#!/usr/bin/python
'''
SSL server handshake issue -- incoming failed connection stays open
'''
import socket
import ssl

# create a socket
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
# wrap into SSL
sock = ssl.wrap_socket(s,
                       keyfile='server.key', 
                       certfile='server.crt',
                       ca_certs='ca.crt',
                       cert_reqs=ssl.CERT_REQUIRED,
                       ssl_version=ssl.PROTOCOL_TLSv1,
                       do_handshake_on_connect=True)
sock.bind(('127.0.0.1', 8000))
sock.listen(1)
print("listen()")
while True:
    try:
        print("waiting for incoming connection")
        # here SSLSocket.do_handshake() should be done
        # authomatically
        (client, address) = sock.accept()
        print("got it")
    except ssl.SSLError:
        # ... but if it fails, new incoming connection
        # stays open and we have no way to close it,
        # except do_handshake() monkey-patching or
        # traceback frame stack inspection -- don't
        # know, what's worse
        print("SSL error, continuing")
        continue
    print(client.read())
    client.close()
    print("connection closed")