diff -r aeb276d76ec7 -r 0f02baed8308 MqttMonitor/MqttClient.py
--- a/MqttMonitor/MqttClient.py Sat Sep 08 16:51:39 2018 +0200
+++ b/MqttMonitor/MqttClient.py Sat Sep 08 16:55:42 2018 +0200
@@ -13,6 +13,8 @@
import paho.mqtt.client as mqtt
+from Utilities.crypto import pwConvert
+
class MqttClient(QObject):
"""
@@ -158,6 +160,20 @@
self.__mqttClient.will_set(topic, payload=payload, qos=qos,
retain=retain)
+ def setTLS(self, caCerts=None, certFile=None, keyFile=None):
+ """
+ Public method to enable secure connections and set the TLS parameters.
+
+ @param caCerts path to the Certificate Authority certificates file
+ @type str
+ @param certFile PEM encoded client certificate file
+ @type str
+ @param keyFile PEM encoded private key file
+ @type str
+ """
+ self.__mqttClient.tls_set(ca_certs=caCerts, certfile=certFile,
+ keyfile=keyFile)
+
def startLoop(self):
"""
Public method to start the MQTT client loop.
@@ -210,7 +226,8 @@
@param options dictionary containing the connection options. This
dictionary should contain the keys "ClientId", "Keepalive",
"CleanSession", "Username", "Password", "WillTopic", "WillMessage",
- "WillQos", "WillRetain"
+ "WillQos", "WillRetain", "TlsEnable", "TlsCaCert", "TlsClientCert",
+ "TlsClientKey"
@type dict
"""
if options:
@@ -226,8 +243,9 @@
# step 2: set username and password
if parametersDict["Username"]:
if parametersDict["Password"]:
- self.setUserCredentials(parametersDict["Username"],
- parametersDict["Password"])
+ self.setUserCredentials(
+ parametersDict["Username"],
+ pwConvert(parametersDict["Password"], encode=False))
else:
self.setUserCredentials(parametersDict["Username"])
@@ -243,7 +261,22 @@
parametersDict["WillQos"],
parametersDict["WillRetain"])
- # step 4: connect to server
+ # step 4: set TLS parameters
+ if parametersDict["TlsEnable"]:
+ if parametersDict["TlsCaCert"] and \
+ parametersDict["TlsClientCert"]:
+ # use self signed client certificate
+ self.setTLS(caCerts=parametersDict["TlsCaCert"],
+ certFile=parametersDict["TlsClientCert"],
+ keyFile=parametersDict["TlsClientKey"])
+ elif parametersDict["TlsCaCert"]:
+ # use CA certificate file
+ self.setTLS(caCerts=parametersDict["TlsCaCert"])
+ else:
+ # use default TLS configuration
+ self.setTLS()
+
+ # step 5: connect to server
self.connectToServer(host, port=port,
keepalive=parametersDict["Keepalive"])
else:
@@ -258,7 +291,8 @@
@return dictionary containing the default connection options. It has
the keys "ClientId", "Keepalive", "CleanSession", "Username",
- "Password", "WillTopic", "WillMessage", "WillQos", "WillRetain"
+ "Password", "WillTopic", "WillMessage", "WillQos", "WillRetain",
+ "TlsEnable", "TlsCaCert", "TlsClientCert", "TlsClientKey".
@rtype dict
"""
return {
@@ -271,6 +305,10 @@
"WillMessage": "",
"WillQos": 0,
"WillRetain": False,
+ "TlsEnable": False,
+ "TlsCaCert": "",
+ "TlsClientCert": "",
+ "TlsClientKey": "",
}
def reconnectToServer(self):
