From f2eb33793bbc3769f61852d17152814fc2782719 Mon Sep 17 00:00:00 2001
From: rs <>
Date: Fri, 19 Dec 2025 19:45:57 -0600
Subject: [PATCH] Catch exception during handshake with client

When Lagrange doesn't yet trust the server's cert, it hangs up the
connection during the handshake phase, which causes OpenSSL to raise a
SysCallError.

Catch this, log it, and continue to serve normally afterwards.
---
 cbs-srv.py | 17 ++++++++++++-----
 1 file changed, 12 insertions(+), 5 deletions(-)

diff --git a/cbs-srv.py b/cbs-srv.py
index 2778b37..e252ad9 100755
--- a/cbs-srv.py
+++ b/cbs-srv.py
@@ -221,20 +221,27 @@ def main():
         ssock = SSL.Connection(ctxt, sock)
         ssock.set_accept_state()
         while True:
-            conn, addr = ssock.accept()
-            conn.do_handshake()
-            logging.info('Connection from {}'.format(addr))
             try:
+                conn, addr = ssock.accept()
+                conn.do_handshake()
+                logging.info('Connection from {}'.format(addr))
                 req = recv_req(conn)
                 serve_req(conn, addr, req, conf)
+                conn.shutdown()
+                conn.sock_shutdown(socket.SHUT_RDWR)
+            except SSL.SysCallError as x:
+                logging.error('{}'.format(x))
+                # Don't call conn.shutdown or sock_shutdown
             except CBSException as x:
                 logging.error('{} {} {}'.format(x.code, x.meta, x.logdata))
                 conn.sendall('{} {}\r\n'.format(x.code, x.meta).encode('utf-8'))
+                conn.shutdown()
+                conn.sock_shutdown(socket.SHUT_RDWR)
             except Exception as x:
                 logging.error('Exception: {}'.format(x))
                 conn.sendall('40 Server error\r\n'.encode('utf-8'))
-            conn.shutdown()
-            conn.sock_shutdown(socket.SHUT_RDWR)
+                conn.shutdown()
+                conn.sock_shutdown(socket.SHUT_RDWR)
 
 
 if __name__ == '__main__':
-- 
2.43.0