From f183e5e80cc67164e2bdb196cda680b4e5cd7790 Mon Sep 17 00:00:00 2001
From: Romain Bignon <romain@budget-insight.com>
Date: Thu, 16 Oct 2014 11:30:44 +0200
Subject: [PATCH] fix certificate check on servers which don't allow SSLv3

---
 weboob/deprecated/browser/browser.py | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/weboob/deprecated/browser/browser.py b/weboob/deprecated/browser/browser.py
index b158b6e5..e85b7011 100644
--- a/weboob/deprecated/browser/browser.py
+++ b/weboob/deprecated/browser/browser.py
@@ -409,8 +409,14 @@ class StandardBrowser(mechanize.Browser):
             raise BrowserSSLError()
 
     def _certhash(self, domain, port=443):
-        certs = ssl.get_server_certificate((domain, port))
-        return hashlib.sha256(certs).hexdigest()
+        for proto in HTTPSConnection2._PROTOCOLS:
+            try:
+                certs = ssl.get_server_certificate((domain, port), ssl_version=proto)
+            except ssl.SSLError as e:
+                continue
+            else:
+                return hashlib.sha256(certs).hexdigest()
+        raise e
 
     def __setitem__(self, key, value):
         if isinstance(value, unicode):