Breaking changes in pika master branch again.

Adjusts the SSLOptions API.

Breaking changes in pika master branch again.
aa02412f · Dennis Ahrens · 838852a7 · aa02412f · aa02412f
Commit aa02412f authored 7 years ago by Dennis Ahrens
--- a/pikatasks/settings.py
+++ b/pikatasks/settings.py
@@ -31,7 +31,7 @@ SSL_CONF = {
    # NOTE: The following values are not meant to be changed through settings
    # because this would be a mess in deployment!
    "ssl_version": ssl.PROTOCOL_TLSv1_2,
-    "cert_reqs": ssl.CERT_NONE,
+    "cert_reqs": ssl.CERT_REQUIRED,
 }
 # stuff you might want to change sometimes:

--- a/pikatasks/utils.py
+++ b/pikatasks/utils.py
 import json
 import pika
 import logging
+import ssl
 from . import settings
@@ -15,6 +16,15 @@ def deserialize(binary):
    return json.loads(binary.decode("utf-8"))
+def get_ssl_options(ssl_settings):
+    """ Create pika.SSLOptions based on pikatasks settings. """
+    context = ssl.SSLContext(ssl_settings.get('ssl_version'))
+    context.verify_mode = (ssl_settings.get('cert_reqs'))
+    context.load_verify_locations(ssl_settings.get('ca_certs'))
+    context.load_cert_chain(ssl_settings.get('certfile'), ssl_settings.get('keyfile'))
+    return pika.SSLOptions(context)
 def get_pika_connection_parameters():
    return pika.ConnectionParameters(
            host=settings.BROKER_HOST,
@@ -24,9 +34,9 @@ def get_pika_connection_parameters():
                username=settings.USERNAME,
                password=settings.PASSWORD
            ),
-            blocked_connection_timeout=settings.BLOCKED_CONNECTION_TIMEOUT.total_seconds(),  # TODO: causes a warning when closing connections
+            # TODO: causes a warning when closing connections
-            ssl=settings.SSL_ENABLED,
+            blocked_connection_timeout=settings.BLOCKED_CONNECTION_TIMEOUT.total_seconds(),
-            ssl_options=settings.SSL_CONF,
+            ssl_options=get_ssl_options(settings.SSL_CONF) if settings.SSL_ENABLED else None,
        )