python runtime: Wamp client now parses PSK file to extract secret from it instead of using the whole file as a secret.
--- a/runtime/PLCObject.py Wed Feb 26 16:17:15 2025 +0100
+++ b/runtime/PLCObject.py Wed Feb 26 16:24:35 2025 +0100
@@ -595,7 +595,12 @@
@RunInMain
def GetPLCID(self):
- return getPSKID(partial(self.LogMessage, 0))
+ try:
+ res = getPSKID()
+ except Exception as e:
+ self.LogMessage(0, str(e))
+ return ("","")
+ return res
def _init_blobs(self):
self.blobs = {} # dict of list--- a/runtime/Stunnel.py Wed Feb 26 16:17:15 2025 +0100
+++ b/runtime/Stunnel.py Wed Feb 26 16:24:35 2025 +0100
@@ -45,12 +45,11 @@
PSKgen(ID, PSKpath)
-def getPSKID(errorlog):
+def getPSKID():
if _PSKpath is not None:
if not os.path.exists(_PSKpath):
- errorlog(
+ raise Exception(
'Error: Pre-Shared-Key Secret in %s is missing!\n' % _PSKpath)
- return ("","")
ID, _sep, PSK = open(_PSKpath).read().partition(':')
PSK = PSK.rstrip('\n\r')
return (ID, PSK)--- a/runtime/WampClient.py Wed Feb 26 16:17:15 2025 +0100
+++ b/runtime/WampClient.py Wed Feb 26 16:24:35 2025 +0100
@@ -41,6 +41,7 @@
import formless
from nevow import tags, url, static
from runtime import GetPLCObjectSingleton
+from runtime.Stunnel import getPSKID
mandatoryConfigItems = ["ID", "active", "realm", "url"]
@@ -304,7 +305,16 @@
_WampSecret = wampsecret
if _WampSecret is not None:
- WampClientConf["secret"] = LoadWampSecret(_WampSecret)
+ if _WampSecret == _WampSecretDefault:
+ # secret from project dir is raw (no ID prefix)
+ secret = LoadWampSecret(_WampSecret)
+ else:
+ # secret from command line is formated ID:PSK
+ # fall back to PSK data (works because wampsecret is PSKpath)
+ _ID, secret = getPSKID()
+
+ WampClientConf["secret"] = secret
+
else:
print(_("WAMP authentication has no secret configured"))
_WampSecret = _WampSecretDefault