Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

gui: allow to connect to an electrum server w/ a self signed certificate #1500

Merged

Conversation

pythcoiner
Copy link
Collaborator

@pythcoiner pythcoiner commented Dec 16, 2024

closes #1300
The issue about connecting to an electrum certificate using rustls have been fixed upstream but in order to beneficiate from it we have to update bdk_electrum and rust-bitvoin dependencies.
Meanwhile, this PR introduce a workaround: the initial issue is related to electrum-client use-rustls feature and use-openssl feature is not reexported by bdk_electrum but we can use electrum-client crate directly and use use-openssl feature by this way:

  • use electrum-client directly w/ use-openssl
  • add and option to opt-out of ssl domain validation
  • let user change the validate_domain values in Settings menu.

image

Note: ssl://testnet.aranguren.org:51002 electrum server can be used to test this PR

@jp1ac4
Copy link
Collaborator

jp1ac4 commented Dec 16, 2024

In the GUI, could we add a "Use SSL" checkbox (related #1291), which, if selected, would then show the "validate domain" checkbox? If SSL is not required, then I feel it would be better not to show the validate option if it's not applicable.

Related to this, I wonder if we should use an enum in ElectrumConfig to include validate_domain only for the SSL case, e.g. something like Tcp(url) or Ssl(url, validate_domain). I'm not sure validate_domain should be a mandatory field in the config file. Even in the SSL case, it could default to false if not present.

@nondiremanuel
Copy link
Collaborator

As we were discussing, let's have for now the validation checkbox (which I would phrase as "Do not validate SSL Domain (check this only if you want to use a self-signed certificate)") only if the user uses ssl in the address.

@pythcoiner pythcoiner force-pushed the electrum_self_signed_certificate branch from 78de446 to 3d90d40 Compare December 20, 2024 07:06
@pythcoiner
Copy link
Collaborator Author

the checkbox is now only displayed if the address is valid and contains "ssl://"

@pythcoiner
Copy link
Collaborator Author

Related to this, I wonder if we should use an enum in ElectrumConfig to include validate_domain only for the SSL case, e.g. something like Tcp(url) or Ssl(url, validate_domain). I'm not sure validate_domain should be a mandatory field in the config file. Even in the SSL case, it could default to false if not present.

i think this can be done in a follow-up if we decide to add a checkbox for enable/disable ssl instead prepending it to the address.

@pythcoiner pythcoiner marked this pull request as ready for review December 20, 2024 07:12
@jp1ac4
Copy link
Collaborator

jp1ac4 commented Dec 20, 2024

i think this can be done in a follow-up if we decide to add a checkbox for enable/disable ssl instead prepending it to the address.

OK yep, let's save that for a follow-up. We could probably keep the value saved in the config file as "ssl://..." and just change how it's parsed into ElectrumConfig.

For this present PR, I think you'll need to make validate_domain an Option so that it works with existing config files. In the case of SSL, it can then default to false if not present.

@pythcoiner
Copy link
Collaborator Author

i think this can be done in a follow-up if we decide to add a checkbox for enable/disable ssl instead prepending it to the address.

OK yep, let's save that for a follow-up. We could probably keep the value saved in the config file as "ssl://..." and just change how it's parsed into ElectrumConfig.

For this present PR, I think you'll need to make validate_domain an Option so that it works with existing config files. In the case of SSL, it can then default to false if not present.

i think having a default as true can avoid footgun and make sense, as it's the default value of the bdk electrum client, see here

@jp1ac4
Copy link
Collaborator

jp1ac4 commented Dec 20, 2024

i think having a default as true can avoid footgun and make sense, as it's the default value of the bdk electrum client, see here

Ah I see, and so this is also the value we've implicitly been using for SSL connections so far. I agree we can default to true then (also for the GUI checkbox).

@pythcoiner
Copy link
Collaborator Author

i think having a default as true can avoid footgun and make sense, as it's the default value of the bdk electrum client, see here

Ah I see, and so this is also the value we've implicitly been using for SSL connections so far. I agree we can default to true then (also for the GUI checkbox).

the checkbox follow the default, but checked mean "do NOT validate", so it's unchecked as default

@jp1ac4
Copy link
Collaborator

jp1ac4 commented Dec 20, 2024

the checkbox follow the default, but checked mean "do NOT validate", so it's unchecked as default

That sounds good then. I think it just remains to make validate_domain an Option in the config or otherwise to change how it's deserialized so that a missing value is treated as true.

@pythcoiner pythcoiner force-pushed the electrum_self_signed_certificate branch from 3d90d40 to a6f6614 Compare December 20, 2024 11:50
@pythcoiner
Copy link
Collaborator Author

That sounds good then. I think it just remains to make validate_domain an Option in the config or otherwise to change how it's deserialized so that a missing value is treated as true.

i've implemented default deserialization

lianad/src/config.rs Outdated Show resolved Hide resolved
liana-gui/src/app/view/message.rs Show resolved Hide resolved
liana-gui/src/app/view/settings.rs Outdated Show resolved Hide resolved
@@ -81,6 +81,7 @@ pub enum DefineBitcoind {
#[derive(Debug, Clone)]
pub enum DefineElectrum {
ConfigFieldEdited(electrum::ConfigField, String),
ValidDomainChanged(bool),
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As validate_domain is part of the config, I feel that this should somehow also be part of ConfigFieldEdited. Perhaps you can use something like ConfigFieldEdited(electrum::ConfigFieldValue) where ConfigFieldValue is:

pub enum ConfigFieldValue {
    Address(String),
    ValidateDomain(bool),
}

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ValidDomainChanged(true) is shorter than
ConfigFieldEdited(electrum::ConfigFieldValue(electrum::ConfigFieldValue::ValidateDomain(bool)))
the event system of iced is already overwhelming imho, we should avoid "overwrapping" it only make the codebase less readable & more error prone

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wouldn't it be just ConfigFieldEdited(electrum::ConfigFieldValue::ValidateDomain(bool))?

