atomicshop 3.3.28__py3-none-any.whl → 3.10.0__py3-none-any.whl

atomicshop/wrappers/pywin32w/win_event_log/fetch.py

@@ -0,0 +1,174 @@
+import win32evtlog
+import win32security
+import win32con
+
+
+def get_latest_events(
+    server_ip: str = ".",
+    username: str = None,
+    password: str = None,
+    domain: str = ".",
+    log_name: str = "Security",
+    count: int = None,
+    event_id_list: list[int] | None = None
+):
+    """
+    Fetch latest `count` events from a Windows Event Log (local or remote) using pywin32.
+
+    - If username/password are None => use current security context.
+    - If server_ip is ".", "localhost", "127.0.0.1", "" or None => open local log.
+    - If count is None => return *all* events in the log.
+    - If event_id_list is not None => only return events whose EventID is in that list.
+
+    :param server_ip: IPv4/hostname of remote machine, or "." / None for local
+    :param username: Username to authenticate with (optional)
+    :param password: Password for the user (optional)
+    :param domain: Domain or computer name; ignored if username is None.
+                   If None and username is given, "." is used.
+    :param log_name: Log name (e.g. "Security", "System", "Application")
+    :param count: Number of most recent events to return, or None for all
+    :param event_id_list: List of Event IDs (low 16-bit) to include, or None for all
+    :return: List of dicts describing events (most recent first)
+    """
+
+    # Normalize server for OpenEventLog: None means "local machine"
+    normalized_server = server_ip
+    if server_ip in (None, "", ".", "localhost", "127.0.0.1"):
+        normalized_server = None
+
+    # Max events logic: None => infinite
+    max_events = float("inf") if count is None else count
+
+    # Precompute set of event IDs for fast membership checks
+    event_ids_set = set(event_id_list) if event_id_list is not None else None
+
+    # Decide whether we need impersonation
+    use_impersonation = username is not None and password is not None
+
+    h_user = None
+    events = []
+
+    try:
+        if use_impersonation:
+            if domain is None:
+                domain = "."
+
+            # Log on with explicit credentials and impersonate for the remote call
+            # LOGON32_LOGON_NEW_CREDENTIALS lets us use these creds for remote access
+            # while keeping the local token mostly unchanged.
+            h_user = win32security.LogonUser(
+                username,
+                domain,
+                password,
+                win32con.LOGON32_LOGON_NEW_CREDENTIALS,
+                win32con.LOGON32_PROVIDER_WINNT50,
+            )
+
+            win32security.ImpersonateLoggedOnUser(h_user)
+
+        # Connect to remote event log
+        # `server_ip` can be an IP or hostname; no need for leading "\\".
+        # local if normalized_server is None.
+        h_log = win32evtlog.OpenEventLog(normalized_server, log_name)
+
+        flags = (
+            win32evtlog.EVENTLOG_BACKWARDS_READ
+            | win32evtlog.EVENTLOG_SEQUENTIAL_READ
+        )
+
+        offset = 0  # not used with BACKWARDS_READ + SEQUENTIAL_READ, but kept for clarity
+
