TLS version in MQTT configuration parsed from string
This commit is contained in:
parent
aa631deb88
commit
b8917de52f
2 changed files with 30 additions and 7 deletions
|
@ -8,6 +8,7 @@ from platypush.context import get_plugin
|
||||||
from platypush.message import Message
|
from platypush.message import Message
|
||||||
from platypush.message.event.mqtt import MQTTMessageEvent
|
from platypush.message.event.mqtt import MQTTMessageEvent
|
||||||
from platypush.message.request import Request
|
from platypush.message.request import Request
|
||||||
|
from platypush.plugins.mqtt import MqttPlugin as MQTTPlugin
|
||||||
from platypush.utils import set_thread_name
|
from platypush.utils import set_thread_name
|
||||||
|
|
||||||
|
|
||||||
|
@ -48,7 +49,7 @@ class MqttBackend(Backend):
|
||||||
:param tls_keyfile: If TLS/SSL is enabled on the MQTT server and a client certificate key it required,
|
:param tls_keyfile: If TLS/SSL is enabled on the MQTT server and a client certificate key it required,
|
||||||
specify it here (default: None) :type tls_keyfile: str
|
specify it here (default: None) :type tls_keyfile: str
|
||||||
:param tls_version: If TLS/SSL is enabled on the MQTT server and it requires a certain TLS version, specify it
|
:param tls_version: If TLS/SSL is enabled on the MQTT server and it requires a certain TLS version, specify it
|
||||||
here (default: None)
|
here (default: None). Supported versions: ``tls`` (automatic), ``tlsv1``, ``tlsv1.1``, ``tlsv1.2``.
|
||||||
:param tls_ciphers: If TLS/SSL is enabled on the MQTT server and an explicit list of supported ciphers is
|
:param tls_ciphers: If TLS/SSL is enabled on the MQTT server and an explicit list of supported ciphers is
|
||||||
required, specify it here (default: None)
|
required, specify it here (default: None)
|
||||||
:param username: Specify it if the MQTT server requires authentication (default: None)
|
:param username: Specify it if the MQTT server requires authentication (default: None)
|
||||||
|
@ -94,7 +95,7 @@ class MqttBackend(Backend):
|
||||||
self.tls_keyfile = os.path.abspath(os.path.expanduser(tls_keyfile)) \
|
self.tls_keyfile = os.path.abspath(os.path.expanduser(tls_keyfile)) \
|
||||||
if tls_keyfile else None
|
if tls_keyfile else None
|
||||||
|
|
||||||
self.tls_version = tls_version
|
self.tls_version = MQTTPlugin.get_tls_version(tls_version)
|
||||||
self.tls_ciphers = tls_ciphers
|
self.tls_ciphers = tls_ciphers
|
||||||
self.listeners_conf = listeners or []
|
self.listeners_conf = listeners or []
|
||||||
|
|
||||||
|
@ -168,7 +169,7 @@ class MqttBackend(Backend):
|
||||||
client.tls_set(ca_certs=tls_cafile,
|
client.tls_set(ca_certs=tls_cafile,
|
||||||
certfile=listener.get('tls_certfile'),
|
certfile=listener.get('tls_certfile'),
|
||||||
keyfile=listener.get('tls_keyfile'),
|
keyfile=listener.get('tls_keyfile'),
|
||||||
tls_version=listener.get('tls_version'),
|
tls_version=MQTTPlugin.get_tls_version(listener.get('tls_version')),
|
||||||
ciphers=listener.get('tls_ciphers'))
|
ciphers=listener.get('tls_ciphers'))
|
||||||
|
|
||||||
threading.Thread(target=listener_thread, kwargs={
|
threading.Thread(target=listener_thread, kwargs={
|
||||||
|
@ -230,7 +231,8 @@ class MqttBackend(Backend):
|
||||||
|
|
||||||
if self.tls_cafile:
|
if self.tls_cafile:
|
||||||
self._client.tls_set(ca_certs=self.tls_cafile, certfile=self.tls_certfile,
|
self._client.tls_set(ca_certs=self.tls_cafile, certfile=self.tls_certfile,
|
||||||
keyfile=self.tls_keyfile, tls_version=self.tls_version,
|
keyfile=self.tls_keyfile,
|
||||||
|
tls_version=self.tls_version,
|
||||||
ciphers=self.tls_ciphers)
|
ciphers=self.tls_ciphers)
|
||||||
|
|
||||||
self._client.connect(self.host, self.port, 60)
|
self._client.connect(self.host, self.port, 60)
|
||||||
|
|
|
@ -40,7 +40,8 @@ class MqttPlugin(Plugin):
|
||||||
:param tls_keyfile: If a default host is set and requires TLS/SSL, specify the key file (default: None)
|
:param tls_keyfile: If a default host is set and requires TLS/SSL, specify the key file (default: None)
|
||||||
:type tls_keyfile: str
|
:type tls_keyfile: str
|
||||||
|
|
||||||
:param tls_version: If a default host is set and requires TLS/SSL, specify the minimum TLS supported version (default: None)
|
:param tls_version: If TLS/SSL is enabled on the MQTT server and it requires a certain TLS version, specify it
|
||||||
|
here (default: None). Supported versions: ``tls`` (automatic), ``tlsv1``, ``tlsv1.1``, ``tlsv1.2``.
