From b6acaa08a831f64b1cd17523752985b050a0f721 Mon Sep 17 00:00:00 2001
From: example <example@example.com>
Date: Wed, 6 Apr 2022 10:39:15 +0200
Subject: [PATCH] =?UTF-8?q?kommentare=20eingef=C3=BCgt,=20fehlerbehandlung?=
 =?UTF-8?q?=20ge=C3=A4ndert?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 source/server/setstatus.py | 29 ++++++++++++++++++-----------
 1 file changed, 18 insertions(+), 11 deletions(-)

diff --git a/source/server/setstatus.py b/source/server/setstatus.py
index e0a36d2..eb9f3cf 100755
--- a/source/server/setstatus.py
+++ b/source/server/setstatus.py
@@ -58,6 +58,7 @@ class SetStatus:
 
     def check_status(self):
         """
+        checkes, if the self.status variable is a valid value
         return: boolean
         """
         if self.status in ('0', '1'):
@@ -68,6 +69,8 @@ class SetStatus:
 
     def set_config(self):
         """
+        Tries to read and use the values from the configuration file. If
+        this failes, we still use the default values.
         """
         self.log = logging.getLogger()
         # read config file
@@ -89,7 +92,8 @@ class SetStatus:
 
     def check_certs(self, certs):
         """
-        Check if certs readable.
+        Check if certs are readable.
+        return: boolean
         """
         self.log.debug('Check certificates')
         for certfile in certs:
@@ -111,25 +115,28 @@ class SetStatus:
 
     def create_ssl_context(self):
         """
+        Creates SSL context
+        return: context object or false
         """
-        context = ssl.create_default_context(ssl.Purpose.SERVER_AUTH,
-                                         cafile=self.config['server']['cert'])
-        if not context:
+        try:
+            context = ssl.create_default_context(purpose=ssl.Purpose.SERVER_AUTH)
+        except Exception as e:
             self.log.error('Failed to create SSL Context')
             return False
+        context.load_verify_locations(cafile=self.config['server']['cert'])
+        context.load_cert_chain(certfile=self.config['client']['cert'],
+                                keyfile=self.config['client']['key'])
         context.set_ciphers('EECDH+AESGCM') # only ciphers for tls 1.2 and 1.3
         context.options |= getattr(ssl._ssl, 'OP_NO_COMPRESSION', 0)
-        try:
-            context.load_cert_chain(certfile=self.config['client']['cert'],
-                                    keyfile=self.config['client']['key'])
-        except Exception as e:
-            self.log.error('Failed to load cert chain')
-            return False;
         self.log.debug('SSL context created')
         return context
 
     def create_ssl_socket(self, config, context):
         """
+        Opens a socket and wrapes the socket into the given ssl context.
+        param1: dictionary
+        param2: ssl context
+        return: ssl-socket or false
         """
         bare_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0)
         if not bare_socket:
@@ -210,7 +217,7 @@ class SetStatus:
         if self.context is False:
             exit(3)
 
-        # get connection
+        # get a ssl encrypted connection
         self.connection = self.create_ssl_connection()
 
         # send status