atomicshop 2.15.13__py3-none-any.whl → 2.16.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of atomicshop might be problematic. Click here for more details.

Files changed (42) hide show
  1. atomicshop/__init__.py +1 -1
  2. atomicshop/a_mains/dns_gateway_setting.py +11 -0
  3. atomicshop/basics/booleans.py +14 -5
  4. atomicshop/dns.py +104 -0
  5. atomicshop/file_io/docxs.py +8 -0
  6. atomicshop/file_io/tomls.py +133 -0
  7. atomicshop/filesystem.py +5 -4
  8. atomicshop/get_process_list.py +3 -3
  9. atomicshop/mitm/config_static.py +195 -0
  10. atomicshop/mitm/config_toml_editor.py +55 -0
  11. atomicshop/mitm/connection_thread_worker.py +54 -90
  12. atomicshop/mitm/import_config.py +147 -139
  13. atomicshop/mitm/initialize_engines.py +7 -2
  14. atomicshop/mitm/initialize_mitm_server.py +161 -107
  15. atomicshop/mitm/shared_functions.py +0 -1
  16. atomicshop/mitm/statistic_analyzer.py +13 -1
  17. atomicshop/mitm/statistic_analyzer_helper/moving_average_helper.py +54 -14
  18. atomicshop/script_as_string_processor.py +5 -1
  19. atomicshop/wrappers/cryptographyw.py +3 -3
  20. atomicshop/wrappers/psutilw/networks.py +25 -1
  21. atomicshop/wrappers/pywin32w/wmis/__init__.py +0 -0
  22. atomicshop/wrappers/pywin32w/wmis/helpers.py +127 -0
  23. atomicshop/wrappers/pywin32w/wmis/win32networkadapter.py +167 -0
  24. atomicshop/wrappers/socketw/accepter.py +8 -8
  25. atomicshop/wrappers/socketw/base.py +13 -0
  26. atomicshop/wrappers/socketw/certificator.py +202 -149
  27. atomicshop/wrappers/socketw/creator.py +15 -35
  28. atomicshop/wrappers/socketw/dns_server.py +155 -102
  29. atomicshop/wrappers/socketw/exception_wrapper.py +8 -27
  30. atomicshop/wrappers/socketw/get_process.py +115 -95
  31. atomicshop/wrappers/socketw/sni.py +298 -164
  32. atomicshop/wrappers/socketw/socket_client.py +5 -12
  33. atomicshop/wrappers/socketw/socket_server_tester.py +1 -1
  34. atomicshop/wrappers/socketw/socket_wrapper.py +328 -72
  35. atomicshop/wrappers/socketw/statistics_csv.py +94 -16
  36. {atomicshop-2.15.13.dist-info → atomicshop-2.16.0.dist-info}/METADATA +1 -1
  37. {atomicshop-2.15.13.dist-info → atomicshop-2.16.0.dist-info}/RECORD +41 -36
  38. atomicshop/mitm/config_editor.py +0 -37
  39. /atomicshop/wrappers/pywin32w/{wmi_win32process.py → wmis/win32process.py} +0 -0
  40. {atomicshop-2.15.13.dist-info → atomicshop-2.16.0.dist-info}/LICENSE.txt +0 -0
  41. {atomicshop-2.15.13.dist-info → atomicshop-2.16.0.dist-info}/WHEEL +0 -0
  42. {atomicshop-2.15.13.dist-info → atomicshop-2.16.0.dist-info}/top_level.txt +0 -0
atomicshop/wrappers/socketw/certificator.py CHANGED
@@ -1,169 +1,222 @@
1
1
  import os
2
2
  import sys
3
3
 
