diff --git a/micropython/bundles/bundle-networking/manifest.py b/micropython/bundles/bundle-networking/manifest.py
index 79d5e9d9d..7ad3540da 100644
--- a/micropython/bundles/bundle-networking/manifest.py
+++ b/micropython/bundles/bundle-networking/manifest.py
@@ -1,10 +1,11 @@
metadata(
- version="0.1.0",
+ version="0.2.0",
description="Common networking packages for all network-capable deployments of MicroPython.",
)
require("mip")
require("ntptime")
+require("ssl")
require("requests")
require("webrepl")
diff --git a/micropython/umqtt.simple/manifest.py b/micropython/umqtt.simple/manifest.py
index 19617a5ee..b418995c5 100644
--- a/micropython/umqtt.simple/manifest.py
+++ b/micropython/umqtt.simple/manifest.py
@@ -1,4 +1,4 @@
-metadata(description="Lightweight MQTT client for MicroPython.", version="1.3.4")
+metadata(description="Lightweight MQTT client for MicroPython.", version="1.4.0")
# Originally written by Paul Sokolovsky.
diff --git a/micropython/umqtt.simple/umqtt/simple.py b/micropython/umqtt.simple/umqtt/simple.py
index 2b269473b..e84e585c4 100644
--- a/micropython/umqtt.simple/umqtt/simple.py
+++ b/micropython/umqtt.simple/umqtt/simple.py
@@ -16,8 +16,7 @@ def __init__(
user=None,
password=None,
keepalive=0,
- ssl=False,
- ssl_params={},
+ ssl=None,
):
if port == 0:
port = 8883 if ssl else 1883
@@ -26,7 +25,6 @@ def __init__(
self.server = server
self.port = port
self.ssl = ssl
- self.ssl_params = ssl_params
self.pid = 0
self.cb = None
self.user = user
@@ -67,15 +65,13 @@ def connect(self, clean_session=True):
addr = socket.getaddrinfo(self.server, self.port)[0][-1]
self.sock.connect(addr)
if self.ssl:
- import ussl
-
- self.sock = ussl.wrap_socket(self.sock, **self.ssl_params)
+ self.sock = self.ssl.wrap_socket(self.sock, server_hostname=self.server)
premsg = bytearray(b"\x10\0\0\0\0\0")
msg = bytearray(b"\x04MQTT\x04\x02\0\0")
sz = 10 + 2 + len(self.client_id)
msg[6] = clean_session << 1
- if self.user is not None:
+ if self.user:
sz += 2 + len(self.user) + 2 + len(self.pswd)
msg[6] |= 0xC0
if self.keepalive:
@@ -101,7 +97,7 @@ def connect(self, clean_session=True):
if self.lw_topic:
self._send_str(self.lw_topic)
self._send_str(self.lw_msg)
- if self.user is not None:
+ if self.user:
self._send_str(self.user)
self._send_str(self.pswd)
resp = self.sock.read(4)
diff --git a/micropython/urllib.urequest/manifest.py b/micropython/urllib.urequest/manifest.py
index e3e8f13f4..2790208a7 100644
--- a/micropython/urllib.urequest/manifest.py
+++ b/micropython/urllib.urequest/manifest.py
@@ -1,4 +1,4 @@
-metadata(version="0.6.0")
+metadata(version="0.7.0")
# Originally written by Paul Sokolovsky.
diff --git a/micropython/urllib.urequest/urllib/urequest.py b/micropython/urllib.urequest/urllib/urequest.py
index 4c654d45e..2eff43c36 100644
--- a/micropython/urllib.urequest/urllib/urequest.py
+++ b/micropython/urllib.urequest/urllib/urequest.py
@@ -12,7 +12,7 @@ def urlopen(url, data=None, method="GET"):
if proto == "http:":
port = 80
elif proto == "https:":
- import ussl
+ import tls
port = 443
else:
@@ -29,7 +29,9 @@ def urlopen(url, data=None, method="GET"):
try:
s.connect(ai[-1])
if proto == "https:":
- s = ussl.wrap_socket(s, server_hostname=host)
+ context = tls.SSLContext(tls.PROTOCOL_TLS_CLIENT)
+ context.verify_mode = tls.CERT_NONE
+ s = context.wrap_socket(s, server_hostname=host)
s.write(method)
s.write(b" /")
diff --git a/python-ecosys/requests/manifest.py b/python-ecosys/requests/manifest.py
index 1c46a7384..97df1560e 100644
--- a/python-ecosys/requests/manifest.py
+++ b/python-ecosys/requests/manifest.py
@@ -1,3 +1,3 @@
-metadata(version="0.8.1", pypi="requests")
+metadata(version="0.9.0", pypi="requests")
package("requests")
diff --git a/python-ecosys/requests/requests/__init__.py b/python-ecosys/requests/requests/__init__.py
