Skip to content
This repository has been archived by the owner on Nov 17, 2023. It is now read-only.

Skip certificate validation for tor connections #242

Merged

Conversation

michaelWuensch
Copy link
Contributor

@michaelWuensch michaelWuensch commented Aug 19, 2020

Description

This PR removes the certificate validation for tor connections completely.
It is not needed as Tor already provides that security.

Motivation and Context

This will it make much more simple to connect to Tor nodes, as there will be no more hostname verification issues.
We had several users of raspiblitz for example that have problems setting this up.
Before the tor hostname had to be part of the lnd.conf as tlsextradomain. No this is not necessary anymore.
Furthermore it allows to not transmit the certificate in the lndconnect string leading to a much less dense QR-Code that is easier to scan.

It also partly fixes issue #203 , but only for tor connections.
Most likely this also fixes #222

How Has This Been Tested?

Tested on my S9

  • Tor connection was possible completely without certificate.
  • Tor connection was still possible when a certificate was provided.
  • Clearnet connection without certificate still failed
  • Clearnet connection with certificate worked

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

  • My code follows the code style of this project.
  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.
  • I have read the Contribution document.
  • I have added tests to cover my changes.
  • All new and existing tests passed.

@michaelWuensch michaelWuensch requested a review from raphBTC August 19, 2020 06:43
@michaelWuensch michaelWuensch self-assigned this Aug 19, 2020
@michaelWuensch michaelWuensch merged commit 7772f2d into LN-Zap:master Aug 21, 2020
@michaelWuensch michaelWuensch deleted the feature/skipCertValidationOnTor branch August 21, 2020 06:55
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Android app not connecting gRPC to BTCPayServer
1 participant