allow to use any port as TLS port #145
Conversation
There was a problem hiding this comment.
Thank you for working on this @vladak!
I do think we want to have port 1883 be a special case that will use is_ssl=False even when the user didn't pass in is_ssl. Maybe we could have that default to None instead of True, and then if user didn't set it have it get set based on the port number (which does still default to ssl port).
The learn guide for mini mqtt that uses the example code from here directs people to test with adafruit.io and it's using 1883. So the examples don't work by default with this change, we could theoretically add is_ssl=False to them as a fix, but I think it's more likely to be expected by users that 1883 will be non-ssl by default.
| @@ -194,11 +194,12 @@ def __init__( | |||
|
|
|||
| self.port = MQTT_TCP_PORT | |||
| if is_ssl: | |||
| self._is_ssl = True | |||
There was a problem hiding this comment.
As written this argument doesn't actually work if user attempts to set it to False In that case if is_ssl: evaluates to False and therefore self._is_ssl never gets created and there is a exception raised when the code first tries to access it.
I tested one possible fix by changing this line and moving it to above the if statement like this:
self._is_ssl = is_ssl
self.port = MQTT_TCP_PORT
if is_ssl:
self.port = MQTT_TLS_PORT
if port:
self.port = port
This way self._is_ssl will always get created and set to the value that the user passed in.
There was a problem hiding this comment.
Thanks ! I used that as a basis, hopefully it looks better now.
There was a problem hiding this comment.
Also, I added buch of tests (wink #64) that will hopefully make it more clear.
There was a problem hiding this comment.
Note that with the changed code, there is a change of behavior - the is_ssl has to be specified explicitly even for the default TLS port.
vladak
force-pushed
the
tls_port_detection
branch
from
cba3cde to
f304d7f
Compare
Updating https://github.com/adafruit/Adafruit_CircuitPython_HT16K33 to 4.6.3 from 4.6.2: > Merge pull request adafruit/Adafruit_CircuitPython_HT16K33#113 from adafruit/matrix_fill_color_swap Updating https://github.com/adafruit/Adafruit_CircuitPython_MiniMQTT to 7.3.0 from 7.2.2: > Merge pull request adafruit/Adafruit_CircuitPython_MiniMQTT#155 from vladak/recv_into_cleanup > Merge pull request adafruit/Adafruit_CircuitPython_MiniMQTT#145 from vladak/tls_port_detection Updating https://github.com/adafruit/Adafruit_CircuitPython_Bundle/circuitpython_library_list.md to NA from NA: > Updated download stats for the libraries
Instead of using the
MQTT_TLS_PORTvalue as indication whether TLS should be used, this change introduces private field that is set based on theMQTT()is_sslargument.The downside of this approach is that if someone specifies
port=1883explicitly without settingis_sslto False, the port will be treated as TLS port since theis_sslis True by default andOSError("Failed SSL handshake")will be thrown, unless the broker is configured to accept TLS on that port. I have not made my mind yet whether to special case it and force to insecure so leaving it open for the reviewers.