+        while len(events) < max_events:
+            records = win32evtlog.ReadEventLog(h_log, flags, offset)
+            if not records:
+                break
+
+            for ev in records:
+                # Low 16 bits are the actual Event ID
+                eid = ev.EventID & 0xFFFF
+
+                # If filtering by event IDs, skip others
+                if event_ids_set is not None and eid not in event_ids_set:
+                    continue
+
+                raw_strings = list(ev.StringInserts or [])
+                strings_dict = _parse_strings(eid, ev.SourceName, raw_strings)
+
+                evt = {
+                    "RecordNumber": ev.RecordNumber,
+                    "TimeGenerated": ev.TimeGenerated.Format(),  # string time
+                    "ComputerName": ev.ComputerName,
+                    "SourceName": ev.SourceName,
+                    # Low 16 bits are the actual Event ID
+                    "EventID": ev.EventID & 0xFFFF,
+                    "EventType": ev.EventType,
+                    "EventCategory": ev.EventCategory,
+                    "Strings": raw_strings,
+                    "StringsDict": strings_dict,
+                }
+                events.append(evt)
+
+                if len(events) >= max_events:
+                    break
+
+        win32evtlog.CloseEventLog(h_log)
+
+    finally:
+        # Clean up impersonation if we used it, Always revert impersonation and close handle
+        if use_impersonation and h_user is not None:
+            win32security.RevertToSelf()
+            h_user.Close()
+
+    # `events` is in newest to oldest already because of BACKWARDS_READ.
+    return events
+
+
+def _parse_strings(event_id: int, source_name: str, strings: list[str]) -> dict:
+    """
+    Convert the raw 'Strings' list into a dictionary with friendly field names
+    for specific event IDs. For unknown events, fall back to String1, String2, ...
+
+    Currently has a special mapping for:
+      - 5156 (Security log, WFP allowed connection)
+    """
+    if not strings:
+        return {}
+
+    # Normalize source name a bit
+    src = (source_name or "").lower()
+
+    # Special-case: Security 5156 (Windows Filtering Platform has permitted a connection)
+    # Insertion strings (in order) are:
+    #   1 Process ID
+    #   2 Application Name
+    #   3 Direction
+    #   4 Source Address
+    #   5 Source Port
+    #   6 Destination Address
+    #   7 Destination Port
+    #   8 Protocol
+    #   9 Filter Run-Time ID
+    #   10 Layer Name
+    #   11 Layer Run-Time ID
+    if event_id == 5156 and "security-auditing" in src:
+        keys_5156 = [
+            "Process ID",
+            "Application Name",
+            "Direction",
+            "Source Address",
+            "Source Port",
+            "Destination Address",
+            "Destination Port",
+            "Protocol",
+            "Filter Run-Time ID",
+            "Layer Name",
+            "Layer Run-Time ID",
+        ]
+        return {
+            key: strings[i]
+            for i, key in enumerate(keys_5156)
+            if i < len(strings)
+        }
+
+    # Default: generic mapping
+    return {f"String{i+1}": s for i, s in enumerate(strings)}

