mirrors/btcpayserver
1
0
Fork 0
mirror of https://github.com/btcpayserver/btcpayserver.git synced 2025-02-23 14:40:36 +01:00
Code Issues Projects Releases Packages Wiki Activity

Do not prevent btcpayserver from starting if using insecure protocol for lightning services

Browse source
This commit is contained in:
nicolas.dorier 2019-02-22 18:24:27 +09:00
parent 8ae5a9c1f7
commit fbcb69f447
3 changed files with 61 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
BTCPayServer/BTCPayServer.csproj
View file

@ -2,7 +2,7 @@
<PropertyGroup> <PropertyGroup>
<OutputType>Exe</OutputType> <OutputType>Exe</OutputType>
<TargetFramework>netcoreapp2.1</TargetFramework> <TargetFramework>netcoreapp2.1</TargetFramework>
<Version>1.0.3.63</Version> <Version>1.0.3.64</Version>
<NoWarn>NU1701,CA1816,CA1308,CA1810,CA2208</NoWarn> <NoWarn>NU1701,CA1816,CA1308,CA1810,CA2208</NoWarn>
</PropertyGroup> </PropertyGroup>
<PropertyGroup> <PropertyGroup>

64
BTCPayServer/Configuration/BTCPayServerOptions.cs
View file

@ -109,18 +109,22 @@ namespace BTCPayServer.Configuration
{ {
if (!LightningConnectionString.TryParse(lightning, true, out var connectionString, out var error)) if (!LightningConnectionString.TryParse(lightning, true, out var connectionString, out var error))
{ {
throw new ConfigException($"Invalid setting {net.CryptoCode}.lightning, " + Environment.NewLine + Logs.Configuration.LogWarning($"Invalid setting {net.CryptoCode}.lightning, " + Environment.NewLine +
$"If you have a c-lightning server use: 'type=clightning;server=/root/.lightning/lightning-rpc', " + Environment.NewLine + $"If you have a c-lightning server use: 'type=clightning;server=/root/.lightning/lightning-rpc', " + Environment.NewLine +
$"If you have a lightning charge server: 'type=charge;server=https://charge.example.com;api-token=yourapitoken'" + Environment.NewLine + $"If you have a lightning charge server: 'type=charge;server=https://charge.example.com;api-token=yourapitoken'" + Environment.NewLine +
$"If you have a lnd server: 'type=lnd-rest;server=https://lnd:lnd@lnd.example.com;macaroon=abf239...;certthumbprint=2abdf302...'" + Environment.NewLine + $"If you have a lnd server: 'type=lnd-rest;server=https://lnd:lnd@lnd.example.com;macaroon=abf239...;certthumbprint=2abdf302...'" + Environment.NewLine +
$" lnd server: 'type=lnd-rest;server=https://lnd:lnd@lnd.example.com;macaroonfilepath=/root/.lnd/admin.macaroon;certthumbprint=2abdf302...'" + Environment.NewLine + $" lnd server: 'type=lnd-rest;server=https://lnd:lnd@lnd.example.com;macaroonfilepath=/root/.lnd/admin.macaroon;certthumbprint=2abdf302...'" + Environment.NewLine +
error); $"Error: {error}" + Environment.NewLine +
"This service will not be exposed through BTCPay Server");
} }
if (connectionString.IsLegacy) else
{ {
Logs.Configuration.LogWarning($"Setting {net.CryptoCode}.lightning is a deprecated format, it will work now, but please replace it for future versions with '{connectionString.ToString()}'"); if (connectionString.IsLegacy)
{
Logs.Configuration.LogWarning($"Setting {net.CryptoCode}.lightning is a deprecated format, it will work now, but please replace it for future versions with '{connectionString.ToString()}'");
}
InternalLightningByCryptoCode.Add(net.CryptoCode, connectionString);
} }
InternalLightningByCryptoCode.Add(net.CryptoCode, connectionString);
} }
} }
@ -131,13 +135,17 @@ namespace BTCPayServer.Configuration
{ {
if (!LightningConnectionString.TryParse(lightning, false, out var connectionString, out var error)) if (!LightningConnectionString.TryParse(lightning, false, out var connectionString, out var error))
{ {
throw new ConfigException($"Invalid setting {code}, " + Environment.NewLine + Logs.Configuration.LogWarning($"Invalid setting {code}, " + Environment.NewLine +
$"lnd server: 'type={lndType};server=https://lnd.example.com;macaroon=abf239...;certthumbprint=2abdf302...'" + Environment.NewLine + $"lnd server: 'type={lndType};server=https://lnd.example.com;macaroon=abf239...;certthumbprint=2abdf302...'" + Environment.NewLine +
$"lnd server: 'type={lndType};server=https://lnd.example.com;macaroonfilepath=/root/.lnd/admin.macaroon;certthumbprint=2abdf302...'" + Environment.NewLine + $"lnd server: 'type={lndType};server=https://lnd.example.com;macaroonfilepath=/root/.lnd/admin.macaroon;certthumbprint=2abdf302...'" + Environment.NewLine +
error); $"Error: {error}" + Environment.NewLine +
"This service will not be exposed through BTCPay Server");
}
else
{
var instanceType = typeof(T);
