1 From 9c0d93ef3b7266037a1c8fe7e49790f9119dae28 Mon Sep 17 00:00:00 2001
2 From: Erik Jaegervall <erik.jaegervall@se.bosch.com>
3 Date: Wed, 31 Aug 2022 14:41:07 +0200
4 Subject: [PATCH] Update kuksa-viss-client to support Python 3.10
6 SSH checks in Python 3.10 are stricter.
7 Using current version with Python 3.10 gives the following error:
9 Disconnected!! Cannot create a client socket with a PROTOCOL_TLS_SERVER context (_ssl.c:801)
11 Changing to default context (i.e. implictly Purpose.SERVER_AUTH)
12 Also ignoring hostname check as certificate does not include correct hostname
13 Updating Docker build to use Python 3.10
15 Signed-off-by: Erik Jaegervall <erik.jaegervall@se.bosch.com>
17 Upstream-Status: Backport [https://github.com/eclipse/kuksa.val/commit/9c0d93ef3b7266037a1c8fe7e49790f9119dae28]
18 Signed-off-by: Scott Murray <scott.murray@konsulko.com>
20 kuksa_viss_client/Dockerfile | 2 +-
21 kuksa_viss_client/__init__.py | 5 ++++-
22 2 files changed, 5 insertions(+), 2 deletions(-)
24 diff --git a/kuksa_viss_client/Dockerfile b/kuksa_viss_client/Dockerfile
25 index ae62e50..bf0f49e 100644
26 --- a/kuksa_viss_client/Dockerfile
27 +++ b/kuksa_viss_client/Dockerfile
28 @@ -18,7 +18,7 @@ RUN python -m build
29 RUN mkdir /kuksa_viss_client
30 RUN pip install --target /kuksa_viss_client --no-cache-dir dist/*.whl
32 -FROM python:3.8-alpine
33 +FROM python:3.10-alpine
35 COPY --from=build /kuksa_viss_client /kuksa_viss_client
36 ENV PYTHONUNBUFFERED=yes
37 diff --git a/kuksa_viss_client/__init__.py b/kuksa_viss_client/__init__.py
38 index 69cc996..ab29fb9 100644
39 --- a/kuksa_viss_client/__init__.py
40 +++ b/kuksa_viss_client/__init__.py
41 @@ -227,9 +227,12 @@ class KuksaClientThread(threading.Thread):
43 async def mainLoop(self):
45 - context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
46 + context = ssl.create_default_context()
47 context.load_cert_chain(certfile=self.certificate, keyfile=self.keyfile)
48 context.load_verify_locations(cafile=self.cacertificate)
49 + # Certificates in ../kuksa_certificates does not contain the IP address used for
50 + # connection to server so hostname check must be disabled
51 + context.check_hostname = False
53 print("connect to wss://"+self.serverIP+":"+str(self.serverPort))
54 async with websockets.connect("wss://"+self.serverIP+":"+str(self.serverPort), ssl=context) as ws: