dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #292787 from leonm1/python-matter-server-5.8.0

Browse Source 
python-matter-server: 5.7.0b2 -> 5.8.0
This commit is contained in:
Martin Weinelt 2024-03-02 14:37:51 +01:00 committed by GitHub
commit fa9a51752f
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 27 additions and 108 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
pkgs/development/python-modules/python-matter-server/default.nix
View File

@ -55,7 +55,7 @@ in
buildPythonPackage rec {
pname = "python-matter-server";
version = "5.7.0b2";
version = "5.8.0";
format = "pyproject";
disabled = pythonOlder "3.10";
@ -64,7 +64,7 @@ buildPythonPackage rec {
owner = "home-assistant-libs";
repo = "python-matter-server";
rev = "refs/tags/${version}";
hash = "sha256-fMtvVizHeAzLdou0U1tqbmQATIBLK4w9I7EwMlzB8QA=";
hash = "sha256-bpXRay4JUujqdnscGldW732e8FTkcmfShbtwp2YJC60=";
};
patches = [

131
pkgs/development/python-modules/python-matter-server/link-paa-root-certs.patch
View File

@ -1,126 +1,45 @@
diff --git a/matter_server/server/const.py b/matter_server/server/const.py
index b6cd839..f9f798f 100644
index 2a6140b..275353a 100644
--- a/matter_server/server/const.py
+++ b/matter_server/server/const.py
@@ -5,14 +5,4 @@ from typing import Final
# The minimum schema version (of a client) the server can support
MIN_SCHEMA_VERSION = 5
-# the paa-root-certs path is hardcoded in the sdk at this time
-# and always uses the development subfolder
-# regardless of anything you pass into instantiating the controller
-# revisit this once matter 1.1 is released
@@ -15,7 +15,8 @@ DATA_MODEL_SCHEMA_VERSION = 6
# and always uses the development subfolder
# regardless of anything you pass into instantiating the controller
# revisit this once matter 1.1 is released
-PAA_ROOT_CERTS_DIR: Final[pathlib.Path] = (
- pathlib.Path(__file__)
- .parent.resolve()
- .parent.resolve()
- .parent.resolve()
- .joinpath("credentials/development/paa-root-certs")
-)
+PAA_ROOT_CERTS_DIR: Final[pathlib.Path] = pathlib.Path("@paacerts@")
+(
pathlib.Path(__file__)
.parent.resolve()
.parent.resolve()
diff --git a/matter_server/server/helpers/paa_certificates.py b/matter_server/server/helpers/paa_certificates.py
index 9ac5a10..25230c1 100644
index d186be1..d2cef54 100644
--- a/matter_server/server/helpers/paa_certificates.py
+++ b/matter_server/server/helpers/paa_certificates.py
@@ -58,84 +58,14 @@ async def fetch_dcl_certificates(
@@ -62,6 +62,8 @@ async def fetch_dcl_certificates(
fetch_production_certificates: bool = True,
) -> int:
"""Fetch DCL PAA Certificates."""
- LOGGER.info("Fetching the latest PAA root certificates from DCL.")
- if not PAA_ROOT_CERTS_DIR.is_dir():
- loop = asyncio.get_running_loop()
- await loop.run_in_executor(None, makedirs, PAA_ROOT_CERTS_DIR)
- fetch_count: int = 0
- base_urls = set()
- # determine which url's need to be queried.
- # if we're going to fetch both prod and test, do test first
- # so any duplicates will be overwritten/preferred by the production version
- # NOTE: While Matter is in BETA we fetch the test certificates by default
- if fetch_test_certificates:
- base_urls.add(TEST_URL)
- if fetch_production_certificates:
- base_urls.add(PRODUCTION_URL)
- try:
- async with ClientSession(raise_for_status=True) as http_session:
- for url_base in base_urls:
- # fetch the paa certificates list
- async with http_session.get(
- f"{url_base}/dcl/pki/root-certificates"
- ) as response:
- result = await response.json()
- paa_list = result["approvedRootCertificates"]["certs"]
- # grab each certificate
- for paa in paa_list:
- # do not fetch a certificate if we already fetched it
- if paa["subjectKeyId"] in LAST_CERT_IDS:
- continue
- async with http_session.get(
- f"{url_base}/dcl/pki/certificates/{paa['subject']}/{paa['subjectKeyId']}"
- ) as response:
- result = await response.json()
-
- certificate_data: dict = result["approvedCertificates"]["certs"][0]
- certificate: str = certificate_data["pemCert"]
- subject = certificate_data["subjectAsText"]
- certificate = certificate.rstrip("\n")
-
- await write_paa_root_cert(
- certificate,
- subject,
- )
- LAST_CERT_IDS.add(paa["subjectKeyId"])
- fetch_count += 1
- except ClientError as err:
- LOGGER.warning(
- "Fetching latest certificates failed: error %s", err, exc_info=err
- )
- else:
- LOGGER.info("Fetched %s PAA root certificates from DCL.", fetch_count)
-
- return fetch_count
+ return 0
+
LOGGER.info("Fetching the latest PAA root certificates from DCL.")
fetch_count: int = 0
base_urls = set()
@@ -121,6 +123,8 @@ async def fetch_dcl_certificates(
async def fetch_git_certificates() -> int:
"""Fetch Git PAA Certificates."""
- fetch_count = 0
- LOGGER.info("Fetching the latest PAA root certificates from Git.")
- try:
- async with ClientSession(raise_for_status=True) as http_session:
- for cert in GIT_CERTS:
- if cert in LAST_CERT_IDS:
- continue
- async with http_session.get(f"{GIT_URL}/{cert}.pem") as response:
- certificate = await response.text()
- await write_paa_root_cert(certificate, cert)
- LAST_CERT_IDS.add(cert)
- fetch_count += 1
- except ClientError as err:
- LOGGER.warning(
- "Fetching latest certificates failed: error %s", err, exc_info=err
- )
-
- LOGGER.info("Fetched %s PAA root certificates from Git.", fetch_count)
-
- return fetch_count
+ return 0
+
fetch_count = 0
LOGGER.info("Fetching the latest PAA root certificates from Git.")
async def fetch_certificates(
@@ -144,12 +74,4 @@ async def fetch_certificates(
@@ -162,6 +166,8 @@ async def fetch_certificates(
fetch_production_certificates: bool = True,
) -> int:
"""Fetch PAA Certificates."""
- fetch_count = await fetch_dcl_certificates(
- fetch_test_certificates=fetch_test_certificates,
- fetch_production_certificates=fetch_production_certificates,
- )
-
- if fetch_test_certificates:
- fetch_count += await fetch_git_certificates()
-
- return fetch_count
+ return 0
+
loop = asyncio.get_running_loop()
if not PAA_ROOT_CERTS_DIR.is_dir():