From 594a00b814dfb75652e0ce9ebef3e93851b96549 Mon Sep 17 00:00:00 2001 From: oyindamola oladapo Date: Thu, 21 Aug 2025 15:39:17 +0100 Subject: [PATCH] refactor(cli): rename `_danger-local-https` to `_manual-tls` This change updates the feature flag `_danger-local-https` to `_manual-tls` to better reflect the actual behavior and reduce misleading implications about its risk level. The new name clarifies that TLS certificates are only accepted manually and not validated by default. --- contrib/coverage.sh | 2 +- flake.nix | 2 +- payjoin-cli/Cargo.toml | 2 +- payjoin-cli/src/app/config.rs | 10 +++++----- payjoin-cli/src/app/mod.rs | 6 +++--- payjoin-cli/src/app/v1.rs | 8 ++++---- payjoin-cli/src/app/v2/ohttp.rs | 4 ++-- payjoin-cli/src/cli/mod.rs | 4 ++-- payjoin-cli/tests/e2e.rs | 2 +- payjoin-directory/Cargo.toml | 2 +- payjoin-directory/src/lib.rs | 4 ++-- payjoin-ffi/Cargo.toml | 2 +- payjoin-ffi/contrib/lint.sh | 2 +- payjoin-ffi/contrib/test.sh | 2 +- payjoin-ffi/src/io.rs | 2 +- payjoin-test-utils/Cargo.toml | 4 ++-- payjoin/Cargo.toml | 2 +- payjoin/src/core/io.rs | 10 +++++----- payjoin/tests/integration.rs | 2 +- 19 files changed, 36 insertions(+), 36 deletions(-) diff --git a/contrib/coverage.sh b/contrib/coverage.sh index ee19b9401..5b3563999 100755 --- a/contrib/coverage.sh +++ b/contrib/coverage.sh @@ -4,5 +4,5 @@ set -e # https://github.com/taiki-e/cargo-llvm-cov?tab=readme-ov-file#merge-coverages-generated-under-different-test-conditions cargo llvm-cov clean --workspace # remove artifacts that may affect the coverage results cargo llvm-cov --no-report --all-features -cargo llvm-cov --no-report --package payjoin-cli --no-default-features --features=v1,_danger-local-https # Explicitly run payjoin-cli v1 e2e tests +cargo llvm-cov --no-report --package payjoin-cli --no-default-features --features=v1,_manual-tls # Explicitly run payjoin-cli v1 e2e tests cargo llvm-cov report --lcov --output-path lcov.info # generate report without tests diff --git a/flake.nix b/flake.nix index f591dc3fc..ad60a5378 100644 --- a/flake.nix +++ b/flake.nix @@ -126,7 +126,7 @@ partitions = 1; partitionType = "count"; # TODO also run integration tests - # this needs --all-features to enable io,_danger_local_https features + # this needs --all-features to enable io,_manual-tls features # unfortunately this can't yet work because running docker inside the nix sandbox is not possible, # which precludes use of the redis test container # cargoExtraArgs = "--locked --all-features"; diff --git a/payjoin-cli/Cargo.toml b/payjoin-cli/Cargo.toml index 03a1142a7..650f68501 100644 --- a/payjoin-cli/Cargo.toml +++ b/payjoin-cli/Cargo.toml @@ -21,7 +21,7 @@ path = "src/main.rs" [features] default = ["v2"] native-certs = ["reqwest/rustls-tls-native-roots"] -_danger-local-https = ["rcgen", "reqwest/rustls-tls", "rustls", "hyper-rustls", "payjoin/_danger-local-https", "tokio-rustls"] +_manual-tls = ["rcgen", "reqwest/rustls-tls", "rustls", "hyper-rustls", "payjoin/_manual-tls", "tokio-rustls"] v1 = ["payjoin/v1","hyper", "hyper-util", "http-body-util"] v2 = ["payjoin/v2", "payjoin/io"] diff --git a/payjoin-cli/src/app/config.rs b/payjoin-cli/src/app/config.rs index d9c1c8ebf..017492962 100644 --- a/payjoin-cli/src/app/config.rs +++ b/payjoin-cli/src/app/config.rs @@ -58,9 +58,9 @@ pub struct Config { pub bitcoind: BitcoindConfig, #[serde(skip)] pub version: Option, - #[cfg(feature = "_danger-local-https")] + #[cfg(feature = "_manual-tls")] pub root_certificate: Option, - #[cfg(feature = "_danger-local-https")] + #[cfg(feature = "_manual-tls")] pub