Commit Graph

8 Commits

Author SHA1 Message Date
Graham Krizek
86a0609ecf
config+lnd+cert: add --tlsdisableautofill to prevent information leaks.
This adds in a new boolean flag that when set, prevents LND from writing the system hostname and network interface IPs to the TLS certificate. This will ensure privacy for those that don't want private IP addresses to be exposed on a public facing LND node.
2020-08-13 09:24:39 -05:00
yyforyongyu
b01947b7dc lnd: fix go fmt 2020-07-08 16:46:51 +08:00
Oliver Gugger
8920e20cf7
cert: define ExtendedKeyUsage as required by macOS 10.15 2020-04-17 09:22:32 +02:00
Johan T. Halseth
83dcf95f92
cert+test: IsOutdated check for TLS files if IPs or DNS changed
This commit creates a new utility method IsOutdated that can be used to
check whether a TLS certificate mathces the extra IPs and domains given
in the lnd config.
2020-02-12 10:59:51 +01:00
Johan T. Halseth
d316107749
cert: extract IP and DNS parsing into methods 2020-02-12 10:59:51 +01:00
Johan T. Halseth
ca22001bab
cert: add bufconn to TLS hostnames 2019-12-18 10:28:22 +01:00
Oliver Gugger
dbbb169e06
lnd: use TLS code from cert package 2019-11-18 09:44:54 +01:00
Oliver Gugger
b18698c321
cert: copy common TLS code from lnd to cert package 2019-11-14 10:23:40 +01:00