core/homeassistant/components/sensor/cert_expiry.py

"""
Counter for the days until an HTTPS (TLS) certificate will expire.

For more details about this sensor please refer to the documentation at
https://home-assistant.io/components/sensor.cert_expiry/
"""
import logging
import socket
import ssl
from datetime import datetime, timedelta

import voluptuous as vol

import homeassistant.helpers.config_validation as cv
from homeassistant.components.sensor import PLATFORM_SCHEMA
from homeassistant.const import (CONF_NAME, CONF_HOST, CONF_PORT,
                                 EVENT_HOMEASSISTANT_START)
from homeassistant.helpers.entity import Entity

_LOGGER = logging.getLogger(__name__)

DEFAULT_NAME = 'SSL Certificate Expiry'
DEFAULT_PORT = 443

SCAN_INTERVAL = timedelta(hours=12)

TIMEOUT = 10.0

PLATFORM_SCHEMA = PLATFORM_SCHEMA.extend({
    vol.Required(CONF_HOST): cv.string,
    vol.Optional(CONF_NAME, default=DEFAULT_NAME): cv.string,
    vol.Optional(CONF_PORT, default=DEFAULT_PORT): cv.port,
})


def setup_platform(hass, config, add_entities, discovery_info=None):
    """Set up certificate expiry sensor."""
    def run_setup(event):
        """Wait until Home Assistant is fully initialized before creating.

        Delay the setup until Home Assistant is fully initialized.
        """
        server_name = config.get(CONF_HOST)
        server_port = config.get(CONF_PORT)
        sensor_name = config.get(CONF_NAME)

        add_entities([SSLCertificate(sensor_name, server_name, server_port)],
                     True)

    # To allow checking of the HA certificate we must first be running.
    hass.bus.listen_once(EVENT_HOMEASSISTANT_START, run_setup)


class SSLCertificate(Entity):
    """Implementation of the certificate expiry sensor."""

    def __init__(self, sensor_name, server_name, server_port):
        """Initialize the sensor."""
        self.server_name = server_name
        self.server_port = server_port
        self._name = sensor_name
        self._state = None

    @property
    def name(self):
        """Return the name of the sensor."""
        return self._name

    @property
    def unit_of_measurement(self):
        """Return the unit this state is expressed in."""
        return 'days'

    @property
    def state(self):
        """Return the state of the sensor."""
        return self._state

    @property
    def icon(self):
        """Icon to use in the frontend, if any."""
        return 'mdi:certificate'

    def update(self):
        """Fetch the certificate information."""
        try:
            ctx = ssl.create_default_context()
            host_info = socket.getaddrinfo(self.server_name, self.server_port)
            family = host_info[0][0]
            sock = ctx.wrap_socket(
                socket.socket(family=family), server_hostname=self.server_name)
            sock.settimeout(TIMEOUT)
            sock.connect((self.server_name, self.server_port))
        except socket.gaierror:
            _LOGGER.error("Cannot resolve hostname: %s", self.server_name)
            return
        except socket.timeout:
            _LOGGER.error(
                "Connection timeout with server: %s", self.server_name)
            return
        except OSError:
            _LOGGER.error("Cannot connect to %s", self.server_name)
            return

        try:
            cert = sock.getpeercert()
        except OSError:
            _LOGGER.error("Cannot fetch certificate from %s", self.server_name)
            return