4
+ from cryptography import x509
5
+
4
6
  from . import creator, base, socket_client
5
7
  from .. import pyopensslw, cryptographyw
6
8
  from ..certauthw.certauthw import CertAuthWrapper
7
9
  from ...print_api import print_api
10
+ from ... import filesystem
11
+
12
+
13
+ class Certificator:
14
+ """
15
+ Certificator class is used to create and manage certificates, wrapping ssl contexts and sockets.
16
+ """
17
+ def __init__(
18
+ self,
19
+ ca_certificate_name: str,
20
+ ca_certificate_filepath: str,
21
+ default_server_certificate_usage: bool,
22
+ default_server_certificate_name: str,
23
+ default_server_certificate_directory: str,
24
+ default_certificate_domain_list: list,
25
+ sni_server_certificates_cache_directory: str,
26
+ sni_get_server_certificate_from_server_socket: bool,
27
+ sni_server_certificate_from_server_socket_download_directory: str,
28
+ custom_server_certificate_usage: bool,
29
+ custom_server_certificate_path: str,
30
+ custom_private_key_path: str,
31
+ forwarding_dns_service_ipv4_list___only_for_localhost: list,
32
+ skip_extension_id_list: list,
33
+ tls: bool
34
+ ):
35
+ self.ca_certificate_name = ca_certificate_name
36
+ self.ca_certificate_filepath = ca_certificate_filepath
37
+ self.default_server_certificate_usage = default_server_certificate_usage
38
+ self.default_server_certificate_name = default_server_certificate_name
39
+ self.default_server_certificate_directory = default_server_certificate_directory
40
+ self.default_certificate_domain_list = default_certificate_domain_list
41
+ self.sni_server_certificates_cache_directory = sni_server_certificates_cache_directory
42
+ self.sni_get_server_certificate_from_server_socket = sni_get_server_certificate_from_server_socket
43
+ self.sni_server_certificate_from_server_socket_download_directory = (
44
+ sni_server_certificate_from_server_socket_download_directory)
45
+ self.custom_server_certificate_usage = custom_server_certificate_usage
46
+ self.custom_server_certificate_path = custom_server_certificate_path
47
+ self.custom_private_key_path = custom_private_key_path
48
+ self.forwarding_dns_service_ipv4_list___only_for_localhost = (
49
+ forwarding_dns_service_ipv4_list___only_for_localhost)
50
+ self.skip_extension_id_list = skip_extension_id_list
51
+ self.tls = tls
52
+
53
+ # noinspection PyTypeChecker
54
+ self.certauth_wrapper: CertAuthWrapper = None
55
+
56
+ def initialize_certauth_create_use_ca_certificate(self, server_certificate_directory: str):
57
+ """
58
+ Initialize CertAuthWrapper and create CA certificate if it doesn't exist.
59
+ :return:
60
+ """
61
+ # Initialize CertAuthWrapper.
62
+ certauth_wrapper = CertAuthWrapper(
63
+ ca_certificate_name=self.ca_certificate_name,
64
+ ca_certificate_filepath=self.ca_certificate_filepath,
65
+ server_certificate_directory=server_certificate_directory
66
+ )
8
67
 
