Add SSL support as a configuration option

2024-12-20 14:44:34 +00:00 · 2017-07-22 16:37:29 +01:00 · 2017-07-22 16:37:29 +01:00 · 1ce2d727cc
commit 1ce2d727cc
parent 39564cbf35
1 changed files with 11 additions and 0 deletions
--- a/main.py
+++ b/main.py
@ -4,6 +4,7 @@ import paho.mqtt.client as mqtt
 import logging
 import argparse
 from time import sleep
+import ssl

 logging.getLogger("scapy.runtime").setLevel(logging.ERROR)
 from scapy.all import *
@ -21,6 +22,12 @@ host =
 #user =
 # Password (if required)
 #pass =
+# SSL required? (Default: False)
+# Uses TLSv1.2
+#ssl = True
+# CA Cert location (Default: /etc/ssl/certs/ca-certificates.crt)
+# This is sufficient for brokers using LetsEncrypt
+#certpath =

 [Buttons]
 # For every line, list the MAC of the button, and the MQTT topic to publish to.
@ -69,6 +76,8 @@ if __name__ == '__main__':
    hostname = config['MQTT'].get('host')
    port = config['MQTT'].get('port')
    authrequired = config['MQTT'].getboolean('auth', False)
+    sslrequired = config['MQTT'].getboolean('ssl', False)
+    ca_certs = config['MQTT'].get('certpath', "/etc/ssl/certs/ca-certificates.crt")
    if (authrequired):
        username = config['MQTT'].get('user')
        password = config['MQTT'].get('pass')
@ -82,6 +91,8 @@ if __name__ == '__main__':

    if (authrequired):
        mqttc.username_pw_set(username,password=password)
+    if (sslrequired):
+        mqttc.tls_set( ca_certs, tls_version=ssl.PROTOCOL_TLSv1_2 )
    mqttc.connect(hostname)
    mqttc.loop_start()
    sniff(prn=arp_display, filter="arp", store=0, count=0)