evlli/hass-core
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Improve SSL certs used by aiohttp (#9958)

Browse source 
* Improve SSL certs used by aiohttp

* Add certifi package

* Lint
This commit is contained in:
Paulus Schoutsen 2017-10-19 01:47:57 -07:00 committed by Pascal Vizeli
parent 38cb32afd6
commit 6cce934f72
5 changed files with 14 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

8
homeassistant/components/cloud/iot.py
View file

@ -46,9 +46,6 @@ class CloudIoT:
remove_hass_stop_listener = None remove_hass_stop_listener = None
session = async_get_clientsession(self.cloud.hass) session = async_get_clientsession(self.cloud.hass)
headers = {
hdrs.AUTHORIZATION: 'Bearer {}'.format(self.cloud.access_token)
}
@asyncio.coroutine @asyncio.coroutine
def _handle_hass_stop(event): def _handle_hass_stop(event):
@ -63,7 +60,10 @@ class CloudIoT:
yield from hass.async_add_job(auth_api.check_token, self.cloud) yield from hass.async_add_job(auth_api.check_token, self.cloud)
self.client = client = yield from session.ws_connect( self.client = client = yield from session.ws_connect(
self.cloud.relayer, headers=headers) self.cloud.relayer, headers={
hdrs.AUTHORIZATION:
'Bearer {}'.format(self.cloud.access_token)
})
self.tries = 0 self.tries = 0
remove_hass_stop_listener = hass.bus.async_listen_once( remove_hass_stop_listener = hass.bus.async_listen_once(

8
homeassistant/helpers/aiohttp_client.py
View file

@ -1,5 +1,6 @@
"""Helper for aiohttp webclient stuff.""" """Helper for aiohttp webclient stuff."""
import asyncio import asyncio
import ssl
import sys import sys
import aiohttp import aiohttp
@ -7,6 +8,7 @@ from aiohttp.hdrs import USER_AGENT, CONTENT_TYPE
from aiohttp import web from aiohttp import web
from aiohttp.web_exceptions import HTTPGatewayTimeout, HTTPBadGateway from aiohttp.web_exceptions import HTTPGatewayTimeout, HTTPBadGateway
import async_timeout import async_timeout
import certifi
from homeassistant.core import callback from homeassistant.core import callback
from homeassistant.const import EVENT_HOMEASSISTANT_CLOSE, __version__ from homeassistant.const import EVENT_HOMEASSISTANT_CLOSE, __version__
@ -159,7 +161,11 @@ def _async_get_connector(hass, verify_ssl=True):
if verify_ssl: if verify_ssl:
if DATA_CONNECTOR not in hass.data: if DATA_CONNECTOR not in hass.data:
connector = aiohttp.TCPConnector(loop=hass.loop) ssl_context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
ssl_context.load_verify_locations(cafile=certifi.where(),
capath=None)
connector = aiohttp.TCPConnector(loop=hass.loop,
ssl_context=ssl_context)
hass.data[DATA_CONNECTOR] = connector hass.data[DATA_CONNECTOR] = connector
is_new = True is_new = True
else: else:

1
homeassistant/package_constraints.txt
View file

@ -9,6 +9,7 @@ aiohttp==2.2.5
async_timeout==2.0.0 async_timeout==2.0.0
chardet==3.0.4 chardet==3.0.4
astral==1.4 astral==1.4
certifi>=2017.4.17
# Breaks Python 3.6 and is not needed for our supported Pythons # Breaks Python 3.6 and is not needed for our supported Pythons
enum34==1000000000.0.0 enum34==1000000000.0.0

1
requirements_all.txt
View file

@ -10,6 +10,7 @@ aiohttp==2.2.5
async_timeout==2.0.0 async_timeout==2.0.0
chardet==3.0.4 chardet==3.0.4
astral==1.4 astral==1.4
certifi>=2017.4.17
# homeassistant.components.nuimo_controller # homeassistant.components.nuimo_controller
--only-binary=all https://github.com/getSenic/nuimo-linux-python/archive/29fc42987f74d8090d0e2382e8f248ff5990b8c9.zip#nuimo==1.0.0 --only-binary=all https://github.com/getSenic/nuimo-linux-python/archive/29fc42987f74d8090d0e2382e8f248ff5990b8c9.zip#nuimo==1.0.0

1
setup.py
View file

@ -26,6 +26,7 @@ REQUIRES = [
'async_timeout==2.0.0', 'async_timeout==2.0.0',
'chardet==3.0.4', 'chardet==3.0.4',
'astral==1.4', 'astral==1.4',
'certifi>=2017.4.17',
] ]
setup( setup(