diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 8ff9adb..903a9a3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -37,7 +37,7 @@ jobs: fail-fast: false matrix: test-type: [ MutualAuth, MutualAuthT , Websocket, ALPN, ALPNT] - python-version: [ '2.x', '3.x' ] + python-version: [ '3.3.7', "3.x" ] #[MutualAuth, Websocket, ALPN] steps: - uses: actions/checkout@v2 diff --git a/.github/workflows/closed-issue-message.yml b/.github/workflows/closed-issue-message.yml index 22bf2a7..9db87c8 100644 --- a/.github/workflows/closed-issue-message.yml +++ b/.github/workflows/closed-issue-message.yml @@ -13,7 +13,5 @@ jobs: # These inputs are both required repo-token: "${{ secrets.GITHUB_TOKEN }}" message: | - ### ⚠️COMMENT VISIBILITY WARNING⚠️ - Comments on closed issues are hard for our team to see. - If you need more assistance, please either tag a team member or open a new issue that references this one. - If you wish to keep having a conversation with other community members under this issue feel free to do so. + This issue is now closed. Comments on closed issues are hard for our team to see. + If you need more assistance, please open a new issue that references this one. diff --git a/.github/workflows/stale_issue.yml b/.github/workflows/stale_issue.yml index cbcc8b4..9697ae6 100644 --- a/.github/workflows/stale_issue.yml +++ b/.github/workflows/stale_issue.yml @@ -33,7 +33,7 @@ jobs: closed-for-staleness-label: closed-for-staleness # Issue timing - days-before-stale: 7 + days-before-stale: 10 days-before-close: 4 days-before-ancient: 36500 diff --git a/AWSIoTPythonSDK/core/greengrass/discovery/providers.py b/AWSIoTPythonSDK/core/greengrass/discovery/providers.py index b37b086..a85808a 100644 --- a/AWSIoTPythonSDK/core/greengrass/discovery/providers.py +++ b/AWSIoTPythonSDK/core/greengrass/discovery/providers.py @@ -261,7 +261,7 @@ def _create_ssl_connection(self, sock): ssl_sock = ssl_context.wrap_socket(sock, server_hostname=self._host, do_handshake_on_connect=False) ssl_sock.do_handshake() else: - ssl_sock = ssl.wrap_socket(sock, + ssl_sock = ssl.SSLContext.wrap_socket(sock, certfile=self._cert_path, keyfile=self._key_path, ca_certs=self._ca_path, diff --git a/AWSIoTPythonSDK/core/protocol/paho/client.py b/AWSIoTPythonSDK/core/protocol/paho/client.py index 4216829..9044dc1 100755 --- a/AWSIoTPythonSDK/core/protocol/paho/client.py +++ b/AWSIoTPythonSDK/core/protocol/paho/client.py @@ -797,7 +797,7 @@ def reconnect(self): if self._useSecuredWebsocket: # Never assign to ._ssl before wss handshake is finished # Non-None value for ._ssl will allow ops before wss-MQTT connection is established - rawSSL = ssl.wrap_socket(sock, ca_certs=self._tls_ca_certs, cert_reqs=ssl.CERT_REQUIRED) # Add server certificate verification + rawSSL = ssl.SSLContext.wrap_socket(sock, ca_certs=self._tls_ca_certs, cert_reqs=ssl.CERT_REQUIRED) # Add server certificate verification rawSSL.setblocking(0) # Non-blocking socket self._ssl = SecuredWebSocketCore(rawSSL, self._host, self._port, self._AWSAccessKeyIDCustomConfig, self._AWSSecretAccessKeyCustomConfig, self._AWSSessionTokenCustomConfig) # Override the _ssl socket # self._ssl.enableDebug() @@ -816,7 +816,7 @@ def reconnect(self): verify_hostname = False # Since check_hostname in SSLContext is already set to True, no need to verify it again self._ssl.do_handshake() else: - self._ssl = ssl.wrap_socket( + self._ssl = ssl.SSLContext.wrap_socket( sock, certfile=self._tls_certfile, keyfile=self._tls_keyfile, @@ -990,7 +990,7 @@ def publish(self, topic, payload=None, qos=0, retain=False): message.retain = retain message.dup = False - self._out_message_mutex.acquire() + self._out_message_mutex.acquire() self._out_messages.append(message) if self._max_inflight_messages == 0 or self._inflight_messages < self._max_inflight_messages: self._inflight_messages = self._inflight_messages+1 @@ -999,7 +999,7 @@ def publish(self, topic, payload=None, qos=0, retain=False): elif qos == 2: message.state = mqtt_ms_wait_for_pubrec self._out_message_mutex.release() - + rc = self._send_publish(message.mid, message.topic, message.payload, message.qos, message.retain, message.dup) # remove from inflight messages so it will be send after a connection is made @@ -1007,7 +1007,7 @@ def publish(self, topic, payload=None, qos=0, retain=False): with self._out_message_mutex: self._inflight_messages -= 1 message.state = mqtt_ms_publish - + return (rc, local_mid) else: message.state = mqtt_ms_queued; @@ -1033,7 +1033,7 @@ def socket_factory_set(self, socket_factory): socket_factory: create_connection function which creates a socket to user's specification """ self._socket_factory = socket_factory - + def disconnect(self): """Disconnect a connected client from the broker.""" self._state_mutex.acquire() @@ -1435,10 +1435,10 @@ def message_callback_add(self, sub, callback): Messages that match 'sub' will be passed to 'callback'. Any non-matching messages will be passed to the default on_message callback. - + Call multiple times with different 'sub' to define multiple topic specific callbacks. - + Topic specific callbacks may be removed with message_callback_remove().""" if callback is None or sub is None: @@ -2448,7 +2448,7 @@ def _tls_match_hostname(self): raise ssl.SSLError('Certificate subject does not match remote hostname.') -# Compatibility class for easy porting from mosquitto.py. +# Compatibility class for easy porting from mosquitto.py. class Mosquitto(Client): def __init__(self, client_id="", clean_session=True, userdata=None): super(Mosquitto, self).__init__(client_id, clean_session, userdata) diff --git a/test-integration/run/run.sh b/test-integration/run/run.sh index f420f73..f6cb94e 100755 --- a/test-integration/run/run.sh +++ b/test-integration/run/run.sh @@ -85,7 +85,6 @@ else python ${RetrieveAWSKeys} ${AWSSetName_certificate} > ${CREDENTIAL_DIR}certificate.pem.crt python ${RetrieveAWSKeys} ${AWSSetName_privatekey} > ${CREDENTIAL_DIR}privateKey.pem.key curl -s "${CA_CERT_URL}" > ${CA_CERT_PATH} - echo -e "URL retrieved certificate data:\n$(cat ${CA_CERT_PATH})\n" python ${RetrieveAWSKeys} ${AWSDRSName_certificate} > ${CREDENTIAL_DIR}certificate_drs.pem.crt python ${RetrieveAWSKeys} ${AWSDRSName_privatekey} > ${CREDENTIAL_DIR}privateKey_drs.pem.key elif [ "$1"x == "Websocket"x -o "$1"x == "WebsocketT"x ]; then @@ -96,12 +95,9 @@ else ACCESS_KEY_ID_ARN=$(python ${RetrieveAWSKeys} ${AWSSecretForWebsocket_Desktop_KeyId}) ACCESS_SECRET_KEY_ARN=$(python ${RetrieveAWSKeys} ${AWSSecretForWebsocket_Desktop_SecretKey}) fi - echo ${ACCESS_KEY_ID_ARN} - echo ${ACCESS_SECRET_KEY_ARN} export AWS_ACCESS_KEY_ID=${ACCESS_KEY_ID_ARN} export AWS_SECRET_ACCESS_KEY=${ACCESS_SECRET_KEY_ARN} curl -s "${CA_CERT_URL}" > ${CA_CERT_PATH} - echo -e "URL retrieved certificate data:\n$(cat ${CA_CERT_PATH})\n" elif [ "$1"x == "ALPN"x -o "$1"x == "ALPNT"x ]; then AWSSetName_privatekey=${AWSMutualAuth_TodWorker_private_key} AWSSetName_certificate=${AWSMutualAuth_TodWorker_certificate} @@ -115,7 +111,6 @@ else python ${RetrieveAWSKeys} ${AWSSetName_certificate} > ${CREDENTIAL_DIR}certificate.pem.crt python ${RetrieveAWSKeys} ${AWSSetName_privatekey} > ${CREDENTIAL_DIR}privateKey.pem.key curl -s "${CA_CERT_URL}" > ${CA_CERT_PATH} - echo -e "URL retrieved certificate data:\n$(cat ${CA_CERT_PATH})\n" python ${RetrieveAWSKeys} ${AWSDRSName_certificate} > ${CREDENTIAL_DIR}certificate_drs.pem.crt python ${RetrieveAWSKeys} ${AWSDRSName_privatekey} > ${CREDENTIAL_DIR}privateKey_drs.pem.key else