9
-
10
- # noinspection PyTypeChecker
11
- CERTAUTH_WRAPPER: CertAuthWrapper = None
12
-
13
-
14
- def initialize_certauth_create_use_ca_certificate(config: dict):
15
- # Initialize CertAuthWrapper.
16
- if config['certificates']['default_server_certificate_usage']:
17
- server_certificate_directory = config['certificates']['default_server_certificate_directory']
18
- else:
19
- server_certificate_directory = config['certificates']['sni_server_certificates_cache_directory']
20
-
21
- certauth_wrapper = CertAuthWrapper(
22
- ca_certificate_name=config['certificates']['ca_certificate_name'],
23
- ca_certificate_filepath=config['certificates']['ca_certificate_filepath'],
24
- server_certificate_directory=server_certificate_directory
25
- )
26
-
27
- # Create CA certificate if it doesn't exist.
28
- certauth_wrapper.create_use_ca_certificate()
29
-
30
- return certauth_wrapper
31
-
32
-
33
- # noinspection PyTypeChecker
34
- def select_server_ssl_context_certificate(config: dict, print_kwargs: dict = None):
35
- # We need to nullify the variable, since we have several checks if the variable was set or not.
36
- server_certificate_file_path: str = None
37
- server_private_key_file_path: str = None
38
-
39
- # Creating if non-existent/overwriting default server certificate.
40
- # 'server_certificate_filepath' will be assigned there.
41
- if config['certificates']['default_server_certificate_usage']:
42
- server_certificate_file_path, default_server_certificate_san = \
43
- create_overwrite_default_server_certificate_ca_signed(config=config)
44
-
45
- # Check if default certificate was created.
46
- if server_certificate_file_path:
47
- message = f"Default Server Certificate was created / overwritten: {server_certificate_file_path}"
48
- print_api(message, **print_kwargs)
49
-
50
- message = \
51
- f"Default Server Certificate current 'Subject Alternative Names': {default_server_certificate_san}"
52
- print_api(message, **print_kwargs)
53
- else:
54
- message = f"Couldn't create / overwrite Default Server Certificate: {server_certificate_file_path}"
55
- print_api(message, error_type=True, logger_method='critical', **print_kwargs)
56
- sys.exit()
68
+ # Create CA certificate if it doesn't exist.
69
+ certauth_wrapper.create_use_ca_certificate()
70
+
71
+ return certauth_wrapper
72
+
73
+ # noinspection PyTypeChecker
74
+ def select_server_ssl_context_certificate(
75
+ self,
76
+ print_kwargs: dict = None
77
+ ):
78
+ """
79
+ This function selects between the default certificate and custom certificate for the sll context.
80
+ Returns the selected certificate file path and the private key file path.
81
+ """
82
+ # We need to nullify the variable, since we have several checks if the variable was set or not.
83
+ server_certificate_file_path: str = None
84
+ server_private_key_file_path: str = None
85
+
86
+ # Creating if non-existent/overwriting default server certificate.
87
+ if self.default_server_certificate_usage:
88
+ # Creating if non-existent/overwriting default server certificate.
89
+ server_certificate_file_path, default_server_certificate_san = \
90
+ self.create_overwrite_default_server_certificate_ca_signed()
91
+
92
+ # Check if default certificate was created.
93
+ if server_certificate_file_path:
94
+ message = f"Default Server Certificate was created / overwritten: {server_certificate_file_path}"
95
+ print_api(message, **(print_kwargs or {}))
96
+
97
+ message = \
98
+ f"Default Server Certificate current 'Subject Alternative Names': {default_server_certificate_san}"
99
+ print_api(message, **(print_kwargs or {}))
100
+ else:
101
+ message = f"Couldn't create / overwrite Default Server Certificate: {server_certificate_file_path}"
102
+ print_api(message, error_type=True, logger_method='critical', **(print_kwargs or {}))
103
+ sys.exit()
57
104
 
58
105
  # Assigning 'certificate_path' to 'custom_certificate_path' if usage was set.
59
- if config['certificates']['custom_server_certificate_usage']:
60
- server_certificate_file_path = config['certificates']['custom_server_certificate_path']
106
+ if self.custom_server_certificate_usage:
107
+ server_certificate_file_path = self.custom_server_certificate_path
61
108
  # Since 'ssl_context.load_cert_chain' uses 'keypath' as 'None' if certificate contains private key.
62
109
  # We'd like to leave it that way and don't fetch empty string from 'config'.
63
- if config['certificates']['custom_private_key_path']:
64
- server_private_key_file_path = config['certificates']['custom_private_key_path']
65
-
66
- return server_certificate_file_path, server_private_key_file_path
110
+ if self.custom_private_key_path:
111
+ server_private_key_file_path = self.custom_private_key_path
67
112
 
