Add grpc client tls certificate #2715
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
FYI, here's the minimal diff to pass on the required client auth and cert from decrediton to dcrlnd. This requires decred/dcrlnd#110 and it also requires bringing in the most recent walletunlocker.proto and regenerating the dcrlnd gRPC bindings, however doing that will make this conflict with #2641 (so you won't be able to test it until 2641 is merged or by manually modifying the local rpc.proto file) diff --git a/app/actions/LNActions.js b/app/actions/LNActions.js
index ee0ad36b..73e072f0 100644
--- a/app/actions/LNActions.js
+++ b/app/actions/LNActions.js
@@ -85,6 +85,7 @@ export const startDcrlnd = (
}
const rpcCreds = ipcRenderer.sendSync("get-dcrd-rpc-credentials");
+ const walletClientKeyCert = wallet.getDcrwalletGrpcKeyCert();
let dcrlndCreds;
let wuClient;
@@ -140,7 +141,7 @@ export const startDcrlnd = (
stage: LNWALLET_STARTUPSTAGE_UNLOCK,
type: LNWALLET_STARTUP_CHANGEDSTAGE
});
- await ln.unlockWallet(wuClient, passphrase);
+ await ln.unlockWallet(wuClient, passphrase, walletClientKeyCert);
} catch (error) {
// An unimplemented error here probably means dcrlnd was already running,
// so just continue with the connection attempt.
diff --git a/app/wallet/ln/index.js b/app/wallet/ln/index.js
index 1311660b..180d495c 100644
--- a/app/wallet/ln/index.js
+++ b/app/wallet/ln/index.js
@@ -267,10 +267,11 @@ export const sendCoins = (client, address, amount) => {
);
};
-export const unlockWallet = (wuClient, passphrase) => {
+export const unlockWallet = (wuClient, passphrase, dcrwClientKeyCert) => {
const request = new pb.UnlockWalletRequest();
const bytesPassphrase = new Uint8Array(Buffer.from(passphrase));
request.setWalletPassword(bytesPassphrase);
+ request.setDcrwClientKeyCert(dcrwClientKeyCert);
return new Promise((resolve, reject) =>
wuClient.unlockWallet(request, (err, resp) => |
alexlyp
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR depends on https://github.com/jrick/dcrwallet/tree/clientauth.
It adds tls client certificate into grpc client.