Add macaroon authentication #77
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
guggero
force-pushed
the
macaroons
branch
2 times, most recently
from
b6f00d1 to
2e12187
Compare
3 tasks
We update to the newest verion of lnd so we can use the updated macaroon service. NOTE: This is a compile time dependency update only, no RPC level update is required.
To make it easier to use faraday as an external subserver, it is necessary to extract the config validation into its own function that is separate from loading the config.
guggero
force-pushed
the
macaroons
branch
2 times, most recently
from
6d3f032 to
133400b
Compare
carlaKC
approved these changes
Sep 11, 2020
| // unlocks the macaroon database and creates the default macaroon if it doesn't | ||
| // exist yet. If macaroons are disabled in general in the configuration, none of | ||
| // these actions are taken. | ||
| func (s *RPCServer) startMacaroonService() error { |
Contributor
There was a problem hiding this comment.
is "if macaroons are disabled.." relevant here since we don't have a --no-macaroons option?
Contributor
Author
There was a problem hiding this comment.
Right, that was left over from when we still had the --no-macaroons in the loop PR.
frdrpc/rpcserver.go
Outdated
| if err != nil { | ||
| // The macaroon service is the only thing we started yet, so | ||
| // clean that up now before we exit. | ||
| if err := s.stopMacaroonService(); err != nil { |
Contributor
There was a problem hiding this comment.
Not sure whether this is more simple, but we could have:
shutdownFuncs []func()error
defer func(){
s:= range shutdownFuncs; s()
}
Then just append as we go and set the slice to nil if we startup successfully.
Contributor
Author
There was a problem hiding this comment.
I like that idea, done.
To secure access to faraday's RPC server, we add a macaroon authentication service and its gRPC interceptors to the daemon's server connection.
When faraday runs in the same process as lnd (in LiT), it hooks itself into lnd's RPC server as an external subserver. But because the user should still be able to use the default faraday macaroon, the faraday daemon must be able to validate its own macaroons as lnd's macaroon service doesn't know the root key for it.
carlaKC
approved these changes
Sep 11, 2020
Contributor
carlaKC
left a comment
carlaKC
left a comment
There was a problem hiding this comment.
Had a look at the latest diff, looks good!
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Next we add macaroon authentication to the RPC to be able to restrict access to authorized users only.
With these two features enabled by default, the loop RPC port can be opened to the internet because unauthorized access is no longer possible.
By default only one macaroon is created for faraday and stored in a file called ~/.faraday//faraday.macaroon