mirror.MikroTik/tomaae.homeassistant-mikrotik_router
1
0
Fork 0
mirror of https://github.com/tomaae/homeassistant-mikrotik_router.git synced 2025-07-04 14:34:28 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Added SSL Verify option

Browse source
This commit is contained in:
Tomaae 2025-04-30 13:35:45 +02:00
parent 955fa33bca
commit 8e68931e57
No known key found for this signature in database
GPG key ID: 60C51A657EEF2D87
6 changed files with 34 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

7
custom_components/mikrotik_router/config_flow.py
View file

@ -15,6 +15,7 @@ from homeassistant.const import (
CONF_USERNAME, CONF_USERNAME,
CONF_PASSWORD, CONF_PASSWORD,
CONF_SSL, CONF_SSL,
CONF_VERIFY_SSL,
CONF_ZONE, CONF_ZONE,
STATE_HOME, STATE_HOME,
) )
@ -59,6 +60,7 @@ from .const import (
DEFAULT_PORT, DEFAULT_PORT,
DEFAULT_DEVICE_NAME, DEFAULT_DEVICE_NAME,
DEFAULT_SSL, DEFAULT_SSL,
DEFAULT_VERIFY_SSL,
DEFAULT_SENSOR_NETWATCH_TRACKER, DEFAULT_SENSOR_NETWATCH_TRACKER,
CONF_SENSOR_NETWATCH_TRACKER, CONF_SENSOR_NETWATCH_TRACKER,
) )
@ -115,6 +117,7 @@ class MikrotikControllerConfigFlow(ConfigFlow, domain=DOMAIN):
password=user_input[CONF_PASSWORD], password=user_input[CONF_PASSWORD],
port=user_input[CONF_PORT], port=user_input[CONF_PORT],
use_ssl=user_input[CONF_SSL], use_ssl=user_input[CONF_SSL],
ssl_verify=user_input[CONF_VERIFY_SSL],
) )
if not api.connect(): if not api.connect():
errors[CONF_HOST] = api.error errors[CONF_HOST] = api.error
@ -135,6 +138,7 @@ class MikrotikControllerConfigFlow(ConfigFlow, domain=DOMAIN):
CONF_PASSWORD: DEFAULT_USERNAME, CONF_PASSWORD: DEFAULT_USERNAME,
CONF_PORT: DEFAULT_PORT, CONF_PORT: DEFAULT_PORT,
CONF_SSL: DEFAULT_SSL, CONF_SSL: DEFAULT_SSL,
CONF_VERIFY_SSL: DEFAULT_VERIFY_SSL,
}, },
errors=errors, errors=errors,
) )
@ -154,6 +158,9 @@ class MikrotikControllerConfigFlow(ConfigFlow, domain=DOMAIN):
vol.Required(CONF_PASSWORD, default=user_input[CONF_PASSWORD]): str, vol.Required(CONF_PASSWORD, default=user_input[CONF_PASSWORD]): str,
vol.Optional(CONF_PORT, default=user_input[CONF_PORT]): int, vol.Optional(CONF_PORT, default=user_input[CONF_PORT]): int,
vol.Optional(CONF_SSL, default=user_input[CONF_SSL]): bool, vol.Optional(CONF_SSL, default=user_input[CONF_SSL]): bool,
vol.Optional(
CONF_VERIFY_SSL, default=user_input[CONF_VERIFY_SSL]
): bool,
} }
), ),
errors=errors, errors=errors,

1
custom_components/mikrotik_router/const.py
View file

@ -25,6 +25,7 @@ DEFAULT_USERNAME = "admin"
DEFAULT_PORT = 0 DEFAULT_PORT = 0
DEFAULT_DEVICE_NAME = "Mikrotik" DEFAULT_DEVICE_NAME = "Mikrotik"
DEFAULT_SSL = False DEFAULT_SSL = False
DEFAULT_VERIFY_SSL = False
CONF_SCAN_INTERVAL = "scan_interval" CONF_SCAN_INTERVAL = "scan_interval"
DEFAULT_SCAN_INTERVAL = 30 DEFAULT_SCAN_INTERVAL = 30

5
custom_components/mikrotik_router/coordinator.py
View file

@ -26,6 +26,7 @@ from homeassistant.const import (
CONF_USERNAME, CONF_USERNAME,
CONF_PASSWORD, CONF_PASSWORD,
CONF_SSL, CONF_SSL,
CONF_VERIFY_SSL,
CONF_ZONE, CONF_ZONE,
STATE_HOME, STATE_HOME,
) )
@ -130,6 +131,7 @@ class MikrotikTrackerCoordinator(DataUpdateCoordinator[None]):
config_entry.data[CONF_PASSWORD], config_entry.data[CONF_PASSWORD],
config_entry.data[CONF_PORT], config_entry.data[CONF_PORT],
config_entry.data[CONF_SSL], config_entry.data[CONF_SSL],
config_entry.data[CONF_VERIFY_SSL],
) )
# --------------------------- # ---------------------------
@ -271,6 +273,7 @@ class MikrotikCoordinator(DataUpdateCoordinator[None]):
config_entry.data[CONF_PASSWORD], config_entry.data[CONF_PASSWORD],
config_entry.data[CONF_PORT], config_entry.data[CONF_PORT],
config_entry.data[CONF_SSL], config_entry.data[CONF_SSL],
config_entry.data[CONF_VERIFY_SSL],
) )
self.debug = False self.debug = False
@ -1584,7 +1587,7 @@ class MikrotikCoordinator(DataUpdateCoordinator[None]):
try: try:
full_version = self.ds["fw-update"].get("installed-version") full_version = self.ds["fw-update"].get("installed-version")
split_end = min(len(full_version), 4) split_end = min(len(full_version), 4)
version = re.sub(r"[^0-9\.]", "", full_version[0:split_end]) version = re.sub("[^0-9\.]", "", full_version[0:split_end])
self.major_fw_version = int(version.split(".")[0]) self.major_fw_version = int(version.split(".")[0])
self.minor_fw_version = int(version.split(".")[1]) self.minor_fw_version = int(version.split(".")[1])
_LOGGER.debug( _LOGGER.debug(