certificate_key: Option, } @@ -145,9 +145,9 @@ impl Config { max_fee_rate: built_config.get("max_fee_rate").ok(), bitcoind: built_config.get("bitcoind")?, version: None, - #[cfg(feature = "_danger-local-https")] + #[cfg(feature = "_manual-tls")] root_certificate: built_config.get("root_certificate").ok(), - #[cfg(feature = "_danger-local-https")] + #[cfg(feature = "_manual-tls")] certificate_key: built_config.get("certificate_key").ok(), }; @@ -289,7 +289,7 @@ fn add_v2_defaults(config: Builder, cli: &Cli) -> Result { /// Handles configuration overrides based on CLI subcommands fn handle_subcommands(config: Builder, cli: &Cli) -> Result { - #[cfg(feature = "_danger-local-https")] + #[cfg(feature = "_manual-tls")] let config = { config .set_override_option( diff --git a/payjoin-cli/src/app/mod.rs b/payjoin-cli/src/app/mod.rs index adeee219f..db62fda42 100644 --- a/payjoin-cli/src/app/mod.rs +++ b/payjoin-cli/src/app/mod.rs @@ -52,15 +52,15 @@ pub trait App: Send + Sync { } } -#[cfg(feature = "_danger-local-https")] +#[cfg(feature = "_manual-tls")] fn http_agent(config: &Config) -> Result { Ok(http_agent_builder(config.root_certificate.as_ref())?.build()?) } -#[cfg(not(feature = "_danger-local-https"))] +#[cfg(not(feature = "_manual-tls"))] fn http_agent(_config: &Config) -> Result { Ok(reqwest::Client::new()) } -#[cfg(feature = "_danger-local-https")] +#[cfg(feature = "_manual-tls")] fn http_agent_builder( root_cert_path: Option<&std::path::PathBuf>, ) -> Result { diff --git a/payjoin-cli/src/app/v1.rs b/payjoin-cli/src/app/v1.rs index 3051dface..70597f404 100644 --- a/payjoin-cli/src/app/v1.rs +++ b/payjoin-cli/src/app/v1.rs @@ -150,14 +150,14 @@ impl App { let app = self.clone(); - #[cfg(feature = "_danger-local-https")] + #[cfg(feature = "_manual-tls")] let tls_acceptor = self.init_tls_acceptor()?; while let Ok((stream, _)) = listener.accept().await { let app = app.clone(); - #[cfg(feature = "_danger-local-https")] + #[cfg(feature = "_manual-tls")] let tls_acceptor = tls_acceptor.clone(); tokio::spawn(async move { - #[cfg(feature = "_danger-local-https")] + #[cfg(feature = "_manual-tls")] let stream = match tls_acceptor.accept(stream).await { Ok(tls_stream) => tls_stream, Err(e) => { @@ -177,7 +177,7 @@ impl App { Ok(()) } - #[cfg(feature = "_danger-local-https")] + #[cfg(feature = "_manual-tls")] fn init_tls_acceptor(&self) -> Result { use rustls::pki_types::{CertificateDer, PrivateKeyDer}; use rustls::ServerConfig; diff --git a/payjoin-cli/src/app/v2/ohttp.rs b/payjoin-cli/src/app/v2/ohttp.rs index 7173e92c6..c825ea1ff 100644 --- a/payjoin-cli/src/app/v2/ohttp.rs +++ b/payjoin-cli/src/app/v2/ohttp.rs @@ -78,7 +78,7 @@ async fn fetch_ohttp_keys( .set_selected_relay(selected_relay.clone()); let ohttp_keys = { - #[cfg(feature = "_danger-local-https")] + #[cfg(feature = "_manual-tls")] { if let Some(cert_path) = config.root_certificate.as_ref() { let cert_der = std::fs::read(cert_path)?; @@ -92,7 +92,7 @@ async fn fetch_ohttp_keys( payjoin::io::fetch_ohttp_keys(&selected_relay, &payjoin_directory).await } } - #[cfg(not(feature = "_danger-local-https"))] + #[cfg(not(feature = "_manual-tls"))] payjoin::io::fetch_ohttp_keys(&selected_relay, &payjoin_directory).await }; diff --git a/payjoin-cli/src/cli/mod.rs b/payjoin-cli/src/cli/mod.rs index 1e6206576..a3db87d46 100644 --- a/payjoin-cli/src/cli/mod.rs +++ b/payjoin-cli/src/cli/mod.rs @@ -76,11 +76,11 @@ pub struct Cli { #[arg(long = "pj-directory", help = "The directory to store payjoin requests", value_parser = value_parser!