0.8.11 (#114)

* rework tls settings
OctoPrint · Dec 9, 2021 · 1ac11cc · 1ac11cc
1 parent e86ed56
commit 1ac11cc
Show file tree

Hide file tree

Showing 4 changed files with 42 additions and 47 deletions.
diff --git a/octoprint_mqtt/__init__.py b/octoprint_mqtt/__init__.py
@@ -98,6 +98,7 @@ def get_settings_defaults(self):
                 username=None,
                 password=None,
                 keepalive=60,
+                tls_active=False,
                 tls=dict(),
                 tls_insecure=False,
                 protocol="MQTTv31",
@@ -275,6 +276,7 @@ def mqtt_connect(self):
         broker_username = self._settings.get(["broker", "username"])
         broker_password = self._settings.get(["broker", "password"])
         broker_keepalive = self._settings.get_int(["broker", "keepalive"])
+        broker_tls_active = self._settings.get(["broker", "tls_active"])
         broker_tls = self._settings.get(["broker", "tls"], asdict=True)
         broker_tls_insecure = self._settings.get_boolean(["broker", "tls_insecure"])
         broker_protocol = self._settings.get(["broker", "protocol"])
@@ -298,17 +300,15 @@ def mqtt_connect(self):
 
         if self._mqtt is None:
             self._mqtt = mqtt.Client(client_id=client_id, protocol=protocol, clean_session=clean_session)
+        else:
+            self._mqtt.reinitialise() #otherwise tls_set might be called again causing the plugin to crash 
 
         if broker_username is not None:
             self._mqtt.username_pw_set(broker_username, password=broker_password)
 
-        tls_active = False
-        if broker_tls:
+        if broker_tls_active:
             tls_args = dict((key, value) for key, value in broker_tls.items() if value)
-            ca_certs = tls_args.pop("ca_certs", None)
-            if ca_certs:  # cacerts must not be None for tls_set to work
-                self._mqtt.tls_set(ca_certs, **tls_args)
-                tls_active = True
+            self._mqtt.tls_set(**tls_args)
 
         if broker_tls_insecure and tls_active:
             self._mqtt.tls_insecure_set(broker_tls_insecure)

diff --git a/octoprint_mqtt/static/js/mqtt.js b/octoprint_mqtt/static/js/mqtt.js
@@ -5,7 +5,6 @@ $(function() {
         self.global_settings = parameters[0];
 
         self.showUserCredentials = ko.observable(false);
-        self.showSsl = ko.observable(false);
         self.showClientID = ko.observable(false);
 
         self.settings = undefined;
@@ -17,9 +16,6 @@ $(function() {
             // show credential options if username is set
             self.showUserCredentials(!!self.settings.broker.username());
 
-            // show SSL/TLS config options if any of the corresponding settings are set
-            self.showSsl(!!self.settings.broker.tls && !!self.settings.broker.tls.cacerts && !!self.settings.broker.tls.cacerts())
-
             // show client_id options if client_id is set
             self.showClientID(!!self.settings.client.client_id());
         };

diff --git a/octoprint_mqtt/templates/mqtt_settings.jinja2 b/octoprint_mqtt/templates/mqtt_settings.jinja2
@@ -107,52 +107,51 @@
             <div class="control-group">
                 <div class="controls">
                     <label class="checkbox">
-                        <input type="checkbox" data-bind="checked: showSsl"> {{ _('The broker requires TLS to connect, show SSL/TLS options') }}
+                        <input type="checkbox" data-bind="checked: settings.broker.tls_active"> {{ _('The broker requires TLS to connect (If you change from true to false, you need to restart OctoPrint)') }}
                     </label>
                 </div>
             </div>
-            <div data-bind="visible: showSsl" style="display: none">
-                <div class="control-group">
-                    <label class="control-label">{{ _('Path to server certificate chain') }}</label>
-                    <div class="controls">
-                        <input type="text" class="input-large" id="settings_plugin_mqtt_broker_tls_caCerts" data-bind="value: settings.broker.tls.ca_certs" />
-                        <span class="help-block">{{ _('Path to the server\'s certificate chain file. Mandatory, required for TLS to work.') }}</span>
-                    </div>
-                </div>
 