13
custom_components/mikrotik_router/mikrotikapi.py
View file

@ -28,12 +28,14 @@ class MikrotikAPI:
password, password,
port=0, port=0,
use_ssl=True, use_ssl=True,
ssl_verify=True,
login_method=DEFAULT_LOGIN_METHOD, login_method=DEFAULT_LOGIN_METHOD,
encoding=DEFAULT_ENCODING, encoding=DEFAULT_ENCODING,
): ):
"""Initialize the Mikrotik Client.""" """Initialize the Mikrotik Client."""
self._host = host self._host = host
self._use_ssl = use_ssl self._use_ssl = use_ssl
self._ssl_verify = ssl_verify
self._port = port self._port = port
self._username = username self._username = username
self._password = password self._password = password
@ -118,15 +120,19 @@ class MikrotikAPI:
"port": self._port, "port": self._port,
} }
self.lock.acquire()
try:
if self._use_ssl: if self._use_ssl:
if self._ssl_wrapper is None: if self._ssl_wrapper is None:
ssl_context = ssl.create_default_context() ssl_context = ssl.create_default_context()
ssl_context.check_hostname = False ssl_context.check_hostname = False
if self._ssl_verify:
ssl_context.verify_mode = ssl.CERT_REQUIRED
ssl_context.verify_flags &= ~ssl.VERIFY_X509_STRICT
else:
ssl_context.verify_mode = ssl.CERT_NONE ssl_context.verify_mode = ssl.CERT_NONE
self._ssl_wrapper = ssl_context.wrap_socket self._ssl_wrapper = ssl_context.wrap_socket
kwargs["ssl_wrapper"] = self._ssl_wrapper kwargs["ssl_wrapper"] = self._ssl_wrapper
self.lock.acquire()
try:
self._connection = librouteros.connect( self._connection = librouteros.connect(
self._host, self._username, self._password, **kwargs self._host, self._username, self._password, **kwargs
) )
@ -164,6 +170,9 @@ class MikrotikAPI:
if "ALERT_HANDSHAKE_FAILURE" in error: if "ALERT_HANDSHAKE_FAILURE" in error:
self.error = "ssl_handshake_failure" self.error = "ssl_handshake_failure"
if "CERTIFICATE_VERIFY_FAILED" in error:
self.error = "ssl_verify_failure"
# --------------------------- # ---------------------------
# connected # connected
# --------------------------- # ---------------------------

4
custom_components/mikrotik_router/strings.json
View file

@ -10,7 +10,8 @@
"port": "Port", "port": "Port",
"username": "Username", "username": "Username",
"password": "Password", "password": "Password",
"ssl": "Use SSL" "ssl": "Use SSL",
"verify_ssl": "Verify SSL"
} }
} }
}, },
@ -18,6 +19,7 @@
"name_exists": "Name already exists.", "name_exists": "Name already exists.",
"cannot_connect": "Cannot connect to Mikrotik.", "cannot_connect": "Cannot connect to Mikrotik.",
"ssl_handshake_failure": "SSL handshake failure", "ssl_handshake_failure": "SSL handshake failure",
"ssl_verify_failure": "Certificate verify failed",
"connection_timeout": "Mikrotik connection timeout.", "connection_timeout": "Mikrotik connection timeout.",
"wrong_login": "Invalid user name or password." "wrong_login": "Invalid user name or password."
} }

4
custom_components/mikrotik_router/translations/en.json
View file

@ -10,7 +10,8 @@
"port": "Port", "port": "Port",
"username": "Username", "username": "Username",
"password": "Password", "password": "Password",
"ssl": "Use SSL" "ssl": "Use SSL",
"verify_ssl": "Verify SSL"
} }
} }
}, },
@ -18,6 +19,7 @@
"name_exists": "Name already exists.", "name_exists": "Name already exists.",
"cannot_connect": "Cannot connect to Mikrotik.", "cannot_connect": "Cannot connect to Mikrotik.",
"ssl_handshake_failure": "SSL handshake failure", "ssl_handshake_failure": "SSL handshake failure",
"ssl_verify_failure": "Certificate verify failed",
"connection_timeout": "Mikrotik connection timeout.", "connection_timeout": "Mikrotik connection timeout.",
"wrong_login": "Invalid user name or password." "wrong_login": "Invalid user name or password."
} }