atomicshop/wrappers/pywin32w/win_event_log/subscribes/process_create.py

@@ -1,12 +1,7 @@
-import subprocess
-import winreg
-
 from .. import subscribe
-from .....print_api import print_api
+from .... import win_auditw
 
 
-AUDITING_REG_PATH: str = r"Software\Microsoft\Windows\CurrentVersion\Policies\System\Audit"
-PROCESS_CREATION_INCLUDE_CMDLINE_VALUE: str = "ProcessCreationIncludeCmdLine_Enabled"
 LOG_CHANNEL: str = 'Security'
 EVENT_ID: int = 4688
 
@@ -30,8 +25,8 @@ class ProcessCreateSubscriber(subscribe.EventLogSubscriber):
 
     def start(self):
         """Start the subscription process."""
-        enable_audit_process_creation()
-        enable_command_line_auditing()
+        win_auditw.enable_audit_process_creation()
+        win_auditw.enable_command_line_auditing()
 
         super().start()
 
@@ -60,100 +55,3 @@ class ProcessCreateSubscriber(subscribe.EventLogSubscriber):
         #         print(f"Error looking up account SID: {e}")
 
         return data
-
-
-def enable_audit_process_creation(print_kwargs: dict = None):
-    """
-    Enable the 'Audit Process Creation' policy.
-
-    :param print_kwargs: Optional keyword arguments for the print function.
-    """
-    if is_audit_process_creation_enabled():
-        print_api("Audit Process Creation is already enabled.", color='blue', **(print_kwargs or {}))
-        return
-
-    # Enable "Audit Process Creation" policy
-    audit_policy_command = [
-        "auditpol", "/set", "/subcategory:Process Creation", "/success:enable", "/failure:enable"
-    ]
-    try:
-        subprocess.run(audit_policy_command, check=True)
-        print_api("Successfully enabled 'Audit Process Creation'.", color='green', **(print_kwargs or {}))
-    except subprocess.CalledProcessError as e:
-        print_api(f"Failed to enable 'Audit Process Creation': {e}", error_type=True, color='red', **(print_kwargs or {}))
-        raise e
-
-
-def is_audit_process_creation_enabled(print_kwargs: dict = None) -> bool:
-    """
-    Check if the 'Audit Process Creation' policy is enabled.
-
-    :param print_kwargs: Optional keyword arguments for the print function.
-    """
-    # Command to check the "Audit Process Creation" policy
-    audit_policy_check_command = [
-        "auditpol", "/get", "/subcategory:Process Creation"
-    ]
-    try:
-        result = subprocess.run(audit_policy_check_command, check=True, capture_output=True, text=True)
-        output = result.stdout
-        # print_api(output)  # Print the output for inspection
-
-        if "Process Creation" in output and "Success and Failure" in output:
-            # print_api(
-            #     "'Audit Process Creation' is enabled for both success and failure.",
-            #     color='green', **(print_kwargs or {}))
-            return True
-        else:
-            # print_api(output, **(print_kwargs or {}))
-            # print_api(
-            #     "'Audit Process Creation' is not fully enabled. Check the output above for details.",
-            #     color='yellow', **(print_kwargs or {}))
-            return False
-    except subprocess.CalledProcessError as e:
-        print_api(f"Failed to check 'Audit Process Creation': {e}", color='red', error_type=True, **(print_kwargs or {}))
-        return False
-
-
-def enable_command_line_auditing(print_kwargs: dict = None):
-    """
-    Enable the 'Include command line in process creation events' policy.
-
-    :param print_kwargs: Optional keyword arguments for the print function.
-    """
-
-    if is_command_line_auditing_enabled():
-        print_api(
-            "[Include command line in process creation events] is already enabled.", color='blue',
-            **(print_kwargs or {}))
-        return
-
-    try:
-        # Open the registry key
-        with winreg.CreateKey(winreg.HKEY_LOCAL_MACHINE, AUDITING_REG_PATH) as reg_key:
-            # Set the value
-            winreg.SetValueEx(reg_key, PROCESS_CREATION_INCLUDE_CMDLINE_VALUE, 0, winreg.REG_DWORD, 1)
-
-        print_api(
-            "Successfully enabled [Include command line in process creation events].",
-            color='green', **(print_kwargs or {}))
-    except WindowsError as e:
-        print_api(
-            f"Failed to enable [Include command line in process creation events]: {e}", error_type=True,
-            color='red', **(print_kwargs or {}))
-
-
-def is_command_line_auditing_enabled():
-    try:
-        # Open the registry key
-        with winreg.OpenKey(winreg.HKEY_LOCAL_MACHINE, AUDITING_REG_PATH, 0, winreg.KEY_READ) as reg_key:
-            # Query the value
-            value, reg_type = winreg.QueryValueEx(reg_key, PROCESS_CREATION_INCLUDE_CMDLINE_VALUE)
-            # Check if the value is 1 (enabled)
-            return value == 1
-    except FileNotFoundError:
-        # Key or value not found, assume it's not enabled
-        return False
-    except WindowsError as e:
-        print(f"Failed to read the 'Include command line in process creation events' setting: {e}")
-        return False

atomicshop/wrappers/pywin32w/win_event_log/subscribes/process_terminate.py

@@ -1,7 +1,5 @@
-import subprocess
-
 from .. import subscribe
-from .....print_api import print_api
+from .... import win_auditw
 
 
 LOG_CHANNEL: str = 'Security'
@@ -27,7 +25,7 @@ class ProcessTerminateSubscriber(subscribe.EventLogSubscriber):
 
     def start(self):
         """Start the subscription process."""
-        enable_audit_process_termination()
+        win_auditw.enable_audit_process_termination()
 
         super().start()
 
@@ -48,56 +46,4 @@ class ProcessTerminateSubscriber(subscribe.EventLogSubscriber):
 
         data['ProcessIdInt'] = int(data['ProcessId'], 16)
 
