From 871c40f5144e27d0344734cff78806d925a96d38 Mon Sep 17 00:00:00 2001
From: Roman Podolyaka <rpodolyaka...mirantis.com>
Date: Thu, 8 Oct 2015 12:15:45 -0700
Subject: Close connection on certificate mismatch to avoid reuse

Forwarded: https://code.google.com/p/httplib2/issues/detail?id=282

Patch-Name: ssl-mismatch-check.patch
---
 python2/httplib2/__init__.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/python2/httplib2/__init__.py b/python2/httplib2/__init__.py
index e996d01..4564991 100644
--- a/python2/httplib2/__init__.py
+++ b/python2/httplib2/__init__.py
@@ -1044,7 +1044,7 @@ class HTTPSConnectionWithTimeout(httplib.HTTPSConnection):
                         raise CertificateHostnameMismatch(
                             'Server presented certificate that does not match '
                             'host %s: %s' % (hostname, cert), hostname, cert)
-            except ssl_SSLError, e:
+            except (ssl_SSLError, CertificateHostnameMismatch), e:
                 if sock:
                     sock.close()
                 if self.sock:
@@ -1054,7 +1054,7 @@ class HTTPSConnectionWithTimeout(httplib.HTTPSConnection):
                 # to get at more detailed error information, in particular
                 # whether the error is due to certificate validation or
                 # something else (such as SSL protocol mismatch).
-                if e.errno == ssl.SSL_ERROR_SSL:
+                if hasattr(e, 'errno') and e.errno == ssl.SSL_ERROR_SSL:
                     raise SSLHandshakeError(e)
                 else:
                     raise