lnd: consolidate WalletUnlocker- and AdminAuthOptions

This commit is contained in:
Johan T. Halseth 2021-02-11 13:53:30 +01:00
parent 8789247bf9
commit db28e7c891
No known key found for this signature in database
GPG Key ID: 15BAADA29DA20D26
2 changed files with 7 additions and 23 deletions

26
lnd.go

@ -54,31 +54,15 @@ import (
"github.com/lightningnetwork/lnd/watchtower/wtdb" "github.com/lightningnetwork/lnd/watchtower/wtdb"
) )
// WalletUnlockerAuthOptions returns a list of DialOptions that can be used to
// authenticate with the wallet unlocker service.
//
// NOTE: This should only be called after the WalletUnlocker listener has
// signaled it is ready.
func WalletUnlockerAuthOptions(cfg *Config) ([]grpc.DialOption, error) {
creds, err := credentials.NewClientTLSFromFile(cfg.TLSCertPath, "")
if err != nil {
return nil, fmt.Errorf("unable to read TLS cert: %v", err)
}
// Create a dial options array with the TLS credentials.
opts := []grpc.DialOption{
grpc.WithTransportCredentials(creds),
}
return opts, nil
}
// AdminAuthOptions returns a list of DialOptions that can be used to // AdminAuthOptions returns a list of DialOptions that can be used to
// authenticate with the RPC server with admin capabilities. // authenticate with the RPC server with admin capabilities.
// skipMacaroons=true should be set if we don't want to include macaroons with
// the auth options. This is needed for instance for the WalletUnlocker
// service, which must be usable also before macaroons are created.
// //
// NOTE: This should only be called after the RPCListener has signaled it is // NOTE: This should only be called after the RPCListener has signaled it is
// ready. // ready.
func AdminAuthOptions(cfg *Config) ([]grpc.DialOption, error) { func AdminAuthOptions(cfg *Config, skipMacaroons bool) ([]grpc.DialOption, error) {
creds, err := credentials.NewClientTLSFromFile(cfg.TLSCertPath, "") creds, err := credentials.NewClientTLSFromFile(cfg.TLSCertPath, "")
if err != nil { if err != nil {
return nil, fmt.Errorf("unable to read TLS cert: %v", err) return nil, fmt.Errorf("unable to read TLS cert: %v", err)
@ -90,7 +74,7 @@ func AdminAuthOptions(cfg *Config) ([]grpc.DialOption, error) {
} }
// Get the admin macaroon if macaroons are active. // Get the admin macaroon if macaroons are active.
if !cfg.NoMacaroons { if !skipMacaroons && !cfg.NoMacaroons {
// Load the adming macaroon file. // Load the adming macaroon file.
macBytes, err := ioutil.ReadFile(cfg.AdminMacPath) macBytes, err := ioutil.ReadFile(cfg.AdminMacPath)
if err != nil { if err != nil {

@ -105,7 +105,7 @@ func Start(extraArgs string, unlockerReady, rpcReady Callback) {
// We must set the TLS certificates in order to properly // We must set the TLS certificates in order to properly
// authenticate with the wallet unlocker service. // authenticate with the wallet unlocker service.
auth, err := lnd.WalletUnlockerAuthOptions(loadedConfig) auth, err := lnd.AdminAuthOptions(loadedConfig, true)
if err != nil { if err != nil {
unlockerReady.OnError(err) unlockerReady.OnError(err)
return return
@ -123,7 +123,7 @@ func Start(extraArgs string, unlockerReady, rpcReady Callback) {
// Now that the RPC server is ready, we can get the needed // Now that the RPC server is ready, we can get the needed
// authentication options, and add them to the global dial // authentication options, and add them to the global dial
// options. // options.
auth, err := lnd.AdminAuthOptions(loadedConfig) auth, err := lnd.AdminAuthOptions(loadedConfig, false)
if err != nil { if err != nil {
rpcReady.OnError(err) rpcReady.OnError(err)
return return