-        return data
-
-
-def enable_audit_process_termination(print_kwargs: dict = None):
-    """
-    Enable the 'Audit Process Termination' policy.
-
-    :param print_kwargs: Optional keyword arguments for the print function.
-    """
-    if is_audit_process_termination_enabled():
-        print_api("Audit Process Termination is already enabled.", color='blue', **(print_kwargs or {}))
-        return
-
-    audit_policy_command = [
-        "auditpol", "/set", "/subcategory:Process Termination", "/success:enable", "/failure:enable"
-    ]
-    try:
-        subprocess.run(audit_policy_command, check=True)
-        print_api("Successfully enabled 'Audit Process Termination'.", color='green', **(print_kwargs or {}))
-    except subprocess.CalledProcessError as e:
-        print_api(f"Failed to enable 'Audit Process Termination': {e}", error_type=True, color='red', **(print_kwargs or {}))
-        raise e
-
-
-def is_audit_process_termination_enabled(print_kwargs: dict = None) -> bool:
-    """
-    Check if the 'Audit Process Termination' policy is enabled.
-
-    :param print_kwargs: Optional keyword arguments for the print function.
-    """
-    # Command to check the "Audit Process Creation" policy
-    audit_policy_check_command = [
-        "auditpol", "/get", "/subcategory:Process Termination"
-    ]
-    try:
-        result = subprocess.run(audit_policy_check_command, check=True, capture_output=True, text=True)
-        output = result.stdout
-        # print_api(output)  # Print the output for inspection
-
-        if "Process Termination" in output and "Success and Failure" in output:
-            # print_api(
-            #     "'Audit Process Termination' is enabled for both success and failure.",
-            #     color='green', **(print_kwargs or {}))
-            return True
-        else:
-            # print_api(output, **(print_kwargs or {}))
-            # print_api(
-            #     "'Audit Process Termination' is not fully enabled. Check the output above for details.",
-            #     color='yellow', **(print_kwargs or {}))
-            return False
-    except subprocess.CalledProcessError as e:
-        print_api(f"Failed to check 'Audit Process Termination': {e}", color='red', error_type=True, **(print_kwargs or {}))
-        return False
+        return data

atomicshop/wrappers/pywin32w/wmis/win32_networkadapterconfiguration.py

@@ -6,7 +6,6 @@ from win32com.client import CDispatch
 import pywintypes
 
 from . import wmi_helpers, win32networkadapter
-from ...psutilw import psutil_networks
 from .... import ip_addresses
 
 
@@ -30,16 +29,13 @@ def get_network_configuration_by_adapter(
 
 
 def get_adapter_network_configuration(
-        use_default_interface: bool = False,
-        connection_name: str = None,
+        interface_name: str = None,
         mac_address: str = None,
         wmi_instance: CDispatch = None
 ) -> tuple:
     """
     Get the WMI network configuration for a network adapter.
-    :param use_default_interface: bool, if True, the default network interface will be used.
-        This is the adapter that your internet is being used from.
-    :param connection_name: string, adapter name as shown in the network settings.
+    :param interface_name: string, adapter name as shown in the network settings.
     :param mac_address: string, MAC address of the adapter. Format: '00:00:00:00:00:00'.
     :param wmi_instance: WMI instance. You can get it from:
         wrappers.pywin32s.wmis.wmi_helpers.get_wmi_instance()
@@ -47,37 +43,25 @@ def get_adapter_network_configuration(
     :return: tuple(Win32_NetworkAdapterConfiguration, Win32_NetworkAdapter)
     """
 
-    if use_default_interface and connection_name:
-        raise ValueError("Only one of 'use_default_interface' or 'connection_name' must be provided.")
-    elif not use_default_interface and not connection_name:
-        raise ValueError("Either 'use_default_interface' or 'connection_name' must be provided.")
-
     if not wmi_instance:
         wmi_instance, _ = wmi_helpers.get_wmi_instance()
 
     adapters = win32networkadapter.list_network_adapters(wmi_instance)
 
+    if interface_name is None and mac_address is None:
+        raise ValueError("Either 'interface_name' or 'mac_address' must be provided.")
+    elif interface_name and mac_address:
+        raise ValueError("Only one of 'interface_name' or 'mac_address' must be provided.")
+
     current_adapter = None
-    if use_default_interface:
-        default_connection_name_dict: dict = psutil_networks.get_default_connection_name()
-        if not default_connection_name_dict:
-            raise wmi_helpers.WMINetworkAdapterNotFoundError("Default network adapter not found.")
-        # Get the first key from the dictionary.
-        connection_name: str = list(default_connection_name_dict.keys())[0]
-
-    if connection_name is None and mac_address is None:
-        raise ValueError("Either 'connection_name' or 'mac_address' must be provided.")
-    elif connection_name and mac_address:
-        raise ValueError("Only one of 'connection_name' or 'mac_address' must be provided.")
-
-    if connection_name:
+    if interface_name:
         for adapter in adapters:
-            if connection_name == adapter.NetConnectionID:
+            if interface_name == adapter.NetConnectionID:
                 current_adapter = adapter
                 break
 
