From 5971a7c009b4b7f742ccd2e16d7f1699c7d951b0 Mon Sep 17 00:00:00 2001
From: ohmer1 <1868995+ohmer1@users.noreply.github.com>
Date: Wed, 6 Sep 2017 01:58:13 -0400
Subject: [PATCH] Optionally disable ssl certificate validity check. (#9181)

* Optionally disable ssl certificate validity check.

* Fix lines too long.

* Fix formatting.

* Force build CI

* Fix "Method could be a function (no-self-use)"
---
 homeassistant/components/notify/xmpp.py | 23 +++++++++++++++++++----
 1 file changed, 19 insertions(+), 4 deletions(-)

diff --git a/homeassistant/components/notify/xmpp.py b/homeassistant/components/notify/xmpp.py
index 42c7a3953b9..f93e1b8f426 100644
--- a/homeassistant/components/notify/xmpp.py
+++ b/homeassistant/components/notify/xmpp.py
@@ -21,12 +21,14 @@ REQUIREMENTS = ['sleekxmpp==1.3.2',
 _LOGGER = logging.getLogger(__name__)
 
 CONF_TLS = 'tls'
+CONF_VERIFY = 'verify'
 
 PLATFORM_SCHEMA = PLATFORM_SCHEMA.extend({
     vol.Required(CONF_SENDER): cv.string,
     vol.Required(CONF_PASSWORD): cv.string,
     vol.Required(CONF_RECIPIENT): cv.string,
     vol.Optional(CONF_TLS, default=True): cv.boolean,
+    vol.Optional(CONF_VERIFY, default=True): cv.boolean,
 })
 
 
@@ -34,18 +36,20 @@ def get_service(hass, config, discovery_info=None):
     """Get the Jabber (XMPP) notification service."""
     return XmppNotificationService(
         config.get(CONF_SENDER), config.get(CONF_PASSWORD),
-        config.get(CONF_RECIPIENT), config.get(CONF_TLS))
+        config.get(CONF_RECIPIENT), config.get(CONF_TLS),
+        config.get(CONF_VERIFY))
 
 
 class XmppNotificationService(BaseNotificationService):
     """Implement the notification service for Jabber (XMPP)."""
 
-    def __init__(self, sender, password, recipient, tls):
+    def __init__(self, sender, password, recipient, tls, verify):
         """Initialize the service."""
         self._sender = sender
         self._password = password
         self._recipient = recipient
         self._tls = tls
+        self._verify = verify
 
     def send_message(self, message="", **kwargs):
         """Send a message to a user."""
@@ -53,10 +57,11 @@ class XmppNotificationService(BaseNotificationService):
         data = '{}: {}'.format(title, message) if title else message
 
         send_message('{}/home-assistant'.format(self._sender), self._password,
-                     self._recipient, self._tls, data)
+                     self._recipient, self._tls, self._verify, data)
 
 
-def send_message(sender, password, recipient, use_tls, message):
+def send_message(sender, password, recipient, use_tls,
+                 verify_certificate, message):
     """Send a message over XMPP."""
     import sleekxmpp
 
@@ -73,6 +78,10 @@ def send_message(sender, password, recipient, use_tls, message):
             self.use_ipv6 = False
             self.add_event_handler('failed_auth', self.check_credentials)
             self.add_event_handler('session_start', self.start)
+            if not verify_certificate:
+                self.add_event_handler('ssl_invalid_cert',
+                                       self.discard_ssl_invalid_cert)
+
             self.connect(use_tls=self.use_tls, use_ssl=False)
             self.process()
 
@@ -87,4 +96,10 @@ def send_message(sender, password, recipient, use_tls, message):
             """Disconnect from the server if credentials are invalid."""
             self.disconnect()
 
+        @staticmethod
+        def discard_ssl_invalid_cert(event):
+            """Do nothing if ssl certificate is invalid."""
+            _LOGGER.info('Ignoring invalid ssl certificate as requested.')
+            return
+
     SendNotificationBot()