ExternalServicesByCryptoCode.Add(net.CryptoCode, (ExternalService)Activator.CreateInstance(instanceType, connectionString));
} }
var instanceType = typeof(T);
ExternalServicesByCryptoCode.Add(net.CryptoCode, (ExternalService)Activator.CreateInstance(instanceType, connectionString));
} }
}; };
@ -148,12 +156,17 @@ namespace BTCPayServer.Configuration
var spark = conf.GetOrDefault<string>($"{net.CryptoCode}.external.spark", string.Empty); var spark = conf.GetOrDefault<string>($"{net.CryptoCode}.external.spark", string.Empty);
if (spark.Length != 0) if (spark.Length != 0)
{ {
if (!SparkConnectionString.TryParse(spark, out var connectionString)) if (!SparkConnectionString.TryParse(spark, out var connectionString, out var error))
{ {
throw new ConfigException($"Invalid setting {net.CryptoCode}.external.spark, " + Environment.NewLine + Logs.Configuration.LogWarning($"Invalid setting {net.CryptoCode}.external.spark, " + Environment.NewLine +
$"Valid example: 'server=https://btcpay.example.com/spark/btc/;cookiefile=/etc/clightning_bitcoin_spark/.cookie'"); $"Valid example: 'server=https://btcpay.example.com/spark/btc/;cookiefile=/etc/clightning_bitcoin_spark/.cookie'" + Environment.NewLine +
$"Error: {error}" + Environment.NewLine +
"This service will not be exposed through BTCPay Server");
}
else
{
ExternalServicesByCryptoCode.Add(net.CryptoCode, new ExternalSpark(connectionString));
} }
ExternalServicesByCryptoCode.Add(net.CryptoCode, new ExternalSpark(connectionString));
} }
} }
@ -161,12 +174,17 @@ namespace BTCPayServer.Configuration
var rtl = conf.GetOrDefault<string>($"{net.CryptoCode}.external.rtl", string.Empty); var rtl = conf.GetOrDefault<string>($"{net.CryptoCode}.external.rtl", string.Empty);
if (rtl.Length != 0) if (rtl.Length != 0)
{ {
if (!SparkConnectionString.TryParse(rtl, out var connectionString)) if (!SparkConnectionString.TryParse(rtl, out var connectionString, out var error))
{ {
throw new ConfigException($"Invalid setting {net.CryptoCode}.external.rtl, " + Environment.NewLine + Logs.Configuration.LogWarning($"Invalid setting {net.CryptoCode}.external.rtl, " + Environment.NewLine +
$"Valid example: 'server=https://btcpay.example.com/rtl/btc/;cookiefile=/etc/clightning_bitcoin_rtl/.cookie'"); $"Valid example: 'server=https://btcpay.example.com/rtl/btc/;cookiefile=/etc/clightning_bitcoin_rtl/.cookie'" + Environment.NewLine +
$"Error: {error}" + Environment.NewLine +
"This service will not be exposed through BTCPay Server");
}
else
{
ExternalServicesByCryptoCode.Add(net.CryptoCode, new ExternalRTL(connectionString));
} }
ExternalServicesByCryptoCode.Add(net.CryptoCode, new ExternalRTL(connectionString));
} }
} }
@ -176,14 +194,18 @@ namespace BTCPayServer.Configuration
if (!LightningConnectionString.TryParse(charge, false, out var chargeConnectionString, out var chargeError)) if (!LightningConnectionString.TryParse(charge, false, out var chargeConnectionString, out var chargeError))
LightningConnectionString.TryParse("type=charge;" + charge, false, out chargeConnectionString, out chargeError); LightningConnectionString.TryParse("type=charge;" + charge, false, out chargeConnectionString, out chargeError);
if(chargeConnectionString == null || chargeConnectionString.ConnectionType != LightningConnectionType.Charge) if (chargeConnectionString == null || chargeConnectionString.ConnectionType != LightningConnectionType.Charge)
{ {
throw new ConfigException($"Invalid setting {net.CryptoCode}.external.charge, " + Environment.NewLine + Logs.Configuration.LogWarning($"Invalid setting {net.CryptoCode}.external.charge, " + Environment.NewLine +
$"lightning charge server: 'type=charge;server=https://charge.example.com;api-token=2abdf302...'" + Environment.NewLine + $"lightning charge server: 'type=charge;server=https://charge.example.com;api-token=2abdf302...'" + Environment.NewLine +
$"lightning charge server: 'type=charge;server=https://charge.example.com;cookiefilepath=/root/.charge/.cookie'" + Environment.NewLine + $"lightning charge server: 'type=charge;server=https://charge.example.com;cookiefilepath=/root/.charge/.cookie'" + Environment.NewLine +
chargeError ?? string.Empty); $"Error: {chargeError ?? string.Empty}" + Environment.NewLine +
$"This service will not be exposed through BTCPay Server");
}
else
{
ExternalServicesByCryptoCode.Add(net.CryptoCode, new ExternalCharge(chargeConnectionString));
} }
ExternalServicesByCryptoCode.Add(net.CryptoCode, new ExternalCharge(chargeConnectionString));
} }
} }

