From 6aae319b1ae13d2f26e78de0b9fbb598da53188c Mon Sep 17 00:00:00 2001 From: Jan-Philipp Benecke Date: Thu, 20 Feb 2025 10:48:45 +0100 Subject: [PATCH] Allow use of insecure ciphers in rest_command (#138886) --- homeassistant/components/rest_command/__init__.py | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/homeassistant/components/rest_command/__init__.py b/homeassistant/components/rest_command/__init__.py index fe3702510af..f4c84bf72b5 100644 --- a/homeassistant/components/rest_command/__init__.py +++ b/homeassistant/components/rest_command/__init__.py @@ -34,6 +34,7 @@ from homeassistant.helpers import config_validation as cv from homeassistant.helpers.aiohttp_client import async_get_clientsession from homeassistant.helpers.reload import async_integration_yaml_config from homeassistant.helpers.typing import ConfigType +from homeassistant.util.ssl import SSLCipherList DOMAIN = "rest_command" @@ -46,6 +47,7 @@ DEFAULT_VERIFY_SSL = True SUPPORT_REST_METHODS = ["get", "patch", "post", "put", "delete"] CONF_CONTENT_TYPE = "content_type" +CONF_INSECURE_CIPHER = "insecure_cipher" COMMAND_SCHEMA = vol.Schema( { @@ -60,6 +62,7 @@ COMMAND_SCHEMA = vol.Schema( vol.Optional(CONF_TIMEOUT, default=DEFAULT_TIMEOUT): vol.Coerce(int), vol.Optional(CONF_CONTENT_TYPE): cv.string, vol.Optional(CONF_VERIFY_SSL, default=DEFAULT_VERIFY_SSL): cv.boolean, + vol.Optional(CONF_INSECURE_CIPHER, default=False): cv.boolean, } ) @@ -91,7 +94,15 @@ async def async_setup(hass: HomeAssistant, config: ConfigType) -> bool: @callback def async_register_rest_command(name: str, command_config: dict[str, Any]) -> None: """Create service for rest command.""" - websession = async_get_clientsession(hass, command_config[CONF_VERIFY_SSL]) + websession = async_get_clientsession( + hass, + command_config[CONF_VERIFY_SSL], + ssl_cipher=( + SSLCipherList.INSECURE + if command_config[CONF_INSECURE_CIPHER] + else SSLCipherList.PYTHON_DEFAULT + ), + ) timeout = command_config[CONF_TIMEOUT] method = command_config[CONF_METHOD]