1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
From 871c40f5144e27d0344734cff78806d925a96d38 Mon Sep 17 00:00:00 2001
From: Roman Podolyaka <rpodolyaka...mirantis.com>
Date: Thu, 8 Oct 2015 12:15:45 -0700
Subject: Close connection on certificate mismatch to avoid reuse
Forwarded: https://code.google.com/p/httplib2/issues/detail?id=282
Patch-Name: ssl-mismatch-check.patch
---
python2/httplib2/__init__.py | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/python2/httplib2/__init__.py b/python2/httplib2/__init__.py
index e996d01..4564991 100644
--- a/python2/httplib2/__init__.py
+++ b/python2/httplib2/__init__.py
@@ -1044,7 +1044,7 @@ class HTTPSConnectionWithTimeout(httplib.HTTPSConnection):
raise CertificateHostnameMismatch(
'Server presented certificate that does not match '
'host %s: %s' % (hostname, cert), hostname, cert)
- except ssl_SSLError, e:
+ except (ssl_SSLError, CertificateHostnameMismatch), e:
if sock:
sock.close()
if self.sock:
@@ -1054,7 +1054,7 @@ class HTTPSConnectionWithTimeout(httplib.HTTPSConnection):
# to get at more detailed error information, in particular
# whether the error is due to certificate validation or
# something else (such as SSL protocol mismatch).
- if e.errno == ssl.SSL_ERROR_SSL:
+ if hasattr(e, 'errno') and e.errno == ssl.SSL_ERROR_SSL:
raise SSLHandshakeError(e)
else:
raise
|
