From a870ed5fb75f0173ff0de44f98d141f7d659cfe8 Mon Sep 17 00:00:00 2001
From: "Johan T. Halseth" <johanth@gmail.com>
Date: Mon, 13 Jan 2020 12:21:13 +0100
Subject: [PATCH] lnd: add WalletUnlockerAuthOptions

Similar to what was done for the regular RPC server, we add auth dial
options for the wallet unlocker, as it also requires TLS now.
---
 lnd.go | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/lnd.go b/lnd.go
index 62e8c6c2..1d0e9ce7 100644
--- a/lnd.go
+++ b/lnd.go
@@ -60,6 +60,25 @@ var (
 	networkDir string
 )
 
+// WalletUnlockerAuthOptions returns a list of DialOptions that can be used to
+// authenticate with the wallet unlocker service.
+//
+// NOTE: This should only be called after the WalletUnlocker listener has
+// signaled it is ready.
+func WalletUnlockerAuthOptions() ([]grpc.DialOption, error) {
+	creds, err := credentials.NewClientTLSFromFile(cfg.TLSCertPath, "")
+	if err != nil {
+		return nil, fmt.Errorf("unable to read TLS cert: %v", err)
+	}
+
+	// Create a dial options array with the TLS credentials.
+	opts := []grpc.DialOption{
+		grpc.WithTransportCredentials(creds),
+	}
+
+	return opts, nil
+}
+
 // AdminAuthOptions returns a list of DialOptions that can be used to
 // authenticate with the RPC server with admin capabilities.
 //