rfq: introduce, use tls module

jtobin · jtobin · commit 166bc8ce4811 · 2025-08-29T09:46:02.000-02:30
Introduces rfq/tls.go, which contains a basic TLSConfig type and default
value of such. The default value, which for now only indicates that
certificate verification should be skipped, is used in place of the
'dialInsecure' bool when setting up the price oracle RPC.
diff --git a/rfq/oracle.go b/rfq/oracle.go
@@ -214,7 +214,7 @@ func insecureServerDialOpts() ([]grpc.DialOption, error) {
 
 // NewRpcPriceOracle creates a new RPC price oracle handle given the address
 // of the price oracle RPC server.
-func NewRpcPriceOracle(addrStr string, dialInsecure bool) (*RpcPriceOracle,
+func NewRpcPriceOracle(addrStr string, tlsConfig *TLSConfig) (*RpcPriceOracle,
 	error) {
 
 	addr, err := ParsePriceOracleAddress(addrStr)
@@ -228,6 +228,9 @@ func NewRpcPriceOracle(addrStr string, dialInsecure bool) (*RpcPriceOracle,
 		return nil, err
 	}
 
+	// Determine whether we should skip certificate verification.
+	dialInsecure := tlsConfig.InsecureSkipVerify
+
 	// Allow connecting to a non-TLS (h2c, http over cleartext) gRPC server,
 	// should be used for testing only.
 	if dialInsecure {
diff --git a/rfq/oracle_test.go b/rfq/oracle_test.go
@@ -141,7 +141,7 @@ func runQuerySalePriceTest(t *testing.T, tc *testCaseQuerySalePrice) {
 
 	// Create a new RPC price oracle client and connect to the mock service.
 	serviceAddr := fmt.Sprintf("rfqrpc://%s", testServiceAddress)
-	client, err := NewRpcPriceOracle(serviceAddr, true)
+	client, err := NewRpcPriceOracle(serviceAddr, DefaultTLSConfig())
 	require.NoError(t, err)
 
 	// Query for an ask price.
@@ -251,7 +251,7 @@ func runQueryPurchasePriceTest(t *testing.T, tc *testCaseQueryPurchasePrice) {
 
 	// Create a new RPC price oracle client and connect to the mock service.
 	serviceAddr := fmt.Sprintf("rfqrpc://%s", testServiceAddress)
-	client, err := NewRpcPriceOracle(serviceAddr, true)
+	client, err := NewRpcPriceOracle(serviceAddr, DefaultTLSConfig())
 	require.NoError(t, err)
 
 	// Query for an ask price.
diff --git a/rfq/tls.go b/rfq/tls.go
@@ -0,0 +1,14 @@
+package rfq
+
+// TLSConfig represents TLS configuration options for oracle connections.
+type TLSConfig struct {
+	// InsecureSkipVerify disables certificate verification.
+	InsecureSkipVerify bool
+}
+
+// DefaultTLSConfig returns a default TLS configuration.
+func DefaultTLSConfig() *TLSConfig {
+	return &TLSConfig{
+		InsecureSkipVerify: true,
+	}
+}
diff --git a/tapcfg/server.go b/tapcfg/server.go
@@ -462,7 +462,7 @@ func genServerConfig(cfg *Config, cfgLogger btclog.Logger,
 
 	default:
 		priceOracle, err = rfq.NewRpcPriceOracle(
-			rfqCfg.PriceOracleAddress, false,
+			rfqCfg.PriceOracleAddress, rfq.DefaultTLSConfig(),
 		)
 		if err != nil {
 			return nil, fmt.Errorf("unable to create price "+

Original file line number	Diff line number	Diff line change
`@@ -462,7 +462,7 @@ func genServerConfig(cfg *Config, cfgLogger btclog.Logger,`
`462`	`462`
`463`	`463`	`default:`
`464`	`464`	`priceOracle, err = rfq.NewRpcPriceOracle(`
`465`		`- rfqCfg.PriceOracleAddress, false,`
	`465`	`+ rfqCfg.PriceOracleAddress, rfq.DefaultTLSConfig(),`
`466`	`466`	`)`
`467`	`467`	`if err != nil {`
`468`	`468`	`return nil, fmt.Errorf("unable to create price "+`