index fd751e623..740102916 100644
--- a/python-ecosys/requests/requests/__init__.py
+++ b/python-ecosys/requests/requests/__init__.py
@@ -63,7 +63,7 @@ def request(
if proto == "http:":
port = 80
elif proto == "https:":
- import ussl
+ import tls
port = 443
else:
@@ -90,7 +90,9 @@ def request(
try:
s.connect(ai[-1])
if proto == "https:":
- s = ussl.wrap_socket(s, server_hostname=host)
+ context = tls.SSLContext(tls.PROTOCOL_TLS_CLIENT)
+ context.verify_mode = tls.CERT_NONE
+ s = context.wrap_socket(s, server_hostname=host)
s.write(b"%s /%s HTTP/1.0\r\n" % (method, path))
if "Host" not in headers:
s.write(b"Host: %s\r\n" % host)
diff --git a/python-stdlib/ssl/manifest.py b/python-stdlib/ssl/manifest.py
index 1dae2f6e7..5dd041794 100644
--- a/python-stdlib/ssl/manifest.py
+++ b/python-stdlib/ssl/manifest.py
@@ -1,3 +1,3 @@
-metadata(version="0.1.0")
+metadata(version="0.2.0")
-module("ssl.py")
+module("ssl.py", opt=3)
diff --git a/python-stdlib/ssl/ssl.py b/python-stdlib/ssl/ssl.py
index 9262f5fb5..19847d6d3 100644
--- a/python-stdlib/ssl/ssl.py
+++ b/python-stdlib/ssl/ssl.py
@@ -1,36 +1,72 @@
-from ussl import *
-import ussl as _ussl
+import tls
+from tls import (
+ CERT_NONE,
+ CERT_OPTIONAL,
+ CERT_REQUIRED,
+ MBEDTLS_VERSION,
+ PROTOCOL_TLS_CLIENT,
+ PROTOCOL_TLS_SERVER,
+)
-# Constants
-for sym in "CERT_NONE", "CERT_OPTIONAL", "CERT_REQUIRED":
- if sym not in globals():
- globals()[sym] = object()
+
+class SSLContext:
+ def __init__(self, *args):
+ self._context = tls.SSLContext(*args)
+ self._context.verify_mode = CERT_NONE
+
+ @property
+ def verify_mode(self):
+ return self._context.verify_mode
+
+ @verify_mode.setter
+ def verify_mode(self, val):
+ self._context.verify_mode = val
+
+ def load_cert_chain(self, certfile, keyfile):
+ if isinstance(certfile, str):
+ with open(certfile, "rb") as f:
+ certfile = f.read()
+ if isinstance(keyfile, str):
+ with open(keyfile, "rb") as f:
+ keyfile = f.read()
+ self._context.load_cert_chain(certfile, keyfile)
+
+ def load_verify_locations(self, cafile=None, cadata=None):
+ if cafile:
+ with open(cafile, "rb") as f:
+ cadata = f.read()
+ self._context.load_verify_locations(cadata)
+
+ def wrap_socket(
+ self, sock, server_side=False, do_handshake_on_connect=True, server_hostname=None
+ ):
+ return self._context.wrap_socket(
+ sock,
+ server_side=server_side,
+ do_handshake_on_connect=do_handshake_on_connect,
+ server_hostname=server_hostname,
+ )
def wrap_socket(
sock,
- keyfile=None,
- certfile=None,
server_side=False,
+ key=None,
+ cert=None,
cert_reqs=CERT_NONE,
- *,
- ca_certs=None,
- server_hostname=None
+ cadata=None,
+ server_hostname=None,
+ do_handshake=True,
):
- # TODO: More arguments accepted by CPython could also be handled here.
- # That would allow us to accept ca_certs as a positional argument, which
- # we should.
- kw = {}
- if keyfile is not None:
- kw["keyfile"] = keyfile
- if certfile is not None:
- kw["certfile"] = certfile
- if server_side is not False:
- kw["server_side"] = server_side
- if cert_reqs is not CERT_NONE:
- kw["cert_reqs"] = cert_reqs
- if ca_certs is not None:
- kw["ca_certs"] = ca_certs
- if server_hostname is not None:
- kw["server_hostname"] = server_hostname
- return _ussl.wrap_socket(sock, **kw)
+ con = SSLContext(PROTOCOL_TLS_SERVER if server_side else PROTOCOL_TLS_CLIENT)
+ if cert or key:
+ con.load_cert_chain(cert, key)
+ if cadata:
+ con.load_verify_locations(cadata=cadata)
+ con.verify_mode = cert_reqs
+ return con.wrap_socket(
+ sock,
+ server_side=server_side,
+ do_handshake_on_connect=do_handshake,
+ server_hostname=server_hostname,
+ )
pFad - Phonifier reborn
Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.
Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.
Alternative Proxies:
Alternative Proxy
pFad Proxy
pFad v3 Proxy
pFad v4 Proxy