         if not current_adapter:
-            raise wmi_helpers.WMINetworkAdapterNotFoundError(f"Adapter with connection name '{connection_name}' not found.")
+            raise wmi_helpers.WMINetworkAdapterNotFoundError(f"Adapter with interface name '{interface_name}' not found.")
     elif mac_address:
         for adapter in adapters:
             if mac_address == adapter.MACAddress:
@@ -93,7 +77,7 @@ def get_adapter_network_configuration(
 
     # Check if the adapter exists
     if len(adapter_configs) == 0:
-        raise wmi_helpers.WMINetworkAdapterNotFoundError(f"Adapter with connection name '{connection_name}' not found.")
+        raise wmi_helpers.WMINetworkAdapterNotFoundError(f"Adapter with interface name '{interface_name}' not found.")
 
     return adapter_configs[0], current_adapter
 
@@ -260,6 +244,7 @@ def get_info_from_network_config(
 
     ipv4s, ipv6s, ipv4subnets, ipv6prefixes = _split_ips(network_config)
     adapter = {
+            "caption": network_config.Caption,
             "description": network_config.Description,
             "interface_index": network_config.InterfaceIndex,
             "is_dynamic": bool(network_config.DHCPEnabled),

atomicshop/wrappers/pywin32w/wmis/win32networkadapter.py

@@ -1,3 +1,4 @@
+from logging import Logger
 from typing import Union
 
 from win32com.client import CDispatch
@@ -80,27 +81,32 @@ def get_default_network_adapter(wmi_instance: CDispatch = None):
 
 def set_dns_server(
         dns_servers: Union[list[str], None],
-        use_default_interface: bool = False,
-        connection_name: str = None,
-        mac_address: str = None
+        interface_name: str = None,
+        mac_address: str = None,
+        verbose: bool = False,
+        logger: Logger = None
 ):
     """
     Set the DNS servers for a network adapter.
     :param dns_servers: list of strings, DNS server IPv4 addresses.
         None, if you want to remove the DNS servers and make the interface to obtain them automatically from DHCP.
         list[str], if you want to set the DNS servers manually to the list of strings.
-    :param use_default_interface: bool, if True, the default network interface will be used.
-        This is the adapter that your internet is being used from.
-    :param connection_name: string, adapter name as shown in the network settings.
+    :param interface_name: string, network interface name as shown in the network settings.
     :param mac_address: string, MAC address of the adapter. Format: '00:00:00:00:00:00'.
+
+    :param verbose: bool, if True, print verbose output.
+    :param logger: Logger object, if provided, will log the output instead of printing.
     :return:
     """
 
     adapter_config, current_adapter = win32_networkadapterconfiguration.get_adapter_network_configuration(
-        use_default_interface=use_default_interface, connection_name=connection_name, mac_address=mac_address)
+        interface_name=interface_name, mac_address=mac_address)
 
-    print_api(f"Adapter [{current_adapter.Description}], Connection name [{current_adapter.NetConnectionID}]\n"
-              f"Setting DNS servers to {dns_servers}", color='blue')
+    if verbose:
+        message = (
+            f"Adapter [{current_adapter.Description}], Connection name [{current_adapter.NetConnectionID}]\n"
+            f"Setting DNS servers to {dns_servers}")
+        print_api(message, color='blue', logger=logger)
 
