TLS version in MQTT configuration parsed from string
This commit is contained in:
parent
aa631deb88
commit
b8917de52f
2 changed files with 30 additions and 7 deletions
|
@ -8,6 +8,7 @@ from platypush.context import get_plugin
|
|||
from platypush.message import Message
|
||||
from platypush.message.event.mqtt import MQTTMessageEvent
|
||||
from platypush.message.request import Request
|
||||
from platypush.plugins.mqtt import MqttPlugin as MQTTPlugin
|
||||
from platypush.utils import set_thread_name
|
||||
|
||||
|
||||
|
@ -48,7 +49,7 @@ class MqttBackend(Backend):
|
|||
:param tls_keyfile: If TLS/SSL is enabled on the MQTT server and a client certificate key it required,
|
||||
specify it here (default: None) :type tls_keyfile: str
|
||||
:param tls_version: If TLS/SSL is enabled on the MQTT server and it requires a certain TLS version, specify it
|
||||
here (default: None)
|
||||
here (default: None). Supported versions: ``tls`` (automatic), ``tlsv1``, ``tlsv1.1``, ``tlsv1.2``.
|
||||
:param tls_ciphers: If TLS/SSL is enabled on the MQTT server and an explicit list of supported ciphers is
|
||||
required, specify it here (default: None)
|
||||
:param username: Specify it if the MQTT server requires authentication (default: None)
|
||||
|
@ -94,7 +95,7 @@ class MqttBackend(Backend):
|
|||
self.tls_keyfile = os.path.abspath(os.path.expanduser(tls_keyfile)) \
|
||||
if tls_keyfile else None
|
||||
|
||||
self.tls_version = tls_version
|
||||
self.tls_version = MQTTPlugin.get_tls_version(tls_version)
|
||||
self.tls_ciphers = tls_ciphers
|
||||
self.listeners_conf = listeners or []
|
||||
|
||||
|
@ -168,7 +169,7 @@ class MqttBackend(Backend):
|
|||
client.tls_set(ca_certs=tls_cafile,
|
||||
certfile=listener.get('tls_certfile'),
|
||||
keyfile=listener.get('tls_keyfile'),
|
||||
tls_version=listener.get('tls_version'),
|
||||
tls_version=MQTTPlugin.get_tls_version(listener.get('tls_version')),
|
||||
ciphers=listener.get('tls_ciphers'))
|
||||
|
||||
threading.Thread(target=listener_thread, kwargs={
|
||||
|
@ -230,7 +231,8 @@ class MqttBackend(Backend):
|
|||
|
||||
if self.tls_cafile:
|
||||
self._client.tls_set(ca_certs=self.tls_cafile, certfile=self.tls_certfile,
|
||||
keyfile=self.tls_keyfile, tls_version=self.tls_version,
|
||||
keyfile=self.tls_keyfile,
|
||||
tls_version=self.tls_version,
|
||||
ciphers=self.tls_ciphers)
|
||||
|
||||
self._client.connect(self.host, self.port, 60)
|
||||
|
|
|
@ -40,7 +40,8 @@ class MqttPlugin(Plugin):
|
|||
:param tls_keyfile: If a default host is set and requires TLS/SSL, specify the key file (default: None)
|
||||
:type tls_keyfile: str
|
||||
|
||||
:param tls_version: If a default host is set and requires TLS/SSL, specify the minimum TLS supported version (default: None)
|
||||
:param tls_version: If TLS/SSL is enabled on the MQTT server and it requires a certain TLS version, specify it
|
||||
here (default: None). Supported versions: ``tls`` (automatic), ``tlsv1``, ``tlsv1.1``, ``tlsv1.2``.
|
||||
:type tls_version: str
|
||||
|
||||
:param tls_ciphers: If a default host is set and requires TLS/SSL, specify the supported ciphers (default: None)
|
||||
|
@ -68,9 +69,27 @@ class MqttPlugin(Plugin):
|
|||
self.tls_keyfile = os.path.abspath(os.path.expanduser(tls_keyfile)) \
|
||||
if tls_keyfile else None
|
||||
|
||||
self.tls_version = tls_version
|
||||
self.tls_version = self.get_tls_version(tls_version)
|
||||
self.tls_ciphers = tls_ciphers
|
||||
|
||||
@staticmethod
|
||||
def get_tls_version(version: Optional[str] = None):
|
||||
import ssl
|
||||
if not version:
|
||||
return None
|
||||
|
||||
version = version.lower()
|
||||
if version == 'tls':
|
||||
return ssl.PROTOCOL_TLS
|
||||
if version == 'tlsv1':
|
||||
return ssl.PROTOCOL_TLSv1
|
||||
if version == 'tlsv1.1':
|
||||
return ssl.PROTOCOL_TLSv1_1
|
||||
if version == 'tlsv1.2':
|
||||
return ssl.PROTOCOL_TLSv1_2
|
||||
|
||||
assert 'Unrecognized TLS version: {}'.format(version)
|
||||
|
||||
@action
|
||||
def publish(self, topic: str, msg: Any, host: Optional[str] = None, port: int = 1883,
|
||||
reply_topic: Optional[str] = None, timeout: int = 60,
|
||||
|
@ -95,7 +114,7 @@ class MqttPlugin(Plugin):
|
|||
:param tls_keyfile: If TLS/SSL is enabled on the MQTT server and a client certificate key it required, specify
|
||||
it here (default: None).
|
||||
:param tls_version: If TLS/SSL is enabled on the MQTT server and it requires a certain TLS version, specify it
|
||||
here (default: None).
|
||||
here (default: None). Supported versions: ``tls`` (automatic), ``tlsv1``, ``tlsv1.1``, ``tlsv1.2``.
|
||||
:param tls_ciphers: If TLS/SSL is enabled on the MQTT server and an explicit list of supported ciphers is
|
||||
required, specify it here (default: None).
|
||||
:param username: Specify it if the MQTT server requires authentication (default: None).
|
||||
|
@ -114,6 +133,8 @@ class MqttPlugin(Plugin):
|
|||
tls_ciphers = self.tls_ciphers
|
||||
username = self.username
|
||||
password = self.password
|
||||
elif tls_version:
|
||||
tls_version = self.get_tls_version(tls_version)
|
||||
|
||||
client = Client()
|
||||
|
||||
|
|
Loading…
Reference in a new issue