RPC: Add --notls to disable TLS for RPC endpoints

Co-authored-by: nicolas.dorier <nicolas.dorier@gmail.com>
This commit is contained in:
Johan T. Halseth 2020-09-24 13:34:24 +02:00
parent a2a924e1e5
commit 5be7e710c7
No known key found for this signature in database
GPG Key ID: 15BAADA29DA20D26
2 changed files with 7 additions and 0 deletions

@ -210,6 +210,7 @@ type Config struct {
ExternalIPs []net.Addr ExternalIPs []net.Addr
DisableListen bool `long:"nolisten" description:"Disable listening for incoming peer connections"` DisableListen bool `long:"nolisten" description:"Disable listening for incoming peer connections"`
DisableRest bool `long:"norest" description:"Disable REST API"` DisableRest bool `long:"norest" description:"Disable REST API"`
DisableRestTLS bool `long:"no-rest-tls" description:"Disable TLS for REST connections"`
NAT bool `long:"nat" description:"Toggle NAT traversal support (using either UPnP or NAT-PMP) to automatically advertise your external IP address to the network -- NOTE this does not support devices behind multiple NATs"` NAT bool `long:"nat" description:"Toggle NAT traversal support (using either UPnP or NAT-PMP) to automatically advertise your external IP address to the network -- NOTE this does not support devices behind multiple NATs"`
MinBackoff time.Duration `long:"minbackoff" description:"Shortest backoff when reconnecting to persistent peers. Valid time units are {s, m, h}."` MinBackoff time.Duration `long:"minbackoff" description:"Shortest backoff when reconnecting to persistent peers. Valid time units are {s, m, h}."`
MaxBackoff time.Duration `long:"maxbackoff" description:"Longest backoff when reconnecting to persistent peers. Valid time units are {s, m, h}."` MaxBackoff time.Duration `long:"maxbackoff" description:"Longest backoff when reconnecting to persistent peers. Valid time units are {s, m, h}."`

6
lnd.go

@ -990,6 +990,12 @@ func getTLSConfig(cfg *Config) ([]grpc.ServerOption, []grpc.DialOption,
// Return a function closure that can be used to listen on a given // Return a function closure that can be used to listen on a given
// address with the current TLS config. // address with the current TLS config.
restListen := func(addr net.Addr) (net.Listener, error) { restListen := func(addr net.Addr) (net.Listener, error) {
// For restListen we will call ListenOnAddress if TLS is
// disabled.
if cfg.DisableRestTLS {
return lncfg.ListenOnAddress(addr)
}
return lncfg.TLSListenOnAddress(addr, tlsCfg) return lncfg.TLSListenOnAddress(addr, tlsCfg)
} }