     # Set DNS servers
     wmi_helpers.call_method(adapter_config, 'SetDNSServerSearchOrder', dns_servers)

atomicshop/wrappers/socketw/certificator.py

@@ -3,7 +3,7 @@ import sys
 
 from cryptography import x509
 
-from . import creator, base, socket_client
+from . import creator, socket_base, socket_client
 from .. import pyopensslw, cryptographyw
 from ..certauthw.certauthw import CertAuthWrapper
 from ...print_api import print_api
@@ -30,7 +30,9 @@ class Certificator:
             custom_private_key_path: str,
             forwarding_dns_service_ipv4_list___only_for_localhost: list,
             skip_extension_id_list: list,
-            tls: bool
+            tls: bool,
+            enable_sslkeylogfile_env_to_client_ssl_context: bool,
+            sslkeylog_file_path: str
     ):
         self.ca_certificate_name = ca_certificate_name
         self.ca_certificate_filepath = ca_certificate_filepath
@@ -49,6 +51,9 @@ class Certificator:
             forwarding_dns_service_ipv4_list___only_for_localhost)
         self.skip_extension_id_list = skip_extension_id_list
         self.tls = tls
+        self.enable_sslkeylogfile_env_to_client_ssl_context: bool = (
+            enable_sslkeylogfile_env_to_client_ssl_context)
+        self.sslkeylog_file_path: str = sslkeylog_file_path
 
         # noinspection PyTypeChecker
         self.certauth_wrapper: CertAuthWrapper = None
@@ -146,13 +151,13 @@ class Certificator:
                 self.sni_server_certificate_from_server_socket_download_directory + \
                 os.sep + sni_received_parameters.destination_name + ".pem"
             # Get client ip.
-            client_ip = base.get_source_address_from_socket(sni_received_parameters.ssl_socket)[0]
+            client_ip = socket_base.get_source_address_from_socket(sni_received_parameters.ssl_socket)[0]
 
             # If we're on localhost, then use external services list in order to resolve the domain:
-            if client_ip in base.THIS_DEVICE_IP_LIST:
+            if client_ip in socket_base.THIS_DEVICE_IP_LIST:
                 service_client = socket_client.SocketClient(
                     service_name=sni_received_parameters.destination_name,
-                    service_port=base.get_destination_address_from_socket(sni_received_parameters.ssl_socket)[1],
+                    service_port=socket_base.get_destination_address_from_socket(sni_received_parameters.ssl_socket)[1],
                     tls=self.tls,
                     dns_servers_list=self.forwarding_dns_service_ipv4_list___only_for_localhost,
                     logger=print_kwargs.get('logger') if print_kwargs else None
@@ -161,7 +166,7 @@ class Certificator:
             else:
                 service_client = socket_client.SocketClient(
                     service_name=sni_received_parameters.destination_name,
-                    service_port=base.get_destination_address_from_socket(sni_received_parameters.ssl_socket)[1],
+                    service_port=socket_base.get_destination_address_from_socket(sni_received_parameters.ssl_socket)[1],
                     tls=self.tls,
                     logger=print_kwargs.get('logger') if print_kwargs else None
                 )
@@ -215,11 +220,16 @@ class Certificator:
             sni_received_parameters.destination_name, certificate_from_socket_x509)
 
         message = f"SNI Handler: port " \
-                  f"{base.get_destination_address_from_socket(sni_received_parameters.ssl_socket)[1]}: " \
+                  f"{socket_base.get_destination_address_from_socket(sni_received_parameters.ssl_socket)[1]}: " \
                   f"Using certificate: {sni_server_certificate_file_path}"
         print_api(message, **print_kwargs)
 
         # You need to build new context and exchange the context that being inherited from the main socket,
         # or else the context will receive previous certificate each time.
-        sni_received_parameters.ssl_socket.context = \
-            creator.create_server_ssl_context___load_certificate_and_key(sni_server_certificate_file_path, None)
+        sni_received_parameters.ssl_socket.context = (
+            creator.create_server_ssl_context___load_certificate_and_key(
+                certificate_file_path=sni_server_certificate_file_path, key_file_path=None,
+                enable_sslkeylogfile_env_to_client_ssl_context=self.enable_sslkeylogfile_env_to_client_ssl_context,
+                sslkeylog_file_path=self.sslkeylog_file_path
+            )
+        )

atomicshop/wrappers/socketw/creator.py

@@ -2,7 +2,7 @@ import os
 import socket
 import ssl
 
-from . import base, exception_wrapper
+from . import socket_base, exception_wrapper
 from ...print_api import print_api
 
