfg.RPCListeners[0].String(),
|
||||
r.restServerOpts,
|
||||
context.Background(), mux, grpcEndpoint, r.restServerOpts,
|
||||
)
|
||||
if err != nil {
|
||||
return err
|
||||
|
Loading…
Reference in New Issue
Block a user