Merge pull request #163 from lightninglabs/insecure-http

add insecure HTTP only listener option

Author: guggero

config.go

@@ -112,6 +112,7 @@ var (
 // daemon's short name.
 type Config struct {
 	HTTPSListen    string `long:"httpslisten" description:"The host:port to listen for incoming HTTP/2 connections on for the web UI only."`
+	HTTPListen     string `long:"insecure-httplisten" description:"The host:port to listen on with TLS disabled. This is dangerous to enable as credentials will be submitted without encryption. Should only be used in combination with Tor hidden services or other external encryption."`
 	UIPassword     string `long:"uipassword" description:"The password that must be entered when using the loop UI. use a strong password to protect your node from unauthorized access through the web UI."`
 	UIPasswordFile string `long:"uipassword_file" description:"Same as uipassword but instead of passing in the value directly, read the password from the specified file."`
 	UIPasswordEnv  string `long:"uipassword_env" description:"Same as uipassword but instead of passing in the value directly, read the password from the specified environment variable."`
@@ -329,7 +330,7 @@ func loadAndValidateConfig() (*Config, error) {
 	if err := pool.Validate(cfg.Pool); err != nil {
 		return nil, err
 	}
-	
+
 	cfg.Faraday.Network = cfg.network
 	if err := faraday.ValidateConfig(cfg.Faraday); err != nil {
 		return nil, err

terminal.go

@@ -592,6 +592,28 @@ func (g *LightningTerminal) startMainWebServer() error {
 		}
 	}()
 
+	// We only enable an additional HTTP only listener if the user
+	// explicitly sets a value.
+	if g.cfg.HTTPListen != "" {
+		insecureListener, err := net.Listen("tcp", g.cfg.HTTPListen)
+		if err != nil {
+			return fmt.Errorf("unable to listen on %v: %v",
+				g.cfg.HTTPListen, err)
+		}
+
+		g.wg.Add(1)
+		go func() {
+			defer g.wg.Done()
+
+			log.Infof("Listening for http on: %v",
+				insecureListener.Addr())
+			err := g.httpServer.Serve(insecureListener)
+			if err != nil && err != http.ErrServerClosed {
+				log.Errorf("http server error: %v", err)
+			}
+		}()
+	}
+
 	return nil
 }
 
@@ -611,8 +633,8 @@ func (g *LightningTerminal) showStartupInfo() error {
 		version: build.Version(),
 		webURI: fmt.Sprintf("https://%s", strings.ReplaceAll(
 			strings.ReplaceAll(
-				g.cfg.HTTPSListen, "0.0.0.0", "127.0.0.1",
-			), "[::]", "[::1]",
+				g.cfg.HTTPSListen, "0.0.0.0", "localhost",
+			), "[::]", "localhost",
 		)),
 	}
 
@@ -659,6 +681,16 @@ func (g *LightningTerminal) showStartupInfo() error {
 		}
 	}
 
+	// If there's an additional HTTP listener, list it as well.
+	if g.cfg.HTTPListen != "" {
+		host := strings.ReplaceAll(
+			strings.ReplaceAll(
+				g.cfg.HTTPListen, "0.0.0.0", "localhost",
+			), "[::]", "localhost",
+		)
+		info.webURI = fmt.Sprintf("%s, http://%s", info.webURI, host)
+	}
+
 	str := "" +
 		"----------------------------------------------------------\n" +
 		" Lightning Terminal (LiT) by Lightning Labs               \n" +