evlli/hass-core
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Check for known Hue vulnerability (#31494)

Browse source
This commit is contained in:
Paulus Schoutsen 2020-02-05 13:57:17 -08:00 committed by GitHub
parent 557f5763df
commit 481ea0aa5b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 48 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

17
homeassistant/components/hue/__init__.py
View file

@ -6,6 +6,7 @@ from aiohue.util import normalize_bridge_id
import voluptuous as vol import voluptuous as vol
from homeassistant import config_entries, core from homeassistant import config_entries, core
from homeassistant.components import persistent_notification
from homeassistant.const import CONF_HOST from homeassistant.const import CONF_HOST
from homeassistant.helpers import config_validation as cv, device_registry as dr from homeassistant.helpers import config_validation as cv, device_registry as dr
@ -142,8 +143,20 @@ async def async_setup_entry(
sw_version=config.swversion, sw_version=config.swversion,
) )
if config.swupdate2_bridge_state == "readytoinstall": if config.modelid == "BSB002" and config.swversion < "1935144040":
err = "Please check for software updates of the bridge in the Philips Hue App." persistent_notification.async_create(
hass,
"Your Hue hub has a known security vulnerability ([CVE-2020-6007](https://cve.circl.lu/cve/CVE-2020-6007)). Go to the Hue app and check for software updates.",
"Signify Hue",
"hue_hub_firmware",
)
elif config.swupdate2_bridge_state == "readytoinstall":
err = (
"Please check for software updates of the bridge in the Philips Hue App.",
"Signify Hue",
"hue_hub_firmware",
)
_LOGGER.warning(err) _LOGGER.warning(err)
return True return True

34
tests/components/hue/test_init.py
View file

@ -1,5 +1,7 @@
"""Test Hue setup process.""" """Test Hue setup process."""
from unittest.mock import Mock, patch from unittest.mock import Mock
from asynctest import CoroutineMock, patch
from homeassistant.components import hue from homeassistant.components import hue
from homeassistant.setup import async_setup_component from homeassistant.setup import async_setup_component
@ -184,3 +186,33 @@ async def test_setting_unique_id(hass):
assert await async_setup_component(hass, hue.DOMAIN, {}) is True assert await async_setup_component(hass, hue.DOMAIN, {}) is True
assert entry.unique_id == "mock-id" assert entry.unique_id == "mock-id"
async def test_security_vuln_check(hass):
"""Test that we report security vulnerabilities."""
assert await async_setup_component(hass, "persistent_notification", {})
entry = MockConfigEntry(domain=hue.DOMAIN, data={"host": "0.0.0.0"})
entry.add_to_hass(hass)
with patch.object(
hue,
"HueBridge",
Mock(
return_value=Mock(
async_setup=CoroutineMock(return_value=True),
api=Mock(
config=Mock(
bridgeid="", mac="", modelid="BSB002", swversion="1935144020"
)
),
)
),
):
assert await async_setup_component(hass, "hue", {})
await hass.async_block_till_done()
state = hass.states.get("persistent_notification.hue_hub_firmware")
assert state is not None
assert "CVE-2020-6007" in state.attributes["message"]