Archives
/
loop
mirror of https://github.com/lightninglabs/loop
2
0
Fork 0
Code Issues Releases Wiki Activity

loopd: add swap server TLS cert path

Browse Source 
We need the ability to connect to a swap server that uses
a self-signed certificate. The LSAT proxy cannot proxy insecure
gRPC requests since they don't conform to the HTTP 1.1 standard.
Therefore the LSAT proxy fill only serve TLS connections.
This means, we need the TLS path option to specify the certificate
the test environment LSAT proxy uses.
pull/101/head
Oliver Gugger 5 years ago
parent 8b8b878440
commit 49cbe9aa63
No known key found for this signature in database
GPG Key ID: 8E4256593F177720
6 changed files with 44 additions and 22 deletions
Show Stats Download Patch File Download Diff File

7
client.go
Unescape Escape View File

@ -71,14 +71,17 @@ type Client struct {
// NewClient returns a new instance to initiate swaps with. // NewClient returns a new instance to initiate swaps with.
func NewClient(dbDir string, serverAddress string, insecure bool, func NewClient(dbDir string, serverAddress string, insecure bool,
lnd *lndclient.LndServices) (*Client, func(), error) { tlsPathServer string, lnd *lndclient.LndServices) (*Client, func(),
error) {
store, err := loopdb.NewBoltSwapStore(dbDir, lnd.ChainParams) store, err := loopdb.NewBoltSwapStore(dbDir, lnd.ChainParams)
if err != nil { if err != nil {
return nil, nil, err return nil, nil, err
} }
swapServerClient, err := newSwapServerClient(serverAddress, insecure) swapServerClient, err := newSwapServerClient(
serverAddress, insecure, tlsPathServer,
)
if err != nil { if err != nil {
return nil, nil, err return nil, nil, err
} }

13
cmd/loopd/config.go
Unescape Escape View File

@ -27,12 +27,13 @@ type lndConfig struct {
type viewParameters struct{} type viewParameters struct{}
type config struct { type config struct {
ShowVersion bool `short:"V" long:"version" description:"Display version information and exit"` ShowVersion bool `short:"V" long:"version" description:"Display version information and exit"`
Insecure bool `long:"insecure" description:"disable tls"` Insecure bool `long:"insecure" description:"disable tls"`
Network string `long:"network" description:"network to run on" choice:"regtest" choice:"testnet" choice:"mainnet" choice:"simnet"` Network string `long:"network" description:"network to run on" choice:"regtest" choice:"testnet" choice:"mainnet" choice:"simnet"`
SwapServer string `long:"swapserver" description:"swap server address host:port"` SwapServer string `long:"swapserver" description:"swap server address host:port"`
RPCListen string `long:"rpclisten" description:"Address to listen on for gRPC clients"` TLSPathSwapSrv string `long:"tlspathswapserver" description:"Path to swap server tls certificate. Only needed if the swap server uses a self-signed certificate."`
RESTListen string `long:"restlisten" description:"Address to listen on for REST clients"` RPCListen string `long:"rpclisten" description:"Address to listen on for gRPC clients"`
RESTListen string `long:"restlisten" description:"Address to listen on for REST clients"`
LogDir string `long:"logdir" description:"Directory to log output."` LogDir string `long:"logdir" description:"Directory to log output."`
MaxLogFiles int `long:"maxlogfiles" description:"Maximum logfiles to keep (0 for no rotation)"` MaxLogFiles int `long:"maxlogfiles" description:"Maximum logfiles to keep (0 for no rotation)"`

2
cmd/loopd/daemon.go
Unescape Escape View File

@ -45,7 +45,7 @@ func daemon(config *config) error {
// Create an instance of the loop client library. // Create an instance of the loop client library.
swapClient, cleanup, err := getClient( swapClient, cleanup, err := getClient(
config.Network, config.SwapServer, config.Insecure, config.Network, config.SwapServer, config.Insecure,
&lnd.LndServices, config.TLSPathSwapSrv, &lnd.LndServices,
) )
if err != nil { if err != nil {
return err return err

