config: add insecure HTTP only listener option

For uses of LiT through Tor connections that add their own layer of
transport security, it doesn't make sense to add TLS on top. We
therefore allow running an additional HTTP only listener.

Author: guggero

config.go

@@ -112,6 +112,7 @@ var (
 // daemon's short name.
 type Config struct {
 	HTTPSListen    string `long:"httpslisten" description:"The host:port to listen for incoming HTTP/2 connections on for the web UI only."`
+	HTTPListen     string `long:"insecure-httplisten" description:"The host:port to listen on with TLS disabled. This is dangerous to enable as credentials will be submitted without encryption. Should only be used in combination with Tor hidden services or other external encryption."`
 	UIPassword     string `long:"uipassword" description:"The password that must be entered when using the loop UI. use a strong password to protect your node from unauthorized access through the web UI."`
 	UIPasswordFile string `long:"uipassword_file" description:"Same as uipassword but instead of passing in the value directly, read the password from the specified file."`
 	UIPasswordEnv  string `long:"uipassword_env" description:"Same as uipassword but instead of passing in the value directly, read the password from the specified environment variable."`
@@ -329,7 +330,7 @@ func loadAndValidateConfig() (*Config, error) {
 	if err := pool.Validate(cfg.Pool); err != nil {
 		return nil, err
 	}
-	
+
 	cfg.Faraday.Network = cfg.network
 	if err := faraday.ValidateConfig(cfg.Faraday); err != nil {
 		return nil, err