Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
镜像
Eclipse Foundation
paho.mqtt.python
提交
116e97ab
P
paho.mqtt.python
项目概览
镜像
/
Eclipse Foundation
/
paho.mqtt.python
10 个月 前同步成功
通知
2
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
P
paho.mqtt.python
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
116e97ab
编写于
7月 07, 2021
作者:
R
Roger A. Light
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Add support for loading TLS keys with passwords.
Closes #409 Closes #576 Thanks to Thomas Zahari.
上级
8598f878
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
90 addition
and
4 deletion
+90
-4
src/paho/mqtt/client.py
src/paho/mqtt/client.py
+7
-4
test/lib/08-ssl-connect-cert-auth-pw.py
test/lib/08-ssl-connect-cert-auth-pw.py
+45
-0
test/lib/Makefile
test/lib/Makefile
+1
-0
test/lib/python/08-ssl-connect-cert-auth-pw.test
test/lib/python/08-ssl-connect-cert-auth-pw.test
+37
-0
未找到文件。
src/paho/mqtt/client.py
浏览文件 @
116e97ab
...
...
@@ -764,7 +764,7 @@ class Client(object):
if
hasattr
(
context
,
'check_hostname'
):
self
.
_tls_insecure
=
not
context
.
check_hostname
def
tls_set
(
self
,
ca_certs
=
None
,
certfile
=
None
,
keyfile
=
None
,
cert_reqs
=
None
,
tls_version
=
None
,
ciphers
=
None
):
def
tls_set
(
self
,
ca_certs
=
None
,
certfile
=
None
,
keyfile
=
None
,
cert_reqs
=
None
,
tls_version
=
None
,
ciphers
=
None
,
keyfile_password
=
None
):
"""Configure network encryption and authentication options. Enables SSL/TLS support.
ca_certs : a string path to the Certificate Authority certificate files
...
...
@@ -784,8 +784,11 @@ class Client(object):
None then they will be used as client information for TLS based
authentication. Support for this feature is broker dependent. Note
that if either of these files in encrypted and needs a password to
decrypt it, Python will ask for the password at the command line. It is
not currently possible to define a callback to provide the password.
decrypt it, then this can be passed using the keyfile_password
argument - you should take precautions to ensure that your password is
not hard coded into your program by loading the password from a file
for example. If you do not provide keyfile_password, the password will
be requested to be typed in at a terminal window.
cert_reqs allows the certificate requirements that the client imposes
on the broker to be changed. By default this is ssl.CERT_REQUIRED,
...
...
@@ -822,7 +825,7 @@ class Client(object):
# Configure context
if
certfile
is
not
None
:
context
.
load_cert_chain
(
certfile
,
keyfile
)
context
.
load_cert_chain
(
certfile
,
keyfile
,
keyfile_password
)
if
cert_reqs
==
ssl
.
CERT_NONE
and
hasattr
(
context
,
'check_hostname'
):
context
.
check_hostname
=
False
...
...
test/lib/08-ssl-connect-cert-auth-pw.py
0 → 100755
浏览文件 @
116e97ab
#!/usr/bin/env python3
# Test whether a client produces a correct connect and subsequent disconnect when using SSL.
# Client must provide a certificate - the private key is encrypted with a password.
# The client should connect to port 1888 with keepalive=60, clean session set,
# and client id 08-ssl-connect-crt-auth
# It should use the CA certificate ssl/all-ca.crt for verifying the server.
# The test will send a CONNACK message to the client with rc=0. Upon receiving
# the CONNACK and verifying that rc=0, the client should send a DISCONNECT
# message. If rc!=0, the client should exit with an error.
import
context
import
paho_test
from
paho_test
import
ssl
context
.
check_ssl
()
rc
=
1
keepalive
=
60
connect_packet
=
paho_test
.
gen_connect
(
"08-ssl-connect-crt-auth-pw"
,
keepalive
=
keepalive
)
connack_packet
=
paho_test
.
gen_connack
(
rc
=
0
)
disconnect_packet
=
paho_test
.
gen_disconnect
()
ssock
=
paho_test
.
create_server_socket_ssl
(
cert_reqs
=
ssl
.
CERT_REQUIRED
)
client
=
context
.
start_client
()
try
:
(
conn
,
address
)
=
ssock
.
accept
()
conn
.
settimeout
(
10
)
if
paho_test
.
expect_packet
(
conn
,
"connect"
,
connect_packet
):
conn
.
send
(
connack_packet
)
if
paho_test
.
expect_packet
(
conn
,
"disconnect"
,
disconnect_packet
):
rc
=
0
conn
.
close
()
finally
:
client
.
terminate
()
client
.
wait
()
ssock
.
close
()
exit
(
rc
)
test/lib/Makefile
浏览文件 @
116e97ab
...
...
@@ -29,4 +29,5 @@ test :
$(PYTHON)
./04-retain-qos0.py python/04-retain-qos0.test
$(PYTHON)
./08-ssl-connect-no-auth.py python/08-ssl-connect-no-auth.test
$(PYTHON)
./08-ssl-connect-cert-auth.py python/08-ssl-connect-cert-auth.test
$(PYTHON)
./08-ssl-connect-cert-auth-pw.py python/08-ssl-connect-cert-auth-pw.test
$(PYTHON)
./08-ssl-bad-cacert.py python/08-ssl-bad-cacert.test
test/lib/python/08-ssl-connect-cert-auth-pw.test
0 → 100755
浏览文件 @
116e97ab
#!/usr/bin/env python3
import
os
import
subprocess
import
socket
import
sys
import
time
from
struct
import
*
import
paho
.
mqtt
.
client
as
mqtt
if
sys
.
version_info
<
(
2
,
7
,
9
)
:
print
(
"WARNING: SSL/TLS not supported on Python 2.6"
)
exit
(
0
)
def
on_connect
(
mqttc
,
obj
,
flags
,
rc
)
:
if
rc
!=
0
:
exit
(
rc
)
else
:
mqttc
.
disconnect
()
def
on_disconnect
(
mqttc
,
obj
,
rc
)
:
obj
=
rc
run
=
-
1
mqttc
=
mqtt
.
Client
(
"08-ssl-connect-crt-auth-pw"
,
run
)
mqttc
.
tls_set
(
"../ssl/all-ca.crt"
,
"../ssl/client-pw.crt"
,
"../ssl/client-pw.key"
,
keyfile_password
=
"password"
)
mqttc
.
on_connect
=
on_connect
mqttc
.
on_disconnect
=
on_disconnect
mqttc
.
connect
(
"localhost"
,
1888
)
while
run
==
-
1
:
mqttc
.
loop
()
exit
(
run
)
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录