        ts_seconds = ssl.cert_time_to_seconds(cert['notAfter'])
        timestamp = datetime.fromtimestamp(ts_seconds)
        expiry = timestamp - datetime.today()
        self._state = expiry.days
Don't stack up error messages, fix link, and ordering (#7291) 2017-04-25 10:40:13 +00:00			`"""`
Grammar and spelling fixes (#16065) 2018-08-19 20:29:08 +00:00			`Counter for the days until an HTTPS (TLS) certificate will expire.`
Add https certificate expiry sensor (#7272) * fixing rebase issues * cert_expiry: added .coveragerc entry * cert_expiry: renamed to SCAN_INTERVAL, removed Throttle * cert_expiry: better socket exception management * cert_expiry: splitted line too long * Update cert_expiry.py * Fix hass style 2017-04-24 20:01:00 +00:00
Don't stack up error messages, fix link, and ordering (#7291) 2017-04-25 10:40:13 +00:00			`For more details about this sensor please refer to the documentation at`
			`https://home-assistant.io/components/sensor.cert_expiry/`
Add https certificate expiry sensor (#7272) * fixing rebase issues * cert_expiry: added .coveragerc entry * cert_expiry: renamed to SCAN_INTERVAL, removed Throttle * cert_expiry: better socket exception management * cert_expiry: splitted line too long * Update cert_expiry.py * Fix hass style 2017-04-24 20:01:00 +00:00			`"""`
			`import logging`
			`import socket`
Don't stack up error messages, fix link, and ordering (#7291) 2017-04-25 10:40:13 +00:00			`import ssl`
Fixed cert_expiry sensor to delay firing on HA startup (#8920) * Fixed cert_expiry sensor to delay firing on HA startup * Addressed Travis complaints * Added imports * Fixed cert_expiry sensor to delay firing on HA startup * Changed comment 2017-08-13 06:49:15 +00:00			`from datetime import datetime, timedelta`
Don't stack up error messages, fix link, and ordering (#7291) 2017-04-25 10:40:13 +00:00
Add https certificate expiry sensor (#7272) * fixing rebase issues * cert_expiry: added .coveragerc entry * cert_expiry: renamed to SCAN_INTERVAL, removed Throttle * cert_expiry: better socket exception management * cert_expiry: splitted line too long * Update cert_expiry.py * Fix hass style 2017-04-24 20:01:00 +00:00			`import voluptuous as vol`

			`import homeassistant.helpers.config_validation as cv`
			`from homeassistant.components.sensor import PLATFORM_SCHEMA`
Fixed cert_expiry sensor to delay firing on HA startup (#8920) * Fixed cert_expiry sensor to delay firing on HA startup * Addressed Travis complaints * Added imports * Fixed cert_expiry sensor to delay firing on HA startup * Changed comment 2017-08-13 06:49:15 +00:00			`from homeassistant.const import (CONF_NAME, CONF_HOST, CONF_PORT,`
			`EVENT_HOMEASSISTANT_START)`
Don't stack up error messages, fix link, and ordering (#7291) 2017-04-25 10:40:13 +00:00			`from homeassistant.helpers.entity import Entity`
Add https certificate expiry sensor (#7272) * fixing rebase issues * cert_expiry: added .coveragerc entry * cert_expiry: renamed to SCAN_INTERVAL, removed Throttle * cert_expiry: better socket exception management * cert_expiry: splitted line too long * Update cert_expiry.py * Fix hass style 2017-04-24 20:01:00 +00:00
			`_LOGGER = logging.getLogger(__name__)`

			`DEFAULT_NAME = 'SSL Certificate Expiry'`
			`DEFAULT_PORT = 443`

Fixed cert_expiry sensor to delay firing on HA startup (#8920) * Fixed cert_expiry sensor to delay firing on HA startup * Addressed Travis complaints * Added imports * Fixed cert_expiry sensor to delay firing on HA startup * Changed comment 2017-08-13 06:49:15 +00:00			`SCAN_INTERVAL = timedelta(hours=12)`
Don't stack up error messages, fix link, and ordering (#7291) 2017-04-25 10:40:13 +00:00
Add https certificate expiry sensor (#7272) * fixing rebase issues * cert_expiry: added .coveragerc entry * cert_expiry: renamed to SCAN_INTERVAL, removed Throttle * cert_expiry: better socket exception management * cert_expiry: splitted line too long * Update cert_expiry.py * Fix hass style 2017-04-24 20:01:00 +00:00			`TIMEOUT = 10.0`

			`PLATFORM_SCHEMA = PLATFORM_SCHEMA.extend({`
			`vol.Required(CONF_HOST): cv.string,`
			`vol.Optional(CONF_NAME, default=DEFAULT_NAME): cv.string,`
Don't stack up error messages, fix link, and ordering (#7291) 2017-04-25 10:40:13 +00:00			`vol.Optional(CONF_PORT, default=DEFAULT_PORT): cv.port,`
Add https certificate expiry sensor (#7272) * fixing rebase issues * cert_expiry: added .coveragerc entry * cert_expiry: renamed to SCAN_INTERVAL, removed Throttle * cert_expiry: better socket exception management * cert_expiry: splitted line too long * Update cert_expiry.py * Fix hass style 2017-04-24 20:01:00 +00:00			`})`


add_devices -> add_entities (#16171) * add_devices -> add_entities * Lint * PyLint * Revert external method in scsgate 2018-08-24 14:37:30 +00:00			`def setup_platform(hass, config, add_entities, discovery_info=None):`
Don't stack up error messages, fix link, and ordering (#7291) 2017-04-25 10:40:13 +00:00			`"""Set up certificate expiry sensor."""`
Fixed cert_expiry sensor to delay firing on HA startup (#8920) * Fixed cert_expiry sensor to delay firing on HA startup * Addressed Travis complaints * Added imports * Fixed cert_expiry sensor to delay firing on HA startup * Changed comment 2017-08-13 06:49:15 +00:00			`def run_setup(event):`
			`"""Wait until Home Assistant is fully initialized before creating.`
Don't stack up error messages, fix link, and ordering (#7291) 2017-04-25 10:40:13 +00:00
Fixed cert_expiry sensor to delay firing on HA startup (#8920) * Fixed cert_expiry sensor to delay firing on HA startup * Addressed Travis complaints * Added imports * Fixed cert_expiry sensor to delay firing on HA startup * Changed comment 2017-08-13 06:49:15 +00:00			`Delay the setup until Home Assistant is fully initialized.`
			`"""`
			`server_name = config.get(CONF_HOST)`
			`server_port = config.get(CONF_PORT)`
			`sensor_name = config.get(CONF_NAME)`

add_devices -> add_entities (#16171) * add_devices -> add_entities * Lint * PyLint * Revert external method in scsgate 2018-08-24 14:37:30 +00:00			`add_entities([SSLCertificate(sensor_name, server_name, server_port)],`
			`True)`
Fixed cert_expiry sensor to delay firing on HA startup (#8920) * Fixed cert_expiry sensor to delay firing on HA startup * Addressed Travis complaints * Added imports * Fixed cert_expiry sensor to delay firing on HA startup * Changed comment 2017-08-13 06:49:15 +00:00
			`# To allow checking of the HA certificate we must first be running.`
			`hass.bus.listen_once(EVENT_HOMEASSISTANT_START, run_setup)`
Add https certificate expiry sensor (#7272) * fixing rebase issues * cert_expiry: added .coveragerc entry * cert_expiry: renamed to SCAN_INTERVAL, removed Throttle * cert_expiry: better socket exception management * cert_expiry: splitted line too long * Update cert_expiry.py * Fix hass style 2017-04-24 20:01:00 +00:00

			`class SSLCertificate(Entity):`
Don't stack up error messages, fix link, and ordering (#7291) 2017-04-25 10:40:13 +00:00			`"""Implementation of the certificate expiry sensor."""`
Add https certificate expiry sensor (#7272) * fixing rebase issues * cert_expiry: added .coveragerc entry * cert_expiry: renamed to SCAN_INTERVAL, removed Throttle * cert_expiry: better socket exception management * cert_expiry: splitted line too long * Update cert_expiry.py * Fix hass style 2017-04-24 20:01:00 +00:00
			`def __init__(self, sensor_name, server_name, server_port):`
			`"""Initialize the sensor."""`
			`self.server_name = server_name`
			`self.server_port = server_port`
			`self._name = sensor_name`
			`self._state = None`

			`@property`
			`def name(self):`
			`"""Return the name of the sensor."""`
			`return self._name`

			`@property`
			`def unit_of_measurement(self):`
			`"""Return the unit this state is expressed in."""`
			`return 'days'`

			`@property`
			`def state(self):`
			`"""Return the state of the sensor."""`
			`return self._state`

			`@property`
			`def icon(self):`
			`"""Icon to use in the frontend, if any."""`
			`return 'mdi:certificate'`

			`def update(self):`
Don't stack up error messages, fix link, and ordering (#7291) 2017-04-25 10:40:13 +00:00			`"""Fetch the certificate information."""`
Add https certificate expiry sensor (#7272) * fixing rebase issues * cert_expiry: added .coveragerc entry * cert_expiry: renamed to SCAN_INTERVAL, removed Throttle * cert_expiry: better socket exception management * cert_expiry: splitted line too long * Update cert_expiry.py * Fix hass style 2017-04-24 20:01:00 +00:00			`try:`
			`ctx = ssl.create_default_context()`
Automatically detect if ipv4/ipv6 is used for cert_expiry (#18916) * Automatically detect if ipv4/ipv6 is used for cert_expiry Fixes #18818 Python sockets use ipv4 per default. If the domain which should be checked only has an ipv6 record, socket creation errors out with `[Errno -2] Name or service not known` This fix tries to guess the protocol family and creates the socket with the correct family type * Fix line length violation 2018-12-07 10:08:41 +00:00			`host_info = socket.getaddrinfo(self.server_name, self.server_port)`
			`family = host_info[0][0]`
Don't stack up error messages, fix link, and ordering (#7291) 2017-04-25 10:40:13 +00:00			`sock = ctx.wrap_socket(`
Automatically detect if ipv4/ipv6 is used for cert_expiry (#18916) * Automatically detect if ipv4/ipv6 is used for cert_expiry Fixes #18818 Python sockets use ipv4 per default. If the domain which should be checked only has an ipv6 record, socket creation errors out with `[Errno -2] Name or service not known` This fix tries to guess the protocol family and creates the socket with the correct family type * Fix line length violation 2018-12-07 10:08:41 +00:00			`socket.socket(family=family), server_hostname=self.server_name)`
Add https certificate expiry sensor (#7272) * fixing rebase issues * cert_expiry: added .coveragerc entry * cert_expiry: renamed to SCAN_INTERVAL, removed Throttle * cert_expiry: better socket exception management * cert_expiry: splitted line too long * Update cert_expiry.py * Fix hass style 2017-04-24 20:01:00 +00:00			`sock.settimeout(TIMEOUT)`
			`sock.connect((self.server_name, self.server_port))`
			`except socket.gaierror:`
Don't stack up error messages, fix link, and ordering (#7291) 2017-04-25 10:40:13 +00:00			`_LOGGER.error("Cannot resolve hostname: %s", self.server_name)`
			`return`
Add https certificate expiry sensor (#7272) * fixing rebase issues * cert_expiry: added .coveragerc entry * cert_expiry: renamed to SCAN_INTERVAL, removed Throttle * cert_expiry: better socket exception management * cert_expiry: splitted line too long * Update cert_expiry.py * Fix hass style 2017-04-24 20:01:00 +00:00			`except socket.timeout:`
Don't stack up error messages, fix link, and ordering (#7291) 2017-04-25 10:40:13 +00:00			`_LOGGER.error(`
			`"Connection timeout with server: %s", self.server_name)`
			`return`
			`except OSError:`
			`_LOGGER.error("Cannot connect to %s", self.server_name)`
			`return`
Add https certificate expiry sensor (#7272) * fixing rebase issues * cert_expiry: added .coveragerc entry * cert_expiry: renamed to SCAN_INTERVAL, removed Throttle * cert_expiry: better socket exception management * cert_expiry: splitted line too long * Update cert_expiry.py * Fix hass style 2017-04-24 20:01:00 +00:00
			`try:`
			`cert = sock.getpeercert()`
Don't stack up error messages, fix link, and ordering (#7291) 2017-04-25 10:40:13 +00:00			`except OSError:`
			`_LOGGER.error("Cannot fetch certificate from %s", self.server_name)`
			`return`
Add https certificate expiry sensor (#7272) * fixing rebase issues * cert_expiry: added .coveragerc entry * cert_expiry: renamed to SCAN_INTERVAL, removed Throttle * cert_expiry: better socket exception management * cert_expiry: splitted line too long * Update cert_expiry.py * Fix hass style 2017-04-24 20:01:00 +00:00
			`ts_seconds = ssl.cert_time_to_seconds(cert['notAfter'])`
Fixed cert_expiry sensor to delay firing on HA startup (#8920) * Fixed cert_expiry sensor to delay firing on HA startup * Addressed Travis complaints * Added imports * Fixed cert_expiry sensor to delay firing on HA startup * Changed comment 2017-08-13 06:49:15 +00:00			`timestamp = datetime.fromtimestamp(ts_seconds)`
			`expiry = timestamp - datetime.today()`
Add https certificate expiry sensor (#7272) * fixing rebase issues * cert_expiry: added .coveragerc entry * cert_expiry: renamed to SCAN_INTERVAL, removed Throttle * cert_expiry: better socket exception management * cert_expiry: splitted line too long * Update cert_expiry.py * Fix hass style 2017-04-24 20:01:00 +00:00			`self._state = expiry.days`