[lbry] rpc: support --skipverify on TLS connection to lbcd

chain/rpc.go

@@ -46,7 +46,7 @@ type RPCClient struct {
 // operate on the same bitcoin network as described by the passed chain
 // parameters, the connection will be disconnected.
 func NewRPCClient(chainParams *chaincfg.Params, connect, user, pass string, certs []byte,
-	disableTLS bool, reconnectAttempts int) (*RPCClient, error) {
+	disableTLS bool, skipverify bool, reconnectAttempts int) (*RPCClient, error) {
 
 	if reconnectAttempts < 0 {
 		return nil, errors.New("reconnectAttempts must be positive")
@@ -62,6 +62,7 @@ func NewRPCClient(chainParams *chaincfg.Params, connect, user, pass string, cert
 			DisableAutoReconnect: false,
 			DisableConnectOnNew:  true,
 			DisableTLS:           disableTLS,
+			SkipVerify:           skipverify,
 		},
 		chainParams:         chainParams,
 		reconnectAttempts:   reconnectAttempts,

config.go

@@ -70,6 +70,7 @@ type config struct {
 	RPCConnect       string                  `short:"c" long:"rpcconnect" description:"Hostname/IP and port of lbcd RPC server to connect to (default localhost:9245, testnet: localhost:19245, regtest: localhost:29245 simnet: localhost:39245)"`
 	CAFile           *cfgutil.ExplicitString `long:"cafile" description:"File containing root certificates to authenticate a TLS connections with lbcd"`
 	DisableClientTLS bool                    `long:"noclienttls" description:"Disable TLS for the RPC client -- NOTE: This is only allowed if the RPC client is connecting to localhost"`
+	SkipVerify       bool                    `long:"skipverify" description:"Skip verifying TLS for the RPC client"`
 	LbcdUsername     string                  `long:"lbcdusername" description:"Username for lbcd authentication"`
 	LbcdPassword     string                  `long:"lbcdpassword" default-mask:"-" description:"Password for lbcd authentication"`
 	Proxy            string                  `long:"proxy" description:"Connect via SOCKS5 proxy (eg. 127.0.0.1:9050)"`

lbcwallet.go

@@ -232,7 +232,8 @@ func readCAFile() []byte {
 func startChainRPC(certs []byte) (*chain.RPCClient, error) {
 	log.Infof("Attempting RPC client connection to %v", cfg.RPCConnect)
 	rpcc, err := chain.NewRPCClient(activeNet.Params, cfg.RPCConnect,
-		cfg.LbcdUsername, cfg.LbcdPassword, certs, cfg.DisableClientTLS, 0)
+		cfg.LbcdUsername, cfg.LbcdPassword, certs, cfg.DisableClientTLS,
+		cfg.SkipVerify, 0)
 	if err != nil {
 		return nil, err
 	}

rpc/api.proto

@@ -314,5 +314,6 @@ message StartConsensusRpcRequest {
 	string username = 2;
 	bytes password = 3;
 	bytes certificate = 4;
+	bool skipverify = 5;
 }
 message StartConsensusRpcResponse {}

rpc/rpcserver/server.go

@@ -785,7 +785,7 @@ func (s *loaderServer) StartConsensusRpc(ctx context.Context, // nolint:golint
 	}
 
 	rpcClient, err := chain.NewRPCClient(s.activeNet.Params, networkAddress, req.Username,
-		string(req.Password), req.Certificate, len(req.Certificate) == 0, 1)
+		string(req.Password), req.Certificate, len(req.Certificate) == 0, req.SkipVerify, 1)
 	if err != nil {
 		return nil, translateError(err)
 	}

rpc/walletrpc/api.pb.go

@@ -1435,6 +1435,7 @@ type StartConsensusRpcRequest struct {
 	Username       string `protobuf:"bytes,2,opt,name=username" json:"username,omitempty"`
 	Password       []byte `protobuf:"bytes,3,opt,name=password,proto3" json:"password,omitempty"`
 	Certificate    []byte `protobuf:"bytes,4,opt,name=certificate,proto3" json:"certificate,omitempty"`
+	SkipVerify    bool `protobuf:"varint,5,opt,name=skipverify,proto3" json:"skipverify,omitempty"`
 }
 
 func (m *StartConsensusRpcRequest) Reset()                    { *m = StartConsensusRpcRequest{} }