113
+ return server_certificate_file_path, server_private_key_file_path
68
114
 
69
- def create_overwrite_default_server_certificate_ca_signed(config: dict):
70
- global CERTAUTH_WRAPPER
71
- CERTAUTH_WRAPPER = initialize_certauth_create_use_ca_certificate(config=config)
115
+ def create_overwrite_default_server_certificate_ca_signed(self):
116
+ """
117
+ Create or overwrite default server certificate.
118
+ :return:
119
+ """
72
120
 
73
- domain_list = config['certificates']['domains_all_times']
74
- server_certificate_file_name_no_extension = config['certificates']['default_server_certificate_name']
75
-
76
- server_certificate_file_path, default_server_certificate_san = \
77
- CERTAUTH_WRAPPER.create_overwrite_server_certificate_ca_signed_return_path_and_san(
78
- domain_list=domain_list,
79
- server_certificate_file_name_no_extension=server_certificate_file_name_no_extension
121
+ self.certauth_wrapper = self.initialize_certauth_create_use_ca_certificate(
122
+ server_certificate_directory=self.default_server_certificate_directory
80
123
  )
81
124
 
82
- return server_certificate_file_path, default_server_certificate_san
83
-
84
-
85
- def create_use_sni_server_certificate_ca_signed(sni_received_dict: dict, config: dict, print_kwargs: dict = None):
86
- global CERTAUTH_WRAPPER
87
-
88
- # === Connect to the domain and get the certificate. ===========================================================
89
- certificate_from_socket_x509 = None
90
- if config['certificates']['sni_get_server_certificate_from_server_socket']:
91
- # Generate PEM certificate file path string for downloaded certificates. Signed certificates will go to the
92
- # 'certs' folder.
93
- certificate_from_socket_file_path: str = \
94
- config['certificates']['sni_server_certificate_from_server_socket_download_directory'] + \
95
- os.sep + sni_received_dict['destination_name'] + ".pem"
96
- # Get client ip.
97
- client_ip = base.get_source_address_from_socket(sni_received_dict['ssl_socket'])[0]
98
-
99
- # If we're on localhost, then use external services list in order to resolve the domain:
100
- if client_ip == "127.0.0.1":
101
- service_client = socket_client.SocketClient(
102
- service_name=sni_received_dict['destination_name'],
103
- service_port=base.get_destination_address_from_socket(sni_received_dict['ssl_socket'])[1],
104
- dns_servers_list=config['tcp']['forwarding_dns_service_ipv4_list___only_for_localhost'])
105
- # If we're not on localhost, then connect to domain directly.
106
- else:
107
- service_client = socket_client.SocketClient(
108
- service_name=sni_received_dict['destination_name'],
109
- service_port=base.get_destination_address_from_socket(sni_received_dict['ssl_socket'])[1])
110
-
111
- # Get certificate from socket and convert to X509 cryptography module object.
112
- certificate_from_socket_x509_cryptography_object = service_client.get_certificate_from_server(
113
- save_as_file=True, cert_file_path=certificate_from_socket_file_path, cert_output_type='cryptography'
114
- )
125
+ server_certificate_file_name_no_extension = self.default_server_certificate_name
115
126
 