(Url))] pub pj_directory: Option, - #[cfg(feature = "_danger-local-https")] + #[cfg(feature = "_manual-tls")] #[arg(long = "root-certificate", help = "Specify a TLS certificate to be added as a root", value_parser = value_parser!(PathBuf))] pub root_certificate: Option, - #[cfg(feature = "_danger-local-https")] + #[cfg(feature = "_manual-tls")] #[arg(long = "certificate-key", help = "Specify the certificate private key", value_parser = value_parser!(PathBuf))] pub certificate_key: Option, } diff --git a/payjoin-cli/tests/e2e.rs b/payjoin-cli/tests/e2e.rs index bfbb63909..c2ea05b7b 100644 --- a/payjoin-cli/tests/e2e.rs +++ b/payjoin-cli/tests/e2e.rs @@ -1,4 +1,4 @@ -#[cfg(feature = "_danger-local-https")] +#[cfg(feature = "_manual-tls")] mod e2e { use std::process::{ExitStatus, Stdio}; diff --git a/payjoin-directory/Cargo.toml b/payjoin-directory/Cargo.toml index a6073e3ed..71234a5e9 100644 --- a/payjoin-directory/Cargo.toml +++ b/payjoin-directory/Cargo.toml @@ -15,7 +15,7 @@ resolver = "2" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html [features] -_danger-local-https = ["hyper-rustls", "rustls", "tokio-rustls"] +_manual-tls = ["hyper-rustls", "rustls", "tokio-rustls"] [dependencies] anyhow = "1.0.71" diff --git a/payjoin-directory/src/lib.rs b/payjoin-directory/src/lib.rs index 0dc3577c0..79080d01c 100644 --- a/payjoin-directory/src/lib.rs +++ b/payjoin-directory/src/lib.rs @@ -34,7 +34,7 @@ mod db; pub type BoxError = Box; -#[cfg(feature = "_danger-local-https")] +#[cfg(feature = "_manual-tls")] fn init_tls_acceptor(cert_key: (Vec, Vec)) -> Result { use rustls::pki_types::{CertificateDer, PrivateKeyDer}; use rustls::ServerConfig; @@ -75,7 +75,7 @@ impl hyper::service::Service> for Service { impl Service { pub fn new(pool: DbPool, ohttp: ohttp::Server) -> Self { Self { pool, ohttp } } - #[cfg(feature = "_danger-local-https")] + #[cfg(feature = "_manual-tls")] pub async fn serve_tls( self, listener: tokio::net::TcpListener, diff --git a/payjoin-ffi/Cargo.toml b/payjoin-ffi/Cargo.toml index 219d4b821..bcc9c0d0e 100644 --- a/payjoin-ffi/Cargo.toml +++ b/payjoin-ffi/Cargo.toml @@ -7,7 +7,7 @@ exclude = ["tests"] [features] _test-utils = ["payjoin-test-utils", "tokio", "bitcoind"] -_danger-local-https = ["payjoin/_danger-local-https"] +_manual-tls = ["payjoin/_manual-tls"] [lib] name = "payjoin_ffi" diff --git a/payjoin-ffi/contrib/lint.sh b/payjoin-ffi/contrib/lint.sh index e42f2c9d7..87fbb66e7 100755 --- a/payjoin-ffi/contrib/lint.sh +++ b/payjoin-ffi/contrib/lint.sh @@ -2,7 +2,7 @@ set -e # Individual features with no defaults. -features=("_danger-local-https" "_test-utils") +features=("_manual-tls" "_test-utils") for feature in "${features[@]}"; do # Don't duplicate --all-targets clippy. Clippy end-user code, not tests. diff --git a/payjoin-ffi/contrib/test.sh b/payjoin-ffi/contrib/test.sh index 627a2cfa2..c5d76960b 100755 --- a/payjoin-ffi/contrib/test.sh +++ b/payjoin-ffi/contrib/test.sh @@ -4,7 +4,7 @@ set -e RUST_VERSION=$(rustc --version | awk '{print $2}') if [[ ! "$RUST_VERSION" =~ ^1\.63\. ]]; then - cargo test --package payjoin-ffi --verbose --features=_danger-local-https,_test-utils + cargo test --package payjoin-ffi --verbose --features=_manual-tls,_test-utils else echo "Skipping payjoin-ffi tests for Rust version $RUST_VERSION (MSRV)" fi diff --git a/payjoin-ffi/src/io.rs b/payjoin-ffi/src/io.rs index a341fea5b..3c67f71a6 100644 --- a/payjoin-ffi/src/io.rs +++ b/payjoin-ffi/src/io.rs @@ -41,7 +41,7 @@ pub async fn fetch_ohttp_keys( /// directory stores and forwards payjoin client payloads. /// /// * `cert_der`: The DER-encoded