From 9b59eac58b4cd6e86cd9e531bc1cd629a3d53792 Mon Sep 17 00:00:00 2001 From: Mick Vleeshouwer Date: Sun, 24 Nov 2024 18:29:36 +0000 Subject: [PATCH 1/2] Make SSLContext async friendly --- pyoverkiz/client.py | 24 +++++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) diff --git a/pyoverkiz/client.py b/pyoverkiz/client.py index 89923cb5..bca0dbc6 100644 --- a/pyoverkiz/client.py +++ b/pyoverkiz/client.py @@ -98,6 +98,24 @@ async def refresh_listener(invocation: Mapping[str, Any]) -> None: # pylint: disable=too-many-instance-attributes, too-many-branches +def _create_local_ssl_context() -> ssl.SSLContext: + """Create SSL context. + + This method is not async-friendly and should be called from a thread + because it will load certificates from disk and do other blocking I/O. + """ + + return ssl.create_default_context( + cafile=os.path.dirname(os.path.realpath(__file__)) + "/overkiz-root-ca-2048.crt" + ) + + +# The default SSLContext objects are created at import time +# since they do blocking I/O to load certificates from disk, +# and imports should always be done before the event loop starts or in a thread. +SSL_CONTEXT_LOCAL_API = _create_local_ssl_context() + + class OverkizClient: """Interface class for the Overkiz API""" @@ -153,11 +171,7 @@ def __init__( if verify_ssl: # To avoid security issues while authentication to local API, we add the following authority to # our HTTPS client trust store: https://ca.overkiz.com/overkiz-root-ca-2048.crt - self._ssl = ssl.create_default_context( - cafile=os.path.dirname(os.path.realpath(__file__)) - + "/overkiz-root-ca-2048.crt" - ) - + self._ssl = SSL_CONTEXT_LOCAL_API else: self.api_type = APIType.CLOUD From c63c697446baab96e5280f1e531fe4c78fd59045 Mon Sep 17 00:00:00 2001 From: Mick Vleeshouwer Date: Sun, 24 Nov 2024 18:31:56 +0000 Subject: [PATCH 2/2] remove extra enter --- pyoverkiz/client.py | 1 - 1 file changed, 1 deletion(-) diff --git a/pyoverkiz/client.py b/pyoverkiz/client.py index bca0dbc6..f73474a9 100644 --- a/pyoverkiz/client.py +++ b/pyoverkiz/client.py @@ -104,7 +104,6 @@ def _create_local_ssl_context() -> ssl.SSLContext: This method is not async-friendly and should be called from a thread because it will load certificates from disk and do other blocking I/O. """ - return ssl.create_default_context( cafile=os.path.dirname(os.path.realpath(__file__)) + "/overkiz-root-ca-2048.crt" )