From bc50ae9d451ca705edd6101d987b839e1a09d45e Mon Sep 17 00:00:00 2001
From: Sven Diederichs <22592421+zaurask@users.noreply.github.com>
Date: Thu, 28 Mar 2024 18:55:28 +0100
Subject: [PATCH 1/2] use ssl.SSLContext.wrap_socket rather than the deprecated
 ssl.wrap_socket

---
 pywebsocket3/websocket_server.py | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/pywebsocket3/websocket_server.py b/pywebsocket3/websocket_server.py
index e7485ec..93ad6f1 100644
--- a/pywebsocket3/websocket_server.py
+++ b/pywebsocket3/websocket_server.py
@@ -157,12 +157,14 @@ def _create_sockets(self):
                         client_cert_ = ssl.CERT_REQUIRED
                 else:
                     client_cert_ = ssl.CERT_NONE
-                socket_ = ssl.wrap_socket(
-                    socket_,
-                    keyfile=server_options.private_key,
-                    certfile=server_options.certificate,
-                    ca_certs=server_options.tls_client_ca,
-                    cert_reqs=client_cert_)
+
+                ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS)
+                if server_options.certificate:
+                    ssl_context.load_cert_chain(certfile=server_options.certificate, keyfile=server_options.private_key)
+                if server_options.tls_client_ca:   
+                    ssl_context.load_verify_locations(server_options.tls_client_ca)
+                ssl_context.verify_mode =client_cert_
+                socket_ = ssl_context.wrap_socket(socket_)
             self._sockets.append((socket_, addrinfo))
 
     def server_bind(self):

From 7fe6294762a5550f4d8a2e48131c5a225b651a06 Mon Sep 17 00:00:00 2001
From: Sven Diederichs <22592421+zaurask@users.noreply.github.com>
Date: Thu, 28 Mar 2024 21:51:40 +0100
Subject: [PATCH 2/2] reformat with yapf

---
 pywebsocket3/websocket_server.py | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/pywebsocket3/websocket_server.py b/pywebsocket3/websocket_server.py
index 93ad6f1..12043cc 100644
--- a/pywebsocket3/websocket_server.py
+++ b/pywebsocket3/websocket_server.py
@@ -160,10 +160,13 @@ def _create_sockets(self):
 
                 ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS)
                 if server_options.certificate:
-                    ssl_context.load_cert_chain(certfile=server_options.certificate, keyfile=server_options.private_key)
-                if server_options.tls_client_ca:   
-                    ssl_context.load_verify_locations(server_options.tls_client_ca)
-                ssl_context.verify_mode =client_cert_
+                    ssl_context.load_cert_chain(
+                        certfile=server_options.certificate,
+                        keyfile=server_options.private_key)
+                if server_options.tls_client_ca:
+                    ssl_context.load_verify_locations(
+                        server_options.tls_client_ca)
+                ssl_context.verify_mode = client_cert_
                 socket_ = ssl_context.wrap_socket(socket_)
             self._sockets.append((socket_, addrinfo))