4
cmd/loopd/utils.go
Unescape Escape View File

@ -16,7 +16,7 @@ func getLnd(network string, cfg *lndConfig) (*lndclient.GrpcLndServices, error)
} }
// getClient returns an instance of the swap client. // getClient returns an instance of the swap client.
func getClient(network, swapServer string, insecure bool, func getClient(network, swapServer string, insecure bool, tlsPathServer string,
lnd *lndclient.LndServices) (*loop.Client, func(), error) { lnd *lndclient.LndServices) (*loop.Client, func(), error) {
storeDir, err := getStoreDir(network) storeDir, err := getStoreDir(network)
@ -25,7 +25,7 @@ func getClient(network, swapServer string, insecure bool,
} }
swapClient, cleanUp, err := loop.NewClient( swapClient, cleanUp, err := loop.NewClient(
storeDir, swapServer, insecure, lnd, storeDir, swapServer, insecure, tlsPathServer, lnd,
) )
if err != nil { if err != nil {
return nil, nil, err return nil, nil, err

3
cmd/loopd/view.go
Unescape Escape View File

@ -24,7 +24,8 @@ func view(config *config) error {
defer lnd.Close() defer lnd.Close()
swapClient, cleanup, err := getClient( swapClient, cleanup, err := getClient(
config.Network, config.SwapServer, config.Insecure, &lnd.LndServices, config.Network, config.SwapServer, config.Insecure,
config.TLSPathSwapSrv, &lnd.LndServices,
) )
if err != nil { if err != nil {
return err return err

37
swap_server_client.go
Unescape Escape View File

@ -8,11 +8,10 @@ import (
"fmt" "fmt"
"time" "time"
"github.com/lightninglabs/loop/looprpc"
"github.com/lightningnetwork/lnd/lntypes"
"github.com/btcsuite/btcd/btcec" "github.com/btcsuite/btcd/btcec"
"github.com/btcsuite/btcutil" "github.com/btcsuite/btcutil"
"github.com/lightninglabs/loop/looprpc"
"github.com/lightningnetwork/lnd/lntypes"
"google.golang.org/grpc" "google.golang.org/grpc"
"google.golang.org/grpc/credentials" "google.golang.org/grpc/credentials"
) )
@ -49,10 +48,10 @@ type grpcSwapServerClient struct {
var _ swapServerClient = (*grpcSwapServerClient)(nil) var _ swapServerClient = (*grpcSwapServerClient)(nil)
func newSwapServerClient(address string, func newSwapServerClient(address string, insecure bool, tlsPath string) (
insecure bool) (*grpcSwapServerClient, error) { *grpcSwapServerClient, error) {
serverConn, err := getSwapServerConn(address, insecure) serverConn, err := getSwapServerConn(address, insecure, tlsPath)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -227,19 +226,37 @@ func (s *grpcSwapServerClient) Close() {
} }
// getSwapServerConn returns a connection to the swap server. // getSwapServerConn returns a connection to the swap server.
func getSwapServerConn(address string, insecure bool) (*grpc.ClientConn, error) { func getSwapServerConn(address string, insecure bool, tlsPath string) (
*grpc.ClientConn, error) {
// Create a dial options array. // Create a dial options array.
opts := []grpc.DialOption{} opts := []grpc.DialOption{}
if insecure {
// There are three options to connect to a swap server, either insecure,
// using a self-signed certificate or with a certificate signed by a
// public CA.
switch {
case insecure:
opts = append(opts, grpc.WithInsecure()) opts = append(opts, grpc.WithInsecure())
} else {
case tlsPath != "":
// Load the specified TLS certificate and build
// transport credentials
creds, err := credentials.NewClientTLSFromFile(tlsPath, "")
if err != nil {
return nil, err
}
opts = append(opts, grpc.WithTransportCredentials(creds))
default:
creds := credentials.NewTLS(&tls.Config{}) creds := credentials.NewTLS(&tls.Config{})
opts = append(opts, grpc.WithTransportCredentials(creds)) opts = append(opts, grpc.WithTransportCredentials(creds))
} }
conn, err := grpc.Dial(address, opts...) conn, err := grpc.Dial(address, opts...)
if err != nil { if err != nil {
return nil, fmt.Errorf("unable to connect to RPC server: %v", err) return nil, fmt.Errorf("unable to connect to RPC server: %v",
err)
} }
return conn, nil return conn, nil

Write Preview
Loading…
Cancel
Save