TLS version in MQTT configuration parsed from string

This commit is contained in:
Fabio Manganiello 2020-08-27 12:44:00 +02:00
parent aa631deb88
commit b8917de52f
2 changed files with 30 additions and 7 deletions

View file

@ -8,6 +8,7 @@ from platypush.context import get_plugin
from platypush.message import Message
from platypush.message.event.mqtt import MQTTMessageEvent
from platypush.message.request import Request
from platypush.plugins.mqtt import MqttPlugin as MQTTPlugin
from platypush.utils import set_thread_name
@ -48,7 +49,7 @@ class MqttBackend(Backend):
:param tls_keyfile: If TLS/SSL is enabled on the MQTT server and a client certificate key it required,
specify it here (default: None) :type tls_keyfile: str
:param tls_version: If TLS/SSL is enabled on the MQTT server and it requires a certain TLS version, specify it
here (default: None)
here (default: None). Supported versions: ``tls`` (automatic), ``tlsv1``, ``tlsv1.1``, ``tlsv1.2``.
:param tls_ciphers: If TLS/SSL is enabled on the MQTT server and an explicit list of supported ciphers is
required, specify it here (default: None)
:param username: Specify it if the MQTT server requires authentication (default: None)
@ -94,7 +95,7 @@ class MqttBackend(Backend):
self.tls_keyfile = os.path.abspath(os.path.expanduser(tls_keyfile)) \
if tls_keyfile else None
self.tls_version = tls_version
self.tls_version = MQTTPlugin.get_tls_version(tls_version)
self.tls_ciphers = tls_ciphers
self.listeners_conf = listeners or []
@ -168,7 +169,7 @@ class MqttBackend(Backend):
client.tls_set(ca_certs=tls_cafile,
certfile=listener.get('tls_certfile'),
keyfile=listener.get('tls_keyfile'),
tls_version=listener.get('tls_version'),
tls_version=MQTTPlugin.get_tls_version(listener.get('tls_version')),
ciphers=listener.get('tls_ciphers'))
threading.Thread(target=listener_thread, kwargs={
@ -230,7 +231,8 @@ class MqttBackend(Backend):
if self.tls_cafile:
self._client.tls_set(ca_certs=self.tls_cafile, certfile=self.tls_certfile,
keyfile=self.tls_keyfile, tls_version=self.tls_version,
keyfile=self.tls_keyfile,
tls_version=self.tls_version,
ciphers=self.tls_ciphers)
self._client.connect(self.host, self.port, 60)

View file

@ -40,7 +40,8 @@ class MqttPlugin(Plugin):
:param tls_keyfile: If a default host is set and requires TLS/SSL, specify the key file (default: None)
:type tls_keyfile: str
:param tls_version: If a default host is set and requires TLS/SSL, specify the minimum TLS supported version (default: None)
:param tls_version: If TLS/SSL is enabled on the MQTT server and it requires a certain TLS version, specify it
here (default: None). Supported versions: ``tls`` (automatic), ``tlsv1``, ``tlsv1.1``, ``tlsv1.2``.
:type tls_version: str
:param tls_ciphers: If a default host is set and requires TLS/SSL, specify the supported ciphers (default: None)
@ -68,9 +69,27 @@ class MqttPlugin(Plugin):
self.tls_keyfile = os.path.abspath(os.path.expanduser(tls_keyfile)) \
if tls_keyfile else None
self.tls_version = tls_version
self.tls_version = self.get_tls_version(tls_version)
self.tls_ciphers = tls_ciphers
@staticmethod
def get_tls_version(version: Optional[str] = None):
import ssl
if not version:
return None
version = version.lower()
if version == 'tls':
return ssl.PROTOCOL_TLS
if version == 'tlsv1':
return ssl.PROTOCOL_TLSv1
if version == 'tlsv1.1':
return ssl.PROTOCOL_TLSv1_1
if version == 'tlsv1.2':
return ssl.PROTOCOL_TLSv1_2
assert 'Unrecognized TLS version: {}'.format(version)
@action
def publish(self, topic: str, msg: Any, host: Optional[str] = None, port: int = 1883,
reply_topic: Optional[str] = None, timeout: int = 60,
@ -95,7 +114,7 @@ class MqttPlugin(Plugin):
:param tls_keyfile: If TLS/SSL is enabled on the MQTT server and a client certificate key it required, specify
it here (default: None).
:param tls_version: If TLS/SSL is enabled on the MQTT server and it requires a certain TLS version, specify it
here (default: None).
here (default: None). Supported versions: ``tls`` (automatic), ``tlsv1``, ``tlsv1.1``, ``tlsv1.2``.
:param tls_ciphers: If TLS/SSL is enabled on the MQTT server and an explicit list of supported ciphers is
required, specify it here (default: None).
:param username: Specify it if the MQTT server requires authentication (default: None).
@ -114,6 +133,8 @@ class MqttPlugin(Plugin):
tls_ciphers = self.tls_ciphers
username = self.username
password = self.password
elif tls_version:
tls_version = self.get_tls_version(tls_version)
client = Client()