lianad(electrum): add an option to not validate SSL domain in order t…

…o work w/ self signed certificates
wizardsardine · Dec 16, 2024 · f83bad7 · f83bad7
1 parent bbeca4d
commit f83bad7
Show file tree

Hide file tree

Showing 4 changed files with 75 additions and 11 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/lianad/Cargo.toml b/lianad/Cargo.toml
@@ -28,6 +28,7 @@ miniscript = { version = "11.0", features = ["serde", "compiler", "base64"] }
 # For Electrum backend. This is the latest version with the same bitcoin version as
 # the miniscript dependency.
 bdk_electrum = { version = "0.14" }
+electrum-client = {version = "0.19", features =["use-openssl"]}
 
 # Don't reinvent the wheel
 dirs = "5.0"

diff --git a/lianad/src/bitcoin/electrum/client.rs b/lianad/src/bitcoin/electrum/client.rs
@@ -7,10 +7,11 @@ use bdk_electrum::{
         spk_client::{FullScanRequest, FullScanResult, SyncRequest, SyncResult},
         BlockId, ChainPosition, ConfirmationHeightAnchor, TxGraph,
     },
-    electrum_client::{self, Config, ElectrumApi},
     ElectrumExt,
 };
 
+use electrum_client::{self, Config, ElectrumApi};
+
 use super::utils::{
     block_id_from_tip, height_i32_from_usize, height_usize_from_i32, outpoints_from_tx,
 };
@@ -56,20 +57,24 @@ impl Client {
     /// Create a new client and perform sanity checks.
     pub fn new(electrum_config: &config::ElectrumConfig) -> Result<Self, Error> {
         // First use a dummy config to check connectivity (no retries, short timeout).
-        let dummy_config = Config::builder().retry(0).timeout(Some(3)).build();
+        let dummy_config = Config::builder()
+            .retry(0)
+            .validate_domain(electrum_config.validate_domain)
+            .timeout(Some(3))
+            .build();
         // Try to ping the server.
-        bdk_electrum::electrum_client::Client::from_config(&electrum_config.addr, dummy_config)
+        electrum_client::Client::from_config(&electrum_config.addr, dummy_config)
             .and_then(|dummy_client| dummy_client.ping())
             .map_err(Error::Server)?;
 
         // Now connection has been checked, create client with required retries and timeout.
         let config = Config::builder()
             .retry(RETRY_LIMIT)
             .timeout(Some(RPC_SOCKET_TIMEOUT))
+            .validate_domain(electrum_config.validate_domain)
             .build();
-        let client =
-            bdk_electrum::electrum_client::Client::from_config(&electrum_config.addr, config)
-                .map_err(Error::Server)?;
+        let client = electrum_client::Client::from_config(&electrum_config.addr, config)
+            .map_err(Error::Server)?;
         Ok(Self(client))
     }
 

diff --git a/lianad/src/config.rs b/lianad/src/config.rs
@@ -128,6 +128,9 @@ pub struct ElectrumConfig {
     /// Include "ssl://" for SSL. otherwise TCP will be assumed.
     /// Can optionally prefix with "tcp://".
     pub addr: String,
+    /// If validate_domain == false, domain of ssl certificate will not be validated
+    /// (useful to allow usage of self signed certificates on local network)
+    pub validate_domain: bool,
 }
 
 #[derive(Debug, Clone, Deserialize, Serialize)]