-                <div class="control-group">
-                    <label class="control-label">{{ _('Path to client certificate') }}</label>
-                    <div class="controls">
-                        <input type="text" class="input-large" id="settings_plugin_mqtt_broker_tls_certfile" data-bind="value: settings.broker.tls.certfile" />
-                        <span class="help-block">{{ _('Paths to the PEM encoded client certificate, <strong>must not be password protected</strong>, only necessary if broker requires client certificate authentication.') }}</span>
+            <div class="advanced-options-container">
+                <div><small><a href="#" class="muted" data-bind="toggleContent: { class: 'fa-caret-right fa-caret-down', parent: '.advanced-options-container', container: '.hide' }"><i class="fa fa-caret-right"></i> {{ _('Advanced TLS options') }}</a></small></div>
+                <div class="hide">
+                    <div class="control-group">
+                        <label class="control-label">{{ _('Path to server certificate chain') }}</label>
+                        <div class="controls">
+                            <input type="text" class="input-large" id="settings_plugin_mqtt_broker_tls_caCerts" data-bind="value: settings.broker.tls.ca_certs" />
+                            <span class="help-block">{{ _('Path to the server\'s certificate chain file (optional).') }}</span>
+                        </div>
                     </div>
-                </div>
 
-                <div class="control-group">
-                    <label class="control-label">{{ _('Path to client key') }}</label>
-                    <div class="controls">
-                        <input type="text" class="input-large" id="settings_plugin_mqtt_broker_tls_keyfile" data-bind="value: settings.broker.tls.keyfile" />
-                        <span class="help-block">{{ _('Paths to the PEM encoded private keys, <strong>must not be password protected</strong>, only necessary if broker requires client certificate authentication.') }}</span>
+                    <div class="control-group">
+                        <label class="control-label">{{ _('Path to client certificate') }}</label>
+                        <div class="controls">
+                            <input type="text" class="input-large" id="settings_plugin_mqtt_broker_tls_certfile" data-bind="value: settings.broker.tls.certfile" />
+                            <span class="help-block">{{ _('Paths to the PEM encoded client certificate, <strong>must not be password protected</strong>, only necessary if broker requires client certificate authentication.') }}</span>
+                        </div>
                     </div>
-                </div>
 
-                <div class="advanced-options-container">
-                    <div><small><a href="#" class="muted" data-bind="toggleContent: { class: 'fa-caret-right fa-caret-down', parent: '.advanced-options-container', container: '.hide' }"><i class="fa fa-caret-right"></i> {{ _('Advanced TLS options') }}</a></small></div>
-                    <div class="hide">
-                        <div class="control-group">
-                            <label class="control-label">{{ _('Ciphers') }}</label>
-                            <div class="controls">
-                                <input type="text" class="input-large" id="settings_plugin_mqtt_broker_tls_ciphers" data-bind="value: settings.broker.tls.ciphers" />
-                                <span class="help-block">{{ _('A string specifying which encryption ciphers are allowable for this connection. See <a href="%(url)s" target="_blank">the OpenSSL documentation on ciphers</a>.', url = "https://www.openssl.org/docs/manmaster/man1/ciphers.html") }}</span>
-                            </div>
+                    <div class="control-group">
+                        <label class="control-label">{{ _('Path to client key') }}</label>
+                        <div class="controls">
+                            <input type="text" class="input-large" id="settings_plugin_mqtt_broker_tls_keyfile" data-bind="value: settings.broker.tls.keyfile" />
+                            <span class="help-block">{{ _('Paths to the PEM encoded private keys, <strong>must not be password protected</strong>, only necessary if broker requires client certificate authentication.') }}</span>
+                        </div>
+                    </div>
+
+                    <div class="control-group">
+                        <label class="control-label">{{ _('Ciphers') }}</label>
+                        <div class="controls">
+                            <input type="text" class="input-large" id="settings_plugin_mqtt_broker_tls_ciphers" data-bind="value: settings.broker.tls.ciphers" />
+                            <span class="help-block">{{ _('A string specifying which encryption ciphers are allowable for this connection. See <a href="%(url)s" target="_blank">the OpenSSL documentation on ciphers</a>.', url = "https://www.openssl.org/docs/manmaster/man1/ciphers.html") }}</span>
                         </div>
+                    </div>
 
-                        <div class="control-group">
-                            <div class="controls">
-                                <label class="checkbox">
-                                    <input type="checkbox" data-bind="checked: settings.broker.tls_insecure" /> {{ _('Do not verify the server hostname in the server certificate') }} <span class="label label-important">Caution</span>
-                                </label>
-                            </div>
+                    <div class="control-group">
+                        <div class="controls">
+                            <label class="checkbox">
+                                <input type="checkbox" data-bind="checked: settings.broker.tls_insecure" /> {{ _('Do not verify the server hostname in the server certificate') }} <span class="label label-important">Caution</span>
+                            </label>
                         </div>
                     </div>
                 </div>

diff --git a/setup.py b/setup.py
@@ -11,7 +11,7 @@
 plugin_name = "OctoPrint-MQTT"
 
 # The plugin's version. Can be overwritten within OctoPrint's internal data via __plugin_version__ in the plugin module
-plugin_version = "0.8.10"
+plugin_version = "0.8.11"
 
 # The plugin's description. Can be overwritten within OctoPrint's internal data via __plugin_description__ in the plugin
 # module