-
Notifications
You must be signed in to change notification settings - Fork 63
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
gui: allow to connect to an electrum server w/ a self signed certificate #1500
gui: allow to connect to an electrum server w/ a self signed certificate #1500
Conversation
In the GUI, could we add a "Use SSL" checkbox (related #1291), which, if selected, would then show the "validate domain" checkbox? If SSL is not required, then I feel it would be better not to show the validate option if it's not applicable. Related to this, I wonder if we should use an enum in |
As we were discussing, let's have for now the validation checkbox (which I would phrase as "Do not validate SSL Domain (check this only if you want to use a self-signed certificate)") only if the user uses ssl in the address. |
78de446
to
3d90d40
Compare
the checkbox is now only displayed if the address is valid and contains "ssl://" |
i think this can be done in a follow-up if we decide to add a checkbox for enable/disable ssl instead prepending it to the address. |
OK yep, let's save that for a follow-up. We could probably keep the value saved in the config file as "ssl://..." and just change how it's parsed into For this present PR, I think you'll need to make |
i think having a default as true can avoid footgun and make sense, as it's the default value of the bdk electrum client, see here |
Ah I see, and so this is also the value we've implicitly been using for SSL connections so far. I agree we can default to true then (also for the GUI checkbox). |
the checkbox follow the default, but checked mean "do NOT validate", so it's unchecked as default |
That sounds good then. I think it just remains to make |
3d90d40
to
a6f6614
Compare
i've implemented default deserialization |
@@ -81,6 +81,7 @@ pub enum DefineBitcoind { | |||
#[derive(Debug, Clone)] | |||
pub enum DefineElectrum { | |||
ConfigFieldEdited(electrum::ConfigField, String), | |||
ValidDomainChanged(bool), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As validate_domain
is part of the config, I feel that this should somehow also be part of ConfigFieldEdited
. Perhaps you can use something like ConfigFieldEdited(electrum::ConfigFieldValue)
where ConfigFieldValue
is:
pub enum ConfigFieldValue {
Address(String),
ValidateDomain(bool),
}
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ValidDomainChanged(true)
is shorter than
ConfigFieldEdited(electrum::ConfigFieldValue(electrum::ConfigFieldValue::ValidateDomain(bool)))
the event system of iced is already overwhelming imho, we should avoid "overwrapping" it only make the codebase less readable & more error prone
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Wouldn't it be just ConfigFieldEdited(electrum::ConfigFieldValue::ValidateDomain(bool))
?
And by removing electrum::
it would be just ConfigFieldEdited(ConfigFieldValue::ValidateDomain(bool))
.
It doesn't seem too bad, but we can leave it for now. If we have a separate message per field, then we should at some point change ConfigFieldEdited
to AddressEdited
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
at this point of the release cycle i'd like to bring this PR quickly to a mergeable state or put it on hold: to avoid everyone testing under the christmas tree 😄
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's OK, I meant it as something to consider in the future.
a6f6614
to
b122f89
Compare
It would be good to add some comments to https://github.com/wizardsardine/liana/blob/master/contrib/lianad_config_example.toml about the new field. |
b122f89
to
fe5c9d2
Compare
adressed, feel free if you have better wording |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Needs a rebase on master.
fe5c9d2
to
a968224
Compare
rebsed & addressed comments |
a968224
to
6d82217
Compare
no strong opinion, ping @nondiremanuel |
looks like CI failing on windows because missing openssl dependency... |
3bf45ed
to
feff005
Compare
bd4cba8
to
5e5e65e
Compare
5e5e65e seems to fix windows CI |
It's not required at this stage imho. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Tested ACK 5e5e65e.
A couple of nits and a question, but we can come back to those if need be.
5e5e65e
to
1d9a896
Compare
1d9a896
to
3083553
Compare
comments addressed |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ACK 3083553.
…m server self signed certificate b7b52d7 Revert "Merge #1500: gui: allow to connect to an electrum server w/ a self signed certificate" (edouardparis) Pull request description: This reverts commit 2d2d080, reversing changes made to cfe15b3. We are not ready yet to have openssl dynamically link library dependency for our users. ACKs for top commit: jp1ac4: utACK b7b52d7. Tree-SHA512: e85963ac9dd9d449c4af5806d7f7aaee70de676d38e9f931e50ed7c060a5a9522209a27db77a0a6254249f55ae52259dc7c747fe2032d830a4d6d92f1cb6a72b
closes #1300
The issue about connecting to an electrum certificate using
rustls
have been fixed upstream but in order to beneficiate from it we have to updatebdk_electrum
andrust-bitvoin
dependencies.Meanwhile, this PR introduce a workaround: the initial issue is related to
electrum-client
use-rustls
feature anduse-openssl
feature is not reexported bybdk_electrum
but we can useelectrum-client
crate directly and useuse-openssl
feature by this way:electrum-client
directly w/use-openssl
validate_domain
values inSettings
menu.Note: ssl://testnet.aranguren.org:51002 electrum server can be used to test this PR