Optionally disable ssl certificate validity check. (#9181)

* Optionally disable ssl certificate validity check. * Fix lines too long. * Fix formatting. * Force build CI * Fix "Method could be a function (no-self-use)"
2017-09-06 01:58:13 -04:00 · 2017-09-06 01:58:13 -04:00 · 5971a7c009
commit 5971a7c009
parent e7a5f7bcdf
1 changed files with 19 additions and 4 deletions
--- a/homeassistant/components/notify/xmpp.py
+++ b/homeassistant/components/notify/xmpp.py
@ -21,12 +21,14 @@ REQUIREMENTS = ['sleekxmpp==1.3.2',
 _LOGGER = logging.getLogger(__name__)

 CONF_TLS = 'tls'
+CONF_VERIFY = 'verify'

 PLATFORM_SCHEMA = PLATFORM_SCHEMA.extend({
    vol.Required(CONF_SENDER): cv.string,
    vol.Required(CONF_PASSWORD): cv.string,
    vol.Required(CONF_RECIPIENT): cv.string,
    vol.Optional(CONF_TLS, default=True): cv.boolean,
+    vol.Optional(CONF_VERIFY, default=True): cv.boolean,
 })


@ -34,18 +36,20 @@ def get_service(hass, config, discovery_info=None):
    """Get the Jabber (XMPP) notification service."""
    return XmppNotificationService(
        config.get(CONF_SENDER), config.get(CONF_PASSWORD),
-        config.get(CONF_RECIPIENT), config.get(CONF_TLS))
+        config.get(CONF_RECIPIENT), config.get(CONF_TLS),
+        config.get(CONF_VERIFY))


 class XmppNotificationService(BaseNotificationService):
    """Implement the notification service for Jabber (XMPP)."""

-    def __init__(self, sender, password, recipient, tls):
+    def __init__(self, sender, password, recipient, tls, verify):
        """Initialize the service."""
        self._sender = sender
        self._password = password
        self._recipient = recipient
        self._tls = tls
+        self._verify = verify

    def send_message(self, message="", **kwargs):
        """Send a message to a user."""
@ -53,10 +57,11 @@ class XmppNotificationService(BaseNotificationService):
        data = '{}: {}'.format(title, message) if title else message

        send_message('{}/home-assistant'.format(self._sender), self._password,
-                     self._recipient, self._tls, data)
+                     self._recipient, self._tls, self._verify, data)


-def send_message(sender, password, recipient, use_tls, message):
+def send_message(sender, password, recipient, use_tls,
+                 verify_certificate, message):
    """Send a message over XMPP."""
    import sleekxmpp

@ -73,6 +78,10 @@ def send_message(sender, password, recipient, use_tls, message):
            self.use_ipv6 = False
            self.add_event_handler('failed_auth', self.check_credentials)
            self.add_event_handler('session_start', self.start)
+            if not verify_certificate:
+                self.add_event_handler('ssl_invalid_cert',
+                                       self.discard_ssl_invalid_cert)
+
            self.connect(use_tls=self.use_tls, use_ssl=False)
            self.process()

@ -87,4 +96,10 @@ def send_message(sender, password, recipient, use_tls, message):
            """Disconnect from the server if credentials are invalid."""
            self.disconnect()

+        @staticmethod
+        def discard_ssl_invalid_cert(event):
+            """Do nothing if ssl certificate is invalid."""
+            _LOGGER.info('Ignoring invalid ssl certificate as requested.')
+            return
+
    SendNotificationBot()