And by removing electrum:: it would be just ConfigFieldEdited(ConfigFieldValue::ValidateDomain(bool)).

It doesn't seem too bad, but we can leave it for now. If we have a separate message per field, then we should at some point change ConfigFieldEdited to AddressEdited.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

at this point of the release cycle i'd like to bring this PR quickly to a mergeable state or put it on hold: to avoid everyone testing under the christmas tree 😄

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's OK, I meant it as something to consider in the future.

liana-gui/src/app/view/settings.rs Outdated Show resolved Hide resolved
@pythcoiner pythcoiner force-pushed the electrum_self_signed_certificate branch from a6f6614 to b122f89 Compare December 23, 2024 06:48
@jp1ac4
Copy link
Collaborator

jp1ac4 commented Dec 23, 2024

It would be good to add some comments to https://github.com/wizardsardine/liana/blob/master/contrib/lianad_config_example.toml about the new field.

@pythcoiner pythcoiner force-pushed the electrum_self_signed_certificate branch from b122f89 to fe5c9d2 Compare December 23, 2024 10:14
@pythcoiner
Copy link
Collaborator Author

It would be good to add some comments to https://github.com/wizardsardine/liana/blob/master/contrib/lianad_config_example.toml about the new field.

adressed, feel free if you have better wording

Copy link
Collaborator

@jp1ac4 jp1ac4 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Needs a rebase on master.

contrib/lianad_config_example.toml Outdated Show resolved Hide resolved
contrib/lianad_config_example.toml Outdated Show resolved Hide resolved
contrib/lianad_config_example.toml Outdated Show resolved Hide resolved
@pythcoiner pythcoiner force-pushed the electrum_self_signed_certificate branch from fe5c9d2 to a968224 Compare December 23, 2024 11:23
@pythcoiner
Copy link
Collaborator Author

Needs a rebase on master.

rebsed & addressed comments

@pythcoiner pythcoiner force-pushed the electrum_self_signed_certificate branch from a968224 to 6d82217 Compare December 23, 2024 11:37
@jp1ac4
Copy link
Collaborator

jp1ac4 commented Dec 23, 2024

In the case that SSL is being used, should we show in the read-only settings view a line to indicate whether validate_domain is true or false?

image

@pythcoiner
Copy link
Collaborator Author

In the case that SSL is being used, should we show in the read-only settings view a line to indicate whether validate_domain is true or false?

image

no strong opinion, ping @nondiremanuel

@pythcoiner
Copy link
Collaborator Author

looks like CI failing on windows because missing openssl dependency...

@pythcoiner pythcoiner force-pushed the electrum_self_signed_certificate branch 3 times, most recently from 3bf45ed to feff005 Compare December 23, 2024 13:33
lianad/src/config.rs Outdated Show resolved Hide resolved
@pythcoiner pythcoiner force-pushed the electrum_self_signed_certificate branch 2 times, most recently from bd4cba8 to 5e5e65e Compare December 23, 2024 16:31
@pythcoiner
Copy link
Collaborator Author

5e5e65e seems to fix windows CI

@nondiremanuel
Copy link
Collaborator

In the case that SSL is being used, should we show in the read-only settings view a line to indicate whether validate_domain is true or false?
image

no strong opinion, ping @nondiremanuel

It's not required at this stage imho.

Copy link
Collaborator

@jp1ac4 jp1ac4 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested ACK 5e5e65e.

A couple of nits and a question, but we can come back to those if need be.

contrib/lianad_config_example.toml Outdated Show resolved Hide resolved
liana-gui/src/installer/view/mod.rs Show resolved Hide resolved
lianad/Cargo.toml Outdated Show resolved Hide resolved
@pythcoiner pythcoiner force-pushed the electrum_self_signed_certificate branch from 5e5e65e to 1d9a896 Compare December 31, 2024 14:15
@pythcoiner pythcoiner force-pushed the electrum_self_signed_certificate branch from 1d9a896 to 3083553 Compare December 31, 2024 14:18
@pythcoiner
Copy link
Collaborator Author

comments addressed

Copy link
Collaborator

@jp1ac4 jp1ac4 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ACK 3083553.

@edouardparis edouardparis merged commit 2d2d080 into wizardsardine:master Jan 2, 2025
24 checks passed
edouardparis added a commit to edouardparis/liana that referenced this pull request Jan 2, 2025
…m server w/ a self signed certificate"

This reverts commit 2d2d080, reversing
changes made to cfe15b3.
edouardparis added a commit that referenced this pull request Jan 2, 2025
…m server self signed certificate

b7b52d7 Revert "Merge #1500: gui: allow to connect to an electrum server w/ a self signed certificate" (edouardparis)

Pull request description:

  This reverts commit 2d2d080, reversing changes made to cfe15b3.

  We are not ready yet to have openssl dynamically link library dependency for our users.

ACKs for top commit:
  jp1ac4:
    utACK b7b52d7.

Tree-SHA512: e85963ac9dd9d449c4af5806d7f7aaee70de676d38e9f931e50ed7c060a5a9522209a27db77a0a6254249f55ae52259dc7c747fe2032d830a4d6d92f1cb6a72b
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Status: Done
4 participants