 
@@ -25,7 +25,15 @@ def add_reusable_address_option(socket_instance):
     socket_instance.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
 
 
-def create_ssl_context_for_server(allow_legacy=False) -> ssl.SSLContext:
+def create_ssl_context_for_server(
+        enable_sslkeylogfile_env_to_client_ssl_context: bool = False,
+        sslkeylog_file_path: str = None,
+        allow_legacy: bool = False
+) -> ssl.SSLContext:
+    """
+    This function creates the SSL context for the server.
+    Meaning that your script will act like a server, and the client will connect to it.
+    """
     # Creating context with SSL certificate and the private key before the socket
     # https://docs.python.org/3/library/ssl.html
     # Creating context for SSL wrapper, specifying "PROTOCOL_TLS_SERVER" will pick the best TLS version protocol for
@@ -48,6 +56,15 @@ def create_ssl_context_for_server(allow_legacy=False) -> ssl.SSLContext:
     ssl_context.verify_mode = ssl.CERT_NONE
     ssl_context.check_hostname = False
 
+    if enable_sslkeylogfile_env_to_client_ssl_context:
+        if sslkeylog_file_path is None:
+            sslkeylog_file_path = os.environ.get('SSLKEYLOGFILE')
+
+        if not os.path.exists(sslkeylog_file_path):
+            open(sslkeylog_file_path, "a").close()
+
+        ssl_context.keylog_filename = sslkeylog_file_path
+
     # If you must support old clients that only offer TLS_RSA_* suites under OpenSSL 3:
     if allow_legacy:
         # This enables RSA key exchange and other legacy bits at security level 1
@@ -64,6 +81,7 @@ def create_ssl_context_for_client(
 ) -> ssl.SSLContext:
     """
     This function creates the SSL context for the client.
+    This means that your script will act like a client, and will connect to a server.
     The SSL context is created with the "PROTOCOL_TLS_CLIENT" protocol.
 
     :param enable_sslkeylogfile_env_to_client_ssl_context: boolean, enables the SSLKEYLOGFILE environment variable
@@ -83,8 +101,9 @@ def create_ssl_context_for_client(
         if sslkeylog_file_path is None:
             sslkeylog_file_path = os.environ.get('SSLKEYLOGFILE')
 
-        # This will create the file if it doesn't exist
-        open(sslkeylog_file_path, "a").close()
+        if not os.path.exists(sslkeylog_file_path):
+            open(sslkeylog_file_path, "a").close()
+
         ssl_context.keylog_filename = sslkeylog_file_path
 
     current_ciphers = 'AES256-GCM-SHA384:' + ssl._DEFAULT_CIPHERS
@@ -191,10 +210,14 @@ def copy_server_ctx_settings(src: ssl.SSLContext, dst: ssl.SSLContext) -> None:
 def create_server_ssl_context___load_certificate_and_key(
         certificate_file_path: str,
         key_file_path: str | None,
-        inherit_from: ssl.SSLContext | None = None
+        inherit_from: ssl.SSLContext | None = None,
+        enable_sslkeylogfile_env_to_client_ssl_context: bool = False,
+        sslkeylog_file_path: str = None,
 ) -> ssl.SSLContext:
     # Create and set ssl context for server.
-    ssl_context: ssl.SSLContext = create_ssl_context_for_server(True)
+    ssl_context: ssl.SSLContext = create_ssl_context_for_server(
+        allow_legacy=True, enable_sslkeylogfile_env_to_client_ssl_context=enable_sslkeylogfile_env_to_client_ssl_context,
+        sslkeylog_file_path=sslkeylog_file_path)
 
     # If you replaced contexts during SNI, copy policy from the old one
     if inherit_from is not None:
@@ -290,7 +313,7 @@ def set_listen_on_socket(socket_object, **kwargs):
     # To determine the maximum listening sockets, you may use the 'socket' library and 'SOMAXCONN' parameter
     # from it.
     socket_object.listen(socket.SOMAXCONN)
-    ip_address, port = base.get_destination_address_from_socket(socket_object)
+    ip_address, port = socket_base.get_destination_address_from_socket(socket_object)
 
     print_api(f"Listening for new connections on: {ip_address}:{port}", **kwargs)