certificate to use for local HTTPS connections. -#[cfg(feature = "_danger-local-https")] +#[cfg(feature = "_manual-tls")] pub async fn fetch_ohttp_keys_with_cert( ohttp_relay: &str, payjoin_directory: &str, diff --git a/payjoin-test-utils/Cargo.toml b/payjoin-test-utils/Cargo.toml index 88ecb7f8b..6cf50a777 100644 --- a/payjoin-test-utils/Cargo.toml +++ b/payjoin-test-utils/Cargo.toml @@ -17,8 +17,8 @@ log = "0.4.7" ohttp = { package = "bitcoin-ohttp", version = "0.6.0" } ohttp-relay = { version = "0.0.10", features = ["_test-util"] } once_cell = "1.19.0" -payjoin = { version = "0.24.0", features = ["io", "_danger-local-https", "_test-utils"] } -payjoin-directory = { version = "0.0.3", features = ["_danger-local-https"] } +payjoin = { version = "0.24.0", features = ["io", "_manual-tls", "_test-utils"] } +payjoin-directory = { version = "0.0.3", features = ["_manual-tls"] } rcgen = "0.11" rustls = "0.22" reqwest = { version = "0.12", default-features = false, features = ["rustls-tls"] } diff --git a/payjoin/Cargo.toml b/payjoin/Cargo.toml index 37d163732..cdc258fa8 100644 --- a/payjoin/Cargo.toml +++ b/payjoin/Cargo.toml @@ -24,7 +24,7 @@ v1 = ["_core"] v2 = ["_core", "hpke", "dep:http", "bhttp", "ohttp", "url/serde", "directory"] #[doc = "Functions to fetch OHTTP keys via CONNECT proxy using reqwest. Enables `v2` since only `v2` uses OHTTP."] io = ["v2", "reqwest/rustls-tls"] -_danger-local-https = ["reqwest/rustls-tls", "rustls"] +_manual-tls = ["reqwest/rustls-tls", "rustls"] _test-utils = [] [dependencies] diff --git a/payjoin/src/core/io.rs b/payjoin/src/core/io.rs index c5b8d75a5..e6d001a33 100644 --- a/payjoin/src/core/io.rs +++ b/payjoin/src/core/io.rs @@ -35,7 +35,7 @@ pub async fn fetch_ohttp_keys( /// directory stores and forwards payjoin client payloads. /// /// * `cert_der`: The DER-encoded certificate to use for local HTTPS connections. -#[cfg(feature = "_danger-local-https")] +#[cfg(feature = "_manual-tls")] pub async fn fetch_ohttp_keys_with_cert( ohttp_relay: impl IntoUrl, payjoin_directory: impl IntoUrl, @@ -81,7 +81,7 @@ enum InternalErrorInner { ParseUrl(crate::into_url::Error), Reqwest(reqwest::Error), Io(std::io::Error), - #[cfg(feature = "_danger-local-https")] + #[cfg(feature = "_manual-tls")] Rustls(rustls::Error), InvalidOhttpKeys(String), } @@ -105,7 +105,7 @@ macro_rules! impl_from_error { impl_from_error!(crate::into_url::Error, ParseUrl); impl_from_error!(reqwest::Error, Reqwest); impl_from_error!(std::io::Error, Io); -#[cfg(feature = "_danger-local-https")] +#[cfg(feature = "_manual-tls")] impl_from_error!(rustls::Error, Rustls); impl std::fmt::Display for Error { @@ -130,7 +130,7 @@ impl std::fmt::Display for InternalErrorInner { InvalidOhttpKeys(e) => { write!(f, "Invalid ohttp keys returned from payjoin directory: {e}") } - #[cfg(feature = "_danger-local-https")] + #[cfg(feature = "_manual-tls")] Rustls(e) => e.fmt(f), } } @@ -154,7 +154,7 @@ impl std::error::Error for InternalErrorInner { ParseUrl(e) => Some(e), Io(e) => Some(e), InvalidOhttpKeys(_) => None, - #[cfg(feature = "_danger-local-https")] + #[cfg(feature = "_manual-tls")] Rustls(e) => Some(e), } } diff --git a/payjoin/tests/integration.rs b/payjoin/tests/integration.rs index 9c478b26f..98234c4a6 100644 --- a/payjoin/tests/integration.rs +++ b/payjoin/tests/integration.rs @@ -163,7 +163,7 @@ mod integration { } } - #[cfg(all(feature = "io", feature = "v2", feature = "_danger-local-https"))] + #[cfg(all(feature = "io", feature = "v2", feature = "_manual-tls"))] mod v2 { use std::sync::Arc; use std::time::Duration;