116
- # skip_extensions = ['1.3.6.1.5.5.7.3.2', '2.5.29.31', '1.3.6.1.5.5.7.1.1']
117
-
118
- # If certificate was downloaded successfully, then remove extensions if they were provided.
119
- # If certificate was downloaded successfully and no extensions to skip were provided, then use it as is.
120
- if certificate_from_socket_x509_cryptography_object and config['skip_extensions']:
121
- # Copy extensions from old certificate to new certificate, without specified extensions.
122
- certificate_from_socket_x509_cryptography_object, _ = \
123
- cryptographyw.copy_extensions_from_old_cert_to_new_cert(
124
- certificate_from_socket_x509_cryptography_object,
125
- skip_extensions=config['skip_extensions'],
126
- print_kwargs=print_kwargs
127
+ server_certificate_file_path, default_server_certificate_san = \
128
+ self.certauth_wrapper.create_overwrite_server_certificate_ca_signed_return_path_and_san(
129
+ domain_list=self.default_certificate_domain_list,
130
+ server_certificate_file_name_no_extension=server_certificate_file_name_no_extension
131
+ )
132
+
133
+ return server_certificate_file_path, default_server_certificate_san
134
+
135
+ def create_use_sni_server_certificate_ca_signed(
136
+ self,
137
+ sni_received_parameters,
138
+ print_kwargs: dict = None
139
+ ):
140
+ # === Connect to the domain and get the certificate. ===========================================================
141
+ certificate_from_socket_x509 = None
142
+ if self.sni_get_server_certificate_from_server_socket:
143
+ # Generate PEM certificate file path string for downloaded certificates. Signed certificates will go to the
144
+ # 'certs' folder.
145
+ certificate_from_socket_file_path: str = \
146
+ self.sni_server_certificate_from_server_socket_download_directory + \
147
+ os.sep + sni_received_parameters.destination_name + ".pem"
148
+ # Get client ip.
149
+ client_ip = base.get_source_address_from_socket(sni_received_parameters.ssl_socket)[0]
150
+
151
+ # If we're on localhost, then use external services list in order to resolve the domain:
152
+ if client_ip in base.THIS_DEVICE_IP_LIST:
153
+ service_client = socket_client.SocketClient(
154
+ service_name=sni_received_parameters.destination_name,
155
+ service_port=base.get_destination_address_from_socket(sni_received_parameters.ssl_socket)[1],
156
+ tls=self.tls,
157
+ dns_servers_list=self.forwarding_dns_service_ipv4_list___only_for_localhost)
158
+ # If we're not on localhost, then connect to domain directly.
159
+ else:
160
+ service_client = socket_client.SocketClient(
161
+ service_name=sni_received_parameters.destination_name,
162
+ service_port=base.get_destination_address_from_socket(sni_received_parameters.ssl_socket)[1],
163
+ tls=self.tls
127
164
  )
128
165
 
129
- # If certificate was downloaded successfully, then convert it to pyopenssl object.
130
- if certificate_from_socket_x509_cryptography_object:
131
- # Convert X509 cryptography module object to pyopenssl, since certauth uses pyopenssl.
132
- certificate_from_socket_x509 = \
133
- pyopensslw.convert_cryptography_object_to_pyopenssl(certificate_from_socket_x509_cryptography_object)
134
-
135
- # === EOF Get certificate from the domain. =====================================================================
136
-
137
- # If CertAuthWrapper wasn't initialized yet, it means that CA wasn't created/loaded yet.
138
- if not CERTAUTH_WRAPPER:
139
- CERTAUTH_WRAPPER = initialize_certauth_create_use_ca_certificate(config=config)
140
- # try:
141
- # Create if non-existent / read existing server certificate.
142
- sni_server_certificate_file_path = CERTAUTH_WRAPPER.create_read_server_certificate_ca_signed(
143
- sni_received_dict['destination_name'], certificate_from_socket_x509)
144
-
145
- message = f"SNI Handler: port " \
146
- f"{base.get_destination_address_from_socket(sni_received_dict['ssl_socket'])[1]}: " \
147
- f"Using certificate: {sni_server_certificate_file_path}"
148
- print_api(message, **print_kwargs)
149
-
150
- # except Exception as e:
151
- # message = \
152
- # f"SNI Handler: Undocumented exception while creating / using certificate for a domain: {e}"
153
- # print_api(
154
- # message, error_type=True, logger_method="critical", traceback_string=True, oneline=True,
155
- # logger=self.logger)
156
- # pass
157
-
158
- # try:
159
- # You need to build new context and exchange the context that being inherited from the main socket,
160
- # or else the context will receive previous certificate each time.
161
- sni_received_dict['ssl_socket'].context = \
162
- creator.create_server_ssl_context___load_certificate_and_key(sni_server_certificate_file_path, None)
163
- # except Exception as e:
164
- # message = \
165
- # f"SNI Handler: Undocumented exception while creating and assigning new SSLContext: {e}"
166
- # print_api(
167
- # message, error_type=True, logger_method="critical", traceback_string=True, oneline=True,
168
- # logger=self.logger)
169
- # pass
166
+ # If certificate from socket exists, then we don't need to get it from the socket and write to file.
167
+ # and we will return None, since no certificate was fetched.
168
+ # noinspection PyTypeChecker
169
+ certificate_from_socket_x509_cryptography_object: x509.Certificate = None
170
+ if not filesystem.is_file_exists(certificate_from_socket_file_path):
171
+ print_api("Certificate from socket doesn't exist, fetching.", **(print_kwargs or {}))
172
+ # Get certificate from socket and convert to X509 cryptography module object.
173
+ certificate_from_socket_x509_cryptography_object: x509.Certificate = (
174
+ service_client.get_certificate_from_server(
175
+ save_as_file=True, cert_file_path=certificate_from_socket_file_path,
176
+ cert_output_type='cryptography')
177
+ )
178
+ else:
179
+ print_api("The Certificate from socket already exists, not fetching", **(print_kwargs or {}))
180
+ certificate_from_socket_x509_cryptography_object: x509.Certificate = (
181
+ cryptographyw.convert_object_to_x509(certificate_from_socket_file_path))
182
+
183
+ # skip_extensions = ['1.3.6.1.5.5.7.3.2', '2.5.29.31', '1.3.6.1.5.5.7.1.1']
184
+
185
+ # If certificate was downloaded successfully, then remove extensions if they were provided.
186
+ # If certificate was downloaded successfully and no extensions to skip were provided, then use it as is.
187
+ if certificate_from_socket_x509_cryptography_object and self.skip_extension_id_list:
188
+ # Copy extensions from old certificate to new certificate, without specified extensions.
189
+ certificate_from_socket_x509_cryptography_object, _ = \
190
+ cryptographyw.copy_extensions_from_old_cert_to_new_cert(
191
+ certificate_from_socket_x509_cryptography_object,
192
+ skip_extensions=self.skip_extension_id_list,
193
+ print_kwargs=print_kwargs
194
+ )
195
+
196
+ # If certificate was downloaded successfully, then convert it to pyopenssl object.
197
+ if certificate_from_socket_x509_cryptography_object:
198
+ # Convert X509 cryptography module object to pyopenssl, since certauth uses pyopenssl.
199
+ certificate_from_socket_x509 = \
200
+ pyopensslw.convert_cryptography_object_to_pyopenssl(
201
+ certificate_from_socket_x509_cryptography_object)
202
+
203
+ # === EOF Get certificate from the domain. =====================================================================
204
+
205
+ # If CertAuthWrapper wasn't initialized yet, it means that CA wasn't created/loaded yet.
206
+ if not self.certauth_wrapper:
207
+ self.certauth_wrapper = self.initialize_certauth_create_use_ca_certificate(
208
+ server_certificate_directory=self.sni_server_certificates_cache_directory)
209
+ # try:
210
+ # Create if non-existent / read existing server certificate.
211
+ sni_server_certificate_file_path = self.certauth_wrapper.create_read_server_certificate_ca_signed(
212
+ sni_received_parameters.destination_name, certificate_from_socket_x509)
213
+
214
+ message = f"SNI Handler: port " \
215
+ f"{base.get_destination_address_from_socket(sni_received_parameters.ssl_socket)[1]}: " \
216
+ f"Using certificate: {sni_server_certificate_file_path}"
217
+ print_api(message, **print_kwargs)
218
+
219
+ # You need to build new context and exchange the context that being inherited from the main socket,
220
+ # or else the context will receive previous certificate each time.
221
+ sni_received_parameters.ssl_socket.context = \
222
+ creator.create_server_ssl_context___load_certificate_and_key(sni_server_certificate_file_path, None)
atomicshop/wrappers/socketw/creator.py CHANGED
@@ -1,7 +1,7 @@
1
1
  import socket
2
2
  import ssl
3
3
 
4
- from . import base, sni, certificator, exception_wrapper
4
+ from . import base, exception_wrapper
5
5
  from ...print_api import print_api
6
6
 
7
7
 
@@ -101,17 +101,16 @@ def create_server_ssl_context___load_certificate_and_key(certificate_file_path:
101
101
 
102
102
 
103
103
  @exception_wrapper.connection_exception_decorator
104
- def wrap_socket_with_ssl_context_server(socket_object, ssl_context, dns_domain: str = None, print_kwargs: dict = None):
104
+ def wrap_socket_with_ssl_context_server(
105
+ socket_object,
106
+ ssl_context,
107
+ domain_from_dns_server,
108
+ print_kwargs: dict = None
109
+ ):
105
110
  """
106
111
  This function is wrapped with exception wrapper.
107
112
  After you execute the function, you can get the error message if there was any with:
108
113
  error_message = wrap_socket_with_ssl_context_server.message
109
-
110
- :param socket_object:
111
- :param ssl_context:
112
- :param dns_domain:
113
- :param print_kwargs:
114
- :return:
115
114
  """
116
115
 
117
116
  # Wrapping the server socket with SSL context. This should happen right after setting up the raw socket.
@@ -122,10 +121,16 @@ def wrap_socket_with_ssl_context_server(socket_object, ssl_context, dns_domain:
122
121
 
123
122
 
124
123
  def wrap_socket_with_ssl_context_server_with_error_message(
125
- socket_object, ssl_context, dns_domain: str = None, print_kwargs: dict = None):
124
+ socket_object,
125
+ ssl_context,
126
+ domain_from_dns_server,
127
+ print_kwargs: dict = None
128
+ ):
126
129
 
127
130
  ssl_socket = wrap_socket_with_ssl_context_server(
128
- socket_object, ssl_context, dns_domain=dns_domain, print_kwargs=print_kwargs)
131
+ socket_object=socket_object, ssl_context=ssl_context, domain_from_dns_server=domain_from_dns_server,
132
+ print_kwargs=print_kwargs)
133
+
129
134
  error_message = wrap_socket_with_ssl_context_server.message
130
135
 
131
136
  return ssl_socket, error_message
@@ -190,28 +195,3 @@ def wrap_socket_with_ssl_context_client___default_certs___ignore_verification(
190
195
  socket_object, ssl_context, server_hostname=server_hostname)
191
196
 
192
197
  return ssl_socket
193
-
194
-
195
- def wrap_socket_with_ssl_context_server_sni_extended(
196
- socket_object, config: dict, dns_domain: str = None, print_kwargs: dict = None):
197
-
198
- ssl_context = create_ssl_context_for_server()
199
-
200
- sni.add_sni_callback_function_reference_to_ssl_context(
201
- ssl_context=ssl_context, config=config, dns_domain=dns_domain, use_default_sni_function=True,
202
- use_sni_extended=True, print_kwargs=print_kwargs)
203
-
204
- server_certificate_file_path, server_private_key_file_path = \
205
- certificator.select_server_ssl_context_certificate(config=config, print_kwargs=print_kwargs)
206
-
207
- # If the user chose 'sni_create_server_certificate_for_each_domain = 1' in the configuration file,
208
- # it means that 'self.server_certificate_file_path' will be empty, which is OK, since we'll inject
209
- # dynamically created certificate from certs folder through SNI.
210
- if server_certificate_file_path:
211
- load_certificate_and_key_into_server_ssl_context(
212
- ssl_context, server_certificate_file_path, server_private_key_file_path,
213
- print_kwargs=print_kwargs)
214
-
215
- ssl_socket, error_message = wrap_socket_with_ssl_context_server_with_error_message(
216
- socket_object, ssl_context, dns_domain=dns_domain, print_kwargs=print_kwargs)
217
- return ssl_socket, error_message