19
BTCPayServer/Configuration/SparkConnectionString.cs
View file

@ -10,11 +10,11 @@ namespace BTCPayServer.Configuration
public Uri Server { get; private set; } public Uri Server { get; private set; }
public string CookeFile { get; private set; } public string CookeFile { get; private set; }
public static bool TryParse(string str, out SparkConnectionString result) public static bool TryParse(string str, out SparkConnectionString result, out string error)
{ {
if (str == null) if (str == null)
throw new ArgumentNullException(nameof(str)); throw new ArgumentNullException(nameof(str));
error = null;
result = null; result = null;
var resultTemp = new SparkConnectionString(); var resultTemp = new SparkConnectionString();
foreach(var kv in str.Split(';') foreach(var kv in str.Split(';')
@ -25,15 +25,30 @@ namespace BTCPayServer.Configuration
{ {
case "server": case "server":
if (resultTemp.Server != null) if (resultTemp.Server != null)
{
error = "Duplicated server attribute";
return false; return false;
}
if (!Uri.IsWellFormedUriString(kv[1], UriKind.Absolute)) if (!Uri.IsWellFormedUriString(kv[1], UriKind.Absolute))
{
error = "Invalid URI";
return false; return false;
}
resultTemp.Server = new Uri(kv[1], UriKind.Absolute); resultTemp.Server = new Uri(kv[1], UriKind.Absolute);
if(resultTemp.Server.Scheme == "http")
{
error = "Insecure transport protocol (http)";
return false;
}
break; break;
case "cookiefile": case "cookiefile":
case "cookiefilepath": case "cookiefilepath":
if (resultTemp.CookeFile != null) if (resultTemp.CookeFile != null)
{
error = "Duplicated cookiefile attribute";
return false; return false;
}
resultTemp.CookeFile = kv[1]; resultTemp.CookeFile = kv[1];
break; break;
default: default: