search

payjoin / rust-payjoin

Supercharged payment batching to save you fees and preserve your privacy
https://payjoindevkit.org
82 stars 34 forks source link

Depend on reqwest/rustls-tls for HTTPS-in-HTTPS bootstrap #269

Closed DanGould closed 1 month ago

DanGould commented 1 month ago

fetch_ohttp_keys relies on an HTTP CONNECT method that tunnels an encrypted HTTPS request. This was broken in fixing #237 because reqwest must depend on reqwest/rustls-tls in order to establish this tunnel.

This change should be accompanied by a test, which would require hosting the ohttp_relay behind a TLS certificate in testing, perhaps via a danger-local-https feature in that crate akin to the one in payjoin-directory. We could also use a reverse proxy to do TLS termination just within the tests, which would be a more clean single-use-principle design.

DanGould commented 1 month ago

This is directly related to having these types of tests in reqwest, too: https://github.com/seanmonstar/reqwest/issues/423