[lbry] config: allow non-localhost connections with TLS disabled

2022-07-11 16:44:18 -07:00 · 2022-07-11 16:44:18 -07:00 · bb93a49349
parent d5922cd725
commit bb93a49349
2 changed files with 2 additions and 18 deletions
--- a/config.go
+++ b/config.go
@ -977,13 +977,8 @@ func loadConfig() (*config, []string, error) {
 	// Only allow TLS to be disabled if the RPC is bound to localhost
 	// addresses.
 	if !cfg.DisableRPC && cfg.DisableTLS {
-		allowedTLSListeners := map[string]struct{}{
-			"localhost": {},
-			"127.0.0.1": {},
-			"::1":       {},
-		}
 		for _, addr := range cfg.RPCListeners {
-			host, _, err := net.SplitHostPort(addr)
+			_, _, err := net.SplitHostPort(addr)
 			if err != nil {
 				str := "%s: RPC listen interface '%s' is " +
 					"invalid: %v"
@ -992,15 +987,6 @@ func loadConfig() (*config, []string, error) {
 				fmt.Fprintln(os.Stderr, usageMessage)
 				return nil, nil, err
 			}
-			if _, ok := allowedTLSListeners[host]; !ok {
-				str := "%s: the --notls option may not be used " +
-					"when binding RPC to non localhost " +
-					"addresses: %s"
-				err := fmt.Errorf(str, funcName, addr)
-				fmt.Fprintln(os.Stderr, err)
-				fmt.Fprintln(os.Stderr, usageMessage)
-				return nil, nil, err
-			}
 		}
 	}

--- a/doc.go
+++ b/doc.go
@ -102,9 +102,7 @@ Application Options:
                              server is disabled by default if no
                              rpcuser/rpcpass or rpclimituser/rpclimitpass is
                              specified
-      --notls                 Disable TLS for the RPC server -- NOTE: This is
-                              only allowed if the RPC server is bound to
-                              localhost
+      --notls                 Disable TLS for the RPC server
      --onion=                Connect to tor hidden services via SOCKS5 proxy
                              (eg. 127.0.0.1:9050)
      --onionpass=            Password for onion proxy server