|
||||||
:type tls_version: str
|
:type tls_version: str
|
||||||
|
|
||||||
:param tls_ciphers: If a default host is set and requires TLS/SSL, specify the supported ciphers (default: None)
|
:param tls_ciphers: If a default host is set and requires TLS/SSL, specify the supported ciphers (default: None)
|
||||||
|
@ -68,9 +69,27 @@ class MqttPlugin(Plugin):
|
||||||
self.tls_keyfile = os.path.abspath(os.path.expanduser(tls_keyfile)) \
|
self.tls_keyfile = os.path.abspath(os.path.expanduser(tls_keyfile)) \
|
||||||
if tls_keyfile else None
|
if tls_keyfile else None
|
||||||
|
|
||||||
self.tls_version = tls_version
|
self.tls_version = self.get_tls_version(tls_version)
|
||||||
self.tls_ciphers = tls_ciphers
|
self.tls_ciphers = tls_ciphers
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def get_tls_version(version: Optional[str] = None):
|
||||||
|
import ssl
|
||||||
|
if not version:
|
||||||
|
return None
|
||||||
|
|
||||||
|
version = version.lower()
|
||||||
|
if version == 'tls':
|
||||||
|
return ssl.PROTOCOL_TLS
|
||||||
|
if version == 'tlsv1':
|
||||||
|
return ssl.PROTOCOL_TLSv1
|
||||||
|
if version == 'tlsv1.1':
|
||||||
|
return ssl.PROTOCOL_TLSv1_1
|
||||||
|
if version == 'tlsv1.2':
|
||||||
|
return ssl.PROTOCOL_TLSv1_2
|
||||||
|
|
||||||
|
assert 'Unrecognized TLS version: {}'.format(version)
|
||||||
|
|
||||||
@action
|
@action
|
||||||
def publish(self, topic: str, msg: Any, host: Optional[str] = None, port: int = 1883,
|
def publish(self, topic: str, msg: Any, host: Optional[str] = None, port: int = 1883,
|
||||||
reply_topic: Optional[str] = None, timeout: int = 60,
|
reply_topic: Optional[str] = None, timeout: int = 60,
|
||||||
|
@ -95,7 +114,7 @@ class MqttPlugin(Plugin):
|
||||||
:param tls_keyfile: If TLS/SSL is enabled on the MQTT server and a client certificate key it required, specify
|
:param tls_keyfile: If TLS/SSL is enabled on the MQTT server and a client certificate key it required, specify
|
||||||
it here (default: None).
|
it here (default: None).
|
||||||
:param tls_version: If TLS/SSL is enabled on the MQTT server and it requires a certain TLS version, specify it
|
:param tls_version: If TLS/SSL is enabled on the MQTT server and it requires a certain TLS version, specify it
|
||||||
here (default: None).
|
here (default: None). Supported versions: ``tls`` (automatic), ``tlsv1``, ``tlsv1.1``, ``tlsv1.2``.
|
||||||
:param tls_ciphers: If TLS/SSL is enabled on the MQTT server and an explicit list of supported ciphers is
|
:param tls_ciphers: If TLS/SSL is enabled on the MQTT server and an explicit list of supported ciphers is
|
||||||
required, specify it here (default: None).
|
required, specify it here (default: None).
|
||||||
:param username: Specify it if the MQTT server requires authentication (default: None).
|
:param username: Specify it if the MQTT server requires authentication (default: None).
|
||||||
|
@ -114,6 +133,8 @@ class MqttPlugin(Plugin):
|
||||||
tls_ciphers = self.tls_ciphers
|
tls_ciphers = self.tls_ciphers
|
||||||
username = self.username
|
username = self.username
|
||||||
password = self.password
|
password = self.password
|
||||||
|
elif tls_version:
|
||||||
|
tls_version = self.get_tls_version(tls_version)
|
||||||
|
|
||||||
client = Client()
|
client = Client()
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue