Home-Assistant
/
core
mirror of https://github.com/home-assistant/core.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Replace deprecated SSLContext constant PROTOCOL_TLS in mqtt (#88214) 

Replace deprecated SSLContext constants
pull/88261/head
Jan Bouwhuis 2023-02-16 19:01:28 +01:00 committed by GitHub
parent c79157208b
commit 57738fbb8c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
homeassistant/components/mqtt/client.py
View File

@ -329,7 +329,7 @@ class MqttClientSetup:
certificate, certificate,
certfile=client_cert, certfile=client_cert,
keyfile=client_key, keyfile=client_key,
tls_version=ssl.PROTOCOL_TLS, tls_version=ssl.PROTOCOL_TLS_CLIENT,
) )
if tls_insecure is not None: if tls_insecure is not None:

4
homeassistant/components/mqtt/config_flow.py
View File

@ -4,7 +4,7 @@ from __future__ import annotations
from collections import OrderedDict from collections import OrderedDict
from collections.abc import Callable from collections.abc import Callable
import queue import queue
from ssl import PROTOCOL_TLS, SSLContext, SSLError from ssl import PROTOCOL_TLS_CLIENT, SSLContext, SSLError
from types import MappingProxyType from types import MappingProxyType
from typing import Any from typing import Any
@ -789,7 +789,7 @@ def check_certicate_chain() -> str | None:
except (TypeError, ValueError): except (TypeError, ValueError):
return "bad_client_key" return "bad_client_key"
# Check the certificate chain # Check the certificate chain
context = SSLContext(PROTOCOL_TLS) context = SSLContext(PROTOCOL_TLS_CLIENT)
if client_certificate and private_key: if client_certificate and private_key:
try: try:
context.load_cert_chain(client_certificate, private_key) context.load_cert_chain(client_certificate, private_key)

4
homeassistant/util/ssl.py
View File

@ -23,7 +23,7 @@ def server_context_modern() -> ssl.SSLContext:
https://wiki.mozilla.org/Security/Server_Side_TLS https://wiki.mozilla.org/Security/Server_Side_TLS
Modern guidelines are followed. Modern guidelines are followed.
""" """
context = ssl.SSLContext(ssl.PROTOCOL_TLS) context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
context.options |= ( context.options |= (
ssl.OP_NO_SSLv2 ssl.OP_NO_SSLv2
@ -53,7 +53,7 @@ def server_context_intermediate() -> ssl.SSLContext:
https://wiki.mozilla.org/Security/Server_Side_TLS https://wiki.mozilla.org/Security/Server_Side_TLS
Intermediate guidelines are followed. Intermediate guidelines are followed.
""" """
context = ssl.SSLContext(ssl.PROTOCOL_TLS) context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
context.options |= ( context.options |= (
ssl.OP_NO_SSLv2 | ssl.OP_NO_SSLv3 | ssl.OP_CIPHER_SERVER_PREFERENCE ssl.OP_NO_SSLv2 | ssl.OP_NO_SSLv3 | ssl.OP_CIPHER_SERVER_PREFERENCE

2
tests/components/mqtt/test_init.py
View File

@ -1879,7 +1879,7 @@ async def test_tls_version(
await mqtt_mock_entry_with_yaml_config() await mqtt_mock_entry_with_yaml_config()
assert calls assert calls
assert calls[0][3] == ssl.PROTOCOL_TLS assert calls[0][3] == ssl.PROTOCOL_TLS_CLIENT
@pytest.mark.parametrize( @pytest.mark.parametrize(