From 5fce1b1f9140c37720436dd42eb8c239009949f8 Mon Sep 17 00:00:00 2001
From: Erik Hetzner <egh@e6h.org>
Date: Sat, 16 Mar 2019 11:32:39 -0700
Subject: [PATCH] Retry with TSLv1 if connection errors with unsupported
 protocol

---
 ofxclient/client.py | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/ofxclient/client.py b/ofxclient/client.py
index 036dfaf..24ffb97 100644
--- a/ofxclient/client.py
+++ b/ofxclient/client.py
@@ -15,6 +15,7 @@
     # python 2
     from urllib import splittype, splithost
 import uuid
+import ssl
 
 DEFAULT_APP_ID = 'QWIN'
 DEFAULT_APP_VERSION = '2500'
@@ -154,7 +155,15 @@ def _do_post(self, query, extra_headers=[]):
         logging.debug('posting data to %s' % i.url)
         garbage, path = splittype(i.url)
         host, selector = splithost(path)
-        h = HTTPSConnection(host, timeout=60)
+        try:
+            h = HTTPSConnection(host, timeout=60)
+            h.connect()
+        except ssl.SSLError as ex:
+            if (ex.reason == "UNSUPPORTED_PROTOCOL"):
+                h = HTTPSConnection(host, timeout=60, context=ssl.SSLContext(ssl.PROTOCOL_TLSv1))
+                h.connect()
+            else:
+                raise
         # Discover requires a particular ordering of headers, so send the
         # request step by step.
         h.putrequest('POST', selector, skip_host=True,