loopd: add TLS config to listenerCfg struct

As a preparation to be able to listen on a TLS enabled listener, we add a TLS config parameter to the listener setup functions.
4 years ago · 17e0165d4c
parent d3ede8d9e9
commit 17e0165d4c
2 changed files with 24 additions and 10 deletions
--- a/loopd/daemon.go
+++ b/loopd/daemon.go
@ -2,6 +2,7 @@ package loopd

 import (
 	"context"
+	"crypto/tls"
 	"errors"
 	"fmt"
 	"net"
@ -29,11 +30,13 @@ var (

 // listenerCfg holds closures used to retrieve listeners for the gRPC services.
 type listenerCfg struct {
-	// grpcListener returns a listener to use for the gRPC server.
-	grpcListener func() (net.Listener, error)
+	// grpcListener returns a TLS listener to use for the gRPC server, based
+	// on the passed TLS configuration.
+	grpcListener func(*tls.Config) (net.Listener, error)

-	// restListener returns a listener to use for the REST proxy.
-	restListener func() (net.Listener, error)
+	// restListener returns a TLS listener to use for the REST proxy, based
+	// on the passed TLS configuration.
+	restListener func(*tls.Config) (net.Listener, error)

 	// getLnd returns a grpc connection to an lnd instance.
 	getLnd func(lndclient.Network, *lndConfig) (*lndclient.GrpcLndServices,
@ -175,7 +178,7 @@ func (d *Daemon) startWebServers() error {

 	// Next, start the gRPC server listening for HTTP/2 connections.
 	log.Infof("Starting gRPC listener")
-	d.grpcListener, err = d.listenerCfg.grpcListener()
+	d.grpcListener, err = d.listenerCfg.grpcListener(nil)
 	if err != nil {
 		return fmt.Errorf("RPC server unable to listen on %s: %v",
 			d.cfg.RPCListen, err)
@ -213,7 +216,7 @@ func (d *Daemon) startWebServers() error {
 		return err
 	}

-	d.restListener, err = d.listenerCfg.restListener()
+	d.restListener, err = d.listenerCfg.restListener(nil)
 	if err != nil {
 		return fmt.Errorf("REST proxy unable to listen on %s: %v",
 			d.cfg.RESTListen, err)
--- a/loopd/run.go
+++ b/loopd/run.go
@ -2,6 +2,7 @@ package loopd

 import (
 	"context"
+	"crypto/tls"
 	"fmt"
 	"net"
 	"os"
@ -51,22 +52,32 @@ type RPCConfig struct {
 // and RPCConfig.
 func newListenerCfg(config *Config, rpcCfg RPCConfig) *listenerCfg {
 	return &listenerCfg{
-		grpcListener: func() (net.Listener, error) {
+		grpcListener: func(tlsCfg *tls.Config) (net.Listener, error) {
 			// If a custom RPC listener is set, we will listen on
 			// it instead of the regular tcp socket.
 			if rpcCfg.RPCListener != nil {
 				return rpcCfg.RPCListener, nil
 			}

-			return net.Listen("tcp", config.RPCListen)
+			listener, err := net.Listen("tcp", config.RPCListen)
+			if err != nil {
+				return nil, err
+			}
+
+			return tls.NewListener(listener, tlsCfg), nil
 		},
-		restListener: func() (net.Listener, error) {
+		restListener: func(tlsCfg *tls.Config) (net.Listener, error) {
 			// If a custom RPC listener is set, we disable REST.
 			if rpcCfg.RPCListener != nil {
 				return nil, nil
 			}

-			return net.Listen("tcp", config.RESTListen)
+			listener, err := net.Listen("tcp", config.RESTListen)
+			if err != nil {
+				return nil, err
+			}
+
+			return tls.NewListener(listener, tlsCfg), nil
 		},
 		getLnd: func(network lndclient.Network, cfg *lndConfig) (
 			*lndclient.GrpcLndServices, error) {